This commit was generated by cvs2svn to compensate for changes in r167612,
which included commits to RCS files with non-trunk default branches.
This commit is contained in:
commit
03b688114f
@ -2,6 +2,47 @@
|
||||
OpenSSL CHANGES
|
||||
_______________
|
||||
|
||||
Changes between 0.9.8d and 0.9.8e [23 Feb 2007]
|
||||
|
||||
*) Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that
|
||||
a ciphersuite string such as "DEFAULT:RSA" cannot enable
|
||||
authentication-only ciphersuites.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Since AES128 and AES256 (and similarly Camellia128 and
|
||||
Camellia256) share a single mask bit in the logic of
|
||||
ssl/ssl_ciph.c, the code for masking out disabled ciphers needs a
|
||||
kludge to work properly if AES128 is available and AES256 isn't
|
||||
(or if Camellia128 is available and Camellia256 isn't).
|
||||
[Victor Duchovni]
|
||||
|
||||
*) Fix the BIT STRING encoding generated by crypto/ec/ec_asn1.c
|
||||
(within i2d_ECPrivateKey, i2d_ECPKParameters, i2d_ECParameters):
|
||||
When a point or a seed is encoded in a BIT STRING, we need to
|
||||
prevent the removal of trailing zero bits to get the proper DER
|
||||
encoding. (By default, crypto/asn1/a_bitstr.c assumes the case
|
||||
of a NamedBitList, for which trailing 0 bits need to be removed.)
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Have SSL/TLS server implementation tolerate "mismatched" record
|
||||
protocol version while receiving ClientHello even if the
|
||||
ClientHello is fragmented. (The server can't insist on the
|
||||
particular protocol version it has chosen before the ServerHello
|
||||
message has informed the client about his choice.)
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Add RFC 3779 support.
|
||||
[Rob Austein for ARIN, Ben Laurie]
|
||||
|
||||
*) Load error codes if they are not already present instead of using a
|
||||
static variable. This allows them to be cleanly unloaded and reloaded.
|
||||
Improve header file function name parsing.
|
||||
[Steve Henson]
|
||||
|
||||
*) extend SMTP and IMAP protocol emulation in s_client to use EHLO
|
||||
or CAPABILITY handshake as required by RFCs.
|
||||
[Goetz Babin-Ebell]
|
||||
|
||||
Changes between 0.9.8c and 0.9.8d [28 Sep 2006]
|
||||
|
||||
*) Introduce limits to prevent malicious keys being able to
|
||||
@ -77,7 +118,7 @@
|
||||
draft-ietf-tls-56-bit-ciphersuites-0[01].txt, but do not really
|
||||
appear there.
|
||||
|
||||
Also deactive the remaining ciphersuites from
|
||||
Also deactivate the remaining ciphersuites from
|
||||
draft-ietf-tls-56-bit-ciphersuites-01.txt. These are just as
|
||||
unofficial, and the ID has long expired.
|
||||
[Bodo Moeller]
|
||||
@ -1006,7 +1047,48 @@
|
||||
differing sizes.
|
||||
[Richard Levitte]
|
||||
|
||||
Changes between 0.9.7k and 0.9.7l [xx XXX xxxx]
|
||||
Changes between 0.9.7l and 0.9.7m [xx XXX xxxx]
|
||||
|
||||
*) Cleanse PEM buffers before freeing them since they may contain
|
||||
sensitive data.
|
||||
[Benjamin Bennett <ben@psc.edu>]
|
||||
|
||||
*) Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that
|
||||
a ciphersuite string such as "DEFAULT:RSA" cannot enable
|
||||
authentication-only ciphersuites.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Since AES128 and AES256 share a single mask bit in the logic of
|
||||
ssl/ssl_ciph.c, the code for masking out disabled ciphers needs a
|
||||
kludge to work properly if AES128 is available and AES256 isn't.
|
||||
[Victor Duchovni]
|
||||
|
||||
*) Have SSL/TLS server implementation tolerate "mismatched" record
|
||||
protocol version while receiving ClientHello even if the
|
||||
ClientHello is fragmented. (The server can't insist on the
|
||||
particular protocol version it has chosen before the ServerHello
|
||||
message has informed the client about his choice.)
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Load error codes if they are not already present instead of using a
|
||||
static variable. This allows them to be cleanly unloaded and reloaded.
|
||||
[Steve Henson]
|
||||
|
||||
Changes between 0.9.7k and 0.9.7l [28 Sep 2006]
|
||||
|
||||
*) Introduce limits to prevent malicious keys being able to
|
||||
cause a denial of service. (CVE-2006-2940)
|
||||
[Steve Henson, Bodo Moeller]
|
||||
|
||||
*) Fix ASN.1 parsing of certain invalid structures that can result
|
||||
in a denial of service. (CVE-2006-2937) [Steve Henson]
|
||||
|
||||
*) Fix buffer overflow in SSL_get_shared_ciphers() function.
|
||||
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]
|
||||
|
||||
*) Fix SSL client code which could crash if connecting to a
|
||||
malicious SSLv2 server. (CVE-2006-4343)
|
||||
[Tavis Ormandy and Will Drewry, Google Security Team]
|
||||
|
||||
*) Change ciphersuite string processing so that an explicit
|
||||
ciphersuite selects this one ciphersuite (so that "AES256-SHA"
|
||||
|
@ -568,6 +568,7 @@ my $threads=0;
|
||||
my $no_shared=0; # but "no-shared" is default
|
||||
my $zlib=1; # but "no-zlib" is default
|
||||
my $no_krb5=0; # but "no-krb5" is implied unless "--with-krb5-..." is used
|
||||
my $no_rfc3779=1; # but "no-rfc3779" is default
|
||||
my $no_asm=0;
|
||||
my $no_dso=0;
|
||||
my $no_gmp=0;
|
||||
@ -604,6 +605,7 @@ my %disabled = ( # "what" => "comment"
|
||||
"gmp" => "default",
|
||||
"mdc2" => "default",
|
||||
"rc5" => "default",
|
||||
"rfc3779" => "default",
|
||||
"shared" => "default",
|
||||
"zlib" => "default",
|
||||
"zlib-dynamic" => "default"
|
||||
@ -614,7 +616,7 @@ my %disabled = ( # "what" => "comment"
|
||||
# For symmetry, "disable-..." is a synonym for "no-...".
|
||||
|
||||
# This is what $depflags will look like with the above default:
|
||||
my $default_depflags = "-DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 ";
|
||||
my $default_depflags = "-DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 ";
|
||||
|
||||
|
||||
my $no_sse2=0;
|
||||
|
@ -74,7 +74,7 @@ OpenSSL - Frequently Asked Questions
|
||||
* Which is the current version of OpenSSL?
|
||||
|
||||
The current version is available from <URL: http://www.openssl.org>.
|
||||
OpenSSL 0.9.8d was released on September 28th, 2006.
|
||||
OpenSSL 0.9.8e was released on February 23rd, 2007.
|
||||
|
||||
In addition to the current stable release, you can also access daily
|
||||
snapshots of the OpenSSL development version at <URL:
|
||||
|
@ -302,10 +302,10 @@
|
||||
Note on shared libraries
|
||||
------------------------
|
||||
|
||||
Shared library is currently an experimental feature. The only reason to
|
||||
have them would be to conserve memory on systems where several program
|
||||
are using OpenSSL. Binary backward compatibility can't be guaranteed
|
||||
before OpenSSL version 1.0.
|
||||
Shared libraries have certain caveats. Binary backward compatibility
|
||||
can't be guaranteed before OpenSSL version 1.0. The only reason to
|
||||
use them would be to conserve memory on systems where several programs
|
||||
are using OpenSSL.
|
||||
|
||||
For some systems, the OpenSSL Configure script knows what is needed to
|
||||
build shared libraries for libcrypto and libssl. On these systems,
|
||||
|
@ -12,7 +12,7 @@
|
||||
---------------
|
||||
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
|
||||
* Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
|
@ -4,7 +4,7 @@
|
||||
## Makefile for OpenSSL
|
||||
##
|
||||
|
||||
VERSION=0.9.8d
|
||||
VERSION=0.9.8e
|
||||
MAJOR=0
|
||||
MINOR=9.8
|
||||
SHLIB_VERSION_NUMBER=0.9.8
|
||||
@ -13,7 +13,7 @@ SHLIB_MAJOR=0
|
||||
SHLIB_MINOR=9.8
|
||||
SHLIB_EXT=
|
||||
PLATFORM=dist
|
||||
OPTIONS= no-camellia no-gmp no-krb5 no-mdc2 no-rc5 no-shared no-zlib no-zlib-dynamic
|
||||
OPTIONS= no-camellia no-gmp no-krb5 no-mdc2 no-rc5 no-rfc3779 no-shared no-zlib no-zlib-dynamic
|
||||
CONFIGURE_ARGS=dist
|
||||
SHLIB_TARGET=
|
||||
|
||||
@ -61,14 +61,14 @@ OPENSSLDIR=/usr/local/ssl
|
||||
|
||||
CC= cc
|
||||
CFLAG= -O
|
||||
DEPFLAG= -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5
|
||||
DEPFLAG= -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779
|
||||
PEX_LIBS=
|
||||
EX_LIBS=
|
||||
EXE_EXT=
|
||||
ARFLAGS=
|
||||
AR=ar $(ARFLAGS) r
|
||||
RANLIB= /usr/bin/ranlib
|
||||
PERL= /usr/local/bin/perl
|
||||
PERL= /usr/bin/perl
|
||||
TAR= tar
|
||||
TARFLAGS= --no-recursion
|
||||
MAKEDEPPROG=makedepend
|
||||
|
@ -5,7 +5,12 @@
|
||||
This file gives a brief overview of the major changes between each OpenSSL
|
||||
release. For more details please read the CHANGES file.
|
||||
|
||||
Major changes between OpenSSL 0.9.7c and OpenSSL 0.9.8d:
|
||||
Major changes between OpenSSL 0.9.8d and OpenSSL 0.9.8e:
|
||||
|
||||
o Various ciphersuite selection fixes.
|
||||
o RFC3779 support.
|
||||
|
||||
Major changes between OpenSSL 0.9.8c and OpenSSL 0.9.8d:
|
||||
|
||||
o Introduce limits to prevent malicious key DoS (CVE-2006-2940)
|
||||
o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343)
|
||||
@ -105,6 +110,11 @@
|
||||
o Added initial support for Win64.
|
||||
o Added alternate pkg-config files.
|
||||
|
||||
Major changes between OpenSSL 0.9.7k and OpenSSL 0.9.7l:
|
||||
|
||||
o Introduce limits to prevent malicious key DoS (CVE-2006-2940)
|
||||
o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343)
|
||||
|
||||
Major changes between OpenSSL 0.9.7j and OpenSSL 0.9.7k:
|
||||
|
||||
o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339
|
||||
|
@ -1,7 +1,7 @@
|
||||
|
||||
OpenSSL 0.9.8d 28 Sep 2006
|
||||
OpenSSL 0.9.8e 23 Feb 2007
|
||||
|
||||
Copyright (c) 1998-2006 The OpenSSL Project
|
||||
Copyright (c) 1998-2007 The OpenSSL Project
|
||||
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
|
||||
All rights reserved.
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
#!/usr/local/bin/perl
|
||||
#!/usr/bin/perl
|
||||
#
|
||||
# CA - wrapper around ca to make it easier to use ... basically ca requires
|
||||
# some setup stuff to be done before you can use it and this makes
|
||||
|
@ -290,14 +290,15 @@ dgst.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
|
||||
dgst.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
|
||||
dgst.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
|
||||
dgst.o: ../include/openssl/err.h ../include/openssl/evp.h
|
||||
dgst.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
|
||||
dgst.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
|
||||
dgst.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
|
||||
dgst.o: ../include/openssl/pem.h ../include/openssl/pem2.h
|
||||
dgst.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
|
||||
dgst.o: ../include/openssl/sha.h ../include/openssl/stack.h
|
||||
dgst.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
|
||||
dgst.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h dgst.c
|
||||
dgst.o: ../include/openssl/hmac.h ../include/openssl/lhash.h
|
||||
dgst.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
|
||||
dgst.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
|
||||
dgst.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
|
||||
dgst.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
|
||||
dgst.o: ../include/openssl/safestack.h ../include/openssl/sha.h
|
||||
dgst.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
|
||||
dgst.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
|
||||
dgst.o: ../include/openssl/x509_vfy.h apps.h dgst.c
|
||||
dh.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
|
||||
dh.o: ../include/openssl/bn.h ../include/openssl/buffer.h
|
||||
dh.o: ../include/openssl/conf.h ../include/openssl/crypto.h
|
||||
|
@ -1520,6 +1520,7 @@ err:
|
||||
if (x509) X509_free(x509);
|
||||
X509_CRL_free(crl);
|
||||
NCONF_free(conf);
|
||||
NCONF_free(extconf);
|
||||
OBJ_cleanup();
|
||||
apps_shutdown();
|
||||
OPENSSL_EXIT(ret);
|
||||
|
@ -66,6 +66,7 @@
|
||||
#include <openssl/objects.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/hmac.h>
|
||||
|
||||
#undef BUFSIZE
|
||||
#define BUFSIZE 1024*8
|
||||
@ -75,7 +76,7 @@
|
||||
|
||||
int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
|
||||
EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
|
||||
const char *file);
|
||||
const char *file,BIO *bmd,const char *hmac_key);
|
||||
|
||||
int MAIN(int, char **);
|
||||
|
||||
@ -104,6 +105,7 @@ int MAIN(int argc, char **argv)
|
||||
#ifndef OPENSSL_NO_ENGINE
|
||||
char *engine=NULL;
|
||||
#endif
|
||||
char *hmac_key=NULL;
|
||||
|
||||
apps_startup();
|
||||
|
||||
@ -188,6 +190,12 @@ int MAIN(int argc, char **argv)
|
||||
out_bin = 1;
|
||||
else if (strcmp(*argv,"-d") == 0)
|
||||
debug=1;
|
||||
else if (!strcmp(*argv,"-hmac"))
|
||||
{
|
||||
if (--argc < 1)
|
||||
break;
|
||||
hmac_key=*++argv;
|
||||
}
|
||||
else if ((m=EVP_get_digestbyname(&((*argv)[1]))) != NULL)
|
||||
md=m;
|
||||
else
|
||||
@ -261,7 +269,7 @@ int MAIN(int argc, char **argv)
|
||||
{
|
||||
BIO_set_callback(in,BIO_debug_callback);
|
||||
/* needed for windows 3.1 */
|
||||
BIO_set_callback_arg(in,bio_err);
|
||||
BIO_set_callback_arg(in,(char *)bio_err);
|
||||
}
|
||||
|
||||
if(!app_passwd(bio_err, passargin, NULL, &passin, NULL))
|
||||
@ -358,7 +366,7 @@ int MAIN(int argc, char **argv)
|
||||
{
|
||||
BIO_set_fp(in,stdin,BIO_NOCLOSE);
|
||||
err=do_fp(out, buf,inp,separator, out_bin, sigkey, sigbuf,
|
||||
siglen,"","(stdin)");
|
||||
siglen,"","(stdin)",bmd,hmac_key);
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -376,14 +384,15 @@ int MAIN(int argc, char **argv)
|
||||
}
|
||||
if(!out_bin)
|
||||
{
|
||||
size_t len = strlen(name)+strlen(argv[i])+5;
|
||||
size_t len = strlen(name)+strlen(argv[i])+(hmac_key ? 5 : 0)+5;
|
||||
tmp=tofree=OPENSSL_malloc(len);
|
||||
BIO_snprintf(tmp,len,"%s(%s)= ",name,argv[i]);
|
||||
BIO_snprintf(tmp,len,"%s%s(%s)= ",
|
||||
hmac_key ? "HMAC-" : "",name,argv[i]);
|
||||
}
|
||||
else
|
||||
tmp="";
|
||||
r=do_fp(out,buf,inp,separator,out_bin,sigkey,sigbuf,
|
||||
siglen,tmp,argv[i]);
|
||||
siglen,tmp,argv[i],bmd,hmac_key);
|
||||
if(r)
|
||||
err=r;
|
||||
if(tofree)
|
||||
@ -410,11 +419,23 @@ end:
|
||||
|
||||
int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
|
||||
EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
|
||||
const char *file)
|
||||
const char *file,BIO *bmd,const char *hmac_key)
|
||||
{
|
||||
int len;
|
||||
unsigned int len;
|
||||
int i;
|
||||
EVP_MD_CTX *md_ctx;
|
||||
HMAC_CTX hmac_ctx;
|
||||
|
||||
if (hmac_key)
|
||||
{
|
||||
EVP_MD *md;
|
||||
|
||||
BIO_get_md(bmd,&md);
|
||||
HMAC_CTX_init(&hmac_ctx);
|
||||
HMAC_Init_ex(&hmac_ctx,hmac_key,strlen(hmac_key),md, NULL);
|
||||
BIO_get_md_ctx(bmd,&md_ctx);
|
||||
BIO_set_md_ctx(bmd,&hmac_ctx.md_ctx);
|
||||
}
|
||||
for (;;)
|
||||
{
|
||||
i=BIO_read(bp,(char *)buf,BUFSIZE);
|
||||
@ -457,6 +478,11 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
else if(hmac_key)
|
||||
{
|
||||
HMAC_Final(&hmac_ctx,buf,&len);
|
||||
HMAC_CTX_cleanup(&hmac_ctx);
|
||||
}
|
||||
else
|
||||
len=BIO_gets(bp,(char *)buf,BUFSIZE);
|
||||
|
||||
@ -464,7 +490,7 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
|
||||
else
|
||||
{
|
||||
BIO_write(out,title,strlen(title));
|
||||
for (i=0; i<len; i++)
|
||||
for (i=0; i<(int)len; i++)
|
||||
{
|
||||
if (sep && (i != 0))
|
||||
BIO_printf(out, ":");
|
||||
@ -472,6 +498,10 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
|
||||
}
|
||||
BIO_printf(out, "\n");
|
||||
}
|
||||
if (hmac_key)
|
||||
{
|
||||
BIO_set_md_ctx(bmd,md_ctx);
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -347,7 +347,10 @@ bad:
|
||||
}
|
||||
|
||||
if (noout)
|
||||
{
|
||||
ret = 0;
|
||||
goto end;
|
||||
}
|
||||
|
||||
BIO_printf(bio_err, "writing EC key\n");
|
||||
if (outformat == FORMAT_ASN1)
|
||||
|
@ -365,8 +365,8 @@ bad:
|
||||
{
|
||||
BIO_set_callback(in,BIO_debug_callback);
|
||||
BIO_set_callback(out,BIO_debug_callback);
|
||||
BIO_set_callback_arg(in,bio_err);
|
||||
BIO_set_callback_arg(out,bio_err);
|
||||
BIO_set_callback_arg(in,(char *)bio_err);
|
||||
BIO_set_callback_arg(out,(char *)bio_err);
|
||||
}
|
||||
|
||||
if (inf == NULL)
|
||||
@ -453,7 +453,7 @@ bad:
|
||||
if (debug)
|
||||
{
|
||||
BIO_set_callback(b64,BIO_debug_callback);
|
||||
BIO_set_callback_arg(b64,bio_err);
|
||||
BIO_set_callback_arg(b64,(char *)bio_err);
|
||||
}
|
||||
if (olb64)
|
||||
BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL);
|
||||
@ -571,7 +571,7 @@ bad:
|
||||
if (debug)
|
||||
{
|
||||
BIO_set_callback(benc,BIO_debug_callback);
|
||||
BIO_set_callback_arg(benc,bio_err);
|
||||
BIO_set_callback_arg(benc,(char *)bio_err);
|
||||
}
|
||||
|
||||
if (printkey)
|
||||
|
@ -139,6 +139,7 @@ int MAIN(int argc, char **argv)
|
||||
if (!load_config(bio_err, NULL))
|
||||
goto end;
|
||||
SSL_load_error_strings();
|
||||
OpenSSL_add_ssl_algorithms();
|
||||
args = argv + 1;
|
||||
reqnames = sk_new_null();
|
||||
ids = sk_OCSP_CERTID_new_null();
|
||||
@ -726,6 +727,11 @@ int MAIN(int argc, char **argv)
|
||||
BIO_printf(bio_err, "SSL is disabled\n");
|
||||
goto end;
|
||||
#endif
|
||||
if (ctx == NULL)
|
||||
{
|
||||
BIO_printf(bio_err, "Error creating SSL context.\n");
|
||||
goto end;
|
||||
}
|
||||
SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
|
||||
sbio = BIO_new_ssl(ctx, 1);
|
||||
cbio = BIO_push(sbio, cbio);
|
||||
|
@ -536,8 +536,11 @@ int MAIN(int argc, char **argv)
|
||||
X509_free(sk_X509_value(chain2, 0));
|
||||
sk_X509_free(chain2);
|
||||
} else {
|
||||
BIO_printf (bio_err, "Error %s getting chain.\n",
|
||||
if (vret >= 0)
|
||||
BIO_printf (bio_err, "Error %s getting chain.\n",
|
||||
X509_verify_cert_error_string(vret));
|
||||
else
|
||||
ERR_print_errors(bio_err);
|
||||
goto export_end;
|
||||
}
|
||||
}
|
||||
@ -811,7 +814,7 @@ int get_cert_chain (X509 *cert, X509_STORE *store, STACK_OF(X509) **chain)
|
||||
{
|
||||
X509_STORE_CTX store_ctx;
|
||||
STACK_OF(X509) *chn;
|
||||
int i;
|
||||
int i = 0;
|
||||
|
||||
/* FIXME: Should really check the return status of X509_STORE_CTX_init
|
||||
* for an error, but how that fits into the return value of this
|
||||
@ -819,13 +822,17 @@ int get_cert_chain (X509 *cert, X509_STORE *store, STACK_OF(X509) **chain)
|
||||
X509_STORE_CTX_init(&store_ctx, store, cert, NULL);
|
||||
if (X509_verify_cert(&store_ctx) <= 0) {
|
||||
i = X509_STORE_CTX_get_error (&store_ctx);
|
||||
if (i == 0)
|
||||
/* avoid returning 0 if X509_verify_cert() did not
|
||||
* set an appropriate error value in the context */
|
||||
i = -1;
|
||||
chn = NULL;
|
||||
goto err;
|
||||
}
|
||||
chn = X509_STORE_CTX_get1_chain(&store_ctx);
|
||||
i = 0;
|
||||
*chain = chn;
|
||||
} else
|
||||
chn = X509_STORE_CTX_get1_chain(&store_ctx);
|
||||
err:
|
||||
X509_STORE_CTX_cleanup(&store_ctx);
|
||||
*chain = chn;
|
||||
|
||||
return i;
|
||||
}
|
||||
|
@ -226,7 +226,7 @@ static void sc_usage(void)
|
||||
BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n");
|
||||
BIO_printf(bio_err," for those protocols that support it, where\n");
|
||||
BIO_printf(bio_err," 'prot' defines which one to assume. Currently,\n");
|
||||
BIO_printf(bio_err," only \"smtp\" and \"pop3\" are supported.\n");
|
||||
BIO_printf(bio_err," only \"smtp\", \"pop3\", \"imap\", and \"ftp\" are supported.\n");
|
||||
#ifndef OPENSSL_NO_ENGINE
|
||||
BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n");
|
||||
#endif
|
||||
@ -234,6 +234,15 @@ static void sc_usage(void)
|
||||
|
||||
}
|
||||
|
||||
enum
|
||||
{
|
||||
PROTO_OFF = 0,
|
||||
PROTO_SMTP,
|
||||
PROTO_POP3,
|
||||
PROTO_IMAP,
|
||||
PROTO_FTP
|
||||
};
|
||||
|
||||
int MAIN(int, char **);
|
||||
|
||||
int MAIN(int argc, char **argv)
|
||||
@ -260,7 +269,7 @@ int MAIN(int argc, char **argv)
|
||||
int write_tty,read_tty,write_ssl,read_ssl,tty_on,ssl_pending;
|
||||
SSL_CTX *ctx=NULL;
|
||||
int ret=1,in_init=1,i,nbio_test=0;
|
||||
int starttls_proto = 0;
|
||||
int starttls_proto = PROTO_OFF;
|
||||
int prexit = 0, vflags = 0;
|
||||
SSL_METHOD *meth=NULL;
|
||||
#ifdef sock_type
|
||||
@ -269,6 +278,7 @@ int MAIN(int argc, char **argv)
|
||||
int sock_type=SOCK_STREAM;
|
||||
BIO *sbio;
|
||||
char *inrand=NULL;
|
||||
int mbuf_len=0;
|
||||
#ifndef OPENSSL_NO_ENGINE
|
||||
char *engine_id=NULL;
|
||||
ENGINE *e=NULL;
|
||||
@ -466,9 +476,13 @@ int MAIN(int argc, char **argv)
|
||||
if (--argc < 1) goto bad;
|
||||
++argv;
|
||||
if (strcmp(*argv,"smtp") == 0)
|
||||
starttls_proto = 1;
|
||||
starttls_proto = PROTO_SMTP;
|
||||
else if (strcmp(*argv,"pop3") == 0)
|
||||
starttls_proto = 2;
|
||||
starttls_proto = PROTO_POP3;
|
||||
else if (strcmp(*argv,"imap") == 0)
|
||||
starttls_proto = PROTO_IMAP;
|
||||
else if (strcmp(*argv,"ftp") == 0)
|
||||
starttls_proto = PROTO_FTP;
|
||||
else
|
||||
goto bad;
|
||||
}
|
||||
@ -693,7 +707,7 @@ re_start:
|
||||
{
|
||||
con->debug=1;
|
||||
BIO_set_callback(sbio,bio_dump_callback);
|
||||
BIO_set_callback_arg(sbio,bio_c_out);
|
||||
BIO_set_callback_arg(sbio,(char *)bio_c_out);
|
||||
}
|
||||
if (c_msg)
|
||||
{
|
||||
@ -719,18 +733,93 @@ re_start:
|
||||
sbuf_off=0;
|
||||
|
||||
/* This is an ugly hack that does a lot of assumptions */
|
||||
if (starttls_proto == 1)
|
||||
/* We do have to handle multi-line responses which may come
|
||||
in a single packet or not. We therefore have to use
|
||||
BIO_gets() which does need a buffering BIO. So during
|
||||
the initial chitchat we do push a buffering BIO into the
|
||||
chain that is removed again later on to not disturb the
|
||||
rest of the s_client operation. */
|
||||
if (starttls_proto == PROTO_SMTP)
|
||||
{
|
||||
BIO_read(sbio,mbuf,BUFSIZZ);
|
||||
int foundit=0;
|
||||
BIO *fbio = BIO_new(BIO_f_buffer());
|
||||
BIO_push(fbio, sbio);
|
||||
/* wait for multi-line response to end from SMTP */
|
||||
do
|
||||
{
|
||||
mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
|
||||
}
|
||||
while (mbuf_len>3 && mbuf[3]=='-');
|
||||
/* STARTTLS command requires EHLO... */
|
||||
BIO_printf(fbio,"EHLO openssl.client.net\r\n");
|
||||
BIO_flush(fbio);
|
||||
/* wait for multi-line response to end EHLO SMTP response */
|
||||
do
|
||||
{
|
||||
mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
|
||||
if (strstr(mbuf,"STARTTLS"))
|
||||
foundit=1;
|
||||
}
|
||||
while (mbuf_len>3 && mbuf[3]=='-');
|
||||
BIO_flush(fbio);
|
||||
BIO_pop(fbio);
|
||||
BIO_free(fbio);
|
||||
if (!foundit)
|
||||
BIO_printf(bio_err,
|
||||
"didn't found starttls in server response,"
|
||||
" try anyway...\n");
|
||||
BIO_printf(sbio,"STARTTLS\r\n");
|
||||
BIO_read(sbio,sbuf,BUFSIZZ);
|
||||
}
|
||||
if (starttls_proto == 2)
|
||||
else if (starttls_proto == PROTO_POP3)
|
||||
{
|
||||
BIO_read(sbio,mbuf,BUFSIZZ);
|
||||
BIO_printf(sbio,"STLS\r\n");
|
||||
BIO_read(sbio,sbuf,BUFSIZZ);
|
||||
}
|
||||
else if (starttls_proto == PROTO_IMAP)
|
||||
{
|
||||
int foundit=0;
|
||||
BIO *fbio = BIO_new(BIO_f_buffer());
|
||||
BIO_push(fbio, sbio);
|
||||
BIO_gets(fbio,mbuf,BUFSIZZ);
|
||||
/* STARTTLS command requires CAPABILITY... */
|
||||
BIO_printf(fbio,". CAPABILITY\r\n");
|
||||
BIO_flush(fbio);
|
||||
/* wait for multi-line CAPABILITY response */
|
||||
do
|
||||
{
|
||||
mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
|
||||
if (strstr(mbuf,"STARTTLS"))
|
||||
foundit=1;
|
||||
}
|
||||
while (mbuf_len>3 && mbuf[0]!='.');
|
||||
BIO_flush(fbio);
|
||||
BIO_pop(fbio);
|
||||
BIO_free(fbio);
|
||||
if (!foundit)
|
||||
BIO_printf(bio_err,
|
||||
"didn't found STARTTLS in server response,"
|
||||
" try anyway...\n");
|
||||
BIO_printf(sbio,". STARTTLS\r\n");
|
||||
BIO_read(sbio,sbuf,BUFSIZZ);
|
||||
}
|
||||
else if (starttls_proto == PROTO_FTP)
|
||||
{
|
||||
BIO *fbio = BIO_new(BIO_f_buffer());
|
||||
BIO_push(fbio, sbio);
|
||||
/* wait for multi-line response to end from FTP */
|
||||
do
|
||||
{
|
||||
mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
|
||||
}
|
||||
while (mbuf_len>3 && mbuf[3]=='-');
|
||||
BIO_flush(fbio);
|
||||
BIO_pop(fbio);
|
||||
BIO_free(fbio);
|
||||
BIO_printf(sbio,"AUTH TLS\r\n");
|
||||
BIO_read(sbio,sbuf,BUFSIZZ);
|
||||
}
|
||||
|
||||
for (;;)
|
||||
{
|
||||
@ -755,7 +844,7 @@ re_start:
|
||||
{
|
||||
BIO_printf(bio_err,"%s",mbuf);
|
||||
/* We don't need to know any more */
|
||||
starttls_proto = 0;
|
||||
starttls_proto = PROTO_OFF;
|
||||
}
|
||||
|
||||
if (reconnect)
|
||||
|
@ -1234,7 +1234,7 @@ static int sv_body(char *hostname, int s, unsigned char *context)
|
||||
{
|
||||
con->debug=1;
|
||||
BIO_set_callback(SSL_get_rbio(con),bio_dump_callback);
|
||||
BIO_set_callback_arg(SSL_get_rbio(con),bio_s_out);
|
||||
BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out);
|
||||
}
|
||||
if (s_msg)
|
||||
{
|
||||
@ -1638,7 +1638,7 @@ static int www_body(char *hostname, int s, unsigned char *context)
|
||||
{
|
||||
con->debug=1;
|
||||
BIO_set_callback(SSL_get_rbio(con),bio_dump_callback);
|
||||
BIO_set_callback_arg(SSL_get_rbio(con),bio_s_out);
|
||||
BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out);
|
||||
}
|
||||
if (s_msg)
|
||||
{
|
||||
|
22
crypto/openssl/certs/aol1.pem
Normal file
22
crypto/openssl/certs/aol1.pem
Normal file
@ -0,0 +1,22 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDpDCCAoygAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEc
|
||||
MBoGA1UEChMTQW1lcmljYSBPbmxpbmUgSW5jLjE2MDQGA1UEAxMtQW1lcmljYSBP
|
||||
bmxpbmUgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAxMB4XDTAyMDUyODA2
|
||||
MDAwMFoXDTM3MTExOTIwNDMwMFowYzELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0Ft
|
||||
ZXJpY2EgT25saW5lIEluYy4xNjA0BgNVBAMTLUFtZXJpY2EgT25saW5lIFJvb3Qg
|
||||
Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
|
||||
ADCCAQoCggEBAKgv6KRpBgNHw+kqmP8ZonCaxlCyfqXfaE0bfA+2l2h9LaaLl+lk
|
||||
hsmj76CGv2BlnEtUiMJIxUo5vxTjWVXlGbR0yLQFOVwWpeKVBeASrlmLojNoWBym
|
||||
1BW32J/X3HGrfpq/m44zDyL9Hy7nBzbvYjnF3cu6JRQj3gzGPTzOggjmZj7aUTsW
|
||||
OqMFf6Dch9Wc/HKpoH145LcxVR5lu9RhsCFg7RAycsWSJR74kEoYeEfffjA3PlAb
|
||||
2xzTa5qGUwew76wGePiEmf4hjUyAtgyC9mZweRrTT6PP8c9GsEsPPt2IYriMqQko
|
||||
O3rHl+Ee5fSfwMCuJKDIodkP1nsmgmkyPacCAwEAAaNjMGEwDwYDVR0TAQH/BAUw
|
||||
AwEB/zAdBgNVHQ4EFgQUAK3Zo/Z59m50qX8zPYEX10zPM94wHwYDVR0jBBgwFoAU
|
||||
AK3Zo/Z59m50qX8zPYEX10zPM94wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEB
|
||||
BQUAA4IBAQB8itEfGDeC4Liwo+1WlchiYZwFos3CYiZhzRAW18y0ZTTQEYqtqKkF
|
||||
Zu90821fnZmv9ov761KyBZiibyrFVL0lvV+uyIbqRizBs73B6UlwGBaXCBOMIOAb
|
||||
LjpHyx7kADCVW/RFo8AasAFOq73AI25jP4BKxQft3OJvx8Fi8eNy1gTIdGcL+oir
|
||||
oQHIb/AUr9KZzVGTfu0uOMe9zkZQPXLjeSWdm4grECDdpbgyn43gKd8hdIaC2y+C
|
||||
MMbHNYaz+ZZfRtsMRf3zUMNvxsNIrUam4SdHCh0Om7bCd39j8uB9Gr784N/Xx6ds
|
||||
sPmuujz9dLQR6FgNgLzTqIA6me11zEZ7
|
||||
-----END CERTIFICATE-----
|
33
crypto/openssl/certs/aol2.pem
Normal file
33
crypto/openssl/certs/aol2.pem
Normal file
@ -0,0 +1,33 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFpDCCA4ygAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEc
|
||||
MBoGA1UEChMTQW1lcmljYSBPbmxpbmUgSW5jLjE2MDQGA1UEAxMtQW1lcmljYSBP
|
||||
bmxpbmUgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAyMB4XDTAyMDUyODA2
|
||||
MDAwMFoXDTM3MDkyOTE0MDgwMFowYzELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0Ft
|
||||
ZXJpY2EgT25saW5lIEluYy4xNjA0BgNVBAMTLUFtZXJpY2EgT25saW5lIFJvb3Qg
|
||||
Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgMjCCAiIwDQYJKoZIhvcNAQEBBQADggIP
|
||||
ADCCAgoCggIBAMxBRR3pPU0Q9oyxQcngXssNt79Hc9PwVU3dxgz6sWYFas14tNwC
|
||||
206B89enfHG8dWOgXeMHDEjsJcQDIPT/DjsS/5uN4cbVG7RtIuOx238hZK+GvFci
|
||||
KtZHgVdEglZTvYYUAQv8f3SkWq7xuhG1m1hagLQ3eAkzfDJHA1zEpYNI9FdWboE2
|
||||
JxhP7JsowtS013wMPgwr38oE18aO6lhOqKSlGBxsRZijQdEt0sdtjRnxrXm3gT+9
|
||||
BoInLRBYBbV4Bbkv2wxrkJB+FFk4u5QkE+XRnRTf04JNRvCAOVIyD+OEsnpD8l7e
|
||||
Xz8d3eOyG6ChKiMDbi4BFYdcpnV1x5dhvt6G3NRI270qv0pV2uh9UPu0gBe4lL8B
|
||||
PeraunzgWGcXuVjgiIZGZ2ydEEdYMtA1fHkqkKJaEBEjNa0vzORKW6fIJ/KD3l67
|
||||
Xnfn6KVuY8INXWHQjNJsWiEOyiijzirplcdIz5ZvHZIlyMbGwcEMBawmxNJ10uEq
|
||||
Z8A9W6Wa6897GqidFEXlD6CaZd4vKL3Ob5Rmg0gp2OpljK+T2WSfVVcmv2/LNzGZ
|
||||
o2C7HK2JNDJiuEMhBnIMoVxtRsX6Kc8w3onccVvdtjc+31D1uAclJuW8tf48ArO3
|
||||
+L5DwYcRlJ4jbBeKuIonDFRH8KmzwICMoCfrHRnjB453cMor9H124HhnAgMBAAGj
|
||||
YzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFE1FwWg4u3OpaaEg5+31IqEj
|
||||
FNeeMB8GA1UdIwQYMBaAFE1FwWg4u3OpaaEg5+31IqEjFNeeMA4GA1UdDwEB/wQE
|
||||
AwIBhjANBgkqhkiG9w0BAQUFAAOCAgEAZ2sGuV9FOypLM7PmG2tZTiLMubekJcmn
|
||||
xPBUlgtk87FYT15R/LKXeydlwuXK5w0MJXti4/qftIe3RUavg6WXSIylvfEWK5t2
|
||||
LHo1YGwRgJfMqZJS5ivmae2p+DYtLHe/YUjRYwu5W1LtGLBDQiKmsXeu3mnFzccc
|
||||
obGlHBD7GL4acN3Bkku+KVqdPzW+5X1R+FXgJXUjhx5c3LqdsKyzadsXg8n33gy8
|
||||
CNyRnqjQ1xU3c6U1uPx+xURABsPr+CKAXEfOAuMRn0T//ZoyzH1kUQ7rVyZ2OuMe
|
||||
IjzCpjbdGe+n/BLzJsBZMYVMnNjP36TMzCmT/5RtdlwTCJfy7aULTd3oyWgOZtMA
|
||||
DjMSW7yV5TKQqLPGbIOtd+6Lfn6xqavT4fG2wLHqiMDn05DpKJKUe2h7lyoKZy2F
|
||||
AjgQ5ANh1NolNscIWC2hp1GvMApJ9aZphwctREZ2jirlmjvXGKL8nDgQzMY70rUX
|
||||
Om/9riW99XJZZLF0KjhfGEzfz3EEWjbUvy+ZnOjZurGV5gJLIaFb1cFPj65pbVPb
|
||||
AZO1XB4Y3WRayhgoPmMEEf0cjQAPuDffZ4qdZqkCapH/E8ovXYO8h5Ns3CRRFgQl
|
||||
Zvqz2cK6Kb6aSDiCmfS/O0oxGfm/jiEzFMpPVF/7zvuPcX/9XhmgD0uRuMRUvAaw
|
||||
RY8mkaKO/qk=
|
||||
-----END CERTIFICATE-----
|
23
crypto/openssl/certs/aoltw1.pem
Normal file
23
crypto/openssl/certs/aoltw1.pem
Normal file
@ -0,0 +1,23 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIID5jCCAs6gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBgzELMAkGA1UEBhMCVVMx
|
||||
HTAbBgNVBAoTFEFPTCBUaW1lIFdhcm5lciBJbmMuMRwwGgYDVQQLExNBbWVyaWNh
|
||||
IE9ubGluZSBJbmMuMTcwNQYDVQQDEy5BT0wgVGltZSBXYXJuZXIgUm9vdCBDZXJ0
|
||||
aWZpY2F0aW9uIEF1dGhvcml0eSAxMB4XDTAyMDUyOTA2MDAwMFoXDTM3MTEyMDE1
|
||||
MDMwMFowgYMxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRBT0wgVGltZSBXYXJuZXIg
|
||||
SW5jLjEcMBoGA1UECxMTQW1lcmljYSBPbmxpbmUgSW5jLjE3MDUGA1UEAxMuQU9M
|
||||
IFRpbWUgV2FybmVyIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgMTCCASIw
|
||||
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJnej8Mlo2k06AX3dLm/WpcZuS+U
|
||||
0pPlLYnKhHw/EEMbjIt8hFj4JHxIzyr9wBXZGH6EGhfT257XyuTZ16pYUYfw8ItI
|
||||
TuLCxFlpMGK2MKKMCxGZYTVtfu/FsRkGIBKOQuHfD5YQUqjPnF+VFNivO3ULMSAf
|
||||
RC+iYkGzuxgh28pxPIzstrkNn+9R7017EvILDOGsQI93f7DKeHEMXRZxcKLXwjqF
|
||||
zQ6axOAAsNUl6twr5JQtOJyJQVdkKGUZHLZEtMgxa44Be3ZZJX8VHIQIfHNlIAqh
|
||||
BC4aMqiaILGcLCFZ5/vP7nAtCMpjPiybkxlqpMKX/7eGV4iFbJ4VFitNLLMCAwEA
|
||||
AaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUoTYwFsuGkABFgFOxj8jY
|
||||
PXy+XxIwHwYDVR0jBBgwFoAUoTYwFsuGkABFgFOxj8jYPXy+XxIwDgYDVR0PAQH/
|
||||
BAQDAgGGMA0GCSqGSIb3DQEBBQUAA4IBAQCKIBilvrMvtKaEAEAwKfq0FHNMeUWn
|
||||
9nDg6H5kHgqVfGphwu9OH77/yZkfB2FK4V1Mza3u0FIy2VkyvNp5ctZ7CegCgTXT
|
||||
Ct8RHcl5oIBN/lrXVtbtDyqvpxh1MwzqwWEFT2qaifKNuZ8u77BfWgDrvq2g+EQF
|
||||
Z7zLBO+eZMXpyD8Fv8YvBxzDNnGGyjhmSs3WuEvGbKeXO/oTLW4jYYehY0KswsuX
|
||||
n2Fozy1MBJ3XJU8KDk2QixhWqJNIV9xvrr2eZ1d3iVCzvhGbRWeDhhmH05i9CBoW
|
||||
H1iCC+GWaQVLjuyDUTEH1dSf/1l7qG6Fz9NLqUmwX7A5KGgOc90lmt4S
|
||||
-----END CERTIFICATE-----
|
34
crypto/openssl/certs/aoltw2.pem
Normal file
34
crypto/openssl/certs/aoltw2.pem
Normal file
@ -0,0 +1,34 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIF5jCCA86gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBgzELMAkGA1UEBhMCVVMx
|
||||
HTAbBgNVBAoTFEFPTCBUaW1lIFdhcm5lciBJbmMuMRwwGgYDVQQLExNBbWVyaWNh
|
||||
IE9ubGluZSBJbmMuMTcwNQYDVQQDEy5BT0wgVGltZSBXYXJuZXIgUm9vdCBDZXJ0
|
||||
aWZpY2F0aW9uIEF1dGhvcml0eSAyMB4XDTAyMDUyOTA2MDAwMFoXDTM3MDkyODIz
|
||||
NDMwMFowgYMxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRBT0wgVGltZSBXYXJuZXIg
|
||||
SW5jLjEcMBoGA1UECxMTQW1lcmljYSBPbmxpbmUgSW5jLjE3MDUGA1UEAxMuQU9M
|
||||
IFRpbWUgV2FybmVyIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgMjCCAiIw
|
||||
DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALQ3WggWmRToVbEbJGv8x4vmh6mJ
|
||||
7ouZzU9AhqS2TcnZsdw8TQ2FTBVsRotSeJ/4I/1n9SQ6aF3Q92RhQVSji6UI0ilb
|
||||
m2BPJoPRYxJWSXakFsKlnUWsi4SVqBax7J/qJBrvuVdcmiQhLE0OcR+mrF1FdAOY
|
||||
xFSMFkpBd4aVdQxHAWZg/BXxD+r1FHjHDtdugRxev17nOirYlxcwfACtCJ0zr7iZ
|
||||
YYCLqJV+FNwSbKTQ2O9ASQI2+W6p1h2WVgSysy0WVoaP2SBXgM1nEG2wTPDaRrbq
|
||||
JS5Gr42whTg0ixQmgiusrpkLjhTXUr2eacOGAgvqdnUxCc4zGSGFQ+aJLZ8lN2fx
|
||||
I2rSAG2X+Z/nKcrdH9cG6rjJuQkhn8g/BsXS6RJGAE57COtCPStIbp1n3UsC5ETz
|
||||
kxmlJ85per5n0/xQpCyrw2u544BMzwVhSyvcG7mm0tCq9Stz+86QNZ8MUhy/XCFh
|
||||
EVsVS6kkUfykXPcXnbDS+gfpj1bkGoxoigTTfFrjnqKhynFbotSg5ymFXQNoKk/S
|
||||
Btc9+cMDLz9l+WceR0DTYw/j1Y75hauXTLPXJuuWCpTehTacyH+BCQJJKg71ZDIM
|
||||
gtG6aoIbs0t0EfOMd9afv9w3pKdVBC/UMejTRrkDfNoSTllkt1ExMVCgyhwn2RAu
|
||||
rda9EGYrw7AiShJbAgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE
|
||||
FE9pbQN+nZ8HGEO8txBO1b+pxCAoMB8GA1UdIwQYMBaAFE9pbQN+nZ8HGEO8txBO
|
||||
1b+pxCAoMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQUFAAOCAgEAO/Ouyugu
|
||||
h4X7ZVnnrREUpVe8WJ8kEle7+z802u6teio0cnAxa8cZmIDJgt43d15Ui47y6mdP
|
||||
yXSEkVYJ1eV6moG2gcKtNuTxVBFT8zRFASbI5Rq8NEQh3q0l/HYWdyGQgJhXnU7q
|
||||
7C+qPBR7V8F+GBRn7iTGvboVsNIYvbdVgaxTwOjdaRITQrcCtQVBynlQboIOcXKT
|
||||
RuidDV29rs4prWPVVRaAMCf/drr3uNZK49m1+VLQTkCpx+XCMseqdiThawVQ68W/
|
||||
ClTluUI8JPu3B5wwn3la5uBAUhX0/Kr0VvlEl4ftDmVyXr4m+02kLQgH3thcoNyB
|
||||
M5kYJRF3p+v9WAksmWsbivNSPxpNSGDxoPYzAlOL7SUJuA0t7Zdz7NeWH45gDtoQ
|
||||
my8YJPamTQr5O8t1wswvziRpyQoijlmn94IM19drNZxDAGrElWe6nEXLuA4399xO
|
||||
AU++CrYD062KRffaJ00psUjf5BHklka9bAI+1lHIlRcBFanyqqryvy9lG2/QuRqT
|
||||
9Y41xICHPpQvZuTpqP9BnHAqTyo5GJUefvthATxRCC4oGKQWDzH9OmwjkyB24f0H
|
||||
hdFbP9IcczLd+rn4jM8Ch3qaluTtT4mNU0OrDhPAARW0eTjb/G49nlG2uBOLZ8/5
|
||||
fNkiHfZdxRwBL5joeiQYvITX+txyW/fBOmg=
|
||||
-----END CERTIFICATE-----
|
@ -527,9 +527,9 @@ case "$GUESSOS" in
|
||||
esac
|
||||
if [ "$CC" = "gcc" ]; then
|
||||
case ${ISA:-generic} in
|
||||
EV5|EV45) options="$options -mcpu=ev5";;
|
||||
EV56|PCA56) options="$options -mcpu=ev56";;
|
||||
*) options="$options -mcpu=ev6";;
|
||||
EV5|EV45) options="$options -march=ev5";;
|
||||
EV56|PCA56) options="$options -march=ev56";;
|
||||
*) options="$options -march=ev6";;
|
||||
esac
|
||||
fi
|
||||
;;
|
||||
@ -585,18 +585,21 @@ case "$GUESSOS" in
|
||||
OUT="linux-generic32" ;;
|
||||
arm*b-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;;
|
||||
arm*l-*-linux2) OUT="linux-generic32"; options="$options -DL_ENDIAN" ;;
|
||||
sh*b-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;;
|
||||
sh*-*-linux2) OUT="linux-generic32"; options="$options -DL_ENDIAN" ;;
|
||||
m68k*-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;;
|
||||
s390*-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN -DNO_ASM" ;;
|
||||
x86_64-*-linux?) OUT="linux-x86_64" ;;
|
||||
*86-*-linux2) OUT="linux-elf"
|
||||
if [ "$GCCVER" -gt 28 ]; then
|
||||
if grep '^model.*Pentium' /proc/cpuinfo >/dev/null ; then
|
||||
options="$options -mcpu=pentium"
|
||||
options="$options -march=pentium"
|
||||
fi
|
||||
if grep '^model.*Pentium Pro' /proc/cpuinfo >/dev/null ; then
|
||||
options="$options -mcpu=pentiumpro"
|
||||
options="$options -march=pentiumpro"
|
||||
fi
|
||||
if grep '^model.*K6' /proc/cpuinfo >/dev/null ; then
|
||||
options="$options -mcpu=k6"
|
||||
options="$options -march=k6"
|
||||
fi
|
||||
fi ;;
|
||||
*-*-linux1) OUT="linux-aout" ;;
|
||||
@ -774,7 +777,7 @@ esac
|
||||
# options="$options -DATALLA"
|
||||
#fi
|
||||
|
||||
# gcc < 2.8 does not support -mcpu=ultrasparc
|
||||
# gcc < 2.8 does not support -march=ultrasparc
|
||||
if [ "$OUT" = solaris-sparcv9-gcc -a $GCCVER -lt 28 ]
|
||||
then
|
||||
echo "WARNING! Falling down to 'solaris-sparcv8-gcc'."
|
||||
|
@ -105,6 +105,13 @@ aes_ctr.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
|
||||
aes_ctr.o: ../../include/openssl/opensslconf.h aes_ctr.c aes_locl.h
|
||||
aes_ecb.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
|
||||
aes_ecb.o: ../../include/openssl/opensslconf.h aes_ecb.c aes_locl.h
|
||||
aes_ige.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/bio.h
|
||||
aes_ige.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
|
||||
aes_ige.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
|
||||
aes_ige.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
|
||||
aes_ige.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
|
||||
aes_ige.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
|
||||
aes_ige.o: ../../include/openssl/symhacks.h ../cryptlib.h aes_ige.c aes_locl.h
|
||||
aes_misc.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
|
||||
aes_misc.o: ../../include/openssl/opensslconf.h
|
||||
aes_misc.o: ../../include/openssl/opensslv.h aes_locl.h aes_misc.c
|
||||
|
@ -53,7 +53,7 @@
|
||||
#include <openssl/aes.h>
|
||||
#include "aes_locl.h"
|
||||
|
||||
const char *AES_version="AES" OPENSSL_VERSION_PTEXT;
|
||||
const char AES_version[]="AES" OPENSSL_VERSION_PTEXT;
|
||||
|
||||
const char *AES_options(void) {
|
||||
#ifdef FULL_UNROLL
|
||||
|
@ -170,7 +170,7 @@ static int do_buf(unsigned char *buf, int buflen,
|
||||
q = buf + buflen;
|
||||
outlen = 0;
|
||||
while(p != q) {
|
||||
if(p == buf) orflags = CHARTYPE_FIRST_ESC_2253;
|
||||
if(p == buf && flags & ASN1_STRFLGS_ESC_2253) orflags = CHARTYPE_FIRST_ESC_2253;
|
||||
else orflags = 0;
|
||||
switch(type & BUF_TYPE_WIDTH_MASK) {
|
||||
case 4:
|
||||
@ -197,7 +197,7 @@ static int do_buf(unsigned char *buf, int buflen,
|
||||
default:
|
||||
return -1; /* invalid width */
|
||||
}
|
||||
if (p == q) orflags = CHARTYPE_LAST_ESC_2253;
|
||||
if (p == q && flags & ASN1_STRFLGS_ESC_2253) orflags = CHARTYPE_LAST_ESC_2253;
|
||||
if(type & BUF_TYPE_CONVUTF8) {
|
||||
unsigned char utfbuf[6];
|
||||
int utflen;
|
||||
|
@ -123,7 +123,7 @@ static ERR_STRING_DATA ASN1_str_functs[]=
|
||||
{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_EX_D2I), "ASN1_TEMPLATE_EX_D2I"},
|
||||
{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NEW), "ASN1_TEMPLATE_NEW"},
|
||||
{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I), "ASN1_TEMPLATE_NOEXP_D2I"},
|
||||
{ERR_FUNC(ASN1_F_ASN1_TIME_SET), "ASN1_TIME_SET"},
|
||||
{ERR_FUNC(ASN1_F_ASN1_TIME_SET), "ASN1_TIME_set"},
|
||||
{ERR_FUNC(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING), "ASN1_TYPE_get_int_octetstring"},
|
||||
{ERR_FUNC(ASN1_F_ASN1_TYPE_GET_OCTETSTRING), "ASN1_TYPE_get_octetstring"},
|
||||
{ERR_FUNC(ASN1_F_ASN1_UNPACK_STRING), "ASN1_unpack_string"},
|
||||
@ -168,10 +168,10 @@ static ERR_STRING_DATA ASN1_str_functs[]=
|
||||
{ERR_FUNC(ASN1_F_OID_MODULE_INIT), "OID_MODULE_INIT"},
|
||||
{ERR_FUNC(ASN1_F_PARSE_TAGGING), "PARSE_TAGGING"},
|
||||
{ERR_FUNC(ASN1_F_PKCS5_PBE2_SET), "PKCS5_pbe2_set"},
|
||||
{ERR_FUNC(ASN1_F_PKCS5_PBE_SET), "PKCS5_PBE_SET"},
|
||||
{ERR_FUNC(ASN1_F_PKCS5_PBE_SET), "PKCS5_pbe_set"},
|
||||
{ERR_FUNC(ASN1_F_X509_CINF_NEW), "X509_CINF_NEW"},
|
||||
{ERR_FUNC(ASN1_F_X509_CRL_ADD0_REVOKED), "X509_CRL_ADD0_REVOKED"},
|
||||
{ERR_FUNC(ASN1_F_X509_INFO_NEW), "X509_INFO_NEW"},
|
||||
{ERR_FUNC(ASN1_F_X509_CRL_ADD0_REVOKED), "X509_CRL_add0_revoked"},
|
||||
{ERR_FUNC(ASN1_F_X509_INFO_NEW), "X509_INFO_new"},
|
||||
{ERR_FUNC(ASN1_F_X509_NAME_ENCODE), "X509_NAME_ENCODE"},
|
||||
{ERR_FUNC(ASN1_F_X509_NAME_EX_D2I), "X509_NAME_EX_D2I"},
|
||||
{ERR_FUNC(ASN1_F_X509_NAME_EX_NEW), "X509_NAME_EX_NEW"},
|
||||
@ -287,15 +287,12 @@ static ERR_STRING_DATA ASN1_str_reasons[]=
|
||||
|
||||
void ERR_load_ASN1_strings(void)
|
||||
{
|
||||
static int init=1;
|
||||
|
||||
if (init)
|
||||
{
|
||||
init=0;
|
||||
#ifndef OPENSSL_NO_ERR
|
||||
|
||||
if (ERR_func_error_string(ASN1_str_functs[0].error) == NULL)
|
||||
{
|
||||
ERR_load_strings(0,ASN1_str_functs);
|
||||
ERR_load_strings(0,ASN1_str_reasons);
|
||||
#endif
|
||||
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
@ -64,7 +64,7 @@
|
||||
|
||||
static int asn1_get_length(const unsigned char **pp,int *inf,long *rl,int max);
|
||||
static void asn1_put_length(unsigned char **pp, int length);
|
||||
const char *ASN1_version="ASN.1" OPENSSL_VERSION_PTEXT;
|
||||
const char ASN1_version[]="ASN.1" OPENSSL_VERSION_PTEXT;
|
||||
|
||||
static int _asn1_check_infinite_end(const unsigned char **p, long len)
|
||||
{
|
||||
|
@ -99,7 +99,7 @@ extern "C" {
|
||||
#define ASN1_ITEM_start(itname) \
|
||||
const ASN1_ITEM * itname##_it(void) \
|
||||
{ \
|
||||
static const ASN1_ITEM local_it = { \
|
||||
static const ASN1_ITEM local_it = {
|
||||
|
||||
#define ASN1_ITEM_end(itname) \
|
||||
}; \
|
||||
|
@ -445,9 +445,9 @@ err:
|
||||
int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
|
||||
{
|
||||
char *s,*c,*b;
|
||||
int ret=0,l,ll,i,first=1;
|
||||
int ret=0,l,i;
|
||||
|
||||
ll=80-2-obase;
|
||||
l=80-2-obase;
|
||||
|
||||
b=s=X509_NAME_oneline(name,NULL,0);
|
||||
if (!*s)
|
||||
@ -457,7 +457,6 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
|
||||
}
|
||||
s++; /* skip the first slash */
|
||||
|
||||
l=ll;
|
||||
c=s;
|
||||
for (;;)
|
||||
{
|
||||
@ -479,16 +478,6 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
|
||||
(*s == '\0'))
|
||||
#endif
|
||||
{
|
||||
if ((l <= 0) && !first)
|
||||
{
|
||||
first=0;
|
||||
if (BIO_write(bp,"\n",1) != 1) goto err;
|
||||
for (i=0; i<obase; i++)
|
||||
{
|
||||
if (BIO_write(bp," ",1) != 1) goto err;
|
||||
}
|
||||
l=ll;
|
||||
}
|
||||
i=s-c;
|
||||
if (BIO_write(bp,c,i) != i) goto err;
|
||||
c+=i;
|
||||
|
@ -93,7 +93,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
|
||||
int tag, int aclass, char opt, ASN1_TLC *ctx);
|
||||
|
||||
/* Table to convert tags to bit values, used for MSTRING type */
|
||||
static unsigned long tag2bit[32] = {
|
||||
static const unsigned long tag2bit[32] = {
|
||||
0, 0, 0, B_ASN1_BIT_STRING, /* tags 0 - 3 */
|
||||
B_ASN1_OCTET_STRING, 0, 0, B_ASN1_UNKNOWN,/* tags 4- 7 */
|
||||
B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,/* tags 8-11 */
|
||||
|
@ -94,6 +94,10 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
|
||||
ret->ex_pathlen = -1;
|
||||
ret->skid = NULL;
|
||||
ret->akid = NULL;
|
||||
#ifndef OPENSSL_NO_RFC3779
|
||||
ret->rfc3779_addr = NULL;
|
||||
ret->rfc3779_asid = NULL;
|
||||
#endif
|
||||
ret->aux = NULL;
|
||||
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
|
||||
break;
|
||||
@ -109,6 +113,10 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
|
||||
ASN1_OCTET_STRING_free(ret->skid);
|
||||
AUTHORITY_KEYID_free(ret->akid);
|
||||
policy_cache_free(ret->policy_cache);
|
||||
#ifndef OPENSSL_NO_RFC3779
|
||||
sk_IPAddressFamily_pop_free(ret->rfc3779_addr, IPAddressFamily_free);
|
||||
ASIdentifiers_free(ret->rfc3779_asid);
|
||||
#endif
|
||||
|
||||
if (ret->name != NULL) OPENSSL_free(ret->name);
|
||||
break;
|
||||
|
@ -65,7 +65,7 @@
|
||||
* CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
|
||||
*/
|
||||
|
||||
const char *BF_version="Blowfish" OPENSSL_VERSION_PTEXT;
|
||||
const char BF_version[]="Blowfish" OPENSSL_VERSION_PTEXT;
|
||||
|
||||
const char *BF_options(void)
|
||||
{
|
||||
|
@ -196,28 +196,32 @@ extern "C" {
|
||||
*/
|
||||
#define BIO_FLAGS_MEM_RDONLY 0x200
|
||||
|
||||
#define BIO_set_flags(b,f) ((b)->flags|=(f))
|
||||
#define BIO_get_flags(b) ((b)->flags)
|
||||
typedef struct bio_st BIO;
|
||||
|
||||
void BIO_set_flags(BIO *b, int flags);
|
||||
int BIO_test_flags(const BIO *b, int flags);
|
||||
void BIO_clear_flags(BIO *b, int flags);
|
||||
|
||||
#define BIO_get_flags(b) BIO_test_flags(b, ~(0x0))
|
||||
#define BIO_set_retry_special(b) \
|
||||
((b)->flags|=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
|
||||
BIO_set_flags(b, (BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
|
||||
#define BIO_set_retry_read(b) \
|
||||
((b)->flags|=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
|
||||
BIO_set_flags(b, (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
|
||||
#define BIO_set_retry_write(b) \
|
||||
((b)->flags|=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
|
||||
BIO_set_flags(b, (BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
|
||||
|
||||
/* These are normally used internally in BIOs */
|
||||
#define BIO_clear_flags(b,f) ((b)->flags&= ~(f))
|
||||
#define BIO_clear_retry_flags(b) \
|
||||
((b)->flags&= ~(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
|
||||
BIO_clear_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
|
||||
#define BIO_get_retry_flags(b) \
|
||||
((b)->flags&(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
|
||||
BIO_test_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
|
||||
|
||||
/* These should be used by the application to tell why we should retry */
|
||||
#define BIO_should_read(a) ((a)->flags & BIO_FLAGS_READ)
|
||||
#define BIO_should_write(a) ((a)->flags & BIO_FLAGS_WRITE)
|
||||
#define BIO_should_io_special(a) ((a)->flags & BIO_FLAGS_IO_SPECIAL)
|
||||
#define BIO_retry_type(a) ((a)->flags & BIO_FLAGS_RWS)
|
||||
#define BIO_should_retry(a) ((a)->flags & BIO_FLAGS_SHOULD_RETRY)
|
||||
#define BIO_should_read(a) BIO_test_flags(a, BIO_FLAGS_READ)
|
||||
#define BIO_should_write(a) BIO_test_flags(a, BIO_FLAGS_WRITE)
|
||||
#define BIO_should_io_special(a) BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL)
|
||||
#define BIO_retry_type(a) BIO_test_flags(a, BIO_FLAGS_RWS)
|
||||
#define BIO_should_retry(a) BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY)
|
||||
|
||||
/* The next three are used in conjunction with the
|
||||
* BIO_should_io_special() condition. After this returns true,
|
||||
@ -246,14 +250,14 @@ extern "C" {
|
||||
#define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN))
|
||||
#define BIO_cb_post(a) ((a)&BIO_CB_RETURN)
|
||||
|
||||
#define BIO_set_callback(b,cb) ((b)->callback=(cb))
|
||||
#define BIO_set_callback_arg(b,arg) ((b)->cb_arg=(char *)(arg))
|
||||
#define BIO_get_callback_arg(b) ((b)->cb_arg)
|
||||
#define BIO_get_callback(b) ((b)->callback)
|
||||
#define BIO_method_name(b) ((b)->method->name)
|
||||
#define BIO_method_type(b) ((b)->method->type)
|
||||
long (*BIO_get_callback(const BIO *b)) (struct bio_st *,int,const char *,int, long,long);
|
||||
void BIO_set_callback(BIO *b,
|
||||
long (*callback)(struct bio_st *,int,const char *,int, long,long));
|
||||
char *BIO_get_callback_arg(const BIO *b);
|
||||
void BIO_set_callback_arg(BIO *b, char *arg);
|
||||
|
||||
typedef struct bio_st BIO;
|
||||
const char * BIO_method_name(const BIO *b);
|
||||
int BIO_method_type(const BIO *b);
|
||||
|
||||
typedef void bio_info_cb(struct bio_st *, int, const char *, int, long, long);
|
||||
|
||||
@ -386,6 +390,7 @@ typedef struct bio_f_buffer_ctx_struct
|
||||
#define BIO_C_NWRITE0 145
|
||||
#define BIO_C_NWRITE 146
|
||||
#define BIO_C_RESET_READ_REQUEST 147
|
||||
#define BIO_C_SET_MD_CTX 148
|
||||
|
||||
|
||||
#define BIO_set_app_data(s,arg) BIO_set_ex_data(s,0,arg)
|
||||
|
@ -143,15 +143,12 @@ static ERR_STRING_DATA BIO_str_reasons[]=
|
||||
|
||||
void ERR_load_BIO_strings(void)
|
||||
{
|
||||
static int init=1;
|
||||
|
||||
if (init)
|
||||
{
|
||||
init=0;
|
||||
#ifndef OPENSSL_NO_ERR
|
||||
|
||||
if (ERR_func_error_string(BIO_str_functs[0].error) == NULL)
|
||||
{
|
||||
ERR_load_strings(0,BIO_str_functs);
|
||||
ERR_load_strings(0,BIO_str_reasons);
|
||||
#endif
|
||||
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
@ -141,6 +141,52 @@ int BIO_free(BIO *a)
|
||||
void BIO_vfree(BIO *a)
|
||||
{ BIO_free(a); }
|
||||
|
||||
void BIO_clear_flags(BIO *b, int flags)
|
||||
{
|
||||
b->flags &= ~flags;
|
||||
}
|
||||
|
||||
int BIO_test_flags(const BIO *b, int flags)
|
||||
{
|
||||
return (b->flags & flags);
|
||||
}
|
||||
|
||||
void BIO_set_flags(BIO *b, int flags)
|
||||
{
|
||||
b->flags |= flags;
|
||||
}
|
||||
|
||||
long (*BIO_get_callback(const BIO *b))(struct bio_st *,int,const char *,int, long,long)
|
||||
{
|
||||
return b->callback;
|
||||
}
|
||||
|
||||
void BIO_set_callback(BIO *b, long (*cb)(struct bio_st *,int,const char *,int, long,long))
|
||||
{
|
||||
b->callback = cb;
|
||||
}
|
||||
|
||||
void BIO_set_callback_arg(BIO *b, char *arg)
|
||||
{
|
||||
b->cb_arg = arg;
|
||||
}
|
||||
|
||||
char * BIO_get_callback_arg(const BIO *b)
|
||||
{
|
||||
return b->cb_arg;
|
||||
}
|
||||
|
||||
const char * BIO_method_name(const BIO *b)
|
||||
{
|
||||
return b->method->name;
|
||||
}
|
||||
|
||||
int BIO_method_type(const BIO *b)
|
||||
{
|
||||
return b->method->type;
|
||||
}
|
||||
|
||||
|
||||
int BIO_read(BIO *b, void *out, int outl)
|
||||
{
|
||||
int i;
|
||||
|
@ -137,15 +137,12 @@ static ERR_STRING_DATA BN_str_reasons[]=
|
||||
|
||||
void ERR_load_BN_strings(void)
|
||||
{
|
||||
static int init=1;
|
||||
|
||||
if (init)
|
||||
{
|
||||
init=0;
|
||||
#ifndef OPENSSL_NO_ERR
|
||||
|
||||
if (ERR_func_error_string(BN_str_functs[0].error) == NULL)
|
||||
{
|
||||
ERR_load_strings(0,BN_str_functs);
|
||||
ERR_load_strings(0,BN_str_reasons);
|
||||
#endif
|
||||
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
@ -67,7 +67,7 @@
|
||||
#include "cryptlib.h"
|
||||
#include "bn_lcl.h"
|
||||
|
||||
const char *BN_version="Big Number" OPENSSL_VERSION_PTEXT;
|
||||
const char BN_version[]="Big Number" OPENSSL_VERSION_PTEXT;
|
||||
|
||||
/* This stuff appears to be completely unused, so is deprecated */
|
||||
#ifndef OPENSSL_NO_DEPRECATED
|
||||
|
@ -62,7 +62,7 @@
|
||||
#include <openssl/buffer.h>
|
||||
#include "bn_lcl.h"
|
||||
|
||||
static const char *Hex="0123456789ABCDEF";
|
||||
static const char Hex[]="0123456789ABCDEF";
|
||||
|
||||
/* Must 'OPENSSL_free' the returned data */
|
||||
char *BN_bn2hex(const BIGNUM *a)
|
||||
|
@ -88,15 +88,12 @@ static ERR_STRING_DATA BUF_str_reasons[]=
|
||||
|
||||
void ERR_load_BUF_strings(void)
|
||||
{
|
||||
static int init=1;
|
||||
|
||||
if (init)
|
||||
{
|
||||
init=0;
|
||||
#ifndef OPENSSL_NO_ERR
|
||||
|
||||
if (ERR_func_error_string(BUF_str_functs[0].error) == NULL)
|
||||
{
|
||||
ERR_load_strings(0,BUF_str_functs);
|
||||
ERR_load_strings(0,BUF_str_reasons);
|
||||
#endif
|
||||
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
@ -85,19 +85,19 @@ clean:
|
||||
|
||||
# DO NOT DELETE THIS LINE -- make depend depends on it.
|
||||
|
||||
camellia.o: ../../include/openssl/opensslconf.h camellia.c camellia.h
|
||||
camellia.o: cmll_locl.h
|
||||
cmll_cbc.o: ../../include/openssl/camellia.h
|
||||
camellia.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
|
||||
camellia.o: camellia.c camellia.h cmll_locl.h
|
||||
cmll_cbc.o: ../../include/openssl/camellia.h ../../include/openssl/e_os2.h
|
||||
cmll_cbc.o: ../../include/openssl/opensslconf.h cmll_cbc.c cmll_locl.h
|
||||
cmll_cfb.o: ../../e_os.h ../../include/openssl/camellia.h
|
||||
cmll_cfb.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
|
||||
cmll_cfb.o: cmll_cfb.c cmll_locl.h
|
||||
cmll_ctr.o: ../../include/openssl/camellia.h
|
||||
cmll_ctr.o: ../../include/openssl/camellia.h ../../include/openssl/e_os2.h
|
||||
cmll_ctr.o: ../../include/openssl/opensslconf.h cmll_ctr.c cmll_locl.h
|
||||
cmll_ecb.o: ../../include/openssl/camellia.h
|
||||
cmll_ecb.o: ../../include/openssl/camellia.h ../../include/openssl/e_os2.h
|
||||
cmll_ecb.o: ../../include/openssl/opensslconf.h cmll_ecb.c cmll_locl.h
|
||||
cmll_misc.o: ../../include/openssl/camellia.h
|
||||
cmll_misc.o: ../../include/openssl/camellia.h ../../include/openssl/e_os2.h
|
||||
cmll_misc.o: ../../include/openssl/opensslconf.h
|
||||
cmll_misc.o: ../../include/openssl/opensslv.h cmll_locl.h cmll_misc.c
|
||||
cmll_ofb.o: ../../include/openssl/camellia.h
|
||||
cmll_ofb.o: ../../include/openssl/camellia.h ../../include/openssl/e_os2.h
|
||||
cmll_ofb.o: ../../include/openssl/opensslconf.h cmll_locl.h cmll_ofb.c
|
||||
|
@ -76,12 +76,7 @@
|
||||
#include "camellia.h"
|
||||
#include "cmll_locl.h"
|
||||
|
||||
/*
|
||||
* must be defined uint32_t
|
||||
*/
|
||||
|
||||
/* key constants */
|
||||
|
||||
#define CAMELLIA_SIGMA1L (0xA09E667FL)
|
||||
#define CAMELLIA_SIGMA1R (0x3BCC908BL)
|
||||
#define CAMELLIA_SIGMA2L (0xB67AE858L)
|
||||
@ -100,18 +95,9 @@
|
||||
*/
|
||||
|
||||
/* e is pointer of subkey */
|
||||
#ifdef L_ENDIAN
|
||||
|
||||
#define CamelliaSubkeyL(INDEX) (subkey[(INDEX)*2 + 1])
|
||||
#define CamelliaSubkeyR(INDEX) (subkey[(INDEX)*2])
|
||||
|
||||
#else /* big endian */
|
||||
|
||||
#define CamelliaSubkeyL(INDEX) (subkey[(INDEX)*2])
|
||||
#define CamelliaSubkeyR(INDEX) (subkey[(INDEX)*2 + 1])
|
||||
|
||||
#endif /* IS_LITTLE_ENDIAN */
|
||||
|
||||
/* rotation right shift 1byte */
|
||||
#define CAMELLIA_RR8(x) (((x) >> 8) + ((x) << 24))
|
||||
/* rotation left shift 1bit */
|
||||
@ -170,44 +156,6 @@ do \
|
||||
* for speed up
|
||||
*
|
||||
*/
|
||||
#if !defined(_MSC_VER)
|
||||
|
||||
#define CAMELLIA_FLS(ll, lr, rl, rr, kll, klr, krl, krr, t0, t1, t2, t3) \
|
||||
do \
|
||||
{ \
|
||||
t0 = kll; \
|
||||
t2 = krr; \
|
||||
t0 &= ll; \
|
||||
t2 |= rr; \
|
||||
rl ^= t2; \
|
||||
lr ^= CAMELLIA_RL1(t0); \
|
||||
t3 = krl; \
|
||||
t1 = klr; \
|
||||
t3 &= rl; \
|
||||
t1 |= lr; \
|
||||
ll ^= t1; \
|
||||
rr ^= CAMELLIA_RL1(t3); \
|
||||
} while(0)
|
||||
|
||||
#define CAMELLIA_ROUNDSM(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \
|
||||
do \
|
||||
{ \
|
||||
ir = CAMELLIA_SP1110(xr & 0xff); \
|
||||
il = CAMELLIA_SP1110((xl>>24) & 0xff); \
|
||||
ir ^= CAMELLIA_SP0222((xr>>24) & 0xff); \
|
||||
il ^= CAMELLIA_SP0222((xl>>16) & 0xff); \
|
||||
ir ^= CAMELLIA_SP3033((xr>>16) & 0xff); \
|
||||
il ^= CAMELLIA_SP3033((xl>>8) & 0xff); \
|
||||
ir ^= CAMELLIA_SP4404((xr>>8) & 0xff); \
|
||||
il ^= CAMELLIA_SP4404(xl & 0xff); \
|
||||
il ^= kl; \
|
||||
ir ^= il ^ kr; \
|
||||
yl ^= ir; \
|
||||
yr ^= CAMELLIA_RR8(il) ^ ir; \
|
||||
} while(0)
|
||||
|
||||
#else /* for MS-VC */
|
||||
|
||||
#define CAMELLIA_FLS(ll, lr, rl, rr, kll, klr, krl, krr, t0, t1, t2, t3) \
|
||||
do \
|
||||
{ \
|
||||
@ -249,9 +197,8 @@ do \
|
||||
yl ^= ir; \
|
||||
yr ^= il; \
|
||||
} while(0)
|
||||
#endif
|
||||
|
||||
static const uint32_t camellia_sp1110[256] =
|
||||
static const u32 camellia_sp1110[256] =
|
||||
{
|
||||
0x70707000,0x82828200,0x2c2c2c00,0xececec00,
|
||||
0xb3b3b300,0x27272700,0xc0c0c000,0xe5e5e500,
|
||||
@ -319,7 +266,7 @@ static const uint32_t camellia_sp1110[256] =
|
||||
0x77777700,0xc7c7c700,0x80808000,0x9e9e9e00,
|
||||
};
|
||||
|
||||
static const uint32_t camellia_sp0222[256] =
|
||||
static const u32 camellia_sp0222[256] =
|
||||
{
|
||||
0x00e0e0e0,0x00050505,0x00585858,0x00d9d9d9,
|
||||
0x00676767,0x004e4e4e,0x00818181,0x00cbcbcb,
|
||||
@ -387,7 +334,7 @@ static const uint32_t camellia_sp0222[256] =
|
||||
0x00eeeeee,0x008f8f8f,0x00010101,0x003d3d3d,
|
||||
};
|
||||
|
||||
static const uint32_t camellia_sp3033[256] =
|
||||
static const u32 camellia_sp3033[256] =
|
||||
{
|
||||
0x38003838,0x41004141,0x16001616,0x76007676,
|
||||
0xd900d9d9,0x93009393,0x60006060,0xf200f2f2,
|
||||
@ -455,7 +402,7 @@ static const uint32_t camellia_sp3033[256] =
|
||||
0xbb00bbbb,0xe300e3e3,0x40004040,0x4f004f4f,
|
||||
};
|
||||
|
||||
static const uint32_t camellia_sp4404[256] =
|
||||
static const u32 camellia_sp4404[256] =
|
||||
{
|
||||
0x70700070,0x2c2c002c,0xb3b300b3,0xc0c000c0,
|
||||
0xe4e400e4,0x57570057,0xeaea00ea,0xaeae00ae,
|
||||
@ -523,20 +470,19 @@ static const uint32_t camellia_sp4404[256] =
|
||||
0xe3e300e3,0xf4f400f4,0xc7c700c7,0x9e9e009e,
|
||||
};
|
||||
|
||||
|
||||
/**
|
||||
* Stuff related to the Camellia key schedule
|
||||
*/
|
||||
#define subl(x) subL[(x)]
|
||||
#define subr(x) subR[(x)]
|
||||
|
||||
void camellia_setup128(const unsigned char *key, uint32_t *subkey)
|
||||
void camellia_setup128(const u8 *key, u32 *subkey)
|
||||
{
|
||||
uint32_t kll, klr, krl, krr;
|
||||
uint32_t il, ir, t0, t1, w0, w1;
|
||||
uint32_t kw4l, kw4r, dw, tl, tr;
|
||||
uint32_t subL[26];
|
||||
uint32_t subR[26];
|
||||
u32 kll, klr, krl, krr;
|
||||
u32 il, ir, t0, t1, w0, w1;
|
||||
u32 kw4l, kw4r, dw, tl, tr;
|
||||
u32 subL[26];
|
||||
u32 subR[26];
|
||||
|
||||
/**
|
||||
* k == kll || klr || krl || krr (|| is concatination)
|
||||
@ -833,14 +779,14 @@ void camellia_setup128(const unsigned char *key, uint32_t *subkey)
|
||||
return;
|
||||
}
|
||||
|
||||
void camellia_setup256(const unsigned char *key, uint32_t *subkey)
|
||||
void camellia_setup256(const u8 *key, u32 *subkey)
|
||||
{
|
||||
uint32_t kll,klr,krl,krr; /* left half of key */
|
||||
uint32_t krll,krlr,krrl,krrr; /* right half of key */
|
||||
uint32_t il, ir, t0, t1, w0, w1; /* temporary variables */
|
||||
uint32_t kw4l, kw4r, dw, tl, tr;
|
||||
uint32_t subL[34];
|
||||
uint32_t subR[34];
|
||||
u32 kll,klr,krl,krr; /* left half of key */
|
||||
u32 krll,krlr,krrl,krrr; /* right half of key */
|
||||
u32 il, ir, t0, t1, w0, w1; /* temporary variables */
|
||||
u32 kw4l, kw4r, dw, tl, tr;
|
||||
u32 subL[34];
|
||||
u32 subR[34];
|
||||
|
||||
/**
|
||||
* key = (kll || klr || krl || krr || krll || krlr || krrl || krrr)
|
||||
@ -1245,18 +1191,18 @@ void camellia_setup256(const unsigned char *key, uint32_t *subkey)
|
||||
return;
|
||||
}
|
||||
|
||||
void camellia_setup192(const unsigned char *key, uint32_t *subkey)
|
||||
void camellia_setup192(const u8 *key, u32 *subkey)
|
||||
{
|
||||
unsigned char kk[32];
|
||||
uint32_t krll, krlr, krrl,krrr;
|
||||
u8 kk[32];
|
||||
u32 krll, krlr, krrl,krrr;
|
||||
|
||||
memcpy(kk, key, 24);
|
||||
memcpy((unsigned char *)&krll, key+16,4);
|
||||
memcpy((unsigned char *)&krlr, key+20,4);
|
||||
memcpy((u8 *)&krll, key+16,4);
|
||||
memcpy((u8 *)&krlr, key+20,4);
|
||||
krrl = ~krll;
|
||||
krrr = ~krlr;
|
||||
memcpy(kk+24, (unsigned char *)&krrl, 4);
|
||||
memcpy(kk+28, (unsigned char *)&krrr, 4);
|
||||
memcpy(kk+24, (u8 *)&krrl, 4);
|
||||
memcpy(kk+28, (u8 *)&krrr, 4);
|
||||
camellia_setup256(kk, subkey);
|
||||
return;
|
||||
}
|
||||
@ -1265,11 +1211,10 @@ void camellia_setup192(const unsigned char *key, uint32_t *subkey)
|
||||
/**
|
||||
* Stuff related to camellia encryption/decryption
|
||||
*/
|
||||
void camellia_encrypt128(const uint32_t *subkey, uint32_t *io)
|
||||
void camellia_encrypt128(const u32 *subkey, u32 *io)
|
||||
{
|
||||
uint32_t il, ir, t0, t1;
|
||||
u32 il, ir, t0, t1;
|
||||
|
||||
SWAP4WORD(io);
|
||||
/* pre whitening but absorb kw2*/
|
||||
io[0] ^= CamelliaSubkeyL(0);
|
||||
io[1] ^= CamelliaSubkeyR(0);
|
||||
@ -1352,16 +1297,13 @@ void camellia_encrypt128(const uint32_t *subkey, uint32_t *io)
|
||||
io[1] = io[3];
|
||||
io[2] = t0;
|
||||
io[3] = t1;
|
||||
SWAP4WORD(io);
|
||||
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
void camellia_decrypt128(const uint32_t *subkey, uint32_t *io)
|
||||
void camellia_decrypt128(const u32 *subkey, u32 *io)
|
||||
{
|
||||
uint32_t il,ir,t0,t1; /* temporary valiables */
|
||||
|
||||
SWAP4WORD(io);
|
||||
u32 il,ir,t0,t1; /* temporary valiables */
|
||||
|
||||
/* pre whitening but absorb kw2*/
|
||||
io[0] ^= CamelliaSubkeyL(24);
|
||||
@ -1445,7 +1387,6 @@ void camellia_decrypt128(const uint32_t *subkey, uint32_t *io)
|
||||
io[1] = io[3];
|
||||
io[2] = t0;
|
||||
io[3] = t1;
|
||||
SWAP4WORD(io);
|
||||
|
||||
return;
|
||||
}
|
||||
@ -1453,11 +1394,9 @@ void camellia_decrypt128(const uint32_t *subkey, uint32_t *io)
|
||||
/**
|
||||
* stuff for 192 and 256bit encryption/decryption
|
||||
*/
|
||||
void camellia_encrypt256(const uint32_t *subkey, uint32_t *io)
|
||||
void camellia_encrypt256(const u32 *subkey, u32 *io)
|
||||
{
|
||||
uint32_t il,ir,t0,t1; /* temporary valiables */
|
||||
|
||||
SWAP4WORD(io);
|
||||
u32 il,ir,t0,t1; /* temporary valiables */
|
||||
|
||||
/* pre whitening but absorb kw2*/
|
||||
io[0] ^= CamelliaSubkeyL(0);
|
||||
@ -1565,16 +1504,14 @@ void camellia_encrypt256(const uint32_t *subkey, uint32_t *io)
|
||||
io[1] = io[3];
|
||||
io[2] = t0;
|
||||
io[3] = t1;
|
||||
SWAP4WORD(io);
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
void camellia_decrypt256(const uint32_t *subkey, uint32_t *io)
|
||||
void camellia_decrypt256(const u32 *subkey, u32 *io)
|
||||
{
|
||||
uint32_t il,ir,t0,t1; /* temporary valiables */
|
||||
u32 il,ir,t0,t1; /* temporary valiables */
|
||||
|
||||
SWAP4WORD(io);
|
||||
/* pre whitening but absorb kw2*/
|
||||
io[0] ^= CamelliaSubkeyL(32);
|
||||
io[1] ^= CamelliaSubkeyR(32);
|
||||
@ -1681,7 +1618,6 @@ void camellia_decrypt256(const uint32_t *subkey, uint32_t *io)
|
||||
io[1] = io[3];
|
||||
io[2] = t0;
|
||||
io[3] = t1;
|
||||
SWAP4WORD(io);
|
||||
|
||||
return;
|
||||
}
|
||||
|
@ -67,25 +67,28 @@ void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
|
||||
unsigned long n;
|
||||
unsigned long len = length;
|
||||
unsigned char tmp[CAMELLIA_BLOCK_SIZE];
|
||||
const unsigned char *iv = ivec;
|
||||
uint32_t t32[UNITSIZE];
|
||||
union { u32 t32[CAMELLIA_BLOCK_SIZE/sizeof(u32)];
|
||||
u8 t8 [CAMELLIA_BLOCK_SIZE]; } tmp;
|
||||
const union { long one; char little; } camellia_endian = {1};
|
||||
|
||||
|
||||
assert(in && out && key && ivec);
|
||||
assert((CAMELLIA_ENCRYPT == enc)||(CAMELLIA_DECRYPT == enc));
|
||||
|
||||
if(((size_t)in) % ALIGN == 0
|
||||
&& ((size_t)out) % ALIGN == 0
|
||||
&& ((size_t)ivec) % ALIGN == 0)
|
||||
if(((size_t)in|(size_t)out|(size_t)ivec) % sizeof(u32) == 0)
|
||||
{
|
||||
if (CAMELLIA_ENCRYPT == enc)
|
||||
{
|
||||
while (len >= CAMELLIA_BLOCK_SIZE)
|
||||
{
|
||||
XOR4WORD2((uint32_t *)out,
|
||||
(uint32_t *)in, (uint32_t *)iv);
|
||||
key->enc(key->rd_key, (uint32_t *)out);
|
||||
XOR4WORD2((u32 *)out,
|
||||
(u32 *)in, (u32 *)iv);
|
||||
if (camellia_endian.little)
|
||||
SWAP4WORD((u32 *)out);
|
||||
key->enc(key->rd_key, (u32 *)out);
|
||||
if (camellia_endian.little)
|
||||
SWAP4WORD((u32 *)out);
|
||||
iv = out;
|
||||
len -= CAMELLIA_BLOCK_SIZE;
|
||||
in += CAMELLIA_BLOCK_SIZE;
|
||||
@ -97,7 +100,11 @@ void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
out[n] = in[n] ^ iv[n];
|
||||
for(n=len; n < CAMELLIA_BLOCK_SIZE; ++n)
|
||||
out[n] = iv[n];
|
||||
key->enc(key->rd_key, (uint32_t *)out);
|
||||
if (camellia_endian.little)
|
||||
SWAP4WORD((u32 *)out);
|
||||
key->enc(key->rd_key, (u32 *)out);
|
||||
if (camellia_endian.little)
|
||||
SWAP4WORD((u32 *)out);
|
||||
iv = out;
|
||||
}
|
||||
memcpy(ivec,iv,CAMELLIA_BLOCK_SIZE);
|
||||
@ -107,8 +114,12 @@ void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
while (len >= CAMELLIA_BLOCK_SIZE)
|
||||
{
|
||||
memcpy(out,in,CAMELLIA_BLOCK_SIZE);
|
||||
key->dec(key->rd_key,(uint32_t *)out);
|
||||
XOR4WORD((uint32_t *)out, (uint32_t *)iv);
|
||||
if (camellia_endian.little)
|
||||
SWAP4WORD((u32 *)out);
|
||||
key->dec(key->rd_key,(u32 *)out);
|
||||
if (camellia_endian.little)
|
||||
SWAP4WORD((u32 *)out);
|
||||
XOR4WORD((u32 *)out, (u32 *)iv);
|
||||
iv = in;
|
||||
len -= CAMELLIA_BLOCK_SIZE;
|
||||
in += CAMELLIA_BLOCK_SIZE;
|
||||
@ -116,10 +127,14 @@ void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
}
|
||||
if (len)
|
||||
{
|
||||
memcpy(tmp, in, CAMELLIA_BLOCK_SIZE);
|
||||
key->dec(key->rd_key, (uint32_t *)tmp);
|
||||
memcpy(tmp.t8, in, CAMELLIA_BLOCK_SIZE);
|
||||
if (camellia_endian.little)
|
||||
SWAP4WORD(tmp.t32);
|
||||
key->dec(key->rd_key, tmp.t32);
|
||||
if (camellia_endian.little)
|
||||
SWAP4WORD(tmp.t32);
|
||||
for(n=0; n < len; ++n)
|
||||
out[n] = tmp[n] ^ iv[n];
|
||||
out[n] = tmp.t8[n] ^ iv[n];
|
||||
iv = in;
|
||||
}
|
||||
memcpy(ivec,iv,CAMELLIA_BLOCK_SIZE);
|
||||
@ -128,23 +143,31 @@ void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
{
|
||||
while (len >= CAMELLIA_BLOCK_SIZE)
|
||||
{
|
||||
memcpy(tmp, in, CAMELLIA_BLOCK_SIZE);
|
||||
key->dec(key->rd_key, (uint32_t *)out);
|
||||
XOR4WORD((uint32_t *)out, (uint32_t *)ivec);
|
||||
memcpy(ivec, tmp, CAMELLIA_BLOCK_SIZE);
|
||||
memcpy(tmp.t8, in, CAMELLIA_BLOCK_SIZE);
|
||||
if (camellia_endian.little)
|
||||
SWAP4WORD((u32 *)out);
|
||||
key->dec(key->rd_key, (u32 *)out);
|
||||
if (camellia_endian.little)
|
||||
SWAP4WORD((u32 *)out);
|
||||
XOR4WORD((u32 *)out, (u32 *)ivec);
|
||||
memcpy(ivec, tmp.t8, CAMELLIA_BLOCK_SIZE);
|
||||
len -= CAMELLIA_BLOCK_SIZE;
|
||||
in += CAMELLIA_BLOCK_SIZE;
|
||||
out += CAMELLIA_BLOCK_SIZE;
|
||||
}
|
||||
if (len)
|
||||
{
|
||||
memcpy(tmp, in, CAMELLIA_BLOCK_SIZE);
|
||||
key->dec(key->rd_key,(uint32_t *)out);
|
||||
memcpy(tmp.t8, in, CAMELLIA_BLOCK_SIZE);
|
||||
if (camellia_endian.little)
|
||||
SWAP4WORD((u32 *)out);
|
||||
key->dec(key->rd_key,(u32 *)out);
|
||||
if (camellia_endian.little)
|
||||
SWAP4WORD((u32 *)out);
|
||||
for(n=0; n < len; ++n)
|
||||
out[n] ^= ivec[n];
|
||||
for(n=len; n < CAMELLIA_BLOCK_SIZE; ++n)
|
||||
out[n] = tmp[n];
|
||||
memcpy(ivec, tmp, CAMELLIA_BLOCK_SIZE);
|
||||
out[n] = tmp.t8[n];
|
||||
memcpy(ivec, tmp.t8, CAMELLIA_BLOCK_SIZE);
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -155,10 +178,13 @@ void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
while (len >= CAMELLIA_BLOCK_SIZE)
|
||||
{
|
||||
for(n=0; n < CAMELLIA_BLOCK_SIZE; ++n)
|
||||
out[n] = in[n] ^ iv[n];
|
||||
memcpy(t32, out, CAMELLIA_BLOCK_SIZE);
|
||||
key->enc(key->rd_key, t32);
|
||||
memcpy(out, t32, CAMELLIA_BLOCK_SIZE);
|
||||
tmp.t8[n] = in[n] ^ iv[n];
|
||||
if (camellia_endian.little)
|
||||
SWAP4WORD(tmp.t32);
|
||||
key->enc(key->rd_key, tmp.t32);
|
||||
if (camellia_endian.little)
|
||||
SWAP4WORD(tmp.t32);
|
||||
memcpy(out, tmp.t8, CAMELLIA_BLOCK_SIZE);
|
||||
iv = out;
|
||||
len -= CAMELLIA_BLOCK_SIZE;
|
||||
in += CAMELLIA_BLOCK_SIZE;
|
||||
@ -167,10 +193,15 @@ void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
if (len)
|
||||
{
|
||||
for(n=0; n < len; ++n)
|
||||
out[n] = in[n] ^ iv[n];
|
||||
tmp.t8[n] = in[n] ^ iv[n];
|
||||
for(n=len; n < CAMELLIA_BLOCK_SIZE; ++n)
|
||||
out[n] = iv[n];
|
||||
key->enc(key->rd_key, (uint32_t *)out);
|
||||
tmp.t8[n] = iv[n];
|
||||
if (camellia_endian.little)
|
||||
SWAP4WORD(tmp.t32);
|
||||
key->enc(key->rd_key, tmp.t32);
|
||||
if (camellia_endian.little)
|
||||
SWAP4WORD(tmp.t32);
|
||||
memcpy(out, tmp.t8, CAMELLIA_BLOCK_SIZE);
|
||||
iv = out;
|
||||
}
|
||||
memcpy(ivec,iv,CAMELLIA_BLOCK_SIZE);
|
||||
@ -179,11 +210,14 @@ void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
{
|
||||
while (len >= CAMELLIA_BLOCK_SIZE)
|
||||
{
|
||||
memcpy(t32,in,CAMELLIA_BLOCK_SIZE);
|
||||
key->dec(key->rd_key,t32);
|
||||
memcpy(out,t32,CAMELLIA_BLOCK_SIZE);
|
||||
memcpy(tmp.t8,in,CAMELLIA_BLOCK_SIZE);
|
||||
if (camellia_endian.little)
|
||||
SWAP4WORD(tmp.t32);
|
||||
key->dec(key->rd_key,tmp.t32);
|
||||
if (camellia_endian.little)
|
||||
SWAP4WORD(tmp.t32);
|
||||
for(n=0; n < CAMELLIA_BLOCK_SIZE; ++n)
|
||||
out[n] ^= iv[n];
|
||||
out[n] = tmp.t8[n] ^ iv[n];
|
||||
iv = in;
|
||||
len -= CAMELLIA_BLOCK_SIZE;
|
||||
in += CAMELLIA_BLOCK_SIZE;
|
||||
@ -191,12 +225,14 @@ void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
}
|
||||
if (len)
|
||||
{
|
||||
memcpy(tmp, in, CAMELLIA_BLOCK_SIZE);
|
||||
memcpy(t32, in, CAMELLIA_BLOCK_SIZE);
|
||||
key->dec(key->rd_key, t32);
|
||||
memcpy(out, t32, CAMELLIA_BLOCK_SIZE);
|
||||
memcpy(tmp.t8, in, CAMELLIA_BLOCK_SIZE);
|
||||
if (camellia_endian.little)
|
||||
SWAP4WORD(tmp.t32);
|
||||
key->dec(key->rd_key, tmp.t32);
|
||||
if (camellia_endian.little)
|
||||
SWAP4WORD(tmp.t32);
|
||||
for(n=0; n < len; ++n)
|
||||
out[n] = tmp[n] ^ iv[n];
|
||||
out[n] = tmp.t8[n] ^ iv[n];
|
||||
iv = in;
|
||||
}
|
||||
memcpy(ivec,iv,CAMELLIA_BLOCK_SIZE);
|
||||
@ -205,30 +241,33 @@ void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
{
|
||||
while (len >= CAMELLIA_BLOCK_SIZE)
|
||||
{
|
||||
memcpy(tmp, in, CAMELLIA_BLOCK_SIZE);
|
||||
memcpy(t32, in, CAMELLIA_BLOCK_SIZE);
|
||||
key->dec(key->rd_key, t32);
|
||||
memcpy(out, t32, CAMELLIA_BLOCK_SIZE);
|
||||
memcpy(tmp.t8, in, CAMELLIA_BLOCK_SIZE);
|
||||
if (camellia_endian.little)
|
||||
SWAP4WORD(tmp.t32);
|
||||
key->dec(key->rd_key, tmp.t32);
|
||||
if (camellia_endian.little)
|
||||
SWAP4WORD(tmp.t32);
|
||||
for(n=0; n < CAMELLIA_BLOCK_SIZE; ++n)
|
||||
out[n] ^= ivec[n];
|
||||
memcpy(ivec, tmp, CAMELLIA_BLOCK_SIZE);
|
||||
tmp.t8[n] ^= ivec[n];
|
||||
memcpy(ivec, in, CAMELLIA_BLOCK_SIZE);
|
||||
memcpy(out, tmp.t8, CAMELLIA_BLOCK_SIZE);
|
||||
len -= CAMELLIA_BLOCK_SIZE;
|
||||
in += CAMELLIA_BLOCK_SIZE;
|
||||
out += CAMELLIA_BLOCK_SIZE;
|
||||
}
|
||||
if (len)
|
||||
{
|
||||
memcpy(tmp, in, CAMELLIA_BLOCK_SIZE);
|
||||
memcpy(t32, in, CAMELLIA_BLOCK_SIZE);
|
||||
key->dec(key->rd_key,t32);
|
||||
memcpy(out, t32, CAMELLIA_BLOCK_SIZE);
|
||||
memcpy(tmp.t8, in, CAMELLIA_BLOCK_SIZE);
|
||||
if (camellia_endian.little)
|
||||
SWAP4WORD(tmp.t32);
|
||||
key->dec(key->rd_key,tmp.t32);
|
||||
if (camellia_endian.little)
|
||||
SWAP4WORD(tmp.t32);
|
||||
for(n=0; n < len; ++n)
|
||||
out[n] ^= ivec[n];
|
||||
for(n=len; n < CAMELLIA_BLOCK_SIZE; ++n)
|
||||
out[n] = tmp[n];
|
||||
memcpy(ivec, tmp, CAMELLIA_BLOCK_SIZE);
|
||||
tmp.t8[n] ^= ivec[n];
|
||||
memcpy(ivec, in, CAMELLIA_BLOCK_SIZE);
|
||||
memcpy(out,tmp.t8,len);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -73,55 +73,42 @@
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
#if defined(_MSC_VER)
|
||||
typedef unsigned char uint8_t;
|
||||
typedef unsigned int uint32_t;
|
||||
typedef unsigned __int64 uint64_t;
|
||||
#else
|
||||
#include <inttypes.h>
|
||||
#endif
|
||||
typedef unsigned char u8;
|
||||
typedef unsigned int u32;
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
#define ALIGN 4
|
||||
#define UNITSIZE 4
|
||||
|
||||
#if defined(_MSC_VER) && (defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64))
|
||||
# define SWAP(x) ( _lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00 )
|
||||
# define GETU32(p) SWAP(*((uint32_t *)(p)))
|
||||
# define PUTU32(ct, st) { *((uint32_t *)(ct)) = SWAP((st)); }
|
||||
# define GETU32(p) SWAP(*((u32 *)(p)))
|
||||
# define PUTU32(ct, st) { *((u32 *)(ct)) = SWAP((st)); }
|
||||
# define CAMELLIA_SWAP4(x) (x = ( _lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00) )
|
||||
|
||||
|
||||
#else /* not windows */
|
||||
# define GETU32(pt) (((uint32_t)(pt)[0] << 24) \
|
||||
^ ((uint32_t)(pt)[1] << 16) \
|
||||
^ ((uint32_t)(pt)[2] << 8) \
|
||||
^ ((uint32_t)(pt)[3]))
|
||||
# define GETU32(pt) (((u32)(pt)[0] << 24) \
|
||||
^ ((u32)(pt)[1] << 16) \
|
||||
^ ((u32)(pt)[2] << 8) \
|
||||
^ ((u32)(pt)[3]))
|
||||
|
||||
# define PUTU32(ct, st) { (ct)[0] = (uint8_t)((st) >> 24); \
|
||||
(ct)[1] = (uint8_t)((st) >> 16); \
|
||||
(ct)[2] = (uint8_t)((st) >> 8); \
|
||||
(ct)[3] = (uint8_t)(st); }
|
||||
# define PUTU32(ct, st) { (ct)[0] = (u8)((st) >> 24); \
|
||||
(ct)[1] = (u8)((st) >> 16); \
|
||||
(ct)[2] = (u8)((st) >> 8); \
|
||||
(ct)[3] = (u8)(st); }
|
||||
|
||||
#ifdef L_ENDIAN
|
||||
#if (defined (__GNUC__) && !defined(i386))
|
||||
#if (defined (__GNUC__) && (defined(__x86_64__) || defined(__x86_64)))
|
||||
#define CAMELLIA_SWAP4(x) \
|
||||
do{\
|
||||
asm("bswap %1" : "+r" (x));\
|
||||
}while(0)
|
||||
#else /* not gcc */
|
||||
#else
|
||||
#define CAMELLIA_SWAP4(x) \
|
||||
do{\
|
||||
x = ((uint32_t)x << 16) + ((uint32_t)x >> 16);\
|
||||
x = (((uint32_t)x & 0xff00ff) << 8) + (((uint32_t)x >> 8) & 0xff00ff);\
|
||||
x = ((u32)x << 16) + ((u32)x >> 16);\
|
||||
x = (((u32)x & 0xff00ff) << 8) + (((u32)x >> 8) & 0xff00ff);\
|
||||
} while(0)
|
||||
#endif /* not gcc */
|
||||
#else /* big endian */
|
||||
#define CAMELLIA_SWAP4(x)
|
||||
#endif /* L_ENDIAN */
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#define COPY4WORD(dst, src) \
|
||||
@ -161,14 +148,14 @@ extern "C" {
|
||||
}while(0)
|
||||
|
||||
|
||||
void camellia_setup128(const unsigned char *key, uint32_t *subkey);
|
||||
void camellia_setup192(const unsigned char *key, uint32_t *subkey);
|
||||
void camellia_setup256(const unsigned char *key, uint32_t *subkey);
|
||||
void camellia_setup128(const u8 *key, u32 *subkey);
|
||||
void camellia_setup192(const u8 *key, u32 *subkey);
|
||||
void camellia_setup256(const u8 *key, u32 *subkey);
|
||||
|
||||
void camellia_encrypt128(const uint32_t *subkey, uint32_t *io);
|
||||
void camellia_decrypt128(const uint32_t *subkey, uint32_t *io);
|
||||
void camellia_encrypt256(const uint32_t *subkey, uint32_t *io);
|
||||
void camellia_decrypt256(const uint32_t *subkey, uint32_t *io);
|
||||
void camellia_encrypt128(const u32 *subkey, u32 *io);
|
||||
void camellia_decrypt128(const u32 *subkey, u32 *io);
|
||||
void camellia_encrypt256(const u32 *subkey, u32 *io);
|
||||
void camellia_decrypt256(const u32 *subkey, u32 *io);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
@ -53,7 +53,7 @@
|
||||
#include <openssl/camellia.h>
|
||||
#include "cmll_locl.h"
|
||||
|
||||
const char *CAMELLIA_version="CAMELLIA" OPENSSL_VERSION_PTEXT;
|
||||
const char CAMELLIA_version[]="CAMELLIA" OPENSSL_VERSION_PTEXT;
|
||||
|
||||
int Camellia_set_key(const unsigned char *userKey, const int bits,
|
||||
CAMELLIA_KEY *key)
|
||||
@ -91,20 +91,26 @@ int Camellia_set_key(const unsigned char *userKey, const int bits,
|
||||
void Camellia_encrypt(const unsigned char *in, unsigned char *out,
|
||||
const CAMELLIA_KEY *key)
|
||||
{
|
||||
uint32_t tmp[UNITSIZE];
|
||||
u32 tmp[CAMELLIA_BLOCK_SIZE/sizeof(u32)];
|
||||
const union { long one; char little; } camellia_endian = {1};
|
||||
|
||||
memcpy(tmp, in, CAMELLIA_BLOCK_SIZE);
|
||||
if (camellia_endian.little) SWAP4WORD(tmp);
|
||||
key->enc(key->rd_key, tmp);
|
||||
if (camellia_endian.little) SWAP4WORD(tmp);
|
||||
memcpy(out, tmp, CAMELLIA_BLOCK_SIZE);
|
||||
}
|
||||
|
||||
void Camellia_decrypt(const unsigned char *in, unsigned char *out,
|
||||
const CAMELLIA_KEY *key)
|
||||
{
|
||||
uint32_t tmp[UNITSIZE];
|
||||
u32 tmp[CAMELLIA_BLOCK_SIZE/sizeof(u32)];
|
||||
const union { long one; char little; } camellia_endian = {1};
|
||||
|
||||
memcpy(tmp, in, CAMELLIA_BLOCK_SIZE);
|
||||
if (camellia_endian.little) SWAP4WORD(tmp);
|
||||
key->dec(key->rd_key, tmp);
|
||||
if (camellia_endian.little) SWAP4WORD(tmp);
|
||||
memcpy(out, tmp, CAMELLIA_BLOCK_SIZE);
|
||||
}
|
||||
|
||||
|
@ -60,7 +60,7 @@
|
||||
#include "cast_lcl.h"
|
||||
#include <openssl/opensslv.h>
|
||||
|
||||
const char *CAST_version="CAST" OPENSSL_VERSION_PTEXT;
|
||||
const char CAST_version[]="CAST" OPENSSL_VERSION_PTEXT;
|
||||
|
||||
void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out,
|
||||
CAST_KEY *ks, int enc)
|
||||
|
@ -31,6 +31,24 @@ static int zlib_stateful_compress_block(COMP_CTX *ctx, unsigned char *out,
|
||||
static int zlib_stateful_expand_block(COMP_CTX *ctx, unsigned char *out,
|
||||
unsigned int olen, unsigned char *in, unsigned int ilen);
|
||||
|
||||
|
||||
/* memory allocations functions for zlib intialization */
|
||||
static void* zlib_zalloc(void* opaque, unsigned int no, unsigned int size)
|
||||
{
|
||||
void *p;
|
||||
|
||||
p=OPENSSL_malloc(no*size);
|
||||
if (p)
|
||||
memset(p, 0, no*size);
|
||||
return p;
|
||||
}
|
||||
|
||||
|
||||
static void zlib_zfree(void* opaque, void* address)
|
||||
{
|
||||
OPENSSL_free(address);
|
||||
}
|
||||
|
||||
#if 0
|
||||
static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out,
|
||||
unsigned int olen, unsigned char *in, unsigned int ilen);
|
||||
@ -133,8 +151,8 @@ static int zlib_stateful_init(COMP_CTX *ctx)
|
||||
if (state == NULL)
|
||||
goto err;
|
||||
|
||||
state->istream.zalloc = Z_NULL;
|
||||
state->istream.zfree = Z_NULL;
|
||||
state->istream.zalloc = zlib_zalloc;
|
||||
state->istream.zfree = zlib_zfree;
|
||||
state->istream.opaque = Z_NULL;
|
||||
state->istream.next_in = Z_NULL;
|
||||
state->istream.next_out = Z_NULL;
|
||||
@ -145,8 +163,8 @@ static int zlib_stateful_init(COMP_CTX *ctx)
|
||||
if (err != Z_OK)
|
||||
goto err;
|
||||
|
||||
state->ostream.zalloc = Z_NULL;
|
||||
state->ostream.zfree = Z_NULL;
|
||||
state->ostream.zalloc = zlib_zalloc;
|
||||
state->ostream.zfree = zlib_zfree;
|
||||
state->ostream.opaque = Z_NULL;
|
||||
state->ostream.next_in = Z_NULL;
|
||||
state->ostream.next_out = Z_NULL;
|
||||
@ -158,17 +176,6 @@ static int zlib_stateful_init(COMP_CTX *ctx)
|
||||
goto err;
|
||||
|
||||
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_COMP,ctx,&ctx->ex_data);
|
||||
if (zlib_stateful_ex_idx == -1)
|
||||
{
|
||||
CRYPTO_w_lock(CRYPTO_LOCK_COMP);
|
||||
if (zlib_stateful_ex_idx == -1)
|
||||
zlib_stateful_ex_idx =
|
||||
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_COMP,
|
||||
0,NULL,NULL,NULL,zlib_stateful_free_ex_data);
|
||||
CRYPTO_w_unlock(CRYPTO_LOCK_COMP);
|
||||
if (zlib_stateful_ex_idx == -1)
|
||||
goto err;
|
||||
}
|
||||
CRYPTO_set_ex_data(&ctx->ex_data,zlib_stateful_ex_idx,state);
|
||||
return 1;
|
||||
err:
|
||||
@ -379,7 +386,25 @@ COMP_METHOD *COMP_zlib(void)
|
||||
if (zlib_loaded)
|
||||
#endif
|
||||
#if defined(ZLIB) || defined(ZLIB_SHARED)
|
||||
{
|
||||
/* init zlib_stateful_ex_idx here so that in a multi-process
|
||||
* application it's enough to intialize openssl before forking
|
||||
* (idx will be inherited in all the children) */
|
||||
if (zlib_stateful_ex_idx == -1)
|
||||
{
|
||||
CRYPTO_w_lock(CRYPTO_LOCK_COMP);
|
||||
if (zlib_stateful_ex_idx == -1)
|
||||
zlib_stateful_ex_idx =
|
||||
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_COMP,
|
||||
0,NULL,NULL,NULL,zlib_stateful_free_ex_data);
|
||||
CRYPTO_w_unlock(CRYPTO_LOCK_COMP);
|
||||
if (zlib_stateful_ex_idx == -1)
|
||||
goto err;
|
||||
}
|
||||
|
||||
meth = &zlib_stateful_method;
|
||||
}
|
||||
err:
|
||||
#endif
|
||||
|
||||
return(meth);
|
||||
|
@ -82,15 +82,12 @@ static ERR_STRING_DATA COMP_str_reasons[]=
|
||||
|
||||
void ERR_load_COMP_strings(void)
|
||||
{
|
||||
static int init=1;
|
||||
|
||||
if (init)
|
||||
{
|
||||
init=0;
|
||||
#ifndef OPENSSL_NO_ERR
|
||||
|
||||
if (ERR_func_error_string(COMP_str_functs[0].error) == NULL)
|
||||
{
|
||||
ERR_load_strings(0,COMP_str_functs);
|
||||
ERR_load_strings(0,COMP_str_reasons);
|
||||
#endif
|
||||
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
@ -88,7 +88,7 @@ static int def_dump(const CONF *conf, BIO *bp);
|
||||
static int def_is_number(const CONF *conf, char c);
|
||||
static int def_to_int(const CONF *conf, char c);
|
||||
|
||||
const char *CONF_def_version="CONF_def" OPENSSL_VERSION_PTEXT;
|
||||
const char CONF_def_version[]="CONF_def" OPENSSL_VERSION_PTEXT;
|
||||
|
||||
static CONF_METHOD default_method = {
|
||||
"OpenSSL default",
|
||||
|
@ -118,15 +118,12 @@ static ERR_STRING_DATA CONF_str_reasons[]=
|
||||
|
||||
void ERR_load_CONF_strings(void)
|
||||
{
|
||||
static int init=1;
|
||||
|
||||
if (init)
|
||||
{
|
||||
init=0;
|
||||
#ifndef OPENSSL_NO_ERR
|
||||
|
||||
if (ERR_func_error_string(CONF_str_functs[0].error) == NULL)
|
||||
{
|
||||
ERR_load_strings(0,CONF_str_functs);
|
||||
ERR_load_strings(0,CONF_str_reasons);
|
||||
#endif
|
||||
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
@ -63,7 +63,7 @@
|
||||
#include <openssl/conf_api.h>
|
||||
#include <openssl/lhash.h>
|
||||
|
||||
const char *CONF_version="CONF" OPENSSL_VERSION_PTEXT;
|
||||
const char CONF_version[]="CONF" OPENSSL_VERSION_PTEXT;
|
||||
|
||||
static CONF_METHOD *default_CONF_method=NULL;
|
||||
|
||||
|
@ -92,15 +92,12 @@ static ERR_STRING_DATA CRYPTO_str_reasons[]=
|
||||
|
||||
void ERR_load_CRYPTO_strings(void)
|
||||
{
|
||||
static int init=1;
|
||||
|
||||
if (init)
|
||||
{
|
||||
init=0;
|
||||
#ifndef OPENSSL_NO_ERR
|
||||
|
||||
if (ERR_func_error_string(CRYPTO_str_functs[0].error) == NULL)
|
||||
{
|
||||
ERR_load_strings(0,CRYPTO_str_functs);
|
||||
ERR_load_strings(0,CRYPTO_str_reasons);
|
||||
#endif
|
||||
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
@ -125,7 +125,7 @@ DECLARE_STACK_OF(CRYPTO_dynlock)
|
||||
IMPLEMENT_STACK_OF(CRYPTO_dynlock)
|
||||
|
||||
/* real #defines in crypto.h, keep these upto date */
|
||||
static const char* lock_names[CRYPTO_NUM_LOCKS] =
|
||||
static const char* const lock_names[CRYPTO_NUM_LOCKS] =
|
||||
{
|
||||
"<<ERROR>>",
|
||||
"err",
|
||||
|
@ -25,7 +25,7 @@ and then you can use the 'DES_PTR' option.
|
||||
|
||||
The file options.txt has the options listed for best speed on quite a
|
||||
few systems. Look and the options (UNROLL, PTR, RISC2 etc) and then
|
||||
turn on the relevent option in the Makefile
|
||||
turn on the relevant option in the Makefile.
|
||||
|
||||
There are some special Makefile targets that make life easier.
|
||||
make cc - standard cc build
|
||||
|
@ -67,5 +67,5 @@
|
||||
#define DES_version OSSL_DES_version
|
||||
#define libdes_version OSSL_libdes_version
|
||||
|
||||
OPENSSL_EXTERN const char *OSSL_DES_version; /* SSLeay version string */
|
||||
OPENSSL_EXTERN const char *OSSL_libdes_version; /* old libdes version string */
|
||||
OPENSSL_EXTERN const char OSSL_DES_version[]; /* SSLeay version string */
|
||||
OPENSSL_EXTERN const char OSSL_libdes_version[]; /* old libdes version string */
|
||||
|
@ -62,8 +62,8 @@
|
||||
#include <openssl/opensslv.h>
|
||||
#include <openssl/bio.h>
|
||||
|
||||
OPENSSL_GLOBAL const char *libdes_version="libdes" OPENSSL_VERSION_PTEXT;
|
||||
OPENSSL_GLOBAL const char *DES_version="DES" OPENSSL_VERSION_PTEXT;
|
||||
OPENSSL_GLOBAL const char libdes_version[]="libdes" OPENSSL_VERSION_PTEXT;
|
||||
OPENSSL_GLOBAL const char DES_version[]="DES" OPENSSL_VERSION_PTEXT;
|
||||
|
||||
const char *DES_options(void)
|
||||
{
|
||||
|
@ -93,15 +93,12 @@ static ERR_STRING_DATA DH_str_reasons[]=
|
||||
|
||||
void ERR_load_DH_strings(void)
|
||||
{
|
||||
static int init=1;
|
||||
|
||||
if (init)
|
||||
{
|
||||
init=0;
|
||||
#ifndef OPENSSL_NO_ERR
|
||||
|
||||
if (ERR_func_error_string(DH_str_functs[0].error) == NULL)
|
||||
{
|
||||
ERR_load_strings(0,DH_str_functs);
|
||||
ERR_load_strings(0,DH_str_reasons);
|
||||
#endif
|
||||
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
@ -64,7 +64,7 @@
|
||||
#include <openssl/engine.h>
|
||||
#endif
|
||||
|
||||
const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT;
|
||||
const char DH_version[]="Diffie-Hellman" OPENSSL_VERSION_PTEXT;
|
||||
|
||||
static const DH_METHOD *default_DH_method = NULL;
|
||||
|
||||
|
@ -100,15 +100,12 @@ static ERR_STRING_DATA DSA_str_reasons[]=
|
||||
|
||||
void ERR_load_DSA_strings(void)
|
||||
{
|
||||
static int init=1;
|
||||
|
||||
if (init)
|
||||
{
|
||||
init=0;
|
||||
#ifndef OPENSSL_NO_ERR
|
||||
|
||||
if (ERR_func_error_string(DSA_str_functs[0].error) == NULL)
|
||||
{
|
||||
ERR_load_strings(0,DSA_str_functs);
|
||||
ERR_load_strings(0,DSA_str_reasons);
|
||||
#endif
|
||||
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
@ -70,7 +70,7 @@
|
||||
#include <openssl/dh.h>
|
||||
#endif
|
||||
|
||||
const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT;
|
||||
const char DSA_version[]="DSA" OPENSSL_VERSION_PTEXT;
|
||||
|
||||
static const DSA_METHOD *default_DSA_method = NULL;
|
||||
|
||||
|
@ -136,15 +136,12 @@ static ERR_STRING_DATA DSO_str_reasons[]=
|
||||
|
||||
void ERR_load_DSO_strings(void)
|
||||
{
|
||||
static int init=1;
|
||||
|
||||
if (init)
|
||||
{
|
||||
init=0;
|
||||
#ifndef OPENSSL_NO_ERR
|
||||
|
||||
if (ERR_func_error_string(DSO_str_functs[0].error) == NULL)
|
||||
{
|
||||
ERR_load_strings(0,DSO_str_functs);
|
||||
ERR_load_strings(0,DSO_str_reasons);
|
||||
#endif
|
||||
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
@ -529,6 +529,8 @@ static int ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve)
|
||||
ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE);
|
||||
goto err;
|
||||
}
|
||||
curve->seed->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
|
||||
curve->seed->flags |= ASN1_STRING_FLAG_BITS_LEFT;
|
||||
if (!ASN1_BIT_STRING_set(curve->seed, group->seed,
|
||||
(int)group->seed_len))
|
||||
{
|
||||
@ -1291,6 +1293,8 @@ int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out)
|
||||
goto err;
|
||||
}
|
||||
|
||||
priv_key->publicKey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
|
||||
priv_key->publicKey->flags |= ASN1_STRING_FLAG_BITS_LEFT;
|
||||
if (!M_ASN1_BIT_STRING_set(priv_key->publicKey, buffer,
|
||||
buf_len))
|
||||
{
|
||||
|
@ -227,15 +227,12 @@ static ERR_STRING_DATA EC_str_reasons[]=
|
||||
|
||||
void ERR_load_EC_strings(void)
|
||||
{
|
||||
static int init=1;
|
||||
|
||||
if (init)
|
||||
{
|
||||
init=0;
|
||||
#ifndef OPENSSL_NO_ERR
|
||||
|
||||
if (ERR_func_error_string(EC_str_functs[0].error) == NULL)
|
||||
{
|
||||
ERR_load_strings(0,EC_str_functs);
|
||||
ERR_load_strings(0,EC_str_reasons);
|
||||
#endif
|
||||
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
@ -71,7 +71,7 @@
|
||||
static ERR_STRING_DATA ECDH_str_functs[]=
|
||||
{
|
||||
{ERR_FUNC(ECDH_F_ECDH_COMPUTE_KEY), "ECDH_compute_key"},
|
||||
{ERR_FUNC(ECDH_F_ECDH_DATA_NEW_METHOD), "ECDH_DATA_new_method"},
|
||||
{ERR_FUNC(ECDH_F_ECDH_DATA_NEW_METHOD), "ECDH_DATA_NEW_METHOD"},
|
||||
{0,NULL}
|
||||
};
|
||||
|
||||
@ -87,15 +87,12 @@ static ERR_STRING_DATA ECDH_str_reasons[]=
|
||||
|
||||
void ERR_load_ECDH_strings(void)
|
||||
{
|
||||
static int init=1;
|
||||
|
||||
if (init)
|
||||
{
|
||||
init=0;
|
||||
#ifndef OPENSSL_NO_ERR
|
||||
|
||||
if (ERR_func_error_string(ECDH_str_functs[0].error) == NULL)
|
||||
{
|
||||
ERR_load_strings(0,ECDH_str_functs);
|
||||
ERR_load_strings(0,ECDH_str_reasons);
|
||||
#endif
|
||||
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
@ -74,7 +74,7 @@
|
||||
#endif
|
||||
#include <openssl/err.h>
|
||||
|
||||
const char *ECDH_version="ECDH" OPENSSL_VERSION_PTEXT;
|
||||
const char ECDH_version[]="ECDH" OPENSSL_VERSION_PTEXT;
|
||||
|
||||
static const ECDH_METHOD *default_ECDH_method = NULL;
|
||||
|
||||
|
@ -261,6 +261,7 @@ void ERR_load_ECDSA_strings(void);
|
||||
#define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 101
|
||||
#define ECDSA_R_ERR_EC_LIB 102
|
||||
#define ECDSA_R_MISSING_PARAMETERS 103
|
||||
#define ECDSA_R_NEED_NEW_SETUP_VALUES 106
|
||||
#define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 104
|
||||
#define ECDSA_R_SIGNATURE_MALLOC_FAILED 105
|
||||
|
||||
|
@ -70,7 +70,7 @@
|
||||
|
||||
static ERR_STRING_DATA ECDSA_str_functs[]=
|
||||
{
|
||||
{ERR_FUNC(ECDSA_F_ECDSA_DATA_NEW_METHOD), "ECDSA_DATA_new_method"},
|
||||
{ERR_FUNC(ECDSA_F_ECDSA_DATA_NEW_METHOD), "ECDSA_DATA_NEW_METHOD"},
|
||||
{ERR_FUNC(ECDSA_F_ECDSA_DO_SIGN), "ECDSA_do_sign"},
|
||||
{ERR_FUNC(ECDSA_F_ECDSA_DO_VERIFY), "ECDSA_do_verify"},
|
||||
{ERR_FUNC(ECDSA_F_ECDSA_SIGN_SETUP), "ECDSA_sign_setup"},
|
||||
@ -83,6 +83,7 @@ static ERR_STRING_DATA ECDSA_str_reasons[]=
|
||||
{ERR_REASON(ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"},
|
||||
{ERR_REASON(ECDSA_R_ERR_EC_LIB) ,"err ec lib"},
|
||||
{ERR_REASON(ECDSA_R_MISSING_PARAMETERS) ,"missing parameters"},
|
||||
{ERR_REASON(ECDSA_R_NEED_NEW_SETUP_VALUES),"need new setup values"},
|
||||
{ERR_REASON(ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED),"random number generation failed"},
|
||||
{ERR_REASON(ECDSA_R_SIGNATURE_MALLOC_FAILED),"signature malloc failed"},
|
||||
{0,NULL}
|
||||
@ -92,15 +93,12 @@ static ERR_STRING_DATA ECDSA_str_reasons[]=
|
||||
|
||||
void ERR_load_ECDSA_strings(void)
|
||||
{
|
||||
static int init=1;
|
||||
|
||||
if (init)
|
||||
{
|
||||
init=0;
|
||||
#ifndef OPENSSL_NO_ERR
|
||||
|
||||
if (ERR_func_error_string(ECDSA_str_functs[0].error) == NULL)
|
||||
{
|
||||
ERR_load_strings(0,ECDSA_str_functs);
|
||||
ERR_load_strings(0,ECDSA_str_reasons);
|
||||
#endif
|
||||
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
@ -61,7 +61,7 @@
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/bn.h>
|
||||
|
||||
const char *ECDSA_version="ECDSA" OPENSSL_VERSION_PTEXT;
|
||||
const char ECDSA_version[]="ECDSA" OPENSSL_VERSION_PTEXT;
|
||||
|
||||
static const ECDSA_METHOD *default_ECDSA_method = NULL;
|
||||
|
||||
|
@ -299,8 +299,21 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
|
||||
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
|
||||
goto err;
|
||||
}
|
||||
if (BN_is_zero(s))
|
||||
{
|
||||
/* if kinv and r have been supplied by the caller
|
||||
* don't to generate new kinv and r values */
|
||||
if (in_kinv != NULL && in_r != NULL)
|
||||
{
|
||||
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_NEED_NEW_SETUP_VALUES);
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
else
|
||||
/* s != 0 => we have a valid signature */
|
||||
break;
|
||||
}
|
||||
while (BN_is_zero(s));
|
||||
while (1);
|
||||
|
||||
ok = 1;
|
||||
err:
|
||||
|
@ -157,15 +157,12 @@ static ERR_STRING_DATA ENGINE_str_reasons[]=
|
||||
|
||||
void ERR_load_ENGINE_strings(void)
|
||||
{
|
||||
static int init=1;
|
||||
|
||||
if (init)
|
||||
{
|
||||
init=0;
|
||||
#ifndef OPENSSL_NO_ERR
|
||||
|
||||
if (ERR_func_error_string(ENGINE_str_functs[0].error) == NULL)
|
||||
{
|
||||
ERR_load_strings(0,ENGINE_str_functs);
|
||||
ERR_load_strings(0,ENGINE_str_reasons);
|
||||
#endif
|
||||
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
@ -107,7 +107,7 @@ int ENGINE_set_default_ECDH(ENGINE *e)
|
||||
{
|
||||
if(e->ecdh_meth)
|
||||
return engine_table_register(&ecdh_table,
|
||||
engine_unregister_all_ECDH, e, &dummy_nid, 1, 0);
|
||||
engine_unregister_all_ECDH, e, &dummy_nid, 1, 1);
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
@ -92,7 +92,7 @@ int ENGINE_set_default_ECDSA(ENGINE *e)
|
||||
{
|
||||
if(e->ecdsa_meth)
|
||||
return engine_table_register(&ecdsa_table,
|
||||
engine_unregister_all_ECDSA, e, &dummy_nid, 1, 0);
|
||||
engine_unregister_all_ECDSA, e, &dummy_nid, 1, 1);
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
@ -200,6 +200,12 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr)
|
||||
else
|
||||
ret=0;
|
||||
break;
|
||||
case BIO_C_SET_MD_CTX:
|
||||
if (b->init)
|
||||
b->ptr=ptr;
|
||||
else
|
||||
ret=0;
|
||||
break;
|
||||
case BIO_C_DO_STATE_MACHINE:
|
||||
BIO_clear_retry_flags(b);
|
||||
ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
|
||||
|
@ -66,7 +66,7 @@
|
||||
#endif
|
||||
#include "evp_locl.h"
|
||||
|
||||
const char *EVP_version="EVP" OPENSSL_VERSION_PTEXT;
|
||||
const char EVP_version[]="EVP" OPENSSL_VERSION_PTEXT;
|
||||
|
||||
void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
|
||||
{
|
||||
|
@ -163,15 +163,12 @@ static ERR_STRING_DATA EVP_str_reasons[]=
|
||||
|
||||
void ERR_load_EVP_strings(void)
|
||||
{
|
||||
static int init=1;
|
||||
|
||||
if (init)
|
||||
{
|
||||
init=0;
|
||||
#ifndef OPENSSL_NO_ERR
|
||||
|
||||
if (ERR_func_error_string(EVP_str_functs[0].error) == NULL)
|
||||
{
|
||||
ERR_load_strings(0,EVP_str_functs);
|
||||
ERR_load_strings(0,EVP_str_reasons);
|
||||
#endif
|
||||
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
@ -168,3 +168,112 @@ int EVP_CIPHER_type(const EVP_CIPHER *ctx)
|
||||
}
|
||||
}
|
||||
|
||||
int EVP_CIPHER_block_size(const EVP_CIPHER *e)
|
||||
{
|
||||
return e->block_size;
|
||||
}
|
||||
|
||||
int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
|
||||
{
|
||||
return ctx->cipher->block_size;
|
||||
}
|
||||
|
||||
int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl)
|
||||
{
|
||||
return ctx->cipher->do_cipher(ctx,out,in,inl);
|
||||
}
|
||||
|
||||
const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx)
|
||||
{
|
||||
return ctx->cipher;
|
||||
}
|
||||
|
||||
unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher)
|
||||
{
|
||||
return cipher->flags;
|
||||
}
|
||||
|
||||
unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx)
|
||||
{
|
||||
return ctx->cipher->flags;
|
||||
}
|
||||
|
||||
void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx)
|
||||
{
|
||||
return ctx->app_data;
|
||||
}
|
||||
|
||||
void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data)
|
||||
{
|
||||
ctx->app_data = data;
|
||||
}
|
||||
|
||||
int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher)
|
||||
{
|
||||
return cipher->iv_len;
|
||||
}
|
||||
|
||||
int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
|
||||
{
|
||||
return ctx->cipher->iv_len;
|
||||
}
|
||||
|
||||
int EVP_CIPHER_key_length(const EVP_CIPHER *cipher)
|
||||
{
|
||||
return cipher->key_len;
|
||||
}
|
||||
|
||||
int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
|
||||
{
|
||||
return ctx->cipher->key_len;
|
||||
}
|
||||
|
||||
int EVP_CIPHER_nid(const EVP_CIPHER *cipher)
|
||||
{
|
||||
return cipher->nid;
|
||||
}
|
||||
|
||||
int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx)
|
||||
{
|
||||
return ctx->cipher->nid;
|
||||
}
|
||||
|
||||
int EVP_MD_block_size(const EVP_MD *md)
|
||||
{
|
||||
return md->block_size;
|
||||
}
|
||||
|
||||
int EVP_MD_type(const EVP_MD *md)
|
||||
{
|
||||
return md->type;
|
||||
}
|
||||
|
||||
int EVP_MD_pkey_type(const EVP_MD *md)
|
||||
{
|
||||
return md->pkey_type;
|
||||
}
|
||||
|
||||
int EVP_MD_size(const EVP_MD *md)
|
||||
{
|
||||
return md->md_size;
|
||||
}
|
||||
|
||||
const EVP_MD * EVP_MD_CTX_md(const EVP_MD_CTX *ctx)
|
||||
{
|
||||
return ctx->digest;
|
||||
}
|
||||
|
||||
void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags)
|
||||
{
|
||||
ctx->flags |= flags;
|
||||
}
|
||||
|
||||
void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags)
|
||||
{
|
||||
ctx->flags &= ~flags;
|
||||
}
|
||||
|
||||
int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags)
|
||||
{
|
||||
return (ctx->flags & flags);
|
||||
}
|
||||
|
@ -65,7 +65,7 @@
|
||||
bl = ctx->cipher->block_size;\
|
||||
if(inl < bl) return 1;\
|
||||
inl -= bl; \
|
||||
for(i=0; i <= inl; i+=bl) \
|
||||
for(i=0; i <= inl; i+=bl)
|
||||
|
||||
#define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
|
||||
static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
|
||||
|
@ -100,7 +100,7 @@
|
||||
#include <openssl/crypto.h>
|
||||
#include <openssl/lhash.h>
|
||||
|
||||
const char *lh_version="lhash" OPENSSL_VERSION_PTEXT;
|
||||
const char lh_version[]="lhash" OPENSSL_VERSION_PTEXT;
|
||||
|
||||
#undef MIN_NODES
|
||||
#define MIN_NODES 16
|
||||
|
@ -63,6 +63,7 @@
|
||||
#ifdef OPENSSL_NO_MD2
|
||||
#error MD2 is disabled.
|
||||
#endif
|
||||
#include <stddef.h>
|
||||
|
||||
#define MD2_DIGEST_LENGTH 16
|
||||
#define MD2_BLOCK 16
|
||||
|
@ -63,7 +63,7 @@
|
||||
#include <openssl/opensslv.h>
|
||||
#include <openssl/crypto.h>
|
||||
|
||||
const char *MD2_version="MD2" OPENSSL_VERSION_PTEXT;
|
||||
const char MD2_version[]="MD2" OPENSSL_VERSION_PTEXT;
|
||||
|
||||
/* Implemented from RFC1319 The MD2 Message-Digest Algorithm
|
||||
*/
|
||||
|
@ -60,6 +60,7 @@
|
||||
#define HEADER_MD4_H
|
||||
|
||||
#include <openssl/e_os2.h>
|
||||
#include <stddef.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
|
@ -60,7 +60,7 @@
|
||||
#include "md4_locl.h"
|
||||
#include <openssl/opensslv.h>
|
||||
|
||||
const char *MD4_version="MD4" OPENSSL_VERSION_PTEXT;
|
||||
const char MD4_version[]="MD4" OPENSSL_VERSION_PTEXT;
|
||||
|
||||
/* Implemented from RFC1186 The MD4 Message-Digest Algorithm
|
||||
*/
|
||||
|
@ -60,6 +60,7 @@
|
||||
#define HEADER_MD5_H
|
||||
|
||||
#include <openssl/e_os2.h>
|
||||
#include <stddef.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
|
@ -60,7 +60,7 @@
|
||||
#include "md5_locl.h"
|
||||
#include <openssl/opensslv.h>
|
||||
|
||||
const char *MD5_version="MD5" OPENSSL_VERSION_PTEXT;
|
||||
const char MD5_version[]="MD5" OPENSSL_VERSION_PTEXT;
|
||||
|
||||
/* Implemented from RFC1321 The MD5 Message-Digest Algorithm
|
||||
*/
|
||||
|
@ -62,12 +62,12 @@
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
#define NUM_NID 769
|
||||
#define NUM_SN 765
|
||||
#define NUM_LN 765
|
||||
#define NUM_OBJ 721
|
||||
#define NUM_NID 772
|
||||
#define NUM_SN 768
|
||||
#define NUM_LN 768
|
||||
#define NUM_OBJ 724
|
||||
|
||||
static unsigned char lvalues[5107]={
|
||||
static unsigned char lvalues[5116]={
|
||||
0x00, /* [ 0] OBJ_undef */
|
||||
0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */
|
||||
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */
|
||||
@ -789,6 +789,9 @@ static unsigned char lvalues[5107]={
|
||||
0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x03, /* [5082] OBJ_camellia_128_ofb128 */
|
||||
0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x17, /* [5090] OBJ_camellia_192_ofb128 */
|
||||
0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2B, /* [5098] OBJ_camellia_256_ofb128 */
|
||||
0x55,0x1D,0x09, /* [5106] OBJ_subject_directory_attributes */
|
||||
0x55,0x1D,0x1C, /* [5109] OBJ_issuing_distribution_point */
|
||||
0x55,0x1D,0x1D, /* [5112] OBJ_certificate_issuer */
|
||||
};
|
||||
|
||||
static ASN1_OBJECT nid_objs[NUM_NID]={
|
||||
@ -1987,6 +1990,12 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
|
||||
&(lvalues[5090]),0},
|
||||
{"CAMELLIA-256-OFB","camellia-256-ofb",NID_camellia_256_ofb128,8,
|
||||
&(lvalues[5098]),0},
|
||||
{"subjectDirectoryAttributes","X509v3 Subject Directory Attributes",
|
||||
NID_subject_directory_attributes,3,&(lvalues[5106]),0},
|
||||
{"issuingDistributionPoint","X509v3 Issuing Distrubution Point",
|
||||
NID_issuing_distribution_point,3,&(lvalues[5109]),0},
|
||||
{"certificateIssuer","X509v3 Certificate Issuer",
|
||||
NID_certificate_issuer,3,&(lvalues[5112]),0},
|
||||
};
|
||||
|
||||
static ASN1_OBJECT *sn_objs[NUM_SN]={
|
||||
@ -2203,6 +2212,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
|
||||
&(nid_objs[443]),/* "caseIgnoreIA5StringSyntax" */
|
||||
&(nid_objs[152]),/* "certBag" */
|
||||
&(nid_objs[677]),/* "certicom-arc" */
|
||||
&(nid_objs[771]),/* "certificateIssuer" */
|
||||
&(nid_objs[89]),/* "certificatePolicies" */
|
||||
&(nid_objs[54]),/* "challengePassword" */
|
||||
&(nid_objs[407]),/* "characteristic-two-field" */
|
||||
@ -2442,6 +2452,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
|
||||
&(nid_objs[295]),/* "ipsecTunnel" */
|
||||
&(nid_objs[296]),/* "ipsecUser" */
|
||||
&(nid_objs[86]),/* "issuerAltName" */
|
||||
&(nid_objs[770]),/* "issuingDistributionPoint" */
|
||||
&(nid_objs[492]),/* "janetMailbox" */
|
||||
&(nid_objs[150]),/* "keyBag" */
|
||||
&(nid_objs[83]),/* "keyUsage" */
|
||||
@ -2723,6 +2734,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
|
||||
&(nid_objs[387]),/* "snmpv2" */
|
||||
&(nid_objs[660]),/* "streetAddress" */
|
||||
&(nid_objs[85]),/* "subjectAltName" */
|
||||
&(nid_objs[769]),/* "subjectDirectoryAttributes" */
|
||||
&(nid_objs[398]),/* "subjectInfoAccess" */
|
||||
&(nid_objs[82]),/* "subjectKeyIdentifier" */
|
||||
&(nid_objs[498]),/* "subtreeMaximumQuality" */
|
||||
@ -2852,11 +2864,13 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
|
||||
&(nid_objs[103]),/* "X509v3 CRL Distribution Points" */
|
||||
&(nid_objs[88]),/* "X509v3 CRL Number" */
|
||||
&(nid_objs[141]),/* "X509v3 CRL Reason Code" */
|
||||
&(nid_objs[771]),/* "X509v3 Certificate Issuer" */
|
||||
&(nid_objs[89]),/* "X509v3 Certificate Policies" */
|
||||
&(nid_objs[140]),/* "X509v3 Delta CRL Indicator" */
|
||||
&(nid_objs[126]),/* "X509v3 Extended Key Usage" */
|
||||
&(nid_objs[748]),/* "X509v3 Inhibit Any Policy" */
|
||||
&(nid_objs[86]),/* "X509v3 Issuer Alternative Name" */
|
||||
&(nid_objs[770]),/* "X509v3 Issuing Distrubution Point" */
|
||||
&(nid_objs[83]),/* "X509v3 Key Usage" */
|
||||
&(nid_objs[666]),/* "X509v3 Name Constraints" */
|
||||
&(nid_objs[403]),/* "X509v3 No Revocation Available" */
|
||||
@ -2864,6 +2878,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
|
||||
&(nid_objs[747]),/* "X509v3 Policy Mappings" */
|
||||
&(nid_objs[84]),/* "X509v3 Private Key Usage Period" */
|
||||
&(nid_objs[85]),/* "X509v3 Subject Alternative Name" */
|
||||
&(nid_objs[769]),/* "X509v3 Subject Directory Attributes" */
|
||||
&(nid_objs[82]),/* "X509v3 Subject Key Identifier" */
|
||||
&(nid_objs[184]),/* "X9.57" */
|
||||
&(nid_objs[185]),/* "X9.57 CM ?" */
|
||||
@ -3569,6 +3584,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
|
||||
&(nid_objs[174]),/* OBJ_dnQualifier 2 5 4 46 */
|
||||
&(nid_objs[510]),/* OBJ_pseudonym 2 5 4 65 */
|
||||
&(nid_objs[400]),/* OBJ_role 2 5 4 72 */
|
||||
&(nid_objs[769]),/* OBJ_subject_directory_attributes 2 5 29 9 */
|
||||
&(nid_objs[82]),/* OBJ_subject_key_identifier 2 5 29 14 */
|
||||
&(nid_objs[83]),/* OBJ_key_usage 2 5 29 15 */
|
||||
&(nid_objs[84]),/* OBJ_private_key_usage_period 2 5 29 16 */
|
||||
@ -3580,6 +3596,8 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
|
||||
&(nid_objs[430]),/* OBJ_hold_instruction_code 2 5 29 23 */
|
||||
&(nid_objs[142]),/* OBJ_invalidity_date 2 5 29 24 */
|
||||
&(nid_objs[140]),/* OBJ_delta_crl 2 5 29 27 */
|
||||
&(nid_objs[770]),/* OBJ_issuing_distribution_point 2 5 29 28 */
|
||||
&(nid_objs[771]),/* OBJ_certificate_issuer 2 5 29 29 */
|
||||
&(nid_objs[666]),/* OBJ_name_constraints 2 5 29 30 */
|
||||
&(nid_objs[103]),/* OBJ_crl_distribution_points 2 5 29 31 */
|
||||
&(nid_objs[89]),/* OBJ_certificate_policies 2 5 29 32 */
|
||||
|
@ -91,15 +91,12 @@ static ERR_STRING_DATA OBJ_str_reasons[]=
|
||||
|
||||
void ERR_load_OBJ_strings(void)
|
||||
{
|
||||
static int init=1;
|
||||
|
||||
if (init)
|
||||
{
|
||||
init=0;
|
||||
#ifndef OPENSSL_NO_ERR
|
||||
|
||||
if (ERR_func_error_string(OBJ_str_functs[0].error) == NULL)
|
||||
{
|
||||
ERR_load_strings(0,OBJ_str_functs);
|
||||
ERR_load_strings(0,OBJ_str_reasons);
|
||||
#endif
|
||||
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
@ -2044,6 +2044,11 @@
|
||||
#define NID_id_ce 81
|
||||
#define OBJ_id_ce OBJ_X500,29L
|
||||
|
||||
#define SN_subject_directory_attributes "subjectDirectoryAttributes"
|
||||
#define LN_subject_directory_attributes "X509v3 Subject Directory Attributes"
|
||||
#define NID_subject_directory_attributes 769
|
||||
#define OBJ_subject_directory_attributes OBJ_id_ce,9L
|
||||
|
||||
#define SN_subject_key_identifier "subjectKeyIdentifier"
|
||||
#define LN_subject_key_identifier "X509v3 Subject Key Identifier"
|
||||
#define NID_subject_key_identifier 82
|
||||
@ -2094,6 +2099,16 @@
|
||||
#define NID_delta_crl 140
|
||||
#define OBJ_delta_crl OBJ_id_ce,27L
|
||||
|
||||
#define SN_issuing_distribution_point "issuingDistributionPoint"
|
||||
#define LN_issuing_distribution_point "X509v3 Issuing Distrubution Point"
|
||||
#define NID_issuing_distribution_point 770
|
||||
#define OBJ_issuing_distribution_point OBJ_id_ce,28L
|
||||
|
||||
#define SN_certificate_issuer "certificateIssuer"
|
||||
#define LN_certificate_issuer "X509v3 Certificate Issuer"
|
||||
#define NID_certificate_issuer 771
|
||||
#define OBJ_certificate_issuer OBJ_id_ce,29L
|
||||
|
||||
#define SN_name_constraints "nameConstraints"
|
||||
#define LN_name_constraints "X509v3 Name Constraints"
|
||||
#define NID_name_constraints 666
|
||||
|
@ -766,3 +766,6 @@ camellia_256_cfb8 765
|
||||
camellia_128_ofb128 766
|
||||
camellia_192_ofb128 767
|
||||
camellia_256_ofb128 768
|
||||
subject_directory_attributes 769
|
||||
issuing_distribution_point 770
|
||||
certificate_issuer 771
|
||||
|
@ -657,6 +657,8 @@ X500algorithms 3 100 : RSA-MDC2 : mdc2WithRSA
|
||||
X500algorithms 3 101 : MDC2 : mdc2
|
||||
|
||||
X500 29 : id-ce
|
||||
!Cname subject-directory-attributes
|
||||
id-ce 9 : subjectDirectoryAttributes : X509v3 Subject Directory Attributes
|
||||
!Cname subject-key-identifier
|
||||
id-ce 14 : subjectKeyIdentifier : X509v3 Subject Key Identifier
|
||||
!Cname key-usage
|
||||
@ -677,6 +679,10 @@ id-ce 21 : CRLReason : X509v3 CRL Reason Code
|
||||
id-ce 24 : invalidityDate : Invalidity Date
|
||||
!Cname delta-crl
|
||||
id-ce 27 : deltaCRL : X509v3 Delta CRL Indicator
|
||||
!Cname issuing-distribution-point
|
||||
id-ce 28 : issuingDistributionPoint : X509v3 Issuing Distrubution Point
|
||||
!Cname certificate-issuer
|
||||
id-ce 29 : certificateIssuer : X509v3 Certificate Issuer
|
||||
!Cname name-constraints
|
||||
id-ce 30 : nameConstraints : X509v3 Name Constraints
|
||||
!Cname crl-distribution-points
|
||||
|
@ -62,7 +62,7 @@
|
||||
ASN1_SEQUENCE(OCSP_SIGNATURE) = {
|
||||
ASN1_SIMPLE(OCSP_SIGNATURE, signatureAlgorithm, X509_ALGOR),
|
||||
ASN1_SIMPLE(OCSP_SIGNATURE, signature, ASN1_BIT_STRING),
|
||||
ASN1_EXP_SEQUENCE_OF(OCSP_SIGNATURE, certs, X509, 0)
|
||||
ASN1_EXP_SEQUENCE_OF_OPT(OCSP_SIGNATURE, certs, X509, 0)
|
||||
} ASN1_SEQUENCE_END(OCSP_SIGNATURE)
|
||||
|
||||
IMPLEMENT_ASN1_FUNCTIONS(OCSP_SIGNATURE)
|
||||
|
@ -129,15 +129,12 @@ static ERR_STRING_DATA OCSP_str_reasons[]=
|
||||
|
||||
void ERR_load_OCSP_strings(void)
|
||||
{
|
||||
static int init=1;
|
||||
|
||||
if (init)
|
||||
{
|
||||
init=0;
|
||||
#ifndef OPENSSL_NO_ERR
|
||||
|
||||
if (ERR_func_error_string(OCSP_str_functs[0].error) == NULL)
|
||||
{
|
||||
ERR_load_strings(0,OCSP_str_functs);
|
||||
ERR_load_strings(0,OCSP_str_reasons);
|
||||
#endif
|
||||
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
@ -367,7 +367,7 @@ int OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs, X509_STORE *st
|
||||
return 0;
|
||||
}
|
||||
gen = req->tbsRequest->requestorName;
|
||||
if (gen->type != GEN_DIRNAME)
|
||||
if (!gen || gen->type != GEN_DIRNAME)
|
||||
{
|
||||
OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY, OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE);
|
||||
return 0;
|
||||
|
@ -19,6 +19,9 @@
|
||||
#ifndef OPENSSL_NO_RC5
|
||||
# define OPENSSL_NO_RC5
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_RFC3779
|
||||
# define OPENSSL_NO_RFC3779
|
||||
#endif
|
||||
|
||||
#endif /* OPENSSL_DOING_MAKEDEPEND */
|
||||
#ifndef OPENSSL_NO_DYNAMIC_ENGINE
|
||||
@ -45,6 +48,9 @@
|
||||
# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5)
|
||||
# define NO_RC5
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779)
|
||||
# define NO_RFC3779
|
||||
# endif
|
||||
#endif
|
||||
|
||||
/* crypto/opensslconf.h.in */
|
||||
|
@ -25,11 +25,11 @@
|
||||
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
|
||||
* major minor fix final patch/beta)
|
||||
*/
|
||||
#define OPENSSL_VERSION_NUMBER 0x0090804f
|
||||
#define OPENSSL_VERSION_NUMBER 0x0090805fL
|
||||
#ifdef OPENSSL_FIPS
|
||||
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8d-fips 28 Sep 2006"
|
||||
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8e-fips 23 Feb 2007"
|
||||
#else
|
||||
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8d 28 Sep 2006"
|
||||
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8e 23 Feb 2007"
|
||||
#endif
|
||||
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
|
||||
|
||||
|
@ -221,7 +221,7 @@ typedef struct pem_ctx_st
|
||||
type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\
|
||||
{ \
|
||||
return(((type *(*)(D2I_OF(type),char *,FILE *,type **,pem_password_cb *,void *))openssl_fcast(PEM_ASN1_read))(d2i_##asn1, str,fp,x,cb,u)); \
|
||||
} \
|
||||
}
|
||||
|
||||
#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \
|
||||
int PEM_write_##name(FILE *fp, type *x) \
|
||||
|
@ -124,15 +124,12 @@ static ERR_STRING_DATA PEM_str_reasons[]=
|
||||
|
||||
void ERR_load_PEM_strings(void)
|
||||
{
|
||||
static int init=1;
|
||||
|
||||
if (init)
|
||||
{
|
||||
init=0;
|
||||
#ifndef OPENSSL_NO_ERR
|
||||
|
||||
if (ERR_func_error_string(PEM_str_functs[0].error) == NULL)
|
||||
{
|
||||
ERR_load_strings(0,PEM_str_functs);
|
||||
ERR_load_strings(0,PEM_str_reasons);
|
||||
#endif
|
||||
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
@ -69,7 +69,7 @@
|
||||
#include <openssl/des.h>
|
||||
#endif
|
||||
|
||||
const char *PEM_version="PEM" OPENSSL_VERSION_PTEXT;
|
||||
const char PEM_version[]="PEM" OPENSSL_VERSION_PTEXT;
|
||||
|
||||
#define MIN_LENGTH 4
|
||||
|
||||
@ -579,6 +579,7 @@ int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data,
|
||||
}
|
||||
EVP_EncodeFinal(&ctx,buf,&outl);
|
||||
if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err;
|
||||
OPENSSL_cleanse(buf, PEM_BUFSIZE*8);
|
||||
OPENSSL_free(buf);
|
||||
buf = NULL;
|
||||
if ( (BIO_write(bp,"-----END ",9) != 9) ||
|
||||
@ -587,8 +588,10 @@ int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data,
|
||||
goto err;
|
||||
return(i+outl);
|
||||
err:
|
||||
if (buf)
|
||||
if (buf) {
|
||||
OPENSSL_cleanse(buf, PEM_BUFSIZE*8);
|
||||
OPENSSL_free(buf);
|
||||
}
|
||||
PEMerr(PEM_F_PEM_WRITE_BIO,reason);
|
||||
return(0);
|
||||
}
|
||||
|
@ -125,6 +125,7 @@ p8err:
|
||||
PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY,ERR_R_ASN1_LIB);
|
||||
err:
|
||||
OPENSSL_free(nm);
|
||||
OPENSSL_cleanse(data, len);
|
||||
OPENSSL_free(data);
|
||||
return(ret);
|
||||
}
|
||||
|
@ -133,15 +133,12 @@ static ERR_STRING_DATA PKCS12_str_reasons[]=
|
||||
|
||||
void ERR_load_PKCS12_strings(void)
|
||||
{
|
||||
static int init=1;
|
||||
|
||||
if (init)
|
||||
{
|
||||
init=0;
|
||||
#ifndef OPENSSL_NO_ERR
|
||||
|
||||
if (ERR_func_error_string(PKCS12_str_functs[0].error) == NULL)
|
||||
{
|
||||
ERR_load_strings(0,PKCS12_str_functs);
|
||||
ERR_load_strings(0,PKCS12_str_reasons);
|
||||
#endif
|
||||
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
@ -217,7 +217,9 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
|
||||
keylen=EVP_CIPHER_key_length(evp_cipher);
|
||||
ivlen=EVP_CIPHER_iv_length(evp_cipher);
|
||||
xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher));
|
||||
if (ivlen > 0) RAND_pseudo_bytes(iv,ivlen);
|
||||
if (ivlen > 0)
|
||||
if (RAND_pseudo_bytes(iv,ivlen) <= 0)
|
||||
goto err;
|
||||
if (EVP_CipherInit_ex(ctx, evp_cipher, NULL, NULL, NULL, 1)<=0)
|
||||
goto err;
|
||||
if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
|
||||
@ -226,10 +228,13 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
|
||||
goto err;
|
||||
|
||||
if (ivlen > 0) {
|
||||
if (xalg->parameter == NULL)
|
||||
xalg->parameter=ASN1_TYPE_new();
|
||||
if (xalg->parameter == NULL) {
|
||||
xalg->parameter = ASN1_TYPE_new();
|
||||
if (xalg->parameter == NULL)
|
||||
goto err;
|
||||
}
|
||||
if(EVP_CIPHER_param_to_asn1(ctx, xalg->parameter) < 0)
|
||||
goto err;
|
||||
goto err;
|
||||
}
|
||||
|
||||
/* Lets do the pub key stuff :-) */
|
||||
@ -242,7 +247,8 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
|
||||
PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_MISSING_CERIPEND_INFO);
|
||||
goto err;
|
||||
}
|
||||
pkey=X509_get_pubkey(ri->cert);
|
||||
if ((pkey=X509_get_pubkey(ri->cert)) == NULL)
|
||||
goto err;
|
||||
jj=EVP_PKEY_size(pkey);
|
||||
EVP_PKEY_free(pkey);
|
||||
if (max < jj) max=jj;
|
||||
@ -255,7 +261,8 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
|
||||
for (i=0; i<sk_PKCS7_RECIP_INFO_num(rsk); i++)
|
||||
{
|
||||
ri=sk_PKCS7_RECIP_INFO_value(rsk,i);
|
||||
pkey=X509_get_pubkey(ri->cert);
|
||||
if ((pkey=X509_get_pubkey(ri->cert)) == NULL)
|
||||
goto err;
|
||||
jj=EVP_PKEY_encrypt(tmp,key,keylen,pkey);
|
||||
EVP_PKEY_free(pkey);
|
||||
if (jj <= 0)
|
||||
@ -291,6 +298,8 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
|
||||
if(bio == NULL)
|
||||
{
|
||||
bio=BIO_new(BIO_s_mem());
|
||||
if (bio == NULL)
|
||||
goto err;
|
||||
BIO_set_mem_eof_return(bio,0);
|
||||
}
|
||||
}
|
||||
@ -541,6 +550,8 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
|
||||
bio=BIO_new(BIO_s_mem());
|
||||
BIO_set_mem_eof_return(bio,0);
|
||||
}
|
||||
if (bio == NULL)
|
||||
goto err;
|
||||
#endif
|
||||
}
|
||||
BIO_push(out,bio);
|
||||
@ -695,9 +706,13 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
|
||||
ERR_R_MALLOC_FAILURE);
|
||||
goto err;
|
||||
}
|
||||
PKCS7_add_signed_attribute(si,
|
||||
if (!PKCS7_add_signed_attribute(si,
|
||||
NID_pkcs9_signingTime,
|
||||
V_ASN1_UTCTIME,sign_time);
|
||||
V_ASN1_UTCTIME,sign_time))
|
||||
{
|
||||
M_ASN1_UTCTIME_free(sign_time);
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
|
||||
/* Add digest */
|
||||
@ -714,11 +729,16 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
|
||||
{
|
||||
PKCS7err(PKCS7_F_PKCS7_DATAFINAL,
|
||||
ERR_R_MALLOC_FAILURE);
|
||||
M_ASN1_OCTET_STRING_free(digest);
|
||||
goto err;
|
||||
}
|
||||
PKCS7_add_signed_attribute(si,
|
||||
if (!PKCS7_add_signed_attribute(si,
|
||||
NID_pkcs9_messageDigest,
|
||||
V_ASN1_OCTET_STRING,digest);
|
||||
V_ASN1_OCTET_STRING,digest))
|
||||
{
|
||||
M_ASN1_OCTET_STRING_free(digest);
|
||||
goto err;
|
||||
}
|
||||
|
||||
/* Now sign the attributes */
|
||||
EVP_SignInit_ex(&ctx_tmp,md_tmp,NULL);
|
||||
@ -976,8 +996,13 @@ PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx)
|
||||
int i;
|
||||
|
||||
i=OBJ_obj2nid(p7->type);
|
||||
if (i != NID_pkcs7_signedAndEnveloped) return(NULL);
|
||||
if (i != NID_pkcs7_signedAndEnveloped)
|
||||
return NULL;
|
||||
if (p7->d.signed_and_enveloped == NULL)
|
||||
return NULL;
|
||||
rsk=p7->d.signed_and_enveloped->recipientinfo;
|
||||
if (rsk == NULL)
|
||||
return NULL;
|
||||
ri=sk_PKCS7_RECIP_INFO_value(rsk,0);
|
||||
if (sk_PKCS7_RECIP_INFO_num(rsk) <= idx) return(NULL);
|
||||
ri=sk_PKCS7_RECIP_INFO_value(rsk,idx);
|
||||
@ -1031,6 +1056,8 @@ int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,
|
||||
if (p7si->auth_attr != NULL)
|
||||
sk_X509_ATTRIBUTE_pop_free(p7si->auth_attr,X509_ATTRIBUTE_free);
|
||||
p7si->auth_attr=sk_X509_ATTRIBUTE_dup(sk);
|
||||
if (p7si->auth_attr == NULL)
|
||||
return 0;
|
||||
for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++)
|
||||
{
|
||||
if ((sk_X509_ATTRIBUTE_set(p7si->auth_attr,i,
|
||||
@ -1049,6 +1076,8 @@ int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si, STACK_OF(X509_ATTRIBUTE) *sk)
|
||||
sk_X509_ATTRIBUTE_pop_free(p7si->unauth_attr,
|
||||
X509_ATTRIBUTE_free);
|
||||
p7si->unauth_attr=sk_X509_ATTRIBUTE_dup(sk);
|
||||
if (p7si->unauth_attr == NULL)
|
||||
return 0;
|
||||
for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++)
|
||||
{
|
||||
if ((sk_X509_ATTRIBUTE_set(p7si->unauth_attr,i,
|
||||
@ -1078,10 +1107,16 @@ static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,
|
||||
|
||||
if (*sk == NULL)
|
||||
{
|
||||
*sk = sk_X509_ATTRIBUTE_new_null();
|
||||
if (!(*sk = sk_X509_ATTRIBUTE_new_null()))
|
||||
return 0;
|
||||
new_attrib:
|
||||
attr=X509_ATTRIBUTE_create(nid,atrtype,value);
|
||||
sk_X509_ATTRIBUTE_push(*sk,attr);
|
||||
if (!(attr=X509_ATTRIBUTE_create(nid,atrtype,value)))
|
||||
return 0;
|
||||
if (!sk_X509_ATTRIBUTE_push(*sk,attr))
|
||||
{
|
||||
X509_ATTRIBUTE_free(attr);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -1094,7 +1129,13 @@ new_attrib:
|
||||
{
|
||||
X509_ATTRIBUTE_free(attr);
|
||||
attr=X509_ATTRIBUTE_create(nid,atrtype,value);
|
||||
sk_X509_ATTRIBUTE_set(*sk,i,attr);
|
||||
if (attr == NULL)
|
||||
return 0;
|
||||
if (!sk_X509_ATTRIBUTE_set(*sk,i,attr))
|
||||
{
|
||||
X509_ATTRIBUTE_free(attr);
|
||||
return 0;
|
||||
}
|
||||
goto end;
|
||||
}
|
||||
}
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
x
Reference in New Issue
Block a user