This commit was generated by cvs2svn to compensate for changes in r167612,

which included commits to RCS files with non-trunk default branches.
This commit is contained in:
Simon L. B. Nielsen 2007-03-15 20:03:30 +00:00
commit 03b688114f
192 changed files with 4079 additions and 783 deletions

View File

@ -2,6 +2,47 @@
OpenSSL CHANGES
_______________
Changes between 0.9.8d and 0.9.8e [23 Feb 2007]
*) Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that
a ciphersuite string such as "DEFAULT:RSA" cannot enable
authentication-only ciphersuites.
[Bodo Moeller]
*) Since AES128 and AES256 (and similarly Camellia128 and
Camellia256) share a single mask bit in the logic of
ssl/ssl_ciph.c, the code for masking out disabled ciphers needs a
kludge to work properly if AES128 is available and AES256 isn't
(or if Camellia128 is available and Camellia256 isn't).
[Victor Duchovni]
*) Fix the BIT STRING encoding generated by crypto/ec/ec_asn1.c
(within i2d_ECPrivateKey, i2d_ECPKParameters, i2d_ECParameters):
When a point or a seed is encoded in a BIT STRING, we need to
prevent the removal of trailing zero bits to get the proper DER
encoding. (By default, crypto/asn1/a_bitstr.c assumes the case
of a NamedBitList, for which trailing 0 bits need to be removed.)
[Bodo Moeller]
*) Have SSL/TLS server implementation tolerate "mismatched" record
protocol version while receiving ClientHello even if the
ClientHello is fragmented. (The server can't insist on the
particular protocol version it has chosen before the ServerHello
message has informed the client about his choice.)
[Bodo Moeller]
*) Add RFC 3779 support.
[Rob Austein for ARIN, Ben Laurie]
*) Load error codes if they are not already present instead of using a
static variable. This allows them to be cleanly unloaded and reloaded.
Improve header file function name parsing.
[Steve Henson]
*) extend SMTP and IMAP protocol emulation in s_client to use EHLO
or CAPABILITY handshake as required by RFCs.
[Goetz Babin-Ebell]
Changes between 0.9.8c and 0.9.8d [28 Sep 2006]
*) Introduce limits to prevent malicious keys being able to
@ -77,7 +118,7 @@
draft-ietf-tls-56-bit-ciphersuites-0[01].txt, but do not really
appear there.
Also deactive the remaining ciphersuites from
Also deactivate the remaining ciphersuites from
draft-ietf-tls-56-bit-ciphersuites-01.txt. These are just as
unofficial, and the ID has long expired.
[Bodo Moeller]
@ -1006,7 +1047,48 @@
differing sizes.
[Richard Levitte]
Changes between 0.9.7k and 0.9.7l [xx XXX xxxx]
Changes between 0.9.7l and 0.9.7m [xx XXX xxxx]
*) Cleanse PEM buffers before freeing them since they may contain
sensitive data.
[Benjamin Bennett <ben@psc.edu>]
*) Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that
a ciphersuite string such as "DEFAULT:RSA" cannot enable
authentication-only ciphersuites.
[Bodo Moeller]
*) Since AES128 and AES256 share a single mask bit in the logic of
ssl/ssl_ciph.c, the code for masking out disabled ciphers needs a
kludge to work properly if AES128 is available and AES256 isn't.
[Victor Duchovni]
*) Have SSL/TLS server implementation tolerate "mismatched" record
protocol version while receiving ClientHello even if the
ClientHello is fragmented. (The server can't insist on the
particular protocol version it has chosen before the ServerHello
message has informed the client about his choice.)
[Bodo Moeller]
*) Load error codes if they are not already present instead of using a
static variable. This allows them to be cleanly unloaded and reloaded.
[Steve Henson]
Changes between 0.9.7k and 0.9.7l [28 Sep 2006]
*) Introduce limits to prevent malicious keys being able to
cause a denial of service. (CVE-2006-2940)
[Steve Henson, Bodo Moeller]
*) Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service. (CVE-2006-2937) [Steve Henson]
*) Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]
*) Fix SSL client code which could crash if connecting to a
malicious SSLv2 server. (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]
*) Change ciphersuite string processing so that an explicit
ciphersuite selects this one ciphersuite (so that "AES256-SHA"

View File

@ -568,6 +568,7 @@ my $threads=0;
my $no_shared=0; # but "no-shared" is default
my $zlib=1; # but "no-zlib" is default
my $no_krb5=0; # but "no-krb5" is implied unless "--with-krb5-..." is used
my $no_rfc3779=1; # but "no-rfc3779" is default
my $no_asm=0;
my $no_dso=0;
my $no_gmp=0;
@ -604,6 +605,7 @@ my %disabled = ( # "what" => "comment"
"gmp" => "default",
"mdc2" => "default",
"rc5" => "default",
"rfc3779" => "default",
"shared" => "default",
"zlib" => "default",
"zlib-dynamic" => "default"
@ -614,7 +616,7 @@ my %disabled = ( # "what" => "comment"
# For symmetry, "disable-..." is a synonym for "no-...".
# This is what $depflags will look like with the above default:
my $default_depflags = "-DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 ";
my $default_depflags = "-DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 ";
my $no_sse2=0;

View File

@ -74,7 +74,7 @@ OpenSSL - Frequently Asked Questions
* Which is the current version of OpenSSL?
The current version is available from <URL: http://www.openssl.org>.
OpenSSL 0.9.8d was released on September 28th, 2006.
OpenSSL 0.9.8e was released on February 23rd, 2007.
In addition to the current stable release, you can also access daily
snapshots of the OpenSSL development version at <URL:

View File

@ -302,10 +302,10 @@
Note on shared libraries
------------------------
Shared library is currently an experimental feature. The only reason to
have them would be to conserve memory on systems where several program
are using OpenSSL. Binary backward compatibility can't be guaranteed
before OpenSSL version 1.0.
Shared libraries have certain caveats. Binary backward compatibility
can't be guaranteed before OpenSSL version 1.0. The only reason to
use them would be to conserve memory on systems where several programs
are using OpenSSL.
For some systems, the OpenSSL Configure script knows what is needed to
build shared libraries for libcrypto and libssl. On these systems,

View File

@ -12,7 +12,7 @@
---------------
/* ====================================================================
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions

View File

@ -4,7 +4,7 @@
## Makefile for OpenSSL
##
VERSION=0.9.8d
VERSION=0.9.8e
MAJOR=0
MINOR=9.8
SHLIB_VERSION_NUMBER=0.9.8
@ -13,7 +13,7 @@ SHLIB_MAJOR=0
SHLIB_MINOR=9.8
SHLIB_EXT=
PLATFORM=dist
OPTIONS= no-camellia no-gmp no-krb5 no-mdc2 no-rc5 no-shared no-zlib no-zlib-dynamic
OPTIONS= no-camellia no-gmp no-krb5 no-mdc2 no-rc5 no-rfc3779 no-shared no-zlib no-zlib-dynamic
CONFIGURE_ARGS=dist
SHLIB_TARGET=
@ -61,14 +61,14 @@ OPENSSLDIR=/usr/local/ssl
CC= cc
CFLAG= -O
DEPFLAG= -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5
DEPFLAG= -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779
PEX_LIBS=
EX_LIBS=
EXE_EXT=
ARFLAGS=
AR=ar $(ARFLAGS) r
RANLIB= /usr/bin/ranlib
PERL= /usr/local/bin/perl
PERL= /usr/bin/perl
TAR= tar
TARFLAGS= --no-recursion
MAKEDEPPROG=makedepend

View File

@ -5,7 +5,12 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
Major changes between OpenSSL 0.9.7c and OpenSSL 0.9.8d:
Major changes between OpenSSL 0.9.8d and OpenSSL 0.9.8e:
o Various ciphersuite selection fixes.
o RFC3779 support.
Major changes between OpenSSL 0.9.8c and OpenSSL 0.9.8d:
o Introduce limits to prevent malicious key DoS (CVE-2006-2940)
o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343)
@ -105,6 +110,11 @@
o Added initial support for Win64.
o Added alternate pkg-config files.
Major changes between OpenSSL 0.9.7k and OpenSSL 0.9.7l:
o Introduce limits to prevent malicious key DoS (CVE-2006-2940)
o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343)
Major changes between OpenSSL 0.9.7j and OpenSSL 0.9.7k:
o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339

View File

@ -1,7 +1,7 @@
OpenSSL 0.9.8d 28 Sep 2006
OpenSSL 0.9.8e 23 Feb 2007
Copyright (c) 1998-2006 The OpenSSL Project
Copyright (c) 1998-2007 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
All rights reserved.

View File

@ -1,4 +1,4 @@
#!/usr/local/bin/perl
#!/usr/bin/perl
#
# CA - wrapper around ca to make it easier to use ... basically ca requires
# some setup stuff to be done before you can use it and this makes

View File

@ -290,14 +290,15 @@ dgst.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
dgst.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
dgst.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
dgst.o: ../include/openssl/err.h ../include/openssl/evp.h
dgst.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
dgst.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
dgst.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
dgst.o: ../include/openssl/pem.h ../include/openssl/pem2.h
dgst.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
dgst.o: ../include/openssl/sha.h ../include/openssl/stack.h
dgst.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
dgst.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h dgst.c
dgst.o: ../include/openssl/hmac.h ../include/openssl/lhash.h
dgst.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
dgst.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
dgst.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
dgst.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
dgst.o: ../include/openssl/safestack.h ../include/openssl/sha.h
dgst.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
dgst.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
dgst.o: ../include/openssl/x509_vfy.h apps.h dgst.c
dh.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
dh.o: ../include/openssl/bn.h ../include/openssl/buffer.h
dh.o: ../include/openssl/conf.h ../include/openssl/crypto.h

View File

@ -1520,6 +1520,7 @@ EF_ALIGNMENT=0;
if (x509) X509_free(x509);
X509_CRL_free(crl);
NCONF_free(conf);
NCONF_free(extconf);
OBJ_cleanup();
apps_shutdown();
OPENSSL_EXIT(ret);

View File

@ -66,6 +66,7 @@
#include <openssl/objects.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/hmac.h>
#undef BUFSIZE
#define BUFSIZE 1024*8
@ -75,7 +76,7 @@
int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
const char *file);
const char *file,BIO *bmd,const char *hmac_key);
int MAIN(int, char **);
@ -104,6 +105,7 @@ int MAIN(int argc, char **argv)
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
char *hmac_key=NULL;
apps_startup();
@ -188,6 +190,12 @@ int MAIN(int argc, char **argv)
out_bin = 1;
else if (strcmp(*argv,"-d") == 0)
debug=1;
else if (!strcmp(*argv,"-hmac"))
{
if (--argc < 1)
break;
hmac_key=*++argv;
}
else if ((m=EVP_get_digestbyname(&((*argv)[1]))) != NULL)
md=m;
else
@ -261,7 +269,7 @@ int MAIN(int argc, char **argv)
{
BIO_set_callback(in,BIO_debug_callback);
/* needed for windows 3.1 */
BIO_set_callback_arg(in,bio_err);
BIO_set_callback_arg(in,(char *)bio_err);
}
if(!app_passwd(bio_err, passargin, NULL, &passin, NULL))
@ -358,7 +366,7 @@ int MAIN(int argc, char **argv)
{
BIO_set_fp(in,stdin,BIO_NOCLOSE);
err=do_fp(out, buf,inp,separator, out_bin, sigkey, sigbuf,
siglen,"","(stdin)");
siglen,"","(stdin)",bmd,hmac_key);
}
else
{
@ -376,14 +384,15 @@ int MAIN(int argc, char **argv)
}
if(!out_bin)
{
size_t len = strlen(name)+strlen(argv[i])+5;
size_t len = strlen(name)+strlen(argv[i])+(hmac_key ? 5 : 0)+5;
tmp=tofree=OPENSSL_malloc(len);
BIO_snprintf(tmp,len,"%s(%s)= ",name,argv[i]);
BIO_snprintf(tmp,len,"%s%s(%s)= ",
hmac_key ? "HMAC-" : "",name,argv[i]);
}
else
tmp="";
r=do_fp(out,buf,inp,separator,out_bin,sigkey,sigbuf,
siglen,tmp,argv[i]);
siglen,tmp,argv[i],bmd,hmac_key);
if(r)
err=r;
if(tofree)
@ -410,11 +419,23 @@ int MAIN(int argc, char **argv)
int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
const char *file)
const char *file,BIO *bmd,const char *hmac_key)
{
int len;
unsigned int len;
int i;
EVP_MD_CTX *md_ctx;
HMAC_CTX hmac_ctx;
if (hmac_key)
{
EVP_MD *md;
BIO_get_md(bmd,&md);
HMAC_CTX_init(&hmac_ctx);
HMAC_Init_ex(&hmac_ctx,hmac_key,strlen(hmac_key),md, NULL);
BIO_get_md_ctx(bmd,&md_ctx);
BIO_set_md_ctx(bmd,&hmac_ctx.md_ctx);
}
for (;;)
{
i=BIO_read(bp,(char *)buf,BUFSIZE);
@ -457,6 +478,11 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
return 1;
}
}
else if(hmac_key)
{
HMAC_Final(&hmac_ctx,buf,&len);
HMAC_CTX_cleanup(&hmac_ctx);
}
else
len=BIO_gets(bp,(char *)buf,BUFSIZE);
@ -464,7 +490,7 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
else
{
BIO_write(out,title,strlen(title));
for (i=0; i<len; i++)
for (i=0; i<(int)len; i++)
{
if (sep && (i != 0))
BIO_printf(out, ":");
@ -472,6 +498,10 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
}
BIO_printf(out, "\n");
}
if (hmac_key)
{
BIO_set_md_ctx(bmd,md_ctx);
}
return 0;
}

View File

@ -347,7 +347,10 @@ int MAIN(int argc, char **argv)
}
if (noout)
{
ret = 0;
goto end;
}
BIO_printf(bio_err, "writing EC key\n");
if (outformat == FORMAT_ASN1)

View File

@ -365,8 +365,8 @@ int MAIN(int argc, char **argv)
{
BIO_set_callback(in,BIO_debug_callback);
BIO_set_callback(out,BIO_debug_callback);
BIO_set_callback_arg(in,bio_err);
BIO_set_callback_arg(out,bio_err);
BIO_set_callback_arg(in,(char *)bio_err);
BIO_set_callback_arg(out,(char *)bio_err);
}
if (inf == NULL)
@ -453,7 +453,7 @@ int MAIN(int argc, char **argv)
if (debug)
{
BIO_set_callback(b64,BIO_debug_callback);
BIO_set_callback_arg(b64,bio_err);
BIO_set_callback_arg(b64,(char *)bio_err);
}
if (olb64)
BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL);
@ -571,7 +571,7 @@ int MAIN(int argc, char **argv)
if (debug)
{
BIO_set_callback(benc,BIO_debug_callback);
BIO_set_callback_arg(benc,bio_err);
BIO_set_callback_arg(benc,(char *)bio_err);
}
if (printkey)

View File

@ -139,6 +139,7 @@ int MAIN(int argc, char **argv)
if (!load_config(bio_err, NULL))
goto end;
SSL_load_error_strings();
OpenSSL_add_ssl_algorithms();
args = argv + 1;
reqnames = sk_new_null();
ids = sk_OCSP_CERTID_new_null();
@ -726,6 +727,11 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "SSL is disabled\n");
goto end;
#endif
if (ctx == NULL)
{
BIO_printf(bio_err, "Error creating SSL context.\n");
goto end;
}
SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
sbio = BIO_new_ssl(ctx, 1);
cbio = BIO_push(sbio, cbio);

View File

@ -536,8 +536,11 @@ int MAIN(int argc, char **argv)
X509_free(sk_X509_value(chain2, 0));
sk_X509_free(chain2);
} else {
if (vret >= 0)
BIO_printf (bio_err, "Error %s getting chain.\n",
X509_verify_cert_error_string(vret));
else
ERR_print_errors(bio_err);
goto export_end;
}
}
@ -811,7 +814,7 @@ int get_cert_chain (X509 *cert, X509_STORE *store, STACK_OF(X509) **chain)
{
X509_STORE_CTX store_ctx;
STACK_OF(X509) *chn;
int i;
int i = 0;
/* FIXME: Should really check the return status of X509_STORE_CTX_init
* for an error, but how that fits into the return value of this
@ -819,13 +822,17 @@ int get_cert_chain (X509 *cert, X509_STORE *store, STACK_OF(X509) **chain)
X509_STORE_CTX_init(&store_ctx, store, cert, NULL);
if (X509_verify_cert(&store_ctx) <= 0) {
i = X509_STORE_CTX_get_error (&store_ctx);
if (i == 0)
/* avoid returning 0 if X509_verify_cert() did not
* set an appropriate error value in the context */
i = -1;
chn = NULL;
goto err;
}
} else
chn = X509_STORE_CTX_get1_chain(&store_ctx);
i = 0;
*chain = chn;
err:
X509_STORE_CTX_cleanup(&store_ctx);
*chain = chn;
return i;
}

View File

@ -226,7 +226,7 @@ static void sc_usage(void)
BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n");
BIO_printf(bio_err," for those protocols that support it, where\n");
BIO_printf(bio_err," 'prot' defines which one to assume. Currently,\n");
BIO_printf(bio_err," only \"smtp\" and \"pop3\" are supported.\n");
BIO_printf(bio_err," only \"smtp\", \"pop3\", \"imap\", and \"ftp\" are supported.\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n");
#endif
@ -234,6 +234,15 @@ static void sc_usage(void)
}
enum
{
PROTO_OFF = 0,
PROTO_SMTP,
PROTO_POP3,
PROTO_IMAP,
PROTO_FTP
};
int MAIN(int, char **);
int MAIN(int argc, char **argv)
@ -260,7 +269,7 @@ int MAIN(int argc, char **argv)
int write_tty,read_tty,write_ssl,read_ssl,tty_on,ssl_pending;
SSL_CTX *ctx=NULL;
int ret=1,in_init=1,i,nbio_test=0;
int starttls_proto = 0;
int starttls_proto = PROTO_OFF;
int prexit = 0, vflags = 0;
SSL_METHOD *meth=NULL;
#ifdef sock_type
@ -269,6 +278,7 @@ int MAIN(int argc, char **argv)
int sock_type=SOCK_STREAM;
BIO *sbio;
char *inrand=NULL;
int mbuf_len=0;
#ifndef OPENSSL_NO_ENGINE
char *engine_id=NULL;
ENGINE *e=NULL;
@ -466,9 +476,13 @@ int MAIN(int argc, char **argv)
if (--argc < 1) goto bad;
++argv;
if (strcmp(*argv,"smtp") == 0)
starttls_proto = 1;
starttls_proto = PROTO_SMTP;
else if (strcmp(*argv,"pop3") == 0)
starttls_proto = 2;
starttls_proto = PROTO_POP3;
else if (strcmp(*argv,"imap") == 0)
starttls_proto = PROTO_IMAP;
else if (strcmp(*argv,"ftp") == 0)
starttls_proto = PROTO_FTP;
else
goto bad;
}
@ -693,7 +707,7 @@ int MAIN(int argc, char **argv)
{
con->debug=1;
BIO_set_callback(sbio,bio_dump_callback);
BIO_set_callback_arg(sbio,bio_c_out);
BIO_set_callback_arg(sbio,(char *)bio_c_out);
}
if (c_msg)
{
@ -719,18 +733,93 @@ int MAIN(int argc, char **argv)
sbuf_off=0;
/* This is an ugly hack that does a lot of assumptions */
if (starttls_proto == 1)
/* We do have to handle multi-line responses which may come
in a single packet or not. We therefore have to use
BIO_gets() which does need a buffering BIO. So during
the initial chitchat we do push a buffering BIO into the
chain that is removed again later on to not disturb the
rest of the s_client operation. */
if (starttls_proto == PROTO_SMTP)
{
BIO_read(sbio,mbuf,BUFSIZZ);
int foundit=0;
BIO *fbio = BIO_new(BIO_f_buffer());
BIO_push(fbio, sbio);
/* wait for multi-line response to end from SMTP */
do
{
mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
}
while (mbuf_len>3 && mbuf[3]=='-');
/* STARTTLS command requires EHLO... */
BIO_printf(fbio,"EHLO openssl.client.net\r\n");
BIO_flush(fbio);
/* wait for multi-line response to end EHLO SMTP response */
do
{
mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
if (strstr(mbuf,"STARTTLS"))
foundit=1;
}
while (mbuf_len>3 && mbuf[3]=='-');
BIO_flush(fbio);
BIO_pop(fbio);
BIO_free(fbio);
if (!foundit)
BIO_printf(bio_err,
"didn't found starttls in server response,"
" try anyway...\n");
BIO_printf(sbio,"STARTTLS\r\n");
BIO_read(sbio,sbuf,BUFSIZZ);
}
if (starttls_proto == 2)
else if (starttls_proto == PROTO_POP3)
{
BIO_read(sbio,mbuf,BUFSIZZ);
BIO_printf(sbio,"STLS\r\n");
BIO_read(sbio,sbuf,BUFSIZZ);
}
else if (starttls_proto == PROTO_IMAP)
{
int foundit=0;
BIO *fbio = BIO_new(BIO_f_buffer());
BIO_push(fbio, sbio);
BIO_gets(fbio,mbuf,BUFSIZZ);
/* STARTTLS command requires CAPABILITY... */
BIO_printf(fbio,". CAPABILITY\r\n");
BIO_flush(fbio);
/* wait for multi-line CAPABILITY response */
do
{
mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
if (strstr(mbuf,"STARTTLS"))
foundit=1;
}
while (mbuf_len>3 && mbuf[0]!='.');
BIO_flush(fbio);
BIO_pop(fbio);
BIO_free(fbio);
if (!foundit)
BIO_printf(bio_err,
"didn't found STARTTLS in server response,"
" try anyway...\n");
BIO_printf(sbio,". STARTTLS\r\n");
BIO_read(sbio,sbuf,BUFSIZZ);
}
else if (starttls_proto == PROTO_FTP)
{
BIO *fbio = BIO_new(BIO_f_buffer());
BIO_push(fbio, sbio);
/* wait for multi-line response to end from FTP */
do
{
mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
}
while (mbuf_len>3 && mbuf[3]=='-');
BIO_flush(fbio);
BIO_pop(fbio);
BIO_free(fbio);
BIO_printf(sbio,"AUTH TLS\r\n");
BIO_read(sbio,sbuf,BUFSIZZ);
}
for (;;)
{
@ -755,7 +844,7 @@ int MAIN(int argc, char **argv)
{
BIO_printf(bio_err,"%s",mbuf);
/* We don't need to know any more */
starttls_proto = 0;
starttls_proto = PROTO_OFF;
}
if (reconnect)

View File

@ -1234,7 +1234,7 @@ static int sv_body(char *hostname, int s, unsigned char *context)
{
con->debug=1;
BIO_set_callback(SSL_get_rbio(con),bio_dump_callback);
BIO_set_callback_arg(SSL_get_rbio(con),bio_s_out);
BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out);
}
if (s_msg)
{
@ -1638,7 +1638,7 @@ static int www_body(char *hostname, int s, unsigned char *context)
{
con->debug=1;
BIO_set_callback(SSL_get_rbio(con),bio_dump_callback);
BIO_set_callback_arg(SSL_get_rbio(con),bio_s_out);
BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out);
}
if (s_msg)
{

View File

@ -0,0 +1,22 @@
-----BEGIN CERTIFICATE-----
MIIDpDCCAoygAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEc
MBoGA1UEChMTQW1lcmljYSBPbmxpbmUgSW5jLjE2MDQGA1UEAxMtQW1lcmljYSBP
bmxpbmUgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAxMB4XDTAyMDUyODA2
MDAwMFoXDTM3MTExOTIwNDMwMFowYzELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0Ft
ZXJpY2EgT25saW5lIEluYy4xNjA0BgNVBAMTLUFtZXJpY2EgT25saW5lIFJvb3Qg
Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKgv6KRpBgNHw+kqmP8ZonCaxlCyfqXfaE0bfA+2l2h9LaaLl+lk
hsmj76CGv2BlnEtUiMJIxUo5vxTjWVXlGbR0yLQFOVwWpeKVBeASrlmLojNoWBym
1BW32J/X3HGrfpq/m44zDyL9Hy7nBzbvYjnF3cu6JRQj3gzGPTzOggjmZj7aUTsW
OqMFf6Dch9Wc/HKpoH145LcxVR5lu9RhsCFg7RAycsWSJR74kEoYeEfffjA3PlAb
2xzTa5qGUwew76wGePiEmf4hjUyAtgyC9mZweRrTT6PP8c9GsEsPPt2IYriMqQko
O3rHl+Ee5fSfwMCuJKDIodkP1nsmgmkyPacCAwEAAaNjMGEwDwYDVR0TAQH/BAUw
AwEB/zAdBgNVHQ4EFgQUAK3Zo/Z59m50qX8zPYEX10zPM94wHwYDVR0jBBgwFoAU
AK3Zo/Z59m50qX8zPYEX10zPM94wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEB
BQUAA4IBAQB8itEfGDeC4Liwo+1WlchiYZwFos3CYiZhzRAW18y0ZTTQEYqtqKkF
Zu90821fnZmv9ov761KyBZiibyrFVL0lvV+uyIbqRizBs73B6UlwGBaXCBOMIOAb
LjpHyx7kADCVW/RFo8AasAFOq73AI25jP4BKxQft3OJvx8Fi8eNy1gTIdGcL+oir
oQHIb/AUr9KZzVGTfu0uOMe9zkZQPXLjeSWdm4grECDdpbgyn43gKd8hdIaC2y+C
MMbHNYaz+ZZfRtsMRf3zUMNvxsNIrUam4SdHCh0Om7bCd39j8uB9Gr784N/Xx6ds
sPmuujz9dLQR6FgNgLzTqIA6me11zEZ7
-----END CERTIFICATE-----

View File

@ -0,0 +1,33 @@
-----BEGIN CERTIFICATE-----
MIIFpDCCA4ygAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEc
MBoGA1UEChMTQW1lcmljYSBPbmxpbmUgSW5jLjE2MDQGA1UEAxMtQW1lcmljYSBP
bmxpbmUgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAyMB4XDTAyMDUyODA2
MDAwMFoXDTM3MDkyOTE0MDgwMFowYzELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0Ft
ZXJpY2EgT25saW5lIEluYy4xNjA0BgNVBAMTLUFtZXJpY2EgT25saW5lIFJvb3Qg
Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgMjCCAiIwDQYJKoZIhvcNAQEBBQADggIP
ADCCAgoCggIBAMxBRR3pPU0Q9oyxQcngXssNt79Hc9PwVU3dxgz6sWYFas14tNwC
206B89enfHG8dWOgXeMHDEjsJcQDIPT/DjsS/5uN4cbVG7RtIuOx238hZK+GvFci
KtZHgVdEglZTvYYUAQv8f3SkWq7xuhG1m1hagLQ3eAkzfDJHA1zEpYNI9FdWboE2
JxhP7JsowtS013wMPgwr38oE18aO6lhOqKSlGBxsRZijQdEt0sdtjRnxrXm3gT+9
BoInLRBYBbV4Bbkv2wxrkJB+FFk4u5QkE+XRnRTf04JNRvCAOVIyD+OEsnpD8l7e
Xz8d3eOyG6ChKiMDbi4BFYdcpnV1x5dhvt6G3NRI270qv0pV2uh9UPu0gBe4lL8B
PeraunzgWGcXuVjgiIZGZ2ydEEdYMtA1fHkqkKJaEBEjNa0vzORKW6fIJ/KD3l67
Xnfn6KVuY8INXWHQjNJsWiEOyiijzirplcdIz5ZvHZIlyMbGwcEMBawmxNJ10uEq
Z8A9W6Wa6897GqidFEXlD6CaZd4vKL3Ob5Rmg0gp2OpljK+T2WSfVVcmv2/LNzGZ
o2C7HK2JNDJiuEMhBnIMoVxtRsX6Kc8w3onccVvdtjc+31D1uAclJuW8tf48ArO3
+L5DwYcRlJ4jbBeKuIonDFRH8KmzwICMoCfrHRnjB453cMor9H124HhnAgMBAAGj
YzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFE1FwWg4u3OpaaEg5+31IqEj
FNeeMB8GA1UdIwQYMBaAFE1FwWg4u3OpaaEg5+31IqEjFNeeMA4GA1UdDwEB/wQE
AwIBhjANBgkqhkiG9w0BAQUFAAOCAgEAZ2sGuV9FOypLM7PmG2tZTiLMubekJcmn
xPBUlgtk87FYT15R/LKXeydlwuXK5w0MJXti4/qftIe3RUavg6WXSIylvfEWK5t2
LHo1YGwRgJfMqZJS5ivmae2p+DYtLHe/YUjRYwu5W1LtGLBDQiKmsXeu3mnFzccc
obGlHBD7GL4acN3Bkku+KVqdPzW+5X1R+FXgJXUjhx5c3LqdsKyzadsXg8n33gy8
CNyRnqjQ1xU3c6U1uPx+xURABsPr+CKAXEfOAuMRn0T//ZoyzH1kUQ7rVyZ2OuMe
IjzCpjbdGe+n/BLzJsBZMYVMnNjP36TMzCmT/5RtdlwTCJfy7aULTd3oyWgOZtMA
DjMSW7yV5TKQqLPGbIOtd+6Lfn6xqavT4fG2wLHqiMDn05DpKJKUe2h7lyoKZy2F
AjgQ5ANh1NolNscIWC2hp1GvMApJ9aZphwctREZ2jirlmjvXGKL8nDgQzMY70rUX
Om/9riW99XJZZLF0KjhfGEzfz3EEWjbUvy+ZnOjZurGV5gJLIaFb1cFPj65pbVPb
AZO1XB4Y3WRayhgoPmMEEf0cjQAPuDffZ4qdZqkCapH/E8ovXYO8h5Ns3CRRFgQl
Zvqz2cK6Kb6aSDiCmfS/O0oxGfm/jiEzFMpPVF/7zvuPcX/9XhmgD0uRuMRUvAaw
RY8mkaKO/qk=
-----END CERTIFICATE-----

View File

@ -0,0 +1,23 @@
-----BEGIN CERTIFICATE-----
MIID5jCCAs6gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBgzELMAkGA1UEBhMCVVMx
HTAbBgNVBAoTFEFPTCBUaW1lIFdhcm5lciBJbmMuMRwwGgYDVQQLExNBbWVyaWNh
IE9ubGluZSBJbmMuMTcwNQYDVQQDEy5BT0wgVGltZSBXYXJuZXIgUm9vdCBDZXJ0
aWZpY2F0aW9uIEF1dGhvcml0eSAxMB4XDTAyMDUyOTA2MDAwMFoXDTM3MTEyMDE1
MDMwMFowgYMxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRBT0wgVGltZSBXYXJuZXIg
SW5jLjEcMBoGA1UECxMTQW1lcmljYSBPbmxpbmUgSW5jLjE3MDUGA1UEAxMuQU9M
IFRpbWUgV2FybmVyIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgMTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJnej8Mlo2k06AX3dLm/WpcZuS+U
0pPlLYnKhHw/EEMbjIt8hFj4JHxIzyr9wBXZGH6EGhfT257XyuTZ16pYUYfw8ItI
TuLCxFlpMGK2MKKMCxGZYTVtfu/FsRkGIBKOQuHfD5YQUqjPnF+VFNivO3ULMSAf
RC+iYkGzuxgh28pxPIzstrkNn+9R7017EvILDOGsQI93f7DKeHEMXRZxcKLXwjqF
zQ6axOAAsNUl6twr5JQtOJyJQVdkKGUZHLZEtMgxa44Be3ZZJX8VHIQIfHNlIAqh
BC4aMqiaILGcLCFZ5/vP7nAtCMpjPiybkxlqpMKX/7eGV4iFbJ4VFitNLLMCAwEA
AaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUoTYwFsuGkABFgFOxj8jY
PXy+XxIwHwYDVR0jBBgwFoAUoTYwFsuGkABFgFOxj8jYPXy+XxIwDgYDVR0PAQH/
BAQDAgGGMA0GCSqGSIb3DQEBBQUAA4IBAQCKIBilvrMvtKaEAEAwKfq0FHNMeUWn
9nDg6H5kHgqVfGphwu9OH77/yZkfB2FK4V1Mza3u0FIy2VkyvNp5ctZ7CegCgTXT
Ct8RHcl5oIBN/lrXVtbtDyqvpxh1MwzqwWEFT2qaifKNuZ8u77BfWgDrvq2g+EQF
Z7zLBO+eZMXpyD8Fv8YvBxzDNnGGyjhmSs3WuEvGbKeXO/oTLW4jYYehY0KswsuX
n2Fozy1MBJ3XJU8KDk2QixhWqJNIV9xvrr2eZ1d3iVCzvhGbRWeDhhmH05i9CBoW
H1iCC+GWaQVLjuyDUTEH1dSf/1l7qG6Fz9NLqUmwX7A5KGgOc90lmt4S
-----END CERTIFICATE-----

View File

@ -0,0 +1,34 @@
-----BEGIN CERTIFICATE-----
MIIF5jCCA86gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBgzELMAkGA1UEBhMCVVMx
HTAbBgNVBAoTFEFPTCBUaW1lIFdhcm5lciBJbmMuMRwwGgYDVQQLExNBbWVyaWNh
IE9ubGluZSBJbmMuMTcwNQYDVQQDEy5BT0wgVGltZSBXYXJuZXIgUm9vdCBDZXJ0
aWZpY2F0aW9uIEF1dGhvcml0eSAyMB4XDTAyMDUyOTA2MDAwMFoXDTM3MDkyODIz
NDMwMFowgYMxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRBT0wgVGltZSBXYXJuZXIg
SW5jLjEcMBoGA1UECxMTQW1lcmljYSBPbmxpbmUgSW5jLjE3MDUGA1UEAxMuQU9M
IFRpbWUgV2FybmVyIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgMjCCAiIw
DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALQ3WggWmRToVbEbJGv8x4vmh6mJ
7ouZzU9AhqS2TcnZsdw8TQ2FTBVsRotSeJ/4I/1n9SQ6aF3Q92RhQVSji6UI0ilb
m2BPJoPRYxJWSXakFsKlnUWsi4SVqBax7J/qJBrvuVdcmiQhLE0OcR+mrF1FdAOY
xFSMFkpBd4aVdQxHAWZg/BXxD+r1FHjHDtdugRxev17nOirYlxcwfACtCJ0zr7iZ
YYCLqJV+FNwSbKTQ2O9ASQI2+W6p1h2WVgSysy0WVoaP2SBXgM1nEG2wTPDaRrbq
JS5Gr42whTg0ixQmgiusrpkLjhTXUr2eacOGAgvqdnUxCc4zGSGFQ+aJLZ8lN2fx
I2rSAG2X+Z/nKcrdH9cG6rjJuQkhn8g/BsXS6RJGAE57COtCPStIbp1n3UsC5ETz
kxmlJ85per5n0/xQpCyrw2u544BMzwVhSyvcG7mm0tCq9Stz+86QNZ8MUhy/XCFh
EVsVS6kkUfykXPcXnbDS+gfpj1bkGoxoigTTfFrjnqKhynFbotSg5ymFXQNoKk/S
Btc9+cMDLz9l+WceR0DTYw/j1Y75hauXTLPXJuuWCpTehTacyH+BCQJJKg71ZDIM
gtG6aoIbs0t0EfOMd9afv9w3pKdVBC/UMejTRrkDfNoSTllkt1ExMVCgyhwn2RAu
rda9EGYrw7AiShJbAgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE
FE9pbQN+nZ8HGEO8txBO1b+pxCAoMB8GA1UdIwQYMBaAFE9pbQN+nZ8HGEO8txBO
1b+pxCAoMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQUFAAOCAgEAO/Ouyugu
h4X7ZVnnrREUpVe8WJ8kEle7+z802u6teio0cnAxa8cZmIDJgt43d15Ui47y6mdP
yXSEkVYJ1eV6moG2gcKtNuTxVBFT8zRFASbI5Rq8NEQh3q0l/HYWdyGQgJhXnU7q
7C+qPBR7V8F+GBRn7iTGvboVsNIYvbdVgaxTwOjdaRITQrcCtQVBynlQboIOcXKT
RuidDV29rs4prWPVVRaAMCf/drr3uNZK49m1+VLQTkCpx+XCMseqdiThawVQ68W/
ClTluUI8JPu3B5wwn3la5uBAUhX0/Kr0VvlEl4ftDmVyXr4m+02kLQgH3thcoNyB
M5kYJRF3p+v9WAksmWsbivNSPxpNSGDxoPYzAlOL7SUJuA0t7Zdz7NeWH45gDtoQ
my8YJPamTQr5O8t1wswvziRpyQoijlmn94IM19drNZxDAGrElWe6nEXLuA4399xO
AU++CrYD062KRffaJ00psUjf5BHklka9bAI+1lHIlRcBFanyqqryvy9lG2/QuRqT
9Y41xICHPpQvZuTpqP9BnHAqTyo5GJUefvthATxRCC4oGKQWDzH9OmwjkyB24f0H
hdFbP9IcczLd+rn4jM8Ch3qaluTtT4mNU0OrDhPAARW0eTjb/G49nlG2uBOLZ8/5
fNkiHfZdxRwBL5joeiQYvITX+txyW/fBOmg=
-----END CERTIFICATE-----

View File

@ -527,9 +527,9 @@ case "$GUESSOS" in
esac
if [ "$CC" = "gcc" ]; then
case ${ISA:-generic} in
EV5|EV45) options="$options -mcpu=ev5";;
EV56|PCA56) options="$options -mcpu=ev56";;
*) options="$options -mcpu=ev6";;
EV5|EV45) options="$options -march=ev5";;
EV56|PCA56) options="$options -march=ev56";;
*) options="$options -march=ev6";;
esac
fi
;;
@ -585,18 +585,21 @@ case "$GUESSOS" in
OUT="linux-generic32" ;;
arm*b-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;;
arm*l-*-linux2) OUT="linux-generic32"; options="$options -DL_ENDIAN" ;;
sh*b-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;;
sh*-*-linux2) OUT="linux-generic32"; options="$options -DL_ENDIAN" ;;
m68k*-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;;
s390*-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN -DNO_ASM" ;;
x86_64-*-linux?) OUT="linux-x86_64" ;;
*86-*-linux2) OUT="linux-elf"
if [ "$GCCVER" -gt 28 ]; then
if grep '^model.*Pentium' /proc/cpuinfo >/dev/null ; then
options="$options -mcpu=pentium"
options="$options -march=pentium"
fi
if grep '^model.*Pentium Pro' /proc/cpuinfo >/dev/null ; then
options="$options -mcpu=pentiumpro"
options="$options -march=pentiumpro"
fi
if grep '^model.*K6' /proc/cpuinfo >/dev/null ; then
options="$options -mcpu=k6"
options="$options -march=k6"
fi
fi ;;
*-*-linux1) OUT="linux-aout" ;;
@ -774,7 +777,7 @@ esac
# options="$options -DATALLA"
#fi
# gcc < 2.8 does not support -mcpu=ultrasparc
# gcc < 2.8 does not support -march=ultrasparc
if [ "$OUT" = solaris-sparcv9-gcc -a $GCCVER -lt 28 ]
then
echo "WARNING! Falling down to 'solaris-sparcv8-gcc'."

View File

@ -105,6 +105,13 @@ aes_ctr.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
aes_ctr.o: ../../include/openssl/opensslconf.h aes_ctr.c aes_locl.h
aes_ecb.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
aes_ecb.o: ../../include/openssl/opensslconf.h aes_ecb.c aes_locl.h
aes_ige.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/bio.h
aes_ige.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
aes_ige.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
aes_ige.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
aes_ige.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
aes_ige.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
aes_ige.o: ../../include/openssl/symhacks.h ../cryptlib.h aes_ige.c aes_locl.h
aes_misc.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
aes_misc.o: ../../include/openssl/opensslconf.h
aes_misc.o: ../../include/openssl/opensslv.h aes_locl.h aes_misc.c

View File

@ -53,7 +53,7 @@
#include <openssl/aes.h>
#include "aes_locl.h"
const char *AES_version="AES" OPENSSL_VERSION_PTEXT;
const char AES_version[]="AES" OPENSSL_VERSION_PTEXT;
const char *AES_options(void) {
#ifdef FULL_UNROLL

View File

@ -170,7 +170,7 @@ static int do_buf(unsigned char *buf, int buflen,
q = buf + buflen;
outlen = 0;
while(p != q) {
if(p == buf) orflags = CHARTYPE_FIRST_ESC_2253;
if(p == buf && flags & ASN1_STRFLGS_ESC_2253) orflags = CHARTYPE_FIRST_ESC_2253;
else orflags = 0;
switch(type & BUF_TYPE_WIDTH_MASK) {
case 4:
@ -197,7 +197,7 @@ static int do_buf(unsigned char *buf, int buflen,
default:
return -1; /* invalid width */
}
if (p == q) orflags = CHARTYPE_LAST_ESC_2253;
if (p == q && flags & ASN1_STRFLGS_ESC_2253) orflags = CHARTYPE_LAST_ESC_2253;
if(type & BUF_TYPE_CONVUTF8) {
unsigned char utfbuf[6];
int utflen;

View File

@ -123,7 +123,7 @@ static ERR_STRING_DATA ASN1_str_functs[]=
{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_EX_D2I), "ASN1_TEMPLATE_EX_D2I"},
{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NEW), "ASN1_TEMPLATE_NEW"},
{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I), "ASN1_TEMPLATE_NOEXP_D2I"},
{ERR_FUNC(ASN1_F_ASN1_TIME_SET), "ASN1_TIME_SET"},
{ERR_FUNC(ASN1_F_ASN1_TIME_SET), "ASN1_TIME_set"},
{ERR_FUNC(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING), "ASN1_TYPE_get_int_octetstring"},
{ERR_FUNC(ASN1_F_ASN1_TYPE_GET_OCTETSTRING), "ASN1_TYPE_get_octetstring"},
{ERR_FUNC(ASN1_F_ASN1_UNPACK_STRING), "ASN1_unpack_string"},
@ -168,10 +168,10 @@ static ERR_STRING_DATA ASN1_str_functs[]=
{ERR_FUNC(ASN1_F_OID_MODULE_INIT), "OID_MODULE_INIT"},
{ERR_FUNC(ASN1_F_PARSE_TAGGING), "PARSE_TAGGING"},
{ERR_FUNC(ASN1_F_PKCS5_PBE2_SET), "PKCS5_pbe2_set"},
{ERR_FUNC(ASN1_F_PKCS5_PBE_SET), "PKCS5_PBE_SET"},
{ERR_FUNC(ASN1_F_PKCS5_PBE_SET), "PKCS5_pbe_set"},
{ERR_FUNC(ASN1_F_X509_CINF_NEW), "X509_CINF_NEW"},
{ERR_FUNC(ASN1_F_X509_CRL_ADD0_REVOKED), "X509_CRL_ADD0_REVOKED"},
{ERR_FUNC(ASN1_F_X509_INFO_NEW), "X509_INFO_NEW"},
{ERR_FUNC(ASN1_F_X509_CRL_ADD0_REVOKED), "X509_CRL_add0_revoked"},
{ERR_FUNC(ASN1_F_X509_INFO_NEW), "X509_INFO_new"},
{ERR_FUNC(ASN1_F_X509_NAME_ENCODE), "X509_NAME_ENCODE"},
{ERR_FUNC(ASN1_F_X509_NAME_EX_D2I), "X509_NAME_EX_D2I"},
{ERR_FUNC(ASN1_F_X509_NAME_EX_NEW), "X509_NAME_EX_NEW"},
@ -287,15 +287,12 @@ static ERR_STRING_DATA ASN1_str_reasons[]=
void ERR_load_ASN1_strings(void)
{
static int init=1;
if (init)
{
init=0;
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(ASN1_str_functs[0].error) == NULL)
{
ERR_load_strings(0,ASN1_str_functs);
ERR_load_strings(0,ASN1_str_reasons);
}
#endif
}
}

View File

@ -64,7 +64,7 @@
static int asn1_get_length(const unsigned char **pp,int *inf,long *rl,int max);
static void asn1_put_length(unsigned char **pp, int length);
const char *ASN1_version="ASN.1" OPENSSL_VERSION_PTEXT;
const char ASN1_version[]="ASN.1" OPENSSL_VERSION_PTEXT;
static int _asn1_check_infinite_end(const unsigned char **p, long len)
{

View File

@ -99,7 +99,7 @@ extern "C" {
#define ASN1_ITEM_start(itname) \
const ASN1_ITEM * itname##_it(void) \
{ \
static const ASN1_ITEM local_it = { \
static const ASN1_ITEM local_it = {
#define ASN1_ITEM_end(itname) \
}; \

View File

@ -445,9 +445,9 @@ int ASN1_UTCTIME_print(BIO *bp, ASN1_UTCTIME *tm)
int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
{
char *s,*c,*b;
int ret=0,l,ll,i,first=1;
int ret=0,l,i;
ll=80-2-obase;
l=80-2-obase;
b=s=X509_NAME_oneline(name,NULL,0);
if (!*s)
@ -457,7 +457,6 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
}
s++; /* skip the first slash */
l=ll;
c=s;
for (;;)
{
@ -479,16 +478,6 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
(*s == '\0'))
#endif
{
if ((l <= 0) && !first)
{
first=0;
if (BIO_write(bp,"\n",1) != 1) goto err;
for (i=0; i<obase; i++)
{
if (BIO_write(bp," ",1) != 1) goto err;
}
l=ll;
}
i=s-c;
if (BIO_write(bp,c,i) != i) goto err;
c+=i;

View File

@ -93,7 +93,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
int tag, int aclass, char opt, ASN1_TLC *ctx);
/* Table to convert tags to bit values, used for MSTRING type */
static unsigned long tag2bit[32] = {
static const unsigned long tag2bit[32] = {
0, 0, 0, B_ASN1_BIT_STRING, /* tags 0 - 3 */
B_ASN1_OCTET_STRING, 0, 0, B_ASN1_UNKNOWN,/* tags 4- 7 */
B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,/* tags 8-11 */

View File

@ -94,6 +94,10 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
ret->ex_pathlen = -1;
ret->skid = NULL;
ret->akid = NULL;
#ifndef OPENSSL_NO_RFC3779
ret->rfc3779_addr = NULL;
ret->rfc3779_asid = NULL;
#endif
ret->aux = NULL;
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
break;
@ -109,6 +113,10 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
ASN1_OCTET_STRING_free(ret->skid);
AUTHORITY_KEYID_free(ret->akid);
policy_cache_free(ret->policy_cache);
#ifndef OPENSSL_NO_RFC3779
sk_IPAddressFamily_pop_free(ret->rfc3779_addr, IPAddressFamily_free);
ASIdentifiers_free(ret->rfc3779_asid);
#endif
if (ret->name != NULL) OPENSSL_free(ret->name);
break;

View File

@ -65,7 +65,7 @@
* CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
*/
const char *BF_version="Blowfish" OPENSSL_VERSION_PTEXT;
const char BF_version[]="Blowfish" OPENSSL_VERSION_PTEXT;
const char *BF_options(void)
{

View File

@ -196,28 +196,32 @@ extern "C" {
*/
#define BIO_FLAGS_MEM_RDONLY 0x200
#define BIO_set_flags(b,f) ((b)->flags|=(f))
#define BIO_get_flags(b) ((b)->flags)
typedef struct bio_st BIO;
void BIO_set_flags(BIO *b, int flags);
int BIO_test_flags(const BIO *b, int flags);
void BIO_clear_flags(BIO *b, int flags);
#define BIO_get_flags(b) BIO_test_flags(b, ~(0x0))
#define BIO_set_retry_special(b) \
((b)->flags|=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
BIO_set_flags(b, (BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
#define BIO_set_retry_read(b) \
((b)->flags|=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
BIO_set_flags(b, (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
#define BIO_set_retry_write(b) \
((b)->flags|=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
BIO_set_flags(b, (BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
/* These are normally used internally in BIOs */
#define BIO_clear_flags(b,f) ((b)->flags&= ~(f))
#define BIO_clear_retry_flags(b) \
((b)->flags&= ~(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
BIO_clear_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
#define BIO_get_retry_flags(b) \
((b)->flags&(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
BIO_test_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
/* These should be used by the application to tell why we should retry */
#define BIO_should_read(a) ((a)->flags & BIO_FLAGS_READ)
#define BIO_should_write(a) ((a)->flags & BIO_FLAGS_WRITE)
#define BIO_should_io_special(a) ((a)->flags & BIO_FLAGS_IO_SPECIAL)
#define BIO_retry_type(a) ((a)->flags & BIO_FLAGS_RWS)
#define BIO_should_retry(a) ((a)->flags & BIO_FLAGS_SHOULD_RETRY)
#define BIO_should_read(a) BIO_test_flags(a, BIO_FLAGS_READ)
#define BIO_should_write(a) BIO_test_flags(a, BIO_FLAGS_WRITE)
#define BIO_should_io_special(a) BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL)
#define BIO_retry_type(a) BIO_test_flags(a, BIO_FLAGS_RWS)
#define BIO_should_retry(a) BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY)
/* The next three are used in conjunction with the
* BIO_should_io_special() condition. After this returns true,
@ -246,14 +250,14 @@ extern "C" {
#define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN))
#define BIO_cb_post(a) ((a)&BIO_CB_RETURN)
#define BIO_set_callback(b,cb) ((b)->callback=(cb))
#define BIO_set_callback_arg(b,arg) ((b)->cb_arg=(char *)(arg))
#define BIO_get_callback_arg(b) ((b)->cb_arg)
#define BIO_get_callback(b) ((b)->callback)
#define BIO_method_name(b) ((b)->method->name)
#define BIO_method_type(b) ((b)->method->type)
long (*BIO_get_callback(const BIO *b)) (struct bio_st *,int,const char *,int, long,long);
void BIO_set_callback(BIO *b,
long (*callback)(struct bio_st *,int,const char *,int, long,long));
char *BIO_get_callback_arg(const BIO *b);
void BIO_set_callback_arg(BIO *b, char *arg);
typedef struct bio_st BIO;
const char * BIO_method_name(const BIO *b);
int BIO_method_type(const BIO *b);
typedef void bio_info_cb(struct bio_st *, int, const char *, int, long, long);
@ -386,6 +390,7 @@ typedef struct bio_f_buffer_ctx_struct
#define BIO_C_NWRITE0 145
#define BIO_C_NWRITE 146
#define BIO_C_RESET_READ_REQUEST 147
#define BIO_C_SET_MD_CTX 148
#define BIO_set_app_data(s,arg) BIO_set_ex_data(s,0,arg)

View File

@ -143,15 +143,12 @@ static ERR_STRING_DATA BIO_str_reasons[]=
void ERR_load_BIO_strings(void)
{
static int init=1;
if (init)
{
init=0;
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(BIO_str_functs[0].error) == NULL)
{
ERR_load_strings(0,BIO_str_functs);
ERR_load_strings(0,BIO_str_reasons);
}
#endif
}
}

View File

@ -141,6 +141,52 @@ int BIO_free(BIO *a)
void BIO_vfree(BIO *a)
{ BIO_free(a); }
void BIO_clear_flags(BIO *b, int flags)
{
b->flags &= ~flags;
}
int BIO_test_flags(const BIO *b, int flags)
{
return (b->flags & flags);
}
void BIO_set_flags(BIO *b, int flags)
{
b->flags |= flags;
}
long (*BIO_get_callback(const BIO *b))(struct bio_st *,int,const char *,int, long,long)
{
return b->callback;
}
void BIO_set_callback(BIO *b, long (*cb)(struct bio_st *,int,const char *,int, long,long))
{
b->callback = cb;
}
void BIO_set_callback_arg(BIO *b, char *arg)
{
b->cb_arg = arg;
}
char * BIO_get_callback_arg(const BIO *b)
{
return b->cb_arg;
}
const char * BIO_method_name(const BIO *b)
{
return b->method->name;
}
int BIO_method_type(const BIO *b)
{
return b->method->type;
}
int BIO_read(BIO *b, void *out, int outl)
{
int i;

View File

@ -137,15 +137,12 @@ static ERR_STRING_DATA BN_str_reasons[]=
void ERR_load_BN_strings(void)
{
static int init=1;
if (init)
{
init=0;
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(BN_str_functs[0].error) == NULL)
{
ERR_load_strings(0,BN_str_functs);
ERR_load_strings(0,BN_str_reasons);
}
#endif
}
}

View File

@ -67,7 +67,7 @@
#include "cryptlib.h"
#include "bn_lcl.h"
const char *BN_version="Big Number" OPENSSL_VERSION_PTEXT;
const char BN_version[]="Big Number" OPENSSL_VERSION_PTEXT;
/* This stuff appears to be completely unused, so is deprecated */
#ifndef OPENSSL_NO_DEPRECATED

View File

@ -62,7 +62,7 @@
#include <openssl/buffer.h>
#include "bn_lcl.h"
static const char *Hex="0123456789ABCDEF";
static const char Hex[]="0123456789ABCDEF";
/* Must 'OPENSSL_free' the returned data */
char *BN_bn2hex(const BIGNUM *a)

View File

@ -88,15 +88,12 @@ static ERR_STRING_DATA BUF_str_reasons[]=
void ERR_load_BUF_strings(void)
{
static int init=1;
if (init)
{
init=0;
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(BUF_str_functs[0].error) == NULL)
{
ERR_load_strings(0,BUF_str_functs);
ERR_load_strings(0,BUF_str_reasons);
}
#endif
}
}

View File

@ -85,19 +85,19 @@ clean:
# DO NOT DELETE THIS LINE -- make depend depends on it.
camellia.o: ../../include/openssl/opensslconf.h camellia.c camellia.h
camellia.o: cmll_locl.h
cmll_cbc.o: ../../include/openssl/camellia.h
camellia.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
camellia.o: camellia.c camellia.h cmll_locl.h
cmll_cbc.o: ../../include/openssl/camellia.h ../../include/openssl/e_os2.h
cmll_cbc.o: ../../include/openssl/opensslconf.h cmll_cbc.c cmll_locl.h
cmll_cfb.o: ../../e_os.h ../../include/openssl/camellia.h
cmll_cfb.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
cmll_cfb.o: cmll_cfb.c cmll_locl.h
cmll_ctr.o: ../../include/openssl/camellia.h
cmll_ctr.o: ../../include/openssl/camellia.h ../../include/openssl/e_os2.h
cmll_ctr.o: ../../include/openssl/opensslconf.h cmll_ctr.c cmll_locl.h
cmll_ecb.o: ../../include/openssl/camellia.h
cmll_ecb.o: ../../include/openssl/camellia.h ../../include/openssl/e_os2.h
cmll_ecb.o: ../../include/openssl/opensslconf.h cmll_ecb.c cmll_locl.h
cmll_misc.o: ../../include/openssl/camellia.h
cmll_misc.o: ../../include/openssl/camellia.h ../../include/openssl/e_os2.h
cmll_misc.o: ../../include/openssl/opensslconf.h
cmll_misc.o: ../../include/openssl/opensslv.h cmll_locl.h cmll_misc.c
cmll_ofb.o: ../../include/openssl/camellia.h
cmll_ofb.o: ../../include/openssl/camellia.h ../../include/openssl/e_os2.h
cmll_ofb.o: ../../include/openssl/opensslconf.h cmll_locl.h cmll_ofb.c

View File

@ -76,12 +76,7 @@
#include "camellia.h"
#include "cmll_locl.h"
/*
* must be defined uint32_t
*/
/* key constants */
#define CAMELLIA_SIGMA1L (0xA09E667FL)
#define CAMELLIA_SIGMA1R (0x3BCC908BL)
#define CAMELLIA_SIGMA2L (0xB67AE858L)
@ -100,18 +95,9 @@
*/
/* e is pointer of subkey */
#ifdef L_ENDIAN
#define CamelliaSubkeyL(INDEX) (subkey[(INDEX)*2 + 1])
#define CamelliaSubkeyR(INDEX) (subkey[(INDEX)*2])
#else /* big endian */
#define CamelliaSubkeyL(INDEX) (subkey[(INDEX)*2])
#define CamelliaSubkeyR(INDEX) (subkey[(INDEX)*2 + 1])
#endif /* IS_LITTLE_ENDIAN */
/* rotation right shift 1byte */
#define CAMELLIA_RR8(x) (((x) >> 8) + ((x) << 24))
/* rotation left shift 1bit */
@ -170,44 +156,6 @@ do \
* for speed up
*
*/
#if !defined(_MSC_VER)
#define CAMELLIA_FLS(ll, lr, rl, rr, kll, klr, krl, krr, t0, t1, t2, t3) \
do \
{ \
t0 = kll; \
t2 = krr; \
t0 &= ll; \
t2 |= rr; \
rl ^= t2; \
lr ^= CAMELLIA_RL1(t0); \
t3 = krl; \
t1 = klr; \
t3 &= rl; \
t1 |= lr; \
ll ^= t1; \
rr ^= CAMELLIA_RL1(t3); \
} while(0)
#define CAMELLIA_ROUNDSM(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \
do \
{ \
ir = CAMELLIA_SP1110(xr & 0xff); \
il = CAMELLIA_SP1110((xl>>24) & 0xff); \
ir ^= CAMELLIA_SP0222((xr>>24) & 0xff); \
il ^= CAMELLIA_SP0222((xl>>16) & 0xff); \
ir ^= CAMELLIA_SP3033((xr>>16) & 0xff); \
il ^= CAMELLIA_SP3033((xl>>8) & 0xff); \
ir ^= CAMELLIA_SP4404((xr>>8) & 0xff); \
il ^= CAMELLIA_SP4404(xl & 0xff); \
il ^= kl; \
ir ^= il ^ kr; \
yl ^= ir; \
yr ^= CAMELLIA_RR8(il) ^ ir; \
} while(0)
#else /* for MS-VC */
#define CAMELLIA_FLS(ll, lr, rl, rr, kll, klr, krl, krr, t0, t1, t2, t3) \
do \
{ \
@ -249,9 +197,8 @@ do \
yl ^= ir; \
yr ^= il; \
} while(0)
#endif
static const uint32_t camellia_sp1110[256] =
static const u32 camellia_sp1110[256] =
{
0x70707000,0x82828200,0x2c2c2c00,0xececec00,
0xb3b3b300,0x27272700,0xc0c0c000,0xe5e5e500,
@ -319,7 +266,7 @@ static const uint32_t camellia_sp1110[256] =
0x77777700,0xc7c7c700,0x80808000,0x9e9e9e00,
};
static const uint32_t camellia_sp0222[256] =
static const u32 camellia_sp0222[256] =
{
0x00e0e0e0,0x00050505,0x00585858,0x00d9d9d9,
0x00676767,0x004e4e4e,0x00818181,0x00cbcbcb,
@ -387,7 +334,7 @@ static const uint32_t camellia_sp0222[256] =
0x00eeeeee,0x008f8f8f,0x00010101,0x003d3d3d,
};
static const uint32_t camellia_sp3033[256] =
static const u32 camellia_sp3033[256] =
{
0x38003838,0x41004141,0x16001616,0x76007676,
0xd900d9d9,0x93009393,0x60006060,0xf200f2f2,
@ -455,7 +402,7 @@ static const uint32_t camellia_sp3033[256] =
0xbb00bbbb,0xe300e3e3,0x40004040,0x4f004f4f,
};
static const uint32_t camellia_sp4404[256] =
static const u32 camellia_sp4404[256] =
{
0x70700070,0x2c2c002c,0xb3b300b3,0xc0c000c0,
0xe4e400e4,0x57570057,0xeaea00ea,0xaeae00ae,
@ -523,20 +470,19 @@ static const uint32_t camellia_sp4404[256] =
0xe3e300e3,0xf4f400f4,0xc7c700c7,0x9e9e009e,
};
/**
* Stuff related to the Camellia key schedule
*/
#define subl(x) subL[(x)]
#define subr(x) subR[(x)]
void camellia_setup128(const unsigned char *key, uint32_t *subkey)
void camellia_setup128(const u8 *key, u32 *subkey)
{
uint32_t kll, klr, krl, krr;
uint32_t il, ir, t0, t1, w0, w1;
uint32_t kw4l, kw4r, dw, tl, tr;
uint32_t subL[26];
uint32_t subR[26];
u32 kll, klr, krl, krr;
u32 il, ir, t0, t1, w0, w1;
u32 kw4l, kw4r, dw, tl, tr;
u32 subL[26];
u32 subR[26];
/**
* k == kll || klr || krl || krr (|| is concatination)
@ -833,14 +779,14 @@ void camellia_setup128(const unsigned char *key, uint32_t *subkey)
return;
}
void camellia_setup256(const unsigned char *key, uint32_t *subkey)
void camellia_setup256(const u8 *key, u32 *subkey)
{
uint32_t kll,klr,krl,krr; /* left half of key */
uint32_t krll,krlr,krrl,krrr; /* right half of key */
uint32_t il, ir, t0, t1, w0, w1; /* temporary variables */
uint32_t kw4l, kw4r, dw, tl, tr;
uint32_t subL[34];
uint32_t subR[34];
u32 kll,klr,krl,krr; /* left half of key */
u32 krll,krlr,krrl,krrr; /* right half of key */
u32 il, ir, t0, t1, w0, w1; /* temporary variables */
u32 kw4l, kw4r, dw, tl, tr;
u32 subL[34];
u32 subR[34];
/**
* key = (kll || klr || krl || krr || krll || krlr || krrl || krrr)
@ -1245,18 +1191,18 @@ void camellia_setup256(const unsigned char *key, uint32_t *subkey)
return;
}
void camellia_setup192(const unsigned char *key, uint32_t *subkey)
void camellia_setup192(const u8 *key, u32 *subkey)
{
unsigned char kk[32];
uint32_t krll, krlr, krrl,krrr;
u8 kk[32];
u32 krll, krlr, krrl,krrr;
memcpy(kk, key, 24);
memcpy((unsigned char *)&krll, key+16,4);
memcpy((unsigned char *)&krlr, key+20,4);
memcpy((u8 *)&krll, key+16,4);
memcpy((u8 *)&krlr, key+20,4);
krrl = ~krll;
krrr = ~krlr;
memcpy(kk+24, (unsigned char *)&krrl, 4);
memcpy(kk+28, (unsigned char *)&krrr, 4);
memcpy(kk+24, (u8 *)&krrl, 4);
memcpy(kk+28, (u8 *)&krrr, 4);
camellia_setup256(kk, subkey);
return;
}
@ -1265,11 +1211,10 @@ void camellia_setup192(const unsigned char *key, uint32_t *subkey)
/**
* Stuff related to camellia encryption/decryption
*/
void camellia_encrypt128(const uint32_t *subkey, uint32_t *io)
void camellia_encrypt128(const u32 *subkey, u32 *io)
{
uint32_t il, ir, t0, t1;
u32 il, ir, t0, t1;
SWAP4WORD(io);
/* pre whitening but absorb kw2*/
io[0] ^= CamelliaSubkeyL(0);
io[1] ^= CamelliaSubkeyR(0);
@ -1352,16 +1297,13 @@ void camellia_encrypt128(const uint32_t *subkey, uint32_t *io)
io[1] = io[3];
io[2] = t0;
io[3] = t1;
SWAP4WORD(io);
return;
}
void camellia_decrypt128(const uint32_t *subkey, uint32_t *io)
void camellia_decrypt128(const u32 *subkey, u32 *io)
{
uint32_t il,ir,t0,t1; /* temporary valiables */
SWAP4WORD(io);
u32 il,ir,t0,t1; /* temporary valiables */
/* pre whitening but absorb kw2*/
io[0] ^= CamelliaSubkeyL(24);
@ -1445,7 +1387,6 @@ void camellia_decrypt128(const uint32_t *subkey, uint32_t *io)
io[1] = io[3];
io[2] = t0;
io[3] = t1;
SWAP4WORD(io);
return;
}
@ -1453,11 +1394,9 @@ void camellia_decrypt128(const uint32_t *subkey, uint32_t *io)
/**
* stuff for 192 and 256bit encryption/decryption
*/
void camellia_encrypt256(const uint32_t *subkey, uint32_t *io)
void camellia_encrypt256(const u32 *subkey, u32 *io)
{
uint32_t il,ir,t0,t1; /* temporary valiables */
SWAP4WORD(io);
u32 il,ir,t0,t1; /* temporary valiables */
/* pre whitening but absorb kw2*/
io[0] ^= CamelliaSubkeyL(0);
@ -1565,16 +1504,14 @@ void camellia_encrypt256(const uint32_t *subkey, uint32_t *io)
io[1] = io[3];
io[2] = t0;
io[3] = t1;
SWAP4WORD(io);
return;
}
void camellia_decrypt256(const uint32_t *subkey, uint32_t *io)
void camellia_decrypt256(const u32 *subkey, u32 *io)
{
uint32_t il,ir,t0,t1; /* temporary valiables */
u32 il,ir,t0,t1; /* temporary valiables */
SWAP4WORD(io);
/* pre whitening but absorb kw2*/
io[0] ^= CamelliaSubkeyL(32);
io[1] ^= CamelliaSubkeyR(32);
@ -1681,7 +1618,6 @@ void camellia_decrypt256(const uint32_t *subkey, uint32_t *io)
io[1] = io[3];
io[2] = t0;
io[3] = t1;
SWAP4WORD(io);
return;
}

View File

@ -67,25 +67,28 @@ void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
unsigned long n;
unsigned long len = length;
unsigned char tmp[CAMELLIA_BLOCK_SIZE];
const unsigned char *iv = ivec;
uint32_t t32[UNITSIZE];
union { u32 t32[CAMELLIA_BLOCK_SIZE/sizeof(u32)];
u8 t8 [CAMELLIA_BLOCK_SIZE]; } tmp;
const union { long one; char little; } camellia_endian = {1};
assert(in && out && key && ivec);
assert((CAMELLIA_ENCRYPT == enc)||(CAMELLIA_DECRYPT == enc));
if(((size_t)in) % ALIGN == 0
&& ((size_t)out) % ALIGN == 0
&& ((size_t)ivec) % ALIGN == 0)
if(((size_t)in|(size_t)out|(size_t)ivec) % sizeof(u32) == 0)
{
if (CAMELLIA_ENCRYPT == enc)
{
while (len >= CAMELLIA_BLOCK_SIZE)
{
XOR4WORD2((uint32_t *)out,
(uint32_t *)in, (uint32_t *)iv);
key->enc(key->rd_key, (uint32_t *)out);
XOR4WORD2((u32 *)out,
(u32 *)in, (u32 *)iv);
if (camellia_endian.little)
SWAP4WORD((u32 *)out);
key->enc(key->rd_key, (u32 *)out);
if (camellia_endian.little)
SWAP4WORD((u32 *)out);
iv = out;
len -= CAMELLIA_BLOCK_SIZE;
in += CAMELLIA_BLOCK_SIZE;
@ -97,7 +100,11 @@ void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
out[n] = in[n] ^ iv[n];
for(n=len; n < CAMELLIA_BLOCK_SIZE; ++n)
out[n] = iv[n];
key->enc(key->rd_key, (uint32_t *)out);
if (camellia_endian.little)
SWAP4WORD((u32 *)out);
key->enc(key->rd_key, (u32 *)out);
if (camellia_endian.little)
SWAP4WORD((u32 *)out);
iv = out;
}
memcpy(ivec,iv,CAMELLIA_BLOCK_SIZE);
@ -107,8 +114,12 @@ void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
while (len >= CAMELLIA_BLOCK_SIZE)
{
memcpy(out,in,CAMELLIA_BLOCK_SIZE);
key->dec(key->rd_key,(uint32_t *)out);
XOR4WORD((uint32_t *)out, (uint32_t *)iv);
if (camellia_endian.little)
SWAP4WORD((u32 *)out);
key->dec(key->rd_key,(u32 *)out);
if (camellia_endian.little)
SWAP4WORD((u32 *)out);
XOR4WORD((u32 *)out, (u32 *)iv);
iv = in;
len -= CAMELLIA_BLOCK_SIZE;
in += CAMELLIA_BLOCK_SIZE;
@ -116,10 +127,14 @@ void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
}
if (len)
{
memcpy(tmp, in, CAMELLIA_BLOCK_SIZE);
key->dec(key->rd_key, (uint32_t *)tmp);
memcpy(tmp.t8, in, CAMELLIA_BLOCK_SIZE);
if (camellia_endian.little)
SWAP4WORD(tmp.t32);
key->dec(key->rd_key, tmp.t32);
if (camellia_endian.little)
SWAP4WORD(tmp.t32);
for(n=0; n < len; ++n)
out[n] = tmp[n] ^ iv[n];
out[n] = tmp.t8[n] ^ iv[n];
iv = in;
}
memcpy(ivec,iv,CAMELLIA_BLOCK_SIZE);
@ -128,23 +143,31 @@ void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
{
while (len >= CAMELLIA_BLOCK_SIZE)
{
memcpy(tmp, in, CAMELLIA_BLOCK_SIZE);
key->dec(key->rd_key, (uint32_t *)out);
XOR4WORD((uint32_t *)out, (uint32_t *)ivec);
memcpy(ivec, tmp, CAMELLIA_BLOCK_SIZE);
memcpy(tmp.t8, in, CAMELLIA_BLOCK_SIZE);
if (camellia_endian.little)
SWAP4WORD((u32 *)out);
key->dec(key->rd_key, (u32 *)out);
if (camellia_endian.little)
SWAP4WORD((u32 *)out);
XOR4WORD((u32 *)out, (u32 *)ivec);
memcpy(ivec, tmp.t8, CAMELLIA_BLOCK_SIZE);
len -= CAMELLIA_BLOCK_SIZE;
in += CAMELLIA_BLOCK_SIZE;
out += CAMELLIA_BLOCK_SIZE;
}
if (len)
{
memcpy(tmp, in, CAMELLIA_BLOCK_SIZE);
key->dec(key->rd_key,(uint32_t *)out);
memcpy(tmp.t8, in, CAMELLIA_BLOCK_SIZE);
if (camellia_endian.little)
SWAP4WORD((u32 *)out);
key->dec(key->rd_key,(u32 *)out);
if (camellia_endian.little)
SWAP4WORD((u32 *)out);
for(n=0; n < len; ++n)
out[n] ^= ivec[n];
for(n=len; n < CAMELLIA_BLOCK_SIZE; ++n)
out[n] = tmp[n];
memcpy(ivec, tmp, CAMELLIA_BLOCK_SIZE);
out[n] = tmp.t8[n];
memcpy(ivec, tmp.t8, CAMELLIA_BLOCK_SIZE);
}
}
}
@ -155,10 +178,13 @@ void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
while (len >= CAMELLIA_BLOCK_SIZE)
{
for(n=0; n < CAMELLIA_BLOCK_SIZE; ++n)
out[n] = in[n] ^ iv[n];
memcpy(t32, out, CAMELLIA_BLOCK_SIZE);
key->enc(key->rd_key, t32);
memcpy(out, t32, CAMELLIA_BLOCK_SIZE);
tmp.t8[n] = in[n] ^ iv[n];
if (camellia_endian.little)
SWAP4WORD(tmp.t32);
key->enc(key->rd_key, tmp.t32);
if (camellia_endian.little)
SWAP4WORD(tmp.t32);
memcpy(out, tmp.t8, CAMELLIA_BLOCK_SIZE);
iv = out;
len -= CAMELLIA_BLOCK_SIZE;
in += CAMELLIA_BLOCK_SIZE;
@ -167,10 +193,15 @@ void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
if (len)
{
for(n=0; n < len; ++n)
out[n] = in[n] ^ iv[n];
tmp.t8[n] = in[n] ^ iv[n];
for(n=len; n < CAMELLIA_BLOCK_SIZE; ++n)
out[n] = iv[n];
key->enc(key->rd_key, (uint32_t *)out);
tmp.t8[n] = iv[n];
if (camellia_endian.little)
SWAP4WORD(tmp.t32);
key->enc(key->rd_key, tmp.t32);
if (camellia_endian.little)
SWAP4WORD(tmp.t32);
memcpy(out, tmp.t8, CAMELLIA_BLOCK_SIZE);
iv = out;
}
memcpy(ivec,iv,CAMELLIA_BLOCK_SIZE);
@ -179,11 +210,14 @@ void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
{
while (len >= CAMELLIA_BLOCK_SIZE)
{
memcpy(t32,in,CAMELLIA_BLOCK_SIZE);
key->dec(key->rd_key,t32);
memcpy(out,t32,CAMELLIA_BLOCK_SIZE);
memcpy(tmp.t8,in,CAMELLIA_BLOCK_SIZE);
if (camellia_endian.little)
SWAP4WORD(tmp.t32);
key->dec(key->rd_key,tmp.t32);
if (camellia_endian.little)
SWAP4WORD(tmp.t32);
for(n=0; n < CAMELLIA_BLOCK_SIZE; ++n)
out[n] ^= iv[n];
out[n] = tmp.t8[n] ^ iv[n];
iv = in;
len -= CAMELLIA_BLOCK_SIZE;
in += CAMELLIA_BLOCK_SIZE;
@ -191,12 +225,14 @@ void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
}
if (len)
{
memcpy(tmp, in, CAMELLIA_BLOCK_SIZE);
memcpy(t32, in, CAMELLIA_BLOCK_SIZE);
key->dec(key->rd_key, t32);
memcpy(out, t32, CAMELLIA_BLOCK_SIZE);
memcpy(tmp.t8, in, CAMELLIA_BLOCK_SIZE);
if (camellia_endian.little)
SWAP4WORD(tmp.t32);
key->dec(key->rd_key, tmp.t32);
if (camellia_endian.little)
SWAP4WORD(tmp.t32);
for(n=0; n < len; ++n)
out[n] = tmp[n] ^ iv[n];
out[n] = tmp.t8[n] ^ iv[n];
iv = in;
}
memcpy(ivec,iv,CAMELLIA_BLOCK_SIZE);
@ -205,30 +241,33 @@ void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
{
while (len >= CAMELLIA_BLOCK_SIZE)
{
memcpy(tmp, in, CAMELLIA_BLOCK_SIZE);
memcpy(t32, in, CAMELLIA_BLOCK_SIZE);
key->dec(key->rd_key, t32);
memcpy(out, t32, CAMELLIA_BLOCK_SIZE);
memcpy(tmp.t8, in, CAMELLIA_BLOCK_SIZE);
if (camellia_endian.little)
SWAP4WORD(tmp.t32);
key->dec(key->rd_key, tmp.t32);
if (camellia_endian.little)
SWAP4WORD(tmp.t32);
for(n=0; n < CAMELLIA_BLOCK_SIZE; ++n)
out[n] ^= ivec[n];
memcpy(ivec, tmp, CAMELLIA_BLOCK_SIZE);
tmp.t8[n] ^= ivec[n];
memcpy(ivec, in, CAMELLIA_BLOCK_SIZE);
memcpy(out, tmp.t8, CAMELLIA_BLOCK_SIZE);
len -= CAMELLIA_BLOCK_SIZE;
in += CAMELLIA_BLOCK_SIZE;
out += CAMELLIA_BLOCK_SIZE;
}
if (len)
{
memcpy(tmp, in, CAMELLIA_BLOCK_SIZE);
memcpy(t32, in, CAMELLIA_BLOCK_SIZE);
key->dec(key->rd_key,t32);
memcpy(out, t32, CAMELLIA_BLOCK_SIZE);
memcpy(tmp.t8, in, CAMELLIA_BLOCK_SIZE);
if (camellia_endian.little)
SWAP4WORD(tmp.t32);
key->dec(key->rd_key,tmp.t32);
if (camellia_endian.little)
SWAP4WORD(tmp.t32);
for(n=0; n < len; ++n)
out[n] ^= ivec[n];
for(n=len; n < CAMELLIA_BLOCK_SIZE; ++n)
out[n] = tmp[n];
memcpy(ivec, tmp, CAMELLIA_BLOCK_SIZE);
tmp.t8[n] ^= ivec[n];
memcpy(ivec, in, CAMELLIA_BLOCK_SIZE);
memcpy(out,tmp.t8,len);
}
}
}
}

View File

@ -73,55 +73,42 @@
#include <stdlib.h>
#include <string.h>
#if defined(_MSC_VER)
typedef unsigned char uint8_t;
typedef unsigned int uint32_t;
typedef unsigned __int64 uint64_t;
#else
#include <inttypes.h>
#endif
typedef unsigned char u8;
typedef unsigned int u32;
#ifdef __cplusplus
extern "C" {
#endif
#define ALIGN 4
#define UNITSIZE 4
#if defined(_MSC_VER) && (defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64))
# define SWAP(x) ( _lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00 )
# define GETU32(p) SWAP(*((uint32_t *)(p)))
# define PUTU32(ct, st) { *((uint32_t *)(ct)) = SWAP((st)); }
# define GETU32(p) SWAP(*((u32 *)(p)))
# define PUTU32(ct, st) { *((u32 *)(ct)) = SWAP((st)); }
# define CAMELLIA_SWAP4(x) (x = ( _lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00) )
#else /* not windows */
# define GETU32(pt) (((uint32_t)(pt)[0] << 24) \
^ ((uint32_t)(pt)[1] << 16) \
^ ((uint32_t)(pt)[2] << 8) \
^ ((uint32_t)(pt)[3]))
# define GETU32(pt) (((u32)(pt)[0] << 24) \
^ ((u32)(pt)[1] << 16) \
^ ((u32)(pt)[2] << 8) \
^ ((u32)(pt)[3]))
# define PUTU32(ct, st) { (ct)[0] = (uint8_t)((st) >> 24); \
(ct)[1] = (uint8_t)((st) >> 16); \
(ct)[2] = (uint8_t)((st) >> 8); \
(ct)[3] = (uint8_t)(st); }
# define PUTU32(ct, st) { (ct)[0] = (u8)((st) >> 24); \
(ct)[1] = (u8)((st) >> 16); \
(ct)[2] = (u8)((st) >> 8); \
(ct)[3] = (u8)(st); }
#ifdef L_ENDIAN
#if (defined (__GNUC__) && !defined(i386))
#if (defined (__GNUC__) && (defined(__x86_64__) || defined(__x86_64)))
#define CAMELLIA_SWAP4(x) \
do{\
asm("bswap %1" : "+r" (x));\
}while(0)
#else /* not gcc */
#else
#define CAMELLIA_SWAP4(x) \
do{\
x = ((uint32_t)x << 16) + ((uint32_t)x >> 16);\
x = (((uint32_t)x & 0xff00ff) << 8) + (((uint32_t)x >> 8) & 0xff00ff);\
x = ((u32)x << 16) + ((u32)x >> 16);\
x = (((u32)x & 0xff00ff) << 8) + (((u32)x >> 8) & 0xff00ff);\
} while(0)
#endif /* not gcc */
#else /* big endian */
#define CAMELLIA_SWAP4(x)
#endif /* L_ENDIAN */
#endif
#endif
#define COPY4WORD(dst, src) \
@ -161,14 +148,14 @@ extern "C" {
}while(0)
void camellia_setup128(const unsigned char *key, uint32_t *subkey);
void camellia_setup192(const unsigned char *key, uint32_t *subkey);
void camellia_setup256(const unsigned char *key, uint32_t *subkey);
void camellia_setup128(const u8 *key, u32 *subkey);
void camellia_setup192(const u8 *key, u32 *subkey);
void camellia_setup256(const u8 *key, u32 *subkey);
void camellia_encrypt128(const uint32_t *subkey, uint32_t *io);
void camellia_decrypt128(const uint32_t *subkey, uint32_t *io);
void camellia_encrypt256(const uint32_t *subkey, uint32_t *io);
void camellia_decrypt256(const uint32_t *subkey, uint32_t *io);
void camellia_encrypt128(const u32 *subkey, u32 *io);
void camellia_decrypt128(const u32 *subkey, u32 *io);
void camellia_encrypt256(const u32 *subkey, u32 *io);
void camellia_decrypt256(const u32 *subkey, u32 *io);
#ifdef __cplusplus
}

View File

@ -53,7 +53,7 @@
#include <openssl/camellia.h>
#include "cmll_locl.h"
const char *CAMELLIA_version="CAMELLIA" OPENSSL_VERSION_PTEXT;
const char CAMELLIA_version[]="CAMELLIA" OPENSSL_VERSION_PTEXT;
int Camellia_set_key(const unsigned char *userKey, const int bits,
CAMELLIA_KEY *key)
@ -91,20 +91,26 @@ int Camellia_set_key(const unsigned char *userKey, const int bits,
void Camellia_encrypt(const unsigned char *in, unsigned char *out,
const CAMELLIA_KEY *key)
{
uint32_t tmp[UNITSIZE];
u32 tmp[CAMELLIA_BLOCK_SIZE/sizeof(u32)];
const union { long one; char little; } camellia_endian = {1};
memcpy(tmp, in, CAMELLIA_BLOCK_SIZE);
if (camellia_endian.little) SWAP4WORD(tmp);
key->enc(key->rd_key, tmp);
if (camellia_endian.little) SWAP4WORD(tmp);
memcpy(out, tmp, CAMELLIA_BLOCK_SIZE);
}
void Camellia_decrypt(const unsigned char *in, unsigned char *out,
const CAMELLIA_KEY *key)
{
uint32_t tmp[UNITSIZE];
u32 tmp[CAMELLIA_BLOCK_SIZE/sizeof(u32)];
const union { long one; char little; } camellia_endian = {1};
memcpy(tmp, in, CAMELLIA_BLOCK_SIZE);
if (camellia_endian.little) SWAP4WORD(tmp);
key->dec(key->rd_key, tmp);
if (camellia_endian.little) SWAP4WORD(tmp);
memcpy(out, tmp, CAMELLIA_BLOCK_SIZE);
}

View File

@ -60,7 +60,7 @@
#include "cast_lcl.h"
#include <openssl/opensslv.h>
const char *CAST_version="CAST" OPENSSL_VERSION_PTEXT;
const char CAST_version[]="CAST" OPENSSL_VERSION_PTEXT;
void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out,
CAST_KEY *ks, int enc)

View File

@ -31,6 +31,24 @@ static int zlib_stateful_compress_block(COMP_CTX *ctx, unsigned char *out,
static int zlib_stateful_expand_block(COMP_CTX *ctx, unsigned char *out,
unsigned int olen, unsigned char *in, unsigned int ilen);
/* memory allocations functions for zlib intialization */
static void* zlib_zalloc(void* opaque, unsigned int no, unsigned int size)
{
void *p;
p=OPENSSL_malloc(no*size);
if (p)
memset(p, 0, no*size);
return p;
}
static void zlib_zfree(void* opaque, void* address)
{
OPENSSL_free(address);
}
#if 0
static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out,
unsigned int olen, unsigned char *in, unsigned int ilen);
@ -133,8 +151,8 @@ static int zlib_stateful_init(COMP_CTX *ctx)
if (state == NULL)
goto err;
state->istream.zalloc = Z_NULL;
state->istream.zfree = Z_NULL;
state->istream.zalloc = zlib_zalloc;
state->istream.zfree = zlib_zfree;
state->istream.opaque = Z_NULL;
state->istream.next_in = Z_NULL;
state->istream.next_out = Z_NULL;
@ -145,8 +163,8 @@ static int zlib_stateful_init(COMP_CTX *ctx)
if (err != Z_OK)
goto err;
state->ostream.zalloc = Z_NULL;
state->ostream.zfree = Z_NULL;
state->ostream.zalloc = zlib_zalloc;
state->ostream.zfree = zlib_zfree;
state->ostream.opaque = Z_NULL;
state->ostream.next_in = Z_NULL;
state->ostream.next_out = Z_NULL;
@ -158,17 +176,6 @@ static int zlib_stateful_init(COMP_CTX *ctx)
goto err;
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_COMP,ctx,&ctx->ex_data);
if (zlib_stateful_ex_idx == -1)
{
CRYPTO_w_lock(CRYPTO_LOCK_COMP);
if (zlib_stateful_ex_idx == -1)
zlib_stateful_ex_idx =
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_COMP,
0,NULL,NULL,NULL,zlib_stateful_free_ex_data);
CRYPTO_w_unlock(CRYPTO_LOCK_COMP);
if (zlib_stateful_ex_idx == -1)
goto err;
}
CRYPTO_set_ex_data(&ctx->ex_data,zlib_stateful_ex_idx,state);
return 1;
err:
@ -379,7 +386,25 @@ COMP_METHOD *COMP_zlib(void)
if (zlib_loaded)
#endif
#if defined(ZLIB) || defined(ZLIB_SHARED)
{
/* init zlib_stateful_ex_idx here so that in a multi-process
* application it's enough to intialize openssl before forking
* (idx will be inherited in all the children) */
if (zlib_stateful_ex_idx == -1)
{
CRYPTO_w_lock(CRYPTO_LOCK_COMP);
if (zlib_stateful_ex_idx == -1)
zlib_stateful_ex_idx =
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_COMP,
0,NULL,NULL,NULL,zlib_stateful_free_ex_data);
CRYPTO_w_unlock(CRYPTO_LOCK_COMP);
if (zlib_stateful_ex_idx == -1)
goto err;
}
meth = &zlib_stateful_method;
}
err:
#endif
return(meth);

View File

@ -82,15 +82,12 @@ static ERR_STRING_DATA COMP_str_reasons[]=
void ERR_load_COMP_strings(void)
{
static int init=1;
if (init)
{
init=0;
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(COMP_str_functs[0].error) == NULL)
{
ERR_load_strings(0,COMP_str_functs);
ERR_load_strings(0,COMP_str_reasons);
}
#endif
}
}

View File

@ -88,7 +88,7 @@ static int def_dump(const CONF *conf, BIO *bp);
static int def_is_number(const CONF *conf, char c);
static int def_to_int(const CONF *conf, char c);
const char *CONF_def_version="CONF_def" OPENSSL_VERSION_PTEXT;
const char CONF_def_version[]="CONF_def" OPENSSL_VERSION_PTEXT;
static CONF_METHOD default_method = {
"OpenSSL default",

View File

@ -118,15 +118,12 @@ static ERR_STRING_DATA CONF_str_reasons[]=
void ERR_load_CONF_strings(void)
{
static int init=1;
if (init)
{
init=0;
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(CONF_str_functs[0].error) == NULL)
{
ERR_load_strings(0,CONF_str_functs);
ERR_load_strings(0,CONF_str_reasons);
}
#endif
}
}

View File

@ -63,7 +63,7 @@
#include <openssl/conf_api.h>
#include <openssl/lhash.h>
const char *CONF_version="CONF" OPENSSL_VERSION_PTEXT;
const char CONF_version[]="CONF" OPENSSL_VERSION_PTEXT;
static CONF_METHOD *default_CONF_method=NULL;

View File

@ -92,15 +92,12 @@ static ERR_STRING_DATA CRYPTO_str_reasons[]=
void ERR_load_CRYPTO_strings(void)
{
static int init=1;
if (init)
{
init=0;
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(CRYPTO_str_functs[0].error) == NULL)
{
ERR_load_strings(0,CRYPTO_str_functs);
ERR_load_strings(0,CRYPTO_str_reasons);
}
#endif
}
}

View File

@ -125,7 +125,7 @@ DECLARE_STACK_OF(CRYPTO_dynlock)
IMPLEMENT_STACK_OF(CRYPTO_dynlock)
/* real #defines in crypto.h, keep these upto date */
static const char* lock_names[CRYPTO_NUM_LOCKS] =
static const char* const lock_names[CRYPTO_NUM_LOCKS] =
{
"<<ERROR>>",
"err",

View File

@ -25,7 +25,7 @@ and then you can use the 'DES_PTR' option.
The file options.txt has the options listed for best speed on quite a
few systems. Look and the options (UNROLL, PTR, RISC2 etc) and then
turn on the relevent option in the Makefile
turn on the relevant option in the Makefile.
There are some special Makefile targets that make life easier.
make cc - standard cc build

View File

@ -67,5 +67,5 @@
#define DES_version OSSL_DES_version
#define libdes_version OSSL_libdes_version
OPENSSL_EXTERN const char *OSSL_DES_version; /* SSLeay version string */
OPENSSL_EXTERN const char *OSSL_libdes_version; /* old libdes version string */
OPENSSL_EXTERN const char OSSL_DES_version[]; /* SSLeay version string */
OPENSSL_EXTERN const char OSSL_libdes_version[]; /* old libdes version string */

View File

@ -62,8 +62,8 @@
#include <openssl/opensslv.h>
#include <openssl/bio.h>
OPENSSL_GLOBAL const char *libdes_version="libdes" OPENSSL_VERSION_PTEXT;
OPENSSL_GLOBAL const char *DES_version="DES" OPENSSL_VERSION_PTEXT;
OPENSSL_GLOBAL const char libdes_version[]="libdes" OPENSSL_VERSION_PTEXT;
OPENSSL_GLOBAL const char DES_version[]="DES" OPENSSL_VERSION_PTEXT;
const char *DES_options(void)
{

View File

@ -93,15 +93,12 @@ static ERR_STRING_DATA DH_str_reasons[]=
void ERR_load_DH_strings(void)
{
static int init=1;
if (init)
{
init=0;
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(DH_str_functs[0].error) == NULL)
{
ERR_load_strings(0,DH_str_functs);
ERR_load_strings(0,DH_str_reasons);
}
#endif
}
}

View File

@ -64,7 +64,7 @@
#include <openssl/engine.h>
#endif
const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT;
const char DH_version[]="Diffie-Hellman" OPENSSL_VERSION_PTEXT;
static const DH_METHOD *default_DH_method = NULL;

View File

@ -100,15 +100,12 @@ static ERR_STRING_DATA DSA_str_reasons[]=
void ERR_load_DSA_strings(void)
{
static int init=1;
if (init)
{
init=0;
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(DSA_str_functs[0].error) == NULL)
{
ERR_load_strings(0,DSA_str_functs);
ERR_load_strings(0,DSA_str_reasons);
}
#endif
}
}

View File

@ -70,7 +70,7 @@
#include <openssl/dh.h>
#endif
const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT;
const char DSA_version[]="DSA" OPENSSL_VERSION_PTEXT;
static const DSA_METHOD *default_DSA_method = NULL;

View File

@ -136,15 +136,12 @@ static ERR_STRING_DATA DSO_str_reasons[]=
void ERR_load_DSO_strings(void)
{
static int init=1;
if (init)
{
init=0;
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(DSO_str_functs[0].error) == NULL)
{
ERR_load_strings(0,DSO_str_functs);
ERR_load_strings(0,DSO_str_reasons);
}
#endif
}
}

View File

@ -529,6 +529,8 @@ static int ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve)
ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE);
goto err;
}
curve->seed->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
curve->seed->flags |= ASN1_STRING_FLAG_BITS_LEFT;
if (!ASN1_BIT_STRING_set(curve->seed, group->seed,
(int)group->seed_len))
{
@ -1291,6 +1293,8 @@ int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out)
goto err;
}
priv_key->publicKey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
priv_key->publicKey->flags |= ASN1_STRING_FLAG_BITS_LEFT;
if (!M_ASN1_BIT_STRING_set(priv_key->publicKey, buffer,
buf_len))
{

View File

@ -227,15 +227,12 @@ static ERR_STRING_DATA EC_str_reasons[]=
void ERR_load_EC_strings(void)
{
static int init=1;
if (init)
{
init=0;
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(EC_str_functs[0].error) == NULL)
{
ERR_load_strings(0,EC_str_functs);
ERR_load_strings(0,EC_str_reasons);
}
#endif
}
}

View File

@ -71,7 +71,7 @@
static ERR_STRING_DATA ECDH_str_functs[]=
{
{ERR_FUNC(ECDH_F_ECDH_COMPUTE_KEY), "ECDH_compute_key"},
{ERR_FUNC(ECDH_F_ECDH_DATA_NEW_METHOD), "ECDH_DATA_new_method"},
{ERR_FUNC(ECDH_F_ECDH_DATA_NEW_METHOD), "ECDH_DATA_NEW_METHOD"},
{0,NULL}
};
@ -87,15 +87,12 @@ static ERR_STRING_DATA ECDH_str_reasons[]=
void ERR_load_ECDH_strings(void)
{
static int init=1;
if (init)
{
init=0;
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(ECDH_str_functs[0].error) == NULL)
{
ERR_load_strings(0,ECDH_str_functs);
ERR_load_strings(0,ECDH_str_reasons);
}
#endif
}
}

View File

@ -74,7 +74,7 @@
#endif
#include <openssl/err.h>
const char *ECDH_version="ECDH" OPENSSL_VERSION_PTEXT;
const char ECDH_version[]="ECDH" OPENSSL_VERSION_PTEXT;
static const ECDH_METHOD *default_ECDH_method = NULL;

View File

@ -261,6 +261,7 @@ void ERR_load_ECDSA_strings(void);
#define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 101
#define ECDSA_R_ERR_EC_LIB 102
#define ECDSA_R_MISSING_PARAMETERS 103
#define ECDSA_R_NEED_NEW_SETUP_VALUES 106
#define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 104
#define ECDSA_R_SIGNATURE_MALLOC_FAILED 105

View File

@ -70,7 +70,7 @@
static ERR_STRING_DATA ECDSA_str_functs[]=
{
{ERR_FUNC(ECDSA_F_ECDSA_DATA_NEW_METHOD), "ECDSA_DATA_new_method"},
{ERR_FUNC(ECDSA_F_ECDSA_DATA_NEW_METHOD), "ECDSA_DATA_NEW_METHOD"},
{ERR_FUNC(ECDSA_F_ECDSA_DO_SIGN), "ECDSA_do_sign"},
{ERR_FUNC(ECDSA_F_ECDSA_DO_VERIFY), "ECDSA_do_verify"},
{ERR_FUNC(ECDSA_F_ECDSA_SIGN_SETUP), "ECDSA_sign_setup"},
@ -83,6 +83,7 @@ static ERR_STRING_DATA ECDSA_str_reasons[]=
{ERR_REASON(ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"},
{ERR_REASON(ECDSA_R_ERR_EC_LIB) ,"err ec lib"},
{ERR_REASON(ECDSA_R_MISSING_PARAMETERS) ,"missing parameters"},
{ERR_REASON(ECDSA_R_NEED_NEW_SETUP_VALUES),"need new setup values"},
{ERR_REASON(ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED),"random number generation failed"},
{ERR_REASON(ECDSA_R_SIGNATURE_MALLOC_FAILED),"signature malloc failed"},
{0,NULL}
@ -92,15 +93,12 @@ static ERR_STRING_DATA ECDSA_str_reasons[]=
void ERR_load_ECDSA_strings(void)
{
static int init=1;
if (init)
{
init=0;
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(ECDSA_str_functs[0].error) == NULL)
{
ERR_load_strings(0,ECDSA_str_functs);
ERR_load_strings(0,ECDSA_str_reasons);
}
#endif
}
}

View File

@ -61,7 +61,7 @@
#include <openssl/err.h>
#include <openssl/bn.h>
const char *ECDSA_version="ECDSA" OPENSSL_VERSION_PTEXT;
const char ECDSA_version[]="ECDSA" OPENSSL_VERSION_PTEXT;
static const ECDSA_METHOD *default_ECDSA_method = NULL;

View File

@ -299,8 +299,21 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
goto err;
}
if (BN_is_zero(s))
{
/* if kinv and r have been supplied by the caller
* don't to generate new kinv and r values */
if (in_kinv != NULL && in_r != NULL)
{
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_NEED_NEW_SETUP_VALUES);
goto err;
}
while (BN_is_zero(s));
}
else
/* s != 0 => we have a valid signature */
break;
}
while (1);
ok = 1;
err:

View File

@ -157,15 +157,12 @@ static ERR_STRING_DATA ENGINE_str_reasons[]=
void ERR_load_ENGINE_strings(void)
{
static int init=1;
if (init)
{
init=0;
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(ENGINE_str_functs[0].error) == NULL)
{
ERR_load_strings(0,ENGINE_str_functs);
ERR_load_strings(0,ENGINE_str_reasons);
}
#endif
}
}

View File

@ -107,7 +107,7 @@ int ENGINE_set_default_ECDH(ENGINE *e)
{
if(e->ecdh_meth)
return engine_table_register(&ecdh_table,
engine_unregister_all_ECDH, e, &dummy_nid, 1, 0);
engine_unregister_all_ECDH, e, &dummy_nid, 1, 1);
return 1;
}

View File

@ -92,7 +92,7 @@ int ENGINE_set_default_ECDSA(ENGINE *e)
{
if(e->ecdsa_meth)
return engine_table_register(&ecdsa_table,
engine_unregister_all_ECDSA, e, &dummy_nid, 1, 0);
engine_unregister_all_ECDSA, e, &dummy_nid, 1, 1);
return 1;
}

View File

@ -200,6 +200,12 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr)
else
ret=0;
break;
case BIO_C_SET_MD_CTX:
if (b->init)
b->ptr=ptr;
else
ret=0;
break;
case BIO_C_DO_STATE_MACHINE:
BIO_clear_retry_flags(b);
ret=BIO_ctrl(b->next_bio,cmd,num,ptr);

View File

@ -66,7 +66,7 @@
#endif
#include "evp_locl.h"
const char *EVP_version="EVP" OPENSSL_VERSION_PTEXT;
const char EVP_version[]="EVP" OPENSSL_VERSION_PTEXT;
void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
{

View File

@ -163,15 +163,12 @@ static ERR_STRING_DATA EVP_str_reasons[]=
void ERR_load_EVP_strings(void)
{
static int init=1;
if (init)
{
init=0;
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(EVP_str_functs[0].error) == NULL)
{
ERR_load_strings(0,EVP_str_functs);
ERR_load_strings(0,EVP_str_reasons);
}
#endif
}
}

View File

@ -168,3 +168,112 @@ int EVP_CIPHER_type(const EVP_CIPHER *ctx)
}
}
int EVP_CIPHER_block_size(const EVP_CIPHER *e)
{
return e->block_size;
}
int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
{
return ctx->cipher->block_size;
}
int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl)
{
return ctx->cipher->do_cipher(ctx,out,in,inl);
}
const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx)
{
return ctx->cipher;
}
unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher)
{
return cipher->flags;
}
unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx)
{
return ctx->cipher->flags;
}
void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx)
{
return ctx->app_data;
}
void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data)
{
ctx->app_data = data;
}
int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher)
{
return cipher->iv_len;
}
int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
{
return ctx->cipher->iv_len;
}
int EVP_CIPHER_key_length(const EVP_CIPHER *cipher)
{
return cipher->key_len;
}
int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
{
return ctx->cipher->key_len;
}
int EVP_CIPHER_nid(const EVP_CIPHER *cipher)
{
return cipher->nid;
}
int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx)
{
return ctx->cipher->nid;
}
int EVP_MD_block_size(const EVP_MD *md)
{
return md->block_size;
}
int EVP_MD_type(const EVP_MD *md)
{
return md->type;
}
int EVP_MD_pkey_type(const EVP_MD *md)
{
return md->pkey_type;
}
int EVP_MD_size(const EVP_MD *md)
{
return md->md_size;
}
const EVP_MD * EVP_MD_CTX_md(const EVP_MD_CTX *ctx)
{
return ctx->digest;
}
void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags)
{
ctx->flags |= flags;
}
void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags)
{
ctx->flags &= ~flags;
}
int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags)
{
return (ctx->flags & flags);
}

View File

@ -65,7 +65,7 @@
bl = ctx->cipher->block_size;\
if(inl < bl) return 1;\
inl -= bl; \
for(i=0; i <= inl; i+=bl) \
for(i=0; i <= inl; i+=bl)
#define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \

View File

@ -100,7 +100,7 @@
#include <openssl/crypto.h>
#include <openssl/lhash.h>
const char *lh_version="lhash" OPENSSL_VERSION_PTEXT;
const char lh_version[]="lhash" OPENSSL_VERSION_PTEXT;
#undef MIN_NODES
#define MIN_NODES 16

View File

@ -63,6 +63,7 @@
#ifdef OPENSSL_NO_MD2
#error MD2 is disabled.
#endif
#include <stddef.h>
#define MD2_DIGEST_LENGTH 16
#define MD2_BLOCK 16

View File

@ -63,7 +63,7 @@
#include <openssl/opensslv.h>
#include <openssl/crypto.h>
const char *MD2_version="MD2" OPENSSL_VERSION_PTEXT;
const char MD2_version[]="MD2" OPENSSL_VERSION_PTEXT;
/* Implemented from RFC1319 The MD2 Message-Digest Algorithm
*/

View File

@ -60,6 +60,7 @@
#define HEADER_MD4_H
#include <openssl/e_os2.h>
#include <stddef.h>
#ifdef __cplusplus
extern "C" {

View File

@ -60,7 +60,7 @@
#include "md4_locl.h"
#include <openssl/opensslv.h>
const char *MD4_version="MD4" OPENSSL_VERSION_PTEXT;
const char MD4_version[]="MD4" OPENSSL_VERSION_PTEXT;
/* Implemented from RFC1186 The MD4 Message-Digest Algorithm
*/

View File

@ -60,6 +60,7 @@
#define HEADER_MD5_H
#include <openssl/e_os2.h>
#include <stddef.h>
#ifdef __cplusplus
extern "C" {

View File

@ -60,7 +60,7 @@
#include "md5_locl.h"
#include <openssl/opensslv.h>
const char *MD5_version="MD5" OPENSSL_VERSION_PTEXT;
const char MD5_version[]="MD5" OPENSSL_VERSION_PTEXT;
/* Implemented from RFC1321 The MD5 Message-Digest Algorithm
*/

View File

@ -62,12 +62,12 @@
* [including the GNU Public Licence.]
*/
#define NUM_NID 769
#define NUM_SN 765
#define NUM_LN 765
#define NUM_OBJ 721
#define NUM_NID 772
#define NUM_SN 768
#define NUM_LN 768
#define NUM_OBJ 724
static unsigned char lvalues[5107]={
static unsigned char lvalues[5116]={
0x00, /* [ 0] OBJ_undef */
0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */
@ -789,6 +789,9 @@ static unsigned char lvalues[5107]={
0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x03, /* [5082] OBJ_camellia_128_ofb128 */
0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x17, /* [5090] OBJ_camellia_192_ofb128 */
0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2B, /* [5098] OBJ_camellia_256_ofb128 */
0x55,0x1D,0x09, /* [5106] OBJ_subject_directory_attributes */
0x55,0x1D,0x1C, /* [5109] OBJ_issuing_distribution_point */
0x55,0x1D,0x1D, /* [5112] OBJ_certificate_issuer */
};
static ASN1_OBJECT nid_objs[NUM_NID]={
@ -1987,6 +1990,12 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
&(lvalues[5090]),0},
{"CAMELLIA-256-OFB","camellia-256-ofb",NID_camellia_256_ofb128,8,
&(lvalues[5098]),0},
{"subjectDirectoryAttributes","X509v3 Subject Directory Attributes",
NID_subject_directory_attributes,3,&(lvalues[5106]),0},
{"issuingDistributionPoint","X509v3 Issuing Distrubution Point",
NID_issuing_distribution_point,3,&(lvalues[5109]),0},
{"certificateIssuer","X509v3 Certificate Issuer",
NID_certificate_issuer,3,&(lvalues[5112]),0},
};
static ASN1_OBJECT *sn_objs[NUM_SN]={
@ -2203,6 +2212,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[443]),/* "caseIgnoreIA5StringSyntax" */
&(nid_objs[152]),/* "certBag" */
&(nid_objs[677]),/* "certicom-arc" */
&(nid_objs[771]),/* "certificateIssuer" */
&(nid_objs[89]),/* "certificatePolicies" */
&(nid_objs[54]),/* "challengePassword" */
&(nid_objs[407]),/* "characteristic-two-field" */
@ -2442,6 +2452,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[295]),/* "ipsecTunnel" */
&(nid_objs[296]),/* "ipsecUser" */
&(nid_objs[86]),/* "issuerAltName" */
&(nid_objs[770]),/* "issuingDistributionPoint" */
&(nid_objs[492]),/* "janetMailbox" */
&(nid_objs[150]),/* "keyBag" */
&(nid_objs[83]),/* "keyUsage" */
@ -2723,6 +2734,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[387]),/* "snmpv2" */
&(nid_objs[660]),/* "streetAddress" */
&(nid_objs[85]),/* "subjectAltName" */
&(nid_objs[769]),/* "subjectDirectoryAttributes" */
&(nid_objs[398]),/* "subjectInfoAccess" */
&(nid_objs[82]),/* "subjectKeyIdentifier" */
&(nid_objs[498]),/* "subtreeMaximumQuality" */
@ -2852,11 +2864,13 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[103]),/* "X509v3 CRL Distribution Points" */
&(nid_objs[88]),/* "X509v3 CRL Number" */
&(nid_objs[141]),/* "X509v3 CRL Reason Code" */
&(nid_objs[771]),/* "X509v3 Certificate Issuer" */
&(nid_objs[89]),/* "X509v3 Certificate Policies" */
&(nid_objs[140]),/* "X509v3 Delta CRL Indicator" */
&(nid_objs[126]),/* "X509v3 Extended Key Usage" */
&(nid_objs[748]),/* "X509v3 Inhibit Any Policy" */
&(nid_objs[86]),/* "X509v3 Issuer Alternative Name" */
&(nid_objs[770]),/* "X509v3 Issuing Distrubution Point" */
&(nid_objs[83]),/* "X509v3 Key Usage" */
&(nid_objs[666]),/* "X509v3 Name Constraints" */
&(nid_objs[403]),/* "X509v3 No Revocation Available" */
@ -2864,6 +2878,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[747]),/* "X509v3 Policy Mappings" */
&(nid_objs[84]),/* "X509v3 Private Key Usage Period" */
&(nid_objs[85]),/* "X509v3 Subject Alternative Name" */
&(nid_objs[769]),/* "X509v3 Subject Directory Attributes" */
&(nid_objs[82]),/* "X509v3 Subject Key Identifier" */
&(nid_objs[184]),/* "X9.57" */
&(nid_objs[185]),/* "X9.57 CM ?" */
@ -3569,6 +3584,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
&(nid_objs[174]),/* OBJ_dnQualifier 2 5 4 46 */
&(nid_objs[510]),/* OBJ_pseudonym 2 5 4 65 */
&(nid_objs[400]),/* OBJ_role 2 5 4 72 */
&(nid_objs[769]),/* OBJ_subject_directory_attributes 2 5 29 9 */
&(nid_objs[82]),/* OBJ_subject_key_identifier 2 5 29 14 */
&(nid_objs[83]),/* OBJ_key_usage 2 5 29 15 */
&(nid_objs[84]),/* OBJ_private_key_usage_period 2 5 29 16 */
@ -3580,6 +3596,8 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
&(nid_objs[430]),/* OBJ_hold_instruction_code 2 5 29 23 */
&(nid_objs[142]),/* OBJ_invalidity_date 2 5 29 24 */
&(nid_objs[140]),/* OBJ_delta_crl 2 5 29 27 */
&(nid_objs[770]),/* OBJ_issuing_distribution_point 2 5 29 28 */
&(nid_objs[771]),/* OBJ_certificate_issuer 2 5 29 29 */
&(nid_objs[666]),/* OBJ_name_constraints 2 5 29 30 */
&(nid_objs[103]),/* OBJ_crl_distribution_points 2 5 29 31 */
&(nid_objs[89]),/* OBJ_certificate_policies 2 5 29 32 */

View File

@ -91,15 +91,12 @@ static ERR_STRING_DATA OBJ_str_reasons[]=
void ERR_load_OBJ_strings(void)
{
static int init=1;
if (init)
{
init=0;
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(OBJ_str_functs[0].error) == NULL)
{
ERR_load_strings(0,OBJ_str_functs);
ERR_load_strings(0,OBJ_str_reasons);
}
#endif
}
}

View File

@ -2044,6 +2044,11 @@
#define NID_id_ce 81
#define OBJ_id_ce OBJ_X500,29L
#define SN_subject_directory_attributes "subjectDirectoryAttributes"
#define LN_subject_directory_attributes "X509v3 Subject Directory Attributes"
#define NID_subject_directory_attributes 769
#define OBJ_subject_directory_attributes OBJ_id_ce,9L
#define SN_subject_key_identifier "subjectKeyIdentifier"
#define LN_subject_key_identifier "X509v3 Subject Key Identifier"
#define NID_subject_key_identifier 82
@ -2094,6 +2099,16 @@
#define NID_delta_crl 140
#define OBJ_delta_crl OBJ_id_ce,27L
#define SN_issuing_distribution_point "issuingDistributionPoint"
#define LN_issuing_distribution_point "X509v3 Issuing Distrubution Point"
#define NID_issuing_distribution_point 770
#define OBJ_issuing_distribution_point OBJ_id_ce,28L
#define SN_certificate_issuer "certificateIssuer"
#define LN_certificate_issuer "X509v3 Certificate Issuer"
#define NID_certificate_issuer 771
#define OBJ_certificate_issuer OBJ_id_ce,29L
#define SN_name_constraints "nameConstraints"
#define LN_name_constraints "X509v3 Name Constraints"
#define NID_name_constraints 666

View File

@ -766,3 +766,6 @@ camellia_256_cfb8 765
camellia_128_ofb128 766
camellia_192_ofb128 767
camellia_256_ofb128 768
subject_directory_attributes 769
issuing_distribution_point 770
certificate_issuer 771

View File

@ -657,6 +657,8 @@ X500algorithms 3 100 : RSA-MDC2 : mdc2WithRSA
X500algorithms 3 101 : MDC2 : mdc2
X500 29 : id-ce
!Cname subject-directory-attributes
id-ce 9 : subjectDirectoryAttributes : X509v3 Subject Directory Attributes
!Cname subject-key-identifier
id-ce 14 : subjectKeyIdentifier : X509v3 Subject Key Identifier
!Cname key-usage
@ -677,6 +679,10 @@ id-ce 21 : CRLReason : X509v3 CRL Reason Code
id-ce 24 : invalidityDate : Invalidity Date
!Cname delta-crl
id-ce 27 : deltaCRL : X509v3 Delta CRL Indicator
!Cname issuing-distribution-point
id-ce 28 : issuingDistributionPoint : X509v3 Issuing Distrubution Point
!Cname certificate-issuer
id-ce 29 : certificateIssuer : X509v3 Certificate Issuer
!Cname name-constraints
id-ce 30 : nameConstraints : X509v3 Name Constraints
!Cname crl-distribution-points

View File

@ -62,7 +62,7 @@
ASN1_SEQUENCE(OCSP_SIGNATURE) = {
ASN1_SIMPLE(OCSP_SIGNATURE, signatureAlgorithm, X509_ALGOR),
ASN1_SIMPLE(OCSP_SIGNATURE, signature, ASN1_BIT_STRING),
ASN1_EXP_SEQUENCE_OF(OCSP_SIGNATURE, certs, X509, 0)
ASN1_EXP_SEQUENCE_OF_OPT(OCSP_SIGNATURE, certs, X509, 0)
} ASN1_SEQUENCE_END(OCSP_SIGNATURE)
IMPLEMENT_ASN1_FUNCTIONS(OCSP_SIGNATURE)

View File

@ -129,15 +129,12 @@ static ERR_STRING_DATA OCSP_str_reasons[]=
void ERR_load_OCSP_strings(void)
{
static int init=1;
if (init)
{
init=0;
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(OCSP_str_functs[0].error) == NULL)
{
ERR_load_strings(0,OCSP_str_functs);
ERR_load_strings(0,OCSP_str_reasons);
}
#endif
}
}

View File

@ -367,7 +367,7 @@ int OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs, X509_STORE *st
return 0;
}
gen = req->tbsRequest->requestorName;
if (gen->type != GEN_DIRNAME)
if (!gen || gen->type != GEN_DIRNAME)
{
OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY, OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE);
return 0;

View File

@ -19,6 +19,9 @@
#ifndef OPENSSL_NO_RC5
# define OPENSSL_NO_RC5
#endif
#ifndef OPENSSL_NO_RFC3779
# define OPENSSL_NO_RFC3779
#endif
#endif /* OPENSSL_DOING_MAKEDEPEND */
#ifndef OPENSSL_NO_DYNAMIC_ENGINE
@ -45,6 +48,9 @@
# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5)
# define NO_RC5
# endif
# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779)
# define NO_RFC3779
# endif
#endif
/* crypto/opensslconf.h.in */

View File

@ -25,11 +25,11 @@
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
#define OPENSSL_VERSION_NUMBER 0x0090804f
#define OPENSSL_VERSION_NUMBER 0x0090805fL
#ifdef OPENSSL_FIPS
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8d-fips 28 Sep 2006"
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8e-fips 23 Feb 2007"
#else
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8d 28 Sep 2006"
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8e 23 Feb 2007"
#endif
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT

View File

@ -221,7 +221,7 @@ typedef struct pem_ctx_st
type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\
{ \
return(((type *(*)(D2I_OF(type),char *,FILE *,type **,pem_password_cb *,void *))openssl_fcast(PEM_ASN1_read))(d2i_##asn1, str,fp,x,cb,u)); \
} \
}
#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \
int PEM_write_##name(FILE *fp, type *x) \

View File

@ -124,15 +124,12 @@ static ERR_STRING_DATA PEM_str_reasons[]=
void ERR_load_PEM_strings(void)
{
static int init=1;
if (init)
{
init=0;
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(PEM_str_functs[0].error) == NULL)
{
ERR_load_strings(0,PEM_str_functs);
ERR_load_strings(0,PEM_str_reasons);
}
#endif
}
}

View File

@ -69,7 +69,7 @@
#include <openssl/des.h>
#endif
const char *PEM_version="PEM" OPENSSL_VERSION_PTEXT;
const char PEM_version[]="PEM" OPENSSL_VERSION_PTEXT;
#define MIN_LENGTH 4
@ -579,6 +579,7 @@ int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data,
}
EVP_EncodeFinal(&ctx,buf,&outl);
if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err;
OPENSSL_cleanse(buf, PEM_BUFSIZE*8);
OPENSSL_free(buf);
buf = NULL;
if ( (BIO_write(bp,"-----END ",9) != 9) ||
@ -587,8 +588,10 @@ int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data,
goto err;
return(i+outl);
err:
if (buf)
if (buf) {
OPENSSL_cleanse(buf, PEM_BUFSIZE*8);
OPENSSL_free(buf);
}
PEMerr(PEM_F_PEM_WRITE_BIO,reason);
return(0);
}

View File

@ -125,6 +125,7 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo
PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY,ERR_R_ASN1_LIB);
err:
OPENSSL_free(nm);
OPENSSL_cleanse(data, len);
OPENSSL_free(data);
return(ret);
}

View File

@ -133,15 +133,12 @@ static ERR_STRING_DATA PKCS12_str_reasons[]=
void ERR_load_PKCS12_strings(void)
{
static int init=1;
if (init)
{
init=0;
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(PKCS12_str_functs[0].error) == NULL)
{
ERR_load_strings(0,PKCS12_str_functs);
ERR_load_strings(0,PKCS12_str_reasons);
}
#endif
}
}

View File

@ -217,7 +217,9 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
keylen=EVP_CIPHER_key_length(evp_cipher);
ivlen=EVP_CIPHER_iv_length(evp_cipher);
xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher));
if (ivlen > 0) RAND_pseudo_bytes(iv,ivlen);
if (ivlen > 0)
if (RAND_pseudo_bytes(iv,ivlen) <= 0)
goto err;
if (EVP_CipherInit_ex(ctx, evp_cipher, NULL, NULL, NULL, 1)<=0)
goto err;
if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
@ -226,8 +228,11 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
goto err;
if (ivlen > 0) {
if (xalg->parameter == NULL)
if (xalg->parameter == NULL) {
xalg->parameter = ASN1_TYPE_new();
if (xalg->parameter == NULL)
goto err;
}
if(EVP_CIPHER_param_to_asn1(ctx, xalg->parameter) < 0)
goto err;
}
@ -242,7 +247,8 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_MISSING_CERIPEND_INFO);
goto err;
}
pkey=X509_get_pubkey(ri->cert);
if ((pkey=X509_get_pubkey(ri->cert)) == NULL)
goto err;
jj=EVP_PKEY_size(pkey);
EVP_PKEY_free(pkey);
if (max < jj) max=jj;
@ -255,7 +261,8 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
for (i=0; i<sk_PKCS7_RECIP_INFO_num(rsk); i++)
{
ri=sk_PKCS7_RECIP_INFO_value(rsk,i);
pkey=X509_get_pubkey(ri->cert);
if ((pkey=X509_get_pubkey(ri->cert)) == NULL)
goto err;
jj=EVP_PKEY_encrypt(tmp,key,keylen,pkey);
EVP_PKEY_free(pkey);
if (jj <= 0)
@ -291,6 +298,8 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
if(bio == NULL)
{
bio=BIO_new(BIO_s_mem());
if (bio == NULL)
goto err;
BIO_set_mem_eof_return(bio,0);
}
}
@ -541,6 +550,8 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
bio=BIO_new(BIO_s_mem());
BIO_set_mem_eof_return(bio,0);
}
if (bio == NULL)
goto err;
#endif
}
BIO_push(out,bio);
@ -695,9 +706,13 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
ERR_R_MALLOC_FAILURE);
goto err;
}
PKCS7_add_signed_attribute(si,
if (!PKCS7_add_signed_attribute(si,
NID_pkcs9_signingTime,
V_ASN1_UTCTIME,sign_time);
V_ASN1_UTCTIME,sign_time))
{
M_ASN1_UTCTIME_free(sign_time);
goto err;
}
}
/* Add digest */
@ -714,11 +729,16 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
{
PKCS7err(PKCS7_F_PKCS7_DATAFINAL,
ERR_R_MALLOC_FAILURE);
M_ASN1_OCTET_STRING_free(digest);
goto err;
}
PKCS7_add_signed_attribute(si,
if (!PKCS7_add_signed_attribute(si,
NID_pkcs9_messageDigest,
V_ASN1_OCTET_STRING,digest);
V_ASN1_OCTET_STRING,digest))
{
M_ASN1_OCTET_STRING_free(digest);
goto err;
}
/* Now sign the attributes */
EVP_SignInit_ex(&ctx_tmp,md_tmp,NULL);
@ -976,8 +996,13 @@ PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx)
int i;
i=OBJ_obj2nid(p7->type);
if (i != NID_pkcs7_signedAndEnveloped) return(NULL);
if (i != NID_pkcs7_signedAndEnveloped)
return NULL;
if (p7->d.signed_and_enveloped == NULL)
return NULL;
rsk=p7->d.signed_and_enveloped->recipientinfo;
if (rsk == NULL)
return NULL;
ri=sk_PKCS7_RECIP_INFO_value(rsk,0);
if (sk_PKCS7_RECIP_INFO_num(rsk) <= idx) return(NULL);
ri=sk_PKCS7_RECIP_INFO_value(rsk,idx);
@ -1031,6 +1056,8 @@ int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,
if (p7si->auth_attr != NULL)
sk_X509_ATTRIBUTE_pop_free(p7si->auth_attr,X509_ATTRIBUTE_free);
p7si->auth_attr=sk_X509_ATTRIBUTE_dup(sk);
if (p7si->auth_attr == NULL)
return 0;
for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++)
{
if ((sk_X509_ATTRIBUTE_set(p7si->auth_attr,i,
@ -1049,6 +1076,8 @@ int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si, STACK_OF(X509_ATTRIBUTE) *sk)
sk_X509_ATTRIBUTE_pop_free(p7si->unauth_attr,
X509_ATTRIBUTE_free);
p7si->unauth_attr=sk_X509_ATTRIBUTE_dup(sk);
if (p7si->unauth_attr == NULL)
return 0;
for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++)
{
if ((sk_X509_ATTRIBUTE_set(p7si->unauth_attr,i,
@ -1078,10 +1107,16 @@ static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,
if (*sk == NULL)
{
*sk = sk_X509_ATTRIBUTE_new_null();
if (!(*sk = sk_X509_ATTRIBUTE_new_null()))
return 0;
new_attrib:
attr=X509_ATTRIBUTE_create(nid,atrtype,value);
sk_X509_ATTRIBUTE_push(*sk,attr);
if (!(attr=X509_ATTRIBUTE_create(nid,atrtype,value)))
return 0;
if (!sk_X509_ATTRIBUTE_push(*sk,attr))
{
X509_ATTRIBUTE_free(attr);
return 0;
}
}
else
{
@ -1094,7 +1129,13 @@ static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,
{
X509_ATTRIBUTE_free(attr);
attr=X509_ATTRIBUTE_create(nid,atrtype,value);
sk_X509_ATTRIBUTE_set(*sk,i,attr);
if (attr == NULL)
return 0;
if (!sk_X509_ATTRIBUTE_set(*sk,i,attr))
{
X509_ATTRIBUTE_free(attr);
return 0;
}
goto end;
}
}

Some files were not shown because too many files have changed in this diff Show More