Import OpenSSL 0.9.7d to address:
1. Null-pointer assignment during SSL handshake 2. Out-of-bounds read affects Kerberos ciphersuites
This commit is contained in:
parent
0ff2145648
commit
5a374ad0ce
2
crypto/dist/openssl/LICENSE
vendored
2
crypto/dist/openssl/LICENSE
vendored
@ -12,7 +12,7 @@
|
||||
---------------
|
||||
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
|
||||
* Copyright (c) 1998-2004 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
|
@ -2750,4 +2750,4 @@ void SkipWhiteSpace(char **ioSrcCharPtr,const Boolean inStopAtEOL)
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -167,4 +167,4 @@ void ThrowErrorMessageException(void)
|
||||
ThrowDescriptiveException(gErrorMessage);
|
||||
}
|
||||
|
||||
#endif
|
||||
#endif
|
||||
|
10
crypto/dist/openssl/Makefile.org
vendored
10
crypto/dist/openssl/Makefile.org
vendored
@ -456,10 +456,12 @@ do_irix-shared:
|
||||
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
|
||||
libs="$(LIBKRB5) $$libs"; \
|
||||
fi; \
|
||||
( set -x; ${CC} ${SHARED_LDFLAGS} \
|
||||
( WHOLELIB="-all lib$$i.a -notall"; \
|
||||
(${CC} -v 2>&1 | grep gcc) > /dev/null && WHOLELIB="-Wl,-all,lib$$i.a,-notall"; \
|
||||
set -x; ${CC} ${SHARED_LDFLAGS} \
|
||||
-shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
|
||||
-Wl,-soname,lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
|
||||
-all lib$$i.a $$libs ${EX_LIBS} -lc) || exit 1; \
|
||||
$${WHOLELIB} $$libs ${EX_LIBS} -lc) || exit 1; \
|
||||
libs="-l$$i $$libs"; \
|
||||
done; \
|
||||
fi
|
||||
@ -832,7 +834,7 @@ install: all install_docs
|
||||
fi; \
|
||||
fi
|
||||
cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig
|
||||
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig
|
||||
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig/openssl.pc
|
||||
|
||||
install_docs:
|
||||
@$(PERL) $(TOP)/util/mkdir-p.pl \
|
||||
@ -857,6 +859,7 @@ install_docs:
|
||||
> $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
|
||||
$(PERL) util/extract-names.pl < $$i | \
|
||||
grep -v $$filecase "^$$fn\$$" | \
|
||||
grep -v "[ ]" | \
|
||||
(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
|
||||
while read n; do \
|
||||
$$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
|
||||
@ -873,6 +876,7 @@ install_docs:
|
||||
> $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
|
||||
$(PERL) util/extract-names.pl < $$i | \
|
||||
grep -v $$filecase "^$$fn\$$" | \
|
||||
grep -v "[ ]" | \
|
||||
(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
|
||||
while read n; do \
|
||||
$$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
|
||||
|
14
crypto/dist/openssl/Makefile.ssl
vendored
14
crypto/dist/openssl/Makefile.ssl
vendored
@ -4,7 +4,7 @@
|
||||
## Makefile for OpenSSL
|
||||
##
|
||||
|
||||
VERSION=0.9.7c
|
||||
VERSION=0.9.7d
|
||||
MAJOR=0
|
||||
MINOR=9.7
|
||||
SHLIB_VERSION_NUMBER=0.9.7
|
||||
@ -69,7 +69,7 @@ EXE_EXT=
|
||||
ARFLAGS=
|
||||
AR=ar $(ARFLAGS) r
|
||||
RANLIB= /usr/bin/ranlib
|
||||
PERL= /usr/bin/perl
|
||||
PERL= /usr/local/bin/perl
|
||||
TAR= tar
|
||||
TARFLAGS= --no-recursion
|
||||
MAKEDEPPROG=makedepend
|
||||
@ -458,10 +458,12 @@ do_irix-shared:
|
||||
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
|
||||
libs="$(LIBKRB5) $$libs"; \
|
||||
fi; \
|
||||
( set -x; ${CC} ${SHARED_LDFLAGS} \
|
||||
( WHOLELIB="-all lib$$i.a -notall"; \
|
||||
(${CC} -v 2>&1 | grep gcc) > /dev/null && WHOLELIB="-Wl,-all,lib$$i.a,-notall"; \
|
||||
set -x; ${CC} ${SHARED_LDFLAGS} \
|
||||
-shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
|
||||
-Wl,-soname,lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
|
||||
-all lib$$i.a $$libs ${EX_LIBS} -lc) || exit 1; \
|
||||
$${WHOLELIB} $$libs ${EX_LIBS} -lc) || exit 1; \
|
||||
libs="-l$$i $$libs"; \
|
||||
done; \
|
||||
fi
|
||||
@ -834,7 +836,7 @@ install: all install_docs
|
||||
fi; \
|
||||
fi
|
||||
cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig
|
||||
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig
|
||||
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig/openssl.pc
|
||||
|
||||
install_docs:
|
||||
@$(PERL) $(TOP)/util/mkdir-p.pl \
|
||||
@ -859,6 +861,7 @@ install_docs:
|
||||
> $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
|
||||
$(PERL) util/extract-names.pl < $$i | \
|
||||
grep -v $$filecase "^$$fn\$$" | \
|
||||
grep -v "[ ]" | \
|
||||
(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
|
||||
while read n; do \
|
||||
$$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
|
||||
@ -875,6 +878,7 @@ install_docs:
|
||||
> $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
|
||||
$(PERL) util/extract-names.pl < $$i | \
|
||||
grep -v $$filecase "^$$fn\$$" | \
|
||||
grep -v "[ ]" | \
|
||||
(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
|
||||
while read n; do \
|
||||
$$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
|
||||
|
8
crypto/dist/openssl/NEWS
vendored
8
crypto/dist/openssl/NEWS
vendored
@ -5,6 +5,14 @@
|
||||
This file gives a brief overview of the major changes between each OpenSSL
|
||||
release. For more details please read the CHANGES file.
|
||||
|
||||
Major changes between OpenSSL 0.9.7c and OpenSSL 0.9.7d:
|
||||
|
||||
o Security: Fix Kerberos ciphersuite SSL/TLS handshaking bug
|
||||
o Security: Fix null-pointer assignment in do_change_cipher_spec()
|
||||
o Allow multiple active certificates with same subject in CA index
|
||||
o Multiple X590 verification fixes
|
||||
o Speed up HMAC and other operations
|
||||
|
||||
Major changes between OpenSSL 0.9.7b and OpenSSL 0.9.7c:
|
||||
|
||||
o Security: fix various ASN1 parsing bugs.
|
||||
|
4
crypto/dist/openssl/README
vendored
4
crypto/dist/openssl/README
vendored
@ -1,7 +1,7 @@
|
||||
|
||||
OpenSSL 0.9.7c 30 Sep 2003
|
||||
OpenSSL 0.9.7d 17 Mar 2004
|
||||
|
||||
Copyright (c) 1998-2003 The OpenSSL Project
|
||||
Copyright (c) 1998-2004 The OpenSSL Project
|
||||
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
|
||||
All rights reserved.
|
||||
|
||||
|
2
crypto/dist/openssl/apps/CA.pl
vendored
2
crypto/dist/openssl/apps/CA.pl
vendored
@ -1,4 +1,4 @@
|
||||
#!/usr/bin/perl
|
||||
#!/usr/local/bin/perl
|
||||
#
|
||||
# CA - wrapper around ca to make it easier to use ... basically ca requires
|
||||
# some setup stuff to be done before you can use it and this makes
|
||||
|
2
crypto/dist/openssl/apps/Makefile.ssl
vendored
2
crypto/dist/openssl/apps/Makefile.ssl
vendored
@ -121,7 +121,7 @@ tags:
|
||||
tests:
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
|
||||
lint:
|
||||
lint -DLINT $(INCLUDES) $(SRC)>fluff
|
||||
|
563
crypto/dist/openssl/apps/apps.c
vendored
563
crypto/dist/openssl/apps/apps.c
vendored
@ -501,7 +501,7 @@ static int ui_read(UI *ui, UI_STRING *uis)
|
||||
{
|
||||
const char *password =
|
||||
((PW_CB_DATA *)UI_get0_user_data(ui))->password;
|
||||
if (password[0] != '\0')
|
||||
if (password && password[0] != '\0')
|
||||
{
|
||||
UI_set_result(ui, uis, password);
|
||||
return 1;
|
||||
@ -525,7 +525,7 @@ static int ui_write(UI *ui, UI_STRING *uis)
|
||||
{
|
||||
const char *password =
|
||||
((PW_CB_DATA *)UI_get0_user_data(ui))->password;
|
||||
if (password[0] != '\0')
|
||||
if (password && password[0] != '\0')
|
||||
return 1;
|
||||
}
|
||||
default:
|
||||
@ -1411,14 +1411,565 @@ int load_config(BIO *err, CONF *cnf)
|
||||
char *make_config_name()
|
||||
{
|
||||
const char *t=X509_get_default_cert_area();
|
||||
size_t len;
|
||||
char *p;
|
||||
|
||||
p=OPENSSL_malloc(strlen(t)+strlen(OPENSSL_CONF)+2);
|
||||
strcpy(p,t);
|
||||
len=strlen(t)+strlen(OPENSSL_CONF)+2;
|
||||
p=OPENSSL_malloc(len);
|
||||
BUF_strlcpy(p,t,len);
|
||||
#ifndef OPENSSL_SYS_VMS
|
||||
strcat(p,"/");
|
||||
BUF_strlcat(p,"/",len);
|
||||
#endif
|
||||
strcat(p,OPENSSL_CONF);
|
||||
BUF_strlcat(p,OPENSSL_CONF,len);
|
||||
|
||||
return p;
|
||||
}
|
||||
|
||||
static unsigned long index_serial_hash(const char **a)
|
||||
{
|
||||
const char *n;
|
||||
|
||||
n=a[DB_serial];
|
||||
while (*n == '0') n++;
|
||||
return(lh_strhash(n));
|
||||
}
|
||||
|
||||
static int index_serial_cmp(const char **a, const char **b)
|
||||
{
|
||||
const char *aa,*bb;
|
||||
|
||||
for (aa=a[DB_serial]; *aa == '0'; aa++);
|
||||
for (bb=b[DB_serial]; *bb == '0'; bb++);
|
||||
return(strcmp(aa,bb));
|
||||
}
|
||||
|
||||
static int index_name_qual(char **a)
|
||||
{ return(a[0][0] == 'V'); }
|
||||
|
||||
static unsigned long index_name_hash(const char **a)
|
||||
{ return(lh_strhash(a[DB_name])); }
|
||||
|
||||
int index_name_cmp(const char **a, const char **b)
|
||||
{ return(strcmp(a[DB_name],
|
||||
b[DB_name])); }
|
||||
|
||||
static IMPLEMENT_LHASH_HASH_FN(index_serial_hash,const char **)
|
||||
static IMPLEMENT_LHASH_COMP_FN(index_serial_cmp,const char **)
|
||||
static IMPLEMENT_LHASH_HASH_FN(index_name_hash,const char **)
|
||||
static IMPLEMENT_LHASH_COMP_FN(index_name_cmp,const char **)
|
||||
|
||||
#undef BSIZE
|
||||
#define BSIZE 256
|
||||
|
||||
BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai)
|
||||
{
|
||||
BIO *in=NULL;
|
||||
BIGNUM *ret=NULL;
|
||||
MS_STATIC char buf[1024];
|
||||
ASN1_INTEGER *ai=NULL;
|
||||
|
||||
ai=ASN1_INTEGER_new();
|
||||
if (ai == NULL) goto err;
|
||||
|
||||
if ((in=BIO_new(BIO_s_file())) == NULL)
|
||||
{
|
||||
ERR_print_errors(bio_err);
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (BIO_read_filename(in,serialfile) <= 0)
|
||||
{
|
||||
if (!create)
|
||||
{
|
||||
perror(serialfile);
|
||||
goto err;
|
||||
}
|
||||
else
|
||||
{
|
||||
ASN1_INTEGER_set(ai,1);
|
||||
ret=BN_new();
|
||||
if (ret == NULL)
|
||||
BIO_printf(bio_err, "Out of memory\n");
|
||||
else
|
||||
BN_one(ret);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
if (!a2i_ASN1_INTEGER(in,ai,buf,1024))
|
||||
{
|
||||
BIO_printf(bio_err,"unable to load number from %s\n",
|
||||
serialfile);
|
||||
goto err;
|
||||
}
|
||||
ret=ASN1_INTEGER_to_BN(ai,NULL);
|
||||
if (ret == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"error converting number from bin to BIGNUM\n");
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
|
||||
if (ret && retai)
|
||||
{
|
||||
*retai = ai;
|
||||
ai = NULL;
|
||||
}
|
||||
err:
|
||||
if (in != NULL) BIO_free(in);
|
||||
if (ai != NULL) ASN1_INTEGER_free(ai);
|
||||
return(ret);
|
||||
}
|
||||
|
||||
int save_serial(char *serialfile, char *suffix, BIGNUM *serial, ASN1_INTEGER **retai)
|
||||
{
|
||||
char buf[1][BSIZE];
|
||||
BIO *out = NULL;
|
||||
int ret=0;
|
||||
ASN1_INTEGER *ai=NULL;
|
||||
int j;
|
||||
|
||||
if (suffix == NULL)
|
||||
j = strlen(serialfile);
|
||||
else
|
||||
j = strlen(serialfile) + strlen(suffix) + 1;
|
||||
if (j >= BSIZE)
|
||||
{
|
||||
BIO_printf(bio_err,"file name too long\n");
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (suffix == NULL)
|
||||
BUF_strlcpy(buf[0], serialfile, BSIZE);
|
||||
else
|
||||
{
|
||||
#ifndef OPENSSL_SYS_VMS
|
||||
j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", serialfile, suffix);
|
||||
#else
|
||||
j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", serialfile, suffix);
|
||||
#endif
|
||||
}
|
||||
#ifdef RL_DEBUG
|
||||
BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[0]);
|
||||
#endif
|
||||
out=BIO_new(BIO_s_file());
|
||||
if (out == NULL)
|
||||
{
|
||||
ERR_print_errors(bio_err);
|
||||
goto err;
|
||||
}
|
||||
if (BIO_write_filename(out,buf[0]) <= 0)
|
||||
{
|
||||
perror(serialfile);
|
||||
goto err;
|
||||
}
|
||||
|
||||
if ((ai=BN_to_ASN1_INTEGER(serial,NULL)) == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"error converting serial to ASN.1 format\n");
|
||||
goto err;
|
||||
}
|
||||
i2a_ASN1_INTEGER(out,ai);
|
||||
BIO_puts(out,"\n");
|
||||
ret=1;
|
||||
if (retai)
|
||||
{
|
||||
*retai = ai;
|
||||
ai = NULL;
|
||||
}
|
||||
err:
|
||||
if (out != NULL) BIO_free_all(out);
|
||||
if (ai != NULL) ASN1_INTEGER_free(ai);
|
||||
return(ret);
|
||||
}
|
||||
|
||||
int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix)
|
||||
{
|
||||
char buf[5][BSIZE];
|
||||
int i,j;
|
||||
struct stat sb;
|
||||
|
||||
i = strlen(serialfile) + strlen(old_suffix);
|
||||
j = strlen(serialfile) + strlen(new_suffix);
|
||||
if (i > j) j = i;
|
||||
if (j + 1 >= BSIZE)
|
||||
{
|
||||
BIO_printf(bio_err,"file name too long\n");
|
||||
goto err;
|
||||
}
|
||||
|
||||
#ifndef OPENSSL_SYS_VMS
|
||||
j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s",
|
||||
serialfile, new_suffix);
|
||||
#else
|
||||
j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s",
|
||||
serialfile, new_suffix);
|
||||
#endif
|
||||
#ifndef OPENSSL_SYS_VMS
|
||||
j = BIO_snprintf(buf[1], sizeof buf[1], "%s.%s",
|
||||
serialfile, old_suffix);
|
||||
#else
|
||||
j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s",
|
||||
serialfile, old_suffix);
|
||||
#endif
|
||||
if (stat(serialfile,&sb) < 0)
|
||||
{
|
||||
if (errno != ENOENT
|
||||
#ifdef ENOTDIR
|
||||
&& errno != ENOTDIR)
|
||||
#endif
|
||||
goto err;
|
||||
}
|
||||
else
|
||||
{
|
||||
#ifdef RL_DEBUG
|
||||
BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
|
||||
serialfile, buf[1]);
|
||||
#endif
|
||||
if (rename(serialfile,buf[1]) < 0)
|
||||
{
|
||||
BIO_printf(bio_err,
|
||||
"unable to rename %s to %s\n",
|
||||
serialfile, buf[1]);
|
||||
perror("reason");
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
#ifdef RL_DEBUG
|
||||
BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
|
||||
buf[0],serialfile);
|
||||
#endif
|
||||
if (rename(buf[0],serialfile) < 0)
|
||||
{
|
||||
BIO_printf(bio_err,
|
||||
"unable to rename %s to %s\n",
|
||||
buf[0],serialfile);
|
||||
perror("reason");
|
||||
rename(buf[1],serialfile);
|
||||
goto err;
|
||||
}
|
||||
return 1;
|
||||
err:
|
||||
return 0;
|
||||
}
|
||||
|
||||
CA_DB *load_index(char *dbfile, DB_ATTR *db_attr)
|
||||
{
|
||||
CA_DB *retdb = NULL;
|
||||
TXT_DB *tmpdb = NULL;
|
||||
BIO *in = BIO_new(BIO_s_file());
|
||||
CONF *dbattr_conf = NULL;
|
||||
char buf[1][BSIZE];
|
||||
long errorline= -1;
|
||||
|
||||
if (in == NULL)
|
||||
{
|
||||
ERR_print_errors(bio_err);
|
||||
goto err;
|
||||
}
|
||||
if (BIO_read_filename(in,dbfile) <= 0)
|
||||
{
|
||||
perror(dbfile);
|
||||
BIO_printf(bio_err,"unable to open '%s'\n",dbfile);
|
||||
goto err;
|
||||
}
|
||||
if ((tmpdb = TXT_DB_read(in,DB_NUMBER)) == NULL)
|
||||
{
|
||||
if (tmpdb != NULL) TXT_DB_free(tmpdb);
|
||||
goto err;
|
||||
}
|
||||
|
||||
#ifndef OPENSSL_SYS_VMS
|
||||
BIO_snprintf(buf[0], sizeof buf[0], "%s.attr", dbfile);
|
||||
#else
|
||||
BIO_snprintf(buf[0], sizeof buf[0], "%s-attr", dbfile);
|
||||
#endif
|
||||
dbattr_conf = NCONF_new(NULL);
|
||||
if (NCONF_load(dbattr_conf,buf[0],&errorline) <= 0)
|
||||
{
|
||||
if (errorline > 0)
|
||||
{
|
||||
BIO_printf(bio_err,
|
||||
"error on line %ld of db attribute file '%s'\n"
|
||||
,errorline,buf[0]);
|
||||
goto err;
|
||||
}
|
||||
else
|
||||
{
|
||||
NCONF_free(dbattr_conf);
|
||||
dbattr_conf = NULL;
|
||||
}
|
||||
}
|
||||
|
||||
if ((retdb = OPENSSL_malloc(sizeof(CA_DB))) == NULL)
|
||||
{
|
||||
fprintf(stderr, "Out of memory\n");
|
||||
goto err;
|
||||
}
|
||||
|
||||
retdb->db = tmpdb;
|
||||
tmpdb = NULL;
|
||||
if (db_attr)
|
||||
retdb->attributes = *db_attr;
|
||||
else
|
||||
{
|
||||
retdb->attributes.unique_subject = 1;
|
||||
}
|
||||
|
||||
if (dbattr_conf)
|
||||
{
|
||||
char *p = NCONF_get_string(dbattr_conf,NULL,"unique_subject");
|
||||
if (p)
|
||||
{
|
||||
BIO_printf(bio_err, "DEBUG[load_index]: unique_subject = \"%s\"\n", p);
|
||||
switch(*p)
|
||||
{
|
||||
case 'f': /* false */
|
||||
case 'F': /* FALSE */
|
||||
case 'n': /* no */
|
||||
case 'N': /* NO */
|
||||
retdb->attributes.unique_subject = 0;
|
||||
break;
|
||||
case 't': /* true */
|
||||
case 'T': /* TRUE */
|
||||
case 'y': /* yes */
|
||||
case 'Y': /* YES */
|
||||
default:
|
||||
retdb->attributes.unique_subject = 1;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
err:
|
||||
if (dbattr_conf) NCONF_free(dbattr_conf);
|
||||
if (tmpdb) TXT_DB_free(tmpdb);
|
||||
if (in) BIO_free_all(in);
|
||||
return retdb;
|
||||
}
|
||||
|
||||
int index_index(CA_DB *db)
|
||||
{
|
||||
if (!TXT_DB_create_index(db->db, DB_serial, NULL,
|
||||
LHASH_HASH_FN(index_serial_hash),
|
||||
LHASH_COMP_FN(index_serial_cmp)))
|
||||
{
|
||||
BIO_printf(bio_err,
|
||||
"error creating serial number index:(%ld,%ld,%ld)\n",
|
||||
db->db->error,db->db->arg1,db->db->arg2);
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (db->attributes.unique_subject
|
||||
&& !TXT_DB_create_index(db->db, DB_name, index_name_qual,
|
||||
LHASH_HASH_FN(index_name_hash),
|
||||
LHASH_COMP_FN(index_name_cmp)))
|
||||
{
|
||||
BIO_printf(bio_err,"error creating name index:(%ld,%ld,%ld)\n",
|
||||
db->db->error,db->db->arg1,db->db->arg2);
|
||||
return 0;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
int save_index(char *dbfile, char *suffix, CA_DB *db)
|
||||
{
|
||||
char buf[3][BSIZE];
|
||||
BIO *out = BIO_new(BIO_s_file());
|
||||
int j;
|
||||
|
||||
if (out == NULL)
|
||||
{
|
||||
ERR_print_errors(bio_err);
|
||||
goto err;
|
||||
}
|
||||
|
||||
j = strlen(dbfile) + strlen(suffix);
|
||||
if (j + 6 >= BSIZE)
|
||||
{
|
||||
BIO_printf(bio_err,"file name too long\n");
|
||||
goto err;
|
||||
}
|
||||
|
||||
#ifndef OPENSSL_SYS_VMS
|
||||
j = BIO_snprintf(buf[2], sizeof buf[2], "%s.attr", dbfile);
|
||||
#else
|
||||
j = BIO_snprintf(buf[2], sizeof buf[2], "%s-attr", dbfile);
|
||||
#endif
|
||||
#ifndef OPENSSL_SYS_VMS
|
||||
j = BIO_snprintf(buf[1], sizeof buf[1], "%s.attr.%s", dbfile, suffix);
|
||||
#else
|
||||
j = BIO_snprintf(buf[1], sizeof buf[1], "%s-attr-%s", dbfile, suffix);
|
||||
#endif
|
||||
#ifndef OPENSSL_SYS_VMS
|
||||
j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", dbfile, suffix);
|
||||
#else
|
||||
j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", dbfile, suffix);
|
||||
#endif
|
||||
#ifdef RL_DEBUG
|
||||
BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[0]);
|
||||
#endif
|
||||
if (BIO_write_filename(out,buf[0]) <= 0)
|
||||
{
|
||||
perror(dbfile);
|
||||
BIO_printf(bio_err,"unable to open '%s'\n", dbfile);
|
||||
goto err;
|
||||
}
|
||||
j=TXT_DB_write(out,db->db);
|
||||
if (j <= 0) goto err;
|
||||
|
||||
BIO_free(out);
|
||||
|
||||
out = BIO_new(BIO_s_file());
|
||||
#ifdef RL_DEBUG
|
||||
BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[1]);
|
||||
#endif
|
||||
if (BIO_write_filename(out,buf[1]) <= 0)
|
||||
{
|
||||
perror(buf[2]);
|
||||
BIO_printf(bio_err,"unable to open '%s'\n", buf[2]);
|
||||
goto err;
|
||||
}
|
||||
BIO_printf(out,"unique_subject = %s\n",
|
||||
db->attributes.unique_subject ? "yes" : "no");
|
||||
BIO_free(out);
|
||||
|
||||
return 1;
|
||||
err:
|
||||
return 0;
|
||||
}
|
||||
|
||||
int rotate_index(char *dbfile, char *new_suffix, char *old_suffix)
|
||||
{
|
||||
char buf[5][BSIZE];
|
||||
int i,j;
|
||||
struct stat sb;
|
||||
|
||||
i = strlen(dbfile) + strlen(old_suffix);
|
||||
j = strlen(dbfile) + strlen(new_suffix);
|
||||
if (i > j) j = i;
|
||||
if (j + 6 >= BSIZE)
|
||||
{
|
||||
BIO_printf(bio_err,"file name too long\n");
|
||||
goto err;
|
||||
}
|
||||
|
||||
#ifndef OPENSSL_SYS_VMS
|
||||
j = BIO_snprintf(buf[4], sizeof buf[4], "%s.attr", dbfile);
|
||||
#else
|
||||
j = BIO_snprintf(buf[4], sizeof buf[4], "%s-attr", dbfile);
|
||||
#endif
|
||||
#ifndef OPENSSL_SYS_VMS
|
||||
j = BIO_snprintf(buf[2], sizeof buf[2], "%s.attr.%s",
|
||||
dbfile, new_suffix);
|
||||
#else
|
||||
j = BIO_snprintf(buf[2], sizeof buf[2], "%s-attr-%s",
|
||||
dbfile, new_suffix);
|
||||
#endif
|
||||
#ifndef OPENSSL_SYS_VMS
|
||||
j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s",
|
||||
dbfile, new_suffix);
|
||||
#else
|
||||
j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s",
|
||||
dbfile, new_suffix);
|
||||
#endif
|
||||
#ifndef OPENSSL_SYS_VMS
|
||||
j = BIO_snprintf(buf[1], sizeof buf[1], "%s.%s",
|
||||
dbfile, old_suffix);
|
||||
#else
|
||||
j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s",
|
||||
dbfile, old_suffix);
|
||||
#endif
|
||||
#ifndef OPENSSL_SYS_VMS
|
||||
j = BIO_snprintf(buf[3], sizeof buf[3], "%s.attr.%s",
|
||||
dbfile, old_suffix);
|
||||
#else
|
||||
j = BIO_snprintf(buf[3], sizeof buf[3], "%s-attr-%s",
|
||||
dbfile, old_suffix);
|
||||
#endif
|
||||
if (stat(dbfile,&sb) < 0)
|
||||
{
|
||||
if (errno != ENOENT
|
||||
#ifdef ENOTDIR
|
||||
&& errno != ENOTDIR)
|
||||
#endif
|
||||
goto err;
|
||||
}
|
||||
else
|
||||
{
|
||||
#ifdef RL_DEBUG
|
||||
BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
|
||||
dbfile, buf[1]);
|
||||
#endif
|
||||
if (rename(dbfile,buf[1]) < 0)
|
||||
{
|
||||
BIO_printf(bio_err,
|
||||
"unable to rename %s to %s\n",
|
||||
dbfile, buf[1]);
|
||||
perror("reason");
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
#ifdef RL_DEBUG
|
||||
BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
|
||||
buf[0],dbfile);
|
||||
#endif
|
||||
if (rename(buf[0],dbfile) < 0)
|
||||
{
|
||||
BIO_printf(bio_err,
|
||||
"unable to rename %s to %s\n",
|
||||
buf[0],dbfile);
|
||||
perror("reason");
|
||||
rename(buf[1],dbfile);
|
||||
goto err;
|
||||
}
|
||||
if (stat(buf[4],&sb) < 0)
|
||||
{
|
||||
if (errno != ENOENT
|
||||
#ifdef ENOTDIR
|
||||
&& errno != ENOTDIR)
|
||||
#endif
|
||||
goto err;
|
||||
}
|
||||
else
|
||||
{
|
||||
#ifdef RL_DEBUG
|
||||
BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
|
||||
buf[4],buf[3]);
|
||||
#endif
|
||||
if (rename(buf[4],buf[3]) < 0)
|
||||
{
|
||||
BIO_printf(bio_err,
|
||||
"unable to rename %s to %s\n",
|
||||
buf[4], buf[3]);
|
||||
perror("reason");
|
||||
rename(dbfile,buf[0]);
|
||||
rename(buf[1],dbfile);
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
#ifdef RL_DEBUG
|
||||
BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
|
||||
buf[2],buf[4]);
|
||||
#endif
|
||||
if (rename(buf[2],buf[4]) < 0)
|
||||
{
|
||||
BIO_printf(bio_err,
|
||||
"unable to rename %s to %s\n",
|
||||
buf[2],buf[4]);
|
||||
perror("reason");
|
||||
rename(buf[3],buf[4]);
|
||||
rename(dbfile,buf[0]);
|
||||
rename(buf[1],dbfile);
|
||||
goto err;
|
||||
}
|
||||
return 1;
|
||||
err:
|
||||
return 0;
|
||||
}
|
||||
|
||||
void free_index(CA_DB *db)
|
||||
{
|
||||
TXT_DB_free(db->db);
|
||||
OPENSSL_free(db);
|
||||
}
|
||||
|
10
crypto/dist/openssl/apps/asn1pars.c
vendored
10
crypto/dist/openssl/apps/asn1pars.c
vendored
@ -304,7 +304,15 @@ bad:
|
||||
num=tmplen;
|
||||
}
|
||||
|
||||
if (length == 0) length=(unsigned int)num;
|
||||
if (offset >= num)
|
||||
{
|
||||
BIO_printf(bio_err, "Error: offset too large\n");
|
||||
goto end;
|
||||
}
|
||||
|
||||
num -= offset;
|
||||
|
||||
if ((length == 0) || ((long)length > num)) length=(unsigned int)num;
|
||||
if(derout) {
|
||||
if(BIO_write(derout, str + offset, length) != (int)length) {
|
||||
BIO_printf(bio_err, "Error writing output\n");
|
||||
|
2
crypto/dist/openssl/apps/der_chop
vendored
2
crypto/dist/openssl/apps/der_chop
vendored
@ -1,4 +1,4 @@
|
||||
#!/usr/bin/perl
|
||||
#!/usr/local/bin/perl
|
||||
#
|
||||
# der_chop ... this is one total hack that Eric is really not proud of
|
||||
# so don't look at it and don't ask for support
|
||||
|
4
crypto/dist/openssl/apps/engine.c
vendored
4
crypto/dist/openssl/apps/engine.c
vendored
@ -122,8 +122,8 @@ static int append_buf(char **buf, const char *s, int *size, int step)
|
||||
return 0;
|
||||
|
||||
if (**buf != '\0')
|
||||
strcat(*buf, ", ");
|
||||
strcat(*buf, s);
|
||||
BUF_strlcat(*buf, ", ", *size);
|
||||
BUF_strlcat(*buf, s, *size);
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
46
crypto/dist/openssl/apps/ocsp.c
vendored
46
crypto/dist/openssl/apps/ocsp.c
vendored
@ -68,19 +68,6 @@
|
||||
/* Maximum leeway in validity period: default 5 minutes */
|
||||
#define MAX_VALIDITY_PERIOD (5 * 60)
|
||||
|
||||
/* CA index.txt definitions */
|
||||
#define DB_type 0
|
||||
#define DB_exp_date 1
|
||||
#define DB_rev_date 2
|
||||
#define DB_serial 3 /* index - unique */
|
||||
#define DB_file 4
|
||||
#define DB_name 5 /* index - unique for active */
|
||||
#define DB_NUMBER 6
|
||||
|
||||
#define DB_TYPE_REV 'R'
|
||||
#define DB_TYPE_EXP 'E'
|
||||
#define DB_TYPE_VAL 'V'
|
||||
|
||||
static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert, X509 *issuer,
|
||||
STACK_OF(OCSP_CERTID) *ids);
|
||||
static int add_ocsp_serial(OCSP_REQUEST **req, char *serial, X509 *issuer,
|
||||
@ -89,12 +76,12 @@ static int print_ocsp_summary(BIO *out, OCSP_BASICRESP *bs, OCSP_REQUEST *req,
|
||||
STACK *names, STACK_OF(OCSP_CERTID) *ids,
|
||||
long nsec, long maxage);
|
||||
|
||||
static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, TXT_DB *db,
|
||||
static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, CA_DB *db,
|
||||
X509 *ca, X509 *rcert, EVP_PKEY *rkey,
|
||||
STACK_OF(X509) *rother, unsigned long flags,
|
||||
int nmin, int ndays);
|
||||
|
||||
static char **lookup_serial(TXT_DB *db, ASN1_INTEGER *ser);
|
||||
static char **lookup_serial(CA_DB *db, ASN1_INTEGER *ser);
|
||||
static BIO *init_responder(char *port);
|
||||
static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio, char *port);
|
||||
static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp);
|
||||
@ -143,7 +130,7 @@ int MAIN(int argc, char **argv)
|
||||
X509 *rca_cert = NULL;
|
||||
char *ridx_filename = NULL;
|
||||
char *rca_filename = NULL;
|
||||
TXT_DB *rdb = NULL;
|
||||
CA_DB *rdb = NULL;
|
||||
int nmin = 0, ndays = -1;
|
||||
|
||||
if (bio_err == NULL) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
|
||||
@ -700,22 +687,9 @@ int MAIN(int argc, char **argv)
|
||||
|
||||
if (ridx_filename && !rdb)
|
||||
{
|
||||
BIO *db_bio = NULL;
|
||||
db_bio = BIO_new_file(ridx_filename, "r");
|
||||
if (!db_bio)
|
||||
{
|
||||
BIO_printf(bio_err, "Error opening index file %s\n", ridx_filename);
|
||||
goto end;
|
||||
}
|
||||
rdb = TXT_DB_read(db_bio, DB_NUMBER);
|
||||
BIO_free(db_bio);
|
||||
if (!rdb)
|
||||
{
|
||||
BIO_printf(bio_err, "Error reading index file %s\n", ridx_filename);
|
||||
goto end;
|
||||
}
|
||||
if (!make_serial_index(rdb))
|
||||
goto end;
|
||||
rdb = load_index(ridx_filename, NULL);
|
||||
if (!rdb) goto end;
|
||||
if (!index_index(rdb)) goto end;
|
||||
}
|
||||
|
||||
if (rdb)
|
||||
@ -899,7 +873,7 @@ end:
|
||||
X509_free(cert);
|
||||
X509_free(rsigner);
|
||||
X509_free(rca_cert);
|
||||
TXT_DB_free(rdb);
|
||||
free_index(rdb);
|
||||
BIO_free_all(cbio);
|
||||
BIO_free_all(acbio);
|
||||
BIO_free(out);
|
||||
@ -1041,7 +1015,7 @@ static int print_ocsp_summary(BIO *out, OCSP_BASICRESP *bs, OCSP_REQUEST *req,
|
||||
}
|
||||
|
||||
|
||||
static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, TXT_DB *db,
|
||||
static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, CA_DB *db,
|
||||
X509 *ca, X509 *rcert, EVP_PKEY *rkey,
|
||||
STACK_OF(X509) *rother, unsigned long flags,
|
||||
int nmin, int ndays)
|
||||
@ -1133,7 +1107,7 @@ static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, TXT_DB *d
|
||||
|
||||
}
|
||||
|
||||
static char **lookup_serial(TXT_DB *db, ASN1_INTEGER *ser)
|
||||
static char **lookup_serial(CA_DB *db, ASN1_INTEGER *ser)
|
||||
{
|
||||
int i;
|
||||
BIGNUM *bn = NULL;
|
||||
@ -1146,7 +1120,7 @@ static char **lookup_serial(TXT_DB *db, ASN1_INTEGER *ser)
|
||||
itmp = BN_bn2hex(bn);
|
||||
row[DB_serial] = itmp;
|
||||
BN_free(bn);
|
||||
rrow=TXT_DB_get_by_index(db,DB_serial,row);
|
||||
rrow=TXT_DB_get_by_index(db->db,DB_serial,row);
|
||||
OPENSSL_free(itmp);
|
||||
return rrow;
|
||||
}
|
||||
|
5
crypto/dist/openssl/apps/openssl.cnf
vendored
5
crypto/dist/openssl/apps/openssl.cnf
vendored
@ -38,10 +38,14 @@ dir = ./demoCA # Where everything is kept
|
||||
certs = $dir/certs # Where the issued certs are kept
|
||||
crl_dir = $dir/crl # Where the issued crl are kept
|
||||
database = $dir/index.txt # database index file.
|
||||
#unique_subject = no # Set to 'no' to allow creation of
|
||||
# several ctificates with same subject.
|
||||
new_certs_dir = $dir/newcerts # default place for new certs.
|
||||
|
||||
certificate = $dir/cacert.pem # The CA certificate
|
||||
serial = $dir/serial # The current serial number
|
||||
#crlnumber = $dir/crlnumber # the current crl number
|
||||
# must be commented out to leave a V1 CRL
|
||||
crl = $dir/crl.pem # The current CRL
|
||||
private_key = $dir/private/cakey.pem# The private key
|
||||
RANDFILE = $dir/private/.rand # private random number file
|
||||
@ -58,6 +62,7 @@ cert_opt = ca_default # Certificate field options
|
||||
|
||||
# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
|
||||
# so this is commented out by default to leave a V1 CRL.
|
||||
# crlnumber must also be commented out to leave a V1 CRL.
|
||||
# crl_extensions = crl_ext
|
||||
|
||||
default_days = 365 # how long to certify for
|
||||
|
4
crypto/dist/openssl/apps/pkcs12.c
vendored
4
crypto/dist/openssl/apps/pkcs12.c
vendored
@ -557,7 +557,7 @@ int MAIN(int argc, char **argv)
|
||||
BIO_printf (bio_err, "Can't read Password\n");
|
||||
goto export_end;
|
||||
}
|
||||
if (!twopass) strcpy(macpass, pass);
|
||||
if (!twopass) BUF_strlcpy(macpass, pass, sizeof macpass);
|
||||
/* Turn certbags into encrypted authsafe */
|
||||
authsafe = PKCS12_pack_p7encdata(cert_pbe, cpass, -1, NULL, 0,
|
||||
iter, bags);
|
||||
@ -658,7 +658,7 @@ int MAIN(int argc, char **argv)
|
||||
CRYPTO_pop_info();
|
||||
#endif
|
||||
|
||||
if (!twopass) strcpy(macpass, pass);
|
||||
if (!twopass) BUF_strlcpy(macpass, pass, sizeof macpass);
|
||||
|
||||
if (options & INFO) BIO_printf (bio_err, "MAC Iteration %ld\n", p12->mac->iter ? ASN1_INTEGER_get (p12->mac->iter) : 1);
|
||||
if(macver) {
|
||||
|
3
crypto/dist/openssl/apps/pkcs7.c
vendored
3
crypto/dist/openssl/apps/pkcs7.c
vendored
@ -102,6 +102,9 @@ int MAIN(int argc, char **argv)
|
||||
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
|
||||
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
|
||||
|
||||
if (!load_config(bio_err, NULL))
|
||||
goto end;
|
||||
|
||||
infile=NULL;
|
||||
outfile=NULL;
|
||||
informat=FORMAT_PEM;
|
||||
|
12
crypto/dist/openssl/apps/rsautl.c
vendored
12
crypto/dist/openssl/apps/rsautl.c
vendored
@ -97,6 +97,7 @@ int MAIN(int argc, char **argv)
|
||||
EVP_PKEY *pkey = NULL;
|
||||
RSA *rsa = NULL;
|
||||
unsigned char *rsa_in = NULL, *rsa_out = NULL, pad;
|
||||
char *passargin = NULL, *passin = NULL;
|
||||
int rsa_inlen, rsa_outlen = 0;
|
||||
int keysize;
|
||||
|
||||
@ -124,6 +125,9 @@ int MAIN(int argc, char **argv)
|
||||
} else if(!strcmp(*argv, "-inkey")) {
|
||||
if (--argc < 1) badarg = 1;
|
||||
keyfile = *(++argv);
|
||||
} else if (!strcmp(*argv,"-passin")) {
|
||||
if (--argc < 1) badarg = 1;
|
||||
passargin= *(++argv);
|
||||
} else if (strcmp(*argv,"-keyform") == 0) {
|
||||
if (--argc < 1) badarg = 1;
|
||||
keyform=str2fmt(*(++argv));
|
||||
@ -169,6 +173,10 @@ int MAIN(int argc, char **argv)
|
||||
#ifndef OPENSSL_NO_ENGINE
|
||||
e = setup_engine(bio_err, engine, 0);
|
||||
#endif
|
||||
if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
|
||||
BIO_printf(bio_err, "Error getting password\n");
|
||||
goto end;
|
||||
}
|
||||
|
||||
/* FIXME: seed PRNG only if needed */
|
||||
app_RAND_load_file(NULL, bio_err, 0);
|
||||
@ -176,7 +184,7 @@ int MAIN(int argc, char **argv)
|
||||
switch(key_type) {
|
||||
case KEY_PRIVKEY:
|
||||
pkey = load_key(bio_err, keyfile, keyform, 0,
|
||||
NULL, e, "Private Key");
|
||||
passin, e, "Private Key");
|
||||
break;
|
||||
|
||||
case KEY_PUBKEY:
|
||||
@ -290,6 +298,7 @@ int MAIN(int argc, char **argv)
|
||||
BIO_free_all(out);
|
||||
if(rsa_in) OPENSSL_free(rsa_in);
|
||||
if(rsa_out) OPENSSL_free(rsa_out);
|
||||
if(passin) OPENSSL_free(passin);
|
||||
return ret;
|
||||
}
|
||||
|
||||
@ -313,6 +322,7 @@ static void usage()
|
||||
BIO_printf(bio_err, "-hexdump hex dump output\n");
|
||||
#ifndef OPENSSL_NO_ENGINE
|
||||
BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n");
|
||||
BIO_printf (bio_err, "-passin arg pass phrase source\n");
|
||||
#endif
|
||||
|
||||
}
|
||||
|
2
crypto/dist/openssl/apps/s_socket.c
vendored
2
crypto/dist/openssl/apps/s_socket.c
vendored
@ -389,7 +389,7 @@ redoit:
|
||||
perror("OPENSSL_malloc");
|
||||
return(0);
|
||||
}
|
||||
strcpy(*host,h1->h_name);
|
||||
BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1);
|
||||
|
||||
h2=GetHostByName(*host);
|
||||
if (h2 == NULL)
|
||||
|
86
crypto/dist/openssl/apps/x509.c
vendored
86
crypto/dist/openssl/apps/x509.c
vendored
@ -1022,31 +1022,31 @@ end:
|
||||
OPENSSL_EXIT(ret);
|
||||
}
|
||||
|
||||
static ASN1_INTEGER *load_serial(char *CAfile, char *serialfile, int create)
|
||||
static ASN1_INTEGER *x509_load_serial(char *CAfile, char *serialfile, int create)
|
||||
{
|
||||
char *buf = NULL, *p;
|
||||
MS_STATIC char buf2[1024];
|
||||
ASN1_INTEGER *bs = NULL, *bs2 = NULL;
|
||||
BIO *io = NULL;
|
||||
ASN1_INTEGER *bs = NULL;
|
||||
BIGNUM *serial = NULL;
|
||||
size_t len;
|
||||
|
||||
buf=OPENSSL_malloc( ((serialfile == NULL)
|
||||
?(strlen(CAfile)+strlen(POSTFIX)+1)
|
||||
:(strlen(serialfile)))+1);
|
||||
len = ((serialfile == NULL)
|
||||
?(strlen(CAfile)+strlen(POSTFIX)+1)
|
||||
:(strlen(serialfile)))+1;
|
||||
buf=OPENSSL_malloc(len);
|
||||
if (buf == NULL) { BIO_printf(bio_err,"out of mem\n"); goto end; }
|
||||
if (serialfile == NULL)
|
||||
{
|
||||
strcpy(buf,CAfile);
|
||||
BUF_strlcpy(buf,CAfile,len);
|
||||
for (p=buf; *p; p++)
|
||||
if (*p == '.')
|
||||
{
|
||||
*p='\0';
|
||||
break;
|
||||
}
|
||||
strcat(buf,POSTFIX);
|
||||
BUF_strlcat(buf,POSTFIX,len);
|
||||
}
|
||||
else
|
||||
strcpy(buf,serialfile);
|
||||
BUF_strlcpy(buf,serialfile,len);
|
||||
serial=BN_new();
|
||||
bs=ASN1_INTEGER_new();
|
||||
if ((serial == NULL) || (bs == NULL))
|
||||
@ -1055,72 +1055,18 @@ static ASN1_INTEGER *load_serial(char *CAfile, char *serialfile, int create)
|
||||
goto end;
|
||||
}
|
||||
|
||||
io=BIO_new(BIO_s_file());
|
||||
if (io == NULL)
|
||||
{
|
||||
ERR_print_errors(bio_err);
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (BIO_read_filename(io,buf) <= 0)
|
||||
{
|
||||
if (!create)
|
||||
{
|
||||
perror(buf);
|
||||
goto end;
|
||||
}
|
||||
else
|
||||
{
|
||||
ASN1_INTEGER_set(bs,1);
|
||||
BN_one(serial);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
if (!a2i_ASN1_INTEGER(io,bs,buf2,sizeof buf2))
|
||||
{
|
||||
BIO_printf(bio_err,"unable to load serial number from %s\n",buf);
|
||||
ERR_print_errors(bio_err);
|
||||
goto end;
|
||||
}
|
||||
else
|
||||
{
|
||||
serial=BN_bin2bn(bs->data,bs->length,serial);
|
||||
if (serial == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"error converting bin 2 bn");
|
||||
goto end;
|
||||
}
|
||||
}
|
||||
}
|
||||
serial = load_serial(buf, create, NULL);
|
||||
if (serial == NULL) goto end;
|
||||
|
||||
if (!BN_add_word(serial,1))
|
||||
{ BIO_printf(bio_err,"add_word failure\n"); goto end; }
|
||||
if (!(bs2 = BN_to_ASN1_INTEGER(serial, NULL)))
|
||||
{ BIO_printf(bio_err,"error converting bn 2 asn1_integer\n"); goto end; }
|
||||
if (BIO_write_filename(io,buf) <= 0)
|
||||
{
|
||||
BIO_printf(bio_err,"error attempting to write serial number file\n");
|
||||
perror(buf);
|
||||
goto end;
|
||||
}
|
||||
i2a_ASN1_INTEGER(io,bs2);
|
||||
BIO_puts(io,"\n");
|
||||
|
||||
BIO_free(io);
|
||||
if (!save_serial(buf, NULL, serial, &bs)) goto end;
|
||||
|
||||
end:
|
||||
if (buf) OPENSSL_free(buf);
|
||||
ASN1_INTEGER_free(bs2);
|
||||
BN_free(serial);
|
||||
io=NULL;
|
||||
return bs;
|
||||
|
||||
end:
|
||||
if (buf) OPENSSL_free(buf);
|
||||
BIO_free(io);
|
||||
ASN1_INTEGER_free(bs);
|
||||
BN_free(serial);
|
||||
return NULL;
|
||||
|
||||
}
|
||||
|
||||
static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
|
||||
@ -1142,7 +1088,7 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
|
||||
goto end;
|
||||
}
|
||||
if (sno) bs = sno;
|
||||
else if (!(bs = load_serial(CAfile, serialfile, create)))
|
||||
else if (!(bs = x509_load_serial(CAfile, serialfile, create)))
|
||||
goto end;
|
||||
|
||||
/* if (!X509_STORE_add_cert(ctx,x)) goto end;*/
|
||||
|
18
crypto/dist/openssl/certs/expired/vsign3.pem
vendored
Normal file
18
crypto/dist/openssl/certs/expired/vsign3.pem
vendored
Normal file
@ -0,0 +1,18 @@
|
||||
subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
|
||||
notBefore=Jan 29 00:00:00 1996 GMT
|
||||
notAfter=Jan 7 23:59:59 2004 GMT
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIICPTCCAaYCEQDknv3zOugOz6URPhmkJAIyMA0GCSqGSIb3DQEBAgUAMF8xCzAJ
|
||||
BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xh
|
||||
c3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05
|
||||
NjAxMjkwMDAwMDBaFw0wNDAxMDcyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYD
|
||||
VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJp
|
||||
bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOB
|
||||
jQAwgYkCgYEAyVxZnvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqo
|
||||
RAWq7AMfeH+ek7maAKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4
|
||||
rCNfcCk2pMmG57GaIMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATAN
|
||||
BgkqhkiG9w0BAQIFAAOBgQBhcOwvP579K+ZoVCGwZ3kIDCCWMYoNer62Jt95LCJp
|
||||
STbjl3diYaIy13pUITa6Ask05yXaRDWw0lyAXbOU+Pms7qRgdSoflUkjsUp89LNH
|
||||
ciFbfperVKxi513srpvSybIk+4Kt6WcVS7qqpvCXoPawl1cAyAw8CaCCBLpB2veZ
|
||||
pA==
|
||||
-----END CERTIFICATE-----
|
27
crypto/dist/openssl/certs/vsign3.pem
vendored
27
crypto/dist/openssl/certs/vsign3.pem
vendored
@ -1,18 +1,17 @@
|
||||
subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
|
||||
notBefore=Jan 29 00:00:00 1996 GMT
|
||||
notAfter=Jan 7 23:59:59 2004 GMT
|
||||
notAfter=Aug 1 23:59:59 2028 GMT
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIICPTCCAaYCEQDknv3zOugOz6URPhmkJAIyMA0GCSqGSIb3DQEBAgUAMF8xCzAJ
|
||||
BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xh
|
||||
c3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05
|
||||
NjAxMjkwMDAwMDBaFw0wNDAxMDcyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYD
|
||||
VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJp
|
||||
bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOB
|
||||
jQAwgYkCgYEAyVxZnvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqo
|
||||
RAWq7AMfeH+ek7maAKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4
|
||||
rCNfcCk2pMmG57GaIMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATAN
|
||||
BgkqhkiG9w0BAQIFAAOBgQBhcOwvP579K+ZoVCGwZ3kIDCCWMYoNer62Jt95LCJp
|
||||
STbjl3diYaIy13pUITa6Ask05yXaRDWw0lyAXbOU+Pms7qRgdSoflUkjsUp89LNH
|
||||
ciFbfperVKxi513srpvSybIk+4Kt6WcVS7qqpvCXoPawl1cAyAw8CaCCBLpB2veZ
|
||||
pA==
|
||||
MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG
|
||||
A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
|
||||
cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
|
||||
MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
|
||||
BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt
|
||||
YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
|
||||
ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE
|
||||
BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is
|
||||
I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G
|
||||
CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do
|
||||
lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc
|
||||
AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k
|
||||
-----END CERTIFICATE-----
|
||||
|
8
crypto/dist/openssl/crypto/Makefile.ssl
vendored
8
crypto/dist/openssl/crypto/Makefile.ssl
vendored
@ -50,7 +50,7 @@ ALL= $(GENERAL) $(SRC) $(HEADER)
|
||||
top:
|
||||
@(cd ..; $(MAKE) DIRS=$(DIR) all)
|
||||
|
||||
all: buildinf.h lib subdirs shared
|
||||
all: shared
|
||||
|
||||
buildinf.h: ../Makefile.ssl
|
||||
( echo "#ifndef MK1MF_BUILD"; \
|
||||
@ -81,11 +81,11 @@ files:
|
||||
done;
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@for i in $(SDIRS); do \
|
||||
(cd $$i && echo "making links in crypto/$$i..." && \
|
||||
$(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PERL='${PERL}' links ); \
|
||||
@ -96,7 +96,7 @@ lib: $(LIBOBJ)
|
||||
$(RANLIB) $(LIB) || echo Never mind.
|
||||
@touch lib
|
||||
|
||||
shared:
|
||||
shared: buildinf.h lib subdirs
|
||||
if [ -n "$(SHARED_LIBS)" ]; then \
|
||||
(cd ..; $(MAKE) $(SHARED_LIB)); \
|
||||
fi
|
||||
|
2
crypto/dist/openssl/crypto/aes/Makefile.ssl
vendored
2
crypto/dist/openssl/crypto/aes/Makefile.ssl
vendored
@ -52,7 +52,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
2
crypto/dist/openssl/crypto/aes/aes_cbc.c
vendored
2
crypto/dist/openssl/crypto/aes/aes_cbc.c
vendored
@ -104,7 +104,7 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
memcpy(tmp, in, AES_BLOCK_SIZE);
|
||||
AES_decrypt(tmp, tmp, key);
|
||||
for(n=0; n < len; ++n)
|
||||
out[n] ^= ivec[n];
|
||||
out[n] = tmp[n] ^ ivec[n];
|
||||
memcpy(ivec, tmp, AES_BLOCK_SIZE);
|
||||
}
|
||||
}
|
||||
|
2
crypto/dist/openssl/crypto/asn1/Makefile.ssl
vendored
2
crypto/dist/openssl/crypto/asn1/Makefile.ssl
vendored
@ -77,7 +77,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
2
crypto/dist/openssl/crypto/asn1/a_strex.c
vendored
2
crypto/dist/openssl/crypto/asn1/a_strex.c
vendored
@ -285,7 +285,7 @@ const static signed char tag2nbyte[] = {
|
||||
-1, -1, 0, -1, /* 10-13 */
|
||||
-1, -1, -1, -1, /* 15-17 */
|
||||
-1, 1, 1, /* 18-20 */
|
||||
-1, 1, -1,-1, /* 21-24 */
|
||||
-1, 1, 1, 1, /* 21-24 */
|
||||
-1, 1, -1, /* 25-27 */
|
||||
4, -1, 2 /* 28-30 */
|
||||
};
|
||||
|
9
crypto/dist/openssl/crypto/asn1/a_time.c
vendored
9
crypto/dist/openssl/crypto/asn1/a_time.c
vendored
@ -128,6 +128,7 @@ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZE
|
||||
{
|
||||
ASN1_GENERALIZEDTIME *ret;
|
||||
char *str;
|
||||
int newlen;
|
||||
|
||||
if (!ASN1_TIME_check(t)) return NULL;
|
||||
|
||||
@ -150,12 +151,14 @@ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZE
|
||||
/* grow the string */
|
||||
if (!ASN1_STRING_set(ret, NULL, t->length + 2))
|
||||
return NULL;
|
||||
/* ASN1_STRING_set() allocated 'len + 1' bytes. */
|
||||
newlen = t->length + 2 + 1;
|
||||
str = (char *)ret->data;
|
||||
/* Work out the century and prepend */
|
||||
if (t->data[0] >= '5') strcpy(str, "19");
|
||||
else strcpy(str, "20");
|
||||
if (t->data[0] >= '5') BUF_strlcpy(str, "19", newlen);
|
||||
else BUF_strlcpy(str, "20", newlen);
|
||||
|
||||
BUF_strlcat(str, (char *)t->data, t->length+3); /* Include space for a '\0' */
|
||||
BUF_strlcat(str, (char *)t->data, newlen);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
9
crypto/dist/openssl/crypto/asn1/asn_moid.c
vendored
9
crypto/dist/openssl/crypto/asn1/asn_moid.c
vendored
@ -87,9 +87,14 @@ static int oid_module_init(CONF_IMODULE *md, const CONF *cnf)
|
||||
}
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
|
||||
static void oid_module_finish(CONF_IMODULE *md)
|
||||
{
|
||||
OBJ_cleanup();
|
||||
}
|
||||
|
||||
void ASN1_add_oid_module(void)
|
||||
{
|
||||
CONF_module_add("oid_section", oid_module_init, 0);
|
||||
CONF_module_add("oid_section", oid_module_init, oid_module_finish);
|
||||
}
|
||||
|
10
crypto/dist/openssl/crypto/asn1/x_long.c
vendored
10
crypto/dist/openssl/crypto/asn1/x_long.c
vendored
@ -104,7 +104,12 @@ static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const A
|
||||
long ltmp;
|
||||
unsigned long utmp;
|
||||
int clen, pad, i;
|
||||
ltmp = *(long *)pval;
|
||||
/* this exists to bypass broken gcc optimization */
|
||||
char *cp = (char *)pval;
|
||||
|
||||
/* use memcpy, because we may not be long aligned */
|
||||
memcpy(<mp, cp, sizeof(long));
|
||||
|
||||
if(ltmp == it->size) return -1;
|
||||
/* Convert the long to positive: we subtract one if negative so
|
||||
* we can cleanly handle the padding if only the MSB of the leading
|
||||
@ -136,6 +141,7 @@ static int long_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype,
|
||||
int neg, i;
|
||||
long ltmp;
|
||||
unsigned long utmp = 0;
|
||||
char *cp = (char *)pval;
|
||||
if(len > sizeof(long)) {
|
||||
ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
|
||||
return 0;
|
||||
@ -158,6 +164,6 @@ static int long_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype,
|
||||
ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
|
||||
return 0;
|
||||
}
|
||||
*(long *)pval = ltmp;
|
||||
memcpy(cp, <mp, sizeof(long));
|
||||
return 1;
|
||||
}
|
||||
|
3
crypto/dist/openssl/crypto/bf/Makefile.ssl
vendored
3
crypto/dist/openssl/crypto/bf/Makefile.ssl
vendored
@ -22,6 +22,7 @@ BF_ENC= bf_enc.o
|
||||
#DES_ENC= bx86-elf.o
|
||||
|
||||
CFLAGS= $(INCLUDES) $(CFLAG)
|
||||
ASFLAGS= $(INCLUDES) $(ASFLAG)
|
||||
|
||||
GENERAL=Makefile
|
||||
TEST=bftest.c
|
||||
@ -67,7 +68,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
2
crypto/dist/openssl/crypto/bio/Makefile.ssl
vendored
2
crypto/dist/openssl/crypto/bio/Makefile.ssl
vendored
@ -57,7 +57,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
12
crypto/dist/openssl/crypto/bio/b_print.c
vendored
12
crypto/dist/openssl/crypto/bio/b_print.c
vendored
@ -576,12 +576,12 @@ abs_val(LDOUBLE value)
|
||||
}
|
||||
|
||||
static LDOUBLE
|
||||
pow10(int exp)
|
||||
pow10(int in_exp)
|
||||
{
|
||||
LDOUBLE result = 1;
|
||||
while (exp) {
|
||||
while (in_exp) {
|
||||
result *= 10;
|
||||
exp--;
|
||||
in_exp--;
|
||||
}
|
||||
return result;
|
||||
}
|
||||
@ -652,8 +652,8 @@ fmtfp(
|
||||
(caps ? "0123456789ABCDEF"
|
||||
: "0123456789abcdef")[intpart % 10];
|
||||
intpart = (intpart / 10);
|
||||
} while (intpart && (iplace < sizeof iplace));
|
||||
if (iplace == sizeof iplace)
|
||||
} while (intpart && (iplace < sizeof iconvert));
|
||||
if (iplace == sizeof iconvert)
|
||||
iplace--;
|
||||
iconvert[iplace] = 0;
|
||||
|
||||
@ -664,7 +664,7 @@ fmtfp(
|
||||
: "0123456789abcdef")[fracpart % 10];
|
||||
fracpart = (fracpart / 10);
|
||||
} while (fplace < max);
|
||||
if (fplace == sizeof fplace)
|
||||
if (fplace == sizeof fconvert)
|
||||
fplace--;
|
||||
fconvert[fplace] = 0;
|
||||
|
||||
|
5
crypto/dist/openssl/crypto/bn/Makefile.ssl
vendored
5
crypto/dist/openssl/crypto/bn/Makefile.ssl
vendored
@ -120,11 +120,14 @@ asm/ia64-cpp.o: asm/ia64.S
|
||||
|
||||
asm/x86_64-gcc.o: asm/x86_64-gcc.c
|
||||
|
||||
asm/pa-risc2W.o: asm/pa-risc2W.s
|
||||
/usr/ccs/bin/as -o asm/pa-rics2W.o asm/pa-risc2W.s
|
||||
|
||||
files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
2
crypto/dist/openssl/crypto/bn/asm/bn-586.pl
vendored
2
crypto/dist/openssl/crypto/bn/asm/bn-586.pl
vendored
@ -11,7 +11,7 @@ require "x86asm.pl";
|
||||
&bn_div_words("bn_div_words");
|
||||
&bn_add_words("bn_add_words");
|
||||
&bn_sub_words("bn_sub_words");
|
||||
&bn_sub_part_words("bn_sub_part_words");
|
||||
#&bn_sub_part_words("bn_sub_part_words");
|
||||
|
||||
&asm_finish();
|
||||
|
||||
|
416
crypto/dist/openssl/crypto/bn/asm/pa-risc2.s.old
vendored
Normal file
416
crypto/dist/openssl/crypto/bn/asm/pa-risc2.s.old
vendored
Normal file
@ -0,0 +1,416 @@
|
||||
.SPACE $PRIVATE$
|
||||
.SUBSPA $DATA$,QUAD=1,ALIGN=8,ACCESS=31
|
||||
.SUBSPA $BSS$,QUAD=1,ALIGN=8,ACCESS=31,ZERO,SORT=82
|
||||
.SPACE $TEXT$
|
||||
.SUBSPA $LIT$,QUAD=0,ALIGN=8,ACCESS=44
|
||||
.SUBSPA $CODE$,QUAD=0,ALIGN=8,ACCESS=44,CODE_ONLY
|
||||
.IMPORT $global$,DATA
|
||||
.IMPORT $$dyncall,MILLICODE
|
||||
; gcc_compiled.:
|
||||
.SPACE $TEXT$
|
||||
.SUBSPA $CODE$
|
||||
|
||||
.align 4
|
||||
.EXPORT bn_mul_add_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
|
||||
bn_mul_add_words
|
||||
.PROC
|
||||
.CALLINFO FRAME=64,CALLS,SAVE_RP,ENTRY_GR=4
|
||||
.ENTRY
|
||||
stw %r2,-20(0,%r30)
|
||||
stwm %r4,64(0,%r30)
|
||||
copy %r24,%r31
|
||||
stw %r3,-60(0,%r30)
|
||||
ldi 0,%r20
|
||||
ldo 12(%r26),%r2
|
||||
stw %r23,-16(0,%r30)
|
||||
copy %r25,%r3
|
||||
ldo 12(%r3),%r1
|
||||
fldws -16(0,%r30),%fr8L
|
||||
L$0010
|
||||
copy %r20,%r25
|
||||
ldi 0,%r24
|
||||
fldws 0(0,%r3),%fr9L
|
||||
ldw 0(0,%r26),%r19
|
||||
xmpyu %fr8L,%fr9L,%fr9
|
||||
fstds %fr9,-16(0,%r30)
|
||||
copy %r19,%r23
|
||||
ldw -16(0,%r30),%r28
|
||||
ldw -12(0,%r30),%r29
|
||||
ldi 0,%r22
|
||||
add %r23,%r29,%r29
|
||||
addc %r22,%r28,%r28
|
||||
add %r25,%r29,%r29
|
||||
addc %r24,%r28,%r28
|
||||
copy %r28,%r21
|
||||
ldi 0,%r20
|
||||
copy %r21,%r20
|
||||
addib,= -1,%r31,L$0011
|
||||
stw %r29,0(0,%r26)
|
||||
copy %r20,%r25
|
||||
ldi 0,%r24
|
||||
fldws -8(0,%r1),%fr9L
|
||||
ldw -8(0,%r2),%r19
|
||||
xmpyu %fr8L,%fr9L,%fr9
|
||||
fstds %fr9,-16(0,%r30)
|
||||
copy %r19,%r23
|
||||
ldw -16(0,%r30),%r28
|
||||
ldw -12(0,%r30),%r29
|
||||
ldi 0,%r22
|
||||
add %r23,%r29,%r29
|
||||
addc %r22,%r28,%r28
|
||||
add %r25,%r29,%r29
|
||||
addc %r24,%r28,%r28
|
||||
copy %r28,%r21
|
||||
ldi 0,%r20
|
||||
copy %r21,%r20
|
||||
addib,= -1,%r31,L$0011
|
||||
stw %r29,-8(0,%r2)
|
||||
copy %r20,%r25
|
||||
ldi 0,%r24
|
||||
fldws -4(0,%r1),%fr9L
|
||||
ldw -4(0,%r2),%r19
|
||||
xmpyu %fr8L,%fr9L,%fr9
|
||||
fstds %fr9,-16(0,%r30)
|
||||
copy %r19,%r23
|
||||
ldw -16(0,%r30),%r28
|
||||
ldw -12(0,%r30),%r29
|
||||
ldi 0,%r22
|
||||
add %r23,%r29,%r29
|
||||
addc %r22,%r28,%r28
|
||||
add %r25,%r29,%r29
|
||||
addc %r24,%r28,%r28
|
||||
copy %r28,%r21
|
||||
ldi 0,%r20
|
||||
copy %r21,%r20
|
||||
addib,= -1,%r31,L$0011
|
||||
stw %r29,-4(0,%r2)
|
||||
copy %r20,%r25
|
||||
ldi 0,%r24
|
||||
fldws 0(0,%r1),%fr9L
|
||||
ldw 0(0,%r2),%r19
|
||||
xmpyu %fr8L,%fr9L,%fr9
|
||||
fstds %fr9,-16(0,%r30)
|
||||
copy %r19,%r23
|
||||
ldw -16(0,%r30),%r28
|
||||
ldw -12(0,%r30),%r29
|
||||
ldi 0,%r22
|
||||
add %r23,%r29,%r29
|
||||
addc %r22,%r28,%r28
|
||||
add %r25,%r29,%r29
|
||||
addc %r24,%r28,%r28
|
||||
copy %r28,%r21
|
||||
ldi 0,%r20
|
||||
copy %r21,%r20
|
||||
addib,= -1,%r31,L$0011
|
||||
stw %r29,0(0,%r2)
|
||||
ldo 16(%r1),%r1
|
||||
ldo 16(%r3),%r3
|
||||
ldo 16(%r2),%r2
|
||||
bl L$0010,0
|
||||
ldo 16(%r26),%r26
|
||||
L$0011
|
||||
copy %r20,%r28
|
||||
ldw -84(0,%r30),%r2
|
||||
ldw -60(0,%r30),%r3
|
||||
bv 0(%r2)
|
||||
ldwm -64(0,%r30),%r4
|
||||
.EXIT
|
||||
.PROCEND
|
||||
.align 4
|
||||
.EXPORT bn_mul_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
|
||||
bn_mul_words
|
||||
.PROC
|
||||
.CALLINFO FRAME=64,CALLS,SAVE_RP,ENTRY_GR=3
|
||||
.ENTRY
|
||||
stw %r2,-20(0,%r30)
|
||||
copy %r25,%r2
|
||||
stwm %r4,64(0,%r30)
|
||||
copy %r24,%r19
|
||||
ldi 0,%r28
|
||||
stw %r23,-16(0,%r30)
|
||||
ldo 12(%r26),%r31
|
||||
ldo 12(%r2),%r29
|
||||
fldws -16(0,%r30),%fr8L
|
||||
L$0026
|
||||
fldws 0(0,%r2),%fr9L
|
||||
xmpyu %fr8L,%fr9L,%fr9
|
||||
fstds %fr9,-16(0,%r30)
|
||||
copy %r28,%r21
|
||||
ldi 0,%r20
|
||||
ldw -16(0,%r30),%r24
|
||||
ldw -12(0,%r30),%r25
|
||||
add %r21,%r25,%r25
|
||||
addc %r20,%r24,%r24
|
||||
copy %r24,%r23
|
||||
ldi 0,%r22
|
||||
copy %r23,%r28
|
||||
addib,= -1,%r19,L$0027
|
||||
stw %r25,0(0,%r26)
|
||||
fldws -8(0,%r29),%fr9L
|
||||
xmpyu %fr8L,%fr9L,%fr9
|
||||
fstds %fr9,-16(0,%r30)
|
||||
copy %r28,%r21
|
||||
ldi 0,%r20
|
||||
ldw -16(0,%r30),%r24
|
||||
ldw -12(0,%r30),%r25
|
||||
add %r21,%r25,%r25
|
||||
addc %r20,%r24,%r24
|
||||
copy %r24,%r23
|
||||
ldi 0,%r22
|
||||
copy %r23,%r28
|
||||
addib,= -1,%r19,L$0027
|
||||
stw %r25,-8(0,%r31)
|
||||
fldws -4(0,%r29),%fr9L
|
||||
xmpyu %fr8L,%fr9L,%fr9
|
||||
fstds %fr9,-16(0,%r30)
|
||||
copy %r28,%r21
|
||||
ldi 0,%r20
|
||||
ldw -16(0,%r30),%r24
|
||||
ldw -12(0,%r30),%r25
|
||||
add %r21,%r25,%r25
|
||||
addc %r20,%r24,%r24
|
||||
copy %r24,%r23
|
||||
ldi 0,%r22
|
||||
copy %r23,%r28
|
||||
addib,= -1,%r19,L$0027
|
||||
stw %r25,-4(0,%r31)
|
||||
fldws 0(0,%r29),%fr9L
|
||||
xmpyu %fr8L,%fr9L,%fr9
|
||||
fstds %fr9,-16(0,%r30)
|
||||
copy %r28,%r21
|
||||
ldi 0,%r20
|
||||
ldw -16(0,%r30),%r24
|
||||
ldw -12(0,%r30),%r25
|
||||
add %r21,%r25,%r25
|
||||
addc %r20,%r24,%r24
|
||||
copy %r24,%r23
|
||||
ldi 0,%r22
|
||||
copy %r23,%r28
|
||||
addib,= -1,%r19,L$0027
|
||||
stw %r25,0(0,%r31)
|
||||
ldo 16(%r29),%r29
|
||||
ldo 16(%r2),%r2
|
||||
ldo 16(%r31),%r31
|
||||
bl L$0026,0
|
||||
ldo 16(%r26),%r26
|
||||
L$0027
|
||||
ldw -84(0,%r30),%r2
|
||||
bv 0(%r2)
|
||||
ldwm -64(0,%r30),%r4
|
||||
.EXIT
|
||||
.PROCEND
|
||||
.align 4
|
||||
.EXPORT bn_sqr_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR
|
||||
bn_sqr_words
|
||||
.PROC
|
||||
.CALLINFO FRAME=0,NO_CALLS
|
||||
.ENTRY
|
||||
ldo 28(%r26),%r19
|
||||
ldo 12(%r25),%r28
|
||||
L$0042
|
||||
fldws 0(0,%r25),%fr8L
|
||||
fldws 0(0,%r25),%fr8R
|
||||
xmpyu %fr8L,%fr8R,%fr8
|
||||
fstds %fr8,-16(0,%r30)
|
||||
ldw -16(0,%r30),%r22
|
||||
ldw -12(0,%r30),%r23
|
||||
stw %r23,0(0,%r26)
|
||||
copy %r22,%r21
|
||||
ldi 0,%r20
|
||||
addib,= -1,%r24,L$0049
|
||||
stw %r21,-24(0,%r19)
|
||||
fldws -8(0,%r28),%fr8L
|
||||
fldws -8(0,%r28),%fr8R
|
||||
xmpyu %fr8L,%fr8R,%fr8
|
||||
fstds %fr8,-16(0,%r30)
|
||||
ldw -16(0,%r30),%r22
|
||||
ldw -12(0,%r30),%r23
|
||||
stw %r23,-20(0,%r19)
|
||||
copy %r22,%r21
|
||||
ldi 0,%r20
|
||||
addib,= -1,%r24,L$0049
|
||||
stw %r21,-16(0,%r19)
|
||||
fldws -4(0,%r28),%fr8L
|
||||
fldws -4(0,%r28),%fr8R
|
||||
xmpyu %fr8L,%fr8R,%fr8
|
||||
fstds %fr8,-16(0,%r30)
|
||||
ldw -16(0,%r30),%r22
|
||||
ldw -12(0,%r30),%r23
|
||||
stw %r23,-12(0,%r19)
|
||||
copy %r22,%r21
|
||||
ldi 0,%r20
|
||||
addib,= -1,%r24,L$0049
|
||||
stw %r21,-8(0,%r19)
|
||||
fldws 0(0,%r28),%fr8L
|
||||
fldws 0(0,%r28),%fr8R
|
||||
xmpyu %fr8L,%fr8R,%fr8
|
||||
fstds %fr8,-16(0,%r30)
|
||||
ldw -16(0,%r30),%r22
|
||||
ldw -12(0,%r30),%r23
|
||||
stw %r23,-4(0,%r19)
|
||||
copy %r22,%r21
|
||||
ldi 0,%r20
|
||||
addib,= -1,%r24,L$0049
|
||||
stw %r21,0(0,%r19)
|
||||
ldo 16(%r28),%r28
|
||||
ldo 16(%r25),%r25
|
||||
ldo 32(%r19),%r19
|
||||
bl L$0042,0
|
||||
ldo 32(%r26),%r26
|
||||
L$0049
|
||||
bv,n 0(%r2)
|
||||
.EXIT
|
||||
.PROCEND
|
||||
.IMPORT BN_num_bits_word,CODE
|
||||
.IMPORT fprintf,CODE
|
||||
.IMPORT __iob,DATA
|
||||
.SPACE $TEXT$
|
||||
.SUBSPA $LIT$
|
||||
|
||||
.align 4
|
||||
L$C0000
|
||||
.STRING "Division would overflow (%d)\x0a\x00"
|
||||
.IMPORT abort,CODE
|
||||
.SPACE $TEXT$
|
||||
.SUBSPA $CODE$
|
||||
|
||||
.align 4
|
||||
.EXPORT bn_div64,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,RTNVAL=GR
|
||||
bn_div64
|
||||
.PROC
|
||||
.CALLINFO FRAME=128,CALLS,SAVE_RP,ENTRY_GR=8
|
||||
.ENTRY
|
||||
stw %r2,-20(0,%r30)
|
||||
stwm %r8,128(0,%r30)
|
||||
stw %r7,-124(0,%r30)
|
||||
stw %r4,-112(0,%r30)
|
||||
stw %r3,-108(0,%r30)
|
||||
copy %r26,%r3
|
||||
copy %r25,%r4
|
||||
stw %r6,-120(0,%r30)
|
||||
ldi 0,%r7
|
||||
stw %r5,-116(0,%r30)
|
||||
movb,<> %r24,%r5,L$0051
|
||||
ldi 2,%r6
|
||||
bl L$0068,0
|
||||
ldi -1,%r28
|
||||
L$0051
|
||||
.CALL ARGW0=GR
|
||||
bl BN_num_bits_word,%r2
|
||||
copy %r5,%r26
|
||||
copy %r28,%r24
|
||||
ldi 32,%r19
|
||||
comb,= %r19,%r24,L$0052
|
||||
subi 31,%r24,%r19
|
||||
mtsar %r19
|
||||
zvdepi 1,32,%r19
|
||||
comb,>>= %r19,%r3,L$0052
|
||||
addil LR'__iob-$global$+32,%r27
|
||||
ldo RR'__iob-$global$+32(%r1),%r26
|
||||
ldil LR'L$C0000,%r25
|
||||
.CALL ARGW0=GR,ARGW1=GR,ARGW2=GR
|
||||
bl fprintf,%r2
|
||||
ldo RR'L$C0000(%r25),%r25
|
||||
.CALL
|
||||
bl abort,%r2
|
||||
nop
|
||||
L$0052
|
||||
comb,>> %r5,%r3,L$0053
|
||||
subi 32,%r24,%r24
|
||||
sub %r3,%r5,%r3
|
||||
L$0053
|
||||
comib,= 0,%r24,L$0054
|
||||
subi 31,%r24,%r19
|
||||
mtsar %r19
|
||||
zvdep %r5,32,%r5
|
||||
zvdep %r3,32,%r21
|
||||
subi 32,%r24,%r20
|
||||
mtsar %r20
|
||||
vshd 0,%r4,%r20
|
||||
or %r21,%r20,%r3
|
||||
mtsar %r19
|
||||
zvdep %r4,32,%r4
|
||||
L$0054
|
||||
extru %r5,15,16,%r23
|
||||
extru %r5,31,16,%r28
|
||||
L$0055
|
||||
extru %r3,15,16,%r19
|
||||
comb,<> %r23,%r19,L$0058
|
||||
copy %r3,%r26
|
||||
bl L$0059,0
|
||||
zdepi -1,31,16,%r29
|
||||
L$0058
|
||||
.IMPORT $$divU,MILLICODE
|
||||
bl $$divU,%r31
|
||||
copy %r23,%r25
|
||||
L$0059
|
||||
stw %r29,-16(0,%r30)
|
||||
fldws -16(0,%r30),%fr10L
|
||||
stw %r28,-16(0,%r30)
|
||||
fldws -16(0,%r30),%fr10R
|
||||
stw %r23,-16(0,%r30)
|
||||
xmpyu %fr10L,%fr10R,%fr8
|
||||
fldws -16(0,%r30),%fr10R
|
||||
fstws %fr8R,-16(0,%r30)
|
||||
xmpyu %fr10L,%fr10R,%fr9
|
||||
ldw -16(0,%r30),%r8
|
||||
fstws %fr9R,-16(0,%r30)
|
||||
copy %r8,%r22
|
||||
ldw -16(0,%r30),%r8
|
||||
extru %r4,15,16,%r24
|
||||
copy %r8,%r21
|
||||
L$0060
|
||||
sub %r3,%r21,%r20
|
||||
copy %r20,%r19
|
||||
depi 0,31,16,%r19
|
||||
comib,<> 0,%r19,L$0061
|
||||
zdep %r20,15,16,%r19
|
||||
addl %r19,%r24,%r19
|
||||
comb,>>= %r19,%r22,L$0061
|
||||
sub %r22,%r28,%r22
|
||||
sub %r21,%r23,%r21
|
||||
bl L$0060,0
|
||||
ldo -1(%r29),%r29
|
||||
L$0061
|
||||
stw %r29,-16(0,%r30)
|
||||
fldws -16(0,%r30),%fr10L
|
||||
stw %r28,-16(0,%r30)
|
||||
fldws -16(0,%r30),%fr10R
|
||||
xmpyu %fr10L,%fr10R,%fr8
|
||||
fstws %fr8R,-16(0,%r30)
|
||||
ldw -16(0,%r30),%r8
|
||||
stw %r23,-16(0,%r30)
|
||||
fldws -16(0,%r30),%fr10R
|
||||
copy %r8,%r19
|
||||
xmpyu %fr10L,%fr10R,%fr8
|
||||
fstws %fr8R,-16(0,%r30)
|
||||
extru %r19,15,16,%r20
|
||||
ldw -16(0,%r30),%r8
|
||||
zdep %r19,15,16,%r19
|
||||
addl %r8,%r20,%r20
|
||||
comclr,<<= %r19,%r4,0
|
||||
addi 1,%r20,%r20
|
||||
comb,<<= %r20,%r3,L$0066
|
||||
sub %r4,%r19,%r4
|
||||
addl %r3,%r5,%r3
|
||||
ldo -1(%r29),%r29
|
||||
L$0066
|
||||
addib,= -1,%r6,L$0056
|
||||
sub %r3,%r20,%r3
|
||||
zdep %r29,15,16,%r7
|
||||
shd %r3,%r4,16,%r3
|
||||
bl L$0055,0
|
||||
zdep %r4,15,16,%r4
|
||||
L$0056
|
||||
or %r7,%r29,%r28
|
||||
L$0068
|
||||
ldw -148(0,%r30),%r2
|
||||
ldw -124(0,%r30),%r7
|
||||
ldw -120(0,%r30),%r6
|
||||
ldw -116(0,%r30),%r5
|
||||
ldw -112(0,%r30),%r4
|
||||
ldw -108(0,%r30),%r3
|
||||
bv 0(%r2)
|
||||
ldwm -128(0,%r30),%r8
|
||||
.EXIT
|
||||
.PROCEND
|
@ -142,7 +142,7 @@ void bn_sqr_words(BN_ULONG *r, BN_ULONG *a, int n)
|
||||
BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
|
||||
{ BN_ULONG ret,waste;
|
||||
|
||||
asm ("divq %3"
|
||||
asm ("divq %4"
|
||||
: "=a"(ret),"=d"(waste)
|
||||
: "a"(l),"d"(h),"g"(d)
|
||||
: "cc");
|
||||
|
17
crypto/dist/openssl/crypto/bn/bn_lcl.h
vendored
17
crypto/dist/openssl/crypto/bn/bn_lcl.h
vendored
@ -433,19 +433,18 @@ void bn_sqr_comba4(BN_ULONG *r,const BN_ULONG *a);
|
||||
int bn_cmp_words(const BN_ULONG *a,const BN_ULONG *b,int n);
|
||||
int bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b,
|
||||
int cl, int dl);
|
||||
#if 0
|
||||
/* bn_mul.c rollback <appro> */
|
||||
void bn_mul_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2,
|
||||
int dna,int dnb,BN_ULONG *t);
|
||||
void bn_mul_part_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,
|
||||
int n,int tna,int tnb,BN_ULONG *t);
|
||||
#endif
|
||||
void bn_sqr_recursive(BN_ULONG *r,const BN_ULONG *a, int n2, BN_ULONG *t);
|
||||
void bn_mul_low_normal(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, int n);
|
||||
#ifdef BN_RECURSION
|
||||
void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
|
||||
BN_ULONG *t);
|
||||
void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int tn,
|
||||
int n, BN_ULONG *t);
|
||||
void bn_mul_low_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2,
|
||||
BN_ULONG *t);
|
||||
void bn_mul_high(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,BN_ULONG *l,int n2,
|
||||
BN_ULONG *t);
|
||||
void bn_sqr_recursive(BN_ULONG *r,const BN_ULONG *a, int n2, BN_ULONG *t);
|
||||
#endif
|
||||
void bn_mul_low_normal(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, int n);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
@ -47,7 +47,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
3
crypto/dist/openssl/crypto/cast/Makefile.ssl
vendored
3
crypto/dist/openssl/crypto/cast/Makefile.ssl
vendored
@ -25,6 +25,7 @@ CAST_ENC=c_enc.o
|
||||
#CAST_ENC=asm/cx86bdsi.o
|
||||
|
||||
CFLAGS= $(INCLUDES) $(CFLAG)
|
||||
ASFLAGS= $(INCLUDES) $(ASFLAG)
|
||||
|
||||
GENERAL=Makefile
|
||||
TEST=casttest.c
|
||||
@ -70,7 +71,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
2
crypto/dist/openssl/crypto/comp/Makefile.ssl
vendored
2
crypto/dist/openssl/crypto/comp/Makefile.ssl
vendored
@ -50,7 +50,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
2
crypto/dist/openssl/crypto/conf/Makefile.ssl
vendored
2
crypto/dist/openssl/crypto/conf/Makefile.ssl
vendored
@ -50,7 +50,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
30
crypto/dist/openssl/crypto/des/Makefile.ssl
vendored
30
crypto/dist/openssl/crypto/des/Makefile.ssl
vendored
@ -22,6 +22,7 @@ DES_ENC= des_enc.o fcrypt_b.o
|
||||
#DES_ENC= dx86-elf.o yx86-elf.o
|
||||
|
||||
CFLAGS= $(INCLUDES) $(CFLAG)
|
||||
ASFLAGS= $(INCLUDES) $(ASFLAG)
|
||||
|
||||
GENERAL=Makefile
|
||||
TEST=destest.c
|
||||
@ -96,7 +97,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
@ -157,12 +158,13 @@ cfb64enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
|
||||
cfb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
|
||||
cfb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
|
||||
cfb64enc.o: cfb64enc.c des_locl.h
|
||||
cfb_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
|
||||
cfb_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
|
||||
cfb_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
|
||||
cfb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
|
||||
cfb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
|
||||
cfb_enc.o: ../../include/openssl/ui_compat.h cfb_enc.c des_locl.h
|
||||
cfb_enc.o: ../../e_os.h ../../include/openssl/crypto.h
|
||||
cfb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
|
||||
cfb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
|
||||
cfb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
|
||||
cfb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
|
||||
cfb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
|
||||
cfb_enc.o: cfb_enc.c des_locl.h
|
||||
des_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
|
||||
des_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
|
||||
des_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
|
||||
@ -191,13 +193,13 @@ ecb3_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
|
||||
ecb3_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
|
||||
ecb3_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
|
||||
ecb3_enc.o: des_locl.h ecb3_enc.c
|
||||
ecb_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
|
||||
ecb_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
|
||||
ecb_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
|
||||
ecb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
|
||||
ecb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
|
||||
ecb_enc.o: ../../include/openssl/ui_compat.h des_locl.h des_ver.h ecb_enc.c
|
||||
ecb_enc.o: spr.h
|
||||
ecb_enc.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
|
||||
ecb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
|
||||
ecb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
|
||||
ecb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
|
||||
ecb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
|
||||
ecb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
|
||||
ecb_enc.o: des_locl.h des_ver.h ecb_enc.c spr.h
|
||||
ede_cbcm_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
|
||||
ede_cbcm_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
|
||||
ede_cbcm_enc.o: ../../include/openssl/opensslconf.h
|
||||
|
21
crypto/dist/openssl/crypto/des/cfb_enc.c
vendored
21
crypto/dist/openssl/crypto/des/cfb_enc.c
vendored
@ -56,6 +56,7 @@
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
#include "e_os.h"
|
||||
#include "des_locl.h"
|
||||
|
||||
/* The input and output are loaded in multiples of 8 bits.
|
||||
@ -64,17 +65,15 @@
|
||||
* the second. The second 12 bits will come from the 3rd and half the 4th
|
||||
* byte.
|
||||
*/
|
||||
/* WARNING WARNING: this uses in and out in 8-byte chunks regardless of
|
||||
* length */
|
||||
/* Until Aug 1 2003 this function did not correctly implement CFB-r, so it
|
||||
* will not be compatible with any encryption prior to that date. Ben. */
|
||||
void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
|
||||
long length, DES_key_schedule *schedule, DES_cblock *ivec,
|
||||
int enc)
|
||||
{
|
||||
register DES_LONG d0,d1,v0,v1,n=(numbits+7)/8;
|
||||
register unsigned long l=length;
|
||||
register int num=numbits;
|
||||
register DES_LONG d0,d1,v0,v1;
|
||||
register unsigned long l=length,n=(numbits+7)/8;
|
||||
register int num=numbits,i;
|
||||
DES_LONG ti[2];
|
||||
unsigned char *iv;
|
||||
unsigned char ovec[16];
|
||||
@ -114,10 +113,10 @@ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
|
||||
memmove(ovec,ovec+num/8,8+(num%8 ? 1 : 0));
|
||||
/* now the remaining bits */
|
||||
if(num%8 != 0)
|
||||
for(n=0 ; n < 8 ; ++n)
|
||||
for(i=0 ; i < 8 ; ++i)
|
||||
{
|
||||
ovec[n]<<=num%8;
|
||||
ovec[n]|=ovec[n+1]>>(8-num%8);
|
||||
ovec[i]<<=num%8;
|
||||
ovec[i]|=ovec[i+1]>>(8-num%8);
|
||||
}
|
||||
iv=&ovec[0];
|
||||
c2l(iv,v0);
|
||||
@ -152,10 +151,10 @@ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
|
||||
memmove(ovec,ovec+num/8,8+(num%8 ? 1 : 0));
|
||||
/* now the remaining bits */
|
||||
if(num%8 != 0)
|
||||
for(n=0 ; n < 8 ; ++n)
|
||||
for(i=0 ; i < 8 ; ++i)
|
||||
{
|
||||
ovec[n]<<=num%8;
|
||||
ovec[n]|=ovec[n+1]>>(8-num%8);
|
||||
ovec[i]<<=num%8;
|
||||
ovec[i]|=ovec[i+1]>>(8-num%8);
|
||||
}
|
||||
iv=&ovec[0];
|
||||
c2l(iv,v0);
|
||||
|
2
crypto/dist/openssl/crypto/dh/Makefile.ssl
vendored
2
crypto/dist/openssl/crypto/dh/Makefile.ssl
vendored
@ -47,7 +47,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
2
crypto/dist/openssl/crypto/dsa/Makefile.ssl
vendored
2
crypto/dist/openssl/crypto/dsa/Makefile.ssl
vendored
@ -49,7 +49,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
2
crypto/dist/openssl/crypto/dso/Makefile.ssl
vendored
2
crypto/dist/openssl/crypto/dso/Makefile.ssl
vendored
@ -49,7 +49,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
4
crypto/dist/openssl/crypto/dso/dso_lib.c
vendored
4
crypto/dist/openssl/crypto/dso/dso_lib.c
vendored
@ -383,7 +383,7 @@ int DSO_set_filename(DSO *dso, const char *filename)
|
||||
DSOerr(DSO_F_DSO_SET_FILENAME,ERR_R_MALLOC_FAILURE);
|
||||
return(0);
|
||||
}
|
||||
strcpy(copied, filename);
|
||||
BUF_strlcpy(copied, filename, strlen(filename) + 1);
|
||||
if(dso->filename)
|
||||
OPENSSL_free(dso->filename);
|
||||
dso->filename = copied;
|
||||
@ -422,7 +422,7 @@ char *DSO_convert_filename(DSO *dso, const char *filename)
|
||||
ERR_R_MALLOC_FAILURE);
|
||||
return(NULL);
|
||||
}
|
||||
strcpy(result, filename);
|
||||
BUF_strlcpy(result, filename, strlen(filename) + 1);
|
||||
}
|
||||
return(result);
|
||||
}
|
||||
|
2
crypto/dist/openssl/crypto/ec/Makefile.ssl
vendored
2
crypto/dist/openssl/crypto/ec/Makefile.ssl
vendored
@ -50,7 +50,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
2
crypto/dist/openssl/crypto/ec/ecp_smpl.c
vendored
2
crypto/dist/openssl/crypto/ec/ecp_smpl.c
vendored
@ -896,7 +896,7 @@ int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
|
||||
}
|
||||
form = buf[0];
|
||||
y_bit = form & 1;
|
||||
form = form & ~1;
|
||||
form = form & ~1U;
|
||||
if ((form != 0) && (form != POINT_CONVERSION_COMPRESSED)
|
||||
&& (form != POINT_CONVERSION_UNCOMPRESSED)
|
||||
&& (form != POINT_CONVERSION_HYBRID))
|
||||
|
@ -57,7 +57,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
10
crypto/dist/openssl/crypto/engine/eng_ctrl.c
vendored
10
crypto/dist/openssl/crypto/engine/eng_ctrl.c
vendored
@ -160,15 +160,19 @@ static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, void (*f)())
|
||||
case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD:
|
||||
return strlen(e->cmd_defns[idx].cmd_name);
|
||||
case ENGINE_CTRL_GET_NAME_FROM_CMD:
|
||||
return sprintf(s, "%s", e->cmd_defns[idx].cmd_name);
|
||||
return BIO_snprintf(s,strlen(e->cmd_defns[idx].cmd_name) + 1,
|
||||
"%s", e->cmd_defns[idx].cmd_name);
|
||||
case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD:
|
||||
if(e->cmd_defns[idx].cmd_desc)
|
||||
return strlen(e->cmd_defns[idx].cmd_desc);
|
||||
return strlen(int_no_description);
|
||||
case ENGINE_CTRL_GET_DESC_FROM_CMD:
|
||||
if(e->cmd_defns[idx].cmd_desc)
|
||||
return sprintf(s, "%s", e->cmd_defns[idx].cmd_desc);
|
||||
return sprintf(s, "%s", int_no_description);
|
||||
return BIO_snprintf(s,
|
||||
strlen(e->cmd_defns[idx].cmd_desc) + 1,
|
||||
"%s", e->cmd_defns[idx].cmd_desc);
|
||||
return BIO_snprintf(s, strlen(int_no_description) + 1,"%s",
|
||||
int_no_description);
|
||||
case ENGINE_CTRL_GET_CMD_FLAGS:
|
||||
return e->cmd_defns[idx].cmd_flags;
|
||||
}
|
||||
|
6
crypto/dist/openssl/crypto/engine/eng_fat.c
vendored
6
crypto/dist/openssl/crypto/engine/eng_fat.c
vendored
@ -107,14 +107,14 @@ static int int_def_cb(const char *alg, int len, void *arg)
|
||||
}
|
||||
|
||||
|
||||
int ENGINE_set_default_string(ENGINE *e, const char *list)
|
||||
int ENGINE_set_default_string(ENGINE *e, const char *def_list)
|
||||
{
|
||||
unsigned int flags = 0;
|
||||
if (!CONF_parse_list(list, ',', 1, int_def_cb, &flags))
|
||||
if (!CONF_parse_list(def_list, ',', 1, int_def_cb, &flags))
|
||||
{
|
||||
ENGINEerr(ENGINE_F_ENGINE_SET_DEFAULT_STRING,
|
||||
ENGINE_R_INVALID_STRING);
|
||||
ERR_add_error_data(2, "str=",list);
|
||||
ERR_add_error_data(2, "str=",def_list);
|
||||
return 0;
|
||||
}
|
||||
return ENGINE_set_default(e, flags);
|
||||
|
2
crypto/dist/openssl/crypto/err/Makefile.ssl
vendored
2
crypto/dist/openssl/crypto/err/Makefile.ssl
vendored
@ -47,7 +47,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
2
crypto/dist/openssl/crypto/evp/Makefile.ssl
vendored
2
crypto/dist/openssl/crypto/evp/Makefile.ssl
vendored
@ -67,7 +67,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
cp $(TESTDATA) ../../test
|
||||
|
2
crypto/dist/openssl/crypto/evp/bio_ok.c
vendored
2
crypto/dist/openssl/crypto/evp/bio_ok.c
vendored
@ -102,7 +102,7 @@
|
||||
|
||||
*) digest is initialized with random seed instead of
|
||||
standardized one.
|
||||
*) same seed is written to ouput
|
||||
*) same seed is written to output
|
||||
*) well-known text is then hashed and the output
|
||||
of the digest is also written to output.
|
||||
|
||||
|
15
crypto/dist/openssl/crypto/evp/digest.c
vendored
15
crypto/dist/openssl/crypto/evp/digest.c
vendored
@ -248,6 +248,7 @@ int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
|
||||
|
||||
int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
|
||||
{
|
||||
unsigned char *tmp_buf;
|
||||
if ((in == NULL) || (in->digest == NULL))
|
||||
{
|
||||
EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED);
|
||||
@ -262,15 +263,22 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
|
||||
}
|
||||
#endif
|
||||
|
||||
if (out->digest == in->digest)
|
||||
{
|
||||
tmp_buf = out->md_data;
|
||||
EVP_MD_CTX_set_flags(out,EVP_MD_CTX_FLAG_REUSE);
|
||||
}
|
||||
else tmp_buf = NULL;
|
||||
EVP_MD_CTX_cleanup(out);
|
||||
memcpy(out,in,sizeof *out);
|
||||
|
||||
if (out->digest->ctx_size)
|
||||
{
|
||||
out->md_data=OPENSSL_malloc(out->digest->ctx_size);
|
||||
if (tmp_buf) out->md_data = tmp_buf;
|
||||
else out->md_data=OPENSSL_malloc(out->digest->ctx_size);
|
||||
memcpy(out->md_data,in->md_data,out->digest->ctx_size);
|
||||
}
|
||||
|
||||
|
||||
if (out->digest->copy)
|
||||
return out->digest->copy(out,in);
|
||||
|
||||
@ -308,7 +316,8 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
|
||||
if (ctx->digest && ctx->digest->cleanup
|
||||
&& !EVP_MD_CTX_test_flags(ctx,EVP_MD_CTX_FLAG_CLEANED))
|
||||
ctx->digest->cleanup(ctx);
|
||||
if (ctx->digest && ctx->digest->ctx_size && ctx->md_data)
|
||||
if (ctx->digest && ctx->digest->ctx_size && ctx->md_data
|
||||
&& !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE))
|
||||
{
|
||||
OPENSSL_cleanse(ctx->md_data,ctx->digest->ctx_size);
|
||||
OPENSSL_free(ctx->md_data);
|
||||
|
14
crypto/dist/openssl/crypto/evp/evp_enc.c
vendored
14
crypto/dist/openssl/crypto/evp/evp_enc.c
vendored
@ -148,7 +148,19 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
|
||||
#endif
|
||||
|
||||
ctx->cipher=cipher;
|
||||
ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size);
|
||||
if (ctx->cipher->ctx_size)
|
||||
{
|
||||
ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size);
|
||||
if (!ctx->cipher_data)
|
||||
{
|
||||
EVPerr(EVP_F_EVP_CIPHERINIT, ERR_R_MALLOC_FAILURE);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
ctx->cipher_data = NULL;
|
||||
}
|
||||
ctx->key_len = cipher->key_len;
|
||||
ctx->flags = 0;
|
||||
if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT)
|
||||
|
2
crypto/dist/openssl/crypto/hmac/Makefile.ssl
vendored
2
crypto/dist/openssl/crypto/hmac/Makefile.ssl
vendored
@ -47,7 +47,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
2
crypto/dist/openssl/crypto/idea/Makefile.ssl
vendored
2
crypto/dist/openssl/crypto/idea/Makefile.ssl
vendored
@ -47,7 +47,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
2
crypto/dist/openssl/crypto/krb5/Makefile.ssl
vendored
2
crypto/dist/openssl/crypto/krb5/Makefile.ssl
vendored
@ -48,7 +48,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile ;
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile ;
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
@ -47,7 +47,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
2
crypto/dist/openssl/crypto/md2/Makefile.ssl
vendored
2
crypto/dist/openssl/crypto/md2/Makefile.ssl
vendored
@ -47,7 +47,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
2
crypto/dist/openssl/crypto/md4/Makefile.ssl
vendored
2
crypto/dist/openssl/crypto/md4/Makefile.ssl
vendored
@ -48,7 +48,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
2
crypto/dist/openssl/crypto/md5/Makefile.ssl
vendored
2
crypto/dist/openssl/crypto/md5/Makefile.ssl
vendored
@ -84,7 +84,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
2
crypto/dist/openssl/crypto/mdc2/Makefile.ssl
vendored
2
crypto/dist/openssl/crypto/mdc2/Makefile.ssl
vendored
@ -47,7 +47,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
18
crypto/dist/openssl/crypto/mem.c
vendored
18
crypto/dist/openssl/crypto/mem.c
vendored
@ -252,7 +252,7 @@ void *CRYPTO_malloc_locked(int num, const char *file, int line)
|
||||
void *ret = NULL;
|
||||
extern unsigned char cleanse_ctr;
|
||||
|
||||
if (num < 0) return NULL;
|
||||
if (num <= 0) return NULL;
|
||||
|
||||
allow_customize = 0;
|
||||
if (malloc_debug_func != NULL)
|
||||
@ -293,7 +293,7 @@ void *CRYPTO_malloc(int num, const char *file, int line)
|
||||
void *ret = NULL;
|
||||
extern unsigned char cleanse_ctr;
|
||||
|
||||
if (num < 0) return NULL;
|
||||
if (num <= 0) return NULL;
|
||||
|
||||
allow_customize = 0;
|
||||
if (malloc_debug_func != NULL)
|
||||
@ -324,7 +324,7 @@ void *CRYPTO_realloc(void *str, int num, const char *file, int line)
|
||||
if (str == NULL)
|
||||
return CRYPTO_malloc(num, file, line);
|
||||
|
||||
if (num < 0) return NULL;
|
||||
if (num <= 0) return NULL;
|
||||
|
||||
if (realloc_debug_func != NULL)
|
||||
realloc_debug_func(str, NULL, num, file, line, 0);
|
||||
@ -346,17 +346,21 @@ void *CRYPTO_realloc_clean(void *str, int old_len, int num, const char *file,
|
||||
if (str == NULL)
|
||||
return CRYPTO_malloc(num, file, line);
|
||||
|
||||
if (num < 0) return NULL;
|
||||
if (num <= 0) return NULL;
|
||||
|
||||
if (realloc_debug_func != NULL)
|
||||
realloc_debug_func(str, NULL, num, file, line, 0);
|
||||
ret=malloc_ex_func(num,file,line);
|
||||
if(ret)
|
||||
{
|
||||
memcpy(ret,str,old_len);
|
||||
OPENSSL_cleanse(str,old_len);
|
||||
free_func(str);
|
||||
OPENSSL_cleanse(str,old_len);
|
||||
free_func(str);
|
||||
}
|
||||
#ifdef LEVITTE_DEBUG_MEM
|
||||
fprintf(stderr, "LEVITTE_DEBUG_MEM: | 0x%p -> 0x%p (%d)\n", str, ret, num);
|
||||
fprintf(stderr,
|
||||
"LEVITTE_DEBUG_MEM: | 0x%p -> 0x%p (%d)\n",
|
||||
str, ret, num);
|
||||
#endif
|
||||
if (realloc_debug_func != NULL)
|
||||
realloc_debug_func(str, ret, num, file, line, 1);
|
||||
|
@ -55,7 +55,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
@ -1,5 +1,9 @@
|
||||
#!/usr/local/bin/perl
|
||||
|
||||
# fixes bug in floating point emulation on sparc64 when
|
||||
# this script produces off-by-one output on sparc64
|
||||
use integer;
|
||||
|
||||
sub obj_cmp
|
||||
{
|
||||
local(@a,@b,$_,$r);
|
||||
|
2
crypto/dist/openssl/crypto/ocsp/Makefile.ssl
vendored
2
crypto/dist/openssl/crypto/ocsp/Makefile.ssl
vendored
@ -50,7 +50,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile ;
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile ;
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
24
crypto/dist/openssl/crypto/ocsp/ocsp_ext.c
vendored
24
crypto/dist/openssl/crypto/ocsp/ocsp_ext.c
vendored
@ -305,6 +305,8 @@ err:
|
||||
|
||||
/* Add a nonce to an extension stack. A nonce can be specificed or if NULL
|
||||
* a random nonce will be generated.
|
||||
* Note: OpenSSL 0.9.7d and later create an OCTET STRING containing the
|
||||
* nonce, previous versions used the raw nonce.
|
||||
*/
|
||||
|
||||
static int ocsp_add1_nonce(STACK_OF(X509_EXTENSION) **exts, unsigned char *val, int len)
|
||||
@ -313,20 +315,28 @@ static int ocsp_add1_nonce(STACK_OF(X509_EXTENSION) **exts, unsigned char *val,
|
||||
ASN1_OCTET_STRING os;
|
||||
int ret = 0;
|
||||
if (len <= 0) len = OCSP_DEFAULT_NONCE_LENGTH;
|
||||
if (val) tmpval = val;
|
||||
/* Create the OCTET STRING manually by writing out the header and
|
||||
* appending the content octets. This avoids an extra memory allocation
|
||||
* operation in some cases. Applications should *NOT* do this because
|
||||
* it relies on library internals.
|
||||
*/
|
||||
os.length = ASN1_object_size(0, len, V_ASN1_OCTET_STRING);
|
||||
os.data = OPENSSL_malloc(os.length);
|
||||
if (os.data == NULL)
|
||||
goto err;
|
||||
tmpval = os.data;
|
||||
ASN1_put_object(&tmpval, 0, len, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL);
|
||||
if (val)
|
||||
memcpy(tmpval, val, len);
|
||||
else
|
||||
{
|
||||
if (!(tmpval = OPENSSL_malloc(len))) goto err;
|
||||
RAND_pseudo_bytes(tmpval, len);
|
||||
}
|
||||
os.data = tmpval;
|
||||
os.length = len;
|
||||
if(!X509V3_add1_i2d(exts, NID_id_pkix_OCSP_Nonce,
|
||||
&os, 0, X509V3_ADD_REPLACE))
|
||||
goto err;
|
||||
ret = 1;
|
||||
err:
|
||||
if(!val) OPENSSL_free(tmpval);
|
||||
if (os.data)
|
||||
OPENSSL_free(os.data);
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
1
crypto/dist/openssl/crypto/ocsp/ocsp_lib.c
vendored
1
crypto/dist/openssl/crypto/ocsp/ocsp_lib.c
vendored
@ -253,6 +253,7 @@ int OCSP_parse_url(char *url, char **phost, char **pport, char **ppath, int *pss
|
||||
|
||||
|
||||
err:
|
||||
if (buf) OPENSSL_free(buf);
|
||||
if (*ppath) OPENSSL_free(*ppath);
|
||||
if (*pport) OPENSSL_free(*pport);
|
||||
if (*phost) OPENSSL_free(*phost);
|
||||
|
6
crypto/dist/openssl/crypto/ocsp/ocsp_vfy.c
vendored
6
crypto/dist/openssl/crypto/ocsp/ocsp_vfy.c
vendored
@ -3,7 +3,7 @@
|
||||
* project 2000.
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
|
||||
* Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
@ -272,7 +272,7 @@ static int ocsp_check_ids(STACK_OF(OCSP_SINGLERESP) *sresp, OCSP_CERTID **ret)
|
||||
|
||||
for (i = 1; i < idcount; i++)
|
||||
{
|
||||
tmpid = sk_OCSP_SINGLERESP_value(sresp, 0)->certId;
|
||||
tmpid = sk_OCSP_SINGLERESP_value(sresp, i)->certId;
|
||||
/* Check to see if IDs match */
|
||||
if (OCSP_id_issuer_cmp(cid, tmpid))
|
||||
{
|
||||
@ -330,7 +330,7 @@ static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid,
|
||||
OCSP_CERTID *tmpid;
|
||||
for (i = 0; i < sk_OCSP_SINGLERESP_num(sresp); i++)
|
||||
{
|
||||
tmpid = sk_OCSP_SINGLERESP_value(sresp, 0)->certId;
|
||||
tmpid = sk_OCSP_SINGLERESP_value(sresp, i)->certId;
|
||||
ret = ocsp_match_issuerid(cert, tmpid, NULL);
|
||||
if (ret <= 0) return ret;
|
||||
}
|
||||
|
4
crypto/dist/openssl/crypto/opensslv.h
vendored
4
crypto/dist/openssl/crypto/opensslv.h
vendored
@ -25,8 +25,8 @@
|
||||
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
|
||||
* major minor fix final patch/beta)
|
||||
*/
|
||||
#define OPENSSL_VERSION_NUMBER 0x0090703fL
|
||||
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.7c 30 Sep 2003"
|
||||
#define OPENSSL_VERSION_NUMBER 0x0090704fL
|
||||
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.7d 17 Mar 2004"
|
||||
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
|
||||
|
||||
|
||||
|
2
crypto/dist/openssl/crypto/pem/Makefile.ssl
vendored
2
crypto/dist/openssl/crypto/pem/Makefile.ssl
vendored
@ -50,7 +50,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links: $(EXHEADER)
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
4
crypto/dist/openssl/crypto/pem/pem_pkey.c
vendored
4
crypto/dist/openssl/crypto/pem/pem_pkey.c
vendored
@ -87,6 +87,10 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo
|
||||
p8inf=d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len);
|
||||
if(!p8inf) goto p8err;
|
||||
ret = EVP_PKCS82PKEY(p8inf);
|
||||
if(x) {
|
||||
if(*x) EVP_PKEY_free((EVP_PKEY *)*x);
|
||||
*x = ret;
|
||||
}
|
||||
PKCS8_PRIV_KEY_INFO_free(p8inf);
|
||||
} else if (strcmp(nm,PEM_STRING_PKCS8) == 0) {
|
||||
PKCS8_PRIV_KEY_INFO *p8inf;
|
||||
|
@ -53,7 +53,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
@ -68,7 +68,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
58
crypto/dist/openssl/crypto/pkcs7/pk7_doit.c
vendored
58
crypto/dist/openssl/crypto/pkcs7/pk7_doit.c
vendored
@ -91,17 +91,19 @@ static int PKCS7_type_is_other(PKCS7* p7)
|
||||
|
||||
}
|
||||
|
||||
static int PKCS7_type_is_octet_string(PKCS7* p7)
|
||||
static ASN1_OCTET_STRING *PKCS7_get_octet_string(PKCS7 *p7)
|
||||
{
|
||||
if ( 0==PKCS7_type_is_other(p7) )
|
||||
return 0;
|
||||
|
||||
return (V_ASN1_OCTET_STRING==p7->d.other->type) ? 1 : 0;
|
||||
if ( PKCS7_type_is_data(p7))
|
||||
return p7->d.data;
|
||||
if ( PKCS7_type_is_other(p7) && p7->d.other
|
||||
&& (p7->d.other->type == V_ASN1_OCTET_STRING))
|
||||
return p7->d.other->value.octet_string;
|
||||
return NULL;
|
||||
}
|
||||
|
||||
BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
|
||||
{
|
||||
int i,j;
|
||||
int i;
|
||||
BIO *out=NULL,*btmp=NULL;
|
||||
X509_ALGOR *xa;
|
||||
const EVP_MD *evp_md;
|
||||
@ -159,8 +161,7 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
|
||||
goto err;
|
||||
}
|
||||
|
||||
j=OBJ_obj2nid(xa->algorithm);
|
||||
evp_md=EVP_get_digestbyname(OBJ_nid2sn(j));
|
||||
evp_md=EVP_get_digestbyobj(xa->algorithm);
|
||||
if (evp_md == NULL)
|
||||
{
|
||||
PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNKNOWN_DIGEST_TYPE);
|
||||
@ -250,29 +251,22 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
|
||||
btmp=NULL;
|
||||
}
|
||||
|
||||
if (bio == NULL) {
|
||||
if (bio == NULL)
|
||||
{
|
||||
if (PKCS7_is_detached(p7))
|
||||
bio=BIO_new(BIO_s_null());
|
||||
else {
|
||||
if (PKCS7_type_is_signed(p7) ) {
|
||||
if ( PKCS7_type_is_data(p7->d.sign->contents)) {
|
||||
ASN1_OCTET_STRING *os;
|
||||
os=p7->d.sign->contents->d.data;
|
||||
if (os->length > 0)
|
||||
bio = BIO_new_mem_buf(os->data, os->length);
|
||||
}
|
||||
else if ( PKCS7_type_is_octet_string(p7->d.sign->contents) ) {
|
||||
ASN1_OCTET_STRING *os;
|
||||
os=p7->d.sign->contents->d.other->value.octet_string;
|
||||
if (os->length > 0)
|
||||
bio = BIO_new_mem_buf(os->data, os->length);
|
||||
}
|
||||
}
|
||||
if(bio == NULL) {
|
||||
else
|
||||
{
|
||||
ASN1_OCTET_STRING *os;
|
||||
os = PKCS7_get_octet_string(p7->d.sign->contents);
|
||||
if (os && os->length > 0)
|
||||
bio = BIO_new_mem_buf(os->data, os->length);
|
||||
if(bio == NULL)
|
||||
{
|
||||
bio=BIO_new(BIO_s_mem());
|
||||
BIO_set_mem_eof_return(bio,0);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
BIO_push(out,bio);
|
||||
bio=NULL;
|
||||
@ -311,7 +305,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
|
||||
switch (i)
|
||||
{
|
||||
case NID_pkcs7_signed:
|
||||
data_body=p7->d.sign->contents->d.data;
|
||||
data_body=PKCS7_get_octet_string(p7->d.sign->contents);
|
||||
md_sk=p7->d.sign->md_algs;
|
||||
break;
|
||||
case NID_pkcs7_signedAndEnveloped:
|
||||
@ -319,7 +313,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
|
||||
md_sk=p7->d.signed_and_enveloped->md_algs;
|
||||
data_body=p7->d.signed_and_enveloped->enc_data->enc_data;
|
||||
enc_alg=p7->d.signed_and_enveloped->enc_data->algorithm;
|
||||
evp_cipher=EVP_get_cipherbyname(OBJ_nid2sn(OBJ_obj2nid(enc_alg->algorithm)));
|
||||
evp_cipher=EVP_get_cipherbyobj(enc_alg->algorithm);
|
||||
if (evp_cipher == NULL)
|
||||
{
|
||||
PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
|
||||
@ -331,7 +325,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
|
||||
rsk=p7->d.enveloped->recipientinfo;
|
||||
enc_alg=p7->d.enveloped->enc_data->algorithm;
|
||||
data_body=p7->d.enveloped->enc_data->enc_data;
|
||||
evp_cipher=EVP_get_cipherbyname(OBJ_nid2sn(OBJ_obj2nid(enc_alg->algorithm)));
|
||||
evp_cipher=EVP_get_cipherbyobj(enc_alg->algorithm);
|
||||
if (evp_cipher == NULL)
|
||||
{
|
||||
PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
|
||||
@ -357,7 +351,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
|
||||
}
|
||||
|
||||
j=OBJ_obj2nid(xa->algorithm);
|
||||
evp_md=EVP_get_digestbyname(OBJ_nid2sn(j));
|
||||
evp_md=EVP_get_digestbynid(j);
|
||||
if (evp_md == NULL)
|
||||
{
|
||||
PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNKNOWN_DIGEST_TYPE);
|
||||
@ -531,9 +525,9 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
|
||||
break;
|
||||
case NID_pkcs7_signed:
|
||||
si_sk=p7->d.sign->signer_info;
|
||||
os=p7->d.sign->contents->d.data;
|
||||
os=PKCS7_get_octet_string(p7->d.sign->contents);
|
||||
/* If detached data then the content is excluded */
|
||||
if(p7->detached) {
|
||||
if(PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) {
|
||||
M_ASN1_OCTET_STRING_free(os);
|
||||
p7->d.sign->contents->d.data = NULL;
|
||||
}
|
||||
|
10
crypto/dist/openssl/crypto/rand/Makefile.ssl
vendored
10
crypto/dist/openssl/crypto/rand/Makefile.ssl
vendored
@ -49,7 +49,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
@ -101,7 +101,8 @@ md_rand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
|
||||
md_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
|
||||
md_rand.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
|
||||
md_rand.o: md_rand.c rand_lcl.h
|
||||
rand_egd.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
|
||||
rand_egd.o: ../../include/openssl/buffer.h ../../include/openssl/e_os2.h
|
||||
rand_egd.o: ../../include/openssl/opensslconf.h
|
||||
rand_egd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
|
||||
rand_egd.o: rand_egd.c
|
||||
rand_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
|
||||
@ -186,8 +187,9 @@ rand_win.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
|
||||
rand_win.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
|
||||
rand_win.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
|
||||
rand_win.o: ../cryptlib.h rand_lcl.h rand_win.c
|
||||
randfile.o: ../../e_os.h ../../include/openssl/crypto.h
|
||||
randfile.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
|
||||
randfile.o: ../../e_os.h ../../include/openssl/buffer.h
|
||||
randfile.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
|
||||
randfile.o: ../../include/openssl/opensslconf.h
|
||||
randfile.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
|
||||
randfile.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
|
||||
randfile.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
|
||||
|
19
crypto/dist/openssl/crypto/rand/rand_unix.c
vendored
19
crypto/dist/openssl/crypto/rand/rand_unix.c
vendored
@ -124,6 +124,24 @@
|
||||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
|
||||
#ifdef __OpenBSD__
|
||||
int RAND_poll(void)
|
||||
{
|
||||
u_int32_t rnd = 0, i;
|
||||
unsigned char buf[ENTROPY_NEEDED];
|
||||
|
||||
for (i = 0; i < sizeof(buf); i++) {
|
||||
if (i % 4 == 0)
|
||||
rnd = arc4random();
|
||||
buf[i] = rnd;
|
||||
rnd >>= 8;
|
||||
}
|
||||
RAND_add(buf, sizeof(buf), ENTROPY_NEEDED);
|
||||
memset(buf, 0, sizeof(buf));
|
||||
|
||||
return 1;
|
||||
}
|
||||
#else
|
||||
int RAND_poll(void)
|
||||
{
|
||||
unsigned long l;
|
||||
@ -235,6 +253,7 @@ int RAND_poll(void)
|
||||
#endif
|
||||
}
|
||||
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(OPENSSL_SYS_VXWORKS)
|
||||
|
2
crypto/dist/openssl/crypto/rand/rand_win.c
vendored
2
crypto/dist/openssl/crypto/rand/rand_win.c
vendored
@ -646,7 +646,7 @@ static void readtimer(void)
|
||||
* Created 960901 by Gertjan van Oosten, gertjan@West.NL, West Consulting B.V.
|
||||
*
|
||||
* Code adapted from
|
||||
* <URL:http://www.microsoft.com/kb/developr/win_dk/q97193.htm>;
|
||||
* <URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];97193>;
|
||||
* the original copyright message is:
|
||||
*
|
||||
* (C) Copyright Microsoft Corp. 1993. All rights reserved.
|
||||
|
2
crypto/dist/openssl/crypto/rc2/Makefile.ssl
vendored
2
crypto/dist/openssl/crypto/rc2/Makefile.ssl
vendored
@ -47,7 +47,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
3
crypto/dist/openssl/crypto/rc4/Makefile.ssl
vendored
3
crypto/dist/openssl/crypto/rc4/Makefile.ssl
vendored
@ -25,6 +25,7 @@ RC4_ENC=rc4_enc.o
|
||||
#RC4_ENC=asm/rx86bdsi.o
|
||||
|
||||
CFLAGS= $(INCLUDES) $(CFLAG)
|
||||
ASFLAGS= $(INCLUDES) $(ASFLAG)
|
||||
|
||||
GENERAL=Makefile
|
||||
TEST=rc4test.c
|
||||
@ -70,7 +71,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
3
crypto/dist/openssl/crypto/rc5/Makefile.ssl
vendored
3
crypto/dist/openssl/crypto/rc5/Makefile.ssl
vendored
@ -22,6 +22,7 @@ RC5_ENC= rc5_enc.o
|
||||
#DES_ENC= r586-elf.o
|
||||
|
||||
CFLAGS= $(INCLUDES) $(CFLAG)
|
||||
ASFLAGS= $(INCLUDES) $(ASFLAG)
|
||||
|
||||
GENERAL=Makefile
|
||||
TEST=rc5test.c
|
||||
@ -67,7 +68,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
@ -20,6 +20,7 @@ AR= ar r
|
||||
RIP_ASM_OBJ=
|
||||
|
||||
CFLAGS= $(INCLUDES) $(CFLAG)
|
||||
ASFLAGS= $(INCLUDES) $(ASFLAG)
|
||||
|
||||
GENERAL=Makefile
|
||||
TEST=rmdtest.c
|
||||
@ -65,7 +66,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
2
crypto/dist/openssl/crypto/rsa/Makefile.ssl
vendored
2
crypto/dist/openssl/crypto/rsa/Makefile.ssl
vendored
@ -51,7 +51,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
3
crypto/dist/openssl/crypto/sha/Makefile.ssl
vendored
3
crypto/dist/openssl/crypto/sha/Makefile.ssl
vendored
@ -20,6 +20,7 @@ AR= ar r
|
||||
SHA1_ASM_OBJ=
|
||||
|
||||
CFLAGS= $(INCLUDES) $(CFLAG)
|
||||
ASFLAGS= $(INCLUDES) $(ASFLAG)
|
||||
|
||||
GENERAL=Makefile
|
||||
TEST=shatest.c sha1test.c
|
||||
@ -65,7 +66,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
291
crypto/dist/openssl/crypto/sha/asm/sha1-586.pl
vendored
291
crypto/dist/openssl/crypto/sha/asm/sha1-586.pl
vendored
@ -1,5 +1,30 @@
|
||||
#!/usr/local/bin/perl
|
||||
|
||||
# It was noted that Intel IA-32 C compiler generates code which
|
||||
# performs ~30% *faster* on P4 CPU than original *hand-coded*
|
||||
# SHA1 assembler implementation. To address this problem (and
|
||||
# prove that humans are still better than machines:-), the
|
||||
# original code was overhauled, which resulted in following
|
||||
# performance changes:
|
||||
#
|
||||
# compared with original compared with Intel cc
|
||||
# assembler impl. generated code
|
||||
# Pentium -25% +37%
|
||||
# PIII/AMD +8% +16%
|
||||
# P4 +85%(!) +45%
|
||||
#
|
||||
# As you can see Pentium came out as looser:-( Yet I reckoned that
|
||||
# improvement on P4 outweights the loss and incorporate this
|
||||
# re-tuned code to 0.9.7 and later.
|
||||
# ----------------------------------------------------------------
|
||||
# Those who for any particular reason absolutely must score on
|
||||
# Pentium can replace this module with one from 0.9.6 distribution.
|
||||
# This "offer" shall be revoked the moment programming interface to
|
||||
# this module is changed, in which case this paragraph should be
|
||||
# removed.
|
||||
# ----------------------------------------------------------------
|
||||
# <appro@fy.chalmers.se>
|
||||
|
||||
$normal=0;
|
||||
|
||||
push(@INC,"perlasm","../../perlasm");
|
||||
@ -77,54 +102,21 @@ sub BODY_00_15
|
||||
{
|
||||
local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
|
||||
|
||||
return if $n & 1;
|
||||
&comment("00_15 $n");
|
||||
|
||||
&mov($f,$c);
|
||||
|
||||
&mov($tmp1,$a);
|
||||
&xor($f,$d); # F2
|
||||
|
||||
&rotl($tmp1,5); # A2
|
||||
|
||||
&and($f,$b); # F3
|
||||
&add($tmp1,$e);
|
||||
|
||||
&rotr($b,1); # B1 <- F
|
||||
&mov($e,&swtmp($n)); # G1
|
||||
|
||||
&rotr($b,1); # B1 <- F
|
||||
&xor($f,$d); # F4
|
||||
|
||||
&lea($tmp1,&DWP($K,$tmp1,$e,1));
|
||||
|
||||
############################
|
||||
# &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
|
||||
# &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
|
||||
$n++;
|
||||
local($n0,$n1,$n2,$n3,$np)=&Na($n);
|
||||
($b,$c,$d,$e,$f,$a)=($a,$b,$c,$d,$e,$f);
|
||||
|
||||
&mov($f,$c);
|
||||
|
||||
&add($a,$tmp1); # MOVED DOWN
|
||||
&xor($f,$d); # F2
|
||||
|
||||
&mov($tmp1,$a);
|
||||
&and($f,$b); # F3
|
||||
|
||||
&rotl($tmp1,5); # A2
|
||||
|
||||
&add($tmp1,$e);
|
||||
&mov($e,&swtmp($n)); # G1
|
||||
|
||||
&rotr($b,1); # B1 <- F
|
||||
&xor($f,$d); # F4
|
||||
|
||||
&rotr($b,1); # B1 <- F
|
||||
&lea($tmp1,&DWP($K,$tmp1,$e,1));
|
||||
|
||||
&add($f,$tmp1);
|
||||
&mov($f,$c); # f to hold F_00_19(b,c,d)
|
||||
&rotl($tmp1,5); # tmp1=ROTATE(a,5)
|
||||
&xor($f,$d);
|
||||
&and($f,$b);
|
||||
&rotr($b,2); # b=ROTATE(b,30)
|
||||
&add($tmp1,$e); # tmp1+=e;
|
||||
&mov($e,&swtmp($n)); # e becomes volatile and
|
||||
# is loaded with xi
|
||||
&xor($f,$d); # f holds F_00_19(b,c,d)
|
||||
&lea($tmp1,&DWP($K,$tmp1,$e,1));# tmp1+=K_00_19+xi
|
||||
|
||||
&add($f,$tmp1); # f+=tmp1
|
||||
}
|
||||
|
||||
sub BODY_16_19
|
||||
@ -132,66 +124,24 @@ sub BODY_16_19
|
||||
local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
|
||||
local($n0,$n1,$n2,$n3,$np)=&Na($n);
|
||||
|
||||
return if $n & 1;
|
||||
&comment("16_19 $n");
|
||||
|
||||
&nop() if ($pos < 0);
|
||||
&mov($tmp1,&swtmp($n0)); # X1
|
||||
&mov($f,&swtmp($n1)); # X2
|
||||
&xor($f,$tmp1); # X3
|
||||
&mov($tmp1,&swtmp($n2)); # X4
|
||||
&xor($f,$tmp1); # X5
|
||||
&mov($tmp1,&swtmp($n3)); # X6
|
||||
&xor($f,$tmp1); # X7 - slot
|
||||
&mov($tmp1,$c); # F1
|
||||
&rotl($f,1); # X8 - slot
|
||||
&xor($tmp1,$d); # F2
|
||||
&mov(&swtmp($n0),$f); # X9 - anytime
|
||||
&and($tmp1,$b); # F3
|
||||
&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e
|
||||
&xor($tmp1,$d); # F4
|
||||
&mov($e,$a); # A1
|
||||
&add($f,$tmp1); # tot+=F();
|
||||
|
||||
&rotl($e,5); # A2
|
||||
|
||||
&rotr($b,1); # B1 <- F
|
||||
&add($f,$e); # tot+=a
|
||||
|
||||
############################
|
||||
# &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
|
||||
# &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
|
||||
$n++;
|
||||
local($n0,$n1,$n2,$n3,$np)=&Na($n);
|
||||
($b,$c,$d,$e,$f,$a)=($a,$b,$c,$d,$e,$f);
|
||||
|
||||
|
||||
&mov($f,&swtmp($n0)); # X1
|
||||
&mov($tmp1,&swtmp($n1)); # X2
|
||||
&xor($f,$tmp1); # X3
|
||||
&mov($tmp1,&swtmp($n2)); # X4
|
||||
&xor($f,$tmp1); # X5
|
||||
&mov($tmp1,&swtmp($n3)); # X6
|
||||
&rotr($c,1); #&rotr($b,1); # B1 <- F # MOVED DOWN
|
||||
&xor($f,$tmp1); # X7 - slot
|
||||
&rotl($f,1); # X8 - slot
|
||||
&mov($tmp1,$c); # F1
|
||||
&xor($tmp1,$d); # F2
|
||||
&mov(&swtmp($n0),$f); # X9 - anytime
|
||||
&and($tmp1,$b); # F3
|
||||
&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e
|
||||
|
||||
&xor($tmp1,$d); # F4
|
||||
&mov($e,$a); # A1
|
||||
|
||||
&rotl($e,5); # A2
|
||||
|
||||
&rotr($b,1); # B1 <- F
|
||||
&add($f,$e); # tot+=a
|
||||
|
||||
&rotr($b,1); # B1 <- F
|
||||
&add($f,$tmp1); # tot+=F();
|
||||
|
||||
&mov($f,&swtmp($n1)); # f to hold Xupdate(xi,xa,xb,xc,xd)
|
||||
&mov($tmp1,$c); # tmp1 to hold F_00_19(b,c,d)
|
||||
&xor($f,&swtmp($n0));
|
||||
&xor($tmp1,$d);
|
||||
&xor($f,&swtmp($n2));
|
||||
&and($tmp1,$b); # tmp1 holds F_00_19(b,c,d)
|
||||
&xor($f,&swtmp($n3)); # f holds xa^xb^xc^xd
|
||||
&rotr($b,2); # b=ROTATE(b,30)
|
||||
&xor($tmp1,$d); # tmp1=F_00_19(b,c,d)
|
||||
&rotl($f,1); # f=ROATE(f,1)
|
||||
&mov(&swtmp($n0),$f); # xi=f
|
||||
&lea($f,&DWP($K,$f,$e,1)); # f+=K_00_19+e
|
||||
&mov($e,$a); # e becomes volatile
|
||||
&add($f,$tmp1); # f+=F_00_19(b,c,d)
|
||||
&rotl($e,5); # e=ROTATE(a,5)
|
||||
&add($f,$e); # f+=ROTATE(a,5)
|
||||
}
|
||||
|
||||
sub BODY_20_39
|
||||
@ -201,42 +151,21 @@ sub BODY_20_39
|
||||
&comment("20_39 $n");
|
||||
local($n0,$n1,$n2,$n3,$np)=&Na($n);
|
||||
|
||||
&mov($f,&swtmp($n0)); # X1
|
||||
&mov($tmp1,&swtmp($n1)); # X2
|
||||
&xor($f,$tmp1); # X3
|
||||
&mov($tmp1,&swtmp($n2)); # X4
|
||||
&xor($f,$tmp1); # X5
|
||||
&mov($tmp1,&swtmp($n3)); # X6
|
||||
&xor($f,$tmp1); # X7 - slot
|
||||
&mov($tmp1,$b); # F1
|
||||
&rotl($f,1); # X8 - slot
|
||||
&xor($tmp1,$c); # F2
|
||||
&mov(&swtmp($n0),$f); # X9 - anytime
|
||||
&xor($tmp1,$d); # F3
|
||||
|
||||
&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e
|
||||
&mov($e,$a); # A1
|
||||
|
||||
&rotl($e,5); # A2
|
||||
|
||||
if ($n != 79) # last loop
|
||||
{
|
||||
&rotr($b,1); # B1 <- F
|
||||
&add($e,$tmp1); # tmp1=F()+a
|
||||
|
||||
&rotr($b,1); # B2 <- F
|
||||
&add($f,$e); # tot+=tmp1;
|
||||
}
|
||||
else
|
||||
{
|
||||
&add($e,$tmp1); # tmp1=F()+a
|
||||
&mov($tmp1,&wparam(0));
|
||||
|
||||
&rotr($b,1); # B1 <- F
|
||||
&add($f,$e); # tot+=tmp1;
|
||||
|
||||
&rotr($b,1); # B2 <- F
|
||||
}
|
||||
&mov($f,&swtmp($n0)); # f to hold Xupdate(xi,xa,xb,xc,xd)
|
||||
&mov($tmp1,$b); # tmp1 to hold F_20_39(b,c,d)
|
||||
&xor($f,&swtmp($n1));
|
||||
&rotr($b,2); # b=ROTATE(b,30)
|
||||
&xor($f,&swtmp($n2));
|
||||
&xor($tmp1,$c);
|
||||
&xor($f,&swtmp($n3)); # f holds xa^xb^xc^xd
|
||||
&xor($tmp1,$d); # tmp1 holds F_20_39(b,c,d)
|
||||
&rotl($f,1); # f=ROTATE(f,1)
|
||||
&mov(&swtmp($n0),$f); # xi=f
|
||||
&lea($f,&DWP($K,$f,$e,1)); # f+=K_20_39+e
|
||||
&mov($e,$a); # e becomes volatile
|
||||
&rotl($e,5); # e=ROTATE(a,5)
|
||||
&add($f,$tmp1); # f+=F_20_39(b,c,d)
|
||||
&add($f,$e); # f+=ROTATE(a,5)
|
||||
}
|
||||
|
||||
sub BODY_40_59
|
||||
@ -244,70 +173,27 @@ sub BODY_40_59
|
||||
local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
|
||||
|
||||
&comment("40_59 $n");
|
||||
return if $n & 1;
|
||||
local($n0,$n1,$n2,$n3,$np)=&Na($n);
|
||||
|
||||
&mov($f,&swtmp($n0)); # X1
|
||||
&mov($tmp1,&swtmp($n1)); # X2
|
||||
&xor($f,$tmp1); # X3
|
||||
&mov($tmp1,&swtmp($n2)); # X4
|
||||
&xor($f,$tmp1); # X5
|
||||
&mov($tmp1,&swtmp($n3)); # X6
|
||||
&xor($f,$tmp1); # X7 - slot
|
||||
&mov($tmp1,$b); # F1
|
||||
&rotl($f,1); # X8 - slot
|
||||
&or($tmp1,$c); # F2
|
||||
&mov(&swtmp($n0),$f); # X9 - anytime
|
||||
&and($tmp1,$d); # F3
|
||||
|
||||
&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e
|
||||
&mov($e,$b); # F4
|
||||
|
||||
&rotr($b,1); # B1 <- F
|
||||
&and($e,$c); # F5
|
||||
|
||||
&or($tmp1,$e); # F6
|
||||
&mov($e,$a); # A1
|
||||
|
||||
&rotl($e,5); # A2
|
||||
|
||||
&add($tmp1,$e); # tmp1=F()+a
|
||||
|
||||
############################
|
||||
# &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
|
||||
# &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
|
||||
$n++;
|
||||
local($n0,$n1,$n2,$n3,$np)=&Na($n);
|
||||
($b,$c,$d,$e,$f,$a)=($a,$b,$c,$d,$e,$f);
|
||||
|
||||
&mov($f,&swtmp($n0)); # X1
|
||||
&add($a,$tmp1); # tot+=tmp1; # moved was add f,tmp1
|
||||
&mov($tmp1,&swtmp($n1)); # X2
|
||||
&xor($f,$tmp1); # X3
|
||||
&mov($tmp1,&swtmp($n2)); # X4
|
||||
&xor($f,$tmp1); # X5
|
||||
&mov($tmp1,&swtmp($n3)); # X6
|
||||
&rotr($c,1); # B2 <- F # moved was rotr b,1
|
||||
&xor($f,$tmp1); # X7 - slot
|
||||
&rotl($f,1); # X8 - slot
|
||||
&mov($tmp1,$b); # F1
|
||||
&mov(&swtmp($n0),$f); # X9 - anytime
|
||||
&or($tmp1,$c); # F2
|
||||
&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e
|
||||
&mov($e,$b); # F4
|
||||
&and($tmp1,$d); # F3
|
||||
&and($e,$c); # F5
|
||||
|
||||
&or($tmp1,$e); # F6
|
||||
&mov($e,$a); # A1
|
||||
|
||||
&rotl($e,5); # A2
|
||||
|
||||
&rotr($b,1); # B1 <- F
|
||||
&add($tmp1,$e); # tmp1=F()+a
|
||||
|
||||
&rotr($b,1); # B2 <- F
|
||||
&add($f,$tmp1); # tot+=tmp1;
|
||||
&mov($f,&swtmp($n0)); # f to hold Xupdate(xi,xa,xb,xc,xd)
|
||||
&mov($tmp1,$b); # tmp1 to hold F_40_59(b,c,d)
|
||||
&xor($f,&swtmp($n1));
|
||||
&or($tmp1,$c);
|
||||
&xor($f,&swtmp($n2));
|
||||
&and($tmp1,$d);
|
||||
&xor($f,&swtmp($n3)); # f holds xa^xb^xc^xd
|
||||
&rotl($f,1); # f=ROTATE(f,1)
|
||||
&mov(&swtmp($n0),$f); # xi=f
|
||||
&lea($f,&DWP($K,$f,$e,1)); # f+=K_40_59+e
|
||||
&mov($e,$b); # e becomes volatile and is used
|
||||
# to calculate F_40_59(b,c,d)
|
||||
&rotr($b,2); # b=ROTATE(b,30)
|
||||
&and($e,$c);
|
||||
&or($tmp1,$e); # tmp1 holds F_40_59(b,c,d)
|
||||
&mov($e,$a);
|
||||
&rotl($e,5); # e=ROTATE(a,5)
|
||||
&add($tmp1,$e); # tmp1+=ROTATE(a,5)
|
||||
&add($f,$tmp1); # f+=tmp1;
|
||||
}
|
||||
|
||||
sub BODY_60_79
|
||||
@ -495,8 +381,7 @@ sub sha1_block_data
|
||||
# C -> E
|
||||
# D -> T
|
||||
|
||||
# The last 2 have been moved into the last loop
|
||||
# &mov($tmp1,&wparam(0));
|
||||
&mov($tmp1,&wparam(0));
|
||||
|
||||
&mov($D, &DWP(12,$tmp1,"",0));
|
||||
&add($D,$B);
|
||||
|
@ -47,7 +47,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
@ -47,7 +47,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
2
crypto/dist/openssl/crypto/ui/Makefile.ssl
vendored
2
crypto/dist/openssl/crypto/ui/Makefile.ssl
vendored
@ -51,7 +51,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
2
crypto/dist/openssl/crypto/x509/Makefile.ssl
vendored
2
crypto/dist/openssl/crypto/x509/Makefile.ssl
vendored
@ -57,7 +57,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
2
crypto/dist/openssl/crypto/x509/x509type.c
vendored
2
crypto/dist/openssl/crypto/x509/x509type.c
vendored
@ -106,7 +106,7 @@ int X509_certificate_type(X509 *x, EVP_PKEY *pkey)
|
||||
break;
|
||||
}
|
||||
|
||||
if (EVP_PKEY_size(pk) <= 512/8) /* /8 because it's 512 bits we look
|
||||
if (EVP_PKEY_size(pk) <= 1024/8)/* /8 because it's 1024 bits we look
|
||||
for, not bytes */
|
||||
ret|=EVP_PKT_EXP;
|
||||
if(pkey==NULL) EVP_PKEY_free(pk);
|
||||
|
@ -53,7 +53,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
2
crypto/dist/openssl/crypto/x509v3/v3_crld.c
vendored
2
crypto/dist/openssl/crypto/x509v3/v3_crld.c
vendored
@ -156,7 +156,7 @@ ASN1_SEQUENCE(DIST_POINT) = {
|
||||
IMPLEMENT_ASN1_FUNCTIONS(DIST_POINT)
|
||||
|
||||
ASN1_ITEM_TEMPLATE(CRL_DIST_POINTS) =
|
||||
ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, DIST_POINT, DIST_POINT)
|
||||
ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, CRLDistributionPoints, DIST_POINT)
|
||||
ASN1_ITEM_TEMPLATE_END(CRL_DIST_POINTS)
|
||||
|
||||
IMPLEMENT_ASN1_FUNCTIONS(CRL_DIST_POINTS)
|
||||
|
140
crypto/dist/openssl/doc/apps/config.pod
vendored
140
crypto/dist/openssl/doc/apps/config.pod
vendored
@ -10,7 +10,8 @@ config - OpenSSL CONF library configuration files
|
||||
The OpenSSL CONF library can be used to read configuration files.
|
||||
It is used for the OpenSSL master configuration file B<openssl.cnf>
|
||||
and in a few other places like B<SPKAC> files and certificate extension
|
||||
files for the B<x509> utility.
|
||||
files for the B<x509> utility. OpenSSL applications can also use the
|
||||
CONF library for their own purposes.
|
||||
|
||||
A configuration file is divided into a number of sections. Each section
|
||||
starts with a line B<[ section_name ]> and ends when a new section is
|
||||
@ -51,13 +52,146 @@ or the B<\> character. By making the last character of a line a B<\>
|
||||
a B<value> string can be spread across multiple lines. In addition
|
||||
the sequences B<\n>, B<\r>, B<\b> and B<\t> are recognized.
|
||||
|
||||
=head1 OPENSSL LIBRARY CONFIGURATION
|
||||
|
||||
In OpenSSL 0.9.7 and later applications can automatically configure certain
|
||||
aspects of OpenSSL using the master OpenSSL configuration file, or optionally
|
||||
an alternative configuration file. The B<openssl> utility includes this
|
||||
functionality: any sub command uses the master OpenSSL configuration file
|
||||
unless an option is used in the sub command to use an alternative configuration
|
||||
file.
|
||||
|
||||
To enable library configuration the default section needs to contain an
|
||||
appropriate line which points to the main configuration section. The default
|
||||
name is B<openssl_conf> which is used by the B<openssl> utility. Other
|
||||
applications may use an alternative name such as B<myapplicaton_conf>.
|
||||
|
||||
The configuration section should consist of a set of name value pairs which
|
||||
contain specific module configuration information. The B<name> represents
|
||||
the name of the I<configuration module> the meaning of the B<value> is
|
||||
module specific: it may, for example, represent a further configuration
|
||||
section containing configuration module specific information. E.g.
|
||||
|
||||
openssl_conf = openssl_init
|
||||
|
||||
[openssl_init]
|
||||
|
||||
oid_section = new_oids
|
||||
engines = engine_section
|
||||
|
||||
[new_oids]
|
||||
|
||||
... new oids here ...
|
||||
|
||||
[engine_section]
|
||||
|
||||
... engine stuff here ...
|
||||
|
||||
Currently there are two configuration modules. One for ASN1 objects another
|
||||
for ENGINE configuration.
|
||||
|
||||
=head2 ASN1 OBJECT CONFIGURATION MODULE
|
||||
|
||||
This module has the name B<oid_section>. The value of this variable points
|
||||
to a section containing name value pairs of OIDs: the name is the OID short
|
||||
and long name, the value is the numerical form of the OID. Although some of
|
||||
the B<openssl> utility sub commands already have their own ASN1 OBJECT section
|
||||
functionality not all do. By using the ASN1 OBJECT configuration module
|
||||
B<all> the B<openssl> utility sub commands can see the new objects as well
|
||||
as any compliant applications. For example:
|
||||
|
||||
[new_oids]
|
||||
|
||||
some_new_oid = 1.2.3.4
|
||||
some_other_oid = 1.2.3.5
|
||||
|
||||
=head2 ENGINE CONFIGURATION MODULE
|
||||
|
||||
This ENGINE configuration module has the name B<engines>. The value of this
|
||||
variable points to a section containing further ENGINE configuration
|
||||
information.
|
||||
|
||||
The section pointed to by B<engines> is a table of engine names (though see
|
||||
B<engine_id> below) and further sections containing configuration informations
|
||||
specific to each ENGINE.
|
||||
|
||||
Each ENGINE specific section is used to set default algorithms, load
|
||||
dynamic, perform initialization and send ctrls. The actual operation performed
|
||||
depends on the I<command> name which is the name of the name value pair. The
|
||||
currently supported commands are listed below.
|
||||
|
||||
For example:
|
||||
|
||||
[engine_section]
|
||||
|
||||
# Configure ENGINE named "foo"
|
||||
foo = foo_section
|
||||
# Configure ENGINE named "bar"
|
||||
bar = bar_section
|
||||
|
||||
[foo_section]
|
||||
... foo ENGINE specific commands ...
|
||||
|
||||
[bar_section]
|
||||
... "bar" ENGINE specific commands ...
|
||||
|
||||
The command B<engine_id> is used to give the ENGINE name. If used this
|
||||
command must be first. For example:
|
||||
|
||||
[engine_section]
|
||||
# This would normally handle an ENGINE named "foo"
|
||||
foo = foo_section
|
||||
|
||||
[foo_section]
|
||||
# Override default name and use "myfoo" instead.
|
||||
engine_id = myfoo
|
||||
|
||||
The command B<dynamic_path> loads and adds an ENGINE from the given path. It
|
||||
is equivalent to sending the ctrls B<SO_PATH> with the path argument followed
|
||||
by B<LIST_ADD> with value 2 and B<LOAD> to the dynamic ENGINE. If this is
|
||||
not the required behaviour then alternative ctrls can be sent directly
|
||||
to the dynamic ENGINE using ctrl commands.
|
||||
|
||||
The command B<init> determines whether to initialize the ENGINE. If the value
|
||||
is B<0> the ENGINE will not be initialized, if B<1> and attempt it made to
|
||||
initialized the ENGINE immediately. If the B<init> command is not present
|
||||
then an attempt will be made to initialize the ENGINE after all commands in
|
||||
its section have been processed.
|
||||
|
||||
The command B<default_algorithms> sets the default algorithms an ENGINE will
|
||||
supply using the functions B<ENGINE_set_default_string()>
|
||||
|
||||
If the name matches none of the above command names it is assumed to be a
|
||||
ctrl command which is sent to the ENGINE. The value of the command is the
|
||||
argument to the ctrl command. If the value is the string B<EMPTY> then no
|
||||
value is sent to the command.
|
||||
|
||||
For example:
|
||||
|
||||
|
||||
[engine_section]
|
||||
|
||||
# Configure ENGINE named "foo"
|
||||
foo = foo_section
|
||||
|
||||
[foo_section]
|
||||
# Load engine from DSO
|
||||
dynamic_path = /some/path/fooengine.so
|
||||
# A foo specific ctrl.
|
||||
some_ctrl = some_value
|
||||
# Another ctrl that doesn't take a value.
|
||||
other_ctrl = EMPTY
|
||||
# Supply all default algorithms
|
||||
default_algorithms = ALL
|
||||
|
||||
=head1 NOTES
|
||||
|
||||
If a configuration file attempts to expand a variable that doesn't exist
|
||||
then an error is flagged and the file will not load. This can happen
|
||||
if an attempt is made to expand an environment variable that doesn't
|
||||
exist. For example the default OpenSSL master configuration file used
|
||||
the value of B<HOME> which may not be defined on non Unix systems.
|
||||
exist. For example in a previous version of OpenSSL the default OpenSSL
|
||||
master configuration file used the value of B<HOME> which may not be
|
||||
defined on non Unix systems and would cause an error.
|
||||
|
||||
This can be worked around by including a B<default> section to provide
|
||||
a default value: then if the environment lookup fails the default value
|
||||
|
173
crypto/dist/openssl/doc/apps/s_time.pod
vendored
Normal file
173
crypto/dist/openssl/doc/apps/s_time.pod
vendored
Normal file
@ -0,0 +1,173 @@
|
||||
|
||||
=pod
|
||||
|
||||
=head1 NAME
|
||||
|
||||
s_time - SSL/TLS performance timing program
|
||||
|
||||
=head1 SYNOPSIS
|
||||
|
||||
B<openssl> B<s_time>
|
||||
[B<-connect host:port>]
|
||||
[B<-www page>]
|
||||
[B<-cert filename>]
|
||||
[B<-key filename>]
|
||||
[B<-CApath directory>]
|
||||
[B<-CAfile filename>]
|
||||
[B<-reuse>]
|
||||
[B<-new>]
|
||||
[B<-verify depth>]
|
||||
[B<-nbio>]
|
||||
[B<-time seconds>]
|
||||
[B<-ssl2>]
|
||||
[B<-ssl3>]
|
||||
[B<-bugs>]
|
||||
[B<-cipher cipherlist>]
|
||||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
The B<s_client> command implements a generic SSL/TLS client which connects to a
|
||||
remote host using SSL/TLS. It can request a page from the server and includes
|
||||
the time to transfer the payload data in its timing measurements. It measures
|
||||
the number of connections within a given timeframe, the amount of data
|
||||
transferred (if any), and calculates the average time spent for one connection.
|
||||
|
||||
=head1 OPTIONS
|
||||
|
||||
=over 4
|
||||
|
||||
=item B<-connect host:port>
|
||||
|
||||
This specifies the host and optional port to connect to.
|
||||
|
||||
=item B<-www page>
|
||||
|
||||
This specifies the page to GET from the server. A value of '/' gets the
|
||||
index.htm[l] page. If this parameter is not specified, then B<s_time> will only
|
||||
perform the handshake to establish SSL connections but not transfer any
|
||||
payload data.
|
||||
|
||||
=item B<-cert certname>
|
||||
|
||||
The certificate to use, if one is requested by the server. The default is
|
||||
not to use a certificate. The file is in PEM format.
|
||||
|
||||
=item B<-key keyfile>
|
||||
|
||||
The private key to use. If not specified then the certificate file will
|
||||
be used. The file is in PEM format.
|
||||
|
||||
=item B<-verify depth>
|
||||
|
||||
The verify depth to use. This specifies the maximum length of the
|
||||
server certificate chain and turns on server certificate verification.
|
||||
Currently the verify operation continues after errors so all the problems
|
||||
with a certificate chain can be seen. As a side effect the connection
|
||||
will never fail due to a server certificate verify failure.
|
||||
|
||||
=item B<-CApath directory>
|
||||
|
||||
The directory to use for server certificate verification. This directory
|
||||
must be in "hash format", see B<verify> for more information. These are
|
||||
also used when building the client certificate chain.
|
||||
|
||||
=item B<-CAfile file>
|
||||
|
||||
A file containing trusted certificates to use during server authentication
|
||||
and to use when attempting to build the client certificate chain.
|
||||
|
||||
=item B<-new>
|
||||
|
||||
performs the timing test using a new session ID for each connection.
|
||||
If neither B<-new> nor B<-reuse> are specified, they are both on by default
|
||||
and executed in sequence.
|
||||
|
||||
=item B<-reuse>
|
||||
|
||||
performs the timing test using the same session ID; this can be used as a test
|
||||
that session caching is working. If neither B<-new> nor B<-reuse> are
|
||||
specified, they are both on by default and executed in sequence.
|
||||
|
||||
=item B<-nbio>
|
||||
|
||||
turns on non-blocking I/O.
|
||||
|
||||
=item B<-ssl2>, B<-ssl3>
|
||||
|
||||
these options disable the use of certain SSL or TLS protocols. By default
|
||||
the initial handshake uses a method which should be compatible with all
|
||||
servers and permit them to use SSL v3, SSL v2 or TLS as appropriate.
|
||||
The timing program is not as rich in options to turn protocols on and off as
|
||||
the L<s_client(1)|s_client(1)> program and may not connect to all servers.
|
||||
|
||||
Unfortunately there are a lot of ancient and broken servers in use which
|
||||
cannot handle this technique and will fail to connect. Some servers only
|
||||
work if TLS is turned off with the B<-ssl3> option; others
|
||||
will only support SSL v2 and may need the B<-ssl2> option.
|
||||
|
||||
=item B<-bugs>
|
||||
|
||||
there are several known bug in SSL and TLS implementations. Adding this
|
||||
option enables various workarounds.
|
||||
|
||||
=item B<-cipher cipherlist>
|
||||
|
||||
this allows the cipher list sent by the client to be modified. Although
|
||||
the server determines which cipher suite is used it should take the first
|
||||
supported cipher in the list sent by the client.
|
||||
See the L<ciphers(1)|ciphers(1)> command for more information.
|
||||
|
||||
=item B<-time length>
|
||||
|
||||
specifies how long (in seconds) B<s_time> should establish connections and
|
||||
optionally transfer payload data from a server. Server and client performance
|
||||
and the link speed determine how many connections B<s_time> can establish.
|
||||
|
||||
=back
|
||||
|
||||
=head1 NOTES
|
||||
|
||||
B<s_client> can be used to measure the performance of an SSL connection.
|
||||
To connect to an SSL HTTP server and get the default page the command
|
||||
|
||||
openssl s_time -connect servername:443 -www / -CApath yourdir -CAfile yourfile.pem -cipher commoncipher [-ssl3]
|
||||
|
||||
would typically be used (https uses port 443). 'commoncipher' is a cipher to
|
||||
which both client and server can agree, see the L<ciphers(1)|ciphers(1)> command
|
||||
for details.
|
||||
|
||||
If the handshake fails then there are several possible causes, if it is
|
||||
nothing obvious like no client certificate then the B<-bugs>, B<-ssl2>,
|
||||
B<-ssl3> options can be tried
|
||||
in case it is a buggy server. In particular you should play with these
|
||||
options B<before> submitting a bug report to an OpenSSL mailing list.
|
||||
|
||||
A frequent problem when attempting to get client certificates working
|
||||
is that a web client complains it has no certificates or gives an empty
|
||||
list to choose from. This is normally because the server is not sending
|
||||
the clients certificate authority in its "acceptable CA list" when it
|
||||
requests a certificate. By using L<s_client(1)|s_client(1)> the CA list can be
|
||||
viewed and checked. However some servers only request client authentication
|
||||
after a specific URL is requested. To obtain the list in this case it
|
||||
is necessary to use the B<-prexit> option of L<s_client(1)|s_client(1)> and
|
||||
send an HTTP request for an appropriate page.
|
||||
|
||||
If a certificate is specified on the command line using the B<-cert>
|
||||
option it will not be used unless the server specifically requests
|
||||
a client certificate. Therefor merely including a client certificate
|
||||
on the command line is no guarantee that the certificate works.
|
||||
|
||||
=head1 BUGS
|
||||
|
||||
Because this program does not have all the options of the
|
||||
L<s_client(1)|s_client(1)> program to turn protocols on and off, you may not be
|
||||
able to measure the performance of all protocols with all servers.
|
||||
|
||||
The B<-verify> option should really exit if the server verification
|
||||
fails.
|
||||
|
||||
=head1 SEE ALSO
|
||||
|
||||
L<s_client(1)|s_client(1)>, L<s_server(1)|s_server(1)>, L<ciphers(1)|ciphers(1)>
|
||||
|
||||
=cut
|
6
crypto/dist/openssl/doc/crypto/BIO_f_ssl.pod
vendored
6
crypto/dist/openssl/doc/crypto/BIO_f_ssl.pod
vendored
@ -287,8 +287,8 @@ a client and also echoes the request to standard output.
|
||||
return 0;
|
||||
}
|
||||
|
||||
BIO_puts(sbio, "HTTP/1.0 200 OK\r\nContent-type: text/html\r\n\r\n");
|
||||
BIO_puts(sbio, "<pre>\r\nConnection Established\r\nRequest headers:\r\n");
|
||||
BIO_puts(sbio, "HTTP/1.0 200 OK\r\nContent-type: text/plain\r\n\r\n");
|
||||
BIO_puts(sbio, "\r\nConnection Established\r\nRequest headers:\r\n");
|
||||
BIO_puts(sbio, "--------------------------------------------------\r\n");
|
||||
|
||||
for(;;) {
|
||||
@ -301,7 +301,7 @@ a client and also echoes the request to standard output.
|
||||
}
|
||||
|
||||
BIO_puts(sbio, "--------------------------------------------------\r\n");
|
||||
BIO_puts(sbio, "</pre>\r\n");
|
||||
BIO_puts(sbio, "\r\n");
|
||||
|
||||
/* Since there is a buffering BIO present we had better flush it */
|
||||
BIO_flush(sbio);
|
||||
|
47
crypto/dist/openssl/doc/crypto/CONF_modules_free.pod
vendored
Normal file
47
crypto/dist/openssl/doc/crypto/CONF_modules_free.pod
vendored
Normal file
@ -0,0 +1,47 @@
|
||||
=pod
|
||||
|
||||
=head1 NAME
|
||||
|
||||
CONF_modules_free, CONF_modules_load, CONF_modules_unload -
|
||||
OpenSSL configuration cleanup functions
|
||||
|
||||
=head1 SYNOPSIS
|
||||
|
||||
#include <openssl/conf.h>
|
||||
|
||||
void CONF_modules_free(void);
|
||||
void CONF_modules_unload(int all);
|
||||
void CONF_modules_finish(void);
|
||||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
CONF_modules_free() closes down and frees up all memory allocated by all
|
||||
configuration modules.
|
||||
|
||||
CONF_modules_finish() calls each configuration modules B<finish> handler
|
||||
to free up any configuration that module may have performed.
|
||||
|
||||
CONF_modules_unload() finishes and unloads configuration modules. If
|
||||
B<all> is set to B<0> only modules loaded from DSOs will be unloads. If
|
||||
B<all> is B<1> all modules, including builtin modules will be unloaded.
|
||||
|
||||
=head1 NOTES
|
||||
|
||||
Normally applications will only call CONF_modules_free() at application to
|
||||
tidy up any configuration performed.
|
||||
|
||||
=head1 RETURN VALUE
|
||||
|
||||
None of the functions return a value.
|
||||
|
||||
=head1 SEE ALSO
|
||||
|
||||
L<conf(5)|conf(5)>, L<OPENSSL_config(3)|OPENSSL_config(3)>,
|
||||
L<CONF_modules_load_file(3), CONF_modules_load_file(3)>
|
||||
|
||||
=head1 HISTORY
|
||||
|
||||
CONF_modules_free(), CONF_modules_unload(), and CONF_modules_finish()
|
||||
first appeared in OpenSSL 0.9.7.
|
||||
|
||||
=cut
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user