diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2000-12-06 18:39:09 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2000-12-06 18:39:09 +0000 |
| commit | e0004e63a5ee478fff900b8cd0418851b6e9d8a4 (patch) | |
| tree | c68b0010a03eab6e4afa48f183a95655bf4831ce | |
| parent | f8a5c03cdf952c047f4f76ccb3d2cf12f4704a1b (diff) | |
| download | openssl-new-BRANCH_ASN1.tar.gz | |
Merge from main trunk: lets see if this works ;-)BRANCH_ASN1
This involved the use of some temporary
macros which handle the partial constification.
They cast away const but this will go away when
constification is handled in the main ASN1 code.
197 files changed, 6441 insertions, 3600 deletions
@@ -1,10 +1,225 @@ - OpenSSL CHANGES _______________ Changes between 0.9.6 and 0.9.7 [xx XXX 2000] - *) Add VMS support for the Rijndael code + *) Changed the LHASH code to use prototypes for callbacks, and created + macros to declare and implement thin (optionally static) functions + that provide type-safety and avoid function pointer casting for the + type-specific callbacks. + [Geoff Thorpe] + + *) Use better test patterns in bntest. + [Ulf Möller] + + *) Added Kerberos Cipher Suites to be used with TLS, as written in + RFC 2712. + [Veers Staats <staatsvr@asc.hpc.mil>, + Jeffrey Altman <jaltman@columbia.edu>, via Richard Levitte] + + *) rand_win.c fix for Borland C. + [Ulf Möller] + + *) BN_rshift bugfix for n == 0. + [Bodo Moeller] + + *) Reformat the FAQ so the different questions and answers can be divided + in sections depending on the subject. + [Richard Levitte] + + *) Have the zlib compression code load ZLIB.DLL dynamically under + Windows. + [Richard Levitte] + + *) New function BN_mod_sqrt for computing square roots modulo a prime + (Tonelli-Shanks algorithm). + [Lenka Fibikova <fibikova@exp-math.uni-essen.de>, Bodo Moeller] + + *) Store verify_result within SSL_SESSION also for client side to + avoid potential security hole. (Re-used sessions on the client side + always resulted in verify_result==X509_V_OK, not using the original + result of the server certificate verification.) + [Lutz Jaenicke] + + *) Make BN_mod_inverse faster by explicitly handling small quotients + in the Euclid loop. (Speed gain about 20% for small moduli [256 or + 512 bits], about 30% for larger ones [1024 or 2048 bits].) + [Bodo Moeller] + + *) Disable ssl2_peek and ssl3_peek (i.e., both implementations + of SSL_peek) because they both are completely broken. + They will be fixed RSN by adding an additional 'peek' parameter + to the internal read functions. + [Bodo Moeller] + + *) New function BN_kronecker. + [Bodo Moeller] + + *) Fix BN_gcd so that it works on negative inputs; the result is + positive unless both parameters are zero. + Previously something reasonably close to an infinite loop was + possible because numbers could be growing instead of shrinking + in the implementation of Euclid's algorithm. + [Bodo Moeller] + + *) Fix BN_is_word() and BN_is_one() macros to take into account the + sign of the number in question. + + Fix BN_is_word(a,w) to work correctly for w == 0. + + The old BN_is_word(a,w) macro is now called BN_abs_is_word(a,w) + because its test if the absolute value of 'a' equals 'w'. + Note that BN_abs_is_word does *not* handle w == 0 reliably; + it exists mostly for use in the implementations of BN_is_zero(), + BN_is_one(), and BN_is_word(). + [Bodo Moeller] + + *) Initialise "ex_data" member of RSA/DSA/DH structures prior to calling + the method-specific "init()" handler. Also clean up ex_data after + calling the method-specific "finish()" handler. Previously, this was + happening the other way round. + [Geoff Thorpe] + + *) New function BN_swap. + [Bodo Moeller] + + *) Use BN_nnmod instead of BN_mod in crypto/bn/bn_exp.c so that + the exponentiation functions are more likely to produce reasonable + results on negative inputs. + [Bodo Moeller] + + *) Change BN_mod_mul so that the result is always non-negative. + Previously, it could be negative if one of the factors was negative; + I don't think anyone really wanted that behaviour. + [Bodo Moeller] + + *) Move BN_mod_... functions into new file crypto/bn/bn_mod.c + (except for exponentiation, which stays in crypto/bn/bn_exp.c, + and BN_mod_mul_reciprocal, which stays in crypto/bn/bn_recp.c) + and add new functions: + + BN_nnmod + BN_mod_sqr + BN_mod_add + BN_mod_add_quick + BN_mod_sub + BN_mod_sub_quick + BN_mod_lshift1 + BN_mod_lshift1_quick + BN_mod_lshift + BN_mod_lshift_quick + + These functions always generate non-negative results. + + BN_nnmod otherwise is like BN_mod (if BN_mod computes a remainder r + such that |m| < r < 0, BN_nnmod will output rem + |m| instead). + + BN_mod_XXX_quick(r, a, [b,] m) generates the same result as + BN_mod_XXX(r, a, [b,] m, ctx), but requires that a [and b] + be reduced modulo m. + [Lenka Fibikova <fibikova@exp-math.uni-essen.de>, Bodo Moeller] + + *) Remove a few calls to bn_wexpand() in BN_sqr() (the one in there + was actually never needed) and in BN_mul(). The removal in BN_mul() + required a small change in bn_mul_part_recursive() and the addition + of the functions bn_cmp_part_words(), bn_sub_part_words() and + bn_add_part_words(), which do the same thing as bn_cmp_words(), + bn_sub_words() and bn_add_words() except they take arrays with + differing sizes. + [Richard Levitte] + + *) In 'openssl passwd', verify passwords read from the terminal + unless the '-salt' option is used (which usually means that + verification would just waste user's time since the resulting + hash is going to be compared with some given password hash) + or the new '-noverify' option is used. + + This is an incompatible change, but it does not affect + non-interactive use of 'openssl passwd' (passwords on the command + line, '-stdin' option, '-in ...' option) and thus should not + cause any problems. + [Bodo Moeller] + + *) Remove all references to RSAref, since there's no more need for it. + [Richard Levitte] + + *) Increase BN_CTX_NUM (the number of BIGNUMs in a BN_CTX) to 16. + The previous value, 12, was not always sufficient for BN_mod_exp(). + [Bodo Moeller] + + *) Make DSO load along a path given through an environment variable + (SHLIB_PATH) with shl_load(). + [Richard Levitte] + + *) Constify the ENGINE code as a result of BIGNUM constification. + Also constify the RSA code and most things related to it. In a + few places, most notable in the depth of the ASN.1 code, ugly + casts back to non-const were required (to be solved at a later + time) + [Richard Levitte] + + *) Make it so the openssl application has all engines loaded by default. + [Richard Levitte] + + *) Constify the BIGNUM routines a little more. + [Richard Levitte] + + *) Make sure that shared libraries get the internal name engine with + the full version number and not just 0. This should mark the + shared libraries as not backward compatible. Of course, this should + be changed again when we can guarantee backward binary compatibility. + [Richard Levitte] + + *) Add the following functions: + + ENGINE_load_cswift() + ENGINE_load_chil() + ENGINE_load_atalla() + ENGINE_load_nuron() + ENGINE_load_builtin_engines() + + That way, an application can itself choose if external engines that + are built-in in OpenSSL shall ever be used or not. The benefit is + that applications won't have to be linked with libdl or other dso + libraries unless it's really needed. + + Changed 'openssl engine' to load all engines on demand. + Changed the engine header files to avoid the duplication of some + declarations (they differed!). + [Richard Levitte] + + *) 'openssl engine' can now list capabilities. + [Richard Levitte] + + *) Better error reporting in 'openssl engine'. + [Richard Levitte] + + *) Never call load_dh_param(NULL) in s_server. + [Bodo Moeller] + + *) Add engine application. It can currently list engines by name and + identity, and test if they are actually available. + [Richard Levitte] + + *) Add support for shared libraries under Irix. + [Albert Chin-A-Young <china@thewrittenword.com>] + + *) Improve RPM specification file by forcing symbolic linking and making + sure the installed documentation is also owned by root.root. + [Damien Miller <djm@mindrot.org>] + + *) Add configuration option to build on Linux on both big-endian and + little-endian MIPS. + [Ralf Baechle <ralf@uni-koblenz.de>] + + *) Give the OpenSSL applications more possibilities to make use of + keys (public as well as private) handled by engines. + [Richard Levitte] + + *) Add OCSP code that comes from CertCo. + [Richard Levitte] + + *) Add VMS support for the Rijndael code. [Richard Levitte] *) Added untested support for Nuron crypto accelerator. @@ -10,7 +10,7 @@ use strict; # see INSTALL for instructions. -my $usage="Usage: Configure [no-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [rsaref] [no-threads] [no-asm] [no-dso] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] os/compiler[:flags]\n"; +my $usage="Usage: Configure [no-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [no-threads] [no-asm] [no-dso] [no-krb5] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx=vvv] os/compiler[:flags]\n"; # Options: # @@ -23,12 +23,21 @@ my $usage="Usage: Configure [no-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [- # default). This needn't be set in advance, you can # just as well use "make INSTALL_PREFIX=/whatever install". # +# --with-krb5-dir Declare where Kerberos 5 lives. The libraries are expected +# to live in the subdirectory lib/ and the header files in +# include/. +# --with-krb5-lib Declare where the Kerberos 5 libraries live. +# (Default: KRB5_DIR/lib) +# --with-krb5-include Declare where the Kerberos 5 header files live. +# (Default: KRB5_DIR/include) +# --with-krb5-flavor Declare what flavor of Kerberos 5 is used. Currently +# supported values are "MIT" and "Heimdal". +# # no-hw-xxx do not compile support for specific crypto hardware. # Generic OpenSSL-style methods relating to this support # are always compiled but return NULL if the hardware # support isn't compiled. # no-hw do not compile support for any crypto hardware. -# rsaref use RSAref # [no-]threads [don't] try to create a library that is suitable for # multithreaded applications (default is "threads" if we # know how to do it) @@ -36,6 +45,7 @@ my $usage="Usage: Configure [no-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [- # no-asm do not use assembler # no-dso do not compile in any native shared-library methods. This # will ensure that all methods just return NULL. +# no-krb5 do not compile in any KRB5 library or code. # 386 generate 80386 code # no-<cipher> build without specified algorithm (rsa, idea, rc5, ...) # -<xxx> +<xxx> compiler options are passed through @@ -119,7 +129,7 @@ my %table=( "debug-bodo", "gcc:-DL_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DBIO_PAIR_DEBUG -g -m486 -pedantic -Wshadow -Wall::-D_REENTRANT::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}", "debug-ulf", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}", "debug-steve", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -O2 -m486 -pedantic -Wall -Werror -Wshadow -pipe::-D_REENTRANT::${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}", -"debug-levitte-linux-elf","gcc:-DUSE_ALLOCATING_PRINT -DRL_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe::-D_REENTRANT:-ldl:::::::::::dlfcn", +"debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe::-D_REENTRANT:-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "dist", "cc:-O::(unknown):::::", # Basic configs that should work on any (32 and less bit) box @@ -177,17 +187,17 @@ my %table=( #### IRIX 5.x configs # -mips2 flag is added by ./config when appropriate. -"irix-gcc","gcc:-O3 -DTERMIOS -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK DES_UNROLL DES_RISC2 DES_PTR BF_PTR:::", -"irix-cc", "cc:-O2 -use_readonly_const -DTERMIOS -DB_ENDIAN::(unknown)::BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC2 DES_UNROLL BF_PTR:::", +"irix-gcc","gcc:-O3 -DTERMIOS -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK DES_UNROLL DES_RISC2 DES_PTR BF_PTR::::::::::dlfcn:irix-shared::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"irix-cc", "cc:-O2 -use_readonly_const -DTERMIOS -DB_ENDIAN::(unknown)::BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC2 DES_UNROLL BF_PTR::::::::::dlfcn:irix-shared::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", #### IRIX 6.x configs # Only N32 and N64 ABIs are supported. If you need O32 ABI build, invoke # './Configure irix-[g]cc' manually. # -mips4 flag is added by ./config when appropriate. -"irix-mips3-gcc","gcc:-mabi=n32 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:asm/mips3.o::", -"irix-mips3-cc", "cc:-n32 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:asm/mips3.o::", +"irix-mips3-gcc","gcc:-mabi=n32 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:asm/mips3.o:::::::::dlfcn:irix-shared::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"irix-mips3-cc", "cc:-n32 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:asm/mips3.o:::::::::dlfcn:irix-shared::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # N64 ABI builds. -"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:asm/mips3.o::", -"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:asm/mips3.o::", +"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:asm/mips3.o:::::::::dlfcn:irix-shared::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:asm/mips3.o:::::::::dlfcn:irix-shared::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", #### Unified HP-UX ANSI C configs. # Special notes: @@ -220,40 +230,40 @@ my %table=( #!#"hpux-parisc-cc","cc:-Ae +O3 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY:::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl", # Since there is mention of this in shlib/hpux10-cc.sh "hpux-parisc-cc-o4","cc:-Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY:::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W:::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W:::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "hpux64-parisc-cc","cc:-Ae +DD64 +O3 +ESlit -z -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT:-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dlfcn:hpux64-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # More attempts at unified 10.X and 11.X targets for HP C compiler. # # Chris Ruemmler <ruemmler@cup.hp.com> # Kevin Steves <ks@hp.se> -"hpux-parisc-cc","cc:+O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT:-ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT:-ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2.o:::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux-parisc-cc","cc:+O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT:-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT:-Wl,+s -ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2.o:::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT:-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2W.o:::::::::dlfcn:hpux64-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"hpux-parisc1_1-cc","cc:+DA1.1 +DS1.1 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT:-ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux-parisc1_1-cc","cc:+DA1.1 +DS1.1 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT:-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # HPUX 9.X config. # Don't use the bundled cc. It is broken. Use HP ANSI C if possible, or # egcs. gcc 2.8.1 is also broken. -"hpux-cc", "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::(unknown):-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux-cc", "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::(unknown):-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # If hpux-cc fails (e.g. during "make test"), try the next one; otherwise, # please report your OS and compiler version to the openssl-bugs@openssl.org # mailing list. -"hpux-brokencc", "cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::(unknown):-ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux-brokencc", "cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::(unknown):-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"hpux-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown):-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown):-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # If hpux-gcc fails, try this one: -"hpux-brokengcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown):-ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux-brokengcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown):-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # HPUX 10.X config. Supports threads. -"hpux10-cc", "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::-D_REENTRANT:-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux10-cc", "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::-D_REENTRANT:-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # If hpux10-cc fails, try this one (if still fails, try deleting BN_LLONG): -"hpux10-brokencc", "cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::-D_REENTRANT:-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux10-brokencc", "cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::-D_REENTRANT:-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"hpux10-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT:-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux10-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT:-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # If hpux10-gcc fails, try this one: -"hpux10-brokengcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT:-ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux10-brokengcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT:-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # HPUX 11.X from www.globus.org. # Only works on PA-RISC 2.0 cpus, and not optimized. Why? @@ -267,9 +277,9 @@ my %table=( # Dec Alpha, OSF/1 - the alpha164-cc is the flags for a 21164A with # the new compiler # For gcc, the following gave a %50 speedup on a 164 over the 'DES_INT' version -"alpha-gcc","gcc:-O3::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1:asm/alpha.o:::::::::dlfcn:true64-shared::.so", -"alpha-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK:asm/alpha.o:::::::::dlfcn:true64-shared::.so", -"alpha164-cc", "cc:-std1 -tune host -fast -readonly_strings::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK:asm/alpha.o:::::::::dlfcn:true64-shared::.so", +"alpha-gcc","gcc:-O3::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1:asm/alpha.o:::::::::dlfcn:tru64-shared::.so", +"alpha-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK:asm/alpha.o:::::::::dlfcn:tru64-shared::.so", +"alpha164-cc", "cc:-std1 -tune host -fast -readonly_strings::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK:asm/alpha.o:::::::::dlfcn:tru64-shared::.so", "FreeBSD-alpha","gcc:-DTERMIOS -O -fomit-frame-pointer::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", #### Alpha Linux with GNU C and Compaq C setups @@ -299,7 +309,8 @@ my %table=( "debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT:-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn", "debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT:-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn", "linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}", -"linux-mips", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown)::BN_LLONG:::", +"linux-mipsel", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown)::BN_LLONG:::", +"linux-mips", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown)::BN_LLONG:::", "linux-ppc", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG::", "linux-m68k", "gcc:-DB_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG::", "linux-ia64", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown)::SIXTY_FOUR_BIT_LONG::", @@ -407,8 +418,9 @@ my %table=( "OpenBSD", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown)::BN_LLONG RC2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "OpenBSD-mips","gcc:-O2 -DL_ENDIAN::(unknown):BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:::::::::::dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -##### MacOS X (a.k.a. Rhapsody) setup +##### MacOS X (a.k.a. Rhapsody or Darwin) setup "rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown)::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::", +"darwin-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown)::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::", ##### Sony NEWS-OS 4.x "newsos4-gcc","gcc:-O -DB_ENDIAN -DNEWS4::(unknown):-lmld -liberty:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::", @@ -423,6 +435,7 @@ my $openssldir=""; my $install_prefix=""; my $no_threads=0; my $no_shared=1; +my $no_krb5=0; my $threads=0; my $no_asm=0; my $no_dso=0; @@ -465,6 +478,7 @@ my $libs; my $target; my $options; my $symlink; +my %withargs=(); my @argvcopy=@ARGV; my $argvstring=""; @@ -509,6 +523,8 @@ PROCESS_ARGS: } elsif (/^no-dso$/) { $no_dso=1; } + elsif (/^no-krb5$/) + { $no_krb5=1; } elsif (/^no-threads$/) { $no_threads=1; } elsif (/^threads$/) @@ -563,9 +579,9 @@ PROCESS_ARGS: { $processor=386; } elsif (/^rsaref$/) { - $libs.= "-lRSAglue -lrsaref "; - $flags.= "-DRSAref "; - $openssl_other_defines .= "#define RSAref\n"; + # No RSAref support any more since it's not needed. + # The check for the option is there so scripts aren't + # broken } elsif (/^[-+]/) { @@ -589,6 +605,10 @@ PROCESS_ARGS: { $install_prefix=$1; } + elsif (/^--with-krb5-(dir|lib|include|flavor)=(.*)$/) + { + $withargs{"krb5-".$1}=$2; + } else { print STDERR $usage; @@ -653,6 +673,38 @@ print "IsWindows=$IsWindows\n"; split(/\s*:\s*/,$table{$target} . ":" x 30 , -1); $cflags="$flags$cflags" if ($flags ne ""); +# Kerberos settings. The flavor must be provided from outside, either through +# the script "config" or manually. +if ($no_krb5 + || !defined($withargs{"krb5-flavor"}) + || $withargs{"krb5-flavor"} eq "") + { + $cflags="-DNO_KRB5 $cflags"; + } +else + { + if ($withargs{"krb5-flavor"} =~ /^[Hh]eimdal$/) + { + $withargs{"krb5-dir"} = "/usr/heimdal" + if $withargs{"krb5-dir"} eq ""; + $withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}. + "/lib -lgssapi -lkrb5 -lcom_err" + if $withargs{"krb5-lib"} eq ""; + $cflags="-DKRB5_HEIMDAL $cflags"; + } + if ($withargs{"krb5-flavor"} =~ /^[Mm][Ii][Tt]$/) + { + $withargs{"krb5-dir"} = "/usr/kerberos" + if $withargs{"krb5-dir"} eq ""; + $withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}. + "/lib -lgssapi_krb5 -lkrb5 -lcom_err -lk5crypto" + if $withargs{"krb5-lib"} eq ""; + $cflags="-DKRB5_MIT $cflags"; + } + $withargs{"krb5-include"} = "-I".$withargs{"krb5-dir"}."/include" + if $withargs{"krb5-include"} eq "" && $withargs{"krb5-dir"} ne ""; + } + # The DSO code currently always implements all functions so that no # applications will have to worry about that from a compilation point # of view. However, the "method"s may return zero unless that platform @@ -845,6 +897,8 @@ while (<IN>) s/^PROCESSOR=.*/PROCESSOR= $processor/; s/^RANLIB=.*/RANLIB= $ranlib/; s/^PERL=.*/PERL= $perl/; + s/^KRB5_INCLUDES=.*/KRB5_INCLUDES=$withargs{"krb5-include"}/; + s/^LIBKRB5=.*/LIBKRB5=$withargs{"krb5-lib"}/; s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/; s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/; s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared); @@ -878,6 +932,10 @@ print "RMD160_OBJ_ASM=$rmd160_obj\n"; print "PROCESSOR =$processor\n"; print "RANLIB =$ranlib\n"; print "PERL =$perl\n"; +print "KRB5_INCLUDES =",$withargs{"krb5-include"},"\n" + if $withargs{"krb5-include"} ne ""; +print "LIBKRB5 =",$withargs{"krb5-lib"},"\n" + if $withargs{"krb5-lib"} ne ""; my $des_ptr=0; my $des_risc1=0; @@ -1,20 +1,22 @@ OpenSSL - Frequently Asked Questions -------------------------------------- +[MISC] Miscellaneous questions + * Which is the current version of OpenSSL? * Where is the documentation? * How can I contact the OpenSSL developers? +* Where can I get a compiled version of OpenSSL? +* Why aren't tools like 'autoconf' and 'libtool' used? + +[LEGAL] Legal questions + * Do I need patent licenses to use OpenSSL? -* Is OpenSSL thread-safe? +* Can I use OpenSSL with GPL software? + +[USER] Questions on using the OpenSSL applications + * Why do I get a "PRNG not seeded" error message? -* Why does the linker complain about undefined symbols? -* Where can I get a compiled version of OpenSSL? -* I've compiled a program under Windows and it crashes: why? -* How do I read or write a DER encoded buffer using the ASN1 functions? -* I've tried using <M_some_evil_pkcs12_macro> and I get errors why? -* I've called <some function> and it fails, why? -* I just get a load of numbers for the error output, what do they mean? -* Why do I get errors about unknown algorithms? * How do I create certificates or certificate requests? * Why can't I create certificate requests? * Why does <SSL program> fail with a certificate verify error? @@ -22,14 +24,31 @@ OpenSSL - Frequently Asked Questions * How can I create DSA certificates? * Why can't I make an SSL connection using a DSA certificate? * How can I remove the passphrase on a private key? -* Why can't the OpenSSH configure script detect OpenSSL? + +[BUILD] Questions about building and testing OpenSSL + +* Why does the linker complain about undefined symbols? * Why does the OpenSSL test fail with "bc: command not found"? * Why does the OpenSSL test fail with "bc: 1 no implemented"? * Why does the OpenSSL compilation fail on Alpha True64 Unix? * Why does the OpenSSL compilation fail with "ar: command not found"? * Why does the OpenSSL compilation fail on Win32 with VC++? -* Why aren't tools like 'autoconf' and 'libtool' used? +[PROG] Questions about programming with OpenSSL + +* Is OpenSSL thread-safe? +* I've compiled a program under Windows and it crashes: why? +* How do I read or write a DER encoded buffer using the ASN1 functions? +* I've tried using <M_some_evil_pkcs12_macro> and I get errors why? +* I've called <some function> and it fails, why? +* I just get a load of numbers for the error output, what do they mean? +* Why do I get errors about unknown algorithms? +* Why can't the OpenSSH configure script detect OpenSSL? +* Can I use OpenSSL's SSL library with non-blocking I/O? + +=============================================================================== + +[MISC] ======================================================================== * Which is the current version of OpenSSL? @@ -80,6 +99,36 @@ OpenSSL. Information on the OpenSSL mailing lists is available from <URL: http://www.openssl.org>. +* Where can I get a compiled version of OpenSSL? + +Some applications that use OpenSSL are distributed in binary form. +When using such an application, you don't need to install OpenSSL +yourself; the application will include the required parts (e.g. DLLs). + +If you want to install OpenSSL on a Windows system and you don't have +a C compiler, read the "Mingw32" section of INSTALL.W32 for information +on how to obtain and install the free GNU C compiler. + +A number of Linux and *BSD distributions include OpenSSL. + + +* Why aren't tools like 'autoconf' and 'libtool' used? + +autoconf is a nice tool, but is unfortunately very Unix-centric. +Although one can come up with solution to have ports keep in track, +there's also some work needed for that, and can be quite painful at +times. If there was a 'autoconf'-like tool that generated perl +scripts or something similarly general, it would probably be used +in OpenSSL much earlier. + +libtool has repeatadly been reported by some members of the OpenSSL +development and others to be a pain to use. So far, those in the +development team who have said anything about this have expressed +a wish to avoid libtool for that reason. + + +[LEGAL] ======================================================================= + * Do I need patent licenses to use OpenSSL? The patents section of the README file lists patents that may apply to @@ -91,17 +140,25 @@ You can configure OpenSSL so as not to use RC5 and IDEA by using ./config no-rc5 no-idea -* Is OpenSSL thread-safe? +* Can I use OpenSSL with GPL software? -Yes (with limitations: an SSL connection may not concurrently be used -by multiple threads). On Windows and many Unix systems, OpenSSL -automatically uses the multi-threaded versions of the standard -libraries. If your platform is not one of these, consult the INSTALL -file. +On many systems including the major Linux and BSD distributions, yes (the +GPL does not place restrictions on using libraries that are part of the +normal operating system distribution). -Multi-threaded applications must provide two callback functions to -OpenSSL. This is described in the threads(3) manpage. +On other systems, the situation is less clear. Some GPL software copyright +holders claim that you infringe on their rights if you use OpenSSL with +their software on operating systems that don't normally include OpenSSL. +If you develop open source software that uses OpenSSL, you may find it +useful to choose an other license than the GPL, or state explicitely that +"This program is released under the GPL with the additional exemption that +compiling, linking, and/or using OpenSSL is allowed." If you are using +GPL software developed by others, you may want to ask the copyright holder +for permission to use their software with OpenSSL. + + +[USER] ======================================================================== * Why do I get a "PRNG not seeded" error message? @@ -140,6 +197,70 @@ versions. However, be warned that /dev/random is usually a blocking device, which may have some effects on OpenSSL. +* How do I create certificates or certificate requests? + +Check out the CA.pl(1) manual page. This provides a simple wrapper round +the 'req', 'verify', 'ca' and 'pkcs12' utilities. For finer control check +out the manual pages for the individual utilities and the certificate +extensions documentation (currently in doc/openssl.txt). + + +* Why can't I create certificate requests? + +You typically get the error: + + unable to find 'distinguished_name' in config + problems making Certificate Request + +This is because it can't find the configuration file. Check out the +DIAGNOSTICS section of req(1) for more information. + + +* Why does <SSL program> fail with a certificate verify error? + +This problem is usually indicated by log messages saying something like +"unable to get local issuer certificate" or "self signed certificate". +When a certificate is verified its root CA must be "trusted" by OpenSSL +this typically means that the CA certificate must be placed in a directory +or file and the relevant program configured to read it. The OpenSSL program +'verify' behaves in a similar way and issues similar error messages: check +the verify(1) program manual page for more information. + + +* Why can I only use weak ciphers when I connect to a server using OpenSSL? + +This is almost certainly because you are using an old "export grade" browser +which only supports weak encryption. Upgrade your browser to support 128 bit +ciphers. + + +* How can I create DSA certificates? + +Check the CA.pl(1) manual page for a DSA certificate example. + + +* Why can't I make an SSL connection to a server using a DSA certificate? + +Typically you'll see a message saying there are no shared ciphers when +the same setup works fine with an RSA certificate. There are two possible +causes. The client may not support connections to DSA servers most web +browsers (including Netscape and MSIE) only support connections to servers +supporting RSA cipher suites. The other cause is that a set of DH parameters +has not been supplied to the server. DH parameters can be created with the +dhparam(1) command and loaded using the SSL_CTX_set_tmp_dh() for example: +check the source to s_server in apps/s_server.c for an example. + + +* How can I remove the passphrase on a private key? + +Firstly you should be really *really* sure you want to do this. Leaving +a private key unencrypted is a major security risk. If you decide that +you do have to do this check the EXAMPLES sections of the rsa(1) and +dsa(1) manual pages. + + +[BUILD] ======================================================================= + * Why does the linker complain about undefined symbols? Maybe the compilation was interrupted, and make doesn't notice that @@ -164,17 +285,98 @@ If none of these helps, you may want to try using the current snapshot. If the problem persists, please submit a bug report. -* Where can I get a compiled version of OpenSSL? +* Why does the OpenSSL test fail with "bc: command not found"? -Some applications that use OpenSSL are distributed in binary form. -When using such an application, you don't need to install OpenSSL -yourself; the application will include the required parts (e.g. DLLs). +You didn't install "bc", the Unix calculator. If you want to run the +tests, get GNU bc from ftp://ftp.gnu.org or from your OS distributor. -If you want to install OpenSSL on a Windows system and you don't have -a C compiler, read the "Mingw32" section of INSTALL.W32 for information -on how to obtain and install the free GNU C compiler. -A number of Linux and *BSD distributions include OpenSSL. +* Why does the OpenSSL test fail with "bc: 1 no implemented"? + +On some SCO installations or versions, bc has a bug that gets triggered when +you run the test suite (using "make test"). The message returned is "bc: +1 not implemented". The best way to deal with this is to find another +implementation of bc and compile/install it. For example, GNU bc (see +http://www.gnu.org/software/software.html for download instructions) can +be safely used. + + +* Why does the OpenSSL compilation fail on Alpha True64 Unix? + +On some Alpha installations running True64 Unix and Compaq C, the compilation +of crypto/sha/sha_dgst.c fails with the message 'Fatal: Insufficient virtual +memory to continue compilation.' As far as the tests have shown, this may be +a compiler bug. What happens is that it eats up a lot of resident memory +to build something, probably a table. The problem is clearly in the +optimization code, because if one eliminates optimization completely (-O0), +the compilation goes through (and the compiler consumes about 2MB of resident +memory instead of 240MB or whatever one's limit is currently). + +There are three options to solve this problem: + +1. set your current data segment size soft limit higher. Experience shows +that about 241000 kbytes seems to be enough on an AlphaServer DS10. You do +this with the command 'ulimit -Sd nnnnnn', where 'nnnnnn' is the number of +kbytes to set the limit to. + +2. If you have a hard limit that is lower than what you need and you can't +get it changed, you can compile all of OpenSSL with -O0 as optimization +level. This is however not a very nice thing to do for those who expect to +get the best result from OpenSSL. A bit more complicated solution is the +following: + +----- snip:start ----- + make DIRS=crypto SDIRS=sha "`grep '^CFLAG=' Makefile.ssl | \ + sed -e 's/ -O[0-9] / -O0 /'`" + rm `ls crypto/*.o crypto/sha/*.o | grep -v 'sha_dgst\.o'` + make +----- snip:end ----- + +This will only compile sha_dgst.c with -O0, the rest with the optimization +level chosen by the configuration process. When the above is done, do the +test and installation and you're set. + + +* Why does the OpenSSL compilation fail with "ar: command not found"? + +Getting this message is quite usual on Solaris 2, because Sun has hidden +away 'ar' and other development commands in directories that aren't in +$PATH by default. One of those directories is '/usr/ccs/bin'. The +quickest way to fix this is to do the following (it assumes you use sh +or any sh-compatible shell): + +----- snip:start ----- + PATH=${PATH}:/usr/ccs/bin; export PATH +----- snip:end ----- + +and then redo the compilation. What you should really do is make sure +'/usr/ccs/bin' is permanently in your $PATH, for example through your +'.profile' (again, assuming you use a sh-compatible shell). + + +* Why does the OpenSSL compilation fail on Win32 with VC++? + +Sometimes, you may get reports from VC++ command line (cl) that it +can't find standard include files like stdio.h and other weirdnesses. +One possible cause is that the environment isn't correctly set up. +To solve that problem, one should run VCVARS32.BAT which is found in +the 'bin' subdirectory of the VC++ installation directory (somewhere +under 'Program Files'). This needs to be done prior to running NMAKE, +and the changes are only valid for the current DOS session. + + +[PROG] ======================================================================== + +* Is OpenSSL thread-safe? + +Yes (with limitations: an SSL connection may not concurrently be used +by multiple threads). On Windows and many Unix systems, OpenSSL +automatically uses the multi-threaded versions of the standard +libraries. If your platform is not one of these, consult the INSTALL +file. + +Multi-threaded applications must provide two callback functions to +OpenSSL. This is described in the threads(3) manpage. * I've compiled a program under Windows and it crashes: why? @@ -261,68 +463,6 @@ is forgetting to load OpenSSL's table of algorithms with OpenSSL_add_all_algorithms(). See the manual page for more information. -* How do I create certificates or certificate requests? - -Check out the CA.pl(1) manual page. This provides a simple wrapper round -the 'req', 'verify', 'ca' and 'pkcs12' utilities. For finer control check -out the manual pages for the individual utilities and the certificate -extensions documentation (currently in doc/openssl.txt). - - -* Why can't I create certificate requests? - -You typically get the error: - - unable to find 'distinguished_name' in config - problems making Certificate Request - -This is because it can't find the configuration file. Check out the -DIAGNOSTICS section of req(1) for more information. - - -* Why does <SSL program> fail with a certificate verify error? - -This problem is usually indicated by log messages saying something like -"unable to get local issuer certificate" or "self signed certificate". -When a certificate is verified its root CA must be "trusted" by OpenSSL -this typically means that the CA certificate must be placed in a directory -or file and the relevant program configured to read it. The OpenSSL program -'verify' behaves in a similar way and issues similar error messages: check -the verify(1) program manual page for more information. - - -* Why can I only use weak ciphers when I connect to a server using OpenSSL? - -This is almost certainly because you are using an old "export grade" browser -which only supports weak encryption. Upgrade your browser to support 128 bit -ciphers. - - -* How can I create DSA certificates? - -Check the CA.pl(1) manual page for a DSA certificate example. - - -* Why can't I make an SSL connection to a server using a DSA certificate? - -Typically you'll see a message saying there are no shared ciphers when -the same setup works fine with an RSA certificate. There are two possible -causes. The client may not support connections to DSA servers most web -browsers (including Netscape and MSIE) only support connections to servers -supporting RSA cipher suites. The other cause is that a set of DH parameters -has not been supplied to the server. DH parameters can be created with the -dhparam(1) command and loaded using the SSL_CTX_set_tmp_dh() for example: -check the source to s_server in apps/s_server.c for an example. - - -* How can I remove the passphrase on a private key? - -Firstly you should be really *really* sure you want to do this. Leaving -a private key unencrypted is a major security risk. If you decide that -you do have to do this check the EXAMPLES sections of the rsa(1) and -dsa(1) manual pages. - - * Why can't the OpenSSH configure script detect OpenSSL? There is a problem with OpenSSH 1.2.2p1, in that the configure script @@ -364,97 +504,19 @@ applied to the OpenSSH distribution: ----- snip:end ----- -* Why does the OpenSSL test fail with "bc: command not found"? - -You didn't install "bc", the Unix calculator. If you want to run the -tests, get GNU bc from ftp://ftp.gnu.org or from your OS distributor. - - -* Why does the OpenSSL test fail with "bc: 1 no implemented"? - -On some SCO installations or versions, bc has a bug that gets triggered when -you run the test suite (using "make test"). The message returned is "bc: -1 not implemented". The best way to deal with this is to find another -implementation of bc and compile/install it. For example, GNU bc (see -http://www.gnu.org/software/software.html for download instructions) can -be safely used. - - -* Why does the OpenSSL compilation fail on Alpha True64 Unix? - -On some Alpha installations running True64 Unix and Compaq C, the compilation -of crypto/sha/sha_dgst.c fails with the message 'Fatal: Insufficient virtual -memory to continue compilation.' As far as the tests have shown, this may be -a compiler bug. What happens is that it eats up a lot of resident memory -to build something, probably a table. The problem is clearly in the -optimization code, because if one eliminates optimization completely (-O0), -the compilation goes through (and the compiler consumes about 2MB of resident -memory instead of 240MB or whatever one's limit is currently). +* Can I use OpenSSL's SSL library with non-blocking I/O? -There are three options to solve this problem: +Yes; make sure to read the SSL_get_error(3) manual page! -1. set your current data segment size soft limit higher. Experience shows -that about 241000 kbytes seems to be enough on an AlphaServer DS10. You do -this with the command 'ulimit -Sd nnnnnn', where 'nnnnnn' is the number of -kbytes to set the limit to. +A pitfall to avoid: Don't assume that SSL_read() will just read from +the underlying transport or that SSL_write() will just write to it -- +it is also possible that SSL_write() cannot do any useful work until +there is data to read, or that SSL_read() cannot do anything until it +is possible to send data. One reason for this is that the peer may +request a new TLS/SSL handshake at any time during the protocol, +requiring a bi-directional message exchange; both SSL_read() and +SSL_write() will try to continue any pending handshake. -2. If you have a hard limit that is lower than what you need and you can't -get it changed, you can compile all of OpenSSL with -O0 as optimization -level. This is however not a very nice thing to do for those who expect to -get the best result from OpenSSL. A bit more complicated solution is the -following: ------ snip:start ----- - make DIRS=crypto SDIRS=sha "`grep '^CFLAG=' Makefile.ssl | \ - sed -e 's/ -O[0-9] / -O0 /'`" - rm `ls crypto/*.o crypto/sha/*.o | grep -v 'sha_dgst\.o'` - make ------ snip:end ----- - -This will only compile sha_dgst.c with -O0, the rest with the optimization -level chosen by the configuration process. When the above is done, do the -test and installation and you're set. - - -* Why does the OpenSSL compilation fail with "ar: command not found"? - -Getting this message is quite usual on Solaris 2, because Sun has hidden -away 'ar' and other development commands in directories that aren't in -$PATH by default. One of those directories is '/usr/ccs/bin'. The -quickest way to fix this is to do the following (it assumes you use sh -or any sh-compatible shell): - ------ snip:start ----- - PATH=${PATH}:/usr/ccs/bin; export PATH ------ snip:end ----- - -and then redo the compilation. What you should really do is make sure -'/usr/ccs/bin' is permanently in your $PATH, for example through your -'.profile' (again, assuming you use a sh-compatible shell). - - -* Why does the OpenSSL compilation fail on Win32 with VC++? - -Sometimes, you may get reports from VC++ command line (cl) that it -can't find standard include files like stdio.h and other weirdnesses. -One possible cause is that the environment isn't correctly set up. -To solve that problem, one should run VCVARS32.BAT which is found in -the 'bin' subdirectory of the VC++ installation directory (somewhere -under 'Program Files'). This needs to be done prior to running NMAKE, -and the changes are only valid for the current DOS session. - - -* Why aren't tools like 'autoconf' and 'libtool' used? - -autoconf is a nice tool, but is unfortunately very Unix-centric. -Although one can come up with solution to have ports keep in track, -there's also some work needed for that, and can be quite painful at -times. If there was a 'autoconf'-like tool that generated perl -scripts or something similarly general, it would probably be used -in OpenSSL much earlier. - -libtool has repeatadly been reported by some members of the OpenSSL -development and others to be a pain to use. So far, those in the -development team who have said anything about this have expressed -a wish to avoid libtool for that reason. +=============================================================================== @@ -43,9 +43,6 @@ --openssldir=DIR Directory for OpenSSL files. If no prefix is specified, the library files and binaries are also installed there. - rsaref Build with RSADSI's RSAREF toolkit (this assumes that - librsaref.a is in the library search path). - no-threads Don't try to build with support for multi-threaded applications. diff --git a/Makefile.org b/Makefile.org index 184fd768e1..c50cab6a72 100644 --- a/Makefile.org +++ b/Makefile.org @@ -24,7 +24,6 @@ INSTALLTOP=/usr/local/ssl # Do not edit this manually. Use Configure --openssldir=DIR do change this! OPENSSLDIR=/usr/local/ssl -# RSAref - Define if we are to link with RSAref. # NO_IDEA - Define to build without the IDEA algorithm # NO_RC4 - Define to build without the RC4 algorithm # NO_RC2 - Define to build without the RC2 algorithm @@ -150,11 +149,15 @@ RMD160_ASM_OBJ= asm/rm86-out.o #RMD160_ASM_OBJ= asm/rm86-out.o # a.out, FreeBSD #RMD160_ASM_OBJ= asm/rm86bsdi.o # bsdi +# KRB5 stuff +KRB5_INCLUDES= +LIBKRB5= + # When we're prepared to use shared libraries in the programs we link here # we might set SHLIB_MARK to '$(SHARED_LIBS)'. SHLIB_MARK= -DIRS= crypto ssl rsaref $(SHLIB_MARK) apps test tools +DIRS= crypto ssl $(SHLIB_MARK) apps test tools SHLIBDIRS= crypto ssl # dirs in crypto to build @@ -163,7 +166,11 @@ SDIRS= \ des rc2 rc4 rc5 idea bf cast \ bn rsa dsa dh dso engine rijndael \ buffer bio stack lhash rand err objects \ - evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp + evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp + +# tests to perform. "alltests" is a special word indicating that all tests +# should be performed. +TESTS = alltests MAKEFILE= Makefile.ssl MAKE= make -f Makefile.ssl @@ -201,7 +208,7 @@ sub_all: do \ if [ -d "$$i" ]; then \ (cd $$i && echo "making all in $$i..." && \ - $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' all ) || exit 1; \ + $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' all ) || exit 1; \ else \ $(MAKE) $$i; \ fi; \ @@ -254,14 +261,14 @@ do_bsd-gcc-shared: linux-shared do_linux-shared: libs='${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ ( set -x; ${CC} -shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ - -Wl,-S,-soname=lib$$i.so.${SHLIB_MAJOR} \ + -Wl,-S,-soname=lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ -Wl,--whole-archive lib$$i.a \ -Wl,--no-whole-archive $$libs ${EX_LIBS} -lc ) || exit 1; \ libs="$$libs -L. -l$$i"; \ done # This assumes that GNU utilities are *not* used -do_true64-shared: +do_tru64-shared: libs='${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ ( set -x; ${CC} -shared -no_archive -o lib$$i.so \ -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \ @@ -273,28 +280,55 @@ do_true64-shared: do_solaris-shared: libs='${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ ( set -x; ${CC} -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ - -h lib$$i.so.${SHLIB_MAJOR} \ + -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ -z allextract lib$$i.a $$libs ${EX_LIBS} -lc ) || exit 1; \ libs="$$libs -L. -l$$i"; \ done # This assumes that GNU utilities are *not* used -do_hpux-shared: +do_irix-shared: libs='${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ + ( set -x; ${CC} -shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ + -Wl,-soname,lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ + -all lib$$i.a $$libs ${EX_LIBS} -lc) || exit 1; \ + libs="$$libs -L. -l$$i"; \ + done + +# This assumes that GNU utilities are *not* used +# HP-UX includes the full pathname of libs we depend on, so we would get +# ./libcrypto (with ./ as path information) compiled into libssl, hence +# we omit the SHLIBDEPS. Applications must be linked with -lssl -lcrypto +# anyway. +# The object modules are loaded from lib$i.a using the undocumented -Fl +# option. +# +# WARNING: Until DSO is fixed to support a search path, we support SHLIB_PATH +# by temporarily specifying "+s"! +# +do_hpux-shared: + for i in ${SHLIBDIRS}; do \ ( set -x; /usr/ccs/bin/ld +vnocompatwarnings \ - -b -z -o lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \ + -b -z +s \ + -o lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \ +h lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \ - -Fl lib$$i.a $$libs ${EX_LIBS} -lc ) || exit 1; \ - libs="$$libs -L. -l$$i"; \ + -Fl lib$$i.a -ldld -lc ) || exit 1; \ done # This assumes that GNU utilities are *not* used +# HP-UX includes the full pathname of libs we depend on, so we would get +# ./libcrypto (with ./ as path information) compiled into libssl, hence +# we omit the SHLIBDEPS. Applications must be linked with -lssl -lcrypto +# anyway. +# +# HP-UX in 64bit mode has "+s" enabled by default; it will search for +# shared libraries along LD_LIBRARY_PATH _and_ SHLIB_PATH. +# do_hpux64-shared: - libs='${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ - ( set -x; /usr/ccs/bin/ld -b -z -o lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \ + for i in ${SHLIBDIRS}; do \ + ( set -x; /usr/ccs/bin/ld -b -z \ + -o lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \ +h lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \ - +forceload lib$$i.a $$libs ${EX_LIBS} -lc ) || exit 1; \ - libs="$$libs -L. -l$$i"; \ + +forceload lib$$i.a -ldl -lc ) || exit 1; \ done Makefile.ssl: Makefile.org @@ -343,7 +377,7 @@ links: @for i in $(DIRS); do \ if [ -d "$$i" ]; then \ (cd $$i && echo "making links in $$i..." && \ - $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PERL='${PERL}' links ) || exit 1; \ + $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PERL='${PERL}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' links ) || exit 1; \ fi; \ done; @@ -366,7 +400,7 @@ test: tests tests: rehash @(cd test && echo "testing..." && \ - $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SDIRS='${SDIRS}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' tests ); + $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SDIRS='${SDIRS}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' tests ); @apps/openssl version -a report: @@ -475,8 +509,8 @@ install: all install_docs do \ if [ -f "$$i" ]; then \ ( echo installing $$i; \ - cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i ); \ + cp -f $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \ + chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i ); \ fi \ done; \ ( here="`pwd`"; \ @@ -5,6 +5,13 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 0.9.6 and OpenSSL x.x.x: + + o New library section OCSP. + o Complete haul-over of the ASN.1 library section [1]. + + [1] The haul-over is currently a separate line of development. + Major changes between OpenSSL 0.9.5a and OpenSSL 0.9.6: o Some documentation for BIO and SSL libraries. diff --git a/README.ENGINE b/README.ENGINE index 3d88ed152f..0d698b7446 100644 --- a/README.ENGINE +++ b/README.ENGINE @@ -13,11 +13,10 @@ o CryptoSwift o Compaq Atalla o nCipher CHIL + o Nuron A number of things are still needed and are being worked on: - o An openssl utility command to handle or at least check available - engines. o A better way of handling the methods that are handled by the engines. o Documentation! @@ -25,25 +24,6 @@ What already exists is fairly stable as far as it has been tested, but the test base has been a bit small most of the time. - Because of this experimental status and what's lacking, the ENGINE - component is not yet part of the default OpenSSL distribution. However, - we have made a separate kit for those who want to try this out, to be - found in the same places as the default OpenSSL distribution, but with - "-engine-" being part of the kit file name. For example, version 0.9.6 - is distributed in the following two files: - - openssl-0.9.6.tar.gz - openssl-engine-0.9.6.tar.gz - - NOTES - ===== - - openssl-engine-0.9.6.tar.gz does not depend on openssl-0.9.6.tar, you do - not need to download both. - - openssl-engine-0.9.6.tar.gz is usable even if you don't have an external - crypto device. The internal OpenSSL functions are contained in the - engine "openssl", and will be used by default. No external crypto device is chosen unless you say so. You have actively tell the openssl utility commands to use it through a new command line @@ -1,6 +1,6 @@ OpenSSL STATUS Last modified at - ______________ $Date: 2000/10/26 21:07:27 $ + ______________ $Date: 2000/12/06 18:34:02 $ DEVELOPMENT STATE @@ -34,8 +34,10 @@ o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). - Dynamic thread-lock support. Shared library support for VMS. + OCSP + Kerberos 5 authentication + Constification NEEDS PATCH @@ -584,7 +584,7 @@ $rc4_obj = $rmd160_obj = $rc5_obj = $dso_scheme = dlfcn -$shared_target= true64-shared +$shared_target= tru64-shared $shared_cflag = $shared_extension = .so @@ -605,7 +605,7 @@ $rc4_obj = $rmd160_obj = $rc5_obj = $dso_scheme = dlfcn -$shared_target= true64-shared +$shared_target= tru64-shared $shared_cflag = $shared_extension = .so @@ -626,7 +626,7 @@ $rc4_obj = $rmd160_obj = $rc5_obj = $dso_scheme = dlfcn -$shared_target= true64-shared +$shared_target= tru64-shared $shared_cflag = $shared_extension = .so @@ -735,6 +735,27 @@ $shared_target= $shared_cflag = $shared_extension = +*** darwin-ppc-cc +$cc = cc +$cflags = -O3 -DB_ENDIAN +$unistd = +$thread_cflag = (unknown) +$lflags = +$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR +$bn_obj = +$des_obj = +$bf_obj = +$md5_obj = +$sha1_obj = +$cast_obj = +$rc4_obj = +$rmd160_obj = +$rc5_obj = +$dso_scheme = +$shared_target= +$shared_cflag = +$shared_extension = + *** debug $cc = gcc $cflags = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror @@ -842,24 +863,24 @@ $shared_extension = *** debug-levitte-linux-elf $cc = gcc -$cflags = -DUSE_ALLOCATING_PRINT -DRL_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe +$cflags = -DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe $unistd = $thread_cflag = -D_REENTRANT $lflags = -ldl -$bn_ops = -$bn_obj = -$des_obj = -$bf_obj = -$md5_obj = -$sha1_obj = -$cast_obj = -$rc4_obj = -$rmd160_obj = -$rc5_obj = +$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT +$bn_obj = asm/bn86-elf.o asm/co86-elf.o +$des_obj = asm/dx86-elf.o asm/yx86-elf.o +$bf_obj = asm/bx86-elf.o +$md5_obj = asm/mx86-elf.o +$sha1_obj = asm/sx86-elf.o +$cast_obj = asm/cx86-elf.o +$rc4_obj = asm/rx86-elf.o +$rmd160_obj = asm/rm86-elf.o +$rc5_obj = asm/r586-elf.o $dso_scheme = dlfcn -$shared_target= -$shared_cflag = -$shared_extension = +$shared_target= linux-shared +$shared_cflag = -fPIC +$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR) *** debug-linux-elf $cc = gcc @@ -1160,7 +1181,7 @@ $cc = cc $cflags = -DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z $unistd = $thread_cflag = (unknown) -$lflags = -ldld +$lflags = -Wl,+s -ldld $bn_ops = DES_PTR DES_UNROLL DES_RISC1 $bn_obj = $des_obj = @@ -1181,7 +1202,7 @@ $cc = gcc $cflags = -DB_ENDIAN -DBN_DIV2W -O3 $unistd = $thread_cflag = (unknown) -$lflags = -ldld +$lflags = -Wl,+s -ldld $bn_ops = DES_PTR DES_UNROLL DES_RISC1 $bn_obj = $des_obj = @@ -1202,7 +1223,7 @@ $cc = cc $cflags = -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z $unistd = $thread_cflag = (unknown) -$lflags = -ldld +$lflags = -Wl,+s -ldld $bn_ops = BN_LLONG DES_PTR DES_UNROLL DES_RISC1 $bn_obj = $des_obj = @@ -1223,7 +1244,7 @@ $cc = gcc $cflags = -DB_ENDIAN -DBN_DIV2W -O3 $unistd = $thread_cflag = (unknown) -$lflags = -ldld +$lflags = -Wl,+s -ldld $bn_ops = BN_LLONG DES_PTR DES_UNROLL DES_RISC1 $bn_obj = $des_obj = @@ -1244,7 +1265,7 @@ $cc = cc $cflags = +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY $unistd = $thread_cflag = -D_REENTRANT -$lflags = -ldld +$lflags = -Wl,+s -ldld $bn_ops = MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT $bn_obj = $des_obj = @@ -1286,7 +1307,7 @@ $cc = gcc $cflags = -O3 -DB_ENDIAN -DBN_DIV2W $unistd = $thread_cflag = -$lflags = -ldld +$lflags = -Wl,+s -ldld $bn_ops = BN_LLONG DES_PTR DES_UNROLL DES_RISC1 $bn_obj = $des_obj = @@ -1307,7 +1328,7 @@ $cc = cc $cflags = +DA1.1 +DS1.1 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY $unistd = $thread_cflag = -D_REENTRANT -$lflags = -ldld +$lflags = -Wl,+s -ldld $bn_ops = MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT $bn_obj = $des_obj = @@ -1328,7 +1349,7 @@ $cc = cc $cflags = +DA2.0 +DS2.0 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY $unistd = $thread_cflag = -D_REENTRANT -$lflags = -ldld +$lflags = -Wl,+s -ldld $bn_ops = SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT $bn_obj = asm/pa-risc2.o $des_obj = @@ -1349,7 +1370,7 @@ $cc = cc $cflags = -DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z $unistd = $thread_cflag = -D_REENTRANT -$lflags = -ldld +$lflags = -Wl,+s -ldld $bn_ops = BN_LLONG DES_PTR DES_UNROLL DES_RISC1 $bn_obj = $des_obj = @@ -1370,7 +1391,7 @@ $cc = gcc $cflags = -DB_ENDIAN -DBN_DIV2W -O3 $unistd = $thread_cflag = -D_REENTRANT -$lflags = -ldld +$lflags = -Wl,+s -ldld $bn_ops = DES_PTR DES_UNROLL DES_RISC1 $bn_obj = $des_obj = @@ -1391,7 +1412,7 @@ $cc = cc $cflags = -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z $unistd = $thread_cflag = -D_REENTRANT -$lflags = -ldld +$lflags = -Wl,+s -ldld $bn_ops = BN_LLONG DES_PTR DES_UNROLL DES_RISC1 $bn_obj = $des_obj = @@ -1412,7 +1433,7 @@ $cc = gcc $cflags = -DB_ENDIAN -DBN_DIV2W -O3 $unistd = $thread_cflag = -D_REENTRANT -$lflags = -ldld +$lflags = -Wl,+s -ldld $bn_ops = BN_LLONG DES_PTR DES_UNROLL DES_RISC1 $bn_obj = $des_obj = @@ -1486,10 +1507,10 @@ $cast_obj = $rc4_obj = $rmd160_obj = $rc5_obj = -$dso_scheme = -$shared_target= +$dso_scheme = dlfcn +$shared_target= irix-shared $shared_cflag = -$shared_extension = +$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR) *** irix-gcc $cc = gcc @@ -1507,10 +1528,10 @@ $cast_obj = $rc4_obj = $rmd160_obj = $rc5_obj = -$dso_scheme = -$shared_target= +$dso_scheme = dlfcn +$shared_target= irix-shared $shared_cflag = -$shared_extension = +$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR) *** irix-mips3-cc $cc = cc @@ -1528,10 +1549,10 @@ $cast_obj = $rc4_obj = $rmd160_obj = $rc5_obj = -$dso_scheme = -$shared_target= +$dso_scheme = dlfcn +$shared_target= irix-shared $shared_cflag = -$shared_extension = +$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR) *** irix-mips3-gcc $cc = gcc @@ -1549,10 +1570,10 @@ $cast_obj = $rc4_obj = $rmd160_obj = $rc5_obj = -$dso_scheme = -$shared_target= +$dso_scheme = dlfcn +$shared_target= irix-shared $shared_cflag = -$shared_extension = +$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR) *** irix64-mips4-cc $cc = cc @@ -1570,10 +1591,10 @@ $cast_obj = $rc4_obj = $rmd160_obj = $rc5_obj = -$dso_scheme = -$shared_target= +$dso_scheme = dlfcn +$shared_target= irix-shared $shared_cflag = -$shared_extension = +$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR) *** irix64-mips4-gcc $cc = gcc @@ -1591,10 +1612,10 @@ $cast_obj = $rc4_obj = $rmd160_obj = $rc5_obj = -$dso_scheme = -$shared_target= +$dso_scheme = dlfcn +$shared_target= irix-shared $shared_cflag = -$shared_extension = +$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR) *** linux-alpha+bwx-ccc $cc = ccc @@ -1787,6 +1808,27 @@ $shared_extension = *** linux-mips $cc = gcc +$cflags = -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall +$unistd = +$thread_cflag = (unknown) +$lflags = +$bn_ops = BN_LLONG +$bn_obj = +$des_obj = +$bf_obj = +$md5_obj = +$sha1_obj = +$cast_obj = +$rc4_obj = +$rmd160_obj = +$rc5_obj = +$dso_scheme = +$shared_target= +$shared_cflag = +$shared_extension = + +*** linux-mipsel +$cc = gcc $cflags = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall $unistd = $thread_cflag = (unknown) diff --git a/apps/Makefile.ssl b/apps/Makefile.ssl index 10b94e1756..3f76156b6b 100644 --- a/apps/Makefile.ssl +++ b/apps/Makefile.ssl @@ -5,7 +5,7 @@ DIR= apps TOP= .. CC= cc -INCLUDES= -I../include +INCLUDES= -I../include $(KRB5_INCLUDES) CFLAG= -g -static INSTALL_PREFIX= INSTALLTOP= /usr/local/ssl @@ -15,6 +15,9 @@ MAKEDEPEND= $(TOP)/util/domd $(TOP) MAKEFILE= Makefile.ssl PERL=/usr/local/bin/perl RM= rm -f +# KRB5 stuff +KRB5_INCLUDES= +LIBKRB5= PEX_LIBS= EX_LIBS= @@ -38,7 +41,7 @@ E_EXE= verify asn1pars req dgst dh dhparam enc passwd gendh errstr \ ca crl rsa rsautl dsa dsaparam \ x509 genrsa gendsa s_server s_client speed \ s_time version pkcs7 crl2pkcs7 sess_id ciphers nseq pkcs12 \ - pkcs8 spkac smime rand + pkcs8 spkac smime rand engine PROGS= $(PROGRAM).c @@ -54,14 +57,14 @@ E_OBJ= verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o er rsa.o rsautl.o dsa.o dsaparam.o \ x509.o genrsa.o gendsa.o s_server.o s_client.o speed.o \ s_time.o $(A_OBJ) $(S_OBJ) $(RAND_OBJ) version.o sess_id.o \ - ciphers.o nseq.o pkcs12.o pkcs8.o spkac.o smime.o rand.o + ciphers.o nseq.o pkcs12.o pkcs8.o spkac.o smime.o rand.o engine.o E_SRC= verify.c asn1pars.c req.c dgst.c dh.c enc.c passwd.c gendh.c errstr.c ca.c \ pkcs7.c crl2p7.c crl.c \ rsa.c rsautl.c dsa.c dsaparam.c \ x509.c genrsa.c gendsa.c s_server.c s_client.c speed.c \ s_time.c $(A_SRC) $(S_SRC) $(RAND_SRC) version.c sess_id.c \ - ciphers.c nseq.c pkcs12.c pkcs8.c spkac.c smime.c rand.c + ciphers.c nseq.c pkcs12.c pkcs8.c spkac.c smime.c rand.c engine.c SRC=$(E_SRC) @@ -134,7 +137,7 @@ $(DLIBCRYPTO): $(PROGRAM): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL) $(RM) $(PROGRAM) - $(CC) -o $(PROGRAM) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBCRYPTO) $(EX_LIBS) + $(CC) -o $(PROGRAM) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) -(cd ..; OPENSSL="`pwd`/apps/openssl"; export OPENSSL; $(PERL) tools/c_rehash certs) progs.h: progs.pl @@ -150,19 +153,20 @@ app_rand.o: ../include/openssl/conf.h ../include/openssl/crypto.h app_rand.o: ../include/openssl/des.h ../include/openssl/dh.h app_rand.o: ../include/openssl/dsa.h ../include/openssl/e_os.h app_rand.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -app_rand.o: ../include/openssl/evp.h ../include/openssl/idea.h -app_rand.o: ../include/openssl/lhash.h ../include/openssl/md2.h -app_rand.o: ../include/openssl/md4.h ../include/openssl/md5.h -app_rand.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -app_rand.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -app_rand.o: ../include/openssl/opensslv.h ../include/openssl/pkcs7.h -app_rand.o: ../include/openssl/rand.h ../include/openssl/rc2.h -app_rand.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -app_rand.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -app_rand.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -app_rand.o: ../include/openssl/safestack.h ../include/openssl/sha.h -app_rand.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -app_rand.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h +app_rand.o: ../include/openssl/engine.h ../include/openssl/evp.h +app_rand.o: ../include/openssl/idea.h ../include/openssl/lhash.h +app_rand.o: ../include/openssl/md2.h ../include/openssl/md4.h +app_rand.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +app_rand.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +app_rand.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +app_rand.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +app_rand.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +app_rand.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +app_rand.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +app_rand.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +app_rand.o: ../include/openssl/sha.h ../include/openssl/stack.h +app_rand.o: ../include/openssl/symhacks.h ../include/openssl/x509.h +app_rand.o: ../include/openssl/x509_vfy.h apps.h apps.o: ../include/openssl/asn1.h ../include/openssl/bio.h apps.o: ../include/openssl/blowfish.h ../include/openssl/bn.h apps.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -170,16 +174,17 @@ apps.o: ../include/openssl/conf.h ../include/openssl/crypto.h apps.o: ../include/openssl/des.h ../include/openssl/dh.h apps.o: ../include/openssl/dsa.h ../include/openssl/e_os.h apps.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -apps.o: ../include/openssl/err.h ../include/openssl/evp.h -apps.o: ../include/openssl/idea.h ../include/openssl/lhash.h -apps.o: ../include/openssl/md2.h ../include/openssl/md4.h -apps.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -apps.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -apps.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -apps.o: ../include/openssl/pem.h ../include/openssl/pem2.h -apps.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h +apps.o: ../include/openssl/engine.h ../include/openssl/err.h +apps.o: ../include/openssl/evp.h ../include/openssl/idea.h +apps.o: ../include/openssl/lhash.h ../include/openssl/md2.h +apps.o: ../include/openssl/md4.h ../include/openssl/md5.h +apps.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +apps.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +apps.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +apps.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h +apps.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h apps.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -apps.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h +apps.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h apps.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h apps.o: ../include/openssl/rsa.h ../include/openssl/safestack.h apps.o: ../include/openssl/sha.h ../include/openssl/stack.h @@ -192,16 +197,17 @@ asn1pars.o: ../include/openssl/conf.h ../include/openssl/crypto.h asn1pars.o: ../include/openssl/des.h ../include/openssl/dh.h asn1pars.o: ../include/openssl/dsa.h ../include/openssl/e_os.h asn1pars.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -asn1pars.o: ../include/openssl/err.h ../include/openssl/evp.h -asn1pars.o: ../include/openssl/idea.h ../include/openssl/lhash.h -asn1pars.o: ../include/openssl/md2.h ../include/openssl/md4.h -asn1pars.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -asn1pars.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -asn1pars.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -asn1pars.o: ../include/openssl/pem.h ../include/openssl/pem2.h -asn1pars.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +asn1pars.o: ../include/openssl/engine.h ../include/openssl/err.h +asn1pars.o: ../include/openssl/evp.h ../include/openssl/idea.h +asn1pars.o: ../include/openssl/lhash.h ../include/openssl/md2.h +asn1pars.o: ../include/openssl/md4.h ../include/openssl/md5.h +asn1pars.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +asn1pars.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +asn1pars.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +asn1pars.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +asn1pars.o: ../include/openssl/rand.h ../include/openssl/rc2.h asn1pars.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -asn1pars.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +asn1pars.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h asn1pars.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h asn1pars.o: ../include/openssl/safestack.h ../include/openssl/sha.h asn1pars.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -222,7 +228,7 @@ ca.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h ca.o: ../include/openssl/pem.h ../include/openssl/pem2.h ca.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h ca.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -ca.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h +ca.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h ca.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h ca.o: ../include/openssl/rsa.h ../include/openssl/safestack.h ca.o: ../include/openssl/sha.h ../include/openssl/stack.h @@ -236,23 +242,25 @@ ciphers.o: ../include/openssl/comp.h ../include/openssl/conf.h ciphers.o: ../include/openssl/crypto.h ../include/openssl/des.h ciphers.o: ../include/openssl/dh.h ../include/openssl/dsa.h ciphers.o: ../include/openssl/e_os.h ../include/openssl/e_os.h -ciphers.o: ../include/openssl/e_os2.h ../include/openssl/err.h -ciphers.o: ../include/openssl/evp.h ../include/openssl/idea.h +ciphers.o: ../include/openssl/e_os2.h ../include/openssl/engine.h +ciphers.o: ../include/openssl/err.h ../include/openssl/evp.h +ciphers.o: ../include/openssl/idea.h ../include/openssl/kssl.h ciphers.o: ../include/openssl/lhash.h ../include/openssl/md2.h ciphers.o: ../include/openssl/md4.h ../include/openssl/md5.h ciphers.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h ciphers.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h ciphers.o: ../include/openssl/opensslv.h ../include/openssl/pem.h ciphers.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -ciphers.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -ciphers.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -ciphers.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -ciphers.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -ciphers.o: ../include/openssl/sha.h ../include/openssl/ssl.h -ciphers.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -ciphers.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -ciphers.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -ciphers.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h +ciphers.o: ../include/openssl/rand.h ../include/openssl/rc2.h +ciphers.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +ciphers.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +ciphers.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +ciphers.o: ../include/openssl/safestack.h ../include/openssl/sha.h +ciphers.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +ciphers.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +ciphers.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +ciphers.o: ../include/openssl/tls1.h ../include/openssl/x509.h +ciphers.o: ../include/openssl/x509_vfy.h apps.h crl.o: ../include/openssl/asn1.h ../include/openssl/bio.h crl.o: ../include/openssl/blowfish.h ../include/openssl/bn.h crl.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -260,16 +268,17 @@ crl.o: ../include/openssl/conf.h ../include/openssl/crypto.h crl.o: ../include/openssl/des.h ../include/openssl/dh.h crl.o: ../include/openssl/dsa.h ../include/openssl/e_os.h crl.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -crl.o: ../include/openssl/err.h ../include/openssl/evp.h -crl.o: ../include/openssl/idea.h ../include/openssl/lhash.h -crl.o: ../include/openssl/md2.h ../include/openssl/md4.h -crl.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -crl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -crl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -crl.o: ../include/openssl/pem.h ../include/openssl/pem2.h -crl.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +crl.o: ../include/openssl/engine.h ../include/openssl/err.h +crl.o: ../include/openssl/evp.h ../include/openssl/idea.h +crl.o: ../include/openssl/lhash.h ../include/openssl/md2.h +crl.o: ../include/openssl/md4.h ../include/openssl/md5.h +crl.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +crl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +crl.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +crl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +crl.o: ../include/openssl/rand.h ../include/openssl/rc2.h crl.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -crl.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +crl.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h crl.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h crl.o: ../include/openssl/safestack.h ../include/openssl/sha.h crl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -282,16 +291,17 @@ crl2p7.o: ../include/openssl/conf.h ../include/openssl/crypto.h crl2p7.o: ../include/openssl/des.h ../include/openssl/dh.h crl2p7.o: ../include/openssl/dsa.h ../include/openssl/e_os.h crl2p7.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -crl2p7.o: ../include/openssl/err.h ../include/openssl/evp.h -crl2p7.o: ../include/openssl/idea.h ../include/openssl/lhash.h -crl2p7.o: ../include/openssl/md2.h ../include/openssl/md4.h -crl2p7.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -crl2p7.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -crl2p7.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -crl2p7.o: ../include/openssl/pem.h ../include/openssl/pem2.h -crl2p7.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +crl2p7.o: ../include/openssl/engine.h ../include/openssl/err.h +crl2p7.o: ../include/openssl/evp.h ../include/openssl/idea.h +crl2p7.o: ../include/openssl/lhash.h ../include/openssl/md2.h +crl2p7.o: ../include/openssl/md4.h ../include/openssl/md5.h +crl2p7.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +crl2p7.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +crl2p7.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +crl2p7.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +crl2p7.o: ../include/openssl/rand.h ../include/openssl/rc2.h crl2p7.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -crl2p7.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +crl2p7.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h crl2p7.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h crl2p7.o: ../include/openssl/safestack.h ../include/openssl/sha.h crl2p7.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -313,7 +323,7 @@ dgst.o: ../include/openssl/opensslv.h ../include/openssl/pem.h dgst.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h dgst.o: ../include/openssl/rand.h ../include/openssl/rc2.h dgst.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -dgst.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +dgst.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h dgst.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h dgst.o: ../include/openssl/safestack.h ../include/openssl/sha.h dgst.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -334,7 +344,7 @@ dh.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h dh.o: ../include/openssl/pem.h ../include/openssl/pem2.h dh.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h dh.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -dh.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h +dh.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h dh.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h dh.o: ../include/openssl/rsa.h ../include/openssl/safestack.h dh.o: ../include/openssl/sha.h ../include/openssl/stack.h @@ -357,7 +367,7 @@ dsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h dsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h dsa.o: ../include/openssl/rand.h ../include/openssl/rc2.h dsa.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -dsa.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +dsa.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h dsa.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h dsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h dsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -379,7 +389,7 @@ dsaparam.o: ../include/openssl/opensslv.h ../include/openssl/pem.h dsaparam.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h dsaparam.o: ../include/openssl/rand.h ../include/openssl/rc2.h dsaparam.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -dsaparam.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +dsaparam.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h dsaparam.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h dsaparam.o: ../include/openssl/safestack.h ../include/openssl/sha.h dsaparam.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -401,11 +411,37 @@ enc.o: ../include/openssl/opensslv.h ../include/openssl/pem.h enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h enc.o: ../include/openssl/rand.h ../include/openssl/rc2.h enc.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -enc.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +enc.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h enc.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h +engine.o: ../include/openssl/asn1.h ../include/openssl/bio.h +engine.o: ../include/openssl/blowfish.h ../include/openssl/bn.h +engine.o: ../include/openssl/buffer.h ../include/openssl/cast.h +engine.o: ../include/openssl/comp.h ../include/openssl/conf.h +engine.o: ../include/openssl/crypto.h ../include/openssl/des.h +engine.o: ../include/openssl/dh.h ../include/openssl/dsa.h +engine.o: ../include/openssl/e_os.h ../include/openssl/e_os.h +engine.o: ../include/openssl/e_os2.h ../include/openssl/engine.h +engine.o: ../include/openssl/err.h ../include/openssl/evp.h +engine.o: ../include/openssl/idea.h ../include/openssl/kssl.h +engine.o: ../include/openssl/lhash.h ../include/openssl/md2.h +engine.o: ../include/openssl/md4.h ../include/openssl/md5.h +engine.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +engine.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +engine.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +engine.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +engine.o: ../include/openssl/rand.h ../include/openssl/rc2.h +engine.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +engine.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +engine.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +engine.o: ../include/openssl/safestack.h ../include/openssl/sha.h +engine.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +engine.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +engine.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +engine.o: ../include/openssl/tls1.h ../include/openssl/x509.h +engine.o: ../include/openssl/x509_vfy.h apps.h errstr.o: ../include/openssl/asn1.h ../include/openssl/bio.h errstr.o: ../include/openssl/blowfish.h ../include/openssl/bn.h errstr.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -413,23 +449,25 @@ errstr.o: ../include/openssl/comp.h ../include/openssl/conf.h errstr.o: ../include/openssl/crypto.h ../include/openssl/des.h errstr.o: ../include/openssl/dh.h ../include/openssl/dsa.h errstr.o: ../include/openssl/e_os.h ../include/openssl/e_os.h -errstr.o: ../include/openssl/e_os2.h ../include/openssl/err.h -errstr.o: ../include/openssl/evp.h ../include/openssl/idea.h +errstr.o: ../include/openssl/e_os2.h ../include/openssl/engine.h +errstr.o: ../include/openssl/err.h ../include/openssl/evp.h +errstr.o: ../include/openssl/idea.h ../include/openssl/kssl.h errstr.o: ../include/openssl/lhash.h ../include/openssl/md2.h errstr.o: ../include/openssl/md4.h ../include/openssl/md5.h errstr.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h errstr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h errstr.o: ../include/openssl/opensslv.h ../include/openssl/pem.h errstr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -errstr.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -errstr.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -errstr.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -errstr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -errstr.o: ../include/openssl/sha.h ../include/openssl/ssl.h -errstr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -errstr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -errstr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -errstr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h +errstr.o: ../include/openssl/rand.h ../include/openssl/rc2.h +errstr.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +errstr.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +errstr.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +errstr.o: ../include/openssl/safestack.h ../include/openssl/sha.h +errstr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +errstr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +errstr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +errstr.o: ../include/openssl/tls1.h ../include/openssl/x509.h +errstr.o: ../include/openssl/x509_vfy.h apps.h gendh.o: ../include/openssl/asn1.h ../include/openssl/bio.h gendh.o: ../include/openssl/blowfish.h ../include/openssl/bn.h gendh.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -447,7 +485,7 @@ gendh.o: ../include/openssl/opensslv.h ../include/openssl/pem.h gendh.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h gendh.o: ../include/openssl/rand.h ../include/openssl/rc2.h gendh.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -gendh.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +gendh.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h gendh.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h gendh.o: ../include/openssl/safestack.h ../include/openssl/sha.h gendh.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -469,7 +507,7 @@ gendsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h gendsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h gendsa.o: ../include/openssl/rand.h ../include/openssl/rc2.h gendsa.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -gendsa.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +gendsa.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h gendsa.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h gendsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h gendsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -491,7 +529,7 @@ genrsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h genrsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h genrsa.o: ../include/openssl/rand.h ../include/openssl/rc2.h genrsa.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -genrsa.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +genrsa.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h genrsa.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h genrsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h genrsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -503,16 +541,17 @@ nseq.o: ../include/openssl/conf.h ../include/openssl/crypto.h nseq.o: ../include/openssl/des.h ../include/openssl/dh.h nseq.o: ../include/openssl/dsa.h ../include/openssl/e_os.h nseq.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -nseq.o: ../include/openssl/err.h ../include/openssl/evp.h -nseq.o: ../include/openssl/idea.h ../include/openssl/lhash.h -nseq.o: ../include/openssl/md2.h ../include/openssl/md4.h -nseq.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -nseq.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -nseq.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -nseq.o: ../include/openssl/pem.h ../include/openssl/pem2.h -nseq.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +nseq.o: ../include/openssl/engine.h ../include/openssl/err.h +nseq.o: ../include/openssl/evp.h ../include/openssl/idea.h +nseq.o: ../include/openssl/lhash.h ../include/openssl/md2.h +nseq.o: ../include/openssl/md4.h ../include/openssl/md5.h +nseq.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +nseq.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +nseq.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +nseq.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +nseq.o: ../include/openssl/rand.h ../include/openssl/rc2.h nseq.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -nseq.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +nseq.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h nseq.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h nseq.o: ../include/openssl/safestack.h ../include/openssl/sha.h nseq.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -524,24 +563,25 @@ openssl.o: ../include/openssl/comp.h ../include/openssl/conf.h openssl.o: ../include/openssl/crypto.h ../include/openssl/des.h openssl.o: ../include/openssl/dh.h ../include/openssl/dsa.h openssl.o: ../include/openssl/e_os.h ../include/openssl/e_os.h -openssl.o: ../include/openssl/e_os2.h ../include/openssl/err.h -openssl.o: ../include/openssl/evp.h ../include/openssl/idea.h +openssl.o: ../include/openssl/e_os2.h ../include/openssl/engine.h +openssl.o: ../include/openssl/err.h ../include/openssl/evp.h +openssl.o: ../include/openssl/idea.h ../include/openssl/kssl.h openssl.o: ../include/openssl/lhash.h ../include/openssl/md2.h openssl.o: ../include/openssl/md4.h ../include/openssl/md5.h openssl.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h openssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h openssl.o: ../include/openssl/opensslv.h ../include/openssl/pem.h openssl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -openssl.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -openssl.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -openssl.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -openssl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -openssl.o: ../include/openssl/sha.h ../include/openssl/ssl.h -openssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -openssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -openssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -openssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -openssl.o: progs.h s_apps.h +openssl.o: ../include/openssl/rand.h ../include/openssl/rc2.h +openssl.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +openssl.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +openssl.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +openssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h +openssl.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +openssl.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +openssl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +openssl.o: ../include/openssl/tls1.h ../include/openssl/x509.h +openssl.o: ../include/openssl/x509_vfy.h apps.h progs.h s_apps.h passwd.o: ../include/openssl/asn1.h ../include/openssl/bio.h passwd.o: ../include/openssl/blowfish.h ../include/openssl/bn.h passwd.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -549,20 +589,20 @@ passwd.o: ../include/openssl/conf.h ../include/openssl/crypto.h passwd.o: ../include/openssl/des.h ../include/openssl/dh.h passwd.o: ../include/openssl/dsa.h ../include/openssl/e_os.h passwd.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -passwd.o: ../include/openssl/err.h ../include/openssl/evp.h -passwd.o: ../include/openssl/idea.h ../include/openssl/lhash.h -passwd.o: ../include/openssl/md2.h ../include/openssl/md4.h -passwd.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -passwd.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -passwd.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -passwd.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -passwd.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -passwd.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -passwd.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -passwd.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -passwd.o: ../include/openssl/sha.h ../include/openssl/stack.h -passwd.o: ../include/openssl/symhacks.h ../include/openssl/x509.h -passwd.o: ../include/openssl/x509_vfy.h apps.h +passwd.o: ../include/openssl/engine.h ../include/openssl/err.h +passwd.o: ../include/openssl/evp.h ../include/openssl/idea.h +passwd.o: ../include/openssl/lhash.h ../include/openssl/md2.h +passwd.o: ../include/openssl/md4.h ../include/openssl/md5.h +passwd.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +passwd.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +passwd.o: ../include/openssl/opensslv.h ../include/openssl/pkcs7.h +passwd.o: ../include/openssl/rand.h ../include/openssl/rc2.h +passwd.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +passwd.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +passwd.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +passwd.o: ../include/openssl/safestack.h ../include/openssl/sha.h +passwd.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +passwd.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h pkcs12.o: ../include/openssl/asn1.h ../include/openssl/bio.h pkcs12.o: ../include/openssl/blowfish.h ../include/openssl/bn.h pkcs12.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -580,7 +620,7 @@ pkcs12.o: ../include/openssl/opensslv.h ../include/openssl/pem.h pkcs12.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h pkcs12.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h pkcs12.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -pkcs12.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h +pkcs12.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h pkcs12.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h pkcs12.o: ../include/openssl/rsa.h ../include/openssl/safestack.h pkcs12.o: ../include/openssl/sha.h ../include/openssl/stack.h @@ -603,7 +643,7 @@ pkcs7.o: ../include/openssl/opensslv.h ../include/openssl/pem.h pkcs7.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h pkcs7.o: ../include/openssl/rand.h ../include/openssl/rc2.h pkcs7.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -pkcs7.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +pkcs7.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h pkcs7.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h pkcs7.o: ../include/openssl/safestack.h ../include/openssl/sha.h pkcs7.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -625,7 +665,7 @@ pkcs8.o: ../include/openssl/opensslv.h ../include/openssl/pem.h pkcs8.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h pkcs8.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h pkcs8.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -pkcs8.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h +pkcs8.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h pkcs8.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h pkcs8.o: ../include/openssl/rsa.h ../include/openssl/safestack.h pkcs8.o: ../include/openssl/sha.h ../include/openssl/stack.h @@ -647,7 +687,7 @@ rand.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h rand.o: ../include/openssl/opensslv.h ../include/openssl/pkcs7.h rand.o: ../include/openssl/rand.h ../include/openssl/rc2.h rand.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -rand.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +rand.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h rand.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h rand.o: ../include/openssl/safestack.h ../include/openssl/sha.h rand.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -669,7 +709,7 @@ req.o: ../include/openssl/opensslv.h ../include/openssl/pem.h req.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h req.o: ../include/openssl/rand.h ../include/openssl/rc2.h req.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -req.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +req.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h req.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h req.o: ../include/openssl/safestack.h ../include/openssl/sha.h req.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -692,7 +732,7 @@ rsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h rsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h rsa.o: ../include/openssl/rand.h ../include/openssl/rc2.h rsa.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -rsa.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +rsa.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h rsa.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h rsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h rsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -704,16 +744,17 @@ rsautl.o: ../include/openssl/conf.h ../include/openssl/crypto.h rsautl.o: ../include/openssl/des.h ../include/openssl/dh.h rsautl.o: ../include/openssl/dsa.h ../include/openssl/e_os.h rsautl.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -rsautl.o: ../include/openssl/err.h ../include/openssl/evp.h -rsautl.o: ../include/openssl/idea.h ../include/openssl/lhash.h -rsautl.o: ../include/openssl/md2.h ../include/openssl/md4.h -rsautl.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -rsautl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -rsautl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -rsautl.o: ../include/openssl/pem.h ../include/openssl/pem2.h -rsautl.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +rsautl.o: ../include/openssl/engine.h ../include/openssl/err.h +rsautl.o: ../include/openssl/evp.h ../include/openssl/idea.h +rsautl.o: ../include/openssl/lhash.h ../include/openssl/md2.h +rsautl.o: ../include/openssl/md4.h ../include/openssl/md5.h +rsautl.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +rsautl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +rsautl.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +rsautl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +rsautl.o: ../include/openssl/rand.h ../include/openssl/rc2.h rsautl.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -rsautl.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +rsautl.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h rsautl.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h rsautl.o: ../include/openssl/safestack.h ../include/openssl/sha.h rsautl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -725,23 +766,25 @@ s_cb.o: ../include/openssl/comp.h ../include/openssl/conf.h s_cb.o: ../include/openssl/crypto.h ../include/openssl/des.h s_cb.o: ../include/openssl/dh.h ../include/openssl/dsa.h s_cb.o: ../include/openssl/e_os.h ../include/openssl/e_os.h -s_cb.o: ../include/openssl/e_os2.h ../include/openssl/err.h -s_cb.o: ../include/openssl/evp.h ../include/openssl/idea.h +s_cb.o: ../include/openssl/e_os2.h ../include/openssl/engine.h +s_cb.o: ../include/openssl/err.h ../include/openssl/evp.h +s_cb.o: ../include/openssl/idea.h ../include/openssl/kssl.h s_cb.o: ../include/openssl/lhash.h ../include/openssl/md2.h s_cb.o: ../include/openssl/md4.h ../include/openssl/md5.h s_cb.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h s_cb.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h s_cb.o: ../include/openssl/opensslv.h ../include/openssl/pem.h s_cb.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s_cb.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s_cb.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s_cb.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s_cb.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s_cb.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s_cb.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s_cb.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s_cb.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s_cb.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h s_apps.h +s_cb.o: ../include/openssl/rand.h ../include/openssl/rc2.h +s_cb.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s_cb.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s_cb.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s_cb.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s_cb.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s_cb.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s_cb.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s_cb.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s_cb.o: ../include/openssl/x509_vfy.h apps.h s_apps.h s_client.o: ../include/openssl/asn1.h ../include/openssl/bio.h s_client.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s_client.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -751,23 +794,23 @@ s_client.o: ../include/openssl/dh.h ../include/openssl/dsa.h s_client.o: ../include/openssl/e_os.h ../include/openssl/e_os.h s_client.o: ../include/openssl/e_os2.h ../include/openssl/engine.h s_client.o: ../include/openssl/err.h ../include/openssl/evp.h -s_client.o: ../include/openssl/idea.h ../include/openssl/lhash.h -s_client.o: ../include/openssl/md2.h ../include/openssl/md4.h -s_client.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -s_client.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -s_client.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -s_client.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s_client.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -s_client.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s_client.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s_client.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s_client.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s_client.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s_client.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s_client.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s_client.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s_client.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -s_client.o: s_apps.h +s_client.o: ../include/openssl/idea.h ../include/openssl/kssl.h +s_client.o: ../include/openssl/lhash.h ../include/openssl/md2.h +s_client.o: ../include/openssl/md4.h ../include/openssl/md5.h +s_client.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +s_client.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +s_client.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +s_client.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s_client.o: ../include/openssl/rand.h ../include/openssl/rc2.h +s_client.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s_client.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s_client.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s_client.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s_client.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s_client.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s_client.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s_client.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s_client.o: ../include/openssl/x509_vfy.h apps.h s_apps.h s_server.o: ../include/openssl/asn1.h ../include/openssl/bio.h s_server.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s_server.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -777,23 +820,23 @@ s_server.o: ../include/openssl/dh.h ../include/openssl/dsa.h s_server.o: ../include/openssl/e_os.h ../include/openssl/e_os.h s_server.o: ../include/openssl/e_os2.h ../include/openssl/engine.h s_server.o: ../include/openssl/err.h ../include/openssl/evp.h -s_server.o: ../include/openssl/idea.h ../include/openssl/lhash.h -s_server.o: ../include/openssl/md2.h ../include/openssl/md4.h -s_server.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -s_server.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -s_server.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -s_server.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s_server.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -s_server.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s_server.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s_server.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s_server.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s_server.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s_server.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s_server.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s_server.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s_server.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -s_server.o: s_apps.h +s_server.o: ../include/openssl/idea.h ../include/openssl/kssl.h +s_server.o: ../include/openssl/lhash.h ../include/openssl/md2.h +s_server.o: ../include/openssl/md4.h ../include/openssl/md5.h +s_server.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +s_server.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +s_server.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +s_server.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s_server.o: ../include/openssl/rand.h ../include/openssl/rc2.h +s_server.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s_server.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s_server.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s_server.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s_server.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s_server.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s_server.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s_server.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s_server.o: ../include/openssl/x509_vfy.h apps.h s_apps.h s_socket.o: ../include/openssl/asn1.h ../include/openssl/bio.h s_socket.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s_socket.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -801,23 +844,25 @@ s_socket.o: ../include/openssl/comp.h ../include/openssl/conf.h s_socket.o: ../include/openssl/crypto.h ../include/openssl/des.h s_socket.o: ../include/openssl/dh.h ../include/openssl/dsa.h s_socket.o: ../include/openssl/e_os.h ../include/openssl/e_os.h -s_socket.o: ../include/openssl/e_os2.h ../include/openssl/evp.h -s_socket.o: ../include/openssl/idea.h ../include/openssl/lhash.h +s_socket.o: ../include/openssl/e_os2.h ../include/openssl/engine.h +s_socket.o: ../include/openssl/evp.h ../include/openssl/idea.h +s_socket.o: ../include/openssl/kssl.h ../include/openssl/lhash.h s_socket.o: ../include/openssl/md2.h ../include/openssl/md4.h s_socket.o: ../include/openssl/md5.h ../include/openssl/mdc2.h s_socket.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h s_socket.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h s_socket.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s_socket.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -s_socket.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -s_socket.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -s_socket.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -s_socket.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s_socket.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s_socket.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s_socket.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -s_socket.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s_socket.o: ../include/openssl/x509_vfy.h apps.h s_apps.h +s_socket.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +s_socket.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +s_socket.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +s_socket.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +s_socket.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +s_socket.o: ../include/openssl/sha.h ../include/openssl/ssl.h +s_socket.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +s_socket.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s_socket.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +s_socket.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h +s_socket.o: s_apps.h s_time.o: ../include/openssl/asn1.h ../include/openssl/bio.h s_time.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s_time.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -825,24 +870,25 @@ s_time.o: ../include/openssl/comp.h ../include/openssl/conf.h s_time.o: ../include/openssl/crypto.h ../include/openssl/des.h s_time.o: ../include/openssl/dh.h ../include/openssl/dsa.h s_time.o: ../include/openssl/e_os.h ../include/openssl/e_os.h -s_time.o: ../include/openssl/e_os2.h ../include/openssl/err.h -s_time.o: ../include/openssl/evp.h ../include/openssl/idea.h +s_time.o: ../include/openssl/e_os2.h ../include/openssl/engine.h +s_time.o: ../include/openssl/err.h ../include/openssl/evp.h +s_time.o: ../include/openssl/idea.h ../include/openssl/kssl.h s_time.o: ../include/openssl/lhash.h ../include/openssl/md2.h s_time.o: ../include/openssl/md4.h ../include/openssl/md5.h s_time.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h s_time.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h s_time.o: ../include/openssl/opensslv.h ../include/openssl/pem.h s_time.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s_time.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s_time.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s_time.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s_time.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s_time.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s_time.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s_time.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s_time.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s_time.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -s_time.o: s_apps.h +s_time.o: ../include/openssl/rand.h ../include/openssl/rc2.h +s_time.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s_time.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s_time.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s_time.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s_time.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s_time.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s_time.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s_time.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s_time.o: ../include/openssl/x509_vfy.h apps.h s_apps.h sess_id.o: ../include/openssl/asn1.h ../include/openssl/bio.h sess_id.o: ../include/openssl/blowfish.h ../include/openssl/bn.h sess_id.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -850,23 +896,25 @@ sess_id.o: ../include/openssl/comp.h ../include/openssl/conf.h sess_id.o: ../include/openssl/crypto.h ../include/openssl/des.h sess_id.o: ../include/openssl/dh.h ../include/openssl/dsa.h sess_id.o: ../include/openssl/e_os.h ../include/openssl/e_os.h -sess_id.o: ../include/openssl/e_os2.h ../include/openssl/err.h -sess_id.o: ../include/openssl/evp.h ../include/openssl/idea.h +sess_id.o: ../include/openssl/e_os2.h ../include/openssl/engine.h +sess_id.o: ../include/openssl/err.h ../include/openssl/evp.h +sess_id.o: ../include/openssl/idea.h ../include/openssl/kssl.h sess_id.o: ../include/openssl/lhash.h ../include/openssl/md2.h sess_id.o: ../include/openssl/md4.h ../include/openssl/md5.h sess_id.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h sess_id.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h sess_id.o: ../include/openssl/opensslv.h ../include/openssl/pem.h sess_id.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -sess_id.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -sess_id.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -sess_id.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -sess_id.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -sess_id.o: ../include/openssl/sha.h ../include/openssl/ssl.h -sess_id.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -sess_id.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -sess_id.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -sess_id.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h +sess_id.o: ../include/openssl/rand.h ../include/openssl/rc2.h +sess_id.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +sess_id.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +sess_id.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +sess_id.o: ../include/openssl/safestack.h ../include/openssl/sha.h +sess_id.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +sess_id.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +sess_id.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +sess_id.o: ../include/openssl/tls1.h ../include/openssl/x509.h +sess_id.o: ../include/openssl/x509_vfy.h apps.h smime.o: ../include/openssl/asn1.h ../include/openssl/bio.h smime.o: ../include/openssl/blowfish.h ../include/openssl/bn.h smime.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -884,7 +932,7 @@ smime.o: ../include/openssl/opensslv.h ../include/openssl/pem.h smime.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h smime.o: ../include/openssl/rand.h ../include/openssl/rc2.h smime.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -smime.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +smime.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h smime.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h smime.o: ../include/openssl/safestack.h ../include/openssl/sha.h smime.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -905,7 +953,7 @@ speed.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h speed.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h speed.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h speed.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -speed.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h +speed.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h speed.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h speed.o: ../include/openssl/rsa.h ../include/openssl/safestack.h speed.o: ../include/openssl/sha.h ../include/openssl/stack.h @@ -928,7 +976,7 @@ spkac.o: ../include/openssl/opensslv.h ../include/openssl/pem.h spkac.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h spkac.o: ../include/openssl/rand.h ../include/openssl/rc2.h spkac.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -spkac.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +spkac.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h spkac.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h spkac.o: ../include/openssl/safestack.h ../include/openssl/sha.h spkac.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -950,7 +998,7 @@ verify.o: ../include/openssl/opensslv.h ../include/openssl/pem.h verify.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h verify.o: ../include/openssl/rand.h ../include/openssl/rc2.h verify.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -verify.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +verify.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h verify.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h verify.o: ../include/openssl/safestack.h ../include/openssl/sha.h verify.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -963,14 +1011,15 @@ version.o: ../include/openssl/conf.h ../include/openssl/crypto.h version.o: ../include/openssl/des.h ../include/openssl/dh.h version.o: ../include/openssl/dsa.h ../include/openssl/e_os.h version.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -version.o: ../include/openssl/evp.h ../include/openssl/idea.h -version.o: ../include/openssl/lhash.h ../include/openssl/md2.h -version.o: ../include/openssl/md4.h ../include/openssl/md5.h -version.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -version.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -version.o: ../include/openssl/opensslv.h ../include/openssl/pkcs7.h +version.o: ../include/openssl/engine.h ../include/openssl/evp.h +version.o: ../include/openssl/idea.h ../include/openssl/lhash.h +version.o: ../include/openssl/md2.h ../include/openssl/md4.h +version.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +version.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +version.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +version.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h version.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -version.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h +version.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h version.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h version.o: ../include/openssl/rsa.h ../include/openssl/safestack.h version.o: ../include/openssl/sha.h ../include/openssl/stack.h @@ -993,7 +1042,7 @@ x509.o: ../include/openssl/opensslv.h ../include/openssl/pem.h x509.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h x509.o: ../include/openssl/rand.h ../include/openssl/rc2.h x509.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -x509.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +x509.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h x509.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h x509.o: ../include/openssl/safestack.h ../include/openssl/sha.h x509.o: ../include/openssl/stack.h ../include/openssl/symhacks.h diff --git a/apps/apps.c b/apps/apps.c index 0190d71ee2..a04f871d0a 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -553,7 +553,7 @@ end: return(x); } -EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass) +EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass, ENGINE *e) { BIO *key=NULL; EVP_PKEY *pkey=NULL; @@ -563,6 +563,14 @@ EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass) BIO_printf(err,"no keyfile specified\n"); goto end; } + if (format == FORMAT_ENGINE) + { + if (!e) + BIO_printf(bio_err,"no engine specified\n"); + else + pkey = ENGINE_load_private_key(e, file, pass); + goto end; + } key=BIO_new(BIO_s_file()); if (key == NULL) { @@ -602,7 +610,7 @@ EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass) return(pkey); } -EVP_PKEY *load_pubkey(BIO *err, char *file, int format) +EVP_PKEY *load_pubkey(BIO *err, char *file, int format, ENGINE *e) { BIO *key=NULL; EVP_PKEY *pkey=NULL; @@ -612,6 +620,14 @@ EVP_PKEY *load_pubkey(BIO *err, char *file, int format) BIO_printf(err,"no keyfile specified\n"); goto end; } + if (format == FORMAT_ENGINE) + { + if (!e) + BIO_printf(bio_err,"no engine specified\n"); + else + pkey = ENGINE_load_public_key(e, file, NULL); + goto end; + } key=BIO_new(BIO_s_file()); if (key == NULL) { diff --git a/apps/apps.h b/apps/apps.h index 7a834f9d89..11133cb1d2 100644 --- a/apps/apps.h +++ b/apps/apps.h @@ -67,6 +67,7 @@ #include <openssl/x509.h> #include <openssl/lhash.h> #include <openssl/conf.h> +#include <openssl/engine.h> int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn); int app_RAND_write_file(const char *file, BIO *bio_e); @@ -121,14 +122,16 @@ extern BIO *bio_err; # ifdef _O_BINARY # define apps_startup() \ _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \ - SSLeay_add_all_algorithms() + SSLeay_add_all_algorithms(); ENGINE_load_builtin_engines() # else # define apps_startup() \ _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \ - SSLeay_add_all_algorithms() + SSLeay_add_all_algorithms(); ENGINE_load_builtin_engines() # endif # else -# define apps_startup() do_pipe_sig(); SSLeay_add_all_algorithms(); +# define apps_startup() \ + do_pipe_sig(); SSLeay_add_all_algorithms(); \ + ENGINE_load_builtin_engines() # endif #endif @@ -152,8 +155,8 @@ int set_name_ex(unsigned long *flags, const char *arg); int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2); int add_oid_section(BIO *err, LHASH *conf); X509 *load_cert(BIO *err, char *file, int format); -EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass); -EVP_PKEY *load_pubkey(BIO *err, char *file, int format); +EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass, ENGINE *e); +EVP_PKEY *load_pubkey(BIO *err, char *file, int format, ENGINE *e); STACK_OF(X509) *load_certs(BIO *err, char *file, int format); #define FORMAT_UNDEF 0 @@ -153,7 +153,8 @@ static char *ca_usage[]={ " -days arg - number of days to certify the certificate for\n", " -md arg - md to use, one of md2, md5, sha or sha1\n", " -policy arg - The CA 'policy' to support\n", -" -keyfile arg - PEM private key file\n", +" -keyfile arg - private key file\n", +" -keyform arg - private key file format (PEM or ENGINE)\n", " -key arg - key to decode the private key if it is encrypted\n", " -cert file - The CA certificate\n", " -in file - The input PEM encoded certificate request(s)\n", @@ -179,11 +180,11 @@ extern int EF_ALIGNMENT; #endif static void lookup_fail(char *name,char *tag); -static unsigned long index_serial_hash(char **a); -static int index_serial_cmp(char **a, char **b); -static unsigned long index_name_hash(char **a); +static unsigned long index_serial_hash(const char **a); +static int index_serial_cmp(const char **a, const char **b); +static unsigned long index_name_hash(const char **a); static int index_name_qual(char **a); -static int index_name_cmp(char **a,char **b); +static int index_name_cmp(const char **a,const char **b); static BIGNUM *load_serial(char *serialfile); static int save_serial(char *serialfile, BIGNUM *serial); static int certify(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509, @@ -214,6 +215,12 @@ static char *section=NULL; static int preserve=0; static int msie_hack=0; +static IMPLEMENT_LHASH_HASH_FN(index_serial_hash,const char **) +static IMPLEMENT_LHASH_COMP_FN(index_serial_cmp,const char **) +static IMPLEMENT_LHASH_HASH_FN(index_name_hash,const char **) +static IMPLEMENT_LHASH_COMP_FN(index_name_cmp,const char **) + + int MAIN(int, char **); int MAIN(int argc, char **argv) @@ -236,6 +243,7 @@ int MAIN(int argc, char **argv) char *policy=NULL; char *keyfile=NULL; char *certfile=NULL; + int keyform=FORMAT_PEM; char *infile=NULL; char *spkac_file=NULL; char *ss_cert_file=NULL; @@ -337,6 +345,11 @@ EF_ALIGNMENT=0; if (--argc < 1) goto bad; keyfile= *(++argv); } + else if (strcmp(*argv,"-keyform") == 0) + { + if (--argc < 1) goto bad; + keyform=str2fmt(*(++argv)); + } else if (strcmp(*argv,"-passin") == 0) { if (--argc < 1) goto bad; @@ -563,14 +576,31 @@ bad: BIO_printf(bio_err,"Error getting password\n"); goto err; } - if (BIO_read_filename(in,keyfile) <= 0) + if (keyform == FORMAT_ENGINE) { - perror(keyfile); - BIO_printf(bio_err,"trying to load CA private key\n"); - goto err; + if (!e) + { + BIO_printf(bio_err,"no engine specified\n"); + goto err; + } + pkey = ENGINE_load_private_key(e, keyfile, key); } + else if (keyform == FORMAT_PEM) + { + if (BIO_read_filename(in,keyfile) <= 0) + { + perror(keyfile); + BIO_printf(bio_err,"trying to load CA private key\n"); + goto err; + } pkey=PEM_read_bio_PrivateKey(in,NULL,NULL,key); - if(key) memset(key,0,strlen(key)); + } + else + { + BIO_printf(bio_err,"bad input format specified for key file\n"); + goto err; + } + if(key) memset(key,0,strlen(key)); if (pkey == NULL) { BIO_printf(bio_err,"unable to load CA private key\n"); @@ -729,15 +759,17 @@ bad: BIO_printf(bio_err,"generating index\n"); } - if (!TXT_DB_create_index(db,DB_serial,NULL,index_serial_hash, - index_serial_cmp)) + if (!TXT_DB_create_index(db, DB_serial, NULL, + LHASH_HASH_FN(index_serial_hash), + LHASH_COMP_FN(index_serial_cmp))) { BIO_printf(bio_err,"error creating serial number index:(%ld,%ld,%ld)\n",db->error,db->arg1,db->arg2); goto err; } - if (!TXT_DB_create_index(db,DB_name,index_name_qual,index_name_hash, - index_name_cmp)) + if (!TXT_DB_create_index(db, DB_name, index_name_qual, + LHASH_HASH_FN(index_name_hash), + LHASH_COMP_FN(index_name_cmp))) { BIO_printf(bio_err,"error creating name index:(%ld,%ld,%ld)\n", db->error,db->arg1,db->arg2); @@ -1302,31 +1334,31 @@ static void lookup_fail(char *name, char *tag) BIO_printf(bio_err,"variable lookup failed for %s::%s\n",name,tag); } -static unsigned long index_serial_hash(char **a) +static unsigned long index_serial_hash(const char **a) { - char *n; + const char *n; n=a[DB_serial]; while (*n == '0') n++; return(lh_strhash(n)); } -static int index_serial_cmp(char **a, char **b) +static int index_serial_cmp(const char **a, const char **b) { - char *aa,*bb; + const char *aa,*bb; for (aa=a[DB_serial]; *aa == '0'; aa++); for (bb=b[DB_serial]; *bb == '0'; bb++); return(strcmp(aa,bb)); } -static unsigned long index_name_hash(char **a) +static unsigned long index_name_hash(const char **a) { return(lh_strhash(a[DB_name])); } static int index_name_qual(char **a) { return(a[0][0] == 'V'); } -static int index_name_cmp(char **a, char **b) +static int index_name_cmp(const char **a, const char **b) { return(strcmp(a[DB_name], b[DB_name])); } @@ -2227,7 +2259,7 @@ static int do_revoke(X509 *x509, TXT_DB *db) goto err; } - else if (index_name_cmp(row,rrow)) + else if (index_name_cmp((const char **)row,(const char **)rrow)) { BIO_printf(bio_err,"ERROR:name does not match %s\n", row[DB_name]); diff --git a/apps/dgst.c b/apps/dgst.c index ab3e2dbb02..4f1660c2a6 100644 --- a/apps/dgst.c +++ b/apps/dgst.c @@ -74,7 +74,7 @@ #undef PROG #define PROG dgst_main -void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, char binout, +void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout, EVP_PKEY *key, unsigned char *sigin, int siglen); int MAIN(int, char **); @@ -93,9 +93,10 @@ int MAIN(int argc, char **argv) char pname[PROG_NAME_SIZE]; int separator=0; int debug=0; + int keyform=FORMAT_PEM; const char *outfile = NULL, *keyfile = NULL; const char *sigfile = NULL, *randfile = NULL; - char out_bin = -1, want_pub = 0, do_verify = 0; + int out_bin = -1, want_pub = 0, do_verify = 0; EVP_PKEY *sigkey = NULL; unsigned char *sigbuf = NULL; int siglen = 0; @@ -157,6 +158,11 @@ int MAIN(int argc, char **argv) if (--argc < 1) break; sigfile=*(++argv); } + else if (strcmp(*argv,"-keyform") == 0) + { + if (--argc < 1) break; + keyform=str2fmt(*(++argv)); + } else if (strcmp(*argv,"-engine") == 0) { if (--argc < 1) break; @@ -196,6 +202,7 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err,"-sign file sign digest using private key in file\n"); BIO_printf(bio_err,"-verify file verify a signature using public key in file\n"); BIO_printf(bio_err,"-prverify file verify a signature using private key in file\n"); + BIO_printf(bio_err,"-keyform arg key file format (PEM or ENGINE)\n"); BIO_printf(bio_err,"-signature file signature to verify\n"); BIO_printf(bio_err,"-binary output in binary form\n"); BIO_printf(bio_err,"-engine e use engine e, possibly a hardware device.\n"); @@ -280,20 +287,47 @@ int MAIN(int argc, char **argv) goto end; } - if(keyfile) { - BIO *keybio; - keybio = BIO_new_file(keyfile, "r"); - if(!keybio) { - BIO_printf(bio_err, "Error opening key file %s\n", - keyfile); - ERR_print_errors(bio_err); + if(keyfile) + { + if (keyform == FORMAT_PEM) + { + BIO *keybio; + keybio = BIO_new_file(keyfile, "r"); + if(!keybio) + { + BIO_printf(bio_err, + "Error opening key file %s\n", + keyfile); + ERR_print_errors(bio_err); + goto end; + } + if(want_pub) + sigkey = PEM_read_bio_PUBKEY(keybio, + NULL, NULL, NULL); + else + sigkey = PEM_read_bio_PrivateKey(keybio, + NULL, NULL, NULL); + BIO_free(keybio); + } + else if (keyform == FORMAT_ENGINE) + { + if (!e) + { + BIO_printf(bio_err,"no engine specified\n"); + goto end; + } + if (want_pub) + sigkey = ENGINE_load_public_key(e, keyfile, NULL); + else + sigkey = ENGINE_load_private_key(e, keyfile, NULL); + } + else + { + BIO_printf(bio_err, + "bad input format specified for key file\n"); goto end; - } + } - if(want_pub) - sigkey = PEM_read_bio_PUBKEY(keybio, NULL, NULL, NULL); - else sigkey = PEM_read_bio_PrivateKey(keybio, NULL, NULL, NULL); - BIO_free(keybio); if(!sigkey) { BIO_printf(bio_err, "Error reading key file %s\n", keyfile); @@ -365,7 +399,7 @@ end: EXIT(err); } -void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, char binout, +void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout, EVP_PKEY *key, unsigned char *sigin, int siglen) { int len; diff --git a/apps/enc.c b/apps/enc.c index 84179f57a0..f43bb029a9 100644 --- a/apps/enc.c +++ b/apps/enc.c @@ -71,6 +71,7 @@ #endif #include <openssl/pem.h> #include <openssl/engine.h> +#include <ctype.h> int set_hex(char *in,unsigned char *out,int size); #undef SIZE @@ -81,6 +82,24 @@ int set_hex(char *in,unsigned char *out,int size); #define BSIZE (8*1024) #define PROG enc_main +void show_ciphers(const OBJ_NAME *name,void *bio_) + { + BIO *bio=bio_; + static int n; + + if(!islower(*name->name)) + return; + + BIO_printf(bio,"-%-25s",name->name); + if(++n == 3) + { + BIO_printf(bio,"\n"); + n=0; + } + else + BIO_printf(bio," "); + } + int MAIN(int, char **); int MAIN(int argc, char **argv) @@ -92,7 +111,7 @@ int MAIN(int argc, char **argv) unsigned char *buff=NULL,*bufsize=NULL; int bsize=BSIZE,verbose=0; int ret=1,inl; - unsigned char key[24],iv[MD5_DIGEST_LENGTH]; + unsigned char key[EVP_MAX_KEY_LENGTH],iv[EVP_MAX_IV_LENGTH]; unsigned char salt[PKCS5_SALT_LEN]; char *str=NULL, *passarg = NULL, *pass = NULL; char *hkey=NULL,*hiv=NULL,*hsalt = NULL; @@ -252,76 +271,11 @@ bad: BIO_printf(bio_err,"%-14s use engine e, possibly a hardware device.\n","-engine e"); BIO_printf(bio_err,"Cipher Types\n"); - BIO_printf(bio_err,"des : 56 bit key DES encryption\n"); - BIO_printf(bio_err,"des_ede :112 bit key ede DES encryption\n"); - BIO_printf(bio_err,"des_ede3:168 bit key ede DES encryption\n"); -#ifndef NO_IDEA - BIO_printf(bio_err,"idea :128 bit key IDEA encryption\n"); -#endif -#ifndef NO_RC4 - BIO_printf(bio_err,"rc2 :128 bit key RC2 encryption\n"); -#endif -#ifndef NO_BF - BIO_printf(bio_err,"bf :128 bit key Blowfish encryption\n"); -#endif -#ifndef NO_RC4 - BIO_printf(bio_err," -%-5s :128 bit key RC4 encryption\n", - LN_rc4); -#endif + OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, + show_ciphers, + bio_err); + BIO_printf(bio_err,"\n"); - BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s", - LN_des_ecb,LN_des_cbc, - LN_des_cfb64,LN_des_ofb64); - BIO_printf(bio_err," -%-4s (%s)\n", - "des", LN_des_cbc); - - BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s", - LN_des_ede,LN_des_ede_cbc, - LN_des_ede_cfb64,LN_des_ede_ofb64); - BIO_printf(bio_err," -desx -none\n"); - - - BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s", - LN_des_ede3,LN_des_ede3_cbc, - LN_des_ede3_cfb64,LN_des_ede3_ofb64); - BIO_printf(bio_err," -%-4s (%s)\n", - "des3", LN_des_ede3_cbc); - -#ifndef NO_IDEA - BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s", - LN_idea_ecb, LN_idea_cbc, - LN_idea_cfb64, LN_idea_ofb64); - BIO_printf(bio_err," -%-4s (%s)\n","idea",LN_idea_cbc); -#endif -#ifndef NO_RC2 - BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s", - LN_rc2_ecb, LN_rc2_cbc, - LN_rc2_cfb64, LN_rc2_ofb64); - BIO_printf(bio_err," -%-4s (%s)\n","rc2", LN_rc2_cbc); -#endif -#ifndef NO_BF - BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s", - LN_bf_ecb, LN_bf_cbc, - LN_bf_cfb64, LN_bf_ofb64); - BIO_printf(bio_err," -%-4s (%s)\n","bf", LN_bf_cbc); -#endif -#ifndef NO_CAST - BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s", - LN_cast5_ecb, LN_cast5_cbc, - LN_cast5_cfb64, LN_cast5_ofb64); - BIO_printf(bio_err," -%-4s (%s)\n","cast", LN_cast5_cbc); -#endif -#ifndef NO_RC5 - BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s", - LN_rc5_ecb, LN_rc5_cbc, - LN_rc5_cfb64, LN_rc5_ofb64); - BIO_printf(bio_err," -%-4s (%s)\n","rc5", LN_rc5_cbc); -#endif -#ifndef NO_RIJNDAEL - BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s\n", - LN_rijndael_ecb_k128_b128,"","","",""); -#endif - goto end; } argc--; @@ -542,12 +496,12 @@ bad: else memset(str,0,strlen(str)); } - if ((hiv != NULL) && !set_hex(hiv,iv,8)) + if ((hiv != NULL) && !set_hex(hiv,iv,sizeof iv)) { BIO_printf(bio_err,"invalid hex iv value\n"); goto end; } - if ((hkey != NULL) && !set_hex(hkey,key,24)) + if ((hkey != NULL) && !set_hex(hkey,key,sizeof key)) { BIO_printf(bio_err,"invalid hex key value\n"); goto end; diff --git a/apps/makeapps.com b/apps/makeapps.com index 7e9d0ac8d6..0bd5e2e51e 100644 --- a/apps/makeapps.com +++ b/apps/makeapps.com @@ -157,13 +157,13 @@ $ LIB_FILES = "VERIFY;ASN1PARS;REQ;DGST;DH;DHPARAM;ENC;PASSWD;GENDH;ERRSTR;"+- "RSA;RSAUTL;DSA;DSAPARAM;"+- "X509;GENRSA;GENDSA;S_SERVER;S_CLIENT;SPEED;"+- "S_TIME;APPS;S_CB;S_SOCKET;APP_RAND;VERSION;SESS_ID;"+- - "CIPHERS;NSEQ;PKCS12;PKCS8;SPKAC;SMIME;RAND" + "CIPHERS;NSEQ;PKCS12;PKCS8;SPKAC;SMIME;RAND;ENGINE" $ APP_FILES := OPENSSL,'OBJ_DIR'VERIFY.OBJ,ASN1PARS.OBJ,REQ.OBJ,DGST.OBJ,DH.OBJ,DHPARAM.OBJ,ENC.OBJ,PASSWD.OBJ,GENDH.OBJ,ERRSTR.OBJ,- CA.OBJ,PKCS7.OBJ,CRL2P7.OBJ,CRL.OBJ,- RSA.OBJ,RSAUTL.OBJ,DSA.OBJ,DSAPARAM.OBJ,- X509.OBJ,GENRSA.OBJ,GENDSA.OBJ,S_SERVER.OBJ,S_CLIENT.OBJ,SPEED.OBJ,- S_TIME.OBJ,APPS.OBJ,S_CB.OBJ,S_SOCKET.OBJ,APP_RAND.OBJ,VERSION.OBJ,SESS_ID.OBJ,- - CIPHERS.OBJ,NSEQ.OBJ,PKCS12.OBJ,PKCS8.OBJ,SPKAC.OBJ,SMIME.OBJ,RAND.OBJ + CIPHERS.OBJ,NSEQ.OBJ,PKCS12.OBJ,PKCS8.OBJ,SPKAC.OBJ,SMIME.OBJ,RAND.OBJ,ENGINE.OBJ $ TCPIP_PROGRAMS = ",," $ IF COMPILER .EQS. "VAXC" THEN - TCPIP_PROGRAMS = ",OPENSSL," @@ -581,6 +581,7 @@ $ CHECK_OPTIONS: $! $! Check To See If P1 Is Blank. $! +$ P1 = "NORSAREF" $ IF (P1.EQS."NORSAREF") $ THEN $! diff --git a/apps/openssl.c b/apps/openssl.c index 4f61006b73..b7e50c7374 100644 --- a/apps/openssl.c +++ b/apps/openssl.c @@ -85,6 +85,9 @@ char *default_config_file=NULL; BIO *bio_err=NULL; #endif +static IMPLEMENT_LHASH_HASH_FN(hash,FUNCTION *) +static IMPLEMENT_LHASH_COMP_FN(cmp,FUNCTION *) + int main(int Argc, char *Argv[]) { ARGS arg; @@ -112,6 +115,7 @@ int main(int Argc, char *Argv[]) BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); ERR_load_crypto_strings(); + ENGINE_load_builtin_engines(); /* Lets load up our environment a little */ p=getenv("OPENSSL_CONF"); @@ -350,7 +354,9 @@ static LHASH *prog_init(void) ; qsort(functions,i,sizeof *functions,SortFnByName); - if ((ret=lh_new(hash,cmp)) == NULL) return(NULL); + if ((ret=lh_new(LHASH_HASH_FN(hash), + LHASH_COMP_FN(cmp))) == NULL) + return(NULL); for (f=functions; f->name != NULL; f++) lh_insert(ret,f); diff --git a/apps/passwd.c b/apps/passwd.c index 6851a9927d..c92ff40beb 100644 --- a/apps/passwd.c +++ b/apps/passwd.c @@ -50,6 +50,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p, * -salt string - salt * -in file - read passwords from file * -stdin - read passwords from stdin + * -noverify - never verify when reading password from terminal * -quiet - no warnings * -table - format output as table * -reverse - switch table columns @@ -62,6 +63,7 @@ int MAIN(int argc, char **argv) int ret = 1; char *infile = NULL; int in_stdin = 0; + int in_noverify = 0; char *salt = NULL, *passwd = NULL, **passwds = NULL; char *salt_malloc = NULL, *passwd_malloc = NULL; size_t passwd_malloc_size = 0; @@ -128,6 +130,8 @@ int MAIN(int argc, char **argv) else badopt = 1; } + else if (strcmp(argv[i], "-noverify") == 0) + in_noverify = 1; else if (strcmp(argv[i], "-quiet") == 0) quiet = 1; else if (strcmp(argv[i], "-table") == 0) @@ -174,6 +178,7 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "-salt string use provided salt\n"); BIO_printf(bio_err, "-in file read passwords from file\n"); BIO_printf(bio_err, "-stdin read passwords from stdin\n"); + BIO_printf(bio_err, "-noverify never verify when reading password from terminal\n"); BIO_printf(bio_err, "-quiet no warnings\n"); BIO_printf(bio_err, "-table format output as table\n"); BIO_printf(bio_err, "-reverse switch table columns\n"); @@ -222,7 +227,7 @@ int MAIN(int argc, char **argv) passwds = passwds_static; if (in == NULL) - if (EVP_read_pw_string(passwd_malloc, passwd_malloc_size, "Password: ", 0) != 0) + if (EVP_read_pw_string(passwd_malloc, passwd_malloc_size, "Password: ", !(passed_salt || in_noverify)) != 0) goto err; passwds[0] = passwd_malloc; } diff --git a/apps/progs.h b/apps/progs.h index fbc65de632..dfc48b0d60 100644 --- a/apps/progs.h +++ b/apps/progs.h @@ -35,6 +35,7 @@ extern int pkcs8_main(int argc,char *argv[]); extern int spkac_main(int argc,char *argv[]); extern int smime_main(int argc,char *argv[]); extern int rand_main(int argc,char *argv[]); +extern int engine_main(int argc,char *argv[]); #define FUNC_TYPE_GENERAL 1 #define FUNC_TYPE_MD 2 @@ -109,6 +110,7 @@ FUNCTION functions[] = { {FUNC_TYPE_GENERAL,"spkac",spkac_main}, {FUNC_TYPE_GENERAL,"smime",smime_main}, {FUNC_TYPE_GENERAL,"rand",rand_main}, + {FUNC_TYPE_GENERAL,"engine",engine_main}, {FUNC_TYPE_MD,"md2",dgst_main}, {FUNC_TYPE_MD,"md4",dgst_main}, {FUNC_TYPE_MD,"md5",dgst_main}, diff --git a/apps/req.c b/apps/req.c index a279598689..7b8b4dbd60 100644 --- a/apps/req.c +++ b/apps/req.c @@ -102,7 +102,7 @@ * -nodes - no des encryption * -config file - Load configuration file. * -key file - make a request using key in file (or use it for verification). - * -keyform - key file format. + * -keyform arg - key file format. * -rand file(s) - load the file(s) into the PRNG. * -newkey - make a key and a request. * -modulus - print RSA modulus. diff --git a/apps/rsa.c b/apps/rsa.c index 700df4223e..825d925c66 100644 --- a/apps/rsa.c +++ b/apps/rsa.c @@ -265,7 +265,7 @@ bad: else if (informat == FORMAT_NETSCAPE) { BUF_MEM *buf=NULL; - unsigned char *p; + const unsigned char *p; int size=0; buf=BUF_MEM_new(); diff --git a/apps/rsautl.c b/apps/rsautl.c index de231b0456..1bbf33d5d9 100644 --- a/apps/rsautl.c +++ b/apps/rsautl.c @@ -62,6 +62,7 @@ #include <string.h> #include <openssl/err.h> #include <openssl/pem.h> +#include <openssl/engine.h> #define RSA_SIGN 1 #define RSA_VERIFY 2 @@ -82,8 +83,10 @@ int MAIN(int argc, char **); int MAIN(int argc, char **argv) { + ENGINE *e = NULL; BIO *in = NULL, *out = NULL; char *infile = NULL, *outfile = NULL; + char *engine = NULL; char *keyfile = NULL; char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY; int keyform = FORMAT_PEM; @@ -117,6 +120,9 @@ int MAIN(int argc, char **argv) } else if(!strcmp(*argv, "-inkey")) { if (--argc < 1) badarg = 1; keyfile = *(++argv); + } else if(!strcmp(*argv, "-engine")) { + if (--argc < 1) badarg = 1; + engine = *(++argv); } else if(!strcmp(*argv, "-pubin")) { key_type = KEY_PUBKEY; } else if(!strcmp(*argv, "-certin")) { @@ -151,16 +157,34 @@ int MAIN(int argc, char **argv) goto end; } + if (engine != NULL) + { + if((e = ENGINE_by_id(engine)) == NULL) + { + BIO_printf(bio_err,"invalid engine \"%s\"\n", + engine); + goto end; + } + if(!ENGINE_set_default(e, ENGINE_METHOD_ALL)) + { + BIO_printf(bio_err,"can't use that engine\n"); + goto end; + } + BIO_printf(bio_err,"engine \"%s\" set.\n", engine); + /* Free our "structural" reference. */ + ENGINE_free(e); + } + /* FIXME: seed PRNG only if needed */ app_RAND_load_file(NULL, bio_err, 0); switch(key_type) { case KEY_PRIVKEY: - pkey = load_key(bio_err, keyfile, keyform, NULL); + pkey = load_key(bio_err, keyfile, keyform, NULL, e); break; case KEY_PUBKEY: - pkey = load_pubkey(bio_err, keyfile, keyform); + pkey = load_pubkey(bio_err, keyfile, keyform, e); break; case KEY_CERT: diff --git a/apps/s_client.c b/apps/s_client.c index 45d627a60a..1a94cdec65 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -420,6 +420,12 @@ bad: con=SSL_new(ctx); +#ifndef NO_KRB5 + if (con && (con->kssl_ctx = kssl_ctx_new()) != NULL) + { + kssl_ctx_setstring(con->kssl_ctx, KSSL_SERVER, host); + } +#endif /* NO_KRB5 */ /* SSL_set_cipher_list(con,"RC4-MD5"); */ re_start: diff --git a/apps/s_server.c b/apps/s_server.c index 61a77dff11..383e2304d7 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -416,9 +416,6 @@ int MAIN(int argc, char *argv[]) int state=0; SSL_METHOD *meth=NULL; ENGINE *e=NULL; -#ifndef NO_DH - DH *dh=NULL; -#endif #if !defined(NO_SSL2) && !defined(NO_SSL3) meth=SSLv23_server_method(); @@ -682,7 +679,13 @@ bad: #ifndef NO_DH if (!no_dhe) { - dh=load_dh_param(dhfile ? dhfile : s_cert_file); + DH *dh=NULL; + + if (dhfile) + dh = load_dh_param(dhfile); + else if (s_cert_file) + dh = load_dh_param(s_cert_file); + if (dh != NULL) { BIO_printf(bio_s_out,"Setting temp DH parameters\n"); @@ -818,6 +821,13 @@ static int sv_body(char *hostname, int s, unsigned char *context) if (con == NULL) { con=SSL_new(ctx); +#ifndef NO_KRB5 + if ((con->kssl_ctx = kssl_ctx_new()) != NULL) + { + kssl_ctx_setstring(con->kssl_ctx, KSSL_SERVICE, KRB5SVC); + kssl_ctx_setstring(con->kssl_ctx, KSSL_KEYTAB, KRB5KEYTAB); + } +#endif /* NO_KRB5 */ if(context) SSL_set_session_id_context(con, context, strlen((char *)context)); diff --git a/apps/smime.c b/apps/smime.c index 16b940084b..0a16bbc4dd 100644 --- a/apps/smime.c +++ b/apps/smime.c @@ -399,7 +399,7 @@ int MAIN(int argc, char **argv) } else keyfile = NULL; if(keyfile) { - if(!(key = load_key(bio_err,keyfile, FORMAT_PEM, passin))) { + if(!(key = load_key(bio_err,keyfile, FORMAT_PEM, passin, NULL))) { BIO_printf(bio_err, "Can't read recipient certificate file %s\n", keyfile); ERR_print_errors(bio_err); goto end; diff --git a/apps/speed.c b/apps/speed.c index ba41916371..1634498c75 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -82,13 +82,15 @@ #include <openssl/rand.h> #include <openssl/err.h> #include <openssl/engine.h> +#include <openssl/evp.h> +#include <openssl/objects.h> #if defined(__FreeBSD__) # define USE_TOD #elif !defined(MSDOS) && (!defined(VMS) || defined(__DECC)) # define TIMES #endif -#if !defined(_UNICOS) && !defined(__OpenBSD__) && !defined(sgi) && !defined(__FreeBSD__) && !(defined(__bsdi) || defined(__bsdi__)) && !defined(_AIX) && !defined(MPE) +#if !defined(_UNICOS) && !defined(__OpenBSD__) && !defined(sgi) && !defined(__FreeBSD__) && !(defined(__bsdi) || defined(__bsdi__)) && !defined(_AIX) && !defined(MPE) && !defined(__NetBSD__) /* FIXME */ # define TIMEB #endif @@ -196,7 +198,7 @@ int run=0; static double Time_F(int s, int usertime); -static void print_message(char *s,long num,int length); +static void print_message(const char *s,long num,int length); static void pkey_print_message(char *str,char *str2,long num,int bits,int sec); #ifdef SIGALRM #if defined(__STDC__) || defined(sgi) || defined(_AIX) @@ -314,11 +316,11 @@ int MAIN(int argc, char **argv) ENGINE *e; unsigned char *buf=NULL,*buf2=NULL; int mret=1; -#define ALGOR_NUM 15 +#define ALGOR_NUM 16 #define SIZE_NUM 5 #define RSA_NUM 4 #define DSA_NUM 3 - long count,rsa_count; + long count,rsa_count,save_count=0; int i,j,k; unsigned rsa_num; #ifndef NO_MD2 @@ -384,10 +386,11 @@ int MAIN(int argc, char **argv) #define D_CBC_RC5 12 #define D_CBC_BF 13 #define D_CBC_CAST 14 +#define D_EVP 15 double d,results[ALGOR_NUM][SIZE_NUM]; static int lengths[SIZE_NUM]={8,64,256,1024,8*1024}; long c[ALGOR_NUM][SIZE_NUM]; - static char *names[ALGOR_NUM]={ + static const char *names[ALGOR_NUM]={ "md2","mdc2","md4","md5","hmac(md5)","sha1","rmd160","rc4", "des cbc","des ede3","idea cbc", "rc2 cbc","rc5-32/12 cbc","blowfish cbc","cast cbc"}; @@ -420,6 +423,7 @@ int MAIN(int argc, char **argv) int doit[ALGOR_NUM]; int pr_header=0; int usertime=1; + const EVP_CIPHER *evp=NULL; #ifndef TIMES usertime=-1; @@ -472,6 +476,23 @@ int MAIN(int argc, char **argv) { if ((argc > 0) && (strcmp(*argv,"-elapsed") == 0)) usertime = 0; + else if ((argc > 0) && (strcmp(*argv,"-evp") == 0)) + { + argc--; + argv++; + if(argc == 0) + { + BIO_printf(bio_err,"no EVP given\n"); + goto end; + } + evp=EVP_get_cipherbyname(*argv); + if(!evp) + { + BIO_printf(bio_err,"%s is an unknown cipher\n",*argv); + goto end; + } + doit[D_EVP]=1; + } else if ((argc > 0) && (strcmp(*argv,"-engine") == 0)) { @@ -547,7 +568,7 @@ int MAIN(int argc, char **argv) else #endif #ifndef NO_RSA -#ifdef RSAref +#if 0 /* was: #ifdef RSAref */ if (strcmp(*argv,"rsaref") == 0) { RSA_set_default_openssl_method(RSA_PKCS1_RSAref()); @@ -719,7 +740,10 @@ int MAIN(int argc, char **argv) if (j == 0) { for (i=0; i<ALGOR_NUM; i++) - doit[i]=1; + { + if (i != D_EVP) + doit[i]=1; + } for (i=0; i<RSA_NUM; i++) rsa_doit[i]=1; for (i=0; i<DSA_NUM; i++) @@ -739,7 +763,7 @@ int MAIN(int argc, char **argv) #ifndef NO_RSA for (i=0; i<RSA_NUM; i++) { - unsigned char *p; + const unsigned char *p; p=rsa_data[i]; rsa_key[i]=d2i_RSAPrivateKey(NULL,&p,rsa_data_length[i]); @@ -804,6 +828,7 @@ int MAIN(int argc, char **argv) &(sch[0]),DES_ENCRYPT); d=Time_F(STOP,usertime); } while (d <3); + save_count=count; c[D_MD2][0]=count/10; c[D_MDC2][0]=count/10; c[D_MD4][0]=count; @@ -1160,6 +1185,28 @@ int MAIN(int argc, char **argv) } #endif + if (doit[D_EVP]) + { + for (j=0; j<SIZE_NUM; j++) + { + EVP_CIPHER_CTX ctx; + int outl; + + names[D_EVP]=OBJ_nid2ln(evp->nid); + print_message(names[D_EVP],save_count, + lengths[j]); + EVP_EncryptInit(&ctx,evp,key16,iv); + Time_F(START,usertime); + for (count=0,run=1; COND(save_count*4*lengths[0]/lengths[j]); count++) + EVP_EncryptUpdate(&ctx,buf,&outl,buf,lengths[j]); + EVP_EncryptFinal(&ctx,buf,&outl); + d=Time_F(STOP,usertime); + BIO_printf(bio_err,"%ld %s's in %.2fs\n", + count,names[D_EVP],d); + results[D_EVP][j]=((double)count)/d*lengths[j]; + } + } + RAND_pseudo_bytes(buf,36); #ifndef NO_RSA for (j=0; j<RSA_NUM; j++) @@ -1429,7 +1476,7 @@ end: EXIT(mret); } -static void print_message(char *s, long num, int length) +static void print_message(const char *s, long num, int length) { #ifdef SIGALRM BIO_printf(bio_err,"Doing %s for %ds on %d size blocks: ",s,SECONDS,length); diff --git a/apps/x509.c b/apps/x509.c index 8712339717..de25790145 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -106,6 +106,7 @@ static char *x509_usage[]={ " -fingerprint - print the certificate fingerprint\n", " -alias - output certificate alias\n", " -noout - no certificate output\n", +" -ocspid - print OCSP hash values for the subject name and public key\n", " -trustout - output a \"trusted\" certificate\n", " -clrtrust - clear all trusted purposes\n", " -clrreject - clear all rejected purposes\n", @@ -163,6 +164,7 @@ int MAIN(int argc, char **argv) char *CAkeyfile=NULL,*CAserial=NULL; char *alias=NULL; int text=0,serial=0,hash=0,subject=0,issuer=0,startdate=0,enddate=0; + int ocspid=0; int noout=0,sign_flag=0,CA_flag=0,CA_createserial=0,email=0; int trustout=0,clrtrust=0,clrreject=0,aliasout=0,clrext=0; int C=0; @@ -412,6 +414,8 @@ int MAIN(int argc, char **argv) clrext = 1; } #endif + else if (strcmp(*argv,"-ocspid") == 0) + ocspid= ++num; else if ((md_alg=EVP_get_digestbyname(*argv + 1))) { /* ok */ @@ -849,7 +853,7 @@ bad: if (Upkey == NULL) { Upkey=load_key(bio_err, - keyfile,keyformat, passin); + keyfile,keyformat, passin, e); if (Upkey == NULL) goto end; } #ifndef NO_DSA @@ -867,7 +871,8 @@ bad: if (CAkeyfile != NULL) { CApkey=load_key(bio_err, - CAkeyfile,CAkeyformat, passin); + CAkeyfile,CAkeyformat, passin, + e); if (CApkey == NULL) goto end; } #ifndef NO_DSA @@ -894,7 +899,7 @@ bad: else { pk=load_key(bio_err, - keyfile,FORMAT_PEM, passin); + keyfile,FORMAT_PEM, passin, e); if (pk == NULL) goto end; } @@ -917,6 +922,10 @@ bad: } noout=1; } + else if (ocspid == i) + { + X509_ocspid_print(out, x); + } } } @@ -203,6 +203,10 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in echo "ppc-apple-rhapsody"; exit 0 ;; + Darwin:*) + echo "ppc-apple-darwin"; exit 0 + ;; + SunOS:5.*) echo "${MACHINE}-whatever-solaris2"; exit 0 ;; @@ -413,11 +417,27 @@ case "$GUESSOS" in esac fi ;; - mips-*-linux?) OUT="linux-mips" ;; + mips-*-linux?) + cat >dummy.c <<EOF +#include <stdio.h> /* for printf() prototype */ + int main (argc, argv) int argc; char *argv[]; { +#ifdef __MIPSEB__ + printf ("linux-%s\n", argv[1]); +#endif +#ifdef __MIPSEL__ + printf ("linux-%sel\n", argv[1]); +#endif + return 0; +} +EOF + ${CC} -o dummy dummy.c && OUT=`./dummy ${MACHINE}` + rm dummy dummy.c + ;; ppc-*-linux2) OUT="linux-ppc" ;; m68k-*-linux*) OUT="linux-m68k" ;; ia64-*-linux?) OUT="linux-ia64" ;; ppc-apple-rhapsody) OUT="rhapsody-ppc-cc" ;; + ppc-apple-darwin) OUT="darwin-ppc-cc" ;; sparc64-*-linux2) #Before we can uncomment following lines we have to wait at least #till 64-bit glibc for SPARC is operational:-( @@ -427,7 +447,7 @@ case "$GUESSOS" in #read waste < /dev/tty OUT="linux-sparcv9" ;; sparc-*-linux2) - KARCH=`awk '/type/{print$3}' /proc/cpuinfo` + KARCH=`awk '/^type/{print$3}' /proc/cpuinfo` case ${KARCH:-sun4} in sun4u*) OUT="linux-sparcv9" ;; sun4m) OUT="linux-sparcv8" ;; @@ -521,6 +541,27 @@ do fi done +# Discover Kerberos 5 (since it's still a prototype, we don't +# do any guesses yet, that's why this section is commented away. +#if [ -d /usr/kerberos ]; then +# krb5_dir=/usr/kerberos +# if [ \( -f $krb5_dir/lib/libgssapi_krb5.a -o -f $krb5_dir/lib/libgssapi_krb5.so* \)\ +# -a \( -f $krb5_dir/lib/libkrb5.a -o -f $krb5_dir/lib/libkrb5.so* \)\ +# -a \( -f $krb5_dir/lib/libcom_err.a -o -f $krb5_dir/lib/libcom_err.so* \)\ +# -a \( -f $krb5_dir/lib/libk5crypto.a -o -f $krb5_dir/lib/libk5crypto.so* \)\ +# -a \( -f $krb5_dir/include/krb5.h \) ]; then +# options="$options --with-krb5-flavor=MIT" +# fi +#elif [ -d /usr/heimdal ]; then +# krb5_dir=/usr/heimdal +# if [ \( -f $krb5_dir/lib/libgssapi.a -o -f $krb5_dir/lib/libgssapi.so* \)\ +# -a \( -f $krb5_dir/lib/libkrb5.a -o -f $krb5_dir/lib/libkrb5.so* \)\ +# -a \( -f $krb5_dir/lib/libcom_err.a -o -f $krb5_dir/lib/libcom_err.so* \)\ +# -a \( -f $krb5_dir/include/krb5.h \) ]; then +# options="$options --with-krb5-flavor=Heimdal" +# fi +#fi + if [ -z "$OUT" ]; then OUT="$CC" fi diff --git a/crypto/asn1/Makefile.ssl b/crypto/asn1/Makefile.ssl index 2720dd65f1..5dd662843b 100644 --- a/crypto/asn1/Makefile.ssl +++ b/crypto/asn1/Makefile.ssl @@ -157,8 +157,7 @@ a_digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h a_digest.o: ../../include/openssl/opensslconf.h a_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h a_digest.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -a_digest.o: ../../include/openssl/rc5.h -a_digest.o: ../../include/openssl/rijndael-alg-fst.h +a_digest.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h a_digest.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h a_digest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h a_digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -275,12 +274,12 @@ a_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h a_sign.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h a_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h a_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -a_sign.o: ../../include/openssl/rijndael-alg-fst.h -a_sign.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -a_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -a_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -a_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -a_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +a_sign.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +a_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +a_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +a_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +a_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +a_sign.o: ../cryptlib.h a_strex.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h a_strex.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h a_strex.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -294,12 +293,12 @@ a_strex.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h a_strex.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h a_strex.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h a_strex.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -a_strex.o: ../../include/openssl/rijndael-alg-fst.h -a_strex.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -a_strex.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -a_strex.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -a_strex.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -a_strex.o: ../../include/openssl/x509_vfy.h charmap.h +a_strex.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +a_strex.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +a_strex.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +a_strex.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +a_strex.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +a_strex.o: charmap.h a_strnid.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h a_strnid.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h a_strnid.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h @@ -355,8 +354,7 @@ a_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h a_verify.o: ../../include/openssl/opensslconf.h a_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h a_verify.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -a_verify.o: ../../include/openssl/rc5.h -a_verify.o: ../../include/openssl/rijndael-alg-fst.h +a_verify.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h a_verify.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h a_verify.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h a_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -406,7 +404,7 @@ d2i_pr.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h d2i_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h d2i_pr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h d2i_pr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -d2i_pr.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +d2i_pr.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h d2i_pr.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h d2i_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h d2i_pr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -424,7 +422,7 @@ d2i_pu.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h d2i_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h d2i_pu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h d2i_pu.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -d2i_pu.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +d2i_pu.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h d2i_pu.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h d2i_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h d2i_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -475,7 +473,7 @@ i2d_pr.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h i2d_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h i2d_pr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h i2d_pr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -i2d_pr.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +i2d_pr.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h i2d_pr.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h i2d_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h i2d_pr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -493,7 +491,7 @@ i2d_pu.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h i2d_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h i2d_pu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h i2d_pu.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -i2d_pu.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +i2d_pu.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h i2d_pu.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h i2d_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h i2d_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -513,12 +511,12 @@ n_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h n_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h n_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h n_pkey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -n_pkey.o: ../../include/openssl/rijndael-alg-fst.h -n_pkey.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -n_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -n_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -n_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -n_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +n_pkey.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +n_pkey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +n_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +n_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +n_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +n_pkey.o: ../cryptlib.h nsseq.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h nsseq.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h nsseq.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h @@ -532,7 +530,7 @@ nsseq.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h nsseq.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h nsseq.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h nsseq.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -nsseq.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +nsseq.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h nsseq.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h nsseq.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h nsseq.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -553,12 +551,12 @@ p5_pbe.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p5_pbe.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h p5_pbe.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h p5_pbe.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p5_pbe.o: ../../include/openssl/rijndael-alg-fst.h -p5_pbe.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p5_pbe.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p5_pbe.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p5_pbe.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p5_pbe.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +p5_pbe.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +p5_pbe.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p5_pbe.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p5_pbe.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p5_pbe.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p5_pbe.o: ../cryptlib.h p5_pbev2.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h p5_pbev2.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h p5_pbev2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h @@ -574,12 +572,12 @@ p5_pbev2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p5_pbev2.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h p5_pbev2.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h p5_pbev2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p5_pbev2.o: ../../include/openssl/rijndael-alg-fst.h -p5_pbev2.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p5_pbev2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p5_pbev2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p5_pbev2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p5_pbev2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +p5_pbev2.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +p5_pbev2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p5_pbev2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p5_pbev2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p5_pbev2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p5_pbev2.o: ../cryptlib.h p8_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h p8_pkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h p8_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h @@ -594,7 +592,7 @@ p8_pkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h p8_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p8_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h p8_pkey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p8_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +p8_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h p8_pkey.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h p8_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p8_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -615,13 +613,12 @@ t_bitst.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h t_bitst.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h t_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h t_bitst.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -t_bitst.o: ../../include/openssl/rijndael-alg-fst.h -t_bitst.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -t_bitst.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -t_bitst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_bitst.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -t_bitst.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -t_bitst.o: ../cryptlib.h +t_bitst.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +t_bitst.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +t_bitst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +t_bitst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +t_bitst.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +t_bitst.o: ../../include/openssl/x509v3.h ../cryptlib.h t_crl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h t_crl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h t_crl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -637,13 +634,12 @@ t_crl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h t_crl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h t_crl.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h t_crl.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -t_crl.o: ../../include/openssl/rijndael-alg-fst.h -t_crl.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -t_crl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -t_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -t_crl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -t_crl.o: ../cryptlib.h +t_crl.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +t_crl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +t_crl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +t_crl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +t_crl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +t_crl.o: ../../include/openssl/x509v3.h ../cryptlib.h t_pkey.o: ../../include/openssl/bio.h ../../include/openssl/bn.h t_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h t_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h @@ -668,13 +664,12 @@ t_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h t_req.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h t_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h t_req.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -t_req.o: ../../include/openssl/rijndael-alg-fst.h -t_req.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -t_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -t_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -t_req.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -t_req.o: ../cryptlib.h +t_req.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +t_req.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +t_req.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +t_req.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +t_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +t_req.o: ../../include/openssl/x509v3.h ../cryptlib.h t_spki.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h t_spki.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h t_spki.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -689,12 +684,12 @@ t_spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h t_spki.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h t_spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h t_spki.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -t_spki.o: ../../include/openssl/rijndael-alg-fst.h -t_spki.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -t_spki.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -t_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -t_spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +t_spki.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +t_spki.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +t_spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +t_spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +t_spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +t_spki.o: ../cryptlib.h t_x509.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h t_x509.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h t_x509.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -710,13 +705,12 @@ t_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h t_x509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h t_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h t_x509.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -t_x509.o: ../../include/openssl/rijndael-alg-fst.h -t_x509.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -t_x509.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -t_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -t_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -t_x509.o: ../cryptlib.h +t_x509.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +t_x509.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +t_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +t_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +t_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +t_x509.o: ../../include/openssl/x509v3.h ../cryptlib.h t_x509a.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h t_x509a.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h t_x509a.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -731,12 +725,12 @@ t_x509a.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h t_x509a.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h t_x509a.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h t_x509a.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -t_x509a.o: ../../include/openssl/rijndael-alg-fst.h -t_x509a.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -t_x509a.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -t_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -t_x509a.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +t_x509a.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +t_x509a.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +t_x509a.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +t_x509a.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +t_x509a.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +t_x509a.o: ../cryptlib.h tasn_dec.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h tasn_dec.o: ../../include/openssl/bio.h ../../include/openssl/bn.h tasn_dec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h @@ -789,7 +783,7 @@ x_algor.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h x_algor.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_algor.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x_algor.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_algor.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +x_algor.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x_algor.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x_algor.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_algor.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -809,8 +803,7 @@ x_attrib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h x_attrib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_attrib.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x_attrib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_attrib.o: ../../include/openssl/rc5.h -x_attrib.o: ../../include/openssl/rijndael-alg-fst.h +x_attrib.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x_attrib.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x_attrib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_attrib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -839,7 +832,7 @@ x_crl.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h x_crl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_crl.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x_crl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_crl.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +x_crl.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x_crl.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x_crl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -858,7 +851,7 @@ x_exten.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h x_exten.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_exten.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x_exten.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_exten.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +x_exten.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x_exten.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x_exten.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_exten.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -878,12 +871,12 @@ x_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x_info.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h x_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h x_info.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x_info.o: ../../include/openssl/rijndael-alg-fst.h -x_info.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -x_info.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -x_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_info.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -x_info.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +x_info.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +x_info.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +x_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +x_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +x_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +x_info.o: ../cryptlib.h x_long.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h x_long.o: ../../include/openssl/bio.h ../../include/openssl/bn.h x_long.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h @@ -906,7 +899,7 @@ x_name.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h x_name.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_name.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x_name.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_name.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +x_name.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x_name.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x_name.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_name.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -926,7 +919,7 @@ x_pkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h x_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x_pkey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +x_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x_pkey.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -946,8 +939,7 @@ x_pubkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h x_pubkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_pubkey.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x_pubkey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_pubkey.o: ../../include/openssl/rc5.h -x_pubkey.o: ../../include/openssl/rijndael-alg-fst.h +x_pubkey.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x_pubkey.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x_pubkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_pubkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -967,7 +959,7 @@ x_req.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h x_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_req.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x_req.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_req.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +x_req.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x_req.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -987,7 +979,7 @@ x_sig.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h x_sig.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_sig.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x_sig.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_sig.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +x_sig.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x_sig.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x_sig.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_sig.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -1007,7 +999,7 @@ x_spki.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h x_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_spki.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x_spki.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_spki.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +x_spki.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x_spki.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x_spki.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -1027,7 +1019,7 @@ x_val.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h x_val.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_val.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x_val.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_val.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +x_val.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x_val.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x_val.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_val.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -1048,7 +1040,7 @@ x_x509.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h x_x509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x_x509.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_x509.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +x_x509.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x_x509.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x_x509.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -1069,7 +1061,7 @@ x_x509a.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h x_x509a.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_x509a.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x_x509a.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_x509a.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +x_x509a.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x_x509a.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x_x509a.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h index 63aa37665c..a068035947 100644 --- a/crypto/asn1/asn1.h +++ b/crypto/asn1/asn1.h @@ -288,6 +288,7 @@ typedef struct ASN1_VALUE_st ASN1_VALUE; /* Declare ASN1 functions: the implement macro in in asn1t.h */ #define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type) + #define DECLARE_ASN1_FUNCTIONS_name(type, name) \ type *name##_new(void); \ void name##_free(type *a); \ @@ -298,6 +299,15 @@ typedef struct ASN1_VALUE_st ASN1_VALUE; int i2d_##name(type *a, unsigned char **out); \ extern const ASN1_ITEM name##_it; +#define DECLARE_ASN1_ENCODE_FUNCTIONS_const(type, name) \ + type *d2i_##name(type **a, const unsigned char **in, long len); \ + int i2d_##name(const type *a, unsigned char **out); \ + extern const ASN1_ITEM name##_it; + +#define DECLARE_ASN1_FUNCTIONS_const(name) \ + name *name##_new(void); \ + void name##_free(name *a); + /* Parameters used by ASN1_STRING_print_ex() */ /* These determine which characters to escape: @@ -913,24 +923,58 @@ int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); #define ASN1_F_BN_TO_ASN1_INTEGER 139 #define ASN1_F_COLLECT_DATA 140 #define ASN1_F_D2I_ASN1_BIT_STRING 141 +#define ASN1_F_D2I_ASN1_BMPSTRING 178 #define ASN1_F_D2I_ASN1_BOOLEAN 142 #define ASN1_F_D2I_ASN1_BYTES 143 #define ASN1_F_D2I_ASN1_GENERALIZEDTIME 144 #define ASN1_F_D2I_ASN1_HEADER 145 #define ASN1_F_D2I_ASN1_INTEGER 146 +#define ASN1_F_D2I_ASN1_NULL 179 #define ASN1_F_D2I_ASN1_OBJECT 147 #define ASN1_F_D2I_ASN1_SET 148 #define ASN1_F_D2I_ASN1_TYPE_BYTES 149 #define ASN1_F_D2I_ASN1_UINTEGER 150 #define ASN1_F_D2I_ASN1_UTCTIME 151 +#define ASN1_F_D2I_ASN1_VISIBLESTRING 180 #define ASN1_F_D2I_DHPARAMS 152 #define ASN1_F_D2I_DSAPARAMS 153 #define ASN1_F_D2I_DSAPRIVATEKEY 154 #define ASN1_F_D2I_DSAPUBLICKEY 155 #define ASN1_F_D2I_NETSCAPE_RSA 156 #define ASN1_F_D2I_NETSCAPE_RSA_2 157 +#define ASN1_F_D2I_OCSP_BASICRESP 181 +#define ASN1_F_D2I_OCSP_CERTID 182 +#define ASN1_F_D2I_OCSP_CERTSTATUS 183 +#define ASN1_F_D2I_OCSP_CRLID 184 +#define ASN1_F_D2I_OCSP_ONEREQ 185 +#define ASN1_F_D2I_OCSP_REQINFO 186 +#define ASN1_F_D2I_OCSP_REQUEST 187 +#define ASN1_F_D2I_OCSP_RESPBYTES 188 +#define ASN1_F_D2I_OCSP_RESPDATA 189 +#define ASN1_F_D2I_OCSP_RESPID 190 +#define ASN1_F_D2I_OCSP_RESPONSE 191 +#define ASN1_F_D2I_OCSP_REVOKEDINFO 192 +#define ASN1_F_D2I_OCSP_SERVICELOC 193 +#define ASN1_F_D2I_OCSP_SIGNATURE 194 +#define ASN1_F_D2I_OCSP_SINGLERESP 195 +#define ASN1_F_D2I_PKCS12 196 +#define ASN1_F_D2I_PKCS12_BAGS 197 +#define ASN1_F_D2I_PKCS12_MAC_DATA 198 +#define ASN1_F_D2I_PKCS12_SAFEBAG 199 +#define ASN1_F_D2I_PKCS7 200 +#define ASN1_F_D2I_PKCS7_DIGEST 201 +#define ASN1_F_D2I_PKCS7_ENCRYPT 202 +#define ASN1_F_D2I_PKCS7_ENC_CONTENT 203 +#define ASN1_F_D2I_PKCS7_ENVELOPE 204 +#define ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL 205 +#define ASN1_F_D2I_PKCS7_RECIP_INFO 206 +#define ASN1_F_D2I_PKCS7_SIGNED 207 +#define ASN1_F_D2I_PKCS7_SIGNER_INFO 208 +#define ASN1_F_D2I_PKCS7_SIGN_ENVELOPE 209 #define ASN1_F_D2I_PRIVATEKEY 158 #define ASN1_F_D2I_PUBLICKEY 159 +#define ASN1_F_D2I_X509 210 +#define ASN1_F_D2I_X509_CINF 211 #define ASN1_F_D2I_X509_NAME 160 #define ASN1_F_D2I_X509_PKEY 161 #define ASN1_F_I2D_ASN1_TIME 162 @@ -944,10 +988,41 @@ int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); #define ASN1_F_I2D_PUBLICKEY 170 #define ASN1_F_I2D_RSA_PUBKEY 171 #define ASN1_F_LONG_C2I 172 +#define ASN1_F_OCSP_BASICRESP_NEW 212 +#define ASN1_F_OCSP_CERTID_NEW 213 +#define ASN1_F_OCSP_CERTSTATUS_NEW 214 +#define ASN1_F_OCSP_CRLID_NEW 215 +#define ASN1_F_OCSP_ONEREQ_NEW 216 +#define ASN1_F_OCSP_REQINFO_NEW 217 +#define ASN1_F_OCSP_REQUEST_NEW 218 +#define ASN1_F_OCSP_RESPBYTES_NEW 219 +#define ASN1_F_OCSP_RESPDATA_NEW 220 +#define ASN1_F_OCSP_RESPID_NEW 221 +#define ASN1_F_OCSP_RESPONSE_NEW 222 +#define ASN1_F_OCSP_REVOKEDINFO_NEW 223 +#define ASN1_F_OCSP_SERVICELOC_NEW 224 +#define ASN1_F_OCSP_SIGNATURE_NEW 225 +#define ASN1_F_OCSP_SINGLERESP_NEW 226 +#define ASN1_F_PKCS12_BAGS_NEW 227 +#define ASN1_F_PKCS12_MAC_DATA_NEW 228 +#define ASN1_F_PKCS12_NEW 229 +#define ASN1_F_PKCS12_SAFEBAG_NEW 230 #define ASN1_F_PKCS5_PBE2_SET 173 +#define ASN1_F_PKCS7_DIGEST_NEW 231 +#define ASN1_F_PKCS7_ENCRYPT_NEW 232 +#define ASN1_F_PKCS7_ENC_CONTENT_NEW 233 +#define ASN1_F_PKCS7_ENVELOPE_NEW 234 +#define ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW 235 +#define ASN1_F_PKCS7_NEW 236 +#define ASN1_F_PKCS7_RECIP_INFO_NEW 237 +#define ASN1_F_PKCS7_SIGNED_NEW 238 +#define ASN1_F_PKCS7_SIGNER_INFO_NEW 239 +#define ASN1_F_PKCS7_SIGN_ENVELOPE_NEW 240 +#define ASN1_F_X509_CINF_NEW 241 #define ASN1_F_X509_CRL_ADD0_REVOKED 174 #define ASN1_F_X509_INFO_NEW 175 #define ASN1_F_X509_NAME_NEW 176 +#define ASN1_F_X509_NEW 242 #define ASN1_F_X509_PKEY_NEW 177 /* Reason codes. */ @@ -955,7 +1030,9 @@ int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); #define ASN1_R_BAD_CLASS 101 #define ASN1_R_BAD_OBJECT_HEADER 102 #define ASN1_R_BAD_PASSWORD_READ 103 +#define ASN1_R_BAD_PKCS7_CONTENT 171 #define ASN1_R_BAD_TAG 104 +#define ASN1_R_BAD_TYPE 172 #define ASN1_R_BN_LIB 105 #define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106 #define ASN1_R_BUFFER_TOO_SMALL 107 @@ -969,6 +1046,7 @@ int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); #define ASN1_R_EXPECTING_AN_INTEGER 115 #define ASN1_R_EXPECTING_AN_OBJECT 116 #define ASN1_R_EXPECTING_A_BOOLEAN 117 +#define ASN1_R_EXPECTING_A_NULL 173 #define ASN1_R_EXPECTING_A_TIME 118 #define ASN1_R_EXPLICIT_LENGTH_MISMATCH 119 #define ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED 120 diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c index 9ab1891b8f..e75dfc71bf 100644 --- a/crypto/asn1/asn1_err.c +++ b/crypto/asn1/asn1_err.c @@ -108,24 +108,58 @@ static ERR_STRING_DATA ASN1_str_functs[]= {ERR_PACK(0,ASN1_F_BN_TO_ASN1_INTEGER,0), "BN_to_ASN1_INTEGER"}, {ERR_PACK(0,ASN1_F_COLLECT_DATA,0), "COLLECT_DATA"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_BIT_STRING,0), "D2I_ASN1_BIT_STRING"}, +{ERR_PACK(0,ASN1_F_D2I_ASN1_BMPSTRING,0), "D2I_ASN1_BMPSTRING"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_BOOLEAN,0), "d2i_ASN1_BOOLEAN"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_BYTES,0), "d2i_ASN1_bytes"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_GENERALIZEDTIME,0), "D2I_ASN1_GENERALIZEDTIME"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_HEADER,0), "d2i_ASN1_HEADER"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_INTEGER,0), "D2I_ASN1_INTEGER"}, +{ERR_PACK(0,ASN1_F_D2I_ASN1_NULL,0), "D2I_ASN1_NULL"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_OBJECT,0), "d2i_ASN1_OBJECT"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_SET,0), "d2i_ASN1_SET"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE_BYTES,0), "d2i_ASN1_type_bytes"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_UINTEGER,0), "d2i_ASN1_UINTEGER"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_UTCTIME,0), "D2I_ASN1_UTCTIME"}, +{ERR_PACK(0,ASN1_F_D2I_ASN1_VISIBLESTRING,0), "D2I_ASN1_VISIBLESTRING"}, {ERR_PACK(0,ASN1_F_D2I_DHPARAMS,0), "d2i_DHparams"}, {ERR_PACK(0,ASN1_F_D2I_DSAPARAMS,0), "d2i_DSAparams"}, {ERR_PACK(0,ASN1_F_D2I_DSAPRIVATEKEY,0), "d2i_DSAPrivateKey"}, {ERR_PACK(0,ASN1_F_D2I_DSAPUBLICKEY,0), "d2i_DSAPublicKey"}, {ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA,0), "d2i_Netscape_RSA"}, {ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA_2,0), "d2i_Netscape_RSA_2"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_BASICRESP,0), "d2i_OCSP_BASICRESP"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_CERTID,0), "d2i_OCSP_CERTID"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_CERTSTATUS,0), "d2i_OCSP_CERTSTATUS"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_CRLID,0), "d2i_OCSP_CRLID"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_ONEREQ,0), "d2i_OCSP_ONEREQ"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_REQINFO,0), "d2i_OCSP_REQINFO"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_REQUEST,0), "d2i_OCSP_REQUEST"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_RESPBYTES,0), "d2i_OCSP_RESPBYTES"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_RESPDATA,0), "d2i_OCSP_RESPDATA"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_RESPID,0), "d2i_OCSP_RESPID"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_RESPONSE,0), "d2i_OCSP_RESPONSE"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_REVOKEDINFO,0), "d2i_OCSP_REVOKEDINFO"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_SERVICELOC,0), "d2i_OCSP_SERVICELOC"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_SIGNATURE,0), "d2i_OCSP_SIGNATURE"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_SINGLERESP,0), "d2i_OCSP_SINGLERESP"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS12,0), "D2I_PKCS12"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS12_BAGS,0), "D2I_PKCS12_BAGS"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS12_MAC_DATA,0), "D2I_PKCS12_MAC_DATA"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS12_SAFEBAG,0), "D2I_PKCS12_SAFEBAG"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7,0), "D2I_PKCS7"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_DIGEST,0), "D2I_PKCS7_DIGEST"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENCRYPT,0), "D2I_PKCS7_ENCRYPT"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENC_CONTENT,0), "D2I_PKCS7_ENC_CONTENT"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENVELOPE,0), "D2I_PKCS7_ENVELOPE"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL,0), "D2I_PKCS7_ISSUER_AND_SERIAL"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_RECIP_INFO,0), "D2I_PKCS7_RECIP_INFO"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNED,0), "D2I_PKCS7_SIGNED"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNER_INFO,0), "D2I_PKCS7_SIGNER_INFO"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGN_ENVELOPE,0), "D2I_PKCS7_SIGN_ENVELOPE"}, {ERR_PACK(0,ASN1_F_D2I_PRIVATEKEY,0), "d2i_PrivateKey"}, {ERR_PACK(0,ASN1_F_D2I_PUBLICKEY,0), "d2i_PublicKey"}, +{ERR_PACK(0,ASN1_F_D2I_X509,0), "D2I_X509"}, +{ERR_PACK(0,ASN1_F_D2I_X509_CINF,0), "D2I_X509_CINF"}, {ERR_PACK(0,ASN1_F_D2I_X509_NAME,0), "D2I_X509_NAME"}, {ERR_PACK(0,ASN1_F_D2I_X509_PKEY,0), "d2i_X509_PKEY"}, {ERR_PACK(0,ASN1_F_I2D_ASN1_TIME,0), "I2D_ASN1_TIME"}, @@ -139,10 +173,41 @@ static ERR_STRING_DATA ASN1_str_functs[]= {ERR_PACK(0,ASN1_F_I2D_PUBLICKEY,0), "i2d_PublicKey"}, {ERR_PACK(0,ASN1_F_I2D_RSA_PUBKEY,0), "i2d_RSA_PUBKEY"}, {ERR_PACK(0,ASN1_F_LONG_C2I,0), "LONG_C2I"}, +{ERR_PACK(0,ASN1_F_OCSP_BASICRESP_NEW,0), "OCSP_BASICRESP_new"}, +{ERR_PACK(0,ASN1_F_OCSP_CERTID_NEW,0), "OCSP_CERTID_new"}, +{ERR_PACK(0,ASN1_F_OCSP_CERTSTATUS_NEW,0), "OCSP_CERTSTATUS_new"}, +{ERR_PACK(0,ASN1_F_OCSP_CRLID_NEW,0), "OCSP_CRLID_new"}, +{ERR_PACK(0,ASN1_F_OCSP_ONEREQ_NEW,0), "OCSP_ONEREQ_new"}, +{ERR_PACK(0,ASN1_F_OCSP_REQINFO_NEW,0), "OCSP_REQINFO_new"}, +{ERR_PACK(0,ASN1_F_OCSP_REQUEST_NEW,0), "OCSP_REQUEST_new"}, +{ERR_PACK(0,ASN1_F_OCSP_RESPBYTES_NEW,0), "OCSP_RESPBYTES_new"}, +{ERR_PACK(0,ASN1_F_OCSP_RESPDATA_NEW,0), "OCSP_RESPDATA_new"}, +{ERR_PACK(0,ASN1_F_OCSP_RESPID_NEW,0), "OCSP_RESPID_new"}, +{ERR_PACK(0,ASN1_F_OCSP_RESPONSE_NEW,0), "OCSP_RESPONSE_new"}, +{ERR_PACK(0,ASN1_F_OCSP_REVOKEDINFO_NEW,0), "OCSP_REVOKEDINFO_new"}, +{ERR_PACK(0,ASN1_F_OCSP_SERVICELOC_NEW,0), "OCSP_SERVICELOC_new"}, +{ERR_PACK(0,ASN1_F_OCSP_SIGNATURE_NEW,0), "OCSP_SIGNATURE_new"}, +{ERR_PACK(0,ASN1_F_OCSP_SINGLERESP_NEW,0), "OCSP_SINGLERESP_new"}, +{ERR_PACK(0,ASN1_F_PKCS12_BAGS_NEW,0), "PKCS12_BAGS_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS12_MAC_DATA_NEW,0), "PKCS12_MAC_DATA_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS12_NEW,0), "PKCS12_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS12_SAFEBAG_NEW,0), "PKCS12_SAFEBAG_NEW"}, {ERR_PACK(0,ASN1_F_PKCS5_PBE2_SET,0), "PKCS5_pbe2_set"}, +{ERR_PACK(0,ASN1_F_PKCS7_DIGEST_NEW,0), "PKCS7_DIGEST_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_ENCRYPT_NEW,0), "PKCS7_ENCRYPT_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_ENC_CONTENT_NEW,0), "PKCS7_ENC_CONTENT_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_ENVELOPE_NEW,0), "PKCS7_ENVELOPE_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW,0), "PKCS7_ISSUER_AND_SERIAL_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_NEW,0), "PKCS7_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_RECIP_INFO_NEW,0), "PKCS7_RECIP_INFO_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_SIGNED_NEW,0), "PKCS7_SIGNED_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_SIGNER_INFO_NEW,0), "PKCS7_SIGNER_INFO_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_SIGN_ENVELOPE_NEW,0), "PKCS7_SIGN_ENVELOPE_NEW"}, +{ERR_PACK(0,ASN1_F_X509_CINF_NEW,0), "X509_CINF_NEW"}, {ERR_PACK(0,ASN1_F_X509_CRL_ADD0_REVOKED,0), "X509_CRL_add0_revoked"}, {ERR_PACK(0,ASN1_F_X509_INFO_NEW,0), "X509_INFO_new"}, {ERR_PACK(0,ASN1_F_X509_NAME_NEW,0), "X509_NAME_NEW"}, +{ERR_PACK(0,ASN1_F_X509_NEW,0), "X509_NEW"}, {ERR_PACK(0,ASN1_F_X509_PKEY_NEW,0), "X509_PKEY_new"}, {0,NULL} }; @@ -153,7 +218,9 @@ static ERR_STRING_DATA ASN1_str_reasons[]= {ASN1_R_BAD_CLASS ,"bad class"}, {ASN1_R_BAD_OBJECT_HEADER ,"bad object header"}, {ASN1_R_BAD_PASSWORD_READ ,"bad password read"}, +{ASN1_R_BAD_PKCS7_CONTENT ,"bad pkcs7 content"}, {ASN1_R_BAD_TAG ,"bad tag"}, +{ASN1_R_BAD_TYPE ,"bad type"}, {ASN1_R_BN_LIB ,"bn lib"}, {ASN1_R_BOOLEAN_IS_WRONG_LENGTH ,"boolean is wrong length"}, {ASN1_R_BUFFER_TOO_SMALL ,"buffer too small"}, @@ -167,6 +234,7 @@ static ERR_STRING_DATA ASN1_str_reasons[]= {ASN1_R_EXPECTING_AN_INTEGER ,"expecting an integer"}, {ASN1_R_EXPECTING_AN_OBJECT ,"expecting an object"}, {ASN1_R_EXPECTING_A_BOOLEAN ,"expecting a boolean"}, +{ASN1_R_EXPECTING_A_NULL ,"expecting a null"}, {ASN1_R_EXPECTING_A_TIME ,"expecting a time"}, {ASN1_R_EXPLICIT_LENGTH_MISMATCH ,"explicit length mismatch"}, {ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED ,"explicit tag not constructed"}, diff --git a/crypto/asn1/asn1_mac.h b/crypto/asn1/asn1_mac.h index 4512ba6cc6..be65b7b54f 100644 --- a/crypto/asn1/asn1_mac.h +++ b/crypto/asn1/asn1_mac.h @@ -76,8 +76,8 @@ extern "C" { ASN1_CTX c; \ type ret=NULL; \ \ - c.pp=pp; \ - c.q= *pp; \ + c.pp=(unsigned char **)pp; \ + c.q= *(unsigned char **)pp; \ c.error=ERR_R_NESTED_ASN1_ERROR; \ if ((a == NULL) || ((*a) == NULL)) \ { if ((ret=(type)func()) == NULL) \ @@ -85,13 +85,13 @@ extern "C" { else ret=(*a); #define M_ASN1_D2I_Init() \ - c.p= *pp; \ + c.p= *(unsigned char **)pp; \ c.max=(length == 0)?0:(c.p+length); #define M_ASN1_D2I_Finish_2(a) \ if (!asn1_Finish(&c)) \ { c.line=__LINE__; goto err; } \ - *pp=c.p; \ + *(unsigned char **)pp=c.p; \ if (a != NULL) (*a)=ret; \ return(ret); @@ -99,7 +99,7 @@ extern "C" { M_ASN1_D2I_Finish_2(a); \ err:\ ASN1_MAC_H_err((e),c.error,c.line); \ - asn1_add_error(*pp,(int)(c.q- *pp)); \ + asn1_add_error(*(unsigned char **)pp,(int)(c.q- *pp)); \ if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \ return(NULL) diff --git a/crypto/asn1/asn1t.h b/crypto/asn1/asn1t.h index 3ed21d474f..430c37124a 100644 --- a/crypto/asn1/asn1t.h +++ b/crypto/asn1/asn1t.h @@ -657,7 +657,7 @@ typedef struct ASN1_AUX_st { #define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \ IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname) -#define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \ +#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \ stname *fname##_new(void) \ { \ return (stname *)ASN1_item_new(&itname##_it); \ @@ -665,8 +665,11 @@ typedef struct ASN1_AUX_st { void fname##_free(stname *a) \ { \ ASN1_item_free((ASN1_VALUE *)a, &itname##_it); \ - } \ - IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) + } + +#define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \ + IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \ + IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) #define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \ stname *d2i_##fname(stname **a, unsigned char **in, long len) \ @@ -678,6 +681,26 @@ typedef struct ASN1_AUX_st { return ASN1_item_i2d((ASN1_VALUE *)a, out, &itname##_it);\ } +/* This includes evil casts to remove const: they will go away when full + * ASN1 constification is done. + */ +#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \ + stname *d2i_##fname(stname **a, const unsigned char **in, long len) \ + { \ + return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, (unsigned char **)in, len, &itname##_it);\ + } \ + int i2d_##fname(const stname *a, unsigned char **out) \ + { \ + return ASN1_item_i2d((ASN1_VALUE *)a, out, &itname##_it);\ + } + +#define IMPLEMENT_ASN1_FUNCTIONS_const(name) \ + IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name) + +#define IMPLEMENT_ASN1_FUNCTIONS_const_fname(stname, itname, fname) \ + IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \ + IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) + /* external definitions for primitive types */ extern const ASN1_ITEM ASN1_BOOLEAN_it; diff --git a/crypto/asn1/d2i_pr.c b/crypto/asn1/d2i_pr.c index c92b8325d8..31584fe090 100644 --- a/crypto/asn1/d2i_pr.c +++ b/crypto/asn1/d2i_pr.c @@ -84,7 +84,8 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, unsigned char **pp, { #ifndef NO_RSA case EVP_PKEY_RSA: - if ((ret->pkey.rsa=d2i_RSAPrivateKey(NULL,pp,length)) == NULL) + if ((ret->pkey.rsa=d2i_RSAPrivateKey(NULL, + (const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */ { ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB); goto err; @@ -93,7 +94,8 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, unsigned char **pp, #endif #ifndef NO_DSA case EVP_PKEY_DSA: - if ((ret->pkey.dsa=d2i_DSAPrivateKey(NULL,pp,length)) == NULL) + if ((ret->pkey.dsa=d2i_DSAPrivateKey(NULL, + (const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */ { ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB); goto err; diff --git a/crypto/asn1/d2i_pu.c b/crypto/asn1/d2i_pu.c index e0d203cef7..9eedde3de4 100644 --- a/crypto/asn1/d2i_pu.c +++ b/crypto/asn1/d2i_pu.c @@ -84,7 +84,8 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, unsigned char **pp, { #ifndef NO_RSA case EVP_PKEY_RSA: - if ((ret->pkey.rsa=d2i_RSAPublicKey(NULL,pp,length)) == NULL) + if ((ret->pkey.rsa=d2i_RSAPublicKey(NULL, + (const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */ { ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB); goto err; @@ -93,7 +94,8 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, unsigned char **pp, #endif #ifndef NO_DSA case EVP_PKEY_DSA: - if ((ret->pkey.dsa=d2i_DSAPublicKey(NULL,pp,length)) == NULL) + if ((ret->pkey.dsa=d2i_DSAPublicKey(NULL, + (const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */ { ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB); goto err; diff --git a/crypto/asn1/n_pkey.c b/crypto/asn1/n_pkey.c index ffe7928d7d..82a621224b 100644 --- a/crypto/asn1/n_pkey.c +++ b/crypto/asn1/n_pkey.c @@ -92,7 +92,7 @@ ASN1_BROKEN_SEQUENCE(NETSCAPE_ENCRYPTED_PKEY) = { ASN1_SIMPLE(NETSCAPE_ENCRYPTED_PKEY, enckey, X509_SIG) } ASN1_BROKEN_SEQUENCE_END(NETSCAPE_ENCRYPTED_PKEY); -IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_ENCRYPTED_PKEY) +IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY) ASN1_SEQUENCE(NETSCAPE_PKEY) = { ASN1_SIMPLE(NETSCAPE_PKEY, version, LONG), @@ -100,17 +100,17 @@ ASN1_SEQUENCE(NETSCAPE_PKEY) = { ASN1_SIMPLE(NETSCAPE_PKEY, private_key, ASN1_OCTET_STRING) } ASN1_SEQUENCE_END(NETSCAPE_PKEY); -IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_PKEY) +IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_PKEY) static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, int (*cb)(), int sgckey); -int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)()) +int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, int (*cb)()) { return i2d_RSA_NET(a, pp, cb, 0); } -int i2d_RSA_NET(RSA *a, unsigned char **pp, int (*cb)(), int sgckey) +int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey) { int i, j, ret = 0; int rsalen, pkeylen, olen; @@ -223,15 +223,15 @@ err: } -RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)()) +RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int (*cb)()) { return d2i_RSA_NET(a, pp, length, cb, 0); } -RSA *d2i_RSA_NET(RSA **a, unsigned char **pp, long length, int (*cb)(), int sgckey) +RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), int sgckey) { RSA *ret=NULL; - unsigned char *p, *kp; + const unsigned char *p, *kp; NETSCAPE_ENCRYPTED_PKEY *enckey = NULL; p = *pp; @@ -273,7 +273,8 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, NETSCAPE_PKEY *pkey=NULL; RSA *ret=NULL; int i,j; - unsigned char buf[256],*zz; + unsigned char buf[256]; + const unsigned char *zz; unsigned char key[EVP_MAX_KEY_LENGTH]; EVP_CIPHER_CTX ctx; diff --git a/crypto/asn1/t_pkey.c b/crypto/asn1/t_pkey.c index ae18da96e3..62bc704d32 100644 --- a/crypto/asn1/t_pkey.c +++ b/crypto/asn1/t_pkey.c @@ -74,7 +74,7 @@ static int print(BIO *fp,const char *str,BIGNUM *num, unsigned char *buf,int off); #ifndef NO_RSA #ifndef NO_FP_API -int RSA_print_fp(FILE *fp, RSA *x, int off) +int RSA_print_fp(FILE *fp, const RSA *x, int off) { BIO *b; int ret; @@ -91,7 +91,7 @@ int RSA_print_fp(FILE *fp, RSA *x, int off) } #endif -int RSA_print(BIO *bp, RSA *x, int off) +int RSA_print(BIO *bp, const RSA *x, int off) { char str[128]; const char *s; @@ -140,7 +140,7 @@ err: #ifndef NO_DSA #ifndef NO_FP_API -int DSA_print_fp(FILE *fp, DSA *x, int off) +int DSA_print_fp(FILE *fp, const DSA *x, int off) { BIO *b; int ret; @@ -157,7 +157,7 @@ int DSA_print_fp(FILE *fp, DSA *x, int off) } #endif -int DSA_print(BIO *bp, DSA *x, int off) +int DSA_print(BIO *bp, const DSA *x, int off) { char str[128]; unsigned char *m=NULL; @@ -261,7 +261,7 @@ static int print(BIO *bp, const char *number, BIGNUM *num, unsigned char *buf, #ifndef NO_DH #ifndef NO_FP_API -int DHparams_print_fp(FILE *fp, DH *x) +int DHparams_print_fp(FILE *fp, const DH *x) { BIO *b; int ret; @@ -278,7 +278,7 @@ int DHparams_print_fp(FILE *fp, DH *x) } #endif -int DHparams_print(BIO *bp, DH *x) +int DHparams_print(BIO *bp, const DH *x) { unsigned char *m=NULL; int reason=ERR_R_BUF_LIB,i,ret=0; @@ -314,7 +314,7 @@ err: #ifndef NO_DSA #ifndef NO_FP_API -int DSAparams_print_fp(FILE *fp, DSA *x) +int DSAparams_print_fp(FILE *fp, const DSA *x) { BIO *b; int ret; @@ -331,7 +331,7 @@ int DSAparams_print_fp(FILE *fp, DSA *x) } #endif -int DSAparams_print(BIO *bp, DSA *x) +int DSAparams_print(BIO *bp, const DSA *x) { unsigned char *m=NULL; int reason=ERR_R_BUF_LIB,i,ret=0; diff --git a/crypto/asn1/t_x509.c b/crypto/asn1/t_x509.c index f2979bf5a7..823c20860c 100644 --- a/crypto/asn1/t_x509.c +++ b/crypto/asn1/t_x509.c @@ -282,6 +282,56 @@ err: return(ret); } +int X509_ocspid_print (BIO *bp, X509 *x) + { + unsigned char *der=NULL ; + unsigned char *dertmp; + int derlen; + int i; + SHA_CTX SHA1buf ; + unsigned char SHA1md[SHA_DIGEST_LENGTH]; + + /* display the hash of the subject as it would appear + in OCSP requests */ + if (BIO_printf(bp," Subject OCSP hash: ") <= 0) + goto err; + derlen = i2d_X509_NAME(x->cert_info->subject, NULL); + if ((der = dertmp = (unsigned char *)OPENSSL_malloc (derlen)) == NULL) + goto err; + i2d_X509_NAME(x->cert_info->subject, &dertmp); + + SHA1_Init(&SHA1buf); + SHA1_Update(&SHA1buf, der, derlen); + SHA1_Final(SHA1md,&SHA1buf); + for (i=0; i < SHA_DIGEST_LENGTH; i++) + { + if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) goto err; + } + OPENSSL_free (der); + der=NULL; + + /* display the hash of the public key as it would appear + in OCSP requests */ + if (BIO_printf(bp,"\n Public key OCSP hash: ") <= 0) + goto err; + + SHA1_Init(&SHA1buf); + SHA1_Update(&SHA1buf, x->cert_info->key->public_key->data, + x->cert_info->key->public_key->length); + SHA1_Final(SHA1md,&SHA1buf); + for (i=0; i < SHA_DIGEST_LENGTH; i++) + { + if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) + goto err; + } + BIO_printf(bp,"\n"); + + return (1); +err: + if (der != NULL) OPENSSL_free(der); + return(0); + } + int ASN1_STRING_print(BIO *bp, ASN1_STRING *v) { int i,n; diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c index cd5144d3d1..8cef2cfb17 100644 --- a/crypto/asn1/x_pubkey.c +++ b/crypto/asn1/x_pubkey.c @@ -169,6 +169,7 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) long j; int type; unsigned char *p; + const unsigned char *cp; #ifndef NO_DSA X509_ALGOR *a; #endif @@ -200,9 +201,9 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) if (a->parameter->type == V_ASN1_SEQUENCE) { ret->pkey.dsa->write_params=0; - p=a->parameter->value.sequence->data; + cp=p=a->parameter->value.sequence->data; j=a->parameter->value.sequence->length; - if (!d2i_DSAparams(&ret->pkey.dsa,&p,(long)j)) + if (!d2i_DSAparams(&ret->pkey.dsa,&cp,(long)j)) goto err; } ret->save_parameters=1; diff --git a/crypto/bio/Makefile.ssl b/crypto/bio/Makefile.ssl index 4ca495d281..9a69e3af45 100644 --- a/crypto/bio/Makefile.ssl +++ b/crypto/bio/Makefile.ssl @@ -123,7 +123,7 @@ bf_buff.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h bf_buff.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h bf_buff.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h bf_buff.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -bf_buff.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +bf_buff.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h bf_buff.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h bf_buff.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h bf_buff.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -142,11 +142,11 @@ bf_nbio.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h bf_nbio.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h bf_nbio.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h bf_nbio.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -bf_nbio.o: ../../include/openssl/rijndael-alg-fst.h -bf_nbio.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -bf_nbio.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -bf_nbio.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -bf_nbio.o: ../../include/openssl/symhacks.h ../cryptlib.h +bf_nbio.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +bf_nbio.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +bf_nbio.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +bf_nbio.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +bf_nbio.o: ../cryptlib.h bf_null.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h bf_null.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h bf_null.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -160,7 +160,7 @@ bf_null.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h bf_null.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h bf_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h bf_null.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -bf_null.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +bf_null.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h bf_null.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h bf_null.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h bf_null.o: ../../include/openssl/sha.h ../../include/openssl/stack.h diff --git a/crypto/bn/Makefile.ssl b/crypto/bn/Makefile.ssl index ad36267e26..dd5c35bf64 100644 --- a/crypto/bn/Makefile.ssl +++ b/crypto/bn/Makefile.ssl @@ -35,15 +35,15 @@ TEST=bntest.c exptest.c APPS= LIB=$(TOP)/libcrypto.a -LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c \ +LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \ bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \ - bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c bn_recp.c bn_mont.c \ - bn_mpi.c bn_exp2.c + bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \ + bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c -LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o \ +LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \ bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \ - bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) bn_recp.o bn_mont.o \ - bn_mpi.o bn_exp2.o + bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \ + bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o SRC= $(LIBSRC) @@ -230,6 +230,8 @@ bn_gcd.o: ../../include/openssl/err.h ../../include/openssl/lhash.h bn_gcd.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h bn_gcd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h bn_gcd.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h +bn_kron.o: ../../include/openssl/bn.h ../../include/openssl/opensslconf.h +bn_kron.o: bn_lcl.h bn_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h bn_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_lib.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h @@ -237,6 +239,13 @@ bn_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h bn_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h bn_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h bn_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h +bn_mod.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +bn_mod.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +bn_mod.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +bn_mod.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +bn_mod.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +bn_mod.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_mod.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mont.o: ../../include/openssl/bio.h ../../include/openssl/bn.h bn_mont.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_mont.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h @@ -304,6 +313,13 @@ bn_sqr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h bn_sqr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h bn_sqr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h bn_sqr.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h +bn_sqrt.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +bn_sqrt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +bn_sqrt.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +bn_sqrt.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +bn_sqrt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +bn_sqrt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_sqrt.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_word.o: ../../include/openssl/bio.h ../../include/openssl/bn.h bn_word.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_word.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h diff --git a/crypto/bn/asm/vms.mar b/crypto/bn/asm/vms.mar index ac9d57d7b0..754ab5347a 100644 --- a/crypto/bn/asm/vms.mar +++ b/crypto/bn/asm/vms.mar @@ -162,442 +162,236 @@ n=12 ;(AP) n by value (input) movl #1,r0 ; return SS$_NORMAL ret - .title (generated) - - .psect code,nowrt - -.entry BN_DIV_WORDS,^m<r2,r3,r4,r5,r6,r7,r8,r9,r10> - subl2 #4,sp - - clrl r9 - movl #2,r8 - - tstl 12(ap) - bneq noname.2 - mnegl #1,r10 - brw noname.3 - tstl r0 - nop -noname.2: - - pushl 12(ap) - calls #1,BN_NUM_BITS_WORD - movl r0,r7 - - cmpl r7,#32 - beql noname.4 - ashl r7,#1,r2 - cmpl 4(ap),r2 - blequ noname.4 - - pushl r7 - calls #1,BN_DIV_WORDS_ABORT -noname.4: - - subl3 r7,#32,r7 - - movl 12(ap),r2 - cmpl 4(ap),r2 - blssu noname.5 - subl2 r2,4(ap) -noname.5: - - tstl r7 - beql noname.6 - - ashl r7,r2,12(ap) - - ashl r7,4(ap),r4 - subl3 r7,#32,r3 - subl3 r3,#32,r2 - extzv r3,r2,8(ap),r2 - bisl3 r4,r2,4(ap) - - ashl r7,8(ap),8(ap) -noname.6: - - bicl3 #65535,12(ap),r2 - extzv #16,#16,r2,r5 - - bicl3 #-65536,12(ap),r6 - -noname.7: - - moval 4(ap),r2 - movzwl 2(r2),r0 - cmpl r0,r5 - bneq noname.8 - - movzwl #65535,r4 - brb noname.9 -noname.8: - - clrl r1 - movl (r2),r0 - movl r5,r2 - bgeq vcg.1 - cmpl r2,r0 - bgtru vcg.2 - incl r1 - brb vcg.2 - nop -vcg.1: - ediv r2,r0,r1,r0 -vcg.2: - movl r1,r4 -noname.9: - -noname.10: - - mull3 r5,r4,r0 - subl3 r0,4(ap),r3 - - bicl3 #65535,r3,r0 - bneq noname.13 - mull3 r6,r4,r2 - ashl #16,r3,r1 - bicl3 #65535,8(ap),r0 - extzv #16,#16,r0,r0 - addl2 r0,r1 - cmpl r2,r1 - bgtru noname.12 -noname.11: - - brb noname.13 - nop -noname.12: - - decl r4 - brb noname.10 -noname.13: - - mull3 r5,r4,r1 - - mull3 r6,r4,r0 - - extzv #16,#16,r0,r3 - - ashl #16,r0,r2 - bicl3 #65535,r2,r0 - - addl2 r3,r1 - - moval 8(ap),r3 - cmpl (r3),r0 - bgequ noname.15 - incl r1 -noname.15: - - subl2 r0,(r3) - - cmpl 4(ap),r1 - bgequ noname.16 - - addl2 12(ap),4(ap) - - decl r4 -noname.16: + .title vax_bn_div_words unsigned divide +; +; Richard Levitte 20-Nov-2000 +; +; ULONG bn_div_words(ULONG h, ULONG l, ULONG d) +; { +; return ((ULONG)((((ULLONG)h)<<32)|l) / (ULLONG)d); +; } +; +; Using EDIV would be very easy, if it didn't do signed calculations. +; Therefore, som extra things have to happen around it. The way to +; handle that is to shift all operands right one step (basically dividing +; them by 2) and handle the different cases depending on what the lowest +; bit of each operand was. +; +; To start with, let's define the following: +; +; a' = l & 1 +; a2 = <h,l> >> 1 # UNSIGNED shift! +; b' = d & 1 +; b2 = d >> 1 # UNSIGNED shift! +; +; Now, use EDIV to calculate a quotient and a remainder: +; +; q'' = a2/b2 +; r'' = a2 - q''*b2 +; +; If b' is 0, the quotient is already correct, we just need to adjust the +; remainder: +; +; if (b' == 0) +; { +; r = 2*r'' + a' +; q = q'' +; } +; +; If b' is 1, we need to do other adjustements. The first thought is the +; following (note that r' will not always have the right value, but an +; adjustement follows further down): +; +; if (b' == 1) +; { +; q' = q'' +; r' = a - q'*b +; +; However, one can note the folowing relationship: +; +; r'' = a2 - q''*b2 +; => 2*r'' = 2*a2 - 2*q''*b2 +; = { a = 2*a2 + a', b = 2*b2 + b' = 2*b2 + 1, +; q' = q'' } +; = a - a' - q'*(b - 1) +; = a - q'*b - a' + q' +; = r' - a' + q' +; => r' = 2*r'' - q' + a' +; +; This enables us to use r'' instead of discarding and calculating another +; modulo: +; +; if (b' == 1) +; { +; q' = q'' +; r' = (r'' << 1) - q' + a' +; +; Now, all we have to do is adjust r', because it might be < 0: +; +; while (r' < 0) +; { +; r' = r' + b +; q' = q' - 1 +; } +; } +; +; return q' - subl2 r1,4(ap) +h=4 ;(AP) h by value (input) +l=8 ;(AP) l by value (input) +d=12 ;(AP) d by value (input) - decl r8 - beql noname.18 -noname.17: +;aprim=r5 +;a2=r6 +;a20=r6 +;a21=r7 +;bprim=r8 +;b2=r9 +;qprim=r10 ; initially used as q'' +;rprim=r11 ; initially used as r'' - ashl #16,r4,r9 - ashl #16,4(ap),r2 - movzwl 2(r3),r0 - bisl2 r0,r2 - bicl3 #0,r2,4(ap) + .psect code,nowrt - bicl3 #-65536,(r3),r0 - ashl #16,r0,(r3) - brw noname.7 - nop -noname.18: +.entry bn_div_words,^m<r2,r3,r4,r5,r6,r7,r8,r9,r10,r11> + movl l(ap),r2 + movl h(ap),r3 + movl d(ap),r4 - bisl2 r4,r9 + movl #0,r5 + movl #0,r8 + movl #0,r0 - movl r9,r10 + rotl #-1,r2,r6 ; a20 = l >> 1 (almost) + rotl #-1,r3,r7 ; a21 = h >> 1 (almost) + rotl #-1,r4,r9 ; b2 = d >> 1 (almost) -noname.3: + tstl r6 + bgeq 1$ + xorl2 #^X80000000,r6 ; fixup a20 so highest bit is 0 + incl r5 ; a' = 1 +1$: + tstl r7 + bgeq 2$ + xorl2 #^X80000000,r6 ; fixup a20 so highest bit is 1, + ; since that's what was lowest in a21 + xorl2 #^X80000000,r7 ; fixup a21 so highest bit is 1 +2$: + tstl r9 + bgeq 666$ ; Uh-oh, the divisor is 0... + bgtr 3$ + xorl2 #^X80000000,r9 ; fixup b2 so highest bit is 1 + incl r8 +3$: + tstl r9 + bneq 4$ ; if b2 is 0, we know that bprim is 1 + tstl r7 + bneq 666$ ; if higher half isn't 0, we overflow + movl r0,r6 ; otherwise, we have our result + brb 42$ +4$: + ediv r9,r6,r10,r11 + + tstl r8 + bneq 5$ ; If b' != 0, go to the other part +; addl3 r11,r11,r1 +; addl2 r5,r1 + brb 42$ +5$: + ashl #1,r11,r11 + subl2 r10,r11 + addl2 r5,r11 + bgeq 7$ +6$: + decl r10 + addl2 r4,r11 + blss 6$ +7$: +; movl r11,r1 +42$: movl r10,r0 - ret - tstl r0 - +666$: + ret - .psect code,nowrt - -.entry BN_ADD_WORDS,^m<r2,r3,r4,r5,r6,r7> - - tstl 16(ap) - bgtr noname.21 - clrl r7 - brw noname.22 -noname.21: - - clrl r4 - - tstl r0 -noname.23: - - movl 8(ap),r6 - addl3 r4,(r6),r2 - - bicl2 #0,r2 - - clrl r0 - cmpl r2,r4 - bgequ vcg.3 - incl r0 -vcg.3: - movl r0,r4 - - movl 12(ap),r5 - addl3 (r5),r2,r1 - bicl2 #0,r1 - - clrl r0 - cmpl r1,r2 - bgequ vcg.4 - incl r0 -vcg.4: - addl2 r0,r4 - - movl 4(ap),r3 - movl r1,(r3) - - decl 16(ap) - bgtr gen.1 - brw noname.25 -gen.1: -noname.24: - - addl3 r4,4(r6),r2 - - bicl2 #0,r2 - - clrl r0 - cmpl r2,r4 - bgequ vcg.5 - incl r0 -vcg.5: - movl r0,r4 - - addl3 4(r5),r2,r1 - bicl2 #0,r1 - - clrl r0 - cmpl r1,r2 - bgequ vcg.6 - incl r0 -vcg.6: - addl2 r0,r4 - - movl r1,4(r3) - - decl 16(ap) - bleq noname.25 -noname.26: - - addl3 r4,8(r6),r2 - - bicl2 #0,r2 - - clrl r0 - cmpl r2,r4 - bgequ vcg.7 - incl r0 -vcg.7: - movl r0,r4 - - addl3 8(r5),r2,r1 - bicl2 #0,r1 - - clrl r0 - cmpl r1,r2 - bgequ vcg.8 - incl r0 -vcg.8: - addl2 r0,r4 - - movl r1,8(r3) - - decl 16(ap) - bleq noname.25 -noname.27: - - addl3 r4,12(r6),r2 - - bicl2 #0,r2 - - clrl r0 - cmpl r2,r4 - bgequ vcg.9 - incl r0 -vcg.9: - movl r0,r4 - - addl3 12(r5),r2,r1 - bicl2 #0,r1 - - clrl r0 - cmpl r1,r2 - bgequ vcg.10 - incl r0 -vcg.10: - addl2 r0,r4 + .title vax_bn_add_words unsigned add of two arrays +; +; Richard Levitte 20-Nov-2000 +; +; ULONG bn_add_words(ULONG r[], ULONG a[], ULONG b[], int n) { +; ULONG c = 0; +; int i; +; for (i = 0; i < n; i++) <c,r[i]> = a[i] + b[i] + c; +; return(c); +; } - movl r1,12(r3) +r=4 ;(AP) r by reference (output) +a=8 ;(AP) a by reference (input) +b=12 ;(AP) b by reference (input) +n=16 ;(AP) n by value (input) - decl 16(ap) - bleq noname.25 -noname.28: - addl3 #16,r6,8(ap) + .psect code,nowrt - addl3 #16,r5,12(ap) +.entry bn_add_words,^m<r2,r3,r4,r5,r6> - addl3 #16,r3,4(ap) - brw noname.23 - tstl r0 -noname.25: + moval @r(ap),r2 + moval @a(ap),r3 + moval @b(ap),r4 + movl n(ap),r5 ; assumed >0 by C code + clrl r0 ; c - movl r4,r7 + tstl r5 ; carry = 0 + bleq 666$ -noname.22: - movl r7,r0 - ret - nop +0$: + movl (r3)+,r6 ; carry untouched + adwc (r4)+,r6 ; carry used and touched + movl r6,(r2)+ ; carry untouched + sobgtr r5,0$ ; carry untouched + adwc #0,r0 +666$: + ret + .title vax_bn_sub_words unsigned add of two arrays +; +; Richard Levitte 20-Nov-2000 +; +; ULONG bn_sub_words(ULONG r[], ULONG a[], ULONG b[], int n) { +; ULONG c = 0; +; int i; +; for (i = 0; i < n; i++) <c,r[i]> = a[i] - b[i] - c; +; return(c); +; } -;r=4 ;(AP) -;a=8 ;(AP) -;b=12 ;(AP) -;n=16 ;(AP) n by value (input) +r=4 ;(AP) r by reference (output) +a=8 ;(AP) a by reference (input) +b=12 ;(AP) b by reference (input) +n=16 ;(AP) n by value (input) - .psect code,nowrt -.entry BN_SUB_WORDS,^m<r2,r3,r4,r5,r6,r7> + .psect code,nowrt - clrl r6 +.entry bn_sub_words,^m<r2,r3,r4,r5,r6> - tstl 16(ap) - bgtr noname.31 - clrl r7 - brw noname.32 - tstl r0 -noname.31: + moval @r(ap),r2 + moval @a(ap),r3 + moval @b(ap),r4 + movl n(ap),r5 ; assumed >0 by C code + clrl r0 ; c -noname.33: + tstl r5 ; carry = 0 + bleq 666$ - movl 8(ap),r5 - movl (r5),r1 - movl 12(ap),r4 - movl (r4),r2 - - movl 4(ap),r3 - subl3 r2,r1,r0 - subl2 r6,r0 - bicl3 #0,r0,(r3) - - cmpl r1,r2 - beql noname.34 - clrl r0 - cmpl r1,r2 - bgequ vcg.11 - incl r0 -vcg.11: - movl r0,r6 -noname.34: - - decl 16(ap) - bgtr gen.2 - brw noname.36 -gen.2: -noname.35: - - movl 4(r5),r2 - movl 4(r4),r1 - - subl3 r1,r2,r0 - subl2 r6,r0 - bicl3 #0,r0,4(r3) - - cmpl r2,r1 - beql noname.37 - clrl r0 - cmpl r2,r1 - bgequ vcg.12 - incl r0 -vcg.12: - movl r0,r6 -noname.37: - - decl 16(ap) - bleq noname.36 -noname.38: - - movl 8(r5),r1 - movl 8(r4),r2 - - subl3 r2,r1,r0 - subl2 r6,r0 - bicl3 #0,r0,8(r3) - - cmpl r1,r2 - beql noname.39 - clrl r0 - cmpl r1,r2 - bgequ vcg.13 - incl r0 -vcg.13: - movl r0,r6 -noname.39: - - decl 16(ap) - bleq noname.36 -noname.40: - - movl 12(r5),r1 - movl 12(r4),r2 - - subl3 r2,r1,r0 - subl2 r6,r0 - bicl3 #0,r0,12(r3) - - cmpl r1,r2 - beql noname.41 - clrl r0 - cmpl r1,r2 - bgequ vcg.14 - incl r0 -vcg.14: - movl r0,r6 -noname.41: - - decl 16(ap) - bleq noname.36 -noname.42: - - addl3 #16,r5,8(ap) - - addl3 #16,r4,12(ap) - - addl3 #16,r3,4(ap) - brw noname.33 - tstl r0 -noname.36: - - movl r6,r7 - -noname.32: - movl r7,r0 - ret - nop +0$: + movl (r3)+,r6 ; carry untouched + sbwc (r4)+,r6 ; carry used and touched + movl r6,(r2)+ ; carry untouched + sobgtr r5,0$ ; carry untouched + adwc #0,r0 +666$: + ret ;r=4 ;(AP) @@ -6615,81 +6409,3 @@ noname.610: ; For now, the code below doesn't work, so I end this prematurely. .end - - .title vax_bn_div64 division 64/32=>32 -; -; r.l. 16-jan-1998 -; -; unsigned int bn_div64(unsigned long h, unsigned long l, unsigned long d) -; return <h,l>/d; -; - - .psect code,nowrt - -h=4 ;(AP) by value (input) -l=8 ;(AP) by value (input) -d=12 ;(AP) by value (input) - -.entry bn_div64,^m<r2,r3,r4,r5,r6,r7,r8,r9> - - movl l(ap),r2 ; l - movl h(ap),r3 ; h - movl d(ap),r4 ; d - clrl r5 ; q - clrl r6 ; r - - ; Treat "negative" specially - tstl r3 - blss 30$ - - tstl r4 - beql 90$ - - ediv r4,r2,r5,r6 - bvs 666$ - - movl r5,r0 - ret - -30$: - ; The theory here is to do some harmless shifting and a little - ; bit of rounding (brackets are to designate when decimals are - ; cut off): - ; - ; result = 2 * [ ([<h,0>/2] + [d/2]) / d ] + [ l / d ] - - movl #0,r7 - movl r3,r8 ; copy h - ashq #-1,r7,r7 ; [<h,0>/2] => <r8,r7> - bicl2 #^X80000000,r8 ; Remove "sign" - - movl r4,r9 ; copy d - ashl #-1,r9,r9 ; [d/2] => r9 - bicl2 #^X80000000,r9 ; Remove "sign" - - addl2 r9,r7 - adwc #0,r8 ; [<h,0>/2] + [d/2] => <r8,r7> - - ediv r4,r7,r5,r6 ; [ ([<h,0>/2] + [d/2]) / d ] => <r5,r6> - bvs 666$ - - movl #0,r6 - ashq #1,r5,r5 ; 2 * [ ([<h,0>/2] + [d/2]) / d ] => r5 - - movl #0,r3 - ediv r4,r2,r8,r9 ; [ l / d ] => <r8,r9> - - addl2 r8,r5 ; - bcs 666$ - - movl r5,r0 - ret - -90$: - movl #-1,r0 - ret - -666$: - - -.end diff --git a/crypto/bn/bn.h b/crypto/bn/bn.h index 1eb8395b25..47e355ea9d 100644 --- a/crypto/bn/bn.h +++ b/crypto/bn/bn.h @@ -75,8 +75,6 @@ extern "C" { #define BN_MUL_COMBA #define BN_SQR_COMBA #define BN_RECURSION -#define RECP_MUL_MOD -#define MONT_MUL_MOD /* This next option uses the C libraries (2 word)/(1 word) function. * If it is not defined, I use my C version (which is slower). @@ -90,6 +88,7 @@ extern "C" { * be on. Again this in only really a problem on machines * using "long long's", are 32bit, and are not using my assembler code. */ #if defined(MSDOS) || defined(WINDOWS) || defined(WIN32) || defined(linux) +#undef BN_DIV2W #define BN_DIV2W #endif @@ -239,7 +238,7 @@ typedef struct bignum_st } BIGNUM; /* Used for temp variables */ -#define BN_CTX_NUM 12 +#define BN_CTX_NUM 20 #define BN_CTX_NUM_POS 12 typedef struct bignum_ctx { @@ -283,9 +282,6 @@ typedef struct bn_recp_ctx_st int flags; } BN_RECP_CTX; -#define BN_to_montgomery(r,a,mont,ctx) BN_mod_mul_montgomery(\ - r,a,&((mont)->RR),(mont),ctx) - #define BN_prime_checks 0 /* default: select number of iterations based on the size of the number */ @@ -308,10 +304,15 @@ typedef struct bn_recp_ctx_st /* b >= 100 */ 27) #define BN_num_bytes(a) ((BN_num_bits(a)+7)/8) -#define BN_is_word(a,w) (((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w))) -#define BN_is_zero(a) (((a)->top == 0) || BN_is_word(a,0)) -#define BN_is_one(a) (BN_is_word((a),1)) -#define BN_is_odd(a) (((a)->top > 0) && ((a)->d[0] & 1)) + +/* Note that BN_abs_is_word does not work reliably for w == 0 */ +#define BN_abs_is_word(a,w) (((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w))) +#define BN_is_zero(a) (((a)->top == 0) || BN_abs_is_word(a,0)) +#define BN_is_one(a) (BN_abs_is_word((a),1) && !(a)->neg) +#define BN_is_word(a,w) ((w) ? BN_abs_is_word((a),(w)) && !(a)->neg : \ + BN_is_zero((a))) +#define BN_is_odd(a) (((a)->top > 0) && ((a)->d[0] & 1)) + #define BN_one(a) (BN_set_word((a),1)) #define BN_zero(a) (BN_set_word((a),0)) @@ -334,44 +335,62 @@ BIGNUM *BN_new(void); void BN_init(BIGNUM *); void BN_clear_free(BIGNUM *a); BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b); +void BN_swap(BIGNUM *a, BIGNUM *b); BIGNUM *BN_bin2bn(const unsigned char *s,int len,BIGNUM *ret); int BN_bn2bin(const BIGNUM *a, unsigned char *to); -BIGNUM *BN_mpi2bn(unsigned char *s,int len,BIGNUM *ret); +BIGNUM *BN_mpi2bn(const unsigned char *s,int len,BIGNUM *ret); int BN_bn2mpi(const BIGNUM *a, unsigned char *to); int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); -int BN_mod(BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx); +int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); +int BN_sqr(BIGNUM *r, const BIGNUM *a,BN_CTX *ctx); + int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, - BN_CTX *ctx); -int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx); -int BN_sqr(BIGNUM *r, BIGNUM *a,BN_CTX *ctx); + BN_CTX *ctx); +#define BN_mod(rem,m,d,ctx) BN_div(NULL,(rem),(m),(d),(ctx)) +int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx); +int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); +int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m); +int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); +int BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m); +int BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, + const BIGNUM *m, BN_CTX *ctx); +int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); +int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); +int BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m); +int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m, BN_CTX *ctx); +int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m); + BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w); BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w); int BN_mul_word(BIGNUM *a, BN_ULONG w); int BN_add_word(BIGNUM *a, BN_ULONG w); int BN_sub_word(BIGNUM *a, BN_ULONG w); int BN_set_word(BIGNUM *a, BN_ULONG w); -BN_ULONG BN_get_word(BIGNUM *a); +BN_ULONG BN_get_word(const BIGNUM *a); + int BN_cmp(const BIGNUM *a, const BIGNUM *b); void BN_free(BIGNUM *a); int BN_is_bit_set(const BIGNUM *a, int n); int BN_lshift(BIGNUM *r, const BIGNUM *a, int n); -int BN_lshift1(BIGNUM *r, BIGNUM *a); -int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p,BN_CTX *ctx); -int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m,BN_CTX *ctx); -int BN_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +int BN_lshift1(BIGNUM *r, const BIGNUM *a); +int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,BN_CTX *ctx); + +int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m,BN_CTX *ctx); +int BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); -int BN_mod_exp2_mont(BIGNUM *r, BIGNUM *a1, BIGNUM *p1,BIGNUM *a2, - BIGNUM *p2,BIGNUM *m,BN_CTX *ctx,BN_MONT_CTX *m_ctx); -int BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p, - BIGNUM *m,BN_CTX *ctx); + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1, + const BIGNUM *a2, const BIGNUM *p2,const BIGNUM *m, + BN_CTX *ctx,BN_MONT_CTX *m_ctx); +int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m,BN_CTX *ctx); + int BN_mask_bits(BIGNUM *a,int n); -int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); #ifndef NO_FP_API int BN_print_fp(FILE *fp, const BIGNUM *a); #endif @@ -380,9 +399,9 @@ int BN_print(BIO *fp, const BIGNUM *a); #else int BN_print(void *fp, const BIGNUM *a); #endif -int BN_reciprocal(BIGNUM *r, BIGNUM *m, int len, BN_CTX *ctx); -int BN_rshift(BIGNUM *r, BIGNUM *a, int n); -int BN_rshift1(BIGNUM *r, BIGNUM *a); +int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx); +int BN_rshift(BIGNUM *r, const BIGNUM *a, int n); +int BN_rshift1(BIGNUM *r, const BIGNUM *a); void BN_clear(BIGNUM *a); BIGNUM *BN_dup(const BIGNUM *a); int BN_ucmp(const BIGNUM *a, const BIGNUM *b); @@ -392,23 +411,31 @@ char * BN_bn2hex(const BIGNUM *a); char * BN_bn2dec(const BIGNUM *a); int BN_hex2bn(BIGNUM **a, const char *str); int BN_dec2bn(BIGNUM **a, const char *str); -int BN_gcd(BIGNUM *r,BIGNUM *in_a,BIGNUM *in_b,BN_CTX *ctx); -BIGNUM *BN_mod_inverse(BIGNUM *ret,BIGNUM *a, const BIGNUM *n,BN_CTX *ctx); -BIGNUM *BN_generate_prime(BIGNUM *ret,int bits,int safe,BIGNUM *add, - BIGNUM *rem,void (*callback)(int,int,void *),void *cb_arg); +int BN_gcd(BIGNUM *r,const BIGNUM *a,const BIGNUM *b,BN_CTX *ctx); +int BN_kronecker(const BIGNUM *a,const BIGNUM *b,BN_CTX *ctx); /* returns -2 for error */ +BIGNUM *BN_mod_inverse(BIGNUM *ret, + const BIGNUM *a, const BIGNUM *n,BN_CTX *ctx); +BIGNUM *BN_mod_sqrt(BIGNUM *ret, + const BIGNUM *a, const BIGNUM *n,BN_CTX *ctx); +BIGNUM *BN_generate_prime(BIGNUM *ret,int bits,int safe, + const BIGNUM *add, const BIGNUM *rem, + void (*callback)(int,int,void *),void *cb_arg); int BN_is_prime(const BIGNUM *p,int nchecks, - void (*callback)(int,int,void *), - BN_CTX *ctx,void *cb_arg); + void (*callback)(int,int,void *), + BN_CTX *ctx,void *cb_arg); int BN_is_prime_fasttest(const BIGNUM *p,int nchecks, - void (*callback)(int,int,void *),BN_CTX *ctx,void *cb_arg, - int do_trial_division); + void (*callback)(int,int,void *),BN_CTX *ctx,void *cb_arg, + int do_trial_division); void ERR_load_BN_strings(void ); BN_MONT_CTX *BN_MONT_CTX_new(void ); void BN_MONT_CTX_init(BN_MONT_CTX *ctx); -int BN_mod_mul_montgomery(BIGNUM *r,BIGNUM *a,BIGNUM *b,BN_MONT_CTX *mont, - BN_CTX *ctx); -int BN_from_montgomery(BIGNUM *r,BIGNUM *a,BN_MONT_CTX *mont,BN_CTX *ctx); +int BN_mod_mul_montgomery(BIGNUM *r,const BIGNUM *a,const BIGNUM *b, + BN_MONT_CTX *mont, BN_CTX *ctx); +#define BN_to_montgomery(r,a,mont,ctx) BN_mod_mul_montgomery(\ + (r),(a),&((mont)->RR),(mont),(ctx)) +int BN_from_montgomery(BIGNUM *r,const BIGNUM *a, + BN_MONT_CTX *mont, BN_CTX *ctx); void BN_MONT_CTX_free(BN_MONT_CTX *mont); int BN_MONT_CTX_set(BN_MONT_CTX *mont,const BIGNUM *modulus,BN_CTX *ctx); BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to,BN_MONT_CTX *from); @@ -426,12 +453,12 @@ void BN_RECP_CTX_init(BN_RECP_CTX *recp); BN_RECP_CTX *BN_RECP_CTX_new(void); void BN_RECP_CTX_free(BN_RECP_CTX *recp); int BN_RECP_CTX_set(BN_RECP_CTX *recp,const BIGNUM *rdiv,BN_CTX *ctx); -int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *x, BIGNUM *y, - BN_RECP_CTX *recp,BN_CTX *ctx); +int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y, + BN_RECP_CTX *recp,BN_CTX *ctx); int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); -int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, - BN_RECP_CTX *recp, BN_CTX *ctx); + const BIGNUM *m, BN_CTX *ctx); +int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, + BN_RECP_CTX *recp, BN_CTX *ctx); /* library internal functions */ @@ -439,6 +466,7 @@ int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, (a):bn_expand2((a),(bits)/BN_BITS2+1)) #define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words))) BIGNUM *bn_expand2(BIGNUM *a, int words); +BIGNUM *bn_dup_expand(const BIGNUM *a, int words); #define bn_fix_top(a) \ { \ @@ -450,15 +478,15 @@ BIGNUM *bn_expand2(BIGNUM *a, int words); } \ } -BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w); -BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w); -void bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num); +BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w); +BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w); +void bn_sqr_words(BN_ULONG *rp, const BN_ULONG *ap, int num); BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d); -BN_ULONG bn_add_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num); -BN_ULONG bn_sub_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num); +BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int num); +BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int num); #ifdef BN_DEBUG - void bn_dump1(FILE *o, const char *a, BN_ULONG *b,int n); +void bn_dump1(FILE *o, const char *a, const BN_ULONG *b,int n); # define bn_print(a) {fprintf(stderr, #a "="); BN_print_fp(stderr,a); \ fprintf(stderr,"\n");} # define bn_dump(a,n) bn_dump1(stderr,#a,a,n); @@ -467,6 +495,8 @@ BN_ULONG bn_sub_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num); # define bn_dump(a,b) #endif +int BN_bntest_rand(BIGNUM *rnd, int bits, int top,int bottom); + /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. @@ -485,11 +515,14 @@ BN_ULONG bn_sub_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num); #define BN_F_BN_CTX_NEW 106 #define BN_F_BN_DIV 107 #define BN_F_BN_EXPAND2 108 +#define BN_F_BN_EXPAND_INTERNAL 120 #define BN_F_BN_MOD_EXP2_MONT 118 #define BN_F_BN_MOD_EXP_MONT 109 #define BN_F_BN_MOD_EXP_MONT_WORD 117 #define BN_F_BN_MOD_INVERSE 110 +#define BN_F_BN_MOD_LSHIFT_QUICK 119 #define BN_F_BN_MOD_MUL_RECIPROCAL 111 +#define BN_F_BN_MOD_SQRT 121 #define BN_F_BN_MPI2BN 112 #define BN_F_BN_NEW 113 #define BN_F_BN_RAND 114 @@ -498,13 +531,18 @@ BN_ULONG bn_sub_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num); /* Reason codes. */ #define BN_R_ARG2_LT_ARG3 100 #define BN_R_BAD_RECIPROCAL 101 +#define BN_R_BIGNUM_TOO_LONG 114 #define BN_R_CALLED_WITH_EVEN_MODULUS 102 #define BN_R_DIV_BY_ZERO 103 #define BN_R_ENCODING_ERROR 104 #define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA 105 +#define BN_R_INPUT_NOT_REDUCED 110 #define BN_R_INVALID_LENGTH 106 +#define BN_R_NOT_A_SQUARE 111 #define BN_R_NOT_INITIALIZED 107 #define BN_R_NO_INVERSE 108 +#define BN_R_P_IS_NOT_PRIME 112 +#define BN_R_TOO_MANY_ITERATIONS 113 #define BN_R_TOO_MANY_TEMPORARY_VARIABLES 109 #ifdef __cplusplus diff --git a/crypto/bn/bn_asm.c b/crypto/bn/bn_asm.c index 44e52a40db..be8aa3ffc5 100644 --- a/crypto/bn/bn_asm.c +++ b/crypto/bn/bn_asm.c @@ -68,7 +68,7 @@ #if defined(BN_LLONG) || defined(BN_UMULT_HIGH) -BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w) +BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w) { BN_ULONG c1=0; @@ -93,7 +93,7 @@ BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w) return(c1); } -BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w) +BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w) { BN_ULONG c1=0; @@ -117,7 +117,7 @@ BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w) return(c1); } -void bn_sqr_words(BN_ULONG *r, BN_ULONG *a, int n) +void bn_sqr_words(BN_ULONG *r, const BN_ULONG *a, int n) { assert(n >= 0); if (n <= 0) return; @@ -139,7 +139,7 @@ void bn_sqr_words(BN_ULONG *r, BN_ULONG *a, int n) #else /* !(defined(BN_LLONG) || defined(BN_UMULT_HIGH)) */ -BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w) +BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w) { BN_ULONG c=0; BN_ULONG bl,bh; @@ -166,7 +166,7 @@ BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w) return(c); } -BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w) +BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w) { BN_ULONG carry=0; BN_ULONG bl,bh; @@ -193,7 +193,7 @@ BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w) return(carry); } -void bn_sqr_words(BN_ULONG *r, BN_ULONG *a, int n) +void bn_sqr_words(BN_ULONG *r, const BN_ULONG *a, int n) { assert(n >= 0); if (n <= 0) return; @@ -296,7 +296,7 @@ BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d) #endif /* !defined(BN_LLONG) && defined(BN_DIV2W) */ #ifdef BN_LLONG -BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n) +BN_ULONG bn_add_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n) { BN_ULLONG ll=0; @@ -332,7 +332,7 @@ BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n) return((BN_ULONG)ll); } #else /* !BN_LLONG */ -BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n) +BN_ULONG bn_add_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n) { BN_ULONG c,l,t; @@ -382,7 +382,7 @@ BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n) } #endif /* !BN_LLONG */ -BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n) +BN_ULONG bn_sub_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n) { BN_ULONG t1,t2; int c=0; @@ -673,7 +673,7 @@ void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b) r[7]=c2; } -void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a) +void bn_sqr_comba8(BN_ULONG *r, const BN_ULONG *a) { #ifdef BN_LLONG BN_ULLONG t,tt; @@ -754,7 +754,7 @@ void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a) r[15]=c1; } -void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a) +void bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a) { #ifdef BN_LLONG BN_ULLONG t,tt; diff --git a/crypto/bn/bn_ctx.c b/crypto/bn/bn_ctx.c index b1a8d7571e..28b334fbd5 100644 --- a/crypto/bn/bn_ctx.c +++ b/crypto/bn/bn_ctx.c @@ -112,8 +112,14 @@ void BN_CTX_start(BN_CTX *ctx) ctx->depth++; } + BIGNUM *BN_CTX_get(BN_CTX *ctx) { + /* Note: If BN_CTX_get is ever changed to allocate BIGNUMs dynamically, + * make sure that if BN_CTX_get fails once it will return NULL again + * until BN_CTX_end is called. (This is so that callers have to check + * only the last return value.) + */ if (ctx->depth > BN_CTX_NUM_POS || ctx->tos >= BN_CTX_NUM) { if (!ctx->too_many) diff --git a/crypto/bn/bn_div.c b/crypto/bn/bn_div.c index c3772c243b..2e600c7c54 100644 --- a/crypto/bn/bn_div.c +++ b/crypto/bn/bn_div.c @@ -61,6 +61,7 @@ #include "cryptlib.h" #include "bn_lcl.h" + /* The old slow way */ #if 0 int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, @@ -152,6 +153,14 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, # endif /* __GNUC__ */ #endif /* NO_ASM */ + +/* BN_div computes dv := num / divisor, rounding towards zero, and sets up + * rm such that dv*divisor + rm = num holds. + * Thus: + * dv->neg == num->neg ^ divisor->neg (unless the result is zero) + * rm->neg == num->neg (unless the remainder is zero) + * If 'dv' or 'rm' is NULL, the respective value is not returned. + */ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, BN_CTX *ctx) { @@ -180,13 +189,13 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, BN_CTX_start(ctx); tmp=BN_CTX_get(ctx); - tmp->neg=0; snum=BN_CTX_get(ctx); sdiv=BN_CTX_get(ctx); if (dv == NULL) res=BN_CTX_get(ctx); else res=dv; - if (res == NULL) goto err; + if (sdiv == NULL || res == NULL) goto err; + tmp->neg=0; /* First we normalise the numbers */ norm_shift=BN_BITS2-((BN_num_bits(divisor))%BN_BITS2); @@ -331,7 +340,8 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, if (rm != NULL) { BN_rshift(rm,snum,norm_shift); - rm->neg=num->neg; + if (!BN_is_zero(rm)) + rm->neg = num->neg; } BN_CTX_end(ctx); return(1); @@ -341,40 +351,3 @@ err: } #endif - -/* rem != m */ -int BN_mod(BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx) - { -#if 0 /* The old slow way */ - int i,nm,nd; - BIGNUM *dv; - - if (BN_ucmp(m,d) < 0) - return((BN_copy(rem,m) == NULL)?0:1); - - BN_CTX_start(ctx); - dv=BN_CTX_get(ctx); - - if (!BN_copy(rem,m)) goto err; - - nm=BN_num_bits(rem); - nd=BN_num_bits(d); - if (!BN_lshift(dv,d,nm-nd)) goto err; - for (i=nm-nd; i>=0; i--) - { - if (BN_cmp(rem,dv) >= 0) - { - if (!BN_sub(rem,rem,dv)) goto err; - } - if (!BN_rshift1(dv,dv)) goto err; - } - BN_CTX_end(ctx); - return(1); - err: - BN_CTX_end(ctx); - return(0); -#else - return(BN_div(NULL,rem,m,d,ctx)); -#endif - } - diff --git a/crypto/bn/bn_err.c b/crypto/bn/bn_err.c index 86550c4c21..d7f0493f47 100644 --- a/crypto/bn/bn_err.c +++ b/crypto/bn/bn_err.c @@ -76,11 +76,14 @@ static ERR_STRING_DATA BN_str_functs[]= {ERR_PACK(0,BN_F_BN_CTX_NEW,0), "BN_CTX_new"}, {ERR_PACK(0,BN_F_BN_DIV,0), "BN_div"}, {ERR_PACK(0,BN_F_BN_EXPAND2,0), "bn_expand2"}, +{ERR_PACK(0,BN_F_BN_EXPAND_INTERNAL,0), "BN_EXPAND_INTERNAL"}, {ERR_PACK(0,BN_F_BN_MOD_EXP2_MONT,0), "BN_mod_exp2_mont"}, {ERR_PACK(0,BN_F_BN_MOD_EXP_MONT,0), "BN_mod_exp_mont"}, {ERR_PACK(0,BN_F_BN_MOD_EXP_MONT_WORD,0), "BN_mod_exp_mont_word"}, {ERR_PACK(0,BN_F_BN_MOD_INVERSE,0), "BN_mod_inverse"}, +{ERR_PACK(0,BN_F_BN_MOD_LSHIFT_QUICK,0), "BN_mod_lshift_quick"}, {ERR_PACK(0,BN_F_BN_MOD_MUL_RECIPROCAL,0), "BN_mod_mul_reciprocal"}, +{ERR_PACK(0,BN_F_BN_MOD_SQRT,0), "BN_mod_sqrt"}, {ERR_PACK(0,BN_F_BN_MPI2BN,0), "BN_mpi2bn"}, {ERR_PACK(0,BN_F_BN_NEW,0), "BN_new"}, {ERR_PACK(0,BN_F_BN_RAND,0), "BN_rand"}, @@ -92,13 +95,18 @@ static ERR_STRING_DATA BN_str_reasons[]= { {BN_R_ARG2_LT_ARG3 ,"arg2 lt arg3"}, {BN_R_BAD_RECIPROCAL ,"bad reciprocal"}, +{BN_R_BIGNUM_TOO_LONG ,"bignum too long"}, {BN_R_CALLED_WITH_EVEN_MODULUS ,"called with even modulus"}, {BN_R_DIV_BY_ZERO ,"div by zero"}, {BN_R_ENCODING_ERROR ,"encoding error"}, {BN_R_EXPAND_ON_STATIC_BIGNUM_DATA ,"expand on static bignum data"}, +{BN_R_INPUT_NOT_REDUCED ,"input not reduced"}, {BN_R_INVALID_LENGTH ,"invalid length"}, +{BN_R_NOT_A_SQUARE ,"not a square"}, {BN_R_NOT_INITIALIZED ,"not initialized"}, {BN_R_NO_INVERSE ,"no inverse"}, +{BN_R_P_IS_NOT_PRIME ,"p is not prime"}, +{BN_R_TOO_MANY_ITERATIONS ,"too many iterations"}, {BN_R_TOO_MANY_TEMPORARY_VARIABLES ,"too many temporary variables"}, {0,NULL} }; diff --git a/crypto/bn/bn_exp.c b/crypto/bn/bn_exp.c index d2c91628ac..1739be6864 100644 --- a/crypto/bn/bn_exp.c +++ b/crypto/bn/bn_exp.c @@ -110,38 +110,13 @@ */ -#include <stdio.h> #include "cryptlib.h" #include "bn_lcl.h" #define TABLE_SIZE 32 -/* slow but works */ -int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m, BN_CTX *ctx) - { - BIGNUM *t; - int r=0; - - bn_check_top(a); - bn_check_top(b); - bn_check_top(m); - - BN_CTX_start(ctx); - if ((t = BN_CTX_get(ctx)) == NULL) goto err; - if (a == b) - { if (!BN_sqr(t,a,ctx)) goto err; } - else - { if (!BN_mul(t,a,b,ctx)) goto err; } - if (!BN_mod(ret,t,m,ctx)) goto err; - r=1; -err: - BN_CTX_end(ctx); - return(r); - } - - /* this one works - simple but works */ -int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx) +int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) { int i,bits,ret=0; BIGNUM *v,*rr; @@ -176,7 +151,7 @@ err: } -int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m, +int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx) { int ret; @@ -185,6 +160,40 @@ int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m, bn_check_top(p); bn_check_top(m); + /* For even modulus m = 2^k*m_odd, it might make sense to compute + * a^p mod m_odd and a^p mod 2^k separately (with Montgomery + * exponentiation for the odd part), using appropriate exponent + * reductions, and combine the results using the CRT. + * + * For now, we use Montgomery only if the modulus is odd; otherwise, + * exponentiation using the reciprocal-based quick remaindering + * algorithm is used. + * + * (Timing obtained with expspeed.c [computations a^p mod m + * where a, p, m are of the same length: 256, 512, 1024, 2048, + * 4096, 8192 bits], compared to the running time of the + * standard algorithm: + * + * BN_mod_exp_mont 33 .. 40 % [AMD K6-2, Linux, debug configuration] + * 55 .. 77 % [UltraSparc processor, but + * debug-solaris-sparcv8-gcc conf.] + * + * BN_mod_exp_recp 50 .. 70 % [AMD K6-2, Linux, debug configuration] + * 62 .. 118 % [UltraSparc, debug-solaris-sparcv8-gcc] + * + * On the Sparc, BN_mod_exp_recp was faster than BN_mod_exp_mont + * at 2048 and more bits, but at 512 and 1024 bits, it was + * slower even than the standard algorithm! + * + * "Real" timings [linux-elf, solaris-sparcv9-gcc configurations] + * should be obtained when the new Montgomery reduction code + * has been integrated into OpenSSL.) + */ + +#define MONT_MUL_MOD +#define MONT_EXP_WORD +#define RECP_MUL_MOD + #ifdef MONT_MUL_MOD /* I have finally been able to take out this pre-condition of * the top bit being set. It was caused by an error in BN_div @@ -194,12 +203,14 @@ int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m, if (BN_is_odd(m)) { - if (a->top == 1) +# ifdef MONT_EXP_WORD + if (a->top == 1 && !a->neg) { BN_ULONG A = a->d[0]; ret=BN_mod_exp_mont_word(r,A,p,m,ctx,NULL); } else +# endif ret=BN_mod_exp_mont(r,a,p,m,ctx,NULL); } else @@ -227,8 +238,8 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, if (bits == 0) { - BN_one(r); - return(1); + ret = BN_one(r); + return ret; } BN_CTX_start(ctx); @@ -240,7 +251,12 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_init(&(val[0])); ts=1; - if (!BN_mod(&(val[0]),a,m,ctx)) goto err; /* 1 */ + if (!BN_nnmod(&(val[0]),a,m,ctx)) goto err; /* 1 */ + if (BN_is_zero(&(val[0]))) + { + ret = BN_zero(r); + goto err; + } window = BN_window_bits_for_exponent_size(bits); if (window > 1) @@ -325,13 +341,13 @@ err: } -int BN_mod_exp_mont(BIGNUM *rr, BIGNUM *a, const BIGNUM *p, +int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) { int i,j,bits,ret=0,wstart,wend,window,wvalue; int start=1,ts=0; BIGNUM *d,*r; - BIGNUM *aa; + const BIGNUM *aa; BIGNUM val[TABLE_SIZE]; BN_MONT_CTX *mont=NULL; @@ -347,9 +363,10 @@ int BN_mod_exp_mont(BIGNUM *rr, BIGNUM *a, const BIGNUM *p, bits=BN_num_bits(p); if (bits == 0) { - BN_one(rr); - return(1); + ret = BN_one(rr); + return ret; } + BN_CTX_start(ctx); d = BN_CTX_get(ctx); r = BN_CTX_get(ctx); @@ -368,14 +385,19 @@ int BN_mod_exp_mont(BIGNUM *rr, BIGNUM *a, const BIGNUM *p, BN_init(&val[0]); ts=1; - if (BN_ucmp(a,m) >= 0) + if (a->neg || BN_ucmp(a,m) >= 0) { - if (!BN_mod(&(val[0]),a,m,ctx)) + if (!BN_nnmod(&(val[0]),a,m,ctx)) goto err; aa= &(val[0]); } else aa=a; + if (BN_is_zero(aa)) + { + ret = BN_zero(rr); + goto err; + } if (!BN_to_montgomery(&(val[0]),aa,mont,ctx)) goto err; /* 1 */ window = BN_window_bits_for_exponent_size(bits); @@ -484,17 +506,26 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, bn_check_top(p); bn_check_top(m); - if (!(m->d[0] & 1)) + if (m->top == 0 || !(m->d[0] & 1)) { BNerr(BN_F_BN_MOD_EXP_MONT_WORD,BN_R_CALLED_WITH_EVEN_MODULUS); return(0); } + if (m->top == 1) + a %= m->d[0]; /* make sure that 'a' is reduced */ + bits = BN_num_bits(p); if (bits == 0) { - BN_one(rr); - return(1); + ret = BN_one(rr); + return ret; + } + if (a == 0) + { + ret = BN_zero(rr); + return ret; } + BN_CTX_start(ctx); d = BN_CTX_get(ctx); r = BN_CTX_get(ctx); @@ -590,8 +621,9 @@ err: /* The old fallback, simple version :-) */ -int BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m, - BN_CTX *ctx) +int BN_mod_exp_simple(BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, + BN_CTX *ctx) { int i,j,bits,ret=0,wstart,wend,window,wvalue,ts=0; int start=1; @@ -602,8 +634,8 @@ int BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m, if (bits == 0) { - BN_one(r); - return(1); + ret = BN_one(r); + return ret; } BN_CTX_start(ctx); @@ -611,7 +643,12 @@ int BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m, BN_init(&(val[0])); ts=1; - if (!BN_mod(&(val[0]),a,m,ctx)) goto err; /* 1 */ + if (!BN_nnmod(&(val[0]),a,m,ctx)) goto err; /* 1 */ + if (BN_is_zero(&(val[0]))) + { + ret = BN_zero(r); + goto err; + } window = BN_window_bits_for_exponent_size(bits); if (window > 1) diff --git a/crypto/bn/bn_exp2.c b/crypto/bn/bn_exp2.c index 29029f4c72..73ccd58a83 100644 --- a/crypto/bn/bn_exp2.c +++ b/crypto/bn/bn_exp2.c @@ -115,13 +115,14 @@ #define TABLE_SIZE 32 -int BN_mod_exp2_mont(BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, BIGNUM *a2, - BIGNUM *p2, BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) +int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1, + const BIGNUM *a2, const BIGNUM *p2, const BIGNUM *m, + BN_CTX *ctx, BN_MONT_CTX *in_mont) { int i,j,bits,b,bits1,bits2,ret=0,wpos1,wpos2,window1,window2,wvalue1,wvalue2; int r_is_one=1,ts1=0,ts2=0; BIGNUM *d,*r; - BIGNUM *a_mod_m; + const BIGNUM *a_mod_m; BIGNUM val1[TABLE_SIZE], val2[TABLE_SIZE]; BN_MONT_CTX *mont=NULL; @@ -140,9 +141,10 @@ int BN_mod_exp2_mont(BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, BIGNUM *a2, bits2=BN_num_bits(p2); if ((bits1 == 0) && (bits2 == 0)) { - BN_one(rr); - return(1); + ret = BN_one(rr); + return ret; } + bits=(bits1 > bits2)?bits1:bits2; BN_CTX_start(ctx); @@ -166,7 +168,7 @@ int BN_mod_exp2_mont(BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, BIGNUM *a2, */ BN_init(&val1[0]); ts1=1; - if (BN_ucmp(a1,m) >= 0) + if (a1->neg || BN_ucmp(a1,m) >= 0) { if (!BN_mod(&(val1[0]),a1,m,ctx)) goto err; @@ -174,6 +176,12 @@ int BN_mod_exp2_mont(BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, BIGNUM *a2, } else a_mod_m = a1; + if (BN_is_zero(a_mod_m)) + { + ret = BN_zero(rr); + goto err; + } + if (!BN_to_montgomery(&(val1[0]),a_mod_m,mont,ctx)) goto err; if (window1 > 1) { @@ -195,7 +203,7 @@ int BN_mod_exp2_mont(BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, BIGNUM *a2, */ BN_init(&val2[0]); ts2=1; - if (BN_ucmp(a2,m) >= 0) + if (a2->neg || BN_ucmp(a2,m) >= 0) { if (!BN_mod(&(val2[0]),a2,m,ctx)) goto err; @@ -203,6 +211,11 @@ int BN_mod_exp2_mont(BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, BIGNUM *a2, } else a_mod_m = a2; + if (BN_is_zero(a_mod_m)) + { + ret = BN_zero(rr); + goto err; + } if (!BN_to_montgomery(&(val2[0]),a_mod_m,mont,ctx)) goto err; if (window2 > 1) { diff --git a/crypto/bn/bn_gcd.c b/crypto/bn/bn_gcd.c index 398207196b..d5caf5136f 100644 --- a/crypto/bn/bn_gcd.c +++ b/crypto/bn/bn_gcd.c @@ -55,14 +55,66 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ +/* ==================================================================== + * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ -#include <stdio.h> #include "cryptlib.h" #include "bn_lcl.h" static BIGNUM *euclid(BIGNUM *a, BIGNUM *b); -int BN_gcd(BIGNUM *r, BIGNUM *in_a, BIGNUM *in_b, BN_CTX *ctx) +int BN_gcd(BIGNUM *r, const BIGNUM *in_a, const BIGNUM *in_b, BN_CTX *ctx) { BIGNUM *a,*b,*t; int ret=0; @@ -77,6 +129,8 @@ int BN_gcd(BIGNUM *r, BIGNUM *in_a, BIGNUM *in_b, BN_CTX *ctx) if (BN_copy(a,in_a) == NULL) goto err; if (BN_copy(b,in_b) == NULL) goto err; + a->neg = 0; + b->neg = 0; if (BN_cmp(a,b) < 0) { t=a; a=b; b=t; } t=euclid(a,b); @@ -97,10 +151,10 @@ static BIGNUM *euclid(BIGNUM *a, BIGNUM *b) bn_check_top(a); bn_check_top(b); - for (;;) + /* 0 <= b <= a */ + while (!BN_is_zero(b)) { - if (BN_is_zero(b)) - break; + /* 0 < b <= a */ if (BN_is_odd(a)) { @@ -133,7 +187,9 @@ static BIGNUM *euclid(BIGNUM *a, BIGNUM *b) shifts++; } } + /* 0 <= b <= a */ } + if (shifts) { if (!BN_lshift(a,a,shifts)) goto err; @@ -143,11 +199,13 @@ err: return(NULL); } + /* solves ax == 1 (mod n) */ -BIGNUM *BN_mod_inverse(BIGNUM *in, BIGNUM *a, const BIGNUM *n, BN_CTX *ctx) +BIGNUM *BN_mod_inverse(BIGNUM *in, + const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx) { - BIGNUM *A,*B,*X,*Y,*M,*D,*R=NULL; - BIGNUM *T,*ret=NULL; + BIGNUM *A,*B,*X,*Y,*M,*D,*T,*R=NULL; + BIGNUM *ret=NULL; int sign; bn_check_top(a); @@ -160,7 +218,8 @@ BIGNUM *BN_mod_inverse(BIGNUM *in, BIGNUM *a, const BIGNUM *n, BN_CTX *ctx) D = BN_CTX_get(ctx); M = BN_CTX_get(ctx); Y = BN_CTX_get(ctx); - if (Y == NULL) goto err; + T = BN_CTX_get(ctx); + if (T == NULL) goto err; if (in == NULL) R=BN_new(); @@ -168,34 +227,166 @@ BIGNUM *BN_mod_inverse(BIGNUM *in, BIGNUM *a, const BIGNUM *n, BN_CTX *ctx) R=in; if (R == NULL) goto err; - BN_zero(X); - BN_one(Y); - if (BN_copy(A,a) == NULL) goto err; - if (BN_copy(B,n) == NULL) goto err; - sign=1; + BN_one(X); + BN_zero(Y); + if (BN_copy(B,a) == NULL) goto err; + if (BN_copy(A,n) == NULL) goto err; + A->neg = 0; + if (B->neg || (BN_ucmp(B, A) >= 0)) + { + if (!BN_nnmod(B, B, A, ctx)) goto err; + } + sign = -1; + /* From B = a mod |n|, A = |n| it follows that + * + * 0 <= B < A, + * sign*X*a == B (mod |n|), + * -sign*Y*a == A (mod |n|). + */ while (!BN_is_zero(B)) { - if (!BN_div(D,M,A,B,ctx)) goto err; - T=A; + BIGNUM *tmp; + + /* + * 0 < B < A, + * (*) sign*X*a == B (mod |n|), + * -sign*Y*a == A (mod |n|) + */ + + /* (D, M) := (A/B, A%B) ... */ + if (BN_num_bits(A) == BN_num_bits(B)) + { + if (!BN_one(D)) goto err; + if (!BN_sub(M,A,B)) goto err; + } + else if (BN_num_bits(A) == BN_num_bits(B) + 1) + { + /* A/B is 1, 2, or 3 */ + if (!BN_lshift1(T,B)) goto err; + if (BN_ucmp(A,T) < 0) + { + /* A < 2*B, so D=1 */ + if (!BN_one(D)) goto err; + if (!BN_sub(M,A,B)) goto err; + } + else + { + /* A >= 2*B, so D=2 or D=3 */ + if (!BN_sub(M,A,T)) goto err; + if (!BN_add(D,T,B)) goto err; /* use D (:= 3*B) as temp */ + if (BN_ucmp(A,D) < 0) + { + /* A < 3*B, so D=2 */ + if (!BN_set_word(D,2)) goto err; + /* M (= A - 2*B) already has the correct value */ + } + else + { + /* only D=3 remains */ + if (!BN_set_word(D,3)) goto err; + /* currently M = A - 2*B, but we need M = A - 3*B */ + if (!BN_sub(M,M,B)) goto err; + } + } + } + else + { + if (!BN_div(D,M,A,B,ctx)) goto err; + } + + /* Now + * A = D*B + M; + * thus we have + * (**) -sign*Y*a == D*B + M (mod |n|). + */ + + tmp=A; /* keep the BIGNUM object, the value does not matter */ + + /* (A, B) := (B, A mod B) ... */ A=B; B=M; - /* T has a struct, M does not */ + /* ... so we have 0 <= B < A again */ + + /* Since the former M is now B and the former B is now A, + * (**) translates into + * -sign*Y*a == D*A + B (mod |n|), + * i.e. + * -sign*Y*a - D*A == B (mod |n|). + * Similarly, (*) translates into + * sign*X*a == A (mod |n|). + * + * Thus, + * -sign*Y*a - D*sign*X*a == B (mod |n|), + * i.e. + * -sign*(Y + D*X)*a == B (mod |n|). + * + * So if we set (X, Y, sign) := (Y + D*X, X, -sign), we arrive back at + * sign*X*a == B (mod |n|), + * -sign*Y*a == A (mod |n|). + * Note that X and Y stay non-negative all the time. + */ - if (!BN_mul(T,D,X,ctx)) goto err; - if (!BN_add(T,T,Y)) goto err; - M=Y; + /* most of the time D is very small, so we can optimize tmp := D*X+Y */ + if (BN_is_one(D)) + { + if (!BN_add(tmp,X,Y)) goto err; + } + else + { + if (BN_is_word(D,2)) + { + if (!BN_lshift1(tmp,X)) goto err; + } + else if (BN_is_word(D,4)) + { + if (!BN_lshift(tmp,X,2)) goto err; + } + else if (D->top == 1) + { + if (!BN_copy(tmp,X)) goto err; + if (!BN_mul_word(tmp,D->d[0])) goto err; + } + else + { + if (!BN_mul(tmp,D,X,ctx)) goto err; + } + if (!BN_add(tmp,tmp,Y)) goto err; + } + + M=Y; /* keep the BIGNUM object, the value does not matter */ Y=X; - X=T; - sign= -sign; + X=tmp; + sign = -sign; } + + /* + * The while loop (Euclid's algorithm) ends when + * A == gcd(a,n); + * we have + * -sign*Y*a == A (mod |n|), + * where Y is non-negative. + */ + if (sign < 0) { if (!BN_sub(Y,n,Y)) goto err; } + /* Now Y*a == A (mod |n|). */ + if (BN_is_one(A)) - { if (!BN_mod(R,Y,n,ctx)) goto err; } + { + /* Y*a == 1 (mod |n|) */ + if (BN_ucmp(Y,n) < 0) + { + if (!BN_copy(R,Y)) goto err; + } + else + { + if (!BN_nnmod(R,Y,n,ctx)) goto err; + } + } else { BNerr(BN_F_BN_MOD_INVERSE,BN_R_NO_INVERSE); @@ -207,4 +398,3 @@ err: BN_CTX_end(ctx); return(ret); } - diff --git a/crypto/bn/bn_lcl.h b/crypto/bn/bn_lcl.h index 9c959921b4..39ad05631a 100644 --- a/crypto/bn/bn_lcl.h +++ b/crypto/bn/bn_lcl.h @@ -398,14 +398,17 @@ extern "C" { void bn_mul_normal(BN_ULONG *r,BN_ULONG *a,int na,BN_ULONG *b,int nb); void bn_mul_comba8(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b); void bn_mul_comba4(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b); -void bn_sqr_normal(BN_ULONG *r, BN_ULONG *a, int n, BN_ULONG *tmp); -void bn_sqr_comba8(BN_ULONG *r,BN_ULONG *a); -void bn_sqr_comba4(BN_ULONG *r,BN_ULONG *a); -int bn_cmp_words(BN_ULONG *a,BN_ULONG *b,int n); -void bn_mul_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2,BN_ULONG *t); +void bn_sqr_normal(BN_ULONG *r, const BN_ULONG *a, int n, BN_ULONG *tmp); +void bn_sqr_comba8(BN_ULONG *r,const BN_ULONG *a); +void bn_sqr_comba4(BN_ULONG *r,const BN_ULONG *a); +int bn_cmp_words(const BN_ULONG *a,const BN_ULONG *b,int n); +int bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b, + int cl, int dl); +void bn_mul_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2, + int dna,int dnb,BN_ULONG *t); void bn_mul_part_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, - int tn, int n,BN_ULONG *t); -void bn_sqr_recursive(BN_ULONG *r,BN_ULONG *a, int n2, BN_ULONG *t); + int n,int tna,int tnb,BN_ULONG *t); +void bn_sqr_recursive(BN_ULONG *r,const BN_ULONG *a, int n2, BN_ULONG *t); void bn_mul_low_normal(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, int n); void bn_mul_low_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2, BN_ULONG *t); diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c index b6b0ce4b3c..e37b85bfc5 100644 --- a/crypto/bn/bn_lib.c +++ b/crypto/bn/bn_lib.c @@ -62,6 +62,7 @@ #endif #include <assert.h> +#include <limits.h> #include <stdio.h> #include "cryptlib.h" #include "bn_lcl.h" @@ -304,166 +305,168 @@ BIGNUM *BN_new(void) return(ret); } -/* This is an internal function that should not be used in applications. - * It ensures that 'b' has enough room for a 'words' word number number. - * It is mostly used by the various BIGNUM routines. If there is an error, - * NULL is returned. If not, 'b' is returned. */ - -BIGNUM *bn_expand2(BIGNUM *b, int words) +/* This is used both by bn_expand2() and bn_dup_expand() */ +/* The caller MUST check that words > b->dmax before calling this */ +static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words) { - BN_ULONG *A,*a; + BN_ULONG *A,*a = NULL; const BN_ULONG *B; int i; - bn_check_top(b); + if (words > (INT_MAX/(4*BN_BITS2))) + { + BNerr(BN_F_BN_EXPAND_INTERNAL,BN_R_BIGNUM_TOO_LONG); + return NULL; + } - if (words > b->dmax) + bn_check_top(b); + if (BN_get_flags(b,BN_FLG_STATIC_DATA)) + { + BNerr(BN_F_BN_EXPAND_INTERNAL,BN_R_EXPAND_ON_STATIC_BIGNUM_DATA); + return(NULL); + } + a=A=(BN_ULONG *)OPENSSL_malloc(sizeof(BN_ULONG)*(words+1)); + if (A == NULL) { - bn_check_top(b); - if (BN_get_flags(b,BN_FLG_STATIC_DATA)) + BNerr(BN_F_BN_EXPAND_INTERNAL,ERR_R_MALLOC_FAILURE); + return(NULL); + } +#if 1 + B=b->d; + /* Check if the previous number needs to be copied */ + if (B != NULL) + { + for (i=b->top>>2; i>0; i--,A+=4,B+=4) { - BNerr(BN_F_BN_EXPAND2,BN_R_EXPAND_ON_STATIC_BIGNUM_DATA); - return(NULL); + /* + * The fact that the loop is unrolled + * 4-wise is a tribute to Intel. It's + * the one that doesn't have enough + * registers to accomodate more data. + * I'd unroll it 8-wise otherwise:-) + * + * <appro@fy.chalmers.se> + */ + BN_ULONG a0,a1,a2,a3; + a0=B[0]; a1=B[1]; a2=B[2]; a3=B[3]; + A[0]=a0; A[1]=a1; A[2]=a2; A[3]=a3; } - a=A=(BN_ULONG *)OPENSSL_malloc(sizeof(BN_ULONG)*(words+1)); - if (A == NULL) + switch (b->top&3) { - BNerr(BN_F_BN_EXPAND2,ERR_R_MALLOC_FAILURE); - return(NULL); + case 3: A[2]=B[2]; + case 2: A[1]=B[1]; + case 1: A[0]=B[0]; + case 0: /* workaround for ultrix cc: without 'case 0', the optimizer does + * the switch table by doing a=top&3; a--; goto jump_table[a]; + * which fails for top== 0 */ + ; } -#if 1 - B=b->d; - /* Check if the previous number needs to be copied */ - if (B != NULL) - { -#if 0 - /* This lot is an unrolled loop to copy b->top - * BN_ULONGs from B to A - */ -/* - * I have nothing against unrolling but it's usually done for - * several reasons, namely: - * - minimize percentage of decision making code, i.e. branches; - * - avoid cache trashing; - * - make it possible to schedule loads earlier; - * Now let's examine the code below. The cornerstone of C is - * "programmer is always right" and that's what we love it for:-) - * For this very reason C compilers have to be paranoid when it - * comes to data aliasing and assume the worst. Yeah, but what - * does it mean in real life? This means that loop body below will - * be compiled to sequence of loads immediately followed by stores - * as compiler assumes the worst, something in A==B+1 style. As a - * result CPU pipeline is going to starve for incoming data. Secondly - * if A and B happen to share same cache line such code is going to - * cause severe cache trashing. Both factors have severe impact on - * performance of modern CPUs and this is the reason why this - * particular piece of code is #ifdefed away and replaced by more - * "friendly" version found in #else section below. This comment - * also applies to BN_copy function. - * - * <appro@fy.chalmers.se> - */ - for (i=b->top&(~7); i>0; i-=8) - { - A[0]=B[0]; A[1]=B[1]; A[2]=B[2]; A[3]=B[3]; - A[4]=B[4]; A[5]=B[5]; A[6]=B[6]; A[7]=B[7]; - A+=8; - B+=8; - } - switch (b->top&7) - { - case 7: - A[6]=B[6]; - case 6: - A[5]=B[5]; - case 5: - A[4]=B[4]; - case 4: - A[3]=B[3]; - case 3: - A[2]=B[2]; - case 2: - A[1]=B[1]; - case 1: - A[0]=B[0]; - case 0: - /* I need the 'case 0' entry for utrix cc. - * If the optimizer is turned on, it does the - * switch table by doing - * a=top&7 - * a--; - * goto jump_table[a]; - * If top is 0, this makes us jump to 0xffffffc - * which is rather bad :-(. - * eric 23-Apr-1998 - */ - ; - } + } + + /* Now need to zero any data between b->top and b->max */ + /* XXX Why? */ + + A= &(a[b->top]); + for (i=(words - b->top)>>3; i>0; i--,A+=8) + { + A[0]=0; A[1]=0; A[2]=0; A[3]=0; + A[4]=0; A[5]=0; A[6]=0; A[7]=0; + } + for (i=(words - b->top)&7; i>0; i--,A++) + A[0]=0; #else - for (i=b->top>>2; i>0; i--,A+=4,B+=4) + memset(A,0,sizeof(BN_ULONG)*(words+1)); + memcpy(A,b->d,sizeof(b->d[0])*b->top); +#endif + + return(a); + } + +/* This is an internal function that can be used instead of bn_expand2() + * when there is a need to copy BIGNUMs instead of only expanding the + * data part, while still expanding them. + * Especially useful when needing to expand BIGNUMs that are declared + * 'const' and should therefore not be changed. + * The reason to use this instead of a BN_dup() followed by a bn_expand2() + * is memory allocation overhead. A BN_dup() followed by a bn_expand2() + * will allocate new memory for the BIGNUM data twice, and free it once, + * while bn_dup_expand() makes sure allocation is made only once. + */ + +BIGNUM *bn_dup_expand(const BIGNUM *b, int words) + { + BIGNUM *r = NULL; + + if (words > b->dmax) + { + BN_ULONG *a = bn_expand_internal(b, words); + + if (a) + { + r = BN_new(); + if (r) { - /* - * The fact that the loop is unrolled - * 4-wise is a tribute to Intel. It's - * the one that doesn't have enough - * registers to accomodate more data. - * I'd unroll it 8-wise otherwise:-) - * - * <appro@fy.chalmers.se> - */ - BN_ULONG a0,a1,a2,a3; - a0=B[0]; a1=B[1]; a2=B[2]; a3=B[3]; - A[0]=a0; A[1]=a1; A[2]=a2; A[3]=a3; + r->top = b->top; + r->dmax = words; + r->neg = b->neg; + r->d = a; } - switch (b->top&3) + else { - case 3: A[2]=B[2]; - case 2: A[1]=B[1]; - case 1: A[0]=B[0]; - case 0: ; /* ultrix cc workaround, see above */ + /* r == NULL, BN_new failure */ + OPENSSL_free(a); } -#endif - OPENSSL_free(b->d); } + /* If a == NULL, there was an error in allocation in + bn_expand_internal(), and NULL should be returned */ + } + else + { + r = BN_dup(b); + } + + return r; + } - b->d=a; - b->dmax=words; +/* This is an internal function that should not be used in applications. + * It ensures that 'b' has enough room for a 'words' word number number. + * It is mostly used by the various BIGNUM routines. If there is an error, + * NULL is returned. If not, 'b' is returned. */ - /* Now need to zero any data between b->top and b->max */ +BIGNUM *bn_expand2(BIGNUM *b, int words) + { + if (words > b->dmax) + { + BN_ULONG *a = bn_expand_internal(b, words); - A= &(b->d[b->top]); - for (i=(b->dmax - b->top)>>3; i>0; i--,A+=8) + if (a) { - A[0]=0; A[1]=0; A[2]=0; A[3]=0; - A[4]=0; A[5]=0; A[6]=0; A[7]=0; - } - for (i=(b->dmax - b->top)&7; i>0; i--,A++) - A[0]=0; -#else - memset(A,0,sizeof(BN_ULONG)*(words+1)); - memcpy(A,b->d,sizeof(b->d[0])*b->top); + if (b->d) + OPENSSL_free(b->d); b->d=a; - b->max=words; -#endif - -/* memset(&(p[b->max]),0,((words+1)-b->max)*sizeof(BN_ULONG)); */ -/* { int i; for (i=b->max; i<words+1; i++) p[i]=i;} */ - + b->dmax=words; + } + else + b = NULL; } - return(b); + return b; } BIGNUM *BN_dup(const BIGNUM *a) { - BIGNUM *r; + BIGNUM *r, *t; if (a == NULL) return NULL; bn_check_top(a); - r=BN_new(); - if (r == NULL) return(NULL); - return((BIGNUM *)BN_copy(r,a)); + t = BN_new(); + if (t == NULL) return(NULL); + r = BN_copy(t, a); + /* now r == t || r == NULL */ + if (r == NULL) + BN_free(t); + return r; } BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b) @@ -491,7 +494,7 @@ BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b) case 3: A[2]=B[2]; case 2: A[1]=B[1]; case 1: A[0]=B[0]; - case 0: ; /* ultrix cc workaround, see comments in bn_expand2 */ + case 0: ; /* ultrix cc workaround, see comments in bn_expand_internal */ } #else memcpy(a->d,b->d,sizeof(b->d[0])*b->top); @@ -505,6 +508,35 @@ BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b) return(a); } +void BN_swap(BIGNUM *a, BIGNUM *b) + { + int flags_old_a, flags_old_b; + BN_ULONG *tmp_d; + int tmp_top, tmp_dmax, tmp_neg; + + flags_old_a = a->flags; + flags_old_b = b->flags; + + tmp_d = a->d; + tmp_top = a->top; + tmp_dmax = a->dmax; + tmp_neg = a->neg; + + a->d = b->d; + a->top = b->top; + a->dmax = b->dmax; + a->neg = b->neg; + + b->d = tmp_d; + b->top = tmp_top; + b->dmax = tmp_dmax; + b->neg = tmp_neg; + + a->flags = (flags_old_a & BN_FLG_MALLOCED) | (flags_old_b & BN_FLG_STATIC_DATA); + b->flags = (flags_old_b & BN_FLG_MALLOCED) | (flags_old_a & BN_FLG_STATIC_DATA); + } + + void BN_clear(BIGNUM *a) { if (a->d != NULL) @@ -513,7 +545,7 @@ void BN_clear(BIGNUM *a) a->neg=0; } -BN_ULONG BN_get_word(BIGNUM *a) +BN_ULONG BN_get_word(const BIGNUM *a) { int i,n; BN_ULONG ret=0; @@ -561,7 +593,6 @@ int BN_set_word(BIGNUM *a, BN_ULONG w) return(1); } -/* ignore negative */ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret) { unsigned int i,m; @@ -582,6 +613,7 @@ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret) i=((n-1)/BN_BYTES)+1; m=((n-1)%(BN_BYTES)); ret->top=i; + ret->neg=0; while (n-- > 0) { l=(l<<8L)| *(s++); @@ -736,7 +768,7 @@ int BN_mask_bits(BIGNUM *a, int n) return(1); } -int bn_cmp_words(BN_ULONG *a, BN_ULONG *b, int n) +int bn_cmp_words(const BN_ULONG *a, const BN_ULONG *b, int n) { int i; BN_ULONG aa,bb; @@ -753,3 +785,34 @@ int bn_cmp_words(BN_ULONG *a, BN_ULONG *b, int n) return(0); } +/* Here follows a specialised variants of bn_cmp_words(). It has the + property of performing the operation on arrays of different sizes. + The sizes of those arrays is expressed through cl, which is the + common length ( basicall, min(len(a),len(b)) ), and dl, which is the + delta between the two lengths, calculated as len(a)-len(b). + All lengths are the number of BN_ULONGs... */ + +int bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b, + int cl, int dl) + { + int n,i; + n = cl-1; + + if (dl < 0) + { + for (i=dl; i<0; i++) + { + if (b[n-i] != 0) + return -1; /* a < b */ + } + } + if (dl > 0) + { + for (i=dl; i>0; i--) + { + if (a[n+i] != 0) + return 1; /* a > b */ + } + } + return bn_cmp_words(a,b,cl); + } diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c index 8cf1febacc..7f8296c893 100644 --- a/crypto/bn/bn_mont.c +++ b/crypto/bn/bn_mont.c @@ -69,20 +69,17 @@ #define MONT_WORD /* use the faster word-based algorithm */ -int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b, +int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_MONT_CTX *mont, BN_CTX *ctx) { - BIGNUM *tmp,*tmp2; + BIGNUM *tmp; int ret=0; BN_CTX_start(ctx); tmp = BN_CTX_get(ctx); - tmp2 = BN_CTX_get(ctx); - if (tmp == NULL || tmp2 == NULL) goto err; + if (tmp == NULL) goto err; bn_check_top(tmp); - bn_check_top(tmp2); - if (a == b) { if (!BN_sqr(tmp,a,ctx)) goto err; @@ -99,7 +96,7 @@ err: return(ret); } -int BN_from_montgomery(BIGNUM *ret, BIGNUM *a, BN_MONT_CTX *mont, +int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont, BN_CTX *ctx) { int retn=0; @@ -144,7 +141,7 @@ int BN_from_montgomery(BIGNUM *ret, BIGNUM *a, BN_MONT_CTX *mont, n0=mont->n0; #ifdef BN_COUNT - printf("word BN_from_montgomery %d * %d\n",nl,nl); + fprintf(stderr,"word BN_from_montgomery %d * %d\n",nl,nl); #endif for (i=0; i<nl; i++) { diff --git a/crypto/bn/bn_mpi.c b/crypto/bn/bn_mpi.c index 80e1dca6b7..05fa9d1e9a 100644 --- a/crypto/bn/bn_mpi.c +++ b/crypto/bn/bn_mpi.c @@ -88,7 +88,7 @@ int BN_bn2mpi(const BIGNUM *a, unsigned char *d) return(num+4+ext); } -BIGNUM *BN_mpi2bn(unsigned char *d, int n, BIGNUM *a) +BIGNUM *BN_mpi2bn(const unsigned char *d, int n, BIGNUM *a) { long len; int neg=0; diff --git a/crypto/bn/bn_mul.c b/crypto/bn/bn_mul.c index 3e8d8b9567..eb5d525613 100644 --- a/crypto/bn/bn_mul.c +++ b/crypto/bn/bn_mul.c @@ -56,10 +56,323 @@ * [including the GNU Public Licence.] */ +#ifndef BN_DEBUG +# undef NDEBUG /* avoid conflicting definitions */ +# define NDEBUG +#endif + #include <stdio.h> +#include <assert.h> #include "cryptlib.h" #include "bn_lcl.h" +/* Here follows specialised variants of bn_add_words() and + bn_sub_words(). They have the property performing operations on + arrays of different sizes. The sizes of those arrays is expressed through + cl, which is the common length ( basicall, min(len(a),len(b)) ), and dl, + which is the delta between the two lengths, calculated as len(a)-len(b). + All lengths are the number of BN_ULONGs... For the operations that require + a result array as parameter, it must have the length cl+abs(dl). + These functions should probably end up in bn_asm.c as soon as there are + assembler counterparts for the systems that use assembler files. */ + +BN_ULONG bn_sub_part_words(BN_ULONG *r, + const BN_ULONG *a, const BN_ULONG *b, + int cl, int dl) + { + BN_ULONG c, t; + + assert(cl >= 0); + c = bn_sub_words(r, a, b, cl); + + if (dl == 0) + return c; + + r += cl; + a += cl; + b += cl; + + if (dl < 0) + { +#ifdef BN_COUNT + fprintf(stderr, " bn_sub_part_words %d + %d (dl < 0, c = %d)\n", cl, dl, c); +#endif + for (;;) + { + t = b[0]; + r[0] = (0-t-c)&BN_MASK2; + if (t != 0) c=1; + if (++dl >= 0) break; + + t = b[1]; + r[1] = (0-t-c)&BN_MASK2; + if (t != 0) c=1; + if (++dl >= 0) break; + + t = b[2]; + r[2] = (0-t-c)&BN_MASK2; + if (t != 0) c=1; + if (++dl >= 0) break; + + t = b[3]; + r[3] = (0-t-c)&BN_MASK2; + if (t != 0) c=1; + if (++dl >= 0) break; + + b += 4; + r += 4; + } + } + else + { + int save_dl = dl; +#ifdef BN_COUNT + fprintf(stderr, " bn_sub_part_words %d + %d (dl > 0, c = %d)\n", cl, dl, c); +#endif + while(c) + { + t = a[0]; + r[0] = (t-c)&BN_MASK2; + if (t != 0) c=0; + if (--dl <= 0) break; + + t = a[1]; + r[1] = (t-c)&BN_MASK2; + if (t != 0) c=0; + if (--dl <= 0) break; + + t = a[2]; + r[2] = (t-c)&BN_MASK2; + if (t != 0) c=0; + if (--dl <= 0) break; + + t = a[3]; + r[3] = (t-c)&BN_MASK2; + if (t != 0) c=0; + if (--dl <= 0) break; + + save_dl = dl; + a += 4; + r += 4; + } + if (dl > 0) + { +#ifdef BN_COUNT + fprintf(stderr, " bn_sub_part_words %d + %d (dl > 0, c == 0)\n", cl, dl); +#endif + if (save_dl > dl) + { + switch (save_dl - dl) + { + case 1: + r[1] = a[1]; + if (--dl <= 0) break; + case 2: + r[2] = a[2]; + if (--dl <= 0) break; + case 3: + r[3] = a[3]; + if (--dl <= 0) break; + } + a += 4; + r += 4; + } + } + if (dl > 0) + { +#ifdef BN_COUNT + fprintf(stderr, " bn_sub_part_words %d + %d (dl > 0, copy)\n", cl, dl); +#endif + for(;;) + { + r[0] = a[0]; + if (--dl <= 0) break; + r[1] = a[1]; + if (--dl <= 0) break; + r[2] = a[2]; + if (--dl <= 0) break; + r[3] = a[3]; + if (--dl <= 0) break; + + a += 4; + r += 4; + } + } + } + return c; + } + +BN_ULONG bn_add_part_words(BN_ULONG *r, + const BN_ULONG *a, const BN_ULONG *b, + int cl, int dl) + { + BN_ULONG c, l, t; + + assert(cl >= 0); + c = bn_add_words(r, a, b, cl); + + if (dl == 0) + return c; + + r += cl; + a += cl; + b += cl; + + if (dl < 0) + { + int save_dl = dl; +#ifdef BN_COUNT + fprintf(stderr, " bn_add_part_words %d + %d (dl < 0, c = %d)\n", cl, dl, c); +#endif + while (c) + { + l=(c+b[0])&BN_MASK2; + c=(l < c); + r[0]=l; + if (++dl >= 0) break; + + l=(c+b[1])&BN_MASK2; + c=(l < c); + r[1]=l; + if (++dl >= 0) break; + + l=(c+b[2])&BN_MASK2; + c=(l < c); + r[2]=l; + if (++dl >= 0) break; + + l=(c+b[3])&BN_MASK2; + c=(l < c); + r[3]=l; + if (++dl >= 0) break; + + save_dl = dl; + b+=4; + r+=4; + } + if (dl < 0) + { +#ifdef BN_COUNT + fprintf(stderr, " bn_add_part_words %d + %d (dl < 0, c == 0)\n", cl, dl); +#endif + if (save_dl < dl) + { + switch (dl - save_dl) + { + case 1: + r[1] = b[1]; + if (++dl >= 0) break; + case 2: + r[2] = b[2]; + if (++dl >= 0) break; + case 3: + r[3] = b[3]; + if (++dl >= 0) break; + } + b += 4; + r += 4; + } + } + if (dl < 0) + { +#ifdef BN_COUNT + fprintf(stderr, " bn_add_part_words %d + %d (dl < 0, copy)\n", cl, dl); +#endif + for(;;) + { + r[0] = b[0]; + if (++dl >= 0) break; + r[1] = b[1]; + if (++dl >= 0) break; + r[2] = b[2]; + if (++dl >= 0) break; + r[3] = b[3]; + if (++dl >= 0) break; + + b += 4; + r += 4; + } + } + } + else + { + int save_dl = dl; +#ifdef BN_COUNT + fprintf(stderr, " bn_add_part_words %d + %d (dl > 0)\n", cl, dl); +#endif + while (c) + { + t=(a[0]+c)&BN_MASK2; + c=(t < c); + r[0]=t; + if (--dl <= 0) break; + + t=(a[1]+c)&BN_MASK2; + c=(t < c); + r[1]=t; + if (--dl <= 0) break; + + t=(a[2]+c)&BN_MASK2; + c=(t < c); + r[2]=t; + if (--dl <= 0) break; + + t=(a[3]+c)&BN_MASK2; + c=(t < c); + r[3]=t; + if (--dl <= 0) break; + + save_dl = dl; + a+=4; + r+=4; + } +#ifdef BN_COUNT + fprintf(stderr, " bn_add_part_words %d + %d (dl > 0, c == 0)\n", cl, dl); +#endif + if (dl > 0) + { + if (save_dl > dl) + { + switch (save_dl - dl) + { + case 1: + r[1] = a[1]; + if (--dl <= 0) break; + case 2: + r[2] = a[2]; + if (--dl <= 0) break; + case 3: + r[3] = a[3]; + if (--dl <= 0) break; + } + a += 4; + r += 4; + } + } + if (dl > 0) + { +#ifdef BN_COUNT + fprintf(stderr, " bn_add_part_words %d + %d (dl > 0, copy)\n", cl, dl); +#endif + for(;;) + { + r[0] = a[0]; + if (--dl <= 0) break; + r[1] = a[1]; + if (--dl <= 0) break; + r[2] = a[2]; + if (--dl <= 0) break; + r[3] = a[3]; + if (--dl <= 0) break; + + a += 4; + r += 4; + } + } + } + return c; + } + #ifdef BN_RECURSION /* Karatsuba recursive multiplication algorithm * (cf. Knuth, The Art of Computer Programming, Vol. 2) */ @@ -75,14 +388,15 @@ * a[1]*b[1] */ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, - BN_ULONG *t) + int dna, int dnb, BN_ULONG *t) { int n=n2/2,c1,c2; + int tna=n+dna, tnb=n+dnb; unsigned int neg,zero; BN_ULONG ln,lo,*p; # ifdef BN_COUNT - printf(" bn_mul_recursive %d * %d\n",n2,n2); + fprintf(stderr," bn_mul_recursive %d * %d\n",n2,n2); # endif # ifdef BN_MUL_COMBA # if 0 @@ -105,21 +419,21 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, return; } /* r=(a[0]-a[1])*(b[1]-b[0]) */ - c1=bn_cmp_words(a,&(a[n]),n); - c2=bn_cmp_words(&(b[n]),b,n); + c1=bn_cmp_part_words(a,&(a[n]),tna,n-tna); + c2=bn_cmp_part_words(&(b[n]),b,tnb,tnb-n); zero=neg=0; switch (c1*3+c2) { case -4: - bn_sub_words(t, &(a[n]),a, n); /* - */ - bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ + bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */ + bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */ break; case -3: zero=1; break; case -2: - bn_sub_words(t, &(a[n]),a, n); /* - */ - bn_sub_words(&(t[n]),&(b[n]),b, n); /* + */ + bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */ + bn_sub_part_words(&(t[n]),&(b[n]),b, tnb,tnb-n); /* + */ neg=1; break; case -1: @@ -128,16 +442,16 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, zero=1; break; case 2: - bn_sub_words(t, a, &(a[n]),n); /* + */ - bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ + bn_sub_part_words(t, a, &(a[n]),tna,n-tna); /* + */ + bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */ neg=1; break; case 3: zero=1; break; case 4: - bn_sub_words(t, a, &(a[n]),n); - bn_sub_words(&(t[n]),&(b[n]),b, n); + bn_sub_part_words(t, a, &(a[n]),tna,n-tna); + bn_sub_part_words(&(t[n]),&(b[n]),b, tnb,tnb-n); break; } @@ -167,11 +481,11 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, { p= &(t[n2*2]); if (!zero) - bn_mul_recursive(&(t[n2]),t,&(t[n]),n,p); + bn_mul_recursive(&(t[n2]),t,&(t[n]),n,0,0,p); else memset(&(t[n2]),0,n2*sizeof(BN_ULONG)); - bn_mul_recursive(r,a,b,n,p); - bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),n,p); + bn_mul_recursive(r,a,b,n,0,0,p); + bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),n,dna,dnb,p); } /* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign @@ -220,39 +534,39 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, /* n+tn is the word length * t needs to be n*4 is size, as does r */ -void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int tn, - int n, BN_ULONG *t) +void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n, + int tna, int tnb, BN_ULONG *t) { int i,j,n2=n*2; unsigned int c1,c2,neg,zero; BN_ULONG ln,lo,*p; # ifdef BN_COUNT - printf(" bn_mul_part_recursive %d * %d\n",tn+n,tn+n); + fprintf(stderr," bn_mul_part_recursive (%d+%d) * (%d+%d)\n", + tna, n, tnb, n); # endif if (n < 8) { - i=tn+n; - bn_mul_normal(r,a,i,b,i); + bn_mul_normal(r,a,n+tna,b,n+tnb); return; } /* r=(a[0]-a[1])*(b[1]-b[0]) */ - c1=bn_cmp_words(a,&(a[n]),n); - c2=bn_cmp_words(&(b[n]),b,n); + c1=bn_cmp_part_words(a,&(a[n]),tna,n-tna); + c2=bn_cmp_part_words(&(b[n]),b,tnb,tnb-n); zero=neg=0; switch (c1*3+c2) { case -4: - bn_sub_words(t, &(a[n]),a, n); /* - */ - bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ + bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */ + bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */ break; case -3: zero=1; /* break; */ case -2: - bn_sub_words(t, &(a[n]),a, n); /* - */ - bn_sub_words(&(t[n]),&(b[n]),b, n); /* + */ + bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */ + bn_sub_part_words(&(t[n]),&(b[n]),b, tnb,tnb-n); /* + */ neg=1; break; case -1: @@ -261,16 +575,16 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int tn, zero=1; /* break; */ case 2: - bn_sub_words(t, a, &(a[n]),n); /* + */ - bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ + bn_sub_part_words(t, a, &(a[n]),tna,n-tna); /* + */ + bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */ neg=1; break; case 3: zero=1; /* break; */ case 4: - bn_sub_words(t, a, &(a[n]),n); - bn_sub_words(&(t[n]),&(b[n]),b, n); + bn_sub_part_words(t, a, &(a[n]),tna,n-tna); + bn_sub_part_words(&(t[n]),&(b[n]),b, tnb,tnb-n); break; } /* The zero case isn't yet implemented here. The speedup @@ -289,54 +603,59 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int tn, { bn_mul_comba8(&(t[n2]),t,&(t[n])); bn_mul_comba8(r,a,b); - bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn); - memset(&(r[n2+tn*2]),0,sizeof(BN_ULONG)*(n2-tn*2)); + bn_mul_normal(&(r[n2]),&(a[n]),tna,&(b[n]),tnb); + memset(&(r[n2+tna+tnb]),0,sizeof(BN_ULONG)*(n2-tna-tnb)); } else { p= &(t[n2*2]); - bn_mul_recursive(&(t[n2]),t,&(t[n]),n,p); - bn_mul_recursive(r,a,b,n,p); + bn_mul_recursive(&(t[n2]),t,&(t[n]),n,0,0,p); + bn_mul_recursive(r,a,b,n,0,0,p); i=n/2; /* If there is only a bottom half to the number, * just do it */ - j=tn-i; + if (tna > tnb) + j = tna - i; + else + j = tnb - i; if (j == 0) { - bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),i,p); + bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]), + i,tna-i,tnb-i,p); memset(&(r[n2+i*2]),0,sizeof(BN_ULONG)*(n2-i*2)); } else if (j > 0) /* eg, n == 16, i == 8 and tn == 11 */ { bn_mul_part_recursive(&(r[n2]),&(a[n]),&(b[n]), - j,i,p); - memset(&(r[n2+tn*2]),0, - sizeof(BN_ULONG)*(n2-tn*2)); + i,tna-i,tnb-i,p); + memset(&(r[n2+tna+tnb]),0, + sizeof(BN_ULONG)*(n2-tna-tnb)); } else /* (j < 0) eg, n == 16, i == 8 and tn == 5 */ { memset(&(r[n2]),0,sizeof(BN_ULONG)*n2); - if (tn < BN_MUL_RECURSIVE_SIZE_NORMAL) + if (tna < BN_MUL_RECURSIVE_SIZE_NORMAL + && tnb < BN_MUL_RECURSIVE_SIZE_NORMAL) { - bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn); + bn_mul_normal(&(r[n2]),&(a[n]),tna,&(b[n]),tnb); } else { for (;;) { i/=2; - if (i < tn) + if (i < tna && i < tnb) { bn_mul_part_recursive(&(r[n2]), &(a[n]),&(b[n]), - tn-i,i,p); + i,tna-i,tnb-i,p); break; } - else if (i == tn) + else if (i <= tna && i <= tnb) { bn_mul_recursive(&(r[n2]), &(a[n]),&(b[n]), - i,p); + i,tna-i,tnb-i,p); break; } } @@ -397,10 +716,10 @@ void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, int n=n2/2; # ifdef BN_COUNT - printf(" bn_mul_low_recursive %d * %d\n",n2,n2); + fprintf(stderr," bn_mul_low_recursive %d * %d\n",n2,n2); # endif - bn_mul_recursive(r,a,b,n,&(t[0])); + bn_mul_recursive(r,a,b,n,0,0,&(t[0])); if (n >= BN_MUL_LOW_RECURSIVE_SIZE_NORMAL) { bn_mul_low_recursive(&(t[0]),&(a[0]),&(b[n]),n,&(t[n2])); @@ -431,7 +750,7 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2, BN_ULONG ll,lc,*lp,*mp; # ifdef BN_COUNT - printf(" bn_mul_high %d * %d\n",n2,n2); + fprintf(stderr," bn_mul_high %d * %d\n",n2,n2); # endif n=n2/2; @@ -484,8 +803,8 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2, else # endif { - bn_mul_recursive(&(t[0]),&(r[0]),&(r[n]),n,&(t[n2])); - bn_mul_recursive(r,&(a[n]),&(b[n]),n,&(t[n2])); + bn_mul_recursive(&(t[0]),&(r[0]),&(r[n]),n,0,0,&(t[n2])); + bn_mul_recursive(r,&(a[n]),&(b[n]),n,0,0,&(t[n2])); } /* s0 == low(al*bl) @@ -608,11 +927,11 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2, } #endif /* BN_RECURSION */ -int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx) +int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) { + int ret=0; int top,al,bl; BIGNUM *rr; - int ret = 0; #if defined(BN_MUL_COMBA) || defined(BN_RECURSION) int i; #endif @@ -622,7 +941,7 @@ int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx) #endif #ifdef BN_COUNT - printf("BN_mul %d * %d\n",a->top,b->top); + fprintf(stderr,"BN_mul %d * %d\n",a->top,b->top); #endif bn_check_top(a); @@ -675,17 +994,55 @@ int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx) #ifdef BN_RECURSION if ((al >= BN_MULL_SIZE_NORMAL) && (bl >= BN_MULL_SIZE_NORMAL)) { + if (i >= -1 && i <= 1) + { + int sav_j =0; + /* Find out the power of two lower or equal + to the longest of the two numbers */ + if (i >= 0) + { + j = BN_num_bits_word((BN_ULONG)al); + } + if (i == -1) + { + j = BN_num_bits_word((BN_ULONG)bl); + } + sav_j = j; + j = 1<<(j-1); + assert(j <= al || j <= bl); + k = j+j; + t = BN_CTX_get(ctx); + if (al > j || bl > j) + { + bn_wexpand(t,k*4); + bn_wexpand(rr,k*4); + bn_mul_part_recursive(rr->d,a->d,b->d, + j,al-j,bl-j,t->d); + } + else /* al <= j || bl <= j */ + { + bn_wexpand(t,k*2); + bn_wexpand(rr,k*2); + bn_mul_recursive(rr->d,a->d,b->d, + j,al-j,bl-j,t->d); + } + rr->top=top; + goto end; + } +#if 0 if (i == 1 && !BN_get_flags(b,BN_FLG_STATIC_DATA)) { - bn_wexpand(b,al); - b->d[bl]=0; + BIGNUM *tmp_bn = (BIGNUM *)b; + bn_wexpand(tmp_bn,al); + tmp_bn->d[bl]=0; bl++; i--; } else if (i == -1 && !BN_get_flags(a,BN_FLG_STATIC_DATA)) { - bn_wexpand(a,bl); - a->d[al]=0; + BIGNUM *tmp_bn = (BIGNUM *)a; + bn_wexpand(tmp_bn,bl); + tmp_bn->d[al]=0; al++; i++; } @@ -705,19 +1062,14 @@ int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx) } else { - bn_wexpand(a,k); - bn_wexpand(b,k); bn_wexpand(t,k*4); bn_wexpand(rr,k*4); - for (i=a->top; i<k; i++) - a->d[i]=0; - for (i=b->top; i<k; i++) - b->d[i]=0; bn_mul_part_recursive(rr->d,a->d,b->d,al-j,j,t->d); } rr->top=top; goto end; } +#endif } #endif /* BN_RECURSION */ if (bn_wexpand(rr,top) == NULL) goto err; @@ -740,7 +1092,7 @@ void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb) BN_ULONG *rr; #ifdef BN_COUNT - printf(" bn_mul_normal %d * %d\n",na,nb); + fprintf(stderr," bn_mul_normal %d * %d\n",na,nb); #endif if (na < nb) @@ -774,7 +1126,7 @@ void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb) void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n) { #ifdef BN_COUNT - printf(" bn_mul_low_normal %d * %d\n",n,n); + fprintf(stderr," bn_mul_low_normal %d * %d\n",n,n); #endif bn_mul_words(r,a,n,b[0]); diff --git a/crypto/bn/bn_prime.c b/crypto/bn/bn_prime.c index a5f01b92eb..b75e58c6ae 100644 --- a/crypto/bn/bn_prime.c +++ b/crypto/bn/bn_prime.c @@ -125,12 +125,13 @@ static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1, const BIGNUM *a1_odd, int k, BN_CTX *ctx, BN_MONT_CTX *mont); static int probable_prime(BIGNUM *rnd, int bits); static int probable_prime_dh(BIGNUM *rnd, int bits, - BIGNUM *add, BIGNUM *rem, BN_CTX *ctx); + const BIGNUM *add, const BIGNUM *rem, BN_CTX *ctx); static int probable_prime_dh_safe(BIGNUM *rnd, int bits, - BIGNUM *add, BIGNUM *rem, BN_CTX *ctx); + const BIGNUM *add, const BIGNUM *rem, BN_CTX *ctx); -BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe, BIGNUM *add, - BIGNUM *rem, void (*callback)(int,int,void *), void *cb_arg) +BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe, + const BIGNUM *add, const BIGNUM *rem, + void (*callback)(int,int,void *), void *cb_arg) { BIGNUM *rnd=NULL; BIGNUM t; @@ -376,8 +377,8 @@ again: return(1); } -static int probable_prime_dh(BIGNUM *rnd, int bits, BIGNUM *add, BIGNUM *rem, - BN_CTX *ctx) +static int probable_prime_dh(BIGNUM *rnd, int bits, + const BIGNUM *add, const BIGNUM *rem, BN_CTX *ctx) { int i,ret=0; BIGNUM *t1; @@ -413,8 +414,8 @@ err: return(ret); } -static int probable_prime_dh_safe(BIGNUM *p, int bits, BIGNUM *padd, - BIGNUM *rem, BN_CTX *ctx) +static int probable_prime_dh_safe(BIGNUM *p, int bits, const BIGNUM *padd, + const BIGNUM *rem, BN_CTX *ctx) { int i,ret=0; BIGNUM *t1,*qadd,*q; diff --git a/crypto/bn/bn_print.c b/crypto/bn/bn_print.c index 532e66bcc3..d1986d72d0 100644 --- a/crypto/bn/bn_print.c +++ b/crypto/bn/bn_print.c @@ -321,7 +321,7 @@ end: #endif #ifdef BN_DEBUG -void bn_dump1(FILE *o, const char *a, BN_ULONG *b,int n) +void bn_dump1(FILE *o, const char *a, const BN_ULONG *b,int n) { int i; fprintf(o, "%s=", a); diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c index 21ecbc04ed..bab4510345 100644 --- a/crypto/bn/bn_rand.c +++ b/crypto/bn/bn_rand.c @@ -100,6 +100,27 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom) goto err; } +#if 1 + if (pseudorand == 2) + { + /* generate patterns that are more likely to trigger BN + library bugs */ + int i; + unsigned char c; + + for (i = 0; i < bytes; i++) + { + RAND_pseudo_bytes(&c, 1); + if (c >= 128 && i > 0) + buf[i] = buf[i-1]; + else if (c < 42) + buf[i] = 0; + else if (c < 84) + buf[i] = 255; + } + } +#endif + if (top) { if (bit == 0) @@ -140,3 +161,10 @@ int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom) { return bnrand(1, rnd, bits, top, bottom); } + +#if 1 +int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom) + { + return bnrand(2, rnd, bits, top, bottom); + } +#endif diff --git a/crypto/bn/bn_recp.c b/crypto/bn/bn_recp.c index d019941d6b..0700a0f063 100644 --- a/crypto/bn/bn_recp.c +++ b/crypto/bn/bn_recp.c @@ -100,11 +100,12 @@ int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *d, BN_CTX *ctx) return(1); } -int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *x, BIGNUM *y, BN_RECP_CTX *recp, - BN_CTX *ctx) +int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y, + BN_RECP_CTX *recp, BN_CTX *ctx) { int ret=0; BIGNUM *a; + const BIGNUM *ca; BN_CTX_start(ctx); if ((a = BN_CTX_get(ctx)) == NULL) goto err; @@ -114,19 +115,20 @@ int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *x, BIGNUM *y, BN_RECP_CTX *recp, { if (!BN_sqr(a,x,ctx)) goto err; } else { if (!BN_mul(a,x,y,ctx)) goto err; } + ca = a; } else - a=x; /* Just do the mod */ + ca=x; /* Just do the mod */ - BN_div_recp(NULL,r,a,recp,ctx); + BN_div_recp(NULL,r,ca,recp,ctx); ret=1; err: BN_CTX_end(ctx); return(ret); } -int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, BN_RECP_CTX *recp, - BN_CTX *ctx) +int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, + BN_RECP_CTX *recp, BN_CTX *ctx) { int i,j,ret=0; BIGNUM *a,*b,*d,*r; @@ -165,7 +167,8 @@ int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, BN_RECP_CTX *recp, if (i != recp->shift) recp->shift=BN_reciprocal(&(recp->Nr),&(recp->N), - i,ctx); + i,ctx); /* BN_reciprocal returns i, or -1 for an error */ + if (recp->shift == -1) goto err; if (!BN_rshift(a,m,j)) goto err; if (!BN_mul(b,a,&(recp->Nr),ctx)) goto err; @@ -201,7 +204,8 @@ err: * We actually calculate with an extra word of precision, so * we can do faster division if the remainder is not required. */ -int BN_reciprocal(BIGNUM *r, BIGNUM *m, int len, BN_CTX *ctx) +/* r := 2^len / m */ +int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx) { int ret= -1; BIGNUM t; diff --git a/crypto/bn/bn_shift.c b/crypto/bn/bn_shift.c index 0883247384..70f785ea18 100644 --- a/crypto/bn/bn_shift.c +++ b/crypto/bn/bn_shift.c @@ -60,7 +60,7 @@ #include "cryptlib.h" #include "bn_lcl.h" -int BN_lshift1(BIGNUM *r, BIGNUM *a) +int BN_lshift1(BIGNUM *r, const BIGNUM *a) { register BN_ULONG *ap,*rp,t,c; int i; @@ -92,7 +92,7 @@ int BN_lshift1(BIGNUM *r, BIGNUM *a) return(1); } -int BN_rshift1(BIGNUM *r, BIGNUM *a) +int BN_rshift1(BIGNUM *r, const BIGNUM *a) { BN_ULONG *ap,*rp,t,c; int i; @@ -128,8 +128,8 @@ int BN_lshift(BIGNUM *r, const BIGNUM *a, int n) BN_ULONG l; r->neg=a->neg; - if (bn_wexpand(r,a->top+(n/BN_BITS2)+1) == NULL) return(0); nw=n/BN_BITS2; + if (bn_wexpand(r,a->top+nw+1) == NULL) return(0); lb=n%BN_BITS2; rb=BN_BITS2-lb; f=a->d; @@ -153,7 +153,7 @@ int BN_lshift(BIGNUM *r, const BIGNUM *a, int n) return(1); } -int BN_rshift(BIGNUM *r, BIGNUM *a, int n) +int BN_rshift(BIGNUM *r, const BIGNUM *a, int n) { int i,j,nw,lb,rb; BN_ULONG *t,*f; @@ -172,6 +172,11 @@ int BN_rshift(BIGNUM *r, BIGNUM *a, int n) r->neg=a->neg; if (bn_wexpand(r,a->top-nw+1) == NULL) return(0); } + else + { + if (n == 0) + return 1; /* or the copying loop will go berserk */ + } f= &(a->d[nw]); t=r->d; diff --git a/crypto/bn/bn_sqr.c b/crypto/bn/bn_sqr.c index 75f4f38392..b75e6194d0 100644 --- a/crypto/bn/bn_sqr.c +++ b/crypto/bn/bn_sqr.c @@ -62,14 +62,14 @@ /* r must not be a */ /* I've just gone over this and it is now %20 faster on x86 - eay - 27 Jun 96 */ -int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx) +int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) { int max,al; int ret = 0; BIGNUM *tmp,*rr; #ifdef BN_COUNT -printf("BN_sqr %d * %d\n",a->top,a->top); + fprintf(stderr,"BN_sqr %d * %d\n",a->top,a->top); #endif bn_check_top(a); @@ -88,7 +88,6 @@ printf("BN_sqr %d * %d\n",a->top,a->top); max=(al+al); if (bn_wexpand(rr,max+1) == NULL) goto err; - r->neg=0; if (al == 4) { #ifndef BN_SQR_COMBA @@ -124,7 +123,6 @@ printf("BN_sqr %d * %d\n",a->top,a->top); k=j+j; if (al == j) { - if (bn_wexpand(a,k*2) == NULL) goto err; if (bn_wexpand(tmp,k*2) == NULL) goto err; bn_sqr_recursive(rr->d,a->d,al,tmp->d); } @@ -141,6 +139,7 @@ printf("BN_sqr %d * %d\n",a->top,a->top); } rr->top=max; + rr->neg=0; if ((max > 0) && (rr->d[max-1] == 0)) rr->top--; if (rr != r) BN_copy(r,rr); ret = 1; @@ -150,10 +149,11 @@ printf("BN_sqr %d * %d\n",a->top,a->top); } /* tmp must have 2*n words */ -void bn_sqr_normal(BN_ULONG *r, BN_ULONG *a, int n, BN_ULONG *tmp) +void bn_sqr_normal(BN_ULONG *r, const BN_ULONG *a, int n, BN_ULONG *tmp) { int i,j,max; - BN_ULONG *ap,*rp; + const BN_ULONG *ap; + BN_ULONG *rp; max=n*2; ap=a; @@ -197,14 +197,14 @@ void bn_sqr_normal(BN_ULONG *r, BN_ULONG *a, int n, BN_ULONG *tmp) * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0]) * a[1]*b[1] */ -void bn_sqr_recursive(BN_ULONG *r, BN_ULONG *a, int n2, BN_ULONG *t) +void bn_sqr_recursive(BN_ULONG *r, const BN_ULONG *a, int n2, BN_ULONG *t) { int n=n2/2; int zero,c1; BN_ULONG ln,lo,*p; #ifdef BN_COUNT -printf(" bn_sqr_recursive %d * %d\n",n2,n2); + fprintf(stderr," bn_sqr_recursive %d * %d\n",n2,n2); #endif if (n2 == 4) { diff --git a/crypto/bn/bn_sqrt.c b/crypto/bn/bn_sqrt.c index a54d9d2919..2a72c189cb 100644 --- a/crypto/bn/bn_sqrt.c +++ b/crypto/bn/bn_sqrt.c @@ -93,20 +93,6 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) return(NULL); } - if (BN_is_zero(a) || BN_is_one(a)) - { - if (ret == NULL) - ret = BN_new(); - if (ret == NULL) - goto end; - if (!BN_set_word(ret, BN_is_one(a))) - { - BN_free(ret); - return NULL; - } - return ret; - } - #if 0 /* if BN_mod_sqrt is used with correct input, this just wastes time */ r = BN_kronecker(a, p, ctx); if (r < -1) return NULL; @@ -133,9 +119,7 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) e = 1; while (!BN_is_bit_set(p, e)) e++; - if (e > 2) - /* we don't need this q if e = 1 or 2 */ - if (!BN_rshift(q, p, e)) goto end; + if (!BN_rshift(q, p, e)) goto end; q->neg = 0; if (e == 1) @@ -145,74 +129,16 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) * directly by modular exponentiation. * We have * 2 * (p+1)/4 == 1 (mod (p-1)/2), - * so we can use exponent (p+1)/4, i.e. (p-3)/4 + 1. + * so we can use exponent (p+1)/4, i.e. (q+1)/2. */ - if (!BN_rshift(q, p, 2)) goto end; - if (!BN_add_word(q, 1)) goto end; + if (!BN_add_word(q,1)) goto end; + if (!BN_rshift1(q,q)) goto end; if (!BN_mod_exp(ret, a, q, p, ctx)) goto end; err = 0; goto end; } - if (e == 2) - { - /* p == 5 (mod 8) - * - * In this case 2 is always a non-square since - * Legendre(2,p) = (-1)^((p^2-1)/8) for any odd prime. - * So if a really is a square, then 2*a is a non-square. - * Thus for - * b := (2*a)^((p-5)/8), - * i := (2*a)*b^2 - * we have - * i^2 = (2*a)^((1 + (p-5)/4)*2) - * = (2*a)^((p-1)/2) - * = -1; - * so if we set - * x := a*b*(i-1), - * then - * x^2 = a^2 * b^2 * (i^2 - 2*i + 1) - * = a^2 * b^2 * (-2*i) - * = a*(-i)*(2*a*b^2) - * = a*(-i)*i - * = a. - * - * (This is due to A.O.L. Atkin, - * <URL: http://listserv.nodak.edu/scripts/wa.exe?A2=ind9211&L=nmbrthry&O=T&P=562>, - * November 1992.) - */ - - /* make sure that a is reduced modulo p */ - if (a->neg || BN_ucmp(a, p) >= 0) - { - if (!BN_nnmod(x, a, p, ctx)) goto end; - a = x; /* use x as temporary variable */ - } - - /* t := 2*a */ - if (!BN_mod_lshift1_quick(t, a, p)) goto end; - - /* b := (2*a)^((p-5)/8) */ - if (!BN_rshift(q, p, 3)) goto end; - if (!BN_mod_exp(b, t, q, p, ctx)) goto end; - - /* y := b^2 */ - if (!BN_mod_sqr(y, b, p, ctx)) goto end; - - /* t := (2*a)*b^2 - 1*/ - if (!BN_mod_mul(t, t, y, p, ctx)) goto end; - if (!BN_sub_word(t, 1)) goto end; /* cannot become negative */ - - /* x = a*b*t */ - if (!BN_mod_mul(x, a, b, p, ctx)) goto end; - if (!BN_mod_mul(x, x, t, p, ctx)) goto end; - - if (!BN_copy(ret, x)) goto end; - err = 0; - goto end; - } - - /* e > 2, so we really have to use the Tonelli/Shanks algorithm. + /* e > 1, so we really have to use the Tonelli/Shanks algorithm. * First, find some y that is not a square. */ i = 2; do diff --git a/crypto/bn/bntest.c b/crypto/bn/bntest.c index 0a97af69c5..91563dd222 100644 --- a/crypto/bn/bntest.c +++ b/crypto/bn/bntest.c @@ -91,6 +91,8 @@ int test_mod(BIO *bp,BN_CTX *ctx); int test_mod_mul(BIO *bp,BN_CTX *ctx); int test_mod_exp(BIO *bp,BN_CTX *ctx); int test_exp(BIO *bp,BN_CTX *ctx); +int test_kron(BIO *bp,BN_CTX *ctx); +int test_sqrt(BIO *bp,BN_CTX *ctx); int rand_neg(void); static int results=0; @@ -122,9 +124,7 @@ int main(int argc, char *argv[]) results = 0; - RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we don't - * even check its return value - * (which we should) */ + RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */ argc--; argv++; @@ -228,6 +228,14 @@ int main(int argc, char *argv[]) if (!test_exp(out,ctx)) goto err; BIO_flush(out); + message(out,"BN_kronecker"); + if (!test_kron(out,ctx)) goto err; + BIO_flush(out); + + message(out,"BN_mod_sqrt"); + if (!test_sqrt(out,ctx)) goto err; + BIO_flush(out); + BN_CTX_free(ctx); BIO_free(out); @@ -247,21 +255,17 @@ int test_add(BIO *bp) { BIGNUM a,b,c; int i; - int j; BN_init(&a); BN_init(&b); BN_init(&c); - BN_rand(&a,512,0,0); + BN_bntest_rand(&a,512,0,0); for (i=0; i<num0; i++) { - BN_rand(&b,450+i,0,0); + BN_bntest_rand(&b,450+i,0,0); a.neg=rand_neg(); b.neg=rand_neg(); - if (bp == NULL) - for (j=0; j<10000; j++) - BN_add(&c,&a,&b); BN_add(&c,&a,&b); if (bp != NULL) { @@ -295,7 +299,6 @@ int test_sub(BIO *bp) { BIGNUM a,b,c; int i; - int j; BN_init(&a); BN_init(&b); @@ -305,20 +308,17 @@ int test_sub(BIO *bp) { if (i < num1) { - BN_rand(&a,512,0,0); + BN_bntest_rand(&a,512,0,0); BN_copy(&b,&a); if (BN_set_bit(&a,i)==0) return(0); BN_add_word(&b,i); } else { - BN_rand(&b,400+i-num1,0,0); + BN_bntest_rand(&b,400+i-num1,0,0); a.neg=rand_neg(); b.neg=rand_neg(); } - if (bp == NULL) - for (j=0; j<10000; j++) - BN_sub(&c,&a,&b); BN_sub(&c,&a,&b); if (bp != NULL) { @@ -350,7 +350,6 @@ int test_div(BIO *bp, BN_CTX *ctx) { BIGNUM a,b,c,d,e; int i; - int j; BN_init(&a); BN_init(&b); @@ -362,18 +361,15 @@ int test_div(BIO *bp, BN_CTX *ctx) { if (i < num1) { - BN_rand(&a,400,0,0); + BN_bntest_rand(&a,400,0,0); BN_copy(&b,&a); BN_lshift(&a,&a,i); BN_add_word(&a,i); } else - BN_rand(&b,50+3*(i-num1),0,0); + BN_bntest_rand(&b,50+3*(i-num1),0,0); a.neg=rand_neg(); b.neg=rand_neg(); - if (bp == NULL) - for (j=0; j<100; j++) - BN_div(&d,&c,&a,&b,ctx); BN_div(&d,&c,&a,&b,ctx); if (bp != NULL) { @@ -419,7 +415,6 @@ int test_div_recp(BIO *bp, BN_CTX *ctx) BIGNUM a,b,c,d,e; BN_RECP_CTX recp; int i; - int j; BN_RECP_CTX_init(&recp); BN_init(&a); @@ -432,19 +427,16 @@ int test_div_recp(BIO *bp, BN_CTX *ctx) { if (i < num1) { - BN_rand(&a,400,0,0); + BN_bntest_rand(&a,400,0,0); BN_copy(&b,&a); BN_lshift(&a,&a,i); BN_add_word(&a,i); } else - BN_rand(&b,50+3*(i-num1),0,0); + BN_bntest_rand(&b,50+3*(i-num1),0,0); a.neg=rand_neg(); b.neg=rand_neg(); BN_RECP_CTX_set(&recp,&b,ctx); - if (bp == NULL) - for (j=0; j<100; j++) - BN_div_recp(&d,&c,&a,&recp,ctx); BN_div_recp(&d,&c,&a,&recp,ctx); if (bp != NULL) { @@ -495,7 +487,6 @@ int test_mul(BIO *bp) { BIGNUM a,b,c,d,e; int i; - int j; BN_CTX ctx; BN_CTX_init(&ctx); @@ -509,16 +500,13 @@ int test_mul(BIO *bp) { if (i <= num1) { - BN_rand(&a,100,0,0); - BN_rand(&b,100,0,0); + BN_bntest_rand(&a,100,0,0); + BN_bntest_rand(&b,100,0,0); } else - BN_rand(&b,i-num1,0,0); + BN_bntest_rand(&b,i-num1,0,0); a.neg=rand_neg(); b.neg=rand_neg(); - if (bp == NULL) - for (j=0; j<100; j++) - BN_mul(&c,&a,&b,&ctx); BN_mul(&c,&a,&b,&ctx); if (bp != NULL) { @@ -553,7 +541,6 @@ int test_sqr(BIO *bp, BN_CTX *ctx) { BIGNUM a,c,d,e; int i; - int j; BN_init(&a); BN_init(&c); @@ -562,11 +549,8 @@ int test_sqr(BIO *bp, BN_CTX *ctx) for (i=0; i<num0; i++) { - BN_rand(&a,40+i*10,0,0); + BN_bntest_rand(&a,40+i*10,0,0); a.neg=rand_neg(); - if (bp == NULL) - for (j=0; j<100; j++) - BN_sqr(&c,&a,ctx); BN_sqr(&c,&a,ctx); if (bp != NULL) { @@ -600,7 +584,6 @@ int test_mont(BIO *bp, BN_CTX *ctx) BIGNUM a,b,c,d,A,B; BIGNUM n; int i; - int j; BN_MONT_CTX *mont; BN_init(&a); @@ -613,23 +596,23 @@ int test_mont(BIO *bp, BN_CTX *ctx) mont=BN_MONT_CTX_new(); - BN_rand(&a,100,0,0); /**/ - BN_rand(&b,100,0,0); /**/ + BN_bntest_rand(&a,100,0,0); /**/ + BN_bntest_rand(&b,100,0,0); /**/ for (i=0; i<num2; i++) { int bits = (200*(i+1))/num2; if (bits == 0) continue; - BN_rand(&n,bits,0,1); + BN_bntest_rand(&n,bits,0,1); BN_MONT_CTX_set(mont,&n,ctx); + BN_nnmod(&a,&a,&n,ctx); + BN_nnmod(&b,&b,&n,ctx); + BN_to_montgomery(&A,&a,mont,ctx); BN_to_montgomery(&B,&b,mont,ctx); - if (bp == NULL) - for (j=0; j<100; j++) - BN_mod_mul_montgomery(&c,&A,&B,mont,ctx);/**/ BN_mod_mul_montgomery(&c,&A,&B,mont,ctx);/**/ BN_from_montgomery(&A,&c,mont,ctx);/**/ if (bp != NULL) @@ -675,7 +658,6 @@ int test_mod(BIO *bp, BN_CTX *ctx) { BIGNUM *a,*b,*c,*d,*e; int i; - int j; a=BN_new(); b=BN_new(); @@ -683,15 +665,12 @@ int test_mod(BIO *bp, BN_CTX *ctx) d=BN_new(); e=BN_new(); - BN_rand(a,1024,0,0); /**/ + BN_bntest_rand(a,1024,0,0); /**/ for (i=0; i<num0; i++) { - BN_rand(b,450+i*10,0,0); /**/ + BN_bntest_rand(b,450+i*10,0,0); /**/ a->neg=rand_neg(); b->neg=rand_neg(); - if (bp == NULL) - for (j=0; j<100; j++) - BN_mod(c,a,b,ctx);/**/ BN_mod(c,a,b,ctx);/**/ if (bp != NULL) { @@ -732,17 +711,13 @@ int test_mod_mul(BIO *bp, BN_CTX *ctx) d=BN_new(); e=BN_new(); - BN_rand(c,1024,0,0); /**/ + BN_bntest_rand(c,1024,0,0); /**/ for (i=0; i<num0; i++) { - BN_rand(a,475+i*10,0,0); /**/ - BN_rand(b,425+i*11,0,0); /**/ + BN_bntest_rand(a,475+i*10,0,0); /**/ + BN_bntest_rand(b,425+i*11,0,0); /**/ a->neg=rand_neg(); b->neg=rand_neg(); - /* if (bp == NULL) - for (j=0; j<100; j++) - BN_mod_mul(d,a,b,c,ctx);*/ /**/ - if (!BN_mod_mul(e,a,b,c,ctx)) { unsigned long l; @@ -761,6 +736,16 @@ int test_mod_mul(BIO *bp, BN_CTX *ctx) BN_print(bp,b); BIO_puts(bp," % "); BN_print(bp,c); + if ((a->neg ^ b->neg) && !BN_is_zero(e)) + { + /* If (a*b) % c is negative, c must be added + * in order to obtain the normalized remainder + * (new with OpenSSL 0.9.7, previous versions of + * BN_mod_mul could generate negative results) + */ + BIO_puts(bp," + "); + BN_print(bp,c); + } BIO_puts(bp," - "); } BN_print(bp,e); @@ -772,6 +757,7 @@ int test_mod_mul(BIO *bp, BN_CTX *ctx) if(!BN_is_zero(b)) { fprintf(stderr,"Modulo multiply test failed!\n"); + ERR_print_errors_fp(stderr); return 0; } } @@ -794,11 +780,11 @@ int test_mod_exp(BIO *bp, BN_CTX *ctx) d=BN_new(); e=BN_new(); - BN_rand(c,30,0,1); /* must be odd for montgomery */ + BN_bntest_rand(c,30,0,1); /* must be odd for montgomery */ for (i=0; i<num2; i++) { - BN_rand(a,20+i*5,0,0); /**/ - BN_rand(b,2+i,0,0); /**/ + BN_bntest_rand(a,20+i*5,0,0); /**/ + BN_bntest_rand(b,2+i,0,0); /**/ if (!BN_mod_exp(d,a,b,c,ctx)) return(00); @@ -848,8 +834,8 @@ int test_exp(BIO *bp, BN_CTX *ctx) for (i=0; i<num2; i++) { - BN_rand(a,20+i*5,0,0); /**/ - BN_rand(b,2+i,0,0); /**/ + BN_bntest_rand(a,20+i*5,0,0); /**/ + BN_bntest_rand(b,2+i,0,0); /**/ if (!BN_exp(d,a,b,ctx)) return(00); @@ -884,6 +870,172 @@ int test_exp(BIO *bp, BN_CTX *ctx) return(1); } +static void genprime_cb(int p, int n, void *arg) + { + char c='*'; + + if (p == 0) c='.'; + if (p == 1) c='+'; + if (p == 2) c='*'; + if (p == 3) c='\n'; + putc(c, stderr); + fflush(stderr); + (void)n; + (void)arg; + } + +int test_kron(BIO *bp, BN_CTX *ctx) + { + BIGNUM *a,*b,*r,*t; + int i; + int legendre, kronecker; + int ret = 0; + + a = BN_new(); + b = BN_new(); + r = BN_new(); + t = BN_new(); + if (a == NULL || b == NULL || r == NULL || t == NULL) goto err; + + /* We test BN_kronecker(a, b, ctx) just for b odd (Jacobi symbol). + * In this case we know that if b is prime, then BN_kronecker(a, b, ctx) + * is congruent to $a^{(b-1)/2}$, modulo $b$ (Legendre symbol). + * So we generate a random prime b and compare these values + * for a number of random a's. (That is, we run the Solovay-Strassen + * primality test to confirm that b is prime, except that we + * don't want to test whether b is prime but whether BN_kronecker + * works.) */ + + if (!BN_generate_prime(b, 512, 0, NULL, NULL, genprime_cb, NULL)) goto err; + putc('\n', stderr); + + for (i = 0; i < num0; i++) + { + if (!BN_bntest_rand(a, 512, 0, 0)) goto err; + a->neg = rand_neg(); + + /* t := (b-1)/2 (note that b is odd) */ + if (!BN_copy(t, b)) goto err; + if (!BN_sub_word(t, 1)) goto err; + if (!BN_rshift1(t, t)) goto err; + /* r := a^t mod b */ + if (!BN_mod_exp(r, a, t, b, ctx)) goto err; + + if (BN_is_word(r, 1)) + legendre = 1; + else if (BN_is_zero(r)) + legendre = 0; + else + { + if (!BN_add_word(r, 1)) goto err; + if (0 != BN_cmp(r, b)) + { + fprintf(stderr, "Legendre symbol computation failed\n"); + goto err; + } + legendre = -1; + } + + kronecker = BN_kronecker(a, b, ctx); + if (kronecker < -1) goto err; + + if (legendre != kronecker) + { + fprintf(stderr, "legendre != kronecker; a = "); + BN_print_fp(stderr, a); + fprintf(stderr, ", b = "); + BN_print_fp(stderr, b); + fprintf(stderr, "\n"); + goto err; + } + + putc('.', stderr); + fflush(stderr); + } + + putc('\n', stderr); + fflush(stderr); + ret = 1; + err: + if (a != NULL) BN_free(a); + if (b != NULL) BN_free(b); + if (r != NULL) BN_free(r); + if (t != NULL) BN_free(t); + return ret; + } + +int test_sqrt(BIO *bp, BN_CTX *ctx) + { + BIGNUM *a,*p,*r; + int i, j; + int ret = 0; + + a = BN_new(); + p = BN_new(); + r = BN_new(); + if (a == NULL || p == NULL || r == NULL) goto err; + + for (i = 0; i < 16; i++) + { + if (i < 8) + { + unsigned primes[8] = { 2, 3, 5, 7, 11, 13, 17, 19 }; + + if (!BN_set_word(p, primes[i])) goto err; + } + else + { + if (!BN_set_word(a, 32)) goto err; + if (!BN_set_word(r, 2*i + 1)) goto err; + + if (!BN_generate_prime(p, 256, 0, a, r, genprime_cb, NULL)) goto err; + putc('\n', stderr); + } + + for (j = 0; j < num2; j++) + { + /* construct 'a' such that it is a square modulo p, + * but in general not a proper square and not reduced modulo p */ + if (!BN_bntest_rand(r, 256, 0, 3)) goto err; + if (!BN_nnmod(r, r, p, ctx)) goto err; + if (!BN_mod_sqr(r, r, p, ctx)) goto err; + if (!BN_bntest_rand(a, 256, 0, 3)) goto err; + if (!BN_nnmod(a, a, p, ctx)) goto err; + if (!BN_mod_sqr(a, a, p, ctx)) goto err; + if (!BN_mul(a, a, r, ctx)) goto err; + + if (!BN_mod_sqrt(r, a, p, ctx)) goto err; + if (!BN_mod_sqr(r, r, p, ctx)) goto err; + + if (!BN_nnmod(a, a, p, ctx)) goto err; + + if (BN_cmp(a, r) != 0) + { + fprintf(stderr, "BN_mod_sqrt failed: a = "); + BN_print_fp(stderr, a); + fprintf(stderr, ", r = "); + BN_print_fp(stderr, r); + fprintf(stderr, ", p = "); + BN_print_fp(stderr, p); + fprintf(stderr, "\n"); + goto err; + } + + putc('.', stderr); + fflush(stderr); + } + + putc('\n', stderr); + fflush(stderr); + } + ret = 1; + err: + if (a != NULL) BN_free(a); + if (p != NULL) BN_free(p); + if (r != NULL) BN_free(r); + return ret; + } + int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_) { BIGNUM *a,*b,*c,*d; @@ -899,7 +1051,7 @@ int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_) else { a=BN_new(); - BN_rand(a,200,0,0); /**/ + BN_bntest_rand(a,200,0,0); /**/ a->neg=rand_neg(); } for (i=0; i<num0; i++) @@ -951,7 +1103,7 @@ int test_lshift1(BIO *bp) b=BN_new(); c=BN_new(); - BN_rand(a,200,0,0); /**/ + BN_bntest_rand(a,200,0,0); /**/ a->neg=rand_neg(); for (i=0; i<num0; i++) { @@ -995,7 +1147,7 @@ int test_rshift(BIO *bp,BN_CTX *ctx) e=BN_new(); BN_one(c); - BN_rand(a,200,0,0); /**/ + BN_bntest_rand(a,200,0,0); /**/ a->neg=rand_neg(); for (i=0; i<num0; i++) { @@ -1038,7 +1190,7 @@ int test_rshift1(BIO *bp) b=BN_new(); c=BN_new(); - BN_rand(a,200,0,0); /**/ + BN_bntest_rand(a,200,0,0); /**/ a->neg=rand_neg(); for (i=0; i<num0; i++) { diff --git a/crypto/bn/expspeed.c b/crypto/bn/expspeed.c index 2044ab9bff..c55347e297 100644 --- a/crypto/bn/expspeed.c +++ b/crypto/bn/expspeed.c @@ -61,6 +61,28 @@ /* most of this code has been pilfered from my libdes speed.c program */ #define BASENUM 5000 +#define NUM_START 0 + + +/* determine timings for modexp, gcd, or modular inverse */ +#define TEST_EXP +#undef TEST_GCD +#undef TEST_KRON +#undef TEST_INV +#undef TEST_SQRT +#define P_MOD_64 9 /* least significant 6 bits for prime to be used for BN_sqrt timings */ + +#if defined(TEST_EXP) + defined(TEST_GCD) + defined(TEST_KRON) + defined(TEST_INV) +defined(TEST_SQRT) != 1 +# error "choose one test" +#endif + +#if defined(TEST_INV) || defined(TEST_SQRT) +# define C_PRIME +static void genprime_cb(int p, int n, void *arg); +#endif + + + #undef PROG #define PROG bnspeed_main @@ -70,6 +92,7 @@ #include <string.h> #include <openssl/crypto.h> #include <openssl/err.h> +#include <openssl/rand.h> #if !defined(MSDOS) && (!defined(VMS) || defined(__DECC)) #define TIMES @@ -161,11 +184,16 @@ static double Time_F(int s) #endif } -#define NUM_SIZES 6 -static int sizes[NUM_SIZES]={256,512,1024,2048,4096,8192}; -static int mul_c[NUM_SIZES]={8*8*8*8*8,8*8*8*8,8*8*8,8*8,8,1}; +#define NUM_SIZES 7 +#if NUM_START > NUM_SIZES +# error "NUM_START > NUM_SIZES" +#endif +static int sizes[NUM_SIZES]={128,256,512,1024,2048,4096,8192}; +static int mul_c[NUM_SIZES]={8*8*8*8*8*8,8*8*8*8*8,8*8*8*8,8*8*8,8*8,8,1}; /*static int sizes[NUM_SIZES]={59,179,299,419,539}; */ +#define RAND_SEED(string) { const char str[] = string; RAND_seed(string, sizeof str); } + void do_mul_exp(BIGNUM *r,BIGNUM *a,BIGNUM *b,BIGNUM *c,BN_CTX *ctx); int main(int argc, char **argv) @@ -173,13 +201,23 @@ int main(int argc, char **argv) BN_CTX *ctx; BIGNUM *a,*b,*c,*r; +#if 1 + if (!CRYPTO_set_mem_debug_functions(0,0,0,0,0)) + abort(); +#endif + ctx=BN_CTX_new(); a=BN_new(); b=BN_new(); c=BN_new(); r=BN_new(); + while (!RAND_status()) + /* not enough bits */ + RAND_SEED("I demand a manual recount!"); + do_mul_exp(r,a,b,c,ctx); + return 0; } void do_mul_exp(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx) @@ -187,29 +225,107 @@ void do_mul_exp(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx) int i,k; double tm; long num; - BN_MONT_CTX m; - - memset(&m,0,sizeof(m)); num=BASENUM; - for (i=0; i<NUM_SIZES; i++) + for (i=NUM_START; i<NUM_SIZES; i++) { - BN_rand(a,sizes[i],1,0); - BN_rand(b,sizes[i],1,0); - BN_rand(c,sizes[i],1,1); - BN_mod(a,a,c,ctx); - BN_mod(b,b,c,ctx); - - BN_MONT_CTX_set(&m,c,ctx); +#ifdef C_PRIME +# ifdef TEST_SQRT + if (!BN_set_word(a, 64)) goto err; + if (!BN_set_word(b, P_MOD_64)) goto err; +# define ADD a +# define REM b +# else +# define ADD NULL +# define REM NULL +# endif + if (!BN_generate_prime(c,sizes[i],0,ADD,REM,genprime_cb,NULL)) goto err; + putc('\n', stderr); + fflush(stderr); +#endif - Time_F(START); for (k=0; k<num; k++) - BN_mod_exp_mont(r,a,b,c,ctx,&m); + { + if (k%50 == 0) /* Average over num/50 different choices of random numbers. */ + { + if (!BN_pseudo_rand(a,sizes[i],1,0)) goto err; + + if (!BN_pseudo_rand(b,sizes[i],1,0)) goto err; + +#ifndef C_PRIME + if (!BN_pseudo_rand(c,sizes[i],1,1)) goto err; +#endif + +#ifdef TEST_SQRT + if (!BN_mod_sqr(a,a,c,ctx)) goto err; + if (!BN_mod_sqr(b,b,c,ctx)) goto err; +#else + if (!BN_nnmod(a,a,c,ctx)) goto err; + if (!BN_nnmod(b,b,c,ctx)) goto err; +#endif + + if (k == 0) + Time_F(START); + } + +#if defined(TEST_EXP) + if (!BN_mod_exp(r,a,b,c,ctx)) goto err; +#elif defined(TEST_GCD) + if (!BN_gcd(r,a,b,ctx)) goto err; + if (!BN_gcd(r,b,c,ctx)) goto err; + if (!BN_gcd(r,c,a,ctx)) goto err; +#elif defined(TEST_KRON) + if (-2 == BN_kronecker(a,b,ctx)) goto err; + if (-2 == BN_kronecker(b,c,ctx)) goto err; + if (-2 == BN_kronecker(c,a,ctx)) goto err; +#elif defined(TEST_INV) + if (!BN_mod_inverse(r,a,c,ctx)) goto err; + if (!BN_mod_inverse(r,b,c,ctx)) goto err; +#else /* TEST_SQRT */ + if (!BN_mod_sqrt(r,a,c,ctx)) goto err; + if (!BN_mod_sqrt(r,b,c,ctx)) goto err; +#endif + } tm=Time_F(STOP); - printf("mul %4d ^ %4d %% %d -> %8.3fms %5.1f\n",sizes[i],sizes[i],sizes[i],tm*1000.0/num,tm*mul_c[i]/num); + printf( +#if defined(TEST_EXP) + "modexp %4d ^ %4d %% %4d" +#elif defined(TEST_GCD) + "3*gcd %4d %4d %4d" +#elif defined(TEST_KRON) + "3*kronecker %4d %4d %4d" +#elif defined(TEST_INV) + "2*inv %4d %4d mod %4d" +#else /* TEST_SQRT */ + "2*sqrt [prime == %d (mod 64)] %4d %4d mod %4d" +#endif + " -> %8.3fms %5.1f (%ld)\n", +#ifdef TEST_SQRT + P_MOD_64, +#endif + sizes[i],sizes[i],sizes[i],tm*1000.0/num,tm*mul_c[i]/num, num); num/=7; if (num <= 0) num=1; } + return; + err: + ERR_print_errors_fp(stderr); } + +#ifdef C_PRIME +static void genprime_cb(int p, int n, void *arg) + { + char c='*'; + + if (p == 0) c='.'; + if (p == 1) c='+'; + if (p == 2) c='*'; + if (p == 3) c='\n'; + putc(c, stderr); + fflush(stderr); + (void)n; + (void)arg; + } +#endif diff --git a/crypto/comp/c_rle.c b/crypto/comp/c_rle.c index 1a819e3737..efd366fa22 100644 --- a/crypto/comp/c_rle.c +++ b/crypto/comp/c_rle.c @@ -17,6 +17,7 @@ static COMP_METHOD rle_method={ rle_compress_block, rle_expand_block, NULL, + NULL, }; COMP_METHOD *COMP_rle(void) diff --git a/crypto/comp/c_zlib.c b/crypto/comp/c_zlib.c index 6684ab4841..c2ff6c7011 100644 --- a/crypto/comp/c_zlib.c +++ b/crypto/comp/c_zlib.c @@ -6,11 +6,10 @@ COMP_METHOD *COMP_zlib(void ); -#ifndef ZLIB - -static COMP_METHOD zlib_method={ +static COMP_METHOD zlib_method_nozlib={ NID_undef, - "(null)", + "(undef)", + NULL, NULL, NULL, NULL, @@ -18,6 +17,8 @@ static COMP_METHOD zlib_method={ NULL, }; +#ifndef ZLIB +#undef ZLIB_SHARED #else #include <zlib.h> @@ -38,8 +39,56 @@ static COMP_METHOD zlib_method={ zlib_compress_block, zlib_expand_block, NULL, + NULL, }; +/* + * When OpenSSL is built on Windows, we do not want to require that + * the ZLIB.DLL be available in order for the OpenSSL DLLs to + * work. Therefore, all ZLIB routines are loaded at run time + * and we do not link to a .LIB file. + */ +#if defined(WINDOWS) || defined(WIN32) +# include <windows.h> + +# define Z_CALLCONV _stdcall +# define ZLIB_SHARED +#else +# define Z_CALLCONV +#endif /* !(WINDOWS || WIN32) */ + +#ifdef ZLIB_SHARED +#include <openssl/dso.h> + +/* Prototypes for built in stubs */ +static int stub_compress(Bytef *dest,uLongf *destLen, + const Bytef *source, uLong sourceLen); +static int stub_inflateEnd(z_streamp strm); +static int stub_inflate(z_streamp strm, int flush); +static int stub_inflateInit_(z_streamp strm, const char * version, + int stream_size); + +/* Function pointers */ +typedef int (Z_CALLCONV *compress_ft)(Bytef *dest,uLongf *destLen, + const Bytef *source, uLong sourceLen); +typedef int (Z_CALLCONV *inflateEnd_ft)(z_streamp strm); +typedef int (Z_CALLCONV *inflate_ft)(z_streamp strm, int flush); +typedef int (Z_CALLCONV *inflateInit__ft)(z_streamp strm, + const char * version, int stream_size); +static compress_ft p_compress=NULL; +static inflateEnd_ft p_inflateEnd=NULL; +static inflate_ft p_inflate=NULL; +static inflateInit__ft p_inflateInit_=NULL; + +static int zlib_loaded = 0; /* only attempt to init func pts once */ +static DSO *zlib_dso = NULL; + +#define compress stub_compress +#define inflateEnd stub_inflateEnd +#define inflate stub_inflate +#define inflateInit_ stub_inflateInit_ +#endif /* ZLIB_SHARED */ + static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out, unsigned int olen, unsigned char *in, unsigned int ilen) { @@ -66,7 +115,10 @@ static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out, memcpy(&(out[1]),in,ilen); l=ilen+1; } -fprintf(stderr,"compress(%4d)->%4d %s\n",ilen,(int)l,(clear)?"clear":"zlib"); +#ifdef DEBUG_ZLIB + fprintf(stderr,"compress(%4d)->%4d %s\n", + ilen,(int)l,(clear)?"clear":"zlib"); +#endif return((int)l); } @@ -88,7 +140,10 @@ static int zlib_expand_block(COMP_CTX *ctx, unsigned char *out, memcpy(out,&(in[1]),ilen-1); l=ilen-1; } - fprintf(stderr,"expand (%4d)->%4d %s\n",ilen,(int)l,in[0]?"zlib":"clear"); +#ifdef DEBUG_ZLIB + fprintf(stderr,"expand (%4d)->%4d %s\n", + ilen,(int)l,in[0]?"zlib":"clear"); +#endif return((int)l); } @@ -128,6 +183,78 @@ static int zz_uncompress (Bytef *dest, uLongf *destLen, const Bytef *source, COMP_METHOD *COMP_zlib(void) { - return(&zlib_method); + COMP_METHOD *meth = &zlib_method_nozlib; + +#ifdef ZLIB_SHARED + if (!zlib_loaded) + { +#if defined(WINDOWS) || defined(WIN32) + zlib_dso = DSO_load(NULL, "ZLIB", NULL, 0); +#else + zlib_dso = DSO_load(NULL, "z", NULL, 0); +#endif + if (zlib_dso != NULL) + { + p_compress + = (compress_ft) DSO_bind_func(zlib_dso, + "compress"); + p_inflateEnd + = (inflateEnd_ft) DSO_bind_func(zlib_dso, + "inflateEnd"); + p_inflate + = (inflate_ft) DSO_bind_func(zlib_dso, + "inflate"); + p_inflateInit_ + = (inflateInit__ft) DSO_bind_func(zlib_dso, + "inflateInit_"); + zlib_loaded++; + meth = &zlib_method; + } + } + +#elif defined(ZLIB) + meth = &zlib_method; +#endif + + return(meth); + } + +#ifdef ZLIB_SHARED +/* Stubs for each function to be dynamicly loaded */ +static int +stub_compress(Bytef *dest,uLongf *destLen,const Bytef *source, uLong sourceLen) + { + if (p_compress) + return(p_compress(dest,destLen,source,sourceLen)); + else + return(Z_MEM_ERROR); + } + +static int +stub_inflateEnd(z_streamp strm) + { + if ( p_inflateEnd ) + return(p_inflateEnd(strm)); + else + return(Z_MEM_ERROR); + } + +static int +stub_inflate(z_streamp strm, int flush) + { + if ( p_inflate ) + return(p_inflate(strm,flush)); + else + return(Z_MEM_ERROR); + } + +static int +stub_inflateInit_(z_streamp strm, const char * version, int stream_size) + { + if ( p_inflateInit_ ) + return(p_inflateInit_(strm,version,stream_size)); + else + return(Z_MEM_ERROR); } +#endif /* ZLIB_SHARED */ diff --git a/crypto/comp/comp.h b/crypto/comp/comp.h index 0922609542..aee8fcdef9 100644 --- a/crypto/comp/comp.h +++ b/crypto/comp/comp.h @@ -39,9 +39,7 @@ int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen, int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen, unsigned char *in, int ilen); COMP_METHOD *COMP_rle(void ); -#ifdef ZLIB COMP_METHOD *COMP_zlib(void ); -#endif /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes diff --git a/crypto/conf/cnf_save.c b/crypto/conf/cnf_save.c index e907cc2242..efbb61373e 100644 --- a/crypto/conf/cnf_save.c +++ b/crypto/conf/cnf_save.c @@ -73,7 +73,7 @@ main() exit(1); } - lh_doall(conf,print_conf); + lh_doall(conf,(LHASH_DOALL_FN_TYPE)print_conf); } diff --git a/crypto/conf/conf_api.c b/crypto/conf/conf_api.c index 7abeeced07..64bbd971ab 100644 --- a/crypto/conf/conf_api.c +++ b/crypto/conf/conf_api.c @@ -73,6 +73,9 @@ static void value_free_stack(CONF_VALUE *a,LHASH *conf); static unsigned long hash(CONF_VALUE *v); static int cmp_conf(CONF_VALUE *a,CONF_VALUE *b); +static IMPLEMENT_LHASH_HASH_FN(hash, CONF_VALUE *) +static IMPLEMENT_LHASH_COMP_FN(cmp_conf, CONF_VALUE *) + /* Up until OpenSSL 0.9.5a, this was get_section */ CONF_VALUE *_CONF_get_section(CONF *conf, char *section) { @@ -181,7 +184,8 @@ int _CONF_new_data(CONF *conf) return 0; } if (conf->data == NULL) - if ((conf->data = lh_new(hash,cmp_conf)) == NULL) + if ((conf->data = lh_new(LHASH_HASH_FN(hash), + LHASH_COMP_FN(cmp_conf))) == NULL) { return 0; } @@ -194,12 +198,14 @@ void _CONF_free_data(CONF *conf) conf->data->down_load=0; /* evil thing to make sure the 'OPENSSL_free()' * works as expected */ - lh_doall_arg(conf->data,(void (*)())value_free_hash,conf->data); + lh_doall_arg(conf->data, (LHASH_DOALL_ARG_FN_TYPE)value_free_hash, + conf->data); /* We now have only 'section' entries in the hash table. * Due to problems with */ - lh_doall_arg(conf->data,(void (*)())value_free_stack,conf->data); + lh_doall_arg(conf->data, (LHASH_DOALL_ARG_FN_TYPE)value_free_stack, + conf->data); lh_free(conf->data); } diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c index 6825d96455..1d30f6f771 100644 --- a/crypto/conf/conf_def.c +++ b/crypto/conf/conf_def.c @@ -712,7 +712,7 @@ static void dump_value(CONF_VALUE *a, BIO *out) static int def_dump(CONF *conf, BIO *out) { - lh_doall_arg(conf->data, (void (*)())dump_value, out); + lh_doall_arg(conf->data, (LHASH_DOALL_ARG_FN_TYPE)dump_value, out); return 1; } diff --git a/crypto/crypto-lib.com b/crypto/crypto-lib.com index 70e3c91b34..70544994d6 100644 --- a/crypto/crypto-lib.com +++ b/crypto/crypto-lib.com @@ -196,7 +196,7 @@ $ LIB_BF = "bf_skey,bf_ecb,bf_enc,bf_cfb64,bf_ofb64" $ LIB_CAST = "c_skey,c_ecb,c_enc,c_cfb64,c_ofb64" $ LIB_BN_ASM = "[.asm]vms.mar,vms-helper" $ IF F$TRNLNM("OPENSSL_NO_ASM").OR.ARCH.EQS."AXP" THEN LIB_BN_ASM = "bn_asm" -$ LIB_BN = "bn_add,bn_div,bn_exp,bn_lib,bn_ctx,bn_mul,"+ - +$ LIB_BN = "bn_add,bn_div,bn_exp,bn_lib,bn_ctx,bn_mul,bn_mod,bn_kron,bn_sqrt"+ - "bn_print,bn_rand,bn_shift,bn_word,bn_blind,"+ - "bn_gcd,bn_prime,bn_err,bn_sqr,"+LIB_BN_ASM+",bn_recp,bn_mont,"+ - "bn_mpi,bn_exp2" @@ -206,9 +206,9 @@ $ LIB_DSA = "dsa_gen,dsa_key,dsa_lib,dsa_asn1,dsa_vrf,dsa_sign,dsa_err,dsa_ossl" $ LIB_DH = "dh_gen,dh_key,dh_lib,dh_check,dh_err" $ LIB_DSO = "dso_dl,dso_dlfcn,dso_err,dso_lib,dso_null,"+ - "dso_openssl,dso_win32,dso_vms" -$ LIB_ENGINE = "engine_err,engine_lib,engine_list,engine_openssl,"+ - - "hw_atalla,hw_cswift,hw_ncipher" -$ LIB_RIJNDAEL = "rijndael-alg-fst" +$ LIB_ENGINE = "engine_err,engine_lib,engine_list,engine_all,engine_openssl,"+ - + "hw_atalla,hw_cswift,hw_ncipher,hw_nuron" +$ LIB_RIJNDAEL = "rd_fst" $ LIB_BUFFER = "buffer,buf_err" $ LIB_BIO = "bio_lib,bio_cb,bio_err,"+ - "bss_mem,bss_null,bss_fd,"+ - @@ -223,7 +223,7 @@ $ LIB_ERR = "err,err_all,err_prn" $ LIB_OBJECTS = "o_names,obj_dat,obj_lib,obj_err" $ LIB_EVP = "encode,digest,evp_enc,evp_key,"+ - "e_des,e_bf,e_idea,e_des3,"+ - - "e_rc4,names,"+ - + "e_rc4,e_rd,names,"+ - "e_xcbc_d,e_rc2,e_cast,e_rc5" $ LIB_EVP_2 = "m_null,m_md2,m_md4,m_md5,m_sha,m_sha1," + - "m_dss,m_dss1,m_mdc2,m_ripemd,"+ - @@ -896,6 +896,7 @@ $ ENDIF $! $! Check To See If P2 Is Blank. $! +$ P2 = "NORSAREF" $ IF (P2.EQS."NORSAREF") $ THEN $! diff --git a/crypto/crypto.h b/crypto/crypto.h index 52ee97b71a..08bb1fc83e 100644 --- a/crypto/crypto.h +++ b/crypto/crypto.h @@ -281,7 +281,7 @@ unsigned long SSLeay(void); int CRYPTO_get_ex_new_index(int idx, STACK_OF(CRYPTO_EX_DATA_FUNCS) **skp, long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val); -void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *ad,int idx); +void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad,int idx); int CRYPTO_dup_ex_data(STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth, CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from); void CRYPTO_free_ex_data(STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth, void *obj, CRYPTO_EX_DATA *ad); diff --git a/crypto/dh/Makefile.ssl b/crypto/dh/Makefile.ssl index 2e26f8b406..ccbac65a92 100644 --- a/crypto/dh/Makefile.ssl +++ b/crypto/dh/Makefile.ssl @@ -125,7 +125,7 @@ dh_key.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h dh_key.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h dh_key.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h dh_key.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -dh_key.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +dh_key.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h dh_key.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h dh_key.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h dh_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -144,7 +144,7 @@ dh_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h dh_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h dh_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h dh_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -dh_lib.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +dh_lib.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h dh_lib.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h dh_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h dh_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h index 7a8d9f88c2..7e732e1c32 100644 --- a/crypto/dh/dh.h +++ b/crypto/dh/dh.h @@ -81,9 +81,9 @@ typedef struct dh_method { const char *name; /* Methods here */ int (*generate_key)(DH *dh); - int (*compute_key)(unsigned char *key,BIGNUM *pub_key,DH *dh); - int (*bn_mod_exp)(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, + int (*compute_key)(unsigned char *key,const BIGNUM *pub_key,DH *dh); + int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a, + const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* Can be null */ int (*init)(DH *dh); @@ -152,13 +152,13 @@ struct dh_st (unsigned char *)(x)) #endif -DH_METHOD *DH_OpenSSL(void); +const DH_METHOD *DH_OpenSSL(void); -void DH_set_default_openssl_method(DH_METHOD *meth); -DH_METHOD *DH_get_default_openssl_method(void); +void DH_set_default_openssl_method(const DH_METHOD *meth); +const DH_METHOD *DH_get_default_openssl_method(void); #if 0 -DH_METHOD *DH_set_method(DH *dh, DH_METHOD *meth); -DH *DH_new_method(DH_METHOD *meth); +const DH_METHOD *DH_set_method(DH *dh, const DH_METHOD *meth); +DH *DH_new_method(const DH_METHOD *meth); #else int DH_set_method(DH *dh, struct engine_st *engine); DH *DH_new_method(struct engine_st *engine); @@ -166,27 +166,27 @@ DH *DH_new_method(struct engine_st *engine); DH * DH_new(void); void DH_free(DH *dh); -int DH_size(DH *dh); +int DH_size(const DH *dh); int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); int DH_set_ex_data(DH *d, int idx, void *arg); void *DH_get_ex_data(DH *d, int idx); DH * DH_generate_parameters(int prime_len,int generator, void (*callback)(int,int,void *),void *cb_arg); -int DH_check(DH *dh,int *codes); +int DH_check(const DH *dh,int *codes); int DH_generate_key(DH *dh); -int DH_compute_key(unsigned char *key,BIGNUM *pub_key,DH *dh); -DH * d2i_DHparams(DH **a,unsigned char **pp, long length); -int i2d_DHparams(DH *a,unsigned char **pp); +int DH_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh); +DH * d2i_DHparams(DH **a,const unsigned char **pp, long length); +int i2d_DHparams(const DH *a,unsigned char **pp); #ifndef NO_FP_API -int DHparams_print_fp(FILE *fp, DH *x); +int DHparams_print_fp(FILE *fp, const DH *x); #endif #ifndef NO_BIO -int DHparams_print(BIO *bp, DH *x); +int DHparams_print(BIO *bp, const DH *x); #else -int DHparams_print(char *bp, DH *x); +int DHparams_print(char *bp, const DH *x); #endif -void ERR_load_DH_strings(void ); +void ERR_load_DH_strings(void); /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes diff --git a/crypto/dh/dh_asn1.c b/crypto/dh/dh_asn1.c index 20aa68f98f..1f26be7ae7 100644 --- a/crypto/dh/dh_asn1.c +++ b/crypto/dh/dh_asn1.c @@ -84,4 +84,4 @@ ASN1_SEQUENCE_cb(DHparams, dh_cb) = { ASN1_OPT(DH, length, ZLONG), } ASN1_SEQUENCE_END_cb(DH, DHparams); -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DH, DHparams, DHparams) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DH, DHparams, DHparams) diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c index 7e5cfd8bfc..f0373f7d68 100644 --- a/crypto/dh/dh_check.c +++ b/crypto/dh/dh_check.c @@ -70,7 +70,7 @@ * should hold. */ -int DH_check(DH *dh, int *ret) +int DH_check(const DH *dh, int *ret) { int ok=0; BN_CTX *ctx=NULL; diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c index 6915d79dcc..0e4fee101f 100644 --- a/crypto/dh/dh_key.c +++ b/crypto/dh/dh_key.c @@ -64,8 +64,9 @@ #include <openssl/engine.h> static int generate_key(DH *dh); -static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh); -static int dh_bn_mod_exp(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh); +static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); static int dh_init(DH *dh); @@ -76,7 +77,7 @@ int DH_generate_key(DH *dh) return ENGINE_get_DH(dh->engine)->generate_key(dh); } -int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh) +int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) { return ENGINE_get_DH(dh->engine)->compute_key(key, pub_key, dh); } @@ -92,7 +93,7 @@ dh_finish, NULL }; -DH_METHOD *DH_OpenSSL(void) +const DH_METHOD *DH_OpenSSL(void) { return &dh_ossl; } @@ -155,7 +156,7 @@ err: return(ok); } -static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh) +static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) { BN_CTX ctx; BN_MONT_CTX *mont; @@ -193,7 +194,8 @@ err: return(ret); } -static int dh_bn_mod_exp(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c index 66803b5565..c0a2472751 100644 --- a/crypto/dh/dh_lib.c +++ b/crypto/dh/dh_lib.c @@ -64,11 +64,11 @@ const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT; -static DH_METHOD *default_DH_method; +static const DH_METHOD *default_DH_method; static int dh_meth_num = 0; static STACK_OF(CRYPTO_EX_DATA_FUNCS) *dh_meth = NULL; -void DH_set_default_openssl_method(DH_METHOD *meth) +void DH_set_default_openssl_method(const DH_METHOD *meth) { ENGINE *e; /* We'll need to notify the "openssl" ENGINE of this @@ -87,7 +87,7 @@ void DH_set_default_openssl_method(DH_METHOD *meth) } } -DH_METHOD *DH_get_default_openssl_method(void) +const DH_METHOD *DH_get_default_openssl_method(void) { if(!default_DH_method) default_DH_method = DH_OpenSSL(); return default_DH_method; @@ -107,7 +107,7 @@ DH_METHOD *DH_set_method(DH *dh, DH_METHOD *meth) int DH_set_method(DH *dh, ENGINE *engine) { ENGINE *mtmp; - DH_METHOD *meth; + const DH_METHOD *meth; mtmp = dh->engine; meth = ENGINE_get_DH(mtmp); if (!ENGINE_init(engine)) @@ -133,7 +133,7 @@ DH *DH_new_method(DH_METHOD *meth) DH *DH_new_method(ENGINE *engine) #endif { - DH_METHOD *meth; + const DH_METHOD *meth; DH *ret; ret=(DH *)OPENSSL_malloc(sizeof(DH)); @@ -168,19 +168,19 @@ DH *DH_new_method(ENGINE *engine) ret->method_mont_p=NULL; ret->references = 1; ret->flags=meth->flags; + CRYPTO_new_ex_data(dh_meth,ret,&ret->ex_data); if ((meth->init != NULL) && !meth->init(ret)) { + CRYPTO_free_ex_data(dh_meth,ret,&ret->ex_data); OPENSSL_free(ret); ret=NULL; } - else - CRYPTO_new_ex_data(dh_meth,ret,&ret->ex_data); return(ret); } void DH_free(DH *r) { - DH_METHOD *meth; + const DH_METHOD *meth; int i; if(r == NULL) return; i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DH); @@ -196,12 +196,12 @@ void DH_free(DH *r) } #endif - CRYPTO_free_ex_data(dh_meth, r, &r->ex_data); - meth = ENGINE_get_DH(r->engine); if(meth->finish) meth->finish(r); ENGINE_finish(r->engine); + CRYPTO_free_ex_data(dh_meth, r, &r->ex_data); + if (r->p != NULL) BN_clear_free(r->p); if (r->g != NULL) BN_clear_free(r->g); if (r->q != NULL) BN_clear_free(r->q); @@ -231,7 +231,7 @@ void *DH_get_ex_data(DH *d, int idx) return(CRYPTO_get_ex_data(&d->ex_data,idx)); } -int DH_size(DH *dh) +int DH_size(const DH *dh) { return(BN_num_bytes(dh->p)); } diff --git a/crypto/dsa/Makefile.ssl b/crypto/dsa/Makefile.ssl index 07994477b5..e7351630e0 100644 --- a/crypto/dsa/Makefile.ssl +++ b/crypto/dsa/Makefile.ssl @@ -129,7 +129,7 @@ dsa_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h dsa_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h dsa_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h dsa_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -dsa_lib.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +dsa_lib.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h dsa_lib.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h dsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h dsa_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -148,8 +148,7 @@ dsa_ossl.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h dsa_ossl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h dsa_ossl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -dsa_ossl.o: ../../include/openssl/rc5.h -dsa_ossl.o: ../../include/openssl/rijndael-alg-fst.h +dsa_ossl.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h dsa_ossl.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h dsa_ossl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h dsa_ossl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -168,8 +167,7 @@ dsa_sign.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h dsa_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h dsa_sign.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -dsa_sign.o: ../../include/openssl/rc5.h -dsa_sign.o: ../../include/openssl/rijndael-alg-fst.h +dsa_sign.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h dsa_sign.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h dsa_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h dsa_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -189,8 +187,8 @@ dsa_vrf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h dsa_vrf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h dsa_vrf.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h dsa_vrf.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -dsa_vrf.o: ../../include/openssl/rijndael-alg-fst.h -dsa_vrf.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -dsa_vrf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -dsa_vrf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -dsa_vrf.o: ../../include/openssl/symhacks.h ../cryptlib.h +dsa_vrf.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +dsa_vrf.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +dsa_vrf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +dsa_vrf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +dsa_vrf.o: ../cryptlib.h diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h index af4ee835c8..9d72647808 100644 --- a/crypto/dsa/dsa.h +++ b/crypto/dsa/dsa.h @@ -154,19 +154,19 @@ struct dsa_st DSA_SIG * DSA_SIG_new(void); void DSA_SIG_free(DSA_SIG *a); -int i2d_DSA_SIG(DSA_SIG *a, unsigned char **pp); -DSA_SIG * d2i_DSA_SIG(DSA_SIG **v, unsigned char **pp, long length); +int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp); +DSA_SIG * d2i_DSA_SIG(DSA_SIG **v, const unsigned char **pp, long length); DSA_SIG * DSA_do_sign(const unsigned char *dgst,int dlen,DSA *dsa); int DSA_do_verify(const unsigned char *dgst,int dgst_len, DSA_SIG *sig,DSA *dsa); -DSA_METHOD *DSA_OpenSSL(void); +const DSA_METHOD *DSA_OpenSSL(void); -void DSA_set_default_openssl_method(DSA_METHOD *); -DSA_METHOD *DSA_get_default_openssl_method(void); +void DSA_set_default_openssl_method(const DSA_METHOD *); +const DSA_METHOD *DSA_get_default_openssl_method(void); #if 0 -DSA_METHOD *DSA_set_method(DSA *dsa, DSA_METHOD *); +const DSA_METHOD *DSA_set_method(DSA *dsa, DSA_METHOD *); #else int DSA_set_method(DSA *dsa, struct engine_st *engine); #endif @@ -177,13 +177,13 @@ DSA * DSA_new_method(DSA_METHOD *meth); #else DSA * DSA_new_method(struct engine_st *engine); #endif -int DSA_size(DSA *); +int DSA_size(const DSA *); /* next 4 return -1 on error */ int DSA_sign_setup( DSA *dsa,BN_CTX *ctx_in,BIGNUM **kinvp,BIGNUM **rp); int DSA_sign(int type,const unsigned char *dgst,int dlen, unsigned char *sig, unsigned int *siglen, DSA *dsa); int DSA_verify(int type,const unsigned char *dgst,int dgst_len, - unsigned char *sigbuf, int siglen, DSA *dsa); + const unsigned char *sigbuf, int siglen, DSA *dsa); void DSA_free (DSA *r); int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); @@ -192,24 +192,25 @@ void *DSA_get_ex_data(DSA *d, int idx); void ERR_load_DSA_strings(void ); -DSA * d2i_DSAPublicKey(DSA **a, unsigned char **pp, long length); -DSA * d2i_DSAPrivateKey(DSA **a, unsigned char **pp, long length); -DSA * d2i_DSAparams(DSA **a, unsigned char **pp, long length); -DSA * DSA_generate_parameters(int bits, unsigned char *seed,int seed_len, +DSA * d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length); +DSA * d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length); +DSA * d2i_DSAparams(DSA **a, const unsigned char **pp, long length); +DSA * DSA_generate_parameters(int bits, + unsigned char *seed,int seed_len, int *counter_ret, unsigned long *h_ret,void (*callback)(int, int, void *),void *cb_arg); int DSA_generate_key(DSA *a); -int i2d_DSAPublicKey(DSA *a, unsigned char **pp); -int i2d_DSAPrivateKey(DSA *a, unsigned char **pp); -int i2d_DSAparams(DSA *a,unsigned char **pp); +int i2d_DSAPublicKey(const DSA *a, unsigned char **pp); +int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp); +int i2d_DSAparams(const DSA *a,unsigned char **pp); #ifndef NO_BIO -int DSAparams_print(BIO *bp, DSA *x); -int DSA_print(BIO *bp, DSA *x, int off); +int DSAparams_print(BIO *bp, const DSA *x); +int DSA_print(BIO *bp, const DSA *x, int off); #endif #ifndef NO_FP_API -int DSAparams_print_fp(FILE *fp, DSA *x); -int DSA_print_fp(FILE *bp, DSA *x, int off); +int DSAparams_print_fp(FILE *fp, const DSA *x); +int DSA_print_fp(FILE *bp, const DSA *x, int off); #endif #define DSS_prime_checks 50 @@ -221,7 +222,7 @@ int DSA_print_fp(FILE *bp, DSA *x, int off); #ifndef NO_DH /* Convert DSA structure (key or just parameters) into DH structure * (be careful to avoid small subgroup attacks when using this!) */ -DH *DSA_dup_DH(DSA *r); +DH *DSA_dup_DH(const DSA *r); #endif /* BEGIN ERROR CODES */ diff --git a/crypto/dsa/dsa_asn1.c b/crypto/dsa/dsa_asn1.c index 186932b001..fba2f73023 100644 --- a/crypto/dsa/dsa_asn1.c +++ b/crypto/dsa/dsa_asn1.c @@ -83,7 +83,7 @@ ASN1_SEQUENCE_cb(DSA_SIG, sig_cb) = { ASN1_SIMPLE(DSA_SIG, s, CBIGNUM) } ASN1_SEQUENCE_END_cb(DSA_SIG, DSA_SIG); -IMPLEMENT_ASN1_FUNCTIONS(DSA_SIG) +IMPLEMENT_ASN1_FUNCTIONS_const(DSA_SIG) /* Override the default free and new methods */ static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) @@ -109,7 +109,7 @@ ASN1_SEQUENCE_cb(DSAPrivateKey, dsa_cb) = { ASN1_SIMPLE(DSA, priv_key, BIGNUM) } ASN1_SEQUENCE_END_cb(DSA, DSAPrivateKey); -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DSA, DSAPrivateKey, DSAPrivateKey) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPrivateKey, DSAPrivateKey) ASN1_SEQUENCE_cb(DSAparams, dsa_cb) = { ASN1_SIMPLE(DSA, p, BIGNUM), @@ -117,7 +117,7 @@ ASN1_SEQUENCE_cb(DSAparams, dsa_cb) = { ASN1_SIMPLE(DSA, g, BIGNUM), } ASN1_SEQUENCE_END_cb(DSA, DSAparams); -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DSA, DSAparams, DSAparams) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAparams, DSAparams) /* DSA public key is a bit trickier... its effectively a CHOICE type * decided by a field called write_params which can either write out @@ -137,4 +137,4 @@ ASN1_CHOICE_cb(DSAPublicKey, dsa_cb) = { ASN1_EX_COMBINE(0, 0, dsa_pub_internal) } ASN1_CHOICE_END_cb(DSA, DSAPublicKey, write_params); -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DSA, DSAPublicKey, DSAPublicKey) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPublicKey, DSAPublicKey) diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c index 2294a362d9..e911e5ae73 100644 --- a/crypto/dsa/dsa_gen.c +++ b/crypto/dsa/dsa_gen.c @@ -79,7 +79,8 @@ #include <openssl/dsa.h> #include <openssl/rand.h> -DSA *DSA_generate_parameters(int bits, unsigned char *seed_in, int seed_len, +DSA *DSA_generate_parameters(int bits, + unsigned char *seed_in, int seed_len, int *counter_ret, unsigned long *h_ret, void (*callback)(int, int, void *), void *cb_arg) diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c index b31b946ad3..6002711661 100644 --- a/crypto/dsa/dsa_lib.c +++ b/crypto/dsa/dsa_lib.c @@ -67,11 +67,11 @@ const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT; -static DSA_METHOD *default_DSA_method; +static const DSA_METHOD *default_DSA_method; static int dsa_meth_num = 0; static STACK_OF(CRYPTO_EX_DATA_FUNCS) *dsa_meth = NULL; -void DSA_set_default_openssl_method(DSA_METHOD *meth) +void DSA_set_default_openssl_method(const DSA_METHOD *meth) { ENGINE *e; /* We'll need to notify the "openssl" ENGINE of this @@ -90,7 +90,7 @@ void DSA_set_default_openssl_method(DSA_METHOD *meth) } } -DSA_METHOD *DSA_get_default_openssl_method(void) +const DSA_METHOD *DSA_get_default_openssl_method(void) { if(!default_DSA_method) default_DSA_method = DSA_OpenSSL(); return default_DSA_method; @@ -115,7 +115,7 @@ DSA_METHOD *DSA_set_method(DSA *dsa, DSA_METHOD *meth) int DSA_set_method(DSA *dsa, ENGINE *engine) { ENGINE *mtmp; - DSA_METHOD *meth; + const DSA_METHOD *meth; mtmp = dsa->engine; meth = ENGINE_get_DSA(mtmp); if (!ENGINE_init(engine)) @@ -137,7 +137,7 @@ DSA *DSA_new_method(DSA_METHOD *meth) DSA *DSA_new_method(ENGINE *engine) #endif { - DSA_METHOD *meth; + const DSA_METHOD *meth; DSA *ret; ret=(DSA *)OPENSSL_malloc(sizeof(DSA)); @@ -173,20 +173,20 @@ DSA *DSA_new_method(ENGINE *engine) ret->references=1; ret->flags=meth->flags; + CRYPTO_new_ex_data(dsa_meth,ret,&ret->ex_data); if ((meth->init != NULL) && !meth->init(ret)) { + CRYPTO_free_ex_data(dsa_meth,ret,&ret->ex_data); OPENSSL_free(ret); ret=NULL; } - else - CRYPTO_new_ex_data(dsa_meth,ret,&ret->ex_data); return(ret); } void DSA_free(DSA *r) { - DSA_METHOD *meth; + const DSA_METHOD *meth; int i; if (r == NULL) return; @@ -204,12 +204,12 @@ void DSA_free(DSA *r) } #endif - CRYPTO_free_ex_data(dsa_meth, r, &r->ex_data); - meth = ENGINE_get_DSA(r->engine); if(meth->finish) meth->finish(r); ENGINE_finish(r->engine); + CRYPTO_free_ex_data(dsa_meth, r, &r->ex_data); + if (r->p != NULL) BN_clear_free(r->p); if (r->q != NULL) BN_clear_free(r->q); if (r->g != NULL) BN_clear_free(r->g); @@ -220,7 +220,7 @@ void DSA_free(DSA *r) OPENSSL_free(r); } -int DSA_size(DSA *r) +int DSA_size(const DSA *r) { int ret,i; ASN1_INTEGER bs; @@ -258,7 +258,7 @@ void *DSA_get_ex_data(DSA *d, int idx) } #ifndef NO_DH -DH *DSA_dup_DH(DSA *r) +DH *DSA_dup_DH(const DSA *r) { /* DSA has p, q, g, optional pub_key, optional priv_key. * DH has p, optional length, g, optional pub_key, optional priv_key. diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c index 96295dc24f..4b600fa731 100644 --- a/crypto/dsa/dsa_ossl.c +++ b/crypto/dsa/dsa_ossl.c @@ -92,7 +92,7 @@ dsa_finish, NULL }; -DSA_METHOD *DSA_OpenSSL(void) +const DSA_METHOD *DSA_OpenSSL(void) { return &openssl_dsa_meth; } diff --git a/crypto/dsa/dsa_vrf.c b/crypto/dsa/dsa_vrf.c index 2e891ae491..28b6712341 100644 --- a/crypto/dsa/dsa_vrf.c +++ b/crypto/dsa/dsa_vrf.c @@ -80,7 +80,7 @@ int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, * -1: error */ int DSA_verify(int type, const unsigned char *dgst, int dgst_len, - unsigned char *sigbuf, int siglen, DSA *dsa) + const unsigned char *sigbuf, int siglen, DSA *dsa) { DSA_SIG *s; int ret=-1; diff --git a/crypto/dso/dso_dl.c b/crypto/dso/dso_dl.c index c38d8863e5..4dbb51fb8c 100644 --- a/crypto/dso/dso_dl.c +++ b/crypto/dso/dso_dl.c @@ -126,7 +126,7 @@ static int dl_load(DSO *dso) DSOerr(DSO_F_DL_LOAD,DSO_R_NO_FILENAME); goto err; } - ptr = shl_load(filename, BIND_IMMEDIATE, NULL); + ptr = shl_load(filename, BIND_IMMEDIATE|DYNAMIC_PATH, NULL); if(ptr == NULL) { DSOerr(DSO_F_DL_LOAD,DSO_R_LOAD_FAILED); diff --git a/crypto/dso/dso_lib.c b/crypto/dso/dso_lib.c index 0202978fd8..ef39a528c7 100644 --- a/crypto/dso/dso_lib.c +++ b/crypto/dso/dso_lib.c @@ -108,7 +108,7 @@ DSO *DSO_new_method(DSO_METHOD *meth) } memset(ret, 0, sizeof(DSO)); ret->meth_data = sk_new_null(); - if((ret->meth_data = sk_new_null()) == NULL) + if(ret->meth_data == NULL) { /* sk_new doesn't generate any errors so we do */ DSOerr(DSO_F_DSO_NEW_METHOD,ERR_R_MALLOC_FAILURE); @@ -209,7 +209,7 @@ DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags) else ret = dso; /* Don't load if we're currently already loaded */ - if(dso->filename != NULL) + if(ret->filename != NULL) { DSOerr(DSO_F_DSO_LOAD,DSO_R_DSO_ALREADY_LOADED); goto err; @@ -217,12 +217,12 @@ DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags) /* filename can only be NULL if we were passed a dso that already has * one set. */ if(filename != NULL) - if(!DSO_set_filename(dso, filename)) + if(!DSO_set_filename(ret, filename)) { DSOerr(DSO_F_DSO_LOAD,DSO_R_SET_FILENAME_FAILED); goto err; } - filename = dso->filename; + filename = ret->filename; if(filename == NULL) { DSOerr(DSO_F_DSO_LOAD,DSO_R_NO_FILENAME); diff --git a/crypto/engine/Makefile.ssl b/crypto/engine/Makefile.ssl index 8974ecd9c5..90c12632f1 100644 --- a/crypto/engine/Makefile.ssl +++ b/crypto/engine/Makefile.ssl @@ -22,9 +22,9 @@ TEST= enginetest.c APPS= LIB=$(TOP)/libcrypto.a -LIBSRC= engine_err.c engine_lib.c engine_list.c engine_openssl.c \ +LIBSRC= engine_err.c engine_lib.c engine_list.c engine_all.c engine_openssl.c \ hw_atalla.c hw_cswift.c hw_ncipher.c hw_nuron.c -LIBOBJ= engine_err.o engine_lib.o engine_list.o engine_openssl.o \ +LIBOBJ= engine_err.o engine_lib.o engine_list.o engine_all.o engine_openssl.o \ hw_atalla.o hw_cswift.o hw_ncipher.o hw_nuron.o SRC= $(LIBSRC) @@ -80,6 +80,25 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. +engine_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +engine_all.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +engine_all.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h +engine_all.o: ../../include/openssl/des.h ../../include/openssl/dh.h +engine_all.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +engine_all.o: ../../include/openssl/engine.h ../../include/openssl/err.h +engine_all.o: ../../include/openssl/evp.h ../../include/openssl/idea.h +engine_all.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h +engine_all.o: ../../include/openssl/md4.h ../../include/openssl/md5.h +engine_all.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +engine_all.o: ../../include/openssl/objects.h +engine_all.o: ../../include/openssl/opensslconf.h +engine_all.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h +engine_all.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h +engine_all.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h +engine_all.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h +engine_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +engine_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +engine_all.o: ../../include/openssl/symhacks.h engine_int.h engine_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h engine_err.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h engine_err.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h @@ -94,8 +113,7 @@ engine_err.o: ../../include/openssl/objects.h engine_err.o: ../../include/openssl/opensslconf.h engine_err.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h engine_err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -engine_err.o: ../../include/openssl/rc5.h -engine_err.o: ../../include/openssl/rijndael-alg-fst.h +engine_err.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h engine_err.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h engine_err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h engine_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -115,8 +133,7 @@ engine_lib.o: ../../include/openssl/objects.h engine_lib.o: ../../include/openssl/opensslconf.h engine_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h engine_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -engine_lib.o: ../../include/openssl/rc5.h -engine_lib.o: ../../include/openssl/rijndael-alg-fst.h +engine_lib.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h engine_lib.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h engine_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h engine_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -136,8 +153,7 @@ engine_list.o: ../../include/openssl/objects.h engine_list.o: ../../include/openssl/opensslconf.h engine_list.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h engine_list.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -engine_list.o: ../../include/openssl/rc5.h -engine_list.o: ../../include/openssl/rijndael-alg-fst.h +engine_list.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h engine_list.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h engine_list.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h engine_list.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -158,8 +174,7 @@ engine_openssl.o: ../../include/openssl/objects.h engine_openssl.o: ../../include/openssl/opensslconf.h engine_openssl.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h engine_openssl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -engine_openssl.o: ../../include/openssl/rc5.h -engine_openssl.o: ../../include/openssl/rijndael-alg-fst.h +engine_openssl.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h engine_openssl.o: ../../include/openssl/rijndael.h engine_openssl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h engine_openssl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h @@ -180,8 +195,7 @@ hw_atalla.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h hw_atalla.o: ../../include/openssl/opensslconf.h hw_atalla.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h hw_atalla.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -hw_atalla.o: ../../include/openssl/rc5.h -hw_atalla.o: ../../include/openssl/rijndael-alg-fst.h +hw_atalla.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h hw_atalla.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h hw_atalla.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h hw_atalla.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -202,8 +216,7 @@ hw_cswift.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h hw_cswift.o: ../../include/openssl/opensslconf.h hw_cswift.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h hw_cswift.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -hw_cswift.o: ../../include/openssl/rc5.h -hw_cswift.o: ../../include/openssl/rijndael-alg-fst.h +hw_cswift.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h hw_cswift.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h hw_cswift.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h hw_cswift.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -226,13 +239,12 @@ hw_ncipher.o: ../../include/openssl/opensslv.h ../../include/openssl/pem.h hw_ncipher.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h hw_ncipher.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h hw_ncipher.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -hw_ncipher.o: ../../include/openssl/rijndael-alg-fst.h -hw_ncipher.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -hw_ncipher.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -hw_ncipher.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -hw_ncipher.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -hw_ncipher.o: ../../include/openssl/x509_vfy.h ../cryptlib.h engine_int.h -hw_ncipher.o: vendor_defns/hwcryptohook.h +hw_ncipher.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +hw_ncipher.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +hw_ncipher.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +hw_ncipher.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +hw_ncipher.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +hw_ncipher.o: ../cryptlib.h engine_int.h vendor_defns/hwcryptohook.h hw_nuron.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h hw_nuron.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h hw_nuron.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -248,8 +260,7 @@ hw_nuron.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h hw_nuron.o: ../../include/openssl/opensslconf.h hw_nuron.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h hw_nuron.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -hw_nuron.o: ../../include/openssl/rc5.h -hw_nuron.o: ../../include/openssl/rijndael-alg-fst.h +hw_nuron.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h hw_nuron.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h hw_nuron.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h hw_nuron.o: ../../include/openssl/sha.h ../../include/openssl/stack.h diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h index 78cf41c378..d57cdab59a 100644 --- a/crypto/engine/engine.h +++ b/crypto/engine/engine.h @@ -89,6 +89,9 @@ extern "C" { * the error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED. */ #define ENGINE_CTRL_SET_LOGSTREAM 1 #define ENGINE_CTRL_SET_PASSWORD_CALLBACK 2 +#define ENGINE_CTRL_HUP 3 /* Close and reinitialise any + handles/connections etc. */ + /* Flags specific to the nCipher "chil" engine */ #define ENGINE_CTRL_CHIL_SET_FORKCHECK 100 /* Depending on the value of the (long)i argument, this sets or @@ -102,23 +105,22 @@ extern "C" { /* As we're missing a BIGNUM_METHOD, we need a couple of locally * defined function types that engines can implement. */ -#ifndef HEADER_ENGINE_INT_H /* mod_exp operation, calculates; r = a ^ p mod m * NB: ctx can be NULL, but if supplied, the implementation may use * it if it wishes. */ -typedef int (*BN_MOD_EXP)(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +typedef int (*BN_MOD_EXP)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx); /* private key operation for RSA, provided seperately in case other * RSA implementations wish to use it. */ -typedef int (*BN_MOD_EXP_CRT)(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +typedef int (*BN_MOD_EXP_CRT)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1, const BIGNUM *iqmp, BN_CTX *ctx); /* Generic function pointer */ -typedef void (*ENGINE_GEN_FUNC_PTR)(); +typedef int (*ENGINE_GEN_FUNC_PTR)(); /* Generic function pointer taking no arguments */ -typedef void (*ENGINE_GEN_INT_FUNC_PTR)(void); +typedef int (*ENGINE_GEN_INT_FUNC_PTR)(void); /* Specific control function pointer */ typedef int (*ENGINE_CTRL_FUNC_PTR)(int cmd, long i, void *p, void (*f)()); @@ -126,8 +128,8 @@ typedef int (*ENGINE_CTRL_FUNC_PTR)(int cmd, long i, void *p, void (*f)()); * pointers (not dynamic because static is fine for now and we otherwise * have to hook an appropriate load/unload function in to initialise and * cleanup). */ +struct engine_st; typedef struct engine_st ENGINE; -#endif /* STRUCTURE functions ... all of these functions deal with pointers to * ENGINE structures where the pointers have a "structural reference". @@ -151,6 +153,13 @@ int ENGINE_add(ENGINE *e); int ENGINE_remove(ENGINE *e); /* Retrieve an engine from the list by its unique "id" value. */ ENGINE *ENGINE_by_id(const char *id); +/* Add all the built-in engines. By default, only the OpenSSL software + engine is loaded */ +void ENGINE_load_cswift(void); +void ENGINE_load_chil(void); +void ENGINE_load_atalla(void); +void ENGINE_load_nuron(void); +void ENGINE_load_builtin_engines(void); /* These functions are useful for manufacturing new ENGINE * structures. They don't address reference counting at all - @@ -172,9 +181,9 @@ ENGINE *ENGINE_new(void); int ENGINE_free(ENGINE *e); int ENGINE_set_id(ENGINE *e, const char *id); int ENGINE_set_name(ENGINE *e, const char *name); -int ENGINE_set_RSA(ENGINE *e, RSA_METHOD *rsa_meth); -int ENGINE_set_DSA(ENGINE *e, DSA_METHOD *dsa_meth); -int ENGINE_set_DH(ENGINE *e, DH_METHOD *dh_meth); +int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth); +int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth); +int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth); int ENGINE_set_RAND(ENGINE *e, RAND_METHOD *rand_meth); int ENGINE_set_BN_mod_exp(ENGINE *e, BN_MOD_EXP bn_mod_exp); int ENGINE_set_BN_mod_exp_crt(ENGINE *e, BN_MOD_EXP_CRT bn_mod_exp_crt); @@ -189,9 +198,9 @@ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f); * reference may be problematic! */ const char *ENGINE_get_id(ENGINE *e); const char *ENGINE_get_name(ENGINE *e); -RSA_METHOD *ENGINE_get_RSA(ENGINE *e); -DSA_METHOD *ENGINE_get_DSA(ENGINE *e); -DH_METHOD *ENGINE_get_DH(ENGINE *e); +const RSA_METHOD *ENGINE_get_RSA(ENGINE *e); +const DSA_METHOD *ENGINE_get_DSA(ENGINE *e); +const DH_METHOD *ENGINE_get_DH(ENGINE *e); RAND_METHOD *ENGINE_get_RAND(ENGINE *e); BN_MOD_EXP ENGINE_get_BN_mod_exp(ENGINE *e); BN_MOD_EXP_CRT ENGINE_get_BN_mod_exp_crt(ENGINE *e); @@ -297,10 +306,10 @@ void ERR_load_ENGINE_strings(void); /* Error codes for the ENGINE functions. */ /* Function codes. */ -#define ENGINE_F_ATALLA_FINISH 135 -#define ENGINE_F_ATALLA_INIT 136 -#define ENGINE_F_ATALLA_MOD_EXP 137 -#define ENGINE_F_ATALLA_RSA_MOD_EXP 138 +#define ENGINE_F_ATALLA_FINISH 159 +#define ENGINE_F_ATALLA_INIT 160 +#define ENGINE_F_ATALLA_MOD_EXP 161 +#define ENGINE_F_ATALLA_RSA_MOD_EXP 162 #define ENGINE_F_CSWIFT_DSA_SIGN 133 #define ENGINE_F_CSWIFT_DSA_VERIFY 134 #define ENGINE_F_CSWIFT_FINISH 100 diff --git a/crypto/engine/engine_int.h b/crypto/engine/engine_int.h index d4aa8faca2..b04067992b 100644 --- a/crypto/engine/engine_int.h +++ b/crypto/engine/engine_int.h @@ -66,6 +66,9 @@ #include <openssl/bn.h> #include <openssl/evp.h> +/* Take public definitions from engine.h */ +#include <openssl/engine.h> + #ifdef __cplusplus extern "C" { #endif @@ -73,38 +76,15 @@ extern "C" { /* Bitwise OR-able values for the "flags" variable in ENGINE. */ #define ENGINE_FLAGS_MALLOCED 0x0001 -#ifndef HEADER_ENGINE_H -/* Regrettably, we need to reproduce the "BN" function types here - * because there is no such "BIGNUM_METHOD" as there is with RSA, - * DSA, etc. We do this so that we don't have a case where engine.h - * and engine_int.h conflict with each other. */ -typedef int (*BN_MOD_EXP)(BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); - -/* private key operation for RSA, provided seperately in case other - * RSA implementations wish to use it. */ -typedef int (*BN_MOD_EXP_CRT)(BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1, - const BIGNUM *iqmp, BN_CTX *ctx); - -/* Generic function pointer */ -typedef int (*ENGINE_GEN_FUNC_PTR)(); -/* Generic function pointer taking no arguments */ -typedef int (*ENGINE_GEN_INT_FUNC_PTR)(void); -/* Specific control function pointer */ -typedef int (*ENGINE_CTRL_FUNC_PTR)(int cmd, long i, void *p, void (*f)()); - -#endif - /* This is a structure for storing implementations of various crypto * algorithms and functions. */ -typedef struct engine_st +struct engine_st { const char *id; const char *name; - RSA_METHOD *rsa_meth; - DSA_METHOD *dsa_meth; - DH_METHOD *dh_meth; + const RSA_METHOD *rsa_meth; + const DSA_METHOD *dsa_meth; + const DH_METHOD *dh_meth; RAND_METHOD *rand_meth; BN_MOD_EXP bn_mod_exp; BN_MOD_EXP_CRT bn_mod_exp_crt; @@ -125,7 +105,7 @@ typedef struct engine_st /* Used to maintain the linked-list of engines. */ struct engine_st *prev; struct engine_st *next; - } ENGINE; + }; /* BUILT-IN ENGINES. (these functions are only ever called once and * do not return references - they are purely for bootstrapping). */ diff --git a/crypto/engine/engine_lib.c b/crypto/engine/engine_lib.c index 1df07af03a..48c4fb10cb 100644 --- a/crypto/engine/engine_lib.c +++ b/crypto/engine/engine_lib.c @@ -286,8 +286,6 @@ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id, return pkey; } -/* Initialise a engine type for use (or up its functional reference count - * if it's already in use). */ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) { if(e == NULL) diff --git a/crypto/engine/engine_list.c b/crypto/engine/engine_list.c index 8fe4f305b4..8be1cb6d40 100644 --- a/crypto/engine/engine_list.c +++ b/crypto/engine/engine_list.c @@ -185,24 +185,6 @@ static int engine_internal_check(void) * with our statically compiled-in engines. */ if(!engine_list_add(ENGINE_openssl())) return 0; -#ifndef NO_HW -#ifndef NO_HW_CSWIFT - if(!engine_list_add(ENGINE_cswift())) - return 0; -#endif /* !NO_HW_CSWIFT */ -#ifndef NO_HW_NCIPHER - if(!engine_list_add(ENGINE_ncipher())) - return 0; -#endif /* !NO_HW_NCIPHER */ -#ifndef NO_HW_ATALLA - if(!engine_list_add(ENGINE_atalla())) - return 0; -#endif /* !NO_HW_ATALLA */ -#ifndef NO_HW_NURON - if(!engine_list_add(ENGINE_nuron())) - return 0; -#endif /* !NO_HW_NURON */ -#endif /* !NO_HW */ engine_list_flag = 1; return 1; } @@ -448,7 +430,7 @@ int ENGINE_set_name(ENGINE *e, const char *name) return 1; } -int ENGINE_set_RSA(ENGINE *e, RSA_METHOD *rsa_meth) +int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth) { if((e == NULL) || (rsa_meth == NULL)) { @@ -460,7 +442,7 @@ int ENGINE_set_RSA(ENGINE *e, RSA_METHOD *rsa_meth) return 1; } -int ENGINE_set_DSA(ENGINE *e, DSA_METHOD *dsa_meth) +int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth) { if((e == NULL) || (dsa_meth == NULL)) { @@ -472,7 +454,7 @@ int ENGINE_set_DSA(ENGINE *e, DSA_METHOD *dsa_meth) return 1; } -int ENGINE_set_DH(ENGINE *e, DH_METHOD *dh_meth) +int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth) { if((e == NULL) || (dh_meth == NULL)) { @@ -578,7 +560,7 @@ const char *ENGINE_get_name(ENGINE *e) return e->name; } -RSA_METHOD *ENGINE_get_RSA(ENGINE *e) +const RSA_METHOD *ENGINE_get_RSA(ENGINE *e) { if(e == NULL) { @@ -589,7 +571,7 @@ RSA_METHOD *ENGINE_get_RSA(ENGINE *e) return e->rsa_meth; } -DSA_METHOD *ENGINE_get_DSA(ENGINE *e) +const DSA_METHOD *ENGINE_get_DSA(ENGINE *e) { if(e == NULL) { @@ -600,7 +582,7 @@ DSA_METHOD *ENGINE_get_DSA(ENGINE *e) return e->dsa_meth; } -DH_METHOD *ENGINE_get_DH(ENGINE *e) +const DH_METHOD *ENGINE_get_DH(ENGINE *e) { if(e == NULL) { diff --git a/crypto/engine/engine_openssl.c b/crypto/engine/engine_openssl.c index 9636f51168..a6292a0af2 100644 --- a/crypto/engine/engine_openssl.c +++ b/crypto/engine/engine_openssl.c @@ -72,7 +72,7 @@ /* This is the only function we need to implement as OpenSSL * doesn't have a native CRT mod_exp. Perhaps this should be * BN_mod_exp_crt and moved into crypto/bn/ ?? ... dunno. */ -static int openssl_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int openssl_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1, const BIGNUM *iqmp, BN_CTX *ctx); @@ -112,7 +112,7 @@ ENGINE *ENGINE_openssl() } /* Chinese Remainder Theorem, taken and adapted from rsa_eay.c */ -static int openssl_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int openssl_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1, const BIGNUM *iqmp, BN_CTX *ctx) { diff --git a/crypto/engine/hw_atalla.c b/crypto/engine/hw_atalla.c index e536420480..4bea8e8cc1 100644 --- a/crypto/engine/hw_atalla.c +++ b/crypto/engine/hw_atalla.c @@ -76,13 +76,13 @@ static int atalla_init(void); static int atalla_finish(void); /* BIGNUM stuff */ -static int atalla_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx); /* RSA stuff */ -static int atalla_rsa_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa); +static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa); /* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int atalla_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* DSA stuff */ @@ -95,7 +95,8 @@ static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, /* DH stuff */ /* This function is alised to mod_exp (with the DH and mont dropped). */ -static int atalla_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); @@ -170,9 +171,9 @@ static ENGINE engine_atalla = * (indeed - the lock will already be held by our caller!!!) */ ENGINE *ENGINE_atalla() { - RSA_METHOD *meth1; - DSA_METHOD *meth2; - DH_METHOD *meth3; + const RSA_METHOD *meth1; + const DSA_METHOD *meth2; + const DH_METHOD *meth3; /* We know that the "PKCS1_SSLeay()" functions hook properly * to the atalla-specific mod_exp and mod_exp_crt so we use @@ -215,7 +216,7 @@ static tfnASI_RSAPrivateKeyOpFn *p_Atalla_RSAPrivateKeyOpFn = NULL; static tfnASI_GetPerformanceStatistics *p_Atalla_GetPerformanceStatistics = NULL; /* (de)initialisation functions. */ -static int atalla_init() +static int atalla_init(void) { tfnASI_GetHardwareConfig *p1; tfnASI_RSAPrivateKeyOpFn *p2; @@ -274,7 +275,7 @@ err: return 0; } -static int atalla_finish() +static int atalla_finish(void) { if(atalla_dso == NULL) { @@ -293,7 +294,7 @@ static int atalla_finish() return 1; } -static int atalla_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx) { /* I need somewhere to store temporary serialised values for @@ -366,7 +367,7 @@ err: return to_return; } -static int atalla_rsa_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa) +static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) { BN_CTX *ctx = NULL; int to_return = 0; @@ -426,14 +427,15 @@ static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, } /* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int atalla_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return atalla_mod_exp(r, a, p, m, ctx); } /* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int atalla_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return atalla_mod_exp(r, a, p, m, ctx); diff --git a/crypto/engine/hw_cswift.c b/crypto/engine/hw_cswift.c index 5747973c74..ebb0ab0f77 100644 --- a/crypto/engine/hw_cswift.c +++ b/crypto/engine/hw_cswift.c @@ -88,16 +88,16 @@ static int cswift_init(void); static int cswift_finish(void); /* BIGNUM stuff */ -static int cswift_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx); -static int cswift_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1, const BIGNUM *iqmp, BN_CTX *ctx); /* RSA stuff */ -static int cswift_rsa_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa); +static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa); /* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int cswift_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* DSA stuff */ @@ -107,7 +107,8 @@ static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len, /* DH stuff */ /* This function is alised to mod_exp (with the DH and mont dropped). */ -static int cswift_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); @@ -182,8 +183,8 @@ static ENGINE engine_cswift = * (indeed - the lock will already be held by our caller!!!) */ ENGINE *ENGINE_cswift() { - RSA_METHOD *meth1; - DH_METHOD *meth2; + const RSA_METHOD *meth1; + const DH_METHOD *meth2; /* We know that the "PKCS1_SSLeay()" functions hook properly * to the cswift-specific mod_exp and mod_exp_crt so we use @@ -250,7 +251,7 @@ static void release_context(SW_CONTEXT_HANDLE hac) } /* (de)initialisation functions. */ -static int cswift_init() +static int cswift_init(void) { SW_CONTEXT_HANDLE hac; t_swAcquireAccContext *p1; @@ -307,7 +308,7 @@ err: return 0; } -static int cswift_finish() +static int cswift_finish(void) { if(cswift_dso == NULL) { @@ -328,7 +329,7 @@ static int cswift_finish() } /* Un petit mod_exp */ -static int cswift_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx) { /* I need somewhere to store temporary serialised values for @@ -428,7 +429,7 @@ err: } /* Un petit mod_exp chinois */ -static int cswift_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1, const BIGNUM *iqmp, BN_CTX *ctx) { @@ -541,7 +542,7 @@ err: return to_return; } -static int cswift_rsa_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa) +static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) { BN_CTX *ctx; int to_return = 0; @@ -562,7 +563,7 @@ err: } /* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int cswift_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return cswift_mod_exp(r, a, p, m, ctx); @@ -796,7 +797,8 @@ err: } /* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int cswift_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return cswift_mod_exp(r, a, p, m, ctx); diff --git a/crypto/engine/hw_ncipher.c b/crypto/engine/hw_ncipher.c index f6b06e468f..0057ca966c 100644 --- a/crypto/engine/hw_ncipher.c +++ b/crypto/engine/hw_ncipher.c @@ -93,19 +93,20 @@ static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex*); static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex*); /* BIGNUM stuff */ -static int hwcrhk_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx); /* RSA stuff */ -static int hwcrhk_rsa_mod_exp(BIGNUM *r, BIGNUM *I, RSA *rsa); +static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa); /* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int hwcrhk_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* DH stuff */ /* This function is alised to mod_exp (with the DH and mont dropped). */ -static int hwcrhk_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* RAND stuff */ static int hwcrhk_rand_bytes(unsigned char *buf, int num); @@ -291,8 +292,8 @@ static HWCryptoHook_InitInfo hwcrhk_globals = { * (indeed - the lock will already be held by our caller!!!) */ ENGINE *ENGINE_ncipher() { - RSA_METHOD *meth1; - DH_METHOD *meth2; + const RSA_METHOD *meth1; + const DH_METHOD *meth2; /* We know that the "PKCS1_SSLeay()" functions hook properly * to the cswift-specific mod_exp and mod_exp_crt so we use @@ -375,7 +376,7 @@ static void release_context(HWCryptoHook_ContextHandle hac) } /* (de)initialisation functions. */ -static int hwcrhk_init() +static int hwcrhk_init(void) { HWCryptoHook_Init_t *p1; HWCryptoHook_Finish_t *p2; @@ -474,7 +475,7 @@ err: return 0; } -static int hwcrhk_finish() +static int hwcrhk_finish(void) { int to_return = 1; if(hwcrhk_dso == NULL) @@ -681,7 +682,7 @@ static EVP_PKEY *hwcrhk_load_pubkey(const char *key_id, const char *passphrase) } /* A little mod_exp */ -static int hwcrhk_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx) { char tempbuf[1024]; @@ -737,7 +738,7 @@ err: return to_return; } -static int hwcrhk_rsa_mod_exp(BIGNUM *r, BIGNUM *I, RSA *rsa) +static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa) { char tempbuf[1024]; HWCryptoHook_ErrMsgBuf rmsg; @@ -853,14 +854,15 @@ err: } /* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int hwcrhk_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return hwcrhk_mod_exp(r, a, p, m, ctx); } /* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int hwcrhk_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return hwcrhk_mod_exp(r, a, p, m, ctx); diff --git a/crypto/engine/hw_nuron.c b/crypto/engine/hw_nuron.c index d8a3e3f1fa..504febc1a1 100644 --- a/crypto/engine/hw_nuron.c +++ b/crypto/engine/hw_nuron.c @@ -62,18 +62,17 @@ #include <openssl/dso.h> #include "engine_int.h" #include <openssl/engine.h> -#include <dlfcn.h> #ifndef NO_HW #ifndef NO_HW_NURON -typedef int tfnModExp(BIGNUM *r,BIGNUM *a,const BIGNUM *p,const BIGNUM *m); +typedef int tfnModExp(BIGNUM *r,const BIGNUM *a,const BIGNUM *p,const BIGNUM *m); static tfnModExp *pfnModExp = NULL; static DSO *pvDSOHandle = NULL; -static int nuron_init() +static int nuron_init(void) { if(pvDSOHandle != NULL) { @@ -99,7 +98,7 @@ static int nuron_init() return 1; } -static int nuron_finish() +static int nuron_finish(void) { if(pvDSOHandle == NULL) { @@ -116,7 +115,7 @@ static int nuron_finish() return 1; } -static int nuron_mod_exp(BIGNUM *r,BIGNUM *a,const BIGNUM *p, +static int nuron_mod_exp(BIGNUM *r,const BIGNUM *a,const BIGNUM *p, const BIGNUM *m,BN_CTX *ctx) { if(!pvDSOHandle) @@ -127,7 +126,7 @@ static int nuron_mod_exp(BIGNUM *r,BIGNUM *a,const BIGNUM *p, return pfnModExp(r,a,p,m); } -static int nuron_rsa_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa) +static int nuron_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) { return nuron_mod_exp(r0,I,rsa->d,rsa->n,NULL); } @@ -171,15 +170,16 @@ static int nuron_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, } /* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int nuron_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int nuron_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return nuron_mod_exp(r, a, p, m, ctx); } /* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int nuron_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) +static int nuron_mod_exp_dh(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return nuron_mod_exp(r, a, p, m, ctx); } @@ -251,9 +251,9 @@ static ENGINE engine_nuron = * (indeed - the lock will already be held by our caller!!!) */ ENGINE *ENGINE_nuron() { - RSA_METHOD *meth1; - DSA_METHOD *meth2; - DH_METHOD *meth3; + const RSA_METHOD *meth1; + const DSA_METHOD *meth2; + const DH_METHOD *meth3; /* We know that the "PKCS1_SSLeay()" functions hook properly * to the nuron-specific mod_exp and mod_exp_crt so we use diff --git a/crypto/engine/vendor_defns/cswift.h b/crypto/engine/vendor_defns/cswift.h index 0af14a1a92..517d1a8500 100644 --- a/crypto/engine/vendor_defns/cswift.h +++ b/crypto/engine/vendor_defns/cswift.h @@ -156,6 +156,27 @@ typedef struct _SW_LARGENUMBER { /* bytes in network (big endian) order */ } SW_LARGENUMBER; +#if defined(WIN32) + #include <windows.h> + typedef HANDLE SW_OSHANDLE; /* handle to kernel object */ + #define SW_OS_INVALID_HANDLE INVALID_HANDLE_VALUE + #define SW_CALLCONV _stdcall +#elif defined(MAC) + /* async callback mechanisms */ + /* swiftCallbackLevel */ + #define SW_MAC_CALLBACK_LEVEL_NO 0 + #define SW_MAC_CALLBACK_LEVEL_HARDWARE 1 /* from the hardware ISR */ + #define SW_MAC_CALLBACK_LEVEL_SECONDARY 2 /* as secondary ISR */ + typedef int SW_MAC_CALLBACK_LEVEL; + typedef int SW_OSHANDLE; + #define SW_OS_INVALID_HANDLE (-1) + #define SW_CALLCONV +#else /* Unix variants */ + typedef int SW_OSHANDLE; /* handle to driver */ + #define SW_OS_INVALID_HANDLE (-1) + #define SW_CALLCONV +#endif + typedef struct _SW_CRT { SW_LARGENUMBER p; /* prime number p */ SW_LARGENUMBER q; /* prime number q */ @@ -196,16 +217,16 @@ typedef SW_U32 SW_CONTEXT_HANDLE; /* opaque context handle */ /* Now the OpenSSL bits, these function types are the for the function * pointers that will bound into the Rainbow shared libraries. */ -typedef SW_STATUS t_swAcquireAccContext(SW_CONTEXT_HANDLE *hac); -typedef SW_STATUS t_swAttachKeyParam(SW_CONTEXT_HANDLE hac, - SW_PARAM *key_params); -typedef SW_STATUS t_swSimpleRequest(SW_CONTEXT_HANDLE hac, - SW_COMMAND_CODE cmd, - SW_LARGENUMBER pin[], - SW_U32 pin_count, - SW_LARGENUMBER pout[], - SW_U32 pout_count); -typedef SW_STATUS t_swReleaseAccContext(SW_CONTEXT_HANDLE hac); +typedef SW_STATUS SW_CALLCONV t_swAcquireAccContext(SW_CONTEXT_HANDLE *hac); +typedef SW_STATUS SW_CALLCONV t_swAttachKeyParam(SW_CONTEXT_HANDLE hac, + SW_PARAM *key_params); +typedef SW_STATUS SW_CALLCONV t_swSimpleRequest(SW_CONTEXT_HANDLE hac, + SW_COMMAND_CODE cmd, + SW_LARGENUMBER pin[], + SW_U32 pin_count, + SW_LARGENUMBER pout[], + SW_U32 pout_count); +typedef SW_STATUS SW_CALLCONV t_swReleaseAccContext(SW_CONTEXT_HANDLE hac); #ifdef __cplusplus } diff --git a/crypto/err/Makefile.ssl b/crypto/err/Makefile.ssl index 00ee86f3c4..58cd8f03e4 100644 --- a/crypto/err/Makefile.ssl +++ b/crypto/err/Makefile.ssl @@ -103,12 +103,12 @@ err_all.o: ../../include/openssl/opensslv.h ../../include/openssl/pem2.h err_all.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h err_all.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h err_all.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -err_all.o: ../../include/openssl/rijndael-alg-fst.h -err_all.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -err_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -err_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -err_all.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -err_all.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +err_all.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +err_all.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +err_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +err_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +err_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +err_all.o: ../../include/openssl/x509v3.h err_prn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h err_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h err_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h diff --git a/crypto/err/err.c b/crypto/err/err.c index 99272e437c..3b4de23775 100644 --- a/crypto/err/err.c +++ b/crypto/err/err.c @@ -129,6 +129,12 @@ static unsigned long pid_hash(ERR_STATE *pid); static int pid_cmp(ERR_STATE *a,ERR_STATE *pid); static unsigned long get_error_values(int inc,const char **file,int *line, const char **data,int *flags); + +static IMPLEMENT_LHASH_HASH_FN(err_hash, ERR_STRING_DATA *) +static IMPLEMENT_LHASH_COMP_FN(err_cmp, ERR_STRING_DATA *) +static IMPLEMENT_LHASH_HASH_FN(pid_hash, ERR_STATE *) +static IMPLEMENT_LHASH_COMP_FN(pid_cmp, ERR_STATE *) + static void ERR_STATE_free(ERR_STATE *s); #ifndef NO_ERR static ERR_STRING_DATA ERR_str_libraries[]= @@ -316,7 +322,8 @@ void ERR_load_strings(int lib, ERR_STRING_DATA *str) if (error_hash == NULL) { CRYPTO_w_lock(CRYPTO_LOCK_ERR_HASH); - error_hash=lh_new(err_hash,err_cmp); + error_hash=lh_new(LHASH_HASH_FN(err_hash), + LHASH_COMP_FN(err_cmp)); if (error_hash == NULL) { CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH); @@ -706,7 +713,8 @@ ERR_STATE *ERR_get_state(void) /* no entry yet in thread_hash for current thread - * thus, it may have changed since we last looked at it */ if (thread_hash == NULL) - thread_hash = lh_new(pid_hash, pid_cmp); + thread_hash = lh_new(LHASH_HASH_FN(pid_hash), + LHASH_COMP_FN(pid_cmp)); if (thread_hash == NULL) thread_state_exists = 0; /* allocation error */ else diff --git a/crypto/err/err.h b/crypto/err/err.h index 7388a4a937..b4ced575df 100644 --- a/crypto/err/err.h +++ b/crypto/err/err.h @@ -133,6 +133,7 @@ typedef struct err_state_st #define ERR_LIB_RAND 36 #define ERR_LIB_DSO 37 #define ERR_LIB_ENGINE 38 +#define ERR_LIB_OCSP 39 #define ERR_LIB_USER 128 @@ -163,6 +164,7 @@ typedef struct err_state_st #define RANDerr(f,r) ERR_PUT_error(ERR_LIB_RAND,(f),(r),ERR_file_name,__LINE__) #define DSOerr(f,r) ERR_PUT_error(ERR_LIB_DSO,(f),(r),ERR_file_name,__LINE__) #define ENGINEerr(f,r) ERR_PUT_error(ERR_LIB_ENGINE,(f),(r),ERR_file_name,__LINE__) +#define OCSPerr(f,r) ERR_PUT_error(ERR_LIB_OCSP,(f),(r),ERR_file_name,__LINE__) /* Borland C seems too stupid to be able to shift and do longs in * the pre-processor :-( */ diff --git a/crypto/err/err_all.c b/crypto/err/err_all.c index b8315d8272..d4f169ec01 100644 --- a/crypto/err/err_all.c +++ b/crypto/err/err_all.c @@ -64,7 +64,7 @@ #ifndef NO_RSA #include <openssl/rsa.h> #endif -#ifdef RSAref +#if 0 /* was: #ifdef RSAref */ #include <openssl/rsaref.h> #endif #ifndef NO_DH @@ -98,7 +98,7 @@ void ERR_load_crypto_strings(void) ERR_load_BIO_strings(); ERR_load_CONF_strings(); #ifndef NO_RSA -#ifdef RSAref +#if 0 /* was: #ifdef RSAref */ ERR_load_RSAREF_strings(); #else ERR_load_RSA_strings(); diff --git a/crypto/err/openssl.ec b/crypto/err/openssl.ec index 861d680e07..717c6eeba1 100644 --- a/crypto/err/openssl.ec +++ b/crypto/err/openssl.ec @@ -9,6 +9,7 @@ L EVP crypto/evp/evp.h crypto/evp/evp_err.c L BUF crypto/buffer/buffer.h crypto/buffer/buf_err.c L BIO crypto/bio/bio.h crypto/bio/bio_err.c L OBJ crypto/objects/objects.h crypto/objects/obj_err.c +L OCSP crypto/ocsp/ocsp.h crypto/ocsp/ocsp_err.c L PEM crypto/pem/pem.h crypto/pem/pem_err.c L X509 crypto/x509/x509.h crypto/x509/x509_err.c L NONE crypto/x509/x509_vfy.h NONE @@ -19,7 +20,6 @@ L CONF crypto/conf/conf.h crypto/conf/conf_err.c #L PROXY crypto/proxy/proxy.h crypto/proxy/proxy_err.c L PKCS7 crypto/pkcs7/pkcs7.h crypto/pkcs7/pkcs7err.c L PKCS12 crypto/pkcs12/pkcs12.h crypto/pkcs12/pk12err.c -L RSAREF rsaref/rsaref.h rsaref/rsar_err.c L SSL ssl/ssl.h ssl/ssl_err.c L COMP crypto/comp/comp.h crypto/comp/comp_err.c L RAND crypto/rand/rand.h crypto/rand/rand_err.c diff --git a/crypto/evp/Makefile.ssl b/crypto/evp/Makefile.ssl index 0f059047a9..71d7bd97fd 100644 --- a/crypto/evp/Makefile.ssl +++ b/crypto/evp/Makefile.ssl @@ -111,7 +111,7 @@ bio_b64.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h bio_b64.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h bio_b64.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h bio_b64.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -bio_b64.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +bio_b64.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h bio_b64.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h bio_b64.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h bio_b64.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -129,7 +129,7 @@ bio_enc.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h bio_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h bio_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h bio_enc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -bio_enc.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +bio_enc.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h bio_enc.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h bio_enc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h bio_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -147,7 +147,7 @@ bio_md.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h bio_md.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h bio_md.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h bio_md.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -bio_md.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +bio_md.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h bio_md.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h bio_md.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h bio_md.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -166,11 +166,11 @@ bio_ok.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h bio_ok.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h bio_ok.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h bio_ok.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -bio_ok.o: ../../include/openssl/rijndael-alg-fst.h -bio_ok.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -bio_ok.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -bio_ok.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -bio_ok.o: ../../include/openssl/symhacks.h ../cryptlib.h +bio_ok.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +bio_ok.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +bio_ok.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +bio_ok.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +bio_ok.o: ../cryptlib.h c_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h c_all.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h c_all.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -184,7 +184,7 @@ c_all.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h c_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h c_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h c_all.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -c_all.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +c_all.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h c_all.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h c_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h c_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -203,7 +203,7 @@ c_allc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h c_allc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h c_allc.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h c_allc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -c_allc.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +c_allc.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h c_allc.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h c_allc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h c_allc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -223,7 +223,7 @@ c_alld.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h c_alld.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h c_alld.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h c_alld.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -c_alld.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +c_alld.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h c_alld.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h c_alld.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h c_alld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -242,7 +242,7 @@ digest.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h digest.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h digest.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -digest.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +digest.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h digest.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h digest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -260,7 +260,7 @@ e_bf.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h e_bf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h e_bf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h e_bf.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_bf.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +e_bf.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h e_bf.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h e_bf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h e_bf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -278,7 +278,7 @@ e_cast.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h e_cast.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h e_cast.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h e_cast.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_cast.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +e_cast.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h e_cast.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h e_cast.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h e_cast.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -296,7 +296,7 @@ e_des.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h e_des.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h e_des.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h e_des.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_des.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +e_des.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h e_des.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h e_des.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h e_des.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -314,7 +314,7 @@ e_des3.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h e_des3.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h e_des3.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h e_des3.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_des3.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +e_des3.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h e_des3.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h e_des3.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h e_des3.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -332,7 +332,7 @@ e_idea.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h e_idea.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h e_idea.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h e_idea.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_idea.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +e_idea.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h e_idea.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h e_idea.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h e_idea.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -350,7 +350,7 @@ e_null.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h e_null.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h e_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h e_null.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_null.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +e_null.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h e_null.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h e_null.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h e_null.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -368,7 +368,7 @@ e_rc2.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h e_rc2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h e_rc2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h e_rc2.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_rc2.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +e_rc2.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h e_rc2.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h e_rc2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h e_rc2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -386,7 +386,7 @@ e_rc4.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h e_rc4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h e_rc4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h e_rc4.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_rc4.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +e_rc4.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h e_rc4.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h e_rc4.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h e_rc4.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -404,7 +404,7 @@ e_rc5.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h e_rc5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h e_rc5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h e_rc5.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_rc5.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +e_rc5.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h e_rc5.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h e_rc5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h e_rc5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -421,7 +421,7 @@ e_rd.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h e_rd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h e_rd.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h e_rd.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_rd.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +e_rd.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h e_rd.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h e_rd.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h e_rd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -440,11 +440,11 @@ e_xcbc_d.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h e_xcbc_d.o: ../../include/openssl/opensslconf.h e_xcbc_d.o: ../../include/openssl/opensslv.h ../../include/openssl/rc2.h e_xcbc_d.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -e_xcbc_d.o: ../../include/openssl/rijndael-alg-fst.h -e_xcbc_d.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -e_xcbc_d.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_xcbc_d.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -e_xcbc_d.o: ../../include/openssl/symhacks.h ../cryptlib.h +e_xcbc_d.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +e_xcbc_d.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +e_xcbc_d.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +e_xcbc_d.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +e_xcbc_d.o: ../cryptlib.h encode.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h encode.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h encode.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -458,7 +458,7 @@ encode.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h encode.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h encode.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h encode.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -encode.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +encode.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h encode.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h encode.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h encode.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -476,7 +476,7 @@ evp_enc.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h evp_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h evp_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h evp_enc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -evp_enc.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +evp_enc.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h evp_enc.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h evp_enc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h evp_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -493,7 +493,7 @@ evp_err.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h evp_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h evp_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h evp_err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -evp_err.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +evp_err.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h evp_err.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h evp_err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h evp_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -512,12 +512,12 @@ evp_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h evp_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h evp_key.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h evp_key.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -evp_key.o: ../../include/openssl/rijndael-alg-fst.h -evp_key.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -evp_key.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -evp_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -evp_key.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -evp_key.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +evp_key.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +evp_key.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +evp_key.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +evp_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +evp_key.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +evp_key.o: ../cryptlib.h evp_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h evp_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h evp_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -531,7 +531,7 @@ evp_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h evp_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h evp_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h evp_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -evp_lib.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +evp_lib.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h evp_lib.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h evp_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h evp_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -550,12 +550,12 @@ evp_pbe.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h evp_pbe.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h evp_pbe.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h evp_pbe.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -evp_pbe.o: ../../include/openssl/rijndael-alg-fst.h -evp_pbe.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -evp_pbe.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -evp_pbe.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -evp_pbe.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -evp_pbe.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +evp_pbe.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +evp_pbe.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +evp_pbe.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +evp_pbe.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +evp_pbe.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +evp_pbe.o: ../cryptlib.h evp_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h evp_pkey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h evp_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -571,12 +571,12 @@ evp_pkey.o: ../../include/openssl/opensslconf.h evp_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h evp_pkey.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h evp_pkey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -evp_pkey.o: ../../include/openssl/rijndael-alg-fst.h -evp_pkey.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -evp_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -evp_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -evp_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -evp_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +evp_pkey.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +evp_pkey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +evp_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +evp_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +evp_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +evp_pkey.o: ../cryptlib.h m_dss.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h m_dss.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h m_dss.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -591,12 +591,12 @@ m_dss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h m_dss.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h m_dss.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h m_dss.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_dss.o: ../../include/openssl/rijndael-alg-fst.h -m_dss.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -m_dss.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -m_dss.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -m_dss.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -m_dss.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +m_dss.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +m_dss.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +m_dss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +m_dss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +m_dss.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +m_dss.o: ../cryptlib.h m_dss1.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h m_dss1.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h m_dss1.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -611,12 +611,12 @@ m_dss1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h m_dss1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h m_dss1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h m_dss1.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_dss1.o: ../../include/openssl/rijndael-alg-fst.h -m_dss1.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -m_dss1.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -m_dss1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -m_dss1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -m_dss1.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +m_dss1.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +m_dss1.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +m_dss1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +m_dss1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +m_dss1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +m_dss1.o: ../cryptlib.h m_md2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h m_md2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h m_md2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -631,12 +631,12 @@ m_md2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h m_md2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h m_md2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h m_md2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_md2.o: ../../include/openssl/rijndael-alg-fst.h -m_md2.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -m_md2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -m_md2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -m_md2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -m_md2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +m_md2.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +m_md2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +m_md2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +m_md2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +m_md2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +m_md2.o: ../cryptlib.h m_md4.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h m_md4.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h m_md4.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -651,12 +651,12 @@ m_md4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h m_md4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h m_md4.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h m_md4.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_md4.o: ../../include/openssl/rijndael-alg-fst.h -m_md4.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -m_md4.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -m_md4.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -m_md4.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -m_md4.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +m_md4.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +m_md4.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +m_md4.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +m_md4.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +m_md4.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +m_md4.o: ../cryptlib.h m_md5.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h m_md5.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h m_md5.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -671,12 +671,12 @@ m_md5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h m_md5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h m_md5.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h m_md5.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_md5.o: ../../include/openssl/rijndael-alg-fst.h -m_md5.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -m_md5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -m_md5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -m_md5.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -m_md5.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +m_md5.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +m_md5.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +m_md5.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +m_md5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +m_md5.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +m_md5.o: ../cryptlib.h m_mdc2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h m_mdc2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h m_mdc2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -691,12 +691,12 @@ m_mdc2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h m_mdc2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h m_mdc2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h m_mdc2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_mdc2.o: ../../include/openssl/rijndael-alg-fst.h -m_mdc2.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -m_mdc2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -m_mdc2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -m_mdc2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -m_mdc2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +m_mdc2.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +m_mdc2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +m_mdc2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +m_mdc2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +m_mdc2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +m_mdc2.o: ../cryptlib.h m_null.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h m_null.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h m_null.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -711,12 +711,12 @@ m_null.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h m_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h m_null.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h m_null.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_null.o: ../../include/openssl/rijndael-alg-fst.h -m_null.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -m_null.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -m_null.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -m_null.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -m_null.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +m_null.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +m_null.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +m_null.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +m_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +m_null.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +m_null.o: ../cryptlib.h m_ripemd.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h m_ripemd.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h m_ripemd.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -731,8 +731,7 @@ m_ripemd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h m_ripemd.o: ../../include/openssl/opensslconf.h m_ripemd.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h m_ripemd.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -m_ripemd.o: ../../include/openssl/rc5.h -m_ripemd.o: ../../include/openssl/rijndael-alg-fst.h +m_ripemd.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h m_ripemd.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h m_ripemd.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h m_ripemd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -752,12 +751,12 @@ m_sha.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h m_sha.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h m_sha.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h m_sha.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_sha.o: ../../include/openssl/rijndael-alg-fst.h -m_sha.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -m_sha.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -m_sha.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -m_sha.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -m_sha.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +m_sha.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +m_sha.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +m_sha.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +m_sha.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +m_sha.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +m_sha.o: ../cryptlib.h m_sha1.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h m_sha1.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h m_sha1.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -772,12 +771,12 @@ m_sha1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h m_sha1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h m_sha1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h m_sha1.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_sha1.o: ../../include/openssl/rijndael-alg-fst.h -m_sha1.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -m_sha1.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -m_sha1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -m_sha1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -m_sha1.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +m_sha1.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +m_sha1.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +m_sha1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +m_sha1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +m_sha1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +m_sha1.o: ../cryptlib.h names.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h names.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h names.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -792,12 +791,12 @@ names.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h names.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h names.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h names.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -names.o: ../../include/openssl/rijndael-alg-fst.h -names.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -names.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -names.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -names.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -names.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +names.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +names.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +names.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +names.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +names.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +names.o: ../cryptlib.h p5_crpt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h p5_crpt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h p5_crpt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -812,12 +811,12 @@ p5_crpt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p5_crpt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p5_crpt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h p5_crpt.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p5_crpt.o: ../../include/openssl/rijndael-alg-fst.h -p5_crpt.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p5_crpt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p5_crpt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p5_crpt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p5_crpt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +p5_crpt.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +p5_crpt.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p5_crpt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p5_crpt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p5_crpt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p5_crpt.o: ../cryptlib.h p5_crpt2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h p5_crpt2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h p5_crpt2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -832,8 +831,7 @@ p5_crpt2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h p5_crpt2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p5_crpt2.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h p5_crpt2.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p5_crpt2.o: ../../include/openssl/rc5.h -p5_crpt2.o: ../../include/openssl/rijndael-alg-fst.h +p5_crpt2.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h p5_crpt2.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h p5_crpt2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p5_crpt2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -853,7 +851,7 @@ p_dec.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p_dec.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p_dec.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h p_dec.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p_dec.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +p_dec.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h p_dec.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h p_dec.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p_dec.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -873,7 +871,7 @@ p_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p_enc.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h p_enc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p_enc.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +p_enc.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h p_enc.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h p_enc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -893,7 +891,7 @@ p_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h p_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h p_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p_lib.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +p_lib.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h p_lib.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h p_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -913,12 +911,12 @@ p_open.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p_open.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p_open.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h p_open.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p_open.o: ../../include/openssl/rijndael-alg-fst.h -p_open.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p_open.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p_open.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p_open.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p_open.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +p_open.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +p_open.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p_open.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p_open.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p_open.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p_open.o: ../cryptlib.h p_seal.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h p_seal.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h p_seal.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -933,7 +931,7 @@ p_seal.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p_seal.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h p_seal.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p_seal.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +p_seal.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h p_seal.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h p_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -953,12 +951,12 @@ p_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p_sign.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h p_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p_sign.o: ../../include/openssl/rijndael-alg-fst.h -p_sign.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +p_sign.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +p_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p_sign.o: ../cryptlib.h p_verify.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h p_verify.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h p_verify.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -973,8 +971,7 @@ p_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p_verify.o: ../../include/openssl/opensslconf.h p_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h p_verify.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p_verify.o: ../../include/openssl/rc5.h -p_verify.o: ../../include/openssl/rijndael-alg-fst.h +p_verify.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h p_verify.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h p_verify.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h diff --git a/crypto/evp/bio_enc.c b/crypto/evp/bio_enc.c index 831c71a2b5..f8336f2610 100644 --- a/crypto/evp/bio_enc.c +++ b/crypto/evp/bio_enc.c @@ -71,6 +71,7 @@ static int enc_new(BIO *h); static int enc_free(BIO *data); static long enc_callback_ctrl(BIO *h, int cmd, bio_info_cb *fps); #define ENC_BLOCK_SIZE (1024*4) +#define BUF_OFFSET 8 /* XXX: why? */ typedef struct enc_struct { @@ -80,7 +81,7 @@ typedef struct enc_struct int finished; int ok; /* bad decrypt */ EVP_CIPHER_CTX cipher; - char buf[ENC_BLOCK_SIZE+10]; + char buf[ENC_BLOCK_SIZE+BUF_OFFSET+2/*why?*/]; } BIO_ENC_CTX; static BIO_METHOD methods_enc= @@ -172,7 +173,7 @@ static int enc_read(BIO *b, char *out, int outl) /* read in at offset 8, read the EVP_Cipher * documentation about why */ - i=BIO_read(b->next_bio,&(ctx->buf[8]),ENC_BLOCK_SIZE); + i=BIO_read(b->next_bio,&(ctx->buf[BUF_OFFSET]),ENC_BLOCK_SIZE); if (i <= 0) { @@ -196,7 +197,7 @@ static int enc_read(BIO *b, char *out, int outl) { EVP_CipherUpdate(&(ctx->cipher), (unsigned char *)ctx->buf,&ctx->buf_len, - (unsigned char *)&(ctx->buf[8]),i); + (unsigned char *)&(ctx->buf[BUF_OFFSET]),i); ctx->cont=1; /* Note: it is possible for EVP_CipherUpdate to * decrypt zero bytes because this is or looks like diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c index a9aba4ae70..7bf42b3002 100644 --- a/crypto/evp/e_des3.c +++ b/crypto/evp/e_des3.c @@ -93,6 +93,17 @@ static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) { +#ifdef KSSL_DEBUG + { + int i; + char *cp; + printf("des_ede_cbc_cipher(ctx=%lx, buflen=%d)\n", ctx, ctx->buf_len); + printf("\t iv= "); + for(i=0;i<8;i++) + printf("%02X",ctx->iv[i]); + printf("\n"); + } +#endif /* KSSL_DEBUG */ des_ede3_cbc_encrypt(in, out, (long)inl, ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3, (des_cblock *)ctx->iv, ctx->encrypt); @@ -145,6 +156,16 @@ static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { des_cblock *deskey = (des_cblock *)key; +#ifdef KSSL_DEBUG + { + int i; + printf("des_ede3_init_key(ctx=%lx)\n", ctx); + printf("\tKEY= "); + for(i=0;i<24;i++) printf("%02X",key[i]); printf("\n"); + printf("\t IV= "); + for(i=0;i<8;i++) printf("%02X",iv[i]); printf("\n"); + } +#endif /* KSSL_DEBUG */ des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1); des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2); diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index e8621973ec..17a0f306eb 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -121,6 +121,7 @@ #define EVP_MAX_MD_SIZE (16+20) /* The SSLv3 md5+sha1 type */ #define EVP_MAX_KEY_LENGTH 32 #define EVP_MAX_IV_LENGTH 16 +#define EVP_MAX_BLOCK_LENGTH 32 #define PKCS5_SALT_LEN 8 /* Default PKCS#5 iteration count */ @@ -396,7 +397,7 @@ struct evp_cipher_ctx_st unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */ unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */ - unsigned char buf[EVP_MAX_IV_LENGTH]; /* saved partial block */ + unsigned char buf[EVP_MAX_BLOCK_LENGTH];/* saved partial block */ int num; /* used by cfb/ofb mode */ void *app_data; /* application stuff */ diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c index 8df2874f3c..0f34847333 100644 --- a/crypto/evp/evp_pkey.c +++ b/crypto/evp/evp_pkey.c @@ -82,6 +82,7 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8) #endif X509_ALGOR *a; unsigned char *p; + const unsigned char *cp; int pkeylen; char obj_tmp[80]; @@ -103,7 +104,8 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8) { #ifndef NO_RSA case NID_rsaEncryption: - if (!(rsa = d2i_RSAPrivateKey (NULL, &p, pkeylen))) { + cp = p; + if (!(rsa = d2i_RSAPrivateKey (NULL,&cp, pkeylen))) { EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); return NULL; } @@ -163,9 +165,9 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8) EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); goto dsaerr; } - p = param->value.sequence->data; + cp = p = param->value.sequence->data; plen = param->value.sequence->length; - if (!(dsa = d2i_DSAparams (NULL, &p, plen))) { + if (!(dsa = d2i_DSAparams (NULL, &cp, plen))) { EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); goto dsaerr; } diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 62398ed74d..14af3198dc 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -99,7 +99,7 @@ int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode) #ifndef NO_DSA if (pkey->type == EVP_PKEY_DSA) { - int ret=pkey->save_parameters=mode; + int ret=pkey->save_parameters; if (mode >= 0) pkey->save_parameters=mode; diff --git a/crypto/ex_data.c b/crypto/ex_data.c index 739e543d78..35ea2c2982 100644 --- a/crypto/ex_data.c +++ b/crypto/ex_data.c @@ -131,7 +131,7 @@ int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val) return(1); } -void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *ad, int idx) +void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx) { if (ad->sk == NULL) return(0); diff --git a/crypto/hmac/Makefile.ssl b/crypto/hmac/Makefile.ssl index a15f775c98..ab2e9a83c9 100644 --- a/crypto/hmac/Makefile.ssl +++ b/crypto/hmac/Makefile.ssl @@ -91,8 +91,7 @@ hmac.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h hmac.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h hmac.o: ../../include/openssl/opensslv.h ../../include/openssl/rc2.h hmac.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -hmac.o: ../../include/openssl/rijndael-alg-fst.h -hmac.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -hmac.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -hmac.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -hmac.o: ../../include/openssl/symhacks.h +hmac.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +hmac.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +hmac.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +hmac.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h diff --git a/crypto/install.com b/crypto/install.com index 4780118ab9..96db3abbb1 100644 --- a/crypto/install.com +++ b/crypto/install.com @@ -58,7 +58,7 @@ $ EXHEADER_DSA := dsa.h $ EXHEADER_DH := dh.h $ EXHEADER_DSO := dso.h $ EXHEADER_ENGINE := engine.h -$ EXHEADER_RIJNDAEL := rijndael-alg-fst.h,rijndael.h +$ EXHEADER_RIJNDAEL := rd_fst.h,rijndael.h $ EXHEADER_BUFFER := buffer.h $ EXHEADER_BIO := bio.h $ EXHEADER_STACK := stack.h,safestack.h diff --git a/crypto/lhash/lh_stats.c b/crypto/lhash/lh_stats.c index ee0600060e..62dab3acc9 100644 --- a/crypto/lhash/lh_stats.c +++ b/crypto/lhash/lh_stats.c @@ -139,7 +139,7 @@ void lh_node_usage_stats(LHASH *lh, FILE *out) #else #ifndef NO_FP_API -void lh_stats(LHASH *lh, FILE *fp) +void lh_stats(const LHASH *lh, FILE *fp) { BIO *bp; @@ -151,7 +151,7 @@ void lh_stats(LHASH *lh, FILE *fp) end:; } -void lh_node_stats(LHASH *lh, FILE *fp) +void lh_node_stats(const LHASH *lh, FILE *fp) { BIO *bp; @@ -163,7 +163,7 @@ void lh_node_stats(LHASH *lh, FILE *fp) end:; } -void lh_node_usage_stats(LHASH *lh, FILE *fp) +void lh_node_usage_stats(const LHASH *lh, FILE *fp) { BIO *bp; @@ -177,7 +177,7 @@ end:; #endif -void lh_stats_bio(LHASH *lh, BIO *out) +void lh_stats_bio(const LHASH *lh, BIO *out) { char buf[128]; @@ -225,7 +225,7 @@ void lh_stats_bio(LHASH *lh, BIO *out) #endif } -void lh_node_stats_bio(LHASH *lh, BIO *out) +void lh_node_stats_bio(const LHASH *lh, BIO *out) { LHASH_NODE *n; unsigned int i,num; @@ -240,7 +240,7 @@ void lh_node_stats_bio(LHASH *lh, BIO *out) } } -void lh_node_usage_stats_bio(LHASH *lh, BIO *out) +void lh_node_usage_stats_bio(const LHASH *lh, BIO *out) { LHASH_NODE *n; unsigned long num; diff --git a/crypto/lhash/lhash.c b/crypto/lhash/lhash.c index 7da14620a4..60699f45cc 100644 --- a/crypto/lhash/lhash.c +++ b/crypto/lhash/lhash.c @@ -111,7 +111,7 @@ static void expand(LHASH *lh); static void contract(LHASH *lh); static LHASH_NODE **getrn(LHASH *lh, void *data, unsigned long *rhash); -LHASH *lh_new(unsigned long (*h)(), int (*c)()) +LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c) { LHASH *ret; int i; @@ -122,8 +122,8 @@ LHASH *lh_new(unsigned long (*h)(), int (*c)()) goto err1; for (i=0; i<MIN_NODES; i++) ret->b[i]=NULL; - ret->comp=((c == NULL)?(int (*)())strcmp:c); - ret->hash=((h == NULL)?(unsigned long (*)())lh_strhash:h); + ret->comp=((c == NULL)?(LHASH_COMP_FN_TYPE)strcmp:c); + ret->hash=((h == NULL)?(LHASH_HASH_FN_TYPE)lh_strhash:h); ret->num_nodes=MIN_NODES/2; ret->num_alloc_nodes=MIN_NODES; ret->p=0; @@ -267,12 +267,19 @@ void *lh_retrieve(LHASH *lh, void *data) return(ret); } -void lh_doall(LHASH *lh, void (*func)()) +void lh_doall(LHASH *lh, LHASH_DOALL_FN_TYPE func) { - lh_doall_arg(lh,func,NULL); + /* Yikes that's bad - we're accepting a function that accepts 2 + * parameters (albeit we have to waive type-safety here) and then + * forcibly calling that callback with *3* parameters leaving the 3rd + * NULL. Obviously this "works" otherwise it wouldn't have survived so + * long, but is it "good"?? + * FIXME: Use an internal function from this and the "_arg" version that + * doesn't assume the ability to mutate function prototypes so badly. */ + lh_doall_arg(lh, (LHASH_DOALL_ARG_FN_TYPE)func, NULL); } -void lh_doall_arg(LHASH *lh, void (*func)(), void *arg) +void lh_doall_arg(LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg) { int i; LHASH_NODE *a,*n; @@ -312,7 +319,7 @@ static void expand(LHASH *lh) #ifndef NO_HASH_COMP hash=np->hash; #else - hash=(*(lh->hash))(np->data); + hash=lh->hash(np->data); lh->num_hash_calls++; #endif if ((hash%nni) != p) @@ -415,7 +422,7 @@ static LHASH_NODE **getrn(LHASH *lh, void *data, unsigned long *rhash) } #endif lh->num_comp_calls++; - if ((*cf)(n1->data,data) == 0) + if(cf(n1->data,data) == 0) break; ret= &(n1->next); } @@ -455,7 +462,7 @@ unsigned long lh_strhash(const char *c) return((ret>>16)^ret); } -unsigned long lh_num_items(LHASH *lh) +unsigned long lh_num_items(const LHASH *lh) { return lh ? lh->num_items : 0; } diff --git a/crypto/lhash/lhash.h b/crypto/lhash/lhash.h index b8ff021906..6420512079 100644 --- a/crypto/lhash/lhash.h +++ b/crypto/lhash/lhash.h @@ -84,11 +84,42 @@ typedef struct lhash_node_st #endif } LHASH_NODE; +typedef int (*LHASH_COMP_FN_TYPE)(void *, void *); +typedef unsigned long (*LHASH_HASH_FN_TYPE)(void *); +typedef void (*LHASH_DOALL_FN_TYPE)(void *); +typedef void (*LHASH_DOALL_ARG_FN_TYPE)(void *, void *); + +/* Macros for declaring and implementing type-safe wrappers for LHASH callbacks. + * This way, callbacks can be provided to LHASH structures without function + * pointer casting and the macro-defined callbacks provide per-variable casting + * before deferring to the underlying type-specific callbacks. NB: It is + * possible to place a "static" in front of both the DECLARE and IMPLEMENT + * macros if the functions are strictly internal. */ + +/* First: "hash" functions */ +#define DECLARE_LHASH_HASH_FN(f_name,o_type) \ + unsigned long f_name##_LHASH_HASH(void *); +#define IMPLEMENT_LHASH_HASH_FN(f_name,o_type) \ + unsigned long f_name##_LHASH_HASH(void *arg) { \ + o_type a = (o_type)arg; \ + return f_name(a); } +#define LHASH_HASH_FN(f_name) f_name##_LHASH_HASH + +/* Second: "compare" functions */ +#define DECLARE_LHASH_COMP_FN(f_name,o_type) \ + int f_name##_LHASH_COMP(void *, void *); +#define IMPLEMENT_LHASH_COMP_FN(f_name,o_type) \ + int f_name##_LHASH_COMP(void *arg1, void *arg2) { \ + o_type a = (o_type)arg1; \ + o_type b = (o_type)arg2; \ + return f_name(a,b); } +#define LHASH_COMP_FN(f_name) f_name##_LHASH_COMP + typedef struct lhash_st { LHASH_NODE **b; - int (*comp)(); - unsigned long (*hash)(); + LHASH_COMP_FN_TYPE comp; + LHASH_HASH_FN_TYPE hash; unsigned int num_nodes; unsigned int num_alloc_nodes; unsigned int p; @@ -120,26 +151,26 @@ typedef struct lhash_st * in lh_insert(). */ #define lh_error(lh) ((lh)->error) -LHASH *lh_new(unsigned long (*h)(/* void *a */), int (*c)(/* void *a,void *b */)); +LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c); void lh_free(LHASH *lh); void *lh_insert(LHASH *lh, void *data); void *lh_delete(LHASH *lh, void *data); void *lh_retrieve(LHASH *lh, void *data); - void lh_doall(LHASH *lh, void (*func)(/*void *b*/)); -void lh_doall_arg(LHASH *lh, void (*func)(/*void *a,void *b*/),void *arg); +void lh_doall(LHASH *lh, LHASH_DOALL_FN_TYPE func); +void lh_doall_arg(LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg); unsigned long lh_strhash(const char *c); -unsigned long lh_num_items(LHASH *lh); +unsigned long lh_num_items(const LHASH *lh); #ifndef NO_FP_API -void lh_stats(LHASH *lh, FILE *out); -void lh_node_stats(LHASH *lh, FILE *out); -void lh_node_usage_stats(LHASH *lh, FILE *out); +void lh_stats(const LHASH *lh, FILE *out); +void lh_node_stats(const LHASH *lh, FILE *out); +void lh_node_usage_stats(const LHASH *lh, FILE *out); #endif #ifndef NO_BIO -void lh_stats_bio(LHASH *lh, BIO *out); -void lh_node_stats_bio(LHASH *lh, BIO *out); -void lh_node_usage_stats_bio(LHASH *lh, BIO *out); +void lh_stats_bio(const LHASH *lh, BIO *out); +void lh_node_stats_bio(const LHASH *lh, BIO *out); +void lh_node_usage_stats_bio(const LHASH *lh, BIO *out); #endif #ifdef __cplusplus } diff --git a/crypto/md32_common.h b/crypto/md32_common.h index 1a404a458d..3d9f8d0349 100644 --- a/crypto/md32_common.h +++ b/crypto/md32_common.h @@ -179,7 +179,7 @@ */ #undef ROTATE #ifndef PEDANTIC -# if defined(_MSC_VER) +# if 0 /* defined(_MSC_VER) */ # define ROTATE(a,n) _lrotl(a,n) # elif defined(__MWERKS__) # if defined(__POWERPC__) diff --git a/crypto/mem_dbg.c b/crypto/mem_dbg.c index 866c53e73a..56ce7dddea 100644 --- a/crypto/mem_dbg.c +++ b/crypto/mem_dbg.c @@ -234,6 +234,9 @@ static unsigned long mem_hash(MEM *a) return(ret); } +static IMPLEMENT_LHASH_HASH_FN(mem_hash, MEM *) +static IMPLEMENT_LHASH_COMP_FN(mem_cmp, MEM *) + static int app_info_cmp(APP_INFO *a, APP_INFO *b) { return(a->thread != b->thread); @@ -249,7 +252,10 @@ static unsigned long app_info_hash(APP_INFO *a) return(ret); } -static APP_INFO *pop_info() +static IMPLEMENT_LHASH_HASH_FN(app_info_hash, APP_INFO *) +static IMPLEMENT_LHASH_COMP_FN(app_info_cmp, APP_INFO *) + +static APP_INFO *pop_info(void) { APP_INFO tmp; APP_INFO *ret = NULL; @@ -266,7 +272,7 @@ static APP_INFO *pop_info() next->references++; lh_insert(amih,(char *)next); } -#ifdef LEVITTE_DEBUG +#ifdef LEVITTE_DEBUG_MEM if (ret->thread != tmp.thread) { fprintf(stderr, "pop_info(): deleted info has other thread ID (%lu) than the current thread (%lu)!!!!\n", @@ -302,7 +308,8 @@ int CRYPTO_push_info_(const char *info, const char *file, int line) } if (amih == NULL) { - if ((amih=lh_new(app_info_hash,app_info_cmp)) == NULL) + if ((amih=lh_new(LHASH_HASH_FN(app_info_hash), + LHASH_COMP_FN(app_info_cmp))) == NULL) { OPENSSL_free(ami); ret=0; @@ -319,7 +326,7 @@ int CRYPTO_push_info_(const char *info, const char *file, int line) if ((amim=(APP_INFO *)lh_insert(amih,(char *)ami)) != NULL) { -#ifdef LEVITTE_DEBUG +#ifdef LEVITTE_DEBUG_MEM if (ami->thread != amim->thread) { fprintf(stderr, "CRYPTO_push_info(): previous info has other thread ID (%lu) than the current thread (%lu)!!!!\n", @@ -394,7 +401,8 @@ void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line, } if (mh == NULL) { - if ((mh=lh_new(mem_hash,mem_cmp)) == NULL) + if ((mh=lh_new(LHASH_HASH_FN(mem_hash), + LHASH_COMP_FN(mem_cmp))) == NULL) { OPENSSL_free(addr); OPENSSL_free(m); @@ -418,8 +426,8 @@ void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line, m->order=order; } m->order=order++; -#ifdef LEVITTE_DEBUG - fprintf(stderr, "LEVITTE_DEBUG: [%5d] %c 0x%p (%d)\n", +#ifdef LEVITTE_DEBUG_MEM + fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5d] %c 0x%p (%d)\n", m->order, (before_p & 128) ? '*' : '+', m->addr, m->num); @@ -473,8 +481,8 @@ void CRYPTO_dbg_free(void *addr, int before_p) mp=(MEM *)lh_delete(mh,(char *)&m); if (mp != NULL) { -#ifdef LEVITTE_DEBUG - fprintf(stderr, "LEVITTE_DEBUG: [%5d] - 0x%p (%d)\n", +#ifdef LEVITTE_DEBUG_MEM + fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5d] - 0x%p (%d)\n", mp->order, mp->addr, mp->num); #endif if (mp->app_info != NULL) @@ -497,8 +505,8 @@ void CRYPTO_dbg_realloc(void *addr1, void *addr2, int num, { MEM m,*mp; -#ifdef LEVITTE_DEBUG - fprintf(stderr, "LEVITTE_DEBUG: --> CRYPTO_dbg_malloc(addr1 = %p, addr2 = %p, num = %d, file = \"%s\", line = %d, before_p = %d)\n", +#ifdef LEVITTE_DEBUG_MEM + fprintf(stderr, "LEVITTE_DEBUG_MEM: --> CRYPTO_dbg_malloc(addr1 = %p, addr2 = %p, num = %d, file = \"%s\", line = %d, before_p = %d)\n", addr1, addr2, num, file, line, before_p); #endif @@ -524,8 +532,8 @@ void CRYPTO_dbg_realloc(void *addr1, void *addr2, int num, mp=(MEM *)lh_delete(mh,(char *)&m); if (mp != NULL) { -#ifdef LEVITTE_DEBUG - fprintf(stderr, "LEVITTE_DEBUG: [%5d] * 0x%p (%d) -> 0x%p (%d)\n", +#ifdef LEVITTE_DEBUG_MEM + fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5d] * 0x%p (%d) -> 0x%p (%d)\n", mp->order, mp->addr, mp->num, addr2, num); @@ -626,7 +634,7 @@ static void print_leak(MEM *m, MEM_LEAK *l) } while(amip && amip->thread == ti); -#ifdef LEVITTE_DEBUG +#ifdef LEVITTE_DEBUG_MEM if (amip) { fprintf(stderr, "Thread switch detected in backtrace!!!!\n"); @@ -647,7 +655,8 @@ void CRYPTO_mem_leaks(BIO *b) ml.chunks=0; MemCheck_off(); /* obtains CRYPTO_LOCK_MALLOC2 */ if (mh != NULL) - lh_doall_arg(mh,(void (*)())print_leak,(char *)&ml); + lh_doall_arg(mh, (LHASH_DOALL_ARG_FN_TYPE)print_leak, + (char *)&ml); if (ml.chunks != 0) { sprintf(buf,"%ld bytes leaked in %d chunks\n", @@ -725,6 +734,6 @@ void CRYPTO_mem_leaks_cb(void (*cb)(unsigned long, const char *, int, int, void { if (mh == NULL) return; CRYPTO_w_lock(CRYPTO_LOCK_MALLOC2); - lh_doall_arg(mh,(void (*)())cb_leak,(void *)&cb); + lh_doall_arg(mh, (LHASH_DOALL_ARG_FN_TYPE)cb_leak,(void *)&cb); CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC2); } diff --git a/crypto/objects/Makefile.ssl b/crypto/objects/Makefile.ssl index 7b01d4b085..55635aef12 100644 --- a/crypto/objects/Makefile.ssl +++ b/crypto/objects/Makefile.ssl @@ -44,10 +44,10 @@ lib: $(LIBOBJ) @touch lib obj_dat.h: objects.h objects.txt obj_mac.h - perl obj_dat.pl obj_mac.h obj_dat.h + $(PERL) obj_dat.pl obj_mac.h obj_dat.h obj_mac.h: objects.txt obj_mac.num - perl objects.pl objects.txt obj_mac.num obj_mac.h + $(PERL) objects.pl objects.txt obj_mac.num obj_mac.h files: $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO diff --git a/crypto/objects/o_names.c b/crypto/objects/o_names.c index dca988230e..ccf3a18726 100644 --- a/crypto/objects/o_names.c +++ b/crypto/objects/o_names.c @@ -14,9 +14,9 @@ static int names_type_num=OBJ_NAME_TYPE_NUM; typedef struct name_funcs_st { - unsigned long (*hash_func)(); - int (*cmp_func)(); - void (*free_func)(); + unsigned long (*hash_func)(const char *name); + int (*cmp_func)(const char *a,const char *b); + void (*free_func)(const char *, int, const char *); } NAME_FUNCS; DECLARE_STACK_OF(NAME_FUNCS) @@ -27,17 +27,21 @@ static STACK_OF(NAME_FUNCS) *name_funcs_stack; static unsigned long obj_name_hash(OBJ_NAME *a); static int obj_name_cmp(OBJ_NAME *a,OBJ_NAME *b); +static IMPLEMENT_LHASH_HASH_FN(obj_name_hash, OBJ_NAME *) +static IMPLEMENT_LHASH_COMP_FN(obj_name_cmp, OBJ_NAME *) + int OBJ_NAME_init(void) { if (names_lh != NULL) return(1); MemCheck_off(); - names_lh=lh_new(obj_name_hash,obj_name_cmp); + names_lh=lh_new(LHASH_HASH_FN(obj_name_hash), + LHASH_COMP_FN(obj_name_cmp)); MemCheck_on(); return(names_lh != NULL); } int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *), - int (*cmp_func)(const void *, const void *), + int (*cmp_func)(const char *, const char *), void (*free_func)(const char *, int, const char *)) { int ret; @@ -62,12 +66,12 @@ int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *), MemCheck_off(); name_funcs = OPENSSL_malloc(sizeof(NAME_FUNCS)); name_funcs->hash_func = lh_strhash; - name_funcs->cmp_func = (int (*)())strcmp; + name_funcs->cmp_func = strcmp; name_funcs->free_func = 0; /* NULL is often declared to - * ((void *)0), which according - * to Compaq C is not really - * compatible with a function - * pointer. -- Richard Levitte*/ + * ((void *)0), which according + * to Compaq C is not really + * compatible with a function + * pointer. -- Richard Levitte*/ sk_NAME_FUNCS_push(name_funcs_stack,name_funcs); MemCheck_on(); } @@ -132,7 +136,7 @@ const char *OBJ_NAME_get(const char *name, int type) on.type=type; for (;;) - { + { ret=(OBJ_NAME *)lh_retrieve(names_lh,&on); if (ret == NULL) return(NULL); if ((ret->alias) && !alias) @@ -224,12 +228,80 @@ int OBJ_NAME_remove(const char *name, int type) return(0); } +struct doall + { + int type; + void (*fn)(const OBJ_NAME *,void *arg); + void *arg; + }; + +static void do_all_fn(const OBJ_NAME *name,struct doall *d) + { + if(name->type == d->type) + d->fn(name,d->arg); + } + +void OBJ_NAME_do_all(int type,void (*fn)(const OBJ_NAME *,void *arg),void *arg) + { + struct doall d; + + d.type=type; + d.fn=fn; + d.arg=arg; + + lh_doall_arg(names_lh,(LHASH_DOALL_ARG_FN_TYPE)do_all_fn,&d); + } + +struct doall_sorted + { + int type; + int n; + const OBJ_NAME **names; + }; + +static void do_all_sorted_fn(const OBJ_NAME *name,void *d_) + { + struct doall_sorted *d=d_; + + if(name->type != d->type) + return; + + d->names[d->n++]=name; + } + +static int do_all_sorted_cmp(const void *n1_,const void *n2_) + { + const OBJ_NAME * const *n1=n1_; + const OBJ_NAME * const *n2=n2_; + + return strcmp((*n1)->name,(*n2)->name); + } + +void OBJ_NAME_do_all_sorted(int type,void (*fn)(const OBJ_NAME *,void *arg), + void *arg) + { + struct doall_sorted d; + int n; + + d.type=type; + d.names=OPENSSL_malloc(lh_num_items(names_lh)*sizeof *d.names); + d.n=0; + OBJ_NAME_do_all(type,do_all_sorted_fn,&d); + + qsort(d.names,d.n,sizeof *d.names,do_all_sorted_cmp); + + for(n=0 ; n < d.n ; ++n) + fn(d.names[n],arg); + + OPENSSL_free(d.names); + } + static int free_type; static void names_lh_free(OBJ_NAME *onp, int type) { if(onp == NULL) - return; + return; if ((free_type < 0) || (free_type == onp->type)) { @@ -252,7 +324,7 @@ void OBJ_NAME_cleanup(int type) down_load=names_lh->down_load; names_lh->down_load=0; - lh_doall(names_lh,names_lh_free); + lh_doall(names_lh,(LHASH_DOALL_FN_TYPE)names_lh_free); if (type < 0) { lh_free(names_lh); diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c index 4b1bb9583a..6eb9f48861 100644 --- a/crypto/objects/obj_dat.c +++ b/crypto/objects/obj_dat.c @@ -174,10 +174,13 @@ static int add_cmp(ADDED_OBJ *ca, ADDED_OBJ *cb) return(1); /* should not get here */ } +static IMPLEMENT_LHASH_HASH_FN(add_hash, ADDED_OBJ *) +static IMPLEMENT_LHASH_COMP_FN(add_cmp, ADDED_OBJ *) + static int init_added(void) { if (added != NULL) return(1); - added=lh_new(add_hash,add_cmp); + added=lh_new(LHASH_HASH_FN(add_hash),LHASH_COMP_FN(add_cmp)); return(added != NULL); } @@ -203,9 +206,9 @@ void OBJ_cleanup(void) { if (added == NULL) return; added->down_load=0; - lh_doall(added,cleanup1); /* zero counters */ - lh_doall(added,cleanup2); /* set counters */ - lh_doall(added,cleanup3); /* free objects */ + lh_doall(added,(LHASH_DOALL_FN_TYPE)cleanup1); /* zero counters */ + lh_doall(added,(LHASH_DOALL_FN_TYPE)cleanup2); /* set counters */ + lh_doall(added,(LHASH_DOALL_FN_TYPE)cleanup3); /* free objects */ lh_free(added); added=NULL; } diff --git a/crypto/objects/objects.h b/crypto/objects/objects.h index c099e2e84e..8918683aab 100644 --- a/crypto/objects/objects.h +++ b/crypto/objects/objects.h @@ -985,12 +985,17 @@ typedef struct obj_name_st int OBJ_NAME_init(void); -int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *),int (*cmp_func)(const void *, const void *), - void (*free_func)(const char *, int, const char *)); +int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *), + int (*cmp_func)(const char *, const char *), + void (*free_func)(const char *, int, const char *)); const char *OBJ_NAME_get(const char *name,int type); int OBJ_NAME_add(const char *name,int type,const char *data); int OBJ_NAME_remove(const char *name,int type); void OBJ_NAME_cleanup(int type); /* -1 for everything */ +void OBJ_NAME_do_all(int type,void (*fn)(const OBJ_NAME *,void *arg), + void *arg); +void OBJ_NAME_do_all_sorted(int type,void (*fn)(const OBJ_NAME *,void *arg), + void *arg); ASN1_OBJECT * OBJ_dup(ASN1_OBJECT *o); ASN1_OBJECT * OBJ_nid2obj(int n); diff --git a/crypto/pem/Makefile.ssl b/crypto/pem/Makefile.ssl index e26c079b4e..19465558f8 100644 --- a/crypto/pem/Makefile.ssl +++ b/crypto/pem/Makefile.ssl @@ -95,12 +95,12 @@ pem_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h pem_all.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h pem_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h pem_all.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pem_all.o: ../../include/openssl/rijndael-alg-fst.h -pem_all.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -pem_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pem_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pem_all.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -pem_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +pem_all.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +pem_all.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +pem_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pem_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pem_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +pem_all.o: ../cryptlib.h pem_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h pem_err.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h pem_err.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -115,7 +115,7 @@ pem_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h pem_err.o: ../../include/openssl/opensslv.h ../../include/openssl/pem.h pem_err.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h pem_err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pem_err.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +pem_err.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h pem_err.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h pem_err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h pem_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -136,8 +136,7 @@ pem_info.o: ../../include/openssl/opensslconf.h pem_info.o: ../../include/openssl/opensslv.h ../../include/openssl/pem.h pem_info.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h pem_info.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pem_info.o: ../../include/openssl/rc5.h -pem_info.o: ../../include/openssl/rijndael-alg-fst.h +pem_info.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h pem_info.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h pem_info.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h pem_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -159,12 +158,12 @@ pem_lib.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h pem_lib.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h pem_lib.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h pem_lib.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pem_lib.o: ../../include/openssl/rijndael-alg-fst.h -pem_lib.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -pem_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pem_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pem_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -pem_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +pem_lib.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +pem_lib.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +pem_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pem_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pem_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +pem_lib.o: ../cryptlib.h pem_seal.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h pem_seal.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h pem_seal.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -181,12 +180,12 @@ pem_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/pem.h pem_seal.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h pem_seal.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h pem_seal.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pem_seal.o: ../../include/openssl/rijndael-alg-fst.h -pem_seal.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -pem_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pem_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pem_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -pem_seal.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +pem_seal.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +pem_seal.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +pem_seal.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pem_seal.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pem_seal.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +pem_seal.o: ../cryptlib.h pem_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h pem_sign.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h pem_sign.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -203,9 +202,9 @@ pem_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/pem.h pem_sign.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h pem_sign.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h pem_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pem_sign.o: ../../include/openssl/rijndael-alg-fst.h -pem_sign.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -pem_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pem_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pem_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -pem_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +pem_sign.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +pem_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +pem_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pem_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pem_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +pem_sign.o: ../cryptlib.h diff --git a/crypto/perlasm/x86unix.pl b/crypto/perlasm/x86unix.pl index 309060ea00..61b0311c92 100644 --- a/crypto/perlasm/x86unix.pl +++ b/crypto/perlasm/x86unix.pl @@ -3,6 +3,8 @@ package x86unix; $label="L000"; +$const=""; +$constl=0; $align=($main'aout)?"4":"16"; $under=($main'aout)?"_":""; @@ -341,9 +343,12 @@ sub main'function_end popl %ebx popl %ebp ret +$const .${func}_end: EOF push(@out,$tmp); + $const=""; + if ($main'cpp) { push(@out,"\tSIZE($func,.${func}_end-$func)\n"); } elsif ($main'gaswin) @@ -459,3 +464,75 @@ sub main'data_word { push(@out,"\t.long $_[0]\n"); } + +# debug output functions: puts, putx, printf + +sub main'puts + { + &pushvars(); + &main'push('$Lstring' . ++$constl); + &main'call('puts'); + $stack-=4; + &main'add("esp",4); + &popvars(); + + $const .= "Lstring$constl:\n\t.string \"@_[0]\"\n"; + } + +sub main'putx + { + &pushvars(); + &main'push($_[0]); + &main'push('$Lstring' . ++$constl); + &main'call('printf'); + &main'add("esp",8); + $stack-=8; + &popvars(); + + $const .= "Lstring$constl:\n\t.string \"\%X\"\n"; + } + +sub main'printf + { + $ostack = $stack; + &pushvars(); + for ($i = @_ - 1; $i >= 0; $i--) + { + if ($i == 0) # change this to support %s format strings + { + &main'push('$Lstring' . ++$constl); + $const .= "Lstring$constl:\n\t.string \"@_[$i]\"\n"; + } + else + { + if ($_[$i] =~ /([0-9]*)\(%esp\)/) + { + &main'push(($1 + $stack - $ostack) . '(%esp)'); + } + else + { + &main'push($_[$i]); + } + } + } + &main'call('printf'); + $stack-=4*@_; + &main'add("esp",4*@_); + &popvars(); + } + +sub pushvars + { + &out0("pushf"); + &main'push("edx"); + &main'push("ecx"); + &main'push("eax"); + } + +sub popvars + { + &main'pop("eax"); + &main'pop("ecx"); + &main'pop("edx"); + &out0("popf"); + } diff --git a/crypto/pkcs12/Makefile.ssl b/crypto/pkcs12/Makefile.ssl index b28e441287..794185354e 100644 --- a/crypto/pkcs12/Makefile.ssl +++ b/crypto/pkcs12/Makefile.ssl @@ -99,7 +99,7 @@ p12_add.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p12_add.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p12_add.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h p12_add.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_add.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +p12_add.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h p12_add.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h p12_add.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p12_add.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -120,12 +120,12 @@ p12_asn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p12_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h p12_asn.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h p12_asn.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_asn.o: ../../include/openssl/rijndael-alg-fst.h -p12_asn.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p12_asn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_asn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_asn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p12_asn.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +p12_asn.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +p12_asn.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p12_asn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p12_asn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p12_asn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p12_asn.o: ../cryptlib.h p12_attr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h p12_attr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h p12_attr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -141,12 +141,12 @@ p12_attr.o: ../../include/openssl/opensslconf.h p12_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h p12_attr.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h p12_attr.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_attr.o: ../../include/openssl/rijndael-alg-fst.h -p12_attr.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p12_attr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_attr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_attr.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p12_attr.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +p12_attr.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +p12_attr.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p12_attr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p12_attr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p12_attr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p12_attr.o: ../cryptlib.h p12_crpt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h p12_crpt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h p12_crpt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -162,12 +162,12 @@ p12_crpt.o: ../../include/openssl/opensslconf.h p12_crpt.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h p12_crpt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h p12_crpt.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_crpt.o: ../../include/openssl/rijndael-alg-fst.h -p12_crpt.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p12_crpt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_crpt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_crpt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p12_crpt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +p12_crpt.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +p12_crpt.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p12_crpt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p12_crpt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p12_crpt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p12_crpt.o: ../cryptlib.h p12_crt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h p12_crt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h p12_crt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -182,7 +182,7 @@ p12_crt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p12_crt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p12_crt.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h p12_crt.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_crt.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +p12_crt.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h p12_crt.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h p12_crt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p12_crt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -203,12 +203,12 @@ p12_decr.o: ../../include/openssl/opensslconf.h p12_decr.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h p12_decr.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h p12_decr.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_decr.o: ../../include/openssl/rijndael-alg-fst.h -p12_decr.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p12_decr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_decr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_decr.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p12_decr.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +p12_decr.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +p12_decr.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p12_decr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p12_decr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p12_decr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p12_decr.o: ../cryptlib.h p12_init.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h p12_init.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h p12_init.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -224,12 +224,12 @@ p12_init.o: ../../include/openssl/opensslconf.h p12_init.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h p12_init.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h p12_init.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_init.o: ../../include/openssl/rijndael-alg-fst.h -p12_init.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p12_init.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_init.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_init.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p12_init.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +p12_init.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +p12_init.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p12_init.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p12_init.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p12_init.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p12_init.o: ../cryptlib.h p12_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h p12_key.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h p12_key.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -244,7 +244,7 @@ p12_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p12_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p12_key.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h p12_key.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_key.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +p12_key.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h p12_key.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h p12_key.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p12_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -265,12 +265,12 @@ p12_kiss.o: ../../include/openssl/opensslconf.h p12_kiss.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h p12_kiss.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h p12_kiss.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_kiss.o: ../../include/openssl/rijndael-alg-fst.h -p12_kiss.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p12_kiss.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_kiss.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_kiss.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p12_kiss.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +p12_kiss.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +p12_kiss.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p12_kiss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p12_kiss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p12_kiss.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p12_kiss.o: ../cryptlib.h p12_mutl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h p12_mutl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h p12_mutl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -286,8 +286,7 @@ p12_mutl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p12_mutl.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h p12_mutl.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h p12_mutl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_mutl.o: ../../include/openssl/rc5.h -p12_mutl.o: ../../include/openssl/rijndael-alg-fst.h +p12_mutl.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h p12_mutl.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h p12_mutl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p12_mutl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -308,12 +307,11 @@ p12_npas.o: ../../include/openssl/opensslv.h ../../include/openssl/pem.h p12_npas.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h p12_npas.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h p12_npas.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_npas.o: ../../include/openssl/rijndael-alg-fst.h -p12_npas.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p12_npas.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_npas.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_npas.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p12_npas.o: ../../include/openssl/x509_vfy.h +p12_npas.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +p12_npas.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p12_npas.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p12_npas.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p12_npas.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h p12_utl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h p12_utl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h p12_utl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -328,7 +326,7 @@ p12_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p12_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p12_utl.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h p12_utl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_utl.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +p12_utl.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h p12_utl.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h p12_utl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p12_utl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -348,9 +346,8 @@ pk12err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h pk12err.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h pk12err.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h pk12err.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pk12err.o: ../../include/openssl/rijndael-alg-fst.h -pk12err.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -pk12err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pk12err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pk12err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -pk12err.o: ../../include/openssl/x509_vfy.h +pk12err.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +pk12err.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +pk12err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pk12err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pk12err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h diff --git a/crypto/pkcs7/Makefile.ssl b/crypto/pkcs7/Makefile.ssl index bf0247cda8..ab87fb7056 100644 --- a/crypto/pkcs7/Makefile.ssl +++ b/crypto/pkcs7/Makefile.ssl @@ -114,8 +114,7 @@ pk7_asn1.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h pk7_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h pk7_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h pk7_asn1.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pk7_asn1.o: ../../include/openssl/rc5.h -pk7_asn1.o: ../../include/openssl/rijndael-alg-fst.h +pk7_asn1.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h pk7_asn1.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h pk7_asn1.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h pk7_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -135,8 +134,7 @@ pk7_attr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h pk7_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/pem.h pk7_attr.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h pk7_attr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pk7_attr.o: ../../include/openssl/rc5.h -pk7_attr.o: ../../include/openssl/rijndael-alg-fst.h +pk7_attr.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h pk7_attr.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h pk7_attr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h pk7_attr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -158,13 +156,12 @@ pk7_doit.o: ../../include/openssl/opensslconf.h pk7_doit.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h pk7_doit.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h pk7_doit.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pk7_doit.o: ../../include/openssl/rijndael-alg-fst.h -pk7_doit.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -pk7_doit.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pk7_doit.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pk7_doit.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -pk7_doit.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -pk7_doit.o: ../cryptlib.h +pk7_doit.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +pk7_doit.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +pk7_doit.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pk7_doit.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pk7_doit.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +pk7_doit.o: ../../include/openssl/x509v3.h ../cryptlib.h pk7_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h pk7_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h pk7_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -179,12 +176,12 @@ pk7_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h pk7_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h pk7_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h pk7_lib.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pk7_lib.o: ../../include/openssl/rijndael-alg-fst.h -pk7_lib.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -pk7_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pk7_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pk7_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -pk7_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +pk7_lib.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +pk7_lib.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +pk7_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pk7_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pk7_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +pk7_lib.o: ../cryptlib.h pk7_mime.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h pk7_mime.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h pk7_mime.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -200,12 +197,12 @@ pk7_mime.o: ../../include/openssl/opensslconf.h pk7_mime.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h pk7_mime.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h pk7_mime.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pk7_mime.o: ../../include/openssl/rijndael-alg-fst.h -pk7_mime.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -pk7_mime.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pk7_mime.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pk7_mime.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -pk7_mime.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +pk7_mime.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +pk7_mime.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +pk7_mime.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pk7_mime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pk7_mime.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +pk7_mime.o: ../cryptlib.h pk7_smime.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h pk7_smime.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h pk7_smime.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -221,8 +218,7 @@ pk7_smime.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h pk7_smime.o: ../../include/openssl/opensslconf.h pk7_smime.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h pk7_smime.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pk7_smime.o: ../../include/openssl/rc5.h -pk7_smime.o: ../../include/openssl/rijndael-alg-fst.h +pk7_smime.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h pk7_smime.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h pk7_smime.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h pk7_smime.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -242,8 +238,7 @@ pkcs7err.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h pkcs7err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h pkcs7err.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h pkcs7err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pkcs7err.o: ../../include/openssl/rc5.h -pkcs7err.o: ../../include/openssl/rijndael-alg-fst.h +pkcs7err.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h pkcs7err.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h pkcs7err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h pkcs7err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h diff --git a/crypto/rand/Makefile.ssl b/crypto/rand/Makefile.ssl index a005df2019..712938bcf4 100644 --- a/crypto/rand/Makefile.ssl +++ b/crypto/rand/Makefile.ssl @@ -104,8 +104,7 @@ rand_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h rand_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h rand_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h rand_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -rand_lib.o: ../../include/openssl/rc5.h -rand_lib.o: ../../include/openssl/rijndael-alg-fst.h +rand_lib.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h rand_lib.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h rand_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h rand_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h diff --git a/crypto/rand/rand_win.c b/crypto/rand/rand_win.c index 9f2dcff9a9..f0655803f0 100644 --- a/crypto/rand/rand_win.c +++ b/crypto/rand/rand_win.c @@ -310,7 +310,7 @@ int RAND_poll(void) { if (gen(hProvider, sizeof(buf), buf) != 0) { - RAND_add(buf, sizeof(buf), sizeof(buf)); + RAND_add(buf, sizeof(buf), 0); #ifdef DEBUG printf("randomness from PROV_RSA_FULL\n"); #endif @@ -461,7 +461,7 @@ int RAND_poll(void) hlist.th32ProcessID, hlist.th32HeapID)) { - int entrycnt = 50; + int entrycnt = 80; do RAND_add(&hentry, hentry.dwSize, 5); @@ -570,7 +570,7 @@ static void readtimer(void) DWORD w; LARGE_INTEGER l; static int have_perfc = 1; -#ifndef __GNUC__ +#ifdef _MSC_VER static int have_tsc = 1; DWORD cyclecount; diff --git a/crypto/rijndael/Makefile.ssl b/crypto/rijndael/Makefile.ssl index 01da7ac8b3..6ed8aa3c03 100644 --- a/crypto/rijndael/Makefile.ssl +++ b/crypto/rijndael/Makefile.ssl @@ -28,12 +28,12 @@ TEST= APPS= LIB=$(TOP)/libcrypto.a -LIBSRC=rijndael-alg-fst.c -LIBOBJ=rijndael-alg-fst.o +LIBSRC=rd_fst.c +LIBOBJ=rd_fst.o SRC= $(LIBSRC) -EXHEADER=rijndael-alg-fst.h rijndael.h +EXHEADER=rd_fst.h rijndael.h top: (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) @@ -83,4 +83,4 @@ clean: # DO NOT DELETE THIS LINE -rijndael-alg-fst.o: boxes-fst-corrected.dat rijndael-alg-fst.h +rd_fst.o: boxes-fst-corrected.dat rd_fst.h diff --git a/crypto/rijndael/rijndael.h b/crypto/rijndael/rijndael.h index 34741a83b9..8287ca67c1 100644 --- a/crypto/rijndael/rijndael.h +++ b/crypto/rijndael/rijndael.h @@ -1,4 +1,4 @@ -#include "rijndael-alg-fst.h" +#include "openssl/rd_fst.h" #define RIJNDAEL_MAX_IV 16 diff --git a/crypto/rsa/Makefile.ssl b/crypto/rsa/Makefile.ssl index c34648d3e4..6f18d2bf04 100644 --- a/crypto/rsa/Makefile.ssl +++ b/crypto/rsa/Makefile.ssl @@ -112,7 +112,7 @@ rsa_eay.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h rsa_eay.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h rsa_eay.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h rsa_eay.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -rsa_eay.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +rsa_eay.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h rsa_eay.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h rsa_eay.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h rsa_eay.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -145,7 +145,7 @@ rsa_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h rsa_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h rsa_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h rsa_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -rsa_lib.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +rsa_lib.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h rsa_lib.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h rsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h rsa_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -199,8 +199,7 @@ rsa_saos.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h rsa_saos.o: ../../include/openssl/opensslconf.h rsa_saos.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h rsa_saos.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -rsa_saos.o: ../../include/openssl/rc5.h -rsa_saos.o: ../../include/openssl/rijndael-alg-fst.h +rsa_saos.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h rsa_saos.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h rsa_saos.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h rsa_saos.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -221,12 +220,12 @@ rsa_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h rsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h rsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h rsa_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -rsa_sign.o: ../../include/openssl/rijndael-alg-fst.h -rsa_sign.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -rsa_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -rsa_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -rsa_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -rsa_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +rsa_sign.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +rsa_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +rsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +rsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +rsa_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +rsa_sign.o: ../cryptlib.h rsa_ssl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h rsa_ssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h rsa_ssl.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h index b537b48ca2..a488b80763 100644 --- a/crypto/rsa/rsa.h +++ b/crypto/rsa/rsa.h @@ -78,16 +78,20 @@ typedef struct rsa_st RSA; typedef struct rsa_meth_st { const char *name; - int (*rsa_pub_enc)(int flen,unsigned char *from,unsigned char *to, + int (*rsa_pub_enc)(int flen,const unsigned char *from, + unsigned char *to, RSA *rsa,int padding); - int (*rsa_pub_dec)(int flen,unsigned char *from,unsigned char *to, + int (*rsa_pub_dec)(int flen,const unsigned char *from, + unsigned char *to, RSA *rsa,int padding); - int (*rsa_priv_enc)(int flen,unsigned char *from,unsigned char *to, + int (*rsa_priv_enc)(int flen,const unsigned char *from, + unsigned char *to, RSA *rsa,int padding); - int (*rsa_priv_dec)(int flen,unsigned char *from,unsigned char *to, + int (*rsa_priv_dec)(int flen,const unsigned char *from, + unsigned char *to, RSA *rsa,int padding); - int (*rsa_mod_exp)(BIGNUM *r0,BIGNUM *I,RSA *rsa); /* Can be null */ - int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p, + int (*rsa_mod_exp)(BIGNUM *r0,const BIGNUM *I,RSA *rsa); /* Can be null */ + int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* Can be null */ int (*init)(RSA *rsa); /* called at new */ @@ -101,10 +105,12 @@ typedef struct rsa_meth_st * compatibility this functionality is only enabled if the RSA_FLAG_SIGN_VER * option is set in 'flags'. */ - int (*rsa_sign)(int type, unsigned char *m, unsigned int m_len, - unsigned char *sigret, unsigned int *siglen, RSA *rsa); - int (*rsa_verify)(int dtype, unsigned char *m, unsigned int m_len, - unsigned char *sigbuf, unsigned int siglen, RSA *rsa); + int (*rsa_sign)(int type, + const unsigned char *m, unsigned int m_len, + unsigned char *sigret, unsigned int *siglen, const RSA *rsa); + int (*rsa_verify)(int dtype, + const unsigned char *m, unsigned int m_len, + unsigned char *sigbuf, unsigned int siglen, const RSA *rsa); } RSA_METHOD; @@ -177,26 +183,26 @@ RSA * RSA_new_method(RSA_METHOD *method); #else RSA * RSA_new_method(struct engine_st *engine); #endif -int RSA_size(RSA *); +int RSA_size(const RSA *); RSA * RSA_generate_key(int bits, unsigned long e,void (*callback)(int,int,void *),void *cb_arg); -int RSA_check_key(RSA *); +int RSA_check_key(const RSA *); /* next 4 return -1 on error */ -int RSA_public_encrypt(int flen, unsigned char *from, +int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); -int RSA_private_encrypt(int flen, unsigned char *from, +int RSA_private_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); -int RSA_public_decrypt(int flen, unsigned char *from, +int RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); -int RSA_private_decrypt(int flen, unsigned char *from, +int RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); void RSA_free (RSA *r); -int RSA_flags(RSA *r); +int RSA_flags(const RSA *r); -void RSA_set_default_openssl_method(RSA_METHOD *meth); -RSA_METHOD *RSA_get_default_openssl_method(void); -RSA_METHOD *RSA_get_method(RSA *rsa); +void RSA_set_default_openssl_method(const RSA_METHOD *meth); +const RSA_METHOD *RSA_get_default_openssl_method(void); +const RSA_METHOD *RSA_get_method(const RSA *rsa); #if 0 RSA_METHOD *RSA_set_method(RSA *rsa, RSA_METHOD *meth); #else @@ -207,77 +213,82 @@ int RSA_set_method(RSA *rsa, struct engine_st *engine); int RSA_memory_lock(RSA *r); /* If you have RSAref compiled in. */ -RSA_METHOD *RSA_PKCS1_RSAref(void); +const RSA_METHOD *RSA_PKCS1_RSAref(void); /* these are the actual SSLeay RSA functions */ -RSA_METHOD *RSA_PKCS1_SSLeay(void); +const RSA_METHOD *RSA_PKCS1_SSLeay(void); -RSA_METHOD *RSA_null_method(void); +const RSA_METHOD *RSA_null_method(void); void ERR_load_RSA_strings(void ); -RSA * d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length); -int i2d_RSAPublicKey(RSA *a, unsigned char **pp); -RSA * d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length); -int i2d_RSAPrivateKey(RSA *a, unsigned char **pp); +RSA * d2i_RSAPublicKey(RSA **a, const unsigned char **pp, long length); +int i2d_RSAPublicKey(const RSA *a, unsigned char **pp); +RSA * d2i_RSAPrivateKey(RSA **a, const unsigned char **pp, long length); +int i2d_RSAPrivateKey(const RSA *a, unsigned char **pp); #ifndef NO_FP_API -int RSA_print_fp(FILE *fp, RSA *r,int offset); +int RSA_print_fp(FILE *fp, const RSA *r,int offset); #endif #ifndef NO_BIO -int RSA_print(BIO *bp, RSA *r,int offset); +int RSA_print(BIO *bp, const RSA *r,int offset); #endif -int i2d_RSA_NET(RSA *a, unsigned char **pp, int (*cb)(), int sgckey); -RSA *d2i_RSA_NET(RSA **a, unsigned char **pp, long length, int (*cb)(), int sgckey); +int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey); +RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), int sgckey); -int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)()); -RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)()); +int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, int (*cb)()); +RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int (*cb)()); +/* Naughty internal function required elsewhere, to handle a MS structure + * that is the same as the netscape one :-) */ +RSA *d2i_Netscape_RSA_2(RSA **a, const unsigned char **pp, long length, int (*cb)()); /* The following 2 functions sign and verify a X509_SIG ASN1 object * inside PKCS#1 padded RSA encryption */ -int RSA_sign(int type, unsigned char *m, unsigned int m_len, +int RSA_sign(int type, const unsigned char *m, unsigned int m_len, unsigned char *sigret, unsigned int *siglen, RSA *rsa); -int RSA_verify(int type, unsigned char *m, unsigned int m_len, +int RSA_verify(int type, const unsigned char *m, unsigned int m_len, unsigned char *sigbuf, unsigned int siglen, RSA *rsa); /* The following 2 function sign and verify a ASN1_OCTET_STRING * object inside PKCS#1 padded RSA encryption */ -int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, +int RSA_sign_ASN1_OCTET_STRING(int type, + const unsigned char *m, unsigned int m_len, unsigned char *sigret, unsigned int *siglen, RSA *rsa); -int RSA_verify_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, +int RSA_verify_ASN1_OCTET_STRING(int type, + const unsigned char *m, unsigned int m_len, unsigned char *sigbuf, unsigned int siglen, RSA *rsa); int RSA_blinding_on(RSA *rsa, BN_CTX *ctx); void RSA_blinding_off(RSA *rsa); int RSA_padding_add_PKCS1_type_1(unsigned char *to,int tlen, - unsigned char *f,int fl); + const unsigned char *f,int fl); int RSA_padding_check_PKCS1_type_1(unsigned char *to,int tlen, - unsigned char *f,int fl,int rsa_len); + const unsigned char *f,int fl,int rsa_len); int RSA_padding_add_PKCS1_type_2(unsigned char *to,int tlen, - unsigned char *f,int fl); + const unsigned char *f,int fl); int RSA_padding_check_PKCS1_type_2(unsigned char *to,int tlen, - unsigned char *f,int fl,int rsa_len); + const unsigned char *f,int fl,int rsa_len); int RSA_padding_add_PKCS1_OAEP(unsigned char *to,int tlen, - unsigned char *f,int fl,unsigned char *p, - int pl); + const unsigned char *f,int fl, + const unsigned char *p,int pl); int RSA_padding_check_PKCS1_OAEP(unsigned char *to,int tlen, - unsigned char *f,int fl,int rsa_len, - unsigned char *p,int pl); + const unsigned char *f,int fl,int rsa_len, + const unsigned char *p,int pl); int RSA_padding_add_SSLv23(unsigned char *to,int tlen, - unsigned char *f,int fl); + const unsigned char *f,int fl); int RSA_padding_check_SSLv23(unsigned char *to,int tlen, - unsigned char *f,int fl,int rsa_len); + const unsigned char *f,int fl,int rsa_len); int RSA_padding_add_none(unsigned char *to,int tlen, - unsigned char *f,int fl); + const unsigned char *f,int fl); int RSA_padding_check_none(unsigned char *to,int tlen, - unsigned char *f,int fl,int rsa_len); + const unsigned char *f,int fl,int rsa_len); int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); int RSA_set_ex_data(RSA *r,int idx,void *arg); -void *RSA_get_ex_data(RSA *r, int idx); +void *RSA_get_ex_data(const RSA *r, int idx); /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes diff --git a/crypto/rsa/rsa_asn1.c b/crypto/rsa/rsa_asn1.c index fc8e97edee..0585b241e6 100644 --- a/crypto/rsa/rsa_asn1.c +++ b/crypto/rsa/rsa_asn1.c @@ -106,6 +106,6 @@ ASN1_SEQUENCE_cb(RSAPublicKey, rsa_cb) = { ASN1_SIMPLE(RSA, e, BIGNUM), } ASN1_SEQUENCE_END_cb(RSA, RSAPublicKey); -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(RSA, RSAPrivateKey, RSAPrivateKey) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPrivateKey, RSAPrivateKey) -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(RSA, RSAPublicKey, RSAPublicKey) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPublicKey, RSAPublicKey) diff --git a/crypto/rsa/rsa_chk.c b/crypto/rsa/rsa_chk.c index 91b9115798..002f2cb487 100644 --- a/crypto/rsa/rsa_chk.c +++ b/crypto/rsa/rsa_chk.c @@ -53,7 +53,7 @@ #include <openssl/rsa.h> -int RSA_check_key(RSA *key) +int RSA_check_key(const RSA *key) { BIGNUM *i, *j, *k, *l, *m; BN_CTX *ctx; diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c index 8b8a1e279a..37baaacfc7 100644 --- a/crypto/rsa/rsa_eay.c +++ b/crypto/rsa/rsa_eay.c @@ -65,15 +65,15 @@ #ifndef RSA_NULL -static int RSA_eay_public_encrypt(int flen, unsigned char *from, +static int RSA_eay_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); -static int RSA_eay_private_encrypt(int flen, unsigned char *from, +static int RSA_eay_private_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); -static int RSA_eay_public_decrypt(int flen, unsigned char *from, +static int RSA_eay_public_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); -static int RSA_eay_private_decrypt(int flen, unsigned char *from, +static int RSA_eay_private_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); -static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *i, RSA *rsa); +static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *i, RSA *rsa); static int RSA_eay_init(RSA *rsa); static int RSA_eay_finish(RSA *rsa); static RSA_METHOD rsa_pkcs1_eay_meth={ @@ -90,12 +90,12 @@ static RSA_METHOD rsa_pkcs1_eay_meth={ NULL, }; -RSA_METHOD *RSA_PKCS1_SSLeay(void) +const RSA_METHOD *RSA_PKCS1_SSLeay(void) { return(&rsa_pkcs1_eay_meth); } -static int RSA_eay_public_encrypt(int flen, unsigned char *from, +static int RSA_eay_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { const RSA_METHOD *meth; @@ -169,7 +169,7 @@ err: return(r); } -static int RSA_eay_private_encrypt(int flen, unsigned char *from, +static int RSA_eay_private_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { const RSA_METHOD *meth; @@ -247,7 +247,7 @@ err: return(r); } -static int RSA_eay_private_decrypt(int flen, unsigned char *from, +static int RSA_eay_private_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { const RSA_METHOD *meth; @@ -342,7 +342,7 @@ err: return(r); } -static int RSA_eay_public_decrypt(int flen, unsigned char *from, +static int RSA_eay_public_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { const RSA_METHOD *meth; @@ -416,7 +416,7 @@ err: return(r); } -static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa) +static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) { const RSA_METHOD *meth; BIGNUM r1,m1; diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index 5e1e8fcdf3..d09dbd4a33 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -66,7 +66,7 @@ const char *RSA_version="RSA" OPENSSL_VERSION_PTEXT; -static RSA_METHOD *default_RSA_meth=NULL; +static const RSA_METHOD *default_RSA_meth=NULL; static int rsa_meth_num=0; static STACK_OF(CRYPTO_EX_DATA_FUNCS) *rsa_meth=NULL; @@ -75,7 +75,7 @@ RSA *RSA_new(void) return(RSA_new_method(NULL)); } -void RSA_set_default_openssl_method(RSA_METHOD *meth) +void RSA_set_default_openssl_method(const RSA_METHOD *meth) { ENGINE *e; /* We'll need to notify the "openssl" ENGINE of this @@ -94,14 +94,14 @@ void RSA_set_default_openssl_method(RSA_METHOD *meth) } } -RSA_METHOD *RSA_get_default_openssl_method(void) +const RSA_METHOD *RSA_get_default_openssl_method(void) { if (default_RSA_meth == NULL) { #ifdef RSA_NULL default_RSA_meth=RSA_null_method(); #else -#ifdef RSAref +#if 0 /* was: #ifdef RSAref */ default_RSA_meth=RSA_PKCS1_RSAref(); #else default_RSA_meth=RSA_PKCS1_SSLeay(); @@ -112,7 +112,7 @@ RSA_METHOD *RSA_get_default_openssl_method(void) return default_RSA_meth; } -RSA_METHOD *RSA_get_method(RSA *rsa) +const RSA_METHOD *RSA_get_method(const RSA *rsa) { return ENGINE_get_RSA(rsa->engine); } @@ -131,7 +131,7 @@ RSA_METHOD *RSA_set_method(RSA *rsa, RSA_METHOD *meth) int RSA_set_method(RSA *rsa, ENGINE *engine) { ENGINE *mtmp; - RSA_METHOD *meth; + const RSA_METHOD *meth; mtmp = rsa->engine; meth = ENGINE_get_RSA(mtmp); if (!ENGINE_init(engine)) @@ -152,7 +152,7 @@ RSA *RSA_new_method(RSA_METHOD *meth) RSA *RSA_new_method(ENGINE *engine) #endif { - RSA_METHOD *meth; + const RSA_METHOD *meth; RSA *ret; ret=(RSA *)OPENSSL_malloc(sizeof(RSA)); @@ -191,19 +191,19 @@ RSA *RSA_new_method(ENGINE *engine) ret->blinding=NULL; ret->bignum_data=NULL; ret->flags=meth->flags; + CRYPTO_new_ex_data(rsa_meth,ret,&ret->ex_data); if ((meth->init != NULL) && !meth->init(ret)) { + CRYPTO_free_ex_data(rsa_meth, ret, &ret->ex_data); OPENSSL_free(ret); ret=NULL; } - else - CRYPTO_new_ex_data(rsa_meth,ret,&ret->ex_data); return(ret); } void RSA_free(RSA *r) { - RSA_METHOD *meth; + const RSA_METHOD *meth; int i; if (r == NULL) return; @@ -221,13 +221,13 @@ void RSA_free(RSA *r) } #endif - CRYPTO_free_ex_data(rsa_meth,r,&r->ex_data); - meth = ENGINE_get_RSA(r->engine); if (meth->finish != NULL) meth->finish(r); ENGINE_finish(r->engine); + CRYPTO_free_ex_data(rsa_meth,r,&r->ex_data); + if (r->n != NULL) BN_clear_free(r->n); if (r->e != NULL) BN_clear_free(r->e); if (r->d != NULL) BN_clear_free(r->d); @@ -254,45 +254,45 @@ int RSA_set_ex_data(RSA *r, int idx, void *arg) return(CRYPTO_set_ex_data(&r->ex_data,idx,arg)); } -void *RSA_get_ex_data(RSA *r, int idx) +void *RSA_get_ex_data(const RSA *r, int idx) { return(CRYPTO_get_ex_data(&r->ex_data,idx)); } -int RSA_size(RSA *r) +int RSA_size(const RSA *r) { return(BN_num_bytes(r->n)); } -int RSA_public_encrypt(int flen, unsigned char *from, unsigned char *to, +int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { return(ENGINE_get_RSA(rsa->engine)->rsa_pub_enc(flen, from, to, rsa, padding)); } -int RSA_private_encrypt(int flen, unsigned char *from, unsigned char *to, +int RSA_private_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { return(ENGINE_get_RSA(rsa->engine)->rsa_priv_enc(flen, from, to, rsa, padding)); } -int RSA_private_decrypt(int flen, unsigned char *from, unsigned char *to, +int RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { return(ENGINE_get_RSA(rsa->engine)->rsa_priv_dec(flen, from, to, rsa, padding)); } -int RSA_public_decrypt(int flen, unsigned char *from, unsigned char *to, +int RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { return(ENGINE_get_RSA(rsa->engine)->rsa_pub_dec(flen, from, to, rsa, padding)); } -int RSA_flags(RSA *r) +int RSA_flags(const RSA *r) { return((r == NULL)?0:ENGINE_get_RSA(r->engine)->flags); } diff --git a/crypto/rsa/rsa_none.c b/crypto/rsa/rsa_none.c index f22fce5016..e6f3e627ca 100644 --- a/crypto/rsa/rsa_none.c +++ b/crypto/rsa/rsa_none.c @@ -62,8 +62,8 @@ #include <openssl/rsa.h> #include <openssl/rand.h> -int RSA_padding_add_none(unsigned char *to, int tlen, unsigned char *from, - int flen) +int RSA_padding_add_none(unsigned char *to, int tlen, + const unsigned char *from, int flen) { if (flen > tlen) { @@ -81,8 +81,8 @@ int RSA_padding_add_none(unsigned char *to, int tlen, unsigned char *from, return(1); } -int RSA_padding_check_none(unsigned char *to, int tlen, unsigned char *from, - int flen, int num) +int RSA_padding_check_none(unsigned char *to, int tlen, + const unsigned char *from, int flen, int num) { if (flen > tlen) diff --git a/crypto/rsa/rsa_null.c b/crypto/rsa/rsa_null.c index 7b58a0eca3..64057fbdcf 100644 --- a/crypto/rsa/rsa_null.c +++ b/crypto/rsa/rsa_null.c @@ -69,16 +69,16 @@ * operations (like storing RSA keys) are permitted. */ -static int RSA_null_public_encrypt(int flen, unsigned char *from, +static int RSA_null_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); -static int RSA_null_private_encrypt(int flen, unsigned char *from, +static int RSA_null_private_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); -static int RSA_null_public_decrypt(int flen, unsigned char *from, +static int RSA_null_public_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); -static int RSA_null_private_decrypt(int flen, unsigned char *from, +static int RSA_null_private_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); #if 0 /* not currently used */ -static int RSA_null_mod_exp(BIGNUM *r0, BIGNUM *i, RSA *rsa); +static int RSA_null_mod_exp(const BIGNUM *r0, const BIGNUM *i, RSA *rsa); #endif static int RSA_null_init(RSA *rsa); static int RSA_null_finish(RSA *rsa); @@ -88,40 +88,41 @@ static RSA_METHOD rsa_null_meth={ RSA_null_public_decrypt, RSA_null_private_encrypt, RSA_null_private_decrypt, - NULL, NULL, + NULL, + NULL, RSA_null_init, RSA_null_finish, 0, NULL, }; -RSA_METHOD *RSA_null_method(void) +const RSA_METHOD *RSA_null_method(void) { return(&rsa_null_meth); } -static int RSA_null_public_encrypt(int flen, unsigned char *from, +static int RSA_null_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); return -1; } -static int RSA_null_private_encrypt(int flen, unsigned char *from, +static int RSA_null_private_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); return -1; } -static int RSA_null_private_decrypt(int flen, unsigned char *from, +static int RSA_null_private_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); return -1; } -static int RSA_null_public_decrypt(int flen, unsigned char *from, +static int RSA_null_public_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c index fd0b7f361f..8d306d1ead 100644 --- a/crypto/rsa/rsa_oaep.c +++ b/crypto/rsa/rsa_oaep.c @@ -2,7 +2,22 @@ /* Written by Ulf Moeller. This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. */ -/* EME_OAEP as defined in RFC 2437 (PKCS #1 v2.0) */ +/* EME-OAEP as defined in RFC 2437 (PKCS #1 v2.0) */ + +/* See Victor Shoup, "OAEP reconsidered," Nov. 2000, + * <URL: http://www.shoup.net/papers/oaep.ps.Z> + * for problems with the security proof for the + * original OAEP scheme, which EME-OAEP is based on. + * + * Note that for RSA OAEP a security proof in the + * random oracle model *does* exist if 160 < log_2(N/e); + * cf. section 7.2 ("But RSA-OAEP with exponent 3 is + * provably secure") of Shoup's paper. (The slight + * differences between the OAEP definition used by Shoup + * and OAEP as defined in RFC 2437 should not affect + * this result.) + */ + #if !defined(NO_SHA) && !defined(NO_SHA1) #include <stdio.h> @@ -12,10 +27,12 @@ #include <openssl/sha.h> #include <openssl/rand.h> -int MGF1(unsigned char *mask, long len, unsigned char *seed, long seedlen); +int MGF1(unsigned char *mask, long len, + const unsigned char *seed, long seedlen); int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, - unsigned char *from, int flen, unsigned char *param, int plen) + const unsigned char *from, int flen, + const unsigned char *param, int plen) { int i, emlen = tlen - 1; unsigned char *db, *seed; @@ -71,11 +88,11 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, } int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, - unsigned char *from, int flen, int num, unsigned char *param, - int plen) + const unsigned char *from, int flen, int num, + const unsigned char *param, int plen) { int i, dblen, mlen = -1; - unsigned char *maskeddb; + const unsigned char *maskeddb; int lzero; unsigned char *db, seed[SHA_DIGEST_LENGTH], phash[SHA_DIGEST_LENGTH]; @@ -132,7 +149,8 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, return (mlen); } -int MGF1(unsigned char *mask, long len, unsigned char *seed, long seedlen) +int MGF1(unsigned char *mask, long len, + const unsigned char *seed, long seedlen) { long i, outlen = 0; unsigned char cnt[4]; diff --git a/crypto/rsa/rsa_pk1.c b/crypto/rsa/rsa_pk1.c index 48a32bc264..c1edd6764f 100644 --- a/crypto/rsa/rsa_pk1.c +++ b/crypto/rsa/rsa_pk1.c @@ -63,7 +63,7 @@ #include <openssl/rand.h> int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen, - unsigned char *from, int flen) + const unsigned char *from, int flen) { int j; unsigned char *p; @@ -89,10 +89,10 @@ int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen, } int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen, - unsigned char *from, int flen, int num) + const unsigned char *from, int flen, int num) { int i,j; - unsigned char *p; + const unsigned char *p; p=from; if ((num != (flen+1)) || (*(p++) != 01)) @@ -141,7 +141,7 @@ int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen, } int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen, - unsigned char *from, int flen) + const unsigned char *from, int flen) { int i,j; unsigned char *p; @@ -179,10 +179,10 @@ int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen, } int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, - unsigned char *from, int flen, int num) + const unsigned char *from, int flen, int num) { int i,j; - unsigned char *p; + const unsigned char *p; p=from; if ((num != (flen+1)) || (*(p++) != 02)) diff --git a/crypto/rsa/rsa_saos.c b/crypto/rsa/rsa_saos.c index c77f4381ff..85adacc08f 100644 --- a/crypto/rsa/rsa_saos.c +++ b/crypto/rsa/rsa_saos.c @@ -63,8 +63,9 @@ #include <openssl/objects.h> #include <openssl/x509.h> -int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, - unsigned char *sigret, unsigned int *siglen, RSA *rsa) +int RSA_sign_ASN1_OCTET_STRING(int type, + const unsigned char *m, unsigned int m_len, + unsigned char *sigret, unsigned int *siglen, RSA *rsa) { ASN1_OCTET_STRING sig; int i,j,ret=1; @@ -72,7 +73,7 @@ int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, sig.type=V_ASN1_OCTET_STRING; sig.length=m_len; - sig.data=m; + sig.data=(unsigned char *)m; i=i2d_ASN1_OCTET_STRING(&sig,NULL); j=RSA_size(rsa); @@ -100,9 +101,10 @@ int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, return(ret); } -int RSA_verify_ASN1_OCTET_STRING(int dtype, unsigned char *m, - unsigned int m_len, unsigned char *sigbuf, unsigned int siglen, - RSA *rsa) +int RSA_verify_ASN1_OCTET_STRING(int dtype, + const unsigned char *m, + unsigned int m_len, unsigned char *sigbuf, unsigned int siglen, + RSA *rsa) { int i,ret=0; unsigned char *p,*s; diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c index cf00876292..80a22e8abc 100644 --- a/crypto/rsa/rsa_sign.c +++ b/crypto/rsa/rsa_sign.c @@ -67,13 +67,14 @@ /* Size of an SSL signature: MD5+SHA1 */ #define SSL_SIG_LENGTH 36 -int RSA_sign(int type, unsigned char *m, unsigned int m_len, +int RSA_sign(int type, const unsigned char *m, unsigned int m_len, unsigned char *sigret, unsigned int *siglen, RSA *rsa) { X509_SIG sig; ASN1_TYPE parameter; int i,j,ret=1; - unsigned char *p,*s = NULL; + unsigned char *p, *tmps = NULL; + const unsigned char *s = NULL; X509_ALGOR algor; ASN1_OCTET_STRING digest; if(rsa->flags & RSA_FLAG_SIGN_VER) @@ -105,7 +106,7 @@ int RSA_sign(int type, unsigned char *m, unsigned int m_len, sig.algor->parameter= ¶meter; sig.digest= &digest; - sig.digest->data=m; + sig.digest->data=(unsigned char *)m; /* TMP UGLY CAST */ sig.digest->length=m_len; i=i2d_X509_SIG(&sig,NULL); @@ -117,14 +118,15 @@ int RSA_sign(int type, unsigned char *m, unsigned int m_len, return(0); } if(type != NID_md5_sha1) { - s=(unsigned char *)OPENSSL_malloc((unsigned int)j+1); - if (s == NULL) + tmps=(unsigned char *)OPENSSL_malloc((unsigned int)j+1); + if (tmps == NULL) { RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE); return(0); } - p=s; + p=tmps; i2d_X509_SIG(&sig,&p); + s=tmps; } i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING); if (i <= 0) @@ -133,13 +135,13 @@ int RSA_sign(int type, unsigned char *m, unsigned int m_len, *siglen=i; if(type != NID_md5_sha1) { - memset(s,0,(unsigned int)j+1); - OPENSSL_free(s); + memset(tmps,0,(unsigned int)j+1); + OPENSSL_free(tmps); } return(ret); } -int RSA_verify(int dtype, unsigned char *m, unsigned int m_len, +int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, unsigned char *sigbuf, unsigned int siglen, RSA *rsa) { int i,ret=0,sigtype; diff --git a/crypto/rsa/rsa_ssl.c b/crypto/rsa/rsa_ssl.c index 482f4a8273..ea72629494 100644 --- a/crypto/rsa/rsa_ssl.c +++ b/crypto/rsa/rsa_ssl.c @@ -62,8 +62,8 @@ #include <openssl/rsa.h> #include <openssl/rand.h> -int RSA_padding_add_SSLv23(unsigned char *to, int tlen, unsigned char *from, - int flen) +int RSA_padding_add_SSLv23(unsigned char *to, int tlen, + const unsigned char *from, int flen) { int i,j; unsigned char *p; @@ -102,11 +102,11 @@ int RSA_padding_add_SSLv23(unsigned char *to, int tlen, unsigned char *from, return(1); } -int RSA_padding_check_SSLv23(unsigned char *to, int tlen, unsigned char *from, - int flen, int num) +int RSA_padding_check_SSLv23(unsigned char *to, int tlen, + const unsigned char *from, int flen, int num) { int i,j,k; - unsigned char *p; + const unsigned char *p; p=from; if (flen < 10) diff --git a/crypto/stack/safestack.h b/crypto/stack/safestack.h index c070bbe0f9..67bce3f5ea 100644 --- a/crypto/stack/safestack.h +++ b/crypto/stack/safestack.h @@ -504,6 +504,46 @@ STACK_OF(type) \ #define sk_NAME_FUNCS_pop(st) SKM_sk_pop(NAME_FUNCS, (st)) #define sk_NAME_FUNCS_sort(st) SKM_sk_sort(NAME_FUNCS, (st)) +#define sk_OCSP_ONEREQ_new(st) SKM_sk_new(OCSP_ONEREQ, (st)) +#define sk_OCSP_ONEREQ_new_null() SKM_sk_new_null(OCSP_ONEREQ) +#define sk_OCSP_ONEREQ_free(st) SKM_sk_free(OCSP_ONEREQ, (st)) +#define sk_OCSP_ONEREQ_num(st) SKM_sk_num(OCSP_ONEREQ, (st)) +#define sk_OCSP_ONEREQ_value(st, i) SKM_sk_value(OCSP_ONEREQ, (st), (i)) +#define sk_OCSP_ONEREQ_set(st, i, val) SKM_sk_set(OCSP_ONEREQ, (st), (i), (val)) +#define sk_OCSP_ONEREQ_zero(st) SKM_sk_zero(OCSP_ONEREQ, (st)) +#define sk_OCSP_ONEREQ_push(st, val) SKM_sk_push(OCSP_ONEREQ, (st), (val)) +#define sk_OCSP_ONEREQ_unshift(st, val) SKM_sk_unshift(OCSP_ONEREQ, (st), (val)) +#define sk_OCSP_ONEREQ_find(st, val) SKM_sk_find(OCSP_ONEREQ, (st), (val)) +#define sk_OCSP_ONEREQ_delete(st, i) SKM_sk_delete(OCSP_ONEREQ, (st), (i)) +#define sk_OCSP_ONEREQ_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_ONEREQ, (st), (ptr)) +#define sk_OCSP_ONEREQ_insert(st, val, i) SKM_sk_insert(OCSP_ONEREQ, (st), (val), (i)) +#define sk_OCSP_ONEREQ_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_ONEREQ, (st), (cmp)) +#define sk_OCSP_ONEREQ_dup(st) SKM_sk_dup(OCSP_ONEREQ, st) +#define sk_OCSP_ONEREQ_pop_free(st, free_func) SKM_sk_pop_free(OCSP_ONEREQ, (st), (free_func)) +#define sk_OCSP_ONEREQ_shift(st) SKM_sk_shift(OCSP_ONEREQ, (st)) +#define sk_OCSP_ONEREQ_pop(st) SKM_sk_pop(OCSP_ONEREQ, (st)) +#define sk_OCSP_ONEREQ_sort(st) SKM_sk_sort(OCSP_ONEREQ, (st)) + +#define sk_OCSP_SINGLERESP_new(st) SKM_sk_new(OCSP_SINGLERESP, (st)) +#define sk_OCSP_SINGLERESP_new_null() SKM_sk_new_null(OCSP_SINGLERESP) +#define sk_OCSP_SINGLERESP_free(st) SKM_sk_free(OCSP_SINGLERESP, (st)) +#define sk_OCSP_SINGLERESP_num(st) SKM_sk_num(OCSP_SINGLERESP, (st)) +#define sk_OCSP_SINGLERESP_value(st, i) SKM_sk_value(OCSP_SINGLERESP, (st), (i)) +#define sk_OCSP_SINGLERESP_set(st, i, val) SKM_sk_set(OCSP_SINGLERESP, (st), (i), (val)) +#define sk_OCSP_SINGLERESP_zero(st) SKM_sk_zero(OCSP_SINGLERESP, (st)) +#define sk_OCSP_SINGLERESP_push(st, val) SKM_sk_push(OCSP_SINGLERESP, (st), (val)) +#define sk_OCSP_SINGLERESP_unshift(st, val) SKM_sk_unshift(OCSP_SINGLERESP, (st), (val)) +#define sk_OCSP_SINGLERESP_find(st, val) SKM_sk_find(OCSP_SINGLERESP, (st), (val)) +#define sk_OCSP_SINGLERESP_delete(st, i) SKM_sk_delete(OCSP_SINGLERESP, (st), (i)) +#define sk_OCSP_SINGLERESP_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_SINGLERESP, (st), (ptr)) +#define sk_OCSP_SINGLERESP_insert(st, val, i) SKM_sk_insert(OCSP_SINGLERESP, (st), (val), (i)) +#define sk_OCSP_SINGLERESP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_SINGLERESP, (st), (cmp)) +#define sk_OCSP_SINGLERESP_dup(st) SKM_sk_dup(OCSP_SINGLERESP, st) +#define sk_OCSP_SINGLERESP_pop_free(st, free_func) SKM_sk_pop_free(OCSP_SINGLERESP, (st), (free_func)) +#define sk_OCSP_SINGLERESP_shift(st) SKM_sk_shift(OCSP_SINGLERESP, (st)) +#define sk_OCSP_SINGLERESP_pop(st) SKM_sk_pop(OCSP_SINGLERESP, (st)) +#define sk_OCSP_SINGLERESP_sort(st) SKM_sk_sort(OCSP_SINGLERESP, (st)) + #define sk_PKCS12_SAFEBAG_new(st) SKM_sk_new(PKCS12_SAFEBAG, (st)) #define sk_PKCS12_SAFEBAG_new_null() SKM_sk_new_null(PKCS12_SAFEBAG) #define sk_PKCS12_SAFEBAG_free(st) SKM_sk_free(PKCS12_SAFEBAG, (st)) @@ -1018,6 +1058,24 @@ STACK_OF(type) \ #define ASN1_seq_unpack_GENERAL_NAME(buf, len, d2i_func, free_func) \ SKM_ASN1_seq_unpack(GENERAL_NAME, (buf), (len), (d2i_func), (free_func)) +#define d2i_ASN1_SET_OF_OCSP_ONEREQ(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ + SKM_ASN1_SET_OF_d2i(OCSP_ONEREQ, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) +#define i2d_ASN1_SET_OF_OCSP_ONEREQ(st, pp, i2d_func, ex_tag, ex_class, is_set) \ + SKM_ASN1_SET_OF_i2d(OCSP_ONEREQ, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set)) +#define ASN1_seq_pack_OCSP_ONEREQ(st, i2d_func, buf, len) \ + SKM_ASN1_seq_pack(OCSP_ONEREQ, (st), (i2d_func), (buf), (len)) +#define ASN1_seq_unpack_OCSP_ONEREQ(buf, len, d2i_func, free_func) \ + SKM_ASN1_seq_unpack(OCSP_ONEREQ, (buf), (len), (d2i_func), (free_func)) + +#define d2i_ASN1_SET_OF_OCSP_SINGLERESP(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ + SKM_ASN1_SET_OF_d2i(OCSP_SINGLERESP, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) +#define i2d_ASN1_SET_OF_OCSP_SINGLERESP(st, pp, i2d_func, ex_tag, ex_class, is_set) \ + SKM_ASN1_SET_OF_i2d(OCSP_SINGLERESP, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set)) +#define ASN1_seq_pack_OCSP_SINGLERESP(st, i2d_func, buf, len) \ + SKM_ASN1_seq_pack(OCSP_SINGLERESP, (st), (i2d_func), (buf), (len)) +#define ASN1_seq_unpack_OCSP_SINGLERESP(buf, len, d2i_func, free_func) \ + SKM_ASN1_seq_unpack(OCSP_SINGLERESP, (buf), (len), (d2i_func), (free_func)) + #define d2i_ASN1_SET_OF_PKCS12_SAFEBAG(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ SKM_ASN1_SET_OF_d2i(PKCS12_SAFEBAG, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) #define i2d_ASN1_SET_OF_PKCS12_SAFEBAG(st, pp, i2d_func, ex_tag, ex_class, is_set) \ diff --git a/crypto/txt_db/txt_db.c b/crypto/txt_db/txt_db.c index 3b04fe280c..eb13f6040a 100644 --- a/crypto/txt_db/txt_db.c +++ b/crypto/txt_db/txt_db.c @@ -211,7 +211,7 @@ char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value) } int TXT_DB_create_index(TXT_DB *db, int field, int (*qual)(), - unsigned long (*hash)(), int (*cmp)()) + LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp) { LHASH *idx; char *r; diff --git a/crypto/txt_db/txt_db.h b/crypto/txt_db/txt_db.h index 342533d40d..e530af6605 100644 --- a/crypto/txt_db/txt_db.h +++ b/crypto/txt_db/txt_db.h @@ -96,7 +96,7 @@ TXT_DB *TXT_DB_read(char *in, int num); long TXT_DB_write(char *out, TXT_DB *db); #endif int TXT_DB_create_index(TXT_DB *db,int field,int (*qual)(), - unsigned long (*hash)(),int (*cmp)()); + LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp); void TXT_DB_free(TXT_DB *db); char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value); int TXT_DB_insert(TXT_DB *db,char **value); diff --git a/crypto/x509/Makefile.ssl b/crypto/x509/Makefile.ssl index 848364de9e..c3ee997b8b 100644 --- a/crypto/x509/Makefile.ssl +++ b/crypto/x509/Makefile.ssl @@ -103,12 +103,12 @@ by_dir.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h by_dir.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h by_dir.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h by_dir.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -by_dir.o: ../../include/openssl/rijndael-alg-fst.h -by_dir.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -by_dir.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -by_dir.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -by_dir.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -by_dir.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +by_dir.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +by_dir.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +by_dir.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +by_dir.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +by_dir.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +by_dir.o: ../cryptlib.h by_file.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h by_file.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h by_file.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -124,12 +124,12 @@ by_file.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h by_file.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h by_file.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h by_file.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -by_file.o: ../../include/openssl/rijndael-alg-fst.h -by_file.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -by_file.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -by_file.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -by_file.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -by_file.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +by_file.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +by_file.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +by_file.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +by_file.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +by_file.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +by_file.o: ../cryptlib.h x509_att.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h x509_att.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h x509_att.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -145,8 +145,7 @@ x509_att.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_att.o: ../../include/openssl/opensslconf.h x509_att.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509_att.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509_att.o: ../../include/openssl/rc5.h -x509_att.o: ../../include/openssl/rijndael-alg-fst.h +x509_att.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509_att.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509_att.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509_att.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -168,8 +167,7 @@ x509_cmp.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_cmp.o: ../../include/openssl/opensslconf.h x509_cmp.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509_cmp.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509_cmp.o: ../../include/openssl/rc5.h -x509_cmp.o: ../../include/openssl/rijndael-alg-fst.h +x509_cmp.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509_cmp.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509_cmp.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509_cmp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -190,12 +188,12 @@ x509_d2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_d2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h x509_d2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h x509_d2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_d2.o: ../../include/openssl/rijndael-alg-fst.h -x509_d2.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -x509_d2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -x509_d2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x509_d2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -x509_d2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +x509_d2.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +x509_d2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +x509_d2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +x509_d2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +x509_d2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +x509_d2.o: ../cryptlib.h x509_def.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h x509_def.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h x509_def.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -210,8 +208,7 @@ x509_def.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_def.o: ../../include/openssl/opensslconf.h x509_def.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509_def.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509_def.o: ../../include/openssl/rc5.h -x509_def.o: ../../include/openssl/rijndael-alg-fst.h +x509_def.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509_def.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509_def.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509_def.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -230,8 +227,7 @@ x509_err.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h x509_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x509_err.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509_err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509_err.o: ../../include/openssl/rc5.h -x509_err.o: ../../include/openssl/rijndael-alg-fst.h +x509_err.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509_err.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509_err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -252,8 +248,7 @@ x509_ext.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_ext.o: ../../include/openssl/opensslconf.h x509_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509_ext.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509_ext.o: ../../include/openssl/rc5.h -x509_ext.o: ../../include/openssl/rijndael-alg-fst.h +x509_ext.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509_ext.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509_ext.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509_ext.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -274,12 +269,12 @@ x509_lu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_lu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h x509_lu.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h x509_lu.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_lu.o: ../../include/openssl/rijndael-alg-fst.h -x509_lu.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -x509_lu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -x509_lu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x509_lu.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -x509_lu.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +x509_lu.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +x509_lu.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +x509_lu.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +x509_lu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +x509_lu.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +x509_lu.o: ../cryptlib.h x509_obj.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h x509_obj.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h x509_obj.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -294,8 +289,7 @@ x509_obj.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_obj.o: ../../include/openssl/opensslconf.h x509_obj.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509_obj.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509_obj.o: ../../include/openssl/rc5.h -x509_obj.o: ../../include/openssl/rijndael-alg-fst.h +x509_obj.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509_obj.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509_obj.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509_obj.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -315,8 +309,7 @@ x509_r2x.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_r2x.o: ../../include/openssl/opensslconf.h x509_r2x.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509_r2x.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509_r2x.o: ../../include/openssl/rc5.h -x509_r2x.o: ../../include/openssl/rijndael-alg-fst.h +x509_r2x.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509_r2x.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509_r2x.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509_r2x.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -337,8 +330,7 @@ x509_req.o: ../../include/openssl/opensslconf.h x509_req.o: ../../include/openssl/opensslv.h ../../include/openssl/pem.h x509_req.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h x509_req.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509_req.o: ../../include/openssl/rc5.h -x509_req.o: ../../include/openssl/rijndael-alg-fst.h +x509_req.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509_req.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -358,8 +350,7 @@ x509_set.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_set.o: ../../include/openssl/opensslconf.h x509_set.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509_set.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509_set.o: ../../include/openssl/rc5.h -x509_set.o: ../../include/openssl/rijndael-alg-fst.h +x509_set.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509_set.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509_set.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509_set.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -380,8 +371,7 @@ x509_trs.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_trs.o: ../../include/openssl/opensslconf.h x509_trs.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509_trs.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509_trs.o: ../../include/openssl/rc5.h -x509_trs.o: ../../include/openssl/rijndael-alg-fst.h +x509_trs.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509_trs.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509_trs.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509_trs.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -402,8 +392,7 @@ x509_txt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_txt.o: ../../include/openssl/opensslconf.h x509_txt.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509_txt.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509_txt.o: ../../include/openssl/rc5.h -x509_txt.o: ../../include/openssl/rijndael-alg-fst.h +x509_txt.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509_txt.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509_txt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509_txt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -424,13 +413,12 @@ x509_v3.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_v3.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h x509_v3.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h x509_v3.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_v3.o: ../../include/openssl/rijndael-alg-fst.h -x509_v3.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -x509_v3.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -x509_v3.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x509_v3.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -x509_v3.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -x509_v3.o: ../cryptlib.h +x509_v3.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +x509_v3.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +x509_v3.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +x509_v3.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +x509_v3.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +x509_v3.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_vfy.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h x509_vfy.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h x509_vfy.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -446,8 +434,7 @@ x509_vfy.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_vfy.o: ../../include/openssl/opensslconf.h x509_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509_vfy.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509_vfy.o: ../../include/openssl/rc5.h -x509_vfy.o: ../../include/openssl/rijndael-alg-fst.h +x509_vfy.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509_vfy.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509_vfy.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509_vfy.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -468,8 +455,7 @@ x509name.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509name.o: ../../include/openssl/opensslconf.h x509name.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509name.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509name.o: ../../include/openssl/rc5.h -x509name.o: ../../include/openssl/rijndael-alg-fst.h +x509name.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509name.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509name.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509name.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -489,8 +475,7 @@ x509rset.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509rset.o: ../../include/openssl/opensslconf.h x509rset.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509rset.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509rset.o: ../../include/openssl/rc5.h -x509rset.o: ../../include/openssl/rijndael-alg-fst.h +x509rset.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509rset.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509rset.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509rset.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -510,8 +495,7 @@ x509spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509spki.o: ../../include/openssl/opensslconf.h x509spki.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509spki.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509spki.o: ../../include/openssl/rc5.h -x509spki.o: ../../include/openssl/rijndael-alg-fst.h +x509spki.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509spki.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509spki.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -531,8 +515,7 @@ x509type.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509type.o: ../../include/openssl/opensslconf.h x509type.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509type.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509type.o: ../../include/openssl/rc5.h -x509type.o: ../../include/openssl/rijndael-alg-fst.h +x509type.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509type.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509type.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509type.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -552,9 +535,9 @@ x_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h x_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h x_all.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x_all.o: ../../include/openssl/rijndael-alg-fst.h -x_all.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -x_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -x_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_all.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -x_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +x_all.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +x_all.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +x_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +x_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +x_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +x_all.o: ../cryptlib.h diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h index 63ed24cee2..82714b7601 100644 --- a/crypto/x509/x509.h +++ b/crypto/x509/x509.h @@ -984,6 +984,7 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase); int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags); int X509_print_ex(BIO *bp,X509 *x, unsigned long nmflag, unsigned long cflag); int X509_print(BIO *bp,X509 *x); +int X509_ocspid_print(BIO *bp,X509 *x); int X509_CERT_AUX_print(BIO *bp,X509_CERT_AUX *x, int indent); int X509_CRL_print(BIO *bp,X509_CRL *x); int X509_REQ_print(BIO *bp,X509_REQ *req); diff --git a/crypto/x509v3/Makefile.ssl b/crypto/x509v3/Makefile.ssl index 5335ff5ae2..0c59c84041 100644 --- a/crypto/x509v3/Makefile.ssl +++ b/crypto/x509v3/Makefile.ssl @@ -98,7 +98,7 @@ v3_akey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h v3_akey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3_akey.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h v3_akey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_akey.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +v3_akey.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h v3_akey.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h v3_akey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h v3_akey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -120,13 +120,12 @@ v3_alt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_alt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_alt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h v3_alt.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_alt.o: ../../include/openssl/rijndael-alg-fst.h -v3_alt.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -v3_alt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_alt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_alt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -v3_alt.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_alt.o: ../cryptlib.h +v3_alt.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +v3_alt.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +v3_alt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_alt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_alt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_alt.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_bcons.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h v3_bcons.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h v3_bcons.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h @@ -142,8 +141,7 @@ v3_bcons.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h v3_bcons.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3_bcons.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h v3_bcons.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_bcons.o: ../../include/openssl/rc5.h -v3_bcons.o: ../../include/openssl/rijndael-alg-fst.h +v3_bcons.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h v3_bcons.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h v3_bcons.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h v3_bcons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -165,8 +163,7 @@ v3_bitst.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_bitst.o: ../../include/openssl/opensslconf.h v3_bitst.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h v3_bitst.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_bitst.o: ../../include/openssl/rc5.h -v3_bitst.o: ../../include/openssl/rijndael-alg-fst.h +v3_bitst.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h v3_bitst.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h v3_bitst.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h v3_bitst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -188,13 +185,12 @@ v3_conf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_conf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_conf.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h v3_conf.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_conf.o: ../../include/openssl/rijndael-alg-fst.h -v3_conf.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -v3_conf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_conf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_conf.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -v3_conf.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_conf.o: ../cryptlib.h +v3_conf.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +v3_conf.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +v3_conf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_conf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_conf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_conf.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_cpols.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h v3_cpols.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h v3_cpols.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h @@ -210,8 +206,7 @@ v3_cpols.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h v3_cpols.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3_cpols.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h v3_cpols.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_cpols.o: ../../include/openssl/rc5.h -v3_cpols.o: ../../include/openssl/rijndael-alg-fst.h +v3_cpols.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h v3_cpols.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h v3_cpols.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h v3_cpols.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -233,7 +228,7 @@ v3_crld.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h v3_crld.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3_crld.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h v3_crld.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_crld.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +v3_crld.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h v3_crld.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h v3_crld.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h v3_crld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -255,13 +250,12 @@ v3_enum.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_enum.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_enum.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h v3_enum.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_enum.o: ../../include/openssl/rijndael-alg-fst.h -v3_enum.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -v3_enum.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_enum.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_enum.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -v3_enum.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_enum.o: ../cryptlib.h +v3_enum.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +v3_enum.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +v3_enum.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_enum.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_enum.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_extku.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h v3_extku.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h v3_extku.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h @@ -277,8 +271,7 @@ v3_extku.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h v3_extku.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3_extku.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h v3_extku.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_extku.o: ../../include/openssl/rc5.h -v3_extku.o: ../../include/openssl/rijndael-alg-fst.h +v3_extku.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h v3_extku.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h v3_extku.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h v3_extku.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -300,7 +293,7 @@ v3_genn.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h v3_genn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3_genn.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h v3_genn.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_genn.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +v3_genn.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h v3_genn.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h v3_genn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h v3_genn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -322,13 +315,12 @@ v3_ia5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_ia5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_ia5.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h v3_ia5.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_ia5.o: ../../include/openssl/rijndael-alg-fst.h -v3_ia5.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -v3_ia5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_ia5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_ia5.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -v3_ia5.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_ia5.o: ../cryptlib.h +v3_ia5.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +v3_ia5.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +v3_ia5.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_ia5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_ia5.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_ia5.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_info.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h v3_info.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h v3_info.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h @@ -344,7 +336,7 @@ v3_info.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h v3_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3_info.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h v3_info.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_info.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +v3_info.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h v3_info.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h v3_info.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h v3_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -366,13 +358,12 @@ v3_int.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_int.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_int.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h v3_int.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_int.o: ../../include/openssl/rijndael-alg-fst.h -v3_int.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -v3_int.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_int.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_int.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -v3_int.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_int.o: ../cryptlib.h +v3_int.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +v3_int.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +v3_int.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_int.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_int.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_int.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h v3_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h v3_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -388,13 +379,12 @@ v3_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h v3_lib.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_lib.o: ../../include/openssl/rijndael-alg-fst.h -v3_lib.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -v3_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -v3_lib.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_lib.o: ../cryptlib.h ext_dat.h +v3_lib.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +v3_lib.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +v3_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_lib.o: ../../include/openssl/x509v3.h ../cryptlib.h ext_dat.h v3_pku.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h v3_pku.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h v3_pku.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h @@ -410,7 +400,7 @@ v3_pku.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h v3_pku.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3_pku.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h v3_pku.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_pku.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +v3_pku.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h v3_pku.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h v3_pku.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h v3_pku.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -432,13 +422,12 @@ v3_prn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_prn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_prn.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h v3_prn.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_prn.o: ../../include/openssl/rijndael-alg-fst.h -v3_prn.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -v3_prn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_prn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_prn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -v3_prn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_prn.o: ../cryptlib.h +v3_prn.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +v3_prn.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +v3_prn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_prn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_prn.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_purp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h v3_purp.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h v3_purp.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -454,13 +443,12 @@ v3_purp.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_purp.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_purp.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h v3_purp.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_purp.o: ../../include/openssl/rijndael-alg-fst.h -v3_purp.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -v3_purp.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_purp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_purp.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -v3_purp.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_purp.o: ../cryptlib.h +v3_purp.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +v3_purp.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +v3_purp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_purp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_purp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_purp.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_skey.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h v3_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h v3_skey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -476,13 +464,12 @@ v3_skey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_skey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h v3_skey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_skey.o: ../../include/openssl/rijndael-alg-fst.h -v3_skey.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -v3_skey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_skey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_skey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -v3_skey.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_skey.o: ../cryptlib.h +v3_skey.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +v3_skey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +v3_skey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_skey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_skey.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_sxnet.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h v3_sxnet.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h v3_sxnet.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h @@ -498,8 +485,7 @@ v3_sxnet.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h v3_sxnet.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3_sxnet.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h v3_sxnet.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_sxnet.o: ../../include/openssl/rc5.h -v3_sxnet.o: ../../include/openssl/rijndael-alg-fst.h +v3_sxnet.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h v3_sxnet.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h v3_sxnet.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h v3_sxnet.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -521,13 +507,12 @@ v3_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_utl.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h v3_utl.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_utl.o: ../../include/openssl/rijndael-alg-fst.h -v3_utl.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -v3_utl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_utl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_utl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -v3_utl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_utl.o: ../cryptlib.h +v3_utl.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +v3_utl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +v3_utl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_utl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_utl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_utl.o: ../../include/openssl/x509v3.h ../cryptlib.h v3err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h v3err.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h v3err.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -542,7 +527,7 @@ v3err.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h v3err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3err.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h v3err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3err.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +v3err.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h v3err.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h v3err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h v3err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h diff --git a/crypto/x509v3/v3_info.c b/crypto/x509v3/v3_info.c index 543bd4f0be..35d95ad51c 100644 --- a/crypto/x509v3/v3_info.c +++ b/crypto/x509v3/v3_info.c @@ -174,3 +174,12 @@ static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *metho sk_ACCESS_DESCRIPTION_pop_free(ainfo, ACCESS_DESCRIPTION_free); return NULL; } + +int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a) + { + i2a_ASN1_OBJECT(bp, a->method); +#ifdef UNDEF + i2a_GENERAL_NAME(bp, a->location); +#endif + return 2; + } diff --git a/crypto/x509v3/x509v3.h b/crypto/x509v3/x509v3.h index f777f07442..fb70fde1b5 100644 --- a/crypto/x509v3/x509v3.h +++ b/crypto/x509v3/x509v3.h @@ -432,6 +432,7 @@ char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5); ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); DECLARE_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE) +int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a); DECLARE_ASN1_FUNCTIONS(CERTIFICATEPOLICIES) DECLARE_ASN1_FUNCTIONS(POLICYINFO) diff --git a/demos/state_machine/state_machine.c b/demos/state_machine/state_machine.c index 0140fbca70..9cede29350 100644 --- a/demos/state_machine/state_machine.c +++ b/demos/state_machine/state_machine.c @@ -347,7 +347,7 @@ int main(int argc,char **argv) } /* FIXME: we should only extract if stdout is ready */ - n=SSLStateMachine_read_extract(pMachine,buf,n); + n=SSLStateMachine_read_extract(pMachine,buf,sizeof buf); if(n < 0) { SSLStateMachine_print_error(pMachine,"read extract failed"); diff --git a/doc/apps/passwd.pod b/doc/apps/passwd.pod index 6e098940c7..07d849c824 100644 --- a/doc/apps/passwd.pod +++ b/doc/apps/passwd.pod @@ -13,6 +13,7 @@ B<openssl passwd> [B<-salt> I<string>] [B<-in> I<file>] [B<-stdin>] +[B<-noverify>] [B<-quiet>] [B<-table>] {I<password>} @@ -22,7 +23,7 @@ B<openssl passwd> The B<passwd> command computes the hash of a password typed at run-time or the hash of each password in a list. The password list is taken from the named file for option B<-in file>, from stdin for -option B<-stdin>, and from the command line otherwise. +option B<-stdin>, or from the command line, or from the terminal otherwise. The Unix standard algorithm B<crypt> and the MD5-based BSD password algorithm B<1> and its Apache variant B<apr1> are available. @@ -45,6 +46,7 @@ Use the B<apr1> algorithm (Apache variant of the BSD algorithm). =item B<-salt> I<string> Use the specified salt. +When reading a password from the terminal, this implies B<-noverify>. =item B<-in> I<file> @@ -54,6 +56,10 @@ Read passwords from I<file>. Read passwords from B<stdin>. +=item B<-noverify> + +Don't verify when reading a password from the terminal. + =item B<-quiet> Don't output warnings when passwords given at the command line are truncated. diff --git a/doc/crypto/BIO_new_bio_pair.pod b/doc/crypto/BIO_new_bio_pair.pod index 2256ba9d34..58a3fb2a9d 100644 --- a/doc/crypto/BIO_new_bio_pair.pod +++ b/doc/crypto/BIO_new_bio_pair.pod @@ -12,7 +12,8 @@ BIO_new_bio_pair - create a new BIO pair =head1 DESCRIPTION -BIO_new_bio_pair() creates a buffering BIO pair. It has two endpoints between +BIO_new_bio_pair() creates a buffering BIO pair based on the +L<SSL_set_bio(3)|SSL_set_bio(3)> method. The BIO pair has two endpoints between which data can be buffered. Its typical use is to connect one endpoint as underlying input/output BIO to an SSL and access the other one controlled by the program instead of accessing the network connection directly. diff --git a/doc/crypto/BN_add.pod b/doc/crypto/BN_add.pod index 0541d45643..57ae2f17af 100644 --- a/doc/crypto/BN_add.pod +++ b/doc/crypto/BN_add.pod @@ -2,8 +2,9 @@ =head1 NAME -BN_add, BN_sub, BN_mul, BN_div, BN_sqr, BN_mod, BN_mod_mul, BN_exp, -BN_mod_exp, BN_gcd - arithmetic operations on BIGNUMs +BN_add, BN_sub, BN_mul, BN_sqr, BN_div, BN_mod, BN_nnmod, BN_mod_add, +BN_mod_sub, BN_mod_mul, BN_mod_sqr, BN_exp, BN_mod_exp, BN_gcd - +arithmetic operations on BIGNUMs =head1 SYNOPSIS @@ -15,16 +16,26 @@ BN_mod_exp, BN_gcd - arithmetic operations on BIGNUMs int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx); + int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx); + int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d, BN_CTX *ctx); - int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx); - int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); - int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m, + int BN_nnmod(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); + + int BN_mod_add(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m, + BN_CTX *ctx); + + int BN_mod_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m, + BN_CTX *ctx); + + int BN_mod_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); + int BN_mod_sqr(BIGNUM *r, BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); + int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx); int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, @@ -34,45 +45,59 @@ BN_mod_exp, BN_gcd - arithmetic operations on BIGNUMs =head1 DESCRIPTION -BN_add() adds B<a> and B<b> and places the result in B<r> (C<r=a+b>). -B<r> may be the same B<BIGNUM> as B<a> or B<b>. +BN_add() adds I<a> and I<b> and places the result in I<r> (C<r=a+b>). +I<r> may be the same B<BIGNUM> as I<a> or I<b>. -BN_sub() subtracts B<b> from B<a> and places the result in B<r> (C<r=a-b>). +BN_sub() subtracts I<b> from I<a> and places the result in I<r> (C<r=a-b>). -BN_mul() multiplies B<a> and B<b> and places the result in B<r> (C<r=a*b>). -B<r> may be the same B<BIGNUM> as B<a> or B<b>. +BN_mul() multiplies I<a> and I<b> and places the result in I<r> (C<r=a*b>). +I<r> may be the same B<BIGNUM> as I<a> or I<b>. For multiplication by powers of 2, use L<BN_lshift(3)|BN_lshift(3)>. -BN_div() divides B<a> by B<d> and places the result in B<dv> and the -remainder in B<rem> (C<dv=a/d, rem=a%d>). Either of B<dv> and B<rem> may -be NULL, in which case the respective value is not returned. +BN_sqr() takes the square of I<a> and places the result in I<r> +(C<r=a^2>). I<r> and I<a> may be the same B<BIGNUM>. +This function is faster than BN_mul(r,a,a). + +BN_div() divides I<a> by I<d> and places the result in I<dv> and the +remainder in I<rem> (C<dv=a/d, rem=a%d>). Either of I<dv> and I<rem> may +be B<NULL>, in which case the respective value is not returned. +The result is rounded towards zero; thus if I<a> is negative, the +remainder will be zero or negative. For division by powers of 2, use BN_rshift(3). -BN_sqr() takes the square of B<a> and places the result in B<r> -(C<r=a^2>). B<r> and B<a> may be the same B<BIGNUM>. -This function is faster than BN_mul(r,a,a). +BN_mod() corresponds to BN_div() with I<dv> set to B<NULL>. + +BN_nnmod() reduces I<a> modulo I<m> and places the non-negative +remainder in I<r>. + +BN_mod_add() adds I<a> to I<b> modulo I<m> and places the non-negative +result in I<r>. + +BN_mod_sub() substracts I<b> from I<a> modulo I<m> and places the +non-negative result in I<r>. -BN_mod() find the remainder of B<a> divided by B<m> and places it in -B<rem> (C<rem=a%m>). +BN_mod_mul() multiplies I<a> by I<b> and finds the non-negative +remainder respective to modulus I<m> (C<r=(a*b) mod m>). I<r> may be +the same B<BIGNUM> as I<a> or I<b>. For more efficient algorithms for +repeated computations using the same modulus, see +L<BN_mod_mul_montgomery(3)|BN_mod_mul_montgomery(3)> and +L<BN_mod_mul_reciprocal(3)|BN_mod_mul_reciprocal(3)>. -BN_mod_mul() multiplies B<a> by B<b> and finds the remainder when -divided by B<m> (C<r=(a*b)%m>). B<r> may be the same B<BIGNUM> as B<a> -or B<b>. For a more efficient algorithm, see -L<BN_mod_mul_montgomery(3)|BN_mod_mul_montgomery(3)>; for repeated -computations using the same modulus, see L<BN_mod_mul_reciprocal(3)|BN_mod_mul_reciprocal(3)>. +BN_mod_sqr() takes the square of I<a> modulo B<m> and places the +result in I<r>. -BN_exp() raises B<a> to the B<p>-th power and places the result in B<r> +BN_exp() raises I<a> to the I<p>-th power and places the result in I<r> (C<r=a^p>). This function is faster than repeated applications of BN_mul(). -BN_mod_exp() computes B<a> to the B<p>-th power modulo B<m> (C<r=a^p % +BN_mod_exp() computes I<a> to the I<p>-th power modulo I<m> (C<r=a^p % m>). This function uses less time and space than BN_exp(). -BN_gcd() computes the greatest common divisor of B<a> and B<b> and -places the result in B<r>. B<r> may be the same B<BIGNUM> as B<a> or -B<b>. +BN_gcd() computes the greatest common divisor of I<a> and I<b> and +places the result in I<r>. I<r> may be the same B<BIGNUM> as I<a> or +I<b>. -For all functions, B<ctx> is a previously allocated B<BN_CTX> used for +For all functions, I<ctx> is a previously allocated B<BN_CTX> used for temporary variables; see L<BN_CTX_new(3)|BN_CTX_new(3)>. Unless noted otherwise, the result B<BIGNUM> must be different from @@ -91,9 +116,11 @@ L<BN_add_word(3)|BN_add_word(3)>, L<BN_set_bit(3)|BN_set_bit(3)> =head1 HISTORY -BN_add(), BN_sub(), BN_div(), BN_sqr(), BN_mod(), BN_mod_mul(), +BN_add(), BN_sub(), BN_sqr(), BN_div(), BN_mod(), BN_mod_mul(), BN_mod_exp() and BN_gcd() are available in all versions of SSLeay and -OpenSSL. The B<ctx> argument to BN_mul() was added in SSLeay +OpenSSL. The I<ctx> argument to BN_mul() was added in SSLeay 0.9.1b. BN_exp() appeared in SSLeay 0.9.0. +BN_nnmod(), BN_mod_add(), BN_mod_sub(), and BN_mod_sqr() were added in +OpenSSL 0.9.7. =cut diff --git a/doc/crypto/BN_mod_mul_montgomery.pod b/doc/crypto/BN_mod_mul_montgomery.pod index 0b8ab512df..ed4af7a214 100644 --- a/doc/crypto/BN_mod_mul_montgomery.pod +++ b/doc/crypto/BN_mod_mul_montgomery.pod @@ -36,22 +36,23 @@ using the same modulus. BN_MONT_CTX_new() allocates and initializes a B<BN_MONT_CTX> structure. BN_MONT_CTX_init() initializes an existing uninitialized B<BN_MONT_CTX>. -BN_MONT_CTX_set() sets up the B<mont> structure from the modulus B<m> +BN_MONT_CTX_set() sets up the I<mont> structure from the modulus I<m> by precomputing its inverse and a value R. -BN_MONT_CTX_copy() copies the B<BN_MONT_CTX> B<from> to B<to>. +BN_MONT_CTX_copy() copies the B<BN_MONT_CTX> I<from> to I<to>. BN_MONT_CTX_free() frees the components of the B<BN_MONT_CTX>, and, if it was created by BN_MONT_CTX_new(), also the structure itself. -BN_mod_mul_montgomery() computes Mont(B<a>,B<b>):=B<a>*B<b>*R^-1 and places -the result in B<r>. +BN_mod_mul_montgomery() computes Mont(I<a>,I<b>):=I<a>*I<b>*R^-1 and places +the result in I<r>. -BN_from_montgomery() performs the Montgomery reduction B<r> = B<a>*R^-1. +BN_from_montgomery() performs the Montgomery reduction I<r> = I<a>*R^-1. -BN_to_montgomery() computes Mont(B<a>,R^2), i.e. B<a>*R. +BN_to_montgomery() computes Mont(I<a>,R^2), i.e. I<a>*R. +Note that I<a> must be non-negative and smaller than the modulus. -For all functions, B<ctx> is a previously allocated B<BN_CTX> used for +For all functions, I<ctx> is a previously allocated B<BN_CTX> used for temporary variables. The B<BN_MONT_CTX> structure is defined as follows: @@ -79,6 +80,11 @@ BN_MONT_CTX_init() and BN_MONT_CTX_free() have no return values. For the other functions, 1 is returned for success, 0 on error. The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. +=head1 WARNING + +The inputs must be reduced modulo B<m>, otherwise the result will be +outside the expected range. + =head1 SEE ALSO L<bn(3)|bn(3)>, L<err(3)|err(3)>, L<BN_add(3)|BN_add(3)>, diff --git a/doc/crypto/RSA_public_encrypt.pod b/doc/crypto/RSA_public_encrypt.pod index 02edb7aa75..e20dfcb551 100644 --- a/doc/crypto/RSA_public_encrypt.pod +++ b/doc/crypto/RSA_public_encrypt.pod @@ -74,10 +74,6 @@ SSL, PKCS #1 v2.0 L<err(3)|err(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_size(3)|RSA_size(3)> -=head1 NOTES - -The L<RSA_PKCS1_RSAref(3)|RSA_PKCS1_RSAref(3)> method supports only the RSA_PKCS1_PADDING mode. - =head1 HISTORY The B<padding> argument was added in SSLeay 0.8. RSA_NO_PADDING is diff --git a/doc/crypto/RSA_set_method.pod b/doc/crypto/RSA_set_method.pod index bc0891a445..14917dd35f 100644 --- a/doc/crypto/RSA_set_method.pod +++ b/doc/crypto/RSA_set_method.pod @@ -3,7 +3,7 @@ =head1 NAME RSA_set_default_method, RSA_get_default_method, RSA_set_method, -RSA_get_method, RSA_PKCS1_SSLeay, RSA_PKCS1_RSAref, +RSA_get_method, RSA_PKCS1_SSLeay, RSA_null_method, RSA_flags, RSA_new_method - select RSA method =head1 SYNOPSIS @@ -21,8 +21,6 @@ RSA_null_method, RSA_flags, RSA_new_method - select RSA method RSA_METHOD *RSA_PKCS1_SSLeay(void); - RSA_METHOD *RSA_PKCS1_RSAref(void); - RSA_METHOD *RSA_null_method(void); int RSA_flags(RSA *rsa); @@ -35,17 +33,8 @@ An B<RSA_METHOD> specifies the functions that OpenSSL uses for RSA operations. By modifying the method, alternative implementations such as hardware accelerators may be used. -Initially, the default is to use the OpenSSL internal implementation, -unless OpenSSL was configured with the C<rsaref> or C<-DRSA_NULL> -options. RSA_PKCS1_SSLeay() returns a pointer to that method. - -RSA_PKCS1_RSAref() returns a pointer to a method that uses the RSAref -library. This is the default method in the C<rsaref> configuration; -the function is not available in other configurations. -RSA_null_method() returns a pointer to a method that does not support -the RSA transformation. It is the default if OpenSSL is compiled with -C<-DRSA_NULL>. These methods may be useful in the USA because of a -patent on the RSA cryptosystem. +Initially, the default is to use the OpenSSL internal implementation. +RSA_PKCS1_SSLeay() returns a pointer to that method. RSA_set_default_openssl_method() makes B<meth> the default method for all B<RSA> structures created later. B<NB:> This is true only whilst the default engine @@ -132,9 +121,8 @@ the default engine for RSA operations is used. =head1 RETURN VALUES -RSA_PKCS1_SSLeay(), RSA_PKCS1_RSAref(), RSA_PKCS1_null_method(), -RSA_get_default_openssl_method() and RSA_get_method() return pointers to -the respective RSA_METHODs. +RSA_PKCS1_SSLeay(), RSA_PKCS1_null_method(), RSA_get_default_openssl_method() +and RSA_get_method() return pointers to the respective RSA_METHODs. RSA_set_default_openssl_method() returns no value. @@ -163,6 +151,6 @@ added in OpenSSL 0.9.4. RSA_set_default_openssl_method() and RSA_get_default_openssl_method() replaced RSA_set_default_method() and RSA_get_default_method() respectively, and RSA_set_method() and RSA_new_method() were altered to use B<ENGINE>s -rather than B<DH_METHOD>s during development of OpenSSL 0.9.6. +rather than B<RSA_METHOD>s during development of OpenSSL 0.9.6. =cut diff --git a/doc/crypto/bn.pod b/doc/crypto/bn.pod index 1504a1c92d..224dfe166a 100644 --- a/doc/crypto/bn.pod +++ b/doc/crypto/bn.pod @@ -21,19 +21,27 @@ bn - multiprecision integer arithmetics BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b); BIGNUM *BN_dup(const BIGNUM *a); + BIGNUM *BN_swap(BIGNUM *a, BIGNUM *b); + int BN_num_bytes(const BIGNUM *a); int BN_num_bits(const BIGNUM *a); int BN_num_bits_word(BN_ULONG w); - int BN_add(BIGNUM *r, BIGNUM *a, BIGNUM *b); + int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx); + int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx); int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d, BN_CTX *ctx); - int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx); int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); + int BN_nnmod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); + int BN_mod_add(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m, + BN_CTX *ctx); + int BN_mod_sub(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m, + BN_CTX *ctx); int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); + int BN_mod_sqr(BIGNUM *ret, BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx); int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx); @@ -137,7 +145,7 @@ of B<BIGNUM>s to external formats is described in L<BN_bn2bin(3)|BN_bn2bin(3)>. L<bn_internal(3)|bn_internal(3)>, L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<BN_new(3)|BN_new(3)>, L<BN_CTX_new(3)|BN_CTX_new(3)>, -L<BN_copy(3)|BN_copy(3)>, L<BN_num_bytes(3)|BN_num_bytes(3)>, +L<BN_copy(3)|BN_copy(3)>, L<BN_swap(3)|BN_swap(3)>, L<BN_num_bytes(3)|BN_num_bytes(3)>, L<BN_add(3)|BN_add(3)>, L<BN_add_word(3)|BN_add_word(3)>, L<BN_cmp(3)|BN_cmp(3)>, L<BN_zero(3)|BN_zero(3)>, L<BN_rand(3)|BN_rand(3)>, L<BN_generate_prime(3)|BN_generate_prime(3)>, L<BN_set_bit(3)|BN_set_bit(3)>, diff --git a/doc/crypto/bn_internal.pod b/doc/crypto/bn_internal.pod index 8da244aed4..d6f3cfe2ee 100644 --- a/doc/crypto/bn_internal.pod +++ b/doc/crypto/bn_internal.pod @@ -34,9 +34,9 @@ library internal functions int nb); void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n); void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, - BN_ULONG *tmp); + int dna,int dnb,BN_ULONG *tmp); void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, - int tn, int n, BN_ULONG *tmp); + int n, int tna,int tnb, BN_ULONG *tmp); void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, BN_ULONG *tmp); void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, @@ -152,14 +152,15 @@ bn_mul_low_normal(B<r>, B<a>, B<b>, B<n>) operates on the B<n> word arrays B<r>, B<a> and B<b>. It computes the B<n> low words of B<a>*B<b> and places the result in B<r>. -bn_mul_recursive(B<r>, B<a>, B<b>, B<n2>, B<t>) operates on the B<n2> -word arrays B<a> and B<b> and the 2*B<n2> word arrays B<r> and B<t>. -B<n2> must be a power of 2. It computes B<a>*B<b> and places the -result in B<r>. +bn_mul_recursive(B<r>, B<a>, B<b>, B<n2>, B<dna>, B<dnb>, B<t>) operates +on the word arrays B<a> and B<b> of length B<n2>+B<dna> and B<n2>+B<dnb> +(B<dna> and B<dnb> are currently allowed to be 0 or negative) and the 2*B<n2> +word arrays B<r> and B<t>. B<n2> must be a power of 2. It computes +B<a>*B<b> and places the result in B<r>. -bn_mul_part_recursive(B<r>, B<a>, B<b>, B<tn>, B<n>, B<tmp>) operates -on the B<n>+B<tn> word arrays B<a> and B<b> and the 4*B<n> word arrays -B<r> and B<tmp>. +bn_mul_part_recursive(B<r>, B<a>, B<b>, B<n>, B<tna>, B<tnb, B<tmp>) +operates on the word arrays B<a> and B<b> of length B<n>+B<tna> and +B<n>+B<tnb> and the 4*B<n> word arrays B<r> and B<tmp>. bn_mul_low_recursive(B<r>, B<a>, B<b>, B<n2>, B<tmp>) operates on the B<n2> word arrays B<r> and B<tmp> and the B<n2>/2 word arrays B<a> diff --git a/doc/crypto/lhash.pod b/doc/crypto/lhash.pod index 4e87aee824..8c4ca6ab33 100644 --- a/doc/crypto/lhash.pod +++ b/doc/crypto/lhash.pod @@ -9,20 +9,24 @@ lh_doall_arg, lh_error - dynamic hash table #include <openssl/lhash.h> - LHASH *lh_new(unsigned long (*hash)(/*void *a*/), - int (*compare)(/*void *a,void *b*/)); + LHASH *lh_new(LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE compare); void lh_free(LHASH *table); void *lh_insert(LHASH *table, void *data); void *lh_delete(LHASH *table, void *data); void *lh_retrieve(LHASH *table, void *data); - void lh_doall(LHASH *table, void (*func)(/*void *b*/)); - void lh_doall_arg(LHASH *table, void (*func)(/*void *a,void *b*/), + void lh_doall(LHASH *table, LHASH_DOALL_FN_TYPE func); + void lh_doall_arg(LHASH *table, LHASH_DOALL_ARG_FN_TYPE func, void *arg); int lh_error(LHASH *table); + typedef int (*LHASH_COMP_FN_TYPE)(void *, void *); + typedef unsigned long (*LHASH_HASH_FN_TYPE)(void *); + typedef void (*LHASH_DOALL_FN_TYPE)(void *); + typedef void (*LHASH_DOALL_ARG_FN_TYPE)(void *, void *); + =head1 DESCRIPTION This library implements dynamic hash tables. The hash table entries @@ -34,7 +38,44 @@ the structure and returns an unsigned long hash value of its key field. The hash value is normally truncated to a power of 2, so make sure that your hash function returns well mixed low order bits. B<compare> takes two arguments, and returns 0 if their keys are -equal, non-zero otherwise. +equal, non-zero otherwise. If your hash table will contain items of +some uniform type, and similarly the B<hash> and B<compare> callbacks +hash or compare the same type, then the B<DECLARE_LHASH_HASH_FN> and +B<IMPLEMENT_LHASH_COMP_FN> macros can be used to create callback +wrappers of the prototypes required in lh_new(). These provide +per-variable casts before calling the type-specific callbacks written +by the application author. These macros are defined as; + + #define DECLARE_LHASH_HASH_FN(f_name,o_type) \ + unsigned long f_name##_LHASH_HASH(void *); + #define IMPLEMENT_LHASH_HASH_FN(f_name,o_type) \ + unsigned long f_name##_LHASH_HASH(void *arg) { \ + o_type a = (o_type)arg; \ + return f_name(a); } + #define LHASH_HASH_FN(f_name) f_name##_LHASH_HASH + + #define DECLARE_LHASH_COMP_FN(f_name,o_type) \ + int f_name##_LHASH_COMP(void *, void *); + #define IMPLEMENT_LHASH_COMP_FN(f_name,o_type) \ + int f_name##_LHASH_COMP(void *arg1, void *arg2) { \ + o_type a = (o_type)arg1; \ + o_type b = (o_type)arg2; \ + return f_name(a,b); } + #define LHASH_COMP_FN(f_name) f_name##_LHASH_COMP + +An example of a hash table storing (pointers to) a structure type 'foo' +could be defined as follows; + + unsigned long foo_hash(foo *tohash); + int foo_compare(foo *arg1, foo *arg2); + static IMPLEMENT_LHASH_HASH_FN(foo_hash, foo *) + static IMPLEMENT_LHASH_COMP_FN(foo_compare, foo *); + /* ... */ + int main(int argc, char *argv[]) { + LHASH *hashtable = lh_new(LHASH_HASH_FN(foo_hash), + LHASH_COMP_FN(foo_compare)); + /* ... */ + } lh_free() frees the B<LHASH> structure B<table>. Allocated hash table entries will not be freed; consider using lh_doall() to deallocate any @@ -56,7 +97,7 @@ the data item as parameters. This function can be quite useful when used as follows: void cleanup(STUFF *a) { STUFF_free(a); } - lh_doall(hash,cleanup); + lh_doall(hash,(LHASH_DOALL_FN_TYPE)cleanup); lh_free(hash); This can be used to free all the entries. lh_free() then cleans up the 'buckets' that point to nothing. When doing this, be careful if you @@ -67,7 +108,9 @@ solution to this problem is to set hash-E<gt>down_load=0 before you start. This will stop the hash table ever being decreased in size. lh_doall_arg() is the same as lh_doall() except that B<func> will -be called with B<arg> as the second argument. +be called with B<arg> as the second argument and B<func> should be +of type B<LHASH_DOALL_ARG_FN_TYPE> (a callback prototype that is +passed an extra argument). lh_error() can be used to determine if an error occurred in the last operation. lh_error() is a macro. diff --git a/doc/crypto/rsa.pod b/doc/crypto/rsa.pod index ef0d4df205..09ad30cab1 100644 --- a/doc/crypto/rsa.pod +++ b/doc/crypto/rsa.pod @@ -37,7 +37,6 @@ rsa - RSA public key cryptosystem int RSA_set_method(RSA *rsa, ENGINE *engine); RSA_METHOD *RSA_get_method(RSA *rsa); RSA_METHOD *RSA_PKCS1_SSLeay(void); - RSA_METHOD *RSA_PKCS1_RSAref(void); RSA_METHOD *RSA_null_method(void); int RSA_flags(RSA *rsa); RSA *RSA_new_method(ENGINE *engine); diff --git a/doc/ssl/SSL_CIPHER_get_name.pod b/doc/ssl/SSL_CIPHER_get_name.pod index 7fea14ee68..bf851dcea5 100644 --- a/doc/ssl/SSL_CIPHER_get_name.pod +++ b/doc/ssl/SSL_CIPHER_get_name.pod @@ -2,8 +2,7 @@ =head1 NAME -SSL_CIPHER_get_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, -SSL_CIPHER_description - get SSL_CIPHER properties +SSL_CIPHER_get_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_description - get SSL_CIPHER properties =head1 SYNOPSIS @@ -29,9 +28,10 @@ SSL_CIPHER_get_version() returns the protocol version for B<cipher>, currently SSL_CIPHER_description() returns a textual description of the cipher used into the buffer B<buf> of length B<len> provided. B<len> must be at least -128 bytes, otherwise the string "Buffer too small" is returned. If B<buf> -is NULL, a buffer of 128 bytes is allocated using OPENSSL_malloc(). If the -allocation fails, the string "OPENSSL_malloc Error" is returned. +128 bytes, otherwise a pointer to the the string "Buffer too small" is +returned. If B<buf> is NULL, a buffer of 128 bytes is allocated using +OPENSSL_malloc(). If the allocation fails, a pointer to the string +"OPENSSL_malloc Error" is returned. =head1 NOTES @@ -40,11 +40,66 @@ export cipher like e.g. EXP-RC4-MD5 has only 40 secret bits. The algorithm does use the full 128 bits (which would be returned for B<alg_bits>), of which however 88bits are fixed. The search space is hence only 40 bits. +The string returned by SSL_CIPHER_description() in case of success consists +of cleartext information seperated by one or more blanks in the following +sequence: + +=over 4 + +=item <ciphername> + +Textual representation of the cipher name. + +=item <protocol version> + +Protocol version: B<SSLv2>, B<SSLv3>. The TLSv1 ciphers are flagged with SSLv3. + +=item Kx=<key exchange> + +Key exchange method: B<RSA> (for export ciphers as B<RSA(512)> or +B<RSA(1024)>), B<DH> (for export ciphers as B<DH(512)> or B<DH(1024)>), +B<DH/RSA>, B<DH/DSS>, B<Fortezza>. + +=item Au=<authentication> + +Authentication method: B<RSA>, B<DSS>, B<DH>, B<None>. None is the +representation of anonymous ciphers. + +=item Enc=<symmectric encryption method> + +Encryption method with number of secret bits: B<DES(40)>, B<DES(56)>, +B<3DES(168)>, B<RC4(40)>, B<RC4(56)>, B<RC4(64)>, B<RC4(128)>, +B<RC2(40)>, B<RC2(56)>, B<RC2(128)>, B<IDEA(128)>, B<Fortezza>, B<None>. + +=item Mac=<message authentication code> + +Message digest: B<MD5>, B<SHA1>. + +=item <export flag> + +If the cipher is flagged exportable with respect to old US crypto +regulations, the word "B<export>" is printed. + +=back + +=head1 EXAMPLES + +Some examples for the output of SSL_CIPHER_description(): + + EDH-RSA-DES-CBC3-SHA SSLv3 Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1 + EDH-DSS-DES-CBC3-SHA SSLv3 Kx=DH Au=DSS Enc=3DES(168) Mac=SHA1 + RC4-MD5 SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 + EXP-RC4-MD5 SSLv3 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export + =head1 BUGS If SSL_CIPHER_description() is called with B<cipher> being NULL, the library crashes. +If SSL_CIPHER_description() cannot handle a built-in cipher, the according +description of the cipher property is B<unknown>. This case should not +occur. + =head1 RETURN VALUES See DESCRIPTION @@ -52,6 +107,6 @@ See DESCRIPTION =head1 SEE ALSO L<ssl(3)|ssl(3)>, L<SSL_get_current_cipher(3)|SSL_get_current_cipher(3)>, -L<SSL_get_ciphers(3)|SSL_get_ciphers(3)> +L<SSL_get_ciphers(3)|SSL_get_ciphers(3)>, L<ciphers(1)|ciphers(1)> =cut diff --git a/doc/ssl/SSL_CTX_load_verify_locations.pod b/doc/ssl/SSL_CTX_load_verify_locations.pod index aeeee1a3be..8e11606dad 100644 --- a/doc/ssl/SSL_CTX_load_verify_locations.pod +++ b/doc/ssl/SSL_CTX_load_verify_locations.pod @@ -46,7 +46,7 @@ is performed in the ordering of the extension number, regardless of other properties of the certificates. Use the B<c_rehash> utility to create the necessary links. -The certificates in B<CAfile> are only looked up when required, e.g. when +The certificates in B<CApath> are only looked up when required, e.g. when building the certificate chain or when actually performing the verification of a peer certificate. @@ -62,6 +62,9 @@ matching the parameters is found, the verification process will be performed; no other certificates for the same parameters will be searched in case of failure. +When building its own certificate chain, an OpenSSL client/server will +try to fill in missing certificates from B<CAfile>/B<CApath>. + =head1 WARNINGS If several CA certificates matching the name, key identifier, and serial diff --git a/doc/ssl/SSL_get_error.pod b/doc/ssl/SSL_get_error.pod index d85b564258..bd6872f61f 100644 --- a/doc/ssl/SSL_get_error.pod +++ b/doc/ssl/SSL_get_error.pod @@ -48,16 +48,26 @@ has been closed. =item SSL_ERROR_WANT_READ, SSL_ERROR_WANT_WRITE The operation did not complete; the same TLS/SSL I/O function should be -called again later. There will be protocol progress if, by then, the -underlying B<BIO> has data available for reading (if the result code is -B<SSL_ERROR_WANT_READ>) or allows writing data (B<SSL_ERROR_WANT_WRITE>). -For socket B<BIO>s (e.g. when SSL_set_fd() was used) this means that -select() or poll() on the underlying socket can be used to find out -when the TLS/SSL I/O function should be retried. +called again later. If, by then, the underlying B<BIO> has data +available for reading (if the result code is B<SSL_ERROR_WANT_READ>) +or allows writing data (B<SSL_ERROR_WANT_WRITE>), then some TLS/SSL +protocol progress will take place, i.e. at least part of an TLS/SSL +record will be read or written. Note that the retry may again lead to +a B<SSL_ERROR_WANT_READ> or B<SSL_ERROR_WANT_WRITE> condition. +There is no fixed upper limit for the number of iterations that +may be necessary until progress becomes visible at application +protocol level. + +For socket B<BIO>s (e.g. when SSL_set_fd() was used), select() or +poll() on the underlying socket can be used to find out when the +TLS/SSL I/O function should be retried. Caveat: Any TLS/SSL I/O function can lead to either of -B<SSL_ERROR_WANT_READ> and B<SSL_ERROR_WANT_WRITE>, i.e. SSL_read() -may want to write data and SSL_write() may want to read data. +B<SSL_ERROR_WANT_READ> and B<SSL_ERROR_WANT_WRITE>. In particular, +SSL_read() may want to write data and SSL_write() may want to read +data. This is mainly because TLS/SSL handshakes may occur at any time +during the protocol (initiated by either the client or the server); +SSL_read() and SSL_write() will handle any pending handshakes. =item SSL_ERROR_WANT_X509_LOOKUP diff --git a/doc/standards.txt b/doc/standards.txt index 61ccc5d7e0..596d9001e6 100644 --- a/doc/standards.txt +++ b/doc/standards.txt @@ -24,7 +24,8 @@ http://www.rsasecurity.com/rsalabs/pkcs/. Implemented: ------------ -These are documents that describe things that are implemented in OpenSSL. +These are documents that describe things that are implemented (in +whole or at least great parts) in OpenSSL. 1319 The MD2 Message-Digest Algorithm. B. Kaliski. April 1992. (Format: TXT=25661 bytes) (Status: INFORMATIONAL) @@ -59,6 +60,11 @@ PKCS#8: Private-Key Information Syntax Standard PKCS#12: Personal Information Exchange Syntax Standard, version 1.0. +2560 X.509 Internet Public Key Infrastructure Online Certificate + Status Protocol - OCSP. M. Myers, R. Ankney, A. Malpani, S. Galperin, + C. Adams. June 1999. (Format: TXT=43243 bytes) (Status: PROPOSED + STANDARD) + Related: -------- @@ -84,6 +90,10 @@ STARTTLS documents. Certification and Related Services. B. Kaliski. February 1993. (Format: TXT=17537 bytes) (Status: PROPOSED STANDARD) +2256 A Summary of the X.500(96) User Schema for use with LDAPv3. M. + Wahl. December 1997. (Format: TXT=32377 bytes) (Status: PROPOSED + STANDARD) + 2487 SMTP Service Extension for Secure SMTP over TLS. P. Hoffman. January 1999. (Format: TXT=15120 bytes) (Status: PROPOSED STANDARD) @@ -114,8 +124,7 @@ To be implemented: These are documents that describe things that are planed to be implemented in the hopefully short future. -2560 X.509 Internet Public Key Infrastructure Online Certificate - Status Protocol - OCSP. M. Myers, R. Ankney, A. Malpani, S. Galperin, - C. Adams. June 1999. (Format: TXT=43243 bytes) (Status: PROPOSED - STANDARD) +2712 Addition of Kerberos Cipher Suites to Transport Layer Security + (TLS). A. Medvinsky, M. Hur. October 1999. (Format: TXT=13763 bytes) + (Status: PROPOSED STANDARD) diff --git a/makevms.com b/makevms.com index 15cbc9ce9d..f3372ca3b2 100755 --- a/makevms.com +++ b/makevms.com @@ -389,7 +389,7 @@ $ EXHEADER_DSA := dsa.h $ EXHEADER_DH := dh.h $ EXHEADER_DSO := dso.h $ EXHEADER_ENGINE := engine.h -$ EXHEADER_RIJNDAEL := rijndael-alg-fst.h,rijndael.h +$ EXHEADER_RIJNDAEL := rd_fst.h,rijndael.h $ EXHEADER_BUFFER := buffer.h $ EXHEADER_BIO := bio.h $ EXHEADER_STACK := stack.h,safestack.h @@ -425,8 +425,8 @@ $ LOOP_SDIRS_END: $! $! Copy All The ".H" Files From The [.RSAREF] Directory. $! -$ EXHEADER := rsaref.h -$ COPY SYS$DISK:[.RSAREF]'EXHEADER' SYS$DISK:[.INCLUDE.OPENSSL] +$! EXHEADER := rsaref.h +$! COPY SYS$DISK:[.RSAREF]'EXHEADER' SYS$DISK:[.INCLUDE.OPENSSL] $! $! Copy All The ".H" Files From The [.SSL] Directory. $! @@ -473,6 +473,9 @@ $! $! Build The [.xxx.EXE.RSAREF]LIBRSAGLUE Library. $! $ RSAREF: +$ WRITE SYS$OUTPUT "" +$ WRITE SYS$OUTPUT "RSAref glue library not built, since it's no longer needed" +$ RETURN $! $! Tell The User What We Are Doing. $! @@ -648,7 +651,6 @@ $ WRITE SYS$OUTPUT " CONFIG : Just build the [.CRYPTO]OPENSSLCONF.H fi $ WRITE SYS$OUTPUT " BUILDINF : Just build the [.CRYPTO]BUILDINF.H file." $ WRITE SYS$OUTPUT " SOFTLINKS: Just Fix The Unix soft links." $ WRITE SYS$OUTPUT " BUILDALL : Same as ALL, except CONFIG, BUILDINF and SOFTILNKS aren't done." -$ WRITE SYS$OUTPUT " RSAREF : To Build Just The [.xxx.EXE.RSAREF]LIBRSAGLUE.OLB Library." $ WRITE SYS$OUTPUT " CRYPTO : To Build Just The [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library." $ WRITE SYS$OUTPUT " CRYPTO/x : To Build Just The x Part Of The" $ WRITE SYS$OUTPUT " [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library." @@ -677,6 +679,7 @@ $ ENDIF $! $! Check To See If P2 Is Blank. $! +$ P2 = "NORSAREF" $ IF (P2.EQS."NORSAREF") $ THEN $! diff --git a/ms/testss.bat b/ms/testss.bat index 36863a5017..d9ae625439 100755 --- a/ms/testss.bat +++ b/ms/testss.bat @@ -1,4 +1,4 @@ -echo=on
+echo on
rem set ssleay=..\out\ssleay
set ssleay=%1
diff --git a/openssl.spec b/openssl.spec index fa8c16b7c7..501151ab47 100644 --- a/openssl.spec +++ b/openssl.spec @@ -2,7 +2,7 @@ %define libmin 9 %define librel 6 #%define librev -Release: 1 +Release: 2 %define openssldir /var/ssl @@ -109,12 +109,12 @@ for x in $RPM_BUILD_ROOT/usr/man/man*/* do mv ${x} ${x}ssl done -# Install RSAref stuff -install -m644 rsaref/rsaref.h $RPM_BUILD_ROOT/usr/include/openssl -install -m644 libRSAglue.a $RPM_BUILD_ROOT/usr/lib +## Install RSAref stuff +#install -m644 rsaref/rsaref.h $RPM_BUILD_ROOT/usr/include/openssl +#install -m644 libRSAglue.a $RPM_BUILD_ROOT/usr/lib # Make backwards-compatibility symlink to ssleay -ln -s /usr/bin/openssl $RPM_BUILD_ROOT/usr/bin/ssleay +ln -sf /usr/bin/openssl $RPM_BUILD_ROOT/usr/bin/ssleay # Install shared libs install -m644 libcrypto.a $RPM_BUILD_ROOT/usr/lib @@ -123,10 +123,10 @@ install -m644 libssl.a $RPM_BUILD_ROOT/usr/lib install -m755 libssl.so.%{libmaj}.%{libmin}.%{librel} $RPM_BUILD_ROOT/usr/lib ( cd $RPM_BUILD_ROOT/usr/lib - ln -s libcrypto.so.%{libmaj}.%{libmin}.%{librel} libcrypto.so.%{libmaj} - ln -s libcrypto.so.%{libmaj}.%{libmin}.%{librel} libcrypto.so - ln -s libssl.so.%{libmaj}.%{libmin}.%{librel} libssl.so.%{libmaj} - ln -s libssl.so.%{libmaj}.%{libmin}.%{librel} libssl.so + ln -sf libcrypto.so.%{libmaj}.%{libmin}.%{librel} libcrypto.so.%{libmaj} + ln -sf libcrypto.so.%{libmaj}.%{libmin}.%{librel} libcrypto.so + ln -sf libssl.so.%{libmaj}.%{libmin}.%{librel} libssl.so.%{libmaj} + ln -sf libssl.so.%{libmaj}.%{libmin}.%{librel} libssl.so ) %clean @@ -148,14 +148,15 @@ rm -rf $RPM_BUILD_ROOT %dir %attr(0750,root,root) %{openssldir}/private %files devel +%defattr(0644,root,root,0755) %doc CHANGES CHANGES.SSLeay LICENSE NEWS README -%defattr(0644,root,root,0755) %attr(0644,root,root) /usr/lib/*.a %attr(0644,root,root) /usr/include/openssl/* %attr(0644,root,root) /usr/man/man[3]/* %files doc +%defattr(0644,root,root,0755) %doc CHANGES CHANGES.SSLeay LICENSE NEWS README %doc doc @@ -166,6 +167,14 @@ ldconfig ldconfig %changelog +* Sat Oct 21 2000 Horms <horms@vergenet.net> +- Make sure symlinks are created by using -f flag to ln. + Otherwise some .so libraries are copied rather than + linked in the resulting binary RPM. This causes the package + to be larger than neccessary and makes ldconfig complain. +* Fri Oct 13 2000 Horms <horms@vergenet.net> +- Make defattr is set for files in all packages so packages built as + non-root will still be installed with files owned by root. * Thu Sep 14 2000 Richard Levitte <richard@levitte.org> - Changed to adapt to the new (supported) way of making shared libraries - Installs all static libraries, not just libRSAglue.a diff --git a/ssl/Makefile.ssl b/ssl/Makefile.ssl index 37f1ef0a08..7205e25c5a 100644 --- a/ssl/Makefile.ssl +++ b/ssl/Makefile.ssl @@ -5,7 +5,7 @@ DIR= ssl TOP= .. CC= cc -INCLUDES= -I../crypto -I../include +INCLUDES= -I../crypto -I../include $(KRB5_INCLUDES) CFLAG=-g INSTALL_PREFIX= OPENSSLDIR= /usr/local/ssl @@ -14,6 +14,9 @@ MAKE= make -f Makefile.ssl MAKEDEPEND= $(TOP)/util/domd $(TOP) MAKEFILE= Makefile.ssl AR= ar r +# KRB5 stuff +KRB5_INCLUDES= +LIBKRB5= CFLAGS= $(INCLUDES) $(CFLAG) @@ -30,7 +33,7 @@ LIBSRC= \ ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \ ssl_ciph.c ssl_stat.c ssl_rsa.c \ ssl_asn1.c ssl_txt.c ssl_algs.c \ - bio_ssl.c ssl_err.c + bio_ssl.c ssl_err.c kssl.c LIBOBJ= \ s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o \ s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o \ @@ -39,11 +42,11 @@ LIBOBJ= \ ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \ ssl_ciph.o ssl_stat.o ssl_rsa.o \ ssl_asn1.o ssl_txt.o ssl_algs.o \ - bio_ssl.o ssl_err.o + bio_ssl.o ssl_err.o kssl.o SRC= $(LIBSRC) -EXHEADER= ssl.h ssl2.h ssl3.h ssl23.h tls1.h +EXHEADER= ssl.h ssl2.h ssl3.h ssl23.h tls1.h kssl.h HEADER= $(EXHEADER) ssl_locl.h ALL= $(GENERAL) $(SRC) $(HEADER) @@ -102,22 +105,45 @@ bio_ssl.o: ../include/openssl/comp.h ../include/openssl/crypto.h bio_ssl.o: ../include/openssl/des.h ../include/openssl/dh.h bio_ssl.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h bio_ssl.o: ../include/openssl/err.h ../include/openssl/evp.h -bio_ssl.o: ../include/openssl/idea.h ../include/openssl/lhash.h -bio_ssl.o: ../include/openssl/md2.h ../include/openssl/md4.h -bio_ssl.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -bio_ssl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -bio_ssl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -bio_ssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h -bio_ssl.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -bio_ssl.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -bio_ssl.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -bio_ssl.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -bio_ssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h -bio_ssl.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -bio_ssl.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -bio_ssl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -bio_ssl.o: ../include/openssl/tls1.h ../include/openssl/x509.h -bio_ssl.o: ../include/openssl/x509_vfy.h +bio_ssl.o: ../include/openssl/idea.h ../include/openssl/kssl.h +bio_ssl.o: ../include/openssl/lhash.h ../include/openssl/md2.h +bio_ssl.o: ../include/openssl/md4.h ../include/openssl/md5.h +bio_ssl.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +bio_ssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +bio_ssl.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +bio_ssl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +bio_ssl.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +bio_ssl.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +bio_ssl.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +bio_ssl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +bio_ssl.o: ../include/openssl/sha.h ../include/openssl/ssl.h +bio_ssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +bio_ssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +bio_ssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +bio_ssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +kssl.o: ../include/openssl/asn1.h ../include/openssl/bio.h +kssl.o: ../include/openssl/blowfish.h ../include/openssl/bn.h +kssl.o: ../include/openssl/buffer.h ../include/openssl/cast.h +kssl.o: ../include/openssl/comp.h ../include/openssl/crypto.h +kssl.o: ../include/openssl/des.h ../include/openssl/dh.h +kssl.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h +kssl.o: ../include/openssl/evp.h ../include/openssl/idea.h +kssl.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +kssl.o: ../include/openssl/md2.h ../include/openssl/md4.h +kssl.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +kssl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +kssl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +kssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h +kssl.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +kssl.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +kssl.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +kssl.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +kssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h +kssl.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +kssl.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +kssl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +kssl.o: ../include/openssl/tls1.h ../include/openssl/x509.h +kssl.o: ../include/openssl/x509_vfy.h s23_clnt.o: ../include/openssl/asn1.h ../include/openssl/bio.h s23_clnt.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s23_clnt.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -126,22 +152,22 @@ s23_clnt.o: ../include/openssl/des.h ../include/openssl/dh.h s23_clnt.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s23_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h s23_clnt.o: ../include/openssl/evp.h ../include/openssl/idea.h -s23_clnt.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s23_clnt.o: ../include/openssl/md4.h ../include/openssl/md5.h -s23_clnt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s23_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s23_clnt.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s23_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s23_clnt.o: ../include/openssl/rand.h ../include/openssl/rc2.h -s23_clnt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -s23_clnt.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -s23_clnt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -s23_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s23_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s23_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s23_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -s23_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s23_clnt.o: ../include/openssl/x509_vfy.h ssl_locl.h +s23_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s23_clnt.o: ../include/openssl/md2.h ../include/openssl/md4.h +s23_clnt.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s23_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s23_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s23_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s23_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +s23_clnt.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +s23_clnt.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +s23_clnt.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +s23_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +s23_clnt.o: ../include/openssl/sha.h ../include/openssl/ssl.h +s23_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +s23_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s23_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +s23_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h s23_lib.o: ../include/openssl/asn1.h ../include/openssl/bio.h s23_lib.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s23_lib.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -150,21 +176,22 @@ s23_lib.o: ../include/openssl/des.h ../include/openssl/dh.h s23_lib.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s23_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h s23_lib.o: ../include/openssl/evp.h ../include/openssl/idea.h -s23_lib.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s23_lib.o: ../include/openssl/md4.h ../include/openssl/md5.h -s23_lib.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s23_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s23_lib.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s23_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s23_lib.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s23_lib.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s23_lib.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s23_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s23_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s23_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s23_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s23_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s23_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +s23_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s23_lib.o: ../include/openssl/md2.h ../include/openssl/md4.h +s23_lib.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s23_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s23_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s23_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s23_lib.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +s23_lib.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s23_lib.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s23_lib.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s23_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s23_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s23_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s23_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s23_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s23_lib.o: ../include/openssl/x509_vfy.h ssl_locl.h s23_meth.o: ../include/openssl/asn1.h ../include/openssl/bio.h s23_meth.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s23_meth.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -173,21 +200,22 @@ s23_meth.o: ../include/openssl/des.h ../include/openssl/dh.h s23_meth.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s23_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h s23_meth.o: ../include/openssl/evp.h ../include/openssl/idea.h -s23_meth.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s23_meth.o: ../include/openssl/md4.h ../include/openssl/md5.h -s23_meth.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s23_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s23_meth.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s23_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s23_meth.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s23_meth.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s23_meth.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s23_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s23_meth.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s23_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s23_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s23_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s23_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +s23_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s23_meth.o: ../include/openssl/md2.h ../include/openssl/md4.h +s23_meth.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s23_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s23_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s23_meth.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s23_meth.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +s23_meth.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s23_meth.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s23_meth.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s23_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s23_meth.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s23_meth.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s23_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s23_meth.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s23_meth.o: ../include/openssl/x509_vfy.h ssl_locl.h s23_pkt.o: ../include/openssl/asn1.h ../include/openssl/bio.h s23_pkt.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s23_pkt.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -196,21 +224,22 @@ s23_pkt.o: ../include/openssl/des.h ../include/openssl/dh.h s23_pkt.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s23_pkt.o: ../include/openssl/e_os2.h ../include/openssl/err.h s23_pkt.o: ../include/openssl/evp.h ../include/openssl/idea.h -s23_pkt.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s23_pkt.o: ../include/openssl/md4.h ../include/openssl/md5.h -s23_pkt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s23_pkt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s23_pkt.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s23_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s23_pkt.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s23_pkt.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s23_pkt.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s23_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s23_pkt.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s23_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s23_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s23_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s23_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +s23_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s23_pkt.o: ../include/openssl/md2.h ../include/openssl/md4.h +s23_pkt.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s23_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s23_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s23_pkt.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s23_pkt.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +s23_pkt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s23_pkt.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s23_pkt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s23_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s23_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s23_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s23_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s23_pkt.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s23_pkt.o: ../include/openssl/x509_vfy.h ssl_locl.h s23_srvr.o: ../include/openssl/asn1.h ../include/openssl/bio.h s23_srvr.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s23_srvr.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -219,22 +248,22 @@ s23_srvr.o: ../include/openssl/des.h ../include/openssl/dh.h s23_srvr.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s23_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h s23_srvr.o: ../include/openssl/evp.h ../include/openssl/idea.h -s23_srvr.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s23_srvr.o: ../include/openssl/md4.h ../include/openssl/md5.h -s23_srvr.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s23_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s23_srvr.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s23_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s23_srvr.o: ../include/openssl/rand.h ../include/openssl/rc2.h -s23_srvr.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -s23_srvr.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -s23_srvr.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -s23_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s23_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s23_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s23_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -s23_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s23_srvr.o: ../include/openssl/x509_vfy.h ssl_locl.h +s23_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s23_srvr.o: ../include/openssl/md2.h ../include/openssl/md4.h +s23_srvr.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s23_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s23_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s23_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s23_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +s23_srvr.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +s23_srvr.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +s23_srvr.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +s23_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +s23_srvr.o: ../include/openssl/sha.h ../include/openssl/ssl.h +s23_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +s23_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s23_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +s23_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h s2_clnt.o: ../include/openssl/asn1.h ../include/openssl/bio.h s2_clnt.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s2_clnt.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -243,22 +272,22 @@ s2_clnt.o: ../include/openssl/des.h ../include/openssl/dh.h s2_clnt.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s2_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h s2_clnt.o: ../include/openssl/evp.h ../include/openssl/idea.h -s2_clnt.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s2_clnt.o: ../include/openssl/md4.h ../include/openssl/md5.h -s2_clnt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s2_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s2_clnt.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s2_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s2_clnt.o: ../include/openssl/rand.h ../include/openssl/rc2.h -s2_clnt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -s2_clnt.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -s2_clnt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -s2_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s2_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s2_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s2_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -s2_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s2_clnt.o: ../include/openssl/x509_vfy.h ssl_locl.h +s2_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s2_clnt.o: ../include/openssl/md2.h ../include/openssl/md4.h +s2_clnt.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s2_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s2_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s2_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s2_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +s2_clnt.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +s2_clnt.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +s2_clnt.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +s2_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +s2_clnt.o: ../include/openssl/sha.h ../include/openssl/ssl.h +s2_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +s2_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s2_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +s2_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h s2_enc.o: ../include/openssl/asn1.h ../include/openssl/bio.h s2_enc.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s2_enc.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -267,21 +296,22 @@ s2_enc.o: ../include/openssl/des.h ../include/openssl/dh.h s2_enc.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s2_enc.o: ../include/openssl/e_os2.h ../include/openssl/err.h s2_enc.o: ../include/openssl/evp.h ../include/openssl/idea.h -s2_enc.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s2_enc.o: ../include/openssl/md4.h ../include/openssl/md5.h -s2_enc.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s2_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s2_enc.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s2_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s2_enc.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s2_enc.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s2_enc.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s2_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s2_enc.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s2_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s2_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s2_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s2_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +s2_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s2_enc.o: ../include/openssl/md2.h ../include/openssl/md4.h +s2_enc.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s2_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s2_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s2_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s2_enc.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +s2_enc.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s2_enc.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s2_enc.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s2_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s2_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s2_enc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s2_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s2_enc.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s2_enc.o: ../include/openssl/x509_vfy.h ssl_locl.h s2_lib.o: ../include/openssl/asn1.h ../include/openssl/bio.h s2_lib.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s2_lib.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -290,21 +320,22 @@ s2_lib.o: ../include/openssl/des.h ../include/openssl/dh.h s2_lib.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s2_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h s2_lib.o: ../include/openssl/evp.h ../include/openssl/idea.h -s2_lib.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s2_lib.o: ../include/openssl/md4.h ../include/openssl/md5.h -s2_lib.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s2_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s2_lib.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s2_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s2_lib.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s2_lib.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s2_lib.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s2_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s2_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s2_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s2_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s2_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s2_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +s2_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s2_lib.o: ../include/openssl/md2.h ../include/openssl/md4.h +s2_lib.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s2_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s2_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s2_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s2_lib.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +s2_lib.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s2_lib.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s2_lib.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s2_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s2_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s2_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s2_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s2_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s2_lib.o: ../include/openssl/x509_vfy.h ssl_locl.h s2_meth.o: ../include/openssl/asn1.h ../include/openssl/bio.h s2_meth.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s2_meth.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -313,21 +344,22 @@ s2_meth.o: ../include/openssl/des.h ../include/openssl/dh.h s2_meth.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s2_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h s2_meth.o: ../include/openssl/evp.h ../include/openssl/idea.h -s2_meth.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s2_meth.o: ../include/openssl/md4.h ../include/openssl/md5.h -s2_meth.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s2_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s2_meth.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s2_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s2_meth.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s2_meth.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s2_meth.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s2_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s2_meth.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s2_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s2_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s2_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s2_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +s2_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s2_meth.o: ../include/openssl/md2.h ../include/openssl/md4.h +s2_meth.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s2_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s2_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s2_meth.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s2_meth.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +s2_meth.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s2_meth.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s2_meth.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s2_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s2_meth.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s2_meth.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s2_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s2_meth.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s2_meth.o: ../include/openssl/x509_vfy.h ssl_locl.h s2_pkt.o: ../include/openssl/asn1.h ../include/openssl/bio.h s2_pkt.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s2_pkt.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -336,21 +368,22 @@ s2_pkt.o: ../include/openssl/des.h ../include/openssl/dh.h s2_pkt.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s2_pkt.o: ../include/openssl/e_os2.h ../include/openssl/err.h s2_pkt.o: ../include/openssl/evp.h ../include/openssl/idea.h -s2_pkt.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s2_pkt.o: ../include/openssl/md4.h ../include/openssl/md5.h -s2_pkt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s2_pkt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s2_pkt.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s2_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s2_pkt.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s2_pkt.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s2_pkt.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s2_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s2_pkt.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s2_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s2_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s2_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s2_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +s2_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s2_pkt.o: ../include/openssl/md2.h ../include/openssl/md4.h +s2_pkt.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s2_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s2_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s2_pkt.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s2_pkt.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +s2_pkt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s2_pkt.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s2_pkt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s2_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s2_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s2_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s2_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s2_pkt.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s2_pkt.o: ../include/openssl/x509_vfy.h ssl_locl.h s2_srvr.o: ../include/openssl/asn1.h ../include/openssl/bio.h s2_srvr.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s2_srvr.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -359,22 +392,22 @@ s2_srvr.o: ../include/openssl/des.h ../include/openssl/dh.h s2_srvr.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s2_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h s2_srvr.o: ../include/openssl/evp.h ../include/openssl/idea.h -s2_srvr.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s2_srvr.o: ../include/openssl/md4.h ../include/openssl/md5.h -s2_srvr.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s2_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s2_srvr.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s2_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s2_srvr.o: ../include/openssl/rand.h ../include/openssl/rc2.h -s2_srvr.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -s2_srvr.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -s2_srvr.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -s2_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s2_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s2_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s2_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -s2_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s2_srvr.o: ../include/openssl/x509_vfy.h ssl_locl.h +s2_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s2_srvr.o: ../include/openssl/md2.h ../include/openssl/md4.h +s2_srvr.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s2_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s2_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s2_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s2_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +s2_srvr.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +s2_srvr.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +s2_srvr.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +s2_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +s2_srvr.o: ../include/openssl/sha.h ../include/openssl/ssl.h +s2_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +s2_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s2_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +s2_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h s3_both.o: ../include/openssl/asn1.h ../include/openssl/bio.h s3_both.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s3_both.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -383,22 +416,22 @@ s3_both.o: ../include/openssl/des.h ../include/openssl/dh.h s3_both.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s3_both.o: ../include/openssl/e_os2.h ../include/openssl/err.h s3_both.o: ../include/openssl/evp.h ../include/openssl/idea.h -s3_both.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s3_both.o: ../include/openssl/md4.h ../include/openssl/md5.h -s3_both.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s3_both.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s3_both.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s3_both.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s3_both.o: ../include/openssl/rand.h ../include/openssl/rc2.h -s3_both.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -s3_both.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -s3_both.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -s3_both.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s3_both.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s3_both.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s3_both.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -s3_both.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s3_both.o: ../include/openssl/x509_vfy.h ssl_locl.h +s3_both.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s3_both.o: ../include/openssl/md2.h ../include/openssl/md4.h +s3_both.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s3_both.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s3_both.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s3_both.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s3_both.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +s3_both.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +s3_both.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +s3_both.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +s3_both.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +s3_both.o: ../include/openssl/sha.h ../include/openssl/ssl.h +s3_both.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +s3_both.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s3_both.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +s3_both.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h s3_clnt.o: ../include/openssl/asn1.h ../include/openssl/bio.h s3_clnt.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s3_clnt.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -407,22 +440,23 @@ s3_clnt.o: ../include/openssl/des.h ../include/openssl/dh.h s3_clnt.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s3_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h s3_clnt.o: ../include/openssl/evp.h ../include/openssl/idea.h -s3_clnt.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s3_clnt.o: ../include/openssl/md4.h ../include/openssl/md5.h -s3_clnt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s3_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s3_clnt.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s3_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s3_clnt.o: ../include/openssl/rand.h ../include/openssl/rc2.h -s3_clnt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -s3_clnt.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -s3_clnt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -s3_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s3_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s3_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s3_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -s3_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s3_clnt.o: ../include/openssl/x509_vfy.h ssl_locl.h +s3_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s3_clnt.o: ../include/openssl/md2.h ../include/openssl/md4.h +s3_clnt.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s3_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s3_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s3_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s3_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +s3_clnt.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +s3_clnt.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +s3_clnt.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +s3_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +s3_clnt.o: ../include/openssl/sha.h ../include/openssl/ssl.h +s3_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +s3_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s3_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +s3_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl.h +s3_clnt.o: ssl_locl.h s3_enc.o: ../include/openssl/asn1.h ../include/openssl/bio.h s3_enc.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s3_enc.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -431,21 +465,22 @@ s3_enc.o: ../include/openssl/des.h ../include/openssl/dh.h s3_enc.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s3_enc.o: ../include/openssl/e_os2.h ../include/openssl/err.h s3_enc.o: ../include/openssl/evp.h ../include/openssl/idea.h -s3_enc.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s3_enc.o: ../include/openssl/md4.h ../include/openssl/md5.h -s3_enc.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s3_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s3_enc.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s3_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s3_enc.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s3_enc.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s3_enc.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s3_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s3_enc.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s3_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s3_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s3_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s3_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +s3_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s3_enc.o: ../include/openssl/md2.h ../include/openssl/md4.h +s3_enc.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s3_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s3_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s3_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s3_enc.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +s3_enc.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s3_enc.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s3_enc.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s3_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s3_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s3_enc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s3_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s3_enc.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s3_enc.o: ../include/openssl/x509_vfy.h ssl_locl.h s3_lib.o: ../include/openssl/asn1.h ../include/openssl/bio.h s3_lib.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s3_lib.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -454,21 +489,22 @@ s3_lib.o: ../include/openssl/des.h ../include/openssl/dh.h s3_lib.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s3_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h s3_lib.o: ../include/openssl/evp.h ../include/openssl/idea.h -s3_lib.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s3_lib.o: ../include/openssl/md4.h ../include/openssl/md5.h -s3_lib.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s3_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s3_lib.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s3_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s3_lib.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s3_lib.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s3_lib.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s3_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s3_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s3_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s3_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s3_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s3_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +s3_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s3_lib.o: ../include/openssl/md2.h ../include/openssl/md4.h +s3_lib.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s3_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s3_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s3_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s3_lib.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +s3_lib.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s3_lib.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s3_lib.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s3_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s3_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s3_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s3_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s3_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s3_lib.o: ../include/openssl/x509_vfy.h ssl_locl.h s3_meth.o: ../include/openssl/asn1.h ../include/openssl/bio.h s3_meth.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s3_meth.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -477,21 +513,22 @@ s3_meth.o: ../include/openssl/des.h ../include/openssl/dh.h s3_meth.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s3_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h s3_meth.o: ../include/openssl/evp.h ../include/openssl/idea.h -s3_meth.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s3_meth.o: ../include/openssl/md4.h ../include/openssl/md5.h -s3_meth.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s3_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s3_meth.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s3_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s3_meth.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s3_meth.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s3_meth.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s3_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s3_meth.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s3_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s3_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s3_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s3_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +s3_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s3_meth.o: ../include/openssl/md2.h ../include/openssl/md4.h +s3_meth.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s3_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s3_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s3_meth.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s3_meth.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +s3_meth.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s3_meth.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s3_meth.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s3_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s3_meth.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s3_meth.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s3_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s3_meth.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s3_meth.o: ../include/openssl/x509_vfy.h ssl_locl.h s3_pkt.o: ../include/openssl/asn1.h ../include/openssl/bio.h s3_pkt.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s3_pkt.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -500,21 +537,22 @@ s3_pkt.o: ../include/openssl/des.h ../include/openssl/dh.h s3_pkt.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s3_pkt.o: ../include/openssl/e_os2.h ../include/openssl/err.h s3_pkt.o: ../include/openssl/evp.h ../include/openssl/idea.h -s3_pkt.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s3_pkt.o: ../include/openssl/md4.h ../include/openssl/md5.h -s3_pkt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s3_pkt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s3_pkt.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s3_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s3_pkt.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s3_pkt.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s3_pkt.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s3_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s3_pkt.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s3_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s3_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s3_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s3_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +s3_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s3_pkt.o: ../include/openssl/md2.h ../include/openssl/md4.h +s3_pkt.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s3_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s3_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s3_pkt.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s3_pkt.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +s3_pkt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s3_pkt.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s3_pkt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s3_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s3_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s3_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s3_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s3_pkt.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s3_pkt.o: ../include/openssl/x509_vfy.h ssl_locl.h s3_srvr.o: ../include/openssl/asn1.h ../include/openssl/bio.h s3_srvr.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s3_srvr.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -523,22 +561,23 @@ s3_srvr.o: ../include/openssl/des.h ../include/openssl/dh.h s3_srvr.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s3_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h s3_srvr.o: ../include/openssl/evp.h ../include/openssl/idea.h -s3_srvr.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s3_srvr.o: ../include/openssl/md4.h ../include/openssl/md5.h -s3_srvr.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s3_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s3_srvr.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s3_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s3_srvr.o: ../include/openssl/rand.h ../include/openssl/rc2.h -s3_srvr.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -s3_srvr.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -s3_srvr.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -s3_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s3_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s3_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s3_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -s3_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s3_srvr.o: ../include/openssl/x509_vfy.h ssl_locl.h +s3_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s3_srvr.o: ../include/openssl/md2.h ../include/openssl/md4.h +s3_srvr.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s3_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s3_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s3_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s3_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +s3_srvr.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +s3_srvr.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +s3_srvr.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +s3_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +s3_srvr.o: ../include/openssl/sha.h ../include/openssl/ssl.h +s3_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +s3_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s3_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +s3_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl.h +s3_srvr.o: ssl_locl.h ssl_algs.o: ../include/openssl/asn1.h ../include/openssl/bio.h ssl_algs.o: ../include/openssl/blowfish.h ../include/openssl/bn.h ssl_algs.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -547,21 +586,22 @@ ssl_algs.o: ../include/openssl/des.h ../include/openssl/dh.h ssl_algs.o: ../include/openssl/dsa.h ../include/openssl/e_os.h ssl_algs.o: ../include/openssl/e_os2.h ../include/openssl/err.h ssl_algs.o: ../include/openssl/evp.h ../include/openssl/idea.h -ssl_algs.o: ../include/openssl/lhash.h ../include/openssl/md2.h -ssl_algs.o: ../include/openssl/md4.h ../include/openssl/md5.h -ssl_algs.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -ssl_algs.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -ssl_algs.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -ssl_algs.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -ssl_algs.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -ssl_algs.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -ssl_algs.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -ssl_algs.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -ssl_algs.o: ../include/openssl/sha.h ../include/openssl/ssl.h -ssl_algs.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -ssl_algs.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -ssl_algs.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -ssl_algs.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +ssl_algs.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +ssl_algs.o: ../include/openssl/md2.h ../include/openssl/md4.h +ssl_algs.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +ssl_algs.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +ssl_algs.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +ssl_algs.o: ../include/openssl/pem.h ../include/openssl/pem2.h +ssl_algs.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +ssl_algs.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +ssl_algs.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +ssl_algs.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +ssl_algs.o: ../include/openssl/safestack.h ../include/openssl/sha.h +ssl_algs.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +ssl_algs.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +ssl_algs.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +ssl_algs.o: ../include/openssl/tls1.h ../include/openssl/x509.h +ssl_algs.o: ../include/openssl/x509_vfy.h ssl_locl.h ssl_asn1.o: ../include/openssl/asn1.h ../include/openssl/asn1_mac.h ssl_asn1.o: ../include/openssl/bio.h ../include/openssl/blowfish.h ssl_asn1.o: ../include/openssl/bn.h ../include/openssl/buffer.h @@ -570,22 +610,22 @@ ssl_asn1.o: ../include/openssl/crypto.h ../include/openssl/des.h ssl_asn1.o: ../include/openssl/dh.h ../include/openssl/dsa.h ssl_asn1.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h ssl_asn1.o: ../include/openssl/err.h ../include/openssl/evp.h -ssl_asn1.o: ../include/openssl/idea.h ../include/openssl/lhash.h -ssl_asn1.o: ../include/openssl/md2.h ../include/openssl/md4.h -ssl_asn1.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -ssl_asn1.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -ssl_asn1.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -ssl_asn1.o: ../include/openssl/pem.h ../include/openssl/pem2.h -ssl_asn1.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -ssl_asn1.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -ssl_asn1.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -ssl_asn1.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -ssl_asn1.o: ../include/openssl/safestack.h ../include/openssl/sha.h -ssl_asn1.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -ssl_asn1.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -ssl_asn1.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -ssl_asn1.o: ../include/openssl/tls1.h ../include/openssl/x509.h -ssl_asn1.o: ../include/openssl/x509_vfy.h ssl_locl.h +ssl_asn1.o: ../include/openssl/idea.h ../include/openssl/kssl.h +ssl_asn1.o: ../include/openssl/lhash.h ../include/openssl/md2.h +ssl_asn1.o: ../include/openssl/md4.h ../include/openssl/md5.h +ssl_asn1.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +ssl_asn1.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +ssl_asn1.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +ssl_asn1.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +ssl_asn1.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +ssl_asn1.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +ssl_asn1.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +ssl_asn1.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +ssl_asn1.o: ../include/openssl/sha.h ../include/openssl/ssl.h +ssl_asn1.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +ssl_asn1.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +ssl_asn1.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +ssl_asn1.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h ssl_cert.o: ../include/openssl/asn1.h ../include/openssl/bio.h ssl_cert.o: ../include/openssl/blowfish.h ../include/openssl/bn.h ssl_cert.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -595,23 +635,23 @@ ssl_cert.o: ../include/openssl/dh.h ../include/openssl/dsa.h ssl_cert.o: ../include/openssl/e_os.h ../include/openssl/e_os.h ssl_cert.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h ssl_cert.o: ../include/openssl/err.h ../include/openssl/evp.h -ssl_cert.o: ../include/openssl/idea.h ../include/openssl/lhash.h -ssl_cert.o: ../include/openssl/md2.h ../include/openssl/md4.h -ssl_cert.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -ssl_cert.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -ssl_cert.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -ssl_cert.o: ../include/openssl/pem.h ../include/openssl/pem2.h -ssl_cert.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -ssl_cert.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -ssl_cert.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -ssl_cert.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -ssl_cert.o: ../include/openssl/safestack.h ../include/openssl/sha.h -ssl_cert.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -ssl_cert.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -ssl_cert.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -ssl_cert.o: ../include/openssl/tls1.h ../include/openssl/x509.h -ssl_cert.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h -ssl_cert.o: ssl_locl.h +ssl_cert.o: ../include/openssl/idea.h ../include/openssl/kssl.h +ssl_cert.o: ../include/openssl/lhash.h ../include/openssl/md2.h +ssl_cert.o: ../include/openssl/md4.h ../include/openssl/md5.h +ssl_cert.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +ssl_cert.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +ssl_cert.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +ssl_cert.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +ssl_cert.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +ssl_cert.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +ssl_cert.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +ssl_cert.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +ssl_cert.o: ../include/openssl/sha.h ../include/openssl/ssl.h +ssl_cert.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +ssl_cert.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +ssl_cert.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +ssl_cert.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +ssl_cert.o: ../include/openssl/x509v3.h ssl_locl.h ssl_ciph.o: ../include/openssl/asn1.h ../include/openssl/bio.h ssl_ciph.o: ../include/openssl/blowfish.h ../include/openssl/bn.h ssl_ciph.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -620,21 +660,22 @@ ssl_ciph.o: ../include/openssl/des.h ../include/openssl/dh.h ssl_ciph.o: ../include/openssl/dsa.h ../include/openssl/e_os.h ssl_ciph.o: ../include/openssl/e_os2.h ../include/openssl/err.h ssl_ciph.o: ../include/openssl/evp.h ../include/openssl/idea.h -ssl_ciph.o: ../include/openssl/lhash.h ../include/openssl/md2.h -ssl_ciph.o: ../include/openssl/md4.h ../include/openssl/md5.h -ssl_ciph.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -ssl_ciph.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -ssl_ciph.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -ssl_ciph.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -ssl_ciph.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -ssl_ciph.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -ssl_ciph.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -ssl_ciph.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -ssl_ciph.o: ../include/openssl/sha.h ../include/openssl/ssl.h -ssl_ciph.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -ssl_ciph.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -ssl_ciph.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -ssl_ciph.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +ssl_ciph.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +ssl_ciph.o: ../include/openssl/md2.h ../include/openssl/md4.h +ssl_ciph.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +ssl_ciph.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +ssl_ciph.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +ssl_ciph.o: ../include/openssl/pem.h ../include/openssl/pem2.h +ssl_ciph.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +ssl_ciph.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +ssl_ciph.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +ssl_ciph.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +ssl_ciph.o: ../include/openssl/safestack.h ../include/openssl/sha.h +ssl_ciph.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +ssl_ciph.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +ssl_ciph.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +ssl_ciph.o: ../include/openssl/tls1.h ../include/openssl/x509.h +ssl_ciph.o: ../include/openssl/x509_vfy.h ssl_locl.h ssl_err.o: ../include/openssl/asn1.h ../include/openssl/bio.h ssl_err.o: ../include/openssl/blowfish.h ../include/openssl/bn.h ssl_err.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -642,22 +683,22 @@ ssl_err.o: ../include/openssl/comp.h ../include/openssl/crypto.h ssl_err.o: ../include/openssl/des.h ../include/openssl/dh.h ssl_err.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h ssl_err.o: ../include/openssl/err.h ../include/openssl/evp.h -ssl_err.o: ../include/openssl/idea.h ../include/openssl/lhash.h -ssl_err.o: ../include/openssl/md2.h ../include/openssl/md4.h -ssl_err.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -ssl_err.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -ssl_err.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -ssl_err.o: ../include/openssl/pem.h ../include/openssl/pem2.h -ssl_err.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -ssl_err.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -ssl_err.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -ssl_err.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -ssl_err.o: ../include/openssl/safestack.h ../include/openssl/sha.h -ssl_err.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -ssl_err.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -ssl_err.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -ssl_err.o: ../include/openssl/tls1.h ../include/openssl/x509.h -ssl_err.o: ../include/openssl/x509_vfy.h +ssl_err.o: ../include/openssl/idea.h ../include/openssl/kssl.h +ssl_err.o: ../include/openssl/lhash.h ../include/openssl/md2.h +ssl_err.o: ../include/openssl/md4.h ../include/openssl/md5.h +ssl_err.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +ssl_err.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +ssl_err.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +ssl_err.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +ssl_err.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +ssl_err.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +ssl_err.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +ssl_err.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +ssl_err.o: ../include/openssl/sha.h ../include/openssl/ssl.h +ssl_err.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +ssl_err.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +ssl_err.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +ssl_err.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_err2.o: ../include/openssl/asn1.h ../include/openssl/bio.h ssl_err2.o: ../include/openssl/blowfish.h ../include/openssl/bn.h ssl_err2.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -665,22 +706,22 @@ ssl_err2.o: ../include/openssl/comp.h ../include/openssl/crypto.h ssl_err2.o: ../include/openssl/des.h ../include/openssl/dh.h ssl_err2.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h ssl_err2.o: ../include/openssl/err.h ../include/openssl/evp.h -ssl_err2.o: ../include/openssl/idea.h ../include/openssl/lhash.h -ssl_err2.o: ../include/openssl/md2.h ../include/openssl/md4.h -ssl_err2.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -ssl_err2.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -ssl_err2.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -ssl_err2.o: ../include/openssl/pem.h ../include/openssl/pem2.h -ssl_err2.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -ssl_err2.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -ssl_err2.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -ssl_err2.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -ssl_err2.o: ../include/openssl/safestack.h ../include/openssl/sha.h -ssl_err2.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -ssl_err2.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -ssl_err2.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -ssl_err2.o: ../include/openssl/tls1.h ../include/openssl/x509.h -ssl_err2.o: ../include/openssl/x509_vfy.h +ssl_err2.o: ../include/openssl/idea.h ../include/openssl/kssl.h +ssl_err2.o: ../include/openssl/lhash.h ../include/openssl/md2.h +ssl_err2.o: ../include/openssl/md4.h ../include/openssl/md5.h +ssl_err2.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +ssl_err2.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +ssl_err2.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +ssl_err2.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +ssl_err2.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +ssl_err2.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +ssl_err2.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +ssl_err2.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +ssl_err2.o: ../include/openssl/sha.h ../include/openssl/ssl.h +ssl_err2.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +ssl_err2.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +ssl_err2.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +ssl_err2.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_lib.o: ../include/openssl/asn1.h ../include/openssl/bio.h ssl_lib.o: ../include/openssl/blowfish.h ../include/openssl/bn.h ssl_lib.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -690,22 +731,22 @@ ssl_lib.o: ../include/openssl/dh.h ../include/openssl/dsa.h ssl_lib.o: ../include/openssl/e_os.h ../include/openssl/e_os.h ssl_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h ssl_lib.o: ../include/openssl/evp.h ../include/openssl/idea.h -ssl_lib.o: ../include/openssl/lhash.h ../include/openssl/md2.h -ssl_lib.o: ../include/openssl/md4.h ../include/openssl/md5.h -ssl_lib.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -ssl_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -ssl_lib.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -ssl_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -ssl_lib.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -ssl_lib.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -ssl_lib.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -ssl_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -ssl_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h -ssl_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -ssl_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -ssl_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -ssl_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -ssl_lib.o: ../include/openssl/x509v3.h ssl_locl.h +ssl_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +ssl_lib.o: ../include/openssl/md2.h ../include/openssl/md4.h +ssl_lib.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +ssl_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +ssl_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +ssl_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h +ssl_lib.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +ssl_lib.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +ssl_lib.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +ssl_lib.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +ssl_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h +ssl_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +ssl_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +ssl_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +ssl_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h +ssl_lib.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h ssl_locl.h ssl_rsa.o: ../include/openssl/asn1.h ../include/openssl/bio.h ssl_rsa.o: ../include/openssl/blowfish.h ../include/openssl/bn.h ssl_rsa.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -714,21 +755,22 @@ ssl_rsa.o: ../include/openssl/des.h ../include/openssl/dh.h ssl_rsa.o: ../include/openssl/dsa.h ../include/openssl/e_os.h ssl_rsa.o: ../include/openssl/e_os2.h ../include/openssl/err.h ssl_rsa.o: ../include/openssl/evp.h ../include/openssl/idea.h -ssl_rsa.o: ../include/openssl/lhash.h ../include/openssl/md2.h -ssl_rsa.o: ../include/openssl/md4.h ../include/openssl/md5.h -ssl_rsa.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -ssl_rsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -ssl_rsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -ssl_rsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -ssl_rsa.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -ssl_rsa.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -ssl_rsa.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -ssl_rsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -ssl_rsa.o: ../include/openssl/sha.h ../include/openssl/ssl.h -ssl_rsa.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -ssl_rsa.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -ssl_rsa.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -ssl_rsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +ssl_rsa.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +ssl_rsa.o: ../include/openssl/md2.h ../include/openssl/md4.h +ssl_rsa.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +ssl_rsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +ssl_rsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +ssl_rsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h +ssl_rsa.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +ssl_rsa.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +ssl_rsa.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +ssl_rsa.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +ssl_rsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h +ssl_rsa.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +ssl_rsa.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +ssl_rsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +ssl_rsa.o: ../include/openssl/tls1.h ../include/openssl/x509.h +ssl_rsa.o: ../include/openssl/x509_vfy.h ssl_locl.h ssl_sess.o: ../include/openssl/asn1.h ../include/openssl/bio.h ssl_sess.o: ../include/openssl/blowfish.h ../include/openssl/bn.h ssl_sess.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -737,22 +779,22 @@ ssl_sess.o: ../include/openssl/des.h ../include/openssl/dh.h ssl_sess.o: ../include/openssl/dsa.h ../include/openssl/e_os.h ssl_sess.o: ../include/openssl/e_os2.h ../include/openssl/err.h ssl_sess.o: ../include/openssl/evp.h ../include/openssl/idea.h -ssl_sess.o: ../include/openssl/lhash.h ../include/openssl/md2.h -ssl_sess.o: ../include/openssl/md4.h ../include/openssl/md5.h -ssl_sess.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -ssl_sess.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -ssl_sess.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -ssl_sess.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -ssl_sess.o: ../include/openssl/rand.h ../include/openssl/rc2.h -ssl_sess.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -ssl_sess.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -ssl_sess.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -ssl_sess.o: ../include/openssl/safestack.h ../include/openssl/sha.h -ssl_sess.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -ssl_sess.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -ssl_sess.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -ssl_sess.o: ../include/openssl/tls1.h ../include/openssl/x509.h -ssl_sess.o: ../include/openssl/x509_vfy.h ssl_locl.h +ssl_sess.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +ssl_sess.o: ../include/openssl/md2.h ../include/openssl/md4.h +ssl_sess.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +ssl_sess.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +ssl_sess.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +ssl_sess.o: ../include/openssl/pem.h ../include/openssl/pem2.h +ssl_sess.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +ssl_sess.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +ssl_sess.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +ssl_sess.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +ssl_sess.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +ssl_sess.o: ../include/openssl/sha.h ../include/openssl/ssl.h +ssl_sess.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +ssl_sess.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +ssl_sess.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +ssl_sess.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h ssl_stat.o: ../include/openssl/asn1.h ../include/openssl/bio.h ssl_stat.o: ../include/openssl/blowfish.h ../include/openssl/bn.h ssl_stat.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -761,21 +803,22 @@ ssl_stat.o: ../include/openssl/des.h ../include/openssl/dh.h ssl_stat.o: ../include/openssl/dsa.h ../include/openssl/e_os.h ssl_stat.o: ../include/openssl/e_os2.h ../include/openssl/err.h ssl_stat.o: ../include/openssl/evp.h ../include/openssl/idea.h -ssl_stat.o: ../include/openssl/lhash.h ../include/openssl/md2.h -ssl_stat.o: ../include/openssl/md4.h ../include/openssl/md5.h -ssl_stat.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -ssl_stat.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -ssl_stat.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -ssl_stat.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -ssl_stat.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -ssl_stat.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -ssl_stat.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -ssl_stat.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -ssl_stat.o: ../include/openssl/sha.h ../include/openssl/ssl.h -ssl_stat.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -ssl_stat.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -ssl_stat.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -ssl_stat.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +ssl_stat.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +ssl_stat.o: ../include/openssl/md2.h ../include/openssl/md4.h +ssl_stat.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +ssl_stat.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +ssl_stat.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +ssl_stat.o: ../include/openssl/pem.h ../include/openssl/pem2.h +ssl_stat.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +ssl_stat.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +ssl_stat.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +ssl_stat.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +ssl_stat.o: ../include/openssl/safestack.h ../include/openssl/sha.h +ssl_stat.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +ssl_stat.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +ssl_stat.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +ssl_stat.o: ../include/openssl/tls1.h ../include/openssl/x509.h +ssl_stat.o: ../include/openssl/x509_vfy.h ssl_locl.h ssl_txt.o: ../include/openssl/asn1.h ../include/openssl/bio.h ssl_txt.o: ../include/openssl/blowfish.h ../include/openssl/bn.h ssl_txt.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -784,21 +827,22 @@ ssl_txt.o: ../include/openssl/des.h ../include/openssl/dh.h ssl_txt.o: ../include/openssl/dsa.h ../include/openssl/e_os.h ssl_txt.o: ../include/openssl/e_os2.h ../include/openssl/err.h ssl_txt.o: ../include/openssl/evp.h ../include/openssl/idea.h -ssl_txt.o: ../include/openssl/lhash.h ../include/openssl/md2.h -ssl_txt.o: ../include/openssl/md4.h ../include/openssl/md5.h -ssl_txt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -ssl_txt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -ssl_txt.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -ssl_txt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -ssl_txt.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -ssl_txt.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -ssl_txt.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -ssl_txt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -ssl_txt.o: ../include/openssl/sha.h ../include/openssl/ssl.h -ssl_txt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -ssl_txt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -ssl_txt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -ssl_txt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +ssl_txt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +ssl_txt.o: ../include/openssl/md2.h ../include/openssl/md4.h +ssl_txt.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +ssl_txt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +ssl_txt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +ssl_txt.o: ../include/openssl/pem.h ../include/openssl/pem2.h +ssl_txt.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +ssl_txt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +ssl_txt.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +ssl_txt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +ssl_txt.o: ../include/openssl/safestack.h ../include/openssl/sha.h +ssl_txt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +ssl_txt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +ssl_txt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +ssl_txt.o: ../include/openssl/tls1.h ../include/openssl/x509.h +ssl_txt.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_clnt.o: ../include/openssl/asn1.h ../include/openssl/bio.h t1_clnt.o: ../include/openssl/blowfish.h ../include/openssl/bn.h t1_clnt.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -807,22 +851,22 @@ t1_clnt.o: ../include/openssl/des.h ../include/openssl/dh.h t1_clnt.o: ../include/openssl/dsa.h ../include/openssl/e_os.h t1_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h t1_clnt.o: ../include/openssl/evp.h ../include/openssl/idea.h -t1_clnt.o: ../include/openssl/lhash.h ../include/openssl/md2.h -t1_clnt.o: ../include/openssl/md4.h ../include/openssl/md5.h -t1_clnt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -t1_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -t1_clnt.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -t1_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -t1_clnt.o: ../include/openssl/rand.h ../include/openssl/rc2.h -t1_clnt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -t1_clnt.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -t1_clnt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -t1_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h -t1_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -t1_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -t1_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -t1_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h -t1_clnt.o: ../include/openssl/x509_vfy.h ssl_locl.h +t1_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +t1_clnt.o: ../include/openssl/md2.h ../include/openssl/md4.h +t1_clnt.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +t1_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +t1_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +t1_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h +t1_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +t1_clnt.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +t1_clnt.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +t1_clnt.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +t1_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +t1_clnt.o: ../include/openssl/sha.h ../include/openssl/ssl.h +t1_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +t1_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +t1_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +t1_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h t1_enc.o: ../include/openssl/asn1.h ../include/openssl/bio.h t1_enc.o: ../include/openssl/blowfish.h ../include/openssl/bn.h t1_enc.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -831,22 +875,22 @@ t1_enc.o: ../include/openssl/des.h ../include/openssl/dh.h t1_enc.o: ../include/openssl/dsa.h ../include/openssl/e_os.h t1_enc.o: ../include/openssl/e_os2.h ../include/openssl/err.h t1_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h -t1_enc.o: ../include/openssl/idea.h ../include/openssl/lhash.h -t1_enc.o: ../include/openssl/md2.h ../include/openssl/md4.h -t1_enc.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -t1_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -t1_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -t1_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h -t1_enc.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -t1_enc.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -t1_enc.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -t1_enc.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -t1_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h -t1_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -t1_enc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -t1_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -t1_enc.o: ../include/openssl/tls1.h ../include/openssl/x509.h -t1_enc.o: ../include/openssl/x509_vfy.h ssl_locl.h +t1_enc.o: ../include/openssl/idea.h ../include/openssl/kssl.h +t1_enc.o: ../include/openssl/lhash.h ../include/openssl/md2.h +t1_enc.o: ../include/openssl/md4.h ../include/openssl/md5.h +t1_enc.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +t1_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +t1_enc.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +t1_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +t1_enc.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +t1_enc.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +t1_enc.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +t1_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +t1_enc.o: ../include/openssl/sha.h ../include/openssl/ssl.h +t1_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +t1_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +t1_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +t1_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h t1_lib.o: ../include/openssl/asn1.h ../include/openssl/bio.h t1_lib.o: ../include/openssl/blowfish.h ../include/openssl/bn.h t1_lib.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -855,21 +899,22 @@ t1_lib.o: ../include/openssl/des.h ../include/openssl/dh.h t1_lib.o: ../include/openssl/dsa.h ../include/openssl/e_os.h t1_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h t1_lib.o: ../include/openssl/evp.h ../include/openssl/idea.h -t1_lib.o: ../include/openssl/lhash.h ../include/openssl/md2.h -t1_lib.o: ../include/openssl/md4.h ../include/openssl/md5.h -t1_lib.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -t1_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -t1_lib.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -t1_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -t1_lib.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -t1_lib.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -t1_lib.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -t1_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -t1_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h -t1_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -t1_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -t1_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -t1_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +t1_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +t1_lib.o: ../include/openssl/md2.h ../include/openssl/md4.h +t1_lib.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +t1_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +t1_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +t1_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h +t1_lib.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +t1_lib.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +t1_lib.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +t1_lib.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +t1_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h +t1_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +t1_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +t1_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +t1_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h +t1_lib.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_meth.o: ../include/openssl/asn1.h ../include/openssl/bio.h t1_meth.o: ../include/openssl/blowfish.h ../include/openssl/bn.h t1_meth.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -878,21 +923,22 @@ t1_meth.o: ../include/openssl/des.h ../include/openssl/dh.h t1_meth.o: ../include/openssl/dsa.h ../include/openssl/e_os.h t1_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h t1_meth.o: ../include/openssl/evp.h ../include/openssl/idea.h -t1_meth.o: ../include/openssl/lhash.h ../include/openssl/md2.h -t1_meth.o: ../include/openssl/md4.h ../include/openssl/md5.h -t1_meth.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -t1_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -t1_meth.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -t1_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -t1_meth.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -t1_meth.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -t1_meth.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -t1_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -t1_meth.o: ../include/openssl/sha.h ../include/openssl/ssl.h -t1_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -t1_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -t1_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -t1_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +t1_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +t1_meth.o: ../include/openssl/md2.h ../include/openssl/md4.h +t1_meth.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +t1_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +t1_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +t1_meth.o: ../include/openssl/pem.h ../include/openssl/pem2.h +t1_meth.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +t1_meth.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +t1_meth.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +t1_meth.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +t1_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h +t1_meth.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +t1_meth.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +t1_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +t1_meth.o: ../include/openssl/tls1.h ../include/openssl/x509.h +t1_meth.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_srvr.o: ../include/openssl/asn1.h ../include/openssl/bio.h t1_srvr.o: ../include/openssl/blowfish.h ../include/openssl/bn.h t1_srvr.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -901,19 +947,19 @@ t1_srvr.o: ../include/openssl/des.h ../include/openssl/dh.h t1_srvr.o: ../include/openssl/dsa.h ../include/openssl/e_os.h t1_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h t1_srvr.o: ../include/openssl/evp.h ../include/openssl/idea.h -t1_srvr.o: ../include/openssl/lhash.h ../include/openssl/md2.h -t1_srvr.o: ../include/openssl/md4.h ../include/openssl/md5.h -t1_srvr.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -t1_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -t1_srvr.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -t1_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -t1_srvr.o: ../include/openssl/rand.h ../include/openssl/rc2.h -t1_srvr.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -t1_srvr.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -t1_srvr.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -t1_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h -t1_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -t1_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -t1_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -t1_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h -t1_srvr.o: ../include/openssl/x509_vfy.h ssl_locl.h +t1_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +t1_srvr.o: ../include/openssl/md2.h ../include/openssl/md4.h +t1_srvr.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +t1_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +t1_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +t1_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h +t1_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +t1_srvr.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +t1_srvr.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +t1_srvr.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +t1_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +t1_srvr.o: ../include/openssl/sha.h ../include/openssl/ssl.h +t1_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +t1_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +t1_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +t1_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h diff --git a/ssl/s2_clnt.c b/ssl/s2_clnt.c index 47dd09c286..28d6d65296 100644 --- a/ssl/s2_clnt.c +++ b/ssl/s2_clnt.c @@ -921,6 +921,7 @@ int ssl2_set_certificate(SSL *s, int type, int len, unsigned char *data) goto err; } ERR_clear_error(); /* but we keep s->verify_result */ + s->session->verify_result = s->verify_result; /* server's cert for this session */ sc=ssl_sess_cert_new(); diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c index 129ed89d97..a6f4db36c0 100644 --- a/ssl/s2_lib.c +++ b/ssl/s2_lib.c @@ -260,6 +260,9 @@ SSL_CIPHER *ssl2_get_cipher(unsigned int u) int ssl2_pending(SSL *s) { + /* Unlike ssl2_pending, this one probably works (if read-ahead + * is disabled), but it should be examined + * XXX */ return(s->s2->ract_data_length); } diff --git a/ssl/s2_pkt.c b/ssl/s2_pkt.c index 56662f29fa..0b48ea2894 100644 --- a/ssl/s2_pkt.c +++ b/ssl/s2_pkt.c @@ -68,6 +68,10 @@ static int write_pending(SSL *s, const unsigned char *buf, unsigned int len); static int ssl_mt_error(int n); int ssl2_peek(SSL *s, char *buf, int len) { +#if 1 + SSLerr(SSL_F_SSL2_PEEK, SSL_R_FIXME); /* function is totally broken */ + return -1; +#else int ret; ret=ssl2_read(s,buf,len); @@ -77,6 +81,7 @@ int ssl2_peek(SSL *s, char *buf, int len) s->s2->ract_data-=ret; } return(ret); +#endif } /* SSL_read - diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 62040f9f1d..3b3c35b9d3 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -65,6 +65,10 @@ #include <openssl/evp.h> #include "ssl_locl.h" +#ifndef NO_KRB5 +#include "kssl.h" +#endif + static SSL_METHOD *ssl3_get_client_method(int ver); static int ssl3_client_hello(SSL *s); static int ssl3_get_server_hello(SSL *s); @@ -687,6 +691,7 @@ static int ssl3_get_server_certificate(SSL *s) STACK_OF(X509) *sk=NULL; SESS_CERT *sc; EVP_PKEY *pkey=NULL; + int need_cert = 1; /* VRS: 0=> will allow null cert if auth == KRB5 */ n=ssl3_get_message(s, SSL3_ST_CR_CERT_A, @@ -782,10 +787,23 @@ static int ssl3_get_server_certificate(SSL *s) * certificate, which we don't include in s3_srvr.c */ x=sk_X509_value(sk,0); sk=NULL; + /* VRS 19990621: possible memory leak; sk=null ==> !sk_pop_free() @end */ pkey=X509_get_pubkey(x); - if ((pkey == NULL) || EVP_PKEY_missing_parameters(pkey)) + /* VRS: allow null cert if auth == KRB5 */ + need_cert = + ((s->s3->tmp.new_cipher->algorithms & (SSL_MKEY_MASK|SSL_AUTH_MASK)) + == (SSL_aKRB5|SSL_kKRB5))? 0: 1; + +#ifdef KSSL_DEBUG + printf("pkey,x = %p, %p\n", pkey,x); + printf("ssl_cert_type(x,pkey) = %d\n", ssl_cert_type(x,pkey)); + printf("cipher, alg, nc = %s, %lx, %d\n", s->s3->tmp.new_cipher->name, + s->s3->tmp.new_cipher->algorithms, need_cert); +#endif /* KSSL_DEBUG */ + + if (need_cert && ((pkey == NULL) || EVP_PKEY_missing_parameters(pkey))) { x=NULL; al=SSL3_AL_FATAL; @@ -794,7 +812,7 @@ static int ssl3_get_server_certificate(SSL *s) } i=ssl_cert_type(x,pkey); - if (i < 0) + if (need_cert && i < 0) { x=NULL; al=SSL3_AL_FATAL; @@ -802,19 +820,32 @@ static int ssl3_get_server_certificate(SSL *s) goto f_err; } - sc->peer_cert_type=i; - CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509); - if (sc->peer_pkeys[i].x509 != NULL) /* Why would this ever happen? - * We just created sc a couple of - * lines ago. */ - X509_free(sc->peer_pkeys[i].x509); - sc->peer_pkeys[i].x509=x; - sc->peer_key= &(sc->peer_pkeys[i]); - - if (s->session->peer != NULL) - X509_free(s->session->peer); - CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509); - s->session->peer=x; + if (need_cert) + { + sc->peer_cert_type=i; + CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509); + /* Why would the following ever happen? + * We just created sc a couple of lines ago. */ + if (sc->peer_pkeys[i].x509 != NULL) + X509_free(sc->peer_pkeys[i].x509); + sc->peer_pkeys[i].x509=x; + sc->peer_key= &(sc->peer_pkeys[i]); + + if (s->session->peer != NULL) + X509_free(s->session->peer); + CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509); + s->session->peer=x; + } + else + { + sc->peer_cert_type=i; + sc->peer_key= NULL; + + if (s->session->peer != NULL) + X509_free(s->session->peer); + s->session->peer=NULL; + } + s->session->verify_result = s->verify_result; x=NULL; ret=1; @@ -1321,6 +1352,9 @@ static int ssl3_send_client_key_exchange(SSL *s) unsigned char *q; EVP_PKEY *pkey=NULL; #endif +#ifndef NO_KRB5 + KSSL_ERR kssl_err; +#endif /* NO_KRB5 */ if (s->state == SSL3_ST_CW_KEY_EXCH_A) { @@ -1329,8 +1363,10 @@ static int ssl3_send_client_key_exchange(SSL *s) l=s->s3->tmp.new_cipher->algorithms; + /* Fool emacs indentation */ + if (0) {} #ifndef NO_RSA - if (l & SSL_kRSA) + else if (l & SSL_kRSA) { RSA *rsa; unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH]; @@ -1387,10 +1423,75 @@ static int ssl3_send_client_key_exchange(SSL *s) tmp_buf,SSL_MAX_MASTER_KEY_LENGTH); memset(tmp_buf,0,SSL_MAX_MASTER_KEY_LENGTH); } - else +#endif +#ifndef NO_KRB5 + else if (l & SSL_kKRB5) + { + krb5_error_code krb5rc; + KSSL_CTX *kssl_ctx = s->kssl_ctx; + krb5_data krb5_ap_req; + +#ifdef KSSL_DEBUG + printf("ssl3_send_client_key_exchange(%lx & %lx)\n", + l, SSL_kKRB5); +#endif /* KSSL_DEBUG */ + + /* + ** Tried to send random tmp_buf[] as PMS in Kerberos ticket + ** by passing krb5_mk_req_extended(ctx,authctx,opts, tmp_buf, ...) + ** but: I can't retrieve the PMS on the other side! There is + ** some indication in the krb5 source that this is only used + ** to generate a checksum. OTOH, the Tung book shows data + ** ("GET widget01.txt") being passed in krb5_mk_req_extended() + ** by way of krb5_sendauth(). I don't get it. + ** Until Kerberos goes 3DES, the big PMS secret would only be + ** encrypted in 1-DES anyway. So losing the PMS shouldn't be + ** a big deal. + */ + krb5rc = kssl_cget_tkt(kssl_ctx, &krb5_ap_req, + &kssl_err); +#ifdef KSSL_DEBUG + { + printf("kssl_cget_tkt rtn %d\n", krb5rc); + kssl_ctx_show(kssl_ctx); + if (krb5rc && kssl_err.text) + printf("kssl_cget_tkt kssl_err=%s\n", kssl_err.text); + } +#endif /* KSSL_DEBUG */ + + if (krb5rc) + { + ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE); + SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, kssl_err.reason); + goto err; + } + + /* Send ticket (copy to *p, set n = length) + */ + n = krb5_ap_req.length; + memcpy(p, krb5_ap_req.data, krb5_ap_req.length); + if (krb5_ap_req.data) + kssl_krb5_free_data_contents(NULL,&krb5_ap_req); + + /* 19991013 VRS - 3DES is kind of bogus here, + ** at least until Kerberos supports 3DES. The only + ** real secret is the 8-byte Kerberos session key; + ** the other key material ((s->) client_random, server_random) + ** could be sniffed. Mixing in these nonces should help + ** protect against replay attacks, however. + ** + ** Alternate code for Kerberos Purists: + ** + ** memcpy(s->session->master_key, kssl_ctx->key, kssl_ctx->length); + ** s->session->master_key_length = kssl_ctx->length; + */ + s->session->master_key_length= + s->method->ssl3_enc->generate_master_secret(s, + s->session->master_key, kssl_ctx->key,kssl_ctx->length); + } #endif #ifndef NO_DH - if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) + else if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) { DH *dh_srvr,*dh_clnt; @@ -1444,8 +1545,8 @@ static int ssl3_send_client_key_exchange(SSL *s) /* perhaps clean things up a bit EAY EAY EAY EAY*/ } - else #endif + else { ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE); SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR); @@ -1640,7 +1741,7 @@ static int ssl3_check_cert_and_algorithm(SSL *s) algs=s->s3->tmp.new_cipher->algorithms; /* we don't have a certificate */ - if (algs & (SSL_aDH|SSL_aNULL)) + if (algs & (SSL_aDH|SSL_aNULL|SSL_aKRB5)) return(1); #ifndef NO_RSA diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index cee2021b6b..f8df4ee226 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -473,6 +473,95 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_ALL_STRENGTHS, }, +#ifndef NO_KRB5 +/* The Kerberos ciphers +** 20000107 VRS: And the first shall be last, +** in hopes of avoiding the lynx ssl renegotiation problem. +*/ +/* Cipher 21 VRS */ + { + 1, + SSL3_TXT_KRB5_DES_40_CBC_SHA, + SSL3_CK_KRB5_DES_40_CBC_SHA, + SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_SHA1 |SSL_SSLV3, + SSL_EXPORT|SSL_EXP40, + 0, + 40, + 56, + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, + +/* Cipher 22 VRS */ + { + 1, + SSL3_TXT_KRB5_DES_40_CBC_MD5, + SSL3_CK_KRB5_DES_40_CBC_MD5, + SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_MD5 |SSL_SSLV3, + SSL_EXPORT|SSL_EXP40, + 0, + 40, + 56, + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, + +/* Cipher 23 VRS */ + { + 1, + SSL3_TXT_KRB5_DES_64_CBC_SHA, + SSL3_CK_KRB5_DES_64_CBC_SHA, + SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_SHA1 |SSL_SSLV3, + SSL_NOT_EXP|SSL_LOW, + 0, + 56, + 56, + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, + +/* Cipher 24 VRS */ + { + 1, + SSL3_TXT_KRB5_DES_64_CBC_MD5, + SSL3_CK_KRB5_DES_64_CBC_MD5, + SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_MD5 |SSL_SSLV3, + SSL_NOT_EXP|SSL_LOW, + 0, + 56, + 56, + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, + +/* Cipher 25 VRS */ + { + 1, + SSL3_TXT_KRB5_DES_192_CBC3_SHA, + SSL3_CK_KRB5_DES_192_CBC3_SHA, + SSL_kKRB5|SSL_aKRB5| SSL_3DES|SSL_SHA1 |SSL_SSLV3, + SSL_NOT_EXP|SSL_HIGH, + 0, + 112, + 168, + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, + +/* Cipher 26 VRS */ + { + 1, + SSL3_TXT_KRB5_DES_192_CBC3_MD5, + SSL3_CK_KRB5_DES_192_CBC3_MD5, + SSL_kKRB5|SSL_aKRB5| SSL_3DES|SSL_MD5 |SSL_SSLV3, + SSL_NOT_EXP|SSL_HIGH, + 0, + 112, + 168, + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, +#endif /* NO_KRB5 */ #if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES /* New TLS Export CipherSuites */ /* Cipher 60 */ @@ -638,10 +727,10 @@ SSL_CIPHER *ssl3_get_cipher(unsigned int u) return(NULL); } -/* The problem is that it may not be the correct record type */ int ssl3_pending(SSL *s) { - return(s->s3->rrec.length); + /* The problem is that it may not be the correct record type */ + return(s->s3->rrec.length); /* FIXME */ } int ssl3_new(SSL *s) @@ -1076,10 +1165,10 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *have, sk_SSL_CIPHER_set_cmp_func(pref,ssl_cipher_ptr_id_cmp); #ifdef CIPHER_DEBUG - printf("Have:\n"); - for(i=0 ; i < sk_num(pref) ; ++i) + printf("Have %d from %p:\n", sk_SSL_CIPHER_num(pref), pref); + for(i=0 ; i < sk_SSL_CIPHER_num(pref) ; ++i) { - c=(SSL_CIPHER *)sk_value(pref,i); + c=sk_SSL_CIPHER_value(pref,i); printf("%p:%s\n",c,c->name); } #endif @@ -1092,6 +1181,10 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *have, mask=cert->mask; emask=cert->export_mask; +#ifdef KSSL_DEBUG + printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms); +#endif /* KSSL_DEBUG */ + alg=c->algorithms&(SSL_MKEY_MASK|SSL_AUTH_MASK); if (SSL_C_IS_EXPORT(c)) { @@ -1280,6 +1373,10 @@ int ssl3_read(SSL *s, void *buf, int len) int ssl3_peek(SSL *s, char *buf, int len) { +#if 1 + SSLerr(SSL_F_SSL3_PEEK, SSL_R_FIXME); /* function is totally broken */ + return -1; +#else SSL3_RECORD *rr; int n; @@ -1298,6 +1395,7 @@ int ssl3_peek(SSL *s, char *buf, int len) n=len; memcpy(buf,&(rr->data[rr->off]),(unsigned int)n); return(n); +#endif } int ssl3_renegotiate(SSL *s) diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index bb8cfb31e5..4704dfb598 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -70,6 +70,10 @@ #include <openssl/x509.h> #include "ssl_locl.h" +#ifndef NO_KRB5 +#include "kssl.h" +#endif /* NO_KRB5 */ + static SSL_METHOD *ssl3_get_server_method(int ver); static int ssl3_get_client_hello(SSL *s); static int ssl3_check_client_hello(SSL *s); @@ -262,7 +266,11 @@ int ssl3_accept(SSL *s) /* clear this, it may get reset by * send_server_key_exchange */ - if (s->options & SSL_OP_EPHEMERAL_RSA) + if ((s->options & SSL_OP_EPHEMERAL_RSA) +#ifndef NO_KRB5 + && !(l & SSL_KRB5) +#endif /* NO_KRB5 */ + ) s->s3->tmp.use_rsa_tmp=1; else s->s3->tmp.use_rsa_tmp=0; @@ -1257,12 +1265,15 @@ static int ssl3_get_client_key_exchange(SSL *s) BIGNUM *pub=NULL; DH *dh_srvr; #endif +#ifndef NO_KRB5 + KSSL_ERR kssl_err; +#endif /* NO_KRB5 */ n=ssl3_get_message(s, SSL3_ST_SR_KEY_EXCH_A, SSL3_ST_SR_KEY_EXCH_B, SSL3_MT_CLIENT_KEY_EXCHANGE, - 400, /* ???? */ + 2048, /* ??? */ &ok); if (!ok) return((int)n); @@ -1417,6 +1428,53 @@ static int ssl3_get_client_key_exchange(SSL *s) } else #endif +#ifndef NO_KRB5 + if (l & SSL_kKRB5) + { + krb5_error_code krb5rc; + KSSL_CTX *kssl_ctx = s->kssl_ctx; + + if (!kssl_ctx) kssl_ctx = kssl_ctx_new(); + if ((krb5rc = kssl_sget_tkt(kssl_ctx, + s->init_buf->data, s->init_buf->length, + &kssl_err)) != 0) + { +#ifdef KSSL_DEBUG + printf("kssl_sget_tkt rtn %d [%d]\n", + krb5rc, kssl_err.reason); + if (kssl_err.text) + printf("kssl_err text= %s\n", kssl_err.text); +#endif /* KSSL_DEBUG */ + SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, + kssl_err.reason); + goto err; + } + +#ifdef KSSL_DEBUG + kssl_ctx_show(kssl_ctx); +#endif /* KSSL_DEBUG */ + + /* 19991013 VRS - 3DES is kind of bogus here, + ** at least until Kerberos supports 3DES. The only + ** real secret is the 8-byte Kerberos session key; + ** the other key material (client_random, server_random) + ** could be sniffed. Nonces may help against replays though. + ** + ** Alternate code for Kerberos Purists: + ** + ** memcpy(s->session->master_key, kssl_ctx->key, kssl_ctx->length); + ** s->session->master_key_length = kssl_ctx->length; + */ + s->session->master_key_length= + s->method->ssl3_enc->generate_master_secret(s, + s->session->master_key, kssl_ctx->key, kssl_ctx->length); + /* Was doing kssl_ctx_free() here, but it caused problems for apache. + ** kssl_ctx = kssl_ctx_free(kssl_ctx); + ** if (s->kssl_ctx) s->kssl_ctx = NULL; + */ + } + else +#endif /* NO_KRB5 */ { al=SSL_AD_HANDSHAKE_FAILURE; SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_UNKNOWN_CIPHER_TYPE); @@ -1737,7 +1795,11 @@ int ssl3_send_server_certificate(SSL *s) if (s->state == SSL3_ST_SW_CERT_A) { x=ssl_get_server_send_cert(s); - if (x == NULL) + if (x == NULL && + /* VRS: allow null cert if auth == KRB5 */ + (s->s3->tmp.new_cipher->algorithms + & (SSL_MKEY_MASK|SSL_AUTH_MASK)) + != (SSL_aKRB5|SSL_kKRB5)) { SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,SSL_R_INTERNAL_ERROR); return(0); diff --git a/ssl/ssl-lib.com b/ssl/ssl-lib.com index 0a8581898c..05c458d191 100644 --- a/ssl/ssl-lib.com +++ b/ssl/ssl-lib.com @@ -647,6 +647,7 @@ $ ENDIF $! $! Check To See If P2 Is Blank. $! +$ p2 = "NORSAREF" $ IF (P2.EQS."NORSAREF") $ THEN $! @@ -68,6 +68,9 @@ #ifndef NO_X509 #include <openssl/x509.h> #endif +#ifndef NO_KRB5 +#include <openssl/kssl.h> +#endif #include <openssl/safestack.h> #ifdef __cplusplus @@ -92,6 +95,15 @@ extern "C" { #define SSL_TXT_DES_192_EDE3_CBC_WITH_MD5 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5 #define SSL_TXT_DES_192_EDE3_CBC_WITH_SHA SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA +/* VRS Additional Kerberos5 entries + */ +#define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA +#define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5 +#define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA +#define SSL_TXT_KRB5_DES_64_CBC_MD5 SSL3_TXT_KRB5_DES_64_CBC_MD5 +#define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA +#define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5 + #define SSL_MAX_SSL_SESSION_ID_LENGTH 32 #define SSL_MAX_SID_CTX_LENGTH 32 @@ -112,6 +124,10 @@ extern "C" { #define SSL_TXT_eNULL "eNULL" #define SSL_TXT_NULL "NULL" +#define SSL_TXT_kKRB5 "kKRB5" +#define SSL_TXT_aKRB5 "aKRB5" +#define SSL_TXT_KRB5 "KRB5" + #define SSL_TXT_kRSA "kRSA" #define SSL_TXT_kDHr "kDHr" #define SSL_TXT_kDHd "kDHd" @@ -655,6 +671,10 @@ struct ssl_st int error; /* error bytes to be written */ int error_code; /* actual code */ +#ifndef NO_KRB5 + KSSL_CTX *kssl_ctx; /* Kerberos 5 context */ +#endif /* NO_KRB5 */ + SSL_CTX *ctx; /* set this flag to 1 and a sleep(1) is put into all SSL_read() * and SSL_write() calls, good for nbio debuging :-) */ @@ -1239,6 +1259,7 @@ int SSL_COMP_add_compression_method(int id,char *cm); #define SSL_F_SSL2_ACCEPT 122 #define SSL_F_SSL2_CONNECT 123 #define SSL_F_SSL2_ENC_INIT 124 +#define SSL_F_SSL2_PEEK 234 #define SSL_F_SSL2_READ 125 #define SSL_F_SSL2_SET_CERTIFICATE 126 #define SSL_F_SSL2_WRITE 127 @@ -1264,6 +1285,7 @@ int SSL_COMP_add_compression_method(int id,char *cm); #define SSL_F_SSL3_GET_SERVER_DONE 145 #define SSL_F_SSL3_GET_SERVER_HELLO 146 #define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147 +#define SSL_F_SSL3_PEEK 235 #define SSL_F_SSL3_READ_BYTES 148 #define SSL_F_SSL3_READ_N 149 #define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST 150 @@ -1406,6 +1428,7 @@ int SSL_COMP_add_compression_method(int id,char *cm); #define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151 #define SSL_R_EXCESSIVE_MESSAGE_SIZE 152 #define SSL_R_EXTRA_DATA_IN_MESSAGE 153 +#define SSL_R_FIXME 1101 #define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154 #define SSL_R_HTTPS_PROXY_REQUEST 155 #define SSL_R_HTTP_REQUEST 156 @@ -1414,6 +1437,13 @@ int SSL_COMP_add_compression_method(int id,char *cm); #define SSL_R_INVALID_COMMAND 280 #define SSL_R_INVALID_PURPOSE 278 #define SSL_R_INVALID_TRUST 279 +#define SSL_R_KRB5_C_CC_PRINC 1094 +#define SSL_R_KRB5_C_GET_CRED 1095 +#define SSL_R_KRB5_C_INIT 1096 +#define SSL_R_KRB5_C_MK_REQ 1097 +#define SSL_R_KRB5_S_BAD_TICKET 1098 +#define SSL_R_KRB5_S_INIT 1099 +#define SSL_R_KRB5_S_RD_REQ 1100 #define SSL_R_LENGTH_MISMATCH 159 #define SSL_R_LENGTH_TOO_SHORT 160 #define SSL_R_LIBRARY_BUG 274 diff --git a/ssl/ssl3.h b/ssl/ssl3.h index 7ee1feaa67..4d62ba52b9 100644 --- a/ssl/ssl3.h +++ b/ssl/ssl3.h @@ -105,6 +105,22 @@ extern "C" { #define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D #define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E +/* VRS Additional Kerberos5 entries + */ +#define SSL3_CK_KRB5_DES_40_CBC_SHA 0x03000021 +#define SSL3_CK_KRB5_DES_40_CBC_MD5 0x03000022 +#define SSL3_CK_KRB5_DES_64_CBC_SHA 0x03000023 +#define SSL3_CK_KRB5_DES_64_CBC_MD5 0x03000024 +#define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x03000025 +#define SSL3_CK_KRB5_DES_192_CBC3_MD5 0x03000026 + +#define SSL3_TXT_KRB5_DES_40_CBC_SHA "EXP-KRB5-DES-CBC-SHA" +#define SSL3_TXT_KRB5_DES_40_CBC_MD5 "EXP-KRB5-DES-CBC-MD5" +#define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA" +#define SSL3_TXT_KRB5_DES_64_CBC_MD5 "KRB5-DES-CBC-MD5" +#define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA" +#define SSL3_TXT_KRB5_DES_192_CBC3_MD5 "KRB5-DES-CBC3-MD5" + #define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5" #define SSL3_TXT_RSA_NULL_SHA "NULL-SHA" #define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5" diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index c26df62c20..130bb79068 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -131,6 +131,7 @@ int SSL_get_ex_data_X509_STORE_CTX_idx(void) { static int ssl_x509_store_ctx_idx= -1; + /* FIXME: should do locking */ if (ssl_x509_store_ctx_idx < 0) { ssl_x509_store_ctx_idx=X509_STORE_CTX_get_ex_new_index( @@ -271,7 +272,9 @@ CERT *ssl_cert_dup(CERT *cert) return(ret); +#ifndef NO_DH /* avoid 'unreferenced label' warning if NO_DH is defined */ err: +#endif #ifndef NO_RSA if (ret->rsa_tmp != NULL) RSA_free(ret->rsa_tmp); diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index f63163f26c..a196d5e574 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -100,6 +100,7 @@ typedef struct cipher_order_st static const SSL_CIPHER cipher_aliases[]={ /* Don't include eNULL unless specifically enabled */ {0,SSL_TXT_ALL, 0,SSL_ALL & ~SSL_eNULL, SSL_ALL ,0,0,0,SSL_ALL,SSL_ALL}, /* must be first */ + {0,SSL_TXT_kKRB5,0,SSL_kKRB5,0,0,0,0,SSL_MKEY_MASK,0}, /* VRS Kerberos5 */ {0,SSL_TXT_kRSA,0,SSL_kRSA, 0,0,0,0,SSL_MKEY_MASK,0}, {0,SSL_TXT_kDHr,0,SSL_kDHr, 0,0,0,0,SSL_MKEY_MASK,0}, {0,SSL_TXT_kDHd,0,SSL_kDHd, 0,0,0,0,SSL_MKEY_MASK,0}, @@ -108,6 +109,7 @@ static const SSL_CIPHER cipher_aliases[]={ {0,SSL_TXT_DH, 0,SSL_DH, 0,0,0,0,SSL_MKEY_MASK,0}, {0,SSL_TXT_EDH, 0,SSL_EDH, 0,0,0,0,SSL_MKEY_MASK|SSL_AUTH_MASK,0}, + {0,SSL_TXT_aKRB5,0,SSL_aKRB5,0,0,0,0,SSL_AUTH_MASK,0}, /* VRS Kerberos5 */ {0,SSL_TXT_aRSA,0,SSL_aRSA, 0,0,0,0,SSL_AUTH_MASK,0}, {0,SSL_TXT_aDSS,0,SSL_aDSS, 0,0,0,0,SSL_AUTH_MASK,0}, {0,SSL_TXT_aFZA,0,SSL_aFZA, 0,0,0,0,SSL_AUTH_MASK,0}, @@ -128,6 +130,7 @@ static const SSL_CIPHER cipher_aliases[]={ {0,SSL_TXT_SHA, 0,SSL_SHA, 0,0,0,0,SSL_MAC_MASK,0}, {0,SSL_TXT_NULL,0,SSL_NULL, 0,0,0,0,SSL_ENC_MASK,0}, + {0,SSL_TXT_KRB5,0,SSL_KRB5, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0}, {0,SSL_TXT_RSA, 0,SSL_RSA, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0}, {0,SSL_TXT_ADH, 0,SSL_ADH, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0}, {0,SSL_TXT_FZA, 0,SSL_FZA, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK|SSL_ENC_MASK,0}, @@ -291,6 +294,9 @@ static unsigned long ssl_cipher_get_disabled(void) #ifdef NO_DH mask |= SSL_kDHr|SSL_kDHd|SSL_kEDH|SSL_aDH; #endif +#ifdef NO_KRB5 + mask |= SSL_kKRB5|SSL_aKRB5; +#endif #ifdef SSL_FORBID_ENULL mask |= SSL_eNULL; @@ -336,6 +342,9 @@ static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, list[list_num].prev = NULL; list[list_num].active = 0; list_num++; +#ifdef KSSL_DEBUG + printf("\t%d: %s %lx %lx\n",i,c->name,c->id,c->algorithms); +#endif /* KSSL_DEBUG */ /* if (!sk_push(ca_list,(char *)c)) goto err; */ @@ -738,6 +747,9 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, * it is used for allocation. */ num_of_ciphers = ssl_method->num_ciphers(); +#ifdef KSSL_DEBUG + printf("ssl_create_cipher_list() for %d ciphers\n", num_of_ciphers); +#endif /* KSSL_DEBUG */ list = (CIPHER_ORDER *)OPENSSL_malloc(sizeof(CIPHER_ORDER) * num_of_ciphers); if (list == NULL) { @@ -872,8 +884,12 @@ char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len) char *ver,*exp; char *kx,*au,*enc,*mac; unsigned long alg,alg2,alg_s; +#ifdef KSSL_DEBUG + static char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx\n"; +#else static char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n"; - +#endif /* KSSL_DEBUG */ + alg=cipher->algorithms; alg_s=cipher->algo_strength; alg2=cipher->algorithm2; @@ -901,6 +917,10 @@ char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len) case SSL_kDHd: kx="DH/DSS"; break; + case SSL_kKRB5: /* VRS */ + case SSL_KRB5: /* VRS */ + kx="KRB5"; + break; case SSL_kFZA: kx="Fortezza"; break; @@ -922,6 +942,10 @@ char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len) case SSL_aDH: au="DH"; break; + case SSL_aKRB5: /* VRS */ + case SSL_KRB5: /* VRS */ + au="KRB5"; + break; case SSL_aFZA: case SSL_aNULL: au="None"; @@ -982,7 +1006,11 @@ char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len) else if (len < 128) return("Buffer too small"); +#ifdef KSSL_DEBUG + BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp,alg); +#else BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp); +#endif /* KSSL_DEBUG */ return(buf); } @@ -1053,6 +1081,10 @@ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm) SSL_COMP *comp; STACK_OF(SSL_COMP) *sk; + if (cm == NULL || cm->type == NID_undef) + return 1; + + MemCheck_off(); comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP)); comp->id=id; comp->method=cm; @@ -1062,10 +1094,13 @@ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm) sk=ssl_comp_methods; if ((sk == NULL) || !sk_SSL_COMP_push(sk,comp)) { + MemCheck_on(); SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,ERR_R_MALLOC_FAILURE); return(0); } else + { + MemCheck_on(); return(1); + } } - diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index 17b4caf528..91e9ab825e 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -91,6 +91,7 @@ static ERR_STRING_DATA SSL_str_functs[]= {ERR_PACK(0,SSL_F_SSL2_ACCEPT,0), "SSL2_ACCEPT"}, {ERR_PACK(0,SSL_F_SSL2_CONNECT,0), "SSL2_CONNECT"}, {ERR_PACK(0,SSL_F_SSL2_ENC_INIT,0), "SSL2_ENC_INIT"}, +{ERR_PACK(0,SSL_F_SSL2_PEEK,0), "SSL2_PEEK"}, {ERR_PACK(0,SSL_F_SSL2_READ,0), "SSL2_READ"}, {ERR_PACK(0,SSL_F_SSL2_SET_CERTIFICATE,0), "SSL2_SET_CERTIFICATE"}, {ERR_PACK(0,SSL_F_SSL2_WRITE,0), "SSL2_WRITE"}, @@ -116,6 +117,7 @@ static ERR_STRING_DATA SSL_str_functs[]= {ERR_PACK(0,SSL_F_SSL3_GET_SERVER_DONE,0), "SSL3_GET_SERVER_DONE"}, {ERR_PACK(0,SSL_F_SSL3_GET_SERVER_HELLO,0), "SSL3_GET_SERVER_HELLO"}, {ERR_PACK(0,SSL_F_SSL3_OUTPUT_CERT_CHAIN,0), "SSL3_OUTPUT_CERT_CHAIN"}, +{ERR_PACK(0,SSL_F_SSL3_PEEK,0), "SSL3_PEEK"}, {ERR_PACK(0,SSL_F_SSL3_READ_BYTES,0), "SSL3_READ_BYTES"}, {ERR_PACK(0,SSL_F_SSL3_READ_N,0), "SSL3_READ_N"}, {ERR_PACK(0,SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,0), "SSL3_SEND_CERTIFICATE_REQUEST"}, @@ -261,6 +263,7 @@ static ERR_STRING_DATA SSL_str_reasons[]= {SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST ,"error in received cipher list"}, {SSL_R_EXCESSIVE_MESSAGE_SIZE ,"excessive message size"}, {SSL_R_EXTRA_DATA_IN_MESSAGE ,"extra data in message"}, +{SSL_R_FIXME ,"FIXME"}, {SSL_R_GOT_A_FIN_BEFORE_A_CCS ,"got a fin before a ccs"}, {SSL_R_HTTPS_PROXY_REQUEST ,"https proxy request"}, {SSL_R_HTTP_REQUEST ,"http request"}, @@ -269,6 +272,13 @@ static ERR_STRING_DATA SSL_str_reasons[]= {SSL_R_INVALID_COMMAND ,"invalid command"}, {SSL_R_INVALID_PURPOSE ,"invalid purpose"}, {SSL_R_INVALID_TRUST ,"invalid trust"}, +{SSL_R_KRB5_C_CC_PRINC ,"krb5 c cc princ"}, +{SSL_R_KRB5_C_GET_CRED ,"krb5 c get cred"}, +{SSL_R_KRB5_C_INIT ,"krb5 c init"}, +{SSL_R_KRB5_C_MK_REQ ,"krb5 c mk req"}, +{SSL_R_KRB5_S_BAD_TICKET ,"krb5 s bad ticket"}, +{SSL_R_KRB5_S_INIT ,"krb5 s init"}, +{SSL_R_KRB5_S_RD_REQ ,"krb5 s rd req"}, {SSL_R_LENGTH_MISMATCH ,"length mismatch"}, {SSL_R_LENGTH_TOO_SHORT ,"length too short"}, {SSL_R_LIBRARY_BUG ,"library bug"}, diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index ed2b820984..685fc5560a 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -191,6 +191,10 @@ SSL *SSL_new(SSL_CTX *ctx) if (s == NULL) goto err; memset(s,0,sizeof(SSL)); +#ifndef NO_KRB5 + s->kssl_ctx = kssl_ctx_new(); +#endif /* NO_KRB5 */ + if (ctx->cert != NULL) { /* Earlier library versions used to copy the pointer to @@ -576,6 +580,13 @@ int SSL_get_read_ahead(SSL *s) int SSL_pending(SSL *s) { + /* SSL_pending cannot work properly if read-ahead is enabled + * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)), + * and it is impossible to fix since SSL_pending cannot report + * errors that may be observed while scanning the new data. + * (Note that SSL_pending() is often used as a boolean value, + * so we'd better not return -1.) + */ return(s->method->ssl_pending(s)); } @@ -1090,6 +1101,9 @@ int SSL_SESSION_cmp(SSL_SESSION *a,SSL_SESSION *b) return(memcmp(a->session_id,b->session_id,a->session_id_length)); } +static IMPLEMENT_LHASH_HASH_FN(SSL_SESSION_hash, SSL_SESSION *) +static IMPLEMENT_LHASH_COMP_FN(SSL_SESSION_cmp, SSL_SESSION *) + SSL_CTX *SSL_CTX_new(SSL_METHOD *meth) { SSL_CTX *ret=NULL; @@ -1153,7 +1167,8 @@ SSL_CTX *SSL_CTX_new(SSL_METHOD *meth) ret->default_passwd_callback_userdata=NULL; ret->client_cert_cb=NULL; - ret->sessions=lh_new(SSL_SESSION_hash,SSL_SESSION_cmp); + ret->sessions=lh_new(LHASH_HASH_FN(SSL_SESSION_hash), + LHASH_COMP_FN(SSL_SESSION_cmp)); if (ret->sessions == NULL) goto err; ret->cert_store=X509_STORE_new(); if (ret->cert_store == NULL) goto err; @@ -1200,8 +1215,10 @@ err2: return(NULL); } +#if 0 static void SSL_COMP_free(SSL_COMP *comp) { OPENSSL_free(comp); } +#endif void SSL_CTX_free(SSL_CTX *a) { @@ -1240,8 +1257,12 @@ void SSL_CTX_free(SSL_CTX *a) sk_X509_NAME_pop_free(a->client_CA,X509_NAME_free); if (a->extra_certs != NULL) sk_X509_pop_free(a->extra_certs,X509_free); +#if 0 /* This should never be done, since it removes a global database */ if (a->comp_methods != NULL) sk_SSL_COMP_pop_free(a->comp_methods,SSL_COMP_free); +#else + a->comp_methods = NULL; +#endif OPENSSL_free(a); } @@ -1372,6 +1393,11 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher) mask|=SSL_aNULL; emask|=SSL_aNULL; +#ifndef NO_KRB5 + mask|=SSL_kKRB5|SSL_aKRB5; + emask|=SSL_kKRB5|SSL_aKRB5; +#endif + c->mask=mask; c->export_mask=emask; c->valid=1; @@ -1404,6 +1430,11 @@ X509 *ssl_get_server_send_cert(SSL *s) else i=SSL_PKEY_RSA_ENC; } + else if (kalg & SSL_aKRB5) + { + /* VRS something else here? */ + return(NULL); + } else /* if (kalg & SSL_aNULL) */ { SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,SSL_R_INTERNAL_ERROR); diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index d70fff4627..e56bbf9c3a 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -168,48 +168,51 @@ * that the different entities within are mutually exclusive: * ONLY ONE BIT PER MASK CAN BE SET AT A TIME. */ -#define SSL_MKEY_MASK 0x0000001FL +#define SSL_MKEY_MASK 0x0000003FL #define SSL_kRSA 0x00000001L /* RSA key exchange */ #define SSL_kDHr 0x00000002L /* DH cert RSA CA cert */ #define SSL_kDHd 0x00000004L /* DH cert DSA CA cert */ #define SSL_kFZA 0x00000008L #define SSL_kEDH 0x00000010L /* tmp DH key no DH cert */ +#define SSL_kKRB5 0x00000020L /* Kerberos5 key exchange */ #define SSL_EDH (SSL_kEDH|(SSL_AUTH_MASK^SSL_aNULL)) -#define SSL_AUTH_MASK 0x000003e0L -#define SSL_aRSA 0x00000020L /* Authenticate with RSA */ -#define SSL_aDSS 0x00000040L /* Authenticate with DSS */ +#define SSL_AUTH_MASK 0x00000FC0L +#define SSL_aRSA 0x00000040L /* Authenticate with RSA */ +#define SSL_aDSS 0x00000080L /* Authenticate with DSS */ #define SSL_DSS SSL_aDSS -#define SSL_aFZA 0x00000080L -#define SSL_aNULL 0x00000100L /* no Authenticate, ADH */ -#define SSL_aDH 0x00000200L /* no Authenticate, ADH */ +#define SSL_aFZA 0x00000100L +#define SSL_aNULL 0x00000200L /* no Authenticate, ADH */ +#define SSL_aDH 0x00000400L /* no Authenticate, ADH */ +#define SSL_aKRB5 0x00000800L /* Authenticate with KRB5 */ #define SSL_NULL (SSL_eNULL) #define SSL_ADH (SSL_kEDH|SSL_aNULL) #define SSL_RSA (SSL_kRSA|SSL_aRSA) #define SSL_DH (SSL_kDHr|SSL_kDHd|SSL_kEDH) #define SSL_FZA (SSL_aFZA|SSL_kFZA|SSL_eFZA) - -#define SSL_ENC_MASK 0x0001Fc00L -#define SSL_DES 0x00000400L -#define SSL_3DES 0x00000800L -#define SSL_RC4 0x00001000L -#define SSL_RC2 0x00002000L -#define SSL_IDEA 0x00004000L -#define SSL_eFZA 0x00008000L -#define SSL_eNULL 0x00010000L - -#define SSL_MAC_MASK 0x00060000L -#define SSL_MD5 0x00020000L -#define SSL_SHA1 0x00040000L +#define SSL_KRB5 (SSL_kKRB5|SSL_aKRB5) + +#define SSL_ENC_MASK 0x0007F000L +#define SSL_DES 0x00001000L +#define SSL_3DES 0x00002000L +#define SSL_RC4 0x00004000L +#define SSL_RC2 0x00008000L +#define SSL_IDEA 0x00010000L +#define SSL_eFZA 0x00020000L +#define SSL_eNULL 0x00040000L + +#define SSL_MAC_MASK 0x00180000L +#define SSL_MD5 0x00080000L +#define SSL_SHA1 0x00100000L #define SSL_SHA (SSL_SHA1) -#define SSL_SSL_MASK 0x00180000L -#define SSL_SSLV2 0x00080000L -#define SSL_SSLV3 0x00100000L +#define SSL_SSL_MASK 0x00600000L +#define SSL_SSLV2 0x00200000L +#define SSL_SSLV3 0x00400000L #define SSL_TLSV1 SSL_SSLV3 /* for now */ -/* we have used 001fffff - 11 bits left to go */ +/* we have used 007fffff - 9 bits left to go */ /* * Export and cipher strength information. For each cipher we have to decide diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c index 6ec7a5cdb1..34a4d27dbe 100644 --- a/ssl/ssl_rsa.c +++ b/ssl/ssl_rsa.c @@ -303,7 +303,7 @@ end: int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len) { int ret; - unsigned char *p; + const unsigned char *p; RSA *rsa; p=d; @@ -641,7 +641,7 @@ end: int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len) { int ret; - unsigned char *p; + const unsigned char *p; RSA *rsa; p=d; diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 416def8908..830f1d9b0f 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -508,6 +508,7 @@ int SSL_set_session(SSL *s, SSL_SESSION *session) if (s->session != NULL) SSL_SESSION_free(s->session); s->session=session; + s->verify_result = s->session->verify_result; /* CRYPTO_w_unlock(CRYPTO_LOCK_SSL);*/ ret=1; } @@ -605,7 +606,7 @@ void SSL_CTX_flush_sessions(SSL_CTX *s, long t) CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); i=tp.cache->down_load; tp.cache->down_load=0; - lh_doall_arg(tp.cache,(void (*)())timeout,&tp); + lh_doall_arg(tp.cache, (LHASH_DOALL_ARG_FN_TYPE)timeout, &tp); tp.cache->down_load=i; CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); } diff --git a/ssl/ssltest.c b/ssl/ssltest.c index 4763f2a6d7..77ac362c81 100644 --- a/ssl/ssltest.c +++ b/ssl/ssltest.c @@ -74,6 +74,7 @@ #include <openssl/err.h> #include <openssl/rand.h> #ifdef WINDOWS +#include <winsock.h> #include "../crypto/bio/bss_file.c" #endif @@ -85,6 +86,11 @@ # define TEST_CLIENT_CERT "../apps/client.pem" #endif +/* There is really no standard for this, so let's assign some tentative + numbers. In any case, these numbers are only for this test */ +#define COMP_RLE 1 +#define COMP_ZLIB 2 + static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx); #ifndef NO_RSA static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export,int keylength); @@ -148,6 +154,8 @@ static void sv_usage(void) fprintf(stderr," -bio_pair - Use BIO pairs\n"); fprintf(stderr," -f - Test even cases that can't work\n"); fprintf(stderr," -time - measure processor time used by client and server\n"); + fprintf(stderr," -zlib - use zlib compression\n"); + fprintf(stderr," -time - use rle compression\n"); } static void print_details(SSL *c_ssl, const char *prefix) @@ -220,6 +228,8 @@ int main(int argc, char *argv[]) int no_dhe = 0; int print_time = 0; clock_t s_time = 0, c_time = 0; + int comp = 0; + COMP_METHOD *cm = NULL; verbose = 0; debug = 0; @@ -333,6 +343,14 @@ int main(int argc, char *argv[]) { print_time = 1; } + else if (strcmp(*argv,"-zlib") == 0) + { + comp = COMP_ZLIB; + } + else if (strcmp(*argv,"-rle") == 0) + { + comp = COMP_RLE; + } else { fprintf(stderr,"unknown option %s\n",*argv); @@ -374,6 +392,23 @@ bad: SSL_library_init(); SSL_load_error_strings(); + if (comp == COMP_ZLIB) cm = COMP_zlib(); + if (comp == COMP_RLE) cm = COMP_rle(); + if (cm != NULL) + { + if (cm->type != NID_undef) + SSL_COMP_add_compression_method(comp, cm); + else + { + fprintf(stderr, + "Warning: %s compression not supported\n", + (comp == COMP_RLE ? "rle" : + (comp == COMP_ZLIB ? "zlib" : + "unknown"))); + ERR_print_errors_fp(stderr); + } + } + #if !defined(NO_SSL2) && !defined(NO_SSL3) if (ssl2) meth=SSLv2_method(); @@ -483,6 +518,19 @@ bad: c_ssl=SSL_new(c_ctx); s_ssl=SSL_new(s_ctx); +#ifndef NO_KRB5 + if (c_ssl && c_ssl->kssl_ctx) + { + char localhost[257]; + + if (gethostname(localhost, 256) == 0) + { + kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER, + localhost); + } + } +#endif /* NO_KRB5 */ + for (i=0; i<number; i++) { if (!reuse) SSL_set_session(c_ssl,NULL); diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 0d34357eb4..ae33bda78f 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -148,6 +148,17 @@ static void tls1_generate_key_block(SSL *s, unsigned char *km, tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(p-buf), s->session->master_key,s->session->master_key_length, km,tmp,num); +#ifdef KSSL_DEBUG + printf("tls1_generate_key_block() ==> %d byte master_key =\n\t", + s->session->master_key_length); + { + int i; + for (i=0; i < s->session->master_key_length; i++) + { + printf("%02X", s->session->master_key[i]); + } + printf("\n"); } +#endif /* KSSL_DEBUG */ } int tls1_change_cipher_state(SSL *s, int which) @@ -174,6 +185,21 @@ int tls1_change_cipher_state(SSL *s, int which) comp=s->s3->tmp.new_compression; key_block=s->s3->tmp.key_block; +#ifdef KSSL_DEBUG + printf("tls1_change_cipher_state(which= %d) w/\n", which); + printf("\talg= %ld, comp= %p\n", s->s3->tmp.new_cipher->algorithms, + comp); + printf("\tevp_cipher == %p ==? &d_cbc_ede_cipher3\n", c); + printf("\tevp_cipher: nid, blksz= %d, %d, keylen=%d, ivlen=%d\n", + c->nid,c->block_size,c->key_len,c->iv_len); + printf("\tkey_block: len= %d, data= ", s->s3->tmp.key_block_length); + { + int i; + for (i=0; i<s->s3->tmp.key_block_length; i++) + printf("%02x", key_block[i]); printf("\n"); + } +#endif /* KSSL_DEBUG */ + if (which & SSL3_CC_READ) { if ((s->enc_read_ctx == NULL) && @@ -309,6 +335,16 @@ printf("which = %04X\nmac key=",which); } s->session->key_arg_length=0; +#ifdef KSSL_DEBUG + { + int i; + printf("EVP_CipherInit(dd,c,key=,iv=,which)\n"); + printf("\tkey= "); for (i=0; i<c->key_len; i++) printf("%02x", key[i]); + printf("\n"); + printf("\t iv= "); for (i=0; i<c->iv_len; i++) printf("%02x", iv[i]); + printf("\n"); + } +#endif /* KSSL_DEBUG */ EVP_CipherInit(dd,c,key,iv,(which & SSL3_CC_WRITE)); #ifdef TLS_DEBUG @@ -338,6 +374,10 @@ int tls1_setup_key_block(SSL *s) int num; SSL_COMP *comp; +#ifdef KSSL_DEBUG + printf ("tls1_setup_key_block()\n"); +#endif /* KSSL_DEBUG */ + if (s->s3->tmp.key_block_length != 0) return(1); @@ -417,6 +457,10 @@ int tls1_enc(SSL *s, int send) enc=EVP_CIPHER_CTX_cipher(s->enc_read_ctx); } +#ifdef KSSL_DEBUG + printf("tls1_enc(%d)\n", send); +#endif /* KSSL_DEBUG */ + if ((s->session == NULL) || (ds == NULL) || (enc == NULL)) { @@ -447,8 +491,35 @@ int tls1_enc(SSL *s, int send) rec->length+=i; } +#ifdef KSSL_DEBUG + { + unsigned long i; + printf("EVP_Cipher(ds=%p,rec->data=%p,rec->input=%p,l=%ld) ==>\n", + ds,rec->data,rec->input,l); + printf("\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%d %d], %d iv_len\n", + ds->buf_len, ds->cipher->key_len, + DES_KEY_SZ, DES_SCHEDULE_SZ, + ds->cipher->iv_len); + printf("\t\tIV: "); + for (i=0; i<ds->cipher->iv_len; i++) printf("%02X", ds->iv[i]); + printf("\n"); + printf("\trec->input="); + for (i=0; i<l; i++) printf(" %02x", rec->input[i]); + printf("\n"); + } +#endif /* KSSL_DEBUG */ + EVP_Cipher(ds,rec->data,rec->input,l); +#ifdef KSSL_DEBUG + { + unsigned long i; + printf("\trec->data="); + for (i=0; i<l; i++) + printf(" %02x", rec->data[i]); printf("\n"); + } +#endif /* KSSL_DEBUG */ + if ((bs != 1) && !send) { ii=i=rec->data[l-1]; @@ -586,6 +657,10 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, unsigned char buf[SSL3_RANDOM_SIZE*2+TLS_MD_MASTER_SECRET_CONST_SIZE]; unsigned char buff[SSL_MAX_MASTER_KEY_LENGTH]; +#ifdef KSSL_DEBUG + printf ("tls1_generate_master_secret(%p,%p, %p, %d)\n", s,out, p,len); +#endif /* KSSL_DEBUG */ + /* Setup the stuff to munge */ memcpy(buf,TLS_MD_MASTER_SECRET_CONST, TLS_MD_MASTER_SECRET_CONST_SIZE); @@ -596,6 +671,9 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, tls1_PRF(s->ctx->md5,s->ctx->sha1, buf,TLS_MD_MASTER_SECRET_CONST_SIZE+SSL3_RANDOM_SIZE*2,p,len, s->session->master_key,buff,SSL3_MASTER_SECRET_SIZE); +#ifdef KSSL_DEBUG + printf ("tls1_generate_master_secret() complete\n"); +#endif /* KSSL_DEBUG */ return(SSL3_MASTER_SECRET_SIZE); } diff --git a/test/Makefile.ssl b/test/Makefile.ssl index eea811dcb9..9eb48bc718 100644 --- a/test/Makefile.ssl +++ b/test/Makefile.ssl @@ -5,7 +5,7 @@ DIR= test TOP= .. CC= cc -INCLUDES= -I../include +INCLUDES= -I../include $(KRB5_INCLUDES) CFLAG= -g INSTALL_PREFIX= OPENSSLDIR= /usr/local/ssl @@ -55,6 +55,8 @@ SSLTEST= ssltest RSATEST= rsa_test ENGINETEST= enginetest +TESTS= alltests + EXE= $(BNTEST) $(IDEATEST) $(MD2TEST) $(MD4TEST) $(MD5TEST) $(HMACTEST) \ $(RC2TEST) $(RC4TEST) $(RC5TEST) \ $(DESTEST) $(SHATEST) $(SHA1TEST) $(MDC2TEST) $(RMDTEST) \ @@ -101,16 +103,18 @@ install: tags: ctags $(SRC) -tests: exe apps \ +tests: exe apps $(TESTS) + +apps: + @(cd ../apps; $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' all) + +alltests: \ test_des test_idea test_sha test_md4 test_md5 test_hmac \ test_md2 test_mdc2 \ - test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast \ + test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast test_rd \ test_rand test_bn test_enc test_x509 test_rsa test_crl test_sid \ test_gen test_req test_pkcs7 test_verify test_dh test_dsa \ - test_ss test_ca test_engine test_ssl test_rd - -apps: - @(cd ../apps; $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' all) + test_ss test_ca test_engine test_ssl test_des: ./$(DESTEST) @@ -324,7 +328,7 @@ $(METHTEST): $(METHTEST).o $(DLIBCRYPTO) $(CC) -o $(METHTEST) $(CFLAGS) $(METHTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) $(SSLTEST): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) - $(CC) -o $(SSLTEST) $(CFLAGS) $(SSLTEST).o $(PEX_LIBS) $(LIBSSL) $(LIBCRYPTO) $(EX_LIBS) + $(CC) -o $(SSLTEST) $(CFLAGS) $(SSLTEST).o $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) $(ENGINETEST): $(ENGINETEST).o $(DLIBCRYPTO) $(CC) -o $(ENGINETEST) $(CFLAGS) $(ENGINETEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) @@ -352,7 +356,7 @@ bntest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h bntest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h bntest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h bntest.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -bntest.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h +bntest.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h bntest.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h bntest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h bntest.o: ../include/openssl/sha.h ../include/openssl/stack.h @@ -386,7 +390,7 @@ enginetest.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h enginetest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h enginetest.o: ../include/openssl/opensslv.h ../include/openssl/rand.h enginetest.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -enginetest.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h +enginetest.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h enginetest.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h enginetest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h enginetest.o: ../include/openssl/sha.h ../include/openssl/stack.h @@ -409,7 +413,7 @@ hmactest.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h hmactest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h hmactest.o: ../include/openssl/opensslv.h ../include/openssl/rc2.h hmactest.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -hmactest.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +hmactest.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h hmactest.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h hmactest.o: ../include/openssl/safestack.h ../include/openssl/sha.h hmactest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -441,19 +445,19 @@ ssltest.o: ../include/openssl/des.h ../include/openssl/dh.h ssltest.o: ../include/openssl/dsa.h ../include/openssl/e_os.h ssltest.o: ../include/openssl/e_os2.h ../include/openssl/err.h ssltest.o: ../include/openssl/evp.h ../include/openssl/idea.h -ssltest.o: ../include/openssl/lhash.h ../include/openssl/md2.h -ssltest.o: ../include/openssl/md4.h ../include/openssl/md5.h -ssltest.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -ssltest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -ssltest.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -ssltest.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -ssltest.o: ../include/openssl/rand.h ../include/openssl/rc2.h -ssltest.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -ssltest.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -ssltest.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -ssltest.o: ../include/openssl/safestack.h ../include/openssl/sha.h -ssltest.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -ssltest.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -ssltest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -ssltest.o: ../include/openssl/tls1.h ../include/openssl/x509.h -ssltest.o: ../include/openssl/x509_vfy.h +ssltest.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +ssltest.o: ../include/openssl/md2.h ../include/openssl/md4.h +ssltest.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +ssltest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +ssltest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +ssltest.o: ../include/openssl/pem.h ../include/openssl/pem2.h +ssltest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +ssltest.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +ssltest.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +ssltest.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +ssltest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +ssltest.o: ../include/openssl/sha.h ../include/openssl/ssl.h +ssltest.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +ssltest.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +ssltest.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +ssltest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h diff --git a/test/maketests.com b/test/maketests.com index 3eba56eb1e..0f6d90fae8 100644 --- a/test/maketests.com +++ b/test/maketests.com @@ -514,6 +514,7 @@ $ CHECK_OPTIONS: $! $! Check To See If P1 Is Blank. $! +$ P1 = "NORSAREF" $ IF (P1.EQS."NORSAREF") $ THEN $! diff --git a/test/tests.com b/test/tests.com index 4d9e308a43..a7257d412a 100644 --- a/test/tests.com +++ b/test/tests.com @@ -225,6 +225,10 @@ $ write sys$output "Generate and certify a test certificate via the 'ca' pro $ @testca.com $ endif $ return +$ test_engine: +$ write sys$output "test Rijndael" +$ !mcr 'texe_dir''rdtest' +$ return $ $ $ exit: diff --git a/test/testssl b/test/testssl index 2151a6438c..3ca5c8010b 100644 --- a/test/testssl +++ b/test/testssl @@ -24,105 +24,111 @@ else CA="-CAfile $3" fi +if [ "$4" = "" ]; then + extra="" +else + extra="$4" +fi + ############################################################################# echo test sslv2 -$ssltest -ssl2 || exit 1 +$ssltest -ssl2 $extra || exit 1 echo test sslv2 with server authentication -$ssltest -ssl2 -server_auth $CA || exit 1 +$ssltest -ssl2 -server_auth $CA $extra || exit 1 if [ $dsa_cert = NO ]; then echo test sslv2 with client authentication - $ssltest -ssl2 -client_auth $CA || exit 1 + $ssltest -ssl2 -client_auth $CA $extra || exit 1 echo test sslv2 with both client and server authentication - $ssltest -ssl2 -server_auth -client_auth $CA || exit 1 + $ssltest -ssl2 -server_auth -client_auth $CA $extra || exit 1 fi echo test sslv3 -$ssltest -ssl3 || exit 1 +$ssltest -ssl3 $extra || exit 1 echo test sslv3 with server authentication -$ssltest -ssl3 -server_auth $CA || exit 1 +$ssltest -ssl3 -server_auth $CA $extra || exit 1 echo test sslv3 with client authentication -$ssltest -ssl3 -client_auth $CA || exit 1 +$ssltest -ssl3 -client_auth $CA $extra || exit 1 echo test sslv3 with both client and server authentication -$ssltest -ssl3 -server_auth -client_auth $CA || exit 1 +$ssltest -ssl3 -server_auth -client_auth $CA $extra || exit 1 echo test sslv2/sslv3 -$ssltest || exit 1 +$ssltest $extra || exit 1 echo test sslv2/sslv3 with server authentication -$ssltest -server_auth $CA || exit 1 +$ssltest -server_auth $CA $extra || exit 1 echo test sslv2/sslv3 with client authentication -$ssltest -client_auth $CA || exit 1 +$ssltest -client_auth $CA $extra || exit 1 echo test sslv2/sslv3 with both client and server authentication -$ssltest -server_auth -client_auth $CA || exit 1 +$ssltest -server_auth -client_auth $CA $extra || exit 1 echo test sslv2 via BIO pair -$ssltest -bio_pair -ssl2 || exit 1 +$ssltest -bio_pair -ssl2 $extra || exit 1 echo test sslv2 with server authentication via BIO pair -$ssltest -bio_pair -ssl2 -server_auth $CA || exit 1 +$ssltest -bio_pair -ssl2 -server_auth $CA $extra || exit 1 if [ $dsa_cert = NO ]; then echo test sslv2 with client authentication via BIO pair - $ssltest -bio_pair -ssl2 -client_auth $CA || exit 1 + $ssltest -bio_pair -ssl2 -client_auth $CA $extra || exit 1 echo test sslv2 with both client and server authentication via BIO pair - $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA || exit 1 + $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra || exit 1 fi echo test sslv3 via BIO pair -$ssltest -bio_pair -ssl3 || exit 1 +$ssltest -bio_pair -ssl3 $extra || exit 1 echo test sslv3 with server authentication via BIO pair -$ssltest -bio_pair -ssl3 -server_auth $CA || exit 1 +$ssltest -bio_pair -ssl3 -server_auth $CA $extra || exit 1 echo test sslv3 with client authentication via BIO pair -$ssltest -bio_pair -ssl3 -client_auth $CA || exit 1 +$ssltest -bio_pair -ssl3 -client_auth $CA $extra || exit 1 echo test sslv3 with both client and server authentication via BIO pair -$ssltest -bio_pair -ssl3 -server_auth -client_auth $CA || exit 1 +$ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1 echo test sslv2/sslv3 via BIO pair -$ssltest || exit 1 +$ssltest $extra || exit 1 if [ $dsa_cert = NO ]; then echo test sslv2/sslv3 w/o DHE via BIO pair - $ssltest -bio_pair -no_dhe || exit 1 + $ssltest -bio_pair -no_dhe $extra || exit 1 fi echo test sslv2/sslv3 with 1024bit DHE via BIO pair -$ssltest -bio_pair -dhe1024dsa -v || exit 1 +$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1 echo test sslv2/sslv3 with server authentication -$ssltest -bio_pair -server_auth $CA || exit 1 +$ssltest -bio_pair -server_auth $CA $extra || exit 1 echo test sslv2/sslv3 with client authentication via BIO pair -$ssltest -bio_pair -client_auth $CA || exit 1 +$ssltest -bio_pair -client_auth $CA $extra || exit 1 echo test sslv2/sslv3 with both client and server authentication via BIO pair -$ssltest -bio_pair -server_auth -client_auth $CA || exit 1 +$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1 ############################################################################# echo test tls1 with 1024bit anonymous DH, multiple handshakes -$ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time || exit 1 +$ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1 if ../apps/openssl no-rsa; then echo skipping RSA tests else echo test tls1 with 1024bit RSA, no DHE, multiple handshakes - ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time || exit 1 + ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time $extra || exit 1 echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes - ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time || exit 1 + ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1 fi exit 0 diff --git a/util/libeay.num b/util/libeay.num index a3b15bbeb8..020d6ba2e6 100755 --- a/util/libeay.num +++ b/util/libeay.num @@ -483,7 +483,7 @@ RSA_private_decrypt 490 EXIST::FUNCTION:RSA RSA_private_encrypt 491 EXIST::FUNCTION:RSA RSA_public_decrypt 492 EXIST::FUNCTION:RSA RSA_public_encrypt 493 EXIST::FUNCTION:RSA -RSA_set_default_method 494 EXIST::FUNCTION:RSA +RSA_set_default_method 494 NOEXIST::FUNCTION: RSA_sign 495 EXIST::FUNCTION:RSA RSA_sign_ASN1_OCTET_STRING 496 EXIST::FUNCTION:RSA RSA_size 497 EXIST::FUNCTION:RSA @@ -1457,7 +1457,7 @@ d2i_ASN1_SET_OF_ASN1_OBJECT 1844 NOEXIST::FUNCTION: PKCS7_signatureVerify 1845 EXIST::FUNCTION: RSA_set_method 1846 EXIST::FUNCTION:RSA RSA_get_method 1847 EXIST::FUNCTION:RSA -RSA_get_default_method 1848 EXIST::FUNCTION:RSA +RSA_get_default_method 1848 NOEXIST::FUNCTION: RSA_check_key 1869 EXIST::FUNCTION:RSA OBJ_obj2txt 1870 EXIST::FUNCTION: DSA_dup_DH 1871 EXIST::FUNCTION:DSA,DH @@ -1481,9 +1481,9 @@ DSA_new_method 1888 EXIST::FUNCTION:DSA DH_new_method 1889 EXIST::FUNCTION:DH DH_OpenSSL 1890 EXIST::FUNCTION:DH DSA_get_ex_new_index 1891 EXIST::FUNCTION:DSA -DH_get_default_method 1892 EXIST::FUNCTION:DH +DH_get_default_method 1892 NOEXIST::FUNCTION: DSA_set_ex_data 1893 EXIST::FUNCTION:DSA -DH_set_default_method 1894 EXIST::FUNCTION:DH +DH_set_default_method 1894 NOEXIST::FUNCTION: DSA_get_ex_data 1895 EXIST::FUNCTION:DSA X509V3_EXT_REQ_add_conf 1896 EXIST::FUNCTION: NETSCAPE_SPKI_print 1897 EXIST::FUNCTION: @@ -1519,7 +1519,7 @@ EVP_PKEY_get1_DSA 1935 EXIST::FUNCTION:DSA ASN1_BMPSTRING_new 1936 EXIST::FUNCTION: ASN1_mbstring_copy 1937 EXIST::FUNCTION: ASN1_UTF8STRING_new 1938 EXIST::FUNCTION: -DSA_get_default_method 1941 EXIST::FUNCTION:DSA +DSA_get_default_method 1941 NOEXIST::FUNCTION: i2d_ASN1_SET_OF_ACCESS_DESCRIPTION 1945 NOEXIST::FUNCTION: ASN1_T61STRING_free 1946 EXIST::FUNCTION: DSA_set_method 1949 EXIST::FUNCTION:DSA @@ -1554,7 +1554,7 @@ i2d_RSA_PUBKEY_bio 1985 EXIST::FUNCTION:RSA ASN1_BIT_STRING_num_asc 1986 EXIST::FUNCTION: i2d_PUBKEY 1987 EXIST::FUNCTION: ASN1_UTCTIME_free 1988 EXIST::FUNCTION: -DSA_set_default_method 1989 EXIST::FUNCTION:DSA +DSA_set_default_method 1989 NOEXIST::FUNCTION: X509_PURPOSE_get_by_id 1990 EXIST::FUNCTION: ACCESS_DESCRIPTION_free 1994 EXIST::FUNCTION: PEM_read_bio_PUBKEY 1995 EXIST::FUNCTION: @@ -1777,7 +1777,7 @@ NCONF_load_fp 2278 EXIST::FUNCTION:FP_API NCONF_new 2279 EXIST::FUNCTION: NCONF_get_string 2280 EXIST::FUNCTION: NCONF_free 2281 EXIST::FUNCTION: -NCONF_get_number 2282 EXIST::FUNCTION: +NCONF_get_number 2282 NOEXIST::FUNCTION: CONF_dump_fp 2283 EXIST::FUNCTION: NCONF_load_bio 2284 EXIST::FUNCTION: NCONF_dump_fp 2285 EXIST::FUNCTION: @@ -1795,7 +1795,7 @@ i2d_ASN1_SET_OF_PKCS7 2328 NOEXIST::FUNCTION: BIO_vfree 2334 EXIST::FUNCTION: d2i_ASN1_SET_OF_ASN1_INTEGER 2339 NOEXIST::FUNCTION: d2i_ASN1_SET_OF_PKCS12_SAFEBAG 2341 NOEXIST::FUNCTION: -ASN1_UTCTIME_get 2350 EXIST::FUNCTION: +ASN1_UTCTIME_get 2350 NOEXIST::FUNCTION: X509_REQ_digest 2362 EXIST::FUNCTION: X509_CRL_digest 2391 EXIST::FUNCTION: d2i_ASN1_SET_OF_PKCS7 2397 NOEXIST::FUNCTION: @@ -1872,7 +1872,7 @@ DSO_METHOD_vms 2462 EXIST::FUNCTION: BIO_f_linebuffer 2463 EXIST:VMS:FUNCTION: X509_print_ex 2464 EXIST::FUNCTION: X509_print_ex_fp 2465 EXIST::FUNCTION:FP_API -EVP_rijndael_ecb 2466 EXIST::FUNCTION: +EVP_rijndael_ecb 2466 EXIST::FUNCTION:RIJNDAEL NCONF_get_number_e 2467 EXIST::FUNCTION: ERR_load_ENGINE_strings 2468 EXIST::FUNCTION: ENGINE_set_DSA 2469 EXIST::FUNCTION: @@ -1937,3 +1937,134 @@ DH_set_default_openssl_method 2525 EXIST::FUNCTION:DH ENGINE_get_DSA 2526 EXIST::FUNCTION: ENGINE_get_ctrl_function 2527 EXIST::FUNCTION: ENGINE_set_ctrl_function 2528 EXIST::FUNCTION: +i2d_OCSP_CERTSTATUS 2529 EXIST::FUNCTION: +i2d_OCSP_REQINFO 2530 EXIST::FUNCTION: +OCSP_request_sign 2531 EXIST::FUNCTION: +OCSP_SINGLERESP_free 2532 EXIST::FUNCTION: +i2d_OCSP_ONEREQ 2533 EXIST::FUNCTION: +OCSP_SERVICELOC_free 2534 EXIST::FUNCTION: +d2i_OCSP_RESPDATA 2535 EXIST::FUNCTION: +OCSP_RESPDATA_new 2536 EXIST::FUNCTION: +d2i_OCSP_REVOKEDINFO 2537 EXIST::FUNCTION: +OCSP_basic_response_new 2538 EXIST::FUNCTION: +d2i_OCSP_CERTID 2539 EXIST::FUNCTION: +OCSP_ONEREQ_free 2540 EXIST::FUNCTION: +ERR_load_OCSP_strings 2541 EXIST::FUNCTION: +ocspResponseStatus2string 2542 EXIST::FUNCTION: +OCSP_basic_response_add 2543 EXIST::FUNCTION: +OCSP_CERTID_free 2544 EXIST::FUNCTION: +OCSP_CRLID_free 2545 EXIST::FUNCTION: +i2a_OCSP_CERTID 2546 EXIST::FUNCTION: +i2a_OCSP_RESPBYTES 2547 EXIST::FUNCTION: +OCSP_CRLID_new 2548 EXIST::FUNCTION: +d2i_OCSP_BASICRESP 2549 EXIST::FUNCTION: +OCSP_accept_responses_new 2550 EXIST::FUNCTION: +i2a_OCSP_CERTSTATUS 2551 EXIST::FUNCTION: +OCSP_request_new 2552 EXIST::FUNCTION: +OCSP_response_verify 2553 EXIST::FUNCTION: +i2a_OCSP_CRLID 2554 EXIST::FUNCTION: +OCSP_CERTSTATUS_new 2555 EXIST::FUNCTION: +i2d_OCSP_CRLID 2556 EXIST::FUNCTION: +OCSP_request_add 2557 EXIST::FUNCTION: +OCSP_SINGLERESP_new 2558 EXIST::FUNCTION: +OCSP_CERTSTATUS_free 2559 EXIST::FUNCTION: +OCSP_REQINFO_new 2560 EXIST::FUNCTION: +i2d_OCSP_RESPID 2561 EXIST::FUNCTION: +d2i_OCSP_REQUEST 2562 EXIST::FUNCTION: +d2i_OCSP_CERTSTATUS 2563 EXIST::FUNCTION: +d2i_OCSP_REQINFO 2564 EXIST::FUNCTION: +OCSP_REVOKEDINFO_free 2565 EXIST::FUNCTION: +d2i_OCSP_ONEREQ 2566 EXIST::FUNCTION: +i2a_ACCESS_DESCRIPTION 2567 EXIST::FUNCTION: +OCSP_cert_status_new 2568 EXIST::FUNCTION: +i2d_OCSP_RESPBYTES 2569 EXIST::FUNCTION: +i2a_OCSP_REQUEST 2570 EXIST::FUNCTION: +OCSP_extension_print 2571 EXIST::FUNCTION: +i2a_OCSP_SIGNATURE 2572 EXIST::FUNCTION: +i2a_OCSP_REQINFO 2573 EXIST::FUNCTION: +OCSP_REQINFO_free 2574 EXIST::FUNCTION: +i2d_OCSP_SINGLERESP 2575 EXIST::FUNCTION: +i2d_OCSP_SERVICELOC 2576 EXIST::FUNCTION: +i2a_OCSP_RESPONSE 2577 EXIST::FUNCTION: +OCSP_BASICRESP_free 2578 EXIST::FUNCTION: +i2a_OCSP_ONEREQ 2579 EXIST::FUNCTION: +OCSP_REQUEST_print 2580 EXIST::FUNCTION: +OCSP_CERTID_new 2581 EXIST::FUNCTION: +OCSP_url_svcloc_new 2582 EXIST::FUNCTION: +OCSP_extensions_print 2583 EXIST::FUNCTION: +OCSP_archive_cutoff_new 2584 EXIST::FUNCTION: +ASN1_STRING_encode 2585 EXIST::FUNCTION: +i2a_OCSP_RESPDATA 2586 EXIST::FUNCTION: +OCSP_REQUEST_free 2587 EXIST::FUNCTION: +OCSP_SERVICELOC_new 2588 EXIST::FUNCTION: +OCSP_SERVICELOC_print 2589 EXIST::FUNCTION: +OCSP_cert_id_new 2590 EXIST::FUNCTION: +cRLReason2string 2591 EXIST::FUNCTION: +OCSP_RESPBYTES_new 2592 EXIST::FUNCTION: +i2d_OCSP_RESPONSE 2593 EXIST::FUNCTION: +i2d_OCSP_SIGNATURE 2594 EXIST::FUNCTION: +OCSP_RESPDATA_free 2595 EXIST::FUNCTION: +ocspCertStatus2string 2596 EXIST::FUNCTION: +OCSP_basic_response_verify 2597 EXIST::FUNCTION: +OCSP_nonce_new 2598 EXIST::FUNCTION: +OCSP_RESPONSE_free 2599 EXIST::FUNCTION: +OCSP_REQUEST_new 2600 EXIST::FUNCTION: +i2a_OCSP_SINGLERESP 2601 EXIST::FUNCTION: +OCSP_RESPONSE_new 2602 EXIST::FUNCTION: +OCSP_RESPONSE_print 2603 EXIST::FUNCTION: +d2i_OCSP_CRLID 2604 EXIST::FUNCTION: +i2a_OCSP_BASICRESP 2605 EXIST::FUNCTION: +OCSP_REVOKEDINFO_new 2606 EXIST::FUNCTION: +i2a_OCSP_SERVICELOC 2607 EXIST::FUNCTION: +i2d_OCSP_RESPDATA 2608 EXIST::FUNCTION: +OCSP_CRLID_print 2609 EXIST::FUNCTION: +d2i_OCSP_RESPID 2610 EXIST::FUNCTION: +OCSP_RESPID_free 2611 EXIST::FUNCTION: +OCSP_ONEREQ_new 2612 EXIST::FUNCTION: +i2d_OCSP_REVOKEDINFO 2613 EXIST::FUNCTION: +d2i_OCSP_RESPBYTES 2614 EXIST::FUNCTION: +i2d_OCSP_CERTID 2615 EXIST::FUNCTION: +d2i_OCSP_SINGLERESP 2616 EXIST::FUNCTION: +OCSP_crlID_new 2617 EXIST::FUNCTION: +OCSP_BASICRESP_new 2618 EXIST::FUNCTION: +d2i_OCSP_SERVICELOC 2619 EXIST::FUNCTION: +OCSP_response_new 2620 EXIST::FUNCTION: +i2a_OCSP_RESPID 2621 EXIST::FUNCTION: +OCSP_nochain_new 2622 NOEXIST::FUNCTION: +OCSP_RESPID_new 2623 EXIST::FUNCTION: +OCSP_add_standard_extension 2624 NOEXIST::FUNCTION: +OCSP_RESPBYTES_free 2625 EXIST::FUNCTION: +i2d_OCSP_BASICRESP 2626 EXIST::FUNCTION: +OCSP_SIGNATURE_new 2627 EXIST::FUNCTION: +OCSP_SIGNATURE_free 2628 EXIST::FUNCTION: +i2a_OCSP_REVOKEDINFO 2629 EXIST::FUNCTION: +OCSP_basic_response_sign 2630 EXIST::FUNCTION: +d2i_OCSP_RESPONSE 2631 EXIST::FUNCTION: +d2i_OCSP_SIGNATURE 2632 EXIST::FUNCTION: +X509_ocspid_print 2633 EXIST::FUNCTION: +OCSP_request_verify 2634 EXIST::FUNCTION: +i2d_OCSP_REQUEST 2635 EXIST::FUNCTION: +ENGINE_load_chil 2636 EXIST::FUNCTION: +ENGINE_load_cswift 2637 EXIST::FUNCTION: +ENGINE_load_builtin_engines 2638 EXIST::FUNCTION: +bn_dup_expand 2639 EXIST::FUNCTION: +ENGINE_load_nuron 2640 EXIST::FUNCTION: +ENGINE_load_atalla 2641 EXIST::FUNCTION: +rijndaelEncryptRound 2642 EXIST::FUNCTION: +rijndaelDecrypt 2643 EXIST::FUNCTION: +rijndaelKeyEncToDec 2644 EXIST::FUNCTION: +rijndaelDecryptRound 2645 EXIST::FUNCTION: +rijndaelEncrypt 2646 EXIST::FUNCTION: +rijndaelKeySched 2647 EXIST::FUNCTION: +OBJ_NAME_do_all_sorted 2648 EXIST::FUNCTION: +OBJ_NAME_do_all 2649 EXIST::FUNCTION: +BN_nnmod 2650 EXIST::FUNCTION: +BN_swap 2651 EXIST::FUNCTION: +BN_mod_add 2652 EXIST::FUNCTION: +BN_mod_lshift1 2653 EXIST::FUNCTION: +BN_mod_lshift 2654 EXIST::FUNCTION: +BN_mod_sub_quick 2655 EXIST::FUNCTION: +BN_mod_lshift1_quick 2656 EXIST::FUNCTION: +BN_mod_lshift_quick 2657 EXIST::FUNCTION: +BN_mod_add_quick 2658 EXIST::FUNCTION: +BN_mod_sub 2659 EXIST::FUNCTION: diff --git a/util/mk1mf.pl b/util/mk1mf.pl index 46755fa287..ccdeb56c57 100755 --- a/util/mk1mf.pl +++ b/util/mk1mf.pl @@ -68,7 +68,6 @@ and [options] can be one of debug - Debug build profile - Profiling build gcc - Use Gcc (unix) - rsaref - Build to require RSAref Values that can be set TMP=tmpdir OUT=outdir SRC=srcdir BIN=binpath INC=header-outdir CC=C-compiler @@ -218,7 +217,7 @@ $cflags.=" -DNO_SOCK" if $no_sock; $cflags.=" -DNO_SSL2" if $no_ssl2; $cflags.=" -DNO_SSL3" if $no_ssl3; $cflags.=" -DNO_ERR" if $no_err; -$cflags.=" -DRSAref" if $rsaref ne ""; +#$cflags.=" -DRSAref" if $rsaref ne ""; ## if ($unix) ## { $cflags="$c_flags" if ($c_flags ne ""); } @@ -873,6 +872,7 @@ sub read_options elsif (/^no-dsa$/) { $no_dsa=1; } elsif (/^no-dh$/) { $no_dh=1; } elsif (/^no-hmac$/) { $no_hmac=1; } + elsif (/^no-rijndael$/) { $no_rijndael=1; } elsif (/^no-asm$/) { $no_asm=1; } elsif (/^nasm$/) { $nasm=1; } elsif (/^gaswin$/) { $gaswin=1; } @@ -885,7 +885,7 @@ sub read_options $no_md2=$no_sha=$no_mdc2=$no_dsa=$no_dh=1; $no_ssl2=$no_err=$no_rmd160=$no_rc5=1; } - elsif (/^rsaref$/) { $rsaref=1; } + elsif (/^rsaref$/) { } elsif (/^gcc$/) { $gcc=1; } elsif (/^debug$/) { $debug=1; } elsif (/^profile$/) { $profile=1; } diff --git a/util/mkdef.pl b/util/mkdef.pl index ba453358cf..e9e21caa75 100755 --- a/util/mkdef.pl +++ b/util/mkdef.pl @@ -76,7 +76,8 @@ my @known_platforms = ( "__FreeBSD__", "VMS", "WIN16", "WIN32", "WINNT", "PERL5", "NeXT" ); my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", "CAST", "MD2", "MD4", "MD5", "SHA", "RIPEMD", - "MDC2", "RSA", "DSA", "DH", "HMAC", "FP_API" ); + "MDC2", "RSA", "DSA", "DH", "HMAC", "FP_API", + "RIJNDAEL" ); my $options=""; open(IN,"<Makefile.ssl") || die "unable to open Makefile.ssl!\n"; @@ -91,7 +92,7 @@ close(IN); my $no_rc2; my $no_rc4; my $no_rc5; my $no_idea; my $no_des; my $no_bf; my $no_cast; my $no_md2; my $no_md4; my $no_md5; my $no_sha; my $no_ripemd; my $no_mdc2; -my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; +my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_rijndael; my $no_fp_api; foreach (@ARGV, split(/ /, $options)) @@ -103,7 +104,7 @@ foreach (@ARGV, split(/ /, $options)) $NT = 1; } $VMS=1 if $_ eq "VMS"; - $rsaref=1 if $_ eq "rsaref"; + #$rsaref=1 if $_ eq "rsaref"; $do_ssl=1 if $_ eq "ssleay"; $do_ssl=1 if $_ eq "ssl"; @@ -132,6 +133,7 @@ foreach (@ARGV, split(/ /, $options)) elsif (/^no-dsa$/) { $no_dsa=1; } elsif (/^no-dh$/) { $no_dh=1; } elsif (/^no-hmac$/) { $no_hmac=1; } + elsif (/^no-rijndael$/) { $no_rijndael=1; } } @@ -147,7 +149,7 @@ if ($W16) { if (!$do_ssl && !$do_crypto) { - print STDERR "usage: $0 ( ssl | crypto ) [ 16 | 32 | NT ] [rsaref]\n"; + print STDERR "usage: $0 ( ssl | crypto ) [ 16 | 32 | NT ]\n"; exit(1); } @@ -172,6 +174,8 @@ $crypto.=" crypto/md5/md5.h" unless $no_md5; $crypto.=" crypto/mdc2/mdc2.h" unless $no_mdc2; $crypto.=" crypto/sha/sha.h" unless $no_sha; $crypto.=" crypto/ripemd/ripemd.h" unless $no_ripemd; +$crypto.=" crypto/rijndael/rijndael.h" unless $no_rijndael; +$crypto.=" crypto/rijndael/rd_fst.h" unless $no_rijndael; $crypto.=" crypto/bn/bn.h"; $crypto.=" crypto/rsa/rsa.h" unless $no_rsa; @@ -202,6 +206,7 @@ $crypto.=" crypto/x509/x509_vfy.h"; $crypto.=" crypto/x509v3/x509v3.h"; $crypto.=" crypto/rand/rand.h"; $crypto.=" crypto/comp/comp.h"; +$crypto.=" crypto/ocsp/ocsp.h"; $crypto.=" crypto/tmdiff.h"; my $symhacks="crypto/symhacks.h"; @@ -607,6 +612,7 @@ sub maybe_add_info { (my $name, *nums, my @symbols) = @_; my $sym; my $new_info = 0; + my %syms=(); print STDERR "Updating $name info\n"; foreach $sym (@symbols) { @@ -620,6 +626,16 @@ sub maybe_add_info { #print STDERR "DEBUG: maybe_add_info for $s: \"$dummy\" => \"$i\"\n"; } } + $syms{sym} = 1; + } + + my @s=sort { &parse_number($nums{$a},"n") <=> &parse_number($nums{$b},"n") } keys %nums; + foreach $sym (@s) { + (my $n, my $i) = split /\\/, $nums{$sym}; + if (!defined($syms{sym})) { + $new_info++; + #print STDERR "DEBUG: maybe_add_info for $sym: -> undefined\n"; + } } if ($new_info) { print STDERR "$new_info old symbols got an info update\n"; @@ -746,6 +762,7 @@ EOF && (!@a || (!$no_dsa || !grep(/^DSA$/,@a))) && (!@a || (!$no_dh || !grep(/^DH$/,@a))) && (!@a || (!$no_hmac || !grep(/^HMAC$/,@a))) + && (!@a || (!$no_rijndael || !grep(/^RIJNDAEL$/,@a))) && (!@a || (!$no_fp_api || !grep(/^FP_API$/,@a))) ) { printf OUT " %s%-40s@%d\n",($W32)?"":"_",$s,$n; @@ -847,12 +864,19 @@ sub rewrite_numbers $rsyms{$s} = 1; } + my %syms = (); + foreach $_ (@symbols) { + (my $n, my $i) = split /\\/; + $syms{$n} = 1; + } + my @s=sort { &parse_number($nums{$a},"n") <=> &parse_number($nums{$b},"n") } keys %nums; foreach $sym (@s) { (my $n, my $i) = split /\\/, $nums{$sym}; next if defined($i) && $i =~ /^.*?:.*?:\w+\(\w+\)/; next if defined($rsyms{$sym}); - $i="NOEXIST::FUNCTION:" if !defined($i) || $i eq ""; + $i="NOEXIST::FUNCTION:" + if !defined($i) || $i eq "" || !defined($syms{$sym}); printf OUT "%s%-40s%d\t%s\n","",$sym,$n,$i; if (exists $r{$sym}) { (my $s, $i) = split /\\/,$r{$sym}; diff --git a/util/mkerr.pl b/util/mkerr.pl index 7d98b5234d..407ca20313 100644 --- a/util/mkerr.pl +++ b/util/mkerr.pl @@ -38,7 +38,7 @@ while (@ARGV) { } if($recurse) { - @source = (<crypto/*.c>, <crypto/*/*.c>, <rsaref/*.c>, <ssl/*.c>); + @source = (<crypto/*.c>, <crypto/*/*.c>, <ssl/*.c>); } else { @source = @ARGV; } diff --git a/util/mkfiles.pl b/util/mkfiles.pl index 470feea76f..128ed39411 100755 --- a/util/mkfiles.pl +++ b/util/mkfiles.pl @@ -23,6 +23,7 @@ my @dirs = ( "crypto/idea", "crypto/bf", "crypto/cast", +"crypto/rijndael", "crypto/bn", "crypto/rsa", "crypto/dsa", @@ -46,8 +47,8 @@ my @dirs = ( "crypto/pkcs12", "crypto/comp", "crypto/engine", +"crypto/ocsp", "ssl", -"rsaref", "apps", "test", "tools" diff --git a/util/mkstack.pl b/util/mkstack.pl index 3ee13fe7c9..085c50f790 100755 --- a/util/mkstack.pl +++ b/util/mkstack.pl @@ -21,7 +21,7 @@ while (@ARGV) { } -@source = (<crypto/*.[ch]>, <crypto/*/*.[ch]>, <rsaref/*.[ch]>, <ssl/*.[ch]>); +@source = (<crypto/*.[ch]>, <crypto/*/*.[ch]>, <ssl/*.[ch]>); foreach $file (@source) { next if -l $file; |