diff options
| author | rse <rse> | 1998-12-21 10:58:35 +0000 |
|---|---|---|
| committer | rse <rse> | 1998-12-21 10:58:35 +0000 |
| commit | 6ec9415d68d769100bb599ad26eaf5c007f7bf0a (patch) | |
| tree | 861cb832b9301848e3b536d31f6df850e041b87d | |
| parent | c9d61e0435521fcdeed7301d2b847125a172ebc5 (diff) | |
| download | openssl-SSLeay.tar.gz | |
Import of old SSLeay release: SSLeay 0.9.1b (unreleased)SSLeay
337 files changed, 12558 insertions, 4043 deletions
@@ -36,7 +36,6 @@ # MD5_ASM use some extra md5 assember, # SHA1_ASM use some extra sha1 assember, must define L_ENDIAN for x86 # RMD160_ASM use some extra ripemd160 assember, -# BN_ASM use some extra bn assember, $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL"; @@ -55,10 +54,10 @@ $tlib="-lnsl -lsocket"; $bits1="THIRTY_TWO_BIT "; $bits2="SIXTY_FOUR_BIT "; -$x86_sol_asm="asm/bn86-sol.o:asm/dx86-sol.o asm/yx86-sol.o:asm/bx86-sol.o:asm/mx86-sol.o:asm/sx86-sol.o:asm/cx86-sol.o:asm/rx86-sol.o:asm/rm86-sol.o:asm/r586-sol.o"; -$x86_elf_asm="asm/bn86-elf.o:asm/dx86-elf.o asm/yx86-elf.o:asm/bx86-elf.o:asm/mx86-elf.o:asm/sx86-elf.o:asm/cx86-elf.o:asm/rx86-elf.o:asm/rm86-elf.o:asm/r586-elf.o"; -$x86_out_asm="asm/bn86-out.o:asm/dx86-out.o asm/yx86-out.o:asm/bx86-out.o:asm/mx86-out.o:asm/sx86-out.o:asm/cx86-out.o:asm/rx86-out.o:asm/rm86-out.o:asm/r586-out.o"; -$x86_bsdi_asm="asm/bn86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/mx86bsdi.o:asm/sx86bsdi.o:asm/cx86bsdi.o:asm/rx86bsdi.o:asm/rm86bsdi.o:asm/r586bsdi.o"; +$x86_sol_asm="asm/bn86-sol.o asm/co86-sol.o:asm/dx86-sol.o asm/yx86-sol.o:asm/bx86-sol.o:asm/mx86-sol.o:asm/sx86-sol.o:asm/cx86-sol.o:asm/rx86-sol.o:asm/rm86-sol.o:asm/r586-sol.o"; +$x86_elf_asm="asm/bn86-elf.o asm/co86-elf.o:asm/dx86-elf.o asm/yx86-elf.o:asm/bx86-elf.o:asm/mx86-elf.o:asm/sx86-elf.o:asm/cx86-elf.o:asm/rx86-elf.o:asm/rm86-elf.o:asm/r586-elf.o"; +$x86_out_asm="asm/bn86-out.o asm/co86-out.o:asm/dx86-out.o asm/yx86-out.o:asm/bx86-out.o:asm/mx86-out.o:asm/sx86-out.o:asm/cx86-out.o:asm/rx86-out.o:asm/rm86-out.o:asm/r586-out.o"; +$x86_bsdi_asm="asm/bn86bsdi.o asm/co86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/mx86bsdi.o:asm/sx86bsdi.o:asm/cx86bsdi.o:asm/rx86bsdi.o:asm/rm86bsdi.o:asm/r586bsdi.o"; # -DB_ENDIAN slows things down on a sparc for md5, but helps sha1. # So the md5_locl.h file has an undef B_ENDIAN if sun is defined @@ -73,7 +72,7 @@ $x86_bsdi_asm="asm/bn86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/m # A few of my development configs "purify", "purify gcc:-g -DPURIFY -Wall:-lsocket -lnsl::::", -"debug", "gcc:-DREF_CHECK -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::::", +"debug", "gcc:-DBN_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:-lefence::::", "dist", "cc:-O -DNOPROTO::::", # Basic configs that should work on any box @@ -82,7 +81,7 @@ $x86_bsdi_asm="asm/bn86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/m # My solaris setups -"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DBN_ASM:-lsocket -lnsl:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_sol_asm:", +"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN:-lsocket -lnsl:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_sol_asm", "solaris-sparc-gcc","gcc:-O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN:-lsocket -lnsl:BN_LLONG RC4_CHAR DES_UNROLL BF_PTR:::", # DO NOT use /xO[34] on sparc with SC3.0. # It is broken, and will not pass the tests @@ -103,10 +102,16 @@ $x86_bsdi_asm="asm/bn86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/m # SGI configurations. If the box is rather old (r3000 cpu), you will # probably have to remove the '-mips2' flag. I've only been using # IRIX 5.[23]. -#"irix-gcc","gcc:-O2 -mips2::BN_LLONG RC4_INDEX RC4_CHAR:::", -"irix-gcc","gcc:-O2 -DTERMIOS -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:::", -"irix-cc", "cc:-O2 -DTERMIOS -DB_ENDIAN::DES_PTR DES_RISC2 DES_UNROLL BF_PTR:asm/r3000.o::", +# I've recently done 32 and 64 bit mips assember, it make this RSA +# 3 times faster, use if at all possible. +#"irix-gcc","gcc:-O2 -mips2::SIXTY_FOUR_BIT BN_LLONG RC4_INDEX RC4_CHAR:::", +"irix-gcc","gcc:-O2 -DTERMIOS -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:asm/mips1.o::", +"irix64-gcc","gcc:-mips3 -O2 -DTERMIOS -DB_ENDIAN::MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:asm/mips3.o::", +"irix-cc", "cc:-O2 -use_readonly_const -DTERMIOS -DB_ENDIAN::BN_LLONG DES_PTR DES_RISC2 DES_UNROLL BF_PTR:asm/mips1.o::", +"irix64-cc", "cc:-O2 -use_readonly_const -DTERMIOS -DB_ENDIAN::DES_PTR DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:asm/mips3.o::", "debug-irix-cc", "cc:-w2 -g -DCRYPTO_MDEBUG -DTERMIOS -DB_ENDIAN:::asm/r3000.o::", +# This is the n64 mode build. +"irix-n64-cc", "cc:-64 -O2 -use_readonly_const -DTERMIOS::DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT:asm/mips3_64.o::", # HPUX config. I've been building on HPUX 9, so the options may be # different on version 10. The pa-risc2.o assember file is 2 times @@ -118,23 +123,24 @@ $x86_bsdi_asm="asm/bn86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/m "hpux-kr-cc", "cc:-DB_ENDIAN -DNOCONST -DNOPROTO -D_HPUX_SOURCE::DES_PTR DES_UNROLL:asm/pa-risc2.o::", "hpux-gcc", "gcc:-DB_ENDIAN -O3::BN_LLONG DES_PTR DES_UNROLL DES_RISC1:::", -# Dec Alpha, OSF/1 - the alpha400-cc is the flags for a 21164A with +# Dec Alpha, OSF/1 - the alpha164-cc is the flags for a 21164A with # the new compiler -"alpha-gcc","gcc:-O3::SIXTY_FOUR_BIT_LONGS DES_INT DES_PTR DES_RISC2:asm/alpha.o::", -"alpha-cc", "cc:-O2::SIXTY_FOUR_BIT_LONGS DES_INT DES_PTR DES_RISC2:asm/alpha.o::", -"alpha400-cc", "cc:-arch host -tune host -fast -std -O4 -inline speed::SIXTY_FOUR_BIT_LONG:asm/alpha.o::", +# For gcc, the following gave a %50 speedup on a 164 over the 'DES_INT' version +"alpha-gcc","gcc:-O3::SIXTY_FOUR_BIT_LONG DES_UNROLL DES_RISC1:asm/alpha.o::", +"alpha-cc", "cc:-tune host -O4 -readonly_strings::SIXTY_FOUR_BIT_LONG:asm/alpha.o::", +"alpha164-cc", "cc:-tune host -fast -readonly_strings::SIXTY_FOUR_BIT_LONG:asm/alpha.o::", # The intel boxes :-), It would be worth seeing if bsdi-gcc can use the # bn86-elf.o file file since it is hand tweaked assembler. -"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm", -"debug-linux-elf","gcc:-DREF_CHECK -DBN_ASM -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall:-lefence:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm", -"linux-aout", "gcc:-DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm", +"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm", +"debug-linux-elf","gcc:-DREF_CHECK -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall:-lefence:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm", +"linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm", "NetBSD-sparc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::", -"NetBSD-m86", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::", -"NetBSD-x86", "gcc:-DTERMIOS -DBN_ASM -D_ANSI_SOURCE -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:", -"FreeBSD", "gcc:-DTERMIOS -DBN_ASM -DL_ENDIAN -D_ANSI_SOURCE -fomit-frame-pointer -O3 -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm", -#"bsdi-gcc", "gcc:-O3 -ffast-math -DBN_ASM -DL_ENDIAN -DPERL5 -m486::RSA_LLONG $x86_gc_des $x86_gcc_opts:$x86_bsdi_asm", -"nextstep", "cc:-O3 -Wall -DBN_ASM::BN_LLONG $x86_gcc_des $x86_gcc_opts:::", +"NetBSD-m68", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::", +"NetBSD-x86", "gcc:-DTERMIOS -D_ANSI_SOURCE -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:", +"FreeBSD", "gcc:-DTERMIOS -DL_ENDIAN -D_ANSI_SOURCE -fomit-frame-pointer -O3 -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm", +#"bsdi-gcc", "gcc:-O3 -ffast-math -DL_ENDIAN -DPERL5 -m486::RSA_LLONG $x86_gc_des $x86_gcc_opts:$x86_bsdi_asm", +"nextstep", "cc:-O3 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:::", # NCR MP-RAS UNIX ver 02.03.01 "ncr-scde","cc:-O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw:-lsocket -lnsl:$x86_gcc_des $x86_gcc_opts:::", @@ -162,10 +168,11 @@ $x86_bsdi_asm="asm/bn86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/m # DGUX, 88100. "dgux-R3-gcc", "gcc:-O3 -fomit-frame-pointer::RC4_INDEX DES_UNROLL:::", "dgux-R4-gcc", "gcc:-O3 -fomit-frame-pointer:-lnsl -lsocket:RC4_INDEX:RC4_INDEX DES_UNROLL:::", -"dgux-R4-x86-gcc", "gcc:-O3 -DBN_ASM -fomit-frame-pointer -DL_ENDIAN:-lnsl -lsocket:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm", +"dgux-R4-x86-gcc", "gcc:-O3 -fomit-frame-pointer -DL_ENDIAN:-lnsl -lsocket:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm", -# SCO 5 -"sco5-cc", "cc:-O:-lsocket:$x86_gcc_des $x86_gcc_opts:::", # des options? +# SCO 5 - Ben Laurie <ben@algroup.co.uk> says the -O breaks the +# SCO cc. +"sco5-cc", "cc::-lsocket:$x86_gcc_des $x86_gcc_opts:::", # des options? # Sinix RM400 "SINIX-N","/usr/ucb/cc:-O2 -misaligned:-lucb:RC4_INDEX RC4_CHAR:::", @@ -183,8 +190,19 @@ $x86_bsdi_asm="asm/bn86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/m # Borland C++ 4.5 "BC-32","bcc32:::DES_PTR RC4_INDEX:::", "BC-16","bcc:::BN_LLONG DES_PTR RC4_INDEX SIXTEEN_BIT:::", + +# Our old Ultrix box :-). -O2 breaks some of the bignum stuff (now fixed, +# it is a compiler bug, look in bug/ultrixcc.c for example code. +"ultrix","cc:-O2 -DNOPROTO -DNOCONST -DL_ENDIAN:::asm/mips1.o:::", + +# Some OpenBSD from Bob Beck <beck@obtuse.com> +"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer:SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:asm/alpha.o::", +"OpenBSD-x86", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm", +"OpenBSD", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::BN_LLONG RC2_CHAR RC4_INDEX DES_UNROLL:::", +"OpenBSD-mips","gcc:-O2 -DL_ENDIAN:BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR::::", ); +$no_asm=0; $postfix="org"; $Makefile="Makefile.ssl"; $des_locl="crypto/des/des_locl.h"; @@ -196,7 +214,7 @@ $rc4_locl="crypto/rc4/rc4_locl.h"; $idea ="crypto/idea/idea.h"; $rc2 ="crypto/rc2/rc2.h"; $bf ="crypto/bf/bf_locl.h"; -$bn_mulw="bn_mulw.o"; +$bn_asm ="bn_asm.o"; $des_enc="des_enc.o fcrypt_b.o"; $bf_enc ="bf_enc.o"; $cast_enc="c_enc.o"; @@ -215,7 +233,9 @@ if ($#ARGV < 0) $flags=""; foreach (@ARGV) { - if ($_ =~ /^-/) + if ($_ =~ /^no-asm$/) + { $no_asm=1; } + elsif ($_ =~ /^-/) { if ($_ =~ /^-[lL](.*)$/) { @@ -254,7 +274,16 @@ if (!defined($table{$target})) $cflags="$flags$cflags" if ($flags ne ""); $lflags="$libs$lflags"if ($libs ne ""); -$bn_obj=$bn_mulw unless ($bn_obj =~ /\.o$/); +if ($no_asm) + { + $bn_obj=$des_obj=$bf_obj=$cast_obj=$rc4_obj=$rc5_obj=""; + $sha1_obj=$md5_obj=$rmd160_obj=""; + } + +($bn1)=split(/\s+/,$bn_obj); +$bn1=$bn_asm unless ($bn1 =~ /\.o$/); +$bn_obj="$bn1"; + $des_obj=$des_enc unless ($des_obj =~ /\.o$/); $bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/); $cast_obj=$cast_enc unless ($cast_obj =~ /\.o$/); @@ -282,6 +311,7 @@ open(OUT,">".$n) || die "unable to read $n:$!\n"; while (<IN>) { chop; + s/^PLATFORM=.*$/PLATFORM=$target/; s/^CC=.*$/CC= $cc/; s/^CFLAG=.*$/CFLAG= $cflags/; s/^EX_LIBS=.*$/EX_LIBS= $lflags/; diff --git a/HISTORY.090 b/HISTORY.090 new file mode 100644 index 000000000..b7bbb5e5f --- /dev/null +++ b/HISTORY.090 @@ -0,0 +1,7 @@ +- A minor bug in ssl/s3_clnt.c where there would always be 4 0 bytes + sent in the client random, thanks to + Edward Bishop <ebishop@spyglass.com> +- Changed some BIGNUM api stuff. + +- I Deleted the HISTORY.090 I was working on and when I found out, it was + permanently gone :-( @@ -126,3 +126,8 @@ The examples for solaris and windows NT/95 are in the mt directory. have fun eric 25-Jun-1997 + +IRIX 5.x will build as a 32 bit system with mips1 assember. +IRIX 6.x will build as a 64 bit system with mips3 assember. It conforms +to n32 standards. In theory you can compile the 64 bit assember under +IRIX 5.x but you will have to have the correct system software installed. @@ -2,13 +2,13 @@ RELATIVE_DIRECTORY=. AR=ar r BASENAME=SSLeay BF_ENC=bf_enc.o -BN_MULW=bn_mulw.o +BN_ASM=bn_asm.o CAST_ENC=c_enc.o -CC=cc -CFLAG=-O -DNOPROTO +CC=cl +CFLAG= DES_ENC=des_enc.o fcrypt_b.o DIRS=crypto ssl rsaref apps test tools -EDIRS=times doc bugs util include certs ms shlib mt demos perl dep +EDIRS=times doc bugs util include certs ms shlib mt demos perl sf dep EXHEADER=e_os.h EX_LIBS= GENERAL=Makefile @@ -20,49 +20,50 @@ MAKEFILE=Makefile.ssl MAN1=1 MAN3=3 MD5_ASM_OBJ= -MISC=COPYRIGHT Configure HISTORY.066 INSTALL Makefile.ssl Makefile README TODO HISTORY README.066 README.080 README.090 VERSION PROBLEMS MINFO makefile.one e_os.h MICROSOFT makevms.com config PATENTS -NAME=SSLeay-0.9.0 +MISC=COPYRIGHT Configure HISTORY.090 HISTORY.066 INSTALL Makefile.ssl Makefile README TODO HISTORY README.066 README.080 README.090 VERSION PROBLEMS MINFO makefile.one e_os.h MICROSOFT makevms.com config PATENTS +NAME=SSLeay-0.9.1b ONEDIRS=out tmp PEX_LIBS=-L. -L.. -L../.. -L../../.. +PLATFORM=VC-WIN32 RC4_ENC=rc4_enc.o RC5_ENC=rc5_enc.o RMD160_ASM_OBJ= -SDIRS=md2 md5 sha mdc2 hmac ripemd des rc2 rc4 rc5 idea bf cast bn rsa dsa dh buffer bio stack lhash rand err objects evp pem asn1 x509 conf txt_db pkcs7 +SDIRS=md2 md5 sha mdc2 hmac ripemd des rc2 rc4 rc5 idea bf cast bn rsa dsa dh buffer bio stack lhash rand err objects evp pem asn1 x509 conf txt_db pkcs7 proxy comp SHA1_ASM_OBJ= SHELL=/bin/sh -TARFILE=SSLeay-0.9.0.tar +TARFILE=SSLeay-0.9.1b.tar TOP=. -VERSION=0.9.0 +VERSION=0.9.1b WDIRS=windows -WTARFILE=SSLeay-0.9.0-win.tar +WTARFILE=SSLeay-0.9.1b-win.tar RELATIVE_DIRECTORY= RELATIVE_DIRECTORY=crypto -ALL=Makefile README cryptlib.c mem.c cversion.c ex_data.c cpt_err.c cryptlib.h date.h crypto.h cryptall.h +ALL=Makefile README cryptlib.c mem.c cversion.c ex_data.c tmdiff.c cpt_err.c cryptlib.h date.h crypto.h cryptall.h tmdiff.h AR=ar r CC=cc CFLAG=-g -CFLAGS=-I. -I../include -g -DCFLAGS=" \"cc -g\" " +CFLAGS=-I. -I../include -g -DCFLAGS=" \"cc -g\" " -DPLATFORM=" \"\" " DIR=crypto ERR=crypto ERRC=cpt_err -EXHEADER=crypto.h cryptall.h +EXHEADER=crypto.h cryptall.h tmdiff.h EX_LIBS= GENERAL=Makefile README -HEADER=cryptlib.h date.h crypto.h cryptall.h +HEADER=cryptlib.h date.h crypto.h cryptall.h tmdiff.h INCLUDE=-I. -I../include INCLUDES=-I.. -I../../include INSTALLTOP=/usr/local/ssl LIB=../libcrypto.a -LIBOBJ=cryptlib.o mem.o cversion.o ex_data.o cpt_err.o +LIBOBJ=cryptlib.o mem.o cversion.o ex_data.o tmdiff.o cpt_err.o LIBS= -LIBSRC=cryptlib.c mem.c cversion.c ex_data.c cpt_err.c +LIBSRC=cryptlib.c mem.c cversion.c ex_data.c tmdiff.c cpt_err.c MAKE=make -f Makefile.ssl MAKEDEPEND=makedepend -f Makefile.ssl MAKEFILE=Makefile.ssl PEX_LIBS= RM=/bin/rm -f -SDIRS=md2 md5 sha mdc2 hmac ripemd des rc2 rc4 rc5 idea bf cast bn rsa dsa dh buffer bio stack lhash rand err objects evp pem x509 asn1 conf txt_db pkcs7 -SRC=cryptlib.c mem.c cversion.c ex_data.c cpt_err.c +SDIRS=md2 md5 sha mdc2 hmac ripemd des rc2 rc4 rc5 idea bf cast bn rsa dsa dh buffer bio stack lhash rand err objects evp pem x509 asn1 conf txt_db pkcs7 proxy comp +SRC=cryptlib.c mem.c cversion.c ex_data.c tmdiff.c cpt_err.c TOP=.. RELATIVE_DIRECTORY= RELATIVE_DIRECTORY=crypto/md2 @@ -379,10 +380,10 @@ TEST=casttest.c TOP=../.. RELATIVE_DIRECTORY= RELATIVE_DIRECTORY=crypto/bn -ALL=Makefile bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c bn_mpi.c bn_lcl.h bn_prime.h bn.h +ALL=Makefile bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_lcl.h bn_prime.h bn.h APPS= AR=ar r -BN_MULW=bn_mulw.o +BN_ASM=bn_asm.o CC=cc CFLAG=-g CFLAGS=-I.. -I../../include -g @@ -395,12 +396,12 @@ HEADER=bn_lcl.h bn_prime.h bn.h INCLUDES=-I.. -I../../include INSTALLTOP=/usr/local/ssl LIB=../../libcrypto.a -LIBOBJ=bn_add.o bn_div.o bn_exp.o bn_lib.o bn_mod.o bn_mul.o bn_print.o bn_rand.o bn_shift.o bn_sub.o bn_word.o bn_blind.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o bn_mulw.o bn_recp.o bn_mont.o bn_mpi.o -LIBSRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c bn_mpi.c +LIBOBJ=bn_add.o bn_div.o bn_exp.o bn_lib.o bn_mul.o bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o bn_asm.o bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o +LIBSRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c MAKE=make -f Makefile.ssl MAKEDEPEND=makedepend -f Makefile.ssl MAKEFILE=Makefile.ssl -SRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c bn_mpi.c +SRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c TEST=bntest.c exptest.c TOP=../.. RELATIVE_DIRECTORY= @@ -505,7 +506,7 @@ TEST= TOP=../.. RELATIVE_DIRECTORY= RELATIVE_DIRECTORY=crypto/bio -ALL=Makefile bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c bio.h bss_file.c +ALL=Makefile bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c bss_cs4a.c bio.h bss_file.c APPS= AR=ar r CC=cc @@ -520,12 +521,12 @@ HEADER=bio.h bss_file.c INCLUDES=-I.. -I../../include INSTALLTOP=/usr/local/ssl LIB=../../libcrypto.a -LIBOBJ=bio_lib.o bio_cb.o bio_err.o bss_mem.o bss_null.o bss_fd.o bss_file.o bss_sock.o bss_conn.o bf_null.o bf_buff.o b_print.o b_dump.o b_sock.o bss_acpt.o bf_nbio.o -LIBSRC=bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c +LIBOBJ=bio_lib.o bio_cb.o bio_err.o bss_mem.o bss_null.o bss_fd.o bss_file.o bss_sock.o bss_conn.o bf_null.o bf_buff.o b_print.o b_dump.o b_sock.o bss_acpt.o bf_nbio.o bss_cs4a.o +LIBSRC=bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c bss_cs4a.c MAKE=make -f Makefile.ssl MAKEDEPEND=makedepend -f Makefile.ssl MAKEFILE=Makefile.ssl -SRC=bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c +SRC=bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c bss_cs4a.c TEST= TOP=../.. RELATIVE_DIRECTORY= @@ -576,7 +577,7 @@ TEST= TOP=../.. RELATIVE_DIRECTORY= RELATIVE_DIRECTORY=crypto/rand -ALL=Makefile md_rand.c randfile.c rand.h +ALL=Makefile md_rand.c randfile.c rand_lib.c rand.h APPS= AR=ar r CC=cc @@ -589,12 +590,12 @@ HEADER=rand.h INCLUDES= INSTALLTOP=/usr/local/ssl LIB=../../libcrypto.a -LIBOBJ=md_rand.o randfile.o -LIBSRC=md_rand.c randfile.c +LIBOBJ=md_rand.o randfile.o rand_lib.o +LIBSRC=md_rand.c randfile.c rand_lib.c MAKE=make -f Makefile.ssl MAKEDEPEND=makedepend -f Makefile.ssl MAKEFILE=Makefile.ssl -SRC=md_rand.c randfile.c +SRC=md_rand.c randfile.c rand_lib.c TEST=randtest.c TOP=../.. RELATIVE_DIRECTORY= @@ -622,7 +623,7 @@ TEST= TOP=../.. RELATIVE_DIRECTORY= RELATIVE_DIRECTORY=crypto/objects -ALL=Makefile README obj_dat.c obj_lib.c obj_err.c objects.h obj_dat.h +ALL=Makefile README o_names.c obj_dat.c obj_lib.c obj_err.c objects.h obj_dat.h APPS= AR=ar r CC=cc @@ -637,12 +638,12 @@ HEADER=objects.h obj_dat.h INCLUDES=-I.. -I../../include INSTALLTOP=/usr/local/ssl LIB=../../libcrypto.a -LIBOBJ=obj_dat.o obj_lib.o obj_err.o -LIBSRC=obj_dat.c obj_lib.c obj_err.c +LIBOBJ=o_names.o obj_dat.o obj_lib.o obj_err.o +LIBSRC=o_names.c obj_dat.c obj_lib.c obj_err.c MAKE=make -f Makefile.ssl MAKEDEPEND=makedepend -f Makefile.ssl MAKEFILE=Makefile.ssl -SRC=obj_dat.c obj_lib.c obj_err.c +SRC=o_names.c obj_dat.c obj_lib.c obj_err.c TEST= TOP=../.. RELATIVE_DIRECTORY= @@ -698,7 +699,7 @@ TEST= TOP=../.. RELATIVE_DIRECTORY= RELATIVE_DIRECTORY=crypto/asn1 -ALL=Makefile README a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c evp_asn1.c asn1.h asn1_mac.h +ALL=Makefile README a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_bmp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c evp_asn1.c asn1.h asn1_mac.h APPS= AR=ar r CC=cc @@ -713,12 +714,12 @@ HEADER=asn1.h asn1_mac.h INCLUDES=-I.. -I../../include INSTALLTOP=/usr/local/ssl LIB=../../libcrypto.a -LIBOBJ=a_object.o a_bitstr.o a_utctm.o a_int.o a_octet.o a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o a_sign.o a_digest.o a_verify.o x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_name.o x_cinf.o x_x509.o x_crl.o x_info.o x_spki.o d2i_r_pr.o i2d_r_pr.o d2i_r_pu.o i2d_r_pu.o d2i_s_pr.o i2d_s_pr.o d2i_s_pu.o i2d_s_pu.o d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o t_req.o t_x509.o t_pkey.o p7_i_s.o p7_signi.o p7_signd.o p7_recip.o p7_enc_c.o p7_evp.o p7_dgst.o p7_s_e.o p7_enc.o p7_lib.o f_int.o f_string.o i2d_dhp.o i2d_dsap.o d2i_dhp.o d2i_dsap.o n_pkey.o a_hdr.o x_pkey.o a_bool.o x_exten.o asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o evp_asn1.o -LIBSRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c evp_asn1.c +LIBOBJ=a_object.o a_bitstr.o a_utctm.o a_int.o a_octet.o a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o a_bmp.o a_sign.o a_digest.o a_verify.o x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_name.o x_cinf.o x_x509.o x_crl.o x_info.o x_spki.o d2i_r_pr.o i2d_r_pr.o d2i_r_pu.o i2d_r_pu.o d2i_s_pr.o i2d_s_pr.o d2i_s_pu.o i2d_s_pu.o d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o t_req.o t_x509.o t_pkey.o p7_i_s.o p7_signi.o p7_signd.o p7_recip.o p7_enc_c.o p7_evp.o p7_dgst.o p7_s_e.o p7_enc.o p7_lib.o f_int.o f_string.o i2d_dhp.o i2d_dsap.o d2i_dhp.o d2i_dsap.o n_pkey.o a_hdr.o x_pkey.o a_bool.o x_exten.o asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o evp_asn1.o +LIBSRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_bmp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c evp_asn1.c MAKE=make -f Makefile.ssl MAKEDEPEND=makedepend -f Makefile.ssl MAKEFILE=Makefile.ssl -SRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c evp_asn1.c +SRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_bmp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c evp_asn1.c TEST= TOP=../.. RELATIVE_DIRECTORY= @@ -820,8 +821,58 @@ SRC=pk7_lib.c pkcs7err.c pk7_doit.c TEST= TOP=../.. RELATIVE_DIRECTORY= +RELATIVE_DIRECTORY=crypto/proxy +ALL=Makefile proxy.c pxy_txt.c bf_proxy.c pxy_conf.c pxy_err.c proxy.h +APPS= +AR=ar r +CC=cc +CFLAG=-g +CFLAGS=-I.. -I../../include -g +DIR=proxy +ERR=proxy +ERRC=pxy_err +EXHEADER=proxy.h +GENERAL=Makefile +HEADER=proxy.h +INCLUDES=-I.. -I../../include +INSTALLTOP=/usr/local/ssl +LIB=../../libcrypto.a +LIBOBJ=proxy.o pxy_txt.o bf_proxy.o pxy_conf.o pxy_err.o +LIBSRC=proxy.c pxy_txt.c bf_proxy.c pxy_conf.c pxy_err.c +MAKE=make -f Makefile.ssl +MAKEDEPEND=makedepend -f Makefile.ssl +MAKEFILE=Makefile.ssl +SRC=proxy.c pxy_txt.c bf_proxy.c pxy_conf.c pxy_err.c +TEST= +TOP=../.. +RELATIVE_DIRECTORY= +RELATIVE_DIRECTORY=crypto/comp +ALL=Makefile comp_lib.c c_rle.c c_zlib.c comp.h +APPS= +AR=ar r +CC=cc +CFLAG=-g +CFLAGS=-I.. -I../../include -g +DIR=comp +ERR=comp +ERRC=comp_err +EXHEADER=comp.h +GENERAL=Makefile +HEADER=comp.h +INCLUDES=-I.. -I../../include +INSTALLTOP=/usr/local/ssl +LIB=../../libcrypto.a +LIBOBJ=comp_lib.o c_rle.o c_zlib.o +LIBSRC=comp_lib.c c_rle.c c_zlib.c +MAKE=make -f Makefile.ssl +MAKEDEPEND=makedepend -f Makefile.ssl +MAKEFILE=Makefile.ssl +SRC=comp_lib.c c_rle.c c_zlib.c +TEST= +TOP=../.. +RELATIVE_DIRECTORY= RELATIVE_DIRECTORY=ssl -ALL=Makefile README s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c ssl.h ssl2.h ssl3.h ssl23.h tls1.h ssl_locl.h +ALL=Makefile README s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c pxy_ssl.c ssl_err.c ssl.h ssl2.h ssl3.h ssl23.h tls1.h ssl_locl.h APPS= AR=ar r CC=cc @@ -836,12 +887,12 @@ HEADER=ssl.h ssl2.h ssl3.h ssl23.h tls1.h ssl_locl.h INCLUDES=-I../crypto -I../include INSTALLTOP=/usr/local/ssl LIB=../libssl.a -LIBOBJ=s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o ssl_ciph.o ssl_stat.o ssl_rsa.o ssl_asn1.o ssl_txt.o ssl_algs.o bio_ssl.o ssl_err.o -LIBSRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c +LIBOBJ=s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o ssl_ciph.o ssl_stat.o ssl_rsa.o ssl_asn1.o ssl_txt.o ssl_algs.o bio_ssl.o pxy_ssl.o ssl_err.o +LIBSRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c pxy_ssl.c ssl_err.c MAKE=make -f Makefile.ssl MAKEDEPEND=makedepend -f Makefile.ssl MAKEFILE=Makefile.ssl -SRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c +SRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c pxy_ssl.c ssl_err.c TEST=ssltest.c TOP=.. RELATIVE_DIRECTORY= @@ -871,7 +922,7 @@ TEST= TOP=.. RELATIVE_DIRECTORY= RELATIVE_DIRECTORY=apps -ALL=Makefile verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c apps.h progs.h s_apps.h testdsa.h testrsa.h +ALL=Makefile verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c bf_perm.c version.c sess_id.c ciphers.c apps.h progs.h s_apps.h testdsa.h testrsa.h A_OBJ=apps.o A_SRC=apps.c CC=cc @@ -884,8 +935,8 @@ EXE=ssleay EXHEADER= EX_LIBS= E_EXE=verify asn1pars req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers -E_OBJ=verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o pkcs7.o crl2p7.o crl.o rsa.o dsa.o dsaparam.o x509.o genrsa.o s_server.o s_client.o speed.o s_time.o apps.o s_cb.o s_socket.o version.o sess_id.o ciphers.o -E_SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c +E_OBJ=verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o pkcs7.o crl2p7.o crl.o rsa.o dsa.o dsaparam.o x509.o genrsa.o s_server.o s_client.o s_ speed.o s_time.o apps.o s_cb.o s_socket.o bf_perm.o version.o sess_id.o ciphers.o +E_SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c bf_perm.c version.c sess_id.c ciphers.c GENERAL=Makefile HEADER=apps.h progs.h s_apps.h testdsa.h testrsa.h INCLUDES=-I../include @@ -899,10 +950,10 @@ PEX_LIBS= PROGS=ssleay.c RM=/bin/rm -f SCRIPTS=CA.sh der_chop -SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c +SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c bf_perm.c version.c sess_id.c ciphers.c SSLEAY=ssleay -S_OBJ=s_cb.o s_socket.o -S_SRC=s_cb.c s_socket.c +S_OBJ=s_cb.o s_socket.o bf_perm.o +S_SRC=s_cb.c s_socket.c bf_perm.c TOP=.. RELATIVE_DIRECTORY= RELATIVE_DIRECTORY=test diff --git a/Makefile.ssl b/Makefile.ssl index 0f352027e..09c2ff25e 100644 --- a/Makefile.ssl +++ b/Makefile.ssl @@ -1,6 +1,7 @@ # # Makefile for all the SSL related library routines and utilities -VERSION = 0.9.0a +VERSION = 0.9.1b +PLATFORM=debug # # make install will install: # libraries into $INSTALLTOP/lib @@ -57,29 +58,31 @@ VERSION = 0.9.0a # MD5_ASM needs to be defined to use the x86 assembler for MD5 # SHA1_ASM needs to be defined to use the x86 assembler for SHA1 # RMD160_ASM needs to be defined to use the x86 assembler for RIPEMD160 +# Do not define B_ENDIAN or L_ENDIAN if 'unsigned long' == 8. It must +# equal 4. +# PKCS1_CHECK - pkcs1 tests. - -CC= cc -#CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DMD5_ASM -DSHA1_ASM -DRMD160_ASM -CFLAG= -O -DNOPROTO +CC= gcc +#CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM +CFLAG= -DBN_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror PEX_LIBS= -L. -L.. -L../.. -L../../.. -EX_LIBS= +EX_LIBS= -lefence AR=ar r -# Set BN_MULW to bn_mulw.o if you want to use the C version -BN_MULW= bn_mulw.o -#BN_MULW= bn_mulw.o -#BN_MULW= asm/bn86-elf.o # elf, linux-elf -#BN_MULW= asm/bn86-sol.o # solaris -#BN_MULW= asm/bn86-out.o # a.out, FreeBSD -#BN_MULW= asm/bn86bsdi.o # bsdi -#BN_MULW= asm/alpha.o # DEC Alpha -#BN_MULW= asm/pa-risc2.o # HP-UX PA-RISC -#BN_MULW= asm/r3000.o # SGI MIPS cpu -#BN_MULW= asm/sparc.o # Sun solaris/SunOS -#BN_MULW= asm/bn-win32.o # Windows 95/NT -#BN_MULW= asm/x86w16.o # 16 bit code for Windows 3.1/DOS -#BN_MULW= asm/x86w32.o # 32 bit code for Windows 3.1 +# Set BN_ASM to bn_asm.o if you want to use the C version +BN_ASM= bn_asm.o +#BN_ASM= bn_asm.o +#BN_ASM= asm/bn86-elf.o # elf, linux-elf +#BN_ASM= asm/bn86-sol.o # solaris +#BN_ASM= asm/bn86-out.o # a.out, FreeBSD +#BN_ASM= asm/bn86bsdi.o # bsdi +#BN_ASM= asm/alpha.o # DEC Alpha +#BN_ASM= asm/pa-risc2.o # HP-UX PA-RISC +#BN_ASM= asm/r3000.o # SGI MIPS cpu +#BN_ASM= asm/sparc.o # Sun solaris/SunOS +#BN_ASM= asm/bn-win32.o # Windows 95/NT +#BN_ASM= asm/x86w16.o # 16 bit code for Windows 3.1/DOS +#BN_ASM= asm/x86w32.o # 32 bit code for Windows 3.1 # Set DES_ENC to des_enc.o if you want to use the C version #There are 4 x86 assember options. @@ -154,7 +157,7 @@ SDIRS= \ des rc2 rc4 rc5 idea bf cast \ bn rsa dsa dh \ buffer bio stack lhash rand err objects \ - evp pem asn1 x509 conf txt_db pkcs7 + evp pem asn1 x509 conf txt_db pkcs7 comp # If you change the INSTALLTOP, make sure to also change the values # in crypto/location.h @@ -169,8 +172,9 @@ SHELL=/bin/sh TOP= . ONEDIRS=out tmp -EDIRS= times doc bugs util include certs ms shlib mt demos perl dep -MISC= COPYRIGHT Configure HISTORY.066 INSTALL Makefile.ssl Makefile \ +EDIRS= times doc bugs util include certs ms shlib mt demos perl sf dep +MISC= COPYRIGHT Configure HISTORY.090 HISTORY.066 INSTALL Makefile.ssl \ + Makefile \ README TODO HISTORY README.066 README.080 README.090 \ VERSION PROBLEMS MINFO makefile.one e_os.h \ MICROSOFT makevms.com config PATENTS @@ -189,16 +193,19 @@ all: @for i in $(DIRS) ;\ do \ (cd $$i; echo "making $$i..."; \ - $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' SDIRS='${SDIRS}' AR='${AR}' all ); \ + $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' SDIRS='${SDIRS}' AR='${AR}' all ); \ done; sub_all: @for i in $(DIRS) ;\ do \ (cd $$i; echo "making $$i..."; \ - $(MAKE) CC='${CC}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' all ); \ + $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' all ); \ done; +libclean: + /bin/rm *.a */lib */*/lib + clean: /bin/rm -f shlib/*.o *.o core a.out fluff *.map @for i in $(DIRS) ;\ @@ -253,7 +260,7 @@ test: tests tests: (cd test; echo "testing $$i..."; \ - $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SDIRS='${SDIRS}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' tests ); + $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SDIRS='${SDIRS}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' tests ); @apps/ssleay version -a depend: @@ -1,9 +1,13 @@ RSA Data Security holds software patents on the RSA and RC5 algorithms. If there ciphers are used used inside the USA (and Japan?), you must contact -RSA Data Security for licencing conditions. - -The IDEA algorithm is patented by XXXX and they should be contacted if that -algorithm is to be used. +RSA Data Security for licencing conditions. Their web page is +http://www.rsa.com RC4 is a trademark of RSA Data Security, so use of this label should perhaps -only me used with RSA Data Security's permission. +only me used with RSA Data Security's permission. + +The IDEA algorithm is patented by Ascom in Austria, France, Germany, +Italy, Japan, Netherlands, Spain, Sweden, Switzerland, UK and the USA. +They should be contacted if that algorithm is to be used, their web page is +http://www.ascom.ch + @@ -1,4 +1,4 @@ - SSLeay 0.9.0b 29-Jun-1998 + SSLeay 0.9.1a 06-Jul-1998 Copyright (c) 1997, Eric Young All rights reserved. diff --git a/README.090 b/README.090 index 634870d5f..811037fc2 100644 --- a/README.090 +++ b/README.090 @@ -5,67 +5,4 @@ I expect a 0.9.1 will follow with portability fixes in the next few weeks. This is a quick, meet the deadline. Look to ssl-users for comments on what is new etc. -The state of play -- TLSv1 - I need to do some explaining about how the methods interact. - The bad news is that SSLeay 0.8.x application will not roll back to - SSLv3, I suffed up. 0.8.x is rather pedantic about the '3.0' version - number. Look at the 'no-tls' options in applications in the apps directory. -- The perl5 stuff is very rough. The SSL part does not work due to - reference count hassles in the BIO stuff. I just have not had time to - look at it. The cipher, digest and bignum stuff works though. I just - need to clean up the API. -- Lots of x86 assember. I now have it for des, 3des, rc4, rc5, blowfish, - cast, md5, sha1 and ripemd160. It has been tested on win32, linux (elf) - and FreeBSD (a.out). -- As mentioned above, cast, rc5 and ripemd160 have been added. -- A simple HMAC set of functions. -- EX_DATA strucutre, which can be used by applications or other libraries - to tack arbitarty data against strucutures that include it. - You will probably have to see examples to see how to use it, and I will - elaberate on the ssl-users mailing list -- RSA blinding. If you fear timing attacks on RSA, you can turn on - blinding which defeats it. -- From Tim Hudson, try running 'sh config' instead of 'perl Configure'. - I makes an educated guess as to what you are and then runs 'perl Configure' -- The error stuff has been modified so arbitary strings can be taged - against an error message. It is used in a few places to elaberate on - parameters that caused the error. - -Areas of work -- The 16bit big-num assember needs a routine added. The WIN16 and - WIN32 stuff is ok, but MS-DOS or 286 builds need the update. -- Most of the bignum assember will not work. There will be a function - missing, bn_add_words(). I need people to send me the C compiler output - for platforms I don't already have. Currently, the assember is correct for - x86, win32, win16(386+), linux elf, FreeBSD a.out and sparc. -- PKCS7, I have delusions of s/MIME. I need to do a BIO interface. -- perl5, it needs finishing -- X509v3 extension. I have some ideas, I just need to - implement them :-) -- Public key methods. I need to clean up the library internally so - public key methods are loaded is a similar way to symetric ciphers - and digests. I also need to seperate out the digests from public - key methods. This stuff is needed to support sortware patents, smaller - code size and hardware tokens. - -Anyway, this release gets out the bug fixes and TLS, but be warned, until -all those old SSLeay 0.8.x based server get upgraded, you will need to -connect with SSLv3 if TLSv1 fails. - eric (about to go bushwalking for the 4 day easter break :-) - -PS Common problems -- For Win32 build, use /MD to specify your libraries, or build SSLeay with - the same flags as your application. Visual C stuffs up the malloc routines - if memory allocated by one memory model is freed by another. FILE pointers - are a major cause of these problem. -- If you are trying to use non-blocking IO and it is not working, - try 'ssleay s_client -help' and see if the -nbio option is listed. - For unixware, it has the non-block IO define in 'differnt' header file - and SSLeay will silently build without non-blocking IO calls (but for - unixware, the special header has been included). -- -DL_ENDIAN. For the message digests, some code needs to be turned off - in the C code when assember is used. For x86, this means the L_ENDIAN - needs to defined when x86 -DSHA1_ASM is defined. The reasons this is - not automagically done is because non-x86 assember could be bigendian. - For pure C code builds, the B_ENDIAN/L_ENDIAN flags are optional. diff --git a/apps/asn1pars.c b/apps/asn1pars.c index 3d382282e..edeffaaa8 100644 --- a/apps/asn1pars.c +++ b/apps/asn1pars.c @@ -56,6 +56,10 @@ * [including the GNU Public Licence.] */ +/* A nice addition from Dr Stephen Henson <shenson@bigfoot.com> to + * add the -strparse option which parses nested binarary structures + */ + #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -65,11 +69,6 @@ #include "x509.h" #include "pem.h" -#define FORMAT_UNDEF 0 -#define FORMAT_ASN1 1 -#define FORMAT_TEXT 2 -#define FORMAT_PEM 3 - /* -inform arg - input format - default PEM (DER or PEM) * -in arg - input file - default stdin * -i - indent the details by depth @@ -85,13 +84,16 @@ int MAIN(argc, argv) int argc; char **argv; { - int i,badops=0,offset=0,ret=1; + int i,badops=0,offset=0,ret=1,j; unsigned int length=0; - long num; + long num,tmplen; BIO *in=NULL,*out=NULL,*b64=NULL; int informat,indent=0; char *infile=NULL,*str=NULL,*prog,*oidfile=NULL; + unsigned char *tmpbuf; BUF_MEM *buf=NULL; + STACK *osk=NULL; + ASN1_TYPE *at=NULL; informat=FORMAT_PEM; @@ -104,6 +106,11 @@ char **argv; prog=argv[0]; argc--; argv++; + if ((osk=sk_new_null()) == NULL) + { + BIO_printf(bio_err,"Malloc failure\n"); + goto end; + } while (argc >= 1) { if (strcmp(*argv,"-inform") == 0) @@ -136,6 +143,11 @@ char **argv; length= atoi(*(++argv)); if (length == 0) goto bad; } + else if (strcmp(*argv,"-strparse") == 0) + { + if (--argc < 1) goto bad; + sk_push(osk,*(++argv)); + } else { BIO_printf(bio_err,"unknown option %s\n",*argv); @@ -157,6 +169,9 @@ bad: BIO_printf(bio_err," -length arg lenth of section in file\n"); BIO_printf(bio_err," -i indent entries\n"); BIO_printf(bio_err," -oid file file of extra oid definitions\n"); + BIO_printf(bio_err," -strparse offset\n"); + BIO_printf(bio_err," a series of these can be used to 'dig' into multiple\n"); + BIO_printf(bio_err," ASN1 blob wrappings\n"); goto end; } @@ -218,6 +233,36 @@ bad: } str=buf->data; + /* If any structs to parse go through in sequence */ + + if (sk_num(osk)) + { + tmpbuf=(unsigned char *)str; + tmplen=num; + for (i=0; i<sk_num(osk); i++) + { + j=atoi(sk_value(osk,i)); + if (j == 0) + { + BIO_printf(bio_err,"'%s' is an invalid number\n",sk_value(osk,i)); + continue; + } + tmpbuf+=j; + tmplen-=j; + if (d2i_ASN1_TYPE(&at,&tmpbuf,tmplen) == NULL) + { + BIO_printf(bio_err,"Error parsing structure\n"); + ERR_print_errors(bio_err); + goto end; + } + /* hmm... this is a little evil but it works */ + tmpbuf=at->value.asn1_string->data; + tmplen=at->value.asn1_string->length; + } + str=(char *)tmpbuf; + num=tmplen; + } + if (length == 0) length=(unsigned int)num; if (!ASN1_parse(out,(unsigned char *)&(str[offset]),length,indent)) { @@ -232,6 +277,8 @@ end: if (ret != 0) ERR_print_errors(bio_err); if (buf != NULL) BUF_MEM_free(buf); + if (at != NULL) ASN1_TYPE_free(at); + if (osk != NULL) sk_free(osk); OBJ_cleanup(); EXIT(ret); } diff --git a/apps/ca-cert.srl b/apps/ca-cert.srl index 75016ea36..eeee65ec4 100644 --- a/apps/ca-cert.srl +++ b/apps/ca-cert.srl @@ -1 +1 @@ -03 +05 @@ -431,6 +431,29 @@ bad: } } + if (conf != NULL) + { + p=CONF_get_string(conf,NULL,"oid_file"); + if (p != NULL) + { + BIO *oid_bio; + + oid_bio=BIO_new_file(p,"r"); + if (oid_bio == NULL) + { + /* + BIO_printf(bio_err,"problems opening %s for extra oid's\n",p); + ERR_print_errors(bio_err); + */ + } + else + { + OBJ_create_objects(oid_bio); + BIO_free(oid_bio); + } + } + } + in=BIO_new(BIO_s_file()); out=BIO_new(BIO_s_file()); Sout=BIO_new(BIO_s_file()); @@ -490,6 +513,12 @@ bad: goto err; } + if (!X509_check_private_key(x509,pkey)) + { + BIO_printf(bio_err,"CA certificate and CA private key do not match\n"); + goto err; + } + f=CONF_get_string(conf,BASE_SECTION,ENV_PRESERVE); if ((f != NULL) && ((*f == 'y') || (*f == 'Y'))) preserve=1; @@ -700,7 +729,7 @@ bad: } if (verbose) { - if ((f=BN_bn2ascii(serial)) == NULL) goto err; + if ((f=BN_bn2hex(serial)) == NULL) goto err; BIO_printf(bio_err,"next serial number is %s\n",f); Free(f); } @@ -1273,7 +1302,7 @@ int verbose; if (i == 0) { ok=0; - BIO_printf(bio_err,"Signature did not match the certificate request\n"); + BIO_printf(bio_err,"Signature did not match the certificate\n"); goto err; } else @@ -1530,7 +1559,7 @@ again2: BIO_printf(bio_err,"The subject name apears to be ok, checking data base for clashes\n"); row[DB_name]=X509_NAME_oneline(subject,NULL,0); - row[DB_serial]=BN_bn2ascii(serial); + row[DB_serial]=BN_bn2hex(serial); if ((row[DB_name] == NULL) || (row[DB_serial] == NULL)) { BIO_printf(bio_err,"Malloc failure\n"); @@ -1661,6 +1690,8 @@ again2: } } + if (pkey->type == EVP_PKEY_DSA) dgst=EVP_dss1(); + #ifndef NO_DSA pktmp=X509_get_pubkey(ret); if (EVP_PKEY_missing_parameters(pktmp) && @@ -2022,7 +2053,7 @@ char *sec; default: BIO_printf(bio_err,"Don't know how to pack extension %s\n",cv->name); goto err; - break; + /* break; */ } if ((x=X509_EXTENSION_create_by_NID(NULL,nid,0,str)) == NULL) diff --git a/apps/cert.der b/apps/cert.der Binary files differnew file mode 100644 index 000000000..58d9fd89b --- /dev/null +++ b/apps/cert.der diff --git a/apps/crl.c b/apps/crl.c index 2c18374ee..acb5cb9b2 100644 --- a/apps/crl.c +++ b/apps/crl.c @@ -71,11 +71,6 @@ #undef POSTFIX #define POSTFIX ".rvk" -#define FORMAT_UNDEF 0 -#define FORMAT_ASN1 1 -#define FORMAT_TEXT 2 -#define FORMAT_PEM 3 - static char *crl_usage[]={ "usage: crl args\n", "\n", diff --git a/apps/dgst.c b/apps/dgst.c index eea291db1..86d60c53d 100644 --- a/apps/dgst.c +++ b/apps/dgst.c @@ -146,6 +146,8 @@ char **argv; LN_sha,LN_sha); BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n", LN_mdc2,LN_mdc2); + BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n", + LN_ripemd160,LN_ripemd160); err=1; goto end; } diff --git a/apps/dsaparam.c b/apps/dsaparam.c index 6e99289bd..de1d0cc95 100644 --- a/apps/dsaparam.c +++ b/apps/dsaparam.c @@ -80,6 +80,7 @@ * -text * -C * -noout + * -genkey */ #ifndef NOPROTO @@ -97,7 +98,7 @@ char **argv; BIO *in=NULL,*out=NULL; int informat,outformat,noout=0,C=0,ret=1; char *infile,*outfile,*prog,*inrand=NULL; - int numbits= -1,num; + int numbits= -1,num,genkey=0; char buffer[200],*randfile=NULL; apps_startup(); @@ -140,6 +141,8 @@ char **argv; text=1; else if (strcmp(*argv,"-C") == 0) C=1; + else if (strcmp(*argv,"-genkey") == 0) + genkey=1; else if (strcmp(*argv,"-rand") == 0) { if (--argc < 1) goto bad; @@ -315,6 +318,22 @@ bad: goto end; } } + if (genkey) + { + DSA *dsakey; + + if ((dsakey=DSAparams_dup(dsa)) == NULL) goto end; + if (!DSA_generate_key(dsakey)) goto end; + if (outformat == FORMAT_ASN1) + i=i2d_DSAPrivateKey_bio(out,dsakey); + else if (outformat == FORMAT_PEM) + i=PEM_write_bio_DSAPrivateKey(out,dsakey,NULL,NULL,0,NULL); + else { + BIO_printf(bio_err,"bad output format specified for outfile\n"); + goto end; + } + DSA_free(dsakey); + } ret=0; end: if (in != NULL) BIO_free(in); diff --git a/apps/g_ssleay.pl b/apps/g_ssleay.pl index cd05fe6a7..4c63e86ea 100644 --- a/apps/g_ssleay.pl +++ b/apps/g_ssleay.pl @@ -49,7 +49,7 @@ foreach (@ARGV) { print $str; } } -foreach ("md2","md5","sha","sha1","mdc2") +foreach ("md2","md5","sha","sha1","mdc2","rmd160") { push(@files,$_); printf "\t{FUNC_TYPE_MD,\"%s\",dgst_main},\n",$_; diff --git a/apps/mklinks b/apps/mklinks index 55a56b399..d9be1c35c 100644 --- a/apps/mklinks +++ b/apps/mklinks @@ -1,5 +1,5 @@ #!/bin/sh -for i in verify asn1parse req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 base64 des des3 desx idea rc4 rc2 bf cast rc5 des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb cast5-cbc cast5-ecb cast5-cfb cast5-ofb cast-cbc rc5-cbc rc5-ecb rc5-cfb rc5-ofb +for i in verify asn1parse req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 rmd160 base64 des des3 desx idea rc4 rc2 bf cast rc5 des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb cast5-cbc cast5-ecb cast5-cfb cast5-ofb cast-cbc rc5-cbc rc5-ecb rc5-cfb rc5-ofb do echo making symlink for $i /bin/rm -f $i diff --git a/apps/openssl.c b/apps/openssl.c index eac411b85..739a0e8f3 100644 --- a/apps/openssl.c +++ b/apps/openssl.c @@ -241,6 +241,7 @@ end: ERR_remove_state(0); EVP_cleanup(); + ERR_free_strings(); CRYPTO_mem_leaks(bio_err); if (bio_err != NULL) diff --git a/apps/openssl.cnf b/apps/openssl.cnf index 0b3bfa64f..2621d90d3 100644 --- a/apps/openssl.cnf +++ b/apps/openssl.cnf @@ -4,6 +4,7 @@ # RANDFILE = $ENV::HOME/.rnd +oid_file = $ENV::HOME/.oid #################################################################### [ ca ] @@ -90,6 +91,8 @@ commonName_max = 64 emailAddress = Email Address emailAddress_max = 40 +SET-ex3 = SET extension number 3 + [ req_attributes ] challengePassword = A challenge password challengePassword_min = 4 diff --git a/apps/privkey.pem b/apps/privkey.pem index b567e411b..0af46474a 100644 --- a/apps/privkey.pem +++ b/apps/privkey.pem @@ -1,11 +1,18 @@ ------BEGIN DSA PRIVATE KEY----- +-----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED -DEK-Info: DES-EDE3-CBC,1BF8E9CE60B9941C +DEK-Info: DES-EDE3-CBC,BA26229A1653B7FF -JuhgIvVRrxCRedTTC9ABlIByMsq6IcpqyDZwOPS4rxTtVWvjj1BMHtoCebK7CKMZ -dLsvztfSkdAYmTGK62C73RwlmnMxB4JXhTLaoAX2eL9iylojTWRg+/0Y4rbIKmUe -hrmwrHld7vnfE9XHL8OoaFp6aJ8BB9B8HIfdJMnrNcTWJSGS6gYPTWPdm7ZCykEV -2fFEX6IqWjBjaRm36Esj5mHLRVhBbi2n/jy5IhZeqjEsQ8adYGUulzPSe5xc2JZa -+OO4ch/RRqWTFP59eNPfdke3UE7uNlUhPnYDAOXhSdMJBzI+T9RQXU2y/tMOrYYK -3+jNQcQ9q1Xy1s5dz/BOvw== ------END DSA PRIVATE KEY----- +6nhWG8PKhTPO/s3ZvjUa6226NlKdvPDZFsNXOOoSUs9ejxpb/aj5huhs6qRYzsz9 +Year47uaAZYhGD0vAagnNiBnYmjWEpN9G/wQxG7pgZThK1ZxDi63qn8aQ8UjuGHo +F6RpnnBQIAnWTWqr/Qsybtc5EoNkrj/Cpx0OfbSr6gZsFBCxwX1R1hT3/mhJ45f3 +XMofY32Vdfx9/vtw1O7HmlHXQnXaqnbd9/nn1EpvFJG9+UjPoW7gV4jCOLuR4deE +jS8hm+cpkwXmFtk3VGjT9tQXPpMv3JpYfBqgGQoMAJ5Toq0DWcHi6Wg08PsD8lgy +vmTioPsRg+JGkJkJ8GnusgLpQdlQJbjzd7wGE6ElUFLfOxLo8bLlRHoriHNdWYhh +JjY0LyeTkovcmWxVjImc6ZyBz5Ly4t0BYf1gq3OkjsV91Q1taBxnhiavfizqMCAf +PPB3sLQnlXG77TOXkNxpqbZfEYrVZW2Nsqqdn8s07Uj4IMONZyq2odYKWFPMJBiM +POYwXjMAOcmFMTHYsVlhcUJuV6LOuipw/FEbTtPH/MYMxLe4zx65dYo1rb4iLKLS +gMtB0o/Wl4Xno3ZXh1ucicYnV2J7NpVcjVq+3SFiCRu2SrSkZHZ23EPS13Ec6fcz +8X/YGA2vTJ8MAOozAzQUwHQYvLk7bIoQVekqDq4p0AZQbhdspHpArCk0Ifqqzg/v +Uyky/zZiQYanzDenTSRVI/8wac3olxpU8QvbySxYqmbkgq6bTpXJfYFQfnAttEsC +dA4S5UFgyOPZluxCAM4yaJF3Ft6neutNwftuJQMbgCUi9vYg2tGdSw== +-----END RSA PRIVATE KEY----- diff --git a/apps/progs.h b/apps/progs.h index ec00396ed..578bfcf51 100644 --- a/apps/progs.h +++ b/apps/progs.h @@ -118,6 +118,7 @@ FUNCTION functions[] = { {FUNC_TYPE_MD,"sha",dgst_main}, {FUNC_TYPE_MD,"sha1",dgst_main}, {FUNC_TYPE_MD,"mdc2",dgst_main}, + {FUNC_TYPE_MD,"rmd160",dgst_main}, {FUNC_TYPE_CIPHER,"base64",enc_main}, #ifndef NO_DES {FUNC_TYPE_CIPHER,"des",enc_main}, diff --git a/apps/progs.pl b/apps/progs.pl index cd05fe6a7..4c63e86ea 100644 --- a/apps/progs.pl +++ b/apps/progs.pl @@ -49,7 +49,7 @@ foreach (@ARGV) { print $str; } } -foreach ("md2","md5","sha","sha1","mdc2") +foreach ("md2","md5","sha","sha1","mdc2","rmd160") { push(@files,$_); printf "\t{FUNC_TYPE_MD,\"%s\",dgst_main},\n",$_; diff --git a/apps/req.c b/apps/req.c index f51345f5a..9af5b4957 100644 --- a/apps/req.c +++ b/apps/req.c @@ -392,6 +392,29 @@ bad: } } + if (req_conf != NULL) + { + p=CONF_get_string(req_conf,NULL,"oid_file"); + if (p != NULL) + { + BIO *oid_bio; + + oid_bio=BIO_new_file(p,"r"); + if (oid_bio == NULL) + { + /* + BIO_printf(bio_err,"problems opening %s for extra oid's\n",p); + ERR_print_errors(bio_err); + */ + } + else + { + OBJ_create_objects(oid_bio); + BIO_free(oid_bio); + } + } + } + if ((md_alg == NULL) && ((p=CONF_get_string(req_conf,SECTION,"default_md")) != NULL)) { diff --git a/apps/rmlinks b/apps/rmlinks index 7c4f8983b..005673675 100644 --- a/apps/rmlinks +++ b/apps/rmlinks @@ -1,5 +1,5 @@ #!/bin/sh -for i in verify asn1parse req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 base64 des des3 desx idea rc4 rc2 bf cast rc5 des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb cast5-cbc cast5-ecb cast5-cfb cast5-ofb cast-cbc rc5-cbc rc5-ecb rc5-cfb rc5-ofb +for i in verify asn1parse req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 rmd160 base64 des des3 desx idea rc4 rc2 bf cast rc5 des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb cast5-cbc cast5-ecb cast5-cfb cast5-ofb cast-cbc rc5-cbc rc5-ecb rc5-cfb rc5-ofb do echo removing $i /bin/rm -f $i diff --git a/apps/s_cb.c b/apps/s_cb.c index cd086bb93..7fa855c5d 100644 --- a/apps/s_cb.c +++ b/apps/s_cb.c @@ -130,8 +130,10 @@ char *key_file; { if (cert_file != NULL) { + /* SSL *ssl; X509 *x509; + */ if (SSL_CTX_use_certificate_file(ctx,cert_file, SSL_FILETYPE_PEM) <= 0) @@ -149,6 +151,8 @@ char *key_file; return(0); } + /* + In theory this is no longer needed ssl=SSL_new(ctx); x509=SSL_get_certificate(ssl); @@ -156,6 +160,7 @@ char *key_file; EVP_PKEY_copy_parameters(X509_get_pubkey(x509), SSL_get_privatekey(ssl)); SSL_free(ssl); + */ /* If we are using DSA, we can copy the parameters from * the private key */ diff --git a/apps/s_client.c b/apps/s_client.c index e783eb723..e0cb24500 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -131,7 +131,7 @@ static void sc_usage() BIO_printf(bio_err," -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n"); BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n"); BIO_printf(bio_err," -cipher - prefered cipher to use, use the 'ssleay ciphers'\n"); - BIO_printf(bio_err," command to se what is available\n"); + BIO_printf(bio_err," command to see what is available\n"); } @@ -551,7 +551,15 @@ re_start: #ifdef RENEG { static int iiii; if (++iiii == 52) { SSL_renegotiate(con); iiii=0; } } #endif +#if 1 k=SSL_read(con,sbuf,1024 /* BUFSIZZ */ ); +#else +/* Demo for pending and peek :-) */ + k=SSL_read(con,sbuf,16); +{ char zbuf[10240]; +printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240)); +} +#endif switch (SSL_get_error(con,k)) { @@ -588,7 +596,7 @@ re_start: case SSL_ERROR_SSL: ERR_print_errors(bio_err); goto shut; - break; + /* break; */ } } @@ -658,7 +666,7 @@ int full; sk=SSL_get_peer_cert_chain(s); if (sk != NULL) { - BIO_printf(bio,"---\nCertficate chain\n"); + BIO_printf(bio,"---\nCertificate chain\n"); for (i=0; i<sk_num(sk); i++) { X509_NAME_oneline(X509_get_subject_name((X509 *) diff --git a/apps/s_server.c b/apps/s_server.c index 5012ef254..c9651b84a 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -136,7 +136,8 @@ static DH *get_dh512() /* static int load_CA(SSL_CTX *ctx, char *file);*/ #undef BUFSIZZ -#define BUFSIZZ 8*1024 +#define BUFSIZZ 16*1024 +static int bufsize=32; static int accept_socket= -1; #define TEST_CERT "server.pem" @@ -562,7 +563,7 @@ int s; SSL *con=NULL; BIO *sbio; - if ((buf=Malloc(BUFSIZZ)) == NULL) + if ((buf=Malloc(bufsize)) == NULL) { BIO_printf(bio_err,"out of memory\n"); goto err; @@ -614,7 +615,7 @@ int s; if (i <= 0) continue; if (FD_ISSET(fileno(stdin),&readfds)) { - i=read(fileno(stdin),buf,128/*BUFSIZZ*/); + i=read(fileno(stdin),buf,bufsize); if (!s_quiet) { if ((i <= 0) || (buf[0] == 'Q')) @@ -641,7 +642,7 @@ int s; printf("SSL_do_handshake -> %d\n",i); i=0; /*13; */ continue; - strcpy(buf,"server side RE-NEGOTIATE\n"); + /* strcpy(buf,"server side RE-NEGOTIATE\n"); */ } if ((buf[0] == 'R') && ((buf[1] == '\0') || (buf[1] == '\r'))) @@ -653,7 +654,7 @@ int s; printf("SSL_do_handshake -> %d\n",i); i=0; /* 13; */ continue; - strcpy(buf,"server side RE-NEGOTIATE asking for client cert\n"); + /* strcpy(buf,"server side RE-NEGOTIATE asking for client cert\n"); */ } if (buf[0] == 'P') { @@ -688,7 +689,7 @@ int s; ERR_print_errors(bio_err); ret=1; goto err; - break; + /* break; */ case SSL_ERROR_ZERO_RETURN: BIO_printf(bio_s_out,"DONE\n"); ret=1; @@ -718,12 +719,14 @@ int s; } else { - i=SSL_read(con,(char *)buf,128 /*BUFSIZZ */); +again: + i=SSL_read(con,(char *)buf,bufsize); switch (SSL_get_error(con,i)) { case SSL_ERROR_NONE: write(fileno(stdout),buf, (unsigned int)i); + if (SSL_pending(con)) goto again; break; case SSL_ERROR_WANT_WRITE: case SSL_ERROR_WANT_READ: @@ -755,7 +758,7 @@ err: BIO_printf(bio_s_out,"CONNECTION CLOSED\n"); if (buf != NULL) { - memset(buf,0,BUFSIZZ); + memset(buf,0,bufsize); Free(buf); } if (ret >= 0) @@ -820,6 +823,10 @@ SSL *con; str=SSL_CIPHER_get_name(SSL_get_current_cipher(con)); BIO_printf(bio_s_out,"CIPHER is %s\n",(str != NULL)?str:"(NONE)"); if (con->hit) BIO_printf(bio_s_out,"Reused session-id\n"); + if (SSL_ctrl(con,SSL_CTRL_GET_FLAGS,0,NULL) & + TLS1_FLAGS_TLS_PADDING_BUG) + BIO_printf(bio_s_out,"Peer has incorrect TLSv1 block padding\n"); + return(1); } @@ -865,7 +872,7 @@ static int www_body(hostname, s) char *hostname; int s; { - char buf[1024]; + char *buf=NULL; int ret=1; int i,j,k,blank,dot; struct stat st_buf; @@ -874,6 +881,8 @@ int s; BIO *io,*ssl_bio,*sbio; long total_bytes; + buf=Malloc(bufsize); + if (buf == NULL) return(0); io=BIO_new(BIO_f_buffer()); ssl_bio=BIO_new(BIO_f_ssl()); if ((io == NULL) || (ssl_bio == NULL)) goto err; @@ -891,7 +900,7 @@ int s; #endif /* lets make the output buffer a reasonable size */ - if (!BIO_set_write_buffer_size(io,253 /*16*1024*/)) goto err; + if (!BIO_set_write_buffer_size(io,bufsize)) goto err; if ((con=(SSL *)SSL_new(ctx)) == NULL) goto err; @@ -937,14 +946,14 @@ int s; case SSL_ERROR_ZERO_RETURN: ret=1; goto err; - break; + /* break; */ } SSL_renegotiate(con); SSL_write(con,NULL,0); } - i=BIO_gets(io,buf,sizeof(buf)-1); + i=BIO_gets(io,buf,bufsize-1); if (i < 0) /* error */ { if (!BIO_should_retry(io)) @@ -1004,7 +1013,7 @@ int s; BIO_puts(io,"\n"); } BIO_puts(io,"\n"); - p=SSL_get_shared_ciphers(con,buf,sizeof(buf)); + p=SSL_get_shared_ciphers(con,buf,bufsize); if (p != NULL) { BIO_printf(io,"---\nCiphers common between both SSL end points:\n"); @@ -1129,9 +1138,10 @@ int s; total_bytes=0; for (;;) { - i=BIO_read(file,buf,1024); + i=BIO_read(file,buf,bufsize); if (i <= 0) break; +#ifdef RENEG total_bytes+=i; fprintf(stderr,"%d\n",i); if (total_bytes > 3*1024) @@ -1140,6 +1150,7 @@ int s; fprintf(stderr,"RENEGOTIATE\n"); SSL_renegotiate(con); } +#endif for (j=0; j<i; ) { @@ -1194,6 +1205,7 @@ err: if (ret >= 0) BIO_printf(bio_s_out,"ACCEPT\n"); + if (buf != NULL) Free(buf); if (io != NULL) BIO_free_all(io); /* if (ssl_bio != NULL) BIO_free(ssl_bio);*/ return(ret); diff --git a/apps/s_time.c b/apps/s_time.c index 7571c208d..02f54f9d8 100644 --- a/apps/s_time.c +++ b/apps/s_time.c @@ -111,7 +111,8 @@ struct tms { #include <sys/select.h> #endif -#ifdef sun +#if defined(sun) || defined(__ultrix) +#define _POSIX_SOURCE #include <limits.h> #include <sys/param.h> #endif diff --git a/apps/server.pem b/apps/server.pem index eabb92703..c57b32507 100644 --- a/apps/server.pem +++ b/apps/server.pem @@ -1,17 +1,17 @@ issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit) subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (512 bit) -----BEGIN CERTIFICATE----- -MIIB6TCCAVICAQAwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV +MIIB6TCCAVICAQQwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD -VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzQ2WhcNOTgwNjA5 -MTM1NzQ2WjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG +VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTgwNjI5MjM1MjQwWhcNMDAwNjI4 +MjM1MjQwWjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0IGNl cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8SMVIP Fe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8Ey2// -Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQB4TMR2CvacKE9wAsu9jyCX8YiW -mgCM+YoP6kt4Zkj2z5IRfm7WrycKsnpnOR+tGeqAjkCeZ6/36o9l91RvPnN1VJ/i -xQv2df0KFeMr00IkDdTNAdIWqFkSsZTAY2QAdgenb7MB1joejquYzO2DQIO7+wpH -irObpESxAZLySCmPPg== +Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQCVvvfkGSe2GHgDFfmOua4Isjb9 +JVhImWMASiOClkZlMESDJjsszg/6+d/W+8TrbObhazpl95FivXBVucbj9dudh7AO +IZu1h1MAPlyknc9Ud816vz3FejB4qqUoaXjnlkrIgEbr/un7jSS86WOe0hRhwHkJ +FUGcPZf9ND22Etc+AQ== -----END CERTIFICATE----- -----BEGIN RSA PRIVATE KEY----- MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD diff --git a/apps/sess_id.c b/apps/sess_id.c index 2fad36a49..a606ca3a5 100644 --- a/apps/sess_id.c +++ b/apps/sess_id.c @@ -69,11 +69,6 @@ #undef PROG #define PROG sess_id_main -#define FORMAT_UNDEF 0 -#define FORMAT_ASN1 1 -#define FORMAT_TEXT 2 -#define FORMAT_PEM 3 - static char *sess_id_usage[]={ "usage: crl args\n", "\n", diff --git a/apps/speed.c b/apps/speed.c index 000393424..9e20b7217 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -60,8 +60,8 @@ #undef SECONDS #define SECONDS 3 -#define RSA_SECONDS 10 -#define DSA_SECONDS 10 +#define RSA_SECONDS 10 +#define DSA_SECONDS 10 /* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */ /* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */ @@ -107,7 +107,8 @@ struct tms { #include <sys/timeb.h> #endif -#ifdef sun +#if defined(sun) || defined(__ultrix) +#define _POSIX_SOURCE #include <limits.h> #include <sys/param.h> #endif @@ -361,13 +362,19 @@ char **argv; int pr_header=0; apps_startup(); +#ifdef NO_DSA + memset(dsa_key,0,sizeof(dsa_key)); +#endif if (bio_err == NULL) if ((bio_err=BIO_new(BIO_s_file())) != NULL) BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); +#ifndef NO_RSA + memset(rsa_key,0,sizeof(rsa_key)); for (i=0; i<RSA_NUM; i++) rsa_key[i]=NULL; +#endif if ((buf=(unsigned char *)Malloc((int)BUFSIZE)) == NULL) { @@ -679,7 +686,7 @@ char **argv; rsa_doit[i]=0; else { - if (rsa_c[i] == 0) + if (rsa_c[i][0] == 0) { rsa_c[i][0]=1; rsa_c[i][1]=20; @@ -969,6 +976,8 @@ char **argv; for (j=0; j<RSA_NUM; j++) { if (!rsa_doit[j]) continue; + rsa_num=RSA_private_encrypt(30,buf,buf2,rsa_key[j], + RSA_PKCS1_PADDING); pkey_print_message("private","rsa",rsa_c[j][0],rsa_bits[j], RSA_SECONDS); /* RSA_blinding_on(rsa_key[j],NULL); */ @@ -992,6 +1001,8 @@ char **argv; rsa_count=count; #if 1 + rsa_num2=RSA_public_decrypt(rsa_num,buf2,buf,rsa_key[j], + RSA_PKCS1_PADDING); pkey_print_message("public","rsa",rsa_c[j][1],rsa_bits[j], RSA_SECONDS); Time_F(START); @@ -1031,6 +1042,8 @@ char **argv; if (!dsa_doit[j]) continue; DSA_generate_key(dsa_key[j]); /* DSA_sign_setup(dsa_key[j],NULL); */ + rsa_num=DSA_sign(EVP_PKEY_DSA,buf,20,buf2, + &kk,dsa_key[j]); pkey_print_message("sign","dsa",dsa_c[j][0],dsa_bits[j], DSA_SECONDS); Time_F(START); @@ -1052,6 +1065,8 @@ char **argv; dsa_results[j][0]=d/(double)count; rsa_count=count; + rsa_num2=DSA_verify(EVP_PKEY_DSA,buf,20,buf2, + kk,dsa_key[j]); pkey_print_message("verify","dsa",dsa_c[j][1],dsa_bits[j], DSA_SECONDS); Time_F(START); diff --git a/apps/ssleay.c b/apps/ssleay.c index eac411b85..739a0e8f3 100644 --- a/apps/ssleay.c +++ b/apps/ssleay.c @@ -241,6 +241,7 @@ end: ERR_remove_state(0); EVP_cleanup(); + ERR_free_strings(); CRYPTO_mem_leaks(bio_err); if (bio_err != NULL) diff --git a/apps/ssleay.cnf b/apps/ssleay.cnf index 0b3bfa64f..2621d90d3 100644 --- a/apps/ssleay.cnf +++ b/apps/ssleay.cnf @@ -4,6 +4,7 @@ # RANDFILE = $ENV::HOME/.rnd +oid_file = $ENV::HOME/.oid #################################################################### [ ca ] @@ -90,6 +91,8 @@ commonName_max = 64 emailAddress = Email Address emailAddress_max = 40 +SET-ex3 = SET extension number 3 + [ req_attributes ] challengePassword = A challenge password challengePassword_min = 4 diff --git a/apps/verify.c b/apps/verify.c index 8cd675ff0..2179110d3 100644 --- a/apps/verify.c +++ b/apps/verify.c @@ -141,6 +141,7 @@ char **argv; X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT); + ERR_clear_error(); if (argc < 1) check(cert_ctx,NULL); else for (i=0; i<argc; i++) diff --git a/apps/version.c b/apps/version.c index fcf1f08cf..8d154ea8b 100644 --- a/apps/version.c +++ b/apps/version.c @@ -71,7 +71,7 @@ int argc; char **argv; { int i,ret=0; - int cflags=0,version=0,date=0,options=0; + int cflags=0,version=0,date=0,options=0,platform=0; apps_startup(); @@ -90,11 +90,13 @@ char **argv; cflags=1; else if (strcmp(argv[i],"-o") == 0) options=1; + else if (strcmp(argv[i],"-p") == 0) + platform=1; else if (strcmp(argv[i],"-a") == 0) - date=version=cflags=options=1; + date=version=cflags=options=platform=1; else { - BIO_printf(bio_err,"usage:version [-a] [-v] [-b] [-o] [-f]\n"); + BIO_printf(bio_err,"usage:version -[avbofp]\n"); ret=1; goto end; } @@ -102,6 +104,7 @@ char **argv; if (version) printf("%s\n",SSLeay_version(SSLEAY_VERSION)); if (date) printf("%s\n",SSLeay_version(SSLEAY_BUILT_ON)); + if (platform) printf("%s\n",SSLeay_version(SSLEAY_PLATFORM)); if (options) { printf("options:"); diff --git a/apps/x509.c b/apps/x509.c index f5e8be106..94d57bb3d 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -79,11 +79,6 @@ #define POSTFIX ".srl" #define DEF_DAYS 30 -#define FORMAT_UNDEF 0 -#define FORMAT_ASN1 1 -#define FORMAT_TEXT 2 -#define FORMAT_PEM 3 - #define CERT_HDR "certificate" static char *x509_usage[]={ @@ -219,7 +214,7 @@ char **argv; days=atoi(*(++argv)); if (days == 0) { - BIO_printf(bio_err,"bad number of days\n"); + BIO_printf(STDout,"bad number of days\n"); goto bad; } } @@ -400,9 +395,13 @@ bad: X509_gmtime_adj(X509_get_notBefore(x),0); X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days); +#if 0 X509_PUBKEY_free(ci->key); ci->key=req->req_info->pubkey; req->req_info->pubkey=NULL; +#else + X509_set_pubkey(x,X509_REQ_get_pubkey(req)); +#endif } else x=load_cert(infile,informat); @@ -445,24 +444,23 @@ bad: { X509_NAME_oneline(X509_get_issuer_name(x), buf,256); - fprintf(stdout,"issuer= %s\n",buf); + BIO_printf(STDout,"issuer= %s\n",buf); } else if (subject == i) { X509_NAME_oneline(X509_get_subject_name(x), buf,256); - fprintf(stdout,"subject=%s\n",buf); + BIO_printf(STDout,"subject=%s\n",buf); } else if (serial == i) { - fprintf(stdout,"serial="); + BIO_printf(STDout,"serial="); i2a_ASN1_INTEGER(STDout,x->cert_info->serialNumber); - fprintf(stdout,"\n"); + BIO_printf(STDout,"\n"); } else if (hash == i) { - fprintf(stdout,"%08lx\n", - X509_subject_name_hash(x)); + BIO_printf(STDout,"%08lx\n",X509_subject_name_hash(x)); } else #ifndef NO_RSA @@ -473,16 +471,16 @@ bad: pkey=X509_get_pubkey(x); if (pkey == NULL) { - fprintf(stdout,"Modulus=unavailable\n"); + BIO_printf(bio_err,"Modulus=unavailable\n"); ERR_print_errors(bio_err); goto end; } - fprintf(stdout,"Modulus="); + BIO_printf(STDout,"Modulus="); if (pkey->type == EVP_PKEY_RSA) BN_print(STDout,pkey->pkey.rsa->n); else - fprintf(stdout,"Wrong Algorithm type"); - fprintf(stdout,"\n"); + BIO_printf(STDout,"Wrong Algorithm type"); + BIO_printf(STDout,"\n"); } else #endif @@ -494,47 +492,49 @@ bad: X509_NAME_oneline(X509_get_subject_name(x), buf,256); - printf("/* subject:%s */\n",buf); + BIO_printf(STDout,"/* subject:%s */\n",buf); m=X509_NAME_oneline( X509_get_issuer_name(x),buf,256); - printf("/* issuer :%s */\n",buf); + BIO_printf(STDout,"/* issuer :%s */\n",buf); z=i2d_X509(x,NULL); m=Malloc(z); d=(unsigned char *)m; z=i2d_X509_NAME(X509_get_subject_name(x),&d); - printf("unsigned char XXX_subject_name[%d]={\n",z); + BIO_printf(STDout,"unsigned char XXX_subject_name[%d]={\n",z); d=(unsigned char *)m; for (y=0; y<z; y++) { - printf("0x%02X,",d[y]); - if ((y & 0x0f) == 0x0f) printf("\n"); + BIO_printf(STDout,"0x%02X,",d[y]); + if ((y & 0x0f) == 0x0f) BIO_printf(STDout,"\n"); } - if (y%16 != 0) printf("\n"); - printf("};\n"); + if (y%16 != 0) BIO_printf(STDout,"\n"); + BIO_printf(STDout,"};\n"); z=i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x),&d); - printf("unsigned char XXX_public_key[%d]={\n",z); + BIO_printf(STDout,"unsigned char XXX_public_key[%d]={\n",z); d=(unsigned char *)m; for (y=0; y<z; y++) { - printf("0x%02X,",d[y]); - if ((y & 0x0f) == 0x0f) printf("\n"); + BIO_printf(STDout,"0x%02X,",d[y]); + if ((y & 0x0f) == 0x0f) + BIO_printf(STDout,"\n"); } - if (y%16 != 0) printf("\n"); - printf("};\n"); + if (y%16 != 0) BIO_printf(STDout,"\n"); + BIO_printf(STDout,"};\n"); z=i2d_X509(x,&d); - printf("unsigned char XXX_certificate[%d]={\n",z); + BIO_printf(STDout,"unsigned char XXX_certificate[%d]={\n",z); d=(unsigned char *)m; for (y=0; y<z; y++) { - printf("0x%02X,",d[y]); - if ((y & 0x0f) == 0x0f) printf("\n"); + BIO_printf(STDout,"0x%02X,",d[y]); + if ((y & 0x0f) == 0x0f) + BIO_printf(STDout,"\n"); } - if (y%16 != 0) printf("\n"); - printf("};\n"); + if (y%16 != 0) BIO_printf(STDout,"\n"); + BIO_printf(STDout,"};\n"); Free(m); } @@ -565,10 +565,10 @@ bad: BIO_printf(bio_err,"out of memory\n"); goto end; } - fprintf(stdout,"MD5 Fingerprint="); + BIO_printf(STDout,"MD5 Fingerprint="); for (j=0; j<(int)n; j++) { - fprintf(stdout,"%02X%c",md[j], + BIO_printf(STDout,"%02X%c",md[j], (j+1 == (int)n) ?'\n':':'); } @@ -602,6 +602,7 @@ bad: if (CApkey->type == EVP_PKEY_DSA) digest=EVP_dss1(); #endif + if (!x509_certify(ctx,CAfile,digest,x,xca, CApkey, CAserial,CA_createserial,days)) @@ -802,6 +803,12 @@ int days; if (!reqfile && !X509_verify_cert(&xsc)) goto end; + if (!X509_check_private_key(xca,pkey)) + { + BIO_printf(bio_err,"CA certificate and CA private key do not match\n"); + goto end; + } + if (!X509_set_issuer_name(x,X509_get_subject_name(xca))) goto end; if (!X509_set_serialNumber(x,bs)) goto end; @@ -856,15 +863,15 @@ X509_STORE_CTX *ctx; * DEPTH_ZERO_SELF_.... */ if (ok) { - printf("error with certificate to be certified - should be self signed\n"); + BIO_printf(bio_err,"error with certificate to be certified - should be self signed\n"); return(0); } else { err_cert=X509_STORE_CTX_get_current_cert(ctx); X509_NAME_oneline(X509_get_subject_name(err_cert),buf,256); - printf("%s\n",buf); - printf("error with certificate - error %d at depth %d\n%s\n", + BIO_printf(bio_err,"%s\n",buf); + BIO_printf(bio_err,"error with certificate - error %d at depth %d\n%s\n", err,X509_STORE_CTX_get_error_depth(ctx), X509_verify_cert_error_string(err)); return(1); diff --git a/bugs/sgiccbug.c b/bugs/sgiccbug.c index 48bd0605d..178239d49 100644 --- a/bugs/sgiccbug.c +++ b/bugs/sgiccbug.c @@ -7,6 +7,8 @@ /* This compiler bug it present on IRIX 5.3, 5.1 and 4.0.5 (these are * the only versions of IRIX I have access to. * defining FIXBUG removes the bug. + * (bug is still present in IRIX 6.3 according to + * Gage <agage@forgetmenot.Mines.EDU> */ /* Compare the output from diff --git a/certs/vsign1.pem b/certs/vsign1.pem index 08c70f267..277894d1f 100644 --- a/certs/vsign1.pem +++ b/certs/vsign1.pem @@ -1,15 +1,17 @@ +subject=/C=US/O=VeriSign, Inc./OU=Class 1 Public Primary Certification Authority +notBefore=Jan 29 00:00:00 1996 GMT +notAfter=Jan 7 23:59:59 2020 GMT -----BEGIN CERTIFICATE----- -MIAwgKADAgECAgEAMA0GCSqGSIb3DQEBBAUAMGIxETAPBgNVBAcTCEludGVybmV0 -MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh -c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjAeFw05NjA0MDgxMDIwMjda -Fw05NzA0MDgxMDIwMjdaMGIxETAPBgNVBAcTCEludGVybmV0MRcwFQYDVQQKEw5W -ZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xhc3MgMSBDQSAtIElu -ZGl2aWR1YWwgU3Vic2NyaWJlcjCAMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2 -FKbPTdAFDdjKI9BvqrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7j -W80GqLd5HUQq7XPysVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cari -QPJUObwW7s987LrbP2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABAAAAADANBgkqhkiG -9w0BAQQFAAOBgQA+1nJryNt8VBRjRr07ArDAV/3jAH7GjDc9jsrxZS68ost9v06C -TvTNKGL+LISNmFLXl+JXhgGB0JZ9fvyYzNgHQ46HBUng1H6voalfJgS2KdEo50wW -8EFZYMDkT1k4uynwJqkVN2QJK/2q4/A/VCov5h6SlM8Affg2W+1TLqvqkwAA +MIICPDCCAaUCEDJQM89Q0VbzXIGtZVxPyCUwDQYJKoZIhvcNAQECBQAwXzELMAkG +A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz +cyAxIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2 +MDEyOTAwMDAwMFoXDTIwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV +BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmlt +YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN +ADCBiQKBgQDlGb9to1ZhLZlIcfZn3rmN67eehoAKkQ76OCWvRoiC5XOooJskXQ0f +zGVuDLDQVoQYh5oGmxChc9+0WDlrbsH2FdWoqD+qEgaNMax/sDTXjzRniAnNFBHi +TkVWaR94AoDa3EeRKbs2yWNcxeDXLYd7obcysHswuiovMaruo2fa2wIDAQABMA0G +CSqGSIb3DQEBAgUAA4GBAEtEZmBoZOSYG/OwcuaViXzde7OVwB0u2NgZ0C00PcZQ +mhCGjKo/O6gE/DdSlcPZydvN8oYGxLEb8IKIMEKOF1AcZHq4PplJdJf8rAJD+5YM +VgQlDHx8h50kp9jwMim1pN9dokzFFjKoQvZFprY2ueC/ZTaTwtLXa9zeWdaiNfhF -----END CERTIFICATE----- - diff --git a/certs/vsign2.pem b/certs/vsign2.pem index 2386e149d..d8bdd8c81 100644 --- a/certs/vsign2.pem +++ b/certs/vsign2.pem @@ -1,31 +1,18 @@ - subject=/L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber - issuer= /L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber - +subject=/C=US/O=VeriSign, Inc./OU=Class 2 Public Primary Certification Authority +notBefore=Jan 29 00:00:00 1996 GMT +notAfter=Jan 7 23:59:59 2004 GMT -----BEGIN CERTIFICATE----- -MIIEkzCCA/ygAwIBAgIRANDTUpSRL3nTFeMrMayFSPAwDQYJKoZIhvcNAQECBQAw -YjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQw -MgYDVQQLEytWZXJpU2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3Jp -YmVyMB4XDTk2MDYwNDAwMDAwMFoXDTk4MDYwNDIzNTk1OVowYjERMA8GA1UEBxMI -SW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJp -U2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMIGfMA0GCSqG -SIb3DQEBAQUAA4GNADCBiQKBgQC6A+2czKGRcYMfm8gdnk+0de99TDDzsqo0v5nb -RsbUmMcdRQ7nsMbRWe0SAb/9QoLTZ/cJ0iOBqdrkz7UpqqKarVoTSdlSMVM92tWp -3bJncZHQD1t4xd6lQVdI1/T6R+5J0T1ukOdsI9Jmf+F28S6g3R3L1SFwiHKeZKZv -z+793wIDAQABo4ICRzCCAkMwggIpBgNVHQMBAf8EggIdMIICGTCCAhUwggIRBgtg -hkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0ZXMg -YnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0IHRv -LCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1lbnQg -KENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQ -Uy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29tOyBv -ciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4sIE1v -dW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04ODMw -IENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0cyBS -ZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJQUJJ -TElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQECMC8w -LRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMDAU -BglghkgBhvhCAQEBAf8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEApRJRkNBqLLgs -53IR/d18ODdLOWMTZ+QOOxBrq460iBEdUwgF8vmPRX1ku7UiDeNzaLlurE6eFqHq -2zPyK5j60zfTLVJMWKcQWwTJLjHtXrW8pxhNtFc6Fdvy5ZkHnC/9NIl7/t4U6WqB -p4y+p7SdMIkEwIZfds0VbnQyX5MRUJY= +MIICPTCCAaYCEQC6WslMBTuS1qe2307QU5INMA0GCSqGSIb3DQEBAgUAMF8xCzAJ +BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xh +c3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05 +NjAxMjkwMDAwMDBaFw0wNDAxMDcyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYD +VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMiBQdWJsaWMgUHJp +bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOB +jQAwgYkCgYEAtlqLow1qI4OAa885h/QhEzMGTCWi7VUSl8WngLn6g8EgoPovFQ18 +oWBrfnks+gYPOq72G2+x0v8vKFJfg31LxHq3+GYfgFT8t8KOWUoUV0bRmpO+QZED +uxWAk1zr58wIbD8+s0r8/0tsI9VQgiZEGY4jw3HqGSRHBJ51v8imAB8CAwEAATAN +BgkqhkiG9w0BAQIFAAOBgQC2AB+TV6QHp0DOZUA/VV7t7/pUSaUw1iF8YYfug5ML +v7Qz8pisnwa/TqjOFIFMywROWMPPX+5815pvy0GKt3+BuP+EYcYnQ2UdDOyxAArd +G6S7x3ggKLKi3TaVLuFUT79guXdoEZkj6OpS6KoATmdOu5C1RZtG644W78QzWzM9 +1Q== -----END CERTIFICATE----- - diff --git a/certs/vsign3.pem b/certs/vsign3.pem index e6e31879c..aa5bb4c1f 100644 --- a/certs/vsign3.pem +++ b/certs/vsign3.pem @@ -1,16 +1,18 @@ - subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority - issuer= /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority +subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority +notBefore=Jan 29 00:00:00 1996 GMT +notAfter=Jan 7 23:59:59 2004 GMT -----BEGIN CERTIFICATE----- -MIICMTCCAZoCBQKhAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw -FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMg -UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa -Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln -biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyVxZ -nvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqoRAWq7AMfeH+ek7ma -AKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4rCNfcCk2pMmG57Ga -IMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATANBgkqhkiG9w0BAQIF -AAOBgQB1Zmw+0c2B27X4LzZRtvdCvM1Cr9wO+hVs+GeTVzrrtpLotgHKjLeOQ7RJ -Zfk+7r11Ri7J/CVdqMcvi5uPaM+0nJcYwE3vH9mvgrPmZLiEXIqaB1JDYft0nls6 -NvxMsvwaPxUupVs8G5DsiCnkWRb5zget7Ond2tIxik/W2O8XjQ== +MIICPTCCAaYCEQDknv3zOugOz6URPhmkJAIyMA0GCSqGSIb3DQEBAgUAMF8xCzAJ +BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xh +c3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05 +NjAxMjkwMDAwMDBaFw0wNDAxMDcyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYD +VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJp +bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOB +jQAwgYkCgYEAyVxZnvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqo +RAWq7AMfeH+ek7maAKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4 +rCNfcCk2pMmG57GaIMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATAN +BgkqhkiG9w0BAQIFAAOBgQBhcOwvP579K+ZoVCGwZ3kIDCCWMYoNer62Jt95LCJp +STbjl3diYaIy13pUITa6Ask05yXaRDWw0lyAXbOU+Pms7qRgdSoflUkjsUp89LNH +ciFbfperVKxi513srpvSybIk+4Kt6WcVS7qqpvCXoPawl1cAyAw8CaCCBLpB2veZ +pA== -----END CERTIFICATE----- @@ -4,6 +4,9 @@ # which then automatically runs Configure from SSLeay after # mapping the Apache names for OSs into SSLeay names # +# 29-May-97 eay Added no-asm option +# 27-May-97 eay Alpha linux mods +# ??-May-97 eay IRIX mods # 16-Sep-97 tjh first cut of merged version # # Tim Hudson @@ -30,7 +33,6 @@ RELEASE=`(uname -r) 2>/dev/null` || RELEASE="unknown" SYSTEM=`(uname -s) 2>/dev/null` || SYSTEM="unknown" VERSION=`(uname -v) 2>/dev/null` || VERSION="unknown" - # Now test for ISC and SCO, since it is has a braindamaged uname. # # We need to work around FreeBSD 1.1.5.1 @@ -252,7 +254,27 @@ do case "$i" in -d*) PREFIX="debug-";; -v*) VERBOSE="true";; --n*|-t*) TEST="true";; +-t*) TEST="true";; +-h*) cat <<EOF +usage: config [options] + -d Add a debug- prefix to machine choice. + -v Verbose mode. + -t Test mode, do not run the Configure perl script. + -h This help. + +Any other text will be passed to ther Configure perl script. +Usefull options include + no-asm Build with no assember code. + -Dxxx Add xxx define to compilation. + -Lxxx Add xxx library include path to build. + -lxxx Add xxx library to build. + +eg, to build using RSAref, without assember, building to allow anon-DH +ciphers and null encryption ciphers, + config no-asm -DRSAref -DSSL_ALLOW_ADH -DSSL_ALLOW_ENULL -lrsaref +EOF +;; +*) options=$options" $i" ;; esac done @@ -276,6 +298,7 @@ fi # script above so we end up with values in vars but that would take # more time that I want to waste at the moment case "$GUESSOS" in + alpha-*-linux2) OUT="alpha-gcc" ;; *-*-linux2) OUT="linux-elf" ;; *-*-linux) OUT="linux-aout" ;; sun4*-sun-solaris2) OUT="solaris-sparc-$CC" ;; @@ -285,11 +308,15 @@ case "$GUESSOS" in *86*-*-netbsd) OUT="NetBSD-x86" ;; sun3*-*-netbsd) OUT="NetBSD-m68" ;; *-*-netbsd) OUT="NetBSD-sparc" ;; - *-*-osf) OUT="alpha-$CC" ;; + *86*-*-openbsd) OUT="OpenBSD-x86" ;; + alpha*-*-openbsd) OUT="OpenBSD-alpha" ;; + pmax*-*-openbsd) OUT="OpenBSD-mips" ;; + *-*-openbsd) OUT="OpenBSD" ;; + *-*-osf) OUT="alpha-cc" ;; *-*-unixware*) OUT="unixware-2.0" ;; *-sni-sysv4) OUT="SINIX" ;; + *-hpux*) OUT="hpux-$CC" ;; # these are all covered by the catchall below - # *-hpux) OUT="hpux-$CC" ;; # *-aix) OUT="aix-$CC" ;; # *-dgux) OUT="dgux" ;; *) OUT=`echo $GUESSOS | awk -F- '{print $3}'`;; @@ -302,7 +329,7 @@ fi # run Configure to check to see if we need to specify the # compiler for the platform ... in which case we add it on # the end ... otherwise we leave it off -./Configure 2>&1 | grep '$OUT-$CC' > /dev/null +perl ./Configure 2>&1 | grep "$OUT-$CC" > /dev/null if [ $? = "0" ]; then OUT="$OUT-$CC" fi @@ -315,9 +342,9 @@ OUT="$PREFIX$OUT" echo Configuring for $OUT if [ "$TEST" = "true" ]; then - echo ./Configure $OUT + echo ./Configure $OUT $options else - ./Configure $OUT + perl ./Configure $OUT $options fi ) diff --git a/crypto/Makefile.ssl b/crypto/Makefile.ssl index efdbba38a..ab821e2cc 100644 --- a/crypto/Makefile.ssl +++ b/crypto/Makefile.ssl @@ -22,7 +22,7 @@ MAKEFILE= Makefile.ssl PEX_LIBS= EX_LIBS= -CFLAGS= $(INCLUDE) $(CFLAG) -DCFLAGS=" \"$(CC) $(CFLAG)\" " +CFLAGS= $(INCLUDE) $(CFLAG) -DCFLAGS=" \"$(CC) $(CFLAG)\" " -DPLATFORM=" \"$(PLATFORM)\" " ERR=crypto ERRC=cpt_err @@ -34,17 +34,17 @@ SDIRS= md2 md5 sha mdc2 hmac ripemd \ bn rsa dsa dh \ buffer bio stack lhash rand err objects \ evp pem x509 \ - asn1 conf txt_db pkcs7 + asn1 conf txt_db pkcs7 comp GENERAL=Makefile README LIB= $(TOP)/libcrypto.a -LIBSRC= cryptlib.c mem.c cversion.c ex_data.c $(ERRC).c -LIBOBJ= cryptlib.o mem.o cversion.o ex_data.o $(ERRC).o +LIBSRC= cryptlib.c mem.c cversion.c ex_data.c tmdiff.c $(ERRC).c +LIBOBJ= cryptlib.o mem.o cversion.o ex_data.o tmdiff.o $(ERRC).o SRC= $(LIBSRC) -EXHEADER= crypto.h cryptall.h +EXHEADER= crypto.h cryptall.h tmdiff.h HEADER= cryptlib.h date.h $(EXHEADER) ALL= $(GENERAL) $(SRC) $(HEADER) @@ -61,7 +61,7 @@ subdirs: @for i in $(SDIRS) ;\ do \ (cd $$i; echo "making all in $$i..."; \ - $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' all ); \ + $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' all ); \ done; files: diff --git a/crypto/asn1/Makefile.ssl b/crypto/asn1/Makefile.ssl index 30751bd15..1e9951fc5 100644 --- a/crypto/asn1/Makefile.ssl +++ b/crypto/asn1/Makefile.ssl @@ -23,7 +23,7 @@ APPS= LIB=$(TOP)/libcrypto.a LIBSRC= a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c \ - a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c \ + a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_bmp.c \ a_sign.c a_digest.c a_verify.c \ x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c \ x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c \ @@ -38,7 +38,7 @@ LIBSRC= a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c \ asn1_par.c asn1_lib.c $(ERRC).c a_meth.c a_bytes.c \ evp_asn1.c LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_int.o a_octet.o a_print.o \ - a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o \ + a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o a_bmp.o \ a_sign.o a_digest.o a_verify.o \ x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o \ x_name.o x_cinf.o x_x509.o x_crl.o x_info.o x_spki.o \ diff --git a/crypto/asn1/a_bitstr.c b/crypto/asn1/a_bitstr.c index 2c1012065..275de43eb 100644 --- a/crypto/asn1/a_bitstr.c +++ b/crypto/asn1/a_bitstr.c @@ -68,27 +68,50 @@ int i2d_ASN1_BIT_STRING(a,pp) ASN1_BIT_STRING *a; unsigned char **pp; { - int ret,j,r,bits; + int ret,j,r,bits,len; unsigned char *p,*d; if (a == NULL) return(0); - /* our bit strings are always a multiple of 8 :-) */ - bits=0; - ret=1+a->length; + len=a->length; + + if (len > 0) + { + if (a->flags & ASN1_STRING_FLAG_BITS_LEFT) + { + bits=(int)a->flags&0x07; + } + else + { + for ( ; len > 0; len--) + { + if (a->data[len-1]) break; + } + j=a->data[len-1]; + if (j & 0x01) bits=0; + else if (j & 0x02) bits=1; + else if (j & 0x04) bits=2; + else if (j & 0x08) bits=3; + else if (j & 0x10) bits=4; + else if (j & 0x20) bits=5; + else if (j & 0x40) bits=6; + else if (j & 0x80) bits=7; + else bits=0; /* should not happen */ + } + } + else + bits=0; + ret=1+len; r=ASN1_object_size(0,ret,V_ASN1_BIT_STRING); if (pp == NULL) return(r); p= *pp; ASN1_put_object(&p,0,ret,V_ASN1_BIT_STRING,V_ASN1_UNIVERSAL); - if (bits == 0) - j=0; - else j=8-bits; - *(p++)=(unsigned char)j; + *(p++)=(unsigned char)bits; d=a->data; - memcpy(p,d,a->length); - p+=a->length; - if (a->length > 0) p[-1]&=(0xff<<j); + memcpy(p,d,len); + p+=len; + if (len > 0) p[-1]&=(0xff<<bits); *pp=p; return(r); } @@ -127,6 +150,12 @@ long length; if (len < 1) { i=ASN1_R_STRING_TOO_SHORT; goto err; } i= *(p++); + /* We do this to preserve the settings. If we modify + * the settings, via the _set_bit function, we will recalculate + * on output */ + ret->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear */ + ret->flags|=(ASN1_STRING_FLAG_BITS_LEFT|(i&0x07)); /* set */ + if (len-- > 1) /* using one because of the bits left byte */ { s=(unsigned char *)Malloc((int)len); @@ -170,6 +199,8 @@ int value; v=1<<(7-(n&0x07)); iv= ~v; + a->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear, set on write */ + if (a == NULL) return(0); if ((a->length < (w+1)) || (a->data == NULL)) { diff --git a/crypto/asn1/a_bmp.c b/crypto/asn1/a_bmp.c index 774502b1f..76a6f1cd6 100644 --- a/crypto/asn1/a_bmp.c +++ b/crypto/asn1/a_bmp.c @@ -79,10 +79,10 @@ long length; ASN1_BMPSTRING *ret=NULL; ret=(ASN1_BMPSTRING *)d2i_ASN1_bytes((ASN1_STRING **)a, - pp,length,V_ASN1_BMPSTRING,V_ASN1_UNIVERSAL); + pp,length,V_ASN1_BMPSTRING,V_ASN1_UNIVERSAL); if (ret == NULL) { - ASN1err(ASN1_F_D2I_ASN1_BMPSTRING,ASN1_R_ERROR_STACK); + ASN1err(ASN1_F_D2I_ASN1_BMPSTRING,ERR_R_NESTED_ASN1_ERROR); return(NULL); } return(ret); diff --git a/crypto/asn1/a_bytes.c b/crypto/asn1/a_bytes.c index 14168d61a..6bfa98334 100644 --- a/crypto/asn1/a_bytes.c +++ b/crypto/asn1/a_bytes.c @@ -60,9 +60,7 @@ #include "cryptlib.h" #include "asn1_mac.h" -/* ASN1err(ASN1_F_ASN1_TYPE_NEW,ASN1_R_ERROR_STACK); - * ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES,ASN1_R_ERROR_STACK); - * ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES,ASN1_R_WRONG_TYPE); +/* ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES,ASN1_R_WRONG_TYPE); * ASN1err(ASN1_F_ASN1_COLLATE_PRIMATIVE,ASN1_R_WRONG_TAG); */ diff --git a/crypto/asn1/a_hdr.c b/crypto/asn1/a_hdr.c index 4fb7a5fa7..e9de2838d 100644 --- a/crypto/asn1/a_hdr.c +++ b/crypto/asn1/a_hdr.c @@ -62,10 +62,10 @@ #include "asn1.h" /* - * ASN1err(ASN1_F_D2I_ASN1_HEADER,ASN1_R_LENGTH_MISMATCH); - * ASN1err(ASN1_F_I2D_ASN1_HEADER,ASN1_R_BAD_GET_OBJECT); - * ASN1err(ASN1_F_I2D_ASN1_HEADER,ASN1_R_BAD_GET_OBJECT); - * ASN1err(ASN1_F_ASN1_HEADER_NEW,ASN1_R_BAD_GET_OBJECT); + * ASN1err(ASN1_F_D2I_ASN1_HEADER,ERR_R_ASN1_LENGTH_MISMATCH); + * ASN1err(ASN1_F_I2D_ASN1_HEADER,ERR_R_BAD_GET_ASN1_OBJECT_CALL); + * ASN1err(ASN1_F_I2D_ASN1_HEADER,ERR_R_BAD_GET_ASN1_OBJECT_CALL); + * ASN1err(ASN1_F_ASN1_HEADER_NEW,ERR_R_BAD_GET_ASN1_OBJECT_CALL); */ int i2d_ASN1_HEADER(a,pp) @@ -110,6 +110,7 @@ long length; ASN1_HEADER *ASN1_HEADER_new() { ASN1_HEADER *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,ASN1_HEADER); M_ASN1_New(ret->header,ASN1_OCTET_STRING_new); diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c index df79cf99b..e847efee8 100644 --- a/crypto/asn1/a_int.c +++ b/crypto/asn1/a_int.c @@ -279,7 +279,7 @@ ASN1_INTEGER *ai; ret=ai; if (ret == NULL) { - ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ASN1_R_ERROR_STACK); + ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_NESTED_ASN1_ERROR); goto err; } ret->type=V_ASN1_INTEGER; diff --git a/crypto/asn1/a_object.c b/crypto/asn1/a_object.c index 5a7eeef8d..a476960d9 100644 --- a/crypto/asn1/a_object.c +++ b/crypto/asn1/a_object.c @@ -382,8 +382,8 @@ char *sn,*ln; o.data=data; o.nid=nid; o.length=len; - o.flags=ASN1_OBJECT_FLAG_DYNAMIC| - ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|ASN1_OBJECT_FLAG_DYNAMIC_DATA; + o.flags=ASN1_OBJECT_FLAG_DYNAMIC|ASN1_OBJECT_FLAG_DYNAMIC_STRINGS| + ASN1_OBJECT_FLAG_DYNAMIC_DATA; return(OBJ_dup(&o)); } diff --git a/crypto/asn1/a_octet.c b/crypto/asn1/a_octet.c index be3f172a8..5954c7bee 100644 --- a/crypto/asn1/a_octet.c +++ b/crypto/asn1/a_octet.c @@ -82,7 +82,7 @@ long length; pp,length,V_ASN1_OCTET_STRING,V_ASN1_UNIVERSAL); if (ret == NULL) { - ASN1err(ASN1_F_D2I_ASN1_OCTET_STRING,ASN1_R_ERROR_STACK); + ASN1err(ASN1_F_D2I_ASN1_OCTET_STRING,ERR_R_NESTED_ASN1_ERROR); return(NULL); } return(ret); diff --git a/crypto/asn1/a_set.c b/crypto/asn1/a_set.c index 17c49946c..7fd4807e5 100644 --- a/crypto/asn1/a_set.c +++ b/crypto/asn1/a_set.c @@ -89,11 +89,12 @@ int ex_class; return(r); } -STACK *d2i_ASN1_SET(a,pp,length,func,ex_tag,ex_class) +STACK *d2i_ASN1_SET(a,pp,length,func,free_func,ex_tag,ex_class) STACK **a; unsigned char **pp; long length; char *(*func)(); +void (*free_func)(); int ex_tag; int ex_class; { @@ -136,14 +137,25 @@ int ex_class; char *s; if (M_ASN1_D2I_end_sequence()) break; - if ((s=func(NULL,&c.p,c.slen,c.max-c.p)) == NULL) goto err; + if ((s=func(NULL,&c.p,c.slen,c.max-c.p)) == NULL) + { + ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_ERROR_PARSING_SET_ELEMENT); + asn1_add_error(*pp,(int)(c.q- *pp)); + goto err; + } if (!sk_push(ret,s)) goto err; } if (a != NULL) (*a)=ret; *pp=c.p; return(ret); err: - if ((ret != NULL) && ((a == NULL) || (*a != ret))) sk_free(ret); + if ((ret != NULL) && ((a == NULL) || (*a != ret))) + { + if (free_func != NULL) + sk_pop_free(ret,free_func); + else + sk_free(ret); + } return(NULL); } diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c index 02188e68c..c2ff9783a 100644 --- a/crypto/asn1/a_sign.c +++ b/crypto/asn1/a_sign.c @@ -136,7 +136,11 @@ EVP_MD *type; signature->data=buf_out; buf_out=NULL; signature->length=outl; - + /* In the interests of compatability, I'll make sure that + * the bit string has a 'not-used bits' value of 0 + */ + signature->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); + signature->flags|=ASN1_STRING_FLAG_BITS_LEFT; err: memset(&ctx,0,sizeof(ctx)); if (buf_in != NULL) diff --git a/crypto/asn1/a_type.c b/crypto/asn1/a_type.c index 7c0004084..7ddf5f991 100644 --- a/crypto/asn1/a_type.c +++ b/crypto/asn1/a_type.c @@ -60,9 +60,7 @@ #include "cryptlib.h" #include "asn1_mac.h" -/* ASN1err(ASN1_F_ASN1_TYPE_NEW,ASN1_R_ERROR_STACK); - * ASN1err(ASN1_F_D2I_ASN1_BYTES,ASN1_R_ERROR_STACK); - * ASN1err(ASN1_F_D2I_ASN1_BYTES,ASN1_R_WRONG_TAG); +/* ASN1err(ASN1_F_D2I_ASN1_BYTES,ASN1_R_WRONG_TAG); * ASN1err(ASN1_F_ASN1_COLLATE_PRIMATIVE,ASN1_R_WRONG_TAG); */ @@ -252,6 +250,7 @@ err: ASN1_TYPE *ASN1_TYPE_new() { ASN1_TYPE *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,ASN1_TYPE); ret->type= -1; @@ -304,14 +303,20 @@ ASN1_TYPE *a; case V_ASN1_NEG_INTEGER: case V_ASN1_BIT_STRING: case V_ASN1_OCTET_STRING: + case V_ASN1_SEQUENCE: + case V_ASN1_SET: + case V_ASN1_NUMERICSTRING: case V_ASN1_PRINTABLESTRING: case V_ASN1_T61STRING: + case V_ASN1_VIDEOTEXSTRING: case V_ASN1_IA5STRING: - case V_ASN1_UNIVERSALSTRING: - case V_ASN1_GENERALSTRING: case V_ASN1_UTCTIME: - case V_ASN1_SET: - case V_ASN1_SEQUENCE: + case V_ASN1_GENERALIZEDTIME: + case V_ASN1_GRAPHICSTRING: + case V_ASN1_VISIBLESTRING: + case V_ASN1_GENERALSTRING: + case V_ASN1_UNIVERSALSTRING: + case V_ASN1_BMPSTRING: ASN1_STRING_free((ASN1_STRING *)a->value.ptr); break; default: diff --git a/crypto/asn1/a_utctm.c b/crypto/asn1/a_utctm.c index 17a7abbb6..ddd1a4016 100644 --- a/crypto/asn1/a_utctm.c +++ b/crypto/asn1/a_utctm.c @@ -85,7 +85,7 @@ long length; V_ASN1_UTCTIME,V_ASN1_UNIVERSAL); if (ret == NULL) { - ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ASN1_R_ERROR_STACK); + ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ERR_R_NESTED_ASN1_ERROR); return(NULL); } if (!ASN1_UTCTIME_check(ret)) @@ -180,7 +180,7 @@ time_t t; { char *p; struct tm *ts; -#if defined(THREADS) +#if defined(THREADS) && !defined(WIN32) struct tm data; #endif @@ -189,7 +189,7 @@ time_t t; if (s == NULL) return(NULL); -#if defined(THREADS) +#if defined(THREADS) && !defined(WIN32) ts=(struct tm *)gmtime_r(&t,&data); #else ts=(struct tm *)gmtime(&t); diff --git a/crypto/asn1/asn1.err b/crypto/asn1/asn1.err index c8b701148..1f5af9694 100644 --- a/crypto/asn1/asn1.err +++ b/crypto/asn1/asn1.err @@ -126,57 +126,53 @@ /* Reason codes. */ #define ASN1_R_BAD_CLASS 100 -#define ASN1_R_BAD_GET_OBJECT 101 -#define ASN1_R_BAD_OBJECT_HEADER 102 -#define ASN1_R_BAD_PASSWORD_READ 103 -#define ASN1_R_BAD_PKCS7_CONTENT 104 -#define ASN1_R_BAD_PKCS7_TYPE 105 -#define ASN1_R_BAD_TAG 106 -#define ASN1_R_BAD_TYPE 107 -#define ASN1_R_BN_LIB 108 -#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 109 -#define ASN1_R_BUFFER_TOO_SMALL 110 -#define ASN1_R_DATA_IS_WRONG 111 -#define ASN1_R_DECODING_ERROR 112 -#define ASN1_R_ERROR_STACK 113 -#define ASN1_R_EXPECTING_AN_INTEGER 114 -#define ASN1_R_EXPECTING_AN_OBJECT 115 -#define ASN1_R_EXPECTING_AN_OCTET_STRING 116 -#define ASN1_R_EXPECTING_A_BIT_STRING 117 -#define ASN1_R_EXPECTING_A_BOOLEAN 118 -#define ASN1_R_EXPECTING_A_SEQUENCE 119 -#define ASN1_R_EXPECTING_A_UTCTIME 120 -#define ASN1_R_FIRST_NUM_TOO_LARGE 121 -#define ASN1_R_HEADER_TOO_LONG 122 -#define ASN1_R_INVALID_DIGIT 123 -#define ASN1_R_INVALID_SEPARATOR 124 -#define ASN1_R_INVALID_TIME_FORMAT 125 -#define ASN1_R_IV_TOO_LARGE 126 -#define ASN1_R_LENGTH_ERROR 127 -#define ASN1_R_LENGTH_MISMATCH 128 -#define ASN1_R_MISSING_EOS 129 -#define ASN1_R_MISSING_SECOND_NUMBER 130 -#define ASN1_R_NON_HEX_CHARACTERS 131 -#define ASN1_R_NOT_ENOUGH_DATA 132 -#define ASN1_R_ODD_NUMBER_OF_CHARS 133 -#define ASN1_R_PARSING 134 -#define ASN1_R_PRIVATE_KEY_HEADER_MISSING 135 -#define ASN1_R_SECOND_NUMBER_TOO_LARGE 136 -#define ASN1_R_SHORT_LINE 137 -#define ASN1_R_STRING_TOO_SHORT 138 -#define ASN1_R_TAG_VALUE_TOO_HIGH 139 -#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 140 -#define ASN1_R_TOO_LONG 141 -#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 142 -#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 143 -#define ASN1_R_UNKNOWN_ATTRIBUTE_TYPE 144 -#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 145 -#define ASN1_R_UNKNOWN_OBJECT_TYPE 146 -#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 147 -#define ASN1_R_UNSUPPORTED_CIPHER 148 -#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 149 -#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 150 -#define ASN1_R_UTCTIME_TOO_LONG 151 -#define ASN1_R_WRONG_PRINTABLE_TYPE 152 -#define ASN1_R_WRONG_TAG 153 -#define ASN1_R_WRONG_TYPE 154 +#define ASN1_R_BAD_OBJECT_HEADER 101 +#define ASN1_R_BAD_PASSWORD_READ 102 +#define ASN1_R_BAD_PKCS7_CONTENT 103 +#define ASN1_R_BAD_PKCS7_TYPE 104 +#define ASN1_R_BAD_TAG 105 +#define ASN1_R_BAD_TYPE 106 +#define ASN1_R_BN_LIB 107 +#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 108 +#define ASN1_R_BUFFER_TOO_SMALL 109 +#define ASN1_R_DATA_IS_WRONG 110 +#define ASN1_R_DECODING_ERROR 111 +#define ASN1_R_ERROR_PARSING_SET_ELEMENT 112 +#define ASN1_R_EXPECTING_AN_INTEGER 113 +#define ASN1_R_EXPECTING_AN_OBJECT 114 +#define ASN1_R_EXPECTING_AN_OCTET_STRING 115 +#define ASN1_R_EXPECTING_A_BIT_STRING 116 +#define ASN1_R_EXPECTING_A_BOOLEAN 117 +#define ASN1_R_EXPECTING_A_UTCTIME 118 +#define ASN1_R_FIRST_NUM_TOO_LARGE 119 +#define ASN1_R_HEADER_TOO_LONG 120 +#define ASN1_R_INVALID_DIGIT 121 +#define ASN1_R_INVALID_SEPARATOR 122 +#define ASN1_R_INVALID_TIME_FORMAT 123 +#define ASN1_R_IV_TOO_LARGE 124 +#define ASN1_R_LENGTH_ERROR 125 +#define ASN1_R_MISSING_SECOND_NUMBER 126 +#define ASN1_R_NON_HEX_CHARACTERS 127 +#define ASN1_R_NOT_ENOUGH_DATA 128 +#define ASN1_R_ODD_NUMBER_OF_CHARS 129 +#define ASN1_R_PARSING 130 +#define ASN1_R_PRIVATE_KEY_HEADER_MISSING 131 +#define ASN1_R_SECOND_NUMBER_TOO_LARGE 132 +#define ASN1_R_SHORT_LINE 133 +#define ASN1_R_STRING_TOO_SHORT 134 +#define ASN1_R_TAG_VALUE_TOO_HIGH 135 +#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 136 +#define ASN1_R_TOO_LONG 137 +#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 138 +#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 139 +#define ASN1_R_UNKNOWN_ATTRIBUTE_TYPE 140 +#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 141 +#define ASN1_R_UNKNOWN_OBJECT_TYPE 142 +#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 143 +#define ASN1_R_UNSUPPORTED_CIPHER 144 +#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 145 +#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 146 +#define ASN1_R_UTCTIME_TOO_LONG 147 +#define ASN1_R_WRONG_PRINTABLE_TYPE 148 +#define ASN1_R_WRONG_TAG 149 +#define ASN1_R_WRONG_TYPE 150 diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h index 9793db365..0aa1ca043 100644 --- a/crypto/asn1/asn1.h +++ b/crypto/asn1/asn1.h @@ -122,101 +122,6 @@ extern "C" { #define B_ASN1_BMPSTRING 0x0800 #define B_ASN1_UNKNOWN 0x1000 -#ifndef DEBUG - -#define ASN1_INTEGER ASN1_STRING -#define ASN1_BIT_STRING ASN1_STRING -#define ASN1_OCTET_STRING ASN1_STRING -#define ASN1_PRINTABLESTRING ASN1_STRING -#define ASN1_T61STRING ASN1_STRING -#define ASN1_IA5STRING ASN1_STRING -#define ASN1_UTCTIME ASN1_STRING -#define ASN1_GENERALIZEDTIME ASN1_STRING -#define ASN1_GENERALSTRING ASN1_STRING -#define ASN1_UNIVERSALSTRING ASN1_STRING -#define ASN1_BMPSTRING ASN1_STRING - -#else - -typedef struct asn1_integer_st - { - int length; - int type; - unsigned char *data; - } ASN1_INTEGER; - -typedef struct asn1_bit_string_st - { - int length; - int type; - unsigned char *data; - } ASN1_BIT_STRING; - -typedef struct asn1_octet_string_st - { - int length; - int type; - unsigned char *data; - } ASN1_OCTET_STRING; - -typedef struct asn1_printablestring_st - { - int length; - int type; - unsigned char *data; - } ASN1_PRINTABLESTRING; - -typedef struct asn1_t61string_st - { - int length; - int type; - unsigned char *data; - } ASN1_T61STRING; - -typedef struct asn1_ia5string_st - { - int length; - int type; - unsigned char *data; - } ASN1_IA5STRING; - -typedef struct asn1_generalstring_st - { - int length; - int type; - unsigned char *data; - } ASN1_GENERALSTRING; - -typedef struct asn1_universalstring_st - { - int length; - int type; - unsigned char *data; - } ASN1_UNIVERSALSTRING; - -typedef struct asn1_bmpstring_st - { - int length; - int type; - unsigned char *data; - } ASN1_BMPSTRING; - -typedef struct asn1_utctime_st - { - int length; - int type; - unsigned char *data; - } ASN1_UTCTIME; - -typedef struct asn1_generalizedtime_st - { - int length; - int type; - unsigned char *data; - } ASN1_GENERALIZEDTIME; - -#endif - typedef struct asn1_ctx_st { unsigned char *p;/* work char pointer */ @@ -229,6 +134,7 @@ typedef struct asn1_ctx_st unsigned char *max; /* largest value of p alowed */ unsigned char *q;/* temporary variable */ unsigned char **pp;/* variable */ + int line; /* used in error processing */ } ASN1_CTX; /* These are used internally in the ASN1_OBJECT to keep track of @@ -246,14 +152,46 @@ typedef struct asn1_object_st int flags; /* Should we free this one */ } ASN1_OBJECT; +#define ASN1_STRING_FLAG_BITS_LEFT 0x08 /* Set if 0x07 has bits left value */ /* This is the base type that holds just about everything :-) */ typedef struct asn1_string_st { int length; int type; unsigned char *data; + /* The value of the following field depends on the type being + * held. It is mostly being used for BIT_STRING so if the + * input data has a non-zero 'unused bits' value, it will be + * handled correctly */ + long flags; } ASN1_STRING; +#ifndef DEBUG +#define ASN1_INTEGER ASN1_STRING +#define ASN1_BIT_STRING ASN1_STRING +#define ASN1_OCTET_STRING ASN1_STRING +#define ASN1_PRINTABLESTRING ASN1_STRING +#define ASN1_T61STRING ASN1_STRING +#define ASN1_IA5STRING ASN1_STRING +#define ASN1_UTCTIME ASN1_STRING +#define ASN1_GENERALIZEDTIME ASN1_STRING +#define ASN1_GENERALSTRING ASN1_STRING +#define ASN1_UNIVERSALSTRING ASN1_STRING +#define ASN1_BMPSTRING ASN1_STRING +#else +typedef struct asn1_string_st ASN1_INTEGER; +typedef struct asn1_string_st ASN1_BIT_STRING; +typedef struct asn1_string_st ASN1_OCTET_STRING; +typedef struct asn1_string_st ASN1_PRINTABLESTRING; +typedef struct asn1_string_st ASN1_T61STRING; +typedef struct asn1_string_st ASN1_IA5STRING; +typedef struct asn1_string_st ASN1_GENERALSTRING; +typedef struct asn1_string_st ASN1_UNIVERSALSTRING; +typedef struct asn1_string_st ASN1_BMPSTRING; +typedef struct asn1_string_st ASN1_UTCTIME; +typedef struct asn1_string_st ASN1_GENERALIZEDTIME; +#endif + typedef struct asn1_type_st { int type; @@ -472,6 +410,10 @@ int i2d_ASN1_OCTET_STRING(ASN1_OCTET_STRING *a,unsigned char **pp); ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(ASN1_OCTET_STRING **a, unsigned char **pp,long length); +int i2d_ASN1_BMPSTRING(ASN1_BMPSTRING *a, unsigned char **pp); +ASN1_BMPSTRING *d2i_ASN1_BMPSTRING(ASN1_BMPSTRING **a, unsigned char **pp, + long length); + int i2d_ASN1_PRINTABLE(ASN1_STRING *a,unsigned char **pp); ASN1_STRING *d2i_ASN1_PRINTABLE(ASN1_STRING **a, unsigned char **pp, long l); @@ -491,7 +433,8 @@ ASN1_UTCTIME * d2i_ASN1_UTCTIME(ASN1_UTCTIME **a,unsigned char **pp, int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag, int ex_class); STACK * d2i_ASN1_SET(STACK **a, unsigned char **pp, long length, - char *(*func)(), int ex_tag, int ex_class); + char *(*func)(), void (*free_func)(), + int ex_tag, int ex_class); #ifdef HEADER_BIO_H int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a); @@ -666,6 +609,9 @@ int ASN1_TYPE_get_octetstring(); int ASN1_TYPE_set_int_octetstring(); int ASN1_TYPE_get_int_octetstring(); +int i2d_ASN1_BMPSTRING(); +ASN1_BMPSTRING *d2i_ASN1_BMPSTRING(); + #endif /* BEGIN ERROR CODES */ @@ -797,60 +743,56 @@ int ASN1_TYPE_get_int_octetstring(); /* Reason codes. */ #define ASN1_R_BAD_CLASS 100 -#define ASN1_R_BAD_GET_OBJECT 101 -#define ASN1_R_BAD_OBJECT_HEADER 102 -#define ASN1_R_BAD_PASSWORD_READ 103 -#define ASN1_R_BAD_PKCS7_CONTENT 104 -#define ASN1_R_BAD_PKCS7_TYPE 105 -#define ASN1_R_BAD_TAG 106 -#define ASN1_R_BAD_TYPE 107 -#define ASN1_R_BN_LIB 108 -#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 109 -#define ASN1_R_BUFFER_TOO_SMALL 110 -#define ASN1_R_DATA_IS_WRONG 111 -#define ASN1_R_DECODING_ERROR 112 -#define ASN1_R_ERROR_STACK 113 -#define ASN1_R_EXPECTING_AN_INTEGER 114 -#define ASN1_R_EXPECTING_AN_OBJECT 115 -#define ASN1_R_EXPECTING_AN_OCTET_STRING 116 -#define ASN1_R_EXPECTING_A_BIT_STRING 117 -#define ASN1_R_EXPECTING_A_BOOLEAN 118 -#define ASN1_R_EXPECTING_A_SEQUENCE 119 -#define ASN1_R_EXPECTING_A_UTCTIME 120 -#define ASN1_R_FIRST_NUM_TOO_LARGE 121 -#define ASN1_R_HEADER_TOO_LONG 122 -#define ASN1_R_INVALID_DIGIT 123 -#define ASN1_R_INVALID_SEPARATOR 124 -#define ASN1_R_INVALID_TIME_FORMAT 125 -#define ASN1_R_IV_TOO_LARGE 126 -#define ASN1_R_LENGTH_ERROR 127 -#define ASN1_R_LENGTH_MISMATCH 128 -#define ASN1_R_MISSING_EOS 129 -#define ASN1_R_MISSING_SECOND_NUMBER 130 -#define ASN1_R_NON_HEX_CHARACTERS 131 -#define ASN1_R_NOT_ENOUGH_DATA 132 -#define ASN1_R_ODD_NUMBER_OF_CHARS 133 -#define ASN1_R_PARSING 134 -#define ASN1_R_PRIVATE_KEY_HEADER_MISSING 135 -#define ASN1_R_SECOND_NUMBER_TOO_LARGE 136 -#define ASN1_R_SHORT_LINE 137 -#define ASN1_R_STRING_TOO_SHORT 138 -#define ASN1_R_TAG_VALUE_TOO_HIGH 139 -#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 140 -#define ASN1_R_TOO_LONG 141 -#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 142 -#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 143 -#define ASN1_R_UNKNOWN_ATTRIBUTE_TYPE 144 -#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 145 -#define ASN1_R_UNKNOWN_OBJECT_TYPE 146 -#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 147 -#define ASN1_R_UNSUPPORTED_CIPHER 148 -#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 149 -#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 150 -#define ASN1_R_UTCTIME_TOO_LONG 151 -#define ASN1_R_WRONG_PRINTABLE_TYPE 152 -#define ASN1_R_WRONG_TAG 153 -#define ASN1_R_WRONG_TYPE 154 +#define ASN1_R_BAD_OBJECT_HEADER 101 +#define ASN1_R_BAD_PASSWORD_READ 102 +#define ASN1_R_BAD_PKCS7_CONTENT 103 +#define ASN1_R_BAD_PKCS7_TYPE 104 +#define ASN1_R_BAD_TAG 105 +#define ASN1_R_BAD_TYPE 106 +#define ASN1_R_BN_LIB 107 +#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 108 +#define ASN1_R_BUFFER_TOO_SMALL 109 +#define ASN1_R_DATA_IS_WRONG 110 +#define ASN1_R_DECODING_ERROR 111 +#define ASN1_R_ERROR_PARSING_SET_ELEMENT 112 +#define ASN1_R_EXPECTING_AN_INTEGER 113 +#define ASN1_R_EXPECTING_AN_OBJECT 114 +#define ASN1_R_EXPECTING_AN_OCTET_STRING 115 +#define ASN1_R_EXPECTING_A_BIT_STRING 116 +#define ASN1_R_EXPECTING_A_BOOLEAN 117 +#define ASN1_R_EXPECTING_A_UTCTIME 118 +#define ASN1_R_FIRST_NUM_TOO_LARGE 119 +#define ASN1_R_HEADER_TOO_LONG 120 +#define ASN1_R_INVALID_DIGIT 121 +#define ASN1_R_INVALID_SEPARATOR 122 +#define ASN1_R_INVALID_TIME_FORMAT 123 +#define ASN1_R_IV_TOO_LARGE 124 +#define ASN1_R_LENGTH_ERROR 125 +#define ASN1_R_MISSING_SECOND_NUMBER 126 +#define ASN1_R_NON_HEX_CHARACTERS 127 +#define ASN1_R_NOT_ENOUGH_DATA 128 +#define ASN1_R_ODD_NUMBER_OF_CHARS 129 +#define ASN1_R_PARSING 130 +#define ASN1_R_PRIVATE_KEY_HEADER_MISSING 131 +#define ASN1_R_SECOND_NUMBER_TOO_LARGE 132 +#define ASN1_R_SHORT_LINE 133 +#define ASN1_R_STRING_TOO_SHORT 134 +#define ASN1_R_TAG_VALUE_TOO_HIGH 135 +#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 136 +#define ASN1_R_TOO_LONG 137 +#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 138 +#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 139 +#define ASN1_R_UNKNOWN_ATTRIBUTE_TYPE 140 +#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 141 +#define ASN1_R_UNKNOWN_OBJECT_TYPE 142 +#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 143 +#define ASN1_R_UNSUPPORTED_CIPHER 144 +#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 145 +#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 146 +#define ASN1_R_UTCTIME_TOO_LONG 147 +#define ASN1_R_WRONG_PRINTABLE_TYPE 148 +#define ASN1_R_WRONG_TAG 149 +#define ASN1_R_WRONG_TYPE 150 #ifdef __cplusplus } diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c index 03c2858e7..b7818f847 100644 --- a/crypto/asn1/asn1_err.c +++ b/crypto/asn1/asn1_err.c @@ -87,7 +87,7 @@ static ERR_STRING_DATA ASN1_str_functs[]= {ERR_PACK(0,ASN1_F_ASN1_VERIFY,0), "ASN1_VERIFY"}, {ERR_PACK(0,ASN1_F_BN_TO_ASN1_INTEGER,0), "BN_to_ASN1_INTEGER"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_BIT_STRING,0), "d2i_ASN1_BIT_STRING"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_BMPSTRING,0), "D2I_ASN1_BMPSTRING"}, +{ERR_PACK(0,ASN1_F_D2I_ASN1_BMPSTRING,0), "d2i_ASN1_BMPSTRING"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_BOOLEAN,0), "d2i_ASN1_BOOLEAN"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_BYTES,0), "d2i_ASN1_bytes"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_HEADER,0), "d2i_ASN1_HEADER"}, @@ -191,7 +191,6 @@ static ERR_STRING_DATA ASN1_str_functs[]= static ERR_STRING_DATA ASN1_str_reasons[]= { {ASN1_R_BAD_CLASS ,"bad class"}, -{ASN1_R_BAD_GET_OBJECT ,"bad get object"}, {ASN1_R_BAD_OBJECT_HEADER ,"bad object header"}, {ASN1_R_BAD_PASSWORD_READ ,"bad password read"}, {ASN1_R_BAD_PKCS7_CONTENT ,"bad pkcs7 content"}, @@ -203,13 +202,12 @@ static ERR_STRING_DATA ASN1_str_reasons[]= {ASN1_R_BUFFER_TOO_SMALL ,"buffer too small"}, {ASN1_R_DATA_IS_WRONG ,"data is wrong"}, {ASN1_R_DECODING_ERROR ,"decoding error"}, -{ASN1_R_ERROR_STACK ,"error stack"}, +{ASN1_R_ERROR_PARSING_SET_ELEMENT ,"error parsing set element"}, {ASN1_R_EXPECTING_AN_INTEGER ,"expecting an integer"}, {ASN1_R_EXPECTING_AN_OBJECT ,"expecting an object"}, {ASN1_R_EXPECTING_AN_OCTET_STRING ,"expecting an octet string"}, {ASN1_R_EXPECTING_A_BIT_STRING ,"expecting a bit string"}, {ASN1_R_EXPECTING_A_BOOLEAN ,"expecting a boolean"}, -{ASN1_R_EXPECTING_A_SEQUENCE ,"expecting a sequence"}, {ASN1_R_EXPECTING_A_UTCTIME ,"expecting a utctime"}, {ASN1_R_FIRST_NUM_TOO_LARGE ,"first num too large"}, {ASN1_R_HEADER_TOO_LONG ,"header too long"}, @@ -218,8 +216,6 @@ static ERR_STRING_DATA ASN1_str_reasons[]= {ASN1_R_INVALID_TIME_FORMAT ,"invalid time format"}, {ASN1_R_IV_TOO_LARGE ,"iv too large"}, {ASN1_R_LENGTH_ERROR ,"length error"}, -{ASN1_R_LENGTH_MISMATCH ,"length mismatch"}, -{ASN1_R_MISSING_EOS ,"missing eos"}, {ASN1_R_MISSING_SECOND_NUMBER ,"missing second number"}, {ASN1_R_NON_HEX_CHARACTERS ,"non hex characters"}, {ASN1_R_NOT_ENOUGH_DATA ,"not enough data"}, @@ -254,8 +250,8 @@ void ERR_load_ASN1_strings() { static int init=1; - if (init); - {; + if (init) + { init=0; #ifndef NO_ERR ERR_load_strings(ERR_LIB_ASN1,ASN1_str_functs); diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c index ff30b2583..bc34cc4fe 100644 --- a/crypto/asn1/asn1_lib.c +++ b/crypto/asn1/asn1_lib.c @@ -69,7 +69,7 @@ static int asn1_get_length(); static void asn1_put_length(); #endif -char *ASN1_version="ASN1 part of SSLeay 0.9.0b 29-Jun-1998"; +char *ASN1_version="ASN1 part of SSLeay 0.9.1a 06-Jul-1998"; int ASN1_check_infinite_end(p,len) unsigned char **p; @@ -130,11 +130,13 @@ long omax; *pclass=xclass; if (!asn1_get_length(&p,&inf,plength,(int)max)) goto err; -#ifdef undef - fprintf(stderr,"p=%d + *plength=%d > omax=%d + *pp=%d (%d > %d)\n", - p,*plength,omax,*pp,(p+ *plength),omax+ *pp); +#if 0 + fprintf(stderr,"p=%d + *plength=%ld > omax=%ld + *pp=%d (%d > %d)\n", + (int)p,*plength,omax,(int)*pp,(int)(p+ *plength), + (int)(omax+ *pp)); #endif +#if 0 if ((p+ *plength) > (omax+ *pp)) { ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG); @@ -142,8 +144,9 @@ long omax; * the values are set correctly */ ret|=0x80; } +#endif *pp=p; - return(ret+inf); + return(ret|inf); err: ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_HEADER_TOO_LONG); return(0x80); @@ -284,14 +287,14 @@ ASN1_CTX *c; { if (!ASN1_check_infinite_end(&c->p,c->slen)) { - c->error=ASN1_R_MISSING_EOS; + c->error=ERR_R_MISSING_ASN1_EOS; return(0); } } if ( ((c->slen != 0) && !(c->inf & 1)) || ((c->slen < 0) && (c->inf & 1))) { - c->error=ASN1_R_LENGTH_MISMATCH; + c->error=ERR_R_ASN1_LENGTH_MISMATCH; return(0); } return(1); @@ -308,18 +311,18 @@ long *length; *length); if (c->inf & 0x80) { - c->error=ASN1_R_BAD_GET_OBJECT; + c->error=ERR_R_BAD_GET_ASN1_OBJECT_CALL; return(0); } if (c->tag != V_ASN1_SEQUENCE) { - c->error=ASN1_R_EXPECTING_A_SEQUENCE; + c->error=ERR_R_EXPECTING_AN_ASN1_SEQUENCE; return(0); } (*length)-=(c->p-q); if (c->max && (*length < 0)) { - c->error=ASN1_R_LENGTH_MISMATCH; + c->error=ERR_R_ASN1_LENGTH_MISMATCH; return(0); } if (c->inf == (1|V_ASN1_CONSTRUCTED)) @@ -402,6 +405,7 @@ int type; ret->length=0; ret->type=type; ret->data=NULL; + ret->flags=0; return(ret); } diff --git a/crypto/asn1/asn1_mac.h b/crypto/asn1/asn1_mac.h index 4fba70e4b..4e6115224 100644 --- a/crypto/asn1/asn1_mac.h +++ b/crypto/asn1/asn1_mac.h @@ -67,14 +67,23 @@ extern "C" { #include "x509.h" #include "pkcs7.h" +#ifndef ASN1_MAC_ERR_LIB +#define ASN1_MAC_ERR_LIB ERR_LIB_ASN1 +#endif + +#define ASN1_MAC_H_err(f,r,line) \ + ERR_PUT_error(ASN1_MAC_ERR_LIB,(f),(r),ERR_file_name,(line)) + #define M_ASN1_D2I_vars(a,type,func) \ ASN1_CTX c; \ type ret=NULL; \ \ c.pp=pp; \ - c.error=ASN1_R_ERROR_STACK; \ + c.q= *pp; \ + c.error=ERR_R_NESTED_ASN1_ERROR; \ if ((a == NULL) || ((*a) == NULL)) \ - { if ((ret=(type)func()) == NULL) goto err; } \ + { if ((ret=(type)func()) == NULL) \ + { c.line=__LINE__; goto err; } } \ else ret=(*a); #define M_ASN1_D2I_Init() \ @@ -82,7 +91,8 @@ extern "C" { c.max=(length == 0)?0:(c.p+length); #define M_ASN1_D2I_Finish_2(a) \ - if (!asn1_Finish(&c)) goto err; \ + if (!asn1_Finish(&c)) \ + { c.line=__LINE__; goto err; } \ *pp=c.p; \ if (a != NULL) (*a)=ret; \ return(ret); @@ -90,21 +100,31 @@ extern "C" { #define M_ASN1_D2I_Finish(a,func,e) \ M_ASN1_D2I_Finish_2(a); \ err:\ - ASN1err((e),c.error); \ + ASN1_MAC_H_err((e),c.error,c.line); \ asn1_add_error(*pp,(int)(c.q- *pp)); \ if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \ return(NULL) #define M_ASN1_D2I_start_sequence() \ - if (!asn1_GetSequence(&c,&length)) goto err; + if (!asn1_GetSequence(&c,&length)) \ + { c.line=__LINE__; goto err; } #define M_ASN1_D2I_end_sequence() \ (((c.inf&1) == 0)?(c.slen <= 0): \ (c.eos=ASN1_check_infinite_end(&c.p,c.slen))) +/* Don't use this with d2i_ASN1_BOOLEAN() */ #define M_ASN1_D2I_get(b,func) \ c.q=c.p; \ - if (func(&(b),&c.p,c.slen) == NULL) goto err; \ + if (func(&(b),&c.p,c.slen) == NULL) \ + {c.line=__LINE__; goto err; } \ + c.slen-=(c.p-c.q); + +/* use this instead () */ +#define M_ASN1_D2I_get_int(b,func) \ + c.q=c.p; \ + if (func(&(b),&c.p,c.slen) < 0) \ + {c.line=__LINE__; goto err; } \ c.slen-=(c.p-c.q); #define M_ASN1_D2I_get_opt(b,func,type) \ @@ -125,38 +145,56 @@ err:\ M_ASN1_next_prev=tmp; \ } -#define M_ASN1_D2I_get_set(r,func) \ - M_ASN1_D2I_get_imp_set(r,func,V_ASN1_SET,V_ASN1_UNIVERSAL); +#define M_ASN1_D2I_get_set(r,func,free_func) \ + M_ASN1_D2I_get_imp_set(r,func,free_func, \ + V_ASN1_SET,V_ASN1_UNIVERSAL); + +#define M_ASN1_D2I_get_set_opt(r,func,free_func) \ + if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \ + V_ASN1_CONSTRUCTED|V_ASN1_SET)))\ + { M_ASN1_D2I_get_set(r,func,free_func); } + +#define M_ASN1_I2D_len_SET_opt(a,f) \ + if ((a != NULL) && (sk_num(a) != 0)) \ + M_ASN1_I2D_len_SET(a,f); + +#define M_ASN1_I2D_put_SET_opt(a,f) \ + if ((a != NULL) && (sk_num(a) != 0)) \ + M_ASN1_I2D_put_SET(a,f); -#define M_ASN1_D2I_get_IMP_set_opt(b,func,tag) \ +#define M_ASN1_D2I_get_IMP_set_opt(b,func,free_func,tag) \ if ((c.slen != 0) && \ (M_ASN1_next == \ (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\ { \ - M_ASN1_D2I_get_imp_set(b,func,tag,V_ASN1_CONTEXT_SPECIFIC); \ + M_ASN1_D2I_get_imp_set(b,func,free_func,\ + tag,V_ASN1_CONTEXT_SPECIFIC); \ } -#define M_ASN1_D2I_get_seq(r,func) \ - M_ASN1_D2I_get_imp_set(r,func,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); +#define M_ASN1_D2I_get_seq(r,func,free_func) \ + M_ASN1_D2I_get_imp_set(r,func,free_func,\ + V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); -#define M_ASN1_D2I_get_seq_opt(r,func) \ +#define M_ASN1_D2I_get_seq_opt(r,func,free_func) \ if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \ V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\ - { M_ASN1_D2I_get_seq(r,func); } + { M_ASN1_D2I_get_seq(r,func,free_func); } -#define M_ASN1_D2I_get_IMP_set(r,func,x) \ - M_ASN1_D2I_get_imp_set(r,func,x,V_ASN1_CONTEXT_SPECIFIC); +#define M_ASN1_D2I_get_IMP_set(r,func,free_func,x) \ + M_ASN1_D2I_get_imp_set(r,func,free_func,\ + x,V_ASN1_CONTEXT_SPECIFIC); -#define M_ASN1_D2I_get_imp_set(r,func,a,b) \ +#define M_ASN1_D2I_get_imp_set(r,func,free_func,a,b) \ c.q=c.p; \ - if (d2i_ASN1_SET(&(r),&c.p,c.slen,(char *(*)())func,a,b) == NULL) \ - goto err; \ + if (d2i_ASN1_SET(&(r),&c.p,c.slen,(char *(*)())func,\ + (void (*)())free_func,a,b) == NULL) \ + { c.line=__LINE__; goto err; } \ c.slen-=(c.p-c.q); #define M_ASN1_D2I_get_set_strings(r,func,a,b) \ c.q=c.p; \ if (d2i_ASN1_STRING_SET(&(r),&c.p,c.slen,a,b) == NULL) \ - goto err; \ + { c.line=__LINE__; goto err; } \ c.slen-=(c.p-c.q); #define M_ASN1_D2I_get_EXP_opt(r,func,tag) \ @@ -169,13 +207,14 @@ err:\ c.q=c.p; \ Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \ if (Tinf & 0x80) \ - { c.error=ASN1_R_BAD_OBJECT_HEADER; goto err; } \ + { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \ + c.line=__LINE__; goto err; } \ if (func(&(r),&c.p,Tlen) == NULL) \ - goto err; \ + { c.line=__LINE__; goto err; } \ c.slen-=(c.p-c.q); \ } -#define M_ASN1_D2I_get_EXP_set_opt(r,func,tag,b) \ +#define M_ASN1_D2I_get_EXP_set_opt(r,func,free_func,tag,b) \ if ((c.slen != 0) && (M_ASN1_next == \ (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \ { \ @@ -185,24 +224,27 @@ err:\ c.q=c.p; \ Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \ if (Tinf & 0x80) \ - { c.error=ASN1_R_BAD_OBJECT_HEADER; goto err; } \ + { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \ + c.line=__LINE__; goto err; } \ if (d2i_ASN1_SET(&(r),&c.p,Tlen,(char *(*)())func, \ + (void (*)())free_func, \ b,V_ASN1_UNIVERSAL) == NULL) \ - goto err; \ + { c.line=__LINE__; goto err; } \ c.slen-=(c.p-c.q); \ } /* New macros */ #define M_ASN1_New_Malloc(ret,type) \ - if ((ret=(type *)Malloc(sizeof(type))) == NULL) goto err2; + if ((ret=(type *)Malloc(sizeof(type))) == NULL) \ + { c.line=__LINE__; goto err2; } #define M_ASN1_New(arg,func) \ if (((arg)=func()) == NULL) return(NULL) #define M_ASN1_New_Error(a) \ -/* err: ASN1err((a),ASN1_R_ERROR_STACK); \ +/* err: ASN1_MAC_H_err((a),ERR_R_NESTED_ASN1_ERROR,c.line); \ return(NULL);*/ \ - err2: ASN1err((a),ERR_R_MALLOC_FAILURE); \ + err2: ASN1_MAC_H_err((a),ERR_R_MALLOC_FAILURE,c.line); \ return(NULL) diff --git a/crypto/asn1/asn1_par.c b/crypto/asn1/asn1_par.c index 3906227d2..af71b1a85 100644 --- a/crypto/asn1/asn1_par.c +++ b/crypto/asn1/asn1_par.c @@ -266,7 +266,8 @@ int indent; if ( (tag == V_ASN1_PRINTABLESTRING) || (tag == V_ASN1_T61STRING) || (tag == V_ASN1_IA5STRING) || - (tag == V_ASN1_UTCTIME)) + (tag == V_ASN1_UTCTIME) || + (tag == V_ASN1_GENERALIZEDTIME)) { if (BIO_write(bp,":",1) <= 0) goto end; if ((len > 0) && diff --git a/crypto/asn1/d2i_dhp.c b/crypto/asn1/d2i_dhp.c index 616a30810..f2236fc2e 100644 --- a/crypto/asn1/d2i_dhp.c +++ b/crypto/asn1/d2i_dhp.c @@ -64,7 +64,7 @@ #include "asn1_mac.h" /* - * ASN1err(ASN1_F_D2I_DHPARAMS,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_DHPARAMS,ERR_R_ASN1_LENGTH_MISMATCH); * ASN1err(ASN1_F_I2D_DHPARAMS,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE); */ @@ -73,7 +73,7 @@ DH **a; unsigned char **pp; long length; { - int i=ASN1_R_ERROR_STACK; + int i=ERR_R_NESTED_ASN1_ERROR; ASN1_INTEGER *bs=NULL; long v=0; M_ASN1_D2I_vars(a,DH *,DH_new); diff --git a/crypto/asn1/d2i_dsap.c b/crypto/asn1/d2i_dsap.c index 2c8ac7bbc..fc2961b3a 100644 --- a/crypto/asn1/d2i_dsap.c +++ b/crypto/asn1/d2i_dsap.c @@ -64,7 +64,7 @@ #include "asn1_mac.h" /* - * ASN1err(ASN1_F_D2I_DSAPARAMS,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_DSAPARAMS,ERR_R_ASN1_LENGTH_MISMATCH); * ASN1err(ASN1_F_I2D_DSAPARAMS,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE); */ @@ -73,7 +73,7 @@ DSA **a; unsigned char **pp; long length; { - int i=ASN1_R_ERROR_STACK; + int i=ERR_R_NESTED_ASN1_ERROR; ASN1_INTEGER *bs=NULL; M_ASN1_D2I_vars(a,DSA *,DSA_new); diff --git a/crypto/asn1/d2i_pr.c b/crypto/asn1/d2i_pr.c index b9eaa9629..677403564 100644 --- a/crypto/asn1/d2i_pr.c +++ b/crypto/asn1/d2i_pr.c @@ -106,7 +106,7 @@ long length; default: ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE); goto err; - break; + /* break; */ } if (a != NULL) (*a)=ret; return(ret); diff --git a/crypto/asn1/d2i_pu.c b/crypto/asn1/d2i_pu.c index 5d6192f1e..eb572acb0 100644 --- a/crypto/asn1/d2i_pu.c +++ b/crypto/asn1/d2i_pu.c @@ -106,7 +106,7 @@ long length; default: ASN1err(ASN1_F_D2I_PUBLICKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE); goto err; - break; + /* break; */ } if (a != NULL) (*a)=ret; return(ret); diff --git a/crypto/asn1/d2i_r_pr.c b/crypto/asn1/d2i_r_pr.c index 0c53aa94b..a276a1d4c 100644 --- a/crypto/asn1/d2i_r_pr.c +++ b/crypto/asn1/d2i_r_pr.c @@ -64,7 +64,7 @@ #include "asn1_mac.h" /* - * ASN1err(ASN1_F_D2I_RSAPRIVATEKEY,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_RSAPRIVATEKEY,ERR_R_ASN1_LENGTH_MISMATCH); * ASN1err(ASN1_F_I2D_RSAPRIVATEKEY,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE); * ASN1err(ASN1_F_I2D_RSAPRIVATEKEY,ASN1_R_PARSING); */ diff --git a/crypto/asn1/d2i_r_pu.c b/crypto/asn1/d2i_r_pu.c index 778b792b1..a4e2c22f3 100644 --- a/crypto/asn1/d2i_r_pu.c +++ b/crypto/asn1/d2i_r_pu.c @@ -64,7 +64,7 @@ #include "asn1_mac.h" /* - * ASN1err(ASN1_F_D2I_RSAPUBLICKEY,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_RSAPUBLICKEY,ERR_R_ASN1_LENGTH_MISMATCH); * ASN1err(ASN1_F_I2D_RSAPUBLICKEY,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE); */ diff --git a/crypto/asn1/d2i_s_pr.c b/crypto/asn1/d2i_s_pr.c index 32ff8ba4b..8499702c9 100644 --- a/crypto/asn1/d2i_s_pr.c +++ b/crypto/asn1/d2i_s_pr.c @@ -66,7 +66,7 @@ #include "asn1_mac.h" /* - * ASN1err(ASN1_F_D2I_DSAPRIVATEKEY,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_DSAPRIVATEKEY,ERR_R_ASN1_LENGTH_MISMATCH); * ASN1err(ASN1_F_I2D_DSAPRIVATEKEY,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE); * ASN1err(ASN1_F_I2D_DSAPRIVATEKEY,ASN1_R_PARSING); */ diff --git a/crypto/asn1/d2i_s_pu.c b/crypto/asn1/d2i_s_pu.c index 1002f41cd..ecf6407ea 100644 --- a/crypto/asn1/d2i_s_pu.c +++ b/crypto/asn1/d2i_s_pu.c @@ -66,7 +66,7 @@ #include "asn1_mac.h" /* - * ASN1err(ASN1_F_D2I_DSAPUBLICKEY,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_DSAPUBLICKEY,ERR_R_ASN1_LENGTH_MISMATCH); * ASN1err(ASN1_F_I2D_DSAPUBLICKEY,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE); */ diff --git a/crypto/asn1/evp_asn1.c b/crypto/asn1/evp_asn1.c index ebe34a336..4153d1b57 100644 --- a/crypto/asn1/evp_asn1.c +++ b/crypto/asn1/evp_asn1.c @@ -135,7 +135,8 @@ int len; return(1); } -/* we return the actual length... */ +/* we return the actual length..., num may be missing, in which + * case, set it to zero */ int ASN1_TYPE_get_int_octetstring(a,num,data,max_len) ASN1_TYPE *a; long *num; diff --git a/crypto/asn1/i2d_dhp.c b/crypto/asn1/i2d_dhp.c index a454025ce..a1afa46c8 100644 --- a/crypto/asn1/i2d_dhp.c +++ b/crypto/asn1/i2d_dhp.c @@ -63,8 +63,8 @@ #include "dh.h" /* - * ASN1err(ASN1_F_D2I_DHPARAMS,ASN1_R_LENGTH_MISMATCH); - * ASN1err(ASN1_F_X509_DHPARAMS_NEW,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_DHPARAMS,ERR_R_ASN1_LENGTH_MISMATCH); + * ASN1err(ASN1_F_X509_DHPARAMS_NEW,ERR_R_ASN1_LENGTH_MISMATCH); */ int i2d_DHparams(a,pp) diff --git a/crypto/asn1/i2d_dsap.c b/crypto/asn1/i2d_dsap.c index 94ecff152..0b7d5543f 100644 --- a/crypto/asn1/i2d_dsap.c +++ b/crypto/asn1/i2d_dsap.c @@ -63,7 +63,7 @@ #include "dsa.h" /* - * ASN1err(ASN1_F_D2I_DSAPARAMS,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_DSAPARAMS,ERR_R_ASN1_LENGTH_MISMATCH); */ int i2d_DSAparams(a,pp) diff --git a/crypto/asn1/i2d_r_pr.c b/crypto/asn1/i2d_r_pr.c index aadbb92d8..78312dbf2 100644 --- a/crypto/asn1/i2d_r_pr.c +++ b/crypto/asn1/i2d_r_pr.c @@ -64,7 +64,7 @@ #include "asn1_mac.h" /* - * ASN1err(ASN1_F_D2I_RSAPRIVATEKEY,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_RSAPRIVATEKEY,ERR_R_ASN1_LENGTH_MISMATCH); * ASN1err(ASN1_F_I2D_RSAPRIVATEKEY,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE); */ diff --git a/crypto/asn1/i2d_r_pu.c b/crypto/asn1/i2d_r_pu.c index 3c54f6709..4bcebaa1b 100644 --- a/crypto/asn1/i2d_r_pu.c +++ b/crypto/asn1/i2d_r_pu.c @@ -64,7 +64,7 @@ #include "asn1_mac.h" /* - * ASN1err(ASN1_F_D2I_RSAPUBLICKEY,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_RSAPUBLICKEY,ERR_R_ASN1_LENGTH_MISMATCH); * ASN1err(ASN1_F_I2D_RSAPUBLICKEY,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE); */ diff --git a/crypto/asn1/n_pkey.c b/crypto/asn1/n_pkey.c index 5110c91be..964984786 100644 --- a/crypto/asn1/n_pkey.c +++ b/crypto/asn1/n_pkey.c @@ -75,7 +75,7 @@ typedef struct netscape_pkey_st } NETSCAPE_PKEY; /* - * ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ERR_R_ASN1_LENGTH_MISMATCH); * ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_DECODING_ERROR); * ASN1err(ASN1_F_D2I_NETSCAPE_PKEY,ASN1_R_DECODING_ERROR); * ASN1err(ASN1_F_NETSCAPE_PKEY_NEW,ASN1_R_DECODING_ERROR); @@ -249,7 +249,7 @@ int (*cb)(); ASN1_OCTET_STRING *os=NULL; ASN1_CTX c; - c.error=ASN1_R_ERROR_STACK; + c.error=ERR_R_NESTED_ASN1_ERROR; c.pp=pp; M_ASN1_D2I_Init(); @@ -342,6 +342,7 @@ long length; static NETSCAPE_PKEY *NETSCAPE_PKEY_new() { NETSCAPE_PKEY *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,NETSCAPE_PKEY); M_ASN1_New(ret->version,ASN1_INTEGER_new); diff --git a/crypto/asn1/p7_dgst.c b/crypto/asn1/p7_dgst.c index f71ed8eb1..bf7b8e2f4 100644 --- a/crypto/asn1/p7_dgst.c +++ b/crypto/asn1/p7_dgst.c @@ -62,8 +62,8 @@ #include "x509.h" /* - * ASN1err(ASN1_F_PKCS7_DIGEST_NEW,ASN1_R_MISSING_EOS); - * ASN1err(ASN1_F_D2I_PKCS7_DIGEST,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_PKCS7_DIGEST_NEW,ERR_R_MISSING_ASN1_EOS); + * ASN1err(ASN1_F_D2I_PKCS7_DIGEST,ERR_R_ASN1_LENGTH_MISMATCH); */ int i2d_PKCS7_DIGEST(a,pp) @@ -107,6 +107,7 @@ long length; PKCS7_DIGEST *PKCS7_DIGEST_new() { PKCS7_DIGEST *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,PKCS7_DIGEST); M_ASN1_New(ret->version,ASN1_INTEGER_new); diff --git a/crypto/asn1/p7_enc.c b/crypto/asn1/p7_enc.c index 874dd7838..56e27fa11 100644 --- a/crypto/asn1/p7_enc.c +++ b/crypto/asn1/p7_enc.c @@ -62,8 +62,8 @@ #include "x509.h" /* - * ASN1err(ASN1_F_PKCS7_ENCRYPT_NEW,ASN1_R_LENGTH_MISMATCH); - * ASN1err(ASN1_F_D2I_PKCS7_ENCRYPT,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_PKCS7_ENCRYPT_NEW,ERR_R_ASN1_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_PKCS7_ENCRYPT,ERR_R_ASN1_LENGTH_MISMATCH); */ int i2d_PKCS7_ENCRYPT(a,pp) @@ -101,6 +101,7 @@ long length; PKCS7_ENCRYPT *PKCS7_ENCRYPT_new() { PKCS7_ENCRYPT *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,PKCS7_ENCRYPT); M_ASN1_New(ret->version,ASN1_INTEGER_new); diff --git a/crypto/asn1/p7_enc_c.c b/crypto/asn1/p7_enc_c.c index 2860d3e92..f98afb51b 100644 --- a/crypto/asn1/p7_enc_c.c +++ b/crypto/asn1/p7_enc_c.c @@ -62,8 +62,8 @@ #include "x509.h" /* - * ASN1err(ASN1_F_PKCS7_ENC_CONTENT_NEW,ASN1_R_LENGTH_MISMATCH); - * ASN1err(ASN1_F_D2I_PKCS7_ENC_CONTENT,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_PKCS7_ENC_CONTENT_NEW,ERR_R_ASN1_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_PKCS7_ENC_CONTENT,ERR_R_ASN1_LENGTH_MISMATCH); */ int i2d_PKCS7_ENC_CONTENT(a,pp) @@ -106,9 +106,11 @@ long length; PKCS7_ENC_CONTENT *PKCS7_ENC_CONTENT_new() { PKCS7_ENC_CONTENT *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,PKCS7_ENC_CONTENT); - M_ASN1_New(ret->content_type,ASN1_OBJECT_new); + /* M_ASN1_New(ret->content_type,ASN1_OBJECT_new); */ + ret->content_type=OBJ_nid2obj(NID_pkcs7_encrypted); M_ASN1_New(ret->algorithm,X509_ALGOR_new); ret->enc_data=NULL; return(ret); diff --git a/crypto/asn1/p7_evp.c b/crypto/asn1/p7_evp.c index 4db0a7fe6..7879a6684 100644 --- a/crypto/asn1/p7_evp.c +++ b/crypto/asn1/p7_evp.c @@ -62,8 +62,8 @@ #include "x509.h" /* - * ASN1err(ASN1_F_PKCS7_ENVELOPE_NEW,ASN1_R_LENGTH_MISMATCH); - * ASN1err(ASN1_F_D2I_PKCS7_ENVELOPE,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_PKCS7_ENVELOPE_NEW,ERR_R_ASN1_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_PKCS7_ENVELOPE,ERR_R_ASN1_LENGTH_MISMATCH); */ int i2d_PKCS7_ENVELOPE(a,pp) @@ -95,7 +95,8 @@ long length; M_ASN1_D2I_Init(); M_ASN1_D2I_start_sequence(); M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER); - M_ASN1_D2I_get_set(ret->recipientinfo,d2i_PKCS7_RECIP_INFO); + M_ASN1_D2I_get_set(ret->recipientinfo,d2i_PKCS7_RECIP_INFO, + PKCS7_RECIP_INFO_free); M_ASN1_D2I_get(ret->enc_data,d2i_PKCS7_ENC_CONTENT); M_ASN1_D2I_Finish(a,PKCS7_ENVELOPE_free,ASN1_F_D2I_PKCS7_ENVELOPE); @@ -104,6 +105,7 @@ long length; PKCS7_ENVELOPE *PKCS7_ENVELOPE_new() { PKCS7_ENVELOPE *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,PKCS7_ENVELOPE); M_ASN1_New(ret->version,ASN1_INTEGER_new); diff --git a/crypto/asn1/p7_i_s.c b/crypto/asn1/p7_i_s.c index 9b00c556d..9bae647fe 100644 --- a/crypto/asn1/p7_i_s.c +++ b/crypto/asn1/p7_i_s.c @@ -62,8 +62,8 @@ #include "x509.h" /* - * ASN1err(ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW,ASN1_R_LENGTH_MISMATCH); - * ASN1err(ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW,ERR_R_ASN1_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL,ERR_R_ASN1_LENGTH_MISMATCH); */ int i2d_PKCS7_ISSUER_AND_SERIAL(a,pp) @@ -101,6 +101,7 @@ long length; PKCS7_ISSUER_AND_SERIAL *PKCS7_ISSUER_AND_SERIAL_new() { PKCS7_ISSUER_AND_SERIAL *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,PKCS7_ISSUER_AND_SERIAL); M_ASN1_New(ret->issuer,X509_NAME_new); diff --git a/crypto/asn1/p7_lib.c b/crypto/asn1/p7_lib.c index 2134e0974..06e1da4a7 100644 --- a/crypto/asn1/p7_lib.c +++ b/crypto/asn1/p7_lib.c @@ -179,6 +179,7 @@ long length; V_ASN1_CONTEXT_SPECIFIC|0)) { c.error=ASN1_R_BAD_PKCS7_CONTENT; + c.line=__LINE__; goto err; } @@ -187,7 +188,7 @@ long length; c.q=c.p; Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass, (c.inf & 1)?(length+ *pp-c.q):c.slen); - if (Tinf & 0x80) goto err; + if (Tinf & 0x80) { c.line=__LINE__; goto err; } c.slen-=(c.p-c.q); switch (OBJ_obj2nid(ret->type)) @@ -215,14 +216,16 @@ long length; break; default: c.error=ASN1_R_BAD_PKCS7_TYPE; + c.line=__LINE__; goto err; - break; + /* break; */ } if (Tinf == (1|V_ASN1_CONSTRUCTED)) { if (!ASN1_check_infinite_end(&c.p,c.slen)) { - c.error=ASN1_R_MISSING_EOS; + c.error=ERR_R_MISSING_ASN1_EOS; + c.line=__LINE__; goto err; } } @@ -236,9 +239,10 @@ long length; PKCS7 *PKCS7_new() { PKCS7 *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,PKCS7); - ret->type=ASN1_OBJECT_new(); + ret->type=OBJ_nid2obj(NID_undef); ret->asn1=NULL; ret->length=0; ret->detached=0; diff --git a/crypto/asn1/p7_recip.c b/crypto/asn1/p7_recip.c index f02233f5a..2516d7b19 100644 --- a/crypto/asn1/p7_recip.c +++ b/crypto/asn1/p7_recip.c @@ -62,8 +62,8 @@ #include "x509.h" /* - * ASN1err(ASN1_F_PKCS7_RECIP_INFO_NEW,ASN1_R_LENGTH_MISMATCH); - * ASN1err(ASN1_F_D2I_PKCS7_RECIP_INFO,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_PKCS7_RECIP_INFO_NEW,ERR_R_ASN1_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_PKCS7_RECIP_INFO,ERR_R_ASN1_LENGTH_MISMATCH); */ int i2d_PKCS7_RECIP_INFO(a,pp) @@ -107,6 +107,7 @@ long length; PKCS7_RECIP_INFO *PKCS7_RECIP_INFO_new() { PKCS7_RECIP_INFO *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,PKCS7_RECIP_INFO); M_ASN1_New(ret->version,ASN1_INTEGER_new); diff --git a/crypto/asn1/p7_s_e.c b/crypto/asn1/p7_s_e.c index d34421145..0368bcbbc 100644 --- a/crypto/asn1/p7_s_e.c +++ b/crypto/asn1/p7_s_e.c @@ -62,8 +62,8 @@ #include "x509.h" /* - * ASN1err(ASN1_F_PKCS7_SIGN_ENVELOPE_NEW,ASN1_R_LENGTH_MISMATCH); - * ASN1err(ASN1_F_D2I_PKCS7_SIGN_ENVELOPE,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_PKCS7_SIGN_ENVELOPE_NEW,ERR_R_ASN1_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_PKCS7_SIGN_ENVELOPE,ERR_R_ASN1_LENGTH_MISMATCH); */ int i2d_PKCS7_SIGN_ENVELOPE(a,pp) @@ -103,12 +103,14 @@ long length; M_ASN1_D2I_Init(); M_ASN1_D2I_start_sequence(); M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER); - M_ASN1_D2I_get_set(ret->recipientinfo,d2i_PKCS7_RECIP_INFO); - M_ASN1_D2I_get_set(ret->md_algs,d2i_X509_ALGOR); + M_ASN1_D2I_get_set(ret->recipientinfo,d2i_PKCS7_RECIP_INFO, + PKCS7_RECIP_INFO_free); + M_ASN1_D2I_get_set(ret->md_algs,d2i_X509_ALGOR,X509_ALGOR_free); M_ASN1_D2I_get(ret->enc_data,d2i_PKCS7_ENC_CONTENT); - M_ASN1_D2I_get_IMP_set_opt(ret->cert,d2i_X509,0); - M_ASN1_D2I_get_IMP_set_opt(ret->crl,d2i_X509_CRL,1); - M_ASN1_D2I_get_set(ret->signer_info,d2i_PKCS7_SIGNER_INFO); + M_ASN1_D2I_get_IMP_set_opt(ret->cert,d2i_X509,X509_free,0); + M_ASN1_D2I_get_IMP_set_opt(ret->crl,d2i_X509_CRL,X509_CRL_free,1); + M_ASN1_D2I_get_set(ret->signer_info,d2i_PKCS7_SIGNER_INFO, + PKCS7_SIGNER_INFO_free); M_ASN1_D2I_Finish(a,PKCS7_SIGN_ENVELOPE_free, ASN1_F_D2I_PKCS7_SIGN_ENVELOPE); @@ -117,6 +119,7 @@ long length; PKCS7_SIGN_ENVELOPE *PKCS7_SIGN_ENVELOPE_new() { PKCS7_SIGN_ENVELOPE *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,PKCS7_SIGN_ENVELOPE); M_ASN1_New(ret->version,ASN1_INTEGER_new); diff --git a/crypto/asn1/p7_signd.c b/crypto/asn1/p7_signd.c index 40f9a44fa..830617cbf 100644 --- a/crypto/asn1/p7_signd.c +++ b/crypto/asn1/p7_signd.c @@ -62,8 +62,8 @@ #include "x509.h" /* - * ASN1err(ASN1_F_PKCS7_SIGNED_NEW,ASN1_R_LENGTH_MISMATCH); - * ASN1err(ASN1_F_D2I_PKCS7_SIGNED,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_PKCS7_SIGNED_NEW,ERR_R_ASN1_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_PKCS7_SIGNED,ERR_R_ASN1_LENGTH_MISMATCH); */ int i2d_PKCS7_SIGNED(a,pp) @@ -101,11 +101,12 @@ long length; M_ASN1_D2I_Init(); M_ASN1_D2I_start_sequence(); M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER); - M_ASN1_D2I_get_set(ret->md_algs,d2i_X509_ALGOR); + M_ASN1_D2I_get_set(ret->md_algs,d2i_X509_ALGOR,X509_ALGOR_free); M_ASN1_D2I_get(ret->contents,d2i_PKCS7); - M_ASN1_D2I_get_IMP_set_opt(ret->cert,d2i_X509,0); - M_ASN1_D2I_get_IMP_set_opt(ret->crl,d2i_X509_CRL,1); - M_ASN1_D2I_get_set(ret->signer_info,d2i_PKCS7_SIGNER_INFO); + M_ASN1_D2I_get_IMP_set_opt(ret->cert,d2i_X509,X509_free,0); + M_ASN1_D2I_get_IMP_set_opt(ret->crl,d2i_X509_CRL,X509_CRL_free,1); + M_ASN1_D2I_get_set(ret->signer_info,d2i_PKCS7_SIGNER_INFO, + PKCS7_SIGNER_INFO_free); M_ASN1_D2I_Finish(a,PKCS7_SIGNED_free,ASN1_F_D2I_PKCS7_SIGNED); } @@ -113,6 +114,7 @@ long length; PKCS7_SIGNED *PKCS7_SIGNED_new() { PKCS7_SIGNED *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,PKCS7_SIGNED); M_ASN1_New(ret->version,ASN1_INTEGER_new); diff --git a/crypto/asn1/p7_signi.c b/crypto/asn1/p7_signi.c index 0da92169f..4bc415d57 100644 --- a/crypto/asn1/p7_signi.c +++ b/crypto/asn1/p7_signi.c @@ -62,8 +62,8 @@ #include "x509.h" /* - * ASN1err(ASN1_F_PKCS7_SIGNER_INFO_NEW,ASN1_R_LENGTH_MISMATCH); - * ASN1err(ASN1_F_D2I_PKCS7_SIGNER_INFO,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_PKCS7_SIGNER_INFO_NEW,ERR_R_ASN1_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_PKCS7_SIGNER_INFO,ERR_R_ASN1_LENGTH_MISMATCH); */ int i2d_PKCS7_SIGNER_INFO(a,pp) @@ -105,10 +105,12 @@ long length; M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER); M_ASN1_D2I_get(ret->issuer_and_serial,d2i_PKCS7_ISSUER_AND_SERIAL); M_ASN1_D2I_get(ret->digest_alg,d2i_X509_ALGOR); - M_ASN1_D2I_get_IMP_set_opt(ret->auth_attr,d2i_X509_ATTRIBUTE,0); + M_ASN1_D2I_get_IMP_set_opt(ret->auth_attr,d2i_X509_ATTRIBUTE, + X509_ATTRIBUTE_free,0); M_ASN1_D2I_get(ret->digest_enc_alg,d2i_X509_ALGOR); M_ASN1_D2I_get(ret->enc_digest,d2i_ASN1_OCTET_STRING); - M_ASN1_D2I_get_IMP_set_opt(ret->unauth_attr,d2i_X509_ATTRIBUTE,1); + M_ASN1_D2I_get_IMP_set_opt(ret->unauth_attr,d2i_X509_ATTRIBUTE, + X509_ATTRIBUTE_free,1); M_ASN1_D2I_Finish(a,PKCS7_SIGNER_INFO_free, ASN1_F_D2I_PKCS7_SIGNER_INFO); @@ -117,6 +119,7 @@ long length; PKCS7_SIGNER_INFO *PKCS7_SIGNER_INFO_new() { PKCS7_SIGNER_INFO *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,PKCS7_SIGNER_INFO); M_ASN1_New(ret->version,ASN1_INTEGER_new); diff --git a/crypto/asn1/pkcs8.c b/crypto/asn1/pkcs8.c index 03fdadd51..d2bc9ce13 100644 --- a/crypto/asn1/pkcs8.c +++ b/crypto/asn1/pkcs8.c @@ -62,8 +62,8 @@ #include "objects.h" /* - * ASN1err(ASN1_F_D2I_X509_KEY,ASN1_R_LENGTH_MISMATCH); - * ASN1err(ASN1_F_X509_KEY_NEW,ASN1_R_BAD_GET_OBJECT); + * ASN1err(ASN1_F_D2I_X509_KEY,ERR_R_ASN1_LENGTH_MISMATCH); + * ASN1err(ASN1_F_X509_KEY_NEW,ERR_R_BAD_GET_ASN1_OBJECT_CALL); */ int i2d_X509_KEY(a,pp) diff --git a/crypto/asn1/t_x509.c b/crypto/asn1/t_x509.c index b10fbbb99..9a8c8bf0c 100644 --- a/crypto/asn1/t_x509.c +++ b/crypto/asn1/t_x509.c @@ -158,6 +158,11 @@ X509 *x; (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err; pkey=X509_get_pubkey(x); + if (pkey == NULL) + { + BIO_printf(bp,"%12sUnable to load Public Key\n",""); + } + else #ifndef NO_RSA if (pkey->type == EVP_PKEY_RSA) { @@ -175,7 +180,7 @@ X509 *x; } else #endif - BIO_printf(bp,"%12sDSA Public Key:\n",""); + BIO_printf(bp,"%12sUnknown Public Key:\n",""); n=X509_get_ext_count(x); if (n > 0) diff --git a/crypto/asn1/x_algor.c b/crypto/asn1/x_algor.c index 0ed2c87b6..01aa0cb6f 100644 --- a/crypto/asn1/x_algor.c +++ b/crypto/asn1/x_algor.c @@ -61,9 +61,9 @@ #include "asn1_mac.h" /* - * ASN1err(ASN1_F_D2I_X509_ALGOR,ASN1_R_LENGTH_MISMATCH); - * ASN1err(ASN1_F_X509_ALGOR_NEW,ASN1_R_EXPECTING_A_SEQUENCE); - * ASN1err(ASN1_F_D2I_X509_ALGOR,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_X509_ALGOR,ERR_R_ASN1_LENGTH_MISMATCH); + * ASN1err(ASN1_F_X509_ALGOR_NEW,ERR_R_EXPECTING_AN_ASN1_SEQUENCE); + * ASN1err(ASN1_F_D2I_X509_ALGOR,ERR_R_ASN1_LENGTH_MISMATCH); */ int i2d_X509_ALGOR(a,pp) @@ -107,9 +107,10 @@ long length; X509_ALGOR *X509_ALGOR_new() { X509_ALGOR *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,X509_ALGOR); - M_ASN1_New(ret->algorithm,ASN1_OBJECT_new); + ret->algorithm=OBJ_nid2obj(NID_undef); ret->parameter=NULL; return(ret); M_ASN1_New_Error(ASN1_F_X509_ALGOR_NEW); diff --git a/crypto/asn1/x_attrib.c b/crypto/asn1/x_attrib.c index e52ced862..d9faf141d 100644 --- a/crypto/asn1/x_attrib.c +++ b/crypto/asn1/x_attrib.c @@ -62,7 +62,7 @@ #include "asn1_mac.h" /* - * ASN1err(ASN1_F_D2I_X509_ATTRIBUTE,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_X509_ATTRIBUTE,ERR_R_ASN1_LENGTH_MISMATCH); * ASN1err(ASN1_F_X509_ATTRIBUTE_NEW,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE); * ASN1err(ASN1_F_I2D_X509_ATTRIBUTE,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE); */ @@ -115,7 +115,7 @@ long length; (M_ASN1_next == (V_ASN1_CONSTRUCTED|V_ASN1_UNIVERSAL|V_ASN1_SET))) { ret->set=1; - M_ASN1_D2I_get_set(ret->value.set,d2i_ASN1_TYPE); + M_ASN1_D2I_get_set(ret->value.set,d2i_ASN1_TYPE,ASN1_TYPE_free); } else { @@ -126,12 +126,37 @@ long length; M_ASN1_D2I_Finish(a,X509_ATTRIBUTE_free,ASN1_F_D2I_X509_ATTRIBUTE); } +X509_ATTRIBUTE *X509_ATTRIBUTE_create(nid,atrtype,value) +int nid; +int atrtype; +char *value; + { + X509_ATTRIBUTE *ret=NULL; + ASN1_TYPE *val=NULL; + + if ((ret=X509_ATTRIBUTE_new()) == NULL) + return(NULL); + ret->object=OBJ_nid2obj(nid); + ret->set=1; + if ((ret->value.set=sk_new_null()) == NULL) goto err; + if ((val=ASN1_TYPE_new()) == NULL) goto err; + if (!sk_push(ret->value.set,(char *)val)) goto err; + + ASN1_TYPE_set(val,atrtype,value); + return(ret); +err: + if (ret != NULL) X509_ATTRIBUTE_free(ret); + if (val != NULL) ASN1_TYPE_free(val); + return(NULL); + } + X509_ATTRIBUTE *X509_ATTRIBUTE_new() { X509_ATTRIBUTE *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,X509_ATTRIBUTE); - M_ASN1_New(ret->object,ASN1_OBJECT_new); + ret->object=OBJ_nid2obj(NID_undef); ret->set=0; ret->value.ptr=NULL; return(ret); diff --git a/crypto/asn1/x_cinf.c b/crypto/asn1/x_cinf.c index 4fc2cc9f6..27aad14c5 100644 --- a/crypto/asn1/x_cinf.c +++ b/crypto/asn1/x_cinf.c @@ -61,8 +61,8 @@ #include "asn1_mac.h" /* - * ASN1err(ASN1_F_D2I_X509_CINF,ASN1_R_LENGTH_MISMATCH); - * ASN1err(ASN1_F_X509_CINF_NEW,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_X509_CINF,ERR_R_ASN1_LENGTH_MISMATCH); + * ASN1err(ASN1_F_X509_CINF_NEW,ERR_R_ASN1_LENGTH_MISMATCH); */ int i2d_X509_CINF(a,pp) @@ -140,7 +140,7 @@ long length; if (ret->subjectUID != NULL) { ASN1_BIT_STRING_free(ret->subjectUID); - ret->issuerUID=NULL; + ret->subjectUID=NULL; } M_ASN1_D2I_get_IMP_opt(ret->issuerUID,d2i_ASN1_BIT_STRING, 1, V_ASN1_BIT_STRING); @@ -153,8 +153,8 @@ long length; while (sk_num(ret->extensions)) X509_EXTENSION_free((X509_EXTENSION *) sk_pop(ret->extensions)); - M_ASN1_D2I_get_EXP_set_opt(ret->extensions,d2i_X509_EXTENSION,3, - V_ASN1_SEQUENCE); + M_ASN1_D2I_get_EXP_set_opt(ret->extensions,d2i_X509_EXTENSION, + X509_EXTENSION_free,3,V_ASN1_SEQUENCE); } M_ASN1_D2I_Finish(a,X509_CINF_free,ASN1_F_D2I_X509_CINF); } @@ -162,6 +162,7 @@ long length; X509_CINF *X509_CINF_new() { X509_CINF *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,X509_CINF); ret->version=NULL; diff --git a/crypto/asn1/x_crl.c b/crypto/asn1/x_crl.c index 13acdab42..fe7b5f175 100644 --- a/crypto/asn1/x_crl.c +++ b/crypto/asn1/x_crl.c @@ -62,12 +62,12 @@ #include "x509.h" /* - * ASN1err(ASN1_F_D2I_X509_CRL,ASN1_R_LENGTH_MISMATCH); - * ASN1err(ASN1_F_D2I_X509_CRL_INFO,ASN1_R_EXPECTING_A_SEQUENCE); - * ASN1err(ASN1_F_D2I_X509_REVOKED,ASN1_R_LENGTH_MISMATCH); - * ASN1err(ASN1_F_X509_CRL_NEW,ASN1_R_LENGTH_MISMATCH); - * ASN1err(ASN1_F_X509_CRL_INFO_NEW,ASN1_R_EXPECTING_A_SEQUENCE); - * ASN1err(ASN1_F_X509_REVOKED_NEW,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_X509_CRL,ERR_R_ASN1_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_X509_CRL_INFO,ERR_R_EXPECTING_AN_ASN1_SEQUENCE); + * ASN1err(ASN1_F_D2I_X509_REVOKED,ERR_R_ASN1_LENGTH_MISMATCH); + * ASN1err(ASN1_F_X509_CRL_NEW,ERR_R_ASN1_LENGTH_MISMATCH); + * ASN1err(ASN1_F_X509_CRL_INFO_NEW,ERR_R_EXPECTING_AN_ASN1_SEQUENCE); + * ASN1err(ASN1_F_X509_REVOKED_NEW,ERR_R_ASN1_LENGTH_MISMATCH); */ #ifndef NOPROTO @@ -108,7 +108,8 @@ long length; M_ASN1_D2I_start_sequence(); M_ASN1_D2I_get(ret->serialNumber,d2i_ASN1_INTEGER); M_ASN1_D2I_get(ret->revocationDate,d2i_ASN1_UTCTIME); - M_ASN1_D2I_get_seq_opt(ret->extensions,d2i_X509_EXTENSION); + M_ASN1_D2I_get_seq_opt(ret->extensions,d2i_X509_EXTENSION, + X509_EXTENSION_free); M_ASN1_D2I_Finish(a,X509_REVOKED_free,ASN1_F_D2I_X509_REVOKED); } @@ -183,7 +184,7 @@ long length; while (sk_num(ret->revoked)) X509_REVOKED_free((X509_REVOKED *)sk_pop(ret->revoked)); } - M_ASN1_D2I_get_seq_opt(ret->revoked,d2i_X509_REVOKED); + M_ASN1_D2I_get_seq_opt(ret->revoked,d2i_X509_REVOKED,X509_REVOKED_free); if (ret->revoked != NULL) { @@ -203,7 +204,7 @@ long length; } M_ASN1_D2I_get_EXP_set_opt(ret->extensions,d2i_X509_EXTENSION, - 0,V_ASN1_SEQUENCE); + X509_EXTENSION_free,0,V_ASN1_SEQUENCE); } M_ASN1_D2I_Finish(a,X509_CRL_INFO_free,ASN1_F_D2I_X509_CRL_INFO); @@ -248,6 +249,7 @@ long length; X509_REVOKED *X509_REVOKED_new() { X509_REVOKED *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,X509_REVOKED); M_ASN1_New(ret->serialNumber,ASN1_INTEGER_new); @@ -260,6 +262,7 @@ X509_REVOKED *X509_REVOKED_new() X509_CRL_INFO *X509_CRL_INFO_new() { X509_CRL_INFO *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,X509_CRL_INFO); ret->version=NULL; @@ -277,6 +280,7 @@ X509_CRL_INFO *X509_CRL_INFO_new() X509_CRL *X509_CRL_new() { X509_CRL *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,X509_CRL); ret->references=1; diff --git a/crypto/asn1/x_exten.c b/crypto/asn1/x_exten.c index 54ffe2f00..f5e3ece22 100644 --- a/crypto/asn1/x_exten.c +++ b/crypto/asn1/x_exten.c @@ -62,8 +62,8 @@ #include "asn1_mac.h" /* - * ASN1err(ASN1_F_D2I_X509_EXTENSION,ASN1_R_LENGTH_MISMATCH); - * ASN1err(ASN1_F_X509_EXTENSION_NEW,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_X509_EXTENSION,ERR_R_ASN1_LENGTH_MISMATCH); + * ASN1err(ASN1_F_X509_EXTENSION_NEW,ERR_R_ASN1_LENGTH_MISMATCH); */ int i2d_X509_EXTENSION(a,pp) @@ -130,9 +130,10 @@ long length; X509_EXTENSION *X509_EXTENSION_new() { X509_EXTENSION *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,X509_EXTENSION); - M_ASN1_New(ret->object,ASN1_OBJECT_new); + ret->object=OBJ_nid2obj(NID_undef); M_ASN1_New(ret->value,ASN1_OCTET_STRING_new); ret->critical=0; ret->netscape_hack=0; diff --git a/crypto/asn1/x_name.c b/crypto/asn1/x_name.c index 28b9c34b5..3b8bc5191 100644 --- a/crypto/asn1/x_name.c +++ b/crypto/asn1/x_name.c @@ -62,9 +62,9 @@ #include "asn1_mac.h" /* - * ASN1err(ASN1_F_D2I_X509_NAME,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_X509_NAME,ERR_R_ASN1_LENGTH_MISMATCH); * ASN1err(ASN1_F_X509_NAME_NEW,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE); - * ASN1err(ASN1_F_D2I_X509_NAME_ENTRY,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_X509_NAME_ENTRY,ERR_R_ASN1_LENGTH_MISMATCH); * ASN1err(ASN1_F_X509_NAME_ENTRY_NEW,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE); */ @@ -213,7 +213,8 @@ long length; for (;;) { if (M_ASN1_D2I_end_sequence()) break; - M_ASN1_D2I_get_set(ret->entries,d2i_X509_NAME_ENTRY); + M_ASN1_D2I_get_set(ret->entries,d2i_X509_NAME_ENTRY, + X509_NAME_ENTRY_free); for (; idx < sk_num(ret->entries); idx++) { ((X509_NAME_ENTRY *)sk_value(ret->entries,idx))->set= @@ -234,9 +235,11 @@ long length; X509_NAME *X509_NAME_new() { X509_NAME *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,X509_NAME); - if ((ret->entries=sk_new(NULL)) == NULL) goto err2; + if ((ret->entries=sk_new(NULL)) == NULL) + { c.line=__LINE__; goto err2; } M_ASN1_New(ret->bytes,BUF_MEM_new); ret->modified=1; return(ret); @@ -246,6 +249,7 @@ X509_NAME *X509_NAME_new() X509_NAME_ENTRY *X509_NAME_ENTRY_new() { X509_NAME_ENTRY *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,X509_NAME_ENTRY); /* M_ASN1_New(ret->object,ASN1_OBJECT_new);*/ diff --git a/crypto/asn1/x_pkey.c b/crypto/asn1/x_pkey.c index 1d4d92612..3a359cce9 100644 --- a/crypto/asn1/x_pkey.c +++ b/crypto/asn1/x_pkey.c @@ -91,6 +91,7 @@ long length; if (ret->cipher.cipher == NULL) { c.error=ASN1_R_UNSUPPORTED_CIPHER; + c.line=__LINE__; goto err; } if (ret->enc_algor->parameter->type == V_ASN1_OCTET_STRING) @@ -99,6 +100,7 @@ long length; if (i > EVP_MAX_IV_LENGTH) { c.error=ASN1_R_IV_TOO_LARGE; + c.line=__LINE__; goto err; } memcpy(ret->cipher.iv, @@ -112,6 +114,7 @@ long length; X509_PKEY *X509_PKEY_new() { X509_PKEY *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,X509_PKEY); ret->version=0; diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c index a309cf74a..b8e6d0e00 100644 --- a/crypto/asn1/x_pubkey.c +++ b/crypto/asn1/x_pubkey.c @@ -61,8 +61,8 @@ #include "asn1_mac.h" /* - * ASN1err(ASN1_F_D2I_X509_PUBKEY,ASN1_R_LENGTH_MISMATCH); - * ASN1err(ASN1_F_X509_PUBKEY_NEW,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_X509_PUBKEY,ERR_R_ASN1_LENGTH_MISMATCH); + * ASN1err(ASN1_F_X509_PUBKEY_NEW,ERR_R_ASN1_LENGTH_MISMATCH); */ int i2d_X509_PUBKEY(a,pp) @@ -104,6 +104,7 @@ long length; X509_PUBKEY *X509_PUBKEY_new() { X509_PUBKEY *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,X509_PUBKEY); M_ASN1_New(ret->algor,X509_ALGOR_new); diff --git a/crypto/asn1/x_req.c b/crypto/asn1/x_req.c index ff0be13d3..a0df9982d 100644 --- a/crypto/asn1/x_req.c +++ b/crypto/asn1/x_req.c @@ -62,10 +62,10 @@ #include "x509.h" /* - * ASN1err(ASN1_F_D2I_X509_REQ,ASN1_R_LENGTH_MISMATCH); - * ASN1err(ASN1_F_D2I_X509_REQ_INFO,ASN1_R_LENGTH_MISMATCH); - * ASN1err(ASN1_F_X509_REQ_NEW,ASN1_R_LENGTH_MISMATCH); - * ASN1err(ASN1_F_X509_REQ_INFO_NEW,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_X509_REQ,ERR_R_ASN1_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_X509_REQ_INFO,ERR_R_ASN1_LENGTH_MISMATCH); + * ASN1err(ASN1_F_X509_REQ_NEW,ERR_R_ASN1_LENGTH_MISMATCH); + * ASN1err(ASN1_F_X509_REQ_INFO_NEW,ERR_R_ASN1_LENGTH_MISMATCH); */ int i2d_X509_REQ_INFO(a,pp) @@ -141,7 +141,8 @@ long length; ret->req_kludge=1; else { - M_ASN1_D2I_get_IMP_set(ret->attributes,d2i_X509_ATTRIBUTE,0); + M_ASN1_D2I_get_IMP_set(ret->attributes,d2i_X509_ATTRIBUTE, + X509_ATTRIBUTE_free,0); } M_ASN1_D2I_Finish(a,X509_REQ_INFO_free,ASN1_F_D2I_X509_REQ_INFO); @@ -150,6 +151,7 @@ long length; X509_REQ_INFO *X509_REQ_INFO_new() { X509_REQ_INFO *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,X509_REQ_INFO); M_ASN1_New(ret->version,ASN1_INTEGER_new); @@ -208,6 +210,7 @@ long length; X509_REQ *X509_REQ_new() { X509_REQ *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,X509_REQ); ret->references=1; diff --git a/crypto/asn1/x_sig.c b/crypto/asn1/x_sig.c index f0a2e4c27..245a76b0f 100644 --- a/crypto/asn1/x_sig.c +++ b/crypto/asn1/x_sig.c @@ -61,8 +61,8 @@ #include "asn1_mac.h" /* - * ASN1err(ASN1_F_D2I_X509_SIG,ASN1_R_LENGTH_MISMATCH); - * ASN1err(ASN1_F_X509_SIG_NEW,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_X509_SIG,ERR_R_ASN1_LENGTH_MISMATCH); + * ASN1err(ASN1_F_X509_SIG_NEW,ERR_R_ASN1_LENGTH_MISMATCH); */ int i2d_X509_SIG(a,pp) @@ -99,6 +99,7 @@ long length; X509_SIG *X509_SIG_new() { X509_SIG *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,X509_SIG); M_ASN1_New(ret->algor,X509_ALGOR_new); diff --git a/crypto/asn1/x_spki.c b/crypto/asn1/x_spki.c index 4a80df44b..5600d305a 100644 --- a/crypto/asn1/x_spki.c +++ b/crypto/asn1/x_spki.c @@ -66,10 +66,10 @@ #include "asn1_mac.h" /* - * ASN1err(ASN1_F_D2I_NETSCAPE_SPKAC,ASN1_R_LENGTH_MISMATCH); - * ASN1err(ASN1_F_NETSCAPE_SPKAC_NEW,ASN1_R_LENGTH_MISMATCH); - * ASN1err(ASN1_F_D2I_NETSCAPE_SPKI,ASN1_R_LENGTH_MISMATCH); - * ASN1err(ASN1_F_NETSCAPE_SPKI_NEW,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_NETSCAPE_SPKAC,ERR_R_ASN1_LENGTH_MISMATCH); + * ASN1err(ASN1_F_NETSCAPE_SPKAC_NEW,ERR_R_ASN1_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_NETSCAPE_SPKI,ERR_R_ASN1_LENGTH_MISMATCH); + * ASN1err(ASN1_F_NETSCAPE_SPKI_NEW,ERR_R_ASN1_LENGTH_MISMATCH); */ int i2d_NETSCAPE_SPKAC(a,pp) @@ -106,6 +106,7 @@ long length; NETSCAPE_SPKAC *NETSCAPE_SPKAC_new() { NETSCAPE_SPKAC *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,NETSCAPE_SPKAC); M_ASN1_New(ret->pubkey,X509_PUBKEY_new); @@ -160,6 +161,7 @@ long length; NETSCAPE_SPKI *NETSCAPE_SPKI_new() { NETSCAPE_SPKI *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,NETSCAPE_SPKI); M_ASN1_New(ret->spkac,NETSCAPE_SPKAC_new); diff --git a/crypto/asn1/x_val.c b/crypto/asn1/x_val.c index a9c390f88..8d996e995 100644 --- a/crypto/asn1/x_val.c +++ b/crypto/asn1/x_val.c @@ -99,6 +99,7 @@ long length; X509_VAL *X509_VAL_new() { X509_VAL *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,X509_VAL); M_ASN1_New(ret->notBefore,ASN1_UTCTIME_new); diff --git a/crypto/asn1/x_x509.c b/crypto/asn1/x_x509.c index bc466ce0f..e235abb23 100644 --- a/crypto/asn1/x_x509.c +++ b/crypto/asn1/x_x509.c @@ -62,8 +62,8 @@ #include "asn1_mac.h" /* - * ASN1err(ASN1_F_D2I_X509,ASN1_R_LENGTH_MISMATCH); - * ASN1err(ASN1_F_X509_NEW,ASN1_R_BAD_GET_OBJECT); + * ASN1err(ASN1_F_D2I_X509,ERR_R_ASN1_LENGTH_MISMATCH); + * ASN1err(ASN1_F_X509_NEW,ERR_R_BAD_GET_ASN1_OBJECT_CALL); */ static ASN1_METHOD meth={ @@ -117,6 +117,7 @@ ret->name=X509_NAME_oneline(ret->cert_info->subject,NULL,0); X509 *X509_new() { X509 *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,X509); ret->references=1; @@ -149,9 +150,11 @@ X509 *a; } #endif + /* CRYPTO_free_ex_data(bio_meth,(char *)a,&a->ex_data); */ X509_CINF_free(a->cert_info); X509_ALGOR_free(a->sig_alg); ASN1_BIT_STRING_free(a->signature); + if (a->name != NULL) Free(a->name); Free((char *)a); } diff --git a/crypto/bf/Makefile.ssl b/crypto/bf/Makefile.ssl index 236671f23..22aa4ca6f 100644 --- a/crypto/bf/Makefile.ssl +++ b/crypto/bf/Makefile.ssl @@ -61,7 +61,7 @@ asm/bx86-out.o: asm/bx86unix.cpp # bsdi asm/bx86bsdi.o: asm/bx86unix.cpp - $(CPP) -DBSDI asm/bx86unix.cpp | as -o asm/bx86bsdi.o + $(CPP) -DBSDI asm/bx86unix.cpp | sed 's/ :/:/' | as -o asm/bx86bsdi.o asm/bx86unix.cpp: (cd asm; perl bf-586.pl cpp >bx86unix.cpp) diff --git a/crypto/bf/bf_ecb.c b/crypto/bf/bf_ecb.c index 6d16360bd..3b534ac03 100644 --- a/crypto/bf/bf_ecb.c +++ b/crypto/bf/bf_ecb.c @@ -64,7 +64,7 @@ * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993) */ -char *BF_version="BlowFish part of SSLeay 0.9.0b 29-Jun-1998"; +char *BF_version="BlowFish part of SSLeay 0.9.1a 06-Jul-1998"; char *BF_options() { diff --git a/crypto/bf/bf_opts.c b/crypto/bf/bf_opts.c index 5cfa60c53..735d16b76 100644 --- a/crypto/bf/bf_opts.c +++ b/crypto/bf/bf_opts.c @@ -92,7 +92,8 @@ struct tms { #include <sys/timeb.h> #endif -#ifdef sun +#if defined(sun) || defined(__ultrix) +#define _POSIX_SOURCE #include <limits.h> #include <sys/param.h> #endif diff --git a/crypto/bf/bfspeed.c b/crypto/bf/bfspeed.c index 640d820dd..30db62b23 100644 --- a/crypto/bf/bfspeed.c +++ b/crypto/bf/bfspeed.c @@ -92,7 +92,8 @@ struct tms { #include <sys/timeb.h> #endif -#ifdef sun +#if defined(sun) || defined(__ultrix) +#define _POSIX_SOURCE #include <limits.h> #include <sys/param.h> #endif diff --git a/crypto/bio/b_sock.c b/crypto/bio/b_sock.c index a45909527..2c36150b9 100644 --- a/crypto/bio/b_sock.c +++ b/crypto/bio/b_sock.c @@ -148,7 +148,7 @@ unsigned char *ip; int BIO_get_port(str,port_ptr) char *str; -short *port_ptr; +unsigned short *port_ptr; { int i; struct servent *s; @@ -223,13 +223,13 @@ char *parg; { case BIO_GHBN_CTRL_HITS: return(BIO_ghbn_hits); - break; + /* break; */ case BIO_GHBN_CTRL_MISSES: return(BIO_ghbn_miss); - break; + /* break; */ case BIO_GHBN_CTRL_CACHE_SIZE: return(GHBN_NUM); - break; + /* break; */ case BIO_GHBN_CTRL_GET_ENTRY: if ((iarg >= 0) && (iarg <GHBN_NUM) && (ghbn_cache[iarg].order > 0)) @@ -241,7 +241,7 @@ char *parg; return(1); } return(0); - break; + /* break; */ case BIO_GHBN_CTRL_FLUSH: for (i=0; i<GHBN_NUM; i++) ghbn_cache[i].order=0; @@ -258,46 +258,51 @@ struct hostent *a; struct hostent *ret; int i,j; - ret=(struct hostent *)malloc(sizeof(struct hostent)); + MemCheck_off(); + ret=(struct hostent *)Malloc(sizeof(struct hostent)); if (ret == NULL) return(NULL); memset(ret,0,sizeof(struct hostent)); for (i=0; a->h_aliases[i] != NULL; i++) ; i++; - ret->h_aliases=(char **)malloc(sizeof(char *)*i); + ret->h_aliases=(char **)Malloc(sizeof(char *)*i); memset(ret->h_aliases,0,sizeof(char *)*i); if (ret == NULL) goto err; for (i=0; a->h_addr_list[i] != NULL; i++) ; i++; - ret->h_addr_list=(char **)malloc(sizeof(char *)*i); + ret->h_addr_list=(char **)Malloc(sizeof(char *)*i); memset(ret->h_addr_list,0,sizeof(char *)*i); if (ret->h_addr_list == NULL) goto err; j=strlen(a->h_name)+1; - if ((ret->h_name=malloc(j)) == NULL) goto err; - memcpy((char *)ret->h_name,a->h_name,j); + if ((ret->h_name=Malloc(j)) == NULL) goto err; + memcpy((char *)ret->h_name,a->h_name,j+1); for (i=0; a->h_aliases[i] != NULL; i++) { j=strlen(a->h_aliases[i])+1; - if ((ret->h_aliases[i]=malloc(j)) == NULL) goto err; - memcpy(ret->h_aliases[i],a->h_aliases[i],j); + if ((ret->h_aliases[i]=Malloc(j)) == NULL) goto err; + memcpy(ret->h_aliases[i],a->h_aliases[i],j+1); } ret->h_length=a->h_length; ret->h_addrtype=a->h_addrtype; for (i=0; a->h_addr_list[i] != NULL; i++) { - if ((ret->h_addr_list[i]=malloc(a->h_length)) == NULL) + if ((ret->h_addr_list[i]=Malloc(a->h_length)) == NULL) goto err; memcpy(ret->h_addr_list[i],a->h_addr_list[i],a->h_length); } - return(ret); + if (0) + { err: - if (ret != NULL) - ghbn_free(ret); - return(NULL); + if (ret != NULL) + ghbn_free(ret); + ret=NULL; + } + MemCheck_on(); + return(ret); } static void ghbn_free(a) @@ -308,17 +313,17 @@ struct hostent *a; if (a->h_aliases != NULL) { for (i=0; a->h_aliases[i] != NULL; i++) - free(a->h_aliases[i]); - free(a->h_aliases); + Free(a->h_aliases[i]); + Free(a->h_aliases); } if (a->h_addr_list != NULL) { for (i=0; a->h_addr_list[i] != NULL; i++) - free(a->h_addr_list[i]); - free(a->h_addr_list); + Free(a->h_addr_list[i]); + Free(a->h_addr_list); } - if (a->h_name != NULL) free((char *)a->h_name); - free(a); + if (a->h_name != NULL) Free((char *)a->h_name); + Free(a); } struct hostent *BIO_gethostbyname(name) @@ -467,16 +472,18 @@ unsigned char ip[4]; return(1); } -int BIO_get_accept_socket(host) +int BIO_get_accept_socket(host,bind_mode) char *host; +int bind_mode; { int ret=0; - struct sockaddr_in server; - int s= -1; + struct sockaddr_in server,client; + int s= -1,cs; unsigned char ip[4]; short port; char *str,*h,*p,*e; unsigned long l; + int err_num; if (!BIO_sock_init()) return(INVALID_SOCKET); @@ -517,12 +524,13 @@ char *host; if (!BIO_get_host_ip(h,&(ip[0]))) return(INVALID_SOCKET); l=(unsigned long) ((unsigned long)ip[0]<<24L)| - ((unsigned long)ip[0]<<16L)| - ((unsigned long)ip[0]<< 8L)| - ((unsigned long)ip[0]); + ((unsigned long)ip[1]<<16L)| + ((unsigned long)ip[2]<< 8L)| + ((unsigned long)ip[3]); server.sin_addr.s_addr=htonl(l); } +again: s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); if (s == INVALID_SOCKET) { @@ -531,9 +539,45 @@ char *host; BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_CREATE_SOCKET); goto err; } + +#ifdef SO_REUSEADDR + if (bind_mode == BIO_BIND_REUSEADDR) + { + int i=1; + + ret=setsockopt(s,SOL_SOCKET,SO_REUSEADDR,(char *)&i,sizeof(i)); + bind_mode=BIO_BIND_NORMAL; + } +#endif if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1) { - SYSerr(SYS_F_BIND,get_last_socket_error()); +#ifdef SO_REUSEADDR + err_num=get_last_socket_error(); + if ((bind_mode == BIO_BIND_REUSEADDR_IF_UNUSED) && + (err_num == EADDRINUSE)) + { + memcpy((char *)&client,(char *)&server,sizeof(server)); + if (strcmp(h,"*") == 0) + client.sin_addr.s_addr=htonl(0x7F000001); + cs=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); + if (cs != INVALID_SOCKET) + { + int ii; + ii=connect(cs,(struct sockaddr *)&client, + sizeof(client)); + closesocket(cs); + if (ii == INVALID_SOCKET) + { + bind_mode=BIO_BIND_REUSEADDR; + closesocket(s); + goto again; + } + /* else error */ + } + /* else error */ + } +#endif + SYSerr(SYS_F_BIND,err_num); ERR_add_error_data(3,"port='",host,"'"); BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_BIND_SOCKET); goto err; @@ -550,11 +594,7 @@ err: if (str != NULL) Free(str); if ((ret == 0) && (s != INVALID_SOCKET)) { -#ifdef WINDOWS closesocket(s); -#else - close(s); -#endif s= INVALID_SOCKET; } return(s); @@ -626,3 +666,16 @@ int on; } #endif +int BIO_socket_nbio(s,mode) +int s; +int mode; + { + int ret= -1; + unsigned long l; + + l=mode; +#ifdef FIONBIO + ret=BIO_socket_ioctl(s,FIONBIO,&l); +#endif + return(ret == 0); + } diff --git a/crypto/bio/bio.err b/crypto/bio/bio.err index 6e2f2b63c..daef6430f 100644 --- a/crypto/bio/bio.err +++ b/crypto/bio/bio.err @@ -3,23 +3,25 @@ /* Function codes. */ #define BIO_F_ACPT_STATE 100 #define BIO_F_BIO_ACCEPT 101 -#define BIO_F_BIO_CTRL 102 -#define BIO_F_BIO_GETS 103 -#define BIO_F_BIO_GET_ACCEPT_SOCKET 104 -#define BIO_F_BIO_GET_HOST_IP 105 -#define BIO_F_BIO_GET_PORT 106 -#define BIO_F_BIO_NEW 107 -#define BIO_F_BIO_NEW_FILE 108 -#define BIO_F_BIO_PUTS 109 -#define BIO_F_BIO_READ 110 -#define BIO_F_BIO_SOCK_INIT 111 -#define BIO_F_BIO_WRITE 112 -#define BIO_F_BUFFER_CTRL 113 -#define BIO_F_CONN_STATE 114 -#define BIO_F_FILE_CTRL 115 -#define BIO_F_MEM_WRITE 116 -#define BIO_F_SSL_NEW 117 -#define BIO_F_WSASTARTUP 118 +#define BIO_F_BIO_BER_GET_HEADER 102 +#define BIO_F_BIO_CTRL 103 +#define BIO_F_BIO_GETS 104 +#define BIO_F_BIO_GET_ACCEPT_SOCKET 105 +#define BIO_F_BIO_GET_HOST_IP 106 +#define BIO_F_BIO_GET_PORT 107 +#define BIO_F_BIO_NEW 108 +#define BIO_F_BIO_NEW_FILE 109 +#define BIO_F_BIO_PUTS 110 +#define BIO_F_BIO_READ 111 +#define BIO_F_BIO_SOCK_INIT 112 +#define BIO_F_BIO_WRITE 113 +#define BIO_F_BUFFER_CTRL 114 +#define BIO_F_CONN_STATE 115 +#define BIO_F_FILE_CTRL 116 +#define BIO_F_MEM_WRITE 117 +#define BIO_F_SOCKS4A_STATE 118 +#define BIO_F_SSL_NEW 119 +#define BIO_F_WSASTARTUP 120 /* Reason codes. */ #define BIO_R_ACCEPT_ERROR 100 @@ -38,9 +40,14 @@ #define BIO_R_NO_PORT_DEFINED 113 #define BIO_R_NO_PORT_SPECIFIED 114 #define BIO_R_NULL_PARAMETER 115 -#define BIO_R_UNABLE_TO_BIND_SOCKET 116 -#define BIO_R_UNABLE_TO_CREATE_SOCKET 117 -#define BIO_R_UNABLE_TO_LISTEN_SOCKET 118 -#define BIO_R_UNINITALISED 119 -#define BIO_R_UNSUPPORTED_METHOD 120 -#define BIO_R_WSASTARTUP 121 +#define BIO_R_SOCKS_ID_AND_IDENT_DID_NOT_MATCH 116 +#define BIO_R_SOCKS_REJECTED_CONNECTION 117 +#define BIO_R_SOCKS_UNABLE_TO_TALK_TO_IDENT_SERVER 118 +#define BIO_R_SOCKS_UNKNOWN_ERROR 119 +#define BIO_R_TAG_MISMATCH 120 +#define BIO_R_UNABLE_TO_BIND_SOCKET 121 +#define BIO_R_UNABLE_TO_CREATE_SOCKET 122 +#define BIO_R_UNABLE_TO_LISTEN_SOCKET 123 +#define BIO_R_UNINITALISED 124 +#define BIO_R_UNSUPPORTED_METHOD 125 +#define BIO_R_WSASTARTUP 126 diff --git a/crypto/bio/bio.h b/crypto/bio/bio.h index 300b330e0..35db3dffb 100644 --- a/crypto/bio/bio.h +++ b/crypto/bio/bio.h @@ -84,6 +84,7 @@ extern "C" { #define BIO_TYPE_PROXY_SERVER (15|0x0200) /* server proxy BIO */ #define BIO_TYPE_NBIO_TEST (16|0x0200) /* server proxy BIO */ #define BIO_TYPE_NULL_FILTER (17|0x0200) +#define BIO_TYPE_BER (18|0x0200) /* BER -> bin filter */ #define BIO_TYPE_DESCRIPTOR 0x0100 /* socket, fd, connect or accept */ #define BIO_TYPE_FILTER 0x0200 @@ -276,7 +277,7 @@ typedef struct bio_f_buffer_ctx_struct #define BIO_CONN_S_OK 6 #define BIO_CONN_S_BLOCKED_CONNECT 7 #define BIO_CONN_S_NBIO 8 -#define BIO_CONN_get_param_hostname BIO_ctrl +/*#define BIO_CONN_get_param_hostname BIO_ctrl */ #define BIO_number_read(b) ((b)->num_read) #define BIO_number_written(b) ((b)->num_write) @@ -309,6 +310,14 @@ typedef struct bio_f_buffer_ctx_struct #define BIO_C_SET_SSL_RENEGOTIATE_BYTES 125 #define BIO_C_GET_SSL_NUM_RENEGOTIATES 126 #define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT 127 +#define BIO_C_FILE_SEEK 128 +#define BIO_C_GET_CIPHER_CTX 129 +#define BIO_C_SET_BUF_MEM_EOF_RETURN 130/*return end of input value*/ +#define BIO_C_SET_BIND_MODE 131 +#define BIO_C_GET_BIND_MODE 132 +#define BIO_C_FILE_TELL 133 +#define BIO_C_GET_SOCKS 134 +#define BIO_C_SET_SOCKS 135 #define BIO_set_app_data(s,arg) BIO_set_ex_data(s,0,(char *)arg) #define BIO_get_app_data(s) BIO_get_ex_data(s,0) @@ -320,7 +329,7 @@ void BIO_set_ex_free_func(BIO *bio,int idx,void (*cb)()); int BIO_get_ex_new_index(long argl, char *argp, int (*new_func)(), int (*dup_func)(), void (*free_func)()); -/* BIO_s_connect_socket() */ +/* BIO_s_connect() and BIO_s_socks4a_connect() */ #define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,(char *)name) #define BIO_set_conn_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,1,(char *)port) #define BIO_set_conn_ip(b,ip) BIO_ctrl(b,BIO_C_SET_CONNECT,2,(char *)ip) @@ -328,7 +337,8 @@ int BIO_get_ex_new_index(long argl, char *argp, int (*new_func)(), #define BIO_get_conn_hostname(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0) #define BIO_get_conn_port(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1) #define BIO_get_conn_ip(b,ip) BIO_ptr_ctrl(b,BIO_C_SET_CONNECT,2) -#define BIO_get_conn_int port(b,port) BIO_int_ctrl(b,BIO_C_SET_CONNECT,3,port) +#define BIO_get_conn_int_port(b,port) BIO_int_ctrl(b,BIO_C_SET_CONNECT,3,port) + #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) @@ -339,6 +349,12 @@ int BIO_get_ex_new_index(long argl, char *argp, int (*new_func)(), #define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?"a":NULL) #define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(char *)bio) +#define BIO_BIND_NORMAL 0 +#define BIO_BIND_REUSEADDR_IF_UNUSED 1 +#define BIO_BIND_REUSEADDR 2 +#define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL) +#define BIO_get_bind_mode(b,mode) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL) + #define BIO_do_connect(b) BIO_do_handshake(b) #define BIO_do_accept(b) BIO_do_handshake(b) #define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL) @@ -364,12 +380,17 @@ int BIO_get_ex_new_index(long argl, char *argp, int (*new_func)(), #define BIO_set_fp(b,fp,c) BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp) #define BIO_get_fp(b,fpp) BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp) +#define BIO_seek(b,ofs) (int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL) +#define BIO_tell(b) (int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL) + #define BIO_read_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \ BIO_CLOSE|BIO_FP_READ,name) #define BIO_write_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \ BIO_CLOSE|BIO_FP_WRITE,name) #define BIO_append_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \ BIO_CLOSE|BIO_FP_APPEND,name) +#define BIO_rw_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \ + BIO_CLOSE|BIO_FP_READ|BIO_FP_WRITE,name) /* WARNING WARNING, this ups the reference count on the read bio of the * SSL structure. This is because the ssl read BIO is now pointed to by @@ -388,8 +409,11 @@ int BIO_get_ex_new_index(long argl, char *argp, int (*new_func)(), /* defined in evp.h */ /* #define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */ +#define BIO_get_mem_data(b,pp) BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)pp) #define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char *)bm) #define BIO_get_mem_ptr(b,pp) BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,(char *)pp) +#define BIO_set_mem_eof_return(b,v) \ + BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,NULL) /* For the BIO_f_buffer() type */ #define BIO_get_buffer_num_lines(b) BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL) @@ -486,8 +510,9 @@ BIO_METHOD *BIO_s_accept(void); BIO_METHOD *BIO_s_fd(void); BIO_METHOD *BIO_s_null(void); BIO_METHOD *BIO_f_null(void); -BIO_METHOD *BIO_f_nbio_test(void); BIO_METHOD *BIO_f_buffer(void); +BIO_METHOD *BIO_f_nbio_test(void); +/* BIO_METHOD *BIO_f_ber(void); */ int BIO_sock_should_retry(int i); int BIO_sock_non_fatal_error(int error); @@ -498,9 +523,10 @@ int BIO_dump(BIO *b,char *bytes,int len); struct hostent *BIO_gethostbyname(char *name); int BIO_sock_error(int sock); int BIO_socket_ioctl(int fd, long type, unsigned long *arg); -int BIO_get_port(char *str, short *port_ptr); +int BIO_socket_nbio(int fd,int mode); +int BIO_get_port(char *str, unsigned short *port_ptr); int BIO_get_host_ip(char *str, unsigned char *ip); -int BIO_get_accept_socket(char *host_port); +int BIO_get_accept_socket(char *host_port,int mode); int BIO_accept(int sock,char **ip_port); int BIO_sock_init(void ); void BIO_sock_cleanup(void); @@ -552,6 +578,7 @@ BIO_METHOD *BIO_s_null(); BIO_METHOD *BIO_f_null(); BIO_METHOD *BIO_f_buffer(); BIO_METHOD *BIO_f_nbio_test(); +/* BIO_METHOD *BIO_f_ber(); */ int BIO_sock_should_retry(); int BIO_sock_non_fatal_error(); @@ -562,6 +589,7 @@ int BIO_dump(); struct hostent *BIO_gethostbyname(); int BIO_sock_error(); int BIO_socket_ioctl(); +int BIO_socket_nbio(); int BIO_get_port(); int BIO_get_host_ip(); int BIO_get_accept_socket(); @@ -579,7 +607,7 @@ BIO *BIO_new_accept(); void BIO_copy_next_retry(); -int BIO_ghbn_ctrl(); +long BIO_ghbn_ctrl(); #endif @@ -639,23 +667,24 @@ int BIO_printf(); /* Function codes. */ #define BIO_F_ACPT_STATE 100 #define BIO_F_BIO_ACCEPT 101 -#define BIO_F_BIO_CTRL 102 -#define BIO_F_BIO_GETS 103 -#define BIO_F_BIO_GET_ACCEPT_SOCKET 104 -#define BIO_F_BIO_GET_HOST_IP 105 -#define BIO_F_BIO_GET_PORT 106 -#define BIO_F_BIO_NEW 107 -#define BIO_F_BIO_NEW_FILE 108 -#define BIO_F_BIO_PUTS 109 -#define BIO_F_BIO_READ 110 -#define BIO_F_BIO_SOCK_INIT 111 -#define BIO_F_BIO_WRITE 112 -#define BIO_F_BUFFER_CTRL 113 -#define BIO_F_CONN_STATE 114 -#define BIO_F_FILE_CTRL 115 -#define BIO_F_MEM_WRITE 116 -#define BIO_F_SSL_NEW 117 -#define BIO_F_WSASTARTUP 118 +#define BIO_F_BIO_BER_GET_HEADER 102 +#define BIO_F_BIO_CTRL 103 +#define BIO_F_BIO_GETS 104 +#define BIO_F_BIO_GET_ACCEPT_SOCKET 105 +#define BIO_F_BIO_GET_HOST_IP 106 +#define BIO_F_BIO_GET_PORT 107 +#define BIO_F_BIO_NEW 108 +#define BIO_F_BIO_NEW_FILE 109 +#define BIO_F_BIO_PUTS 110 +#define BIO_F_BIO_READ 111 +#define BIO_F_BIO_SOCK_INIT 112 +#define BIO_F_BIO_WRITE 113 +#define BIO_F_BUFFER_CTRL 114 +#define BIO_F_CONN_STATE 115 +#define BIO_F_FILE_CTRL 116 +#define BIO_F_MEM_WRITE 117 +#define BIO_F_SSL_NEW 119 +#define BIO_F_WSASTARTUP 120 /* Reason codes. */ #define BIO_R_ACCEPT_ERROR 100 @@ -674,12 +703,17 @@ int BIO_printf(); #define BIO_R_NO_PORT_DEFINED 113 #define BIO_R_NO_PORT_SPECIFIED 114 #define BIO_R_NULL_PARAMETER 115 -#define BIO_R_UNABLE_TO_BIND_SOCKET 116 -#define BIO_R_UNABLE_TO_CREATE_SOCKET 117 -#define BIO_R_UNABLE_TO_LISTEN_SOCKET 118 -#define BIO_R_UNINITALISED 119 -#define BIO_R_UNSUPPORTED_METHOD 120 -#define BIO_R_WSASTARTUP 121 +#define BIO_R_SOCKS_ID_AND_IDENT_DID_NOT_MATCH 116 +#define BIO_R_SOCKS_REJECTED_CONNECTION 117 +#define BIO_R_SOCKS_UNABLE_TO_TALK_TO_IDENT_SERVER 118 +#define BIO_R_SOCKS_UNKNOWN_ERROR 119 +#define BIO_R_TAG_MISMATCH 120 +#define BIO_R_UNABLE_TO_BIND_SOCKET 121 +#define BIO_R_UNABLE_TO_CREATE_SOCKET 122 +#define BIO_R_UNABLE_TO_LISTEN_SOCKET 123 +#define BIO_R_UNINITALISED 124 +#define BIO_R_UNSUPPORTED_METHOD 125 +#define BIO_R_WSASTARTUP 126 #ifdef __cplusplus } diff --git a/crypto/bio/bio_err.c b/crypto/bio/bio_err.c index 37e14ca10..01aac6e58 100644 --- a/crypto/bio/bio_err.c +++ b/crypto/bio/bio_err.c @@ -65,6 +65,7 @@ static ERR_STRING_DATA BIO_str_functs[]= { {ERR_PACK(0,BIO_F_ACPT_STATE,0), "ACPT_STATE"}, {ERR_PACK(0,BIO_F_BIO_ACCEPT,0), "BIO_accept"}, +{ERR_PACK(0,BIO_F_BIO_BER_GET_HEADER,0), "BIO_BER_GET_HEADER"}, {ERR_PACK(0,BIO_F_BIO_CTRL,0), "BIO_ctrl"}, {ERR_PACK(0,BIO_F_BIO_GETS,0), "BIO_gets"}, {ERR_PACK(0,BIO_F_BIO_GET_ACCEPT_SOCKET,0), "BIO_get_accept_socket"}, @@ -80,6 +81,7 @@ static ERR_STRING_DATA BIO_str_functs[]= {ERR_PACK(0,BIO_F_CONN_STATE,0), "CONN_STATE"}, {ERR_PACK(0,BIO_F_FILE_CTRL,0), "FILE_CTRL"}, {ERR_PACK(0,BIO_F_MEM_WRITE,0), "MEM_WRITE"}, +{ERR_PACK(0,BIO_F_SOCKS4A_STATE,0), "SOCKS4A_STATE"}, {ERR_PACK(0,BIO_F_SSL_NEW,0), "SSL_NEW"}, {ERR_PACK(0,BIO_F_WSASTARTUP,0), "WSASTARTUP"}, {0,NULL}, @@ -103,6 +105,11 @@ static ERR_STRING_DATA BIO_str_reasons[]= {BIO_R_NO_PORT_DEFINED ,"no port defined"}, {BIO_R_NO_PORT_SPECIFIED ,"no port specified"}, {BIO_R_NULL_PARAMETER ,"null parameter"}, +{BIO_R_SOCKS_ID_AND_IDENT_DID_NOT_MATCH ,"socks id and ident did not match"}, +{BIO_R_SOCKS_REJECTED_CONNECTION ,"socks rejected connection"}, +{BIO_R_SOCKS_UNABLE_TO_TALK_TO_IDENT_SERVER,"socks unable to talk to ident server"}, +{BIO_R_SOCKS_UNKNOWN_ERROR ,"socks unknown error"}, +{BIO_R_TAG_MISMATCH ,"tag mismatch"}, {BIO_R_UNABLE_TO_BIND_SOCKET ,"unable to bind socket"}, {BIO_R_UNABLE_TO_CREATE_SOCKET ,"unable to create socket"}, {BIO_R_UNABLE_TO_LISTEN_SOCKET ,"unable to listen socket"}, @@ -118,8 +125,8 @@ void ERR_load_BIO_strings() { static int init=1; - if (init); - {; + if (init) + { init=0; #ifndef NO_ERR ERR_load_strings(ERR_LIB_BIO,BIO_str_functs); diff --git a/crypto/bio/bio_lib.c b/crypto/bio/bio_lib.c index 7a66b0892..bee1f5d2e 100644 --- a/crypto/bio/bio_lib.c +++ b/crypto/bio/bio_lib.c @@ -167,6 +167,7 @@ int outl; } i=b->method->bread(b,out,outl); + if (i > 0) b->num_read+=(unsigned long)i; if (cb != NULL) @@ -204,9 +205,16 @@ int inl; } i=b->method->bwrite(b,in,inl); + if (i > 0) b->num_write+=(unsigned long)i; - if (cb != NULL) + /* This is evil and not thread safe. If the BIO has been freed, + * we must not call the callback. The only way to be able to + * determine this is the reference count which is now invalid since + * the memory has been free()ed. + */ + if (b->references <= 0) abort(); + if (cb != NULL) /* && (b->references >= 1)) */ i=(int)cb(b,BIO_CB_WRITE|BIO_CB_RETURN,in,inl, 0L,(long)i); return(i); diff --git a/crypto/bio/bss_acpt.c b/crypto/bio/bss_acpt.c index e49902fa9..872807d86 100644 --- a/crypto/bio/bss_acpt.c +++ b/crypto/bio/bss_acpt.c @@ -82,6 +82,10 @@ typedef struct bio_accept_st char *addr; int nbio; + /* If 0, it means normal, if 1, do a connect on bind failure, + * and if there is no-one listening, bind with SO_REUSEADDR. + * If 2, always use SO_REUSEADDR. */ + int bind_mode; BIO *bio_chain; } BIO_ACCEPT; @@ -162,6 +166,7 @@ BIO_ACCEPT *BIO_ACCEPT_new() memset(ret,0,sizeof(BIO_ACCEPT)); ret->accept_sock=INVALID_SOCKET; + ret->bind_mode=BIO_BIND_NORMAL; return(ret); } @@ -183,11 +188,7 @@ BIO *bio; if (c->accept_sock != INVALID_SOCKET) { shutdown(c->accept_sock,2); -# ifdef WINDOWS closesocket(c->accept_sock); -# else - close(c->accept_sock); -# endif c->accept_sock=INVALID_SOCKET; bio->num=INVALID_SOCKET; } @@ -217,7 +218,6 @@ BIO *b; BIO_ACCEPT *c; { BIO *bio=NULL,*dbio; - unsigned long l=1; int s= -1; int i; @@ -230,31 +230,24 @@ again: BIOerr(BIO_F_ACPT_STATE,BIO_R_NO_ACCEPT_PORT_SPECIFIED); return(-1); } - s=BIO_get_accept_socket(c->param_addr); + s=BIO_get_accept_socket(c->param_addr,c->bind_mode); if (s == INVALID_SOCKET) return(-1); -#ifdef FIONBIO if (c->accept_nbio) { - i=BIO_socket_ioctl(b->num,FIONBIO,&l); - if (i < 0) + if (!BIO_socket_nbio(s,1)) { -#ifdef WINDOWS closesocket(s); -#else - close(s); -# endif BIOerr(BIO_F_ACPT_STATE,BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET); return(-1); } } -#endif c->accept_sock=s; b->num=s; c->state=ACPT_S_GET_ACCEPT_SOCKET; return(1); - break; + /* break; */ case ACPT_S_GET_ACCEPT_SOCKET: if (b->next_bio != NULL) { @@ -269,17 +262,14 @@ again: BIO_set_callback(bio,BIO_get_callback(b)); BIO_set_callback_arg(bio,BIO_get_callback_arg(b)); -#ifdef FIONBIO if (c->nbio) { - i=BIO_socket_ioctl(i,FIONBIO,&l); - if (i < 0) + if (!BIO_socket_nbio(i,1)) { BIOerr(BIO_F_ACPT_STATE,BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET); goto err; } } -#endif /* If the accept BIO has an bio_chain, we dup it and * put the new socket at the end. */ @@ -298,15 +288,9 @@ err: if (bio != NULL) BIO_free(bio); else if (s >= 0) - { -#ifdef WINDOWS closesocket(s); -#else - close(s); -# endif - } return(0); - break; + /* break; */ case ACPT_S_OK: if (b->next_bio == NULL) { @@ -314,10 +298,10 @@ err: goto again; } return(1); - break; + /* break; */ default: return(0); - break; + /* break; */ } } @@ -417,13 +401,21 @@ char *ptr; case BIO_C_SET_NBIO: data->nbio=(int)num; break; + case BIO_C_SET_FD: + b->init=1; + b->num= *((int *)ptr); + data->accept_sock=b->num; + data->state=ACPT_S_GET_ACCEPT_SOCKET; + b->shutdown=(int)num; + b->init=1; + break; case BIO_C_GET_FD: if (b->init) { ip=(int *)ptr; if (ip != NULL) *ip=data->accept_sock; - ret=b->num; + ret=data->accept_sock; } else ret= -1; @@ -454,6 +446,12 @@ char *ptr; break; case BIO_CTRL_FLUSH: break; + case BIO_C_SET_BIND_MODE: + data->bind_mode=(int)num; + break; + case BIO_C_GET_BIND_MODE: + ret=(long)data->bind_mode; + break; case BIO_CTRL_DUP: dbio=(BIO *)ptr; /* if (data->param_port) EAY EAY diff --git a/crypto/bio/bss_conn.c b/crypto/bio/bss_conn.c index 6e547bf86..3ec1388f2 100644 --- a/crypto/bio/bss_conn.c +++ b/crypto/bio/bss_conn.c @@ -81,13 +81,12 @@ typedef struct bio_connect_st int nbio; unsigned char ip[4]; - short port; + unsigned short port; struct sockaddr_in them; /* int socket; this will be kept in bio->num so that it is * compatable with the bss_sock bio */ - int error; /* called when the connection is initially made * callback(BIO,state,ret); The callback should return @@ -187,7 +186,7 @@ BIO_CONNECT *c; } } - if (p == NULL) + if (c->param_port == NULL) { BIOerr(BIO_F_CONN_STATE,BIO_R_NO_PORT_SPECIFIED); ERR_add_error_data(2,"host=",c->param_hostname); @@ -203,7 +202,12 @@ BIO_CONNECT *c; break; case BIO_CONN_S_GET_PORT: - if (BIO_get_port(c->param_port,&c->port) <= 0) + if (c->param_port == NULL) + { + abort(); + goto exit_loop; + } + else if (BIO_get_port(c->param_port,&c->port) <= 0) goto exit_loop; c->state=BIO_CONN_S_CREATE_SOCKET; break; @@ -235,12 +239,9 @@ BIO_CONNECT *c; break; case BIO_CONN_S_NBIO: -#ifdef FIONBIO if (c->nbio) { - l=1; - ret=BIO_socket_ioctl(b->num,FIONBIO,&l); - if (ret < 0) + if (!BIO_socket_nbio(b->num,1)) { BIOerr(BIO_F_CONN_STATE,BIO_R_ERROR_SETTING_NBIO); ERR_add_error_data(4,"host=", @@ -249,7 +250,6 @@ BIO_CONNECT *c; goto exit_loop; } } -#endif c->state=BIO_CONN_S_CONNECT; #ifdef SO_KEEPALIVE @@ -326,12 +326,10 @@ BIO_CONNECT *c; } } - if (1) - { + /* Loop does not exit */ exit_loop: - if (cb != NULL) - ret=cb((BIO *)b,c->state,ret); - } + if (cb != NULL) + ret=cb((BIO *)b,c->state,ret); end: return(ret); } @@ -353,7 +351,6 @@ BIO_CONNECT *BIO_CONNECT_new() ret->ip[3]=0; ret->port=0; memset((char *)&ret->them,0,sizeof(ret->them)); - ret->error=0; return(ret); } @@ -395,11 +392,7 @@ BIO *bio; /* Only do a shutdown if things were established */ if (c->state == BIO_CONN_S_OK) shutdown(bio->num,2); -# ifdef WINDOWS closesocket(bio->num); -# else - close(bio->num); -# endif bio->num=INVALID_SOCKET; } } @@ -442,11 +435,7 @@ int outl; if (out != NULL) { clear_socket_error(); -#if defined(WINDOWS) - ret=recv(b->num,out,outl,0); -#else - ret=read(b->num,out,outl); -#endif + ret=readsocket(b->num,out,outl); BIO_clear_retry_flags(b); if (ret <= 0) { @@ -473,11 +462,7 @@ int inl; } clear_socket_error(); -#if defined(WINDOWS) - ret=send(b->num,in,inl,0); -#else - ret=write(b->num,in,inl); -#endif + ret=writesocket(b->num,in,inl); BIO_clear_retry_flags(b); if (ret <= 0) { @@ -559,9 +544,26 @@ char *ptr; data->param_port=BUF_strdup(ptr); } else if (num == 2) - memcpy(data->ip,ptr,4); + { + char buf[16]; + + sprintf(buf,"%d.%d.%d.%d", + ptr[0],ptr[1],ptr[2],ptr[3]); + if (data->param_hostname != NULL) + Free(data->param_hostname); + data->param_hostname=BUF_strdup(buf); + memcpy(&(data->ip[0]),ptr,4); + } else if (num == 3) + { + char buf[16]; + + sprintf(buf,"%d",*(int *)ptr); + if (data->param_port != NULL) + Free(data->param_port); + data->param_port=BUF_strdup(buf); data->port= *(int *)ptr; + } } break; case BIO_C_SET_NBIO: diff --git a/crypto/bio/bss_file.c b/crypto/bio/bss_file.c index 1484cf849..5068a7ca0 100644 --- a/crypto/bio/bss_file.c +++ b/crypto/bio/bss_file.c @@ -214,12 +214,14 @@ char *ptr; switch (cmd) { + case BIO_C_FILE_SEEK: case BIO_CTRL_RESET: ret=(long)fseek(fp,num,0); break; case BIO_CTRL_EOF: ret=(long)feof(fp); break; + case BIO_C_FILE_TELL: case BIO_CTRL_INFO: ret=ftell(fp); break; diff --git a/crypto/bio/bss_mem.c b/crypto/bio/bss_mem.c index 40c4e39f0..8a2efb938 100644 --- a/crypto/bio/bss_mem.c +++ b/crypto/bio/bss_mem.c @@ -92,6 +92,9 @@ static BIO_METHOD mem_method= mem_free, }; +/* bio->num is used to hold the value to return on 'empty', if it is + * 0, should_retry is not set */ + BIO_METHOD *BIO_s_mem() { return(&mem_method); @@ -106,7 +109,7 @@ BIO *bi; return(0); bi->shutdown=1; bi->init=1; - bi->num=0; + bi->num= -1; bi->ptr=(char *)b; return(1); } @@ -151,8 +154,9 @@ int outl; } else if (bm->length == 0) { - BIO_set_retry_read(b); - ret= -1; + if (b->num != 0) + BIO_set_retry_read(b); + ret= b->num; } return(ret); } @@ -204,6 +208,9 @@ char *ptr; case BIO_CTRL_EOF: ret=(long)(bm->length == 0); break; + case BIO_C_SET_BUF_MEM_EOF_RETURN: + b->num=(int)num; + break; case BIO_CTRL_INFO: ret=(long)bm->length; if (ptr != NULL) diff --git a/crypto/bio/bss_sock.c b/crypto/bio/bss_sock.c index d907a2867..a664377d3 100644 --- a/crypto/bio/bss_sock.c +++ b/crypto/bio/bss_sock.c @@ -189,11 +189,7 @@ BIO *a; { #ifndef BIO_FD shutdown(a->num,2); -# ifdef WINDOWS closesocket(a->num); -# else - close(a->num); -# endif #else /* BIO_FD */ close(a->num); #endif @@ -218,9 +214,9 @@ int outl; if (out != NULL) { -#if defined(WINDOWS) && !defined(BIO_FD) +#ifndef BIO_FD clear_socket_error(); - ret=recv(b->num,out,outl,0); + ret=readsocket(b->num,out,outl); #else clear_sys_error(); ret=read(b->num,out,outl); @@ -250,9 +246,9 @@ int inl; { int ret; -#if defined(WINDOWS) && !defined(BIO_FD) +#ifndef BIO_FD clear_socket_error(); - ret=send(b->num,in,inl,0); + ret=writesocket(b->num,in,inl); #else clear_sys_error(); ret=write(b->num,in,inl); @@ -286,14 +282,21 @@ char *ptr; switch (cmd) { case BIO_CTRL_RESET: + num=0; + case BIO_C_FILE_SEEK: #ifdef BIO_FD - ret=(long)lseek(b->num,0,0); + ret=(long)lseek(b->num,num,0); #else ret=0; #endif break; + case BIO_C_FILE_TELL: case BIO_CTRL_INFO: +#ifdef BIO_FD + ret=(long)lseek(b->num,0,1); +#else ret=0; +#endif break; case BIO_C_SET_FD: #ifndef BIO_FD @@ -329,7 +332,6 @@ char *ptr; case BIO_CTRL_FLUSH: ret=1; break; - break; default: ret=0; break; @@ -377,7 +379,7 @@ int i; if ((i == 0) || (i == -1)) { -#if !defined(BIO_FD) && defined(WINDOWS) +#ifndef BIO_FD err=get_last_socket_error(); #else err=get_last_sys_error(); @@ -411,8 +413,10 @@ int err; case WSAEWOULDBLOCK: # endif -# if defined(WSAENOTCONN) +# if 0 /* This appears to always be an error */ +# if defined(WSAENOTCONN) case WSAENOTCONN: +# endif # endif #endif @@ -452,7 +456,7 @@ int err; case EALREADY: #endif return(1); - break; + /* break; */ default: break; } diff --git a/crypto/bn/Makefile.ssl b/crypto/bn/Makefile.ssl index 9809d26cb..0a365fca6 100644 --- a/crypto/bn/Makefile.ssl +++ b/crypto/bn/Makefile.ssl @@ -13,9 +13,9 @@ MAKEDEPEND= makedepend -f Makefile.ssl MAKEFILE= Makefile.ssl AR= ar r -BN_MULW= bn_mulw.o +BN_ASM= bn_asm.o # or use -#BN_MULW= bn86-elf.o +#BN_ASM= bn86-elf.o CFLAGS= $(INCLUDES) $(CFLAG) @@ -26,16 +26,15 @@ TEST=bntest.c exptest.c APPS= LIB=$(TOP)/libcrypto.a -LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c \ - bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_blind.c \ - bn_gcd.c bn_prime.c $(ERRC).c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c \ - bn_mpi.c - -LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_mod.o bn_mul.o \ - bn_print.o bn_rand.o bn_shift.o bn_sub.o bn_word.o bn_blind.o \ - bn_gcd.o bn_prime.o $(ERRC).o bn_sqr.o $(BN_MULW) bn_recp.o bn_mont.o \ - bn_mpi.o +LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mul.c \ + bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \ + bn_gcd.c bn_prime.c $(ERRC).c bn_sqr.c bn_asm.c bn_recp.c bn_mont.c \ + bn_mpi.c bn_exp2.c +LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_mul.o \ + bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \ + bn_gcd.o bn_prime.o $(ERRC).o bn_sqr.o $(BN_ASM) bn_recp.o bn_mont.o \ + bn_mpi.o bn_exp2.o SRC= $(LIBSRC) @@ -65,23 +64,48 @@ lib: $(LIBOBJ) asm/bn86-elf.o: asm/bn86unix.cpp $(CPP) -DELF asm/bn86unix.cpp | as -o asm/bn86-elf.o +asm/co86-elf.o: asm/co86unix.cpp + $(CPP) -DELF asm/co86unix.cpp | as -o asm/co86-elf.o + # solaris asm/bn86-sol.o: asm/bn86unix.cpp $(CC) -E -DSOL asm/bn86unix.cpp | sed 's/^#.*//' > asm/bn86-sol.s as -o asm/bn86-sol.o asm/bn86-sol.s rm -f asm/bn86-sol.s +asm/co86-sol.o: asm/co86unix.cpp + $(CC) -E -DSOL asm/co86unix.cpp | sed 's/^#.*//' > asm/co86-sol.s + as -o asm/co86-sol.o asm/co86-sol.s + rm -f asm/co86-sol.s + # a.out asm/bn86-out.o: asm/bn86unix.cpp $(CPP) -DOUT asm/bn86unix.cpp | as -o asm/bn86-out.o +asm/co86-out.o: asm/co86unix.cpp + $(CPP) -DOUT asm/co86unix.cpp | as -o asm/co86-out.o + # bsdi asm/bn86bsdi.o: asm/bn86unix.cpp - $(CPP) -DBSDI asm/bn86unix.cpp | as -o asm/bn86bsdi.o + $(CPP) -DBSDI asm/bn86unix.cpp | sed 's/ :/:/' | as -o asm/bn86bsdi.o + +asm/co86bsdi.o: asm/co86unix.cpp + $(CPP) -DBSDI asm/co86unix.cpp | sed 's/ :/:/' | as -o asm/co86bsdi.o asm/bn86unix.cpp: (cd asm; perl bn-586.pl cpp >bn86unix.cpp ) +asm/co86unix.cpp: + (cd asm; perl co-586.pl cpp >co86unix.cpp ) + +# MIPS 64 bit assember +asm/mips3.o: asm/mips3.s + /usr/bin/as -mips3 -O2 -o asm/mips3.o asm/mips3.s + +# MIPS 32 bit assember +asm/mips1.o: asm/mips1.s + /usr/bin/as -O2 -o asm/mips1.o asm/mips1.s + files: perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO @@ -123,7 +147,7 @@ dclean: mv -f Makefile.new $(MAKEFILE) clean: - /bin/rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff bn_mulw.s + /bin/rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff bn_asm.s errors: perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).org # special case .org diff --git a/crypto/bn/asm/alpha.s b/crypto/bn/asm/alpha.s index 1d17b1d61..cf0b69cff 100644 --- a/crypto/bn/asm/alpha.s +++ b/crypto/bn/asm/alpha.s @@ -2,7 +2,13 @@ # The bn_div64 is actually gcc output but the other parts are hand done. # Thanks to tzeruch@ceddec.com for sending me the gcc output for # bn_div64. - .file 1 "bn_mulw.c" + # I've gone back and re-done most of routines. + # The key thing to remeber for the 164 CPU is that while a + # multiply operation takes 8 cycles, another one can only be issued + # after 4 cycles have elapsed. I've done modification to help + # improve this. Also, normally, a ld instruction will not be available + # for about 3 cycles. + .file 1 "bn_asm.c" .set noat gcc2_compiled.: __gnu_compiled_c: @@ -14,65 +20,91 @@ bn_mul_add_words: bn_mul_add_words..ng: .frame $30,0,$26,0 .prologue 0 - subq $18,2,$25 # num=-2 - bis $31,$31,$0 - blt $25,$42 .align 5 -$142: - subq $18,2,$18 # num-=2 - subq $25,2,$25 # num-=2 - - ldq $1,0($17) # a[0] - ldq $2,8($17) # a[1] - - mulq $19,$1,$3 # a[0]*w low part r3 - umulh $19,$1,$1 # a[0]*w high part r1 - mulq $19,$2,$4 # a[1]*w low part r4 - umulh $19,$2,$2 # a[1]*w high part r2 - - ldq $22,0($16) # r[0] r22 - ldq $23,8($16) # r[1] r23 - - addq $3,$22,$3 # a0 low part + r[0] - addq $4,$23,$4 # a1 low part + r[1] - cmpult $3,$22,$5 # overflow? - cmpult $4,$23,$6 # overflow? - addq $5,$1,$1 # high part + overflow - addq $6,$2,$2 # high part + overflow - - addq $3,$0,$3 # add c - cmpult $3,$0,$5 # overflow? - stq $3,0($16) - addq $5,$1,$0 # c=high part + overflow - - addq $4,$0,$4 # add c - cmpult $4,$0,$5 # overflow? - stq $4,8($16) - addq $5,$2,$0 # c=high part + overflow + subq $18,4,$18 + bis $31,$31,$0 + blt $18,$43 # if we are -1, -2, -3 or -4 goto tail code + ldq $20,0($17) # 1 1 + ldq $1,0($16) # 1 1 + .align 3 +$42: + mulq $20,$19,$5 # 1 2 1 ###### + ldq $21,8($17) # 2 1 + ldq $2,8($16) # 2 1 + umulh $20,$19,$20 # 1 2 ###### + ldq $27,16($17) # 3 1 + ldq $3,16($16) # 3 1 + mulq $21,$19,$6 # 2 2 1 ###### + ldq $28,24($17) # 4 1 + addq $1,$5,$1 # 1 2 2 + ldq $4,24($16) # 4 1 + umulh $21,$19,$21 # 2 2 ###### + cmpult $1,$5,$22 # 1 2 3 1 + addq $20,$22,$20 # 1 3 1 + addq $1,$0,$1 # 1 2 3 1 + mulq $27,$19,$7 # 3 2 1 ###### + cmpult $1,$0,$0 # 1 2 3 2 + addq $2,$6,$2 # 2 2 2 + addq $20,$0,$0 # 1 3 2 + cmpult $2,$6,$23 # 2 2 3 1 + addq $21,$23,$21 # 2 3 1 + umulh $27,$19,$27 # 3 2 ###### + addq $2,$0,$2 # 2 2 3 1 + cmpult $2,$0,$0 # 2 2 3 2 + subq $18,4,$18 + mulq $28,$19,$8 # 4 2 1 ###### + addq $21,$0,$0 # 2 3 2 + addq $3,$7,$3 # 3 2 2 + addq $16,32,$16 + cmpult $3,$7,$24 # 3 2 3 1 + stq $1,-32($16) # 1 2 4 + umulh $28,$19,$28 # 4 2 ###### + addq $27,$24,$27 # 3 3 1 + addq $3,$0,$3 # 3 2 3 1 + stq $2,-24($16) # 2 2 4 + cmpult $3,$0,$0 # 3 2 3 2 + stq $3,-16($16) # 3 2 4 + addq $4,$8,$4 # 4 2 2 + addq $27,$0,$0 # 3 3 2 + cmpult $4,$8,$25 # 4 2 3 1 + addq $17,32,$17 + addq $28,$25,$28 # 4 3 1 + addq $4,$0,$4 # 4 2 3 1 + cmpult $4,$0,$0 # 4 2 3 2 + stq $4,-8($16) # 4 2 4 + addq $28,$0,$0 # 4 3 2 + blt $18,$43 - ble $18,$43 + ldq $20,0($17) # 1 1 + ldq $1,0($16) # 1 1 - addq $16,16,$16 - addq $17,16,$17 - blt $25,$42 + br $42 - br $31,$142 -$42: - ldq $1,0($17) # a[0] - umulh $19,$1,$3 # a[0]*w high part - mulq $19,$1,$1 # a[0]*w low part - ldq $2,0($16) # r[0] - addq $1,$2,$1 # low part + r[0] - cmpult $1,$2,$4 # overflow? - addq $4,$3,$3 # high part + overflow - addq $1,$0,$1 # add c - cmpult $1,$0,$4 # overflow? - addq $4,$3,$0 # c=high part + overflow - stq $1,0($16) + .align 4 +$45: + ldq $20,0($17) # 4 1 + ldq $1,0($16) # 4 1 + mulq $20,$19,$5 # 4 2 1 + subq $18,1,$18 + addq $16,8,$16 + addq $17,8,$17 + umulh $20,$19,$20 # 4 2 + addq $1,$5,$1 # 4 2 2 + cmpult $1,$5,$22 # 4 2 3 1 + addq $20,$22,$20 # 4 3 1 + addq $1,$0,$1 # 4 2 3 1 + cmpult $1,$0,$0 # 4 2 3 2 + addq $20,$0,$0 # 4 3 2 + stq $1,-8($16) # 4 2 4 + bgt $18,$45 + ret $31,($26),1 # else exit .align 4 $43: - ret $31,($26),1 + addq $18,4,$18 + bgt $18,$45 # goto tail code + ret $31,($26),1 # else exit + .end bn_mul_add_words .align 3 .globl bn_mul_words @@ -81,49 +113,75 @@ bn_mul_words: bn_mul_words..ng: .frame $30,0,$26,0 .prologue 0 - subq $18,2,$25 # num=-2 - bis $31,$31,$0 - blt $25,$242 .align 5 -$342: - subq $18,2,$18 # num-=2 - subq $25,2,$25 # num-=2 - - ldq $1,0($17) # a[0] - ldq $2,8($17) # a[1] - - mulq $19,$1,$3 # a[0]*w low part r3 - umulh $19,$1,$1 # a[0]*w high part r1 - mulq $19,$2,$4 # a[1]*w low part r4 - umulh $19,$2,$2 # a[1]*w high part r2 - - addq $3,$0,$3 # add c - cmpult $3,$0,$5 # overflow? - stq $3,0($16) - addq $5,$1,$0 # c=high part + overflow - - addq $4,$0,$4 # add c - cmpult $4,$0,$5 # overflow? - stq $4,8($16) - addq $5,$2,$0 # c=high part + overflow - - ble $18,$243 - - addq $16,16,$16 - addq $17,16,$17 - blt $25,$242 - - br $31,$342 -$242: - ldq $1,0($17) # a[0] - umulh $19,$1,$3 # a[0]*w high part - mulq $19,$1,$1 # a[0]*w low part - addq $1,$0,$1 # add c - cmpult $1,$0,$4 # overflow? - addq $4,$3,$0 # c=high part + overflow - stq $1,0($16) -$243: - ret $31,($26),1 + subq $18,4,$18 + bis $31,$31,$0 + blt $18,$143 # if we are -1, -2, -3 or -4 goto tail code + ldq $20,0($17) # 1 1 + .align 3 +$142: + + mulq $20,$19,$5 # 1 2 1 ##### + ldq $21,8($17) # 2 1 + ldq $27,16($17) # 3 1 + umulh $20,$19,$20 # 1 2 ##### + ldq $28,24($17) # 4 1 + mulq $21,$19,$6 # 2 2 1 ##### + addq $5,$0,$5 # 1 2 3 1 + subq $18,4,$18 + cmpult $5,$0,$0 # 1 2 3 2 + umulh $21,$19,$21 # 2 2 ##### + addq $20,$0,$0 # 1 3 2 + addq $17,32,$17 + addq $6,$0,$6 # 2 2 3 1 + mulq $27,$19,$7 # 3 2 1 ##### + cmpult $6,$0,$0 # 2 2 3 2 + addq $21,$0,$0 # 2 3 2 + addq $16,32,$16 + umulh $27,$19,$27 # 3 2 ##### + stq $5,-32($16) # 1 2 4 + mulq $28,$19,$8 # 4 2 1 ##### + addq $7,$0,$7 # 3 2 3 1 + stq $6,-24($16) # 2 2 4 + cmpult $7,$0,$0 # 3 2 3 2 + umulh $28,$19,$28 # 4 2 ##### + addq $27,$0,$0 # 3 3 2 + stq $7,-16($16) # 3 2 4 + addq $8,$0,$8 # 4 2 3 1 + cmpult $8,$0,$0 # 4 2 3 2 + + addq $28,$0,$0 # 4 3 2 + + stq $8,-8($16) # 4 2 4 + + blt $18,$143 + + ldq $20,0($17) # 1 1 + + br $142 + + .align 4 +$145: + ldq $20,0($17) # 4 1 + mulq $20,$19,$5 # 4 2 1 + subq $18,1,$18 + umulh $20,$19,$20 # 4 2 + addq $5,$0,$5 # 4 2 3 1 + addq $16,8,$16 + cmpult $5,$0,$0 # 4 2 3 2 + addq $17,8,$17 + addq $20,$0,$0 # 4 3 2 + stq $5,-8($16) # 4 2 4 + + bgt $18,$145 + ret $31,($26),1 # else exit + + .align 4 +$143: + addq $18,4,$18 + bgt $18,$145 # goto tail code + ret $31,($26),1 # else exit + .end bn_mul_words .align 3 .globl bn_sqr_words @@ -132,44 +190,58 @@ bn_sqr_words: bn_sqr_words..ng: .frame $30,0,$26,0 .prologue 0 - - subq $18,2,$25 # num=-2 - blt $25,$442 - .align 5 -$542: - subq $18,2,$18 # num-=2 - subq $25,2,$25 # num-=2 - - ldq $1,0($17) # a[0] - ldq $4,8($17) # a[1] - mulq $1,$1,$2 # a[0]*w low part r2 - umulh $1,$1,$3 # a[0]*w high part r3 - mulq $4,$4,$5 # a[1]*w low part r5 - umulh $4,$4,$6 # a[1]*w high part r6 - - stq $2,0($16) # r[0] - stq $3,8($16) # r[1] - stq $5,16($16) # r[3] - stq $6,24($16) # r[4] + subq $18,4,$18 + blt $18,$543 # if we are -1, -2, -3 or -4 goto tail code + ldq $20,0($17) # 1 1 + .align 3 +$542: + mulq $20,$20,$5 ###### + ldq $21,8($17) # 1 1 + subq $18,4 + umulh $20,$20,$1 ###### + ldq $27,16($17) # 1 1 + mulq $21,$21,$6 ###### + ldq $28,24($17) # 1 1 + stq $5,0($16) # r[0] + umulh $21,$21,$2 ###### + stq $1,8($16) # r[1] + mulq $27,$27,$7 ###### + stq $6,16($16) # r[0] + umulh $27,$27,$3 ###### + stq $2,24($16) # r[1] + mulq $28,$28,$8 ###### + stq $7,32($16) # r[0] + umulh $28,$28,$4 ###### + stq $3,40($16) # r[1] - ble $18,$443 + addq $16,64,$16 + addq $17,32,$17 + stq $8,-16($16) # r[0] + stq $4,-8($16) # r[1] - addq $16,32,$16 - addq $17,16,$17 - blt $25,$442 - br $31,$542 + blt $18,$543 + ldq $20,0($17) # 1 1 + br $542 $442: - ldq $1,0($17) # a[0] - mulq $1,$1,$2 # a[0]*w low part r2 - umulh $1,$1,$3 # a[0]*w high part r3 - stq $2,0($16) # r[0] - stq $3,8($16) # r[1] + ldq $20,0($17) # a[0] + mulq $20,$20,$5 # a[0]*w low part r2 + addq $16,16,$16 + addq $17,8,$17 + subq $18,1,$18 + umulh $20,$20,$1 # a[0]*w high part r3 + stq $5,-16($16) # r[0] + stq $1,-8($16) # r[1] + + bgt $18,$442 + ret $31,($26),1 # else exit .align 4 -$443: - ret $31,($26),1 +$543: + addq $18,4,$18 + bgt $18,$442 # goto tail code + ret $31,($26),1 # else exit .end bn_sqr_words .align 3 @@ -180,31 +252,74 @@ bn_add_words..ng: .frame $30,0,$26,0 .prologue 0 - bis $31,$31,$8 # carry = 0 - ble $19,$900 + subq $19,4,$19 + bis $31,$31,$0 # carry = 0 + blt $19,$900 + ldq $5,0($17) # a[0] + ldq $1,0($18) # b[1] + .align 3 $901: - ldq $0,0($17) # a[0] - ldq $1,0($18) # a[1] + addq $1,$5,$1 # r=a+b; + ldq $6,8($17) # a[1] + cmpult $1,$5,$22 # did we overflow? + ldq $2,8($18) # b[1] + addq $1,$0,$1 # c+= overflow + ldq $7,16($17) # a[2] + cmpult $1,$0,$0 # overflow? + ldq $3,16($18) # b[2] + addq $0,$22,$0 + ldq $8,24($17) # a[3] + addq $2,$6,$2 # r=a+b; + ldq $4,24($18) # b[3] + cmpult $2,$6,$23 # did we overflow? + addq $3,$7,$3 # r=a+b; + addq $2,$0,$2 # c+= overflow + cmpult $3,$7,$24 # did we overflow? + cmpult $2,$0,$0 # overflow? + addq $4,$8,$4 # r=a+b; + addq $0,$23,$0 + cmpult $4,$8,$25 # did we overflow? + addq $3,$0,$3 # c+= overflow + stq $1,0($16) # r[0]=c + cmpult $3,$0,$0 # overflow? + stq $2,8($16) # r[1]=c + addq $0,$24,$0 + stq $3,16($16) # r[2]=c + addq $4,$0,$4 # c+= overflow + subq $19,4,$19 # loop-- + cmpult $4,$0,$0 # overflow? + addq $17,32,$17 # a++ + addq $0,$25,$0 + stq $4,24($16) # r[3]=c + addq $18,32,$18 # b++ + addq $16,32,$16 # r++ - addq $0,$1,$3 # c=a+b; + blt $19,$900 + ldq $5,0($17) # a[0] + ldq $1,0($18) # b[1] + br $901 + .align 4 +$945: + ldq $5,0($17) # a[0] + ldq $1,0($18) # b[1] + addq $1,$5,$1 # r=a+b; + subq $19,1,$19 # loop-- + addq $1,$0,$1 # c+= overflow addq $17,8,$17 # a++ + cmpult $1,$5,$22 # did we overflow? + cmpult $1,$0,$0 # overflow? + addq $18,8,$18 # b++ + stq $1,0($16) # r[0]=c + addq $0,$22,$0 + addq $16,8,$16 # r++ - cmpult $3,$1,$7 # did we overflow? - addq $18,8,$18 # b++ - - addq $8,$3,$3 # c+=carry + bgt $19,$945 + ret $31,($26),1 # else exit - cmpult $3,$8,$8 # did we overflow? - stq $3,($16) # r[0]=c - - addq $7,$8,$8 # add into overflow - subq $19,1,$19 # loop-- - - addq $16,8,$16 # r++ - bgt $19,$901 $900: - bis $8,$8,$0 # return carry - ret $31,($26),1 + addq $19,4,$19 + bgt $19,$945 # goto tail code + ret $31,($26),1 # else exit .end bn_add_words # @@ -339,6 +454,1445 @@ $136: addq $30,48,$30 ret $31,($26),1 .end bn_div64 - .ident "GCC: (GNU) 2.7.2.1" + .set noat + .text + .align 3 + .globl bn_sub_words + .ent bn_sub_words +bn_sub_words: +bn_sub_words..ng: + .frame $30,0,$26,0 + .prologue 0 + + subq $19, 4, $19 + bis $31, $31, $0 + blt $19, $100 + ldq $1, 0($17) + ldq $2, 0($18) +$101: + ldq $3, 8($17) + cmpult $1, $2, $4 + ldq $5, 8($18) + subq $1, $2, $1 + ldq $6, 16($17) + cmpult $1, $0, $2 + ldq $7, 16($18) + subq $1, $0, $23 + ldq $8, 24($17) + addq $2, $4, $0 + cmpult $3, $5, $24 + subq $3, $5, $3 + ldq $22, 24($18) + cmpult $3, $0, $5 + subq $3, $0, $25 + addq $5, $24, $0 + cmpult $6, $7, $27 + subq $6, $7, $6 + stq $23, 0($16) + cmpult $6, $0, $7 + subq $6, $0, $28 + addq $7, $27, $0 + cmpult $8, $22, $21 + subq $8, $22, $8 + stq $25, 8($16) + cmpult $8, $0, $22 + subq $8, $0, $20 + addq $22, $21, $0 + stq $28, 16($16) + subq $19, 4, $19 + stq $20, 24($16) + addq $17, 32, $17 + addq $18, 32, $18 + addq $16, 32, $16 + blt $19, $100 + ldq $1, 0($17) + ldq $2, 0($18) + br $101 +$102: + ldq $1, 0($17) + ldq $2, 0($18) + cmpult $1, $2, $27 + subq $1, $2, $1 + cmpult $1, $0, $2 + subq $1, $0, $1 + stq $1, 0($16) + addq $2, $27, $0 + addq $17, 8, $17 + addq $18, 8, $18 + addq $16, 8, $16 + subq $19, 1, $19 + bgt $19, $102 + ret $31,($26),1 +$100: + addq $19, 4, $19 + bgt $19, $102 +$103: + ret $31,($26),1 + .end bn_sub_words + .text + .align 3 + .globl bn_mul_comba4 + .ent bn_mul_comba4 +bn_mul_comba4: +bn_mul_comba4..ng: + .frame $30,0,$26,0 + .prologue 0 + + ldq $0, 0($17) + ldq $1, 0($18) + ldq $2, 8($17) + ldq $3, 8($18) + ldq $4, 16($17) + ldq $5, 16($18) + ldq $6, 24($17) + ldq $7, 24($18) + bis $31, $31, $23 + mulq $0, $1, $8 + umulh $0, $1, $22 + stq $8, 0($16) + bis $31, $31, $8 + mulq $0, $3, $24 + umulh $0, $3, $25 + addq $22, $24, $22 + cmpult $22, $24, $27 + addq $27, $25, $25 + addq $23, $25, $23 + cmpult $23, $25, $28 + addq $8, $28, $8 + mulq $2, $1, $21 + umulh $2, $1, $20 + addq $22, $21, $22 + cmpult $22, $21, $19 + addq $19, $20, $20 + addq $23, $20, $23 + cmpult $23, $20, $17 + addq $8, $17, $8 + stq $22, 8($16) + bis $31, $31, $22 + mulq $2, $3, $18 + umulh $2, $3, $24 + addq $23, $18, $23 + cmpult $23, $18, $27 + addq $27, $24, $24 + addq $8, $24, $8 + cmpult $8, $24, $25 + addq $22, $25, $22 + mulq $0, $5, $28 + umulh $0, $5, $21 + addq $23, $28, $23 + cmpult $23, $28, $19 + addq $19, $21, $21 + addq $8, $21, $8 + cmpult $8, $21, $20 + addq $22, $20, $22 + mulq $4, $1, $17 + umulh $4, $1, $18 + addq $23, $17, $23 + cmpult $23, $17, $27 + addq $27, $18, $18 + addq $8, $18, $8 + cmpult $8, $18, $24 + addq $22, $24, $22 + stq $23, 16($16) + bis $31, $31, $23 + mulq $0, $7, $25 + umulh $0, $7, $28 + addq $8, $25, $8 + cmpult $8, $25, $19 + addq $19, $28, $28 + addq $22, $28, $22 + cmpult $22, $28, $21 + addq $23, $21, $23 + mulq $2, $5, $20 + umulh $2, $5, $17 + addq $8, $20, $8 + cmpult $8, $20, $27 + addq $27, $17, $17 + addq $22, $17, $22 + cmpult $22, $17, $18 + addq $23, $18, $23 + mulq $4, $3, $24 + umulh $4, $3, $25 + addq $8, $24, $8 + cmpult $8, $24, $19 + addq $19, $25, $25 + addq $22, $25, $22 + cmpult $22, $25, $28 + addq $23, $28, $23 + mulq $6, $1, $21 + umulh $6, $1, $0 + addq $8, $21, $8 + cmpult $8, $21, $20 + addq $20, $0, $0 + addq $22, $0, $22 + cmpult $22, $0, $27 + addq $23, $27, $23 + stq $8, 24($16) + bis $31, $31, $8 + mulq $2, $7, $17 + umulh $2, $7, $18 + addq $22, $17, $22 + cmpult $22, $17, $24 + addq $24, $18, $18 + addq $23, $18, $23 + cmpult $23, $18, $19 + addq $8, $19, $8 + mulq $4, $5, $25 + umulh $4, $5, $28 + addq $22, $25, $22 + cmpult $22, $25, $21 + addq $21, $28, $28 + addq $23, $28, $23 + cmpult $23, $28, $20 + addq $8, $20, $8 + mulq $6, $3, $0 + umulh $6, $3, $27 + addq $22, $0, $22 + cmpult $22, $0, $1 + addq $1, $27, $27 + addq $23, $27, $23 + cmpult $23, $27, $17 + addq $8, $17, $8 + stq $22, 32($16) + bis $31, $31, $22 + mulq $4, $7, $24 + umulh $4, $7, $18 + addq $23, $24, $23 + cmpult $23, $24, $19 + addq $19, $18, $18 + addq $8, $18, $8 + cmpult $8, $18, $2 + addq $22, $2, $22 + mulq $6, $5, $25 + umulh $6, $5, $21 + addq $23, $25, $23 + cmpult $23, $25, $28 + addq $28, $21, $21 + addq $8, $21, $8 + cmpult $8, $21, $20 + addq $22, $20, $22 + stq $23, 40($16) + bis $31, $31, $23 + mulq $6, $7, $0 + umulh $6, $7, $1 + addq $8, $0, $8 + cmpult $8, $0, $27 + addq $27, $1, $1 + addq $22, $1, $22 + cmpult $22, $1, $17 + addq $23, $17, $23 + stq $8, 48($16) + stq $22, 56($16) + ret $31,($26),1 + .end bn_mul_comba4 + .text + .align 3 + .globl bn_mul_comba8 + .ent bn_mul_comba8 +bn_mul_comba8: +bn_mul_comba8..ng: + .frame $30,0,$26,0 + .prologue 0 + + subq $30, 16, $30 + ldq $0, 0($17) + ldq $1, 0($18) + stq $9, 0($30) + stq $10, 8($30) + ldq $2, 8($17) + ldq $3, 8($18) + ldq $4, 16($17) + ldq $5, 16($18) + ldq $6, 24($17) + ldq $7, 24($18) + ldq $8, 8($17) + ldq $22, 8($18) + ldq $23, 8($17) + ldq $24, 8($18) + ldq $25, 8($17) + ldq $27, 8($18) + ldq $28, 8($17) + ldq $21, 8($18) + bis $31, $31, $9 + mulq $0, $1, $20 + umulh $0, $1, $19 + stq $20, 0($16) + bis $31, $31, $20 + mulq $0, $3, $10 + umulh $0, $3, $17 + addq $19, $10, $19 + cmpult $19, $10, $18 + addq $18, $17, $17 + addq $9, $17, $9 + cmpult $9, $17, $10 + addq $20, $10, $20 + mulq $2, $1, $18 + umulh $2, $1, $17 + addq $19, $18, $19 + cmpult $19, $18, $10 + addq $10, $17, $17 + addq $9, $17, $9 + cmpult $9, $17, $18 + addq $20, $18, $20 + stq $19, 8($16) + bis $31, $31, $19 + mulq $0, $5, $10 + umulh $0, $5, $17 + addq $9, $10, $9 + cmpult $9, $10, $18 + addq $18, $17, $17 + addq $20, $17, $20 + cmpult $20, $17, $10 + addq $19, $10, $19 + mulq $2, $3, $18 + umulh $2, $3, $17 + addq $9, $18, $9 + cmpult $9, $18, $10 + addq $10, $17, $17 + addq $20, $17, $20 + cmpult $20, $17, $18 + addq $19, $18, $19 + mulq $4, $1, $10 + umulh $4, $1, $17 + addq $9, $10, $9 + cmpult $9, $10, $18 + addq $18, $17, $17 + addq $20, $17, $20 + cmpult $20, $17, $10 + addq $19, $10, $19 + stq $9, 16($16) + bis $31, $31, $9 + mulq $0, $7, $18 + umulh $0, $7, $17 + addq $20, $18, $20 + cmpult $20, $18, $10 + addq $10, $17, $17 + addq $19, $17, $19 + cmpult $19, $17, $18 + addq $9, $18, $9 + mulq $2, $5, $10 + umulh $2, $5, $17 + addq $20, $10, $20 + cmpult $20, $10, $18 + addq $18, $17, $17 + addq $19, $17, $19 + cmpult $19, $17, $10 + addq $9, $10, $9 + mulq $4, $3, $18 + umulh $4, $3, $17 + addq $20, $18, $20 + cmpult $20, $18, $10 + addq $10, $17, $17 + addq $19, $17, $19 + cmpult $19, $17, $18 + addq $9, $18, $9 + mulq $6, $1, $10 + umulh $6, $1, $17 + addq $20, $10, $20 + cmpult $20, $10, $18 + addq $18, $17, $17 + addq $19, $17, $19 + cmpult $19, $17, $10 + addq $9, $10, $9 + stq $20, 24($16) + bis $31, $31, $20 + mulq $0, $22, $18 + umulh $0, $22, $17 + addq $19, $18, $19 + cmpult $19, $18, $10 + addq $10, $17, $17 + addq $9, $17, $9 + cmpult $9, $17, $18 + addq $20, $18, $20 + mulq $2, $7, $10 + umulh $2, $7, $17 + addq $19, $10, $19 + cmpult $19, $10, $18 + addq $18, $17, $17 + addq $9, $17, $9 + cmpult $9, $17, $10 + addq $20, $10, $20 + mulq $4, $5, $18 + umulh $4, $5, $17 + addq $19, $18, $19 + cmpult $19, $18, $10 + addq $10, $17, $17 + addq $9, $17, $9 + cmpult $9, $17, $18 + addq $20, $18, $20 + mulq $6, $3, $10 + umulh $6, $3, $17 + addq $19, $10, $19 + cmpult $19, $10, $18 + addq $18, $17, $17 + addq $9, $17, $9 + cmpult $9, $17, $10 + addq $20, $10, $20 + mulq $8, $1, $18 + umulh $8, $1, $17 + addq $19, $18, $19 + cmpult $19, $18, $10 + addq $10, $17, $17 + addq $9, $17, $9 + cmpult $9, $17, $18 + addq $20, $18, $20 + stq $19, 32($16) + bis $31, $31, $19 + mulq $0, $24, $10 + umulh $0, $24, $17 + addq $9, $10, $9 + cmpult $9, $10, $18 + addq $18, $17, $17 + addq $20, $17, $20 + cmpult $20, $17, $10 + addq $19, $10, $19 + mulq $2, $22, $18 + umulh $2, $22, $17 + addq $9, $18, $9 + cmpult $9, $18, $10 + addq $10, $17, $17 + addq $20, $17, $20 + cmpult $20, $17, $18 + addq $19, $18, $19 + mulq $4, $7, $10 + umulh $4, $7, $17 + addq $9, $10, $9 + cmpult $9, $10, $18 + addq $18, $17, $17 + addq $20, $17, $20 + cmpult $20, $17, $10 + addq $19, $10, $19 + mulq $6, $5, $18 + umulh $6, $5, $17 + addq $9, $18, $9 + cmpult $9, $18, $10 + addq $10, $17, $17 + addq $20, $17, $20 + cmpult $20, $17, $18 + addq $19, $18, $19 + mulq $8, $3, $10 + umulh $8, $3, $17 + addq $9, $10, $9 + cmpult $9, $10, $18 + addq $18, $17, $17 + addq $20, $17, $20 + cmpult $20, $17, $10 + addq $19, $10, $19 + mulq $23, $1, $18 + umulh $23, $1, $17 + addq $9, $18, $9 + cmpult $9, $18, $10 + addq $10, $17, $17 + addq $20, $17, $20 + cmpult $20, $17, $18 + addq $19, $18, $19 + stq $9, 40($16) + bis $31, $31, $9 + mulq $0, $27, $10 + umulh $0, $27, $17 + addq $20, $10, $20 + cmpult $20, $10, $18 + addq $18, $17, $17 + addq $19, $17, $19 + cmpult $19, $17, $10 + addq $9, $10, $9 + mulq $2, $24, $18 + umulh $2, $24, $17 + addq $20, $18, $20 + cmpult $20, $18, $10 + addq $10, $17, $17 + addq $19, $17, $19 + cmpult $19, $17, $18 + addq $9, $18, $9 + mulq $4, $22, $10 + umulh $4, $22, $17 + addq $20, $10, $20 + cmpult $20, $10, $18 + addq $18, $17, $17 + addq $19, $17, $19 + cmpult $19, $17, $10 + addq $9, $10, $9 + mulq $6, $7, $18 + umulh $6, $7, $17 + addq $20, $18, $20 + cmpult $20, $18, $10 + addq $10, $17, $17 + addq $19, $17, $19 + cmpult $19, $17, $18 + addq $9, $18, $9 + mulq $8, $5, $10 + umulh $8, $5, $17 + addq $20, $10, $20 + cmpult $20, $10, $18 + addq $18, $17, $17 + addq $19, $17, $19 + cmpult $19, $17, $10 + addq $9, $10, $9 + mulq $23, $3, $18 + umulh $23, $3, $17 + addq $20, $18, $20 + cmpult $20, $18, $10 + addq $10, $17, $17 + addq $19, $17, $19 + cmpult $19, $17, $18 + addq $9, $18, $9 + mulq $25, $1, $10 + umulh $25, $1, $17 + addq $20, $10, $20 + cmpult $20, $10, $18 + addq $18, $17, $17 + addq $19, $17, $19 + cmpult $19, $17, $10 + addq $9, $10, $9 + stq $20, 48($16) + bis $31, $31, $20 + mulq $0, $21, $18 + umulh $0, $21, $17 + addq $19, $18, $19 + cmpult $19, $18, $10 + addq $10, $17, $17 + addq $9, $17, $9 + cmpult $9, $17, $18 + addq $20, $18, $20 + mulq $2, $27, $10 + umulh $2, $27, $17 + addq $19, $10, $19 + cmpult $19, $10, $18 + addq $18, $17, $17 + addq $9, $17, $9 + cmpult $9, $17, $0 + addq $20, $0, $20 + mulq $4, $24, $10 + umulh $4, $24, $18 + addq $19, $10, $19 + cmpult $19, $10, $17 + addq $17, $18, $18 + addq $9, $18, $9 + cmpult $9, $18, $0 + addq $20, $0, $20 + mulq $6, $22, $10 + umulh $6, $22, $17 + addq $19, $10, $19 + cmpult $19, $10, $18 + addq $18, $17, $17 + addq $9, $17, $9 + cmpult $9, $17, $0 + addq $20, $0, $20 + mulq $8, $7, $10 + umulh $8, $7, $18 + addq $19, $10, $19 + cmpult $19, $10, $17 + addq $17, $18, $18 + addq $9, $18, $9 + cmpult $9, $18, $0 + addq $20, $0, $20 + mulq $23, $5, $10 + umulh $23, $5, $17 + addq $19, $10, $19 + cmpult $19, $10, $18 + addq $18, $17, $17 + addq $9, $17, $9 + cmpult $9, $17, $0 + addq $20, $0, $20 + mulq $25, $3, $10 + umulh $25, $3, $18 + addq $19, $10, $19 + cmpult $19, $10, $17 + addq $17, $18, $18 + addq $9, $18, $9 + cmpult $9, $18, $0 + addq $20, $0, $20 + mulq $28, $1, $10 + umulh $28, $1, $17 + addq $19, $10, $19 + cmpult $19, $10, $18 + addq $18, $17, $17 + addq $9, $17, $9 + cmpult $9, $17, $0 + addq $20, $0, $20 + stq $19, 56($16) + bis $31, $31, $19 + mulq $2, $21, $10 + umulh $2, $21, $18 + addq $9, $10, $9 + cmpult $9, $10, $17 + addq $17, $18, $18 + addq $20, $18, $20 + cmpult $20, $18, $0 + addq $19, $0, $19 + mulq $4, $27, $1 + umulh $4, $27, $10 + addq $9, $1, $9 + cmpult $9, $1, $17 + addq $17, $10, $10 + addq $20, $10, $20 + cmpult $20, $10, $18 + addq $19, $18, $19 + mulq $6, $24, $0 + umulh $6, $24, $2 + addq $9, $0, $9 + cmpult $9, $0, $1 + addq $1, $2, $2 + addq $20, $2, $20 + cmpult $20, $2, $17 + addq $19, $17, $19 + mulq $8, $22, $10 + umulh $8, $22, $18 + addq $9, $10, $9 + cmpult $9, $10, $0 + addq $0, $18, $18 + addq $20, $18, $20 + cmpult $20, $18, $1 + addq $19, $1, $19 + mulq $23, $7, $2 + umulh $23, $7, $17 + addq $9, $2, $9 + cmpult $9, $2, $10 + addq $10, $17, $17 + addq $20, $17, $20 + cmpult $20, $17, $0 + addq $19, $0, $19 + mulq $25, $5, $18 + umulh $25, $5, $1 + addq $9, $18, $9 + cmpult $9, $18, $2 + addq $2, $1, $1 + addq $20, $1, $20 + cmpult $20, $1, $10 + addq $19, $10, $19 + mulq $28, $3, $17 + umulh $28, $3, $0 + addq $9, $17, $9 + cmpult $9, $17, $18 + addq $18, $0, $0 + addq $20, $0, $20 + cmpult $20, $0, $2 + addq $19, $2, $19 + stq $9, 64($16) + bis $31, $31, $9 + mulq $4, $21, $1 + umulh $4, $21, $10 + addq $20, $1, $20 + cmpult $20, $1, $17 + addq $17, $10, $10 + addq $19, $10, $19 + cmpult $19, $10, $18 + addq $9, $18, $9 + mulq $6, $27, $0 + umulh $6, $27, $2 + addq $20, $0, $20 + cmpult $20, $0, $3 + addq $3, $2, $2 + addq $19, $2, $19 + cmpult $19, $2, $1 + addq $9, $1, $9 + mulq $8, $24, $17 + umulh $8, $24, $10 + addq $20, $17, $20 + cmpult $20, $17, $18 + addq $18, $10, $10 + addq $19, $10, $19 + cmpult $19, $10, $4 + addq $9, $4, $9 + mulq $23, $22, $0 + umulh $23, $22, $3 + addq $20, $0, $20 + cmpult $20, $0, $2 + addq $2, $3, $3 + addq $19, $3, $19 + cmpult $19, $3, $1 + addq $9, $1, $9 + mulq $25, $7, $17 + umulh $25, $7, $18 + addq $20, $17, $20 + cmpult $20, $17, $10 + addq $10, $18, $18 + addq $19, $18, $19 + cmpult $19, $18, $4 + addq $9, $4, $9 + mulq $28, $5, $0 + umulh $28, $5, $2 + addq $20, $0, $20 + cmpult $20, $0, $3 + addq $3, $2, $2 + addq $19, $2, $19 + cmpult $19, $2, $1 + addq $9, $1, $9 + stq $20, 72($16) + bis $31, $31, $20 + mulq $6, $21, $17 + umulh $6, $21, $10 + addq $19, $17, $19 + cmpult $19, $17, $18 + addq $18, $10, $10 + addq $9, $10, $9 + cmpult $9, $10, $4 + addq $20, $4, $20 + mulq $8, $27, $0 + umulh $8, $27, $3 + addq $19, $0, $19 + cmpult $19, $0, $2 + addq $2, $3, $3 + addq $9, $3, $9 + cmpult $9, $3, $1 + addq $20, $1, $20 + mulq $23, $24, $5 + umulh $23, $24, $17 + addq $19, $5, $19 + cmpult $19, $5, $18 + addq $18, $17, $17 + addq $9, $17, $9 + cmpult $9, $17, $10 + addq $20, $10, $20 + mulq $25, $22, $4 + umulh $25, $22, $6 + addq $19, $4, $19 + cmpult $19, $4, $0 + addq $0, $6, $6 + addq $9, $6, $9 + cmpult $9, $6, $2 + addq $20, $2, $20 + mulq $28, $7, $3 + umulh $28, $7, $1 + addq $19, $3, $19 + cmpult $19, $3, $5 + addq $5, $1, $1 + addq $9, $1, $9 + cmpult $9, $1, $18 + addq $20, $18, $20 + stq $19, 80($16) + bis $31, $31, $19 + mulq $8, $21, $17 + umulh $8, $21, $10 + addq $9, $17, $9 + cmpult $9, $17, $4 + addq $4, $10, $10 + addq $20, $10, $20 + cmpult $20, $10, $0 + addq $19, $0, $19 + mulq $23, $27, $6 + umulh $23, $27, $2 + addq $9, $6, $9 + cmpult $9, $6, $3 + addq $3, $2, $2 + addq $20, $2, $20 + cmpult $20, $2, $5 + addq $19, $5, $19 + mulq $25, $24, $1 + umulh $25, $24, $18 + addq $9, $1, $9 + cmpult $9, $1, $7 + addq $7, $18, $18 + addq $20, $18, $20 + cmpult $20, $18, $17 + addq $19, $17, $19 + mulq $28, $22, $4 + umulh $28, $22, $10 + addq $9, $4, $9 + cmpult $9, $4, $0 + addq $0, $10, $10 + addq $20, $10, $20 + cmpult $20, $10, $8 + addq $19, $8, $19 + stq $9, 88($16) + bis $31, $31, $9 + mulq $23, $21, $6 + umulh $23, $21, $3 + addq $20, $6, $20 + cmpult $20, $6, $2 + addq $2, $3, $3 + addq $19, $3, $19 + cmpult $19, $3, $5 + addq $9, $5, $9 + mulq $25, $27, $1 + umulh $25, $27, $7 + addq $20, $1, $20 + cmpult $20, $1, $18 + addq $18, $7, $7 + addq $19, $7, $19 + cmpult $19, $7, $17 + addq $9, $17, $9 + mulq $28, $24, $4 + umulh $28, $24, $0 + addq $20, $4, $20 + cmpult $20, $4, $10 + addq $10, $0, $0 + addq $19, $0, $19 + cmpult $19, $0, $8 + addq $9, $8, $9 + stq $20, 96($16) + bis $31, $31, $20 + mulq $25, $21, $22 + umulh $25, $21, $6 + addq $19, $22, $19 + cmpult $19, $22, $2 + addq $2, $6, $6 + addq $9, $6, $9 + cmpult $9, $6, $3 + addq $20, $3, $20 + mulq $28, $27, $5 + umulh $28, $27, $23 + addq $19, $5, $19 + cmpult $19, $5, $1 + addq $1, $23, $23 + addq $9, $23, $9 + cmpult $9, $23, $18 + addq $20, $18, $20 + stq $19, 104($16) + bis $31, $31, $19 + mulq $28, $21, $7 + umulh $28, $21, $17 + addq $9, $7, $9 + cmpult $9, $7, $4 + addq $4, $17, $17 + addq $20, $17, $20 + cmpult $20, $17, $10 + addq $19, $10, $19 + stq $9, 112($16) + stq $20, 120($16) + ldq $9, 0($30) + ldq $10, 8($30) + addq $30, 16, $30 + ret $31,($26),1 + .end bn_mul_comba8 + .text + .align 3 + .globl bn_sqr_comba4 + .ent bn_sqr_comba4 +bn_sqr_comba4: +bn_sqr_comba4..ng: + .frame $30,0,$26,0 + .prologue 0 + + ldq $0, 0($17) + ldq $1, 8($17) + ldq $2, 16($17) + ldq $3, 24($17) + bis $31, $31, $6 + mulq $0, $0, $4 + umulh $0, $0, $5 + stq $4, 0($16) + bis $31, $31, $4 + mulq $0, $1, $7 + umulh $0, $1, $8 + cmplt $7, $31, $22 + cmplt $8, $31, $23 + addq $7, $7, $7 + addq $8, $8, $8 + addq $8, $22, $8 + addq $4, $23, $4 + addq $5, $7, $5 + addq $6, $8, $6 + cmpult $5, $7, $24 + cmpult $6, $8, $25 + addq $6, $24, $6 + addq $4, $25, $4 + stq $5, 8($16) + bis $31, $31, $5 + mulq $1, $1, $27 + umulh $1, $1, $28 + addq $6, $27, $6 + addq $4, $28, $4 + cmpult $6, $27, $21 + cmpult $4, $28, $20 + addq $4, $21, $4 + addq $5, $20, $5 + mulq $2, $0, $19 + umulh $2, $0, $18 + cmplt $19, $31, $17 + cmplt $18, $31, $22 + addq $19, $19, $19 + addq $18, $18, $18 + addq $18, $17, $18 + addq $5, $22, $5 + addq $6, $19, $6 + addq $4, $18, $4 + cmpult $6, $19, $23 + cmpult $4, $18, $7 + addq $4, $23, $4 + addq $5, $7, $5 + stq $6, 16($16) + bis $31, $31, $6 + mulq $3, $0, $8 + umulh $3, $0, $24 + cmplt $8, $31, $25 + cmplt $24, $31, $27 + addq $8, $8, $8 + addq $24, $24, $24 + addq $24, $25, $24 + addq $6, $27, $6 + addq $4, $8, $4 + addq $5, $24, $5 + cmpult $4, $8, $28 + cmpult $5, $24, $21 + addq $5, $28, $5 + addq $6, $21, $6 + mulq $2, $1, $20 + umulh $2, $1, $17 + cmplt $20, $31, $22 + cmplt $17, $31, $19 + addq $20, $20, $20 + addq $17, $17, $17 + addq $17, $22, $17 + addq $6, $19, $6 + addq $4, $20, $4 + addq $5, $17, $5 + cmpult $4, $20, $18 + cmpult $5, $17, $23 + addq $5, $18, $5 + addq $6, $23, $6 + stq $4, 24($16) + bis $31, $31, $4 + mulq $2, $2, $7 + umulh $2, $2, $25 + addq $5, $7, $5 + addq $6, $25, $6 + cmpult $5, $7, $27 + cmpult $6, $25, $8 + addq $6, $27, $6 + addq $4, $8, $4 + mulq $3, $1, $24 + umulh $3, $1, $28 + cmplt $24, $31, $21 + cmplt $28, $31, $22 + addq $24, $24, $24 + addq $28, $28, $28 + addq $28, $21, $28 + addq $4, $22, $4 + addq $5, $24, $5 + addq $6, $28, $6 + cmpult $5, $24, $19 + cmpult $6, $28, $20 + addq $6, $19, $6 + addq $4, $20, $4 + stq $5, 32($16) + bis $31, $31, $5 + mulq $3, $2, $17 + umulh $3, $2, $18 + cmplt $17, $31, $23 + cmplt $18, $31, $7 + addq $17, $17, $17 + addq $18, $18, $18 + addq $18, $23, $18 + addq $5, $7, $5 + addq $6, $17, $6 + addq $4, $18, $4 + cmpult $6, $17, $25 + cmpult $4, $18, $27 + addq $4, $25, $4 + addq $5, $27, $5 + stq $6, 40($16) + bis $31, $31, $6 + mulq $3, $3, $8 + umulh $3, $3, $21 + addq $4, $8, $4 + addq $5, $21, $5 + cmpult $4, $8, $22 + cmpult $5, $21, $24 + addq $5, $22, $5 + addq $6, $24, $6 + stq $4, 48($16) + stq $5, 56($16) + ret $31,($26),1 + .end bn_sqr_comba4 + .text + .align 3 + .globl bn_sqr_comba8 + .ent bn_sqr_comba8 +bn_sqr_comba8: +bn_sqr_comba8..ng: + .frame $30,0,$26,0 + .prologue 0 + ldq $0, 0($17) + ldq $1, 8($17) + ldq $2, 16($17) + ldq $3, 24($17) + ldq $4, 32($17) + ldq $5, 40($17) + ldq $6, 48($17) + ldq $7, 56($17) + bis $31, $31, $23 + mulq $0, $0, $8 + umulh $0, $0, $22 + stq $8, 0($16) + bis $31, $31, $8 + mulq $1, $0, $24 + umulh $1, $0, $25 + cmplt $24, $31, $27 + cmplt $25, $31, $28 + addq $24, $24, $24 + addq $25, $25, $25 + addq $25, $27, $25 + addq $8, $28, $8 + addq $22, $24, $22 + addq $23, $25, $23 + cmpult $22, $24, $21 + cmpult $23, $25, $20 + addq $23, $21, $23 + addq $8, $20, $8 + stq $22, 8($16) + bis $31, $31, $22 + mulq $1, $1, $19 + umulh $1, $1, $18 + addq $23, $19, $23 + addq $8, $18, $8 + cmpult $23, $19, $17 + cmpult $8, $18, $27 + addq $8, $17, $8 + addq $22, $27, $22 + mulq $2, $0, $28 + umulh $2, $0, $24 + cmplt $28, $31, $25 + cmplt $24, $31, $21 + addq $28, $28, $28 + addq $24, $24, $24 + addq $24, $25, $24 + addq $22, $21, $22 + addq $23, $28, $23 + addq $8, $24, $8 + cmpult $23, $28, $20 + cmpult $8, $24, $19 + addq $8, $20, $8 + addq $22, $19, $22 + stq $23, 16($16) + bis $31, $31, $23 + mulq $2, $1, $18 + umulh $2, $1, $17 + cmplt $18, $31, $27 + cmplt $17, $31, $25 + addq $18, $18, $18 + addq $17, $17, $17 + addq $17, $27, $17 + addq $23, $25, $23 + addq $8, $18, $8 + addq $22, $17, $22 + cmpult $8, $18, $21 + cmpult $22, $17, $28 + addq $22, $21, $22 + addq $23, $28, $23 + mulq $3, $0, $24 + umulh $3, $0, $20 + cmplt $24, $31, $19 + cmplt $20, $31, $27 + addq $24, $24, $24 + addq $20, $20, $20 + addq $20, $19, $20 + addq $23, $27, $23 + addq $8, $24, $8 + addq $22, $20, $22 + cmpult $8, $24, $25 + cmpult $22, $20, $18 + addq $22, $25, $22 + addq $23, $18, $23 + stq $8, 24($16) + bis $31, $31, $8 + mulq $2, $2, $17 + umulh $2, $2, $21 + addq $22, $17, $22 + addq $23, $21, $23 + cmpult $22, $17, $28 + cmpult $23, $21, $19 + addq $23, $28, $23 + addq $8, $19, $8 + mulq $3, $1, $27 + umulh $3, $1, $24 + cmplt $27, $31, $20 + cmplt $24, $31, $25 + addq $27, $27, $27 + addq $24, $24, $24 + addq $24, $20, $24 + addq $8, $25, $8 + addq $22, $27, $22 + addq $23, $24, $23 + cmpult $22, $27, $18 + cmpult $23, $24, $17 + addq $23, $18, $23 + addq $8, $17, $8 + mulq $4, $0, $21 + umulh $4, $0, $28 + cmplt $21, $31, $19 + cmplt $28, $31, $20 + addq $21, $21, $21 + addq $28, $28, $28 + addq $28, $19, $28 + addq $8, $20, $8 + addq $22, $21, $22 + addq $23, $28, $23 + cmpult $22, $21, $25 + cmpult $23, $28, $27 + addq $23, $25, $23 + addq $8, $27, $8 + stq $22, 32($16) + bis $31, $31, $22 + mulq $3, $2, $24 + umulh $3, $2, $18 + cmplt $24, $31, $17 + cmplt $18, $31, $19 + addq $24, $24, $24 + addq $18, $18, $18 + addq $18, $17, $18 + addq $22, $19, $22 + addq $23, $24, $23 + addq $8, $18, $8 + cmpult $23, $24, $20 + cmpult $8, $18, $21 + addq $8, $20, $8 + addq $22, $21, $22 + mulq $4, $1, $28 + umulh $4, $1, $25 + cmplt $28, $31, $27 + cmplt $25, $31, $17 + addq $28, $28, $28 + addq $25, $25, $25 + addq $25, $27, $25 + addq $22, $17, $22 + addq $23, $28, $23 + addq $8, $25, $8 + cmpult $23, $28, $19 + cmpult $8, $25, $24 + addq $8, $19, $8 + addq $22, $24, $22 + mulq $5, $0, $18 + umulh $5, $0, $20 + cmplt $18, $31, $21 + cmplt $20, $31, $27 + addq $18, $18, $18 + addq $20, $20, $20 + addq $20, $21, $20 + addq $22, $27, $22 + addq $23, $18, $23 + addq $8, $20, $8 + cmpult $23, $18, $17 + cmpult $8, $20, $28 + addq $8, $17, $8 + addq $22, $28, $22 + stq $23, 40($16) + bis $31, $31, $23 + mulq $3, $3, $25 + umulh $3, $3, $19 + addq $8, $25, $8 + addq $22, $19, $22 + cmpult $8, $25, $24 + cmpult $22, $19, $21 + addq $22, $24, $22 + addq $23, $21, $23 + mulq $4, $2, $27 + umulh $4, $2, $18 + cmplt $27, $31, $20 + cmplt $18, $31, $17 + addq $27, $27, $27 + addq $18, $18, $18 + addq $18, $20, $18 + addq $23, $17, $23 + addq $8, $27, $8 + addq $22, $18, $22 + cmpult $8, $27, $28 + cmpult $22, $18, $25 + addq $22, $28, $22 + addq $23, $25, $23 + mulq $5, $1, $19 + umulh $5, $1, $24 + cmplt $19, $31, $21 + cmplt $24, $31, $20 + addq $19, $19, $19 + addq $24, $24, $24 + addq $24, $21, $24 + addq $23, $20, $23 + addq $8, $19, $8 + addq $22, $24, $22 + cmpult $8, $19, $17 + cmpult $22, $24, $27 + addq $22, $17, $22 + addq $23, $27, $23 + mulq $6, $0, $18 + umulh $6, $0, $28 + cmplt $18, $31, $25 + cmplt $28, $31, $21 + addq $18, $18, $18 + addq $28, $28, $28 + addq $28, $25, $28 + addq $23, $21, $23 + addq $8, $18, $8 + addq $22, $28, $22 + cmpult $8, $18, $20 + cmpult $22, $28, $19 + addq $22, $20, $22 + addq $23, $19, $23 + stq $8, 48($16) + bis $31, $31, $8 + mulq $4, $3, $24 + umulh $4, $3, $17 + cmplt $24, $31, $27 + cmplt $17, $31, $25 + addq $24, $24, $24 + addq $17, $17, $17 + addq $17, $27, $17 + addq $8, $25, $8 + addq $22, $24, $22 + addq $23, $17, $23 + cmpult $22, $24, $21 + cmpult $23, $17, $18 + addq $23, $21, $23 + addq $8, $18, $8 + mulq $5, $2, $28 + umulh $5, $2, $20 + cmplt $28, $31, $19 + cmplt $20, $31, $27 + addq $28, $28, $28 + addq $20, $20, $20 + addq $20, $19, $20 + addq $8, $27, $8 + addq $22, $28, $22 + addq $23, $20, $23 + cmpult $22, $28, $25 + cmpult $23, $20, $24 + addq $23, $25, $23 + addq $8, $24, $8 + mulq $6, $1, $17 + umulh $6, $1, $21 + cmplt $17, $31, $18 + cmplt $21, $31, $19 + addq $17, $17, $17 + addq $21, $21, $21 + addq $21, $18, $21 + addq $8, $19, $8 + addq $22, $17, $22 + addq $23, $21, $23 + cmpult $22, $17, $27 + cmpult $23, $21, $28 + addq $23, $27, $23 + addq $8, $28, $8 + mulq $7, $0, $20 + umulh $7, $0, $25 + cmplt $20, $31, $24 + cmplt $25, $31, $18 + addq $20, $20, $20 + addq $25, $25, $25 + addq $25, $24, $25 + addq $8, $18, $8 + addq $22, $20, $22 + addq $23, $25, $23 + cmpult $22, $20, $19 + cmpult $23, $25, $17 + addq $23, $19, $23 + addq $8, $17, $8 + stq $22, 56($16) + bis $31, $31, $22 + mulq $4, $4, $21 + umulh $4, $4, $27 + addq $23, $21, $23 + addq $8, $27, $8 + cmpult $23, $21, $28 + cmpult $8, $27, $24 + addq $8, $28, $8 + addq $22, $24, $22 + mulq $5, $3, $18 + umulh $5, $3, $20 + cmplt $18, $31, $25 + cmplt $20, $31, $19 + addq $18, $18, $18 + addq $20, $20, $20 + addq $20, $25, $20 + addq $22, $19, $22 + addq $23, $18, $23 + addq $8, $20, $8 + cmpult $23, $18, $17 + cmpult $8, $20, $21 + addq $8, $17, $8 + addq $22, $21, $22 + mulq $6, $2, $27 + umulh $6, $2, $28 + cmplt $27, $31, $24 + cmplt $28, $31, $25 + addq $27, $27, $27 + addq $28, $28, $28 + addq $28, $24, $28 + addq $22, $25, $22 + addq $23, $27, $23 + addq $8, $28, $8 + cmpult $23, $27, $19 + cmpult $8, $28, $18 + addq $8, $19, $8 + addq $22, $18, $22 + mulq $7, $1, $20 + umulh $7, $1, $17 + cmplt $20, $31, $21 + cmplt $17, $31, $24 + addq $20, $20, $20 + addq $17, $17, $17 + addq $17, $21, $17 + addq $22, $24, $22 + addq $23, $20, $23 + addq $8, $17, $8 + cmpult $23, $20, $25 + cmpult $8, $17, $27 + addq $8, $25, $8 + addq $22, $27, $22 + stq $23, 64($16) + bis $31, $31, $23 + mulq $5, $4, $28 + umulh $5, $4, $19 + cmplt $28, $31, $18 + cmplt $19, $31, $21 + addq $28, $28, $28 + addq $19, $19, $19 + addq $19, $18, $19 + addq $23, $21, $23 + addq $8, $28, $8 + addq $22, $19, $22 + cmpult $8, $28, $24 + cmpult $22, $19, $20 + addq $22, $24, $22 + addq $23, $20, $23 + mulq $6, $3, $17 + umulh $6, $3, $25 + cmplt $17, $31, $27 + cmplt $25, $31, $18 + addq $17, $17, $17 + addq $25, $25, $25 + addq $25, $27, $25 + addq $23, $18, $23 + addq $8, $17, $8 + addq $22, $25, $22 + cmpult $8, $17, $21 + cmpult $22, $25, $28 + addq $22, $21, $22 + addq $23, $28, $23 + mulq $7, $2, $19 + umulh $7, $2, $24 + cmplt $19, $31, $20 + cmplt $24, $31, $27 + addq $19, $19, $19 + addq $24, $24, $24 + addq $24, $20, $24 + addq $23, $27, $23 + addq $8, $19, $8 + addq $22, $24, $22 + cmpult $8, $19, $18 + cmpult $22, $24, $17 + addq $22, $18, $22 + addq $23, $17, $23 + stq $8, 72($16) + bis $31, $31, $8 + mulq $5, $5, $25 + umulh $5, $5, $21 + addq $22, $25, $22 + addq $23, $21, $23 + cmpult $22, $25, $28 + cmpult $23, $21, $20 + addq $23, $28, $23 + addq $8, $20, $8 + mulq $6, $4, $27 + umulh $6, $4, $19 + cmplt $27, $31, $24 + cmplt $19, $31, $18 + addq $27, $27, $27 + addq $19, $19, $19 + addq $19, $24, $19 + addq $8, $18, $8 + addq $22, $27, $22 + addq $23, $19, $23 + cmpult $22, $27, $17 + cmpult $23, $19, $25 + addq $23, $17, $23 + addq $8, $25, $8 + mulq $7, $3, $21 + umulh $7, $3, $28 + cmplt $21, $31, $20 + cmplt $28, $31, $24 + addq $21, $21, $21 + addq $28, $28, $28 + addq $28, $20, $28 + addq $8, $24, $8 + addq $22, $21, $22 + addq $23, $28, $23 + cmpult $22, $21, $18 + cmpult $23, $28, $27 + addq $23, $18, $23 + addq $8, $27, $8 + stq $22, 80($16) + bis $31, $31, $22 + mulq $6, $5, $19 + umulh $6, $5, $17 + cmplt $19, $31, $25 + cmplt $17, $31, $20 + addq $19, $19, $19 + addq $17, $17, $17 + addq $17, $25, $17 + addq $22, $20, $22 + addq $23, $19, $23 + addq $8, $17, $8 + cmpult $23, $19, $24 + cmpult $8, $17, $21 + addq $8, $24, $8 + addq $22, $21, $22 + mulq $7, $4, $28 + umulh $7, $4, $18 + cmplt $28, $31, $27 + cmplt $18, $31, $25 + addq $28, $28, $28 + addq $18, $18, $18 + addq $18, $27, $18 + addq $22, $25, $22 + addq $23, $28, $23 + addq $8, $18, $8 + cmpult $23, $28, $20 + cmpult $8, $18, $19 + addq $8, $20, $8 + addq $22, $19, $22 + stq $23, 88($16) + bis $31, $31, $23 + mulq $6, $6, $17 + umulh $6, $6, $24 + addq $8, $17, $8 + addq $22, $24, $22 + cmpult $8, $17, $21 + cmpult $22, $24, $27 + addq $22, $21, $22 + addq $23, $27, $23 + mulq $7, $5, $25 + umulh $7, $5, $28 + cmplt $25, $31, $18 + cmplt $28, $31, $20 + addq $25, $25, $25 + addq $28, $28, $28 + addq $28, $18, $28 + addq $23, $20, $23 + addq $8, $25, $8 + addq $22, $28, $22 + cmpult $8, $25, $19 + cmpult $22, $28, $17 + addq $22, $19, $22 + addq $23, $17, $23 + stq $8, 96($16) + bis $31, $31, $8 + mulq $7, $6, $24 + umulh $7, $6, $21 + cmplt $24, $31, $27 + cmplt $21, $31, $18 + addq $24, $24, $24 + addq $21, $21, $21 + addq $21, $27, $21 + addq $8, $18, $8 + addq $22, $24, $22 + addq $23, $21, $23 + cmpult $22, $24, $20 + cmpult $23, $21, $25 + addq $23, $20, $23 + addq $8, $25, $8 + stq $22, 104($16) + bis $31, $31, $22 + mulq $7, $7, $28 + umulh $7, $7, $19 + addq $23, $28, $23 + addq $8, $19, $8 + cmpult $23, $28, $17 + cmpult $8, $19, $27 + addq $8, $17, $8 + addq $22, $27, $22 + stq $23, 112($16) + stq $8, 120($16) + ret $31,($26),1 + .end bn_sqr_comba8 diff --git a/crypto/bn/asm/bn-586.pl b/crypto/bn/asm/bn-586.pl index 128f0f29d..7a03c67b5 100644 --- a/crypto/bn/asm/bn-586.pl +++ b/crypto/bn/asm/bn-586.pl @@ -1,7 +1,4 @@ #!/usr/local/bin/perl -# - -#!/usr/local/bin/perl push(@INC,"perlasm","../../perlasm"); require "x86asm.pl"; @@ -11,8 +8,9 @@ require "x86asm.pl"; &bn_mul_add_words("bn_mul_add_words"); &bn_mul_words("bn_mul_words"); &bn_sqr_words("bn_sqr_words"); -&bn_div64("bn_div64"); +&bn_div_words("bn_div_words"); &bn_add_words("bn_add_words"); +&bn_sub_words("bn_sub_words"); &asm_finish(); @@ -228,7 +226,7 @@ sub bn_sqr_words &function_end($name); } -sub bn_div64 +sub bn_div_words { local($name)=@_; @@ -307,7 +305,79 @@ sub bn_add_words } &set_label("aw_end",0); - &mov("eax",$c); +# &mov("eax",$c); # $c is "eax" + + &function_end($name); + } + +sub bn_sub_words + { + local($name)=@_; + + &function_begin($name,""); + + &comment(""); + $a="esi"; + $b="edi"; + $c="eax"; + $r="ebx"; + $tmp1="ecx"; + $tmp2="edx"; + $num="ebp"; + + &mov($r,&wparam(0)); # get r + &mov($a,&wparam(1)); # get a + &mov($b,&wparam(2)); # get b + &mov($num,&wparam(3)); # get num + &xor($c,$c); # clear carry + &and($num,0xfffffff8); # num / 8 + + &jz(&label("aw_finish")); + + &set_label("aw_loop",0); + for ($i=0; $i<8; $i++) + { + &comment("Round $i"); + + &mov($tmp1,&DWP($i*4,$a,"",0)); # *a + &mov($tmp2,&DWP($i*4,$b,"",0)); # *b + &sub($tmp1,$c); + &mov($c,0); + &adc($c,$c); + &sub($tmp1,$tmp2); + &adc($c,0); + &mov(&DWP($i*4,$r,"",0),$tmp1); # *r + } + + &comment(""); + &add($a,32); + &add($b,32); + &add($r,32); + &sub($num,8); + &jnz(&label("aw_loop")); + + &set_label("aw_finish",0); + &mov($num,&wparam(3)); # get num + &and($num,7); + &jz(&label("aw_end")); + + for ($i=0; $i<7; $i++) + { + &comment("Tail Round $i"); + &mov($tmp1,&DWP($i*4,$a,"",0)); # *a + &mov($tmp2,&DWP($i*4,$b,"",0));# *b + &sub($tmp1,$c); + &mov($c,0); + &adc($c,$c); + &sub($tmp1,$tmp2); + &adc($c,0); + &dec($num) if ($i != 6); + &mov(&DWP($i*4,$r,"",0),$tmp1); # *a + &jz(&label("aw_end")) if ($i != 6); + } + &set_label("aw_end",0); + +# &mov("eax",$c); # $c is "eax" &function_end($name); } diff --git a/crypto/bn/asm/bn-win32.asm b/crypto/bn/asm/bn-win32.asm index 017ea462b..871bd88d7 100644 --- a/crypto/bn/asm/bn-win32.asm +++ b/crypto/bn/asm/bn-win32.asm @@ -485,9 +485,9 @@ $L010sw_end: _bn_sqr_words ENDP _TEXT ENDS _TEXT SEGMENT -PUBLIC _bn_div64 +PUBLIC _bn_div_words -_bn_div64 PROC NEAR +_bn_div_words PROC NEAR push ebp push ebx push esi @@ -501,7 +501,7 @@ _bn_div64 PROC NEAR pop ebx pop ebp ret -_bn_div64 ENDP +_bn_div_words ENDP _TEXT ENDS _TEXT SEGMENT PUBLIC _bn_add_words @@ -678,7 +678,6 @@ $L011aw_finish: adc eax, 0 mov DWORD PTR 24[ebx],ecx $L013aw_end: - mov eax, eax pop edi pop esi pop ebx @@ -686,4 +685,1438 @@ $L013aw_end: ret _bn_add_words ENDP _TEXT ENDS +_TEXT SEGMENT +PUBLIC _bn_sub_words + +_bn_sub_words PROC NEAR + push ebp + push ebx + push esi + push edi + ; + mov ebx, DWORD PTR 20[esp] + mov esi, DWORD PTR 24[esp] + mov edi, DWORD PTR 28[esp] + mov ebp, DWORD PTR 32[esp] + xor eax, eax + and ebp, 4294967288 + jz $L014aw_finish +L015aw_loop: + ; Round 0 + mov ecx, DWORD PTR [esi] + mov edx, DWORD PTR [edi] + sub ecx, eax + mov eax, 0 + adc eax, eax + sub ecx, edx + adc eax, 0 + mov DWORD PTR [ebx],ecx + ; Round 1 + mov ecx, DWORD PTR 4[esi] + mov edx, DWORD PTR 4[edi] + sub ecx, eax + mov eax, 0 + adc eax, eax + sub ecx, edx + adc eax, 0 + mov DWORD PTR 4[ebx],ecx + ; Round 2 + mov ecx, DWORD PTR 8[esi] + mov edx, DWORD PTR 8[edi] + sub ecx, eax + mov eax, 0 + adc eax, eax + sub ecx, edx + adc eax, 0 + mov DWORD PTR 8[ebx],ecx + ; Round 3 + mov ecx, DWORD PTR 12[esi] + mov edx, DWORD PTR 12[edi] + sub ecx, eax + mov eax, 0 + adc eax, eax + sub ecx, edx + adc eax, 0 + mov DWORD PTR 12[ebx],ecx + ; Round 4 + mov ecx, DWORD PTR 16[esi] + mov edx, DWORD PTR 16[edi] + sub ecx, eax + mov eax, 0 + adc eax, eax + sub ecx, edx + adc eax, 0 + mov DWORD PTR 16[ebx],ecx + ; Round 5 + mov ecx, DWORD PTR 20[esi] + mov edx, DWORD PTR 20[edi] + sub ecx, eax + mov eax, 0 + adc eax, eax + sub ecx, edx + adc eax, 0 + mov DWORD PTR 20[ebx],ecx + ; Round 6 + mov ecx, DWORD PTR 24[esi] + mov edx, DWORD PTR 24[edi] + sub ecx, eax + mov eax, 0 + adc eax, eax + sub ecx, edx + adc eax, 0 + mov DWORD PTR 24[ebx],ecx + ; Round 7 + mov ecx, DWORD PTR 28[esi] + mov edx, DWORD PTR 28[edi] + sub ecx, eax + mov eax, 0 + adc eax, eax + sub ecx, edx + adc eax, 0 + mov DWORD PTR 28[ebx],ecx + ; + add esi, 32 + add edi, 32 + add ebx, 32 + sub ebp, 8 + jnz L015aw_loop +$L014aw_finish: + mov ebp, DWORD PTR 32[esp] + and ebp, 7 + jz $L016aw_end + ; Tail Round 0 + mov ecx, DWORD PTR [esi] + mov edx, DWORD PTR [edi] + sub ecx, eax + mov eax, 0 + adc eax, eax + sub ecx, edx + adc eax, 0 + dec ebp + mov DWORD PTR [ebx],ecx + jz $L016aw_end + ; Tail Round 1 + mov ecx, DWORD PTR 4[esi] + mov edx, DWORD PTR 4[edi] + sub ecx, eax + mov eax, 0 + adc eax, eax + sub ecx, edx + adc eax, 0 + dec ebp + mov DWORD PTR 4[ebx],ecx + jz $L016aw_end + ; Tail Round 2 + mov ecx, DWORD PTR 8[esi] + mov edx, DWORD PTR 8[edi] + sub ecx, eax + mov eax, 0 + adc eax, eax + sub ecx, edx + adc eax, 0 + dec ebp + mov DWORD PTR 8[ebx],ecx + jz $L016aw_end + ; Tail Round 3 + mov ecx, DWORD PTR 12[esi] + mov edx, DWORD PTR 12[edi] + sub ecx, eax + mov eax, 0 + adc eax, eax + sub ecx, edx + adc eax, 0 + dec ebp + mov DWORD PTR 12[ebx],ecx + jz $L016aw_end + ; Tail Round 4 + mov ecx, DWORD PTR 16[esi] + mov edx, DWORD PTR 16[edi] + sub ecx, eax + mov eax, 0 + adc eax, eax + sub ecx, edx + adc eax, 0 + dec ebp + mov DWORD PTR 16[ebx],ecx + jz $L016aw_end + ; Tail Round 5 + mov ecx, DWORD PTR 20[esi] + mov edx, DWORD PTR 20[edi] + sub ecx, eax + mov eax, 0 + adc eax, eax + sub ecx, edx + adc eax, 0 + dec ebp + mov DWORD PTR 20[ebx],ecx + jz $L016aw_end + ; Tail Round 6 + mov ecx, DWORD PTR 24[esi] + mov edx, DWORD PTR 24[edi] + sub ecx, eax + mov eax, 0 + adc eax, eax + sub ecx, edx + adc eax, 0 + mov DWORD PTR 24[ebx],ecx +$L016aw_end: + pop edi + pop esi + pop ebx + pop ebp + ret +_bn_sub_words ENDP +_TEXT ENDS +_TEXT SEGMENT +PUBLIC _bn_mul_comba8 + +_bn_mul_comba8 PROC NEAR + push esi + mov esi, DWORD PTR 12[esp] + push edi + mov edi, DWORD PTR 20[esp] + push ebp + push ebx + xor ebx, ebx + mov eax, DWORD PTR [esi] + xor ecx, ecx + mov edx, DWORD PTR [edi] + ; ################## Calculate word 0 + xor ebp, ebp + ; mul a[0]*b[0] + mul edx + add ebx, eax + mov eax, DWORD PTR 20[esp] + adc ecx, edx + mov edx, DWORD PTR [edi] + adc ebp, 0 + mov DWORD PTR [eax],ebx + mov eax, DWORD PTR 4[esi] + ; saved r[0] + ; ################## Calculate word 1 + xor ebx, ebx + ; mul a[1]*b[0] + mul edx + add ecx, eax + mov eax, DWORD PTR [esi] + adc ebp, edx + mov edx, DWORD PTR 4[edi] + adc ebx, 0 + ; mul a[0]*b[1] + mul edx + add ecx, eax + mov eax, DWORD PTR 20[esp] + adc ebp, edx + mov edx, DWORD PTR [edi] + adc ebx, 0 + mov DWORD PTR 4[eax],ecx + mov eax, DWORD PTR 8[esi] + ; saved r[1] + ; ################## Calculate word 2 + xor ecx, ecx + ; mul a[2]*b[0] + mul edx + add ebp, eax + mov eax, DWORD PTR 4[esi] + adc ebx, edx + mov edx, DWORD PTR 4[edi] + adc ecx, 0 + ; mul a[1]*b[1] + mul edx + add ebp, eax + mov eax, DWORD PTR [esi] + adc ebx, edx + mov edx, DWORD PTR 8[edi] + adc ecx, 0 + ; mul a[0]*b[2] + mul edx + add ebp, eax + mov eax, DWORD PTR 20[esp] + adc ebx, edx + mov edx, DWORD PTR [edi] + adc ecx, 0 + mov DWORD PTR 8[eax],ebp + mov eax, DWORD PTR 12[esi] + ; saved r[2] + ; ################## Calculate word 3 + xor ebp, ebp + ; mul a[3]*b[0] + mul edx + add ebx, eax + mov eax, DWORD PTR 8[esi] + adc ecx, edx + mov edx, DWORD PTR 4[edi] + adc ebp, 0 + ; mul a[2]*b[1] + mul edx + add ebx, eax + mov eax, DWORD PTR 4[esi] + adc ecx, edx + mov edx, DWORD PTR 8[edi] + adc ebp, 0 + ; mul a[1]*b[2] + mul edx + add ebx, eax + mov eax, DWORD PTR [esi] + adc ecx, edx + mov edx, DWORD PTR 12[edi] + adc ebp, 0 + ; mul a[0]*b[3] + mul edx + add ebx, eax + mov eax, DWORD PTR 20[esp] + adc ecx, edx + mov edx, DWORD PTR [edi] + adc ebp, 0 + mov DWORD PTR 12[eax],ebx + mov eax, DWORD PTR 16[esi] + ; saved r[3] + ; ################## Calculate word 4 + xor ebx, ebx + ; mul a[4]*b[0] + mul edx + add ecx, eax + mov eax, DWORD PTR 12[esi] + adc ebp, edx + mov edx, DWORD PTR 4[edi] + adc ebx, 0 + ; mul a[3]*b[1] + mul edx + add ecx, eax + mov eax, DWORD PTR 8[esi] + adc ebp, edx + mov edx, DWORD PTR 8[edi] + adc ebx, 0 + ; mul a[2]*b[2] + mul edx + add ecx, eax + mov eax, DWORD PTR 4[esi] + adc ebp, edx + mov edx, DWORD PTR 12[edi] + adc ebx, 0 + ; mul a[1]*b[3] + mul edx + add ecx, eax + mov eax, DWORD PTR [esi] + adc ebp, edx + mov edx, DWORD PTR 16[edi] + adc ebx, 0 + ; mul a[0]*b[4] + mul edx + add ecx, eax + mov eax, DWORD PTR 20[esp] + adc ebp, edx + mov edx, DWORD PTR [edi] + adc ebx, 0 + mov DWORD PTR 16[eax],ecx + mov eax, DWORD PTR 20[esi] + ; saved r[4] + ; ################## Calculate word 5 + xor ecx, ecx + ; mul a[5]*b[0] + mul edx + add ebp, eax + mov eax, DWORD PTR 16[esi] + adc ebx, edx + mov edx, DWORD PTR 4[edi] + adc ecx, 0 + ; mul a[4]*b[1] + mul edx + add ebp, eax + mov eax, DWORD PTR 12[esi] + adc ebx, edx + mov edx, DWORD PTR 8[edi] + adc ecx, 0 + ; mul a[3]*b[2] + mul edx + add ebp, eax + mov eax, DWORD PTR 8[esi] + adc ebx, edx + mov edx, DWORD PTR 12[edi] + adc ecx, 0 + ; mul a[2]*b[3] + mul edx + add ebp, eax + mov eax, DWORD PTR 4[esi] + adc ebx, edx + mov edx, DWORD PTR 16[edi] + adc ecx, 0 + ; mul a[1]*b[4] + mul edx + add ebp, eax + mov eax, DWORD PTR [esi] + adc ebx, edx + mov edx, DWORD PTR 20[edi] + adc ecx, 0 + ; mul a[0]*b[5] + mul edx + add ebp, eax + mov eax, DWORD PTR 20[esp] + adc ebx, edx + mov edx, DWORD PTR [edi] + adc ecx, 0 + mov DWORD PTR 20[eax],ebp + mov eax, DWORD PTR 24[esi] + ; saved r[5] + ; ################## Calculate word 6 + xor ebp, ebp + ; mul a[6]*b[0] + mul edx + add ebx, eax + mov eax, DWORD PTR 20[esi] + adc ecx, edx + mov edx, DWORD PTR 4[edi] + adc ebp, 0 + ; mul a[5]*b[1] + mul edx + add ebx, eax + mov eax, DWORD PTR 16[esi] + adc ecx, edx + mov edx, DWORD PTR 8[edi] + adc ebp, 0 + ; mul a[4]*b[2] + mul edx + add ebx, eax + mov eax, DWORD PTR 12[esi] + adc ecx, edx + mov edx, DWORD PTR 12[edi] + adc ebp, 0 + ; mul a[3]*b[3] + mul edx + add ebx, eax + mov eax, DWORD PTR 8[esi] + adc ecx, edx + mov edx, DWORD PTR 16[edi] + adc ebp, 0 + ; mul a[2]*b[4] + mul edx + add ebx, eax + mov eax, DWORD PTR 4[esi] + adc ecx, edx + mov edx, DWORD PTR 20[edi] + adc ebp, 0 + ; mul a[1]*b[5] + mul edx + add ebx, eax + mov eax, DWORD PTR [esi] + adc ecx, edx + mov edx, DWORD PTR 24[edi] + adc ebp, 0 + ; mul a[0]*b[6] + mul edx + add ebx, eax + mov eax, DWORD PTR 20[esp] + adc ecx, edx + mov edx, DWORD PTR [edi] + adc ebp, 0 + mov DWORD PTR 24[eax],ebx + mov eax, DWORD PTR 28[esi] + ; saved r[6] + ; ################## Calculate word 7 + xor ebx, ebx + ; mul a[7]*b[0] + mul edx + add ecx, eax + mov eax, DWORD PTR 24[esi] + adc ebp, edx + mov edx, DWORD PTR 4[edi] + adc ebx, 0 + ; mul a[6]*b[1] + mul edx + add ecx, eax + mov eax, DWORD PTR 20[esi] + adc ebp, edx + mov edx, DWORD PTR 8[edi] + adc ebx, 0 + ; mul a[5]*b[2] + mul edx + add ecx, eax + mov eax, DWORD PTR 16[esi] + adc ebp, edx + mov edx, DWORD PTR 12[edi] + adc ebx, 0 + ; mul a[4]*b[3] + mul edx + add ecx, eax + mov eax, DWORD PTR 12[esi] + adc ebp, edx + mov edx, DWORD PTR 16[edi] + adc ebx, 0 + ; mul a[3]*b[4] + mul edx + add ecx, eax + mov eax, DWORD PTR 8[esi] + adc ebp, edx + mov edx, DWORD PTR 20[edi] + adc ebx, 0 + ; mul a[2]*b[5] + mul edx + add ecx, eax + mov eax, DWORD PTR 4[esi] + adc ebp, edx + mov edx, DWORD PTR 24[edi] + adc ebx, 0 + ; mul a[1]*b[6] + mul edx + add ecx, eax + mov eax, DWORD PTR [esi] + adc ebp, edx + mov edx, DWORD PTR 28[edi] + adc ebx, 0 + ; mul a[0]*b[7] + mul edx + add ecx, eax + mov eax, DWORD PTR 20[esp] + adc ebp, edx + mov edx, DWORD PTR 4[edi] + adc ebx, 0 + mov DWORD PTR 28[eax],ecx + mov eax, DWORD PTR 28[esi] + ; saved r[7] + ; ################## Calculate word 8 + xor ecx, ecx + ; mul a[7]*b[1] + mul edx + add ebp, eax + mov eax, DWORD PTR 24[esi] + adc ebx, edx + mov edx, DWORD PTR 8[edi] + adc ecx, 0 + ; mul a[6]*b[2] + mul edx + add ebp, eax + mov eax, DWORD PTR 20[esi] + adc ebx, edx + mov edx, DWORD PTR 12[edi] + adc ecx, 0 + ; mul a[5]*b[3] + mul edx + add ebp, eax + mov eax, DWORD PTR 16[esi] + adc ebx, edx + mov edx, DWORD PTR 16[edi] + adc ecx, 0 + ; mul a[4]*b[4] + mul edx + add ebp, eax + mov eax, DWORD PTR 12[esi] + adc ebx, edx + mov edx, DWORD PTR 20[edi] + adc ecx, 0 + ; mul a[3]*b[5] + mul edx + add ebp, eax + mov eax, DWORD PTR 8[esi] + adc ebx, edx + mov edx, DWORD PTR 24[edi] + adc ecx, 0 + ; mul a[2]*b[6] + mul edx + add ebp, eax + mov eax, DWORD PTR 4[esi] + adc ebx, edx + mov edx, DWORD PTR 28[edi] + adc ecx, 0 + ; mul a[1]*b[7] + mul edx + add ebp, eax + mov eax, DWORD PTR 20[esp] + adc ebx, edx + mov edx, DWORD PTR 8[edi] + adc ecx, 0 + mov DWORD PTR 32[eax],ebp + mov eax, DWORD PTR 28[esi] + ; saved r[8] + ; ################## Calculate word 9 + xor ebp, ebp + ; mul a[7]*b[2] + mul edx + add ebx, eax + mov eax, DWORD PTR 24[esi] + adc ecx, edx + mov edx, DWORD PTR 12[edi] + adc ebp, 0 + ; mul a[6]*b[3] + mul edx + add ebx, eax + mov eax, DWORD PTR 20[esi] + adc ecx, edx + mov edx, DWORD PTR 16[edi] + adc ebp, 0 + ; mul a[5]*b[4] + mul edx + add ebx, eax + mov eax, DWORD PTR 16[esi] + adc ecx, edx + mov edx, DWORD PTR 20[edi] + adc ebp, 0 + ; mul a[4]*b[5] + mul edx + add ebx, eax + mov eax, DWORD PTR 12[esi] + adc ecx, edx + mov edx, DWORD PTR 24[edi] + adc ebp, 0 + ; mul a[3]*b[6] + mul edx + add ebx, eax + mov eax, DWORD PTR 8[esi] + adc ecx, edx + mov edx, DWORD PTR 28[edi] + adc ebp, 0 + ; mul a[2]*b[7] + mul edx + add ebx, eax + mov eax, DWORD PTR 20[esp] + adc ecx, edx + mov edx, DWORD PTR 12[edi] + adc ebp, 0 + mov DWORD PTR 36[eax],ebx + mov eax, DWORD PTR 28[esi] + ; saved r[9] + ; ################## Calculate word 10 + xor ebx, ebx + ; mul a[7]*b[3] + mul edx + add ecx, eax + mov eax, DWORD PTR 24[esi] + adc ebp, edx + mov edx, DWORD PTR 16[edi] + adc ebx, 0 + ; mul a[6]*b[4] + mul edx + add ecx, eax + mov eax, DWORD PTR 20[esi] + adc ebp, edx + mov edx, DWORD PTR 20[edi] + adc ebx, 0 + ; mul a[5]*b[5] + mul edx + add ecx, eax + mov eax, DWORD PTR 16[esi] + adc ebp, edx + mov edx, DWORD PTR 24[edi] + adc ebx, 0 + ; mul a[4]*b[6] + mul edx + add ecx, eax + mov eax, DWORD PTR 12[esi] + adc ebp, edx + mov edx, DWORD PTR 28[edi] + adc ebx, 0 + ; mul a[3]*b[7] + mul edx + add ecx, eax + mov eax, DWORD PTR 20[esp] + adc ebp, edx + mov edx, DWORD PTR 16[edi] + adc ebx, 0 + mov DWORD PTR 40[eax],ecx + mov eax, DWORD PTR 28[esi] + ; saved r[10] + ; ################## Calculate word 11 + xor ecx, ecx + ; mul a[7]*b[4] + mul edx + add ebp, eax + mov eax, DWORD PTR 24[esi] + adc ebx, edx + mov edx, DWORD PTR 20[edi] + adc ecx, 0 + ; mul a[6]*b[5] + mul edx + add ebp, eax + mov eax, DWORD PTR 20[esi] + adc ebx, edx + mov edx, DWORD PTR 24[edi] + adc ecx, 0 + ; mul a[5]*b[6] + mul edx + add ebp, eax + mov eax, DWORD PTR 16[esi] + adc ebx, edx + mov edx, DWORD PTR 28[edi] + adc ecx, 0 + ; mul a[4]*b[7] + mul edx + add ebp, eax + mov eax, DWORD PTR 20[esp] + adc ebx, edx + mov edx, DWORD PTR 20[edi] + adc ecx, 0 + mov DWORD PTR 44[eax],ebp + mov eax, DWORD PTR 28[esi] + ; saved r[11] + ; ################## Calculate word 12 + xor ebp, ebp + ; mul a[7]*b[5] + mul edx + add ebx, eax + mov eax, DWORD PTR 24[esi] + adc ecx, edx + mov edx, DWORD PTR 24[edi] + adc ebp, 0 + ; mul a[6]*b[6] + mul edx + add ebx, eax + mov eax, DWORD PTR 20[esi] + adc ecx, edx + mov edx, DWORD PTR 28[edi] + adc ebp, 0 + ; mul a[5]*b[7] + mul edx + add ebx, eax + mov eax, DWORD PTR 20[esp] + adc ecx, edx + mov edx, DWORD PTR 24[edi] + adc ebp, 0 + mov DWORD PTR 48[eax],ebx + mov eax, DWORD PTR 28[esi] + ; saved r[12] + ; ################## Calculate word 13 + xor ebx, ebx + ; mul a[7]*b[6] + mul edx + add ecx, eax + mov eax, DWORD PTR 24[esi] + adc ebp, edx + mov edx, DWORD PTR 28[edi] + adc ebx, 0 + ; mul a[6]*b[7] + mul edx + add ecx, eax + mov eax, DWORD PTR 20[esp] + adc ebp, edx + mov edx, DWORD PTR 28[edi] + adc ebx, 0 + mov DWORD PTR 52[eax],ecx + mov eax, DWORD PTR 28[esi] + ; saved r[13] + ; ################## Calculate word 14 + xor ecx, ecx + ; mul a[7]*b[7] + mul edx + add ebp, eax + mov eax, DWORD PTR 20[esp] + adc ebx, edx + adc ecx, 0 + mov DWORD PTR 56[eax],ebp + ; saved r[14] + ; save r[15] + mov DWORD PTR 60[eax],ebx + pop ebx + pop ebp + pop edi + pop esi + ret +_bn_mul_comba8 ENDP +_TEXT ENDS +_TEXT SEGMENT +PUBLIC _bn_mul_comba4 + +_bn_mul_comba4 PROC NEAR + push esi + mov esi, DWORD PTR 12[esp] + push edi + mov edi, DWORD PTR 20[esp] + push ebp + push ebx + xor ebx, ebx + mov eax, DWORD PTR [esi] + xor ecx, ecx + mov edx, DWORD PTR [edi] + ; ################## Calculate word 0 + xor ebp, ebp + ; mul a[0]*b[0] + mul edx + add ebx, eax + mov eax, DWORD PTR 20[esp] + adc ecx, edx + mov edx, DWORD PTR [edi] + adc ebp, 0 + mov DWORD PTR [eax],ebx + mov eax, DWORD PTR 4[esi] + ; saved r[0] + ; ################## Calculate word 1 + xor ebx, ebx + ; mul a[1]*b[0] + mul edx + add ecx, eax + mov eax, DWORD PTR [esi] + adc ebp, edx + mov edx, DWORD PTR 4[edi] + adc ebx, 0 + ; mul a[0]*b[1] + mul edx + add ecx, eax + mov eax, DWORD PTR 20[esp] + adc ebp, edx + mov edx, DWORD PTR [edi] + adc ebx, 0 + mov DWORD PTR 4[eax],ecx + mov eax, DWORD PTR 8[esi] + ; saved r[1] + ; ################## Calculate word 2 + xor ecx, ecx + ; mul a[2]*b[0] + mul edx + add ebp, eax + mov eax, DWORD PTR 4[esi] + adc ebx, edx + mov edx, DWORD PTR 4[edi] + adc ecx, 0 + ; mul a[1]*b[1] + mul edx + add ebp, eax + mov eax, DWORD PTR [esi] + adc ebx, edx + mov edx, DWORD PTR 8[edi] + adc ecx, 0 + ; mul a[0]*b[2] + mul edx + add ebp, eax + mov eax, DWORD PTR 20[esp] + adc ebx, edx + mov edx, DWORD PTR [edi] + adc ecx, 0 + mov DWORD PTR 8[eax],ebp + mov eax, DWORD PTR 12[esi] + ; saved r[2] + ; ################## Calculate word 3 + xor ebp, ebp + ; mul a[3]*b[0] + mul edx + add ebx, eax + mov eax, DWORD PTR 8[esi] + adc ecx, edx + mov edx, DWORD PTR 4[edi] + adc ebp, 0 + ; mul a[2]*b[1] + mul edx + add ebx, eax + mov eax, DWORD PTR 4[esi] + adc ecx, edx + mov edx, DWORD PTR 8[edi] + adc ebp, 0 + ; mul a[1]*b[2] + mul edx + add ebx, eax + mov eax, DWORD PTR [esi] + adc ecx, edx + mov edx, DWORD PTR 12[edi] + adc ebp, 0 + ; mul a[0]*b[3] + mul edx + add ebx, eax + mov eax, DWORD PTR 20[esp] + adc ecx, edx + mov edx, DWORD PTR 4[edi] + adc ebp, 0 + mov DWORD PTR 12[eax],ebx + mov eax, DWORD PTR 12[esi] + ; saved r[3] + ; ################## Calculate word 4 + xor ebx, ebx + ; mul a[3]*b[1] + mul edx + add ecx, eax + mov eax, DWORD PTR 8[esi] + adc ebp, edx + mov edx, DWORD PTR 8[edi] + adc ebx, 0 + ; mul a[2]*b[2] + mul edx + add ecx, eax + mov eax, DWORD PTR 4[esi] + adc ebp, edx + mov edx, DWORD PTR 12[edi] + adc ebx, 0 + ; mul a[1]*b[3] + mul edx + add ecx, eax + mov eax, DWORD PTR 20[esp] + adc ebp, edx + mov edx, DWORD PTR 8[edi] + adc ebx, 0 + mov DWORD PTR 16[eax],ecx + mov eax, DWORD PTR 12[esi] + ; saved r[4] + ; ################## Calculate word 5 + xor ecx, ecx + ; mul a[3]*b[2] + mul edx + add ebp, eax + mov eax, DWORD PTR 8[esi] + adc ebx, edx + mov edx, DWORD PTR 12[edi] + adc ecx, 0 + ; mul a[2]*b[3] + mul edx + add ebp, eax + mov eax, DWORD PTR 20[esp] + adc ebx, edx + mov edx, DWORD PTR 12[edi] + adc ecx, 0 + mov DWORD PTR 20[eax],ebp + mov eax, DWORD PTR 12[esi] + ; saved r[5] + ; ################## Calculate word 6 + xor ebp, ebp + ; mul a[3]*b[3] + mul edx + add ebx, eax + mov eax, DWORD PTR 20[esp] + adc ecx, edx + adc ebp, 0 + mov DWORD PTR 24[eax],ebx + ; saved r[6] + ; save r[7] + mov DWORD PTR 28[eax],ecx + pop ebx + pop ebp + pop edi + pop esi + ret +_bn_mul_comba4 ENDP +_TEXT ENDS +_TEXT SEGMENT +PUBLIC _bn_sqr_comba8 + +_bn_sqr_comba8 PROC NEAR + push esi + push edi + push ebp + push ebx + mov edi, DWORD PTR 20[esp] + mov esi, DWORD PTR 24[esp] + xor ebx, ebx + xor ecx, ecx + mov eax, DWORD PTR [esi] + ; ############### Calculate word 0 + xor ebp, ebp + ; sqr a[0]*a[0] + mul eax + add ebx, eax + adc ecx, edx + mov edx, DWORD PTR [esi] + adc ebp, 0 + mov DWORD PTR [edi],ebx + mov eax, DWORD PTR 4[esi] + ; saved r[0] + ; ############### Calculate word 1 + xor ebx, ebx + ; sqr a[1]*a[0] + mul edx + add eax, eax + adc edx, edx + adc ebx, 0 + add ecx, eax + adc ebp, edx + mov eax, DWORD PTR 8[esi] + adc ebx, 0 + mov DWORD PTR 4[edi],ecx + mov edx, DWORD PTR [esi] + ; saved r[1] + ; ############### Calculate word 2 + xor ecx, ecx + ; sqr a[2]*a[0] + mul edx + add eax, eax + adc edx, edx + adc ecx, 0 + add ebp, eax + adc ebx, edx + mov eax, DWORD PTR 4[esi] + adc ecx, 0 + ; sqr a[1]*a[1] + mul eax + add ebp, eax + adc ebx, edx + mov edx, DWORD PTR [esi] + adc ecx, 0 + mov DWORD PTR 8[edi],ebp + mov eax, DWORD PTR 12[esi] + ; saved r[2] + ; ############### Calculate word 3 + xor ebp, ebp + ; sqr a[3]*a[0] + mul edx + add eax, eax + adc edx, edx + adc ebp, 0 + add ebx, eax + adc ecx, edx + mov eax, DWORD PTR 8[esi] + adc ebp, 0 + mov edx, DWORD PTR 4[esi] + ; sqr a[2]*a[1] + mul edx + add eax, eax + adc edx, edx + adc ebp, 0 + add ebx, eax + adc ecx, edx + mov eax, DWORD PTR 16[esi] + adc ebp, 0 + mov DWORD PTR 12[edi],ebx + mov edx, DWORD PTR [esi] + ; saved r[3] + ; ############### Calculate word 4 + xor ebx, ebx + ; sqr a[4]*a[0] + mul edx + add eax, eax + adc edx, edx + adc ebx, 0 + add ecx, eax + adc ebp, edx + mov eax, DWORD PTR 12[esi] + adc ebx, 0 + mov edx, DWORD PTR 4[esi] + ; sqr a[3]*a[1] + mul edx + add eax, eax + adc edx, edx + adc ebx, 0 + add ecx, eax + adc ebp, edx + mov eax, DWORD PTR 8[esi] + adc ebx, 0 + ; sqr a[2]*a[2] + mul eax + add ecx, eax + adc ebp, edx + mov edx, DWORD PTR [esi] + adc ebx, 0 + mov DWORD PTR 16[edi],ecx + mov eax, DWORD PTR 20[esi] + ; saved r[4] + ; ############### Calculate word 5 + xor ecx, ecx + ; sqr a[5]*a[0] + mul edx + add eax, eax + adc edx, edx + adc ecx, 0 + add ebp, eax + adc ebx, edx + mov eax, DWORD PTR 16[esi] + adc ecx, 0 + mov edx, DWORD PTR 4[esi] + ; sqr a[4]*a[1] + mul edx + add eax, eax + adc edx, edx + adc ecx, 0 + add ebp, eax + adc ebx, edx + mov eax, DWORD PTR 12[esi] + adc ecx, 0 + mov edx, DWORD PTR 8[esi] + ; sqr a[3]*a[2] + mul edx + add eax, eax + adc edx, edx + adc ecx, 0 + add ebp, eax + adc ebx, edx + mov eax, DWORD PTR 24[esi] + adc ecx, 0 + mov DWORD PTR 20[edi],ebp + mov edx, DWORD PTR [esi] + ; saved r[5] + ; ############### Calculate word 6 + xor ebp, ebp + ; sqr a[6]*a[0] + mul edx + add eax, eax + adc edx, edx + adc ebp, 0 + add ebx, eax + adc ecx, edx + mov eax, DWORD PTR 20[esi] + adc ebp, 0 + mov edx, DWORD PTR 4[esi] + ; sqr a[5]*a[1] + mul edx + add eax, eax + adc edx, edx + adc ebp, 0 + add ebx, eax + adc ecx, edx + mov eax, DWORD PTR 16[esi] + adc ebp, 0 + mov edx, DWORD PTR 8[esi] + ; sqr a[4]*a[2] + mul edx + add eax, eax + adc edx, edx + adc ebp, 0 + add ebx, eax + adc ecx, edx + mov eax, DWORD PTR 12[esi] + adc ebp, 0 + ; sqr a[3]*a[3] + mul eax + add ebx, eax + adc ecx, edx + mov edx, DWORD PTR [esi] + adc ebp, 0 + mov DWORD PTR 24[edi],ebx + mov eax, DWORD PTR 28[esi] + ; saved r[6] + ; ############### Calculate word 7 + xor ebx, ebx + ; sqr a[7]*a[0] + mul edx + add eax, eax + adc edx, edx + adc ebx, 0 + add ecx, eax + adc ebp, edx + mov eax, DWORD PTR 24[esi] + adc ebx, 0 + mov edx, DWORD PTR 4[esi] + ; sqr a[6]*a[1] + mul edx + add eax, eax + adc edx, edx + adc ebx, 0 + add ecx, eax + adc ebp, edx + mov eax, DWORD PTR 20[esi] + adc ebx, 0 + mov edx, DWORD PTR 8[esi] + ; sqr a[5]*a[2] + mul edx + add eax, eax + adc edx, edx + adc ebx, 0 + add ecx, eax + adc ebp, edx + mov eax, DWORD PTR 16[esi] + adc ebx, 0 + mov edx, DWORD PTR 12[esi] + ; sqr a[4]*a[3] + mul edx + add eax, eax + adc edx, edx + adc ebx, 0 + add ecx, eax + adc ebp, edx + mov eax, DWORD PTR 28[esi] + adc ebx, 0 + mov DWORD PTR 28[edi],ecx + mov edx, DWORD PTR 4[esi] + ; saved r[7] + ; ############### Calculate word 8 + xor ecx, ecx + ; sqr a[7]*a[1] + mul edx + add eax, eax + adc edx, edx + adc ecx, 0 + add ebp, eax + adc ebx, edx + mov eax, DWORD PTR 24[esi] + adc ecx, 0 + mov edx, DWORD PTR 8[esi] + ; sqr a[6]*a[2] + mul edx + add eax, eax + adc edx, edx + adc ecx, 0 + add ebp, eax + adc ebx, edx + mov eax, DWORD PTR 20[esi] + adc ecx, 0 + mov edx, DWORD PTR 12[esi] + ; sqr a[5]*a[3] + mul edx + add eax, eax + adc edx, edx + adc ecx, 0 + add ebp, eax + adc ebx, edx + mov eax, DWORD PTR 16[esi] + adc ecx, 0 + ; sqr a[4]*a[4] + mul eax + add ebp, eax + adc ebx, edx + mov edx, DWORD PTR 8[esi] + adc ecx, 0 + mov DWORD PTR 32[edi],ebp + mov eax, DWORD PTR 28[esi] + ; saved r[8] + ; ############### Calculate word 9 + xor ebp, ebp + ; sqr a[7]*a[2] + mul edx + add eax, eax + adc edx, edx + adc ebp, 0 + add ebx, eax + adc ecx, edx + mov eax, DWORD PTR 24[esi] + adc ebp, 0 + mov edx, DWORD PTR 12[esi] + ; sqr a[6]*a[3] + mul edx + add eax, eax + adc edx, edx + adc ebp, 0 + add ebx, eax + adc ecx, edx + mov eax, DWORD PTR 20[esi] + adc ebp, 0 + mov edx, DWORD PTR 16[esi] + ; sqr a[5]*a[4] + mul edx + add eax, eax + adc edx, edx + adc ebp, 0 + add ebx, eax + adc ecx, edx + mov eax, DWORD PTR 28[esi] + adc ebp, 0 + mov DWORD PTR 36[edi],ebx + mov edx, DWORD PTR 12[esi] + ; saved r[9] + ; ############### Calculate word 10 + xor ebx, ebx + ; sqr a[7]*a[3] + mul edx + add eax, eax + adc edx, edx + adc ebx, 0 + add ecx, eax + adc ebp, edx + mov eax, DWORD PTR 24[esi] + adc ebx, 0 + mov edx, DWORD PTR 16[esi] + ; sqr a[6]*a[4] + mul edx + add eax, eax + adc edx, edx + adc ebx, 0 + add ecx, eax + adc ebp, edx + mov eax, DWORD PTR 20[esi] + adc ebx, 0 + ; sqr a[5]*a[5] + mul eax + add ecx, eax + adc ebp, edx + mov edx, DWORD PTR 16[esi] + adc ebx, 0 + mov DWORD PTR 40[edi],ecx + mov eax, DWORD PTR 28[esi] + ; saved r[10] + ; ############### Calculate word 11 + xor ecx, ecx + ; sqr a[7]*a[4] + mul edx + add eax, eax + adc edx, edx + adc ecx, 0 + add ebp, eax + adc ebx, edx + mov eax, DWORD PTR 24[esi] + adc ecx, 0 + mov edx, DWORD PTR 20[esi] + ; sqr a[6]*a[5] + mul edx + add eax, eax + adc edx, edx + adc ecx, 0 + add ebp, eax + adc ebx, edx + mov eax, DWORD PTR 28[esi] + adc ecx, 0 + mov DWORD PTR 44[edi],ebp + mov edx, DWORD PTR 20[esi] + ; saved r[11] + ; ############### Calculate word 12 + xor ebp, ebp + ; sqr a[7]*a[5] + mul edx + add eax, eax + adc edx, edx + adc ebp, 0 + add ebx, eax + adc ecx, edx + mov eax, DWORD PTR 24[esi] + adc ebp, 0 + ; sqr a[6]*a[6] + mul eax + add ebx, eax + adc ecx, edx + mov edx, DWORD PTR 24[esi] + adc ebp, 0 + mov DWORD PTR 48[edi],ebx + mov eax, DWORD PTR 28[esi] + ; saved r[12] + ; ############### Calculate word 13 + xor ebx, ebx + ; sqr a[7]*a[6] + mul edx + add eax, eax + adc edx, edx + adc ebx, 0 + add ecx, eax + adc ebp, edx + mov eax, DWORD PTR 28[esi] + adc ebx, 0 + mov DWORD PTR 52[edi],ecx + ; saved r[13] + ; ############### Calculate word 14 + xor ecx, ecx + ; sqr a[7]*a[7] + mul eax + add ebp, eax + adc ebx, edx + adc ecx, 0 + mov DWORD PTR 56[edi],ebp + ; saved r[14] + mov DWORD PTR 60[edi],ebx + pop ebx + pop ebp + pop edi + pop esi + ret +_bn_sqr_comba8 ENDP +_TEXT ENDS +_TEXT SEGMENT +PUBLIC _bn_sqr_comba4 + +_bn_sqr_comba4 PROC NEAR + push esi + push edi + push ebp + push ebx + mov edi, DWORD PTR 20[esp] + mov esi, DWORD PTR 24[esp] + xor ebx, ebx + xor ecx, ecx + mov eax, DWORD PTR [esi] + ; ############### Calculate word 0 + xor ebp, ebp + ; sqr a[0]*a[0] + mul eax + add ebx, eax + adc ecx, edx + mov edx, DWORD PTR [esi] + adc ebp, 0 + mov DWORD PTR [edi],ebx + mov eax, DWORD PTR 4[esi] + ; saved r[0] + ; ############### Calculate word 1 + xor ebx, ebx + ; sqr a[1]*a[0] + mul edx + add eax, eax + adc edx, edx + adc ebx, 0 + add ecx, eax + adc ebp, edx + mov eax, DWORD PTR 8[esi] + adc ebx, 0 + mov DWORD PTR 4[edi],ecx + mov edx, DWORD PTR [esi] + ; saved r[1] + ; ############### Calculate word 2 + xor ecx, ecx + ; sqr a[2]*a[0] + mul edx + add eax, eax + adc edx, edx + adc ecx, 0 + add ebp, eax + adc ebx, edx + mov eax, DWORD PTR 4[esi] + adc ecx, 0 + ; sqr a[1]*a[1] + mul eax + add ebp, eax + adc ebx, edx + mov edx, DWORD PTR [esi] + adc ecx, 0 + mov DWORD PTR 8[edi],ebp + mov eax, DWORD PTR 12[esi] + ; saved r[2] + ; ############### Calculate word 3 + xor ebp, ebp + ; sqr a[3]*a[0] + mul edx + add eax, eax + adc edx, edx + adc ebp, 0 + add ebx, eax + adc ecx, edx + mov eax, DWORD PTR 8[esi] + adc ebp, 0 + mov edx, DWORD PTR 4[esi] + ; sqr a[2]*a[1] + mul edx + add eax, eax + adc edx, edx + adc ebp, 0 + add ebx, eax + adc ecx, edx + mov eax, DWORD PTR 12[esi] + adc ebp, 0 + mov DWORD PTR 12[edi],ebx + mov edx, DWORD PTR 4[esi] + ; saved r[3] + ; ############### Calculate word 4 + xor ebx, ebx + ; sqr a[3]*a[1] + mul edx + add eax, eax + adc edx, edx + adc ebx, 0 + add ecx, eax + adc ebp, edx + mov eax, DWORD PTR 8[esi] + adc ebx, 0 + ; sqr a[2]*a[2] + mul eax + add ecx, eax + adc ebp, edx + mov edx, DWORD PTR 8[esi] + adc ebx, 0 + mov DWORD PTR 16[edi],ecx + mov eax, DWORD PTR 12[esi] + ; saved r[4] + ; ############### Calculate word 5 + xor ecx, ecx + ; sqr a[3]*a[2] + mul edx + add eax, eax + adc edx, edx + adc ecx, 0 + add ebp, eax + adc ebx, edx + mov eax, DWORD PTR 12[esi] + adc ecx, 0 + mov DWORD PTR 20[edi],ebp + ; saved r[5] + ; ############### Calculate word 6 + xor ebp, ebp + ; sqr a[3]*a[3] + mul eax + add ebx, eax + adc ecx, edx + adc ebp, 0 + mov DWORD PTR 24[edi],ebx + ; saved r[6] + mov DWORD PTR 28[edi],ecx + pop ebx + pop ebp + pop edi + pop esi + ret +_bn_sqr_comba4 ENDP +_TEXT ENDS END diff --git a/crypto/bn/asm/bn86unix.cpp b/crypto/bn/asm/bn86unix.cpp index 64702201e..639a3ac41 100644 --- a/crypto/bn/asm/bn86unix.cpp +++ b/crypto/bn/asm/bn86unix.cpp @@ -12,8 +12,13 @@ #define bn_mul_add_words _bn_mul_add_words #define bn_mul_words _bn_mul_words #define bn_sqr_words _bn_sqr_words -#define bn_div64 _bn_div64 +#define bn_div_words _bn_div_words #define bn_add_words _bn_add_words +#define bn_sub_words _bn_sub_words +#define bn_mul_comba8 _bn_mul_comba8 +#define bn_mul_comba4 _bn_mul_comba4 +#define bn_sqr_comba8 _bn_sqr_comba8 +#define bn_sqr_comba4 _bn_sqr_comba4 #endif @@ -544,9 +549,9 @@ bn_sqr_words: .ident "bn_sqr_words" .text .align ALIGN -.globl bn_div64 - TYPE(bn_div64,@function) -bn_div64: +.globl bn_div_words + TYPE(bn_div_words,@function) +bn_div_words: pushl %ebp pushl %ebx pushl %esi @@ -561,9 +566,9 @@ bn_div64: popl %ebx popl %ebp ret -.bn_div64_end: - SIZE(bn_div64,.bn_div64_end-bn_div64) -.ident "bn_div64" +.bn_div_words_end: + SIZE(bn_div_words,.bn_div_words_end-bn_div_words) +.ident "bn_div_words" .text .align ALIGN .globl bn_add_words @@ -741,7 +746,6 @@ bn_add_words: adcl $0, %eax movl %ecx, 24(%ebx) .L013aw_end: - movl %eax, %eax popl %edi popl %esi popl %ebx @@ -750,3 +754,1448 @@ bn_add_words: .bn_add_words_end: SIZE(bn_add_words,.bn_add_words_end-bn_add_words) .ident "bn_add_words" +.text + .align ALIGN +.globl bn_sub_words + TYPE(bn_sub_words,@function) +bn_sub_words: + pushl %ebp + pushl %ebx + pushl %esi + pushl %edi + + + movl 20(%esp), %ebx + movl 24(%esp), %esi + movl 28(%esp), %edi + movl 32(%esp), %ebp + xorl %eax, %eax + andl $4294967288, %ebp + jz .L014aw_finish +.L015aw_loop: + /* Round 0 */ + movl (%esi), %ecx + movl (%edi), %edx + subl %eax, %ecx + movl $0, %eax + adcl %eax, %eax + subl %edx, %ecx + adcl $0, %eax + movl %ecx, (%ebx) + /* Round 1 */ + movl 4(%esi), %ecx + movl 4(%edi), %edx + subl %eax, %ecx + movl $0, %eax + adcl %eax, %eax + subl %edx, %ecx + adcl $0, %eax + movl %ecx, 4(%ebx) + /* Round 2 */ + movl 8(%esi), %ecx + movl 8(%edi), %edx + subl %eax, %ecx + movl $0, %eax + adcl %eax, %eax + subl %edx, %ecx + adcl $0, %eax + movl %ecx, 8(%ebx) + /* Round 3 */ + movl 12(%esi), %ecx + movl 12(%edi), %edx + subl %eax, %ecx + movl $0, %eax + adcl %eax, %eax + subl %edx, %ecx + adcl $0, %eax + movl %ecx, 12(%ebx) + /* Round 4 */ + movl 16(%esi), %ecx + movl 16(%edi), %edx + subl %eax, %ecx + movl $0, %eax + adcl %eax, %eax + subl %edx, %ecx + adcl $0, %eax + movl %ecx, 16(%ebx) + /* Round 5 */ + movl 20(%esi), %ecx + movl 20(%edi), %edx + subl %eax, %ecx + movl $0, %eax + adcl %eax, %eax + subl %edx, %ecx + adcl $0, %eax + movl %ecx, 20(%ebx) + /* Round 6 */ + movl 24(%esi), %ecx + movl 24(%edi), %edx + subl %eax, %ecx + movl $0, %eax + adcl %eax, %eax + subl %edx, %ecx + adcl $0, %eax + movl %ecx, 24(%ebx) + /* Round 7 */ + movl 28(%esi), %ecx + movl 28(%edi), %edx + subl %eax, %ecx + movl $0, %eax + adcl %eax, %eax + subl %edx, %ecx + adcl $0, %eax + movl %ecx, 28(%ebx) + + addl $32, %esi + addl $32, %edi + addl $32, %ebx + subl $8, %ebp + jnz .L015aw_loop +.L014aw_finish: + movl 32(%esp), %ebp + andl $7, %ebp + jz .L016aw_end + /* Tail Round 0 */ + movl (%esi), %ecx + movl (%edi), %edx + subl %eax, %ecx + movl $0, %eax + adcl %eax, %eax + subl %edx, %ecx + adcl $0, %eax + decl %ebp + movl %ecx, (%ebx) + jz .L016aw_end + /* Tail Round 1 */ + movl 4(%esi), %ecx + movl 4(%edi), %edx + subl %eax, %ecx + movl $0, %eax + adcl %eax, %eax + subl %edx, %ecx + adcl $0, %eax + decl %ebp + movl %ecx, 4(%ebx) + jz .L016aw_end + /* Tail Round 2 */ + movl 8(%esi), %ecx + movl 8(%edi), %edx + subl %eax, %ecx + movl $0, %eax + adcl %eax, %eax + subl %edx, %ecx + adcl $0, %eax + decl %ebp + movl %ecx, 8(%ebx) + jz .L016aw_end + /* Tail Round 3 */ + movl 12(%esi), %ecx + movl 12(%edi), %edx + subl %eax, %ecx + movl $0, %eax + adcl %eax, %eax + subl %edx, %ecx + adcl $0, %eax + decl %ebp + movl %ecx, 12(%ebx) + jz .L016aw_end + /* Tail Round 4 */ + movl 16(%esi), %ecx + movl 16(%edi), %edx + subl %eax, %ecx + movl $0, %eax + adcl %eax, %eax + subl %edx, %ecx + adcl $0, %eax + decl %ebp + movl %ecx, 16(%ebx) + jz .L016aw_end + /* Tail Round 5 */ + movl 20(%esi), %ecx + movl 20(%edi), %edx + subl %eax, %ecx + movl $0, %eax + adcl %eax, %eax + subl %edx, %ecx + adcl $0, %eax + decl %ebp + movl %ecx, 20(%ebx) + jz .L016aw_end + /* Tail Round 6 */ + movl 24(%esi), %ecx + movl 24(%edi), %edx + subl %eax, %ecx + movl $0, %eax + adcl %eax, %eax + subl %edx, %ecx + adcl $0, %eax + movl %ecx, 24(%ebx) +.L016aw_end: + popl %edi + popl %esi + popl %ebx + popl %ebp + ret +.bn_sub_words_end: + SIZE(bn_sub_words,.bn_sub_words_end-bn_sub_words) +.ident "bn_sub_words" +.text + .align ALIGN +.globl bn_mul_comba8 + TYPE(bn_mul_comba8,@function) +bn_mul_comba8: + pushl %esi + movl 12(%esp), %esi + pushl %edi + movl 20(%esp), %edi + pushl %ebp + pushl %ebx + xorl %ebx, %ebx + movl (%esi), %eax + xorl %ecx, %ecx + movl (%edi), %edx + /* ################## Calculate word 0 */ + xorl %ebp, %ebp + /* mul a[0]*b[0] */ + mull %edx + addl %eax, %ebx + movl 20(%esp), %eax + adcl %edx, %ecx + movl (%edi), %edx + adcl $0, %ebp + movl %ebx, (%eax) + movl 4(%esi), %eax + /* saved r[0] */ + /* ################## Calculate word 1 */ + xorl %ebx, %ebx + /* mul a[1]*b[0] */ + mull %edx + addl %eax, %ecx + movl (%esi), %eax + adcl %edx, %ebp + movl 4(%edi), %edx + adcl $0, %ebx + /* mul a[0]*b[1] */ + mull %edx + addl %eax, %ecx + movl 20(%esp), %eax + adcl %edx, %ebp + movl (%edi), %edx + adcl $0, %ebx + movl %ecx, 4(%eax) + movl 8(%esi), %eax + /* saved r[1] */ + /* ################## Calculate word 2 */ + xorl %ecx, %ecx + /* mul a[2]*b[0] */ + mull %edx + addl %eax, %ebp + movl 4(%esi), %eax + adcl %edx, %ebx + movl 4(%edi), %edx + adcl $0, %ecx + /* mul a[1]*b[1] */ + mull %edx + addl %eax, %ebp + movl (%esi), %eax + adcl %edx, %ebx + movl 8(%edi), %edx + adcl $0, %ecx + /* mul a[0]*b[2] */ + mull %edx + addl %eax, %ebp + movl 20(%esp), %eax + adcl %edx, %ebx + movl (%edi), %edx + adcl $0, %ecx + movl %ebp, 8(%eax) + movl 12(%esi), %eax + /* saved r[2] */ + /* ################## Calculate word 3 */ + xorl %ebp, %ebp + /* mul a[3]*b[0] */ + mull %edx + addl %eax, %ebx + movl 8(%esi), %eax + adcl %edx, %ecx + movl 4(%edi), %edx + adcl $0, %ebp + /* mul a[2]*b[1] */ + mull %edx + addl %eax, %ebx + movl 4(%esi), %eax + adcl %edx, %ecx + movl 8(%edi), %edx + adcl $0, %ebp + /* mul a[1]*b[2] */ + mull %edx + addl %eax, %ebx + movl (%esi), %eax + adcl %edx, %ecx + movl 12(%edi), %edx + adcl $0, %ebp + /* mul a[0]*b[3] */ + mull %edx + addl %eax, %ebx + movl 20(%esp), %eax + adcl %edx, %ecx + movl (%edi), %edx + adcl $0, %ebp + movl %ebx, 12(%eax) + movl 16(%esi), %eax + /* saved r[3] */ + /* ################## Calculate word 4 */ + xorl %ebx, %ebx + /* mul a[4]*b[0] */ + mull %edx + addl %eax, %ecx + movl 12(%esi), %eax + adcl %edx, %ebp + movl 4(%edi), %edx + adcl $0, %ebx + /* mul a[3]*b[1] */ + mull %edx + addl %eax, %ecx + movl 8(%esi), %eax + adcl %edx, %ebp + movl 8(%edi), %edx + adcl $0, %ebx + /* mul a[2]*b[2] */ + mull %edx + addl %eax, %ecx + movl 4(%esi), %eax + adcl %edx, %ebp + movl 12(%edi), %edx + adcl $0, %ebx + /* mul a[1]*b[3] */ + mull %edx + addl %eax, %ecx + movl (%esi), %eax + adcl %edx, %ebp + movl 16(%edi), %edx + adcl $0, %ebx + /* mul a[0]*b[4] */ + mull %edx + addl %eax, %ecx + movl 20(%esp), %eax + adcl %edx, %ebp + movl (%edi), %edx + adcl $0, %ebx + movl %ecx, 16(%eax) + movl 20(%esi), %eax + /* saved r[4] */ + /* ################## Calculate word 5 */ + xorl %ecx, %ecx + /* mul a[5]*b[0] */ + mull %edx + addl %eax, %ebp + movl 16(%esi), %eax + adcl %edx, %ebx + movl 4(%edi), %edx + adcl $0, %ecx + /* mul a[4]*b[1] */ + mull %edx + addl %eax, %ebp + movl 12(%esi), %eax + adcl %edx, %ebx + movl 8(%edi), %edx + adcl $0, %ecx + /* mul a[3]*b[2] */ + mull %edx + addl %eax, %ebp + movl 8(%esi), %eax + adcl %edx, %ebx + movl 12(%edi), %edx + adcl $0, %ecx + /* mul a[2]*b[3] */ + mull %edx + addl %eax, %ebp + movl 4(%esi), %eax + adcl %edx, %ebx + movl 16(%edi), %edx + adcl $0, %ecx + /* mul a[1]*b[4] */ + mull %edx + addl %eax, %ebp + movl (%esi), %eax + adcl %edx, %ebx + movl 20(%edi), %edx + adcl $0, %ecx + /* mul a[0]*b[5] */ + mull %edx + addl %eax, %ebp + movl 20(%esp), %eax + adcl %edx, %ebx + movl (%edi), %edx + adcl $0, %ecx + movl %ebp, 20(%eax) + movl 24(%esi), %eax + /* saved r[5] */ + /* ################## Calculate word 6 */ + xorl %ebp, %ebp + /* mul a[6]*b[0] */ + mull %edx + addl %eax, %ebx + movl 20(%esi), %eax + adcl %edx, %ecx + movl 4(%edi), %edx + adcl $0, %ebp + /* mul a[5]*b[1] */ + mull %edx + addl %eax, %ebx + movl 16(%esi), %eax + adcl %edx, %ecx + movl 8(%edi), %edx + adcl $0, %ebp + /* mul a[4]*b[2] */ + mull %edx + addl %eax, %ebx + movl 12(%esi), %eax + adcl %edx, %ecx + movl 12(%edi), %edx + adcl $0, %ebp + /* mul a[3]*b[3] */ + mull %edx + addl %eax, %ebx + movl 8(%esi), %eax + adcl %edx, %ecx + movl 16(%edi), %edx + adcl $0, %ebp + /* mul a[2]*b[4] */ + mull %edx + addl %eax, %ebx + movl 4(%esi), %eax + adcl %edx, %ecx + movl 20(%edi), %edx + adcl $0, %ebp + /* mul a[1]*b[5] */ + mull %edx + addl %eax, %ebx + movl (%esi), %eax + adcl %edx, %ecx + movl 24(%edi), %edx + adcl $0, %ebp + /* mul a[0]*b[6] */ + mull %edx + addl %eax, %ebx + movl 20(%esp), %eax + adcl %edx, %ecx + movl (%edi), %edx + adcl $0, %ebp + movl %ebx, 24(%eax) + movl 28(%esi), %eax + /* saved r[6] */ + /* ################## Calculate word 7 */ + xorl %ebx, %ebx + /* mul a[7]*b[0] */ + mull %edx + addl %eax, %ecx + movl 24(%esi), %eax + adcl %edx, %ebp + movl 4(%edi), %edx + adcl $0, %ebx + /* mul a[6]*b[1] */ + mull %edx + addl %eax, %ecx + movl 20(%esi), %eax + adcl %edx, %ebp + movl 8(%edi), %edx + adcl $0, %ebx + /* mul a[5]*b[2] */ + mull %edx + addl %eax, %ecx + movl 16(%esi), %eax + adcl %edx, %ebp + movl 12(%edi), %edx + adcl $0, %ebx + /* mul a[4]*b[3] */ + mull %edx + addl %eax, %ecx + movl 12(%esi), %eax + adcl %edx, %ebp + movl 16(%edi), %edx + adcl $0, %ebx + /* mul a[3]*b[4] */ + mull %edx + addl %eax, %ecx + movl 8(%esi), %eax + adcl %edx, %ebp + movl 20(%edi), %edx + adcl $0, %ebx + /* mul a[2]*b[5] */ + mull %edx + addl %eax, %ecx + movl 4(%esi), %eax + adcl %edx, %ebp + movl 24(%edi), %edx + adcl $0, %ebx + /* mul a[1]*b[6] */ + mull %edx + addl %eax, %ecx + movl (%esi), %eax + adcl %edx, %ebp + movl 28(%edi), %edx + adcl $0, %ebx + /* mul a[0]*b[7] */ + mull %edx + addl %eax, %ecx + movl 20(%esp), %eax + adcl %edx, %ebp + movl 4(%edi), %edx + adcl $0, %ebx + movl %ecx, 28(%eax) + movl 28(%esi), %eax + /* saved r[7] */ + /* ################## Calculate word 8 */ + xorl %ecx, %ecx + /* mul a[7]*b[1] */ + mull %edx + addl %eax, %ebp + movl 24(%esi), %eax + adcl %edx, %ebx + movl 8(%edi), %edx + adcl $0, %ecx + /* mul a[6]*b[2] */ + mull %edx + addl %eax, %ebp + movl 20(%esi), %eax + adcl %edx, %ebx + movl 12(%edi), %edx + adcl $0, %ecx + /* mul a[5]*b[3] */ + mull %edx + addl %eax, %ebp + movl 16(%esi), %eax + adcl %edx, %ebx + movl 16(%edi), %edx + adcl $0, %ecx + /* mul a[4]*b[4] */ + mull %edx + addl %eax, %ebp + movl 12(%esi), %eax + adcl %edx, %ebx + movl 20(%edi), %edx + adcl $0, %ecx + /* mul a[3]*b[5] */ + mull %edx + addl %eax, %ebp + movl 8(%esi), %eax + adcl %edx, %ebx + movl 24(%edi), %edx + adcl $0, %ecx + /* mul a[2]*b[6] */ + mull %edx + addl %eax, %ebp + movl 4(%esi), %eax + adcl %edx, %ebx + movl 28(%edi), %edx + adcl $0, %ecx + /* mul a[1]*b[7] */ + mull %edx + addl %eax, %ebp + movl 20(%esp), %eax + adcl %edx, %ebx + movl 8(%edi), %edx + adcl $0, %ecx + movl %ebp, 32(%eax) + movl 28(%esi), %eax + /* saved r[8] */ + /* ################## Calculate word 9 */ + xorl %ebp, %ebp + /* mul a[7]*b[2] */ + mull %edx + addl %eax, %ebx + movl 24(%esi), %eax + adcl %edx, %ecx + movl 12(%edi), %edx + adcl $0, %ebp + /* mul a[6]*b[3] */ + mull %edx + addl %eax, %ebx + movl 20(%esi), %eax + adcl %edx, %ecx + movl 16(%edi), %edx + adcl $0, %ebp + /* mul a[5]*b[4] */ + mull %edx + addl %eax, %ebx + movl 16(%esi), %eax + adcl %edx, %ecx + movl 20(%edi), %edx + adcl $0, %ebp + /* mul a[4]*b[5] */ + mull %edx + addl %eax, %ebx + movl 12(%esi), %eax + adcl %edx, %ecx + movl 24(%edi), %edx + adcl $0, %ebp + /* mul a[3]*b[6] */ + mull %edx + addl %eax, %ebx + movl 8(%esi), %eax + adcl %edx, %ecx + movl 28(%edi), %edx + adcl $0, %ebp + /* mul a[2]*b[7] */ + mull %edx + addl %eax, %ebx + movl 20(%esp), %eax + adcl %edx, %ecx + movl 12(%edi), %edx + adcl $0, %ebp + movl %ebx, 36(%eax) + movl 28(%esi), %eax + /* saved r[9] */ + /* ################## Calculate word 10 */ + xorl %ebx, %ebx + /* mul a[7]*b[3] */ + mull %edx + addl %eax, %ecx + movl 24(%esi), %eax + adcl %edx, %ebp + movl 16(%edi), %edx + adcl $0, %ebx + /* mul a[6]*b[4] */ + mull %edx + addl %eax, %ecx + movl 20(%esi), %eax + adcl %edx, %ebp + movl 20(%edi), %edx + adcl $0, %ebx + /* mul a[5]*b[5] */ + mull %edx + addl %eax, %ecx + movl 16(%esi), %eax + adcl %edx, %ebp + movl 24(%edi), %edx + adcl $0, %ebx + /* mul a[4]*b[6] */ + mull %edx + addl %eax, %ecx + movl 12(%esi), %eax + adcl %edx, %ebp + movl 28(%edi), %edx + adcl $0, %ebx + /* mul a[3]*b[7] */ + mull %edx + addl %eax, %ecx + movl 20(%esp), %eax + adcl %edx, %ebp + movl 16(%edi), %edx + adcl $0, %ebx + movl %ecx, 40(%eax) + movl 28(%esi), %eax + /* saved r[10] */ + /* ################## Calculate word 11 */ + xorl %ecx, %ecx + /* mul a[7]*b[4] */ + mull %edx + addl %eax, %ebp + movl 24(%esi), %eax + adcl %edx, %ebx + movl 20(%edi), %edx + adcl $0, %ecx + /* mul a[6]*b[5] */ + mull %edx + addl %eax, %ebp + movl 20(%esi), %eax + adcl %edx, %ebx + movl 24(%edi), %edx + adcl $0, %ecx + /* mul a[5]*b[6] */ + mull %edx + addl %eax, %ebp + movl 16(%esi), %eax + adcl %edx, %ebx + movl 28(%edi), %edx + adcl $0, %ecx + /* mul a[4]*b[7] */ + mull %edx + addl %eax, %ebp + movl 20(%esp), %eax + adcl %edx, %ebx + movl 20(%edi), %edx + adcl $0, %ecx + movl %ebp, 44(%eax) + movl 28(%esi), %eax + /* saved r[11] */ + /* ################## Calculate word 12 */ + xorl %ebp, %ebp + /* mul a[7]*b[5] */ + mull %edx + addl %eax, %ebx + movl 24(%esi), %eax + adcl %edx, %ecx + movl 24(%edi), %edx + adcl $0, %ebp + /* mul a[6]*b[6] */ + mull %edx + addl %eax, %ebx + movl 20(%esi), %eax + adcl %edx, %ecx + movl 28(%edi), %edx + adcl $0, %ebp + /* mul a[5]*b[7] */ + mull %edx + addl %eax, %ebx + movl 20(%esp), %eax + adcl %edx, %ecx + movl 24(%edi), %edx + adcl $0, %ebp + movl %ebx, 48(%eax) + movl 28(%esi), %eax + /* saved r[12] */ + /* ################## Calculate word 13 */ + xorl %ebx, %ebx + /* mul a[7]*b[6] */ + mull %edx + addl %eax, %ecx + movl 24(%esi), %eax + adcl %edx, %ebp + movl 28(%edi), %edx + adcl $0, %ebx + /* mul a[6]*b[7] */ + mull %edx + addl %eax, %ecx + movl 20(%esp), %eax + adcl %edx, %ebp + movl 28(%edi), %edx + adcl $0, %ebx + movl %ecx, 52(%eax) + movl 28(%esi), %eax + /* saved r[13] */ + /* ################## Calculate word 14 */ + xorl %ecx, %ecx + /* mul a[7]*b[7] */ + mull %edx + addl %eax, %ebp + movl 20(%esp), %eax + adcl %edx, %ebx + adcl $0, %ecx + movl %ebp, 56(%eax) + /* saved r[14] */ + /* save r[15] */ + movl %ebx, 60(%eax) + popl %ebx + popl %ebp + popl %edi + popl %esi + ret +.bn_mul_comba8_end: + SIZE(bn_mul_comba8,.bn_mul_comba8_end-bn_mul_comba8) +.ident "desasm.pl" +.text + .align ALIGN +.globl bn_mul_comba4 + TYPE(bn_mul_comba4,@function) +bn_mul_comba4: + pushl %esi + movl 12(%esp), %esi + pushl %edi + movl 20(%esp), %edi + pushl %ebp + pushl %ebx + xorl %ebx, %ebx + movl (%esi), %eax + xorl %ecx, %ecx + movl (%edi), %edx + /* ################## Calculate word 0 */ + xorl %ebp, %ebp + /* mul a[0]*b[0] */ + mull %edx + addl %eax, %ebx + movl 20(%esp), %eax + adcl %edx, %ecx + movl (%edi), %edx + adcl $0, %ebp + movl %ebx, (%eax) + movl 4(%esi), %eax + /* saved r[0] */ + /* ################## Calculate word 1 */ + xorl %ebx, %ebx + /* mul a[1]*b[0] */ + mull %edx + addl %eax, %ecx + movl (%esi), %eax + adcl %edx, %ebp + movl 4(%edi), %edx + adcl $0, %ebx + /* mul a[0]*b[1] */ + mull %edx + addl %eax, %ecx + movl 20(%esp), %eax + adcl %edx, %ebp + movl (%edi), %edx + adcl $0, %ebx + movl %ecx, 4(%eax) + movl 8(%esi), %eax + /* saved r[1] */ + /* ################## Calculate word 2 */ + xorl %ecx, %ecx + /* mul a[2]*b[0] */ + mull %edx + addl %eax, %ebp + movl 4(%esi), %eax + adcl %edx, %ebx + movl 4(%edi), %edx + adcl $0, %ecx + /* mul a[1]*b[1] */ + mull %edx + addl %eax, %ebp + movl (%esi), %eax + adcl %edx, %ebx + movl 8(%edi), %edx + adcl $0, %ecx + /* mul a[0]*b[2] */ + mull %edx + addl %eax, %ebp + movl 20(%esp), %eax + adcl %edx, %ebx + movl (%edi), %edx + adcl $0, %ecx + movl %ebp, 8(%eax) + movl 12(%esi), %eax + /* saved r[2] */ + /* ################## Calculate word 3 */ + xorl %ebp, %ebp + /* mul a[3]*b[0] */ + mull %edx + addl %eax, %ebx + movl 8(%esi), %eax + adcl %edx, %ecx + movl 4(%edi), %edx + adcl $0, %ebp + /* mul a[2]*b[1] */ + mull %edx + addl %eax, %ebx + movl 4(%esi), %eax + adcl %edx, %ecx + movl 8(%edi), %edx + adcl $0, %ebp + /* mul a[1]*b[2] */ + mull %edx + addl %eax, %ebx + movl (%esi), %eax + adcl %edx, %ecx + movl 12(%edi), %edx + adcl $0, %ebp + /* mul a[0]*b[3] */ + mull %edx + addl %eax, %ebx + movl 20(%esp), %eax + adcl %edx, %ecx + movl 4(%edi), %edx + adcl $0, %ebp + movl %ebx, 12(%eax) + movl 12(%esi), %eax + /* saved r[3] */ + /* ################## Calculate word 4 */ + xorl %ebx, %ebx + /* mul a[3]*b[1] */ + mull %edx + addl %eax, %ecx + movl 8(%esi), %eax + adcl %edx, %ebp + movl 8(%edi), %edx + adcl $0, %ebx + /* mul a[2]*b[2] */ + mull %edx + addl %eax, %ecx + movl 4(%esi), %eax + adcl %edx, %ebp + movl 12(%edi), %edx + adcl $0, %ebx + /* mul a[1]*b[3] */ + mull %edx + addl %eax, %ecx + movl 20(%esp), %eax + adcl %edx, %ebp + movl 8(%edi), %edx + adcl $0, %ebx + movl %ecx, 16(%eax) + movl 12(%esi), %eax + /* saved r[4] */ + /* ################## Calculate word 5 */ + xorl %ecx, %ecx + /* mul a[3]*b[2] */ + mull %edx + addl %eax, %ebp + movl 8(%esi), %eax + adcl %edx, %ebx + movl 12(%edi), %edx + adcl $0, %ecx + /* mul a[2]*b[3] */ + mull %edx + addl %eax, %ebp + movl 20(%esp), %eax + adcl %edx, %ebx + movl 12(%edi), %edx + adcl $0, %ecx + movl %ebp, 20(%eax) + movl 12(%esi), %eax + /* saved r[5] */ + /* ################## Calculate word 6 */ + xorl %ebp, %ebp + /* mul a[3]*b[3] */ + mull %edx + addl %eax, %ebx + movl 20(%esp), %eax + adcl %edx, %ecx + adcl $0, %ebp + movl %ebx, 24(%eax) + /* saved r[6] */ + /* save r[7] */ + movl %ecx, 28(%eax) + popl %ebx + popl %ebp + popl %edi + popl %esi + ret +.bn_mul_comba4_end: + SIZE(bn_mul_comba4,.bn_mul_comba4_end-bn_mul_comba4) +.ident "desasm.pl" +.text + .align ALIGN +.globl bn_sqr_comba8 + TYPE(bn_sqr_comba8,@function) +bn_sqr_comba8: + pushl %esi + pushl %edi + pushl %ebp + pushl %ebx + movl 20(%esp), %edi + movl 24(%esp), %esi + xorl %ebx, %ebx + xorl %ecx, %ecx + movl (%esi), %eax + /* ############### Calculate word 0 */ + xorl %ebp, %ebp + /* sqr a[0]*a[0] */ + mull %eax + addl %eax, %ebx + adcl %edx, %ecx + movl (%esi), %edx + adcl $0, %ebp + movl %ebx, (%edi) + movl 4(%esi), %eax + /* saved r[0] */ + /* ############### Calculate word 1 */ + xorl %ebx, %ebx + /* sqr a[1]*a[0] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ebx + addl %eax, %ecx + adcl %edx, %ebp + movl 8(%esi), %eax + adcl $0, %ebx + movl %ecx, 4(%edi) + movl (%esi), %edx + /* saved r[1] */ + /* ############### Calculate word 2 */ + xorl %ecx, %ecx + /* sqr a[2]*a[0] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ecx + addl %eax, %ebp + adcl %edx, %ebx + movl 4(%esi), %eax + adcl $0, %ecx + /* sqr a[1]*a[1] */ + mull %eax + addl %eax, %ebp + adcl %edx, %ebx + movl (%esi), %edx + adcl $0, %ecx + movl %ebp, 8(%edi) + movl 12(%esi), %eax + /* saved r[2] */ + /* ############### Calculate word 3 */ + xorl %ebp, %ebp + /* sqr a[3]*a[0] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ebp + addl %eax, %ebx + adcl %edx, %ecx + movl 8(%esi), %eax + adcl $0, %ebp + movl 4(%esi), %edx + /* sqr a[2]*a[1] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ebp + addl %eax, %ebx + adcl %edx, %ecx + movl 16(%esi), %eax + adcl $0, %ebp + movl %ebx, 12(%edi) + movl (%esi), %edx + /* saved r[3] */ + /* ############### Calculate word 4 */ + xorl %ebx, %ebx + /* sqr a[4]*a[0] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ebx + addl %eax, %ecx + adcl %edx, %ebp + movl 12(%esi), %eax + adcl $0, %ebx + movl 4(%esi), %edx + /* sqr a[3]*a[1] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ebx + addl %eax, %ecx + adcl %edx, %ebp + movl 8(%esi), %eax + adcl $0, %ebx + /* sqr a[2]*a[2] */ + mull %eax + addl %eax, %ecx + adcl %edx, %ebp + movl (%esi), %edx + adcl $0, %ebx + movl %ecx, 16(%edi) + movl 20(%esi), %eax + /* saved r[4] */ + /* ############### Calculate word 5 */ + xorl %ecx, %ecx + /* sqr a[5]*a[0] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ecx + addl %eax, %ebp + adcl %edx, %ebx + movl 16(%esi), %eax + adcl $0, %ecx + movl 4(%esi), %edx + /* sqr a[4]*a[1] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ecx + addl %eax, %ebp + adcl %edx, %ebx + movl 12(%esi), %eax + adcl $0, %ecx + movl 8(%esi), %edx + /* sqr a[3]*a[2] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ecx + addl %eax, %ebp + adcl %edx, %ebx + movl 24(%esi), %eax + adcl $0, %ecx + movl %ebp, 20(%edi) + movl (%esi), %edx + /* saved r[5] */ + /* ############### Calculate word 6 */ + xorl %ebp, %ebp + /* sqr a[6]*a[0] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ebp + addl %eax, %ebx + adcl %edx, %ecx + movl 20(%esi), %eax + adcl $0, %ebp + movl 4(%esi), %edx + /* sqr a[5]*a[1] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ebp + addl %eax, %ebx + adcl %edx, %ecx + movl 16(%esi), %eax + adcl $0, %ebp + movl 8(%esi), %edx + /* sqr a[4]*a[2] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ebp + addl %eax, %ebx + adcl %edx, %ecx + movl 12(%esi), %eax + adcl $0, %ebp + /* sqr a[3]*a[3] */ + mull %eax + addl %eax, %ebx + adcl %edx, %ecx + movl (%esi), %edx + adcl $0, %ebp + movl %ebx, 24(%edi) + movl 28(%esi), %eax + /* saved r[6] */ + /* ############### Calculate word 7 */ + xorl %ebx, %ebx + /* sqr a[7]*a[0] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ebx + addl %eax, %ecx + adcl %edx, %ebp + movl 24(%esi), %eax + adcl $0, %ebx + movl 4(%esi), %edx + /* sqr a[6]*a[1] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ebx + addl %eax, %ecx + adcl %edx, %ebp + movl 20(%esi), %eax + adcl $0, %ebx + movl 8(%esi), %edx + /* sqr a[5]*a[2] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ebx + addl %eax, %ecx + adcl %edx, %ebp + movl 16(%esi), %eax + adcl $0, %ebx + movl 12(%esi), %edx + /* sqr a[4]*a[3] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ebx + addl %eax, %ecx + adcl %edx, %ebp + movl 28(%esi), %eax + adcl $0, %ebx + movl %ecx, 28(%edi) + movl 4(%esi), %edx + /* saved r[7] */ + /* ############### Calculate word 8 */ + xorl %ecx, %ecx + /* sqr a[7]*a[1] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ecx + addl %eax, %ebp + adcl %edx, %ebx + movl 24(%esi), %eax + adcl $0, %ecx + movl 8(%esi), %edx + /* sqr a[6]*a[2] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ecx + addl %eax, %ebp + adcl %edx, %ebx + movl 20(%esi), %eax + adcl $0, %ecx + movl 12(%esi), %edx + /* sqr a[5]*a[3] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ecx + addl %eax, %ebp + adcl %edx, %ebx + movl 16(%esi), %eax + adcl $0, %ecx + /* sqr a[4]*a[4] */ + mull %eax + addl %eax, %ebp + adcl %edx, %ebx + movl 8(%esi), %edx + adcl $0, %ecx + movl %ebp, 32(%edi) + movl 28(%esi), %eax + /* saved r[8] */ + /* ############### Calculate word 9 */ + xorl %ebp, %ebp + /* sqr a[7]*a[2] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ebp + addl %eax, %ebx + adcl %edx, %ecx + movl 24(%esi), %eax + adcl $0, %ebp + movl 12(%esi), %edx + /* sqr a[6]*a[3] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ebp + addl %eax, %ebx + adcl %edx, %ecx + movl 20(%esi), %eax + adcl $0, %ebp + movl 16(%esi), %edx + /* sqr a[5]*a[4] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ebp + addl %eax, %ebx + adcl %edx, %ecx + movl 28(%esi), %eax + adcl $0, %ebp + movl %ebx, 36(%edi) + movl 12(%esi), %edx + /* saved r[9] */ + /* ############### Calculate word 10 */ + xorl %ebx, %ebx + /* sqr a[7]*a[3] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ebx + addl %eax, %ecx + adcl %edx, %ebp + movl 24(%esi), %eax + adcl $0, %ebx + movl 16(%esi), %edx + /* sqr a[6]*a[4] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ebx + addl %eax, %ecx + adcl %edx, %ebp + movl 20(%esi), %eax + adcl $0, %ebx + /* sqr a[5]*a[5] */ + mull %eax + addl %eax, %ecx + adcl %edx, %ebp + movl 16(%esi), %edx + adcl $0, %ebx + movl %ecx, 40(%edi) + movl 28(%esi), %eax + /* saved r[10] */ + /* ############### Calculate word 11 */ + xorl %ecx, %ecx + /* sqr a[7]*a[4] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ecx + addl %eax, %ebp + adcl %edx, %ebx + movl 24(%esi), %eax + adcl $0, %ecx + movl 20(%esi), %edx + /* sqr a[6]*a[5] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ecx + addl %eax, %ebp + adcl %edx, %ebx + movl 28(%esi), %eax + adcl $0, %ecx + movl %ebp, 44(%edi) + movl 20(%esi), %edx + /* saved r[11] */ + /* ############### Calculate word 12 */ + xorl %ebp, %ebp + /* sqr a[7]*a[5] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ebp + addl %eax, %ebx + adcl %edx, %ecx + movl 24(%esi), %eax + adcl $0, %ebp + /* sqr a[6]*a[6] */ + mull %eax + addl %eax, %ebx + adcl %edx, %ecx + movl 24(%esi), %edx + adcl $0, %ebp + movl %ebx, 48(%edi) + movl 28(%esi), %eax + /* saved r[12] */ + /* ############### Calculate word 13 */ + xorl %ebx, %ebx + /* sqr a[7]*a[6] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ebx + addl %eax, %ecx + adcl %edx, %ebp + movl 28(%esi), %eax + adcl $0, %ebx + movl %ecx, 52(%edi) + /* saved r[13] */ + /* ############### Calculate word 14 */ + xorl %ecx, %ecx + /* sqr a[7]*a[7] */ + mull %eax + addl %eax, %ebp + adcl %edx, %ebx + adcl $0, %ecx + movl %ebp, 56(%edi) + /* saved r[14] */ + movl %ebx, 60(%edi) + popl %ebx + popl %ebp + popl %edi + popl %esi + ret +.bn_sqr_comba8_end: + SIZE(bn_sqr_comba8,.bn_sqr_comba8_end-bn_sqr_comba8) +.ident "desasm.pl" +.text + .align ALIGN +.globl bn_sqr_comba4 + TYPE(bn_sqr_comba4,@function) +bn_sqr_comba4: + pushl %esi + pushl %edi + pushl %ebp + pushl %ebx + movl 20(%esp), %edi + movl 24(%esp), %esi + xorl %ebx, %ebx + xorl %ecx, %ecx + movl (%esi), %eax + /* ############### Calculate word 0 */ + xorl %ebp, %ebp + /* sqr a[0]*a[0] */ + mull %eax + addl %eax, %ebx + adcl %edx, %ecx + movl (%esi), %edx + adcl $0, %ebp + movl %ebx, (%edi) + movl 4(%esi), %eax + /* saved r[0] */ + /* ############### Calculate word 1 */ + xorl %ebx, %ebx + /* sqr a[1]*a[0] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ebx + addl %eax, %ecx + adcl %edx, %ebp + movl 8(%esi), %eax + adcl $0, %ebx + movl %ecx, 4(%edi) + movl (%esi), %edx + /* saved r[1] */ + /* ############### Calculate word 2 */ + xorl %ecx, %ecx + /* sqr a[2]*a[0] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ecx + addl %eax, %ebp + adcl %edx, %ebx + movl 4(%esi), %eax + adcl $0, %ecx + /* sqr a[1]*a[1] */ + mull %eax + addl %eax, %ebp + adcl %edx, %ebx + movl (%esi), %edx + adcl $0, %ecx + movl %ebp, 8(%edi) + movl 12(%esi), %eax + /* saved r[2] */ + /* ############### Calculate word 3 */ + xorl %ebp, %ebp + /* sqr a[3]*a[0] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ebp + addl %eax, %ebx + adcl %edx, %ecx + movl 8(%esi), %eax + adcl $0, %ebp + movl 4(%esi), %edx + /* sqr a[2]*a[1] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ebp + addl %eax, %ebx + adcl %edx, %ecx + movl 12(%esi), %eax + adcl $0, %ebp + movl %ebx, 12(%edi) + movl 4(%esi), %edx + /* saved r[3] */ + /* ############### Calculate word 4 */ + xorl %ebx, %ebx + /* sqr a[3]*a[1] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ebx + addl %eax, %ecx + adcl %edx, %ebp + movl 8(%esi), %eax + adcl $0, %ebx + /* sqr a[2]*a[2] */ + mull %eax + addl %eax, %ecx + adcl %edx, %ebp + movl 8(%esi), %edx + adcl $0, %ebx + movl %ecx, 16(%edi) + movl 12(%esi), %eax + /* saved r[4] */ + /* ############### Calculate word 5 */ + xorl %ecx, %ecx + /* sqr a[3]*a[2] */ + mull %edx + addl %eax, %eax + adcl %edx, %edx + adcl $0, %ecx + addl %eax, %ebp + adcl %edx, %ebx + movl 12(%esi), %eax + adcl $0, %ecx + movl %ebp, 20(%edi) + /* saved r[5] */ + /* ############### Calculate word 6 */ + xorl %ebp, %ebp + /* sqr a[3]*a[3] */ + mull %eax + addl %eax, %ebx + adcl %edx, %ecx + adcl $0, %ebp + movl %ebx, 24(%edi) + /* saved r[6] */ + movl %ecx, 28(%edi) + popl %ebx + popl %ebp + popl %edi + popl %esi + ret +.bn_sqr_comba4_end: + SIZE(bn_sqr_comba4,.bn_sqr_comba4_end-bn_sqr_comba4) +.ident "desasm.pl" diff --git a/crypto/bn/asm/x86w16.asm b/crypto/bn/asm/x86w16.asm index 74a933a8c..80a9ed6ee 100644 --- a/crypto/bn/asm/x86w16.asm +++ b/crypto/bn/asm/x86w16.asm @@ -6,11 +6,11 @@ F_TEXT SEGMENT WORD PUBLIC 'CODE' F_TEXT ENDS _DATA SEGMENT WORD PUBLIC 'DATA' _DATA ENDS -CONST SEGMENT WORD PUBLIC 'CONST' -CONST ENDS +_CONST SEGMENT WORD PUBLIC 'CONST' +_CONST ENDS _BSS SEGMENT WORD PUBLIC 'BSS' _BSS ENDS -DGROUP GROUP CONST, _BSS, _DATA +DGROUP GROUP _CONST, _BSS, _DATA ASSUME DS: DGROUP, SS: DGROUP F_TEXT SEGMENT ASSUME CS: F_TEXT diff --git a/crypto/bn/asm/x86w32.asm b/crypto/bn/asm/x86w32.asm index fc6f91771..957d71e3b 100644 --- a/crypto/bn/asm/x86w32.asm +++ b/crypto/bn/asm/x86w32.asm @@ -6,11 +6,11 @@ F_TEXT SEGMENT WORD USE16 PUBLIC 'CODE' F_TEXT ENDS _DATA SEGMENT WORD USE16 PUBLIC 'DATA' _DATA ENDS -CONST SEGMENT WORD USE16 PUBLIC 'CONST' -CONST ENDS +_CONST SEGMENT WORD USE16 PUBLIC 'CONST' +_CONST ENDS _BSS SEGMENT WORD USE16 PUBLIC 'BSS' _BSS ENDS -DGROUP GROUP CONST, _BSS, _DATA +DGROUP GROUP _CONST, _BSS, _DATA ASSUME DS: DGROUP, SS: DGROUP F_TEXT SEGMENT ASSUME CS: F_TEXT @@ -89,7 +89,7 @@ $L555: mov bp,WORD PTR [bp+26] ; load num and bp,3 dec bp - js $L547 + js $L547m mov eax,ecx mul DWORD PTR es:[bx] ; w* *a @@ -100,7 +100,7 @@ $L555: mov DWORD PTR ds:[di],eax mov esi,edx dec bp - js $L547 ; Note that we are now testing for -1 + js $L547m ; Note that we are now testing for -1 ; mov eax,ecx mul DWORD PTR es:[bx+4] ; w* *a @@ -111,7 +111,7 @@ $L555: mov DWORD PTR ds:[di+4],eax mov esi,edx dec bp - js $L547 + js $L547m ; mov eax,ecx mul DWORD PTR es:[bx+8] ; w* *a @@ -121,7 +121,7 @@ $L555: adc edx,0 mov DWORD PTR ds:[di+8],eax mov esi,edx -$L547: +$L547m: mov eax,esi mov edx,esi shr edx,16 @@ -315,37 +315,35 @@ _bn_add_words PROC FAR ; ap = 22 ; rp = 18 xor esi,esi ;c=0; + mov bx,WORD PTR [bp+18] ; load low r mov si,WORD PTR [bp+22] ; load a mov es,WORD PTR [bp+24] ; load a mov di,WORD PTR [bp+26] ; load b mov ds,WORD PTR [bp+28] ; load b mov dx,WORD PTR [bp+30] ; load num - dec dx - js $L547 xor ecx,ecx + dec dx + js $L547a $L5477: - xor ebx,ebx mov eax,DWORD PTR es:[si] ; *a add eax,ecx - adc ebx,0 + mov ecx,0 + adc ecx,0 add si,4 ; a++ add eax,DWORD PTR ds:[di] ; + *b - mov ecx,ebx adc ecx,0 - add di,4 - mov bx,WORD PTR [bp+18] mov ds,WORD PTR [bp+20] + add di,4 mov DWORD PTR ds:[bx],eax - add bx,4 mov ds,WORD PTR [bp+28] - mov WORD PTR [bp+18],bx + add bx,4 dec dx - js $L547 ; Note that we are now testing for -1 + js $L547a ; Note that we are now testing for -1 jmp $L5477 ; -$L547: +$L547a: mov eax,ecx mov edx,ecx shr edx,16 diff --git a/crypto/bn/bn.err b/crypto/bn/bn.err index 7ccc247c4..ba5c9bc97 100644 --- a/crypto/bn/bn.err +++ b/crypto/bn/bn.err @@ -16,12 +16,15 @@ #define BN_F_BN_MPI2BN 112 #define BN_F_BN_NEW 113 #define BN_F_BN_RAND 114 +#define BN_F_BN_USUB 115 /* Reason codes. */ -#define BN_R_BAD_RECIPROCAL 100 -#define BN_R_CALLED_WITH_EVEN_MODULUS 101 -#define BN_R_DIV_BY_ZERO 102 -#define BN_R_ENCODING_ERROR 103 -#define BN_R_INVALID_LENGTH 104 -#define BN_R_NOT_INITALISED 105 -#define BN_R_NO_INVERSE 106 +#define BN_R_ARG2_LT_ARG3 100 +#define BN_R_BAD_RECIPROCAL 101 +#define BN_R_CALLED_WITH_EVEN_MODULUS 102 +#define BN_R_DIV_BY_ZERO 103 +#define BN_R_ENCODING_ERROR 104 +#define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA 105 +#define BN_R_INVALID_LENGTH 106 +#define BN_R_NOT_INITALISED 107 +#define BN_R_NO_INVERSE 108 diff --git a/crypto/bn/bn.h b/crypto/bn/bn.h index 66dde285d..2c14a1d58 100644 --- a/crypto/bn/bn.h +++ b/crypto/bn/bn.h @@ -77,6 +77,9 @@ extern "C" { #define BN_LLONG /* This comment stops Configure mutilating things */ #endif +#define BN_MUL_COMBA +#define BN_SQR_COMBA +#undef BN_RECURSION #define RECP_MUL_MOD #define MONT_MUL_MOD @@ -105,6 +108,7 @@ extern "C" { #undef SIXTEEN_BIT #undef EIGHT_BIT + /* assuming long is 64bit - this is the DEC Alpha * unsigned long long is only 64 bits :-(, don't define * BN_LLONG for the DEC Alpha */ @@ -116,17 +120,23 @@ extern "C" { #define BN_BYTES 8 #define BN_BITS2 64 #define BN_BITS4 32 +#define BN_MASK (0xffffffffffffffffffffffffffffffffLL) #define BN_MASK2 (0xffffffffffffffffL) #define BN_MASK2l (0xffffffffL) #define BN_MASK2h (0xffffffff00000000L) #define BN_MASK2h1 (0xffffffff80000000L) #define BN_TBIT (0x8000000000000000L) -#define BN_DEC_CONV (10000000000000000000L) +#define BN_DEC_CONV (10000000000000000000UL) #define BN_DEC_FMT1 "%lu" #define BN_DEC_FMT2 "%019lu" #define BN_DEC_NUM 19 #endif +/* This is where the long long data type is 64 bits, but long is 32. + * For machines where there are 64bit registers, this is the mode to use. + * IRIX, on R4000 and above should use this mode, along with the relevent + * assember code :-). Do NOT define BN_ULLONG. + */ #ifdef SIXTY_FOUR_BIT #undef BN_LLONG /* #define BN_ULLONG unsigned long long */ @@ -141,9 +151,9 @@ extern "C" { #define BN_MASK2h (0xffffffff00000000LL) #define BN_MASK2h1 (0xffffffff80000000LL) #define BN_TBIT (0x8000000000000000LL) -#define BN_DEC_CONV (10000000000000000000L) -#define BN_DEC_FMT1 "%lu" -#define BN_DEC_FMT2 "%019lu" +#define BN_DEC_CONV (10000000000000000000LL) +#define BN_DEC_FMT1 "%llu" +#define BN_DEC_FMT2 "%019llu" #define BN_DEC_NUM 19 #endif @@ -159,6 +169,7 @@ extern "C" { #define BN_BYTES 4 #define BN_BITS2 32 #define BN_BITS4 16 +#define BN_MASK (0xffffffffffffffffLL) #define BN_MASK2 (0xffffffffL) #define BN_MASK2l (0xffff) #define BN_MASK2h1 (0xffff8000L) @@ -181,6 +192,7 @@ extern "C" { #define BN_BYTES 2 #define BN_BITS2 16 #define BN_BITS4 8 +#define BN_MASK (0xffffffff) #define BN_MASK2 (0xffff) #define BN_MASK2l (0xff) #define BN_MASK2h1 (0xff80) @@ -203,6 +215,7 @@ extern "C" { #define BN_BYTES 1 #define BN_BITS2 8 #define BN_BITS4 4 +#define BN_MASK (0xffff) #define BN_MASK2 (0xff) #define BN_MASK2l (0xf) #define BN_MASK2h1 (0xf8) @@ -220,6 +233,12 @@ extern "C" { #undef BIGNUM #endif +#define BN_FLG_MALLOCED 0x01 +#define BN_FLG_STATIC_DATA 0x02 +#define BN_FLG_FREE 0x8000 /* used for debuging */ +#define BN_set_flags(b,n) ((b)->flags|=(n)) +#define BN_get_flags(b,n) ((b)->flags&(n)) + typedef struct bignum_st { BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */ @@ -227,6 +246,7 @@ typedef struct bignum_st /* The next are internal book keeping for bn_expand. */ int max; /* Size of the d array. */ int neg; /* one if the number is negative */ + int flags; } BIGNUM; /* Used for temp variables */ @@ -234,7 +254,8 @@ typedef struct bignum_st typedef struct bignum_ctx { int tos; - BIGNUM *bn[BN_CTX_NUM+1]; + BIGNUM bn[BN_CTX_NUM+1]; + int flags; } BN_CTX; typedef struct bn_blinding_st @@ -248,51 +269,69 @@ typedef struct bn_blinding_st /* Used for montgomery multiplication */ typedef struct bn_mont_ctx_st { + int use_word; /* 0 for word form, 1 for long form */ int ri; /* number of bits in R */ - BIGNUM *RR; /* used to convert to montgomery form */ - BIGNUM *N; /* The modulus */ - BIGNUM *Ni; /* The inverse of N */ + BIGNUM RR; /* used to convert to montgomery form */ + BIGNUM N; /* The modulus */ + BIGNUM Ni; /* The inverse of N */ BN_ULONG n0; /* word form of inverse, normally only one of * Ni or n0 is defined */ + int flags; } BN_MONT_CTX; +/* Used for reciprocal division/mod functions + * It cannot be shared between threads + */ +typedef struct bn_recp_ctx_st + { + BIGNUM N; /* the divisor */ + BIGNUM Nr; /* the reciprocal */ + int num_bits; + int shift; + int flags; + } BN_RECP_CTX; + #define BN_to_montgomery(r,a,mont,ctx) BN_mod_mul_montgomery(\ - r,a,(mont)->RR,(mont),ctx) + r,a,&((mont)->RR),(mont),ctx) #define BN_prime_checks (5) #define BN_num_bytes(a) ((BN_num_bits(a)+7)/8) #define BN_is_word(a,w) (((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w))) -#define BN_is_zero(a) (((a)->top <= 1) && ((a)->d[0] == (BN_ULONG)0)) +#define BN_is_zero(a) (((a)->top == 0) || BN_is_word(a,0)) #define BN_is_one(a) (BN_is_word((a),1)) -#define BN_is_odd(a) ((a)->d[0] & 1) +#define BN_is_odd(a) (((a)->top > 0) && ((a)->d[0] & 1)) #define BN_one(a) (BN_set_word((a),1)) #define BN_zero(a) (BN_set_word((a),0)) -#define BN_ascii2bn(a) BN_hex2bn(a) -#define BN_bn2ascii(a) BN_bn2hex(a) - -#define bn_fix_top(a) \ - { \ - BN_ULONG *fix_top_l; \ - for (fix_top_l= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \ - if (*(fix_top_l--)) break; \ - } +/*#define BN_ascii2bn(a) BN_hex2bn(a) */ +/*#define BN_bn2ascii(a) BN_bn2hex(a) */ -#define bn_expand(n,b) ((((b)/BN_BITS2) <= (n)->max)?\ - (n):bn_expand2((n),(b)/BN_BITS2)) +#define bn_expand(n,b) ((((((b+BN_BITS2-1))/BN_BITS2)) <= (n)->max)?\ + (n):bn_expand2((n),(b)/BN_BITS2+1)) #define bn_wexpand(n,b) (((b) <= (n)->max)?(n):bn_expand2((n),(b))) +#define bn_fix_top(a) \ + { \ + BN_ULONG *ftl; \ + if ((a)->top > 0) \ + { \ + for (ftl= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \ + if (*(ftl--)) break; \ + } \ + } #ifndef NOPROTO BIGNUM *BN_value_one(void); char * BN_options(void); BN_CTX *BN_CTX_new(void); +void BN_CTX_init(BN_CTX *c); void BN_CTX_free(BN_CTX *c); int BN_rand(BIGNUM *rnd, int bits, int top,int bottom); int BN_num_bits(BIGNUM *a); int BN_num_bits_word(BN_ULONG); BIGNUM *BN_new(void); +void BN_init(BIGNUM *); void BN_clear_free(BIGNUM *a); BIGNUM *BN_copy(BIGNUM *a, BIGNUM *b); BIGNUM *BN_bin2bn(unsigned char *s,int len,BIGNUM *ret); @@ -300,20 +339,20 @@ int BN_bn2bin(BIGNUM *a, unsigned char *to); BIGNUM *BN_mpi2bn(unsigned char *s,int len,BIGNUM *ret); int BN_bn2mpi(BIGNUM *a, unsigned char *to); int BN_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b); -void bn_qsub(BIGNUM *r, BIGNUM *a, BIGNUM *b); -void bn_qadd(BIGNUM *r, BIGNUM *a, BIGNUM *b); +int BN_usub(BIGNUM *r, BIGNUM *a, BIGNUM *b); +int BN_uadd(BIGNUM *r, BIGNUM *a, BIGNUM *b); int BN_add(BIGNUM *r, BIGNUM *a, BIGNUM *b); int BN_mod(BIGNUM *rem, BIGNUM *m, BIGNUM *d, BN_CTX *ctx); int BN_div(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, BIGNUM *d, BN_CTX *ctx); -int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b); +int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b,BN_CTX *ctx); int BN_sqr(BIGNUM *r, BIGNUM *a,BN_CTX *ctx); -BN_ULONG BN_mod_word(BIGNUM *a, unsigned long w); -BN_ULONG BN_div_word(BIGNUM *a, unsigned long w); -int BN_mul_word(BIGNUM *a, unsigned long w); -int BN_add_word(BIGNUM *a, unsigned long w); -int BN_sub_word(BIGNUM *a, unsigned long w); -int BN_set_word(BIGNUM *a, unsigned long w); -unsigned long BN_get_word(BIGNUM *a); +BN_ULONG BN_mod_word(BIGNUM *a, BN_ULONG w); +BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w); +int BN_mul_word(BIGNUM *a, BN_ULONG w); +int BN_add_word(BIGNUM *a, BN_ULONG w); +int BN_sub_word(BIGNUM *a, BN_ULONG w); +int BN_set_word(BIGNUM *a, BN_ULONG w); +BN_ULONG BN_get_word(BIGNUM *a); int BN_cmp(BIGNUM *a, BIGNUM *b); void BN_free(BIGNUM *a); int BN_is_bit_set(BIGNUM *a, int n); @@ -323,12 +362,11 @@ int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p,BN_CTX *ctx); int BN_mod_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx); int BN_mod_exp_mont(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx, BN_MONT_CTX *m_ctx); -int BN_mod_exp_recp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx); +int BN_mod_exp2_mont(BIGNUM *r, BIGNUM *a1, BIGNUM *p1,BIGNUM *a2, + BIGNUM *p2,BIGNUM *m,BN_CTX *ctx,BN_MONT_CTX *m_ctx); int BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx); int BN_mask_bits(BIGNUM *a,int n); -int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *x, BIGNUM *y, BIGNUM *m, - BIGNUM *i, int nb, BN_CTX *ctx); int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, BIGNUM *m, BN_CTX *ctx); #ifndef WIN16 @@ -339,7 +377,7 @@ int BN_print(BIO *fp, BIGNUM *a); #else int BN_print(char *fp, BIGNUM *a); #endif -int BN_reciprocal(BIGNUM *r, BIGNUM *m, BN_CTX *ctx); +int BN_reciprocal(BIGNUM *r, BIGNUM *m, int len, BN_CTX *ctx); int BN_rshift(BIGNUM *r, BIGNUM *a, int n); int BN_rshift1(BIGNUM *r, BIGNUM *a); void BN_clear(BIGNUM *a); @@ -353,8 +391,8 @@ char * BN_bn2dec(BIGNUM *a); int BN_hex2bn(BIGNUM **a,char *str); int BN_dec2bn(BIGNUM **a,char *str); int BN_gcd(BIGNUM *r,BIGNUM *in_a,BIGNUM *in_b,BN_CTX *ctx); -BIGNUM *BN_mod_inverse(BIGNUM *a, BIGNUM *n,BN_CTX *ctx); -BIGNUM *BN_generate_prime(int bits,int strong,BIGNUM *add, +BIGNUM *BN_mod_inverse(BIGNUM *ret,BIGNUM *a, BIGNUM *n,BN_CTX *ctx); +BIGNUM *BN_generate_prime(BIGNUM *ret,int bits,int strong,BIGNUM *add, BIGNUM *rem,void (*callback)(int,int,char *),char *cb_arg); int BN_is_prime(BIGNUM *p,int nchecks,void (*callback)(int,int,char *), BN_CTX *ctx,char *cb_arg); @@ -363,15 +401,18 @@ void ERR_load_BN_strings(void ); BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w); BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w); void bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num); -BN_ULONG bn_div64(BN_ULONG h, BN_ULONG l, BN_ULONG d); +BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d); BN_ULONG bn_add_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num); +BN_ULONG bn_sub_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num); BN_MONT_CTX *BN_MONT_CTX_new(void ); +void BN_MONT_CTX_init(BN_MONT_CTX *ctx); int BN_mod_mul_montgomery(BIGNUM *r,BIGNUM *a,BIGNUM *b,BN_MONT_CTX *mont, BN_CTX *ctx); int BN_from_montgomery(BIGNUM *r,BIGNUM *a,BN_MONT_CTX *mont,BN_CTX *ctx); void BN_MONT_CTX_free(BN_MONT_CTX *mont); int BN_MONT_CTX_set(BN_MONT_CTX *mont,BIGNUM *modulus,BN_CTX *ctx); +BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to,BN_MONT_CTX *from); BN_BLINDING *BN_BLINDING_new(BIGNUM *A,BIGNUM *Ai,BIGNUM *mod); void BN_BLINDING_free(BN_BLINDING *b); @@ -379,16 +420,45 @@ int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx); int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *r, BN_CTX *ctx); int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); +void BN_set_params(int mul,int high,int low,int mont); +int BN_get_params(int which); /* 0, mul, 1 high, 2 low, 3 mont */ + +void bn_mul_normal(BN_ULONG *r,BN_ULONG *a,int na,BN_ULONG *b,int nb); +void bn_mul_comba8(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b); +void bn_mul_comba4(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b); +void bn_sqr_normal(BN_ULONG *r, BN_ULONG *a, int n, BN_ULONG *tmp); +void bn_sqr_comba8(BN_ULONG *r,BN_ULONG *a); +void bn_sqr_comba4(BN_ULONG *r,BN_ULONG *a); +int bn_cmp_words(BN_ULONG *a,BN_ULONG *b,int n); +void bn_mul_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2,BN_ULONG *t); +void bn_mul_part_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, + int tn, int n,BN_ULONG *t); +void bn_sqr_recursive(BN_ULONG *r,BN_ULONG *a, int n2, BN_ULONG *t); +void bn_mul_low_normal(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, int n); + +void BN_RECP_CTX_init(BN_RECP_CTX *recp); +BN_RECP_CTX *BN_RECP_CTX_new(void); +void BN_RECP_CTX_free(BN_RECP_CTX *recp); +int BN_RECP_CTX_set(BN_RECP_CTX *recp,BIGNUM *rdiv,BN_CTX *ctx); +int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *x, BIGNUM *y, + BN_RECP_CTX *recp,BN_CTX *ctx); +int BN_mod_exp_recp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx); +int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, + BN_RECP_CTX *recp, BN_CTX *ctx); + + #else BIGNUM *BN_value_one(); char * BN_options(); BN_CTX *BN_CTX_new(); +void BN_CTX_init(); void BN_CTX_free(); int BN_rand(); int BN_num_bits(); int BN_num_bits_word(); BIGNUM *BN_new(); +void BN_init(); void BN_clear_free(); BIGNUM *BN_copy(); BIGNUM *BN_bin2bn(); @@ -396,8 +466,8 @@ int BN_bn2bin(); BIGNUM *BN_mpi2bn(); int BN_bn2mpi(); int BN_sub(); -void bn_qsub(); -void bn_qadd(); +int BN_usub(); +int BN_uadd(); int BN_add(); int BN_mod(); int BN_div(); @@ -449,12 +519,14 @@ void ERR_load_BN_strings(); BN_ULONG bn_mul_add_words(); BN_ULONG bn_mul_words(); void bn_sqr_words(); -BN_ULONG bn_div64(); +BN_ULONG bn_div_words(); BN_ULONG bn_add_words(); +BN_ULONG bn_sub_words(); int BN_mod_mul_montgomery(); int BN_from_montgomery(); BN_MONT_CTX *BN_MONT_CTX_new(); +void BN_MONT_CTX_init(); void BN_MONT_CTX_free(); int BN_MONT_CTX_set(); @@ -464,6 +536,26 @@ int BN_BLINDING_update(); int BN_BLINDING_convert(); int BN_BLINDING_invert(); +void bn_mul_normal(); +void bn_mul_comba8(); +void bn_mul_comba4(); +void bn_sqr_normal(); +void bn_sqr_comba8(); +void bn_sqr_comba4(); +int bn_cmp_words(); +void bn_mul_recursive(); +void bn_mul_part_recursive(); +void bn_sqr_recursive(); +void bn_mul_low_normal(); + +void BN_RECP_CTX_init(); +BN_RECP_CTX *BN_RECP_CTX_new(); +void BN_RECP_CTX_free(); +int BN_RECP_CTX_set(); +int BN_mod_mul_reciprocal(); +int BN_mod_exp_recp(); +int BN_div_recp(); + #endif /* BEGIN ERROR CODES */ @@ -485,15 +577,18 @@ int BN_BLINDING_invert(); #define BN_F_BN_MPI2BN 112 #define BN_F_BN_NEW 113 #define BN_F_BN_RAND 114 +#define BN_F_BN_USUB 115 /* Reason codes. */ -#define BN_R_BAD_RECIPROCAL 100 -#define BN_R_CALLED_WITH_EVEN_MODULUS 101 -#define BN_R_DIV_BY_ZERO 102 -#define BN_R_ENCODING_ERROR 103 -#define BN_R_INVALID_LENGTH 104 -#define BN_R_NOT_INITALISED 105 -#define BN_R_NO_INVERSE 106 +#define BN_R_ARG2_LT_ARG3 100 +#define BN_R_BAD_RECIPROCAL 101 +#define BN_R_CALLED_WITH_EVEN_MODULUS 102 +#define BN_R_DIV_BY_ZERO 103 +#define BN_R_ENCODING_ERROR 104 +#define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA 105 +#define BN_R_INVALID_LENGTH 106 +#define BN_R_NOT_INITALISED 107 +#define BN_R_NO_INVERSE 108 #ifdef __cplusplus } diff --git a/crypto/bn/bn.org b/crypto/bn/bn.org index 66dde285d..d8904d7ef 100644 --- a/crypto/bn/bn.org +++ b/crypto/bn/bn.org @@ -77,6 +77,9 @@ extern "C" { #define BN_LLONG /* This comment stops Configure mutilating things */ #endif +#define BN_MUL_COMBA +#define BN_SQR_COMBA +#define BN_RECURSION #define RECP_MUL_MOD #define MONT_MUL_MOD @@ -105,6 +108,7 @@ extern "C" { #undef SIXTEEN_BIT #undef EIGHT_BIT + /* assuming long is 64bit - this is the DEC Alpha * unsigned long long is only 64 bits :-(, don't define * BN_LLONG for the DEC Alpha */ @@ -116,17 +120,23 @@ extern "C" { #define BN_BYTES 8 #define BN_BITS2 64 #define BN_BITS4 32 +#define BN_MASK (0xffffffffffffffffffffffffffffffffLL) #define BN_MASK2 (0xffffffffffffffffL) #define BN_MASK2l (0xffffffffL) #define BN_MASK2h (0xffffffff00000000L) #define BN_MASK2h1 (0xffffffff80000000L) #define BN_TBIT (0x8000000000000000L) -#define BN_DEC_CONV (10000000000000000000L) +#define BN_DEC_CONV (10000000000000000000UL) #define BN_DEC_FMT1 "%lu" #define BN_DEC_FMT2 "%019lu" #define BN_DEC_NUM 19 #endif +/* This is where the long long data type is 64 bits, but long is 32. + * For machines where there are 64bit registers, this is the mode to use. + * IRIX, on R4000 and above should use this mode, along with the relevent + * assember code :-). Do NOT define BN_ULLONG. + */ #ifdef SIXTY_FOUR_BIT #undef BN_LLONG /* #define BN_ULLONG unsigned long long */ @@ -141,9 +151,9 @@ extern "C" { #define BN_MASK2h (0xffffffff00000000LL) #define BN_MASK2h1 (0xffffffff80000000LL) #define BN_TBIT (0x8000000000000000LL) -#define BN_DEC_CONV (10000000000000000000L) -#define BN_DEC_FMT1 "%lu" -#define BN_DEC_FMT2 "%019lu" +#define BN_DEC_CONV (10000000000000000000LL) +#define BN_DEC_FMT1 "%llu" +#define BN_DEC_FMT2 "%019llu" #define BN_DEC_NUM 19 #endif @@ -159,6 +169,7 @@ extern "C" { #define BN_BYTES 4 #define BN_BITS2 32 #define BN_BITS4 16 +#define BN_MASK (0xffffffffffffffffLL) #define BN_MASK2 (0xffffffffL) #define BN_MASK2l (0xffff) #define BN_MASK2h1 (0xffff8000L) @@ -181,6 +192,7 @@ extern "C" { #define BN_BYTES 2 #define BN_BITS2 16 #define BN_BITS4 8 +#define BN_MASK (0xffffffff) #define BN_MASK2 (0xffff) #define BN_MASK2l (0xff) #define BN_MASK2h1 (0xff80) @@ -203,6 +215,7 @@ extern "C" { #define BN_BYTES 1 #define BN_BITS2 8 #define BN_BITS4 4 +#define BN_MASK (0xffff) #define BN_MASK2 (0xff) #define BN_MASK2l (0xf) #define BN_MASK2h1 (0xf8) @@ -220,6 +233,12 @@ extern "C" { #undef BIGNUM #endif +#define BN_FLG_MALLOCED 0x01 +#define BN_FLG_STATIC_DATA 0x02 +#define BN_FLG_FREE 0x8000 /* used for debuging */ +#define BN_set_flags(b,n) ((b)->flags|=(n)) +#define BN_get_flags(b,n) ((b)->flags&(n)) + typedef struct bignum_st { BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */ @@ -227,6 +246,7 @@ typedef struct bignum_st /* The next are internal book keeping for bn_expand. */ int max; /* Size of the d array. */ int neg; /* one if the number is negative */ + int flags; } BIGNUM; /* Used for temp variables */ @@ -234,7 +254,8 @@ typedef struct bignum_st typedef struct bignum_ctx { int tos; - BIGNUM *bn[BN_CTX_NUM+1]; + BIGNUM bn[BN_CTX_NUM+1]; + int flags; } BN_CTX; typedef struct bn_blinding_st @@ -248,51 +269,69 @@ typedef struct bn_blinding_st /* Used for montgomery multiplication */ typedef struct bn_mont_ctx_st { + int use_word; /* 0 for word form, 1 for long form */ int ri; /* number of bits in R */ - BIGNUM *RR; /* used to convert to montgomery form */ - BIGNUM *N; /* The modulus */ - BIGNUM *Ni; /* The inverse of N */ + BIGNUM RR; /* used to convert to montgomery form */ + BIGNUM N; /* The modulus */ + BIGNUM Ni; /* The inverse of N */ BN_ULONG n0; /* word form of inverse, normally only one of * Ni or n0 is defined */ + int flags; } BN_MONT_CTX; +/* Used for reciprocal division/mod functions + * It cannot be shared between threads + */ +typedef struct bn_recp_ctx_st + { + BIGNUM N; /* the divisor */ + BIGNUM Nr; /* the reciprocal */ + int num_bits; + int shift; + int flags; + } BN_RECP_CTX; + #define BN_to_montgomery(r,a,mont,ctx) BN_mod_mul_montgomery(\ - r,a,(mont)->RR,(mont),ctx) + r,a,&((mont)->RR),(mont),ctx) #define BN_prime_checks (5) #define BN_num_bytes(a) ((BN_num_bits(a)+7)/8) #define BN_is_word(a,w) (((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w))) -#define BN_is_zero(a) (((a)->top <= 1) && ((a)->d[0] == (BN_ULONG)0)) +#define BN_is_zero(a) (((a)->top == 0) || BN_is_word(a,0)) #define BN_is_one(a) (BN_is_word((a),1)) -#define BN_is_odd(a) ((a)->d[0] & 1) +#define BN_is_odd(a) (((a)->top > 0) && ((a)->d[0] & 1)) #define BN_one(a) (BN_set_word((a),1)) #define BN_zero(a) (BN_set_word((a),0)) -#define BN_ascii2bn(a) BN_hex2bn(a) -#define BN_bn2ascii(a) BN_bn2hex(a) - -#define bn_fix_top(a) \ - { \ - BN_ULONG *fix_top_l; \ - for (fix_top_l= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \ - if (*(fix_top_l--)) break; \ - } +/*#define BN_ascii2bn(a) BN_hex2bn(a) */ +/*#define BN_bn2ascii(a) BN_bn2hex(a) */ -#define bn_expand(n,b) ((((b)/BN_BITS2) <= (n)->max)?\ - (n):bn_expand2((n),(b)/BN_BITS2)) +#define bn_expand(n,b) ((((((b+BN_BITS2-1))/BN_BITS2)) <= (n)->max)?\ + (n):bn_expand2((n),(b)/BN_BITS2+1)) #define bn_wexpand(n,b) (((b) <= (n)->max)?(n):bn_expand2((n),(b))) +#define bn_fix_top(a) \ + { \ + BN_ULONG *ftl; \ + if ((a)->top > 0) \ + { \ + for (ftl= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \ + if (*(ftl--)) break; \ + } \ + } #ifndef NOPROTO BIGNUM *BN_value_one(void); char * BN_options(void); BN_CTX *BN_CTX_new(void); +void BN_CTX_init(BN_CTX *c); void BN_CTX_free(BN_CTX *c); int BN_rand(BIGNUM *rnd, int bits, int top,int bottom); int BN_num_bits(BIGNUM *a); int BN_num_bits_word(BN_ULONG); BIGNUM *BN_new(void); +void BN_init(BIGNUM *); void BN_clear_free(BIGNUM *a); BIGNUM *BN_copy(BIGNUM *a, BIGNUM *b); BIGNUM *BN_bin2bn(unsigned char *s,int len,BIGNUM *ret); @@ -300,20 +339,20 @@ int BN_bn2bin(BIGNUM *a, unsigned char *to); BIGNUM *BN_mpi2bn(unsigned char *s,int len,BIGNUM *ret); int BN_bn2mpi(BIGNUM *a, unsigned char *to); int BN_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b); -void bn_qsub(BIGNUM *r, BIGNUM *a, BIGNUM *b); -void bn_qadd(BIGNUM *r, BIGNUM *a, BIGNUM *b); +int BN_usub(BIGNUM *r, BIGNUM *a, BIGNUM *b); +int BN_uadd(BIGNUM *r, BIGNUM *a, BIGNUM *b); int BN_add(BIGNUM *r, BIGNUM *a, BIGNUM *b); int BN_mod(BIGNUM *rem, BIGNUM *m, BIGNUM *d, BN_CTX *ctx); int BN_div(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, BIGNUM *d, BN_CTX *ctx); -int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b); +int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b,BN_CTX *ctx); int BN_sqr(BIGNUM *r, BIGNUM *a,BN_CTX *ctx); -BN_ULONG BN_mod_word(BIGNUM *a, unsigned long w); -BN_ULONG BN_div_word(BIGNUM *a, unsigned long w); -int BN_mul_word(BIGNUM *a, unsigned long w); -int BN_add_word(BIGNUM *a, unsigned long w); -int BN_sub_word(BIGNUM *a, unsigned long w); -int BN_set_word(BIGNUM *a, unsigned long w); -unsigned long BN_get_word(BIGNUM *a); +BN_ULONG BN_mod_word(BIGNUM *a, BN_ULONG w); +BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w); +int BN_mul_word(BIGNUM *a, BN_ULONG w); +int BN_add_word(BIGNUM *a, BN_ULONG w); +int BN_sub_word(BIGNUM *a, BN_ULONG w); +int BN_set_word(BIGNUM *a, BN_ULONG w); +BN_ULONG BN_get_word(BIGNUM *a); int BN_cmp(BIGNUM *a, BIGNUM *b); void BN_free(BIGNUM *a); int BN_is_bit_set(BIGNUM *a, int n); @@ -323,12 +362,11 @@ int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p,BN_CTX *ctx); int BN_mod_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx); int BN_mod_exp_mont(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx, BN_MONT_CTX *m_ctx); -int BN_mod_exp_recp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx); +int BN_mod_exp2_mont(BIGNUM *r, BIGNUM *a1, BIGNUM *p1,BIGNUM *a2, + BIGNUM *p2,BIGNUM *m,BN_CTX *ctx,BN_MONT_CTX *m_ctx); int BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx); int BN_mask_bits(BIGNUM *a,int n); -int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *x, BIGNUM *y, BIGNUM *m, - BIGNUM *i, int nb, BN_CTX *ctx); int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, BIGNUM *m, BN_CTX *ctx); #ifndef WIN16 @@ -339,7 +377,7 @@ int BN_print(BIO *fp, BIGNUM *a); #else int BN_print(char *fp, BIGNUM *a); #endif -int BN_reciprocal(BIGNUM *r, BIGNUM *m, BN_CTX *ctx); +int BN_reciprocal(BIGNUM *r, BIGNUM *m, int len, BN_CTX *ctx); int BN_rshift(BIGNUM *r, BIGNUM *a, int n); int BN_rshift1(BIGNUM *r, BIGNUM *a); void BN_clear(BIGNUM *a); @@ -353,8 +391,8 @@ char * BN_bn2dec(BIGNUM *a); int BN_hex2bn(BIGNUM **a,char *str); int BN_dec2bn(BIGNUM **a,char *str); int BN_gcd(BIGNUM *r,BIGNUM *in_a,BIGNUM *in_b,BN_CTX *ctx); -BIGNUM *BN_mod_inverse(BIGNUM *a, BIGNUM *n,BN_CTX *ctx); -BIGNUM *BN_generate_prime(int bits,int strong,BIGNUM *add, +BIGNUM *BN_mod_inverse(BIGNUM *ret,BIGNUM *a, BIGNUM *n,BN_CTX *ctx); +BIGNUM *BN_generate_prime(BIGNUM *ret,int bits,int strong,BIGNUM *add, BIGNUM *rem,void (*callback)(int,int,char *),char *cb_arg); int BN_is_prime(BIGNUM *p,int nchecks,void (*callback)(int,int,char *), BN_CTX *ctx,char *cb_arg); @@ -363,15 +401,18 @@ void ERR_load_BN_strings(void ); BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w); BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w); void bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num); -BN_ULONG bn_div64(BN_ULONG h, BN_ULONG l, BN_ULONG d); +BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d); BN_ULONG bn_add_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num); +BN_ULONG bn_sub_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num); BN_MONT_CTX *BN_MONT_CTX_new(void ); +void BN_MONT_CTX_init(BN_MONT_CTX *ctx); int BN_mod_mul_montgomery(BIGNUM *r,BIGNUM *a,BIGNUM *b,BN_MONT_CTX *mont, BN_CTX *ctx); int BN_from_montgomery(BIGNUM *r,BIGNUM *a,BN_MONT_CTX *mont,BN_CTX *ctx); void BN_MONT_CTX_free(BN_MONT_CTX *mont); int BN_MONT_CTX_set(BN_MONT_CTX *mont,BIGNUM *modulus,BN_CTX *ctx); +BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to,BN_MONT_CTX *from); BN_BLINDING *BN_BLINDING_new(BIGNUM *A,BIGNUM *Ai,BIGNUM *mod); void BN_BLINDING_free(BN_BLINDING *b); @@ -379,16 +420,45 @@ int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx); int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *r, BN_CTX *ctx); int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); +void BN_set_params(int mul,int high,int low,int mont); +int BN_get_params(int which); /* 0, mul, 1 high, 2 low, 3 mont */ + +void bn_mul_normal(BN_ULONG *r,BN_ULONG *a,int na,BN_ULONG *b,int nb); +void bn_mul_comba8(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b); +void bn_mul_comba4(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b); +void bn_sqr_normal(BN_ULONG *r, BN_ULONG *a, int n, BN_ULONG *tmp); +void bn_sqr_comba8(BN_ULONG *r,BN_ULONG *a); +void bn_sqr_comba4(BN_ULONG *r,BN_ULONG *a); +int bn_cmp_words(BN_ULONG *a,BN_ULONG *b,int n); +void bn_mul_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2,BN_ULONG *t); +void bn_mul_part_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, + int tn, int n,BN_ULONG *t); +void bn_sqr_recursive(BN_ULONG *r,BN_ULONG *a, int n2, BN_ULONG *t); +void bn_mul_low_normal(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, int n); + +void BN_RECP_CTX_init(BN_RECP_CTX *recp); +BN_RECP_CTX *BN_RECP_CTX_new(void); +void BN_RECP_CTX_free(BN_RECP_CTX *recp); +int BN_RECP_CTX_set(BN_RECP_CTX *recp,BIGNUM *rdiv,BN_CTX *ctx); +int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *x, BIGNUM *y, + BN_RECP_CTX *recp,BN_CTX *ctx); +int BN_mod_exp_recp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx); +int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, + BN_RECP_CTX *recp, BN_CTX *ctx); + + #else BIGNUM *BN_value_one(); char * BN_options(); BN_CTX *BN_CTX_new(); +void BN_CTX_init(); void BN_CTX_free(); int BN_rand(); int BN_num_bits(); int BN_num_bits_word(); BIGNUM *BN_new(); +void BN_init(); void BN_clear_free(); BIGNUM *BN_copy(); BIGNUM *BN_bin2bn(); @@ -396,8 +466,8 @@ int BN_bn2bin(); BIGNUM *BN_mpi2bn(); int BN_bn2mpi(); int BN_sub(); -void bn_qsub(); -void bn_qadd(); +int BN_usub(); +int BN_uadd(); int BN_add(); int BN_mod(); int BN_div(); @@ -449,12 +519,14 @@ void ERR_load_BN_strings(); BN_ULONG bn_mul_add_words(); BN_ULONG bn_mul_words(); void bn_sqr_words(); -BN_ULONG bn_div64(); +BN_ULONG bn_div_words(); BN_ULONG bn_add_words(); +BN_ULONG bn_sub_words(); int BN_mod_mul_montgomery(); int BN_from_montgomery(); BN_MONT_CTX *BN_MONT_CTX_new(); +void BN_MONT_CTX_init(); void BN_MONT_CTX_free(); int BN_MONT_CTX_set(); @@ -464,6 +536,26 @@ int BN_BLINDING_update(); int BN_BLINDING_convert(); int BN_BLINDING_invert(); +void bn_mul_normal(); +void bn_mul_comba8(); +void bn_mul_comba4(); +void bn_sqr_normal(); +void bn_sqr_comba8(); +void bn_sqr_comba4(); +int bn_cmp_words(); +void bn_mul_recursive(); +void bn_mul_part_recursive(); +void bn_sqr_recursive(); +void bn_mul_low_normal(); + +void BN_RECP_CTX_init(); +BN_RECP_CTX *BN_RECP_CTX_new(); +void BN_RECP_CTX_free(); +int BN_RECP_CTX_set(); +int BN_mod_mul_reciprocal(); +int BN_mod_exp_recp(); +int BN_div_recp(); + #endif /* BEGIN ERROR CODES */ @@ -485,15 +577,18 @@ int BN_BLINDING_invert(); #define BN_F_BN_MPI2BN 112 #define BN_F_BN_NEW 113 #define BN_F_BN_RAND 114 +#define BN_F_BN_USUB 115 /* Reason codes. */ -#define BN_R_BAD_RECIPROCAL 100 -#define BN_R_CALLED_WITH_EVEN_MODULUS 101 -#define BN_R_DIV_BY_ZERO 102 -#define BN_R_ENCODING_ERROR 103 -#define BN_R_INVALID_LENGTH 104 -#define BN_R_NOT_INITALISED 105 -#define BN_R_NO_INVERSE 106 +#define BN_R_ARG2_LT_ARG3 100 +#define BN_R_BAD_RECIPROCAL 101 +#define BN_R_CALLED_WITH_EVEN_MODULUS 102 +#define BN_R_DIV_BY_ZERO 103 +#define BN_R_ENCODING_ERROR 104 +#define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA 105 +#define BN_R_INVALID_LENGTH 106 +#define BN_R_NOT_INITALISED 107 +#define BN_R_NO_INVERSE 108 #ifdef __cplusplus } diff --git a/crypto/bn/bn_add.c b/crypto/bn/bn_add.c index efb2e312e..27b781a36 100644 --- a/crypto/bn/bn_add.c +++ b/crypto/bn/bn_add.c @@ -66,9 +66,11 @@ BIGNUM *r; BIGNUM *a; BIGNUM *b; { - int i; BIGNUM *tmp; + bn_check_top(a); + bn_check_top(b); + /* a + b a+b * a + -b a-b * -a + b b-a @@ -84,14 +86,12 @@ BIGNUM *b; if (BN_ucmp(a,b) < 0) { - if (bn_wexpand(r,b->top) == NULL) return(0); - bn_qsub(r,b,a); + if (!BN_usub(r,b,a)) return(0); r->neg=1; } else { - if (bn_wexpand(r,a->top) == NULL) return(0); - bn_qsub(r,a,b); + if (!BN_usub(r,a,b)) return(0); r->neg=0; } return(1); @@ -102,23 +102,12 @@ BIGNUM *b; else r->neg=0; - i=(a->top > b->top); - - if (i) - { - if (bn_wexpand(r,a->top+1) == NULL) return(0); - bn_qadd(r,a,b); - } - else - { - if (bn_wexpand(r,b->top+1) == NULL) return(0); - bn_qadd(r,b,a); - } + if (!BN_uadd(r,a,b)) return(0); return(1); } /* unsigned add of b to a, r must be large enough */ -void bn_qadd(r,a,b) +int BN_uadd(r,a,b) BIGNUM *r; BIGNUM *a; BIGNUM *b; @@ -126,11 +115,22 @@ BIGNUM *b; register int i; int max,min; BN_ULONG *ap,*bp,*rp,carry,t1; + BIGNUM *tmp; + + bn_check_top(a); + bn_check_top(b); + if (a->top < b->top) + { tmp=a; a=b; b=tmp; } max=a->top; min=b->top; + + if (bn_wexpand(r,max+1) == NULL) + return(0); + r->top=max; + ap=a->d; bp=b->d; rp=r->d; @@ -160,8 +160,160 @@ BIGNUM *b; r->top++; } } - for (; i<max; i++) - *(rp++)= *(ap++); + if (rp != ap) + { + for (; i<max; i++) + *(rp++)= *(ap++); + } /* memcpy(rp,ap,sizeof(*ap)*(max-i));*/ + return(1); + } + +/* unsigned subtraction of b from a, a must be larger than b. */ +int BN_usub(r, a, b) +BIGNUM *r; +BIGNUM *a; +BIGNUM *b; + { + int max,min,ret=1; + register BN_ULONG t1,t2,*ap,*bp,*rp; + int i,carry; +#if defined(IRIX_CC_BUG) && !defined(LINT) + int dummy; +#endif + + bn_check_top(a); + bn_check_top(b); + + if (a->top < b->top) /* hmm... should not be happening */ + { + BNerr(BN_F_BN_USUB,BN_R_ARG2_LT_ARG3); + return(0); + } + + max=a->top; + min=b->top; + if (bn_wexpand(r,max) == NULL) return(0); + + ap=a->d; + bp=b->d; + rp=r->d; + +#if 1 + carry=0; + for (i=0; i<min; i++) + { + t1= *(ap++); + t2= *(bp++); + if (carry) + { + carry=(t1 <= t2); + t1=(t1-t2-1)&BN_MASK2; + } + else + { + carry=(t1 < t2); + t1=(t1-t2)&BN_MASK2; + } +#if defined(IRIX_CC_BUG) && !defined(LINT) + dummy=t1; +#endif + *(rp++)=t1&BN_MASK2; + } +#else + carry=bn_sub_words(rp,ap,bp,min); + ap+=min; + bp+=min; + rp+=min; + i=min; +#endif + if (carry) /* subtracted */ + { + while (i < max) + { + i++; + t1= *(ap++); + t2=(t1-1)&BN_MASK2; + *(rp++)=t2; + if (t1 > t2) break; + } + } +#if 0 + memcpy(rp,ap,sizeof(*rp)*(max-i)); +#else + if (rp != ap) + { + for (;;) + { + if (i++ >= max) break; + rp[0]=ap[0]; + if (i++ >= max) break; + rp[1]=ap[1]; + if (i++ >= max) break; + rp[2]=ap[2]; + if (i++ >= max) break; + rp[3]=ap[3]; + rp+=4; + ap+=4; + } + } +#endif + + r->top=max; + bn_fix_top(r); + return(1); + } + +int BN_sub(r, a, b) +BIGNUM *r; +BIGNUM *a; +BIGNUM *b; + { + int max; + int add=0,neg=0; + BIGNUM *tmp; + + bn_check_top(a); + bn_check_top(b); + + /* a - b a-b + * a - -b a+b + * -a - b -(a+b) + * -a - -b b-a + */ + if (a->neg) + { + if (b->neg) + { tmp=a; a=b; b=tmp; } + else + { add=1; neg=1; } + } + else + { + if (b->neg) { add=1; neg=0; } + } + + if (add) + { + if (!BN_uadd(r,a,b)) return(0); + r->neg=neg; + return(1); + } + + /* We are actually doing a - b :-) */ + + max=(a->top > b->top)?a->top:b->top; + if (bn_wexpand(r,max) == NULL) return(0); + if (BN_ucmp(a,b) < 0) + { + if (!BN_usub(r,b,a)) return(0); + r->neg=1; + } + else + { + if (!BN_usub(r,a,b)) return(0); + r->neg=0; + } + return(1); } diff --git a/crypto/bn/bn_blind.c b/crypto/bn/bn_blind.c index a7b34f0bf..35be32b99 100644 --- a/crypto/bn/bn_blind.c +++ b/crypto/bn/bn_blind.c @@ -67,8 +67,14 @@ BIGNUM *mod; { BN_BLINDING *ret=NULL; + bn_check_top(Ai); + bn_check_top(mod); + if ((ret=(BN_BLINDING *)Malloc(sizeof(BN_BLINDING))) == NULL) + { BNerr(BN_F_BN_BLINDING_NEW,ERR_R_MALLOC_FAILURE); + return(NULL); + } memset(ret,0,sizeof(BN_BLINDING)); if ((ret->A=BN_new()) == NULL) goto err; if ((ret->Ai=BN_new()) == NULL) goto err; @@ -78,7 +84,7 @@ BIGNUM *mod; return(ret); err: if (ret != NULL) BN_BLINDING_free(ret); - return(ret); + return(NULL); } void BN_BLINDING_free(r) @@ -114,6 +120,8 @@ BIGNUM *n; BN_BLINDING *b; BN_CTX *ctx; { + bn_check_top(n); + if ((b->A == NULL) || (b->Ai == NULL)) { BNerr(BN_F_BN_BLINDING_CONVERT,BN_R_NOT_INITALISED); @@ -128,6 +136,8 @@ BN_BLINDING *b; BN_CTX *ctx; { int ret; + + bn_check_top(n); if ((b->A == NULL) || (b->Ai == NULL)) { BNerr(BN_F_BN_BLINDING_INVERT,BN_R_NOT_INITALISED); diff --git a/crypto/bn/bn_div.c b/crypto/bn/bn_div.c index 2263bdc7d..c7bc04d0b 100644 --- a/crypto/bn/bn_div.c +++ b/crypto/bn/bn_div.c @@ -72,6 +72,8 @@ BN_CTX *ctx; int i,nm,nd; BIGNUM *D; + bn_check_top(m); + bn_check_top(d); if (BN_is_zero(d)) { BNerr(BN_F_BN_DIV,BN_R_DIV_BY_ZERO); @@ -86,9 +88,9 @@ BN_CTX *ctx; return(1); } - D=ctx->bn[ctx->tos]; - if (dv == NULL) dv=ctx->bn[ctx->tos+1]; - if (rem == NULL) rem=ctx->bn[ctx->tos+2]; + D= &(ctx->bn[ctx->tos]); + if (dv == NULL) dv= &(ctx->bn[ctx->tos+1]); + if (rem == NULL) rem= &(ctx->bn[ctx->tos+2]); nd=BN_num_bits(d); nm=BN_num_bits(m); @@ -98,6 +100,7 @@ BN_CTX *ctx; /* The next 2 are needed so we can do a dv->d[0]|=1 later * since BN_lshift1 will only work once there is a value :-) */ BN_zero(dv); + bn_wexpand(dv,1); dv->top=1; if (!BN_lshift(D,D,nm-nd)) return(0); @@ -107,7 +110,7 @@ BN_CTX *ctx; if (BN_ucmp(rem,D) >= 0) { dv->d[0]|=1; - bn_qsub(rem,rem,D); + if (!BN_usub(rem,rem,D)) return(0); } /* CAN IMPROVE (and have now :=) */ if (!BN_rshift1(D,D)) return(0); @@ -132,6 +135,9 @@ BN_CTX *ctx; BN_ULONG d0,d1; int num_n,div_n; + bn_check_top(num); + bn_check_top(divisor); + if (BN_is_zero(divisor)) { BNerr(BN_F_BN_DIV,BN_R_DIV_BY_ZERO); @@ -146,12 +152,12 @@ BN_CTX *ctx; return(1); } - tmp=ctx->bn[ctx->tos]; + tmp= &(ctx->bn[ctx->tos]); tmp->neg=0; - snum=ctx->bn[ctx->tos+1]; - sdiv=ctx->bn[ctx->tos+2]; + snum= &(ctx->bn[ctx->tos+1]); + sdiv= &(ctx->bn[ctx->tos+2]); if (dv == NULL) - res=ctx->bn[ctx->tos+3]; + res= &(ctx->bn[ctx->tos+3]); else res=dv; /* First we normalise the numbers */ @@ -168,10 +174,10 @@ BN_CTX *ctx; /* Lets setup a 'window' into snum * This is the part that corresponds to the current * 'area' being divided */ + BN_init(&wnum); wnum.d= &(snum->d[loop]); wnum.top= div_n; - wnum.max= snum->max; /* a bit of a lie */ - wnum.neg= 0; + wnum.max= snum->max+1; /* a bit of a lie */ /* Get the top 2 words of sdiv */ /* i=sdiv->top; */ @@ -183,8 +189,8 @@ BN_CTX *ctx; /* Setup to 'res' */ res->neg= (num->neg^divisor->neg); - res->top=loop; if (!bn_wexpand(res,(loop+1))) goto err; + res->top=loop; resp= &(res->d[loop-1]); /* space for temp */ @@ -192,7 +198,7 @@ BN_CTX *ctx; if (BN_ucmp(&wnum,sdiv) >= 0) { - bn_qsub(&wnum,&wnum,sdiv); + if (!BN_usub(&wnum,&wnum,sdiv)) goto err; *resp=1; res->d[res->top-1]=1; } @@ -211,7 +217,7 @@ BN_CTX *ctx; if (n0 == d0) q=BN_MASK2; else - q=bn_div64(n0,n1,d0); + q=bn_div_words(n0,n1,d0); { #ifdef BN_LLONG BN_ULLONG t1,t2,rem; @@ -284,3 +290,39 @@ err: } #endif + +/* rem != m */ +int BN_mod(rem, m, d,ctx) +BIGNUM *rem; +BIGNUM *m; +BIGNUM *d; +BN_CTX *ctx; + { +#if 0 /* The old slow way */ + int i,nm,nd; + BIGNUM *dv; + + if (BN_ucmp(m,d) < 0) + return((BN_copy(rem,m) == NULL)?0:1); + + dv= &(ctx->bn[ctx->tos]); + + if (!BN_copy(rem,m)) return(0); + + nm=BN_num_bits(rem); + nd=BN_num_bits(d); + if (!BN_lshift(dv,d,nm-nd)) return(0); + for (i=nm-nd; i>=0; i--) + { + if (BN_cmp(rem,dv) >= 0) + { + if (!BN_sub(rem,rem,dv)) return(0); + } + if (!BN_rshift1(dv,dv)) return(0); + } + return(1); +#else + return(BN_div(NULL,rem,m,d,ctx)); +#endif + } + diff --git a/crypto/bn/bn_err.c b/crypto/bn/bn_err.c index 029ae810d..4c29c1ac5 100644 --- a/crypto/bn/bn_err.c +++ b/crypto/bn/bn_err.c @@ -78,15 +78,18 @@ static ERR_STRING_DATA BN_str_functs[]= {ERR_PACK(0,BN_F_BN_MPI2BN,0), "BN_mpi2bn"}, {ERR_PACK(0,BN_F_BN_NEW,0), "BN_new"}, {ERR_PACK(0,BN_F_BN_RAND,0), "BN_rand"}, +{ERR_PACK(0,BN_F_BN_USUB,0), "BN_usub"}, {0,NULL}, }; static ERR_STRING_DATA BN_str_reasons[]= { +{BN_R_ARG2_LT_ARG3 ,"arg2 lt arg3"}, {BN_R_BAD_RECIPROCAL ,"bad reciprocal"}, {BN_R_CALLED_WITH_EVEN_MODULUS ,"called with even modulus"}, {BN_R_DIV_BY_ZERO ,"div by zero"}, {BN_R_ENCODING_ERROR ,"encoding error"}, +{BN_R_EXPAND_ON_STATIC_BIGNUM_DATA ,"expand on static bignum data"}, {BN_R_INVALID_LENGTH ,"invalid length"}, {BN_R_NOT_INITALISED ,"not initalised"}, {BN_R_NO_INVERSE ,"no inverse"}, @@ -99,8 +102,8 @@ void ERR_load_BN_strings() { static int init=1; - if (init); - {; + if (init) + { init=0; #ifndef NO_ERR ERR_load_strings(ERR_LIB_BN,BN_str_functs); diff --git a/crypto/bn/bn_exp.c b/crypto/bn/bn_exp.c index c056a5083..44f47e7eb 100644 --- a/crypto/bn/bn_exp.c +++ b/crypto/bn/bn_exp.c @@ -60,6 +60,8 @@ #include "cryptlib.h" #include "bn_lcl.h" +#define TABLE_SIZE 16 + /* slow but works */ int BN_mod_mul(ret, a, b, m, ctx) BIGNUM *ret; @@ -71,11 +73,15 @@ BN_CTX *ctx; BIGNUM *t; int r=0; - t=ctx->bn[ctx->tos++]; + bn_check_top(a); + bn_check_top(b); + bn_check_top(m); + + t= &(ctx->bn[ctx->tos++]); if (a == b) { if (!BN_sqr(t,a,ctx)) goto err; } else - { if (!BN_mul(t,a,b)) goto err; } + { if (!BN_mul(t,a,b,ctx)) goto err; } if (!BN_mod(ret,t,m,ctx)) goto err; r=1; err: @@ -92,8 +98,8 @@ BN_CTX *ctx; int i,bits,ret=0; BIGNUM *v,*tmp; - v=ctx->bn[ctx->tos++]; - tmp=ctx->bn[ctx->tos++]; + v= &(ctx->bn[ctx->tos++]); + tmp= &(ctx->bn[ctx->tos++]); if (BN_copy(v,a) == NULL) goto err; bits=BN_num_bits(p); @@ -108,7 +114,7 @@ BN_CTX *ctx; if (!BN_mod(v,tmp,m,ctx)) goto err; if (BN_is_bit_set(p,i)) { - if (!BN_mul(tmp,r,v)) goto err; + if (!BN_mul(tmp,r,v,ctx)) goto err; if (!BN_mod(r,tmp,m,ctx)) goto err; } } @@ -128,8 +134,8 @@ BN_CTX *ctx; int i,bits,ret=0; BIGNUM *v,*tmp; - v=ctx->bn[ctx->tos++]; - tmp=ctx->bn[ctx->tos++]; + v= &(ctx->bn[ctx->tos++]); + tmp= &(ctx->bn[ctx->tos++]); if (BN_copy(v,a) == NULL) goto err; bits=BN_num_bits(p); @@ -143,7 +149,7 @@ BN_CTX *ctx; if (!BN_sqr(tmp,v,ctx)) goto err; if (BN_is_bit_set(p,i)) { - if (!BN_mul(tmp,r,v)) goto err; + if (!BN_mul(tmp,r,v,ctx)) goto err; } } ret=1; @@ -161,6 +167,10 @@ BN_CTX *ctx; { int ret; + bn_check_top(a); + bn_check_top(p); + bn_check_top(m); + #ifdef MONT_MUL_MOD /* I have finally been able to take out this pre-condition of * the top bit being set. It was caused by an error in BN_div @@ -189,13 +199,13 @@ BIGNUM *p; BIGNUM *m; BN_CTX *ctx; { - int nb,i,j,bits,ret=0,wstart,wend,window,wvalue; - int start=1; - BIGNUM *d,*aa; - BIGNUM *val[16]; + int i,j,bits,ret=0,wstart,wend,window,wvalue; + int start=1,ts=0; + BIGNUM *aa; + BIGNUM val[TABLE_SIZE]; + BN_RECP_CTX recp; - d=ctx->bn[ctx->tos++]; - aa=ctx->bn[ctx->tos++]; + aa= &(ctx->bn[ctx->tos++]); bits=BN_num_bits(p); if (bits == 0) @@ -203,12 +213,14 @@ BN_CTX *ctx; BN_one(r); return(1); } - nb=BN_reciprocal(d,m,ctx); - if (nb == -1) goto err; + BN_RECP_CTX_init(&recp); + if (BN_RECP_CTX_set(&recp,m,ctx) <= 0) goto err; + + BN_init(&(val[0])); + ts=1; - val[0]=BN_new(); - if (!BN_mod(val[0],a,m,ctx)) goto err; /* 1 */ - if (!BN_mod_mul_reciprocal(aa,val[0],val[0],m,d,nb,ctx)) + if (!BN_mod(&(val[0]),a,m,ctx)) goto err; /* 1 */ + if (!BN_mod_mul_reciprocal(aa,&(val[0]),&(val[0]),&recp,ctx)) goto err; /* 2 */ if (bits <= 17) /* This is probably 3 or 0x10001, so just do singles */ @@ -223,12 +235,11 @@ BN_CTX *ctx; j=1<<(window-1); for (i=1; i<j; i++) { - val[i]=BN_new(); - if (!BN_mod_mul_reciprocal(val[i],val[i-1],aa,m,d,nb,ctx)) + BN_init(&val[i]); + if (!BN_mod_mul_reciprocal(&(val[i]),&(val[i-1]),aa,&recp,ctx)) goto err; } - for (; i<16; i++) - val[i]=NULL; + ts=i; start=1; /* This is used to avoid multiplication etc * when there is only the value '1' in the @@ -244,7 +255,7 @@ BN_CTX *ctx; if (BN_is_bit_set(p,wstart) == 0) { if (!start) - if (!BN_mod_mul_reciprocal(r,r,r,m,d,nb,ctx)) + if (!BN_mod_mul_reciprocal(r,r,r,&recp,ctx)) goto err; if (wstart == 0) break; wstart--; @@ -274,12 +285,12 @@ BN_CTX *ctx; if (!start) for (i=0; i<j; i++) { - if (!BN_mod_mul_reciprocal(r,r,r,m,d,nb,ctx)) + if (!BN_mod_mul_reciprocal(r,r,r,&recp,ctx)) goto err; } /* wvalue will be an odd number < 2^window */ - if (!BN_mod_mul_reciprocal(r,r,val[wvalue>>1],m,d,nb,ctx)) + if (!BN_mod_mul_reciprocal(r,r,&(val[wvalue>>1]),&recp,ctx)) goto err; /* move the 'window' down further */ @@ -290,35 +301,40 @@ BN_CTX *ctx; } ret=1; err: - ctx->tos-=2; - for (i=0; i<16; i++) - if (val[i] != NULL) BN_clear_free(val[i]); + ctx->tos--; + for (i=0; i<ts; i++) + BN_clear_free(&(val[i])); + BN_RECP_CTX_free(&recp); return(ret); } /* #endif */ /* #ifdef MONT_MUL_MOD */ -int BN_mod_exp_mont(r,a,p,m,ctx,in_mont) -BIGNUM *r; +int BN_mod_exp_mont(rr,a,p,m,ctx,in_mont) +BIGNUM *rr; BIGNUM *a; BIGNUM *p; BIGNUM *m; BN_CTX *ctx; BN_MONT_CTX *in_mont; { -#define TABLE_SIZE 16 int i,j,bits,ret=0,wstart,wend,window,wvalue; - int start=1; - BIGNUM *d,*aa; - BIGNUM *val[TABLE_SIZE]; + int start=1,ts=0; + BIGNUM *d,*aa,*r; + BIGNUM val[TABLE_SIZE]; BN_MONT_CTX *mont=NULL; + bn_check_top(a); + bn_check_top(p); + bn_check_top(m); + if (!(m->d[0] & 1)) { BNerr(BN_F_BN_MOD_EXP_MONT,BN_R_CALLED_WITH_EVEN_MODULUS); return(0); } - d=ctx->bn[ctx->tos++]; + d= &(ctx->bn[ctx->tos++]); + r= &(ctx->bn[ctx->tos++]); bits=BN_num_bits(p); if (bits == 0) { @@ -339,22 +355,23 @@ BN_MONT_CTX *in_mont; if (!BN_MONT_CTX_set(mont,m,ctx)) goto err; } - val[0]=BN_new(); + BN_init(&val[0]); + ts=1; if (BN_ucmp(a,m) >= 0) { - BN_mod(val[0],a,m,ctx); - aa=val[0]; + BN_mod(&(val[0]),a,m,ctx); + aa= &(val[0]); } else aa=a; - if (!BN_to_montgomery(val[0],aa,mont,ctx)) goto err; /* 1 */ - if (!BN_mod_mul_montgomery(d,val[0],val[0],mont,ctx)) goto err; /* 2 */ + if (!BN_to_montgomery(&(val[0]),aa,mont,ctx)) goto err; /* 1 */ + if (!BN_mod_mul_montgomery(d,&(val[0]),&(val[0]),mont,ctx)) goto err; /* 2 */ if (bits <= 20) /* This is probably 3 or 0x10001, so just do singles */ window=1; - else if (bits > 250) + else if (bits >= 256) window=5; /* max size of window */ - else if (bits >= 120) + else if (bits >= 128) window=4; else window=3; @@ -362,12 +379,11 @@ BN_MONT_CTX *in_mont; j=1<<(window-1); for (i=1; i<j; i++) { - val[i]=BN_new(); - if (!BN_mod_mul_montgomery(val[i],val[i-1],d,mont,ctx)) + BN_init(&(val[i])); + if (!BN_mod_mul_montgomery(&(val[i]),&(val[i-1]),d,mont,ctx)) goto err; } - for (; i<TABLE_SIZE; i++) - val[i]=NULL; + ts=i; start=1; /* This is used to avoid multiplication etc * when there is only the value '1' in the @@ -419,7 +435,7 @@ BN_MONT_CTX *in_mont; } /* wvalue will be an odd number < 2^window */ - if (!BN_mod_mul_montgomery(r,r,val[wvalue>>1],mont,ctx)) + if (!BN_mod_mul_montgomery(r,r,&(val[wvalue>>1]),mont,ctx)) goto err; /* move the 'window' down further */ @@ -428,13 +444,13 @@ BN_MONT_CTX *in_mont; start=0; if (wstart < 0) break; } - BN_from_montgomery(r,r,mont,ctx); + BN_from_montgomery(rr,r,mont,ctx); ret=1; err: if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont); - ctx->tos--; - for (i=0; i<TABLE_SIZE; i++) - if (val[i] != NULL) BN_clear_free(val[i]); + ctx->tos-=2; + for (i=0; i<ts; i++) + BN_clear_free(&(val[i])); return(ret); } /* #endif */ @@ -447,12 +463,12 @@ BIGNUM *p; BIGNUM *m; BN_CTX *ctx; { - int i,j,bits,ret=0,wstart,wend,window,wvalue; + int i,j,bits,ret=0,wstart,wend,window,wvalue,ts=0; int start=1; BIGNUM *d; - BIGNUM *val[16]; + BIGNUM val[TABLE_SIZE]; - d=ctx->bn[ctx->tos++]; + d= &(ctx->bn[ctx->tos++]); bits=BN_num_bits(p); if (bits == 0) @@ -461,9 +477,10 @@ BN_CTX *ctx; return(1); } - val[0]=BN_new(); - if (!BN_mod(val[0],a,m,ctx)) goto err; /* 1 */ - if (!BN_mod_mul(d,val[0],val[0],m,ctx)) + BN_init(&(val[0])); + ts=1; + if (!BN_mod(&(val[0]),a,m,ctx)) goto err; /* 1 */ + if (!BN_mod_mul(d,&(val[0]),&(val[0]),m,ctx)) goto err; /* 2 */ if (bits <= 17) /* This is probably 3 or 0x10001, so just do singles */ @@ -478,12 +495,11 @@ BN_CTX *ctx; j=1<<(window-1); for (i=1; i<j; i++) { - val[i]=BN_new(); - if (!BN_mod_mul(val[i],val[i-1],d,m,ctx)) + BN_init(&(val[i])); + if (!BN_mod_mul(&(val[i]),&(val[i-1]),d,m,ctx)) goto err; } - for (; i<16; i++) - val[i]=NULL; + ts=i; start=1; /* This is used to avoid multiplication etc * when there is only the value '1' in the @@ -534,7 +550,7 @@ BN_CTX *ctx; } /* wvalue will be an odd number < 2^window */ - if (!BN_mod_mul(r,r,val[wvalue>>1],m,ctx)) + if (!BN_mod_mul(r,r,&(val[wvalue>>1]),m,ctx)) goto err; /* move the 'window' down further */ @@ -546,8 +562,8 @@ BN_CTX *ctx; ret=1; err: ctx->tos--; - for (i=0; i<16; i++) - if (val[i] != NULL) BN_clear_free(val[i]); + for (i=0; i<ts; i++) + BN_clear_free(&(val[i])); return(ret); } diff --git a/crypto/bn/bn_gcd.c b/crypto/bn/bn_gcd.c index 071bba3b4..c80cecdc8 100644 --- a/crypto/bn/bn_gcd.c +++ b/crypto/bn/bn_gcd.c @@ -73,8 +73,11 @@ BN_CTX *ctx; BIGNUM *a,*b,*t; int ret=0; - a=ctx->bn[ctx->tos]; - b=ctx->bn[ctx->tos+1]; + bn_check_top(in_a); + bn_check_top(in_b); + + a= &(ctx->bn[ctx->tos]); + b= &(ctx->bn[ctx->tos+1]); if (BN_copy(a,in_a) == NULL) goto err; if (BN_copy(b,in_b) == NULL) goto err; @@ -95,6 +98,9 @@ BIGNUM *a,*b; BIGNUM *t; int shifts=0; + bn_check_top(a); + bn_check_top(b); + for (;;) { if (BN_is_zero(b)) @@ -142,23 +148,30 @@ err: } /* solves ax == 1 (mod n) */ -BIGNUM *BN_mod_inverse(a, n, ctx) +BIGNUM *BN_mod_inverse(in, a, n, ctx) +BIGNUM *in; BIGNUM *a; BIGNUM *n; BN_CTX *ctx; { BIGNUM *A,*B,*X,*Y,*M,*D,*R; - BIGNUM *ret=NULL,*T; + BIGNUM *T,*ret=NULL; int sign; - A=ctx->bn[ctx->tos]; - B=ctx->bn[ctx->tos+1]; - X=ctx->bn[ctx->tos+2]; - D=ctx->bn[ctx->tos+3]; - M=ctx->bn[ctx->tos+4]; - Y=ctx->bn[ctx->tos+5]; + bn_check_top(a); + bn_check_top(n); + + A= &(ctx->bn[ctx->tos]); + B= &(ctx->bn[ctx->tos+1]); + X= &(ctx->bn[ctx->tos+2]); + D= &(ctx->bn[ctx->tos+3]); + M= &(ctx->bn[ctx->tos+4]); + Y= &(ctx->bn[ctx->tos+5]); ctx->tos+=6; - R=BN_new(); + if (in == NULL) + R=BN_new(); + else + R=in; if (R == NULL) goto err; BN_zero(X); @@ -175,7 +188,7 @@ BN_CTX *ctx; B=M; /* T has a struct, M does not */ - if (!BN_mul(T,D,X)) goto err; + if (!BN_mul(T,D,X,ctx)) goto err; if (!BN_add(T,T,Y)) goto err; M=Y; Y=X; @@ -196,7 +209,7 @@ BN_CTX *ctx; } ret=R; err: - if ((ret == NULL) && (R != NULL)) BN_free(R); + if ((ret == NULL) && (in == NULL)) BN_free(R); ctx->tos-=6; return(ret); } diff --git a/crypto/bn/bn_lcl.h b/crypto/bn/bn_lcl.h index edfd78833..70b0787d8 100644 --- a/crypto/bn/bn_lcl.h +++ b/crypto/bn/bn_lcl.h @@ -65,17 +65,68 @@ extern "C" { #endif +/* Pentium pro 16,16,16,32,64 */ +/* Alpha 16,16,16,16.64 */ +#define BN_MULL_SIZE_NORMAL (16) // 32 +#define BN_MUL_RECURSIVE_SIZE_NORMAL (16) // 32 /* less than */ +#define BN_SQR_RECURSIVE_SIZE_NORMAL (16) // 32 +#define BN_MUL_LOW_RECURSIVE_SIZE_NORMAL (32) // 32 +#define BN_MONT_CTX_SET_SIZE_WORD (64) // 32 + +#ifndef BN_MUL_COMBA +#define bn_mul_comba8(r,a,b) bn_mul_normal(r,a,8,b,8) +#define bn_mul_comba4(r,a,b) bn_mul_normal(r,a,4,b,4) +/* This is probably faster than using the C code - I need to check */ +#define bn_sqr_comba8(r,a) bn_mul_normal(r,a,8,a,8) +#define bn_sqr_comba4(r,a) bn_mul_normal(r,a,4,a,4) +#endif + /************************************************************* * Using the long long type */ #define Lw(t) (((BN_ULONG)(t))&BN_MASK2) #define Hw(t) (((BN_ULONG)((t)>>BN_BITS2))&BN_MASK2) -#define bn_fix_top(a) \ - { \ - BN_ULONG *fix_top_l; \ - for (fix_top_l= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \ - if (*(fix_top_l--)) break; \ +/* These are used for internal error checking and are not normally used */ +#ifdef BN_DEBUG +#define bn_check_top(a) \ + { if (((a)->top < 0) || ((a)->top > (a)->max)) \ + { char *nullp=NULL; *nullp='z'; } } +#define bn_check_num(a) if ((a) < 0) { char *nullp=NULL; *nullp='z'; } +#else +#define bn_check_top(a) +#define bn_check_num(a) +#endif + +/* This macro is to add extra stuff for development checking */ +#ifdef BN_DEBUG +#define bn_set_max(r) ((r)->max=(r)->top,BN_set_flags((r),BN_FLG_STATIC_DATA)) +#else +#define bn_set_max(r) +#endif + +/* These macros are used to 'take' a section of a bignum for read only use */ +#define bn_set_low(r,a,n) \ + { \ + (r)->top=((a)->top > (n))?(n):(a)->top; \ + (r)->d=(a)->d; \ + (r)->neg=(a)->neg; \ + (r)->flags|=BN_FLG_STATIC_DATA; \ + bn_set_max(r); \ + } + +#define bn_set_high(r,a,n) \ + { \ + if ((a)->top > (n)) \ + { \ + (r)->top=(a)->top-n; \ + (r)->d= &((a)->d[n]); \ + } \ + else \ + (r)->top=0; \ + (r)->neg=(a)->neg; \ + (r)->flags|=BN_FLG_STATIC_DATA; \ + bn_set_max(r); \ } /* #define bn_expand(n,b) ((((b)/BN_BITS2) <= (n)->max)?(n):bn_expand2((n),(b))) */ @@ -175,6 +226,17 @@ extern "C" { #endif +extern int bn_limit_bits; +extern int bn_limit_num; /* (1<<bn_limit_bits) */ +/* Recursive 'low' limit */ +extern int bn_limit_bits_low; +extern int bn_limit_num_low; /* (1<<bn_limit_bits_low) */ +/* Do modified 'high' part calculation' */ +extern int bn_limit_bits_high; +extern int bn_limit_num_high; /* (1<<bn_limit_bits_high) */ +extern int bn_limit_bits_mont; +extern int bn_limit_num_mont; /* (1<<bn_limit_bits_mont) */ + #ifndef NOPROTO BIGNUM *bn_expand2(BIGNUM *b, int bits); @@ -197,3 +259,8 @@ BN_ULONG bn_add_words(); #endif #endif + +void bn_mul_low_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2,BN_ULONG *t); +void bn_mul_high(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,BN_ULONG *l,int n2, BN_ULONG *t); + + diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c index bfe7628ad..7ea216f91 100644 --- a/crypto/bn/bn_lib.c +++ b/crypto/bn/bn_lib.c @@ -60,7 +60,68 @@ #include "cryptlib.h" #include "bn_lcl.h" -char *BN_version="Big Number part of SSLeay 0.9.0b 29-Jun-1998"; +char *BN_version="Big Number part of SSLeay 0.9.1a 06-Jul-1998"; + +/* For a 32 bit machine + * 2 - 4 == 128 + * 3 - 8 == 256 + * 4 - 16 == 512 + * 5 - 32 == 1024 + * 6 - 64 == 2048 + * 7 - 128 == 4096 + * 8 - 256 == 8192 + */ +int bn_limit_bits=0; +int bn_limit_num=8; /* (1<<bn_limit_bits) */ +int bn_limit_bits_low=0; +int bn_limit_num_low=8; /* (1<<bn_limit_bits_low) */ +int bn_limit_bits_high=0; +int bn_limit_num_high=8; /* (1<<bn_limit_bits_high) */ +int bn_limit_bits_mont=0; +int bn_limit_num_mont=8; /* (1<<bn_limit_bits_mont) */ + +void BN_set_params(mult,high,low,mont) +int mult,high,low,mont; + { + if (mult >= 0) + { + if (mult > (sizeof(int)*8)-1) + mult=sizeof(int)*8-1; + bn_limit_bits=mult; + bn_limit_num=1<<mult; + } + if (high >= 0) + { + if (high > (sizeof(int)*8)-1) + high=sizeof(int)*8-1; + bn_limit_bits_high=high; + bn_limit_num_high=1<<high; + } + if (low >= 0) + { + if (low > (sizeof(int)*8)-1) + low=sizeof(int)*8-1; + bn_limit_bits_low=low; + bn_limit_num_low=1<<low; + } + if (mont >= 0) + { + if (mont > (sizeof(int)*8)-1) + mont=sizeof(int)*8-1; + bn_limit_bits_mont=mont; + bn_limit_num_mont=1<<mont; + } + } + +int BN_get_params(which) +int which; + { + if (which == 0) return(bn_limit_bits); + else if (which == 1) return(bn_limit_bits_high); + else if (which == 2) return(bn_limit_bits_low); + else if (which == 3) return(bn_limit_bits_mont); + else return(0); + } BIGNUM *BN_value_one() { @@ -111,24 +172,24 @@ BN_ULONG l; 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8, }; -#ifdef SIXTY_FOUR_BIT_LONG +#if defined(SIXTY_FOUR_BIT_LONG) if (l & 0xffffffff00000000L) { if (l & 0xffff000000000000L) { if (l & 0xff00000000000000L) { - return(bits[l>>56]+56); + return(bits[(int)(l>>56)]+56); } - else return(bits[l>>48]+48); + else return(bits[(int)(l>>48)]+48); } else { if (l & 0x0000ff0000000000L) { - return(bits[l>>40]+40); + return(bits[(int)(l>>40)]+40); } - else return(bits[l>>32]+32); + else return(bits[(int)(l>>32)]+32); } } else @@ -140,17 +201,17 @@ BN_ULONG l; { if (l & 0xff00000000000000LL) { - return(bits[l>>56]+56); + return(bits[(int)(l>>56)]+56); } - else return(bits[l>>48]+48); + else return(bits[(int)(l>>48)]+48); } else { if (l & 0x0000ff0000000000LL) { - return(bits[l>>40]+40); + return(bits[(int)(l>>40)]+40); } - else return(bits[l>>32]+32); + else return(bits[(int)(l>>32)]+32); } } else @@ -161,18 +222,18 @@ BN_ULONG l; if (l & 0xffff0000L) { if (l & 0xff000000L) - return(bits[l>>24L]+24); - else return(bits[l>>16L]+16); + return(bits[(int)(l>>24L)]+24); + else return(bits[(int)(l>>16L)]+16); } else #endif { #if defined(SIXTEEN_BIT) || defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG) if (l & 0xff00L) - return(bits[l>>8]+8); + return(bits[(int)(l>>8)]+8); else #endif - return(bits[l ] ); + return(bits[(int)(l )] ); } } } @@ -183,6 +244,8 @@ BIGNUM *a; BN_ULONG l; int i; + bn_check_top(a); + if (a->top == 0) return(0); l=a->d[a->top-1]; i=(a->top-1)*BN_BITS2; @@ -199,74 +262,78 @@ BIGNUM *a; void BN_clear_free(a) BIGNUM *a; { + int i; + if (a == NULL) return; if (a->d != NULL) { memset(a->d,0,a->max*sizeof(a->d[0])); - Free(a->d); + if (!(BN_get_flags(a,BN_FLG_STATIC_DATA))) + Free(a->d); } + i=BN_get_flags(a,BN_FLG_MALLOCED); memset(a,0,sizeof(BIGNUM)); - Free(a); + if (i) + Free(a); } void BN_free(a) BIGNUM *a; { if (a == NULL) return; - if (a->d != NULL) Free(a->d); - Free(a); + if ((a->d != NULL) && !(BN_get_flags(a,BN_FLG_STATIC_DATA))) + Free(a->d); + a->flags|=BN_FLG_FREE; /* REMOVE? */ + if (a->flags & BN_FLG_MALLOCED) + Free(a); + } + +void BN_init(a) +BIGNUM *a; + { + memset(a,0,sizeof(BIGNUM)); } BIGNUM *BN_new() { BIGNUM *ret; - BN_ULONG *p; - ret=(BIGNUM *)Malloc(sizeof(BIGNUM)); - if (ret == NULL) goto err; + if ((ret=(BIGNUM *)Malloc(sizeof(BIGNUM))) == NULL) + { + BNerr(BN_F_BN_NEW,ERR_R_MALLOC_FAILURE); + return(NULL); + } + ret->flags=BN_FLG_MALLOCED; ret->top=0; ret->neg=0; - ret->max=(BN_DEFAULT_BITS/BN_BITS2); - p=(BN_ULONG *)Malloc(sizeof(BN_ULONG)*(ret->max+1)); - if (p == NULL) goto err; - ret->d=p; - - memset(p,0,(ret->max+1)*sizeof(p[0])); + ret->max=0; + ret->d=NULL; return(ret); -err: - BNerr(BN_F_BN_NEW,ERR_R_MALLOC_FAILURE); - return(NULL); } + BN_CTX *BN_CTX_new() { BN_CTX *ret; - BIGNUM *n; - int i,j; ret=(BN_CTX *)Malloc(sizeof(BN_CTX)); - if (ret == NULL) goto err2; - - for (i=0; i<BN_CTX_NUM; i++) + if (ret == NULL) { - n=BN_new(); - if (n == NULL) goto err; - ret->bn[i]=n; + BNerr(BN_F_BN_CTX_NEW,ERR_R_MALLOC_FAILURE); + return(NULL); } - /* There is actually an extra one, this is for debugging my - * stuff */ - ret->bn[BN_CTX_NUM]=NULL; - - ret->tos=0; + BN_CTX_init(ret); + ret->flags=BN_FLG_MALLOCED; return(ret); -err: - for (j=0; j<i; j++) - BN_free(ret->bn[j]); - Free(ret); -err2: - BNerr(BN_F_BN_CTX_NEW,ERR_R_MALLOC_FAILURE); - return(NULL); + } + +void BN_CTX_init(ctx) +BN_CTX *ctx; + { + memset(ctx,0,sizeof(BN_CTX)); + ctx->tos=0; + ctx->flags=0; } void BN_CTX_free(c) @@ -275,26 +342,98 @@ BN_CTX *c; int i; for (i=0; i<BN_CTX_NUM; i++) - BN_clear_free(c->bn[i]); - Free(c); + BN_clear_free(&(c->bn[i])); + if (c->flags & BN_FLG_MALLOCED) + Free(c); } BIGNUM *bn_expand2(b, words) BIGNUM *b; int words; { - BN_ULONG *p; + BN_ULONG *A,*B,*a; + int i,j; + + bn_check_top(b); if (words > b->max) { - p=(BN_ULONG *)Realloc(b->d,sizeof(BN_ULONG)*(words+1)); - if (p == NULL) + bn_check_top(b); + if (BN_get_flags(b,BN_FLG_STATIC_DATA)) + { + BNerr(BN_F_BN_EXPAND2,BN_R_EXPAND_ON_STATIC_BIGNUM_DATA); + return(NULL); + } + a=A=(BN_ULONG *)Malloc(sizeof(BN_ULONG)*(words+1)); + if (A == NULL) { BNerr(BN_F_BN_EXPAND2,ERR_R_MALLOC_FAILURE); return(NULL); } - b->d=p; - memset(&(p[b->max]),0,((words+1)-b->max)*sizeof(BN_ULONG)); +memset(A,0x5c,sizeof(BN_ULONG)*(words+1)); +#if 1 + B=b->d; + if (B != NULL) + { + for (i=b->top&(~7); i>0; i-=8) + { + A[0]=B[0]; A[1]=B[1]; A[2]=B[2]; A[3]=B[3]; + A[4]=B[4]; A[5]=B[5]; A[6]=B[6]; A[7]=B[7]; + A+=8; + B+=8; + } + switch (b->top&7) + { + case 7: + A[6]=B[6]; + case 6: + A[5]=B[5]; + case 5: + A[4]=B[4]; + case 4: + A[3]=B[3]; + case 3: + A[2]=B[2]; + case 2: + A[1]=B[1]; + case 1: + A[0]=B[0]; + case 0: + /* I need the 'case 0' entry for utrix cc. + * If the optimiser is turned on, it does the + * switch table by doing + * a=top&7 + * a--; + * goto jump_table[a]; + * If top is 0, this makes us jump to 0xffffffc + * which is rather bad :-(. + * eric 23-Apr-1998 + */ + ; + } + B= &(b->d[b->top]); + j=b->max-8; + for (i=b->top; i<j; i+=8) + { + B[0]=0; B[1]=0; B[2]=0; B[3]=0; + B[4]=0; B[5]=0; B[6]=0; B[7]=0; + B+=8; + } + for (j+=8; i<j; i++) + { + B[0]=0; + B++; + } +#else + memcpy(a->d,b->d,sizeof(b->d[0])*b->top); +#endif + +/* memset(&(p[b->max]),0,((words+1)-b->max)*sizeof(BN_ULONG)); */ +/* { int i; for (i=b->max; i<words+1; i++) p[i]=i;} */ + Free(b->d); + } + + b->d=a; b->max=words; } return(b); @@ -305,6 +444,8 @@ BIGNUM *a; { BIGNUM *r; + bn_check_top(a); + r=BN_new(); if (r == NULL) return(NULL); return((BIGNUM *)BN_copy(r,a)); @@ -317,6 +458,8 @@ BIGNUM *b; int i; BN_ULONG *A,*B; + bn_check_top(b); + if (a == b) return(a); if (bn_wexpand(a,b->top) == NULL) return(NULL); @@ -352,6 +495,18 @@ BIGNUM *b; A[1]=B[1]; case 1: A[0]=B[0]; + case 0: + /* I need the 'case 0' entry for utrix cc. + * If the optimiser is turned on, it does the + * switch table by doing + * a=top&7 + * a--; + * goto jump_table[a]; + * If top is 0, this makes us jump to 0xffffffc which is + * rather bad :-(. + * eric 23-Apr-1998 + */ + ; } #else memcpy(a->d,b->d,sizeof(b->d[0])*b->top); @@ -359,7 +514,7 @@ BIGNUM *b; /* memset(&(a->d[b->top]),0,sizeof(a->d[0])*(a->max-b->top));*/ a->top=b->top; - if (a->top == 0) + if ((a->top == 0) && (a->d != NULL)) a->d[0]=0; a->neg=b->neg; return(a); @@ -368,24 +523,21 @@ BIGNUM *b; void BN_clear(a) BIGNUM *a; { - memset(a->d,0,a->max*sizeof(a->d[0])); + if (a->d != NULL) + memset(a->d,0,a->max*sizeof(a->d[0])); a->top=0; a->neg=0; } -unsigned long BN_get_word(a) +BN_ULONG BN_get_word(a) BIGNUM *a; { int i,n; - unsigned long ret=0; + BN_ULONG ret=0; n=BN_num_bytes(a); - if (n > sizeof(unsigned long)) -#ifdef SIXTY_FOUR_BIT_LONG + if (n > sizeof(BN_ULONG)) return(BN_MASK2); -#else - return(0xFFFFFFFFL); -#endif for (i=a->top-1; i>=0; i--) { #ifndef SIXTY_FOUR_BIT /* the data item > unsigned long */ @@ -399,12 +551,12 @@ BIGNUM *a; int BN_set_word(a,w) BIGNUM *a; -unsigned long w; +BN_ULONG w; { int i,n; - if (bn_expand(a,sizeof(unsigned long)*8) == NULL) return(0); + if (bn_expand(a,sizeof(BN_ULONG)*8) == NULL) return(0); - n=sizeof(unsigned long)/BN_BYTES; + n=sizeof(BN_ULONG)/BN_BYTES; a->neg=0; a->top=0; a->d[0]=(BN_ULONG)w&BN_MASK2; @@ -488,6 +640,9 @@ BIGNUM *b; int i; BN_ULONG t1,t2,*ap,*bp; + bn_check_top(a); + bn_check_top(b); + i=a->top-b->top; if (i != 0) return(i); ap=a->d; @@ -519,6 +674,10 @@ BIGNUM *b; else return(0); } + + bn_check_top(a); + bn_check_top(b); + if (a->neg != b->neg) { if (a->neg) @@ -545,13 +704,15 @@ int BN_set_bit(a, n) BIGNUM *a; int n; { - int i,j; + int i,j,k; i=n/BN_BITS2; j=n%BN_BITS2; if (a->top <= i) { - if (bn_expand(a,n) == NULL) return(0); + if (bn_wexpand(a,i+1) == NULL) return(0); + for(k=a->top; k<i+1; k++) + a->d[k]=0; a->top=i+1; } @@ -570,6 +731,7 @@ int n; if (a->top <= i) return(0); a->d[i]&=(~(1L<<j)); + bn_fix_top(a); return(1); } @@ -601,11 +763,27 @@ int n; { a->top=w+1; a->d[w]&= ~(BN_MASK2<<b); - while ((w >= 0) && (a->d[w] == 0)) - { - a->top--; - w--; - } } + bn_fix_top(a); return(1); } + +int bn_cmp_words(a,b,n) +BN_ULONG *a,*b; +int n; + { + int i; + BN_ULONG aa,bb; + + aa=a[n-1]; + bb=b[n-1]; + if (aa != bb) return((aa > bb)?1:-1); + for (i=n-2; i>=0; i--) + { + aa=a[i]; + bb=b[i]; + if (aa != bb) return((aa > bb)?1:-1); + } + return(0); + } + diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c index e435df61f..e0aa3c769 100644 --- a/crypto/bn/bn_mont.c +++ b/crypto/bn/bn_mont.c @@ -60,161 +60,208 @@ #include "cryptlib.h" #include "bn_lcl.h" +#define MONT_WORD + int BN_mod_mul_montgomery(r,a,b,mont,ctx) BIGNUM *r,*a,*b; BN_MONT_CTX *mont; BN_CTX *ctx; { - BIGNUM *tmp; + BIGNUM *tmp,*tmp2; + + tmp= &(ctx->bn[ctx->tos]); + tmp2= &(ctx->bn[ctx->tos]); + ctx->tos+=2; - tmp=ctx->bn[ctx->tos++]; + bn_check_top(tmp); + bn_check_top(tmp2); if (a == b) { +#if 0 + bn_wexpand(tmp,a->top*2); + bn_wexpand(tmp2,a->top*4); + bn_sqr_recursive(tmp->d,a->d,a->top,tmp2->d); + tmp->top=a->top*2; + if (tmp->d[tmp->top-1] == 0) + tmp->top--; +#else if (!BN_sqr(tmp,a,ctx)) goto err; +#endif } else { - if (!BN_mul(tmp,a,b)) goto err; + if (!BN_mul(tmp,a,b,ctx)) goto err; } /* reduce from aRR to aR */ if (!BN_from_montgomery(r,tmp,mont,ctx)) goto err; - ctx->tos--; + ctx->tos-=2; return(1); err: return(0); } -#define MONT_WORD - -#ifdef MONT_WORD int BN_from_montgomery(ret,a,mont,ctx) BIGNUM *ret; BIGNUM *a; BN_MONT_CTX *mont; BN_CTX *ctx; { - BIGNUM *n,*t1,*r; - BN_ULONG *ap,*np,*rp,n0,v; - int al,nl,max,i,x,ri; - int retn=0; +#ifdef BN_RECURSION + if (mont->use_word) +#endif + { + BIGNUM *n,*r; + BN_ULONG *ap,*np,*rp,n0,v,*nrp; + int al,nl,max,i,x,ri; + int retn=0; - t1=ctx->bn[ctx->tos]; - r=ctx->bn[ctx->tos+1]; + r= &(ctx->bn[ctx->tos]); - if (!BN_copy(r,a)) goto err; - n=mont->N; + if (!BN_copy(r,a)) goto err1; + n= &(mont->N); - ap=a->d; - /* mont->ri is the size of mont->N in bits/words */ - al=ri=mont->ri/BN_BITS2; + ap=a->d; + /* mont->ri is the size of mont->N in bits/words */ + al=ri=mont->ri/BN_BITS2; - nl=n->top; - if ((al == 0) || (nl == 0)) { r->top=0; return(1); } + nl=n->top; + if ((al == 0) || (nl == 0)) { r->top=0; return(1); } - max=(nl+al+1); /* allow for overflow (no?) XXX */ - if (bn_wexpand(r,max) == NULL) goto err; - if (bn_wexpand(ret,max) == NULL) goto err; + max=(nl+al+1); /* allow for overflow (no?) XXX */ + if (bn_wexpand(r,max) == NULL) goto err1; + if (bn_wexpand(ret,max) == NULL) goto err1; - r->neg=a->neg^n->neg; - np=n->d; - rp=r->d; + r->neg=a->neg^n->neg; + np=n->d; + rp=r->d; + nrp= &(r->d[nl]); - /* clear the top words of T */ + /* clear the top words of T */ #if 1 - for (i=r->top; i<max; i++) /* memset? XXX */ - r->d[i]=0; + for (i=r->top; i<max; i++) /* memset? XXX */ + r->d[i]=0; #else - memset(&(r->d[r->top]),0,(max-r->top)*sizeof(BN_ULONG)); + memset(&(r->d[r->top]),0,(max-r->top)*sizeof(BN_ULONG)); #endif - r->top=max; - n0=mont->n0; + r->top=max; + n0=mont->n0; - for (i=0; i<nl; i++) - { -#if 0 - int x1,x2; - - if (i+4 > nl) +#ifdef BN_COUNT +printf("word BN_from_montgomery %d * %d\n",nl,nl); +#endif + for (i=0; i<nl; i++) { - x2=nl; - x1=0; + v=bn_mul_add_words(rp,np,nl,(rp[0]*n0)&BN_MASK2); + nrp++; + rp++; + if (((nrp[-1]+=v)&BN_MASK2) >= v) + continue; + else + { + if (((++nrp[0])&BN_MASK2) != 0) continue; + if (((++nrp[1])&BN_MASK2) != 0) continue; + for (x=2; (((++nrp[x])&BN_MASK2) == 0); x++) ; + } } + bn_fix_top(r); + + /* mont->ri will be a multiple of the word size */ +#if 0 + BN_rshift(ret,r,mont->ri); +#else + x=ri; + rp=ret->d; + ap= &(r->d[x]); + if (r->top < x) + al=0; else + al=r->top-x; + ret->top=al; + al-=4; + for (i=0; i<al; i+=4) { - x2=i+4; - x1=nl-x2; + BN_ULONG t1,t2,t3,t4; + + t1=ap[i+0]; + t2=ap[i+1]; + t3=ap[i+2]; + t4=ap[i+3]; + rp[i+0]=t1; + rp[i+1]=t2; + rp[i+2]=t3; + rp[i+3]=t4; } - v=bn_mul_add_words(&(rp[x1]),&(np[x1]),x2,(rp[x1]*n0)&BN_MASK2); -#else - v=bn_mul_add_words(rp,np,nl,(rp[0]*n0)&BN_MASK2); + al+=4; + for (; i<al; i++) + rp[i]=ap[i]; #endif - if (((rp[nl]+=v)&BN_MASK2) < v) + if (BN_ucmp(ret, &(mont->N)) >= 0) { - for (x=(nl+1); (((++rp[x])&BN_MASK2) == 0); x++) - ; + BN_usub(ret,ret,&(mont->N)); /* XXX */ } - rp++; + retn=1; +err1: + return(retn); } - while (r->d[r->top-1] == 0) - r->top--; - - /* mont->ri will be a multiple of the word size */ -#if 0 - BN_rshift(ret,r,mont->ri); -#else - ap=r->d; - rp=ret->d; - x=ri; - al=r->top-x; - for (i=0; i<al; i++) +#ifdef BN_RECURSION + else /* bignum version */ { - rp[i]=ap[i+x]; - } - ret->top=al; + BIGNUM *t1,*t2,*t3; + int j,i; + +#ifdef BN_COUNT +printf("number BN_from_montgomery\n"); #endif - if (BN_ucmp(ret,mont->N) >= 0) - { - bn_qsub(ret,ret,mont->N); /* XXX */ - } - retn=1; -err: - return(retn); - } -#else -int BN_from_montgomery(r,a,mont,ctx) -BIGNUM *r; -BIGNUM *a; -BN_MONT_CTX *mont; -BN_CTX *ctx; - { - BIGNUM *t1,*t2; + t1= &(ctx->bn[ctx->tos]); + t2= &(ctx->bn[ctx->tos+1]); + t3= &(ctx->bn[ctx->tos+2]); - t1=ctx->bn[ctx->tos]; - t2=ctx->bn[ctx->tos+1]; + i=mont->Ni.top; + bn_wexpand(ret,i); /* perhaps only i*2 */ + bn_wexpand(t1,i*4); /* perhaps only i*2 */ + bn_wexpand(t2,i*2); /* perhaps only i */ - if (!BN_copy(t1,a)) goto err; - /* can cheat */ - BN_mask_bits(t1,mont->ri); + bn_mul_low_recursive(t2->d,a->d,mont->Ni.d,i,t1->d); - if (!BN_mul(t2,t1,mont->Ni)) goto err; - BN_mask_bits(t2,mont->ri); + BN_zero(t3); + BN_set_bit(t3,mont->N.top*BN_BITS2); + bn_sub_words(t3->d,t3->d,a->d,i); + bn_mul_high(ret->d,t2->d,mont->N.d,t3->d,i,t1->d); - if (!BN_mul(t1,t2,mont->N)) goto err; - if (!BN_add(t2,a,t1)) goto err; - BN_rshift(r,t2,mont->ri); + /* hmm... if a is between i and 2*i, things are bad */ + if (a->top > i) + { + j=bn_add_words(ret->d,ret->d,&(a->d[i]),i); + if (j) /* overflow */ + bn_sub_words(ret->d,ret->d,mont->N.d,i); + } + ret->top=i; + bn_fix_top(ret); + if (a->d[0]) + BN_add_word(ret,1); /* Always? */ + else /* Very very rare */ + { + for (i=1; i<mont->N.top-1; i++) + { + if (a->d[i]) + { + BN_add_word(ret,1); /* Always? */ + break; + } + } + } - if (BN_ucmp(r,mont->N) >= 0) - bn_qsub(r,r,mont->N); + if (BN_ucmp(ret,&(mont->N)) >= 0) + BN_usub(ret,ret,&(mont->N)); - return(1); -err: - return(0); - } + return(1); + } #endif + } BN_MONT_CTX *BN_MONT_CTX_new() { @@ -222,25 +269,31 @@ BN_MONT_CTX *BN_MONT_CTX_new() if ((ret=(BN_MONT_CTX *)Malloc(sizeof(BN_MONT_CTX))) == NULL) return(NULL); - ret->ri=0; - ret->RR=BN_new(); - ret->N=BN_new(); - ret->Ni=NULL; - if ((ret->RR == NULL) || (ret->N == NULL)) - { - BN_MONT_CTX_free(ret); - return(NULL); - } + + BN_MONT_CTX_init(ret); + ret->flags=BN_FLG_MALLOCED; return(ret); } +void BN_MONT_CTX_init(ctx) +BN_MONT_CTX *ctx; + { + ctx->use_word=0; + ctx->ri=0; + BN_init(&(ctx->RR)); + BN_init(&(ctx->N)); + BN_init(&(ctx->Ni)); + ctx->flags=0; + } + void BN_MONT_CTX_free(mont) BN_MONT_CTX *mont; { - if (mont->RR != NULL) BN_free(mont->RR); - if (mont->N != NULL) BN_free(mont->N); - if (mont->Ni != NULL) BN_free(mont->Ni); - Free(mont); + BN_free(&(mont->RR)); + BN_free(&(mont->N)); + BN_free(&(mont->Ni)); + if (mont->flags & BN_FLG_MALLOCED) + Free(mont); } int BN_MONT_CTX_set(mont,mod,ctx) @@ -248,59 +301,109 @@ BN_MONT_CTX *mont; BIGNUM *mod; BN_CTX *ctx; { - BIGNUM *Ri=NULL,*R=NULL; - - if (mont->RR == NULL) mont->RR=BN_new(); - if (mont->N == NULL) mont->N=BN_new(); - - R=mont->RR; /* grab RR as a temp */ - BN_copy(mont->N,mod); /* Set N */ - -#ifdef MONT_WORD -{ - BIGNUM tmod; - BN_ULONG buf[2]; - /* int z; */ - - mont->ri=(BN_num_bits(mod)+(BN_BITS2-1))/BN_BITS2*BN_BITS2; - BN_lshift(R,BN_value_one(),BN_BITS2); /* R */ - /* I was bad, this modification of a passed variable was - * breaking the multithreaded stuff :-( - * z=mod->top; - * mod->top=1; */ - - buf[0]=mod->d[0]; - buf[1]=0; - tmod.d=buf; - tmod.top=1; - tmod.max=mod->max; - tmod.neg=mod->neg; - - if ((Ri=BN_mod_inverse(R,&tmod,ctx)) == NULL) goto err; /* Ri */ - BN_lshift(Ri,Ri,BN_BITS2); /* R*Ri */ - bn_qsub(Ri,Ri,BN_value_one()); /* R*Ri - 1 */ - BN_div(Ri,NULL,Ri,&tmod,ctx); - mont->n0=Ri->d[0]; - BN_free(Ri); - /* mod->top=z; */ -} + BIGNUM Ri,*R; + + BN_init(&Ri); + R= &(mont->RR); /* grab RR as a temp */ + BN_copy(&(mont->N),mod); /* Set N */ + +#ifdef BN_RECURSION + if (mont->N.top < BN_MONT_CTX_SET_SIZE_WORD) +#endif + { + BIGNUM tmod; + BN_ULONG buf[2]; + + mont->use_word=1; + + mont->ri=(BN_num_bits(mod)+(BN_BITS2-1))/BN_BITS2*BN_BITS2; + BN_zero(R); + BN_set_bit(R,BN_BITS2); + /* I was bad, this modification of a passed variable was + * breaking the multithreaded stuff :-( + * z=mod->top; + * mod->top=1; */ + + buf[0]=mod->d[0]; + buf[1]=0; + tmod.d=buf; + tmod.top=1; + tmod.max=mod->max; + tmod.neg=mod->neg; + + if ((BN_mod_inverse(&Ri,R,&tmod,ctx)) == NULL) + goto err; + BN_lshift(&Ri,&Ri,BN_BITS2); /* R*Ri */ + if (!BN_is_zero(&Ri)) + { +#if 1 + BN_sub_word(&Ri,1); +#else + BN_usub(&Ri,&Ri,BN_value_one()); /* R*Ri - 1 */ +#endif + } + else + { + /* This is not common..., 1 in BN_MASK2, + * It happens when buf[0] was == 1. So for 8 bit, + * this is 1/256, 16bit, 1 in 2^16 etc. + */ + BN_set_word(&Ri,BN_MASK2); + } + BN_div(&Ri,NULL,&Ri,&tmod,ctx); + mont->n0=Ri.d[0]; + BN_free(&Ri); + /* mod->top=z; */ + } +#ifdef BN_RECURSION + else + { + mont->use_word=0; + mont->ri=(BN_num_bits(mod)+(BN_BITS2-1))/BN_BITS2*BN_BITS2; +#if 1 + BN_zero(R); + BN_set_bit(R,mont->ri); #else - mont->ri=BN_num_bits(mod); - BN_lshift(R,BN_value_one(),mont->ri); /* R */ - if ((Ri=BN_mod_inverse(R,mod,ctx)) == NULL) goto err; /* Ri */ - BN_lshift(Ri,Ri,mont->ri); /* R*Ri */ - bn_qsub(Ri,Ri,BN_value_one()); /* R*Ri - 1 */ - BN_div(Ri,NULL,Ri,mod,ctx); - if (mont->Ni != NULL) BN_free(mont->Ni); - mont->Ni=Ri; /* Ni=(R*Ri-1)/N */ + BN_lshift(R,BN_value_one(),mont->ri); /* R */ +#endif + if ((BN_mod_inverse(&Ri,R,mod,ctx)) == NULL) + goto err; + BN_lshift(&Ri,&Ri,mont->ri); /* R*Ri */ +#if 1 + BN_sub_word(&Ri,1); +#else + BN_usub(&Ri,&Ri,BN_value_one()); /* R*Ri - 1 */ +#endif + BN_div(&(mont->Ni),NULL,&Ri,mod,ctx); + BN_free(&Ri); + } #endif /* setup RR for conversions */ +#if 1 + BN_zero(&(mont->RR)); + BN_set_bit(&(mont->RR),mont->ri*2); +#else BN_lshift(mont->RR,BN_value_one(),mont->ri*2); - BN_mod(mont->RR,mont->RR,mont->N,ctx); +#endif + BN_mod(&(mont->RR),&(mont->RR),&(mont->N),ctx); return(1); err: return(0); } +BN_MONT_CTX *BN_MONT_CTX_copy(to, from) +BN_MONT_CTX *to, *from; + { + if (to == from) return(to); + + BN_copy(&(to->RR),&(from->RR)); + BN_copy(&(to->N),&(from->N)); + BN_copy(&(to->Ni),&(from->Ni)); + to->use_word=from->use_word; + to->ri=from->ri; + to->n0=from->n0; + return(to); + } + diff --git a/crypto/bn/bn_mpi.c b/crypto/bn/bn_mpi.c index 53945c105..84b031708 100644 --- a/crypto/bn/bn_mpi.c +++ b/crypto/bn/bn_mpi.c @@ -103,7 +103,7 @@ BIGNUM *a; BNerr(BN_F_BN_MPI2BN,BN_R_INVALID_LENGTH); return(NULL); } - len=(d[0]<<24)|(d[1]<<16)|(d[2]<<8)|d[3]; + len=((long)d[0]<<24)|((long)d[1]<<16)|((int)d[2]<<8)|(int)d[3]; if ((len+4) != n) { BNerr(BN_F_BN_MPI2BN,BN_R_ENCODING_ERROR); diff --git a/crypto/bn/bn_mul.c b/crypto/bn/bn_mul.c index d0c04e1d4..fc7bf974f 100644 --- a/crypto/bn/bn_mul.c +++ b/crypto/bn/bn_mul.c @@ -60,150 +60,703 @@ #include "cryptlib.h" #include "bn_lcl.h" -/* r must be different to a and b */ -/* int BN_mmul(r, a, b) */ -int BN_mul(r, a, b) -BIGNUM *r; -BIGNUM *a; -BIGNUM *b; +#ifdef BN_RECURSION +/* r is 2*n2 words in size, + * a and b are both n2 words in size. + * n2 must be a power of 2. + * We multiply and return the result. + * t must be 2*n2 words in size + * We calulate + * a[0]*b[0] + * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0]) + * a[1]*b[1] + */ +void bn_mul_recursive(r,a,b,n2,t) +BN_ULONG *r,*a,*b; +int n2; +BN_ULONG *t; { - int i; - int max,al,bl; - BN_ULONG *ap,*bp,*rp; + int n=n2/2,c1,c2; + unsigned int neg,zero; + BN_ULONG ln,lo,*p; - al=a->top; - bl=b->top; - if ((al == 0) || (bl == 0)) +#ifdef BN_COUNT +printf(" bn_mul_recursive %d * %d\n",n2,n2); +#endif +#ifdef BN_MUL_COMBA +/* if (n2 == 4) { - r->top=0; - return(1); + bn_mul_comba4(r,a,b); + return; + } + else */ if (n2 == 8) + { + bn_mul_comba8(r,a,b); + return; + } +#endif + if (n2 < BN_MUL_RECURSIVE_SIZE_NORMAL) + { + /* This should not happen */ + bn_mul_normal(r,a,n2,b,n2); + return; + } + /* r=(a[0]-a[1])*(b[1]-b[0]) */ + c1=bn_cmp_words(a,&(a[n]),n); + c2=bn_cmp_words(&(b[n]),b,n); + zero=neg=0; + switch (c1*3+c2) + { + case -4: + bn_sub_words(t, &(a[n]),a, n); /* - */ + bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ + break; + case -3: + zero=1; + break; + case -2: + bn_sub_words(t, &(a[n]),a, n); /* - */ + bn_sub_words(&(t[n]),&(b[n]),b, n); /* + */ + neg=1; + break; + case -1: + case 0: + case 1: + zero=1; + break; + case 2: + bn_sub_words(t, a, &(a[n]),n); /* + */ + bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ + neg=1; + break; + case 3: + zero=1; + break; + case 4: + bn_sub_words(t, a, &(a[n]),n); + bn_sub_words(&(t[n]),&(b[n]),b, n); + break; } - max=(al+bl); - if (bn_wexpand(r,max) == NULL) return(0); - r->top=max; - r->neg=a->neg^b->neg; - ap=a->d; - bp=b->d; - rp=r->d; +#ifdef BN_MUL_COMBA + if (n == 4) + { + if (!zero) + bn_mul_comba4(&(t[n2]),t,&(t[n])); + else + memset(&(t[n2]),0,8*sizeof(BN_ULONG)); + + bn_mul_comba4(r,a,b); + bn_mul_comba4(&(r[n2]),&(a[n]),&(b[n])); + } + else if (n == 8) + { + if (!zero) + bn_mul_comba8(&(t[n2]),t,&(t[n])); + else + memset(&(t[n2]),0,16*sizeof(BN_ULONG)); + + bn_mul_comba8(r,a,b); + bn_mul_comba8(&(r[n2]),&(a[n]),&(b[n])); + } + else +#endif + { + p= &(t[n2*2]); + if (!zero) + bn_mul_recursive(&(t[n2]),t,&(t[n]),n,p); + else + memset(&(t[n2]),0,n2*sizeof(BN_ULONG)); + bn_mul_recursive(r,a,b,n,p); + bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),n,p); + } - rp[al]=bn_mul_words(rp,ap,al,*(bp++)); - rp++; - for (i=1; i<bl; i++) + /* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign + * r[10] holds (a[0]*b[0]) + * r[32] holds (b[1]*b[1]) + */ + + c1=bn_add_words(t,r,&(r[n2]),n2); + + if (neg) /* if t[32] is negative */ { - rp[al]=bn_mul_add_words(rp,ap,al,*(bp++)); - rp++; + c1-=bn_sub_words(&(t[n2]),t,&(t[n2]),n2); + } + else + { + /* Might have a carry */ + c1+=bn_add_words(&(t[n2]),&(t[n2]),t,n2); } - if (r->d[max-1] == 0) r->top--; - return(1); - } -#if 0 -#include "stack.h" + /* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1]) + * r[10] holds (a[0]*b[0]) + * r[32] holds (b[1]*b[1]) + * c1 holds the carry bits + */ + c1+=bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2); + if (c1) + { + p= &(r[n+n2]); + lo= *p; + ln=(lo+c1)&BN_MASK2; + *p=ln; -int limit=16; + /* The overflow will stop before we over write + * words we should not overwrite */ + if (ln < (BN_ULONG)c1) + { + do { + p++; + lo= *p; + ln=(lo+1)&BN_MASK2; + *p=ln; + } while (ln == 0); + } + } + } -typedef struct bn_pool_st +/* n+tn is the word length + * t needs to be n*4 is size, as does r */ +void bn_mul_part_recursive(r,a,b,tn,n,t) +BN_ULONG *r,*a,*b; +int tn,n; +BN_ULONG *t; { - int used; - int tos; - STACK *sk; - } BN_POOL; + int i,j,n2=n*2; + unsigned int c1; + BN_ULONG ln,lo,*p; -BIGNUM *BN_POOL_push(bp) -BN_POOL *bp; - { - BIGNUM *ret; +#ifdef BN_COUNT +printf(" bn_mul_part_recursive %d * %d\n",tn+n,tn+n); +#endif + if (n < 8) + { + i=tn+n; + bn_mul_normal(r,a,i,b,i); + return; + } + + /* r=(a[0]-a[1])*(b[1]-b[0]) */ + bn_sub_words(t, a, &(a[n]),n); /* + */ + bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ - if (bp->used >= bp->tos) +/* if (n == 4) + { + bn_mul_comba4(&(t[n2]),t,&(t[n])); + bn_mul_comba4(r,a,b); + bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn); + memset(&(r[n2+tn*2]),0,sizeof(BN_ULONG)*(n2-tn*2)); + } + else */ if (n == 8) { - ret=BN_new(); - sk_push(bp->sk,(char *)ret); - bp->tos++; - bp->used++; + bn_mul_comba8(&(t[n2]),t,&(t[n])); + bn_mul_comba8(r,a,b); + bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn); + memset(&(r[n2+tn*2]),0,sizeof(BN_ULONG)*(n2-tn*2)); } else { - ret=(BIGNUM *)sk_value(bp->sk,bp->used); - bp->used++; + p= &(t[n2*2]); + bn_mul_recursive(&(t[n2]),t,&(t[n]),n,p); + bn_mul_recursive(r,a,b,n,p); + i=n/2; + /* If there is only a bottom half to the number, + * just do it */ + j=tn-i; + if (j == 0) + { + bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),i,p); + memset(&(r[n2+i*2]),0,sizeof(BN_ULONG)*(n2-i*2)); + } + else if (j > 0) /* eg, n == 16, i == 8 and tn == 11 */ + { + bn_mul_part_recursive(&(r[n2]),&(a[n]),&(b[n]), + j,i,p); + memset(&(r[n2+tn*2]),0, + sizeof(BN_ULONG)*(n2-tn*2)); + } + else /* (j < 0) eg, n == 16, i == 8 and tn == 5 */ + { + memset(&(r[n2]),0,sizeof(BN_ULONG)*n2); + if (tn < BN_MUL_RECURSIVE_SIZE_NORMAL) + { + bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn); + } + else + { + for (;;) + { + i/=2; + if (i < tn) + { + bn_mul_part_recursive(&(r[n2]), + &(a[n]),&(b[n]), + tn-i,i,p); + break; + } + else if (i == tn) + { + bn_mul_recursive(&(r[n2]), + &(a[n]),&(b[n]), + i,p); + break; + } + } + } + } + } + + /* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign + * r[10] holds (a[0]*b[0]) + * r[32] holds (b[1]*b[1]) + */ + + c1=bn_add_words(t,r,&(r[n2]),n2); + c1-=bn_sub_words(&(t[n2]),t,&(t[n2]),n2); + + /* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1]) + * r[10] holds (a[0]*b[0]) + * r[32] holds (b[1]*b[1]) + * c1 holds the carry bits + */ + c1+=bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2); + if (c1) + { + p= &(r[n+n2]); + lo= *p; + ln=(lo+c1)&BN_MASK2; + *p=ln; + + /* The overflow will stop before we over write + * words we should not overwrite */ + if (ln < c1) + { + do { + p++; + lo= *p; + ln=(lo+1)&BN_MASK2; + *p=ln; + } while (ln == 0); + } } - return(ret); } -void BN_POOL_pop(bp,num) -BN_POOL *bp; -int num; +/* a and b must be the same size, which is n2. + * r needs to be n2 words and t needs to be n2*2 + */ +void bn_mul_low_recursive(r,a,b,n2,t) +BN_ULONG *r,*a,*b; +int n2; +BN_ULONG *t; { - bp->used-=num; + int n=n2/2; + +#ifdef BN_COUNT +printf(" bn_mul_low_recursive %d * %d\n",n2,n2); +#endif + + bn_mul_recursive(r,a,b,n,&(t[0])); + if (n >= BN_MUL_LOW_RECURSIVE_SIZE_NORMAL) + { + bn_mul_low_recursive(&(t[0]),&(a[0]),&(b[n]),n,&(t[n2])); + bn_add_words(&(r[n]),&(r[n]),&(t[0]),n); + bn_mul_low_recursive(&(t[0]),&(a[n]),&(b[0]),n,&(t[n2])); + bn_add_words(&(r[n]),&(r[n]),&(t[0]),n); + } + else + { + bn_mul_low_normal(&(t[0]),&(a[0]),&(b[n]),n); + bn_mul_low_normal(&(t[n]),&(a[n]),&(b[0]),n); + bn_add_words(&(r[n]),&(r[n]),&(t[0]),n); + bn_add_words(&(r[n]),&(r[n]),&(t[n]),n); + } } -int BN_mul(r,a,b) -BIGNUM *r,*a,*b; +/* a and b must be the same size, which is n2. + * r needs to be n2 words and t needs to be n2*2 + * l is the low words of the output. + * t needs to be n2*3 + */ +void bn_mul_high(r,a,b,l,n2,t) +BN_ULONG *r,*a,*b,*l; +int n2; +BN_ULONG *t; { - static BN_POOL bp; - static init=1; + int i,n; + int c1,c2; + int neg,oneg,zero; + BN_ULONG ll,lc,*lp,*mp; + +#ifdef BN_COUNT +printf(" bn_mul_high %d * %d\n",n2,n2); +#endif + n=(n2+1)/2; + + /* Calculate (al-ah)*(bh-bl) */ + neg=zero=0; + c1=bn_cmp_words(&(a[0]),&(a[n]),n); + c2=bn_cmp_words(&(b[n]),&(b[0]),n); + switch (c1*3+c2) + { + case -4: + bn_sub_words(&(r[0]),&(a[n]),&(a[0]),n); + bn_sub_words(&(r[n]),&(b[0]),&(b[n]),n); + break; + case -3: + zero=1; + break; + case -2: + bn_sub_words(&(r[0]),&(a[n]),&(a[0]),n); + bn_sub_words(&(r[n]),&(b[n]),&(b[0]),n); + neg=1; + break; + case -1: + case 0: + case 1: + zero=1; + break; + case 2: + bn_sub_words(&(r[0]),&(a[0]),&(a[n]),n); + bn_sub_words(&(r[n]),&(b[0]),&(b[n]),n); + neg=1; + break; + case 3: + zero=1; + break; + case 4: + bn_sub_words(&(r[0]),&(a[0]),&(a[n]),n); + bn_sub_words(&(r[n]),&(b[n]),&(b[0]),n); + break; + } + + oneg=neg; + /* t[10] = (a[0]-a[1])*(b[1]-b[0]) */ + /* r[10] = (a[1]*b[1]) */ +#ifdef BN_MUL_COMBA + if (n == 8) + { + bn_mul_comba8(&(t[0]),&(r[0]),&(r[n])); + bn_mul_comba8(r,&(a[n]),&(b[n])); + } + else +#endif + { + bn_mul_recursive(&(t[0]),&(r[0]),&(r[n]),n,&(t[n2])); + bn_mul_recursive(r,&(a[n]),&(b[n]),n,&(t[n2])); + } - if (init) + /* s0 == low(al*bl) + * s1 == low(ah*bh)+low((al-ah)*(bh-bl))+low(al*bl)+high(al*bl) + * We know s0 and s1 so the only unknown is high(al*bl) + * high(al*bl) == s1 - low(ah*bh+s0+(al-ah)*(bh-bl)) + * high(al*bl) == s1 - (r[0]+l[0]+t[0]) + */ + if (l != NULL) { - bp.used=0; - bp.tos=0; - bp.sk=sk_new_null(); - init=0; + lp= &(t[n2+n]); + c1=bn_add_words(lp,&(r[0]),&(l[0]),n); + } + else + { + c1=0; + lp= &(r[0]); + } + + if (neg) + neg=bn_sub_words(&(t[n2]),lp,&(t[0]),n); + else + { + bn_add_words(&(t[n2]),lp,&(t[0]),n); + neg=0; + } + + if (l != NULL) + { + bn_sub_words(&(t[n2+n]),&(l[n]),&(t[n2]),n); + } + else + { + lp= &(t[n2+n]); + mp= &(t[n2]); + for (i=0; i<n; i++) + lp[i]=((~mp[i])+1)&BN_MASK2; + } + + /* s[0] = low(al*bl) + * t[3] = high(al*bl) + * t[10] = (a[0]-a[1])*(b[1]-b[0]) neg is the sign + * r[10] = (a[1]*b[1]) + */ + /* R[10] = al*bl + * R[21] = al*bl + ah*bh + (a[0]-a[1])*(b[1]-b[0]) + * R[32] = ah*bh + */ + /* R[1]=t[3]+l[0]+r[0](+-)t[0] (have carry/borrow) + * R[2]=r[0]+t[3]+r[1](+-)t[1] (have carry/borrow) + * R[3]=r[1]+(carry/borrow) + */ + if (l != NULL) + { + lp= &(t[n2]); + c1= bn_add_words(lp,&(t[n2+n]),&(l[0]),n); + } + else + { + lp= &(t[n2+n]); + c1=0; + } + c1+=bn_add_words(&(t[n2]),lp, &(r[0]),n); + if (oneg) + c1-=bn_sub_words(&(t[n2]),&(t[n2]),&(t[0]),n); + else + c1+=bn_add_words(&(t[n2]),&(t[n2]),&(t[0]),n); + + c2 =bn_add_words(&(r[0]),&(r[0]),&(t[n2+n]),n); + c2+=bn_add_words(&(r[0]),&(r[0]),&(r[n]),n); + if (oneg) + c2-=bn_sub_words(&(r[0]),&(r[0]),&(t[n]),n); + else + c2+=bn_add_words(&(r[0]),&(r[0]),&(t[n]),n); + + if (c1 != 0) /* Add starting at r[0], could be +ve or -ve */ + { + i=0; + if (c1 > 0) + { + lc=c1; + do { + ll=(r[i]+lc)&BN_MASK2; + r[i++]=ll; + lc=(lc > ll); + } while (lc); + } + else + { + lc= -c1; + do { + ll=r[i]; + r[i++]=(ll-lc)&BN_MASK2; + lc=(lc > ll); + } while (lc); + } + } + if (c2 != 0) /* Add starting at r[1] */ + { + i=n; + if (c2 > 0) + { + lc=c2; + do { + ll=(r[i]+lc)&BN_MASK2; + r[i++]=ll; + lc=(lc > ll); + } while (lc); + } + else + { + lc= -c2; + do { + ll=r[i]; + r[i++]=(ll-lc)&BN_MASK2; + lc=(lc > ll); + } while (lc); + } } - return(BN_mm(r,a,b,&bp)); } +#endif -/* r must be different to a and b */ -int BN_mm(m, A, B, bp) -BIGNUM *m,*A,*B; -BN_POOL *bp; +int BN_mul(r,a,b,ctx) +BIGNUM *r,*a,*b; +BN_CTX *ctx; { - int i,num; - int an,bn; - BIGNUM *a,*b,*c,*d,*ac,*bd; + int top,i,j,k,al,bl; + BIGNUM *t; + + t=NULL; + i=j=k=0; + +#ifdef BN_COUNT +printf("BN_mul %d * %d\n",a->top,b->top); +#endif + + bn_check_top(a); + bn_check_top(b); + bn_check_top(r); - an=A->top; - bn=B->top; - if ((an <= limit) || (bn <= limit)) + al=a->top; + bl=b->top; + r->neg=a->neg^b->neg; + + if ((al == 0) || (bl == 0)) { - return(BN_mmul(m,A,B)); + BN_zero(r); + return(1); } + top=al+bl; +#if defined(BN_MUL_COMBA) || defined(BN_RECURSION) + if (al == bl) + { +# ifdef BN_MUL_COMBA +/* if (al == 4) + { + if (bn_wexpand(r,8) == NULL) return(0); + r->top=8; + bn_mul_comba4(r->d,a->d,b->d); + goto end; + } + else */ if (al == 8) + { + if (bn_wexpand(r,16) == NULL) return(0); + r->top=16; + bn_mul_comba8(r->d,a->d,b->d); + goto end; + } + else +# endif +#ifdef BN_RECURSION + if (al < BN_MULL_SIZE_NORMAL) +#endif + { + if (bn_wexpand(r,top) == NULL) return(0); + r->top=top; + bn_mul_normal(r->d,a->d,al,b->d,bl); + goto end; + } +# ifdef BN_RECURSION + goto symetric; +# endif + } +#endif +#ifdef BN_RECURSION + else if ((al < BN_MULL_SIZE_NORMAL) || (bl < BN_MULL_SIZE_NORMAL)) + { + if (bn_wexpand(r,top) == NULL) return(0); + r->top=top; + bn_mul_normal(r->d,a->d,al,b->d,bl); + goto end; + } + else + { + i=(al-bl); + if ((i == 1) && !BN_get_flags(b,BN_FLG_STATIC_DATA)) + { + bn_wexpand(b,al); + b->d[bl]=0; + bl++; + goto symetric; + } + else if ((i == -1) && !BN_get_flags(a,BN_FLG_STATIC_DATA)) + { + bn_wexpand(a,bl); + a->d[al]=0; + al++; + goto symetric; + } + } +#endif - a=BN_POOL_push(bp); - b=BN_POOL_push(bp); - c=BN_POOL_push(bp); - d=BN_POOL_push(bp); - ac=BN_POOL_push(bp); - bd=BN_POOL_push(bp); + /* asymetric and >= 4 */ + if (bn_wexpand(r,top) == NULL) return(0); + r->top=top; + bn_mul_normal(r->d,a->d,al,b->d,bl); - num=(an <= bn)?an:bn; - num=1<<(BN_num_bits_word(num-1)-1); +#ifdef BN_RECURSION + if (0) + { +symetric: + /* symetric and > 4 */ + /* 16 or larger */ + j=BN_num_bits_word((BN_ULONG)al); + j=1<<(j-1); + k=j+j; + t= &(ctx->bn[ctx->tos]); + if (al == j) /* exact multiple */ + { + bn_wexpand(t,k*2); + bn_wexpand(r,k*2); + bn_mul_recursive(r->d,a->d,b->d,al,t->d); + } + else + { + bn_wexpand(a,k); + bn_wexpand(b,k); + bn_wexpand(t,k*4); + bn_wexpand(r,k*4); + for (i=a->top; i<k; i++) + a->d[i]=0; + for (i=b->top; i<k; i++) + b->d[i]=0; + bn_mul_part_recursive(r->d,a->d,b->d,al-j,j,t->d); + } + r->top=top; + } +#endif +end: + bn_fix_top(r); + return(1); + } - /* Are going to now chop things into 'num' word chunks. */ - num*=BN_BITS2; +void bn_mul_normal(r,a,na,b,nb) +BN_ULONG *r,*a; +int na; +BN_ULONG *b; +int nb; + { + BN_ULONG *rr; - BN_copy(a,A); - BN_mask_bits(a,num); - BN_rshift(b,A,num); +#ifdef BN_COUNT +printf(" bn_mul_normal %d * %d\n",na,nb); +#endif - BN_copy(c,B); - BN_mask_bits(c,num); - BN_rshift(d,B,num); + if (na < nb) + { + int itmp; + BN_ULONG *ltmp; - BN_sub(ac ,b,a); - BN_sub(bd,c,d); - BN_mm(m,ac,bd,bp); - BN_mm(ac,a,c,bp); - BN_mm(bd,b,d,bp); + itmp=na; na=nb; nb=itmp; + ltmp=a; a=b; b=ltmp; - BN_add(m,m,ac); - BN_add(m,m,bd); - BN_lshift(m,m,num); - BN_lshift(bd,bd,num*2); + } + rr= &(r[na]); + rr[0]=bn_mul_words(r,a,na,b[0]); - BN_add(m,m,ac); - BN_add(m,m,bd); - BN_POOL_pop(bp,6); - return(1); + for (;;) + { + if (--nb <= 0) return; + rr[1]=bn_mul_add_words(&(r[1]),a,na,b[1]); + if (--nb <= 0) return; + rr[2]=bn_mul_add_words(&(r[2]),a,na,b[2]); + if (--nb <= 0) return; + rr[3]=bn_mul_add_words(&(r[3]),a,na,b[3]); + if (--nb <= 0) return; + rr[4]=bn_mul_add_words(&(r[4]),a,na,b[4]); + rr+=4; + r+=4; + b+=4; + } } + +void bn_mul_low_normal(r,a,b,n) +BN_ULONG *r,*a,*b; +int n; + { +#ifdef BN_COUNT +printf(" bn_mul_low_normal %d * %d\n",n,n); #endif + bn_mul_words(r,a,n,b[0]); + + for (;;) + { + if (--n <= 0) return; + bn_mul_add_words(&(r[1]),a,n,b[1]); + if (--n <= 0) return; + bn_mul_add_words(&(r[2]),a,n,b[2]); + if (--n <= 0) return; + bn_mul_add_words(&(r[3]),a,n,b[3]); + if (--n <= 0) return; + bn_mul_add_words(&(r[4]),a,n,b[4]); + r+=4; + b+=4; + } + } + diff --git a/crypto/bn/bn_prime.c b/crypto/bn/bn_prime.c index 0c85f70b5..c4fb58ef9 100644 --- a/crypto/bn/bn_prime.c +++ b/crypto/bn/bn_prime.c @@ -83,7 +83,8 @@ static int probable_prime_dh(); static int probable_prime_dh_strong(); #endif -BIGNUM *BN_generate_prime(bits,strong,add,rem,callback,cb_arg) +BIGNUM *BN_generate_prime(ret,bits,strong,add,rem,callback,cb_arg) +BIGNUM *ret; int bits; int strong; BIGNUM *add; @@ -92,16 +93,19 @@ void (*callback)(P_I_I_P); char *cb_arg; { BIGNUM *rnd=NULL; - BIGNUM *ret=NULL; - BIGNUM *t=NULL; + BIGNUM t; int i,j,c1=0; BN_CTX *ctx; ctx=BN_CTX_new(); if (ctx == NULL) goto err; - if ((rnd=BN_new()) == NULL) goto err; - if (strong) - if ((t=BN_new()) == NULL) goto err; + if (ret == NULL) + { + if ((rnd=BN_new()) == NULL) goto err; + } + else + rnd=ret; + BN_init(&t); loop: /* make a random number and set the top and bottom bits */ if (add == NULL) @@ -136,7 +140,7 @@ loop: * check that (p-1)/2 is prime. * Since a prime is odd, We just * need to divide by 2 */ - if (!BN_rshift1(t,rnd)) goto err; + if (!BN_rshift1(&t,rnd)) goto err; for (i=0; i<BN_prime_checks; i++) { @@ -144,7 +148,7 @@ loop: if (j == -1) goto err; if (j == 0) goto loop; - j=BN_is_prime(t,1,callback,ctx,cb_arg); + j=BN_is_prime(&t,1,callback,ctx,cb_arg); if (j == -1) goto err; if (j == 0) goto loop; @@ -156,7 +160,7 @@ loop: ret=rnd; err: if ((ret == NULL) && (rnd != NULL)) BN_free(rnd); - if (t != NULL) BN_free(t); + BN_free(&t); if (ctx != NULL) BN_CTX_free(ctx); return(ret); } @@ -183,7 +187,7 @@ char *cb_arg; if ((ctx2=BN_CTX_new()) == NULL) goto err; if ((mont=BN_MONT_CTX_new()) == NULL) goto err; - check=ctx->bn[ctx->tos++]; + check= &(ctx->bn[ctx->tos++]); /* Setup the montgomery structure */ if (!BN_MONT_CTX_set(mont,a,ctx2)) goto err; @@ -224,14 +228,14 @@ BN_MONT_CTX *mont; BIGNUM *d,*dd,*tmp,*d1,*d2,*n1; BIGNUM *mont_one,*mont_n1,*mont_a; - d1=ctx->bn[ctx->tos]; - d2=ctx->bn[ctx->tos+1]; - n1=ctx->bn[ctx->tos+2]; + d1= &(ctx->bn[ctx->tos]); + d2= &(ctx->bn[ctx->tos+1]); + n1= &(ctx->bn[ctx->tos+2]); ctx->tos+=3; - mont_one=ctx2->bn[ctx2->tos]; - mont_n1=ctx2->bn[ctx2->tos+1]; - mont_a=ctx2->bn[ctx2->tos+2]; + mont_one= &(ctx2->bn[ctx2->tos]); + mont_n1= &(ctx2->bn[ctx2->tos+1]); + mont_a= &(ctx2->bn[ctx2->tos+2]); ctx2->tos+=3; d=d1; @@ -287,8 +291,9 @@ int bits; { int i; MS_STATIC BN_ULONG mods[NUMPRIMES]; - BN_ULONG delta; + BN_ULONG delta,d; +again: if (!BN_rand(rnd,bits,1,1)) return(0); /* we now have a random number 'rand' to test. */ for (i=1; i<NUMPRIMES; i++) @@ -300,9 +305,12 @@ int bits; * that gcd(rnd-1,primes) == 1 (except for 2) */ if (((mods[i]+delta)%primes[i]) <= 1) { + d=delta; delta+=2; /* perhaps need to check for overflow of - * delta (but delta can be upto 2^32) */ + * delta (but delta can be upto 2^32) + * 21-May-98 eay - added overflow check */ + if (delta < d) goto again; goto loop; } } @@ -320,7 +328,7 @@ BN_CTX *ctx; int i,ret=0; BIGNUM *t1; - t1=ctx->bn[ctx->tos++]; + t1= &(ctx->bn[ctx->tos++]); if (!BN_rand(rnd,bits,0,1)) goto err; @@ -361,9 +369,9 @@ BN_CTX *ctx; BIGNUM *t1,*qadd=NULL,*q=NULL; bits--; - t1=ctx->bn[ctx->tos++]; - q=ctx->bn[ctx->tos++]; - qadd=ctx->bn[ctx->tos++]; + t1= &(ctx->bn[ctx->tos++]); + q= &(ctx->bn[ctx->tos++]); + qadd= &(ctx->bn[ctx->tos++]); if (!BN_rshift1(qadd,padd)) goto err; @@ -413,11 +421,11 @@ BN_CTX *ctx; BIGNUM *d,*dd,*tmp; BIGNUM *d1,*d2,*x,*n1,*inv; - d1=ctx->bn[ctx->tos]; - d2=ctx->bn[ctx->tos+1]; - x=ctx->bn[ctx->tos+2]; - n1=ctx->bn[ctx->tos+3]; - inv=ctx->bn[ctx->tos+4]; + d1= &(ctx->bn[ctx->tos]); + d2= &(ctx->bn[ctx->tos+1]); + x= &(ctx->bn[ctx->tos+2]); + n1= &(ctx->bn[ctx->tos+3]); + inv=&(ctx->bn[ctx->tos+4]); ctx->tos+=5; d=d1; diff --git a/crypto/bn/bn_recp.c b/crypto/bn/bn_recp.c index 72cd69d3f..97ca857ed 100644 --- a/crypto/bn/bn_recp.c +++ b/crypto/bn/bn_recp.c @@ -60,66 +60,182 @@ #include "cryptlib.h" #include "bn_lcl.h" -int BN_mod_mul_reciprocal(r, x, y, m, i, nb, ctx) +void BN_RECP_CTX_init(recp) +BN_RECP_CTX *recp; + { + BN_init(&(recp->N)); + BN_init(&(recp->Nr)); + recp->num_bits=0; + recp->flags=0; + } + +BN_RECP_CTX *BN_RECP_CTX_new() + { + BN_RECP_CTX *ret; + + if ((ret=(BN_RECP_CTX *)Malloc(sizeof(BN_RECP_CTX))) == NULL) + return(NULL); + + BN_RECP_CTX_init(ret); + ret->flags=BN_FLG_MALLOCED; + return(ret); + } + +void BN_RECP_CTX_free(recp) +BN_RECP_CTX *recp; + { + BN_free(&(recp->N)); + BN_free(&(recp->Nr)); + if (recp->flags & BN_FLG_MALLOCED) + Free(recp); + } + +int BN_RECP_CTX_set(recp,d,ctx) +BN_RECP_CTX *recp; +BIGNUM *d; +BN_CTX *ctx; + { + BN_copy(&(recp->N),d); + BN_zero(&(recp->Nr)); + recp->num_bits=BN_num_bits(d); + recp->shift=0; + return(1); + } + +int BN_mod_mul_reciprocal(r, x, y, recp, ctx) BIGNUM *r; BIGNUM *x; BIGNUM *y; +BN_RECP_CTX *recp; +BN_CTX *ctx; + { + int ret=0; + BIGNUM *a; + + a= &(ctx->bn[ctx->tos++]); + if (y != NULL) + { + if (x == y) + { if (!BN_sqr(a,x,ctx)) goto err; } + else + { if (!BN_mul(a,x,y,ctx)) goto err; } + } + else + a=x; /* Just do the mod */ + + BN_div_recp(NULL,r,a,recp,ctx); + ret=1; +err: + ctx->tos--; + return(ret); + } + +int BN_div_recp(dv,rem,m,recp,ctx) +BIGNUM *dv; +BIGNUM *rem; BIGNUM *m; -BIGNUM *i; -int nb; +BN_RECP_CTX *recp; BN_CTX *ctx; { - int ret=0,j; - BIGNUM *a,*b,*c,*d; + int i,j,tos,ret=0,ex; + BIGNUM *a,*b,*d,*r; + + tos=ctx->tos; + a= &(ctx->bn[ctx->tos++]); + b= &(ctx->bn[ctx->tos++]); + if (dv != NULL) + d=dv; + else + d= &(ctx->bn[ctx->tos++]); + if (rem != NULL) + r=rem; + else + r= &(ctx->bn[ctx->tos++]); + + if (BN_ucmp(m,&(recp->N)) < 0) + { + BN_zero(d); + BN_copy(r,m); + ctx->tos=tos; + return(1); + } - a=ctx->bn[ctx->tos++]; - b=ctx->bn[ctx->tos++]; - c=ctx->bn[ctx->tos++]; - d=ctx->bn[ctx->tos++]; + /* We want the remainder + * Given input of ABCDEF / ab + * we need multiply ABCDEF by 3 digests of the reciprocal of ab + * + */ + i=BN_num_bits(m); - if (x == y) - { if (!BN_sqr(a,x,ctx)) goto err; } + j=recp->num_bits*2; + if (j > i) + { + i=j; + ex=0; + } else - { if (!BN_mul(a,x,y)) goto err; } - if (!BN_rshift(d,a,nb)) goto err; - if (!BN_mul(b,d,i)) goto err; - if (!BN_rshift(c,b,nb)) goto err; - if (!BN_mul(b,m,c)) goto err; - if (!BN_sub(r,a,b)) goto err; + { + ex=(i-j)/2; + } + + j=i/2; + + if (i != recp->shift) + recp->shift=BN_reciprocal(&(recp->Nr),&(recp->N), + i,ctx); + + if (!BN_rshift(a,m,j-ex)) goto err; + if (!BN_mul(b,a,&(recp->Nr),ctx)) goto err; + if (!BN_rshift(d,b,j+ex)) goto err; + d->neg=0; + if (!BN_mul(b,&(recp->N),d,ctx)) goto err; + if (!BN_usub(r,m,b)) goto err; + r->neg=0; + j=0; - while (BN_cmp(r,m) >= 0) +#if 1 + while (BN_ucmp(r,&(recp->N)) >= 0) { if (j++ > 2) { BNerr(BN_F_BN_MOD_MUL_RECIPROCAL,BN_R_BAD_RECIPROCAL); goto err; } - if (!BN_sub(r,r,m)) goto err; + if (!BN_usub(r,r,&(recp->N))) goto err; + if (!BN_add_word(d,1)) goto err; } +#endif + r->neg=BN_is_zero(r)?0:m->neg; + d->neg=m->neg^recp->N.neg; ret=1; err: - ctx->tos-=4; + ctx->tos=tos; return(ret); - } + } -int BN_reciprocal(r, m,ctx) +/* len is the expected size of the result + * We actually calculate with an extra word of precision, so + * we can do faster division if the remainder is not required. + */ +int BN_reciprocal(r,m,len,ctx) BIGNUM *r; BIGNUM *m; +int len; BN_CTX *ctx; { - int nm,ret= -1; - BIGNUM *t; + int ret= -1; + BIGNUM t; - t=ctx->bn[ctx->tos++]; + BN_init(&t); - nm=BN_num_bits(m); - if (!BN_lshift(t,BN_value_one(),nm*2)) goto err; + BN_zero(&t); + if (!BN_set_bit(&t,len)) goto err; - if (!BN_div(r,NULL,t,m,ctx)) goto err; - ret=nm; + if (!BN_div(r,NULL,&t,m,ctx)) goto err; + ret=len; err: - ctx->tos--; + BN_free(&t); return(ret); } diff --git a/crypto/bn/bn_sqr.c b/crypto/bn/bn_sqr.c index a8464610e..19ec0ddf8 100644 --- a/crypto/bn/bn_sqr.c +++ b/crypto/bn/bn_sqr.c @@ -67,30 +67,84 @@ BIGNUM *r; BIGNUM *a; BN_CTX *ctx; { - int i,j,max,al; + int max,al; BIGNUM *tmp; - BN_ULONG *ap,*rp; - tmp=ctx->bn[ctx->tos]; +#ifdef BN_COUNT +printf("BN_sqr %d * %d\n",a->top,a->top); +#endif + bn_check_top(a); + tmp= &(ctx->bn[ctx->tos]); al=a->top; - if (al == 0) + if (al <= 0) { r->top=0; return(1); } - max=(al*2); - if (bn_wexpand(r,1+max) == NULL) return(0); - if (bn_wexpand(tmp,1+max) == NULL) return(0); + max=(al+al); + if (bn_wexpand(r,max+1) == NULL) return(0); r->neg=0; + if (al == 4) + { +#ifndef BN_SQR_COMBA + BN_ULONG t[8]; + bn_sqr_normal(r->d,a->d,4,t); +#else + bn_sqr_comba4(r->d,a->d); +#endif + } + else if (al == 8) + { +#ifndef BN_SQR_COMBA + BN_ULONG t[16]; + bn_sqr_normal(r->d,a->d,8,t); +#else + bn_sqr_comba8(r->d,a->d); +#endif + } + else + { +#if defined(BN_RECURSION) + if (al < BN_SQR_RECURSIVE_SIZE_NORMAL) + { + BN_ULONG t[BN_SQR_RECURSIVE_SIZE_NORMAL*2]; + bn_sqr_normal(r->d,a->d,al,t); + } + else + { + if (bn_wexpand(tmp,2*max+1) == NULL) return(0); + bn_sqr_recursive(r->d,a->d,al,tmp->d); + } +#else + if (bn_wexpand(tmp,max) == NULL) return(0); + bn_sqr_normal(r->d,a->d,al,tmp->d); +#endif + } + + r->top=max; + if ((max > 0) && (r->d[max-1] == 0)) r->top--; + return(1); + } + +/* tmp must have 2*n words */ +void bn_sqr_normal(r, a, n, tmp) +BN_ULONG *r; +BN_ULONG *a; +int n; +BN_ULONG *tmp; + { + int i,j,max; + BN_ULONG *ap,*rp; - ap=a->d; - rp=r->d; + max=n*2; + ap=a; + rp=r; rp[0]=rp[max-1]=0; rp++; - j=al; + j=n; if (--j > 0) { @@ -99,7 +153,7 @@ BN_CTX *ctx; rp+=2; } - for (i=2; i<al; i++) + for (i=n-2; i>0; i--) { j--; ap++; @@ -107,16 +161,115 @@ BN_CTX *ctx; rp+=2; } - bn_add_words(r->d,r->d,r->d,max); + bn_add_words(r,r,r,max); /* There will not be a carry */ - bn_sqr_words(tmp->d,a->d,al); + bn_sqr_words(tmp,a,n); - bn_add_words(r->d,r->d,tmp->d,max); - - r->top=max; - if (r->d[max-1] == 0) r->top--; - return(1); + bn_add_words(r,r,tmp,max); } +#ifdef BN_RECURSION +/* r is 2*n words in size, + * a and b are both n words in size. + * n must be a power of 2. + * We multiply and return the result. + * t must be 2*n words in size + * We calulate + * a[0]*b[0] + * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0]) + * a[1]*b[1] + */ +void bn_sqr_recursive(r,a,n2,t) +BN_ULONG *r,*a; +int n2; +BN_ULONG *t; + { + int n=n2/2; + int zero,c1; + BN_ULONG ln,lo,*p; + +#ifdef BN_COUNT +printf(" bn_sqr_recursive %d * %d\n",n2,n2); +#endif + if (n2 == 4) + { +#ifndef BN_SQR_COMBA + bn_sqr_normal(r,a,4,t); +#else + bn_sqr_comba4(r,a); +#endif + return; + } + else if (n2 == 8) + { +#ifndef BN_SQR_COMBA + bn_sqr_normal(r,a,8,t); +#else + bn_sqr_comba8(r,a); +#endif + return; + } + if (n2 < BN_SQR_RECURSIVE_SIZE_NORMAL) + { + bn_sqr_normal(r,a,n2,t); + return; + } + /* r=(a[0]-a[1])*(a[1]-a[0]) */ + c1=bn_cmp_words(a,&(a[n]),n); + zero=0; + if (c1 > 0) + bn_sub_words(t,a,&(a[n]),n); + else if (c1 < 0) + bn_sub_words(t,&(a[n]),a,n); + else + zero=1; + + /* The result will always be negative unless it is zero */ + p= &(t[n2*2]); + + if (!zero) + bn_sqr_recursive(&(t[n2]),t,n,p); + else + memset(&(t[n2]),0,n*sizeof(BN_ULONG)); + bn_sqr_recursive(r,a,n,p); + bn_sqr_recursive(&(r[n2]),&(a[n]),n,p); + + /* t[32] holds (a[0]-a[1])*(a[1]-a[0]), it is negative or zero + * r[10] holds (a[0]*b[0]) + * r[32] holds (b[1]*b[1]) + */ + + c1=bn_add_words(t,r,&(r[n2]),n2); + + /* t[32] is negative */ + c1-=bn_sub_words(&(t[n2]),t,&(t[n2]),n2); + + /* t[32] holds (a[0]-a[1])*(a[1]-a[0])+(a[0]*a[0])+(a[1]*a[1]) + * r[10] holds (a[0]*a[0]) + * r[32] holds (a[1]*a[1]) + * c1 holds the carry bits + */ + c1+=bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2); + if (c1) + { + p= &(r[n+n2]); + lo= *p; + ln=(lo+c1)&BN_MASK2; + *p=ln; + + /* The overflow will stop before we over write + * words we should not overwrite */ + if (ln < (BN_ULONG)c1) + { + do { + p++; + lo= *p; + ln=(lo+1)&BN_MASK2; + *p=ln; + } while (ln == 0); + } + } + } +#endif diff --git a/crypto/bn/bn_word.c b/crypto/bn/bn_word.c index 4b3d0f011..9c168e4f4 100644 --- a/crypto/bn/bn_word.c +++ b/crypto/bn/bn_word.c @@ -62,7 +62,7 @@ BN_ULONG BN_mod_word(a, w) BIGNUM *a; -unsigned long w; +BN_ULONG w; { #ifndef BN_LLONG BN_ULONG ret=0; @@ -75,8 +75,8 @@ unsigned long w; for (i=a->top-1; i>=0; i--) { #ifndef BN_LLONG - ret=((ret<<BN_BITS4)|((a->d[i]>>BN_BITS4)&BN_MASK2l))%(unsigned long)w; - ret=((ret<<BN_BITS4)|(a->d[i]&BN_MASK2l))%(unsigned long)w; + ret=((ret<<BN_BITS4)|((a->d[i]>>BN_BITS4)&BN_MASK2l))%w; + ret=((ret<<BN_BITS4)|(a->d[i]&BN_MASK2l))%w; #else ret=(BN_ULLONG)(((ret<<(BN_ULLONG)BN_BITS2)|a->d[i])% (BN_ULLONG)w); @@ -87,7 +87,7 @@ unsigned long w; BN_ULONG BN_div_word(a, w) BIGNUM *a; -unsigned long w; +BN_ULONG w; { BN_ULONG ret; int i; @@ -100,18 +100,18 @@ unsigned long w; BN_ULONG l,d; l=a->d[i]; - d=bn_div64(ret,l,w); + d=bn_div_words(ret,l,w); ret=(l-((d*w)&BN_MASK2))&BN_MASK2; a->d[i]=d; } - if (a->d[a->top-1] == 0) + if ((a->top > 0) && (a->d[a->top-1] == 0)) a->top--; return(ret); } int BN_add_word(a, w) BIGNUM *a; -unsigned long w; +BN_ULONG w; { BN_ULONG l; int i; @@ -144,7 +144,7 @@ unsigned long w; int BN_sub_word(a, w) BIGNUM *a; -unsigned long w; +BN_ULONG w; { int i; @@ -185,7 +185,7 @@ unsigned long w; int BN_mul_word(a,w) BIGNUM *a; -unsigned long w; +BN_ULONG w; { BN_ULONG ll; @@ -199,6 +199,6 @@ unsigned long w; a->d[a->top++]=ll; } } - return(0); + return(1); } diff --git a/crypto/bn/bnspeed.c b/crypto/bn/bnspeed.c index f7c2790ff..777212c1b 100644 --- a/crypto/bn/bnspeed.c +++ b/crypto/bn/bnspeed.c @@ -94,7 +94,8 @@ struct tms { #include <sys/timeb.h> #endif -#ifdef sun +#if defined(sun) || defined(__ultrix) +#define _POSIX_SOURCE #include <limits.h> #include <sys/param.h> #endif @@ -180,15 +181,14 @@ int argc; char **argv; { BN_CTX *ctx; - BIGNUM *a,*b,*c,*r; + BIGNUM a,b,c; ctx=BN_CTX_new(); - a=BN_new(); - b=BN_new(); - c=BN_new(); - r=BN_new(); + BN_init(&a); + BN_init(&b); + BN_init(&c); - do_mul(a,b,c,ctx); + do_mul(&a,&b,&c,ctx); } void do_mul(r,a,b,ctx) @@ -211,7 +211,7 @@ BN_CTX *ctx; BN_rand(b,sizes[j],1,0); Time_F(START); for (k=0; k<num; k++) - BN_mul(r,b,a); + BN_mul(r,b,a,ctx); tm=Time_F(STOP); printf("mul %4d x %4d -> %8.3fms\n",sizes[i],sizes[j],tm*1000.0/num); } diff --git a/crypto/bn/bntest.c b/crypto/bn/bntest.c index 9ebd68b42..ec48bad73 100644 --- a/crypto/bn/bntest.c +++ b/crypto/bn/bntest.c @@ -71,19 +71,20 @@ #endif #ifndef NOPROTO -int test_add (BIO *bp); -int test_sub (BIO *bp); -int test_lshift1 (BIO *bp); -int test_lshift (BIO *bp); -int test_rshift1 (BIO *bp); -int test_rshift (BIO *bp); -int test_div (BIO *bp,BN_CTX *ctx); -int test_mul (BIO *bp); -int test_sqr (BIO *bp,BN_CTX *ctx); -int test_mont (BIO *bp,BN_CTX *ctx); -int test_mod (BIO *bp,BN_CTX *ctx); -int test_mod_mul (BIO *bp,BN_CTX *ctx); -int test_mod_exp (BIO *bp,BN_CTX *ctx); +int test_add(BIO *bp); +int test_sub(BIO *bp); +int test_lshift1(BIO *bp); +int test_lshift(BIO *bp); +int test_rshift1(BIO *bp); +int test_rshift(BIO *bp); +int test_div(BIO *bp,BN_CTX *ctx); +int test_div_recp(BIO *bp,BN_CTX *ctx); +int test_mul(BIO *bp); +int test_sqr(BIO *bp,BN_CTX *ctx); +int test_mont(BIO *bp,BN_CTX *ctx); +int test_mod(BIO *bp,BN_CTX *ctx); +int test_mod_mul(BIO *bp,BN_CTX *ctx); +int test_mod_exp(BIO *bp,BN_CTX *ctx); int rand_neg(void); #else int test_add (); @@ -192,6 +193,10 @@ char *argv[]; if (!test_div(out,ctx)) goto err; fflush(stdout); + fprintf(stderr,"test BN_div_recp\n"); + if (!test_div_recp(out,ctx)) goto err; + fflush(stdout); + fprintf(stderr,"test BN_mod\n"); if (!test_mod(out,ctx)) goto err; fflush(stdout); @@ -221,80 +226,80 @@ err: int test_add(bp) BIO *bp; { - BIGNUM *a,*b,*c; + BIGNUM a,b,c; int i; int j; - a=BN_new(); - b=BN_new(); - c=BN_new(); + BN_init(&a); + BN_init(&b); + BN_init(&c); - BN_rand(a,512,0,0); + BN_rand(&a,512,0,0); for (i=0; i<100; i++) { - BN_rand(b,450+i,0,0); - a->neg=rand_neg(); - b->neg=rand_neg(); + BN_rand(&b,450+i,0,0); + a.neg=rand_neg(); + b.neg=rand_neg(); if (bp == NULL) for (j=0; j<10000; j++) - BN_add(c,a,b); - BN_add(c,a,b); + BN_add(&c,&a,&b); + BN_add(&c,&a,&b); if (bp != NULL) { if (!results) { - BN_print(bp,a); + BN_print(bp,&a); BIO_puts(bp," + "); - BN_print(bp,b); + BN_print(bp,&b); BIO_puts(bp," - "); } - BN_print(bp,c); + BN_print(bp,&c); BIO_puts(bp,"\n"); } } - BN_free(a); - BN_free(b); - BN_free(c); + BN_free(&a); + BN_free(&b); + BN_free(&c); return(1); } int test_sub(bp) BIO *bp; { - BIGNUM *a,*b,*c; + BIGNUM a,b,c; int i; int j; - a=BN_new(); - b=BN_new(); - c=BN_new(); + BN_init(&a); + BN_init(&b); + BN_init(&c); - BN_rand(a,512,0,0); + BN_rand(&a,512,0,0); for (i=0; i<100; i++) { - BN_rand(b,400+i,0,0); - a->neg=rand_neg(); - b->neg=rand_neg(); + BN_rand(&b,400+i,0,0); + a.neg=rand_neg(); + b.neg=rand_neg(); if (bp == NULL) for (j=0; j<10000; j++) - BN_sub(c,a,b); - BN_sub(c,a,b); + BN_sub(&c,&a,&b); + BN_sub(&c,&a,&b); if (bp != NULL) { if (!results) { - BN_print(bp,a); + BN_print(bp,&a); BIO_puts(bp," - "); - BN_print(bp,b); + BN_print(bp,&b); BIO_puts(bp," - "); } - BN_print(bp,c); + BN_print(bp,&c); BIO_puts(bp,"\n"); } } - BN_free(a); - BN_free(b); - BN_free(c); + BN_free(&a); + BN_free(&b); + BN_free(&c); return(1); } @@ -302,92 +307,154 @@ int test_div(bp,ctx) BIO *bp; BN_CTX *ctx; { - BIGNUM *a,*b,*c,*d; + BIGNUM a,b,c,d; int i; int j; - a=BN_new(); - b=BN_new(); - c=BN_new(); - d=BN_new(); + BN_init(&a); + BN_init(&b); + BN_init(&c); + BN_init(&d); - BN_rand(a,400,0,0); + BN_rand(&a,400,0,0); for (i=0; i<100; i++) { - BN_rand(b,50+i,0,0); - a->neg=rand_neg(); - b->neg=rand_neg(); + BN_rand(&b,50+i,0,0); + a.neg=rand_neg(); + b.neg=rand_neg(); if (bp == NULL) for (j=0; j<100; j++) - BN_div(d,c,a,b,ctx); - BN_div(d,c,a,b,ctx); + BN_div(&d,&c,&a,&b,ctx); + BN_div(&d,&c,&a,&b,ctx); if (bp != NULL) { if (!results) { - BN_print(bp,a); + BN_print(bp,&a); BIO_puts(bp," / "); - BN_print(bp,b); + BN_print(bp,&b); BIO_puts(bp," - "); } - BN_print(bp,d); + BN_print(bp,&d); BIO_puts(bp,"\n"); if (!results) { - BN_print(bp,a); + BN_print(bp,&a); BIO_puts(bp," % "); - BN_print(bp,b); + BN_print(bp,&b); BIO_puts(bp," - "); } - BN_print(bp,c); + BN_print(bp,&c); BIO_puts(bp,"\n"); } } - BN_free(a); - BN_free(b); - BN_free(c); - BN_free(d); + BN_free(&a); + BN_free(&b); + BN_free(&c); + BN_free(&d); + return(1); + } + +int test_div_recp(bp,ctx) +BIO *bp; +BN_CTX *ctx; + { + BIGNUM a,b,c,d; + BN_RECP_CTX recp; + int i; + int j; + + BN_RECP_CTX_init(&recp); + BN_init(&a); + BN_init(&b); + BN_init(&c); + BN_init(&d); + + BN_rand(&a,400,0,0); + for (i=0; i<100; i++) + { + BN_rand(&b,50+i,0,0); + a.neg=rand_neg(); + b.neg=rand_neg(); + BN_RECP_CTX_set(&recp,&b,ctx); + if (bp == NULL) + for (j=0; j<100; j++) + BN_div_recp(&d,&c,&a,&recp,ctx); + BN_div_recp(&d,&c,&a,&recp,ctx); + if (bp != NULL) + { + if (!results) + { + BN_print(bp,&a); + BIO_puts(bp," / "); + BN_print(bp,&b); + BIO_puts(bp," - "); + } + BN_print(bp,&d); + BIO_puts(bp,"\n"); + + if (!results) + { + BN_print(bp,&a); + BIO_puts(bp," % "); + BN_print(bp,&b); + BIO_puts(bp," - "); + } + BN_print(bp,&c); + BIO_puts(bp,"\n"); + } + } + BN_free(&a); + BN_free(&b); + BN_free(&c); + BN_free(&d); + BN_RECP_CTX_free(&recp); return(1); } int test_mul(bp) BIO *bp; { - BIGNUM *a,*b,*c; + BIGNUM a,b,c; int i; int j; + BN_CTX ctx; - a=BN_new(); - b=BN_new(); - c=BN_new(); + BN_CTX_init(&ctx); + BN_init(&a); + BN_init(&b); + BN_init(&c); - BN_rand(a,200,0,0); + BN_rand(&a,200,0,0); for (i=0; i<100; i++) { - BN_rand(b,250+i,0,0); - a->neg=rand_neg(); - b->neg=rand_neg(); + BN_rand(&b,250+i,0,0); + BN_rand(&b,200,0,0); + a.neg=rand_neg(); + b.neg=rand_neg(); if (bp == NULL) for (j=0; j<100; j++) - BN_mul(c,a,b); - BN_mul(c,a,b); + BN_mul(&c,&a,&b,&ctx); + BN_mul(&c,&a,&b,&ctx); +/*bn_do(&c,&a,&b,ctx); */ if (bp != NULL) { if (!results) { - BN_print(bp,a); + BN_print(bp,&a); BIO_puts(bp," * "); - BN_print(bp,b); + BN_print(bp,&b); BIO_puts(bp," - "); } - BN_print(bp,c); + BN_print(bp,&c); BIO_puts(bp,"\n"); } } - BN_free(a); - BN_free(b); - BN_free(c); + BN_free(&a); + BN_free(&b); + BN_free(&c); + BN_CTX_free(&ctx); return(1); } @@ -395,36 +462,36 @@ int test_sqr(bp,ctx) BIO *bp; BN_CTX *ctx; { - BIGNUM *a,*c; + BIGNUM a,c; int i; int j; - a=BN_new(); - c=BN_new(); + BN_init(&a); + BN_init(&c); for (i=0; i<40; i++) { - BN_rand(a,40+i*10,0,0); - a->neg=rand_neg(); + BN_rand(&a,40+i*10,0,0); + a.neg=rand_neg(); if (bp == NULL) for (j=0; j<100; j++) - BN_sqr(c,a,ctx); - BN_sqr(c,a,ctx); + BN_sqr(&c,&a,ctx); + BN_sqr(&c,&a,ctx); if (bp != NULL) { if (!results) { - BN_print(bp,a); + BN_print(bp,&a); BIO_puts(bp," * "); - BN_print(bp,a); + BN_print(bp,&a); BIO_puts(bp," - "); } - BN_print(bp,c); + BN_print(bp,&c); BIO_puts(bp,"\n"); } } - BN_free(a); - BN_free(c); + BN_free(&a); + BN_free(&c); return(1); } @@ -432,61 +499,61 @@ int test_mont(bp,ctx) BIO *bp; BN_CTX *ctx; { - BIGNUM *a,*b,*c,*A,*B; - BIGNUM *n; + BIGNUM a,b,c,A,B; + BIGNUM n; int i; int j; BN_MONT_CTX *mont; - a=BN_new(); - b=BN_new(); - c=BN_new(); - A=BN_new(); - B=BN_new(); - n=BN_new(); + BN_init(&a); + BN_init(&b); + BN_init(&c); + BN_init(&A); + BN_init(&B); + BN_init(&n); mont=BN_MONT_CTX_new(); - BN_rand(a,100,0,0); /**/ - BN_rand(b,100,0,0); /**/ + BN_rand(&a,100,0,0); /**/ + BN_rand(&b,100,0,0); /**/ for (i=0; i<10; i++) { - BN_rand(n,(100%BN_BITS2+1)*BN_BITS2*i*BN_BITS2,0,1); /**/ - BN_MONT_CTX_set(mont,n,ctx); + BN_rand(&n,(100%BN_BITS2+1)*BN_BITS2*i*BN_BITS2,0,1); /**/ + BN_MONT_CTX_set(mont,&n,ctx); - BN_to_montgomery(A,a,mont,ctx); - BN_to_montgomery(B,b,mont,ctx); + BN_to_montgomery(&A,&a,mont,ctx); + BN_to_montgomery(&B,&b,mont,ctx); if (bp == NULL) for (j=0; j<100; j++) - BN_mod_mul_montgomery(c,A,B,mont,ctx);/**/ - BN_mod_mul_montgomery(c,A,B,mont,ctx);/**/ - BN_from_montgomery(A,c,mont,ctx);/**/ + BN_mod_mul_montgomery(&c,&A,&B,mont,ctx);/**/ + BN_mod_mul_montgomery(&c,&A,&B,mont,ctx);/**/ + BN_from_montgomery(&A,&c,mont,ctx);/**/ if (bp != NULL) { if (!results) { #ifdef undef fprintf(stderr,"%d * %d %% %d\n", -BN_num_bits(a), -BN_num_bits(b), +BN_num_bits(&a), +BN_num_bits(&b), BN_num_bits(mont->N)); #endif - BN_print(bp,a); + BN_print(bp,&a); BIO_puts(bp," * "); - BN_print(bp,b); + BN_print(bp,&b); BIO_puts(bp," % "); - BN_print(bp,mont->N); + BN_print(bp,&(mont->N)); BIO_puts(bp," - "); } - BN_print(bp,A); + BN_print(bp,&A); BIO_puts(bp,"\n"); } } BN_MONT_CTX_free(mont); - BN_free(a); - BN_free(b); - BN_free(c); + BN_free(&a); + BN_free(&b); + BN_free(&c); return(1); } diff --git a/crypto/bn/expspeed.c b/crypto/bn/expspeed.c index 344f883d3..fe0037324 100644 --- a/crypto/bn/expspeed.c +++ b/crypto/bn/expspeed.c @@ -94,7 +94,8 @@ struct tms { #include <sys/timeb.h> #endif -#ifdef sun +#if defined(sun) || defined(__ultrix) +#define _POSIX_SOURCE #include <limits.h> #include <sys/param.h> #endif diff --git a/crypto/bn/exptest.c b/crypto/bn/exptest.c index 67dc95d72..1ec61c2c8 100644 --- a/crypto/bn/exptest.c +++ b/crypto/bn/exptest.c @@ -79,6 +79,8 @@ char *argv[]; unsigned char c; BIGNUM *r_mont,*r_recp,*a,*b,*m; + ERR_load_BN_strings(); + ctx=BN_CTX_new(); if (ctx == NULL) exit(1); r_mont=BN_new(); @@ -114,11 +116,19 @@ char *argv[]; ret=BN_mod_exp_mont(r_mont,a,b,m,ctx,NULL); if (ret <= 0) - { printf("BN_mod_exp_mont() problems\n"); exit(1); } + { + printf("BN_mod_exp_mont() problems\n"); + ERR_print_errors(out); + exit(1); + } ret=BN_mod_exp_recp(r_recp,a,b,m,ctx); if (ret <= 0) - { printf("BN_mod_exp_recp() problems\n"); exit(1); } + { + printf("BN_mod_exp_recp() problems\n"); + ERR_print_errors(out); + exit(1); + } if (BN_cmp(r_mont,r_recp) != 0) { @@ -137,6 +147,7 @@ char *argv[]; fflush(stdout); } } + CRYPTO_mem_leaks(out); printf(" done\n"); exit(0); err: diff --git a/crypto/buffer/buf_err.c b/crypto/buffer/buf_err.c index ff988852c..433cf3a0a 100644 --- a/crypto/buffer/buf_err.c +++ b/crypto/buffer/buf_err.c @@ -76,8 +76,8 @@ void ERR_load_BUF_strings() { static int init=1; - if (init); - {; + if (init) + { init=0; #ifndef NO_ERR ERR_load_strings(ERR_LIB_BUF,BUF_str_functs); diff --git a/crypto/cast/Makefile.ssl b/crypto/cast/Makefile.ssl index 0143827ae..c59982e78 100644 --- a/crypto/cast/Makefile.ssl +++ b/crypto/cast/Makefile.ssl @@ -64,7 +64,7 @@ asm/cx86-out.o: asm/cx86unix.cpp # bsdi asm/cx86bsdi.o: asm/cx86unix.cpp - $(CPP) -DBSDI asm/cx86unix.cpp | as -o asm/cx86bsdi.o + $(CPP) -DBSDI asm/cx86unix.cpp | sed 's/ :/:/' | as -o asm/cx86bsdi.o asm/cx86unix.cpp: (cd asm; perl cast-586.pl cpp >cx86unix.cpp) diff --git a/crypto/cast/c_ecb.c b/crypto/cast/c_ecb.c index f0f2f4df0..fe34bd17e 100644 --- a/crypto/cast/c_ecb.c +++ b/crypto/cast/c_ecb.c @@ -59,7 +59,7 @@ #include "cast.h" #include "cast_lcl.h" -char *CAST_version="CAST part of SSLeay 0.9.0b 29-Jun-1998"; +char *CAST_version="CAST part of SSLeay 0.9.1a 06-Jul-1998"; void CAST_ecb_encrypt(in, out, ks, encrypt) unsigned char *in; diff --git a/crypto/cast/cast_spd.c b/crypto/cast/cast_spd.c index ab75e6538..885b1df23 100644 --- a/crypto/cast/cast_spd.c +++ b/crypto/cast/cast_spd.c @@ -92,7 +92,8 @@ struct tms { #include <sys/timeb.h> #endif -#ifdef sun +#if defined(sun) || defined(__ultrix) +#define _POSIX_SOURCE #include <limits.h> #include <sys/param.h> #endif diff --git a/crypto/cast/castopts.c b/crypto/cast/castopts.c index 68cf5a4a6..8635b46a0 100644 --- a/crypto/cast/castopts.c +++ b/crypto/cast/castopts.c @@ -92,7 +92,8 @@ struct tms { #include <sys/timeb.h> #endif -#ifdef sun +#if defined(sun) || defined(__ultrix) +#define _POSIX_SOURCE #include <limits.h> #include <sys/param.h> #endif diff --git a/crypto/conf/conf.c b/crypto/conf/conf.c index 9e84300c5..f5114ea69 100644 --- a/crypto/conf/conf.c +++ b/crypto/conf/conf.c @@ -93,9 +93,9 @@ static CONF_VALUE *new_section(); static CONF_VALUE *get_section(); #endif -#define scan_esc(p) ((*(++p) == '\0')?(p):(++p)) +#define scan_esc(p) ((((p)[1] == '\0')?(p++):(p+=2)),p) -char *CONF_version="CONF part of SSLeay 0.9.0b 29-Jun-1998"; +char *CONF_version="CONF part of SSLeay 0.9.1a 06-Jul-1998"; LHASH *CONF_load(h,file,line) LHASH *h; @@ -105,10 +105,12 @@ long *line; LHASH *ret=NULL; FILE *in=NULL; #define BUFSIZE 512 + char btmp[16]; int bufnum=0,i,ii; BUF_MEM *buff=NULL; char *s,*p,*end; - int again,n,eline=0; + int again,n; + long eline=0; CONF_VALUE *v=NULL,*vv,*tv; CONF_VALUE *sv=NULL; char *section=NULL,*buf; @@ -219,12 +221,21 @@ long *line; if (IS_EOF(*s)) continue; /* blank line */ if (*s == '[') { + char *ss; + s++; start=eat_ws(s); - end=eat_alpha_numeric(start); + ss=start; +again: + end=eat_alpha_numeric(ss); p=eat_ws(end); if (*p != ']') { + if (*p != '\0') + { + ss=p; + goto again; + } CONFerr(CONF_F_CONF_LOAD,CONF_R_MISSING_CLOSE_SQUARE_BRACKET); goto err; } @@ -328,6 +339,8 @@ err: if (buff != NULL) BUF_MEM_free(buff); if (section != NULL) Free(section); if (line != NULL) *line=eline; + sprintf(btmp,"%ld",eline); + ERR_add_error_data(2,"line ",btmp); if (in != NULL) fclose(in); if ((h != ret) && (ret != NULL)) CONF_free(ret); if (v != NULL) diff --git a/crypto/conf/conf_err.c b/crypto/conf/conf_err.c index a8db8f266..c6929b99c 100644 --- a/crypto/conf/conf_err.c +++ b/crypto/conf/conf_err.c @@ -84,8 +84,8 @@ void ERR_load_CONF_strings() { static int init=1; - if (init); - {; + if (init) + { init=0; #ifndef NO_ERR ERR_load_strings(ERR_LIB_CONF,CONF_str_functs); diff --git a/crypto/cpt_err.c b/crypto/cpt_err.c index ea3c135d3..27652fca4 100644 --- a/crypto/cpt_err.c +++ b/crypto/cpt_err.c @@ -75,8 +75,8 @@ void ERR_load_CRYPTO_strings() { static int init=1; - if (init); - {; + if (init) + { init=0; #ifndef NO_ERR ERR_load_strings(ERR_LIB_CRYPTO,CRYPTO_str_functs); diff --git a/crypto/cryptlib.c b/crypto/cryptlib.c index 9a7e80b7f..3614e3fc5 100644 --- a/crypto/cryptlib.c +++ b/crypto/cryptlib.c @@ -120,10 +120,11 @@ char *name; SSLeay_MSVC5_hack=(double)name[0]*(double)name[1]; #endif - if (app_locks == NULL) - if ((app_locks=sk_new_null()) == NULL) - CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE); - return(0); + if ((app_locks == NULL) && ((app_locks=sk_new_null()) == NULL)) + { + CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE); + return(0); + } if ((str=BUF_strdup(name)) == NULL) return(0); i=sk_push(app_locks,str); diff --git a/crypto/crypto.h b/crypto/crypto.h index 0a38b5b87..306bc0267 100644 --- a/crypto/crypto.h +++ b/crypto/crypto.h @@ -67,12 +67,13 @@ extern "C" { /* This is more to be used to check the correct DLL is being used * in the MS world. */ -#define SSLEAY_VERSION_NUMBER 0x0902 /* Version 0.5.1c would be 0513 */ +#define SSLEAY_VERSION_NUMBER 0x0911 /* Version 0.5.1c would be 0513 */ #define SSLEAY_VERSION 0 /* #define SSLEAY_OPTIONS 1 no longer supported */ #define SSLEAY_CFLAGS 2 #define SSLEAY_BUILT_ON 3 +#define SSLEAY_PLATFORM 4 /* When changing the CRYPTO_LOCK_* list, be sure to maintin the text lock * names in cryptlib.c @@ -105,6 +106,7 @@ extern "C" { #define CRYPTO_READ 4 #define CRYPTO_WRITE 8 +#ifndef NO_LOCKING #ifndef CRYPTO_w_lock #define CRYPTO_w_lock(type) \ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__) @@ -116,14 +118,22 @@ extern "C" { CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__) #define CRYPTO_add(addr,amount,type) \ CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__) - +#endif +#else +#define CRYPTO_w_lock(a) +#define CRYPTO_w_unlock(a) +#define CRYPTO_r_lock(a) +#define CRYPTO_r_unlock(a) +#define CRYPTO_add(a,b,c) ((*(a))+=(b)) #endif /* The following can be used to detect memory leaks in the SSLeay library. * It used, it turns on malloc checking */ -#define CRYPTO_MEM_CHECK_OFF 0x0 -#define CRYPTO_MEM_CHECK_ON 0x1 +#define CRYPTO_MEM_CHECK_OFF 0x0 /* an enume */ +#define CRYPTO_MEM_CHECK_ON 0x1 /* a bit */ +#define CRYPTO_MEM_CHECK_ENABLE 0x2 /* a bit */ +#define CRYPTO_MEM_CHECK_DISABLE 0x3 /* an enume */ /* typedef struct crypto_mem_st @@ -179,6 +189,10 @@ typedef struct crypto_ex_data_func_st (void (*)())free) #ifdef CRYPTO_MDEBUG +#define MemCheck_start() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON) +#define MemCheck_stop() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF) +#define MemCheck_on() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE) +#define MemCheck_off() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE) #define Malloc(num) CRYPTO_dbg_malloc((int)num,__FILE__,__LINE__) #define Realloc(addr,num) \ CRYPTO_dbg_realloc((char *)addr,(int)num,__FILE__,__LINE__) @@ -186,18 +200,28 @@ typedef struct crypto_ex_data_func_st CRYPTO_dbg_remalloc((char **)addr,(int)num,__FILE__,__LINE__) #define FreeFunc CRYPTO_dbg_free #define Free(addr) CRYPTO_dbg_free((char *)(addr)) +#define Malloc_locked(num) CRYPTO_malloc_locked((int)num) +#define Free_locked(addr) CRYPTO_free_locked((char *)(addr)) #else +#define MemCheck_start() +#define MemCheck_stop() +#define MemCheck_on() +#define MemCheck_off() #define Remalloc CRYPTO_remalloc #if defined(WIN32) || defined(MFUNC) #define Malloc CRYPTO_malloc #define Realloc(a,n) CRYPTO_realloc((char *)(a),(n)) #define FreeFunc CRYPTO_free #define Free(addr) CRYPTO_free((char *)(addr)) +#define Malloc_locked CRYPTO_malloc_locked +#define Free_locked(addr) CRYPTO_free_locked((char *)(addr)) #else #define Malloc malloc #define Realloc realloc #define FreeFunc free #define Free(addr) free((char *)(addr)) +#define Malloc_locked malloc +#define Free_locked(addr) free((char *)(addr)) #endif /* WIN32 || MFUNC */ #endif /* MDEBUG */ @@ -238,10 +262,14 @@ int CRYPTO_add_lock(int *pointer,int amount,int type, char *file,int line); void CRYPTO_set_mem_functions(char *(*m)(),char *(*r)(), void (*free_func)()); void CRYPTO_get_mem_functions(char *(**m)(),char *(**r)(), void (**f)()); +void CRYPTO_set_locked_mem_functions(char *(*m)(), void (*free_func)()); +void CRYPTO_get_locked_mem_functions(char *(**m)(), void (**f)()); +char *CRYPTO_malloc_locked(int num); +void CRYPTO_free_locked(char *); char *CRYPTO_malloc(int num); -char *CRYPTO_realloc(char *addr,int num); void CRYPTO_free(char *); +char *CRYPTO_realloc(char *addr,int num); char *CRYPTO_remalloc(char *addr,int num); char *CRYPTO_dbg_malloc(int num,char *file,int line); diff --git a/crypto/cversion.c b/crypto/cversion.c index 4e823be52..03d716a58 100644 --- a/crypto/cversion.c +++ b/crypto/cversion.c @@ -66,7 +66,7 @@ char *SSLeay_version(t) int t; { if (t == SSLEAY_VERSION) - return("SSLeay 0.9.0b 29-Jun-1998"); + return("SSLeay 0.9.1a 06-Jul-1998"); if (t == SSLEAY_BUILT_ON) { #ifdef DATE @@ -89,6 +89,17 @@ int t; return("C flags not available"); #endif } + if (t == SSLEAY_PLATFORM) + { +#ifdef PLATFORM + static char buf[sizeof(PLATFORM)+10]; + + sprintf(buf,"Platform:%s",PLATFORM); + return(buf); +#else + return("Platform information not available"); +#endif + } return("not available"); } diff --git a/crypto/date.h b/crypto/date.h index 1cbe8f6ef..ea0b79a3b 100644 --- a/crypto/date.h +++ b/crypto/date.h @@ -1 +1 @@ -#define DATE "Fri Apr 10 01:11:55 EST 1998" +#define DATE "Wed Jul 22 12:21:22 EST 1998" diff --git a/crypto/des/Makefile.ssl b/crypto/des/Makefile.ssl index 78b5189ee..9ca1b872b 100644 --- a/crypto/des/Makefile.ssl +++ b/crypto/des/Makefile.ssl @@ -83,10 +83,10 @@ asm/yx86-out.o: asm/yx86unix.cpp # bsdi asm/dx86bsdi.o: asm/dx86unix.cpp - $(CPP) -DBSDI asm/dx86unix.cpp | as -o asm/dx86bsdi.o + $(CPP) -DBSDI asm/dx86unix.cpp | sed 's/ :/:/' | as -o asm/dx86bsdi.o asm/yx86bsdi.o: asm/yx86unix.cpp - $(CPP) -DBSDI asm/yx86unix.cpp | as -o asm/yx86bsdi.o + $(CPP) -DBSDI asm/yx86unix.cpp | sed 's/ :/:/' | as -o asm/yx86bsdi.o asm/dx86unix.cpp: (cd asm; perl des-586.pl cpp >dx86unix.cpp) diff --git a/crypto/des/VERSION b/crypto/des/VERSION index f62d8bdac..c7d01542b 100644 --- a/crypto/des/VERSION +++ b/crypto/des/VERSION @@ -1,3 +1,4 @@ + Fixed the weak key values which were wrong :-( Defining SIGACTION causes sigaction() to be used instead of signal(). SIGUSR1/SIGUSR2 are no longer mapped in the read tty stuff because it can cause problems. This should hopefully not affect normal diff --git a/crypto/des/des.h b/crypto/des/des.h index a4cf5c877..4d7610c8e 100644 --- a/crypto/des/des.h +++ b/crypto/des/des.h @@ -90,6 +90,7 @@ typedef struct des_ks_struct } ks; #undef _ #define _ ks._ + int weak_key; } des_key_schedule[16]; #define DES_KEY_SZ (sizeof(des_cblock)) @@ -140,6 +141,7 @@ typedef des_key_schedule bit_64; extern int des_check_key; /* defaults to false */ extern int des_rw_mode; /* defaults to DES_PCBC_MODE */ +extern int des_set_weak_key_flag; /* set the weak key flag */ /* The next line is used to disable full ANSI prototypes, if your * compiler has problems with the prototypes, make sure this line always diff --git a/crypto/des/des.org b/crypto/des/des.org index a4cf5c877..4d7610c8e 100644 --- a/crypto/des/des.org +++ b/crypto/des/des.org @@ -90,6 +90,7 @@ typedef struct des_ks_struct } ks; #undef _ #define _ ks._ + int weak_key; } des_key_schedule[16]; #define DES_KEY_SZ (sizeof(des_cblock)) @@ -140,6 +141,7 @@ typedef des_key_schedule bit_64; extern int des_check_key; /* defaults to false */ extern int des_rw_mode; /* defaults to DES_PCBC_MODE */ +extern int des_set_weak_key_flag; /* set the weak key flag */ /* The next line is used to disable full ANSI prototypes, if your * compiler has problems with the prototypes, make sure this line always diff --git a/crypto/des/des_locl.h b/crypto/des/des_locl.h index e2e503cbe..67ef3e790 100644 --- a/crypto/des/des_locl.h +++ b/crypto/des/des_locl.h @@ -119,16 +119,16 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! there's no way to tell at compile time what it is you're running on */ #if defined( sun ) /* Newer Sparc's */ - #define DES_PTR - #define DES_RISC1 - #define DES_UNROLL +# define DES_PTR +# define DES_RISC1 +# define DES_UNROLL #elif defined( __ultrix ) /* Older MIPS */ - #define DES_PTR - #define DES_RISC2 - #define DES_UNROLL +# define DES_PTR +# define DES_RISC2 +# define DES_UNROLL #elif defined( __osf1__ ) /* Alpha */ - #define DES_PTR - #define DES_RISC2 +# define DES_PTR +# define DES_RISC2 #elif defined ( _AIX ) /* RS6000 */ /* Unknown */ #elif defined( __hpux ) /* HP-PA */ @@ -136,15 +136,15 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #elif defined( __aux ) /* 68K */ /* Unknown */ #elif defined( __dgux ) /* 88K (but P6 in latest boxes) */ - #define DES_UNROLL +# define DES_UNROLL #elif defined( __sgi ) /* Newer MIPS */ - #define DES_PTR - #define DES_RISC2 - #define DES_UNROLL +# define DES_PTR +# define DES_RISC2 +# define DES_UNROLL #elif defined( i386 ) /* x86 boxes, should be gcc */ - #define DES_PTR - #define DES_RISC1 - #define DES_UNROLL +# define DES_PTR +# define DES_RISC1 +# define DES_UNROLL #endif /* Systems-specific speed defines */ #endif diff --git a/crypto/des/des_locl.org b/crypto/des/des_locl.org index e2e503cbe..67ef3e790 100644 --- a/crypto/des/des_locl.org +++ b/crypto/des/des_locl.org @@ -119,16 +119,16 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! there's no way to tell at compile time what it is you're running on */ #if defined( sun ) /* Newer Sparc's */ - #define DES_PTR - #define DES_RISC1 - #define DES_UNROLL +# define DES_PTR +# define DES_RISC1 +# define DES_UNROLL #elif defined( __ultrix ) /* Older MIPS */ - #define DES_PTR - #define DES_RISC2 - #define DES_UNROLL +# define DES_PTR +# define DES_RISC2 +# define DES_UNROLL #elif defined( __osf1__ ) /* Alpha */ - #define DES_PTR - #define DES_RISC2 +# define DES_PTR +# define DES_RISC2 #elif defined ( _AIX ) /* RS6000 */ /* Unknown */ #elif defined( __hpux ) /* HP-PA */ @@ -136,15 +136,15 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #elif defined( __aux ) /* 68K */ /* Unknown */ #elif defined( __dgux ) /* 88K (but P6 in latest boxes) */ - #define DES_UNROLL +# define DES_UNROLL #elif defined( __sgi ) /* Newer MIPS */ - #define DES_PTR - #define DES_RISC2 - #define DES_UNROLL +# define DES_PTR +# define DES_RISC2 +# define DES_UNROLL #elif defined( i386 ) /* x86 boxes, should be gcc */ - #define DES_PTR - #define DES_RISC1 - #define DES_UNROLL +# define DES_PTR +# define DES_RISC1 +# define DES_UNROLL #endif /* Systems-specific speed defines */ #endif diff --git a/crypto/des/des_opts.c b/crypto/des/des_opts.c index fdf0fbf46..29d9461d2 100644 --- a/crypto/des/des_opts.c +++ b/crypto/des/des_opts.c @@ -92,7 +92,8 @@ struct tms { #include <sys/timeb.h> #endif -#ifdef sun +#if defined(sun) || defined(__ultrix) +#define _POSIX_SOURCE #include <limits.h> #include <sys/param.h> #endif diff --git a/crypto/des/destest.c b/crypto/des/destest.c index 620c13ba6..5700608b9 100644 --- a/crypto/des/destest.c +++ b/crypto/des/destest.c @@ -72,6 +72,10 @@ #include <string.h> #include "des.h" +#if defined(PERL5) || defined(__FreeBSD__) +#define crypt(c,s) (des_crypt((c),(s))) +#endif + /* tisk tisk - the test keys don't all have odd parity :-( */ /* test data */ #define NUM_TESTS 34 @@ -660,17 +664,20 @@ plain[8+4], plain[8+5], plain[8+6], plain[8+7]); printf("Doing quad_cksum\n"); cs=quad_cksum((C_Block *)cbc_data,(C_Block *)qret, (long)strlen(cbc_data),2,(C_Block *)cbc_iv); + + { /* Big-endian fix */ + static DES_LONG l=1; + static unsigned char *c=(unsigned char *)&l; + DES_LONG ll; + j=sizeof(lqret[0])-4; for (i=0; i<4; i++) { lqret[i]=0; memcpy(&(lqret[i]),&(qret[i][0]),4); - if (j > 0) lqret[i]=lqret[i]>>(j*8); /* For Cray */ + if (!c[0] && (j > 0)) + lqret[i]=lqret[i]>>(j*8); /* For Cray */ } - { /* Big-endian fix */ - static DES_LONG l=1; - static unsigned char *c=(unsigned char *)&l; - DES_LONG ll; if (!c[0]) { diff --git a/crypto/des/ecb_enc.c b/crypto/des/ecb_enc.c index acf23fdd0..2f99ae5dd 100644 --- a/crypto/des/ecb_enc.c +++ b/crypto/des/ecb_enc.c @@ -60,7 +60,7 @@ #include "spr.h" char *libdes_version="libdes v 3.24 - 20-Apr-1996 - eay"; -char *DES_version="DES part of SSLeay 0.9.0b 29-Jun-1998"; +char *DES_version="DES part of SSLeay 0.9.1a 06-Jul-1998"; char *des_options() { diff --git a/crypto/des/fcrypt.c b/crypto/des/fcrypt.c index 129beb27d..645e66a9a 100644 --- a/crypto/des/fcrypt.c +++ b/crypto/des/fcrypt.c @@ -55,21 +55,21 @@ static unsigned const char cov_2char[64]={ void fcrypt_body(DES_LONG *out,des_key_schedule ks, DES_LONG Eswap0, DES_LONG Eswap1); -#if defined(PERL5) || defined(FreeBSD) +#if defined(PERL5) || defined(__FreeBSD__) char *des_crypt(const char *buf,const char *salt); #else char *crypt(const char *buf,const char *salt); #endif #else void fcrypt_body(); -#ifdef PERL5 +#if defined(PERL5) || defined(__FreeBSD__) char *des_crypt(); #else char *crypt(); #endif #endif -#if defined(PERL5) || defined(FreeBSD) +#if defined(PERL5) || defined(__FreeBSD__) char *des_crypt(buf,salt) #else char *crypt(buf,salt) diff --git a/crypto/des/set_key.c b/crypto/des/set_key.c index c3bcd7ee2..fe966fd25 100644 --- a/crypto/des/set_key.c +++ b/crypto/des/set_key.c @@ -111,8 +111,8 @@ static des_cblock weak_keys[NUM_WEAK_KEY]={ /* weak keys */ {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01}, {0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE}, - {0x1F,0x1F,0x1F,0x1F,0x1F,0x1F,0x1F,0x1F}, - {0xE0,0xE0,0xE0,0xE0,0xE0,0xE0,0xE0,0xE0}, + {0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E}, + {0xE0,0xE0,0xE0,0xE0,0xF1,0xF1,0xF1,0xF1}, /* semi-weak keys */ {0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE}, {0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01}, diff --git a/crypto/des/speed.c b/crypto/des/speed.c index 5bbe8b01d..bac078e05 100644 --- a/crypto/des/speed.c +++ b/crypto/des/speed.c @@ -92,7 +92,8 @@ struct tms { #include <sys/timeb.h> #endif -#ifdef sun +#if defined(sun) || defined(__ultrix) +#define _POSIX_SOURCE #include <limits.h> #include <sys/param.h> #endif diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h index 4cc1df265..8d60ae5c5 100644 --- a/crypto/dh/dh.h +++ b/crypto/dh/dh.h @@ -67,6 +67,8 @@ extern "C" { #define BIGNUM char #endif +#define DH_FLAG_CACHE_MONT_P 0x01 + typedef struct dh_st { /* This first argument is used to pick up errors when @@ -78,6 +80,9 @@ typedef struct dh_st int length; /* optional */ BIGNUM *pub_key; /* y */ BIGNUM *priv_key; /* x */ + + int flags; + char *method_mont_p; } DH; #define DH_GENERATOR_2 2 diff --git a/crypto/dh/dh_err.c b/crypto/dh/dh_err.c index 9d5c06ac2..83ad45fb0 100644 --- a/crypto/dh/dh_err.c +++ b/crypto/dh/dh_err.c @@ -84,8 +84,8 @@ void ERR_load_DH_strings() { static int init=1; - if (init); - {; + if (init) + { init=0; #ifndef NO_ERR ERR_load_strings(ERR_LIB_DH,DH_str_functs); diff --git a/crypto/dh/dh_gen.c b/crypto/dh/dh_gen.c index 04c7046a7..466f2bf06 100644 --- a/crypto/dh/dh_gen.c +++ b/crypto/dh/dh_gen.c @@ -97,8 +97,8 @@ char *cb_arg; ret=DH_new(); ctx=BN_CTX_new(); if (ctx == NULL) goto err; - t1=ctx->bn[0]; - t2=ctx->bn[1]; + t1= &(ctx->bn[0]); + t2= &(ctx->bn[1]); ctx->tos=2; if (generator == DH_GENERATOR_2) @@ -126,7 +126,7 @@ char *cb_arg; else g=generator; - p=BN_generate_prime(prime_len,1,t1,t2,callback,cb_arg); + p=BN_generate_prime(NULL,prime_len,1,t1,t2,callback,cb_arg); if (p == NULL) goto err; if (callback != NULL) callback(3,0,cb_arg); ret->p=p; diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c index 7576772bc..fa2c96082 100644 --- a/crypto/dh/dh_key.c +++ b/crypto/dh/dh_key.c @@ -67,11 +67,11 @@ DH *dh; { int ok=0; unsigned int i; - BN_CTX *ctx=NULL; + BN_CTX ctx; + BN_MONT_CTX *mont; BIGNUM *pub_key=NULL,*priv_key=NULL; - ctx=BN_CTX_new(); - if (ctx == NULL) goto err; + BN_CTX_init(&ctx); if (dh->priv_key == NULL) { @@ -96,7 +96,15 @@ DH *dh; else pub_key=dh->pub_key; - if (!BN_mod_exp(pub_key,dh->g,priv_key,dh->p,ctx)) goto err; + if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P)) + { + if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) + if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p, + dh->p,&ctx)) goto err; + } + mont=(BN_MONT_CTX *)dh->method_mont_p; + + if (!BN_mod_exp_mont(pub_key,dh->g,priv_key,dh->p,&ctx,mont)) goto err; dh->pub_key=pub_key; dh->priv_key=priv_key; @@ -107,7 +115,7 @@ err: if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key); if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key); - if (ctx != NULL) BN_CTX_free(ctx); + BN_CTX_free(&ctx); return(ok); } @@ -116,20 +124,28 @@ unsigned char *key; BIGNUM *pub_key; DH *dh; { - BN_CTX *ctx; + BN_CTX ctx; + BN_MONT_CTX *mont; BIGNUM *tmp; int ret= -1; - ctx=BN_CTX_new(); - if (ctx == NULL) goto err; - tmp=ctx->bn[ctx->tos++]; + BN_CTX_init(&ctx); + tmp= &(ctx.bn[ctx.tos++]); if (dh->priv_key == NULL) { DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE); goto err; } - if (!BN_mod_exp(tmp,pub_key,dh->priv_key,dh->p,ctx)) + if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P)) + { + if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) + if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p, + dh->p,&ctx)) goto err; + } + + mont=(BN_MONT_CTX *)dh->method_mont_p; + if (!BN_mod_exp_mont(tmp,pub_key,dh->priv_key,dh->p,&ctx,mont)) { DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB); goto err; @@ -137,6 +153,6 @@ DH *dh; ret=BN_bn2bin(tmp,key); err: - if (ctx != NULL) BN_CTX_free(ctx); + BN_CTX_free(&ctx); return(ret); } diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c index a300b3839..1b4bb4ea2 100644 --- a/crypto/dh/dh_lib.c +++ b/crypto/dh/dh_lib.c @@ -61,7 +61,7 @@ #include "bn.h" #include "dh.h" -char *DH_version="Diffie-Hellman part of SSLeay 0.9.0b 29-Jun-1998"; +char *DH_version="Diffie-Hellman part of SSLeay 0.9.1a 06-Jul-1998"; DH *DH_new() { @@ -80,6 +80,8 @@ DH *DH_new() ret->length=0; ret->pub_key=NULL; ret->priv_key=NULL; + ret->flags=DH_FLAG_CACHE_MONT_P; + ret->method_mont_p=NULL; return(ret); } @@ -90,6 +92,8 @@ DH *r; if (r->g != NULL) BN_clear_free(r->g); if (r->pub_key != NULL) BN_clear_free(r->pub_key); if (r->priv_key != NULL) BN_clear_free(r->priv_key); + if (r->method_mont_p != NULL) + BN_MONT_CTX_free((BN_MONT_CTX *)r->method_mont_p); Free(r); } diff --git a/crypto/dh/dhtest.c b/crypto/dh/dhtest.c index 488f10fd4..e8e1695ed 100644 --- a/crypto/dh/dhtest.c +++ b/crypto/dh/dhtest.c @@ -182,6 +182,7 @@ char *arg; if (p == 2) c='*'; if (p == 3) c='\n'; BIO_write((BIO *)arg,&c,1); + BIO_flush((BIO *)arg); #ifdef LINT p=n; #endif diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h index 1ca87c1cb..a231c199b 100644 --- a/crypto/dsa/dsa.h +++ b/crypto/dsa/dsa.h @@ -71,6 +71,8 @@ extern "C" { #include "bn.h" +#define DSA_FLAG_CACHE_MONT_P 0x01 + typedef struct dsa_st { /* This first variable is used to pick up errors where @@ -88,6 +90,10 @@ typedef struct dsa_st BIGNUM *kinv; /* Signing pre-calc */ BIGNUM *r; /* Signing pre-calc */ + int flags; + /* Normally used to cache montgomery values */ + char *method_mont_p; + int references; } DSA; diff --git a/crypto/dsa/dsa_err.c b/crypto/dsa/dsa_err.c index 318e9f31a..4cb58a895 100644 --- a/crypto/dsa/dsa_err.c +++ b/crypto/dsa/dsa_err.c @@ -87,8 +87,8 @@ void ERR_load_DSA_strings() { static int init=1; - if (init); - {; + if (init) + { init=0; #ifndef NO_ERR ERR_load_strings(ERR_LIB_DSA,DSA_str_functs); diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c index d7d30bf90..8202b8029 100644 --- a/crypto/dsa/dsa_gen.c +++ b/crypto/dsa/dsa_gen.c @@ -88,6 +88,7 @@ char *cb_arg; unsigned char buf[SHA_DIGEST_LENGTH],buf2[SHA_DIGEST_LENGTH]; BIGNUM *r0,*W,*X,*c,*test; BIGNUM *g=NULL,*q=NULL,*p=NULL; + BN_MONT_CTX *mont=NULL; int k,n=0,i,b,m=0; int counter=0; BN_CTX *ctx=NULL,*ctx2=NULL; @@ -100,20 +101,20 @@ char *cb_arg; if ((seed_in != NULL) && (seed_len == 20)) memcpy(seed,seed_in,seed_len); - ctx=BN_CTX_new(); - if (ctx == NULL) goto err; - ctx2=BN_CTX_new(); - if (ctx2 == NULL) goto err; - ret=DSA_new(); - if (ret == NULL) goto err; - r0=ctx2->bn[0]; - g=ctx2->bn[1]; - W=ctx2->bn[2]; - q=ctx2->bn[3]; - X=ctx2->bn[4]; - c=ctx2->bn[5]; - p=ctx2->bn[6]; - test=ctx2->bn[7]; + if ((ctx=BN_CTX_new()) == NULL) goto err; + if ((ctx2=BN_CTX_new()) == NULL) goto err; + if ((ret=DSA_new()) == NULL) goto err; + + if ((mont=BN_MONT_CTX_new()) == NULL) goto err; + + r0= &(ctx2->bn[0]); + g= &(ctx2->bn[1]); + W= &(ctx2->bn[2]); + q= &(ctx2->bn[3]); + X= &(ctx2->bn[4]); + c= &(ctx2->bn[5]); + p= &(ctx2->bn[6]); + test= &(ctx2->bn[7]); BN_lshift(test,BN_value_one(),bits-1); @@ -220,10 +221,12 @@ end: BN_div(r0,NULL,test,q,ctx); BN_set_word(test,h); + BN_MONT_CTX_set(mont,p,ctx); + for (;;) { /* g=test^r0%p */ - BN_mod_exp(g,test,r0,p,ctx); + BN_mod_exp_mont(g,test,r0,p,ctx,mont); if (!BN_is_one(g)) break; BN_add(test,test,BN_value_one()); h++; @@ -246,8 +249,9 @@ err: if (counter_ret != NULL) *counter_ret=counter; if (h_ret != NULL) *h_ret=h; } - BN_CTX_free(ctx); - BN_CTX_free(ctx2); + if (ctx != NULL) BN_CTX_free(ctx); + if (ctx != NULL) BN_CTX_free(ctx2); + if (mont != NULL) BN_MONT_CTX_free(mont); return(ok?ret:NULL); } @@ -258,20 +262,22 @@ char *cb_arg; { int ok= -1,j,i,n; BN_CTX *ctx=NULL,*ctx2=NULL; - BIGNUM *w_1,*b,*m,*z; + BIGNUM *w_1,*b,*m,*z,*tmp,*mont_1; int a; + BN_MONT_CTX *mont=NULL; if (!BN_is_bit_set(w,0)) return(0); - ctx=BN_CTX_new(); - if (ctx == NULL) goto err; - ctx2=BN_CTX_new(); - if (ctx2 == NULL) goto err; + if ((ctx=BN_CTX_new()) == NULL) goto err; + if ((ctx2=BN_CTX_new()) == NULL) goto err; + if ((mont=BN_MONT_CTX_new()) == NULL) goto err; - m= ctx2->bn[2]; - b= ctx2->bn[3]; - z= ctx2->bn[4]; - w_1=ctx2->bn[5]; + m= &(ctx2->bn[2]); + b= &(ctx2->bn[3]); + z= &(ctx2->bn[4]); + w_1= &(ctx2->bn[5]); + tmp= &(ctx2->bn[6]); + mont_1= &(ctx2->bn[7]); /* step 1 */ n=50; @@ -282,24 +288,30 @@ char *cb_arg; ; if (!BN_rshift(m,w_1,a)) goto err; + BN_MONT_CTX_set(mont,w,ctx); + BN_to_montgomery(mont_1,BN_value_one(),mont,ctx); + BN_to_montgomery(w_1,w_1,mont,ctx); for (i=1; i < n; i++) { /* step 3 */ BN_rand(b,BN_num_bits(w)-2/*-1*/,0,0); - BN_set_word(b,0x10001L); + /* BN_set_word(b,0x10001L); */ /* step 4 */ j=0; - if (!BN_mod_exp(z,b,m,w,ctx)) goto err; + if (!BN_mod_exp_mont(z,b,m,w,ctx,mont)) goto err; + + if (!BN_to_montgomery(z,z,mont,ctx)) goto err; /* step 5 */ for (;;) { - if (((j == 0) && BN_is_one(z)) || (BN_cmp(z,w_1) == 0)) + if (((j == 0) && (BN_cmp(z,mont_1) == 0)) || + (BN_cmp(z,w_1) == 0)) break; /* step 6 */ - if ((j > 0) && BN_is_one(z)) + if ((j > 0) && (BN_cmp(z,mont_1) == 0)) { ok=0; goto err; @@ -312,7 +324,7 @@ char *cb_arg; goto err; } - if (!BN_mod_mul(z,z,z,w,ctx)) goto err; + if (!BN_mod_mul_montgomery(z,z,z,mont,ctx)) goto err; if (callback != NULL) callback(1,j,cb_arg); } } diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c index b647257f9..bfa9ca28d 100644 --- a/crypto/dsa/dsa_lib.c +++ b/crypto/dsa/dsa_lib.c @@ -64,7 +64,7 @@ #include "dsa.h" #include "asn1.h" -char *DSA_version="\0DSA part of SSLeay 0.9.0b 29-Jun-1998"; +char *DSA_version="\0DSA part of SSLeay 0.9.1a 06-Jul-1998"; DSA *DSA_new() { @@ -82,12 +82,14 @@ DSA *DSA_new() ret->p=NULL; ret->q=NULL; ret->g=NULL; + ret->flags=DSA_FLAG_CACHE_MONT_P; ret->pub_key=NULL; ret->priv_key=NULL; ret->kinv=NULL; ret->r=NULL; + ret->method_mont_p=NULL; ret->references=1; return(ret); @@ -120,6 +122,8 @@ DSA *r; if (r->priv_key != NULL) BN_clear_free(r->priv_key); if (r->kinv != NULL) BN_clear_free(r->kinv); if (r->r != NULL) BN_clear_free(r->r); + if (r->method_mont_p != NULL) + BN_MONT_CTX_free((BN_MONT_CTX *)r->method_mont_p); Free(r); } diff --git a/crypto/dsa/dsa_sign.c b/crypto/dsa/dsa_sign.c index 6ca1c318f..c4df4e5b7 100644 --- a/crypto/dsa/dsa_sign.c +++ b/crypto/dsa/dsa_sign.c @@ -77,8 +77,8 @@ unsigned int *siglen; /* out */ DSA *dsa; { BIGNUM *kinv=NULL,*r=NULL; - BIGNUM *m=NULL; - BIGNUM *xr=NULL,*s=NULL; + BIGNUM m; + BIGNUM xr,s; BN_CTX *ctx=NULL; unsigned char *p; int i,len=0,ret=0,reason=ERR_R_BN_LIB; @@ -86,6 +86,10 @@ DSA *dsa; MS_STATIC unsigned char rbuf[50]; /* assuming r is 20 bytes +extra */ MS_STATIC unsigned char sbuf[50]; /* assuming s is 20 bytes +extra */ + BN_init(&m); + BN_init(&xr); + BN_init(&s); + i=BN_num_bytes(dsa->q); /* should be 20 */ if ((dlen > i) || (dlen > 50)) { @@ -108,17 +112,14 @@ DSA *dsa; dsa->r=NULL; } - m=BN_new(); - xr=BN_new(); - s=BN_new(); - if (m == NULL || xr == NULL || s == NULL) goto err; - - if (BN_bin2bn(dgst,dlen,m) == NULL) goto err; + if (BN_bin2bn(dgst,dlen,&m) == NULL) goto err; /* Compute s = inv(k) (m + xr) mod q */ - if (!BN_mul(xr, dsa->priv_key, r)) goto err; /* s = xr */ - if (!BN_add(s, xr, m)) goto err; /* s = m + xr */ - if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err; + if (!BN_mod_mul(&xr,dsa->priv_key,r,dsa->q,ctx)) goto err;/* s = xr */ + if (!BN_add(&s, &xr, &m)) goto err; /* s = m + xr */ + if (BN_cmp(&s,dsa->q) > 0) + BN_sub(&s,&s,dsa->q); + if (!BN_mod_mul(&s,&s,kinv,dsa->q,ctx)) goto err; /* * Now create a ASN.1 sequence of the integers R and S. @@ -128,7 +129,7 @@ DSA *dsa; rbs.type = V_ASN1_INTEGER; sbs.type = V_ASN1_INTEGER; rbs.length=BN_bn2bin(r,rbs.data); - sbs.length=BN_bn2bin(s,sbs.data); + sbs.length=BN_bn2bin(&s,sbs.data); len =i2d_ASN1_INTEGER(&rbs,NULL); len+=i2d_ASN1_INTEGER(&sbs,NULL); @@ -147,9 +148,9 @@ err: if (r != NULL) BN_clear_free(r); #endif if (ctx != NULL) BN_CTX_free(ctx); - if (m != NULL) BN_clear_free(m); - if (xr != NULL) BN_clear_free(xr); - if (s != NULL) BN_clear_free(s); + BN_clear_free(&m); + BN_clear_free(&xr); + BN_clear_free(&s); return(ret); } @@ -160,7 +161,7 @@ BIGNUM **kinvp; BIGNUM **rp; { BN_CTX *ctx; - BIGNUM *k=NULL,*kinv=NULL,*r=NULL; + BIGNUM k,*kinv=NULL,*r=NULL; int ret=0; if (ctx_in == NULL) @@ -170,29 +171,33 @@ BIGNUM **rp; else ctx=ctx_in; - r=BN_new(); - k=BN_new(); - if ((r == NULL) || (k == NULL)) - goto err; + BN_init(&k); + if ((r=BN_new()) == NULL) goto err; kinv=NULL; - if (r == NULL) goto err; - /* Get random k */ for (;;) { - if (!BN_rand(k, BN_num_bits(dsa->q), 1, 0)) goto err; - if (BN_cmp(k,dsa->q) >= 0) - BN_sub(k,k,dsa->q); - if (!BN_is_zero(k)) break; + if (!BN_rand(&k, BN_num_bits(dsa->q), 1, 0)) goto err; + if (BN_cmp(&k,dsa->q) >= 0) + BN_sub(&k,&k,dsa->q); + if (!BN_is_zero(&k)) break; + } + + if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P)) + { + if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) + if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p, + dsa->p,ctx)) goto err; } /* Compute r = (g^k mod p) mod q */ - if (!BN_mod_exp(r,dsa->g,k,dsa->p,ctx)) goto err; + if (!BN_mod_exp_mont(r,dsa->g,&k,dsa->p,ctx, + (BN_MONT_CTX *)dsa->method_mont_p)) goto err; if (!BN_mod(r,r,dsa->q,ctx)) goto err; /* Compute part of 's = inv(k) (m + xr) mod q' */ - if ((kinv=BN_mod_inverse(k,dsa->q,ctx)) == NULL) goto err; + if ((kinv=BN_mod_inverse(NULL,&k,dsa->q,ctx)) == NULL) goto err; if (*kinvp != NULL) BN_clear_free(*kinvp); *kinvp=kinv; @@ -208,8 +213,8 @@ err: if (r != NULL) BN_clear_free(r); } if (ctx_in == NULL) BN_CTX_free(ctx); - if (k != NULL) BN_clear_free(k); if (kinv != NULL) BN_clear_free(kinv); + BN_clear_free(&k); return(ret); } diff --git a/crypto/dsa/dsa_vrf.c b/crypto/dsa/dsa_vrf.c index 0f860984e..71cefbeaa 100644 --- a/crypto/dsa/dsa_vrf.c +++ b/crypto/dsa/dsa_vrf.c @@ -85,52 +85,76 @@ DSA *dsa; ASN1_CTX c; unsigned char **pp= &sigbuf; BN_CTX *ctx; - BIGNUM *r=NULL; - BIGNUM *t1=NULL,*t2=NULL; - BIGNUM *u1=NULL,*u2=NULL; + BIGNUM r,u1,u2,t1; ASN1_INTEGER *bs=NULL; + BN_MONT_CTX *mont=NULL; int ret = -1; - ctx=BN_CTX_new(); - if (ctx == NULL) goto err; + if ((ctx=BN_CTX_new()) == NULL) goto err; + if ((mont=BN_MONT_CTX_new()) == NULL) goto err; - t1=BN_new(); - t2=BN_new(); - if (t1 == NULL || t2 == NULL) goto err; + BN_init(&u1); + BN_init(&u2); + BN_init(&r); + BN_init(&t1); M_ASN1_D2I_Init(); M_ASN1_D2I_start_sequence(); M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((r=BN_bin2bn(bs->data,bs->length,NULL)) == NULL) goto err_bn; + if ((BN_bin2bn(bs->data,bs->length,&r)) == NULL) goto err_bn; M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((u1=BN_bin2bn(bs->data,bs->length,NULL)) == NULL) goto err_bn; + if ((BN_bin2bn(bs->data,bs->length,&u1)) == NULL) goto err_bn; if (!asn1_Finish(&c)) goto err; /* Calculate W = inv(S) mod Q * save W in u2 */ - if ((u2=BN_mod_inverse(u1,dsa->q,ctx)) == NULL) goto err_bn; + if ((BN_mod_inverse(&u2,&u1,dsa->q,ctx)) == NULL) goto err_bn; /* save M in u1 */ - if (BN_bin2bn(dgst,dgst_len,u1) == NULL) goto err_bn; + if (BN_bin2bn(dgst,dgst_len,&u1) == NULL) goto err_bn; /* u1 = M * w mod q */ - if (!BN_mod_mul(u1,u1,u2,dsa->q,ctx)) goto err_bn; + if (!BN_mod_mul(&u1,&u1,&u2,dsa->q,ctx)) goto err_bn; /* u2 = r * w mod q */ - if (!BN_mod_mul(u2,r,u2,dsa->q,ctx)) goto err_bn; + if (!BN_mod_mul(&u2,&r,&u2,dsa->q,ctx)) goto err_bn; + if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P)) + { + if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) + if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p, + dsa->p,ctx)) goto err; + } + mont=(BN_MONT_CTX *)dsa->method_mont_p; + +#if 0 + { + BIGNUM t2; + + BN_init(&t2); /* v = ( g^u1 * y^u2 mod p ) mod q */ /* let t1 = g ^ u1 mod p */ - if (!BN_mod_exp(t1,dsa->g,u1,dsa->p,ctx)) goto err_bn; + if (!BN_mod_exp_mont(&t1,dsa->g,&u1,dsa->p,ctx,mont)) goto err_bn; /* let t2 = y ^ u2 mod p */ - if (!BN_mod_exp(t2,dsa->pub_key,u2,dsa->p,ctx)) goto err_bn; + if (!BN_mod_exp_mont(&t2,dsa->pub_key,&u2,dsa->p,ctx,mont)) goto err_bn; /* let u1 = t1 * t2 mod p */ - if (!BN_mod_mul(u1,t1,t2,dsa->p,ctx)) goto err_bn; + if (!BN_mod_mul(&u1,&t1,&t2,dsa->p,ctx)) goto err_bn; + BN_free(&t2); + } + /* let u1 = u1 mod q */ + if (!BN_mod(&u1,&u1,dsa->q,ctx)) goto err_bn; +#else + { + if (!BN_mod_exp2_mont(&t1,dsa->g,&u1,dsa->pub_key,&u2,dsa->p,ctx,mont)) + goto err_bn; + /* BN_copy(&u1,&t1); */ /* let u1 = u1 mod q */ - if (!BN_mod(u1,u1,dsa->q,ctx)) goto err_bn; + if (!BN_mod(&u1,&t1,dsa->q,ctx)) goto err_bn; + } +#endif /* V is now in u1. If the signature is correct, it will be * equal to R. */ - ret=(BN_ucmp(u1, r) == 0); + ret=(BN_ucmp(&u1, &r) == 0); if (0) { err: /* ASN1 error */ @@ -142,11 +166,10 @@ err_bn: /* BN error */ DSAerr(DSA_F_DSA_VERIFY,ERR_R_BN_LIB); } if (ctx != NULL) BN_CTX_free(ctx); - if (r != NULL) BN_free(r); - if (t1 != NULL) BN_free(t1); - if (t2 != NULL) BN_free(t2); - if (u1 != NULL) BN_free(u1); - if (u2 != NULL) BN_free(u2); + BN_free(&r); + BN_free(&u1); + BN_free(&u2); + BN_free(&t1); if (bs != NULL) ASN1_BIT_STRING_free(bs); return(ret); } diff --git a/crypto/err/err.c b/crypto/err/err.c index a65192493..5cf621855 100644 --- a/crypto/err/err.c +++ b/crypto/err/err.c @@ -81,6 +81,7 @@ static unsigned long err_hash(); static int err_cmp(); static unsigned long pid_hash(); static int pid_cmp(); +static unsigned long get_error_values(); static void ERR_STATE_free(); ERR_STATE *s; #endif @@ -148,6 +149,14 @@ static ERR_STRING_DATA ERR_str_reasons[]= {ERR_R_PKCS7_LIB ,"PKCS7 lib"}, {ERR_R_MALLOC_FAILURE ,"Malloc failure"}, {ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED ,"called a fuction you should not call"}, +{ERR_R_PASSED_NULL_PARAMETER ,"passed a null parameter"}, +{ERR_R_NESTED_ASN1_ERROR ,"nested asn1 error"}, +{ERR_R_BAD_ASN1_OBJECT_HEADER ,"bad asn1 object header"}, +{ERR_R_BAD_GET_ASN1_OBJECT_CALL ,"bad get asn1 object call"}, +{ERR_R_EXPECTING_AN_ASN1_SEQUENCE ,"expecting an asn1 sequence"}, +{ERR_R_ASN1_LENGTH_MISMATCH ,"asn1 length mismatch"}, +{ERR_R_MISSING_ASN1_EOS ,"missing asn1 eos"}, + {0,NULL}, }; #endif @@ -539,7 +548,9 @@ ERR_STATE *ERR_get_state() CRYPTO_w_lock(CRYPTO_LOCK_ERR); if (thread_hash == NULL) { + MemCheck_off(); thread_hash=lh_new(pid_hash,pid_cmp); + MemCheck_on(); CRYPTO_w_unlock(CRYPTO_LOCK_ERR); if (thread_hash == NULL) return(&fallback); } @@ -618,20 +629,24 @@ VAR_ALIST for (i=0; i<num; i++) { VAR_ARG(args,char *,a); - n+=strlen(a); - if (n > s) + /* ignore NULLs, thanks to Bob Beck <beck@obtuse.com> */ + if (a != NULL) { - s=n+20; - p=Realloc(str,s+1); - if (p == NULL) + n+=strlen(a); + if (n > s) { - Free(str); - return; + s=n+20; + p=Realloc(str,s+1); + if (p == NULL) + { + Free(str); + return; + } + else + str=p; } - else - str=p; + strcat(str,a); } - strcat(str,a); } ERR_set_error_data(str,ERR_TXT_MALLOCED|ERR_TXT_STRING); diff --git a/crypto/err/err.h b/crypto/err/err.h index 75f931be1..c81dedd66 100644 --- a/crypto/err/err.h +++ b/crypto/err/err.h @@ -192,6 +192,12 @@ typedef struct err_state_st #define ERR_R_MALLOC_FAILURE (1|ERR_R_FATAL) #define ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED (2|ERR_R_FATAL) #define ERR_R_PASSED_NULL_PARAMETER (3|ERR_R_FATAL) +#define ERR_R_NESTED_ASN1_ERROR (4) +#define ERR_R_BAD_ASN1_OBJECT_HEADER (5) +#define ERR_R_BAD_GET_ASN1_OBJECT_CALL (6) +#define ERR_R_EXPECTING_AN_ASN1_SEQUENCE (7) +#define ERR_R_ASN1_LENGTH_MISMATCH (8) +#define ERR_R_MISSING_ASN1_EOS (9) typedef struct ERR_string_data_st { diff --git a/crypto/err/err_genc.pl b/crypto/err/err_genc.pl index d3251da84..87c6da9a6 100644 --- a/crypto/err/err_genc.pl +++ b/crypto/err/err_genc.pl @@ -86,8 +86,8 @@ void ERR_load_${type}_strings() if (${type}_lib_error_code == 0) ${type}_lib_error_code=ERR_get_next_error_library(); - if (init); - {; + if (init) + { init=0; $str } @@ -113,8 +113,8 @@ void ERR_load_${type}_strings() { static int init=1; - if (init); - {; + if (init) + { init=0; $str } diff --git a/crypto/err/ssleay.ec b/crypto/err/ssleay.ec index 10b5dbb59..12cb3432a 100644 --- a/crypto/err/ssleay.ec +++ b/crypto/err/ssleay.ec @@ -20,6 +20,7 @@ L SSL ../ssl/ssl.err L SSL2 ../ssl/ssl2.err L SSL3 ../ssl/ssl3.err L SSL23 ../ssl/ssl23.err +L COMP comp/comp.err F RSAREF_F_RSA_BN2BIN F RSAREF_F_RSA_PRIVATE_DECRYPT @@ -30,6 +31,8 @@ F RSAREF_F_RSA_PUBLIC_ENCRYPT R SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010 R SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020 +R SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021 +R SSL_R_TLSV1_ALERT_RECORD_OVERFLOW 1022 R SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE 1030 R SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040 R SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041 @@ -39,6 +42,16 @@ R SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED 1044 R SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED 1045 R SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN 1046 R SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047 +R SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048 +R SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049 +R SSL_R_TLSV1_ALERT_DECODE_ERROR 1050 +R SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051 +R SSL_R_TLSV1_ALERT_EXPORT_RESTRICION 1060 +R SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070 +R SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071 +R SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080 +R SSL_R_TLSV1_ALERT_USER_CANCLED 1090 +R SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100 R RSAREF_R_CONTENT_ENCODING 0x0400 R RSAREF_R_DATA 0x0401 diff --git a/crypto/evp/bio_enc.c b/crypto/evp/bio_enc.c index 6c30ddfc5..ad09b94b1 100644 --- a/crypto/evp/bio_enc.c +++ b/crypto/evp/bio_enc.c @@ -298,6 +298,7 @@ char *ptr; BIO_ENC_CTX *ctx,*dctx; long ret=1; int i; + EVP_CIPHER_CTX **c_ctx; ctx=(BIO_ENC_CTX *)b->ptr; @@ -364,7 +365,11 @@ again: ret=BIO_ctrl(b->next_bio,cmd,num,ptr); BIO_copy_next_retry(b); break; - + case BIO_C_GET_CIPHER_CTX: + c_ctx=(EVP_CIPHER_CTX **)ptr; + (*c_ctx)= &(ctx->cipher); + b->init=1; + break; case BIO_CTRL_DUP: dbio=(BIO *)ptr; dctx=(BIO_ENC_CTX *)dbio->ptr; diff --git a/crypto/evp/c_all.c b/crypto/evp/c_all.c index e77d1c896..f2e0500dd 100644 --- a/crypto/evp/c_all.c +++ b/crypto/evp/c_all.c @@ -79,16 +79,16 @@ void SSLeay_add_all_ciphers() EVP_add_cipher(EVP_des_ede3_ofb()); EVP_add_cipher(EVP_desx_cbc()); - EVP_add_alias(SN_desx_cbc,"DESX"); - EVP_add_alias(SN_desx_cbc,"desx"); + EVP_add_cipher_alias(SN_desx_cbc,"DESX"); + EVP_add_cipher_alias(SN_desx_cbc,"desx"); EVP_add_cipher(EVP_des_cbc()); - EVP_add_alias(SN_des_cbc,"DES"); - EVP_add_alias(SN_des_cbc,"des"); + EVP_add_cipher_alias(SN_des_cbc,"DES"); + EVP_add_cipher_alias(SN_des_cbc,"des"); EVP_add_cipher(EVP_des_ede_cbc()); EVP_add_cipher(EVP_des_ede3_cbc()); - EVP_add_alias(SN_des_ede3_cbc,"DES3"); - EVP_add_alias(SN_des_ede3_cbc,"des3"); + EVP_add_cipher_alias(SN_des_ede3_cbc,"DES3"); + EVP_add_cipher_alias(SN_des_ede3_cbc,"des3"); EVP_add_cipher(EVP_des_ecb()); EVP_add_cipher(EVP_des_ede()); @@ -105,8 +105,8 @@ void SSLeay_add_all_ciphers() EVP_add_cipher(EVP_idea_cfb()); EVP_add_cipher(EVP_idea_ofb()); EVP_add_cipher(EVP_idea_cbc()); - EVP_add_alias(SN_idea_cbc,"IDEA"); - EVP_add_alias(SN_idea_cbc,"idea"); + EVP_add_cipher_alias(SN_idea_cbc,"IDEA"); + EVP_add_cipher_alias(SN_idea_cbc,"idea"); #endif #ifndef NO_RC2 @@ -115,8 +115,9 @@ void SSLeay_add_all_ciphers() EVP_add_cipher(EVP_rc2_ofb()); EVP_add_cipher(EVP_rc2_cbc()); EVP_add_cipher(EVP_rc2_40_cbc()); - EVP_add_alias(SN_rc2_cbc,"RC2"); - EVP_add_alias(SN_rc2_cbc,"rc2"); + EVP_add_cipher(EVP_rc2_64_cbc()); + EVP_add_cipher_alias(SN_rc2_cbc,"RC2"); + EVP_add_cipher_alias(SN_rc2_cbc,"rc2"); #endif #ifndef NO_BLOWFISH @@ -124,9 +125,9 @@ void SSLeay_add_all_ciphers() EVP_add_cipher(EVP_bf_cfb()); EVP_add_cipher(EVP_bf_ofb()); EVP_add_cipher(EVP_bf_cbc()); - EVP_add_alias(SN_bf_cbc,"BF"); - EVP_add_alias(SN_bf_cbc,"bf"); - EVP_add_alias(SN_bf_cbc,"blowfish"); + EVP_add_cipher_alias(SN_bf_cbc,"BF"); + EVP_add_cipher_alias(SN_bf_cbc,"bf"); + EVP_add_cipher_alias(SN_bf_cbc,"blowfish"); #endif #ifndef NO_CAST @@ -134,10 +135,10 @@ void SSLeay_add_all_ciphers() EVP_add_cipher(EVP_cast5_cfb()); EVP_add_cipher(EVP_cast5_ofb()); EVP_add_cipher(EVP_cast5_cbc()); - EVP_add_alias(SN_cast5_cbc,"CAST"); - EVP_add_alias(SN_cast5_cbc,"cast"); - EVP_add_alias(SN_cast5_cbc,"CAST-cbc"); - EVP_add_alias(SN_cast5_cbc,"cast-cbc"); + EVP_add_cipher_alias(SN_cast5_cbc,"CAST"); + EVP_add_cipher_alias(SN_cast5_cbc,"cast"); + EVP_add_cipher_alias(SN_cast5_cbc,"CAST-cbc"); + EVP_add_cipher_alias(SN_cast5_cbc,"cast-cbc"); #endif #ifndef NO_RC5 @@ -145,10 +146,8 @@ void SSLeay_add_all_ciphers() EVP_add_cipher(EVP_rc5_32_12_16_cfb()); EVP_add_cipher(EVP_rc5_32_12_16_ofb()); EVP_add_cipher(EVP_rc5_32_12_16_cbc()); - EVP_add_alias(SN_rc5_cbc,"rc5"); - EVP_add_alias(SN_rc5_cbc,"RC5"); - EVP_add_alias(SN_rc5_cbc,"rc5-cbc"); - EVP_add_alias(SN_rc5_cbc,"RC5-cbc"); + EVP_add_cipher_alias(SN_rc5_cbc,"rc5"); + EVP_add_cipher_alias(SN_rc5_cbc,"RC5"); #endif } @@ -160,8 +159,8 @@ void SSLeay_add_all_digests() #endif #ifndef NO_MD5 EVP_add_digest(EVP_md5()); - EVP_add_alias(SN_md5,"ssl2-md5"); - EVP_add_alias(SN_md5,"ssl3-md5"); + EVP_add_digest_alias(SN_md5,"ssl2-md5"); + EVP_add_digest_alias(SN_md5,"ssl3-md5"); #endif #ifndef NO_SHA EVP_add_digest(EVP_sha()); @@ -171,20 +170,21 @@ void SSLeay_add_all_digests() #endif #ifndef NO_SHA1 EVP_add_digest(EVP_sha1()); - EVP_add_alias(SN_sha1,"ssl3-sha1"); + EVP_add_digest_alias(SN_sha1,"ssl3-sha1"); + EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA); #ifndef NO_DSA EVP_add_digest(EVP_dss1()); - EVP_add_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2); - EVP_add_alias(SN_dsaWithSHA1,"DSS1"); - EVP_add_alias(SN_dsaWithSHA1,"dss1"); + EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2); + EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1"); + EVP_add_digest_alias(SN_dsaWithSHA1,"dss1"); #endif #endif #if !defined(NO_MDC2) && !defined(NO_DES) EVP_add_digest(EVP_mdc2()); #endif -#ifndef NO_RIPEMD160 +#ifndef NO_RMD160 EVP_add_digest(EVP_ripemd160()); - EVP_add_alias(SN_ripemd160,"ripemd"); - EVP_add_alias(SN_ripemd160,"rmd160"); + EVP_add_digest_alias(SN_ripemd160,"ripemd"); + EVP_add_digest_alias(SN_ripemd160,"rmd160"); #endif } diff --git a/crypto/evp/e_cbc_r2.c b/crypto/evp/e_cbc_r2.c index 4f8002f16..9175e5355 100644 --- a/crypto/evp/e_cbc_r2.c +++ b/crypto/evp/e_cbc_r2.c @@ -68,11 +68,25 @@ static void rc2_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, unsigned char *iv,int enc); static void rc2_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl); +static int rc2_meth_to_magic(EVP_CIPHER *e); +static EVP_CIPHER *rc2_magic_to_meth(int i); +static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type); +static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type); + #else + static void rc2_cbc_init_key(); static void rc2_cbc_cipher(); +static int rc2_meth_to_magic(); +static EVP_CIPHER *rc2_magic_to_meth(); +static int rc2_set_asn1_type_and_iv(); +static int rc2_get_asn1_type_and_iv(); #endif +#define RC2_40_MAGIC 0xa0 +#define RC2_64_MAGIC 0x78 +#define RC2_128_MAGIC 0x3a + static EVP_CIPHER r2_cbc_cipher= { NID_rc2_cbc, @@ -82,8 +96,21 @@ static EVP_CIPHER r2_cbc_cipher= NULL, sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+ sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2_ks)), - EVP_CIPHER_get_asn1_iv, - EVP_CIPHER_set_asn1_iv, + rc2_set_asn1_type_and_iv, + rc2_get_asn1_type_and_iv, + }; + +static EVP_CIPHER r2_64_cbc_cipher= + { + NID_rc2_40_cbc, + 8,8 /* 64 bit */,8, + rc2_cbc_init_key, + rc2_cbc_cipher, + NULL, + sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+ + sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2_ks)), + rc2_set_asn1_type_and_iv, + rc2_get_asn1_type_and_iv, }; static EVP_CIPHER r2_40_cbc_cipher= @@ -95,6 +122,8 @@ static EVP_CIPHER r2_40_cbc_cipher= NULL, sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+ sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2_ks)), + rc2_set_asn1_type_and_iv, + rc2_get_asn1_type_and_iv, }; EVP_CIPHER *EVP_rc2_cbc() @@ -102,6 +131,11 @@ EVP_CIPHER *EVP_rc2_cbc() return(&r2_cbc_cipher); } +EVP_CIPHER *EVP_rc2_64_cbc() + { + return(&r2_64_cbc_cipher); + } + EVP_CIPHER *EVP_rc2_40_cbc() { return(&r2_40_cbc_cipher); @@ -133,4 +167,73 @@ unsigned int inl; ctx->encrypt); } +static int rc2_meth_to_magic(e) +EVP_CIPHER *e; + { + int i; + + i=EVP_CIPHER_key_length(e); + if (i == 128) return(RC2_128_MAGIC); + else if (i == 64) return(RC2_64_MAGIC); + else if (i == 40) return(RC2_40_MAGIC); + else return(0); + } + +static EVP_CIPHER *rc2_magic_to_meth(i) +int i; + { + if (i == RC2_128_MAGIC) return(EVP_rc2_cbc()); + else if (i == RC2_64_MAGIC) return(EVP_rc2_64_cbc()); + else if (i == RC2_40_MAGIC) return(EVP_rc2_40_cbc()); + else + { + EVPerr(EVP_F_RC2_MAGIC_TO_METH,EVP_R_UNSUPPORTED_KEY_SIZE); + return(NULL); + } + } + +int rc2_get_asn1_type_and_iv(c,type) +EVP_CIPHER_CTX *c; +ASN1_TYPE *type; + { + long num=0; + int i=0,l; + EVP_CIPHER *e; + + if (type != NULL) + { + l=EVP_CIPHER_CTX_iv_length(c); + i=ASN1_TYPE_get_int_octetstring(type,&num,c->oiv,l); + if (i != l) + return(-1); + else if (i > 0) + memcpy(c->iv,c->oiv,l); + e=rc2_magic_to_meth((int)num); + if (e == NULL) + return(-1); + if (e != EVP_CIPHER_CTX_cipher(c)) + { + EVP_CIPHER_CTX_cipher(c)=e; + rc2_cbc_init_key(c,NULL,NULL,1); + } + } + return(i); + } + +static int rc2_set_asn1_type_and_iv(c,type) +EVP_CIPHER_CTX *c; +ASN1_TYPE *type; + { + long num; + int i=0,j; + + if (type != NULL) + { + num=rc2_meth_to_magic(EVP_CIPHER_CTX_cipher(c)); + j=EVP_CIPHER_CTX_iv_length(c); + i=ASN1_TYPE_set_int_octetstring(type,num,c->oiv,j); + } + return(i); + } + #endif diff --git a/crypto/evp/e_cfb_r2.c b/crypto/evp/e_cfb_r2.c index af5a39d1f..849be7e63 100644 --- a/crypto/evp/e_cfb_r2.c +++ b/crypto/evp/e_cfb_r2.c @@ -103,8 +103,8 @@ int enc; memcpy(&(ctx->oiv[0]),iv,8); memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8); if (key != NULL) - RC2_set_key(&(ctx->c.rc2_ks),EVP_RC2_KEY_SIZE,key, - EVP_RC2_KEY_SIZE*8); + RC2_set_key(&(ctx->c.rc2_ks),EVP_CIPHER_CTX_key_length(ctx), + key,EVP_CIPHER_CTX_key_length(ctx)*8); } static void rc2_cfb_cipher(ctx,out,in,inl) diff --git a/crypto/evp/e_ecb_r2.c b/crypto/evp/e_ecb_r2.c index e35b06dc6..4e74af96b 100644 --- a/crypto/evp/e_ecb_r2.c +++ b/crypto/evp/e_ecb_r2.c @@ -98,8 +98,8 @@ unsigned char *iv; int enc; { if (key != NULL) - RC2_set_key(&(ctx->c.rc2_ks),EVP_RC2_KEY_SIZE,key, - EVP_RC2_KEY_SIZE*8); + RC2_set_key(&(ctx->c.rc2_ks),EVP_CIPHER_CTX_key_length(ctx), + key,EVP_CIPHER_CTX_key_length(ctx)*8); } static void rc2_ecb_cipher(ctx,out,in,inl) diff --git a/crypto/evp/e_ofb_r2.c b/crypto/evp/e_ofb_r2.c index 0f6d72998..4ed67eacd 100644 --- a/crypto/evp/e_ofb_r2.c +++ b/crypto/evp/e_ofb_r2.c @@ -103,8 +103,8 @@ int enc; memcpy(&(ctx->oiv[0]),iv,8); memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8); if (key != NULL) - RC2_set_key(&(ctx->c.rc2_ks),EVP_RC2_KEY_SIZE,key, - EVP_RC2_KEY_SIZE*8); + RC2_set_key(&(ctx->c.rc2_ks),EVP_CIPHER_CTX_key_length(ctx), + key,EVP_CIPHER_CTX_key_length(ctx)*8); } static void rc2_ofb_cipher(ctx,out,in,inl) diff --git a/crypto/evp/evp.err b/crypto/evp/evp.err index cfc17437b..b6ed82948 100644 --- a/crypto/evp/evp.err +++ b/crypto/evp/evp.err @@ -10,6 +10,7 @@ #define EVP_F_EVP_PKEY_NEW 106 #define EVP_F_EVP_SIGNFINAL 107 #define EVP_F_EVP_VERIFYFINAL 108 +#define EVP_F_RC2_MAGIC_TO_METH 109 /* Reason codes. */ #define EVP_R_BAD_DECRYPT 100 @@ -20,5 +21,6 @@ #define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105 #define EVP_R_PUBLIC_KEY_NOT_RSA 106 #define EVP_R_UNSUPPORTED_CIPHER 107 -#define EVP_R_WRONG_FINAL_BLOCK_LENGTH 108 -#define EVP_R_WRONG_PUBLIC_KEY_TYPE 109 +#define EVP_R_UNSUPPORTED_KEY_SIZE 108 +#define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109 +#define EVP_R_WRONG_PUBLIC_KEY_TYPE 110 diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index b39fad93a..e6296ce83 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -72,7 +72,7 @@ extern "C" { #if !defined(NO_SHA) || !defined(NO_SHA1) #include "sha.h" #endif -#ifndef NO_RIPEMD +#ifndef NO_RMD160 #include "ripemd.h" #endif #ifndef NO_DES @@ -183,7 +183,7 @@ typedef struct evp_pkey_st * This is required because for various smart-card perform the digest and * signing/verification on-board. To handle this case, the specific * EVP_MD and EVP_PKEY_METHODs need to be closely associated. - * When a PKEY is created, it will have a EVP_PKEY_METHOD ossociated with it. + * When a PKEY is created, it will have a EVP_PKEY_METHOD associated with it. * This can either be software or a token to provide the required low level * routines. */ @@ -296,7 +296,7 @@ typedef struct env_md_ctx_st #ifndef NO_MD5 MD5_CTX md5; #endif -#ifndef NO_MD5 +#ifndef NO_RMD160 RIPEMD160_CTX ripemd160; #endif #if !defined(NO_SHA) || !defined(NO_SHA1) @@ -445,9 +445,19 @@ typedef struct evp_Encode_Ctx_st #define BIO_get_md(b,mdp) BIO_ctrl(b,BIO_C_GET_MD,0,(char *)mdp) #define BIO_get_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(char *)mdcp) #define BIO_get_cipher_status(b) BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL) +#define BIO_get_cipher_ctx(b,c_pp) BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp) #define EVP_Cipher(c,o,i,l) (c)->cipher->do_cipher((c),(o),(i),(l)) +#define EVP_add_cipher_alias(n,alias) \ + OBJ_NAME_add((alias),OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS,(n)) +#define EVP_add_digest_alias(n,alias) \ + OBJ_NAME_add((alias),OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,(n)) +#define EVP_delete_cipher_alias(alias) \ + OBJ_NAME_remove(alias,OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS); +#define EVP_delete_digest_alias(alias) \ + OBJ_NAME_remove(alias,OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS); + #ifndef NOPROTO void EVP_DigestInit(EVP_MD_CTX *ctx, EVP_MD *type); @@ -556,6 +566,7 @@ EVP_CIPHER *EVP_idea_cbc(void); EVP_CIPHER *EVP_rc2_ecb(void); EVP_CIPHER *EVP_rc2_cbc(void); EVP_CIPHER *EVP_rc2_40_cbc(void); +EVP_CIPHER *EVP_rc2_64_cbc(void); EVP_CIPHER *EVP_rc2_cfb(void); EVP_CIPHER *EVP_rc2_ofb(void); EVP_CIPHER *EVP_bf_ecb(void); @@ -577,8 +588,6 @@ void SSLeay_add_all_digests(void); int EVP_add_cipher(EVP_CIPHER *cipher); int EVP_add_digest(EVP_MD *digest); -int EVP_add_alias(char *name,char *alias); -int EVP_delete_alias(char *name); EVP_CIPHER *EVP_get_cipherbyname(char *name); EVP_MD *EVP_get_digestbyname(char *name); @@ -705,6 +714,7 @@ EVP_CIPHER *EVP_idea_cbc(); EVP_CIPHER *EVP_rc2_ecb(); EVP_CIPHER *EVP_rc2_cbc(); EVP_CIPHER *EVP_rc2_40_cbc(); +EVP_CIPHER *EVP_rc2_64_cbc(); EVP_CIPHER *EVP_rc2_cfb(); EVP_CIPHER *EVP_rc2_ofb(); EVP_CIPHER *EVP_bf_ecb(); @@ -726,8 +736,6 @@ void SSLeay_add_all_digests(); int EVP_add_cipher(); int EVP_add_digest(); -int EVP_add_alias(); -int EVP_delete_alias(); EVP_CIPHER *EVP_get_cipherbyname(); EVP_MD *EVP_get_digestbyname(); @@ -773,6 +781,7 @@ int EVP_CIPHER_get_asn1_iv(); #define EVP_F_EVP_PKEY_NEW 106 #define EVP_F_EVP_SIGNFINAL 107 #define EVP_F_EVP_VERIFYFINAL 108 +#define EVP_F_RC2_MAGIC_TO_METH 109 /* Reason codes. */ #define EVP_R_BAD_DECRYPT 100 @@ -783,8 +792,9 @@ int EVP_CIPHER_get_asn1_iv(); #define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105 #define EVP_R_PUBLIC_KEY_NOT_RSA 106 #define EVP_R_UNSUPPORTED_CIPHER 107 -#define EVP_R_WRONG_FINAL_BLOCK_LENGTH 108 -#define EVP_R_WRONG_PUBLIC_KEY_TYPE 109 +#define EVP_R_UNSUPPORTED_KEY_SIZE 108 +#define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109 +#define EVP_R_WRONG_PUBLIC_KEY_TYPE 110 #ifdef __cplusplus } diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index 93cc3a946..ea580b1df 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -60,7 +60,7 @@ #include "cryptlib.h" #include "evp.h" -char *EVP_version="EVP part of SSLeay 0.9.0b 29-Jun-1998"; +char *EVP_version="EVP part of SSLeay 0.9.1a 06-Jul-1998"; void EVP_CIPHER_CTX_init(ctx) EVP_CIPHER_CTX *ctx; diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c index 2b0a0ab93..c7caa3b13 100644 --- a/crypto/evp/evp_err.c +++ b/crypto/evp/evp_err.c @@ -72,6 +72,7 @@ static ERR_STRING_DATA EVP_str_functs[]= {ERR_PACK(0,EVP_F_EVP_PKEY_NEW,0), "EVP_PKEY_new"}, {ERR_PACK(0,EVP_F_EVP_SIGNFINAL,0), "EVP_SignFinal"}, {ERR_PACK(0,EVP_F_EVP_VERIFYFINAL,0), "EVP_VerifyFinal"}, +{ERR_PACK(0,EVP_F_RC2_MAGIC_TO_METH,0), "RC2_MAGIC_TO_METH"}, {0,NULL}, }; @@ -85,6 +86,7 @@ static ERR_STRING_DATA EVP_str_reasons[]= {EVP_R_NO_VERIFY_FUNCTION_CONFIGURED ,"no verify function configured"}, {EVP_R_PUBLIC_KEY_NOT_RSA ,"public key not rsa"}, {EVP_R_UNSUPPORTED_CIPHER ,"unsupported cipher"}, +{EVP_R_UNSUPPORTED_KEY_SIZE ,"unsupported key size"}, {EVP_R_WRONG_FINAL_BLOCK_LENGTH ,"wrong final block length"}, {EVP_R_WRONG_PUBLIC_KEY_TYPE ,"wrong public key type"}, {0,NULL}, @@ -96,8 +98,8 @@ void ERR_load_EVP_strings() { static int init=1; - if (init); - {; + if (init) + { init=0; #ifndef NO_ERR ERR_load_strings(ERR_LIB_EVP,EVP_str_functs); diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c index 69784eb55..729fc8f4e 100644 --- a/crypto/evp/evp_lib.c +++ b/crypto/evp/evp_lib.c @@ -97,7 +97,10 @@ ASN1_TYPE *type; { l=EVP_CIPHER_CTX_iv_length(c); i=ASN1_TYPE_get_octetstring(type,c->oiv,l); - memcpy(c->iv,c->oiv,l); + if (i != l) + return(-1); + else if (i > 0) + memcpy(c->iv,c->oiv,l); } return(i); } diff --git a/crypto/evp/names.c b/crypto/evp/names.c index e0774da20..4cc715606 100644 --- a/crypto/evp/names.c +++ b/crypto/evp/names.c @@ -61,225 +61,60 @@ #include "evp.h" #include "objects.h" -typedef struct aliases_st { - char *alias; - /* This must be the last field becaue I will allocate things - * so they go off the end of it */ - char name[4]; - } ALIASES; - -static STACK /* ALIASES */ *aliases=NULL; -static STACK /* EVP_CIPHERS */ *ciphers=NULL; -static STACK /* EVP_MD */ *digests=NULL; - -static int cipher_nid_cmp(a,b) -EVP_CIPHER **a,**b; - { return((*a)->nid - (*b)->nid); } - -static int digest_type_cmp(a,b) -EVP_MD **a,**b; - { return((*a)->pkey_type - (*b)->pkey_type); } - int EVP_add_cipher(c) EVP_CIPHER *c; { - int i; + int r; - if (ciphers == NULL) - { - ciphers=sk_new(cipher_nid_cmp); - if (ciphers == NULL) return(0); - } - if ((i=sk_find(ciphers,(char *)c)) >= 0) - { - if (sk_value(ciphers,i) == (char *)c) - return(1); - sk_delete(ciphers,i); - } - return(sk_push(ciphers,(char *)c)); + r=OBJ_NAME_add(OBJ_nid2sn(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(char *)c); + if (r == 0) return(0); + r=OBJ_NAME_add(OBJ_nid2ln(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(char *)c); + return(r); } int EVP_add_digest(md) EVP_MD *md; { - int i; - char *n; + int r; + char *name; - if (digests == NULL) - { - digests=sk_new(digest_type_cmp); - if (digests == NULL) return(0); - } - if ((i=sk_find(digests,(char *)md)) >= 0) - { - if (sk_value(digests,i) == (char *)md) - return(1); - sk_delete(digests,i); - } - if (md->type != md->pkey_type) - { - n=OBJ_nid2sn(md->pkey_type); - EVP_add_alias(n,OBJ_nid2sn(md->type)); - EVP_add_alias(n,OBJ_nid2ln(md->type)); - } - sk_push(digests,(char *)md); - return(1); - } - -static int alias_cmp(a,b) -ALIASES **a,**b; - { - return(strcmp((*a)->alias,(*b)->alias)); - } + name=OBJ_nid2sn(md->type); + r=OBJ_NAME_add(name,OBJ_NAME_TYPE_MD_METH,(char *)md); + if (r == 0) return(0); + r=OBJ_NAME_add(OBJ_nid2ln(md->type),OBJ_NAME_TYPE_MD_METH,(char *)md); + if (r == 0) return(0); -int EVP_add_alias(name,aname) -char *name; -char *aname; - { - int l1,l2,i; - ALIASES *a; - char *p; - - if ((name == NULL) || (aname == NULL)) return(0); - l1=strlen(name)+1; - l2=strlen(aname)+1; - i=sizeof(ALIASES)+l1+l2; - if ((a=(ALIASES *)Malloc(i)) == NULL) - return(0); - strcpy(a->name,name); - p= &(a->name[l1]); - strcpy(p,aname); - a->alias=p; - - if (aliases == NULL) - { - aliases=sk_new(alias_cmp); - if (aliases == NULL) goto err; - } - - if ((i=sk_find(aliases,(char *)a)) >= 0) - { - Free(sk_delete(aliases,i)); - } - if (!sk_push(aliases,(char *)a)) goto err; - return(1); -err: - return(0); - } - -int EVP_delete_alias(name) -char *name; - { - ALIASES a; - int i; - - if (aliases != NULL) + if (md->type != md->pkey_type) { - a.alias=name; - if ((i=sk_find(aliases,(char *)&a)) >= 0) - { - Free(sk_delete(aliases,i)); - return(1); - } + r=OBJ_NAME_add(OBJ_nid2sn(md->pkey_type), + OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,name); + if (r == 0) return(0); + r=OBJ_NAME_add(OBJ_nid2ln(md->pkey_type), + OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,name); } - return(0); + return(r); } EVP_CIPHER *EVP_get_cipherbyname(name) char *name; { - int nid,num=6,i; - EVP_CIPHER c,*cp; - ALIASES a,*ap; + EVP_CIPHER *cp; - if (ciphers == NULL) return(NULL); - for (;;) - { - if (num-- <= 0) return(NULL); - if (aliases != NULL) - { - a.alias=name; - i=sk_find(aliases,(char *)&a); - if (i >= 0) - { - ap=(ALIASES *)sk_value(aliases,i); - name=ap->name; - continue; - } - } - - nid=OBJ_txt2nid(name); - if (nid == NID_undef) return(NULL); - c.nid=nid; - i=sk_find(ciphers,(char *)&c); - if (i >= 0) - { - cp=(EVP_CIPHER *)sk_value(ciphers,i); - return(cp); - } - else - return(NULL); - } + cp=(EVP_CIPHER *)OBJ_NAME_get(name,OBJ_NAME_TYPE_CIPHER_METH); + return(cp); } EVP_MD *EVP_get_digestbyname(name) char *name; { - int nid,num=6,i; - EVP_MD c,*cp; - ALIASES a,*ap; + EVP_MD *cp; - if (digests == NULL) return(NULL); - - for (;;) - { - if (num-- <= 0) return(NULL); - - if (aliases != NULL) - { - a.alias=name; - i=sk_find(aliases,(char *)&a); - if (i >= 0) - { - ap=(ALIASES *)sk_value(aliases,i); - name=ap->name; - continue; - } - } - - nid=OBJ_txt2nid(name); - if (nid == NID_undef) return(NULL); - c.pkey_type=nid; - i=sk_find(digests,(char *)&c); - if (i >= 0) - { - cp=(EVP_MD *)sk_value(digests,i); - return(cp); - } - else - return(NULL); - } + cp=(EVP_MD *)OBJ_NAME_get(name,OBJ_NAME_TYPE_MD_METH); + return(cp); } void EVP_cleanup() { - int i; - - if (aliases != NULL) - { - for (i=0; i<sk_num(aliases); i++) - Free(sk_value(aliases,i)); - sk_free(aliases); - aliases=NULL; - } - if (ciphers != NULL) - { - sk_free(ciphers); - ciphers=NULL; - } - if (digests != NULL) - { - sk_free(digests); - digests=NULL; - } + OBJ_NAME_cleanup(OBJ_NAME_TYPE_CIPHER_METH); + OBJ_NAME_cleanup(OBJ_NAME_TYPE_MD_METH); } diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 395351b37..581df867d 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -90,6 +90,8 @@ EVP_PKEY *pkey; int EVP_PKEY_size(pkey) EVP_PKEY *pkey; { + if (pkey == NULL) + return(0); #ifndef NO_RSA if (pkey->type == EVP_PKEY_RSA) return(RSA_size(pkey->pkey.rsa)); diff --git a/crypto/ex_data.c b/crypto/ex_data.c index c858b518f..42b8b9d1b 100644 --- a/crypto/ex_data.c +++ b/crypto/ex_data.c @@ -72,20 +72,22 @@ int (*new_func)(); int (*dup_func)(); void (*free_func)(); { + int ret= -1; CRYPTO_EX_DATA_FUNCS *a; + MemCheck_off(); if (*skp == NULL) *skp=sk_new_null(); if (*skp == NULL) { CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,ERR_R_MALLOC_FAILURE); - return(-1); + goto err; } a=(CRYPTO_EX_DATA_FUNCS *)Malloc(sizeof(CRYPTO_EX_DATA_FUNCS)); if (a == NULL) { CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,ERR_R_MALLOC_FAILURE); - return(-1); + goto err; } a->argl=argl; a->argp=argp; @@ -98,10 +100,13 @@ void (*free_func)(); { CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,ERR_R_MALLOC_FAILURE); Free(a); - return(-1); + goto err; } } sk_value(*skp,idx)=(char *)a; + ret=idx; +err: + MemCheck_on(); return(idx); } diff --git a/crypto/idea/i_ecb.c b/crypto/idea/i_ecb.c index 6721126db..5d5f8e032 100644 --- a/crypto/idea/i_ecb.c +++ b/crypto/idea/i_ecb.c @@ -59,7 +59,7 @@ #include "idea.h" #include "idea_lcl.h" -char *IDEA_version="IDEA part of SSLeay 0.9.0b 29-Jun-1998"; +char *IDEA_version="IDEA part of SSLeay 0.9.1a 06-Jul-1998"; char *idea_options() { diff --git a/crypto/idea/idea_spd.c b/crypto/idea/idea_spd.c index 4b3eec512..98060d9b8 100644 --- a/crypto/idea/idea_spd.c +++ b/crypto/idea/idea_spd.c @@ -92,7 +92,8 @@ struct tms { #include <sys/timeb.h> #endif -#ifdef sun +#if defined(sun) || defined(__ultrix) +#define _POSIX_SOURCE #include <limits.h> #include <sys/param.h> #endif diff --git a/crypto/lhash/lhash.c b/crypto/lhash/lhash.c index 6dfb5c9cc..97006c449 100644 --- a/crypto/lhash/lhash.c +++ b/crypto/lhash/lhash.c @@ -56,11 +56,16 @@ * [including the GNU Public Licence.] */ -char *lh_version="lhash part of SSLeay 0.9.0b 29-Jun-1998"; +char *lh_version="lhash part of SSLeay 0.9.1a 06-Jul-1998"; /* Code for dynamic hash table routines * Author - Eric Young v 2.0 * + * 2.2 eay - added #include "crypto.h" so the memory leak checking code is + * present. eay 18-Jun-98 + * + * 2.1 eay - Added an 'error in last operation' flag. eay 6-May-98 + * * 2.0 eay - Fixed a bug that occured when using lh_delete * from inside lh_doall(). As entries were deleted, * the 'table' was 'contract()ed', making some entries @@ -94,6 +99,7 @@ char *lh_version="lhash part of SSLeay 0.9.0b 29-Jun-1998"; #include <stdio.h> #include <string.h> #include <stdlib.h> +#include "crypto.h" #include "lhash.h" #undef MIN_NODES @@ -126,9 +132,9 @@ int (*c)(); LHASH *ret; int i; - if ((ret=(LHASH *)malloc(sizeof(LHASH))) == NULL) + if ((ret=(LHASH *)Malloc(sizeof(LHASH))) == NULL) goto err0; - if ((ret->b=(LHASH_NODE **)malloc(sizeof(LHASH_NODE *)*MIN_NODES)) == NULL) + if ((ret->b=(LHASH_NODE **)Malloc(sizeof(LHASH_NODE *)*MIN_NODES)) == NULL) goto err1; for (i=0; i<MIN_NODES; i++) ret->b[i]=NULL; @@ -156,9 +162,10 @@ int (*c)(); ret->num_retrieve_miss=0; ret->num_hash_comps=0; + ret->error=0; return(ret); err1: - free((char *)ret); + Free((char *)ret); err0: return(NULL); } @@ -175,12 +182,12 @@ LHASH *lh; while (n != NULL) { nn=n->next; - free(n); + Free(n); n=nn; } } - free((char *)lh->b); - free((char *)lh); + Free((char *)lh->b); + Free((char *)lh); } char *lh_insert(lh, data) @@ -191,6 +198,7 @@ char *data; LHASH_NODE *nn,**rn; char *ret; + lh->error=0; if (lh->up_load <= (lh->num_items*LH_LOAD_MULT/lh->num_nodes)) expand(lh); @@ -198,8 +206,11 @@ char *data; if (*rn == NULL) { - if ((nn=(LHASH_NODE *)malloc(sizeof(LHASH_NODE))) == NULL) + if ((nn=(LHASH_NODE *)Malloc(sizeof(LHASH_NODE))) == NULL) + { + lh->error++; return(NULL); + } nn->data=data; nn->next=NULL; #ifndef NO_HASH_COMP @@ -227,6 +238,7 @@ char *data; LHASH_NODE *nn,**rn; char *ret; + lh->error=0; rn=getrn(lh,data,&hash); if (*rn == NULL) @@ -239,7 +251,7 @@ char *data; nn= *rn; *rn=nn->next; ret=nn->data; - free((char *)nn); + Free((char *)nn); lh->num_delete++; } @@ -259,6 +271,7 @@ char *data; LHASH_NODE **rn; char *ret; + lh->error=0; rn=getrn(lh,data,&hash); if (*rn == NULL) @@ -342,11 +355,12 @@ LHASH *lh; if ((lh->p) >= lh->pmax) { j=(int)lh->num_alloc_nodes*2; - n=(LHASH_NODE **)realloc((char *)lh->b, + n=(LHASH_NODE **)Realloc((char *)lh->b, (unsigned int)sizeof(LHASH_NODE *)*j); if (n == NULL) { /* fputs("realloc error in lhash",stderr); */ + lh->error++; lh->p=0; return; } @@ -370,11 +384,12 @@ LHASH *lh; lh->b[lh->p+lh->pmax-1]=NULL; /* 24/07-92 - eay - weird but :-( */ if (lh->p == 0) { - n=(LHASH_NODE **)realloc((char *)lh->b, + n=(LHASH_NODE **)Realloc((char *)lh->b, (unsigned int)(sizeof(LHASH_NODE *)*lh->pmax)); if (n == NULL) { /* fputs("realloc error in lhash",stderr); */ + lh->error++; return; } lh->num_contract_reallocs++; diff --git a/crypto/lhash/lhash.h b/crypto/lhash/lhash.h index 70cbc6dfe..06aad873b 100644 --- a/crypto/lhash/lhash.h +++ b/crypto/lhash/lhash.h @@ -102,10 +102,16 @@ typedef struct lhash_st unsigned long num_retrieve; unsigned long num_retrieve_miss; unsigned long num_hash_comps; + + int error; } LHASH; #define LH_LOAD_MULT 256 +/* Indicates a malloc() error in the last call, this is only bad + * in lh_insert(). */ +#define lh_error(lh) ((lh)->error) + #ifndef NOPROTO LHASH *lh_new(unsigned long (*h)(), int (*c)()); void lh_free(LHASH *lh); diff --git a/crypto/md2/md2_dgst.c b/crypto/md2/md2_dgst.c index 5cbd36f3f..6a60dd2fb 100644 --- a/crypto/md2/md2_dgst.c +++ b/crypto/md2/md2_dgst.c @@ -61,7 +61,7 @@ #include <string.h> #include "md2.h" -char *MD2_version="MD2 part of SSLeay 0.9.0b 29-Jun-1998"; +char *MD2_version="MD2 part of SSLeay 0.9.1a 06-Jul-1998"; /* Implemented from RFC1319 The MD2 Message-Digest Algorithm */ diff --git a/crypto/md5/Makefile.ssl b/crypto/md5/Makefile.ssl index 47e1ce05c..abbe2eef8 100644 --- a/crypto/md5/Makefile.ssl +++ b/crypto/md5/Makefile.ssl @@ -59,7 +59,7 @@ asm/mx86-out.o: asm/mx86unix.cpp # bsdi asm/mx86bsdi.o: asm/mx86unix.cpp - $(CPP) -DBSDI asm/mx86unix.cpp | as -o asm/mx86bsdi.o + $(CPP) -DBSDI asm/mx86unix.cpp | sed 's/ :/:/' | as -o asm/mx86bsdi.o asm/mx86unix.cpp: (cd asm; perl md5-586.pl cpp >mx86unix.cpp) diff --git a/crypto/md5/md5_dgst.c b/crypto/md5/md5_dgst.c index 43b3498d9..367b5bce0 100644 --- a/crypto/md5/md5_dgst.c +++ b/crypto/md5/md5_dgst.c @@ -59,7 +59,7 @@ #include <stdio.h> #include "md5_locl.h" -char *MD5_version="MD5 part of SSLeay 0.9.0b 29-Jun-1998"; +char *MD5_version="MD5 part of SSLeay 0.9.1a 06-Jul-1998"; /* Implemented from RFC1321 The MD5 Message-Digest Algorithm */ diff --git a/crypto/mdc2/mdc2dgst.c b/crypto/mdc2/mdc2dgst.c index 3f3d11a1a..2a086c061 100644 --- a/crypto/mdc2/mdc2dgst.c +++ b/crypto/mdc2/mdc2dgst.c @@ -150,9 +150,11 @@ unsigned int len; (*h)[0]=((*h)[0]&0x9f)|0x40; (*hh)[0]=((*hh)[0]&0x9f)|0x20; + des_set_odd_parity(h); des_set_key(h,k); des_encrypt((DES_LONG *)d,k,1); + des_set_odd_parity(hh); des_set_key(hh,k); des_encrypt((DES_LONG *)dd,k,1); diff --git a/crypto/mem.c b/crypto/mem.c index 72e501ad0..e5f24923c 100644 --- a/crypto/mem.c +++ b/crypto/mem.c @@ -63,7 +63,11 @@ #include "lhash.h" #include "cryptlib.h" +#ifdef CRYPTO_MDEBUG +static int mh_mode=CRYPTO_MEM_CHECK_ON; +#else static int mh_mode=CRYPTO_MEM_CHECK_OFF; +#endif static unsigned long order=0; static LHASH *mh=NULL; @@ -91,6 +95,13 @@ int mode; case CRYPTO_MEM_CHECK_OFF: mh_mode&= ~CRYPTO_MEM_CHECK_ON; break; + case CRYPTO_MEM_CHECK_DISABLE: + mh_mode&= ~CRYPTO_MEM_CHECK_ENABLE; + break; + case CRYPTO_MEM_CHECK_ENABLE: + if (mh_mode&CRYPTO_MEM_CHECK_ON) + mh_mode|=CRYPTO_MEM_CHECK_ENABLE; + break; default: break; } @@ -115,6 +126,8 @@ MEM *a; return(ret); } +static char *(*malloc_locked_func)()=(char *(*)())malloc; +static void (*free_locked_func)()=(void (*)())free; static char *(*malloc_func)()= (char *(*)())malloc; static char *(*realloc_func)()= (char *(*)())realloc; static void (*free_func)()= (void (*)())free; @@ -128,6 +141,17 @@ void (*f)(); malloc_func=m; realloc_func=r; free_func=f; + malloc_locked_func=m; + free_locked_func=f; + } + +void CRYPTO_set_locked_mem_functions(m,f) +char *(*m)(); +void (*f)(); + { + if ((m == NULL) || (f == NULL)) return; + malloc_locked_func=m; + free_locked_func=f; } void CRYPTO_get_mem_functions(m,r,f) @@ -140,6 +164,26 @@ void (**f)(); if (f != NULL) *f=free_func; } +void CRYPTO_get_locked_mem_functions(m,f) +char *(**m)(); +void (**f)(); + { + if (m != NULL) *m=malloc_locked_func; + if (f != NULL) *f=free_locked_func; + } + +char *CRYPTO_malloc_locked(num) +int num; + { + return(malloc_locked_func(num)); + } + +void CRYPTO_free_locked(str) +char *str; + { + free_locked_func(str); + } + char *CRYPTO_malloc(num) int num; { @@ -159,6 +203,7 @@ char *str; free_func(str); } +static unsigned long break_order_num=0; char *CRYPTO_dbg_malloc(num,file,line) int num; char *file; @@ -170,11 +215,13 @@ int line; if ((ret=malloc_func(num)) == NULL) return(NULL); - if (mh_mode & CRYPTO_MEM_CHECK_ON) + if (mh_mode & CRYPTO_MEM_CHECK_ENABLE) { - if ((m=(MEM *)malloc(sizeof(MEM))) == NULL) + MemCheck_off(); + if ((m=(MEM *)Malloc(sizeof(MEM))) == NULL) { - free(ret); + Free(ret); + MemCheck_on(); return(NULL); } CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); @@ -182,9 +229,10 @@ int line; { if ((mh=lh_new(mem_hash,mem_cmp)) == NULL) { - free(ret); - free(m); - return(NULL); + Free(ret); + Free(m); + ret=NULL; + goto err; } } @@ -192,13 +240,20 @@ int line; m->file=file; m->line=line; m->num=num; + if (order == break_order_num) + { + /* BREAK HERE */ + m->order=order; + } m->order=order++; if ((mm=(MEM *)lh_insert(mh,(char *)m)) != NULL) { /* Not good, but don't sweat it */ - free(mm); + Free(mm); } +err: CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC); + MemCheck_on(); } return(ret); } @@ -208,14 +263,16 @@ char *addr; { MEM m,*mp; - if ((mh_mode & CRYPTO_MEM_CHECK_ON) && (mh != NULL)) + if ((mh_mode & CRYPTO_MEM_CHECK_ENABLE) && (mh != NULL)) { + MemCheck_off(); CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); m.addr=addr; mp=(MEM *)lh_delete(mh,(char *)&m); if (mp != NULL) - free(mp); + Free(mp); CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC); + MemCheck_on(); } free_func(addr); } @@ -232,8 +289,9 @@ int line; ret=realloc_func(addr,num); if (ret == addr) return(ret); - if (mh_mode & CRYPTO_MEM_CHECK_ON) + if (mh_mode & CRYPTO_MEM_CHECK_ENABLE) { + MemCheck_off(); if (ret == NULL) return(NULL); m.addr=addr; CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); @@ -244,6 +302,7 @@ int line; lh_insert(mh,(char *)mp); } CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC); + MemCheck_on(); } return(ret); } @@ -308,11 +367,12 @@ BIO *b; ml.bytes,ml.chunks); BIO_puts(b,buf); } - /* + +#if 0 lh_stats_bio(mh,b); lh_node_stats_bio(mh,b); lh_node_usage_stats_bio(mh,b); - */ +#endif } static void (*mem_cb)()=NULL; diff --git a/crypto/objects/Makefile.ssl b/crypto/objects/Makefile.ssl index 320523cea..4fa4a7dbf 100644 --- a/crypto/objects/Makefile.ssl +++ b/crypto/objects/Makefile.ssl @@ -22,8 +22,8 @@ TEST= APPS= LIB=$(TOP)/libcrypto.a -LIBSRC= obj_dat.c obj_lib.c $(ERRC).c -LIBOBJ= obj_dat.o obj_lib.o $(ERRC).o +LIBSRC= o_names.c obj_dat.c obj_lib.c $(ERRC).c +LIBOBJ= o_names.o obj_dat.o obj_lib.o $(ERRC).o SRC= $(LIBSRC) diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c index 34866ebbd..93424a373 100644 --- a/crypto/objects/obj_dat.c +++ b/crypto/objects/obj_dat.c @@ -64,7 +64,20 @@ #include "objects.h" /* obj_dat.h is generated from objects.h by obj_dat.pl */ +#ifndef NO_OBJECT #include "obj_dat.h" +#else +/* You will have to load all the objects needed manually in the application */ +#define NUM_NID 0 +#define NUM_SN 0 +#define NUM_LN 0 +#define NUM_OBJ 0 +static unsigned char lvalues[1]; +static ASN1_OBJECT nid_objs[1]; +static ASN1_OBJECT *sn_objs[1]; +static ASN1_OBJECT *ln_objs[1]; +static ASN1_OBJECT *obj_objs[1]; +#endif #ifndef NOPROTO static int sn_cmp(ASN1_OBJECT **a, ASN1_OBJECT **b); @@ -163,6 +176,7 @@ ADDED_OBJ *ca,*cb; default: abort(); } + return(1); /* should not get here */ } static int init_added() @@ -177,7 +191,8 @@ ADDED_OBJ *a; { a->obj->nid=0; a->obj->flags|=ASN1_OBJECT_FLAG_DYNAMIC| - ASN1_OBJECT_FLAG_DYNAMIC_STRINGS; + ASN1_OBJECT_FLAG_DYNAMIC_STRINGS| + ASN1_OBJECT_FLAG_DYNAMIC_DATA; } static void cleanup2(a) @@ -247,7 +262,9 @@ ASN1_OBJECT *obj; Free(aop); } } - o->flags&= ~(ASN1_OBJECT_FLAG_DYNAMIC|ASN1_OBJECT_FLAG_DYNAMIC_STRINGS); + o->flags&= ~(ASN1_OBJECT_FLAG_DYNAMIC|ASN1_OBJECT_FLAG_DYNAMIC_STRINGS| + ASN1_OBJECT_FLAG_DYNAMIC_DATA); + return(o->nid); err: for (i=ADDED_DATA; i<=ADDED_NID; i++) @@ -502,7 +519,7 @@ int OBJ_create_objects(in) BIO *in; { MS_STATIC char buf[512]; - int i,num= -1; + int i,num=0; char *o,*s,*l=NULL; for (;;) @@ -544,7 +561,7 @@ BIO *in; if (!OBJ_create(o,s,l)) return(num); num++; } - return(num); + /* return(num); */ } int OBJ_create(oid,sn,ln) diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index 6f106759a..ea79d47f5 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -61,276 +61,281 @@ * perl obj_dat.pl < objects.h > obj_dat.h */ -#define NUM_NID 124 -#define NUM_SN 95 -#define NUM_LN 122 -#define NUM_OBJ 95 +#define NUM_NID 126 +#define NUM_SN 97 +#define NUM_LN 124 +#define NUM_OBJ 98 -static unsigned char lvalues[600]={ -0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x05, /* [ 21] OBJ_md5 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x04, /* [ 29] OBJ_rc4 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x01,/* [ 37] OBJ_rsaEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x02,/* [ 46] OBJ_md2WithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x04,/* [ 55] OBJ_md5WithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x01,/* [ 64] OBJ_pbeWithMD2AndDES_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x03,/* [ 73] OBJ_pbeWithMD5AndDES_CBC */ -0x55, /* [ 82] OBJ_X500 */ -0x55,0x04, /* [ 83] OBJ_X509 */ -0x55,0x04,0x03, /* [ 85] OBJ_commonName */ -0x55,0x04,0x06, /* [ 88] OBJ_countryName */ -0x55,0x04,0x07, /* [ 91] OBJ_localityName */ -0x55,0x04,0x08, /* [ 94] OBJ_stateOrProvinceName */ -0x55,0x04,0x0A, /* [ 97] OBJ_organizationName */ -0x55,0x04,0x0B, /* [100] OBJ_organizationalUnitName */ -0x55,0x08,0x01,0x01, /* [103] OBJ_rsa */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07, /* [107] OBJ_pkcs7 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x01,/* [115] OBJ_pkcs7_data */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x02,/* [124] OBJ_pkcs7_signed */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x03,/* [133] OBJ_pkcs7_enveloped */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x04,/* [142] OBJ_pkcs7_signedAndEnveloped */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x05,/* [151] OBJ_pkcs7_digest */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x06,/* [160] OBJ_pkcs7_encrypted */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03, /* [169] OBJ_pkcs3 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03,0x01,/* [177] OBJ_dhKeyAgreement */ -0x2B,0x0E,0x03,0x02,0x06, /* [186] OBJ_des_ecb */ -0x2B,0x0E,0x03,0x02,0x09, /* [191] OBJ_des_cfb64 */ -0x2B,0x0E,0x03,0x02,0x07, /* [196] OBJ_des_cbc */ -0x2B,0x0E,0x03,0x02,0x11, /* [201] OBJ_des_ede */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x02, /* [206] OBJ_rc2_cbc */ -0x2B,0x0E,0x03,0x02,0x12, /* [214] OBJ_sha */ -0x2B,0x0E,0x03,0x02,0x0F, /* [219] OBJ_shaWithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x07, /* [224] OBJ_des_ede3_cbc */ -0x2B,0x0E,0x03,0x02,0x08, /* [232] OBJ_des_ofb64 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09, /* [237] OBJ_pkcs9 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,/* [245] OBJ_pkcs9_emailAddress */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x02,/* [254] OBJ_pkcs9_unstructuredName */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x03,/* [263] OBJ_pkcs9_contentType */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x04,/* [272] OBJ_pkcs9_messageDigest */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x05,/* [281] OBJ_pkcs9_signingTime */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x06,/* [290] OBJ_pkcs9_countersignature */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x07,/* [299] OBJ_pkcs9_challengePassword */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x08,/* [308] OBJ_pkcs9_unstructuredAddress */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x09,/* [317] OBJ_pkcs9_extCertAttributes */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42, /* [326] OBJ_netscape */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01, /* [333] OBJ_netscape_cert_extension */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02, /* [341] OBJ_netscape_data_type */ -0x2B,0x0E,0x03,0x02,0x1A, /* [349] OBJ_sha1 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,/* [354] OBJ_sha1WithRSAEncryption */ -0x2B,0x0E,0x03,0x02,0x0D, /* [363] OBJ_dsaWithSHA */ -0x2B,0x0E,0x03,0x02,0x0C, /* [368] OBJ_dsa_2 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0B,/* [373] OBJ_pbeWithSHA1AndRC2_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0C,/* [382] OBJ_pbeWithSHA1AndRC4 */ -0x2B,0x0E,0x03,0x02,0x1B, /* [391] OBJ_dsaWithSHA1_2 */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x01,/* [396] OBJ_netscape_cert_type */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x02,/* [405] OBJ_netscape_base_url */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x03,/* [414] OBJ_netscape_revocation_url */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x04,/* [423] OBJ_netscape_ca_revocation_url */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x07,/* [432] OBJ_netscape_renewal_url */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x08,/* [441] OBJ_netscape_ca_policy_url */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0C,/* [450] OBJ_netscape_ssl_server_name */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0D,/* [459] OBJ_netscape_comment */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02,0x05,/* [468] OBJ_netscape_cert_sequence */ -0x55,0x1D, /* [477] OBJ_ld_ce */ -0x55,0x1D,0x0E, /* [479] OBJ_subject_key_identifier */ -0x55,0x1D,0x0F, /* [482] OBJ_key_usage */ -0x55,0x1D,0x10, /* [485] OBJ_private_key_usage_period */ -0x55,0x1D,0x11, /* [488] OBJ_subject_alt_name */ -0x55,0x1D,0x12, /* [491] OBJ_issuer_alt_name */ -0x55,0x1D,0x13, /* [494] OBJ_basic_constraints */ -0x55,0x1D,0x14, /* [497] OBJ_crl_number */ -0x55,0x1D,0x20, /* [500] OBJ_certificate_policies */ -0x55,0x1D,0x23, /* [503] OBJ_authority_key_identifier */ -0x55,0x08,0x03,0x65, /* [506] OBJ_mdc2 */ -0x55,0x08,0x03,0x64, /* [510] OBJ_mdc2WithRSA */ -0x55,0x04,0x2A, /* [514] OBJ_givenName */ -0x55,0x04,0x04, /* [517] OBJ_surname */ -0x55,0x04,0x2B, /* [520] OBJ_initials */ -0x55,0x04,0x2D, /* [523] OBJ_uniqueIdentifier */ -0x55,0x1D,0x1F, /* [526] OBJ_crl_distribution_points */ -0x2B,0x0E,0x03,0x02,0x03, /* [529] OBJ_md5WithRSA */ -0x55,0x04,0x05, /* [534] OBJ_serialNumber */ -0x55,0x04,0x0C, /* [537] OBJ_title */ -0x55,0x04,0x0D, /* [540] OBJ_description */ -0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0A,/* [543] OBJ_cast5_cbc */ -0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0C,/* [552] OBJ_pbeWithMD5AndCast5_CBC */ -0x2A,0x86,0x48,0xCE,0x38,0x04,0x03, /* [561] OBJ_dsaWithSHA1 */ -0x2B,0x0E,0x03,0x02,0x1D, /* [568] OBJ_sha1WithRSA */ -0x2A,0x86,0x48,0xCE,0x38,0x04,0x01, /* [573] OBJ_dsa */ -0x2B,0x24,0x03,0x02,0x01, /* [580] OBJ_ripemd160 */ -0x2B,0x24,0x03,0x03,0x01,0x02, /* [585] OBJ_ripemd160WithRSA */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x08, /* [591] OBJ_rc5_cbc */ +static unsigned char lvalues[611]={ +0x00, /* [ 0] OBJ_undef */ +0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 14] OBJ_md2 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x05, /* [ 22] OBJ_md5 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x04, /* [ 30] OBJ_rc4 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x01,/* [ 38] OBJ_rsaEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x02,/* [ 47] OBJ_md2WithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x04,/* [ 56] OBJ_md5WithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x01,/* [ 65] OBJ_pbeWithMD2AndDES_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x03,/* [ 74] OBJ_pbeWithMD5AndDES_CBC */ +0x55, /* [ 83] OBJ_X500 */ +0x55,0x04, /* [ 84] OBJ_X509 */ +0x55,0x04,0x03, /* [ 86] OBJ_commonName */ +0x55,0x04,0x06, /* [ 89] OBJ_countryName */ +0x55,0x04,0x07, /* [ 92] OBJ_localityName */ +0x55,0x04,0x08, /* [ 95] OBJ_stateOrProvinceName */ +0x55,0x04,0x0A, /* [ 98] OBJ_organizationName */ +0x55,0x04,0x0B, /* [101] OBJ_organizationalUnitName */ +0x55,0x08,0x01,0x01, /* [104] OBJ_rsa */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07, /* [108] OBJ_pkcs7 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x01,/* [116] OBJ_pkcs7_data */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x02,/* [125] OBJ_pkcs7_signed */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x03,/* [134] OBJ_pkcs7_enveloped */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x04,/* [143] OBJ_pkcs7_signedAndEnveloped */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x05,/* [152] OBJ_pkcs7_digest */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x06,/* [161] OBJ_pkcs7_encrypted */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03, /* [170] OBJ_pkcs3 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03,0x01,/* [178] OBJ_dhKeyAgreement */ +0x2B,0x0E,0x03,0x02,0x06, /* [187] OBJ_des_ecb */ +0x2B,0x0E,0x03,0x02,0x09, /* [192] OBJ_des_cfb64 */ +0x2B,0x0E,0x03,0x02,0x07, /* [197] OBJ_des_cbc */ +0x2B,0x0E,0x03,0x02,0x11, /* [202] OBJ_des_ede */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x02, /* [207] OBJ_rc2_cbc */ +0x2B,0x0E,0x03,0x02,0x12, /* [215] OBJ_sha */ +0x2B,0x0E,0x03,0x02,0x0F, /* [220] OBJ_shaWithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x07, /* [225] OBJ_des_ede3_cbc */ +0x2B,0x0E,0x03,0x02,0x08, /* [233] OBJ_des_ofb64 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09, /* [238] OBJ_pkcs9 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,/* [246] OBJ_pkcs9_emailAddress */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x02,/* [255] OBJ_pkcs9_unstructuredName */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x03,/* [264] OBJ_pkcs9_contentType */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x04,/* [273] OBJ_pkcs9_messageDigest */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x05,/* [282] OBJ_pkcs9_signingTime */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x06,/* [291] OBJ_pkcs9_countersignature */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x07,/* [300] OBJ_pkcs9_challengePassword */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x08,/* [309] OBJ_pkcs9_unstructuredAddress */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x09,/* [318] OBJ_pkcs9_extCertAttributes */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42, /* [327] OBJ_netscape */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01, /* [334] OBJ_netscape_cert_extension */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02, /* [342] OBJ_netscape_data_type */ +0x2B,0x0E,0x03,0x02,0x1A, /* [350] OBJ_sha1 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,/* [355] OBJ_sha1WithRSAEncryption */ +0x2B,0x0E,0x03,0x02,0x0D, /* [364] OBJ_dsaWithSHA */ +0x2B,0x0E,0x03,0x02,0x0C, /* [369] OBJ_dsa_2 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0B,/* [374] OBJ_pbeWithSHA1AndRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0C,/* [383] OBJ_pbeWithSHA1AndRC4 */ +0x2B,0x0E,0x03,0x02,0x1B, /* [392] OBJ_dsaWithSHA1_2 */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x01,/* [397] OBJ_netscape_cert_type */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x02,/* [406] OBJ_netscape_base_url */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x03,/* [415] OBJ_netscape_revocation_url */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x04,/* [424] OBJ_netscape_ca_revocation_url */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x07,/* [433] OBJ_netscape_renewal_url */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x08,/* [442] OBJ_netscape_ca_policy_url */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0C,/* [451] OBJ_netscape_ssl_server_name */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0D,/* [460] OBJ_netscape_comment */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02,0x05,/* [469] OBJ_netscape_cert_sequence */ +0x55,0x1D, /* [478] OBJ_ld_ce */ +0x55,0x1D,0x0E, /* [480] OBJ_subject_key_identifier */ +0x55,0x1D,0x0F, /* [483] OBJ_key_usage */ +0x55,0x1D,0x10, /* [486] OBJ_private_key_usage_period */ +0x55,0x1D,0x11, /* [489] OBJ_subject_alt_name */ +0x55,0x1D,0x12, /* [492] OBJ_issuer_alt_name */ +0x55,0x1D,0x13, /* [495] OBJ_basic_constraints */ +0x55,0x1D,0x14, /* [498] OBJ_crl_number */ +0x55,0x1D,0x20, /* [501] OBJ_certificate_policies */ +0x55,0x1D,0x23, /* [504] OBJ_authority_key_identifier */ +0x55,0x08,0x03,0x65, /* [507] OBJ_mdc2 */ +0x55,0x08,0x03,0x64, /* [511] OBJ_mdc2WithRSA */ +0x55,0x04,0x2A, /* [515] OBJ_givenName */ +0x55,0x04,0x04, /* [518] OBJ_surname */ +0x55,0x04,0x2B, /* [521] OBJ_initials */ +0x55,0x04,0x2D, /* [524] OBJ_uniqueIdentifier */ +0x55,0x1D,0x1F, /* [527] OBJ_crl_distribution_points */ +0x2B,0x0E,0x03,0x02,0x03, /* [530] OBJ_md5WithRSA */ +0x55,0x04,0x05, /* [535] OBJ_serialNumber */ +0x55,0x04,0x0C, /* [538] OBJ_title */ +0x55,0x04,0x0D, /* [541] OBJ_description */ +0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0A,/* [544] OBJ_cast5_cbc */ +0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0C,/* [553] OBJ_pbeWithMD5AndCast5_CBC */ +0x2A,0x86,0x48,0xCE,0x38,0x04,0x03, /* [562] OBJ_dsaWithSHA1 */ +0x2B,0x0E,0x03,0x02,0x1D, /* [569] OBJ_sha1WithRSA */ +0x2A,0x86,0x48,0xCE,0x38,0x04,0x01, /* [574] OBJ_dsa */ +0x2B,0x24,0x03,0x02,0x01, /* [581] OBJ_ripemd160 */ +0x2B,0x24,0x03,0x03,0x01,0x02, /* [586] OBJ_ripemd160WithRSA */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x08, /* [592] OBJ_rc5_cbc */ +0x29,0x01,0x01,0x85,0x1A, /* [600] OBJ_rle_compression */ +0x29,0x01,0x01,0x85,0x1A, /* [605] OBJ_zlib_compression */ }; static ASN1_OBJECT nid_objs[NUM_NID]={ -{"UNDEF","undefined",NID_undef,0,NULL}, -{"rsadsi","rsadsi",NID_rsadsi,6,&(lvalues[0]),0}, -{"pkcs","pkcs",NID_pkcs,7,&(lvalues[6]),0}, -{"MD2","md2",NID_md2,8,&(lvalues[13]),0}, -{"MD5","md5",NID_md5,8,&(lvalues[21]),0}, -{"RC4","rc4",NID_rc4,8,&(lvalues[29]),0}, -{"rsaEncryption","rsaEncryption",NID_rsaEncryption,9,&(lvalues[37]),0}, +{"UNDEF","undefined",NID_undef,1,&(lvalues[0]),0}, +{"rsadsi","rsadsi",NID_rsadsi,6,&(lvalues[1]),0}, +{"pkcs","pkcs",NID_pkcs,7,&(lvalues[7]),0}, +{"MD2","md2",NID_md2,8,&(lvalues[14]),0}, +{"MD5","md5",NID_md5,8,&(lvalues[22]),0}, +{"RC4","rc4",NID_rc4,8,&(lvalues[30]),0}, +{"rsaEncryption","rsaEncryption",NID_rsaEncryption,9,&(lvalues[38]),0}, {"RSA-MD2","md2WithRSAEncryption",NID_md2WithRSAEncryption,9, - &(lvalues[46]),0}, + &(lvalues[47]),0}, {"RSA-MD5","md5WithRSAEncryption",NID_md5WithRSAEncryption,9, - &(lvalues[55]),0}, + &(lvalues[56]),0}, {"pbeWithMD2AndDES-CBC","pbeWithMD2AndDES-CBC", - NID_pbeWithMD2AndDES_CBC,9,&(lvalues[64]),0}, + NID_pbeWithMD2AndDES_CBC,9,&(lvalues[65]),0}, {"pbeWithMD5AndDES-CBC","pbeWithMD5AndDES-CBC", - NID_pbeWithMD5AndDES_CBC,9,&(lvalues[73]),0}, -{"X500","X500",NID_X500,1,&(lvalues[82]),0}, -{"X509","X509",NID_X509,2,&(lvalues[83]),0}, -{"CN","commonName",NID_commonName,3,&(lvalues[85]),0}, -{"C","countryName",NID_countryName,3,&(lvalues[88]),0}, -{"L","localityName",NID_localityName,3,&(lvalues[91]),0}, -{"ST","stateOrProvinceName",NID_stateOrProvinceName,3,&(lvalues[94]),0}, -{"O","organizationName",NID_organizationName,3,&(lvalues[97]),0}, + NID_pbeWithMD5AndDES_CBC,9,&(lvalues[74]),0}, +{"X500","X500",NID_X500,1,&(lvalues[83]),0}, +{"X509","X509",NID_X509,2,&(lvalues[84]),0}, +{"CN","commonName",NID_commonName,3,&(lvalues[86]),0}, +{"C","countryName",NID_countryName,3,&(lvalues[89]),0}, +{"L","localityName",NID_localityName,3,&(lvalues[92]),0}, +{"ST","stateOrProvinceName",NID_stateOrProvinceName,3,&(lvalues[95]),0}, +{"O","organizationName",NID_organizationName,3,&(lvalues[98]),0}, {"OU","organizationalUnitName",NID_organizationalUnitName,3, - &(lvalues[100]),0}, -{"RSA","rsa",NID_rsa,4,&(lvalues[103]),0}, -{"pkcs7","pkcs7",NID_pkcs7,8,&(lvalues[107]),0}, -{"pkcs7-data","pkcs7-data",NID_pkcs7_data,9,&(lvalues[115]),0}, + &(lvalues[101]),0}, +{"RSA","rsa",NID_rsa,4,&(lvalues[104]),0}, +{"pkcs7","pkcs7",NID_pkcs7,8,&(lvalues[108]),0}, +{"pkcs7-data","pkcs7-data",NID_pkcs7_data,9,&(lvalues[116]),0}, {"pkcs7-signedData","pkcs7-signedData",NID_pkcs7_signed,9, - &(lvalues[124]),0}, + &(lvalues[125]),0}, {"pkcs7-envelopedData","pkcs7-envelopedData",NID_pkcs7_enveloped,9, - &(lvalues[133]),0}, + &(lvalues[134]),0}, {"pkcs7-signedAndEnvelopedData","pkcs7-signedAndEnvelopedData", - NID_pkcs7_signedAndEnveloped,9,&(lvalues[142]),0}, + NID_pkcs7_signedAndEnveloped,9,&(lvalues[143]),0}, {"pkcs7-digestData","pkcs7-digestData",NID_pkcs7_digest,9, - &(lvalues[151]),0}, + &(lvalues[152]),0}, {"pkcs7-encryptedData","pkcs7-encryptedData",NID_pkcs7_encrypted,9, - &(lvalues[160]),0}, -{"pkcs3","pkcs3",NID_pkcs3,8,&(lvalues[169]),0}, + &(lvalues[161]),0}, +{"pkcs3","pkcs3",NID_pkcs3,8,&(lvalues[170]),0}, {"dhKeyAgreement","dhKeyAgreement",NID_dhKeyAgreement,9, - &(lvalues[177]),0}, -{"DES-ECB","des-ecb",NID_des_ecb,5,&(lvalues[186]),0}, -{"DES-CFB","des-cfb",NID_des_cfb64,5,&(lvalues[191]),0}, -{"DES-CBC","des-cbc",NID_des_cbc,5,&(lvalues[196]),0}, -{"DES-EDE","des-ede",NID_des_ede,5,&(lvalues[201]),0}, + &(lvalues[178]),0}, +{"DES-ECB","des-ecb",NID_des_ecb,5,&(lvalues[187]),0}, +{"DES-CFB","des-cfb",NID_des_cfb64,5,&(lvalues[192]),0}, +{"DES-CBC","des-cbc",NID_des_cbc,5,&(lvalues[197]),0}, +{"DES-EDE","des-ede",NID_des_ede,5,&(lvalues[202]),0}, {"DES-EDE3","des-ede3",NID_des_ede3,0,NULL}, {"IDEA-CBC","idea-cbc",NID_idea_cbc,0,NULL}, {"IDEA-CFB","idea-cfb",NID_idea_cfb64,0,NULL}, {"IDEA-ECB","idea-ecb",NID_idea_ecb,0,NULL}, -{"RC2-CBC","rc2-cbc",NID_rc2_cbc,8,&(lvalues[206]),0}, +{"RC2-CBC","rc2-cbc",NID_rc2_cbc,8,&(lvalues[207]),0}, {"RC2-ECB","rc2-ecb",NID_rc2_ecb,0,NULL}, {"RC2-CFB","rc2-cfb",NID_rc2_cfb64,0,NULL}, {"RC2-OFB","rc2-ofb",NID_rc2_ofb64,0,NULL}, -{"SHA","sha",NID_sha,5,&(lvalues[214]),0}, +{"SHA","sha",NID_sha,5,&(lvalues[215]),0}, {"RSA-SHA","shaWithRSAEncryption",NID_shaWithRSAEncryption,5, - &(lvalues[219]),0}, + &(lvalues[220]),0}, {"DES-EDE-CBC","des-ede-cbc",NID_des_ede_cbc,0,NULL}, -{"DES-EDE3-CBC","des-ede3-cbc",NID_des_ede3_cbc,8,&(lvalues[224]),0}, -{"DES-OFB","des-ofb",NID_des_ofb64,5,&(lvalues[232]),0}, +{"DES-EDE3-CBC","des-ede3-cbc",NID_des_ede3_cbc,8,&(lvalues[225]),0}, +{"DES-OFB","des-ofb",NID_des_ofb64,5,&(lvalues[233]),0}, {"IDEA-OFB","idea-ofb",NID_idea_ofb64,0,NULL}, -{"pkcs9","pkcs9",NID_pkcs9,8,&(lvalues[237]),0}, -{"Email","emailAddress",NID_pkcs9_emailAddress,9,&(lvalues[245]),0}, +{"pkcs9","pkcs9",NID_pkcs9,8,&(lvalues[238]),0}, +{"Email","emailAddress",NID_pkcs9_emailAddress,9,&(lvalues[246]),0}, {"unstructuredName","unstructuredName",NID_pkcs9_unstructuredName,9, - &(lvalues[254]),0}, -{"contentType","contentType",NID_pkcs9_contentType,9,&(lvalues[263]),0}, + &(lvalues[255]),0}, +{"contentType","contentType",NID_pkcs9_contentType,9,&(lvalues[264]),0}, {"messageDigest","messageDigest",NID_pkcs9_messageDigest,9, - &(lvalues[272]),0}, -{"signingTime","signingTime",NID_pkcs9_signingTime,9,&(lvalues[281]),0}, + &(lvalues[273]),0}, +{"signingTime","signingTime",NID_pkcs9_signingTime,9,&(lvalues[282]),0}, {"countersignature","countersignature",NID_pkcs9_countersignature,9, - &(lvalues[290]),0}, + &(lvalues[291]),0}, {"challengePassword","challengePassword",NID_pkcs9_challengePassword, - 9,&(lvalues[299]),0}, + 9,&(lvalues[300]),0}, {"unstructuredAddress","unstructuredAddress", - NID_pkcs9_unstructuredAddress,9,&(lvalues[308]),0}, + NID_pkcs9_unstructuredAddress,9,&(lvalues[309]),0}, {"extendedCertificateAttributes","extendedCertificateAttributes", - NID_pkcs9_extCertAttributes,9,&(lvalues[317]),0}, + NID_pkcs9_extCertAttributes,9,&(lvalues[318]),0}, {"Netscape","Netscape Communications Corp.",NID_netscape,7, - &(lvalues[326]),0}, + &(lvalues[327]),0}, {"nsCertExt","Netscape Certificate Extension", - NID_netscape_cert_extension,8,&(lvalues[333]),0}, + NID_netscape_cert_extension,8,&(lvalues[334]),0}, {"nsDataType","Netscape Data Type",NID_netscape_data_type,8, - &(lvalues[341]),0}, + &(lvalues[342]),0}, {"DES-EDE-CFB","des-ede-cfb",NID_des_ede_cfb64,0,NULL}, {"DES-EDE3-CFB","des-ede3-cfb",NID_des_ede3_cfb64,0,NULL}, {"DES-EDE-OFB","des-ede-ofb",NID_des_ede_ofb64,0,NULL}, {"DES-EDE3-OFB","des-ede3-ofb",NID_des_ede3_ofb64,0,NULL}, -{"SHA1","sha1",NID_sha1,5,&(lvalues[349]),0}, +{"SHA1","sha1",NID_sha1,5,&(lvalues[350]),0}, {"RSA-SHA1","sha1WithRSAEncryption",NID_sha1WithRSAEncryption,9, - &(lvalues[354]),0}, -{"DSA-SHA","dsaWithSHA",NID_dsaWithSHA,5,&(lvalues[363]),0}, -{"DSA-old","dsaEncryption-old",NID_dsa_2,5,&(lvalues[368]),0}, + &(lvalues[355]),0}, +{"DSA-SHA","dsaWithSHA",NID_dsaWithSHA,5,&(lvalues[364]),0}, +{"DSA-old","dsaEncryption-old",NID_dsa_2,5,&(lvalues[369]),0}, {"pbeWithSHA1AndRC2-CBC","pbeWithSHA1AndRC2-CBC", - NID_pbeWithSHA1AndRC2_CBC,9,&(lvalues[373]),0}, + NID_pbeWithSHA1AndRC2_CBC,9,&(lvalues[374]),0}, {"pbeWithSHA1AndRC4","pbeWithSHA1AndRC4",NID_pbeWithSHA1AndRC4,9, - &(lvalues[382]),0}, -{"DSA-SHA1-old","dsaWithSHA1",NID_dsaWithSHA1_2,5,&(lvalues[391]),0}, + &(lvalues[383]),0}, +{"DSA-SHA1-old","dsaWithSHA1-old",NID_dsaWithSHA1_2,5,&(lvalues[392]),0}, {"nsCertType","Netscape Cert Type",NID_netscape_cert_type,9, - &(lvalues[396]),0}, + &(lvalues[397]),0}, {"nsBaseUrl","Netscape Base Url",NID_netscape_base_url,9, - &(lvalues[405]),0}, + &(lvalues[406]),0}, {"nsRevocationUrl","Netscape Revocation Url", - NID_netscape_revocation_url,9,&(lvalues[414]),0}, + NID_netscape_revocation_url,9,&(lvalues[415]),0}, {"nsCaRevocationUrl","Netscape CA Revocation Url", - NID_netscape_ca_revocation_url,9,&(lvalues[423]),0}, + NID_netscape_ca_revocation_url,9,&(lvalues[424]),0}, {"nsRenewalUrl","Netscape Renewal Url",NID_netscape_renewal_url,9, - &(lvalues[432]),0}, + &(lvalues[433]),0}, {"nsCaPolicyUrl","Netscape CA Policy Url",NID_netscape_ca_policy_url, - 9,&(lvalues[441]),0}, + 9,&(lvalues[442]),0}, {"nsSslServerName","Netscape SSL Server Name", - NID_netscape_ssl_server_name,9,&(lvalues[450]),0}, -{"nsComment","Netscape Comment",NID_netscape_comment,9,&(lvalues[459]),0}, + NID_netscape_ssl_server_name,9,&(lvalues[451]),0}, +{"nsComment","Netscape Comment",NID_netscape_comment,9,&(lvalues[460]),0}, {"nsCertSequence","Netscape Certificate Sequence", - NID_netscape_cert_sequence,9,&(lvalues[468]),0}, + NID_netscape_cert_sequence,9,&(lvalues[469]),0}, {"DESX-CBC","desx-cbc",NID_desx_cbc,0,NULL}, -{"ld-ce","ld-ce",NID_ld_ce,2,&(lvalues[477]),0}, +{"ld-ce","ld-ce",NID_ld_ce,2,&(lvalues[478]),0}, {"subjectKeyIdentifier","X509v3 Subject Key Identifier", - NID_subject_key_identifier,3,&(lvalues[479]),0}, -{"keyUsage","X509v3 Key Usage",NID_key_usage,3,&(lvalues[482]),0}, + NID_subject_key_identifier,3,&(lvalues[480]),0}, +{"keyUsage","X509v3 Key Usage",NID_key_usage,3,&(lvalues[483]),0}, {"privateKeyUsagePeriod","X509v3 Private Key Usage Period", - NID_private_key_usage_period,3,&(lvalues[485]),0}, + NID_private_key_usage_period,3,&(lvalues[486]),0}, {"subjectAltName","X509v3 Subject Alternative Name", - NID_subject_alt_name,3,&(lvalues[488]),0}, + NID_subject_alt_name,3,&(lvalues[489]),0}, {"issuerAltName","X509v3 Issuer Alternative Name",NID_issuer_alt_name, - 3,&(lvalues[491]),0}, + 3,&(lvalues[492]),0}, {"basicConstraints","X509v3 Basic Constraints",NID_basic_constraints, - 3,&(lvalues[494]),0}, -{"crlNumber","X509v3 CRL Number",NID_crl_number,3,&(lvalues[497]),0}, + 3,&(lvalues[495]),0}, +{"crlNumber","X509v3 CRL Number",NID_crl_number,3,&(lvalues[498]),0}, {"certificatePolicies","X509v3 Certificate Policies", - NID_certificate_policies,3,&(lvalues[500]),0}, + NID_certificate_policies,3,&(lvalues[501]),0}, {"authorityKeyIdentifier","X509v3 Authority Key Identifier", - NID_authority_key_identifier,3,&(lvalues[503]),0}, + NID_authority_key_identifier,3,&(lvalues[504]),0}, {"BF-CBC","bf-cbc",NID_bf_cbc,0,NULL}, {"BF-ECB","bf-ecb",NID_bf_ecb,0,NULL}, {"BF-CFB","bf-cfb",NID_bf_cfb64,0,NULL}, {"BF-OFB","bf-ofb",NID_bf_ofb64,0,NULL}, -{"MDC2","mdc2",NID_mdc2,4,&(lvalues[506]),0}, -{"RSA-MDC2","mdc2withRSA",NID_mdc2WithRSA,4,&(lvalues[510]),0}, +{"MDC2","mdc2",NID_mdc2,4,&(lvalues[507]),0}, +{"RSA-MDC2","mdc2withRSA",NID_mdc2WithRSA,4,&(lvalues[511]),0}, {"RC4-40","rc4-40",NID_rc4_40,0,NULL}, {"RC2-40-CBC","rc2-40-cbc",NID_rc2_40_cbc,0,NULL}, -{"G","givenName",NID_givenName,3,&(lvalues[514]),0}, -{"S","surname",NID_surname,3,&(lvalues[517]),0}, -{"I","initials",NID_initials,3,&(lvalues[520]),0}, -{"UID","uniqueIdentifier",NID_uniqueIdentifier,3,&(lvalues[523]),0}, +{"G","givenName",NID_givenName,3,&(lvalues[515]),0}, +{"S","surname",NID_surname,3,&(lvalues[518]),0}, +{"I","initials",NID_initials,3,&(lvalues[521]),0}, +{"UID","uniqueIdentifier",NID_uniqueIdentifier,3,&(lvalues[524]),0}, {"crlDistributionPoints","X509v3 CRL Distribution Points", - NID_crl_distribution_points,3,&(lvalues[526]),0}, -{"RSA-NP-MD5","md5WithRSA",NID_md5WithRSA,5,&(lvalues[529]),0}, -{"SN","serialNumber",NID_serialNumber,3,&(lvalues[534]),0}, -{"T","title",NID_title,3,&(lvalues[537]),0}, -{"D","description",NID_description,3,&(lvalues[540]),0}, -{"CAST5-CBC","cast5-cbc",NID_cast5_cbc,9,&(lvalues[543]),0}, + NID_crl_distribution_points,3,&(lvalues[527]),0}, +{"RSA-NP-MD5","md5WithRSA",NID_md5WithRSA,5,&(lvalues[530]),0}, +{"SN","serialNumber",NID_serialNumber,3,&(lvalues[535]),0}, +{"T","title",NID_title,3,&(lvalues[538]),0}, +{"D","description",NID_description,3,&(lvalues[541]),0}, +{"CAST5-CBC","cast5-cbc",NID_cast5_cbc,9,&(lvalues[544]),0}, {"CAST5-ECB","cast5-ecb",NID_cast5_ecb,0,NULL}, {"CAST5-CFB","cast5-cfb",NID_cast5_cfb64,0,NULL}, {"CAST5-OFB","cast5-ofb",NID_cast5_ofb64,0,NULL}, {"pbeWithMD5AndCast5CBC","pbeWithMD5AndCast5CBC", - NID_pbeWithMD5AndCast5_CBC,9,&(lvalues[552]),0}, -{"DSA-SHA1","dsaWithSHA1",NID_dsaWithSHA1,7,&(lvalues[561]),0}, + NID_pbeWithMD5AndCast5_CBC,9,&(lvalues[553]),0}, +{"DSA-SHA1","dsaWithSHA1",NID_dsaWithSHA1,7,&(lvalues[562]),0}, {"MD5-SHA1","md5-sha1",NID_md5_sha1,0,NULL}, -{"RSA-SHA1-2","sha1WithRSA",NID_sha1WithRSA,5,&(lvalues[568]),0}, -{"DSA","dsaEncryption",NID_dsa,7,&(lvalues[573]),0}, -{"RIPEMD160","ripemd160",NID_ripemd160,5,&(lvalues[580]),0}, +{"RSA-SHA1-2","sha1WithRSA",NID_sha1WithRSA,5,&(lvalues[569]),0}, +{"DSA","dsaEncryption",NID_dsa,7,&(lvalues[574]),0}, +{"RIPEMD160","ripemd160",NID_ripemd160,5,&(lvalues[581]),0}, {NULL,NULL,NID_undef,0,NULL}, {"RSA-RIPEMD160","ripemd160WithRSA",NID_ripemd160WithRSA,6, - &(lvalues[585]),0}, -{"RC5-CBC","rc5-cbc",NID_rc5_cbc,8,&(lvalues[591]),0}, + &(lvalues[586]),0}, +{"RC5-CBC","rc5-cbc",NID_rc5_cbc,8,&(lvalues[592]),0}, {"RC5-ECB","rc5-ecb",NID_rc5_ecb,0,NULL}, {"RC5-CFB","rc5-cfb",NID_rc5_cfb64,0,NULL}, {"RC5-OFB","rc5-ofb",NID_rc5_ofb64,0,NULL}, +{"RLE","run length compression",NID_rle_compression,5,&(lvalues[600]),0}, +{"ZLIB","zlib compression",NID_zlib_compression,5,&(lvalues[605]),0}, }; static ASN1_OBJECT *sn_objs[NUM_SN]={ @@ -390,6 +395,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[121]),/* "RC5-ECB" */ &(nid_objs[123]),/* "RC5-OFB" */ &(nid_objs[117]),/* "RIPEMD160" */ +&(nid_objs[124]),/* "RLE" */ &(nid_objs[19]),/* "RSA" */ &(nid_objs[ 7]),/* "RSA-MD2" */ &(nid_objs[ 8]),/* "RSA-MD5" */ @@ -407,6 +413,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[106]),/* "T" */ &(nid_objs[102]),/* "UID" */ &(nid_objs[ 0]),/* "UNDEF" */ +&(nid_objs[125]),/* "ZLIB" */ &(nid_objs[90]),/* "authorityKeyIdentifier" */ &(nid_objs[87]),/* "basicConstraints" */ &(nid_objs[89]),/* "certificatePolicies" */ @@ -487,8 +494,8 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[116]),/* "dsaEncryption" */ &(nid_objs[67]),/* "dsaEncryption-old" */ &(nid_objs[66]),/* "dsaWithSHA" */ -&(nid_objs[70]),/* "dsaWithSHA1" */ &(nid_objs[113]),/* "dsaWithSHA1" */ +&(nid_objs[70]),/* "dsaWithSHA1-old" */ &(nid_objs[48]),/* "emailAddress" */ &(nid_objs[56]),/* "extendedCertificateAttributes" */ &(nid_objs[99]),/* "givenName" */ @@ -540,6 +547,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[19]),/* "rsa" */ &(nid_objs[ 6]),/* "rsaEncryption" */ &(nid_objs[ 1]),/* "rsadsi" */ +&(nid_objs[124]),/* "run length compression" */ &(nid_objs[105]),/* "serialNumber" */ &(nid_objs[41]),/* "sha" */ &(nid_objs[64]),/* "sha1" */ @@ -554,9 +562,11 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[102]),/* "uniqueIdentifier" */ &(nid_objs[55]),/* "unstructuredAddress" */ &(nid_objs[49]),/* "unstructuredName" */ +&(nid_objs[125]),/* "zlib compression" */ }; static ASN1_OBJECT *obj_objs[NUM_OBJ]={ +&(nid_objs[ 0]),/* OBJ_undef 0 */ &(nid_objs[11]),/* OBJ_X500 2 5 */ &(nid_objs[12]),/* OBJ_X509 2 5 4 */ &(nid_objs[81]),/* OBJ_ld_ce 2 5 29 */ @@ -586,6 +596,8 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[19]),/* OBJ_rsa 2 5 8 1 1 */ &(nid_objs[96]),/* OBJ_mdc2WithRSA 2 5 8 3 100 */ &(nid_objs[95]),/* OBJ_mdc2 2 5 8 3 101 */ +&(nid_objs[124]),/* OBJ_rle_compression 1 1 1 1 666.1 */ +&(nid_objs[125]),/* OBJ_zlib_compression 1 1 1 1 666.2 */ &(nid_objs[104]),/* OBJ_md5WithRSA 1 3 14 3 2 3 */ &(nid_objs[29]),/* OBJ_des_ecb 1 3 14 3 2 6 */ &(nid_objs[31]),/* OBJ_des_cbc 1 3 14 3 2 7 */ diff --git a/crypto/objects/obj_err.c b/crypto/objects/obj_err.c index 45206c616..562530602 100644 --- a/crypto/objects/obj_err.c +++ b/crypto/objects/obj_err.c @@ -84,8 +84,8 @@ void ERR_load_OBJ_strings() { static int init=1; - if (init); - {; + if (init) + { init=0; #ifndef NO_ERR ERR_load_strings(ERR_LIB_OBJ,OBJ_str_functs); diff --git a/crypto/objects/obj_lib.c b/crypto/objects/obj_lib.c index 0a9c75619..16ff85209 100644 --- a/crypto/objects/obj_lib.c +++ b/crypto/objects/obj_lib.c @@ -101,7 +101,7 @@ ASN1_OBJECT *o; memcpy(r->sn,o->sn,i); } r->flags=o->flags|(ASN1_OBJECT_FLAG_DYNAMIC| - ASN1_OBJECT_FLAG_DYNAMIC_STRINGS); + ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|ASN1_OBJECT_FLAG_DYNAMIC_DATA); return(r); err: OBJerr(OBJ_F_OBJ_DUP,ERR_R_MALLOC_FAILURE); diff --git a/crypto/objects/objects.h b/crypto/objects/objects.h index e1d555b47..8e1a9d3fa 100644 --- a/crypto/objects/objects.h +++ b/crypto/objects/objects.h @@ -66,6 +66,7 @@ extern "C" { #define SN_undef "UNDEF" #define LN_undef "undefined" #define NID_undef 0 +#define OBJ_undef 0L #define SN_Algorithm "Algorithm" #define LN_algorithm "algorithm" @@ -389,7 +390,7 @@ extern "C" { #define OBJ_pbeWithSHA1AndRC4 OBJ_pkcs,5L,12L #define SN_dsaWithSHA1_2 "DSA-SHA1-old" -#define LN_dsaWithSHA1_2 "dsaWithSHA1" +#define LN_dsaWithSHA1_2 "dsaWithSHA1-old" #define NID_dsaWithSHA1_2 70 /* Got this one from 'sdn706r20.pdf' which is actually an NSA document :-) */ #define OBJ_dsaWithSHA1_2 OBJ_algorithm,27L @@ -654,13 +655,49 @@ extern "C" { #define LN_rc5_ofb64 "rc5-ofb" #define NID_rc5_ofb64 123 +#define SN_rle_compression "RLE" +#define LN_rle_compression "run length compression" +#define NID_rle_compression 124 +#define OBJ_rle_compression 1L,1L,1L,1L,666L.1L + +#define SN_zlib_compression "ZLIB" +#define LN_zlib_compression "zlib compression" +#define NID_zlib_compression 125 +#define OBJ_zlib_compression 1L,1L,1L,1L,666L.2L + #include "bio.h" #include "asn1.h" +#define OBJ_NAME_TYPE_UNDEF 0x00 +#define OBJ_NAME_TYPE_MD_METH 0x01 +#define OBJ_NAME_TYPE_CIPHER_METH 0x02 +#define OBJ_NAME_TYPE_PKEY_METH 0x03 +#define OBJ_NAME_TYPE_COMP_METH 0x04 +#define OBJ_NAME_TYPE_NUM 0x05 + +#define OBJ_NAME_ALIAS 0x8000 + + +typedef struct obj_name_st + { + int type; + int alias; + char *name; + char *data; + } OBJ_NAME; + #define OBJ_create_and_add_object(a,b,c) OBJ_create(a,b,c) #ifndef NOPROTO +int OBJ_NAME_init(void); +int OBJ_NAME_new_index(unsigned long (*hash_func)(),int (*cmp_func)(), + void (*free_func)()); +char *OBJ_NAME_get(char *name,int type); +int OBJ_NAME_add(char *name,int type,char *data); +int OBJ_NAME_remove(char *name,int type); +void OBJ_NAME_cleanup(int type); /* -1 for everything */ + ASN1_OBJECT * OBJ_dup(ASN1_OBJECT *o); ASN1_OBJECT * OBJ_nid2obj(int n); char * OBJ_nid2ln(int n); @@ -682,6 +719,13 @@ int OBJ_create_objects(BIO *in); #else +int OBJ_NAME_init(); +int OBJ_NAME_new_index(); +char *OBJ_NAME_get(); +int OBJ_NAME_add(); +int OBJ_NAME_remove(); +void OBJ_NAME_cleanup(); + ASN1_OBJECT * OBJ_dup(); ASN1_OBJECT * OBJ_nid2obj(); char * OBJ_nid2ln(); diff --git a/crypto/pem/pem_err.c b/crypto/pem/pem_err.c index e17fcdb54..1bd5c16c8 100644 --- a/crypto/pem/pem_err.c +++ b/crypto/pem/pem_err.c @@ -110,8 +110,8 @@ void ERR_load_PEM_strings() { static int init=1; - if (init); - {; + if (init) + { init=0; #ifndef NO_ERR ERR_load_strings(ERR_LIB_PEM,PEM_str_functs); diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c index 7a2c0ad83..790847144 100644 --- a/crypto/pem/pem_lib.c +++ b/crypto/pem/pem_lib.c @@ -68,7 +68,7 @@ #include "des.h" #endif -char *PEM_version="PEM part of SSLeay 0.9.0b 29-Jun-1998"; +char *PEM_version="PEM part of SSLeay 0.9.1a 06-Jul-1998"; #define MIN_LENGTH 4 diff --git a/crypto/pkcs7/enc.c b/crypto/pkcs7/enc.c index 625a7c228..8c3f937cf 100644 --- a/crypto/pkcs7/enc.c +++ b/crypto/pkcs7/enc.c @@ -73,10 +73,10 @@ char *argv[]; BIO *data,*p7bio; char buf[1024*4]; int i,j; - int nodetach=0; + int nodetach=1; EVP_add_digest(EVP_sha1()); - EVP_add_cipher(EVP_des_cbc()); + EVP_add_cipher(EVP_des_ede3_cbc()); data=BIO_new(BIO_s_file()); again: @@ -105,7 +105,7 @@ again: if (PKCS7_add_signature(p7,x509,pkey,EVP_sha1()) == NULL) goto err; - if (!PKCS7_set_cipher(p7,EVP_des_cbc())) goto err; + if (!PKCS7_set_cipher(p7,EVP_des_ede3_cbc())) goto err; if (PKCS7_add_recipient(p7,x509) == NULL) goto err; /* we may want to add more */ @@ -129,7 +129,7 @@ again: } BIO_flush(p7bio); - if (!PKCS7_dataSign(p7,p7bio)) goto err; + if (!PKCS7_dataFinal(p7,p7bio)) goto err; BIO_free(p7bio); PEM_write_PKCS7(stdout,p7); diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c index b5689b3fe..d761c3ee0 100644 --- a/crypto/pkcs7/pk7_doit.c +++ b/crypto/pkcs7/pk7_doit.c @@ -62,12 +62,16 @@ #include "objects.h" #include "x509.h" +static int add_attribute(STACK **sk, int nid, int atrtype, char *value); +static ASN1_TYPE *get_attribute(STACK *sk, int nid); + +#if 1 BIO *PKCS7_dataInit(p7,bio) PKCS7 *p7; BIO *bio; { int i,j; - BIO *out=NULL,*btmp; + BIO *out=NULL,*btmp=NULL; X509_ALGOR *xa; EVP_MD *evp_md; EVP_CIPHER *evp_cipher=NULL; @@ -95,6 +99,16 @@ BIO *bio; } xalg=p7->d.signed_and_enveloped->enc_data->algorithm; break; + case NID_pkcs7_enveloped: + rsk=p7->d.enveloped->recipientinfo; + evp_cipher=EVP_get_cipherbyname(OBJ_nid2sn(OBJ_obj2nid(p7->d.enveloped->enc_data->algorithm->algorithm))); + if (evp_cipher == NULL) + { + PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNSUPPORTED_CIPHER_TYPE); + goto err; + } + xalg=p7->d.enveloped->enc_data->algorithm; + break; default: PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE); goto err; @@ -105,7 +119,11 @@ BIO *bio; for (i=0; i<sk_num(md_sk); i++) { xa=(X509_ALGOR *)sk_value(md_sk,i); - if ((btmp=BIO_new(BIO_f_md())) == NULL) goto err; + if ((btmp=BIO_new(BIO_f_md())) == NULL) + { + PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_BIO_LIB); + goto err; + } j=OBJ_obj2nid(xa->algorithm); evp_md=EVP_get_digestbyname(OBJ_nid2sn(j)); @@ -120,6 +138,7 @@ BIO *bio; out=btmp; else BIO_push(out,btmp); + btmp=NULL; } } @@ -131,7 +150,11 @@ BIO *bio; int jj,max; unsigned char *tmp; - if ((btmp=BIO_new(BIO_f_cipher())) == NULL) goto err; + if ((btmp=BIO_new(BIO_f_cipher())) == NULL) + { + PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_BIO_LIB); + goto err; + } keylen=EVP_CIPHER_key_length(evp_cipher); ivlen=EVP_CIPHER_iv_length(evp_cipher); @@ -142,9 +165,12 @@ BIO *bio; RAND_bytes(iv,ivlen); os=ASN1_OCTET_STRING_new(); ASN1_OCTET_STRING_set(os,iv,ivlen); - /* ASN1_TYPE_set(xalg->parameter,V_ASN1_OCTET_STRING, +/* XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX this needs to change */ + if (xalg->parameter == NULL) + xalg->parameter=ASN1_TYPE_new(); + ASN1_TYPE_set(xalg->parameter,V_ASN1_OCTET_STRING, (char *)os); - */ } + } RAND_bytes(key,keylen); /* Lets do the pub key stuff :-) */ @@ -152,20 +178,34 @@ BIO *bio; for (i=0; i<sk_num(rsk); i++) { ri=(PKCS7_RECIP_INFO *)sk_value(rsk,i); - if (ri->cert == NULL) abort(); + if (ri->cert == NULL) + { + PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_MISSING_CERIPEND_INFO); + goto err; + } pkey=X509_get_pubkey(ri->cert); jj=EVP_PKEY_size(pkey); if (max < jj) max=jj; } - if ((tmp=(unsigned char *)Malloc(max)) == NULL) abort(); + if ((tmp=(unsigned char *)Malloc(max)) == NULL) + { + PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_MALLOC_FAILURE); + goto err; + } for (i=0; i<sk_num(rsk); i++) { ri=(PKCS7_RECIP_INFO *)sk_value(rsk,i); pkey=X509_get_pubkey(ri->cert); jj=EVP_PKEY_encrypt(tmp,key,keylen,pkey); - if (jj <= 0) abort(); + if (jj <= 0) + { + PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_EVP_LIB); + Free(tmp); + goto err; + } ASN1_OCTET_STRING_set(ri->enc_key,tmp,jj); } + Free(tmp); BIO_set_cipher(btmp,evp_cipher,key,iv,1); @@ -173,6 +213,7 @@ BIO *bio; out=btmp; else BIO_push(out,btmp); + btmp=NULL; } if (bio == NULL) /* ??????????? */ @@ -182,6 +223,11 @@ BIO *bio; else { bio=BIO_new(BIO_s_mem()); + /* We need to set this so that when we have read all + * the data, the encrypt BIO, if present, will read + * EOF and encode the last few bytes */ + BIO_set_mem_eof_return(bio,0); + if (PKCS7_type_is_signed(p7) && PKCS7_type_is_data(p7->d.sign->contents)) { @@ -195,12 +241,234 @@ BIO *bio; } } BIO_push(out,bio); + bio=NULL; + if (0) + { +err: + if (out != NULL) + BIO_free_all(out); + if (btmp != NULL) + BIO_free_all(btmp); + out=NULL; + } return(out); + } + +/* int */ +BIO *PKCS7_dataDecode(p7,pkey,in_bio,xs) +PKCS7 *p7; +EVP_PKEY *pkey; +BIO *in_bio; +X509_STORE *xs; + { + int i,j; + BIO *out=NULL,*btmp=NULL,*etmp=NULL,*bio=NULL; + char *tmp=NULL; + X509_ALGOR *xa; + ASN1_OCTET_STRING *data_body=NULL; + EVP_MD *evp_md; + EVP_CIPHER *evp_cipher=NULL; + EVP_CIPHER_CTX *evp_ctx=NULL; + X509_ALGOR *enc_alg=NULL; + STACK *md_sk=NULL,*rsk=NULL; + X509_ALGOR *xalg=NULL; + PKCS7_RECIP_INFO *ri=NULL; +/* EVP_PKEY *pkey; */ +#if 0 + X509_STORE_CTX s_ctx; +#endif + + i=OBJ_obj2nid(p7->type); + p7->state=PKCS7_S_HEADER; + + switch (i) + { + case NID_pkcs7_signed: + data_body=p7->d.sign->contents->d.data; + md_sk=p7->d.sign->md_algs; + break; + case NID_pkcs7_signedAndEnveloped: + rsk=p7->d.signed_and_enveloped->recipientinfo; + md_sk=p7->d.signed_and_enveloped->md_algs; + data_body=p7->d.signed_and_enveloped->enc_data->enc_data; + enc_alg=p7->d.signed_and_enveloped->enc_data->algorithm; + evp_cipher=EVP_get_cipherbyname(OBJ_nid2sn(OBJ_obj2nid(enc_alg->algorithm))); + if (evp_cipher == NULL) + { + PKCS7err(PKCS7_F_PKCS7_SIGNENVELOPEDECRYPT,PKCS7_R_UNSUPPORTED_CIPHER_TYPE); + goto err; + } + xalg=p7->d.signed_and_enveloped->enc_data->algorithm; + break; + case NID_pkcs7_enveloped: + rsk=p7->d.enveloped->recipientinfo; + enc_alg=p7->d.enveloped->enc_data->algorithm; + data_body=p7->d.enveloped->enc_data->enc_data; + evp_cipher=EVP_get_cipherbyname(OBJ_nid2sn(OBJ_obj2nid(enc_alg->algorithm))); + if (evp_cipher == NULL) + { + PKCS7err(PKCS7_F_PKCS7_SIGNENVELOPEDECRYPT,PKCS7_R_UNSUPPORTED_CIPHER_TYPE); + goto err; + } + xalg=p7->d.enveloped->enc_data->algorithm; + break; + default: + PKCS7err(PKCS7_F_PKCS7_SIGNENVELOPEDECRYPT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE); + goto err; + } + + /* We will be checking the signature */ + if (md_sk != NULL) + { + for (i=0; i<sk_num(md_sk); i++) + { + xa=(X509_ALGOR *)sk_value(md_sk,i); + if ((btmp=BIO_new(BIO_f_md())) == NULL) + { + PKCS7err(PKCS7_F_PKCS7_SIGNENVELOPEDECRYPT,ERR_R_BIO_LIB); + goto err; + } + + j=OBJ_obj2nid(xa->algorithm); + evp_md=EVP_get_digestbyname(OBJ_nid2sn(j)); + if (evp_md == NULL) + { + PKCS7err(PKCS7_F_PKCS7_SIGNENVELOPEDECRYPT,PKCS7_R_UNKNOWN_DIGEST_TYPE); + goto err; + } + + BIO_set_md(btmp,evp_md); + if (out == NULL) + out=btmp; + else + BIO_push(out,btmp); + btmp=NULL; + } + } + + if (evp_cipher != NULL) + { +#if 0 + unsigned char key[EVP_MAX_KEY_LENGTH]; + unsigned char iv[EVP_MAX_IV_LENGTH]; + unsigned char *p; + int keylen,ivlen; + int max; + X509_OBJECT ret; +#endif + int jj; + + if ((etmp=BIO_new(BIO_f_cipher())) == NULL) + { + PKCS7err(PKCS7_F_PKCS7_SIGNENVELOPEDECRYPT,ERR_R_BIO_LIB); + goto err; + } + + /* It was encrypted, we need to decrypt the secret key + * with the private key */ + + /* We need to find a private key for one of the people in the + * recipentinfo list */ + if (rsk == NULL) + return(NULL); + + ri=(PKCS7_RECIP_INFO *)sk_value(rsk,0); +#if 0 + X509_STORE_CTX_init(&s_ctx,xs,NULL,NULL); + for (i=0; i<sk_num(rsk); i++) + { + ri=(PKCS7_RECIP_INFO *)sk_value(rsk,i); + uf (X509_STORE_get_by_issuer_serial(&s_ctx, + X509_LU_PKEY, + ri->issuer_and_serial->issuer, + ri->issuer_and_serial->serial, + &ret)) + break; + ri=NULL; + } + if (ri == NULL) return(NULL); + pkey=ret.data.pkey; +#endif + if (pkey == NULL) + { + return(NULL); + } + + jj=EVP_PKEY_size(pkey); + tmp=Malloc(jj+10); + if (tmp == NULL) + { + PKCS7err(PKCS7_F_PKCS7_SIGNENVELOPEDECRYPT,ERR_R_MALLOC_FAILURE); + goto err; + } + + jj=EVP_PKEY_decrypt((unsigned char *)tmp, + ASN1_STRING_data(ri->enc_key), + ASN1_STRING_length(ri->enc_key), + pkey); + if (jj <= 0) + { + PKCS7err(PKCS7_F_PKCS7_SIGNENVELOPEDECRYPT,ERR_R_EVP_LIB); + goto err; + } + + evp_ctx=NULL; + BIO_get_cipher_ctx(etmp,&evp_ctx); + EVP_CipherInit(evp_ctx,evp_cipher,NULL,NULL,0); + if (EVP_CIPHER_asn1_to_param(evp_ctx,enc_alg->parameter) < 0) + return(NULL); + + if (jj != EVP_CIPHER_CTX_key_length(evp_ctx)) + { + PKCS7err(PKCS7_F_PKCS7_SIGNENVELOPEDECRYPT,PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH); + goto err; + } + EVP_CipherInit(evp_ctx,NULL,(unsigned char *)tmp,NULL,0); + + memset(tmp,0,jj); + + if (out == NULL) + out=etmp; + else + BIO_push(out,etmp); + etmp=NULL; + } + +#if 1 + if (p7->detached || (in_bio != NULL)) + { + bio=in_bio; + } + else + { + bio=BIO_new(BIO_s_mem()); + /* We need to set this so that when we have read all + * the data, the encrypt BIO, if present, will read + * EOF and encode the last few bytes */ + BIO_set_mem_eof_return(bio,0); + + if (data_body->length > 0) + BIO_write(bio,(char *)data_body->data,data_body->length); + } + BIO_push(out,bio); + bio=NULL; +#endif + if (0) + { err: - return(NULL); + if (out != NULL) BIO_free_all(out); + if (btmp != NULL) BIO_free_all(btmp); + if (etmp != NULL) BIO_free_all(etmp); + if (bio != NULL) BIO_free_all(bio); + out=NULL; + } + if (tmp != NULL) + Free(tmp); + return(out); } +#endif -int PKCS7_dataSign(p7,bio) +int PKCS7_dataFinal(p7,bio) PKCS7 *p7; BIO *bio; { @@ -227,6 +495,11 @@ BIO *bio; os=ASN1_OCTET_STRING_new(); p7->d.signed_and_enveloped->enc_data->enc_data=os; break; + case NID_pkcs7_enveloped: + /* XXXXXXXXXXXXXXXX */ + os=ASN1_OCTET_STRING_new(); + p7->d.enveloped->enc_data->enc_data=os; + break; case NID_pkcs7_signed: si_sk=p7->d.sign->signer_info; os=p7->d.sign->contents->d.data; @@ -235,14 +508,18 @@ BIO *bio; if (si_sk != NULL) { - if ((buf=BUF_MEM_new()) == NULL) goto err; + if ((buf=BUF_MEM_new()) == NULL) + { + PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_BIO_LIB); + goto err; + } for (i=0; i<sk_num(si_sk); i++) { si=(PKCS7_SIGNER_INFO *) sk_value(si_sk,i); - if (si->pkey == NULL) - continue; - j=OBJ_obj2nid(si->digest_enc_alg->algorithm); + if (si->pkey == NULL) continue; + + j=OBJ_obj2nid(si->digest_alg->algorithm); btmp=bio; for (;;) @@ -259,7 +536,7 @@ BIO *bio; PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_INTERNAL_ERROR); goto err; } - if (EVP_MD_pkey_type(EVP_MD_CTX_type(mdc)) == j) + if (EVP_MD_type(EVP_MD_CTX_type(mdc)) == j) break; else btmp=btmp->next_bio; @@ -269,46 +546,85 @@ BIO *bio; * signing. */ memcpy(&ctx_tmp,mdc,sizeof(ctx_tmp)); if (!BUF_MEM_grow(buf,EVP_PKEY_size(si->pkey))) + { + PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_BIO_LIB); goto err; + } sk=si->auth_attr; + + /* If there are attributes, we add the digest + * attribute and only sign the attributes */ if ((sk != NULL) && (sk_num(sk) != 0)) { + unsigned char md_data[EVP_MAX_MD_SIZE]; + unsigned int md_len; + ASN1_OCTET_STRING *digest; + ASN1_UTCTIME *sign_time; + EVP_MD *md_tmp; + + /* Add signing time */ + sign_time=X509_gmtime_adj(NULL,0); + PKCS7_add_signed_attribute(si, + NID_pkcs9_signingTime, + V_ASN1_UTCTIME,(char *)sign_time); + + /* Add digest */ + md_tmp=EVP_MD_CTX_type(&ctx_tmp); + EVP_DigestFinal(&ctx_tmp,md_data,&md_len); + digest=ASN1_OCTET_STRING_new(); + ASN1_OCTET_STRING_set(digest,md_data,md_len); + PKCS7_add_signed_attribute(si,NID_pkcs9_messageDigest, + V_ASN1_OCTET_STRING,(char *)digest); + + /* Now sign the mess */ + EVP_SignInit(&ctx_tmp,md_tmp); x=i2d_ASN1_SET(sk,NULL,i2d_X509_ATTRIBUTE, V_ASN1_SET,V_ASN1_UNIVERSAL); - pp=(unsigned char *)Malloc(i); + pp=(unsigned char *)Malloc(x); p=pp; i2d_ASN1_SET(sk,&p,i2d_X509_ATTRIBUTE, V_ASN1_SET,V_ASN1_UNIVERSAL); EVP_SignUpdate(&ctx_tmp,pp,x); Free(pp); + pp=NULL; } + if (si->pkey->type == EVP_PKEY_DSA) + ctx_tmp.digest=EVP_dss1(); + if (!EVP_SignFinal(&ctx_tmp,(unsigned char *)buf->data, (unsigned int *)&buf->length,si->pkey)) + { + PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_EVP_LIB); goto err; + } if (!ASN1_STRING_set(si->enc_digest, (unsigned char *)buf->data,buf->length)) - goto err; - } - if (p7->detached) - ASN1_OCTET_STRING_set(os,(unsigned char *)"",0); - else - { - btmp=BIO_find_type(bio,BIO_TYPE_MEM); - if (btmp == NULL) { - PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_UNABLE_TO_FIND_MEM_BIO); + PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_ASN1_LIB); goto err; } - BIO_get_mem_ptr(btmp,&buf_mem); - ASN1_OCTET_STRING_set(os, - (unsigned char *)buf_mem->data,buf_mem->length); } - if (pp != NULL) Free(pp); - pp=NULL; } + if (p7->detached) + ASN1_OCTET_STRING_set(os,(unsigned char *)"",0); + else + { + btmp=BIO_find_type(bio,BIO_TYPE_MEM); + if (btmp == NULL) + { + PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_UNABLE_TO_FIND_MEM_BIO); + goto err; + } + BIO_get_mem_ptr(btmp,&buf_mem); + ASN1_OCTET_STRING_set(os, + (unsigned char *)buf_mem->data,buf_mem->length); + } + if (pp != NULL) Free(pp); + pp=NULL; + ret=1; err: if (buf != NULL) BUF_MEM_free(buf); @@ -322,22 +638,34 @@ BIO *bio; PKCS7 *p7; PKCS7_SIGNER_INFO *si; { - PKCS7_SIGNED *s; +/* PKCS7_SIGNED *s; */ ASN1_OCTET_STRING *os; EVP_MD_CTX mdc_tmp,*mdc; unsigned char *pp,*p; PKCS7_ISSUER_AND_SERIAL *ias; - int ret=0,md_type,i; - STACK *sk; + int ret=0,i; + int md_type; + STACK *sk,*cert; BIO *btmp; X509 *x509; - if (!PKCS7_type_is_signed(p7)) abort(); + if (PKCS7_type_is_signed(p7)) + { + cert=p7->d.sign->cert; + } + else if (PKCS7_type_is_signedAndEnveloped(p7)) + { + cert=p7->d.signed_and_enveloped->cert; + } + else + { + PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_WRONG_PKCS7_TYPE); + goto err; + } /* XXXXXXXXXXXXXXXXXXXXXXX */ ias=si->issuer_and_serial; - s=p7->d.sign; - x509=X509_find_by_issuer_and_serial(s->cert,ias->issuer,ias->serial); + x509=X509_find_by_issuer_and_serial(cert,ias->issuer,ias->serial); /* were we able to find the cert in passed to us */ if (x509 == NULL) @@ -347,9 +675,13 @@ PKCS7_SIGNER_INFO *si; } /* Lets verify */ - X509_STORE_CTX_init(ctx,cert_store,x509,s->cert); + X509_STORE_CTX_init(ctx,cert_store,x509,cert); i=X509_verify_cert(ctx); - if (i <= 0) goto err; + if (i <= 0) + { + PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,ERR_R_X509_LIB); + goto err; + } X509_STORE_CTX_cleanup(ctx); /* So we like 'x509', lets check the signature. */ @@ -375,23 +707,55 @@ PKCS7_SIGNER_INFO *si; btmp=btmp->next_bio; } - /* mdc is the digest ctx that we want */ + /* mdc is the digest ctx that we want, unless there are attributes, + * in which case the digest is the signed attributes */ memcpy(&mdc_tmp,mdc,sizeof(mdc_tmp)); sk=si->auth_attr; if ((sk != NULL) && (sk_num(sk) != 0)) { + unsigned char md_dat[EVP_MAX_MD_SIZE]; + int md_len; + ASN1_OCTET_STRING *message_digest; + + EVP_DigestFinal(&mdc_tmp,md_dat,&md_len); + message_digest=PKCS7_digest_from_attributes(sk); + if (!message_digest) + { + PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST); + goto err; + } + if ((message_digest->length != md_len) || + (memcmp(message_digest->data,md_dat,md_len))) + { +#if 0 +{ +int ii; +for (ii=0; ii<message_digest->length; ii++) + printf("%02X",message_digest->data[ii]); printf(" sent\n"); +for (ii=0; ii<md_len; ii++) printf("%02X",md_dat[ii]); printf(" calc\n"); +} +#endif + PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_DIGEST_FAILURE); + ret= -1; + goto err; + } + + EVP_VerifyInit(&mdc_tmp,EVP_get_digestbynid(md_type)); i=i2d_ASN1_SET(sk,NULL,i2d_X509_ATTRIBUTE, V_ASN1_SET,V_ASN1_UNIVERSAL); - pp=(unsigned char *)malloc(i); + pp=(unsigned char *)Malloc(i); p=pp; i2d_ASN1_SET(sk,&p,i2d_X509_ATTRIBUTE, V_ASN1_SET,V_ASN1_UNIVERSAL); EVP_VerifyUpdate(&mdc_tmp,pp,i); - free(pp); + Free(pp); } os=si->enc_digest; + if (X509_get_pubkey(x509)->type == EVP_PKEY_DSA) + mdc_tmp.digest=EVP_dss1(); + i=EVP_VerifyFinal(&mdc_tmp,os->data,os->length, X509_get_pubkey(x509)); if (i <= 0) @@ -406,3 +770,172 @@ err: return(ret); } +PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(p7,idx) +PKCS7 *p7; +int idx; + { + STACK *rsk; + PKCS7_RECIP_INFO *ri; + int i; + + i=OBJ_obj2nid(p7->type); + if (i != NID_pkcs7_signedAndEnveloped) return(NULL); + rsk=p7->d.signed_and_enveloped->recipientinfo; + ri=(PKCS7_RECIP_INFO *)sk_value(rsk,0); + if (sk_num(rsk) <= idx) return(NULL); + ri=(PKCS7_RECIP_INFO *)sk_value(rsk,idx); + return(ri->issuer_and_serial); + } + +ASN1_TYPE *PKCS7_get_signed_attribute(si,nid) +PKCS7_SIGNER_INFO *si; +int nid; + { + return(get_attribute(si->auth_attr,nid)); + } + +ASN1_TYPE *PKCS7_get_attribute(si,nid) +PKCS7_SIGNER_INFO *si; +int nid; + { + return(get_attribute(si->unauth_attr,nid)); + } + +static ASN1_TYPE *get_attribute(sk,nid) +STACK *sk; +int nid; + { + int i; + X509_ATTRIBUTE *xa; + ASN1_OBJECT *o; + + o=OBJ_nid2obj(nid); + if (o == NULL) return(NULL); + for (i=0; i<sk_num(sk); i++) + { + xa=(X509_ATTRIBUTE *)sk_value(sk,i); + if (OBJ_cmp(xa->object,o) == 0) + { + if (xa->set && sk_num(xa->value.set)) + return((ASN1_TYPE *)sk_value(xa->value.set,0)); + else + return(NULL); + } + } + return(NULL); + } + +ASN1_OCTET_STRING *PKCS7_digest_from_attributes(sk) +STACK *sk; + { + X509_ATTRIBUTE *attr; + ASN1_TYPE *astype; + int i; + if (!sk || !sk_num(sk)) return NULL; + /* Search the attributes for a digest */ + for (i = 0; i < sk_num(sk); i++) + { + attr = (X509_ATTRIBUTE *) sk_value(sk, i); + if (OBJ_obj2nid(attr->object) == NID_pkcs9_messageDigest) + { + if (!attr->set) return NULL; + if (!attr->value.set || + !sk_num (attr->value.set) ) return NULL; + astype = (ASN1_TYPE *) sk_value(attr->value.set, 0); + return astype->value.octet_string; + } + } + return NULL; + } + +int PKCS7_set_signed_attributes(p7si,sk) +PKCS7_SIGNER_INFO *p7si; +STACK *sk; + { + int i; + + if (p7si->auth_attr != NULL) + sk_pop_free(p7si->auth_attr,X509_ATTRIBUTE_free); + p7si->auth_attr=sk_dup(sk); + for (i=0; i<sk_num(sk); i++) + { + if ((sk_value(p7si->auth_attr,i)=(char *)X509_ATTRIBUTE_dup( + (X509_ATTRIBUTE *)sk_value(sk,i))) == NULL) + return(0); + } + return(1); + } + +int PKCS7_set_attributes(p7si,sk) +PKCS7_SIGNER_INFO *p7si; +STACK *sk; + { + int i; + + if (p7si->unauth_attr != NULL) + sk_pop_free(p7si->unauth_attr,X509_ATTRIBUTE_free); + p7si->unauth_attr=sk_dup(sk); + for (i=0; i<sk_num(sk); i++) + { + if ((sk_value(p7si->unauth_attr,i)=(char *)X509_ATTRIBUTE_dup( + (X509_ATTRIBUTE *)sk_value(sk,i))) == NULL) + return(0); + } + return(1); + } + +int PKCS7_add_signed_attribute(p7si,nid,atrtype,value) +PKCS7_SIGNER_INFO *p7si; +int nid; +int atrtype; +char *value; + { + return(add_attribute(&(p7si->auth_attr),nid,atrtype,value)); + } + +int PKCS7_add_attribute(p7si,nid,atrtype,value) +PKCS7_SIGNER_INFO *p7si; +int nid; +int atrtype; +char *value; + { + return(add_attribute(&(p7si->unauth_attr),nid,atrtype,value)); + } + +static int add_attribute(sk, nid, atrtype, value) +STACK **sk; +int nid; +int atrtype; +char *value; + { + X509_ATTRIBUTE *attr=NULL; + ASN1_TYPE *val=NULL; + + if (*sk == NULL) + { + *sk = sk_new(NULL); +new_attrib: + attr=X509_ATTRIBUTE_create(nid,atrtype,value); + sk_push(*sk,(char *)attr); + } + else + { + int i; + + for (i=0; i<sk_num(*sk); i++) + { + attr=(X509_ATTRIBUTE *)sk_value(*sk,i); + if (OBJ_obj2nid(attr->object) == nid) + { + X509_ATTRIBUTE_free(attr); + attr=X509_ATTRIBUTE_create(nid,atrtype,value); + sk_value(*sk,i)=(char *)attr; + goto end; + } + } + goto new_attrib; + } +end: + return(1); + } + diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c index 7d14ad117..7534f4c2a 100644 --- a/crypto/pkcs7/pk7_lib.c +++ b/crypto/pkcs7/pk7_lib.c @@ -98,7 +98,8 @@ char *parg; break; default: - abort(); + PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_UNKNOWN_OPERATION); + ret=0; } return(ret); } @@ -172,12 +173,19 @@ int type; case NID_pkcs7_signedAndEnveloped: p7->type=obj; if ((p7->d.signed_and_enveloped=PKCS7_SIGN_ENVELOPE_new()) - == NULL) - goto err; - ASN1_INTEGER_set(p7->d.sign->version,1); + == NULL) goto err; + ASN1_INTEGER_set(p7->d.signed_and_enveloped->version,1); +/* p7->d.signed_and_enveloped->enc_data->content_type= + OBJ_nid2obj(NID_pkcs7_encrypted);*/ + break; - case NID_pkcs7_digest: case NID_pkcs7_enveloped: + p7->type=obj; + if ((p7->d.enveloped=PKCS7_ENVELOPE_new()) + == NULL) goto err; + ASN1_INTEGER_set(p7->d.enveloped->version,0); + break; + case NID_pkcs7_digest: case NID_pkcs7_encrypted: default: PKCS7err(PKCS7_F_PKCS7_SET_TYPE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE); @@ -316,7 +324,10 @@ EVP_MD *dgst; p7i->pkey=pkey; /* Set the algorithms */ - p7i->digest_alg->algorithm=OBJ_nid2obj(EVP_MD_type(dgst)); + if (pkey->type == EVP_PKEY_DSA) + p7i->digest_alg->algorithm=OBJ_nid2obj(NID_sha1); + else + p7i->digest_alg->algorithm=OBJ_nid2obj(EVP_MD_type(dgst)); p7i->digest_enc_alg->algorithm=OBJ_nid2obj(EVP_MD_pkey_type(dgst)); #if 1 @@ -355,6 +366,10 @@ PKCS7 *p7; { return(p7->d.sign->signer_info); } + else if (PKCS7_type_is_signedAndEnveloped(p7)) + { + return(p7->d.signed_and_enveloped->signer_info); + } else return(NULL); } @@ -386,6 +401,9 @@ PKCS7_RECIP_INFO *ri; case NID_pkcs7_signedAndEnveloped: sk= p7->d.signed_and_enveloped->recipientinfo; break; + case NID_pkcs7_enveloped: + sk= p7->d.enveloped->recipientinfo; + break; default: PKCS7err(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,PKCS7_R_WRONG_CONTENT_TYPE); return(0); @@ -407,6 +425,11 @@ X509 *x509; p7i->issuer_and_serial->serial= ASN1_INTEGER_dup(X509_get_serialNumber(x509)); + X509_ALGOR_free(p7i->key_enc_algor); + p7i->key_enc_algor=(X509_ALGOR *)ASN1_dup(i2d_X509_ALGOR, + (char *(*)())d2i_X509_ALGOR, + (char *)x509->cert_info->key->algor); + CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); p7i->cert=x509; @@ -438,6 +461,9 @@ EVP_CIPHER *cipher; case NID_pkcs7_signedAndEnveloped: ec=p7->d.signed_and_enveloped->enc_data; break; + case NID_pkcs7_enveloped: + ec=p7->d.enveloped->enc_data; + break; default: PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_WRONG_CONTENT_TYPE); return(0); diff --git a/crypto/pkcs7/pkcs7.err b/crypto/pkcs7/pkcs7.err index 91413aae4..115721e91 100644 --- a/crypto/pkcs7/pkcs7.err +++ b/crypto/pkcs7/pkcs7.err @@ -12,15 +12,21 @@ #define PKCS7_F_PKCS7_SET_CIPHER 108 #define PKCS7_F_PKCS7_SET_CONTENT 109 #define PKCS7_F_PKCS7_SET_TYPE 110 +#define PKCS7_F_PKCS7_SIGNENVELOPEDECRYPT 111 /* Reason codes. */ -#define PKCS7_R_INTERNAL_ERROR 100 -#define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE 101 -#define PKCS7_R_SIGNATURE_FAILURE 102 -#define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE 103 -#define PKCS7_R_UNABLE_TO_FIND_MEM_BIO 104 -#define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST 105 -#define PKCS7_R_UNKNOWN_DIGEST_TYPE 106 -#define PKCS7_R_UNSUPPORTED_CIPHER_TYPE 107 -#define PKCS7_R_UNSUPPORTED_CONTENT_TYPE 108 -#define PKCS7_R_WRONG_CONTENT_TYPE 109 +#define PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH 100 +#define PKCS7_R_DIGEST_FAILURE 101 +#define PKCS7_R_INTERNAL_ERROR 102 +#define PKCS7_R_MISSING_CERIPEND_INFO 103 +#define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE 104 +#define PKCS7_R_SIGNATURE_FAILURE 105 +#define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE 106 +#define PKCS7_R_UNABLE_TO_FIND_MEM_BIO 107 +#define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST 108 +#define PKCS7_R_UNKNOWN_DIGEST_TYPE 109 +#define PKCS7_R_UNKNOWN_OPERATION 110 +#define PKCS7_R_UNSUPPORTED_CIPHER_TYPE 111 +#define PKCS7_R_UNSUPPORTED_CONTENT_TYPE 112 +#define PKCS7_R_WRONG_CONTENT_TYPE 113 +#define PKCS7_R_WRONG_PKCS7_TYPE 114 diff --git a/crypto/pkcs7/pkcs7.h b/crypto/pkcs7/pkcs7.h index ee12f670a..01afa5a5c 100644 --- a/crypto/pkcs7/pkcs7.h +++ b/crypto/pkcs7/pkcs7.h @@ -199,7 +199,12 @@ typedef struct pkcs7_st #define PKCS7_OP_SET_DETACHED_SIGNATURE 1 #define PKCS7_OP_GET_DETACHED_SIGNATURE 2 +#define PKCS7_get_signed_attributes(si) ((si)->auth_attr) +#define PKCS7_get_attributes(si) ((si)->unauth_attr) + #define PKCS7_type_is_signed(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_signed) +#define PKCS7_type_is_signedAndEnveloped(a) \ + (OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped) #define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data) #define PKCS7_set_detached(p,v) \ @@ -208,11 +213,12 @@ typedef struct pkcs7_st PKCS7_ctrl(p,PKCS7_OP_GET_DETACHED_SIGNATURE,0,NULL) #ifdef SSLEAY_MACROS - +#ifndef PKCS7_ISSUER_AND_SERIAL_digest #define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \ ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\ (char *)data,md,len) #endif +#endif #ifndef NOPROTO @@ -314,12 +320,13 @@ int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i); int PKCS7_add_certificate(PKCS7 *p7, X509 *x509); int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509); int PKCS7_content_new(PKCS7 *p7, int nid); -int PKCS7_dataSign(PKCS7 *p7, BIO *bio); int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si); BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio); -/*int PKCS7_DataFinal(PKCS7 *p7, BIO *bio); */ +int PKCS7_dataFinal(PKCS7 *p7, BIO *bio); +BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509_STORE *xs); + PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, EVP_PKEY *pkey, EVP_MD *dgst); @@ -331,6 +338,16 @@ int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri); int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509); int PKCS7_set_cipher(PKCS7 *p7, EVP_CIPHER *cipher); +PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx); +ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK *sk); +int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si,int nid,int type, + char *data); +int PKCS7_add_attribute (PKCS7_SIGNER_INFO *p7si, int nid, int atrtype, + char *value); +ASN1_TYPE *PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid); +ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid); +int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si, STACK *sk); +int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si, STACK *sk); #else @@ -400,7 +417,6 @@ int PKCS7_add_signer(); int PKCS7_add_certificate(); int PKCS7_add_crl(); int PKCS7_content_new(); -int PKCS7_dataSign(); int PKCS7_dataVerify(); BIO *PKCS7_dataInit(); PKCS7_SIGNER_INFO *PKCS7_add_signature(); @@ -412,8 +428,18 @@ int PKCS7_add_recipient_info(); int PKCS7_RECIP_INFO_set(); int PKCS7_set_cipher(); +PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(); +ASN1_OCTET_STRING *PKCS7_digest_from_attributes(); +int PKCS7_add_signed_attribute(); +int PKCS7_add_attribute(); +ASN1_TYPE *PKCS7_get_attribute(); +ASN1_TYPE *PKCS7_get_signed_attribute(); +void PKCS7_set_signed_attributes(); +void PKCS7_set_attributes(); + #endif + /* BEGIN ERROR CODES */ /* Error codes for the PKCS7 functions. */ @@ -429,18 +455,24 @@ int PKCS7_set_cipher(); #define PKCS7_F_PKCS7_SET_CIPHER 108 #define PKCS7_F_PKCS7_SET_CONTENT 109 #define PKCS7_F_PKCS7_SET_TYPE 110 +#define PKCS7_F_PKCS7_SIGNENVELOPEDECRYPT 111 /* Reason codes. */ -#define PKCS7_R_INTERNAL_ERROR 100 -#define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE 101 -#define PKCS7_R_SIGNATURE_FAILURE 102 -#define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE 103 -#define PKCS7_R_UNABLE_TO_FIND_MEM_BIO 104 -#define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST 105 -#define PKCS7_R_UNKNOWN_DIGEST_TYPE 106 -#define PKCS7_R_UNSUPPORTED_CIPHER_TYPE 107 -#define PKCS7_R_UNSUPPORTED_CONTENT_TYPE 108 -#define PKCS7_R_WRONG_CONTENT_TYPE 109 +#define PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH 100 +#define PKCS7_R_DIGEST_FAILURE 101 +#define PKCS7_R_INTERNAL_ERROR 102 +#define PKCS7_R_MISSING_CERIPEND_INFO 103 +#define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE 104 +#define PKCS7_R_SIGNATURE_FAILURE 105 +#define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE 106 +#define PKCS7_R_UNABLE_TO_FIND_MEM_BIO 107 +#define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST 108 +#define PKCS7_R_UNKNOWN_DIGEST_TYPE 109 +#define PKCS7_R_UNKNOWN_OPERATION 110 +#define PKCS7_R_UNSUPPORTED_CIPHER_TYPE 111 +#define PKCS7_R_UNSUPPORTED_CONTENT_TYPE 112 +#define PKCS7_R_WRONG_CONTENT_TYPE 113 +#define PKCS7_R_WRONG_PKCS7_TYPE 114 #ifdef __cplusplus } diff --git a/crypto/pkcs7/pkcs7err.c b/crypto/pkcs7/pkcs7err.c index f85105742..f60c856f8 100644 --- a/crypto/pkcs7/pkcs7err.c +++ b/crypto/pkcs7/pkcs7err.c @@ -74,21 +74,27 @@ static ERR_STRING_DATA PKCS7_str_functs[]= {ERR_PACK(0,PKCS7_F_PKCS7_SET_CIPHER,0), "PKCS7_set_cipher"}, {ERR_PACK(0,PKCS7_F_PKCS7_SET_CONTENT,0), "PKCS7_set_content"}, {ERR_PACK(0,PKCS7_F_PKCS7_SET_TYPE,0), "PKCS7_set_type"}, +{ERR_PACK(0,PKCS7_F_PKCS7_SIGNENVELOPEDECRYPT,0), "PKCS7_SIGNENVELOPEDECRYPT"}, {0,NULL}, }; static ERR_STRING_DATA PKCS7_str_reasons[]= { +{PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH ,"decrypted key is wrong length"}, +{PKCS7_R_DIGEST_FAILURE ,"digest failure"}, {PKCS7_R_INTERNAL_ERROR ,"internal error"}, +{PKCS7_R_MISSING_CERIPEND_INFO ,"missing ceripend info"}, {PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE,"operation not supported on this type"}, {PKCS7_R_SIGNATURE_FAILURE ,"signature failure"}, {PKCS7_R_UNABLE_TO_FIND_CERTIFICATE ,"unable to find certificate"}, {PKCS7_R_UNABLE_TO_FIND_MEM_BIO ,"unable to find mem bio"}, {PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST ,"unable to find message digest"}, {PKCS7_R_UNKNOWN_DIGEST_TYPE ,"unknown digest type"}, +{PKCS7_R_UNKNOWN_OPERATION ,"unknown operation"}, {PKCS7_R_UNSUPPORTED_CIPHER_TYPE ,"unsupported cipher type"}, {PKCS7_R_UNSUPPORTED_CONTENT_TYPE ,"unsupported content type"}, {PKCS7_R_WRONG_CONTENT_TYPE ,"wrong content type"}, +{PKCS7_R_WRONG_PKCS7_TYPE ,"wrong pkcs7 type"}, {0,NULL}, }; @@ -98,8 +104,8 @@ void ERR_load_PKCS7_strings() { static int init=1; - if (init); - {; + if (init) + { init=0; #ifndef NO_ERR ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_functs); diff --git a/crypto/pkcs7/sign.c b/crypto/pkcs7/sign.c index ead1cb65c..6ad88d468 100644 --- a/crypto/pkcs7/sign.c +++ b/crypto/pkcs7/sign.c @@ -105,7 +105,13 @@ again: p7=PKCS7_new(); PKCS7_set_type(p7,NID_pkcs7_signed); - if (PKCS7_add_signature(p7,x509,pkey,EVP_sha1()) == NULL) goto err; + si=PKCS7_add_signature(p7,x509,pkey,EVP_sha1()); + if (si == NULL) goto err; + + /* Add some extra attributes */ + if (!add_signed_time(si)) goto err; + if (!add_signed_string(si,"SIGNED STRING")) goto err; + if (!add_signed_seq2string(si,"STRING1","STRING2")) goto err; /* we may want to add more */ PKCS7_add_certificate(p7,x509); @@ -125,7 +131,7 @@ again: BIO_write(p7bio,buf,i); } - if (!PKCS7_dataSign(p7,p7bio)) goto err; + if (!PKCS7_dataFinal(p7,p7bio)) goto err; BIO_free(p7bio); PEM_write_PKCS7(stdout,p7); diff --git a/crypto/pkcs7/verify.c b/crypto/pkcs7/verify.c index 0e1c1b26d..7e0f6e5fe 100644 --- a/crypto/pkcs7/verify.c +++ b/crypto/pkcs7/verify.c @@ -64,6 +64,7 @@ int verify_callback(int ok, X509_STORE_CTX *ctx); BIO *bio_err=NULL; +BIO *bio_out=NULL; main(argc,argv) int argc; @@ -84,6 +85,7 @@ char *argv[]; STACK *sk; bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); + bio_out=BIO_new_fp(stdout,BIO_NOCLOSE); EVP_add_digest(EVP_md2()); EVP_add_digest(EVP_md5()); EVP_add_digest(EVP_sha1()); @@ -131,10 +133,10 @@ again: X509_STORE_load_locations(cert_store,NULL,"../../certs"); X509_STORE_set_verify_cb_func(cert_store,verify_callback); - ERR_clear_errors(); + ERR_clear_error(); /* We need to process the data */ - if (PKCS7_get_detached(p7)) + if ((PKCS7_get_detached(p7) || detached)) { if (detached == NULL) { @@ -168,10 +170,27 @@ again: /* Ok, first we need to, for each subject entry, see if we can verify */ for (i=0; i<sk_num(sk); i++) { + ASN1_UTCTIME *tm; + char *str1,*str2; + si=(PKCS7_SIGNER_INFO *)sk_value(sk,i); i=PKCS7_dataVerify(cert_store,&cert_ctx,p7bio,p7,si); if (i <= 0) goto err; + printf("signer info\n"); + if ((tm=get_signed_time(si)) != NULL) + { + BIO_printf(bio_out,"Signed time:"); + ASN1_UTCTIME_print(bio_out,tm); + ASN1_UTCTIME_free(tm); + BIO_printf(bio_out,"\n"); + } + if (get_signed_seq2string(si,&str1,&str2)) + { + BIO_printf(bio_out,"String 1 is %s\n",str1); + BIO_printf(bio_out,"String 2 is %s\n",str2); + } + } X509_STORE_free(cert_store); diff --git a/crypto/rand/Makefile.ssl b/crypto/rand/Makefile.ssl index d04f0a9b4..ef693aec1 100644 --- a/crypto/rand/Makefile.ssl +++ b/crypto/rand/Makefile.ssl @@ -20,8 +20,8 @@ TEST= randtest.c APPS= LIB=$(TOP)/libcrypto.a -LIBSRC=md_rand.c randfile.c -LIBOBJ=md_rand.o randfile.o +LIBSRC=md_rand.c randfile.c rand_lib.c +LIBOBJ=md_rand.o randfile.o rand_lib.o SRC= $(LIBSRC) diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c index f44b36a8b..35defdea3 100644 --- a/crypto/rand/md_rand.c +++ b/crypto/rand/md_rand.c @@ -88,6 +88,7 @@ We need a message digest of some type #define MD_Init(a) MD5_Init(a) #define MD_Update(a,b,c) MD5_Update(a,b,c) #define MD_Final(a,b) MD5_Final(a,b) +#define MD(a,b,c) MD5(a,b,c) #elif defined(USE_SHA1_RAND) #include "sha.h" #define MD_DIGEST_LENGTH SHA_DIGEST_LENGTH @@ -95,6 +96,7 @@ We need a message digest of some type #define MD_Init(a) SHA1_Init(a) #define MD_Update(a,b,c) SHA1_Update(a,b,c) #define MD_Final(a,b) SHA1_Final(a,b) +#define MD(a,b,c) SHA1(a,b,c) #elif defined(USE_MDC2_RAND) #include "mdc2.h" #define MD_DIGEST_LENGTH MDC2_DIGEST_LENGTH @@ -102,6 +104,7 @@ We need a message digest of some type #define MD_Init(a) MDC2_Init(a) #define MD_Update(a,b,c) MDC2_Update(a,b,c) #define MD_Final(a,b) MDC2_Final(a,b) +#define MD(a,b,c) MDC2(a,b,c) #elif defined(USE_MD2_RAND) #include "md2.h" #define MD_DIGEST_LENGTH MD2_DIGEST_LENGTH @@ -109,31 +112,48 @@ We need a message digest of some type #define MD_Init(a) MD2_Init(a) #define MD_Update(a,b,c) MD2_Update(a,b,c) #define MD_Final(a,b) MD2_Final(a,b) +#define MD(a,b,c) MD2(a,b,c) #endif #include "rand.h" -/*#define NORAND 1 */ -/*#define PREDICT 1 */ +/* #define NORAND 1 */ +/* #define PREDICT 1 */ #define STATE_SIZE 1023 static int state_num=0,state_index=0; static unsigned char state[STATE_SIZE+MD_DIGEST_LENGTH]; static unsigned char md[MD_DIGEST_LENGTH]; -static int md_count=0; +static long md_count[2]={0,0}; -char *RAND_version="RAND part of SSLeay 0.9.0b 29-Jun-1998"; +char *RAND_version="RAND part of SSLeay 0.9.1a 06-Jul-1998"; -void RAND_cleanup() +static void ssleay_rand_cleanup(void); +static void ssleay_rand_seed(unsigned char *buf, int num); +static void ssleay_rand_bytes(unsigned char *buf, int num); + +RAND_METHOD rand_ssleay={ + ssleay_rand_seed, + ssleay_rand_bytes, + ssleay_rand_cleanup, + }; + +RAND_METHOD *RAND_SSLeay() + { + return(&rand_ssleay); + } + +static void ssleay_rand_cleanup() { memset(state,0,sizeof(state)); state_num=0; state_index=0; memset(md,0,MD_DIGEST_LENGTH); - md_count=0; + md_count[0]=0; + md_count[1]=0; } -void RAND_seed(buf,num) +static void ssleay_rand_seed(buf,num) unsigned char *buf; int num; { @@ -178,7 +198,9 @@ int num; MD_Update(&m,&(state[st_idx]),j); MD_Update(&m,buf,j); + MD_Update(&m,(unsigned char *)&(md_count[0]),sizeof(md_count)); MD_Final(md,&m); + md_count[1]++; buf+=j; @@ -195,7 +217,7 @@ int num; memset((char *)&m,0,sizeof(m)); } -void RAND_bytes(buf,num) +static void ssleay_rand_bytes(buf,num) unsigned char *buf; int num; { @@ -277,6 +299,7 @@ int num; num-=j; MD_Init(&m); MD_Update(&m,&(md[MD_DIGEST_LENGTH/2]),MD_DIGEST_LENGTH/2); + MD_Update(&m,(unsigned char *)&(md_count[0]),sizeof(md_count)); #ifndef PURIFY MD_Update(&m,buf,j); /* purify complains */ #endif @@ -300,7 +323,8 @@ int num; } MD_Init(&m); - MD_Update(&m,(unsigned char *)&md_count,sizeof(md_count)); md_count++; + MD_Update(&m,(unsigned char *)&(md_count[0]),sizeof(md_count)); + md_count[0]++; MD_Update(&m,md,MD_DIGEST_LENGTH); MD_Final(md,&m); memset(&m,0,sizeof(m)); @@ -385,7 +409,7 @@ void RAND_screen(void) GetBitmapBits(hBitmap, size, bmbits); /* Get the MD5 of the bitmap */ - MD5(bmbits,size,md); + MD(bmbits,size,md); /* Seed the random generator with the MD5 digest */ RAND_seed(md, MD_DIGEST_LENGTH); diff --git a/crypto/rand/rand.h b/crypto/rand/rand.h index 477d7a150..f5edcb9a5 100644 --- a/crypto/rand/rand.h +++ b/crypto/rand/rand.h @@ -63,7 +63,23 @@ extern "C" { #endif +typedef struct rand_meth_st + { #ifndef NOPROTO + void (*seed)(unsigned char *buf, int num); + void (*bytes)(unsigned char *buf, int num); + void (*cleanup)(void); +#else + void (*seed)(); + void (*bytes)(); + void (*cleanup)(); +#endif + } RAND_METHOD; + +#ifndef NOPROTO +void RAND_set_rand_method(RAND_METHOD *meth); +RAND_METHOD *RAND_get_rand_method(void ); +RAND_METHOD *RAND_SSLeay(void); void RAND_cleanup(void ); void RAND_bytes( unsigned char *buf,int num); void RAND_seed( unsigned char *buf,int num); @@ -74,6 +90,9 @@ char *RAND_file_name(char *file,int num); void RAND_screen(void); #endif #else +void RAND_set_rand_method(); +RAND_METHOD *RAND_get_rand_method(); +RAND_METHOD *RAND_SSLeay(); void RAND_cleanup(); void RAND_bytes(); void RAND_seed(); diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c index f2b374636..4b38b2bf6 100644 --- a/crypto/rand/randfile.c +++ b/crypto/rand/randfile.c @@ -58,6 +58,7 @@ #include <stdio.h> #include "cryptlib.h" +#include <sys/types.h> #include <sys/stat.h> #include <sys/types.h> #include "rand.h" @@ -86,7 +87,7 @@ long bytes; if (i < 0) return(0); if (bytes <= 0) return(ret); - in=fopen(file,"r"); + in=fopen(file,"br"); if (in == NULL) goto err; for (;;) { diff --git a/crypto/rc2/rc2_ecb.c b/crypto/rc2/rc2_ecb.c index 96239cd4e..502298258 100644 --- a/crypto/rc2/rc2_ecb.c +++ b/crypto/rc2/rc2_ecb.c @@ -59,7 +59,7 @@ #include "rc2.h" #include "rc2_locl.h" -char *RC2_version="RC2 part of SSLeay 0.9.0b 29-Jun-1998"; +char *RC2_version="RC2 part of SSLeay 0.9.1a 06-Jul-1998"; /* RC2 as implemented frm a posting from * Newsgroups: sci.crypt diff --git a/crypto/rc2/rc2speed.c b/crypto/rc2/rc2speed.c index 6cd8ea8f2..d02f9d812 100644 --- a/crypto/rc2/rc2speed.c +++ b/crypto/rc2/rc2speed.c @@ -92,7 +92,8 @@ struct tms { #include <sys/timeb.h> #endif -#ifdef sun +#if defined(sun) || defined(__ultrix) +#define _POSIX_SOURCE #include <limits.h> #include <sys/param.h> #endif diff --git a/crypto/rc4/Makefile.ssl b/crypto/rc4/Makefile.ssl index 19c1e980f..f5f38a4ac 100644 --- a/crypto/rc4/Makefile.ssl +++ b/crypto/rc4/Makefile.ssl @@ -63,7 +63,7 @@ asm/rx86-out.o: asm/rx86unix.cpp # bsdi asm/rx86bsdi.o: asm/rx86unix.cpp - $(CPP) -DBSDI asm/rx86unix.cpp | as -o asm/rx86bsdi.o + $(CPP) -DBSDI asm/rx86unix.cpp | sed 's/ :/:/' | as -o asm/rx86bsdi.o asm/rx86unix.cpp: (cd asm; perl rc4-586.pl cpp >rx86unix.cpp) diff --git a/crypto/rc4/rc4_enc.c b/crypto/rc4/rc4_enc.c index ab8a111b5..26da6d520 100644 --- a/crypto/rc4/rc4_enc.c +++ b/crypto/rc4/rc4_enc.c @@ -95,7 +95,6 @@ unsigned char *outdata; #define RC4_LOOP(a,b,i) LOOP(a[i],b[i]) #endif - i= -(int)len; i=(int)(len>>3L); if (i) { diff --git a/crypto/rc4/rc4_skey.c b/crypto/rc4/rc4_skey.c index 0be5fde67..03e69e16c 100644 --- a/crypto/rc4/rc4_skey.c +++ b/crypto/rc4/rc4_skey.c @@ -59,7 +59,7 @@ #include "rc4.h" #include "rc4_locl.h" -char *RC4_version="RC4 part of SSLeay 0.9.0b 29-Jun-1998"; +char *RC4_version="RC4 part of SSLeay 0.9.1a 06-Jul-1998"; char *RC4_options() { diff --git a/crypto/rc4/rc4speed.c b/crypto/rc4/rc4speed.c index 5298dad6d..f796f7b7b 100644 --- a/crypto/rc4/rc4speed.c +++ b/crypto/rc4/rc4speed.c @@ -92,7 +92,8 @@ struct tms { #include <sys/timeb.h> #endif -#ifdef sun +#if defined(sun) || defined(__ultrix) +#define _POSIX_SOURCE #include <limits.h> #include <sys/param.h> #endif diff --git a/crypto/rc5/Makefile.ssl b/crypto/rc5/Makefile.ssl index 5e98ee234..f7379b046 100644 --- a/crypto/rc5/Makefile.ssl +++ b/crypto/rc5/Makefile.ssl @@ -61,7 +61,7 @@ asm/r586-out.o: asm/r586unix.cpp # bsdi asm/r586bsdi.o: asm/r586unix.cpp - $(CPP) -DBSDI asm/r586unix.cpp | as -o asm/r586bsdi.o + $(CPP) -DBSDI asm/r586unix.cpp | sed 's/ :/:/' | as -o asm/r586bsdi.o asm/r586unix.cpp: (cd asm; perl rc5-586.pl cpp >r586unix.cpp) @@ -72,7 +72,7 @@ files: links: /bin/rm -f Makefile $(TOP)/util/point.sh Makefile.ssl Makefile ; - $(TOP)/util/point.sh ../../doc/rc5.doc rc5.doc ; + # $(TOP)/util/point.sh ../../doc/rc5.doc rc5.doc ; $(TOP)/util/mklink.sh ../../include $(EXHEADER) $(TOP)/util/mklink.sh ../../test $(TEST) $(TOP)/util/mklink.sh ../../apps $(APPS) diff --git a/crypto/rc5/rc5_ecb.c b/crypto/rc5/rc5_ecb.c index 82947f4cd..ab971a9de 100644 --- a/crypto/rc5/rc5_ecb.c +++ b/crypto/rc5/rc5_ecb.c @@ -59,7 +59,7 @@ #include "rc5.h" #include "rc5_locl.h" -char *RC5_version="RC5 part of SSLeay 0.9.0b 29-Jun-1998"; +char *RC5_version="RC5 part of SSLeay 0.9.1a 06-Jul-1998"; void RC5_32_ecb_encrypt(in, out, ks, encrypt) unsigned char *in; diff --git a/crypto/rc5/rc5speed.c b/crypto/rc5/rc5speed.c index 5eeb560b7..29148dc49 100644 --- a/crypto/rc5/rc5speed.c +++ b/crypto/rc5/rc5speed.c @@ -92,7 +92,8 @@ struct tms { #include <sys/timeb.h> #endif -#ifdef sun +#if defined(sun) || defined(__ultrix) +#define _POSIX_SOURCE #include <limits.h> #include <sys/param.h> #endif diff --git a/crypto/ripemd/Makefile.ssl b/crypto/ripemd/Makefile.ssl index 67d47ceb2..e865cdb5e 100644 --- a/crypto/ripemd/Makefile.ssl +++ b/crypto/ripemd/Makefile.ssl @@ -59,7 +59,7 @@ asm/rm86-out.o: asm/rm86unix.cpp # bsdi asm/rm86bsdi.o: asm/rm86unix.cpp - $(CPP) -DBSDI asm/rm86unix.cpp | as -o asm/rm86bsdi.o + $(CPP) -DBSDI asm/rm86unix.cpp | sed 's/ :/:/' | as -o asm/rm86bsdi.o asm/rm86unix.cpp: (cd asm; perl rmd-586.pl cpp >rm86unix.cpp) diff --git a/crypto/ripemd/rmd_dgst.c b/crypto/ripemd/rmd_dgst.c index 210de1977..904a45b76 100644 --- a/crypto/ripemd/rmd_dgst.c +++ b/crypto/ripemd/rmd_dgst.c @@ -59,7 +59,7 @@ #include <stdio.h> #include "rmd_locl.h" -char *RMD160_version="RIPEMD160 part of SSLeay 0.9.0b 29-Jun-1998"; +char *RMD160_version="RIPEMD160 part of SSLeay 0.9.1a 06-Jul-1998"; #ifndef NOPROTO # ifdef RMD160_ASM @@ -73,7 +73,7 @@ char *RMD160_version="RIPEMD160 part of SSLeay 0.9.0b 29-Jun-1998"; void ripemd160_block_x86(); # define ripemd160_block ripemd160_block_x86 # else - static void ripemd160_block(); + void ripemd160_block(); # endif #endif diff --git a/crypto/rsa/rsa.err b/crypto/rsa/rsa.err index 5ded1b5fa..e866635fb 100644 --- a/crypto/rsa/rsa.err +++ b/crypto/rsa/rsa.err @@ -1,26 +1,27 @@ /* Error codes for the RSA functions. */ /* Function codes. */ -#define RSA_F_RSA_EAY_PRIVATE_DECRYPT 100 -#define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 101 -#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 102 -#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 103 -#define RSA_F_RSA_GENERATE_KEY 104 -#define RSA_F_RSA_NEW_METHOD 105 -#define RSA_F_RSA_PADDING_ADD_NONE 106 -#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 107 -#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 108 -#define RSA_F_RSA_PADDING_ADD_SSLV23 109 -#define RSA_F_RSA_PADDING_CHECK_NONE 110 -#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 111 -#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 112 -#define RSA_F_RSA_PADDING_CHECK_SSLV23 113 -#define RSA_F_RSA_PRINT 114 -#define RSA_F_RSA_PRINT_FP 115 -#define RSA_F_RSA_SIGN 116 -#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 117 -#define RSA_F_RSA_VERIFY 118 -#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 119 +#define RSA_F_MEMORY_LOCK 100 +#define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101 +#define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102 +#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103 +#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104 +#define RSA_F_RSA_GENERATE_KEY 105 +#define RSA_F_RSA_NEW_METHOD 106 +#define RSA_F_RSA_PADDING_ADD_NONE 107 +#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108 +#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109 +#define RSA_F_RSA_PADDING_ADD_SSLV23 110 +#define RSA_F_RSA_PADDING_CHECK_NONE 111 +#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 112 +#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 113 +#define RSA_F_RSA_PADDING_CHECK_SSLV23 114 +#define RSA_F_RSA_PRINT 115 +#define RSA_F_RSA_PRINT_FP 116 +#define RSA_F_RSA_SIGN 117 +#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118 +#define RSA_F_RSA_VERIFY 119 +#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120 /* Reason codes. */ #define RSA_R_ALGORITHM_MISMATCH 100 diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h index aeb78ffcd..b7c02fdab 100644 --- a/crypto/rsa/rsa.h +++ b/crypto/rsa/rsa.h @@ -102,11 +102,14 @@ typedef struct rsa_st int references; int flags; - /* Normally used to cached montgomery values */ + /* Normally used to cache montgomery values */ char *method_mod_n; char *method_mod_p; char *method_mod_q; + /* all BIGNUM values are actually in the following data, if it is not + * NULL */ + char *bignum_data; BN_BLINDING *blinding; } RSA; @@ -114,6 +117,7 @@ typedef struct rsa_st #define RSA_F4 0x10001L #define RSA_METHOD_FLAG_NO_CHECK 0x01 /* don't check pub/private match */ + #define RSA_FLAG_CACHE_PUBLIC 0x02 #define RSA_FLAG_CACHE_PRIVATE 0x04 #define RSA_FLAG_BLINDING 0x08 @@ -147,6 +151,9 @@ int RSA_flags(RSA *r); void RSA_set_default_method(RSA_METHOD *meth); +/* This function needs the memory locking malloc callbacks to be installed */ +int RSA_memory_lock(RSA *r); + /* If you have RSAref compiled in. */ RSA_METHOD *RSA_PKCS1_RSAref(void); @@ -193,19 +200,19 @@ void RSA_blinding_off(RSA *rsa); int RSA_padding_add_PKCS1_type_1(unsigned char *to,int tlen, unsigned char *f,int fl); int RSA_padding_check_PKCS1_type_1(unsigned char *to,int tlen, - unsigned char *f,int fl); + unsigned char *f,int fl,int rsa_len); int RSA_padding_add_PKCS1_type_2(unsigned char *to,int tlen, unsigned char *f,int fl); int RSA_padding_check_PKCS1_type_2(unsigned char *to,int tlen, - unsigned char *f,int fl); + unsigned char *f,int fl,int rsa_len); int RSA_padding_add_SSLv23(unsigned char *to,int tlen, unsigned char *f,int fl); int RSA_padding_check_SSLv23(unsigned char *to,int tlen, - unsigned char *f,int fl); + unsigned char *f,int fl,int rsa_len); int RSA_padding_add_none(unsigned char *to,int tlen, unsigned char *f,int fl); int RSA_padding_check_none(unsigned char *to,int tlen, - unsigned char *f,int fl); + unsigned char *f,int fl,int rsa_len); int RSA_get_ex_new_index(long argl, char *argp, int (*new_func)(), int (*dup_func)(), void (*free_func)()); @@ -227,6 +234,7 @@ void RSA_free (); int RSA_flags(); void RSA_set_default_method(); +int RSA_memory_lock(); /* RSA_METHOD *RSA_PKCS1_RSAref(); */ RSA_METHOD *RSA_PKCS1_SSLeay(); @@ -274,26 +282,27 @@ char *RSA_get_ex_data(); /* Error codes for the RSA functions. */ /* Function codes. */ -#define RSA_F_RSA_EAY_PRIVATE_DECRYPT 100 -#define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 101 -#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 102 -#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 103 -#define RSA_F_RSA_GENERATE_KEY 104 -#define RSA_F_RSA_NEW_METHOD 105 -#define RSA_F_RSA_PADDING_ADD_NONE 106 -#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 107 -#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 108 -#define RSA_F_RSA_PADDING_ADD_SSLV23 109 -#define RSA_F_RSA_PADDING_CHECK_NONE 110 -#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 111 -#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 112 -#define RSA_F_RSA_PADDING_CHECK_SSLV23 113 -#define RSA_F_RSA_PRINT 114 -#define RSA_F_RSA_PRINT_FP 115 -#define RSA_F_RSA_SIGN 116 -#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 117 -#define RSA_F_RSA_VERIFY 118 -#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 119 +#define RSA_F_MEMORY_LOCK 100 +#define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101 +#define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102 +#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103 +#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104 +#define RSA_F_RSA_GENERATE_KEY 105 +#define RSA_F_RSA_NEW_METHOD 106 +#define RSA_F_RSA_PADDING_ADD_NONE 107 +#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108 +#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109 +#define RSA_F_RSA_PADDING_ADD_SSLV23 110 +#define RSA_F_RSA_PADDING_CHECK_NONE 111 +#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 112 +#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 113 +#define RSA_F_RSA_PADDING_CHECK_SSLV23 114 +#define RSA_F_RSA_PRINT 115 +#define RSA_F_RSA_PRINT_FP 116 +#define RSA_F_RSA_SIGN 117 +#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118 +#define RSA_F_RSA_VERIFY 119 +#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120 /* Reason codes. */ #define RSA_R_ALGORITHM_MISMATCH 100 diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c index 00f8ea934..7623189e4 100644 --- a/crypto/rsa/rsa_eay.c +++ b/crypto/rsa/rsa_eay.c @@ -110,11 +110,13 @@ unsigned char *to; RSA *rsa; int padding; { - BIGNUM *f=NULL,*ret=NULL; + BIGNUM f,ret; int i,j,k,num=0,r= -1; unsigned char *buf=NULL; BN_CTX *ctx=NULL; + BN_init(&f); + BN_init(&ret); if ((ctx=BN_CTX_new()) == NULL) goto err; num=BN_num_bytes(rsa->n); if ((buf=(unsigned char *)Malloc(num)) == NULL) @@ -140,9 +142,7 @@ int padding; } if (i <= 0) goto err; - if (((f=BN_new()) == NULL) || ((ret=BN_new()) == NULL)) goto err; - - if (BN_bin2bn(buf,num,f) == NULL) goto err; + if (BN_bin2bn(buf,num,&f) == NULL) goto err; if ((rsa->method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC)) { @@ -151,21 +151,21 @@ int padding; rsa->n,ctx)) goto err; } - if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx, + if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx, rsa->method_mod_n)) goto err; /* put in leading 0 bytes if the number is less than the * length of the modulus */ - j=BN_num_bytes(ret); - i=BN_bn2bin(ret,&(to[num-j])); + j=BN_num_bytes(&ret); + i=BN_bn2bin(&ret,&(to[num-j])); for (k=0; k<(num-i); k++) to[k]=0; r=num; err: if (ctx != NULL) BN_CTX_free(ctx); - if (f != NULL) BN_free(f); - if (ret != NULL) BN_free(ret); + BN_clear_free(&f); + BN_clear_free(&ret); if (buf != NULL) { memset(buf,0,num); @@ -181,11 +181,14 @@ unsigned char *to; RSA *rsa; int padding; { - BIGNUM *f=NULL,*ret=NULL; + BIGNUM f,ret; int i,j,k,num=0,r= -1; unsigned char *buf=NULL; BN_CTX *ctx=NULL; + BN_init(&f); + BN_init(&ret); + if ((ctx=BN_CTX_new()) == NULL) goto err; num=BN_num_bytes(rsa->n); if ((buf=(unsigned char *)Malloc(num)) == NULL) @@ -209,40 +212,39 @@ int padding; } if (i <= 0) goto err; - if (((f=BN_new()) == NULL) || ((ret=BN_new()) == NULL)) goto err; - if (BN_bin2bn(buf,num,f) == NULL) goto err; + if (BN_bin2bn(buf,num,&f) == NULL) goto err; if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL)) RSA_blinding_on(rsa,ctx); if (rsa->flags & RSA_FLAG_BLINDING) - if (!BN_BLINDING_convert(f,rsa->blinding,ctx)) goto err; + if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err; if ( (rsa->p != NULL) && (rsa->q != NULL) && (rsa->dmp1 != NULL) && (rsa->dmq1 != NULL) && (rsa->iqmp != NULL)) - { if (!rsa->meth->rsa_mod_exp(ret,f,rsa)) goto err; } + { if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; } else { - if (!rsa->meth->bn_mod_exp(ret,f,rsa->d,rsa->n,ctx)) goto err; + if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) goto err; } if (rsa->flags & RSA_FLAG_BLINDING) - if (!BN_BLINDING_invert(ret,rsa->blinding,ctx)) goto err; + if (!BN_BLINDING_invert(&ret,rsa->blinding,ctx)) goto err; /* put in leading 0 bytes if the number is less than the * length of the modulus */ - j=BN_num_bytes(ret); - i=BN_bn2bin(ret,&(to[num-j])); + j=BN_num_bytes(&ret); + i=BN_bn2bin(&ret,&(to[num-j])); for (k=0; k<(num-i); k++) to[k]=0; r=num; err: if (ctx != NULL) BN_CTX_free(ctx); - if (ret != NULL) BN_free(ret); - if (f != NULL) BN_free(f); + BN_clear_free(&ret); + BN_clear_free(&f); if (buf != NULL) { memset(buf,0,num); @@ -258,12 +260,14 @@ unsigned char *to; RSA *rsa; int padding; { - BIGNUM *f=NULL,*ret=NULL; + BIGNUM f,ret; int j,num=0,r= -1; unsigned char *p; unsigned char *buf=NULL; BN_CTX *ctx=NULL; + BN_init(&f); + BN_init(&ret); ctx=BN_CTX_new(); if (ctx == NULL) goto err; @@ -284,13 +288,12 @@ int padding; } /* make data into a big number */ - if (((ret=BN_new()) == NULL) || ((f=BN_new()) == NULL)) goto err; - if (BN_bin2bn(from,(int)flen,f) == NULL) goto err; + if (BN_bin2bn(from,(int)flen,&f) == NULL) goto err; if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL)) RSA_blinding_on(rsa,ctx); if (rsa->flags & RSA_FLAG_BLINDING) - if (!BN_BLINDING_convert(f,rsa->blinding,ctx)) goto err; + if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err; /* do the decrypt */ if ( (rsa->p != NULL) && @@ -298,29 +301,29 @@ int padding; (rsa->dmp1 != NULL) && (rsa->dmq1 != NULL) && (rsa->iqmp != NULL)) - { if (!rsa->meth->rsa_mod_exp(ret,f,rsa)) goto err; } + { if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; } else { - if (!rsa->meth->bn_mod_exp(ret,f,rsa->d,rsa->n,ctx)) + if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) goto err; } if (rsa->flags & RSA_FLAG_BLINDING) - if (!BN_BLINDING_invert(ret,rsa->blinding,ctx)) goto err; + if (!BN_BLINDING_invert(&ret,rsa->blinding,ctx)) goto err; p=buf; - j=BN_bn2bin(ret,p); /* j is only used with no-padding mode */ + j=BN_bn2bin(&ret,p); /* j is only used with no-padding mode */ switch (padding) { case RSA_PKCS1_PADDING: - r=RSA_padding_check_PKCS1_type_2(to,num,buf,j); + r=RSA_padding_check_PKCS1_type_2(to,num,buf,j,num); break; case RSA_SSLV23_PADDING: - r=RSA_padding_check_SSLv23(to,num,buf,j); + r=RSA_padding_check_SSLv23(to,num,buf,j,num); break; case RSA_NO_PADDING: - r=RSA_padding_check_none(to,num,buf,j); + r=RSA_padding_check_none(to,num,buf,j,num); break; default: RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE); @@ -331,8 +334,8 @@ int padding; err: if (ctx != NULL) BN_CTX_free(ctx); - if (f != NULL) BN_free(f); - if (ret != NULL) BN_free(ret); + BN_clear_free(&f); + BN_clear_free(&ret); if (buf != NULL) { memset(buf,0,num); @@ -348,12 +351,14 @@ unsigned char *to; RSA *rsa; int padding; { - BIGNUM *f=NULL,*ret=NULL; + BIGNUM f,ret; int i,num=0,r= -1; unsigned char *p; unsigned char *buf=NULL; BN_CTX *ctx=NULL; + BN_init(&f); + BN_init(&ret); ctx=BN_CTX_new(); if (ctx == NULL) goto err; @@ -373,10 +378,7 @@ int padding; goto err; } - /* make data into a big number */ - if (((ret=BN_new()) == NULL) || ((f=BN_new()) == NULL)) goto err; - - if (BN_bin2bn(from,flen,f) == NULL) goto err; + if (BN_bin2bn(from,flen,&f) == NULL) goto err; /* do the decrypt */ if ((rsa->method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC)) { @@ -385,19 +387,19 @@ int padding; rsa->n,ctx)) goto err; } - if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx, + if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx, rsa->method_mod_n)) goto err; p=buf; - i=BN_bn2bin(ret,p); + i=BN_bn2bin(&ret,p); switch (padding) { case RSA_PKCS1_PADDING: - r=RSA_padding_check_PKCS1_type_1(to,num,buf,i); + r=RSA_padding_check_PKCS1_type_1(to,num,buf,i,num); break; case RSA_NO_PADDING: - r=RSA_padding_check_none(to,num,buf,i); + r=RSA_padding_check_none(to,num,buf,i,num); break; default: RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE); @@ -408,8 +410,8 @@ int padding; err: if (ctx != NULL) BN_CTX_free(ctx); - if (f != NULL) BN_free(f); - if (ret != NULL) BN_free(ret); + BN_clear_free(&f); + BN_clear_free(&ret); if (buf != NULL) { memset(buf,0,num); @@ -423,14 +425,13 @@ BIGNUM *r0; BIGNUM *I; RSA *rsa; { - BIGNUM *r1=NULL,*m1=NULL; + BIGNUM r1,m1; int ret=0; BN_CTX *ctx; if ((ctx=BN_CTX_new()) == NULL) goto err; - m1=BN_new(); - r1=BN_new(); - if ((m1 == NULL) || (r1 == NULL)) goto err; + BN_init(&m1); + BN_init(&r1); if (rsa->flags & RSA_FLAG_CACHE_PRIVATE) { @@ -452,26 +453,29 @@ RSA *rsa; } } - if (!BN_mod(r1,I,rsa->q,ctx)) goto err; - if (!rsa->meth->bn_mod_exp(m1,r1,rsa->dmq1,rsa->q,ctx, + if (!BN_mod(&r1,I,rsa->q,ctx)) goto err; + if (!rsa->meth->bn_mod_exp(&m1,&r1,rsa->dmq1,rsa->q,ctx, rsa->method_mod_q)) goto err; - if (!BN_mod(r1,I,rsa->p,ctx)) goto err; - if (!rsa->meth->bn_mod_exp(r0,r1,rsa->dmp1,rsa->p,ctx, + if (!BN_mod(&r1,I,rsa->p,ctx)) goto err; + if (!rsa->meth->bn_mod_exp(r0,&r1,rsa->dmp1,rsa->p,ctx, rsa->method_mod_p)) goto err; - if (!BN_add(r1,r0,rsa->p)) goto err; - if (!BN_sub(r0,r1,m1)) goto err; + if (!BN_sub(r0,r0,&m1)) goto err; + /* This will help stop the size of r0 increasing, which does + * affect the multiply if it optimised for a power of 2 size */ + if (r0->neg) + if (!BN_add(r0,r0,rsa->p)) goto err; - if (!BN_mul(r1,r0,rsa->iqmp)) goto err; - if (!BN_mod(r0,r1,rsa->p,ctx)) goto err; - if (!BN_mul(r1,r0,rsa->q)) goto err; - if (!BN_add(r0,r1,m1)) goto err; + if (!BN_mul(&r1,r0,rsa->iqmp,ctx)) goto err; + if (!BN_mod(r0,&r1,rsa->p,ctx)) goto err; + if (!BN_mul(&r1,r0,rsa->q,ctx)) goto err; + if (!BN_add(r0,&r1,&m1)) goto err; ret=1; err: - if (m1 != NULL) BN_free(m1); - if (r1 != NULL) BN_free(r1); + BN_clear_free(&m1); + BN_clear_free(&r1); BN_CTX_free(ctx); return(ret); } diff --git a/crypto/rsa/rsa_err.c b/crypto/rsa/rsa_err.c index 796b3afd4..7899a5d4e 100644 --- a/crypto/rsa/rsa_err.c +++ b/crypto/rsa/rsa_err.c @@ -63,6 +63,7 @@ #ifndef NO_ERR static ERR_STRING_DATA RSA_str_functs[]= { +{ERR_PACK(0,RSA_F_MEMORY_LOCK,0), "MEMORY_LOCK"}, {ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_DECRYPT,0), "RSA_EAY_PRIVATE_DECRYPT"}, {ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_ENCRYPT,0), "RSA_EAY_PRIVATE_ENCRYPT"}, {ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_DECRYPT,0), "RSA_EAY_PUBLIC_DECRYPT"}, @@ -117,8 +118,8 @@ void ERR_load_RSA_strings() { static int init=1; - if (init); - {; + if (init) + { init=0; #ifndef NO_ERR ERR_load_strings(ERR_LIB_RSA,RSA_str_functs); diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c index aed2351cf..936db4951 100644 --- a/crypto/rsa/rsa_gen.c +++ b/crypto/rsa/rsa_gen.c @@ -70,17 +70,17 @@ char *cb_arg; { RSA *rsa=NULL; BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL,*tmp; - int bitsp,bitsq,ok= -1,n=0; + int bitsp,bitsq,ok= -1,n=0,i; BN_CTX *ctx=NULL,*ctx2=NULL; ctx=BN_CTX_new(); if (ctx == NULL) goto err; ctx2=BN_CTX_new(); if (ctx2 == NULL) goto err; - r0=ctx->bn[0]; - r1=ctx->bn[1]; - r2=ctx->bn[2]; - r3=ctx->bn[3]; + r0= &(ctx->bn[0]); + r1= &(ctx->bn[1]); + r2= &(ctx->bn[2]); + r3= &(ctx->bn[3]); ctx->tos+=4; bitsp=(bits+1)/2; @@ -91,12 +91,23 @@ char *cb_arg; /* set e */ rsa->e=BN_new(); if (rsa->e == NULL) goto err; + +#if 1 + /* The problem is when building with 8, 16, or 32 BN_ULONG, + * unsigned long can be larger */ + for (i=0; i<sizeof(unsigned long)*8; i++) + { + if (e_value & (1<<i)) + BN_set_bit(rsa->e,i); + } +#else if (!BN_set_word(rsa->e,e_value)) goto err; +#endif /* generate p and q */ for (;;) { - rsa->p=BN_generate_prime(bitsp,0,NULL,NULL,callback,cb_arg); + rsa->p=BN_generate_prime(NULL,bitsp,0,NULL,NULL,callback,cb_arg); if (rsa->p == NULL) goto err; if (!BN_sub(r2,rsa->p,BN_value_one())) goto err; if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err; @@ -107,7 +118,7 @@ char *cb_arg; if (callback != NULL) callback(3,0,cb_arg); for (;;) { - rsa->q=BN_generate_prime(bitsq,0,NULL,NULL,callback,cb_arg); + rsa->q=BN_generate_prime(NULL,bitsq,0,NULL,NULL,callback,cb_arg); if (rsa->q == NULL) goto err; if (!BN_sub(r2,rsa->q,BN_value_one())) goto err; if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err; @@ -127,12 +138,12 @@ char *cb_arg; /* calculate n */ rsa->n=BN_new(); if (rsa->n == NULL) goto err; - if (!BN_mul(rsa->n,rsa->p,rsa->q)) goto err; + if (!BN_mul(rsa->n,rsa->p,rsa->q,ctx)) goto err; /* calculate d */ if (!BN_sub(r1,rsa->p,BN_value_one())) goto err; /* p-1 */ if (!BN_sub(r2,rsa->q,BN_value_one())) goto err; /* q-1 */ - if (!BN_mul(r0,r1,r2)) goto err; /* (p-1)(q-1) */ + if (!BN_mul(r0,r1,r2,ctx)) goto err; /* (p-1)(q-1) */ /* should not be needed, since gcd(p-1,e) == 1 and gcd(q-1,e) == 1 */ /* for (;;) @@ -149,7 +160,7 @@ char *cb_arg; goto err; } */ - rsa->d=(BIGNUM *)BN_mod_inverse(rsa->e,r0,ctx2); /* d */ + rsa->d=(BIGNUM *)BN_mod_inverse(NULL,rsa->e,r0,ctx2); /* d */ if (rsa->d == NULL) goto err; /* calculate d mod (p-1) */ @@ -163,7 +174,7 @@ char *cb_arg; if (!BN_mod(rsa->dmq1,rsa->d,r2,ctx)) goto err; /* calculate inverse of q mod p */ - rsa->iqmp=BN_mod_inverse(rsa->q,rsa->p,ctx2); + rsa->iqmp=BN_mod_inverse(NULL,rsa->q,rsa->p,ctx2); if (rsa->iqmp == NULL) goto err; ok=1; diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index 95a56f8a2..5ce51f9f5 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -63,7 +63,7 @@ #include "bn.h" #include "rsa.h" -char *RSA_version="RSA part of SSLeay 0.9.0b 29-Jun-1998"; +char *RSA_version="RSA part of SSLeay 0.9.1a 06-Jul-1998"; static RSA_METHOD *default_RSA_meth=NULL; static int rsa_meth_num=0; @@ -120,13 +120,15 @@ RSA_METHOD *meth; ret->method_mod_p=NULL; ret->method_mod_q=NULL; ret->blinding=NULL; + ret->bignum_data=NULL; ret->flags=ret->meth->flags; if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { Free(ret); ret=NULL; } - CRYPTO_new_ex_data(rsa_meth,(char *)ret,&ret->ex_data); + else + CRYPTO_new_ex_data(rsa_meth,(char *)ret,&ret->ex_data); return(ret); } @@ -164,6 +166,7 @@ RSA *r; if (r->dmq1 != NULL) BN_clear_free(r->dmq1); if (r->iqmp != NULL) BN_clear_free(r->iqmp); if (r->blinding != NULL) BN_BLINDING_free(r->blinding); + if (r->bignum_data != NULL) Free_locked(r->bignum_data); Free(r); } @@ -275,10 +278,10 @@ BN_CTX *p_ctx; if (rsa->blinding != NULL) BN_BLINDING_free(rsa->blinding); - A=ctx->bn[0]; + A= &(ctx->bn[0]); ctx->tos++; if (!BN_rand(A,BN_num_bits(rsa->n)-1,1,0)) goto err; - if ((Ai=BN_mod_inverse(A,rsa->n,ctx)) == NULL) goto err; + if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err; if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx, (char *)rsa->method_mod_n)) goto err; @@ -292,3 +295,49 @@ err: return(ret); } +int RSA_memory_lock(r) +RSA *r; + { + int i,j,k,off; + char *p; + BIGNUM *bn,**t[6],*b; + BN_ULONG *ul; + + if (r->d == NULL) return(1); + t[0]= &r->d; + t[1]= &r->p; + t[2]= &r->q; + t[3]= &r->dmp1; + t[4]= &r->dmq1; + t[5]= &r->iqmp; + k=sizeof(BIGNUM)*6; + off=k/sizeof(BN_ULONG)+1; + j=1; + for (i=0; i<6; i++) + j+= (*t[i])->top; + if ((p=Malloc_locked((off+j)*sizeof(BN_ULONG))) == NULL) + { + RSAerr(RSA_F_MEMORY_LOCK,ERR_R_MALLOC_FAILURE); + return(0); + } + bn=(BIGNUM *)p; + ul=(BN_ULONG *)&(p[off]); + for (i=0; i<6; i++) + { + b= *(t[i]); + *(t[i])= &(bn[i]); + memcpy((char *)&(bn[i]),(char *)b,sizeof(BIGNUM)); + bn[i].flags=BN_FLG_STATIC_DATA; + bn[i].d=ul; + memcpy((char *)ul,b->d,sizeof(BN_ULONG)*b->top); + ul+=b->top; + BN_clear_free(b); + } + + /* I should fix this so it can still be done */ + r->flags&= ~(RSA_FLAG_CACHE_PRIVATE|RSA_FLAG_CACHE_PUBLIC); + + r->bignum_data=p; + return(1); + } + diff --git a/crypto/rsa/rsa_none.c b/crypto/rsa/rsa_none.c index f0dd94365..6385b556b 100644 --- a/crypto/rsa/rsa_none.c +++ b/crypto/rsa/rsa_none.c @@ -79,11 +79,12 @@ int flen; return(1); } -int RSA_padding_check_none(to,tlen,from,flen) +int RSA_padding_check_none(to,tlen,from,flen,num) unsigned char *to; int tlen; unsigned char *from; int flen; +int num; { int j; @@ -93,7 +94,7 @@ int flen; RSAerr(RSA_F_RSA_PADDING_CHECK_NONE,RSA_R_DATA_TOO_LARGE); return(-1); } - if (*(from++) != 0) + if (flen+1 >= num) { RSAerr(RSA_F_RSA_PADDING_CHECK_NONE,RSA_R_BAD_ZERO_BYTE); return(-1); diff --git a/crypto/rsa/rsa_pk1.c b/crypto/rsa/rsa_pk1.c index 2791291b9..463818797 100644 --- a/crypto/rsa/rsa_pk1.c +++ b/crypto/rsa/rsa_pk1.c @@ -103,17 +103,18 @@ int flen; return(1); } -int RSA_padding_check_PKCS1_type_1(to,tlen,from,flen) +int RSA_padding_check_PKCS1_type_1(to,tlen,from,flen,num) unsigned char *to; int tlen; unsigned char *from; int flen; +int num; { int i,j; unsigned char *p; p=from; - if (*(p++) != 01) + if ((num != (flen+1)) || (*(p++) != 01)) { RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BLOCK_TYPE_IS_NOT_01); return(-1); @@ -192,21 +193,25 @@ int flen; return(1); } -int RSA_padding_check_PKCS1_type_2(to,tlen,from,flen) +int RSA_padding_check_PKCS1_type_2(to,tlen,from,flen,num) unsigned char *to; int tlen; unsigned char *from; int flen; +int num; { int i,j; unsigned char *p; p=from; - if (*(p++) != 02) + if ((num != (flen+1)) || (*(p++) != 02)) { RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_BLOCK_TYPE_IS_NOT_02); return(-1); } +#ifdef PKCS1_CHECK + return(num-11); +#endif /* scan over padding data */ j=flen-1; /* one for type. */ diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c index 28c5571e7..e38911146 100644 --- a/crypto/rsa/rsa_sign.c +++ b/crypto/rsa/rsa_sign.c @@ -154,9 +154,11 @@ RSA *rsa; p=s; sig=d2i_X509_SIG(NULL,&p,(long)i); + if (sig == NULL) goto err; sigtype=OBJ_obj2nid(sig->algor->algorithm); + #ifdef RSA_DEBUG /* put a backward compatability flag in EAY */ fprintf(stderr,"in(%s) expect(%s)\n",OBJ_nid2ln(sigtype), diff --git a/crypto/rsa/rsa_ssl.c b/crypto/rsa/rsa_ssl.c index 9bcd4b2c0..42ee07680 100644 --- a/crypto/rsa/rsa_ssl.c +++ b/crypto/rsa/rsa_ssl.c @@ -103,11 +103,12 @@ int flen; return(1); } -int RSA_padding_check_SSLv23(to,tlen,from,flen) +int RSA_padding_check_SSLv23(to,tlen,from,flen,num) unsigned char *to; int tlen; unsigned char *from; int flen; +int num; { int i,j,k; unsigned char *p; @@ -118,7 +119,7 @@ int flen; RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_DATA_TOO_SMALL); return(-1); } - if (*(p++) != 02) + if ((num != (flen+1)) || (*(p++) != 02)) { RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_BLOCK_TYPE_IS_NOT_02); return(-1); diff --git a/crypto/sha/Makefile.ssl b/crypto/sha/Makefile.ssl index eeb545d14..fd389b17d 100644 --- a/crypto/sha/Makefile.ssl +++ b/crypto/sha/Makefile.ssl @@ -58,7 +58,7 @@ asm/sx86-out.o: asm/sx86unix.cpp # bsdi asm/sx86bsdi.o: asm/sx86unix.cpp - $(CPP) -DBSDI asm/sx86unix.cpp | as -o asm/sx86bsdi.o + $(CPP) -DBSDI asm/sx86unix.cpp | sed 's/ :/:/' | as -o asm/sx86bsdi.o asm/sx86unix.cpp: (cd asm; perl sha1-586.pl cpp >sx86unix.cpp) diff --git a/crypto/sha/sha1dgst.c b/crypto/sha/sha1dgst.c index 2b0ae1f0d..32449ac34 100644 --- a/crypto/sha/sha1dgst.c +++ b/crypto/sha/sha1dgst.c @@ -63,7 +63,7 @@ #include "sha.h" #include "sha_locl.h" -char *SHA1_version="SHA1 part of SSLeay 0.9.0b 29-Jun-1998"; +char *SHA1_version="SHA1 part of SSLeay 0.9.1a 06-Jul-1998"; /* Implemented from SHA-1 document - The Secure Hash Algorithm */ @@ -197,7 +197,7 @@ unsigned long len; */ #if 1 #if defined(B_ENDIAN) || defined(SHA1_ASM) - if ((((unsigned int)data)%sizeof(ULONG)) == 0) + if ((((unsigned long)data)%sizeof(ULONG)) == 0) { sw=len/SHA_CBLOCK; if (sw) diff --git a/crypto/sha/sha_dgst.c b/crypto/sha/sha_dgst.c index 8ed533ea2..7c8434ff3 100644 --- a/crypto/sha/sha_dgst.c +++ b/crypto/sha/sha_dgst.c @@ -63,7 +63,7 @@ #include "sha.h" #include "sha_locl.h" -char *SHA_version="SHA part of SSLeay 0.9.0b 29-Jun-1998"; +char *SHA_version="SHA part of SSLeay 0.9.1a 06-Jul-1998"; /* Implemented from SHA-0 document - The Secure Hash Algorithm */ @@ -178,7 +178,7 @@ unsigned long len; */ #if 1 #if defined(B_ENDIAN) || defined(SHA_ASM) - if ((((unsigned int)data)%sizeof(ULONG)) == 0) + if ((((unsigned long)data)%sizeof(ULONG)) == 0) { sw=len/SHA_CBLOCK; if (sw) diff --git a/crypto/stack/stack.c b/crypto/stack/stack.c index 610ccbb75..1e29adfb9 100644 --- a/crypto/stack/stack.c +++ b/crypto/stack/stack.c @@ -72,7 +72,7 @@ #undef MIN_NODES #define MIN_NODES 4 -char *STACK_version="STACK part of SSLeay 0.9.0b 29-Jun-1998"; +char *STACK_version="STACK part of SSLeay 0.9.1a 06-Jul-1998"; #ifndef NOPROTO #define FP_ICC (int (*)(const void *,const void *)) diff --git a/crypto/tmdiff.c b/crypto/tmdiff.c index b93799fc0..a5b1c8b6c 100644 --- a/crypto/tmdiff.c +++ b/crypto/tmdiff.c @@ -57,10 +57,17 @@ */ #include <stdio.h> #include <stdlib.h> +#include "cryptlib.h" +#include "tmdiff.h" + +#ifdef TIMEB +#undef WIN32 +#undef TIMES +#endif #ifndef MSDOS # ifndef WIN32 -# define TIMES +# define TIMES # endif #endif @@ -82,7 +89,8 @@ } #endif /* VMS */ -#ifdef sun +#if defined(sun) || defined(__ultrix) +#define _POSIX_SOURCE #include <limits.h> #include <sys/param.h> #endif @@ -126,11 +134,11 @@ typedef struct ms_tm #endif } MS_TM; -char *ms_time_init() +char *ms_time_new() { MS_TM *ret; - ret=malloc(sizeof(MS_TM)); + ret=(MS_TM *)Malloc(sizeof(MS_TM)); if (ret == NULL) return(NULL); memset(ret,0,sizeof(MS_TM)); @@ -140,28 +148,28 @@ char *ms_time_init() return((char *)ret); } -void ms_time_final(a) +void ms_time_free(a) char *a; { if (a != NULL) - free(a); + Free(a); } void ms_time_get(a) char *a; { MS_TM *tm=(MS_TM *)a; - FILETIME tmpa,tmpb,tmpc; +#ifdef WIN32 + FILETIME tmpa,tmpb,tmpc; +#endif #ifdef TIMES - printf("AAA\n"); times(&tm->ms_tms); #else # ifdef WIN32 GetThreadTimes(tm->thread_id,&tmpa,&tmpb,&tmpc,&(tm->ms_win32)); # else - printf("CCC\n"); - ftime(tm->ms_timeb); + ftime(&tm->ms_timeb); # endif #endif } @@ -177,12 +185,20 @@ char *ap,*bp; ret=(b->ms_tms.tms_utime-a->ms_tms.tms_utime)/HZ; #else # ifdef WIN32 - ret =(double)(b->ms_win32.dwHighDateTime&0x000fffff)*10+ - b->ms_win32.dwLowDateTime/1e7; - ret-=(double)(a->ms_win32.dwHighDateTime&0x000fffff)*10+a->ms_win32.dwLowDateTime/1e7; + { + signed _int64 la,lb; + la=a->ms_win32.dwHighDateTime; + lb=b->ms_win32.dwHighDateTime; + la<<=32; + lb<<=32; + la+=a->ms_win32.dwLowDateTime; + lb+=b->ms_win32.dwLowDateTime; + ret=((double)(lb-la))/1e7; + } # else - ret= (double)(b->time-a->time)+ - ((double)((unsigned long)b->mullitm-(unsigned long)))/1000.0; + ret= (double)(b->ms_timeb.time-a->ms_timeb.time)+ + (((double)b->ms_timeb.millitm)- + ((double)a->ms_timeb.millitm))/1000.0; # endif #endif return((ret < 0.0000001)?0.0000001:ret); @@ -202,8 +218,8 @@ char *ap,*bp; d =(b->ms_win32.dwHighDateTime&0x000fffff)*10+b->ms_win32.dwLowDateTime/1e7; d-=(a->ms_win32.dwHighDateTime&0x000fffff)*10+a->ms_win32.dwLowDateTime/1e7; # else - d= (double)(b->time-a->time)+ - ((double)((unsigned long)b->mullitm-(unsigned long)))/1000.0; + d= (double)(b->ms_timeb.time-a->ms_timeb.time)+ + (((double)b->ms_timeb.millitm)-(double)a->ms_timeb.millitm)/1000.0; # endif #endif if (d == 0.0) diff --git a/crypto/txt_db/txt_db.c b/crypto/txt_db/txt_db.c index e34ce4efa..c7044684e 100644 --- a/crypto/txt_db/txt_db.c +++ b/crypto/txt_db/txt_db.c @@ -66,7 +66,7 @@ #undef BUFSIZE #define BUFSIZE 512 -char *TXT_DB_version="TXT_DB part of SSLeay 0.9.0b 29-Jun-1998"; +char *TXT_DB_version="TXT_DB part of SSLeay 0.9.1a 06-Jul-1998"; TXT_DB *TXT_DB_read(in,num) BIO *in; diff --git a/crypto/x509/v3_x509.c b/crypto/x509/v3_x509.c index f685aa4c7..fcf30f745 100644 --- a/crypto/x509/v3_x509.c +++ b/crypto/x509/v3_x509.c @@ -174,6 +174,7 @@ unsigned int use; key_usage_data[i].name); first=0; } + break; } return(1); } diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h index 95114f7c4..4ae05bc0d 100644 --- a/crypto/x509/x509.h +++ b/crypto/x509/x509.h @@ -355,6 +355,9 @@ typedef struct CBCParameter_st #define X509_dup(x509) (X509 *)ASN1_dup((int (*)())i2d_X509, \ (char *(*)())d2i_X509,(char *)x509) +#define X509_ATTRIBUTE_dup(xa) (X509_ATTRIBUTE *)ASN1_dup(\ + (int (*)())i2d_X509_ATTRIBUTE, \ + (char *(*)())d2i_X509_ATTRIBUTE,(char *)xa) #define X509_EXTENSION_dup(ex) (X509_EXTENSION *)ASN1_dup( \ (int (*)())i2d_X509_EXTENSION, \ (char *(*)())d2i_X509_EXTENSION,(char *)ex) @@ -442,6 +445,9 @@ typedef struct CBCParameter_st #define i2d_DSAPrivateKey_bio(bp,dsa) ASN1_i2d_bio(i2d_DSAPrivateKey,bp, \ (unsigned char *)dsa) +#define X509_ALGOR_dup(xn) (X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR,\ + (char *(*)())d2i_X509_ALGOR,(char *)xn) + #define X509_NAME_dup(xn) (X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME, \ (char *(*)())d2i_X509_NAME,(char *)xn) #define X509_NAME_ENTRY_dup(ne) (X509_NAME_ENTRY *)ASN1_dup( \ @@ -453,10 +459,12 @@ typedef struct CBCParameter_st ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len) #define X509_NAME_digest(data,type,md,len) \ ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len) +#ifndef PKCS7_ISSUER_AND_SERIAL_digest #define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \ ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\ (char *)data,md,len) #endif +#endif #define X509_EXT_PACK_UNKNOWN 1 #define X509_EXT_PACK_STRING 2 @@ -528,9 +536,11 @@ int i2d_RSAPublicKey_bio(BIO *bp,RSA *rsa); #endif X509 *X509_dup(X509 *x509); +X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa); X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex); X509_CRL *X509_CRL_dup(X509_CRL *crl); X509_REQ *X509_REQ_dup(X509_REQ *req); +X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn); X509_NAME *X509_NAME_dup(X509_NAME *xn); X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne); RSA *RSAPublicKey_dup(RSA *rsa); @@ -595,6 +605,8 @@ void X509_ATTRIBUTE_free(X509_ATTRIBUTE *a); int i2d_X509_ATTRIBUTE(X509_ATTRIBUTE *a,unsigned char **pp); X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **a,unsigned char **pp, long length); +X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, char *value); + X509_EXTENSION *X509_EXTENSION_new(void ); void X509_EXTENSION_free(X509_EXTENSION *a); @@ -852,6 +864,7 @@ RSA *d2i_RSAPublicKey_bio(); int i2d_RSAPublicKey_bio(); X509 *X509_dup(); +X509_ATTRIBUTE *X509_ATTRIBUTE_dup(); X509_EXTENSION *X509_EXTENSION_dup(); X509_CRL *X509_CRL_dup(); X509_REQ *X509_REQ_dup(); @@ -913,6 +926,7 @@ X509_ATTRIBUTE *X509_ATTRIBUTE_new(); void X509_ATTRIBUTE_free(); int i2d_X509_ATTRIBUTE(); X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(); +X509_ATTRIBUTE *X509_ATTRIBUTE_create(); X509_EXTENSION *X509_EXTENSION_new(); void X509_EXTENSION_free(); diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c index f9d9510ac..ea6a65d2a 100644 --- a/crypto/x509/x509_cmp.c +++ b/crypto/x509/x509_cmp.c @@ -255,3 +255,47 @@ X509_NAME *name; return(NULL); } +EVP_PKEY *X509_get_pubkey(x) +X509 *x; + { + if ((x == NULL) || (x->cert_info == NULL)) + return(NULL); + return(X509_PUBKEY_get(x->cert_info->key)); + } + +int X509_check_private_key(x,k) +X509 *x; +EVP_PKEY *k; + { + EVP_PKEY *xk=NULL; + int ok=0; + + xk=X509_get_pubkey(x); + if (xk->type != k->type) goto err; + switch (k->type) + { +#ifndef NO_RSA + case EVP_PKEY_RSA: + if (BN_cmp(xk->pkey.rsa->n,k->pkey.rsa->n) != 0) goto err; + if (BN_cmp(xk->pkey.rsa->e,k->pkey.rsa->e) != 0) goto err; + break; +#endif +#ifndef NO_DSA + case EVP_PKEY_DSA: + if (BN_cmp(xk->pkey.dsa->pub_key,k->pkey.dsa->pub_key) != 0) + goto err; + break; +#endif +#ifndef NO_DH + case EVP_PKEY_DH: + /* No idea */ + goto err; +#endif + default: + goto err; + } + + ok=1; +err: + return(ok); + } diff --git a/crypto/x509/x509_err.c b/crypto/x509/x509_err.c index 930472161..0c7e30b2c 100644 --- a/crypto/x509/x509_err.c +++ b/crypto/x509/x509_err.c @@ -118,8 +118,8 @@ void ERR_load_X509_strings() { static int init=1; - if (init); - {; + if (init) + { init=0; #ifndef NO_ERR ERR_load_strings(ERR_LIB_X509,X509_str_functs); diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c index 2c7e10a46..a740510b0 100644 --- a/crypto/x509/x509_lu.c +++ b/crypto/x509/x509_lu.c @@ -109,7 +109,7 @@ int X509_LOOKUP_shutdown(ctx) X509_LOOKUP *ctx; { if (ctx->method == NULL) return(0); - if (ctx->method->init != NULL) + if (ctx->method->shutdown != NULL) return(ctx->method->shutdown(ctx)); else return(1); @@ -318,7 +318,7 @@ X509_OBJECT *ret; X509_OBJECT stmp,*tmp; int i,j; - tmp=X509_OBJECT_retrive_by_subject(ctx->certs,type,name); + tmp=X509_OBJECT_retrieve_by_subject(ctx->certs,type,name); if (tmp == NULL) { @@ -381,7 +381,7 @@ X509_OBJECT *a; } } -X509_OBJECT *X509_OBJECT_retrive_by_subject(h,type,name) +X509_OBJECT *X509_OBJECT_retrieve_by_subject(h,type,name) LHASH *h; int type; X509_NAME *name; diff --git a/crypto/x509/x509_r2x.c b/crypto/x509/x509_r2x.c index 6aec2427f..2d8721306 100644 --- a/crypto/x509/x509_r2x.c +++ b/crypto/x509/x509_r2x.c @@ -72,8 +72,6 @@ int days; EVP_PKEY *pkey; { X509 *ret=NULL; - int er=1; - X509_REQ_INFO *ri=NULL; X509_CINF *xi=NULL; X509_NAME *xn; @@ -84,13 +82,9 @@ EVP_PKEY *pkey; } /* duplicate the request */ - ri=(X509_REQ_INFO *)ASN1_dup(i2d_X509_REQ_INFO, - (char *(*)())d2i_X509_REQ_INFO,(char *)r->req_info); - if (ri == NULL) goto err; - xi=ret->cert_info; - if (sk_num(ri->attributes) != 0) + if (sk_num(r->req_info->attributes) != 0) { if ((xi->version=ASN1_INTEGER_new()) == NULL) goto err; if (!ASN1_INTEGER_set(xi->version,2)) goto err; @@ -109,13 +103,11 @@ EVP_PKEY *pkey; if (!X509_sign(ret,pkey,EVP_md5())) goto err; - er=0; -err: - if (er) + if (0) { +err: X509_free(ret); - X509_REQ_INFO_free(ri); - return(NULL); + ret=NULL; } return(ret); } diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index c1be91edb..1d62f2df9 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -80,7 +80,7 @@ static int null_callback(); static int internal_verify(); #endif -char *X509_version="X509 part of SSLeay 0.9.0b 29-Jun-1998"; +char *X509_version="X509 part of SSLeay 0.9.1a 06-Jul-1998"; static STACK *x509_store_ctx_method=NULL; static int x509_store_ctx_num=0; #if 0 @@ -285,7 +285,11 @@ X509_STORE_CTX *ctx; ok=ctx->ctx->verify(ctx); else ok=internal_verify(ctx); + if (0) + { end: + X509_get_pubkey_parameters(NULL,ctx->chain); + } if (sktmp != NULL) sk_free(sktmp); if (chain_ss != NULL) X509_free(chain_ss); return(ok); @@ -434,7 +438,7 @@ ASN1_UTCTIME *ctm; offset=((str[1]-'0')*10+(str[2]-'0'))*60; offset+=(str[3]-'0')*10+(str[4]-'0'); if (*str == '-') - offset=-offset; + offset= -offset; } atm.type=V_ASN1_UTCTIME; atm.length=sizeof(buff2); @@ -509,51 +513,6 @@ STACK *chain; return(1); } -EVP_PKEY *X509_get_pubkey(x) -X509 *x; - { - if ((x == NULL) || (x->cert_info == NULL)) - return(NULL); - return(X509_PUBKEY_get(x->cert_info->key)); - } - -int X509_check_private_key(x,k) -X509 *x; -EVP_PKEY *k; - { - EVP_PKEY *xk=NULL; - int ok=0; - - xk=X509_get_pubkey(x); - if (xk->type != k->type) goto err; - switch (k->type) - { -#ifndef NO_RSA - case EVP_PKEY_RSA: - if (BN_cmp(xk->pkey.rsa->n,k->pkey.rsa->n) != 0) goto err; - if (BN_cmp(xk->pkey.rsa->e,k->pkey.rsa->e) != 0) goto err; - break; -#endif -#ifndef NO_DSA - case EVP_PKEY_DSA: - if (BN_cmp(xk->pkey.dsa->pub_key,k->pkey.dsa->pub_key) != 0) - goto err; - break; -#endif -#ifndef NO_DH - case EVP_PKEY_DH: - /* No idea */ - goto err; -#endif - default: - goto err; - } - - ok=1; -err: - return(ok); - } - int X509_STORE_add_cert(ctx,x) X509_STORE *ctx; X509 *x; diff --git a/crypto/x509/x509_vfy.h b/crypto/x509/x509_vfy.h index dfc060f89..6849a8c74 100644 --- a/crypto/x509/x509_vfy.h +++ b/crypto/x509/x509_vfy.h @@ -245,7 +245,7 @@ X509_LOOKUP_METHOD *X509_LOOKUP_dir(); #ifndef NOPROTO #ifdef HEADER_LHASH_H -X509_OBJECT *X509_OBJECT_retrive_by_subject(LHASH *h,int type,X509_NAME *name); +X509_OBJECT *X509_OBJECT_retrieve_by_subject(LHASH *h,int type,X509_NAME *name); #endif void X509_OBJECT_up_ref_count(X509_OBJECT *a); void X509_OBJECT_free_contents(X509_OBJECT *a); @@ -313,7 +313,7 @@ void X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK /* X509 */ *sk); #else #ifdef HEADER_LHASH_H -X509_OBJECT *X509_OBJECT_retrive_by_subject(); +X509_OBJECT *X509_OBJECT_retrieve_by_subject(); #endif void X509_OBJECT_up_ref_count(); void X509_OBJECT_free_contents(); @@ -359,6 +359,7 @@ int X509_STORE_load_locations (); int X509_STORE_set_default_paths(); #endif +int X509_STORE_CTX_get_ex_new_index(); int X509_STORE_CTX_set_ex_data(); char * X509_STORE_CTX_get_ex_data(); int X509_STORE_CTX_get_error(); diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c index b7dde23e9..682de167f 100644 --- a/crypto/x509/x_all.c +++ b/crypto/x509/x_all.c @@ -133,6 +133,13 @@ EVP_MD *md; x->signature, (char *)x->spkac,pkey,md)); } +X509_ATTRIBUTE *X509_ATTRIBUTE_dup(xa) +X509_ATTRIBUTE *xa; + { + return((X509_ATTRIBUTE *)ASN1_dup((int (*)())i2d_X509_ATTRIBUTE, + (char *(*)())d2i_X509_ATTRIBUTE,(char *)xa)); + } + X509 *X509_dup(x509) X509 *x509; { @@ -421,6 +428,13 @@ DSA *dsa; } #endif +X509_ALGOR *X509_ALGOR_dup(xn) +X509_ALGOR *xn; + { + return((X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR, + (char *(*)())d2i_X509_ALGOR,(char *)xn)); + } + X509_NAME *X509_NAME_dup(xn) X509_NAME *xn; { diff --git a/demos/bio/sconnect.c b/demos/bio/sconnect.c index 8a667f591..68296da80 100644 --- a/demos/bio/sconnect.c +++ b/demos/bio/sconnect.c @@ -48,7 +48,7 @@ char *argv[]; /* Lets use a connect BIO under the SSL BIO */ out=BIO_new(BIO_s_connect()); - BIO_set_hostname(out,host); + BIO_set_conn_hostname(out,host); BIO_set_nbio(out,1); out=BIO_push(ssl_bio,out); @@ -538,18 +538,10 @@ ./apps/rsa.c APPS ./apps/sess_id.c APPS ./apps/s_apps.h APPS -./apps/s_args.c APPS -./apps/s_cache.c APPS ./apps/s_cb.c APPS ./apps/s_client.c APPS -./apps/s_eio.c APPS -./apps/s_eio.h APPS -./apps/s_filter.c APPS -./apps/s_filter.h APPS ./apps/s_server.c APPS ./apps/s_socket.c APPS -./apps/s_state.c APPS -./apps/s_state.h APPS ./apps/s_time.c APPS ./apps/testdsa.h APPS ./apps/testrsa.h APPS @@ -110,10 +110,16 @@ extern "C" { #ifdef WINDOWS #define get_last_socket_error() WSAGetLastError() #define clear_socket_error() WSASetLastError(0) +#define readsocket(s,b,n) recv((s),(b),(n),0) +#define writesocket(s,b,n) send((s),(b),(n),0) +#define EADDRINUSE WSAEADDRINUSE #else #define get_last_socket_error() errno #define clear_socket_error() errno=0 #define ioctlsocket(a,b,c) ioctl(a,b,c) +#define closesocket(s) close(s) +#define readsocket(s,b,n) read((s),(b),(n)) +#define writesocket(s,b,n) write((s),(b),(n)) #endif #ifdef WIN16 @@ -251,7 +257,7 @@ extern HINSTANCE _hInstance; # define SSLeay_Write(a,b,c) write((a),(b),(c)) # define SHUTDOWN(fd) { shutdown((fd),0); close((fd)); } # define SHUTDOWN2(fd) { shutdown((fd),2); close((fd)); } -# define INVALID_SOCKET -1 +# define INVALID_SOCKET (-1) # endif #endif diff --git a/makefile.one b/makefile.one index b0931e0d6..a0aaaf947 100644 --- a/makefile.one +++ b/makefile.one @@ -14,6 +14,7 @@ INSTALLTOP=/usr/local/ssl # Set your compiler options +PLATFORM= CC=cc CFLAG=-O -DTERMIO APP_CFLAG= @@ -35,8 +36,6 @@ BN_MULW_OBJ= BN_MULW_SRC= DES_ENC_OBJ= DES_ENC_SRC= -DES_CRYPT_OBJ= -DES_CRYPT_SRC= BF_ENC_OBJ= BF_ENC_SRC= CAST_ENC_OBJ= @@ -96,7 +95,7 @@ SO_CRYPTO= lib$(CRYPTO) L_SSL= $(LIB_D)/$(SSL).a L_CRYPTO= $(LIB_D)/$(CRYPTO).a -L_LIBS= $(L_SSL) $(L_CRYPTO) +L_LIBS= $(O_SSL) $(O_CRYPTO) #L_LIBS= $(O_SSL) $(O_RSAGLUE) -lrsaref $(O_CRYPTO) ###################################################### @@ -120,21 +119,22 @@ HEADER=$(INCL_D)/cryptlib.h \ $(INCL_D)/cast_lcl.h $(INCL_D)/bn_lcl.h $(INCL_D)/bn_prime.h \ $(INCL_D)/obj_dat.h $(INCL_D)/conf_lcl.h $(INCL_D)/ssl_locl.h \ $(INCL_D)/rsaref.h $(INCL_D)/apps.h $(INCL_D)/progs.h \ - $(INCL_D)/s_apps.h $(INCL_D)/testdsa.h $(INCL_D)/testrsa.h + $(INCL_D)/testdsa.h $(INCL_D)/testrsa.h EXHEADER=$(INC_D)/e_os.h \ - $(INC_D)/crypto.h $(INC_D)/cryptall.h $(INC_D)/md2.h \ - $(INC_D)/md5.h $(INC_D)/sha.h $(INC_D)/mdc2.h \ - $(INC_D)/hmac.h $(INC_D)/ripemd.h $(INC_D)/des.h \ - $(INC_D)/rc2.h $(INC_D)/rc4.h $(INC_D)/rc5.h \ - $(INC_D)/idea.h $(INC_D)/blowfish.h $(INC_D)/cast.h \ - $(INC_D)/bn.h $(INC_D)/rsa.h $(INC_D)/dsa.h \ - $(INC_D)/dh.h $(INC_D)/buffer.h $(INC_D)/bio.h \ - $(INC_D)/bss_file.c $(INC_D)/stack.h $(INC_D)/lhash.h \ - $(INC_D)/rand.h $(INC_D)/err.h $(INC_D)/objects.h \ - $(INC_D)/evp.h $(INC_D)/pem.h $(INC_D)/asn1.h \ - $(INC_D)/asn1_mac.h $(INC_D)/x509.h $(INC_D)/x509_vfy.h \ - $(INC_D)/conf.h $(INC_D)/txt_db.h $(INC_D)/pkcs7.h \ + $(INC_D)/crypto.h $(INC_D)/cryptall.h $(INC_D)/tmdiff.h \ + $(INC_D)/md2.h $(INC_D)/md5.h $(INC_D)/sha.h \ + $(INC_D)/mdc2.h $(INC_D)/hmac.h $(INC_D)/ripemd.h \ + $(INC_D)/des.h $(INC_D)/rc2.h $(INC_D)/rc4.h \ + $(INC_D)/rc5.h $(INC_D)/idea.h $(INC_D)/blowfish.h \ + $(INC_D)/cast.h $(INC_D)/bn.h $(INC_D)/rsa.h \ + $(INC_D)/dsa.h $(INC_D)/dh.h $(INC_D)/buffer.h \ + $(INC_D)/bio.h $(INC_D)/bss_file.c $(INC_D)/stack.h \ + $(INC_D)/lhash.h $(INC_D)/rand.h $(INC_D)/err.h \ + $(INC_D)/objects.h $(INC_D)/evp.h $(INC_D)/pem.h \ + $(INC_D)/asn1.h $(INC_D)/asn1_mac.h $(INC_D)/x509.h \ + $(INC_D)/x509_vfy.h $(INC_D)/conf.h $(INC_D)/txt_db.h \ + $(INC_D)/pkcs7.h $(INC_D)/proxy.h $(INC_D)/comp.h \ $(INC_D)/ssl.h $(INC_D)/ssl2.h $(INC_D)/ssl3.h \ $(INC_D)/ssl23.h $(INC_D)/tls1.h @@ -154,41 +154,42 @@ E_OBJ=$(OBJ_D)/verify.o \ $(OBJ_D)/crl2p7.o $(OBJ_D)/crl.o $(OBJ_D)/rsa.o \ $(OBJ_D)/dsa.o $(OBJ_D)/dsaparam.o $(OBJ_D)/x509.o \ $(OBJ_D)/genrsa.o $(OBJ_D)/s_server.o $(OBJ_D)/s_client.o \ - $(OBJ_D)/speed.o $(OBJ_D)/s_time.o $(OBJ_D)/apps.o \ - $(OBJ_D)/s_cb.o $(OBJ_D)/s_socket.o $(OBJ_D)/version.o \ + $(OBJ_D)/speed.o $(OBJ_D)/s_time.o \ + $(OBJ_D)/apps.o $(OBJ_D)/s_cb.o $(OBJ_D)/s_socket.o \ + $(OBJ_D)/bf_perm.o $(OBJ_D)/version.o \ $(OBJ_D)/sess_id.o $(OBJ_D)/ciphers.o $(OBJ_D)/ssleay.o CRYPTOOBJ=$(OBJ_D)/cryptlib.o \ $(OBJ_D)/mem.o $(OBJ_D)/cversion.o $(OBJ_D)/ex_data.o \ - $(OBJ_D)/cpt_err.o $(OBJ_D)/md2_dgst.o $(OBJ_D)/md2_one.o \ - $(OBJ_D)/md5_dgst.o $(OBJ_D)/md5_one.o $(OBJ_D)/sha_dgst.o \ - $(OBJ_D)/sha1dgst.o $(OBJ_D)/sha_one.o $(OBJ_D)/sha1_one.o \ - $(OBJ_D)/mdc2dgst.o $(OBJ_D)/mdc2_one.o $(OBJ_D)/hmac.o \ - $(OBJ_D)/rmd_dgst.o $(OBJ_D)/rmd_one.o $(OBJ_D)/set_key.o \ - $(OBJ_D)/ecb_enc.o $(OBJ_D)/cbc_enc.o $(OBJ_D)/ecb3_enc.o \ - $(OBJ_D)/cfb64enc.o $(OBJ_D)/cfb64ede.o $(OBJ_D)/cfb_enc.o \ - $(OBJ_D)/ofb64ede.o $(OBJ_D)/enc_read.o $(OBJ_D)/enc_writ.o \ - $(OBJ_D)/ofb64enc.o $(OBJ_D)/ofb_enc.o $(OBJ_D)/str2key.o \ - $(OBJ_D)/pcbc_enc.o $(OBJ_D)/qud_cksm.o $(OBJ_D)/rand_key.o \ - $(OBJ_D)/des_enc.o $(OBJ_D)/fcrypt_b.o $(OBJ_D)/read2pwd.o \ - $(OBJ_D)/fcrypt.o $(OBJ_D)/xcbc_enc.o $(OBJ_D)/read_pwd.o \ - $(OBJ_D)/rpc_enc.o $(OBJ_D)/cbc_cksm.o $(OBJ_D)/supp.o \ - $(OBJ_D)/rc2_ecb.o $(OBJ_D)/rc2_skey.o $(OBJ_D)/rc2_cbc.o \ - $(OBJ_D)/rc2cfb64.o $(OBJ_D)/rc2ofb64.o $(OBJ_D)/rc4_skey.o \ - $(OBJ_D)/rc4_enc.o $(OBJ_D)/rc5_skey.o $(OBJ_D)/rc5_ecb.o \ - $(OBJ_D)/rc5_enc.o $(OBJ_D)/rc5cfb64.o $(OBJ_D)/rc5ofb64.o \ - $(OBJ_D)/i_cbc.o $(OBJ_D)/i_cfb64.o $(OBJ_D)/i_ofb64.o \ - $(OBJ_D)/i_ecb.o $(OBJ_D)/i_skey.o $(OBJ_D)/bf_skey.o \ - $(OBJ_D)/bf_ecb.o $(OBJ_D)/bf_enc.o $(OBJ_D)/bf_cfb64.o \ - $(OBJ_D)/bf_ofb64.o $(OBJ_D)/c_skey.o $(OBJ_D)/c_ecb.o \ - $(OBJ_D)/c_enc.o $(OBJ_D)/c_cfb64.o $(OBJ_D)/c_ofb64.o \ - $(OBJ_D)/bn_add.o $(OBJ_D)/bn_div.o $(OBJ_D)/bn_exp.o \ - $(OBJ_D)/bn_lib.o $(OBJ_D)/bn_mod.o $(OBJ_D)/bn_mul.o \ + $(OBJ_D)/tmdiff.o $(OBJ_D)/cpt_err.o $(OBJ_D)/md2_dgst.o \ + $(OBJ_D)/md2_one.o $(OBJ_D)/md5_dgst.o $(OBJ_D)/md5_one.o \ + $(OBJ_D)/sha_dgst.o $(OBJ_D)/sha1dgst.o $(OBJ_D)/sha_one.o \ + $(OBJ_D)/sha1_one.o $(OBJ_D)/mdc2dgst.o $(OBJ_D)/mdc2_one.o \ + $(OBJ_D)/hmac.o $(OBJ_D)/rmd_dgst.o $(OBJ_D)/rmd_one.o \ + $(OBJ_D)/set_key.o $(OBJ_D)/ecb_enc.o $(OBJ_D)/cbc_enc.o \ + $(OBJ_D)/ecb3_enc.o $(OBJ_D)/cfb64enc.o $(OBJ_D)/cfb64ede.o \ + $(OBJ_D)/cfb_enc.o $(OBJ_D)/ofb64ede.o $(OBJ_D)/enc_read.o \ + $(OBJ_D)/enc_writ.o $(OBJ_D)/ofb64enc.o $(OBJ_D)/ofb_enc.o \ + $(OBJ_D)/str2key.o $(OBJ_D)/pcbc_enc.o $(OBJ_D)/qud_cksm.o \ + $(OBJ_D)/rand_key.o $(OBJ_D)/des_enc.o $(OBJ_D)/fcrypt_b.o \ + $(OBJ_D)/read2pwd.o $(OBJ_D)/fcrypt.o $(OBJ_D)/xcbc_enc.o \ + $(OBJ_D)/read_pwd.o $(OBJ_D)/rpc_enc.o $(OBJ_D)/cbc_cksm.o \ + $(OBJ_D)/supp.o $(OBJ_D)/rc2_ecb.o $(OBJ_D)/rc2_skey.o \ + $(OBJ_D)/rc2_cbc.o $(OBJ_D)/rc2cfb64.o $(OBJ_D)/rc2ofb64.o \ + $(OBJ_D)/rc4_skey.o $(OBJ_D)/rc4_enc.o $(OBJ_D)/rc5_skey.o \ + $(OBJ_D)/rc5_ecb.o $(OBJ_D)/rc5_enc.o $(OBJ_D)/rc5cfb64.o \ + $(OBJ_D)/rc5ofb64.o $(OBJ_D)/i_cbc.o $(OBJ_D)/i_cfb64.o \ + $(OBJ_D)/i_ofb64.o $(OBJ_D)/i_ecb.o $(OBJ_D)/i_skey.o \ + $(OBJ_D)/bf_skey.o $(OBJ_D)/bf_ecb.o $(OBJ_D)/bf_enc.o \ + $(OBJ_D)/bf_cfb64.o $(OBJ_D)/bf_ofb64.o $(OBJ_D)/c_skey.o \ + $(OBJ_D)/c_ecb.o $(OBJ_D)/c_enc.o $(OBJ_D)/c_cfb64.o \ + $(OBJ_D)/c_ofb64.o $(OBJ_D)/bn_add.o $(OBJ_D)/bn_div.o \ + $(OBJ_D)/bn_exp.o $(OBJ_D)/bn_lib.o $(OBJ_D)/bn_mul.o \ $(OBJ_D)/bn_print.o $(OBJ_D)/bn_rand.o $(OBJ_D)/bn_shift.o \ - $(OBJ_D)/bn_sub.o $(OBJ_D)/bn_word.o $(OBJ_D)/bn_blind.o \ - $(OBJ_D)/bn_gcd.o $(OBJ_D)/bn_prime.o $(OBJ_D)/bn_err.o \ - $(OBJ_D)/bn_sqr.o $(OBJ_D)/bn_mulw.o $(OBJ_D)/bn_recp.o \ - $(OBJ_D)/bn_mont.o $(OBJ_D)/bn_mpi.o $(OBJ_D)/rsa_eay.o \ + $(OBJ_D)/bn_word.o $(OBJ_D)/bn_blind.o $(OBJ_D)/bn_gcd.o \ + $(OBJ_D)/bn_prime.o $(OBJ_D)/bn_err.o $(OBJ_D)/bn_sqr.o \ + $(OBJ_D)/bn_asm.o $(OBJ_D)/bn_recp.o $(OBJ_D)/bn_mont.o \ + $(OBJ_D)/bn_mpi.o $(OBJ_D)/bn_exp2.o $(OBJ_D)/rsa_eay.o \ $(OBJ_D)/rsa_gen.o $(OBJ_D)/rsa_lib.o $(OBJ_D)/rsa_sign.o \ $(OBJ_D)/rsa_saos.o $(OBJ_D)/rsa_err.o $(OBJ_D)/rsa_pk1.o \ $(OBJ_D)/rsa_ssl.o $(OBJ_D)/rsa_none.o $(OBJ_D)/dsa_gen.o \ @@ -201,9 +202,10 @@ CRYPTOOBJ=$(OBJ_D)/cryptlib.o \ $(OBJ_D)/bss_file.o $(OBJ_D)/bss_sock.o $(OBJ_D)/bss_conn.o \ $(OBJ_D)/bf_null.o $(OBJ_D)/bf_buff.o $(OBJ_D)/b_print.o \ $(OBJ_D)/b_dump.o $(OBJ_D)/b_sock.o $(OBJ_D)/bss_acpt.o \ - $(OBJ_D)/bf_nbio.o $(OBJ_D)/stack.o $(OBJ_D)/lhash.o \ - $(OBJ_D)/lh_stats.o $(OBJ_D)/md_rand.o $(OBJ_D)/randfile.o \ - $(OBJ_D)/err.o $(OBJ_D)/err_all.o $(OBJ_D)/err_prn.o \ + $(OBJ_D)/bf_nbio.o $(OBJ_D)/bss_cs4a.o $(OBJ_D)/stack.o \ + $(OBJ_D)/lhash.o $(OBJ_D)/lh_stats.o $(OBJ_D)/md_rand.o \ + $(OBJ_D)/randfile.o $(OBJ_D)/rand_lib.o $(OBJ_D)/err.o \ + $(OBJ_D)/err_all.o $(OBJ_D)/err_prn.o $(OBJ_D)/o_names.o \ $(OBJ_D)/obj_dat.o $(OBJ_D)/obj_lib.o $(OBJ_D)/obj_err.o \ $(OBJ_D)/encode.o $(OBJ_D)/digest.o $(OBJ_D)/evp_enc.o \ $(OBJ_D)/evp_key.o $(OBJ_D)/e_ecb_d.o $(OBJ_D)/e_cbc_d.o \ @@ -230,35 +232,38 @@ CRYPTOOBJ=$(OBJ_D)/cryptlib.o \ $(OBJ_D)/a_utctm.o $(OBJ_D)/a_int.o $(OBJ_D)/a_octet.o \ $(OBJ_D)/a_print.o $(OBJ_D)/a_type.o $(OBJ_D)/a_set.o \ $(OBJ_D)/a_dup.o $(OBJ_D)/a_d2i_fp.o $(OBJ_D)/a_i2d_fp.o \ - $(OBJ_D)/a_sign.o $(OBJ_D)/a_digest.o $(OBJ_D)/a_verify.o \ - $(OBJ_D)/x_algor.o $(OBJ_D)/x_val.o $(OBJ_D)/x_pubkey.o \ - $(OBJ_D)/x_sig.o $(OBJ_D)/x_req.o $(OBJ_D)/x_attrib.o \ - $(OBJ_D)/x_name.o $(OBJ_D)/x_cinf.o $(OBJ_D)/x_x509.o \ - $(OBJ_D)/x_crl.o $(OBJ_D)/x_info.o $(OBJ_D)/x_spki.o \ - $(OBJ_D)/d2i_r_pr.o $(OBJ_D)/i2d_r_pr.o $(OBJ_D)/d2i_r_pu.o \ - $(OBJ_D)/i2d_r_pu.o $(OBJ_D)/d2i_s_pr.o $(OBJ_D)/i2d_s_pr.o \ - $(OBJ_D)/d2i_s_pu.o $(OBJ_D)/i2d_s_pu.o $(OBJ_D)/d2i_pu.o \ - $(OBJ_D)/d2i_pr.o $(OBJ_D)/i2d_pu.o $(OBJ_D)/i2d_pr.o \ - $(OBJ_D)/t_req.o $(OBJ_D)/t_x509.o $(OBJ_D)/t_pkey.o \ - $(OBJ_D)/p7_i_s.o $(OBJ_D)/p7_signi.o $(OBJ_D)/p7_signd.o \ - $(OBJ_D)/p7_recip.o $(OBJ_D)/p7_enc_c.o $(OBJ_D)/p7_evp.o \ - $(OBJ_D)/p7_dgst.o $(OBJ_D)/p7_s_e.o $(OBJ_D)/p7_enc.o \ - $(OBJ_D)/p7_lib.o $(OBJ_D)/f_int.o $(OBJ_D)/f_string.o \ - $(OBJ_D)/i2d_dhp.o $(OBJ_D)/i2d_dsap.o $(OBJ_D)/d2i_dhp.o \ - $(OBJ_D)/d2i_dsap.o $(OBJ_D)/n_pkey.o $(OBJ_D)/a_hdr.o \ - $(OBJ_D)/x_pkey.o $(OBJ_D)/a_bool.o $(OBJ_D)/x_exten.o \ - $(OBJ_D)/asn1_par.o $(OBJ_D)/asn1_lib.o $(OBJ_D)/asn1_err.o \ - $(OBJ_D)/a_meth.o $(OBJ_D)/a_bytes.o $(OBJ_D)/evp_asn1.o \ - $(OBJ_D)/x509_def.o $(OBJ_D)/x509_d2.o $(OBJ_D)/x509_r2x.o \ - $(OBJ_D)/x509_cmp.o $(OBJ_D)/x509_obj.o $(OBJ_D)/x509_req.o \ - $(OBJ_D)/x509_vfy.o $(OBJ_D)/x509_set.o $(OBJ_D)/x509rset.o \ - $(OBJ_D)/x509_err.o $(OBJ_D)/x509name.o $(OBJ_D)/x509_v3.o \ - $(OBJ_D)/x509_ext.o $(OBJ_D)/x509pack.o $(OBJ_D)/x509type.o \ - $(OBJ_D)/x509_lu.o $(OBJ_D)/x_all.o $(OBJ_D)/x509_txt.o \ - $(OBJ_D)/by_file.o $(OBJ_D)/by_dir.o $(OBJ_D)/v3_net.o \ - $(OBJ_D)/v3_x509.o $(OBJ_D)/conf.o $(OBJ_D)/conf_err.o \ - $(OBJ_D)/txt_db.o $(OBJ_D)/pk7_lib.o $(OBJ_D)/pkcs7err.o \ - $(OBJ_D)/pk7_doit.o + $(OBJ_D)/a_bmp.o $(OBJ_D)/a_sign.o $(OBJ_D)/a_digest.o \ + $(OBJ_D)/a_verify.o $(OBJ_D)/x_algor.o $(OBJ_D)/x_val.o \ + $(OBJ_D)/x_pubkey.o $(OBJ_D)/x_sig.o $(OBJ_D)/x_req.o \ + $(OBJ_D)/x_attrib.o $(OBJ_D)/x_name.o $(OBJ_D)/x_cinf.o \ + $(OBJ_D)/x_x509.o $(OBJ_D)/x_crl.o $(OBJ_D)/x_info.o \ + $(OBJ_D)/x_spki.o $(OBJ_D)/d2i_r_pr.o $(OBJ_D)/i2d_r_pr.o \ + $(OBJ_D)/d2i_r_pu.o $(OBJ_D)/i2d_r_pu.o $(OBJ_D)/d2i_s_pr.o \ + $(OBJ_D)/i2d_s_pr.o $(OBJ_D)/d2i_s_pu.o $(OBJ_D)/i2d_s_pu.o \ + $(OBJ_D)/d2i_pu.o $(OBJ_D)/d2i_pr.o $(OBJ_D)/i2d_pu.o \ + $(OBJ_D)/i2d_pr.o $(OBJ_D)/t_req.o $(OBJ_D)/t_x509.o \ + $(OBJ_D)/t_pkey.o $(OBJ_D)/p7_i_s.o $(OBJ_D)/p7_signi.o \ + $(OBJ_D)/p7_signd.o $(OBJ_D)/p7_recip.o $(OBJ_D)/p7_enc_c.o \ + $(OBJ_D)/p7_evp.o $(OBJ_D)/p7_dgst.o $(OBJ_D)/p7_s_e.o \ + $(OBJ_D)/p7_enc.o $(OBJ_D)/p7_lib.o $(OBJ_D)/f_int.o \ + $(OBJ_D)/f_string.o $(OBJ_D)/i2d_dhp.o $(OBJ_D)/i2d_dsap.o \ + $(OBJ_D)/d2i_dhp.o $(OBJ_D)/d2i_dsap.o $(OBJ_D)/n_pkey.o \ + $(OBJ_D)/a_hdr.o $(OBJ_D)/x_pkey.o $(OBJ_D)/a_bool.o \ + $(OBJ_D)/x_exten.o $(OBJ_D)/asn1_par.o $(OBJ_D)/asn1_lib.o \ + $(OBJ_D)/asn1_err.o $(OBJ_D)/a_meth.o $(OBJ_D)/a_bytes.o \ + $(OBJ_D)/evp_asn1.o $(OBJ_D)/x509_def.o $(OBJ_D)/x509_d2.o \ + $(OBJ_D)/x509_r2x.o $(OBJ_D)/x509_cmp.o $(OBJ_D)/x509_obj.o \ + $(OBJ_D)/x509_req.o $(OBJ_D)/x509_vfy.o $(OBJ_D)/x509_set.o \ + $(OBJ_D)/x509rset.o $(OBJ_D)/x509_err.o $(OBJ_D)/x509name.o \ + $(OBJ_D)/x509_v3.o $(OBJ_D)/x509_ext.o $(OBJ_D)/x509pack.o \ + $(OBJ_D)/x509type.o $(OBJ_D)/x509_lu.o $(OBJ_D)/x_all.o \ + $(OBJ_D)/x509_txt.o $(OBJ_D)/by_file.o $(OBJ_D)/by_dir.o \ + $(OBJ_D)/v3_net.o $(OBJ_D)/v3_x509.o $(OBJ_D)/conf.o \ + $(OBJ_D)/conf_err.o $(OBJ_D)/txt_db.o $(OBJ_D)/pk7_lib.o \ + $(OBJ_D)/pkcs7err.o $(OBJ_D)/pk7_doit.o $(OBJ_D)/proxy.o \ + $(OBJ_D)/pxy_txt.o $(OBJ_D)/bf_proxy.o $(OBJ_D)/pxy_conf.o \ + $(OBJ_D)/pxy_err.o $(OBJ_D)/comp_lib.o $(OBJ_D)/c_rle.o \ + $(OBJ_D)/c_zlib.o SSLOBJ=$(OBJ_D)/s2_meth.o \ $(OBJ_D)/s2_srvr.o $(OBJ_D)/s2_clnt.o $(OBJ_D)/s2_lib.o \ @@ -272,7 +277,7 @@ SSLOBJ=$(OBJ_D)/s2_meth.o \ $(OBJ_D)/ssl_cert.o $(OBJ_D)/ssl_sess.o $(OBJ_D)/ssl_ciph.o \ $(OBJ_D)/ssl_stat.o $(OBJ_D)/ssl_rsa.o $(OBJ_D)/ssl_asn1.o \ $(OBJ_D)/ssl_txt.o $(OBJ_D)/ssl_algs.o $(OBJ_D)/bio_ssl.o \ - $(OBJ_D)/ssl_err.o + $(OBJ_D)/pxy_ssl.o $(OBJ_D)/ssl_err.o RSAGLUEOBJ=$(OBJ_D)/rsaref.o \ $(OBJ_D)/rsar_err.o @@ -432,6 +437,9 @@ $(INC_D)/crypto.h: $(SRC_D)/crypto/crypto.h $(INC_D)/cryptall.h: $(SRC_D)/crypto/cryptall.h $(CP) $(SRC_D)/crypto/cryptall.h $(INC_D)/cryptall.h +$(INC_D)/tmdiff.h: $(SRC_D)/crypto/tmdiff.h + $(CP) $(SRC_D)/crypto/tmdiff.h $(INC_D)/tmdiff.h + $(INC_D)/md2.h: $(SRC_D)/crypto/md2/md2.h $(CP) $(SRC_D)/crypto/md2/md2.h $(INC_D)/md2.h @@ -534,6 +542,12 @@ $(INC_D)/txt_db.h: $(SRC_D)/crypto/txt_db/txt_db.h $(INC_D)/pkcs7.h: $(SRC_D)/crypto/pkcs7/pkcs7.h $(CP) $(SRC_D)/crypto/pkcs7/pkcs7.h $(INC_D)/pkcs7.h +$(INC_D)/proxy.h: $(SRC_D)/crypto/proxy/proxy.h + $(CP) $(SRC_D)/crypto/proxy/proxy.h $(INC_D)/proxy.h + +$(INC_D)/comp.h: $(SRC_D)/crypto/comp/comp.h + $(CP) $(SRC_D)/crypto/comp/comp.h $(INC_D)/comp.h + $(INC_D)/ssl.h: $(SRC_D)/ssl/ssl.h $(CP) $(SRC_D)/ssl/ssl.h $(INC_D)/ssl.h @@ -681,6 +695,9 @@ $(OBJ_D)/s_cb.o: $(SRC_D)/apps/s_cb.c $(OBJ_D)/s_socket.o: $(SRC_D)/apps/s_socket.c $(CC) -o $(OBJ_D)/s_socket.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/s_socket.c +$(OBJ_D)/bf_perm.o: $(SRC_D)/apps/bf_perm.c + $(CC) -o $(OBJ_D)/bf_perm.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/bf_perm.c + $(OBJ_D)/version.o: $(SRC_D)/apps/version.c $(CC) -o $(OBJ_D)/version.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/version.c @@ -700,11 +717,14 @@ $(OBJ_D)/mem.o: $(SRC_D)/crypto/mem.c $(CC) -o $(OBJ_D)/mem.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/mem.c $(OBJ_D)/cversion.o: $(SRC_D)/crypto/cversion.c - $(CC) -o $(OBJ_D)/cversion.o $(LIB_CFLAGS) -DCFLAGS="\"$(CC) $(CFLAG)\"" -c $(SRC_D)/crypto/cversion.c + $(CC) -o $(OBJ_D)/cversion.o $(LIB_CFLAGS) -DCFLAGS="\"$(CC) $(CFLAG)\"" -DPLATFORM="\"$(PLATFORM)\"" -c $(SRC_D)/crypto/cversion.c $(OBJ_D)/ex_data.o: $(SRC_D)/crypto/ex_data.c $(CC) -o $(OBJ_D)/ex_data.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/ex_data.c +$(OBJ_D)/tmdiff.o: $(SRC_D)/crypto/tmdiff.c + $(CC) -o $(OBJ_D)/tmdiff.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/tmdiff.c + $(OBJ_D)/cpt_err.o: $(SRC_D)/crypto/cpt_err.c $(CC) -o $(OBJ_D)/cpt_err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/cpt_err.c @@ -915,9 +935,6 @@ $(OBJ_D)/bn_exp.o: $(SRC_D)/crypto/bn/bn_exp.c $(OBJ_D)/bn_lib.o: $(SRC_D)/crypto/bn/bn_lib.c $(CC) -o $(OBJ_D)/bn_lib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_lib.c -$(OBJ_D)/bn_mod.o: $(SRC_D)/crypto/bn/bn_mod.c - $(CC) -o $(OBJ_D)/bn_mod.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_mod.c - $(OBJ_D)/bn_mul.o: $(SRC_D)/crypto/bn/bn_mul.c $(CC) -o $(OBJ_D)/bn_mul.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_mul.c @@ -930,9 +947,6 @@ $(OBJ_D)/bn_rand.o: $(SRC_D)/crypto/bn/bn_rand.c $(OBJ_D)/bn_shift.o: $(SRC_D)/crypto/bn/bn_shift.c $(CC) -o $(OBJ_D)/bn_shift.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_shift.c -$(OBJ_D)/bn_sub.o: $(SRC_D)/crypto/bn/bn_sub.c - $(CC) -o $(OBJ_D)/bn_sub.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_sub.c - $(OBJ_D)/bn_word.o: $(SRC_D)/crypto/bn/bn_word.c $(CC) -o $(OBJ_D)/bn_word.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_word.c @@ -951,8 +965,8 @@ $(OBJ_D)/bn_err.o: $(SRC_D)/crypto/bn/bn_err.c $(OBJ_D)/bn_sqr.o: $(SRC_D)/crypto/bn/bn_sqr.c $(CC) -o $(OBJ_D)/bn_sqr.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_sqr.c -$(OBJ_D)/bn_mulw.o: $(SRC_D)/crypto/bn/bn_mulw.c - $(CC) -o $(OBJ_D)/bn_mulw.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_mulw.c +$(OBJ_D)/bn_asm.o: $(SRC_D)/crypto/bn/bn_asm.c + $(CC) -o $(OBJ_D)/bn_asm.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_asm.c $(OBJ_D)/bn_recp.o: $(SRC_D)/crypto/bn/bn_recp.c $(CC) -o $(OBJ_D)/bn_recp.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_recp.c @@ -963,6 +977,9 @@ $(OBJ_D)/bn_mont.o: $(SRC_D)/crypto/bn/bn_mont.c $(OBJ_D)/bn_mpi.o: $(SRC_D)/crypto/bn/bn_mpi.c $(CC) -o $(OBJ_D)/bn_mpi.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_mpi.c +$(OBJ_D)/bn_exp2.o: $(SRC_D)/crypto/bn/bn_exp2.c + $(CC) -o $(OBJ_D)/bn_exp2.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_exp2.c + $(OBJ_D)/rsa_eay.o: $(SRC_D)/crypto/rsa/rsa_eay.c $(CC) -o $(OBJ_D)/rsa_eay.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rsa/rsa_eay.c @@ -1077,6 +1094,9 @@ $(OBJ_D)/bss_acpt.o: $(SRC_D)/crypto/bio/bss_acpt.c $(OBJ_D)/bf_nbio.o: $(SRC_D)/crypto/bio/bf_nbio.c $(CC) -o $(OBJ_D)/bf_nbio.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bf_nbio.c +$(OBJ_D)/bss_cs4a.o: $(SRC_D)/crypto/bio/bss_cs4a.c + $(CC) -o $(OBJ_D)/bss_cs4a.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bss_cs4a.c + $(OBJ_D)/stack.o: $(SRC_D)/crypto/stack/stack.c $(CC) -o $(OBJ_D)/stack.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/stack/stack.c @@ -1092,6 +1112,9 @@ $(OBJ_D)/md_rand.o: $(SRC_D)/crypto/rand/md_rand.c $(OBJ_D)/randfile.o: $(SRC_D)/crypto/rand/randfile.c $(CC) -o $(OBJ_D)/randfile.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rand/randfile.c +$(OBJ_D)/rand_lib.o: $(SRC_D)/crypto/rand/rand_lib.c + $(CC) -o $(OBJ_D)/rand_lib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rand/rand_lib.c + $(OBJ_D)/err.o: $(SRC_D)/crypto/err/err.c $(CC) -o $(OBJ_D)/err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/err/err.c @@ -1101,6 +1124,9 @@ $(OBJ_D)/err_all.o: $(SRC_D)/crypto/err/err_all.c $(OBJ_D)/err_prn.o: $(SRC_D)/crypto/err/err_prn.c $(CC) -o $(OBJ_D)/err_prn.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/err/err_prn.c +$(OBJ_D)/o_names.o: $(SRC_D)/crypto/objects/o_names.c + $(CC) -o $(OBJ_D)/o_names.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/objects/o_names.c + $(OBJ_D)/obj_dat.o: $(SRC_D)/crypto/objects/obj_dat.c $(CC) -o $(OBJ_D)/obj_dat.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/objects/obj_dat.c @@ -1335,6 +1361,9 @@ $(OBJ_D)/a_d2i_fp.o: $(SRC_D)/crypto/asn1/a_d2i_fp.c $(OBJ_D)/a_i2d_fp.o: $(SRC_D)/crypto/asn1/a_i2d_fp.c $(CC) -o $(OBJ_D)/a_i2d_fp.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_i2d_fp.c +$(OBJ_D)/a_bmp.o: $(SRC_D)/crypto/asn1/a_bmp.c + $(CC) -o $(OBJ_D)/a_bmp.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_bmp.c + $(OBJ_D)/a_sign.o: $(SRC_D)/crypto/asn1/a_sign.c $(CC) -o $(OBJ_D)/a_sign.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_sign.c @@ -1590,6 +1619,30 @@ $(OBJ_D)/pkcs7err.o: $(SRC_D)/crypto/pkcs7/pkcs7err.c $(OBJ_D)/pk7_doit.o: $(SRC_D)/crypto/pkcs7/pk7_doit.c $(CC) -o $(OBJ_D)/pk7_doit.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/pkcs7/pk7_doit.c +$(OBJ_D)/proxy.o: $(SRC_D)/crypto/proxy/proxy.c + $(CC) -o $(OBJ_D)/proxy.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/proxy/proxy.c + +$(OBJ_D)/pxy_txt.o: $(SRC_D)/crypto/proxy/pxy_txt.c + $(CC) -o $(OBJ_D)/pxy_txt.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/proxy/pxy_txt.c + +$(OBJ_D)/bf_proxy.o: $(SRC_D)/crypto/proxy/bf_proxy.c + $(CC) -o $(OBJ_D)/bf_proxy.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/proxy/bf_proxy.c + +$(OBJ_D)/pxy_conf.o: $(SRC_D)/crypto/proxy/pxy_conf.c + $(CC) -o $(OBJ_D)/pxy_conf.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/proxy/pxy_conf.c + +$(OBJ_D)/pxy_err.o: $(SRC_D)/crypto/proxy/pxy_err.c + $(CC) -o $(OBJ_D)/pxy_err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/proxy/pxy_err.c + +$(OBJ_D)/comp_lib.o: $(SRC_D)/crypto/comp/comp_lib.c + $(CC) -o $(OBJ_D)/comp_lib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/comp/comp_lib.c + +$(OBJ_D)/c_rle.o: $(SRC_D)/crypto/comp/c_rle.c + $(CC) -o $(OBJ_D)/c_rle.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/comp/c_rle.c + +$(OBJ_D)/c_zlib.o: $(SRC_D)/crypto/comp/c_zlib.c + $(CC) -o $(OBJ_D)/c_zlib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/comp/c_zlib.c + $(OBJ_D)/s2_meth.o: $(SRC_D)/ssl/s2_meth.c $(CC) -o $(OBJ_D)/s2_meth.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s2_meth.c @@ -1692,6 +1745,9 @@ $(OBJ_D)/ssl_algs.o: $(SRC_D)/ssl/ssl_algs.c $(OBJ_D)/bio_ssl.o: $(SRC_D)/ssl/bio_ssl.c $(CC) -o $(OBJ_D)/bio_ssl.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/bio_ssl.c +$(OBJ_D)/pxy_ssl.o: $(SRC_D)/ssl/pxy_ssl.c + $(CC) -o $(OBJ_D)/pxy_ssl.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/pxy_ssl.c + $(OBJ_D)/ssl_err.o: $(SRC_D)/ssl/ssl_err.c $(CC) -o $(OBJ_D)/ssl_err.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_err.c @@ -1761,20 +1817,20 @@ $(TEST_D)/randtest: $(OBJ_D)/randtest.o $(LIBS_DEP) $(TEST_D)/ssltest: $(OBJ_D)/ssltest.o $(LIBS_DEP) $(LINK) -o $(TEST_D)/ssltest $(LFLAGS) $(OBJ_D)/ssltest.o $(L_LIBS) $(EX_LIBS) -$(LIB_D)/$(O_SSL): $(SSLOBJ) - $(RM) $(LIB_D)/$(O_SSL) - $(MKLIB) $(LIB_D)/$(O_SSL) $(SSLOBJ) - $(RANLIB) $(LIB_D)/$(O_SSL) +$(O_SSL): $(SSLOBJ) + $(RM) $(O_SSL) + $(MKLIB) $(O_SSL) $(SSLOBJ) + $(RANLIB) $(O_SSL) -$(LIB_D)/$(O_RSAGLUE): $(RSAGLUEOBJ) - $(RM) $(LIB_D)/$(O_RSAGLUE) - $(MKLIB) $(LIB_D)/$(O_RSAGLUE) $(RSAGLUEOBJ) - $(RANLIB) $(LIB_D)/$(O_RSAGLUE) +$(O_RSAGLUE): $(RSAGLUEOBJ) + $(RM) $(O_RSAGLUE) + $(MKLIB) $(O_RSAGLUE) $(RSAGLUEOBJ) + $(RANLIB) $(O_RSAGLUE) -$(LIB_D)/$(O_CRYPTO): $(CRYPTOOBJ) - $(RM) $(LIB_D)/$(O_CRYPTO) - $(MKLIB) $(LIB_D)/$(O_CRYPTO) $(CRYPTOOBJ) - $(RANLIB) $(LIB_D)/$(O_CRYPTO) +$(O_CRYPTO): $(CRYPTOOBJ) + $(RM) $(O_CRYPTO) + $(MKLIB) $(O_CRYPTO) $(CRYPTOOBJ) + $(RANLIB) $(O_CRYPTO) $(BIN_D)/$(E_EXE): $(E_OBJ) $(LIBS_DEP) $(LINK) -o $(BIN_D)/$(E_EXE) $(LFLAGS) $(E_OBJ) $(L_LIBS) $(EX_LIBS) diff --git a/ms/certCA.srl b/ms/certCA.srl index d6b24041c..2cfaa3ba2 100644 --- a/ms/certCA.srl +++ b/ms/certCA.srl @@ -1 +1 @@ -19 +1D diff --git a/ms/certCA.ss b/ms/certCA.ss index 6bfccc7c4..b48c657ae 100644 --- a/ms/certCA.ss +++ b/ms/certCA.ss @@ -1,10 +1,10 @@ -----BEGIN CERTIFICATE----- MIIBXDCCAQYCAQAwDQYJKoZIhvcNAQEEBQAwOTELMAkGA1UEBhMCQVUxFzAVBgNV -BAoTDkRvZGd5IEJyb3RoZXJzMREwDwYDVQQDEwhEb2RneSBDQTAeFw05NzExMjgw -MDA3MzBaFw05NzEyMjgwMDA3MzBaMDkxCzAJBgNVBAYTAkFVMRcwFQYDVQQKEw5E +BAoTDkRvZGd5IEJyb3RoZXJzMREwDwYDVQQDEwhEb2RneSBDQTAeFw05ODA3MjEw +NjUwMTZaFw05ODA4MjAwNjUwMTZaMDkxCzAJBgNVBAYTAkFVMRcwFQYDVQQKEw5E b2RneSBCcm90aGVyczERMA8GA1UEAxMIRG9kZ3kgQ0EwXDANBgkqhkiG9w0BAQEF -AANLADBIAkEAwOKExbdfKLemEMGOKeBgqI3abJE9yzf3WhrPcQLRAyM85YPxk0DQ -YWwhEh9i2BxGWYAZ7Krv1EqdsViCQBGuBQIDAQABMA0GCSqGSIb3DQEBBAUAA0EA -VXYhZ1FnfBFIjHiYV8PD4uQuVJLhNa2q3cSWX1HTHfbrAPa/lMSUWuWcYwD3lBeb -D69W77B0LqAfVajBQwbXkQ== +AANLADBIAkEA0DQLenM/ncK6CwSEJhOO1WfZUPUEi4pvos9fHW459jh3rRDADgi3 +fiCYxoRVSQhvB47kDZ3ViNg5yrDhy7F9ywIDAQABMA0GCSqGSIb3DQEBBAUAA0EA +S564l3SBxJ+QcIXthGGDyP5zkxTf/1fHfelW9LNgu6lZTdy9Dlp/NecPekzRmZEM +WiGXGkKNeuo8PsnGJHP9Qg== -----END CERTIFICATE----- diff --git a/ms/certU.ss b/ms/certU.ss index 6a0302ed1..095ea1433 100644 --- a/ms/certU.ss +++ b/ms/certU.ss @@ -1,10 +1,10 @@ -----BEGIN CERTIFICATE----- -MIIBcTCCARsCARgwDQYJKoZIhvcNAQEEBQAwOTELMAkGA1UEBhMCQVUxFzAVBgNV -BAoTDkRvZGd5IEJyb3RoZXJzMREwDwYDVQQDEwhEb2RneSBDQTAeFw05NzExMjgw -MDA3MzRaFw05NzEyMjgwMDA3MzRaME4xCzAJBgNVBAYTAkFVMRcwFQYDVQQKEw5E +MIIBcTCCARsCARwwDQYJKoZIhvcNAQEEBQAwOTELMAkGA1UEBhMCQVUxFzAVBgNV +BAoTDkRvZGd5IEJyb3RoZXJzMREwDwYDVQQDEwhEb2RneSBDQTAeFw05ODA3MjEw +NjUwMjdaFw05ODA4MjAwNjUwMjdaME4xCzAJBgNVBAYTAkFVMRcwFQYDVQQKEw5E b2RneSBCcm90aGVyczESMBAGA1UEAxMJQnJvdGhlciAxMRIwEAYDVQQDEwlCcm90 -aGVyIDIwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAyfgRHCZvlyq9yiQisWmetnpb -DZMhZB+HjuxQxp3gEpI7P8q5Z5tXIU5+OFAfIRkRdMGa/UK+NVg7AJ6UYyIR3wID -AQABMA0GCSqGSIb3DQEBBAUAA0EAgH3htGAw6tMcZYANofqYr96RhjnxzCGZkUq3 -SH9thHUBywcXQo6BUpGxUXFExW4NA2f49OWQxf8kYrVAXHcCsA== +aGVyIDIwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA0e4qorOr/zuLB9NvRaXhJVaI +HaGGasa7eMAjVPitWAXkN+DxXiGH1CnMgQraKiYzsEVP15xtxkevEvK5jJpOwwID +AQABMA0GCSqGSIb3DQEBBAUAA0EAZhcPV+SWwaszFuDTYc6fUurcV9OeXUqoxSQy +MnLZPTyWubHbbkUr9fUfdf7Cc7dFqGzag05VHkNQUS9VjMzjIQ== -----END CERTIFICATE----- diff --git a/ms/keyCA.ss b/ms/keyCA.ss index 9ed3e7dc4..933c2cd6e 100644 --- a/ms/keyCA.ss +++ b/ms/keyCA.ss @@ -1,9 +1,9 @@ -----BEGIN RSA PRIVATE KEY----- -MIIBOwIBAAJBAMDihMW3Xyi3phDBjingYKiN2myRPcs391oaz3EC0QMjPOWD8ZNA -0GFsIRIfYtgcRlmAGeyq79RKnbFYgkARrgUCAwEAAQJAGEWo/ZRoth/+Fse0kxJ4 -N126acURKJx/VOhgyFDZanJxxwhaXRRkZZfXgFP5StY2lAOrcuMnsDjc8XYNrvcE -wQIhAOXcIp0eZfoPAAuhoQ2bd94dg8QX+8Hv38oJBUuduTs1AiEA1tHvlMrRC1dp -mPUWooFaRFfadFvCMJy5ouGQ24bKMZECIB1YiHbEvcI6DghuHzCsi5Yo8HyljzfI -VyrlEe8AePiNAiEAv6Hxpnsy9noZAlEIyxi3TKZOg2Rjm/gDhfDQx3S7pHECIQDC -R6w+uHZzVJ50/kNh3mJow2W2+Rffkk2hcM4r5Sf4Vg== +MIIBOwIBAAJBANA0C3pzP53CugsEhCYTjtVn2VD1BIuKb6LPXx1uOfY4d60QwA4I +t34gmMaEVUkIbweO5A2d1YjYOcqw4cuxfcsCAwEAAQJAOT9WOKEfyN0WEpl3TJDs +ITmgw2XbjhLOh1HFsW3xegWlaOuhL/wGamz7n7zzL/RQF3JP/VvpGk2F8VD9JhwT +wQIhAPmqM3fLttBoCQuwQRdIPfB7Ps3THqx6N8AJ04z3I1ejAiEA1XyDd7bLpWrw +/oA8CmR4b/KCGfvRwAL/Qej/rQliw7kCIQCYRzSvO8ScpuflhjKdZcXJuRJcbgnG +f6Ejc5rh3xdiawIhALMmLdzEFNjXiSzIx5mg/kBTLUJIw5dx7GqO8B9xBORhAiA5 +oTN/hgvvrkkmRsHQpNBmzAEGBzhMEEq9lD6ZWrTSRg== -----END RSA PRIVATE KEY----- diff --git a/ms/keyU.ss b/ms/keyU.ss index ab6287619..05d356e7a 100644 --- a/ms/keyU.ss +++ b/ms/keyU.ss @@ -1,9 +1,9 @@ -----BEGIN RSA PRIVATE KEY----- -MIIBOgIBAAJBAMn4ERwmb5cqvcokIrFpnrZ6Ww2TIWQfh47sUMad4BKSOz/KuWeb -VyFOfjhQHyEZEXTBmv1CvjVYOwCelGMiEd8CAwEAAQJAEu/4orwT4Ie4bfi/bAUs -RY3pdbdi/SFbs5IC7OymsvbqO/J5/6lTLKX/CFUvXjbpd922jfNMQzdalOfZ7R+K -aQIhAP9DOq6eFRbNqzxxDadOOSLFEcWBZwzIX12zoPgxarPDAiEAyo1tF3zbU93G -WQ1yjlhXYm07VdoZV0CUI6dKkB0ok7UCIEmiQhZHAbxfPcskrZSaiv7NrE+2AVz9 -nAzymTefQbFzAiAFCODmTY8yFXghrIjlauK5Kpfn+WTZ21wTSsw6qs7gZQIhAK2l -vwdD73PZSW928dZ9VoV7Dh7Klflf6J+xrJIibP7z +MIIBPAIBAAJBANHuKqKzq/87iwfTb0Wl4SVWiB2hhmrGu3jAI1T4rVgF5Dfg8V4h +h9QpzIEK2iomM7BFT9ecbcZHrxLyuYyaTsMCAwEAAQJBAIxtM6n4ZCJscxj+D13Y +k13Fn3Gqvd6pJ3ijlj7dxh6tRBBQ3W9qmQflyvEc81giI2XtbVYBOEJKtJ1cWWZm +gAkCIQDpEoOuc4KCI5ti6aMJvtxlXWNHbkXCxtbeIjH4+FnH9QIhAOaU3XVeWWOK +PnnO87KniDjHQqWLnooivDGRK+FUKeDXAiEA2MjEvFVqFVvDIsxHPkBNROcI+Z6i +ulkx76kErBtrfqUCIHN5uBLQZmngUPuFtiwRlLoCqJDphENfs+oK7vPQx4xPAiEA +hnY2Ulrpld83IG6bUs95Loc8Fk81hez5YwmhsFEXVtk= -----END RSA PRIVATE KEY----- diff --git a/ms/libeay16.def b/ms/libeay16.def index 65bbad629..51cf7644e 100644 --- a/ms/libeay16.def +++ b/ms/libeay16.def @@ -84,12 +84,14 @@ EXPORTS _BIO_f_md @60 _BIO_f_nbio_test @915 _BIO_f_null @61 + _BIO_f_proxy_server @62 _BIO_fd_non_fatal_error @63 _BIO_fd_should_retry @64 _BIO_find_type @65 _BIO_free @66 _BIO_free_all @67 _BIO_get_accept_socket @69 + _BIO_get_filter_bio @70 _BIO_get_host_ip @71 _BIO_get_port @72 _BIO_get_retry_BIO @73 @@ -103,6 +105,7 @@ EXPORTS _BIO_new_connect @80 _BIO_new_fd @81 _BIO_new_socket @84 + _BIO_new_socks4a_connect @1110 _BIO_pop @85 _BIO_printf @86 _BIO_ptr_ctrl @969 @@ -114,7 +117,9 @@ EXPORTS _BIO_s_fd @92 _BIO_s_mem @95 _BIO_s_null @96 + _BIO_s_proxy_client @97 _BIO_s_socket @98 + _BIO_s_socks4a_connect @1111 _BIO_set @100 _BIO_set_cipher @101 _BIO_set_tcp_ndelay @102 @@ -124,6 +129,7 @@ EXPORTS _BIO_sock_non_fatal_error @106 _BIO_sock_should_retry @107 _BIO_socket_ioctl @108 + _BIO_socket_nbio @1102 _BIO_write @109 _BN_BLINDING_convert @973 _BN_BLINDING_free @981 @@ -131,10 +137,16 @@ EXPORTS _BN_BLINDING_new @980 _BN_BLINDING_update @975 _BN_CTX_free @110 + _BN_CTX_init @1135 _BN_CTX_new @111 _BN_MONT_CTX_free @112 + _BN_MONT_CTX_init @1136 _BN_MONT_CTX_new @113 _BN_MONT_CTX_set @114 + _BN_RECP_CTX_free @1130 + _BN_RECP_CTX_init @1128 + _BN_RECP_CTX_new @1129 + _BN_RECP_CTX_set @1131 _BN_add @115 _BN_add_word @116 _BN_bin2bn @118 @@ -149,6 +161,7 @@ EXPORTS _BN_copy @125 _BN_dec2bn @1001 _BN_div @126 + _BN_div_recp @1134 _BN_div_word @127 _BN_dup @128 _BN_exp @998 @@ -158,6 +171,7 @@ EXPORTS _BN_generate_prime @132 _BN_get_word @133 _BN_hex2bn @117 + _BN_init @1095 _BN_is_bit_set @134 _BN_is_prime @135 _BN_lshift @136 @@ -166,12 +180,12 @@ EXPORTS _BN_mod @139 _BN_mod_exp @140 _BN_mod_exp_mont @141 - _BN_mod_exp_recp @142 + _BN_mod_exp_recp @1133 _BN_mod_exp_simple @143 _BN_mod_inverse @144 _BN_mod_mul @145 _BN_mod_mul_montgomery @146 - _BN_mod_mul_reciprocal @147 + _BN_mod_mul_reciprocal @1132 _BN_mod_word @148 _BN_mpi2bn @1059 _BN_mul @149 @@ -191,7 +205,9 @@ EXPORTS _BN_sub @163 _BN_sub_word @1000 _BN_to_ASN1_INTEGER @164 + _BN_uadd @708 _BN_ucmp @165 + _BN_usub @709 _BN_value_one @166 _BUF_MEM_free @167 _BUF_MEM_grow @168 @@ -204,6 +220,12 @@ EXPORTS _CAST_encrypt @989 _CAST_ofb64_encrypt @994 _CAST_set_key @988 + _COMP_CTX_free @1097 + _COMP_CTX_new @1096 + _COMP_compress_block @1144 + _COMP_expand_block @1145 + _COMP_rle @1146 + _COMP_zlib @1147 _CONF_free @171 _CONF_get_number @172 _CONF_get_section @173 @@ -283,6 +305,7 @@ EXPORTS _ERR_load_OBJ_strings @241 _ERR_load_PEM_strings @242 _ERR_load_PKCS7_strings @919 + _ERR_load_PROXY_strings @243 _ERR_load_RSA_strings @244 _ERR_load_X509_strings @245 _ERR_load_crypto_strings @246 @@ -339,7 +362,6 @@ EXPORTS _EVP_SealInit @288 _EVP_SignFinal @289 _EVP_VerifyFinal @290 - _EVP_add_alias @291 _EVP_add_cipher @292 _EVP_add_digest @293 _EVP_bf_cbc @294 @@ -351,7 +373,6 @@ EXPORTS _EVP_cast5_ecb @985 _EVP_cast5_ofb @986 _EVP_cleanup @298 - _EVP_delete_alias @941 _EVP_des_cbc @299 _EVP_des_cfb @300 _EVP_des_ecb @301 @@ -380,6 +401,7 @@ EXPORTS _EVP_md_null @324 _EVP_mdc2 @942 _EVP_rc2_40_cbc @959 + _EVP_rc2_64_cbc @1103 _EVP_rc2_cbc @325 _EVP_rc2_cfb @326 _EVP_rc2_ecb @327 @@ -419,6 +441,12 @@ EXPORTS _NETSCAPE_SPKI_new @350 _NETSCAPE_SPKI_sign @351 _NETSCAPE_SPKI_verify @352 + _OBJ_NAME_add @1101 + _OBJ_NAME_cleanup @1104 + _OBJ_NAME_get @1105 + _OBJ_NAME_init @1106 + _OBJ_NAME_new_index @1107 + _OBJ_NAME_remove @1108 _OBJ_add_object @353 _OBJ_bsearch @354 _OBJ_cleanup @355 @@ -489,32 +517,58 @@ EXPORTS _PKCS7_SIGNER_INFO_set @930 _PKCS7_SIGN_ENVELOPE_free @441 _PKCS7_SIGN_ENVELOPE_new @442 + _PKCS7_add_attribute @1138 _PKCS7_add_certificate @932 _PKCS7_add_crl @933 _PKCS7_add_recipient @1073 _PKCS7_add_recipient_info @1074 _PKCS7_add_signature @938 + _PKCS7_add_signed_attribute @1139 _PKCS7_add_signer @931 _PKCS7_cert_from_signer_info @939 _PKCS7_content_free @918 _PKCS7_content_new @934 _PKCS7_ctrl @927 _PKCS7_dataInit @937 - _PKCS7_dataSign @935 _PKCS7_dataVerify @936 + _PKCS7_digest_from_attributes @1140 _PKCS7_dup @443 _PKCS7_free @444 + _PKCS7_get_attribute @1141 + _PKCS7_get_issuer_and_serial @1142 + _PKCS7_get_signed_attribute @1143 _PKCS7_get_signer_info @940 _PKCS7_new @445 _PKCS7_set_cipher @1075 _PKCS7_set_content @929 _PKCS7_set_type @928 + _PROXY_ENTRY_add_noproxy @446 + _PROXY_ENTRY_clear_noproxy @447 + _PROXY_ENTRY_free @448 + _PROXY_ENTRY_get_noproxy @449 + _PROXY_ENTRY_new @450 + _PROXY_ENTRY_set_server @451 + _PROXY_add_noproxy @452 + _PROXY_add_server @453 + _PROXY_check_by_host @454 + _PROXY_check_url @455 + _PROXY_clear_noproxy @456 + _PROXY_free @457 + _PROXY_get_noproxy @458 + _PROXY_get_proxies @459 + _PROXY_get_proxy_entry @460 + _PROXY_load_conf @461 + _PROXY_new @462 + _PROXY_print @463 + _RAND_SSLeay @1113 _RAND_bytes @464 _RAND_cleanup @465 _RAND_file_name @466 + _RAND_get_rand_method @1137 _RAND_load_file @467 _RAND_screen @468 _RAND_seed @469 + _RAND_set_rand_method @1114 _RAND_write_file @470 _RC2_cbc_encrypt @471 _RC2_cfb64_encrypt @472 @@ -549,6 +603,7 @@ EXPORTS _RSA_generate_key @485 _RSA_get_ex_data @1029 _RSA_get_ex_new_index @1030 + _RSA_memory_lock @1115 _RSA_new @486 _RSA_new_method @487 _RSA_padding_add_PKCS1_type_1 @1031 @@ -659,7 +714,7 @@ EXPORTS _X509_NAME_print @586 _X509_NAME_set @587 _X509_OBJECT_free_contents @588 - _X509_OBJECT_retrive_by_subject @589 + _X509_OBJECT_retrieve_by_subject @589 _X509_OBJECT_up_ref_count @590 _X509_PKEY_free @591 _X509_PKEY_new @592 @@ -697,6 +752,7 @@ EXPORTS _X509_STORE_CTX_get_error @1016 _X509_STORE_CTX_get_error_depth @1017 _X509_STORE_CTX_get_ex_data @1018 + _X509_STORE_CTX_get_ex_new_index @1100 _X509_STORE_CTX_init @623 _X509_STORE_CTX_set_cert @1020 _X509_STORE_CTX_set_chain @1021 @@ -786,15 +842,26 @@ EXPORTS _asn1_GetSequence @703 _asn1_add_error @1091 _bn_add_words @1039 - _bn_div64 @704 + _bn_cmp_words @1123 + _bn_div_words @704 _bn_expand2 @705 _bn_mul_add_words @706 + _bn_mul_comba4 @1119 + _bn_mul_comba8 @1118 + _bn_mul_low_normal @1127 + _bn_mul_normal @1117 + _bn_mul_part_recursive @1125 + _bn_mul_recursive @1124 _bn_mul_words @707 - _bn_qadd @708 - _bn_qsub @709 + _bn_sqr_comba4 @1122 + _bn_sqr_comba8 @1121 + _bn_sqr_normal @1120 + _bn_sqr_recursive @1126 _bn_sqr_words @710 + _bn_sub_words @1116 _crypt @711 _d2i_ASN1_BIT_STRING @712 + _d2i_ASN1_BMPSTRING @1092 _d2i_ASN1_BOOLEAN @713 _d2i_ASN1_HEADER @714 _d2i_ASN1_IA5STRING @715 @@ -895,6 +962,7 @@ EXPORTS _i2a_ASN1_OBJECT @816 _i2a_ASN1_STRING @817 _i2d_ASN1_BIT_STRING @818 + _i2d_ASN1_BMPSTRING @1093 _i2d_ASN1_BOOLEAN @819 _i2d_ASN1_HEADER @820 _i2d_ASN1_IA5STRING @821 @@ -970,6 +1038,11 @@ EXPORTS _lh_retrieve @897 _lh_stats_bio @899 _lh_strhash @900 + _ms_time_cmp @1151 + _ms_time_diff @1148 + _ms_time_free @1150 + _ms_time_get @1152 + _ms_time_new @1149 _sk_delete @901 _sk_delete_ptr @902 _sk_dup @903 diff --git a/ms/libeay32.def b/ms/libeay32.def index 196c52216..509a4085e 100644 --- a/ms/libeay32.def +++ b/ms/libeay32.def @@ -78,12 +78,14 @@ EXPORTS BIO_f_md @60 BIO_f_nbio_test @915 BIO_f_null @61 + BIO_f_proxy_server @62 BIO_fd_non_fatal_error @63 BIO_fd_should_retry @64 BIO_find_type @65 BIO_free @66 BIO_free_all @67 BIO_get_accept_socket @69 + BIO_get_filter_bio @70 BIO_get_host_ip @71 BIO_get_port @72 BIO_get_retry_BIO @73 @@ -99,6 +101,7 @@ EXPORTS BIO_new_file @82 BIO_new_fp @83 BIO_new_socket @84 + BIO_new_socks4a_connect @1110 BIO_pop @85 BIO_printf @86 BIO_ptr_ctrl @969 @@ -111,7 +114,9 @@ EXPORTS BIO_s_file @93 BIO_s_mem @95 BIO_s_null @96 + BIO_s_proxy_client @97 BIO_s_socket @98 + BIO_s_socks4a_connect @1111 BIO_set @100 BIO_set_cipher @101 BIO_set_tcp_ndelay @102 @@ -121,6 +126,7 @@ EXPORTS BIO_sock_non_fatal_error @106 BIO_sock_should_retry @107 BIO_socket_ioctl @108 + BIO_socket_nbio @1102 BIO_write @109 BN_BLINDING_convert @973 BN_BLINDING_free @981 @@ -128,10 +134,16 @@ EXPORTS BN_BLINDING_new @980 BN_BLINDING_update @975 BN_CTX_free @110 + BN_CTX_init @1135 BN_CTX_new @111 BN_MONT_CTX_free @112 + BN_MONT_CTX_init @1136 BN_MONT_CTX_new @113 BN_MONT_CTX_set @114 + BN_RECP_CTX_free @1130 + BN_RECP_CTX_init @1128 + BN_RECP_CTX_new @1129 + BN_RECP_CTX_set @1131 BN_add @115 BN_add_word @116 BN_bin2bn @118 @@ -146,6 +158,7 @@ EXPORTS BN_copy @125 BN_dec2bn @1001 BN_div @126 + BN_div_recp @1134 BN_div_word @127 BN_dup @128 BN_exp @998 @@ -155,6 +168,7 @@ EXPORTS BN_generate_prime @132 BN_get_word @133 BN_hex2bn @117 + BN_init @1095 BN_is_bit_set @134 BN_is_prime @135 BN_lshift @136 @@ -163,12 +177,12 @@ EXPORTS BN_mod @139 BN_mod_exp @140 BN_mod_exp_mont @141 - BN_mod_exp_recp @142 + BN_mod_exp_recp @1133 BN_mod_exp_simple @143 BN_mod_inverse @144 BN_mod_mul @145 BN_mod_mul_montgomery @146 - BN_mod_mul_reciprocal @147 + BN_mod_mul_reciprocal @1132 BN_mod_word @148 BN_mpi2bn @1059 BN_mul @149 @@ -189,7 +203,9 @@ EXPORTS BN_sub @163 BN_sub_word @1000 BN_to_ASN1_INTEGER @164 + BN_uadd @708 BN_ucmp @165 + BN_usub @709 BN_value_one @166 BUF_MEM_free @167 BUF_MEM_grow @168 @@ -202,6 +218,12 @@ EXPORTS CAST_encrypt @989 CAST_ofb64_encrypt @994 CAST_set_key @988 + COMP_CTX_free @1097 + COMP_CTX_new @1096 + COMP_compress_block @1144 + COMP_expand_block @1145 + COMP_rle @1146 + COMP_zlib @1147 CONF_free @171 CONF_get_number @172 CONF_get_section @173 @@ -285,6 +307,7 @@ EXPORTS ERR_load_OBJ_strings @241 ERR_load_PEM_strings @242 ERR_load_PKCS7_strings @919 + ERR_load_PROXY_strings @243 ERR_load_RSA_strings @244 ERR_load_X509_strings @245 ERR_load_crypto_strings @246 @@ -342,7 +365,6 @@ EXPORTS EVP_SealInit @288 EVP_SignFinal @289 EVP_VerifyFinal @290 - EVP_add_alias @291 EVP_add_cipher @292 EVP_add_digest @293 EVP_bf_cbc @294 @@ -354,7 +376,6 @@ EXPORTS EVP_cast5_ecb @985 EVP_cast5_ofb @986 EVP_cleanup @298 - EVP_delete_alias @941 EVP_des_cbc @299 EVP_des_cfb @300 EVP_des_ecb @301 @@ -383,6 +404,7 @@ EXPORTS EVP_md_null @324 EVP_mdc2 @942 EVP_rc2_40_cbc @959 + EVP_rc2_64_cbc @1103 EVP_rc2_cbc @325 EVP_rc2_cfb @326 EVP_rc2_ecb @327 @@ -422,6 +444,12 @@ EXPORTS NETSCAPE_SPKI_new @350 NETSCAPE_SPKI_sign @351 NETSCAPE_SPKI_verify @352 + OBJ_NAME_add @1101 + OBJ_NAME_cleanup @1104 + OBJ_NAME_get @1105 + OBJ_NAME_init @1106 + OBJ_NAME_new_index @1107 + OBJ_NAME_remove @1108 OBJ_add_object @353 OBJ_bsearch @354 OBJ_cleanup @355 @@ -517,32 +545,58 @@ EXPORTS PKCS7_SIGNER_INFO_set @930 PKCS7_SIGN_ENVELOPE_free @441 PKCS7_SIGN_ENVELOPE_new @442 + PKCS7_add_attribute @1138 PKCS7_add_certificate @932 PKCS7_add_crl @933 PKCS7_add_recipient @1073 PKCS7_add_recipient_info @1074 PKCS7_add_signature @938 + PKCS7_add_signed_attribute @1139 PKCS7_add_signer @931 PKCS7_cert_from_signer_info @939 PKCS7_content_free @918 PKCS7_content_new @934 PKCS7_ctrl @927 PKCS7_dataInit @937 - PKCS7_dataSign @935 PKCS7_dataVerify @936 + PKCS7_digest_from_attributes @1140 PKCS7_dup @443 PKCS7_free @444 + PKCS7_get_attribute @1141 + PKCS7_get_issuer_and_serial @1142 + PKCS7_get_signed_attribute @1143 PKCS7_get_signer_info @940 PKCS7_new @445 PKCS7_set_cipher @1075 PKCS7_set_content @929 PKCS7_set_type @928 + PROXY_ENTRY_add_noproxy @446 + PROXY_ENTRY_clear_noproxy @447 + PROXY_ENTRY_free @448 + PROXY_ENTRY_get_noproxy @449 + PROXY_ENTRY_new @450 + PROXY_ENTRY_set_server @451 + PROXY_add_noproxy @452 + PROXY_add_server @453 + PROXY_check_by_host @454 + PROXY_check_url @455 + PROXY_clear_noproxy @456 + PROXY_free @457 + PROXY_get_noproxy @458 + PROXY_get_proxies @459 + PROXY_get_proxy_entry @460 + PROXY_load_conf @461 + PROXY_new @462 + PROXY_print @463 + RAND_SSLeay @1113 RAND_bytes @464 RAND_cleanup @465 RAND_file_name @466 + RAND_get_rand_method @1137 RAND_load_file @467 RAND_screen @468 RAND_seed @469 + RAND_set_rand_method @1114 RAND_write_file @470 RC2_cbc_encrypt @471 RC2_cfb64_encrypt @472 @@ -577,6 +631,7 @@ EXPORTS RSA_generate_key @485 RSA_get_ex_data @1029 RSA_get_ex_new_index @1030 + RSA_memory_lock @1115 RSA_new @486 RSA_new_method @487 RSA_padding_add_PKCS1_type_1 @1031 @@ -688,7 +743,7 @@ EXPORTS X509_NAME_print @586 X509_NAME_set @587 X509_OBJECT_free_contents @588 - X509_OBJECT_retrive_by_subject @589 + X509_OBJECT_retrieve_by_subject @589 X509_OBJECT_up_ref_count @590 X509_PKEY_free @591 X509_PKEY_new @592 @@ -727,6 +782,7 @@ EXPORTS X509_STORE_CTX_get_error @1016 X509_STORE_CTX_get_error_depth @1017 X509_STORE_CTX_get_ex_data @1018 + X509_STORE_CTX_get_ex_new_index @1100 X509_STORE_CTX_init @623 X509_STORE_CTX_set_cert @1020 X509_STORE_CTX_set_chain @1021 @@ -817,15 +873,26 @@ EXPORTS asn1_GetSequence @703 asn1_add_error @1091 bn_add_words @1039 - bn_div64 @704 + bn_cmp_words @1123 + bn_div_words @704 bn_expand2 @705 bn_mul_add_words @706 + bn_mul_comba4 @1119 + bn_mul_comba8 @1118 + bn_mul_low_normal @1127 + bn_mul_normal @1117 + bn_mul_part_recursive @1125 + bn_mul_recursive @1124 bn_mul_words @707 - bn_qadd @708 - bn_qsub @709 + bn_sqr_comba4 @1122 + bn_sqr_comba8 @1121 + bn_sqr_normal @1120 + bn_sqr_recursive @1126 bn_sqr_words @710 + bn_sub_words @1116 crypt @711 d2i_ASN1_BIT_STRING @712 + d2i_ASN1_BMPSTRING @1092 d2i_ASN1_BOOLEAN @713 d2i_ASN1_HEADER @714 d2i_ASN1_IA5STRING @715 @@ -933,6 +1000,7 @@ EXPORTS i2a_ASN1_OBJECT @816 i2a_ASN1_STRING @817 i2d_ASN1_BIT_STRING @818 + i2d_ASN1_BMPSTRING @1093 i2d_ASN1_BOOLEAN @819 i2d_ASN1_HEADER @820 i2d_ASN1_IA5STRING @821 @@ -1018,6 +1086,11 @@ EXPORTS lh_stats @898 lh_stats_bio @899 lh_strhash @900 + ms_time_cmp @1151 + ms_time_diff @1148 + ms_time_free @1150 + ms_time_get @1152 + ms_time_new @1149 sk_delete @901 sk_delete_ptr @902 sk_dup @903 diff --git a/ms/ntdll.mak b/ms/ntdll.mak index 044cd909b..389ac22bf 100644 --- a/ms/ntdll.mak +++ b/ms/ntdll.mak @@ -14,8 +14,9 @@ INSTALLTOP=\usr\local\ssl # Set your compiler options +PLATFORM=VC-WIN32 CC=cl -CFLAG= /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM +CFLAG= /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM /Fdout32dll APP_CFLAG= LIB_CFLAG= /GD -D_WINDLL -D_DLL SHLIB_CFLAG= @@ -31,12 +32,10 @@ SRC_D=. LINK=link LFLAGS=/nologo /subsystem:console /machine:I386 /opt:ref -BN_MULW_OBJ=crypto\bn\asm\bn-win32.obj -BN_MULW_SRC=crypto\bn\asm\bn-win32.asm +BN_ASM_OBJ=crypto\bn\asm\bn-win32.obj +BN_ASM_SRC=crypto\bn\asm\bn-win32.asm DES_ENC_OBJ=crypto\des\asm\d-win32.obj crypto\des\asm\y-win32.obj DES_ENC_SRC=crypto\des\asm\d-win32.asm crypto\des\asm\y-win32.asm -DES_CRYPT_OBJ= -DES_CRYPT_SRC= BF_ENC_OBJ=crypto\bf\asm\b-win32.obj BF_ENC_SRC=crypto\bf\asm\b-win32.asm CAST_ENC_OBJ=crypto\cast\asm\c-win32.obj @@ -59,7 +58,7 @@ TMP_D=tmp32dll # The output directory for the header files INC_D=inc32 -CP=copy +CP="copy /b nul+ " RM=del RANLIB= MKDIR=mkdir @@ -120,21 +119,22 @@ HEADER=$(INCL_D)\cryptlib.h \ $(INCL_D)\cast_lcl.h $(INCL_D)\bn_lcl.h $(INCL_D)\bn_prime.h \ $(INCL_D)\obj_dat.h $(INCL_D)\conf_lcl.h $(INCL_D)\ssl_locl.h \ $(INCL_D)\rsaref.h $(INCL_D)\apps.h $(INCL_D)\progs.h \ - $(INCL_D)\s_apps.h $(INCL_D)\testdsa.h $(INCL_D)\testrsa.h + $(INCL_D)\testdsa.h $(INCL_D)\testrsa.h EXHEADER=$(INC_D)\e_os.h \ - $(INC_D)\crypto.h $(INC_D)\cryptall.h $(INC_D)\md2.h \ - $(INC_D)\md5.h $(INC_D)\sha.h $(INC_D)\mdc2.h \ - $(INC_D)\hmac.h $(INC_D)\ripemd.h $(INC_D)\des.h \ - $(INC_D)\rc2.h $(INC_D)\rc4.h $(INC_D)\rc5.h \ - $(INC_D)\idea.h $(INC_D)\blowfish.h $(INC_D)\cast.h \ - $(INC_D)\bn.h $(INC_D)\rsa.h $(INC_D)\dsa.h \ - $(INC_D)\dh.h $(INC_D)\buffer.h $(INC_D)\bio.h \ - $(INC_D)\bss_file.c $(INC_D)\stack.h $(INC_D)\lhash.h \ - $(INC_D)\rand.h $(INC_D)\err.h $(INC_D)\objects.h \ - $(INC_D)\evp.h $(INC_D)\pem.h $(INC_D)\asn1.h \ - $(INC_D)\asn1_mac.h $(INC_D)\x509.h $(INC_D)\x509_vfy.h \ - $(INC_D)\conf.h $(INC_D)\txt_db.h $(INC_D)\pkcs7.h \ + $(INC_D)\crypto.h $(INC_D)\cryptall.h $(INC_D)\tmdiff.h \ + $(INC_D)\md2.h $(INC_D)\md5.h $(INC_D)\sha.h \ + $(INC_D)\mdc2.h $(INC_D)\hmac.h $(INC_D)\ripemd.h \ + $(INC_D)\des.h $(INC_D)\rc2.h $(INC_D)\rc4.h \ + $(INC_D)\rc5.h $(INC_D)\idea.h $(INC_D)\blowfish.h \ + $(INC_D)\cast.h $(INC_D)\bn.h $(INC_D)\rsa.h \ + $(INC_D)\dsa.h $(INC_D)\dh.h $(INC_D)\buffer.h \ + $(INC_D)\bio.h $(INC_D)\bss_file.c $(INC_D)\stack.h \ + $(INC_D)\lhash.h $(INC_D)\rand.h $(INC_D)\err.h \ + $(INC_D)\objects.h $(INC_D)\evp.h $(INC_D)\pem.h \ + $(INC_D)\asn1.h $(INC_D)\asn1_mac.h $(INC_D)\x509.h \ + $(INC_D)\x509_vfy.h $(INC_D)\conf.h $(INC_D)\txt_db.h \ + $(INC_D)\pkcs7.h $(INC_D)\proxy.h $(INC_D)\comp.h \ $(INC_D)\ssl.h $(INC_D)\ssl2.h $(INC_D)\ssl3.h \ $(INC_D)\ssl23.h $(INC_D)\tls1.h @@ -154,42 +154,43 @@ E_OBJ=$(OBJ_D)\verify.obj \ $(OBJ_D)\crl2p7.obj $(OBJ_D)\crl.obj $(OBJ_D)\rsa.obj \ $(OBJ_D)\dsa.obj $(OBJ_D)\dsaparam.obj $(OBJ_D)\x509.obj \ $(OBJ_D)\genrsa.obj $(OBJ_D)\s_server.obj $(OBJ_D)\s_client.obj \ - $(OBJ_D)\speed.obj $(OBJ_D)\s_time.obj $(OBJ_D)\apps.obj \ - $(OBJ_D)\s_cb.obj $(OBJ_D)\s_socket.obj $(OBJ_D)\version.obj \ + $(OBJ_D)\speed.obj $(OBJ_D)\s_time.obj \ + $(OBJ_D)\apps.obj $(OBJ_D)\s_cb.obj $(OBJ_D)\s_socket.obj \ + $(OBJ_D)\bf_perm.obj $(OBJ_D)\version.obj \ $(OBJ_D)\sess_id.obj $(OBJ_D)\ciphers.obj $(OBJ_D)\ssleay.obj CRYPTOOBJ=$(OBJ_D)\cryptlib.obj \ $(OBJ_D)\mem.obj $(OBJ_D)\cversion.obj $(OBJ_D)\ex_data.obj \ - $(OBJ_D)\cpt_err.obj $(OBJ_D)\md2_dgst.obj $(OBJ_D)\md2_one.obj \ - $(OBJ_D)\md5_dgst.obj $(MD5_ASM_OBJ) $(OBJ_D)\md5_one.obj \ - $(OBJ_D)\sha_dgst.obj $(OBJ_D)\sha1dgst.obj $(SHA1_ASM_OBJ) \ - $(OBJ_D)\sha_one.obj $(OBJ_D)\sha1_one.obj $(OBJ_D)\mdc2dgst.obj \ - $(OBJ_D)\mdc2_one.obj $(OBJ_D)\hmac.obj $(OBJ_D)\rmd_dgst.obj \ - $(RMD160_ASM_OBJ) $(OBJ_D)\rmd_one.obj $(OBJ_D)\set_key.obj \ - $(OBJ_D)\ecb_enc.obj $(OBJ_D)\cbc_enc.obj $(OBJ_D)\ecb3_enc.obj \ - $(OBJ_D)\cfb64enc.obj $(OBJ_D)\cfb64ede.obj $(OBJ_D)\cfb_enc.obj \ - $(OBJ_D)\ofb64ede.obj $(OBJ_D)\enc_read.obj $(OBJ_D)\enc_writ.obj \ - $(OBJ_D)\ofb64enc.obj $(OBJ_D)\ofb_enc.obj $(OBJ_D)\str2key.obj \ - $(OBJ_D)\pcbc_enc.obj $(OBJ_D)\qud_cksm.obj $(OBJ_D)\rand_key.obj \ - $(DES_ENC_OBJ) $(OBJ_D)\read2pwd.obj $(OBJ_D)\fcrypt.obj \ - $(OBJ_D)\xcbc_enc.obj $(OBJ_D)\read_pwd.obj $(OBJ_D)\rpc_enc.obj \ - $(OBJ_D)\cbc_cksm.obj $(OBJ_D)\supp.obj $(OBJ_D)\rc2_ecb.obj \ - $(OBJ_D)\rc2_skey.obj $(OBJ_D)\rc2_cbc.obj $(OBJ_D)\rc2cfb64.obj \ - $(OBJ_D)\rc2ofb64.obj $(OBJ_D)\rc4_skey.obj $(RC4_ENC_OBJ) \ - $(OBJ_D)\rc5_skey.obj $(OBJ_D)\rc5_ecb.obj $(RC5_ENC_OBJ) \ - $(OBJ_D)\rc5cfb64.obj $(OBJ_D)\rc5ofb64.obj $(OBJ_D)\i_cbc.obj \ - $(OBJ_D)\i_cfb64.obj $(OBJ_D)\i_ofb64.obj $(OBJ_D)\i_ecb.obj \ - $(OBJ_D)\i_skey.obj $(OBJ_D)\bf_skey.obj $(OBJ_D)\bf_ecb.obj \ - $(BF_ENC_OBJ) $(OBJ_D)\bf_cfb64.obj $(OBJ_D)\bf_ofb64.obj \ - $(OBJ_D)\c_skey.obj $(OBJ_D)\c_ecb.obj $(CAST_ENC_OBJ) \ - $(OBJ_D)\c_cfb64.obj $(OBJ_D)\c_ofb64.obj $(OBJ_D)\bn_add.obj \ - $(OBJ_D)\bn_div.obj $(OBJ_D)\bn_exp.obj $(OBJ_D)\bn_lib.obj \ - $(OBJ_D)\bn_mod.obj $(OBJ_D)\bn_mul.obj $(OBJ_D)\bn_print.obj \ - $(OBJ_D)\bn_rand.obj $(OBJ_D)\bn_shift.obj $(OBJ_D)\bn_sub.obj \ - $(OBJ_D)\bn_word.obj $(OBJ_D)\bn_blind.obj $(OBJ_D)\bn_gcd.obj \ - $(OBJ_D)\bn_prime.obj $(OBJ_D)\bn_err.obj $(OBJ_D)\bn_sqr.obj \ - $(BN_MULW_OBJ) $(OBJ_D)\bn_recp.obj $(OBJ_D)\bn_mont.obj \ - $(OBJ_D)\bn_mpi.obj $(OBJ_D)\rsa_eay.obj $(OBJ_D)\rsa_gen.obj \ + $(OBJ_D)\tmdiff.obj $(OBJ_D)\cpt_err.obj $(OBJ_D)\md2_dgst.obj \ + $(OBJ_D)\md2_one.obj $(OBJ_D)\md5_dgst.obj $(MD5_ASM_OBJ) \ + $(OBJ_D)\md5_one.obj $(OBJ_D)\sha_dgst.obj $(OBJ_D)\sha1dgst.obj \ + $(SHA1_ASM_OBJ) $(OBJ_D)\sha_one.obj $(OBJ_D)\sha1_one.obj \ + $(OBJ_D)\mdc2dgst.obj $(OBJ_D)\mdc2_one.obj $(OBJ_D)\hmac.obj \ + $(OBJ_D)\rmd_dgst.obj $(RMD160_ASM_OBJ) $(OBJ_D)\rmd_one.obj \ + $(OBJ_D)\set_key.obj $(OBJ_D)\ecb_enc.obj $(OBJ_D)\cbc_enc.obj \ + $(OBJ_D)\ecb3_enc.obj $(OBJ_D)\cfb64enc.obj $(OBJ_D)\cfb64ede.obj \ + $(OBJ_D)\cfb_enc.obj $(OBJ_D)\ofb64ede.obj $(OBJ_D)\enc_read.obj \ + $(OBJ_D)\enc_writ.obj $(OBJ_D)\ofb64enc.obj $(OBJ_D)\ofb_enc.obj \ + $(OBJ_D)\str2key.obj $(OBJ_D)\pcbc_enc.obj $(OBJ_D)\qud_cksm.obj \ + $(OBJ_D)\rand_key.obj $(DES_ENC_OBJ) $(OBJ_D)\read2pwd.obj \ + $(OBJ_D)\fcrypt.obj $(OBJ_D)\xcbc_enc.obj $(OBJ_D)\read_pwd.obj \ + $(OBJ_D)\rpc_enc.obj $(OBJ_D)\cbc_cksm.obj $(OBJ_D)\supp.obj \ + $(OBJ_D)\rc2_ecb.obj $(OBJ_D)\rc2_skey.obj $(OBJ_D)\rc2_cbc.obj \ + $(OBJ_D)\rc2cfb64.obj $(OBJ_D)\rc2ofb64.obj $(OBJ_D)\rc4_skey.obj \ + $(RC4_ENC_OBJ) $(OBJ_D)\rc5_skey.obj $(OBJ_D)\rc5_ecb.obj \ + $(RC5_ENC_OBJ) $(OBJ_D)\rc5cfb64.obj $(OBJ_D)\rc5ofb64.obj \ + $(OBJ_D)\i_cbc.obj $(OBJ_D)\i_cfb64.obj $(OBJ_D)\i_ofb64.obj \ + $(OBJ_D)\i_ecb.obj $(OBJ_D)\i_skey.obj $(OBJ_D)\bf_skey.obj \ + $(OBJ_D)\bf_ecb.obj $(BF_ENC_OBJ) $(OBJ_D)\bf_cfb64.obj \ + $(OBJ_D)\bf_ofb64.obj $(OBJ_D)\c_skey.obj $(OBJ_D)\c_ecb.obj \ + $(CAST_ENC_OBJ) $(OBJ_D)\c_cfb64.obj $(OBJ_D)\c_ofb64.obj \ + $(OBJ_D)\bn_add.obj $(OBJ_D)\bn_div.obj $(OBJ_D)\bn_exp.obj \ + $(OBJ_D)\bn_lib.obj $(OBJ_D)\bn_mul.obj $(OBJ_D)\bn_print.obj \ + $(OBJ_D)\bn_rand.obj $(OBJ_D)\bn_shift.obj $(OBJ_D)\bn_word.obj \ + $(OBJ_D)\bn_blind.obj $(OBJ_D)\bn_gcd.obj $(OBJ_D)\bn_prime.obj \ + $(OBJ_D)\bn_err.obj $(OBJ_D)\bn_sqr.obj $(BN_ASM_OBJ) \ + $(OBJ_D)\bn_recp.obj $(OBJ_D)\bn_mont.obj $(OBJ_D)\bn_mpi.obj \ + $(OBJ_D)\bn_exp2.obj $(OBJ_D)\rsa_eay.obj $(OBJ_D)\rsa_gen.obj \ $(OBJ_D)\rsa_lib.obj $(OBJ_D)\rsa_sign.obj $(OBJ_D)\rsa_saos.obj \ $(OBJ_D)\rsa_err.obj $(OBJ_D)\rsa_pk1.obj $(OBJ_D)\rsa_ssl.obj \ $(OBJ_D)\rsa_none.obj $(OBJ_D)\dsa_gen.obj $(OBJ_D)\dsa_key.obj \ @@ -202,9 +203,10 @@ CRYPTOOBJ=$(OBJ_D)\cryptlib.obj \ $(OBJ_D)\bss_sock.obj $(OBJ_D)\bss_conn.obj $(OBJ_D)\bf_null.obj \ $(OBJ_D)\bf_buff.obj $(OBJ_D)\b_print.obj $(OBJ_D)\b_dump.obj \ $(OBJ_D)\b_sock.obj $(OBJ_D)\bss_acpt.obj $(OBJ_D)\bf_nbio.obj \ - $(OBJ_D)\stack.obj $(OBJ_D)\lhash.obj $(OBJ_D)\lh_stats.obj \ - $(OBJ_D)\md_rand.obj $(OBJ_D)\randfile.obj $(OBJ_D)\err.obj \ - $(OBJ_D)\err_all.obj $(OBJ_D)\err_prn.obj $(OBJ_D)\obj_dat.obj \ + $(OBJ_D)\bss_cs4a.obj $(OBJ_D)\stack.obj $(OBJ_D)\lhash.obj \ + $(OBJ_D)\lh_stats.obj $(OBJ_D)\md_rand.obj $(OBJ_D)\randfile.obj \ + $(OBJ_D)\rand_lib.obj $(OBJ_D)\err.obj $(OBJ_D)\err_all.obj \ + $(OBJ_D)\err_prn.obj $(OBJ_D)\o_names.obj $(OBJ_D)\obj_dat.obj \ $(OBJ_D)\obj_lib.obj $(OBJ_D)\obj_err.obj $(OBJ_D)\encode.obj \ $(OBJ_D)\digest.obj $(OBJ_D)\evp_enc.obj $(OBJ_D)\evp_key.obj \ $(OBJ_D)\e_ecb_d.obj $(OBJ_D)\e_cbc_d.obj $(OBJ_D)\e_cfb_d.obj \ @@ -230,35 +232,38 @@ CRYPTOOBJ=$(OBJ_D)\cryptlib.obj \ $(OBJ_D)\a_object.obj $(OBJ_D)\a_bitstr.obj $(OBJ_D)\a_utctm.obj \ $(OBJ_D)\a_int.obj $(OBJ_D)\a_octet.obj $(OBJ_D)\a_print.obj \ $(OBJ_D)\a_type.obj $(OBJ_D)\a_set.obj $(OBJ_D)\a_dup.obj \ - $(OBJ_D)\a_d2i_fp.obj $(OBJ_D)\a_i2d_fp.obj $(OBJ_D)\a_sign.obj \ - $(OBJ_D)\a_digest.obj $(OBJ_D)\a_verify.obj $(OBJ_D)\x_algor.obj \ - $(OBJ_D)\x_val.obj $(OBJ_D)\x_pubkey.obj $(OBJ_D)\x_sig.obj \ - $(OBJ_D)\x_req.obj $(OBJ_D)\x_attrib.obj $(OBJ_D)\x_name.obj \ - $(OBJ_D)\x_cinf.obj $(OBJ_D)\x_x509.obj $(OBJ_D)\x_crl.obj \ - $(OBJ_D)\x_info.obj $(OBJ_D)\x_spki.obj $(OBJ_D)\d2i_r_pr.obj \ - $(OBJ_D)\i2d_r_pr.obj $(OBJ_D)\d2i_r_pu.obj $(OBJ_D)\i2d_r_pu.obj \ - $(OBJ_D)\d2i_s_pr.obj $(OBJ_D)\i2d_s_pr.obj $(OBJ_D)\d2i_s_pu.obj \ - $(OBJ_D)\i2d_s_pu.obj $(OBJ_D)\d2i_pu.obj $(OBJ_D)\d2i_pr.obj \ - $(OBJ_D)\i2d_pu.obj $(OBJ_D)\i2d_pr.obj $(OBJ_D)\t_req.obj \ - $(OBJ_D)\t_x509.obj $(OBJ_D)\t_pkey.obj $(OBJ_D)\p7_i_s.obj \ - $(OBJ_D)\p7_signi.obj $(OBJ_D)\p7_signd.obj $(OBJ_D)\p7_recip.obj \ - $(OBJ_D)\p7_enc_c.obj $(OBJ_D)\p7_evp.obj $(OBJ_D)\p7_dgst.obj \ - $(OBJ_D)\p7_s_e.obj $(OBJ_D)\p7_enc.obj $(OBJ_D)\p7_lib.obj \ - $(OBJ_D)\f_int.obj $(OBJ_D)\f_string.obj $(OBJ_D)\i2d_dhp.obj \ - $(OBJ_D)\i2d_dsap.obj $(OBJ_D)\d2i_dhp.obj $(OBJ_D)\d2i_dsap.obj \ - $(OBJ_D)\n_pkey.obj $(OBJ_D)\a_hdr.obj $(OBJ_D)\x_pkey.obj \ - $(OBJ_D)\a_bool.obj $(OBJ_D)\x_exten.obj $(OBJ_D)\asn1_par.obj \ - $(OBJ_D)\asn1_lib.obj $(OBJ_D)\asn1_err.obj $(OBJ_D)\a_meth.obj \ - $(OBJ_D)\a_bytes.obj $(OBJ_D)\evp_asn1.obj $(OBJ_D)\x509_def.obj \ - $(OBJ_D)\x509_d2.obj $(OBJ_D)\x509_r2x.obj $(OBJ_D)\x509_cmp.obj \ - $(OBJ_D)\x509_obj.obj $(OBJ_D)\x509_req.obj $(OBJ_D)\x509_vfy.obj \ - $(OBJ_D)\x509_set.obj $(OBJ_D)\x509rset.obj $(OBJ_D)\x509_err.obj \ - $(OBJ_D)\x509name.obj $(OBJ_D)\x509_v3.obj $(OBJ_D)\x509_ext.obj \ - $(OBJ_D)\x509pack.obj $(OBJ_D)\x509type.obj $(OBJ_D)\x509_lu.obj \ - $(OBJ_D)\x_all.obj $(OBJ_D)\x509_txt.obj $(OBJ_D)\by_file.obj \ - $(OBJ_D)\by_dir.obj $(OBJ_D)\v3_net.obj $(OBJ_D)\v3_x509.obj \ - $(OBJ_D)\conf.obj $(OBJ_D)\conf_err.obj $(OBJ_D)\txt_db.obj \ - $(OBJ_D)\pk7_lib.obj $(OBJ_D)\pkcs7err.obj $(OBJ_D)\pk7_doit.obj + $(OBJ_D)\a_d2i_fp.obj $(OBJ_D)\a_i2d_fp.obj $(OBJ_D)\a_bmp.obj \ + $(OBJ_D)\a_sign.obj $(OBJ_D)\a_digest.obj $(OBJ_D)\a_verify.obj \ + $(OBJ_D)\x_algor.obj $(OBJ_D)\x_val.obj $(OBJ_D)\x_pubkey.obj \ + $(OBJ_D)\x_sig.obj $(OBJ_D)\x_req.obj $(OBJ_D)\x_attrib.obj \ + $(OBJ_D)\x_name.obj $(OBJ_D)\x_cinf.obj $(OBJ_D)\x_x509.obj \ + $(OBJ_D)\x_crl.obj $(OBJ_D)\x_info.obj $(OBJ_D)\x_spki.obj \ + $(OBJ_D)\d2i_r_pr.obj $(OBJ_D)\i2d_r_pr.obj $(OBJ_D)\d2i_r_pu.obj \ + $(OBJ_D)\i2d_r_pu.obj $(OBJ_D)\d2i_s_pr.obj $(OBJ_D)\i2d_s_pr.obj \ + $(OBJ_D)\d2i_s_pu.obj $(OBJ_D)\i2d_s_pu.obj $(OBJ_D)\d2i_pu.obj \ + $(OBJ_D)\d2i_pr.obj $(OBJ_D)\i2d_pu.obj $(OBJ_D)\i2d_pr.obj \ + $(OBJ_D)\t_req.obj $(OBJ_D)\t_x509.obj $(OBJ_D)\t_pkey.obj \ + $(OBJ_D)\p7_i_s.obj $(OBJ_D)\p7_signi.obj $(OBJ_D)\p7_signd.obj \ + $(OBJ_D)\p7_recip.obj $(OBJ_D)\p7_enc_c.obj $(OBJ_D)\p7_evp.obj \ + $(OBJ_D)\p7_dgst.obj $(OBJ_D)\p7_s_e.obj $(OBJ_D)\p7_enc.obj \ + $(OBJ_D)\p7_lib.obj $(OBJ_D)\f_int.obj $(OBJ_D)\f_string.obj \ + $(OBJ_D)\i2d_dhp.obj $(OBJ_D)\i2d_dsap.obj $(OBJ_D)\d2i_dhp.obj \ + $(OBJ_D)\d2i_dsap.obj $(OBJ_D)\n_pkey.obj $(OBJ_D)\a_hdr.obj \ + $(OBJ_D)\x_pkey.obj $(OBJ_D)\a_bool.obj $(OBJ_D)\x_exten.obj \ + $(OBJ_D)\asn1_par.obj $(OBJ_D)\asn1_lib.obj $(OBJ_D)\asn1_err.obj \ + $(OBJ_D)\a_meth.obj $(OBJ_D)\a_bytes.obj $(OBJ_D)\evp_asn1.obj \ + $(OBJ_D)\x509_def.obj $(OBJ_D)\x509_d2.obj $(OBJ_D)\x509_r2x.obj \ + $(OBJ_D)\x509_cmp.obj $(OBJ_D)\x509_obj.obj $(OBJ_D)\x509_req.obj \ + $(OBJ_D)\x509_vfy.obj $(OBJ_D)\x509_set.obj $(OBJ_D)\x509rset.obj \ + $(OBJ_D)\x509_err.obj $(OBJ_D)\x509name.obj $(OBJ_D)\x509_v3.obj \ + $(OBJ_D)\x509_ext.obj $(OBJ_D)\x509pack.obj $(OBJ_D)\x509type.obj \ + $(OBJ_D)\x509_lu.obj $(OBJ_D)\x_all.obj $(OBJ_D)\x509_txt.obj \ + $(OBJ_D)\by_file.obj $(OBJ_D)\by_dir.obj $(OBJ_D)\v3_net.obj \ + $(OBJ_D)\v3_x509.obj $(OBJ_D)\conf.obj $(OBJ_D)\conf_err.obj \ + $(OBJ_D)\txt_db.obj $(OBJ_D)\pk7_lib.obj $(OBJ_D)\pkcs7err.obj \ + $(OBJ_D)\pk7_doit.obj $(OBJ_D)\proxy.obj $(OBJ_D)\pxy_txt.obj \ + $(OBJ_D)\bf_proxy.obj $(OBJ_D)\pxy_conf.obj $(OBJ_D)\pxy_err.obj \ + $(OBJ_D)\comp_lib.obj $(OBJ_D)\c_rle.obj $(OBJ_D)\c_zlib.obj SSLOBJ=$(OBJ_D)\s2_meth.obj \ $(OBJ_D)\s2_srvr.obj $(OBJ_D)\s2_clnt.obj $(OBJ_D)\s2_lib.obj \ @@ -272,7 +277,7 @@ SSLOBJ=$(OBJ_D)\s2_meth.obj \ $(OBJ_D)\ssl_cert.obj $(OBJ_D)\ssl_sess.obj $(OBJ_D)\ssl_ciph.obj \ $(OBJ_D)\ssl_stat.obj $(OBJ_D)\ssl_rsa.obj $(OBJ_D)\ssl_asn1.obj \ $(OBJ_D)\ssl_txt.obj $(OBJ_D)\ssl_algs.obj $(OBJ_D)\bio_ssl.obj \ - $(OBJ_D)\ssl_err.obj + $(OBJ_D)\pxy_ssl.obj $(OBJ_D)\ssl_err.obj RSAGLUEOBJ=$(OBJ_D)\rsaref.obj \ $(OBJ_D)\rsar_err.obj @@ -432,6 +437,9 @@ $(INC_D)\crypto.h: $(SRC_D)\crypto\crypto.h $(INC_D)\cryptall.h: $(SRC_D)\crypto\cryptall.h $(CP) $(SRC_D)\crypto\cryptall.h $(INC_D)\cryptall.h +$(INC_D)\tmdiff.h: $(SRC_D)\crypto\tmdiff.h + $(CP) $(SRC_D)\crypto\tmdiff.h $(INC_D)\tmdiff.h + $(INC_D)\md2.h: $(SRC_D)\crypto\md2\md2.h $(CP) $(SRC_D)\crypto\md2\md2.h $(INC_D)\md2.h @@ -534,6 +542,12 @@ $(INC_D)\txt_db.h: $(SRC_D)\crypto\txt_db\txt_db.h $(INC_D)\pkcs7.h: $(SRC_D)\crypto\pkcs7\pkcs7.h $(CP) $(SRC_D)\crypto\pkcs7\pkcs7.h $(INC_D)\pkcs7.h +$(INC_D)\proxy.h: $(SRC_D)\crypto\proxy\proxy.h + $(CP) $(SRC_D)\crypto\proxy\proxy.h $(INC_D)\proxy.h + +$(INC_D)\comp.h: $(SRC_D)\crypto\comp\comp.h + $(CP) $(SRC_D)\crypto\comp\comp.h $(INC_D)\comp.h + $(INC_D)\ssl.h: $(SRC_D)\ssl\ssl.h $(CP) $(SRC_D)\ssl\ssl.h $(INC_D)\ssl.h @@ -681,6 +695,9 @@ $(OBJ_D)\s_cb.obj: $(SRC_D)\apps\s_cb.c $(OBJ_D)\s_socket.obj: $(SRC_D)\apps\s_socket.c $(CC) /Fo$(OBJ_D)\s_socket.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\s_socket.c +$(OBJ_D)\bf_perm.obj: $(SRC_D)\apps\bf_perm.c + $(CC) /Fo$(OBJ_D)\bf_perm.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\bf_perm.c + $(OBJ_D)\version.obj: $(SRC_D)\apps\version.c $(CC) /Fo$(OBJ_D)\version.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\version.c @@ -730,11 +747,14 @@ $(OBJ_D)\mem.obj: $(SRC_D)\crypto\mem.c $(CC) /Fo$(OBJ_D)\mem.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\mem.c $(OBJ_D)\cversion.obj: $(SRC_D)\crypto\cversion.c - $(CC) /Fo$(OBJ_D)\cversion.obj $(SHLIB_CFLAGS) -DCFLAGS="\"$(CC) $(CFLAG)\"" -c $(SRC_D)\crypto\cversion.c + $(CC) /Fo$(OBJ_D)\cversion.obj $(SHLIB_CFLAGS) -DCFLAGS="\"$(CC) $(CFLAG)\"" -DPLATFORM="\"$(PLATFORM)\"" -c $(SRC_D)\crypto\cversion.c $(OBJ_D)\ex_data.obj: $(SRC_D)\crypto\ex_data.c $(CC) /Fo$(OBJ_D)\ex_data.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\ex_data.c +$(OBJ_D)\tmdiff.obj: $(SRC_D)\crypto\tmdiff.c + $(CC) /Fo$(OBJ_D)\tmdiff.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\tmdiff.c + $(OBJ_D)\cpt_err.obj: $(SRC_D)\crypto\cpt_err.c $(CC) /Fo$(OBJ_D)\cpt_err.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\cpt_err.c @@ -945,9 +965,6 @@ $(OBJ_D)\bn_exp.obj: $(SRC_D)\crypto\bn\bn_exp.c $(OBJ_D)\bn_lib.obj: $(SRC_D)\crypto\bn\bn_lib.c $(CC) /Fo$(OBJ_D)\bn_lib.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_lib.c -$(OBJ_D)\bn_mod.obj: $(SRC_D)\crypto\bn\bn_mod.c - $(CC) /Fo$(OBJ_D)\bn_mod.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mod.c - $(OBJ_D)\bn_mul.obj: $(SRC_D)\crypto\bn\bn_mul.c $(CC) /Fo$(OBJ_D)\bn_mul.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mul.c @@ -960,9 +977,6 @@ $(OBJ_D)\bn_rand.obj: $(SRC_D)\crypto\bn\bn_rand.c $(OBJ_D)\bn_shift.obj: $(SRC_D)\crypto\bn\bn_shift.c $(CC) /Fo$(OBJ_D)\bn_shift.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_shift.c -$(OBJ_D)\bn_sub.obj: $(SRC_D)\crypto\bn\bn_sub.c - $(CC) /Fo$(OBJ_D)\bn_sub.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_sub.c - $(OBJ_D)\bn_word.obj: $(SRC_D)\crypto\bn\bn_word.c $(CC) /Fo$(OBJ_D)\bn_word.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_word.c @@ -981,8 +995,8 @@ $(OBJ_D)\bn_err.obj: $(SRC_D)\crypto\bn\bn_err.c $(OBJ_D)\bn_sqr.obj: $(SRC_D)\crypto\bn\bn_sqr.c $(CC) /Fo$(OBJ_D)\bn_sqr.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_sqr.c -$(OBJ_D)\bn_mulw.obj: $(SRC_D)\crypto\bn\bn_mulw.c - $(CC) /Fo$(OBJ_D)\bn_mulw.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mulw.c +$(OBJ_D)\bn_asm.obj: $(SRC_D)\crypto\bn\bn_asm.c + $(CC) /Fo$(OBJ_D)\bn_asm.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_asm.c $(OBJ_D)\bn_recp.obj: $(SRC_D)\crypto\bn\bn_recp.c $(CC) /Fo$(OBJ_D)\bn_recp.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_recp.c @@ -993,6 +1007,9 @@ $(OBJ_D)\bn_mont.obj: $(SRC_D)\crypto\bn\bn_mont.c $(OBJ_D)\bn_mpi.obj: $(SRC_D)\crypto\bn\bn_mpi.c $(CC) /Fo$(OBJ_D)\bn_mpi.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mpi.c +$(OBJ_D)\bn_exp2.obj: $(SRC_D)\crypto\bn\bn_exp2.c + $(CC) /Fo$(OBJ_D)\bn_exp2.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_exp2.c + $(OBJ_D)\rsa_eay.obj: $(SRC_D)\crypto\rsa\rsa_eay.c $(CC) /Fo$(OBJ_D)\rsa_eay.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_eay.c @@ -1107,6 +1124,9 @@ $(OBJ_D)\bss_acpt.obj: $(SRC_D)\crypto\bio\bss_acpt.c $(OBJ_D)\bf_nbio.obj: $(SRC_D)\crypto\bio\bf_nbio.c $(CC) /Fo$(OBJ_D)\bf_nbio.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bf_nbio.c +$(OBJ_D)\bss_cs4a.obj: $(SRC_D)\crypto\bio\bss_cs4a.c + $(CC) /Fo$(OBJ_D)\bss_cs4a.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_cs4a.c + $(OBJ_D)\stack.obj: $(SRC_D)\crypto\stack\stack.c $(CC) /Fo$(OBJ_D)\stack.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\stack\stack.c @@ -1122,6 +1142,9 @@ $(OBJ_D)\md_rand.obj: $(SRC_D)\crypto\rand\md_rand.c $(OBJ_D)\randfile.obj: $(SRC_D)\crypto\rand\randfile.c $(CC) /Fo$(OBJ_D)\randfile.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rand\randfile.c +$(OBJ_D)\rand_lib.obj: $(SRC_D)\crypto\rand\rand_lib.c + $(CC) /Fo$(OBJ_D)\rand_lib.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rand\rand_lib.c + $(OBJ_D)\err.obj: $(SRC_D)\crypto\err\err.c $(CC) /Fo$(OBJ_D)\err.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\err\err.c @@ -1131,6 +1154,9 @@ $(OBJ_D)\err_all.obj: $(SRC_D)\crypto\err\err_all.c $(OBJ_D)\err_prn.obj: $(SRC_D)\crypto\err\err_prn.c $(CC) /Fo$(OBJ_D)\err_prn.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\err\err_prn.c +$(OBJ_D)\o_names.obj: $(SRC_D)\crypto\objects\o_names.c + $(CC) /Fo$(OBJ_D)\o_names.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\objects\o_names.c + $(OBJ_D)\obj_dat.obj: $(SRC_D)\crypto\objects\obj_dat.c $(CC) /Fo$(OBJ_D)\obj_dat.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\objects\obj_dat.c @@ -1365,6 +1391,9 @@ $(OBJ_D)\a_d2i_fp.obj: $(SRC_D)\crypto\asn1\a_d2i_fp.c $(OBJ_D)\a_i2d_fp.obj: $(SRC_D)\crypto\asn1\a_i2d_fp.c $(CC) /Fo$(OBJ_D)\a_i2d_fp.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_i2d_fp.c +$(OBJ_D)\a_bmp.obj: $(SRC_D)\crypto\asn1\a_bmp.c + $(CC) /Fo$(OBJ_D)\a_bmp.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_bmp.c + $(OBJ_D)\a_sign.obj: $(SRC_D)\crypto\asn1\a_sign.c $(CC) /Fo$(OBJ_D)\a_sign.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_sign.c @@ -1620,6 +1649,30 @@ $(OBJ_D)\pkcs7err.obj: $(SRC_D)\crypto\pkcs7\pkcs7err.c $(OBJ_D)\pk7_doit.obj: $(SRC_D)\crypto\pkcs7\pk7_doit.c $(CC) /Fo$(OBJ_D)\pk7_doit.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\pkcs7\pk7_doit.c +$(OBJ_D)\proxy.obj: $(SRC_D)\crypto\proxy\proxy.c + $(CC) /Fo$(OBJ_D)\proxy.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\proxy\proxy.c + +$(OBJ_D)\pxy_txt.obj: $(SRC_D)\crypto\proxy\pxy_txt.c + $(CC) /Fo$(OBJ_D)\pxy_txt.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\proxy\pxy_txt.c + +$(OBJ_D)\bf_proxy.obj: $(SRC_D)\crypto\proxy\bf_proxy.c + $(CC) /Fo$(OBJ_D)\bf_proxy.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\proxy\bf_proxy.c + +$(OBJ_D)\pxy_conf.obj: $(SRC_D)\crypto\proxy\pxy_conf.c + $(CC) /Fo$(OBJ_D)\pxy_conf.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\proxy\pxy_conf.c + +$(OBJ_D)\pxy_err.obj: $(SRC_D)\crypto\proxy\pxy_err.c + $(CC) /Fo$(OBJ_D)\pxy_err.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\proxy\pxy_err.c + +$(OBJ_D)\comp_lib.obj: $(SRC_D)\crypto\comp\comp_lib.c + $(CC) /Fo$(OBJ_D)\comp_lib.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\comp\comp_lib.c + +$(OBJ_D)\c_rle.obj: $(SRC_D)\crypto\comp\c_rle.c + $(CC) /Fo$(OBJ_D)\c_rle.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\comp\c_rle.c + +$(OBJ_D)\c_zlib.obj: $(SRC_D)\crypto\comp\c_zlib.c + $(CC) /Fo$(OBJ_D)\c_zlib.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\comp\c_zlib.c + $(OBJ_D)\s2_meth.obj: $(SRC_D)\ssl\s2_meth.c $(CC) /Fo$(OBJ_D)\s2_meth.obj $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s2_meth.c @@ -1722,6 +1775,9 @@ $(OBJ_D)\ssl_algs.obj: $(SRC_D)\ssl\ssl_algs.c $(OBJ_D)\bio_ssl.obj: $(SRC_D)\ssl\bio_ssl.c $(CC) /Fo$(OBJ_D)\bio_ssl.obj $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\bio_ssl.c +$(OBJ_D)\pxy_ssl.obj: $(SRC_D)\ssl\pxy_ssl.c + $(CC) /Fo$(OBJ_D)\pxy_ssl.obj $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\pxy_ssl.c + $(OBJ_D)\ssl_err.obj: $(SRC_D)\ssl\ssl_err.c $(CC) /Fo$(OBJ_D)\ssl_err.obj $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\ssl_err.c diff --git a/ms/req2CA.ss b/ms/req2CA.ss index 6a3dd4e2d..d061fb2a0 100644 --- a/ms/req2CA.ss +++ b/ms/req2CA.ss @@ -6,24 +6,24 @@ Certificate Request: Public Key Algorithm: rsaEncryption RSA Public Key: (512 bit) Modulus (512 bit): - 00:c0:e2:84:c5:b7:5f:28:b7:a6:10:c1:8e:29:e0: - 60:a8:8d:da:6c:91:3d:cb:37:f7:5a:1a:cf:71:02: - d1:03:23:3c:e5:83:f1:93:40:d0:61:6c:21:12:1f: - 62:d8:1c:46:59:80:19:ec:aa:ef:d4:4a:9d:b1:58: - 82:40:11:ae:05 + 00:d0:34:0b:7a:73:3f:9d:c2:ba:0b:04:84:26:13: + 8e:d5:67:d9:50:f5:04:8b:8a:6f:a2:cf:5f:1d:6e: + 39:f6:38:77:ad:10:c0:0e:08:b7:7e:20:98:c6:84: + 55:49:08:6f:07:8e:e4:0d:9d:d5:88:d8:39:ca:b0: + e1:cb:b1:7d:cb Exponent: 65537 (0x10001) Attributes: a0:00 Signature Algorithm: md5WithRSAEncryption - 12:14:96:c0:0e:ea:5a:08:6f:13:fd:72:84:6a:26:33:29:f9: - 52:39:4c:fc:ec:da:0d:83:39:2e:27:17:9b:f8:46:03:b5:dd: - 52:a6:dd:3a:50:8e:73:4f:87:94:59:31:1d:5a:54:24:96:4d: - d4:57:95:4c:ca:4c:dc:0b:b8:5f + 8d:15:e6:8e:49:0f:07:fb:e0:72:ad:f0:04:9a:c8:5d:e7:1b: + ed:99:c9:c3:3c:f5:8e:4d:a1:5e:e1:40:75:2c:24:f0:c6:dd: + 10:87:35:26:1d:cc:79:3f:a2:c6:a0:04:c8:52:78:ed:26:32: + d3:1b:a7:cd:5e:8c:55:92:dd:88 -----BEGIN CERTIFICATE REQUEST----- MIHzMIGeAgEAMDkxCzAJBgNVBAYTAkFVMRcwFQYDVQQKEw5Eb2RneSBCcm90aGVy -czERMA8GA1UEAxMIRG9kZ3kgQ0EwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAwOKE -xbdfKLemEMGOKeBgqI3abJE9yzf3WhrPcQLRAyM85YPxk0DQYWwhEh9i2BxGWYAZ -7Krv1EqdsViCQBGuBQIDAQABoAAwDQYJKoZIhvcNAQEEBQADQQASFJbADupaCG8T -/XKEaiYzKflSOUz87NoNgzkuJxeb+EYDtd1Spt06UI5zT4eUWTEdWlQklk3UV5VM -ykzcC7hf +czERMA8GA1UEAxMIRG9kZ3kgQ0EwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA0DQL +enM/ncK6CwSEJhOO1WfZUPUEi4pvos9fHW459jh3rRDADgi3fiCYxoRVSQhvB47k +DZ3ViNg5yrDhy7F9ywIDAQABoAAwDQYJKoZIhvcNAQEEBQADQQCNFeaOSQ8H++By +rfAEmshd5xvtmcnDPPWOTaFe4UB1LCTwxt0QhzUmHcx5P6LGoATIUnjtJjLTG6fN +XoxVkt2I -----END CERTIFICATE REQUEST----- diff --git a/ms/reqCA.ss b/ms/reqCA.ss index be8ca974d..1f7138cad 100644 --- a/ms/reqCA.ss +++ b/ms/reqCA.ss @@ -1,8 +1,8 @@ -----BEGIN CERTIFICATE REQUEST----- MIHzMIGeAgEAMDkxCzAJBgNVBAYTAkFVMRcwFQYDVQQKEw5Eb2RneSBCcm90aGVy -czERMA8GA1UEAxMIRG9kZ3kgQ0EwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAwOKE -xbdfKLemEMGOKeBgqI3abJE9yzf3WhrPcQLRAyM85YPxk0DQYWwhEh9i2BxGWYAZ -7Krv1EqdsViCQBGuBQIDAQABoAAwDQYJKoZIhvcNAQEFBQADQQDAvyCzrfhnLH8V -tldPhV9imEi8Dh8vjRYIIb4AlIq25ku8NJyTHi3zOwvH2iiTUx4oxOV9/++UbU+l -dmT7y1IS +czERMA8GA1UEAxMIRG9kZ3kgQ0EwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA0DQL +enM/ncK6CwSEJhOO1WfZUPUEi4pvos9fHW459jh3rRDADgi3fiCYxoRVSQhvB47k +DZ3ViNg5yrDhy7F9ywIDAQABoAAwDQYJKoZIhvcNAQEFBQADQQA5DZSZgDXs8flG +GZf4SGr8QpqkxSu9bZOYp/ySuz1khj7aupBrvZBmqZcZx4ZjAUN7UQpMWu2gyfKa +mAiiLPFN -----END CERTIFICATE REQUEST----- diff --git a/ms/reqU.ss b/ms/reqU.ss index 922389719..91cce5966 100644 --- a/ms/reqU.ss +++ b/ms/reqU.ss @@ -1,8 +1,8 @@ -----BEGIN CERTIFICATE REQUEST----- MIIBCDCBswIBADBOMQswCQYDVQQGEwJBVTEXMBUGA1UEChMORG9kZ3kgQnJvdGhl cnMxEjAQBgNVBAMTCUJyb3RoZXIgMTESMBAGA1UEAxMJQnJvdGhlciAyMFwwDQYJ -KoZIhvcNAQEBBQADSwAwSAJBAMn4ERwmb5cqvcokIrFpnrZ6Ww2TIWQfh47sUMad -4BKSOz/KuWebVyFOfjhQHyEZEXTBmv1CvjVYOwCelGMiEd8CAwEAAaAAMA0GCSqG -SIb3DQEBAgUAA0EAbE4cboaJY3vKmskyPC1cS5Jn4WjFOjaUCNI5MjeTNTZ6AE4o -h6Sx4PeQomjMA1gRGrHCz+5IyVBcgskY5IYLCw== +KoZIhvcNAQEBBQADSwAwSAJBANHuKqKzq/87iwfTb0Wl4SVWiB2hhmrGu3jAI1T4 +rVgF5Dfg8V4hh9QpzIEK2iomM7BFT9ecbcZHrxLyuYyaTsMCAwEAAaAAMA0GCSqG +SIb3DQEBAgUAA0EAhB0p6LbiVq+XshLo5sBQN0rsROC1OgWrdS6ZUmMaigOKK069 +r1o+dGwbM5VCYGTZf0PW9OtGuArGct0laL5h4w== -----END CERTIFICATE REQUEST----- diff --git a/ms/ssleay16.def b/ms/ssleay16.def index 2c6164430..0a0c6927b 100644 --- a/ms/ssleay16.def +++ b/ms/ssleay16.def @@ -20,6 +20,7 @@ EXPORTS _BIO_new_buffer_ssl_connect @173 _BIO_new_ssl @122 _BIO_new_ssl_connect @174 + _BIO_proxy_ssl_copy_session_id @123 _BIO_ssl_copy_session_id @124 _BIO_ssl_shutdown @131 _ERR_load_SSL_strings @1 @@ -96,6 +97,7 @@ EXPORTS _SSL_get_default_timeout @57 _SSL_get_error @58 _SSL_get_ex_data @151 + _SSL_get_ex_data_X509_STORE_CTX_idx @175 _SSL_get_ex_new_index @169 _SSL_get_fd @59 _SSL_get_info_callback @165 diff --git a/ms/ssleay32.def b/ms/ssleay32.def index aa823b806..5897967dd 100644 --- a/ms/ssleay32.def +++ b/ms/ssleay32.def @@ -12,6 +12,7 @@ EXPORTS BIO_new_buffer_ssl_connect @173 BIO_new_ssl @122 BIO_new_ssl_connect @174 + BIO_proxy_ssl_copy_session_id @123 BIO_ssl_copy_session_id @124 BIO_ssl_shutdown @131 ERR_load_SSL_strings @1 @@ -89,6 +90,7 @@ EXPORTS SSL_get_default_timeout @57 SSL_get_error @58 SSL_get_ex_data @151 + SSL_get_ex_data_X509_STORE_CTX_idx @175 SSL_get_ex_new_index @169 SSL_get_fd @59 SSL_get_info_callback @165 diff --git a/ms/test.bat b/ms/test.bat index cffaf4652..277602c56 100755 --- a/ms/test.bat +++ b/ms/test.bat @@ -1,134 +1,137 @@ -@echo=off - -set test=..\ms - -rem run this from inside the bin directory - -echo destest -destest -if errorlevel 1 goto done - -echo ideatest -ideatest -if errorlevel 1 goto done - -echo bftest -bftest -if errorlevel 1 goto done - -echo shatest -shatest -if errorlevel 1 goto done - -echo sha1test -sha1test -if errorlevel 1 goto done - -echo md5test -md5test -if errorlevel 1 goto done - -echo md2test -md2test -if errorlevel 1 goto done - -echo mdc2test -mdc2test -if errorlevel 1 goto done - -echo rc2test -rc2test -if errorlevel 1 goto done - -echo rc4test -rc4test -if errorlevel 1 goto done - -echo randtest -randtest -if errorlevel 1 goto done - -echo dhtest -dhtest -if errorlevel 1 goto done - -echo exptest -exptest -if errorlevel 1 goto done - -echo dsatest -dsatest -if errorlevel 1 goto done - -echo testenc -call %test%\testenc ssleay -if errorlevel 1 goto done - -echo testpem -call %test%\testpem ssleay -if errorlevel 1 goto done - -echo verify -copy ..\certs\*.pem cert.tmp >nul -ssleay verify -CAfile cert.tmp ..\certs\*.pem - -echo testss -call %test%\testss ssleay -if errorlevel 1 goto done - -echo test sslv2 -ssltest -ssl2 -if errorlevel 1 goto done - -echo test sslv2 with server authentication -ssltest -ssl2 -server_auth -CAfile cert.tmp -if errorlevel 1 goto done - -echo test sslv2 with client authentication -ssltest -ssl2 -client_auth -CAfile cert.tmp -if errorlevel 1 goto done - -echo test sslv2 with both client and server authentication -ssltest -ssl2 -server_auth -client_auth -CAfile cert.tmp -if errorlevel 1 goto done - -echo test sslv3 -ssltest -ssl3 -if errorlevel 1 goto done - -echo test sslv3 with server authentication -ssltest -ssl3 -server_auth -CAfile cert.tmp -if errorlevel 1 goto done - -echo test sslv3 with client authentication -ssltest -ssl3 -client_auth -CAfile cert.tmp -if errorlevel 1 goto done - -echo test sslv3 with both client and server authentication -ssltest -ssl3 -server_auth -client_auth -CAfile cert.tmp -if errorlevel 1 goto done - -echo test sslv2/sslv3 -ssltest -if errorlevel 1 goto done - -echo test sslv2/sslv3 with server authentication -ssltest -server_auth -CAfile cert.tmp -if errorlevel 1 goto done - -echo test sslv2/sslv3 with client authentication -ssltest -client_auth -CAfile cert.tmp -if errorlevel 1 goto done - -echo test sslv2/sslv3 with both client and server authentication -ssltest -server_auth -client_auth -CAfile cert.tmp -if errorlevel 1 goto done - - -del cert.tmp - -echo passed all tests -goto end -:done -echo problems..... -:end +@echo=off
+
+set test=p:\work\ssleay\ms
+set opath=%PATH%
+PATH=%1;%PATH%
+
+rem run this from inside the bin directory
+
+echo destest
+destest
+if errorlevel 1 goto done
+
+echo ideatest
+ideatest
+if errorlevel 1 goto done
+
+echo bftest
+bftest
+if errorlevel 1 goto done
+
+echo shatest
+shatest
+if errorlevel 1 goto done
+
+echo sha1test
+sha1test
+if errorlevel 1 goto done
+
+echo md5test
+md5test
+if errorlevel 1 goto done
+
+echo md2test
+md2test
+if errorlevel 1 goto done
+
+echo mdc2test
+mdc2test
+if errorlevel 1 goto done
+
+echo rc2test
+rc2test
+if errorlevel 1 goto done
+
+echo rc4test
+rc4test
+if errorlevel 1 goto done
+
+echo randtest
+randtest
+if errorlevel 1 goto done
+
+echo dhtest
+dhtest
+if errorlevel 1 goto done
+
+echo exptest
+exptest
+if errorlevel 1 goto done
+
+echo dsatest
+dsatest
+if errorlevel 1 goto done
+
+echo testenc
+call %test%\testenc ssleay
+if errorlevel 1 goto done
+
+echo testpem
+call %test%\testpem ssleay
+if errorlevel 1 goto done
+
+echo verify
+copy ..\certs\*.pem cert.tmp >nul
+ssleay verify -CAfile cert.tmp ..\certs\*.pem
+
+echo testss
+call %test%\testss ssleay
+if errorlevel 1 goto done
+
+echo test sslv2
+ssltest -ssl2
+if errorlevel 1 goto done
+
+echo test sslv2 with server authentication
+ssltest -ssl2 -server_auth -CAfile cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2 with client authentication
+ssltest -ssl2 -client_auth -CAfile cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2 with both client and server authentication
+ssltest -ssl2 -server_auth -client_auth -CAfile cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv3
+ssltest -ssl3
+if errorlevel 1 goto done
+
+echo test sslv3 with server authentication
+ssltest -ssl3 -server_auth -CAfile cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv3 with client authentication
+ssltest -ssl3 -client_auth -CAfile cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv3 with both client and server authentication
+ssltest -ssl3 -server_auth -client_auth -CAfile cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3
+ssltest
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with server authentication
+ssltest -server_auth -CAfile cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with client authentication
+ssltest -client_auth -CAfile cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with both client and server authentication
+ssltest -server_auth -client_auth -CAfile cert.tmp
+if errorlevel 1 goto done
+
+
+del cert.tmp
+
+echo passed all tests
+goto end
+:done
+echo problems.....
+:end
+PATH=%opath%
diff --git a/ms/testenc.bat b/ms/testenc.bat index 2c73bb7d1..a33fbd5ed 100755 --- a/ms/testenc.bat +++ b/ms/testenc.bat @@ -1,93 +1,93 @@ -echo=off - -echo start testenc -path=..\ms;%path% -set ssleay=%1% -set input=..\ms\testenc.bat -set tmp1=..\ms\cipher.out -set out1=..\ms\clear.out -set cmp=perl ..\ms\cmp.pl - -call tenc.bat enc -if errorlevel 1 goto err - -call tenc.bat rc4 -if errorlevel 1 goto err - -call tenc.bat des-cfb -if errorlevel 1 goto err - -call tenc.bat des-ede-cfb -if errorlevel 1 goto err - -call tenc.bat des-ede3-cfb -if errorlevel 1 goto err - -call tenc.bat des-ofb -if errorlevel 1 goto err - -call tenc.bat des-ede-ofb -if errorlevel 1 goto err - -call tenc.bat des-ede3-ofb -if errorlevel 1 goto err - -call tenc.bat des-ecb -if errorlevel 1 goto err - -call tenc.bat des-ede -if errorlevel 1 goto err - -call tenc.bat des-ede3 -if errorlevel 1 goto err - -call tenc.bat des-cbc -if errorlevel 1 goto err - -call tenc.bat des-ede-cbc -if errorlevel 1 goto err - -call tenc.bat des-ede3-cbc -if errorlevel 1 goto err - -call tenc.bat idea-ecb -if errorlevel 1 goto err - -call tenc.bat idea-cfb -if errorlevel 1 goto err - -call tenc.bat idea-ofb -if errorlevel 1 goto err - -call tenc.bat idea-cbc -if errorlevel 1 goto err - -call tenc.bat rc2-ecb -if errorlevel 1 goto err - -call tenc.bat rc2-cfb -if errorlevel 1 goto err - -call tenc.bat rc2-ofb -if errorlevel 1 goto err - -call tenc.bat rc2-cbc -if errorlevel 1 goto err - -call tenc.bat bf-ecb -if errorlevel 1 goto err - -call tenc.bat bf-cfb -if errorlevel 1 goto err - -call tenc.bat bf-ofb -if errorlevel 1 goto err - -call tenc.bat bf-cbc -if errorlevel 1 goto err - -echo OK -del %out1% -del %tmp1% -:err - +
+echo start testenc
+path=p:\work\ssleay\ms;%path%
+set ssleay=%1%
+set input=p:\work\ssleay\ms\testenc.bat
+set tmp1=p:\work\ssleay\ms\cipher.out
+set out1=p:\work\ssleay\ms\clear.out
+set cmp=perl p:\work\ssleay\ms\cmp.pl
+
+cd
+call tenc.bat enc
+if errorlevel 1 goto err
+
+call tenc.bat rc4
+if errorlevel 1 goto err
+
+call tenc.bat des-cfb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede-cfb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede3-cfb
+if errorlevel 1 goto err
+
+call tenc.bat des-ofb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede-ofb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede3-ofb
+if errorlevel 1 goto err
+
+call tenc.bat des-ecb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede
+if errorlevel 1 goto err
+
+call tenc.bat des-ede3
+if errorlevel 1 goto err
+
+call tenc.bat des-cbc
+if errorlevel 1 goto err
+
+call tenc.bat des-ede-cbc
+if errorlevel 1 goto err
+
+call tenc.bat des-ede3-cbc
+if errorlevel 1 goto err
+
+call tenc.bat idea-ecb
+if errorlevel 1 goto err
+
+call tenc.bat idea-cfb
+if errorlevel 1 goto err
+
+call tenc.bat idea-ofb
+if errorlevel 1 goto err
+
+call tenc.bat idea-cbc
+if errorlevel 1 goto err
+
+call tenc.bat rc2-ecb
+if errorlevel 1 goto err
+
+call tenc.bat rc2-cfb
+if errorlevel 1 goto err
+
+call tenc.bat rc2-ofb
+if errorlevel 1 goto err
+
+call tenc.bat rc2-cbc
+if errorlevel 1 goto err
+
+call tenc.bat bf-ecb
+if errorlevel 1 goto err
+
+call tenc.bat bf-cfb
+if errorlevel 1 goto err
+
+call tenc.bat bf-ofb
+if errorlevel 1 goto err
+
+call tenc.bat bf-cbc
+if errorlevel 1 goto err
+
+echo OK
+del %out1%
+del %tmp1%
+:err
+
diff --git a/ms/w31dll.mak b/ms/w31dll.mak index 6821d8260..f7feb8cb0 100644 --- a/ms/w31dll.mak +++ b/ms/w31dll.mak @@ -14,6 +14,7 @@ INSTALLTOP=\usr\local\ssl # Set your compiler options +PLATFORM=VC-WIN16 CC=cl CFLAG=/ALw /Gx- /Gt256 /Gf /G2 /f- /Ocgnotb2 /W3 /WX -DL_ENDIAN /nologo -DWINDOWS -DWIN16 APP_CFLAG=/Gw /FPi87 @@ -31,12 +32,10 @@ SRC_D=. LINK=link LFLAGS= /FARCALL /NOLOGO /NOD /SEG:1024 /ONERROR:NOEXE /NOE /PACKC:60000 /PACKD:60000 /STACK:20000 /ALIGN:256 -BN_MULW_OBJ=crypto\bn\asm\x86w32.obj -BN_MULW_SRC=crypto\bn\asm\x86w32.asm +BN_ASM_OBJ=crypto\bn\asm\x86w32.obj +BN_ASM_SRC=crypto\bn\asm\x86w32.asm DES_ENC_OBJ= DES_ENC_SRC= -DES_CRYPT_OBJ= -DES_CRYPT_SRC= BF_ENC_OBJ= BF_ENC_SRC= CAST_ENC_OBJ= @@ -120,21 +119,22 @@ HEADER=$(INCL_D)\cryptlib.h \ $(INCL_D)\cast_lcl.h $(INCL_D)\bn_lcl.h $(INCL_D)\bn_prime.h \ $(INCL_D)\obj_dat.h $(INCL_D)\conf_lcl.h $(INCL_D)\ssl_locl.h \ $(INCL_D)\rsaref.h $(INCL_D)\apps.h $(INCL_D)\progs.h \ - $(INCL_D)\s_apps.h $(INCL_D)\testdsa.h $(INCL_D)\testrsa.h + $(INCL_D)\testdsa.h $(INCL_D)\testrsa.h EXHEADER=$(INC_D)\e_os.h \ - $(INC_D)\crypto.h $(INC_D)\cryptall.h $(INC_D)\md2.h \ - $(INC_D)\md5.h $(INC_D)\sha.h $(INC_D)\mdc2.h \ - $(INC_D)\hmac.h $(INC_D)\ripemd.h $(INC_D)\des.h \ - $(INC_D)\rc2.h $(INC_D)\rc4.h $(INC_D)\rc5.h \ - $(INC_D)\idea.h $(INC_D)\blowfish.h $(INC_D)\cast.h \ - $(INC_D)\bn.h $(INC_D)\rsa.h $(INC_D)\dsa.h \ - $(INC_D)\dh.h $(INC_D)\buffer.h $(INC_D)\bio.h \ - $(INC_D)\bss_file.c $(INC_D)\stack.h $(INC_D)\lhash.h \ - $(INC_D)\rand.h $(INC_D)\err.h $(INC_D)\objects.h \ - $(INC_D)\evp.h $(INC_D)\pem.h $(INC_D)\asn1.h \ - $(INC_D)\asn1_mac.h $(INC_D)\x509.h $(INC_D)\x509_vfy.h \ - $(INC_D)\conf.h $(INC_D)\txt_db.h $(INC_D)\pkcs7.h \ + $(INC_D)\crypto.h $(INC_D)\cryptall.h $(INC_D)\tmdiff.h \ + $(INC_D)\md2.h $(INC_D)\md5.h $(INC_D)\sha.h \ + $(INC_D)\mdc2.h $(INC_D)\hmac.h $(INC_D)\ripemd.h \ + $(INC_D)\des.h $(INC_D)\rc2.h $(INC_D)\rc4.h \ + $(INC_D)\rc5.h $(INC_D)\idea.h $(INC_D)\blowfish.h \ + $(INC_D)\cast.h $(INC_D)\bn.h $(INC_D)\rsa.h \ + $(INC_D)\dsa.h $(INC_D)\dh.h $(INC_D)\buffer.h \ + $(INC_D)\bio.h $(INC_D)\bss_file.c $(INC_D)\stack.h \ + $(INC_D)\lhash.h $(INC_D)\rand.h $(INC_D)\err.h \ + $(INC_D)\objects.h $(INC_D)\evp.h $(INC_D)\pem.h \ + $(INC_D)\asn1.h $(INC_D)\asn1_mac.h $(INC_D)\x509.h \ + $(INC_D)\x509_vfy.h $(INC_D)\conf.h $(INC_D)\txt_db.h \ + $(INC_D)\pkcs7.h $(INC_D)\proxy.h $(INC_D)\comp.h \ $(INC_D)\ssl.h $(INC_D)\ssl2.h $(INC_D)\ssl3.h \ $(INC_D)\ssl23.h $(INC_D)\tls1.h @@ -154,41 +154,42 @@ E_OBJ=$(OBJ_D)\verify.obj \ $(OBJ_D)\crl2p7.obj $(OBJ_D)\crl.obj $(OBJ_D)\rsa.obj \ $(OBJ_D)\dsa.obj $(OBJ_D)\dsaparam.obj $(OBJ_D)\x509.obj \ $(OBJ_D)\genrsa.obj $(OBJ_D)\s_server.obj $(OBJ_D)\s_client.obj \ - $(OBJ_D)\speed.obj $(OBJ_D)\s_time.obj $(OBJ_D)\apps.obj \ - $(OBJ_D)\s_cb.obj $(OBJ_D)\s_socket.obj $(OBJ_D)\version.obj \ + $(OBJ_D)\speed.obj $(OBJ_D)\s_time.obj \ + $(OBJ_D)\apps.obj $(OBJ_D)\s_cb.obj $(OBJ_D)\s_socket.obj \ + $(OBJ_D)\s_eio.obj $(OBJ_D)\bf_perm.obj $(OBJ_D)\version.obj \ $(OBJ_D)\sess_id.obj $(OBJ_D)\ciphers.obj $(OBJ_D)\ssleay.obj CRYPTOOBJ=$(OBJ_D)\cryptlib.obj \ $(OBJ_D)\mem.obj $(OBJ_D)\cversion.obj $(OBJ_D)\ex_data.obj \ - $(OBJ_D)\cpt_err.obj $(OBJ_D)\md2_dgst.obj $(OBJ_D)\md2_one.obj \ - $(OBJ_D)\md5_dgst.obj $(OBJ_D)\md5_one.obj $(OBJ_D)\sha_dgst.obj \ - $(OBJ_D)\sha1dgst.obj $(OBJ_D)\sha_one.obj $(OBJ_D)\sha1_one.obj \ - $(OBJ_D)\mdc2dgst.obj $(OBJ_D)\mdc2_one.obj $(OBJ_D)\hmac.obj \ - $(OBJ_D)\rmd_dgst.obj $(OBJ_D)\rmd_one.obj $(OBJ_D)\set_key.obj \ - $(OBJ_D)\ecb_enc.obj $(OBJ_D)\cbc_enc.obj $(OBJ_D)\ecb3_enc.obj \ - $(OBJ_D)\cfb64enc.obj $(OBJ_D)\cfb64ede.obj $(OBJ_D)\cfb_enc.obj \ - $(OBJ_D)\ofb64ede.obj $(OBJ_D)\enc_read.obj $(OBJ_D)\enc_writ.obj \ - $(OBJ_D)\ofb64enc.obj $(OBJ_D)\ofb_enc.obj $(OBJ_D)\str2key.obj \ - $(OBJ_D)\pcbc_enc.obj $(OBJ_D)\qud_cksm.obj $(OBJ_D)\rand_key.obj \ - $(OBJ_D)\des_enc.obj $(OBJ_D)\fcrypt_b.obj $(OBJ_D)\read2pwd.obj \ - $(OBJ_D)\fcrypt.obj $(OBJ_D)\xcbc_enc.obj $(OBJ_D)\read_pwd.obj \ - $(OBJ_D)\rpc_enc.obj $(OBJ_D)\cbc_cksm.obj $(OBJ_D)\supp.obj \ - $(OBJ_D)\rc2_ecb.obj $(OBJ_D)\rc2_skey.obj $(OBJ_D)\rc2_cbc.obj \ - $(OBJ_D)\rc2cfb64.obj $(OBJ_D)\rc2ofb64.obj $(OBJ_D)\rc4_skey.obj \ - $(OBJ_D)\rc4_enc.obj $(OBJ_D)\rc5_skey.obj $(OBJ_D)\rc5_ecb.obj \ - $(OBJ_D)\rc5_enc.obj $(OBJ_D)\rc5cfb64.obj $(OBJ_D)\rc5ofb64.obj \ - $(OBJ_D)\i_cbc.obj $(OBJ_D)\i_cfb64.obj $(OBJ_D)\i_ofb64.obj \ - $(OBJ_D)\i_ecb.obj $(OBJ_D)\i_skey.obj $(OBJ_D)\bf_skey.obj \ - $(OBJ_D)\bf_ecb.obj $(OBJ_D)\bf_enc.obj $(OBJ_D)\bf_cfb64.obj \ - $(OBJ_D)\bf_ofb64.obj $(OBJ_D)\c_skey.obj $(OBJ_D)\c_ecb.obj \ - $(OBJ_D)\c_enc.obj $(OBJ_D)\c_cfb64.obj $(OBJ_D)\c_ofb64.obj \ - $(OBJ_D)\bn_add.obj $(OBJ_D)\bn_div.obj $(OBJ_D)\bn_exp.obj \ - $(OBJ_D)\bn_lib.obj $(OBJ_D)\bn_mod.obj $(OBJ_D)\bn_mul.obj \ + $(OBJ_D)\tmdiff.obj $(OBJ_D)\cpt_err.obj $(OBJ_D)\md2_dgst.obj \ + $(OBJ_D)\md2_one.obj $(OBJ_D)\md5_dgst.obj $(OBJ_D)\md5_one.obj \ + $(OBJ_D)\sha_dgst.obj $(OBJ_D)\sha1dgst.obj $(OBJ_D)\sha_one.obj \ + $(OBJ_D)\sha1_one.obj $(OBJ_D)\mdc2dgst.obj $(OBJ_D)\mdc2_one.obj \ + $(OBJ_D)\hmac.obj $(OBJ_D)\rmd_dgst.obj $(OBJ_D)\rmd_one.obj \ + $(OBJ_D)\set_key.obj $(OBJ_D)\ecb_enc.obj $(OBJ_D)\cbc_enc.obj \ + $(OBJ_D)\ecb3_enc.obj $(OBJ_D)\cfb64enc.obj $(OBJ_D)\cfb64ede.obj \ + $(OBJ_D)\cfb_enc.obj $(OBJ_D)\ofb64ede.obj $(OBJ_D)\enc_read.obj \ + $(OBJ_D)\enc_writ.obj $(OBJ_D)\ofb64enc.obj $(OBJ_D)\ofb_enc.obj \ + $(OBJ_D)\str2key.obj $(OBJ_D)\pcbc_enc.obj $(OBJ_D)\qud_cksm.obj \ + $(OBJ_D)\rand_key.obj $(OBJ_D)\des_enc.obj $(OBJ_D)\fcrypt_b.obj \ + $(OBJ_D)\read2pwd.obj $(OBJ_D)\fcrypt.obj $(OBJ_D)\xcbc_enc.obj \ + $(OBJ_D)\read_pwd.obj $(OBJ_D)\rpc_enc.obj $(OBJ_D)\cbc_cksm.obj \ + $(OBJ_D)\supp.obj $(OBJ_D)\rc2_ecb.obj $(OBJ_D)\rc2_skey.obj \ + $(OBJ_D)\rc2_cbc.obj $(OBJ_D)\rc2cfb64.obj $(OBJ_D)\rc2ofb64.obj \ + $(OBJ_D)\rc4_skey.obj $(OBJ_D)\rc4_enc.obj $(OBJ_D)\rc5_skey.obj \ + $(OBJ_D)\rc5_ecb.obj $(OBJ_D)\rc5_enc.obj $(OBJ_D)\rc5cfb64.obj \ + $(OBJ_D)\rc5ofb64.obj $(OBJ_D)\i_cbc.obj $(OBJ_D)\i_cfb64.obj \ + $(OBJ_D)\i_ofb64.obj $(OBJ_D)\i_ecb.obj $(OBJ_D)\i_skey.obj \ + $(OBJ_D)\bf_skey.obj $(OBJ_D)\bf_ecb.obj $(OBJ_D)\bf_enc.obj \ + $(OBJ_D)\bf_cfb64.obj $(OBJ_D)\bf_ofb64.obj $(OBJ_D)\c_skey.obj \ + $(OBJ_D)\c_ecb.obj $(OBJ_D)\c_enc.obj $(OBJ_D)\c_cfb64.obj \ + $(OBJ_D)\c_ofb64.obj $(OBJ_D)\bn_add.obj $(OBJ_D)\bn_div.obj \ + $(OBJ_D)\bn_exp.obj $(OBJ_D)\bn_lib.obj $(OBJ_D)\bn_mul.obj \ $(OBJ_D)\bn_print.obj $(OBJ_D)\bn_rand.obj $(OBJ_D)\bn_shift.obj \ - $(OBJ_D)\bn_sub.obj $(OBJ_D)\bn_word.obj $(OBJ_D)\bn_blind.obj \ - $(OBJ_D)\bn_gcd.obj $(OBJ_D)\bn_prime.obj $(OBJ_D)\bn_err.obj \ - $(OBJ_D)\bn_sqr.obj $(BN_MULW_OBJ) $(OBJ_D)\bn_recp.obj \ - $(OBJ_D)\bn_mont.obj $(OBJ_D)\bn_mpi.obj $(OBJ_D)\rsa_eay.obj \ + $(OBJ_D)\bn_word.obj $(OBJ_D)\bn_blind.obj $(OBJ_D)\bn_gcd.obj \ + $(OBJ_D)\bn_prime.obj $(OBJ_D)\bn_err.obj $(OBJ_D)\bn_sqr.obj \ + $(BN_ASM_OBJ) $(OBJ_D)\bn_recp.obj $(OBJ_D)\bn_mont.obj \ + $(OBJ_D)\bn_mpi.obj $(OBJ_D)\bn_exp2.obj $(OBJ_D)\rsa_eay.obj \ $(OBJ_D)\rsa_gen.obj $(OBJ_D)\rsa_lib.obj $(OBJ_D)\rsa_sign.obj \ $(OBJ_D)\rsa_saos.obj $(OBJ_D)\rsa_err.obj $(OBJ_D)\rsa_pk1.obj \ $(OBJ_D)\rsa_ssl.obj $(OBJ_D)\rsa_none.obj $(OBJ_D)\dsa_gen.obj \ @@ -201,9 +202,10 @@ CRYPTOOBJ=$(OBJ_D)\cryptlib.obj \ $(OBJ_D)\bss_file.obj $(OBJ_D)\bss_sock.obj $(OBJ_D)\bss_conn.obj \ $(OBJ_D)\bf_null.obj $(OBJ_D)\bf_buff.obj $(OBJ_D)\b_print.obj \ $(OBJ_D)\b_dump.obj $(OBJ_D)\b_sock.obj $(OBJ_D)\bss_acpt.obj \ - $(OBJ_D)\bf_nbio.obj $(OBJ_D)\stack.obj $(OBJ_D)\lhash.obj \ - $(OBJ_D)\lh_stats.obj $(OBJ_D)\md_rand.obj $(OBJ_D)\randfile.obj \ - $(OBJ_D)\err.obj $(OBJ_D)\err_all.obj $(OBJ_D)\err_prn.obj \ + $(OBJ_D)\bf_nbio.obj $(OBJ_D)\bss_cs4a.obj $(OBJ_D)\stack.obj \ + $(OBJ_D)\lhash.obj $(OBJ_D)\lh_stats.obj $(OBJ_D)\md_rand.obj \ + $(OBJ_D)\randfile.obj $(OBJ_D)\rand_lib.obj $(OBJ_D)\err.obj \ + $(OBJ_D)\err_all.obj $(OBJ_D)\err_prn.obj $(OBJ_D)\o_names.obj \ $(OBJ_D)\obj_dat.obj $(OBJ_D)\obj_lib.obj $(OBJ_D)\obj_err.obj \ $(OBJ_D)\encode.obj $(OBJ_D)\digest.obj $(OBJ_D)\evp_enc.obj \ $(OBJ_D)\evp_key.obj $(OBJ_D)\e_ecb_d.obj $(OBJ_D)\e_cbc_d.obj \ @@ -230,35 +232,38 @@ CRYPTOOBJ=$(OBJ_D)\cryptlib.obj \ $(OBJ_D)\a_utctm.obj $(OBJ_D)\a_int.obj $(OBJ_D)\a_octet.obj \ $(OBJ_D)\a_print.obj $(OBJ_D)\a_type.obj $(OBJ_D)\a_set.obj \ $(OBJ_D)\a_dup.obj $(OBJ_D)\a_d2i_fp.obj $(OBJ_D)\a_i2d_fp.obj \ - $(OBJ_D)\a_sign.obj $(OBJ_D)\a_digest.obj $(OBJ_D)\a_verify.obj \ - $(OBJ_D)\x_algor.obj $(OBJ_D)\x_val.obj $(OBJ_D)\x_pubkey.obj \ - $(OBJ_D)\x_sig.obj $(OBJ_D)\x_req.obj $(OBJ_D)\x_attrib.obj \ - $(OBJ_D)\x_name.obj $(OBJ_D)\x_cinf.obj $(OBJ_D)\x_x509.obj \ - $(OBJ_D)\x_crl.obj $(OBJ_D)\x_info.obj $(OBJ_D)\x_spki.obj \ - $(OBJ_D)\d2i_r_pr.obj $(OBJ_D)\i2d_r_pr.obj $(OBJ_D)\d2i_r_pu.obj \ - $(OBJ_D)\i2d_r_pu.obj $(OBJ_D)\d2i_s_pr.obj $(OBJ_D)\i2d_s_pr.obj \ - $(OBJ_D)\d2i_s_pu.obj $(OBJ_D)\i2d_s_pu.obj $(OBJ_D)\d2i_pu.obj \ - $(OBJ_D)\d2i_pr.obj $(OBJ_D)\i2d_pu.obj $(OBJ_D)\i2d_pr.obj \ - $(OBJ_D)\t_req.obj $(OBJ_D)\t_x509.obj $(OBJ_D)\t_pkey.obj \ - $(OBJ_D)\p7_i_s.obj $(OBJ_D)\p7_signi.obj $(OBJ_D)\p7_signd.obj \ - $(OBJ_D)\p7_recip.obj $(OBJ_D)\p7_enc_c.obj $(OBJ_D)\p7_evp.obj \ - $(OBJ_D)\p7_dgst.obj $(OBJ_D)\p7_s_e.obj $(OBJ_D)\p7_enc.obj \ - $(OBJ_D)\p7_lib.obj $(OBJ_D)\f_int.obj $(OBJ_D)\f_string.obj \ - $(OBJ_D)\i2d_dhp.obj $(OBJ_D)\i2d_dsap.obj $(OBJ_D)\d2i_dhp.obj \ - $(OBJ_D)\d2i_dsap.obj $(OBJ_D)\n_pkey.obj $(OBJ_D)\a_hdr.obj \ - $(OBJ_D)\x_pkey.obj $(OBJ_D)\a_bool.obj $(OBJ_D)\x_exten.obj \ - $(OBJ_D)\asn1_par.obj $(OBJ_D)\asn1_lib.obj $(OBJ_D)\asn1_err.obj \ - $(OBJ_D)\a_meth.obj $(OBJ_D)\a_bytes.obj $(OBJ_D)\evp_asn1.obj \ - $(OBJ_D)\x509_def.obj $(OBJ_D)\x509_d2.obj $(OBJ_D)\x509_r2x.obj \ - $(OBJ_D)\x509_cmp.obj $(OBJ_D)\x509_obj.obj $(OBJ_D)\x509_req.obj \ - $(OBJ_D)\x509_vfy.obj $(OBJ_D)\x509_set.obj $(OBJ_D)\x509rset.obj \ - $(OBJ_D)\x509_err.obj $(OBJ_D)\x509name.obj $(OBJ_D)\x509_v3.obj \ - $(OBJ_D)\x509_ext.obj $(OBJ_D)\x509pack.obj $(OBJ_D)\x509type.obj \ - $(OBJ_D)\x509_lu.obj $(OBJ_D)\x_all.obj $(OBJ_D)\x509_txt.obj \ - $(OBJ_D)\by_file.obj $(OBJ_D)\by_dir.obj $(OBJ_D)\v3_net.obj \ - $(OBJ_D)\v3_x509.obj $(OBJ_D)\conf.obj $(OBJ_D)\conf_err.obj \ - $(OBJ_D)\txt_db.obj $(OBJ_D)\pk7_lib.obj $(OBJ_D)\pkcs7err.obj \ - $(OBJ_D)\pk7_doit.obj + $(OBJ_D)\a_bmp.obj $(OBJ_D)\a_sign.obj $(OBJ_D)\a_digest.obj \ + $(OBJ_D)\a_verify.obj $(OBJ_D)\x_algor.obj $(OBJ_D)\x_val.obj \ + $(OBJ_D)\x_pubkey.obj $(OBJ_D)\x_sig.obj $(OBJ_D)\x_req.obj \ + $(OBJ_D)\x_attrib.obj $(OBJ_D)\x_name.obj $(OBJ_D)\x_cinf.obj \ + $(OBJ_D)\x_x509.obj $(OBJ_D)\x_crl.obj $(OBJ_D)\x_info.obj \ + $(OBJ_D)\x_spki.obj $(OBJ_D)\d2i_r_pr.obj $(OBJ_D)\i2d_r_pr.obj \ + $(OBJ_D)\d2i_r_pu.obj $(OBJ_D)\i2d_r_pu.obj $(OBJ_D)\d2i_s_pr.obj \ + $(OBJ_D)\i2d_s_pr.obj $(OBJ_D)\d2i_s_pu.obj $(OBJ_D)\i2d_s_pu.obj \ + $(OBJ_D)\d2i_pu.obj $(OBJ_D)\d2i_pr.obj $(OBJ_D)\i2d_pu.obj \ + $(OBJ_D)\i2d_pr.obj $(OBJ_D)\t_req.obj $(OBJ_D)\t_x509.obj \ + $(OBJ_D)\t_pkey.obj $(OBJ_D)\p7_i_s.obj $(OBJ_D)\p7_signi.obj \ + $(OBJ_D)\p7_signd.obj $(OBJ_D)\p7_recip.obj $(OBJ_D)\p7_enc_c.obj \ + $(OBJ_D)\p7_evp.obj $(OBJ_D)\p7_dgst.obj $(OBJ_D)\p7_s_e.obj \ + $(OBJ_D)\p7_enc.obj $(OBJ_D)\p7_lib.obj $(OBJ_D)\f_int.obj \ + $(OBJ_D)\f_string.obj $(OBJ_D)\i2d_dhp.obj $(OBJ_D)\i2d_dsap.obj \ + $(OBJ_D)\d2i_dhp.obj $(OBJ_D)\d2i_dsap.obj $(OBJ_D)\n_pkey.obj \ + $(OBJ_D)\a_hdr.obj $(OBJ_D)\x_pkey.obj $(OBJ_D)\a_bool.obj \ + $(OBJ_D)\x_exten.obj $(OBJ_D)\asn1_par.obj $(OBJ_D)\asn1_lib.obj \ + $(OBJ_D)\asn1_err.obj $(OBJ_D)\a_meth.obj $(OBJ_D)\a_bytes.obj \ + $(OBJ_D)\evp_asn1.obj $(OBJ_D)\x509_def.obj $(OBJ_D)\x509_d2.obj \ + $(OBJ_D)\x509_r2x.obj $(OBJ_D)\x509_cmp.obj $(OBJ_D)\x509_obj.obj \ + $(OBJ_D)\x509_req.obj $(OBJ_D)\x509_vfy.obj $(OBJ_D)\x509_set.obj \ + $(OBJ_D)\x509rset.obj $(OBJ_D)\x509_err.obj $(OBJ_D)\x509name.obj \ + $(OBJ_D)\x509_v3.obj $(OBJ_D)\x509_ext.obj $(OBJ_D)\x509pack.obj \ + $(OBJ_D)\x509type.obj $(OBJ_D)\x509_lu.obj $(OBJ_D)\x_all.obj \ + $(OBJ_D)\x509_txt.obj $(OBJ_D)\by_file.obj $(OBJ_D)\by_dir.obj \ + $(OBJ_D)\v3_net.obj $(OBJ_D)\v3_x509.obj $(OBJ_D)\conf.obj \ + $(OBJ_D)\conf_err.obj $(OBJ_D)\txt_db.obj $(OBJ_D)\pk7_lib.obj \ + $(OBJ_D)\pkcs7err.obj $(OBJ_D)\pk7_doit.obj $(OBJ_D)\proxy.obj \ + $(OBJ_D)\pxy_txt.obj $(OBJ_D)\bf_proxy.obj $(OBJ_D)\pxy_conf.obj \ + $(OBJ_D)\pxy_err.obj $(OBJ_D)\comp_lib.obj $(OBJ_D)\c_rle.obj \ + $(OBJ_D)\c_zlib.obj SSLOBJ=$(OBJ_D)\s2_meth.obj \ $(OBJ_D)\s2_srvr.obj $(OBJ_D)\s2_clnt.obj $(OBJ_D)\s2_lib.obj \ @@ -272,7 +277,7 @@ SSLOBJ=$(OBJ_D)\s2_meth.obj \ $(OBJ_D)\ssl_cert.obj $(OBJ_D)\ssl_sess.obj $(OBJ_D)\ssl_ciph.obj \ $(OBJ_D)\ssl_stat.obj $(OBJ_D)\ssl_rsa.obj $(OBJ_D)\ssl_asn1.obj \ $(OBJ_D)\ssl_txt.obj $(OBJ_D)\ssl_algs.obj $(OBJ_D)\bio_ssl.obj \ - $(OBJ_D)\ssl_err.obj + $(OBJ_D)\pxy_ssl.obj $(OBJ_D)\ssl_err.obj RSAGLUEOBJ=$(OBJ_D)\rsaref.obj \ $(OBJ_D)\rsar_err.obj @@ -421,6 +426,9 @@ $(INCL_D)\progs.h: $(SRC_D)\apps\progs.h $(INCL_D)\s_apps.h: $(SRC_D)\apps\s_apps.h $(CP) $(SRC_D)\apps\s_apps.h $(INCL_D)\s_apps.h +$(INCL_D)\s_eio.h: $(SRC_D)\apps\s_eio.h + $(CP) $(SRC_D)\apps\s_eio.h $(INCL_D)\s_eio.h + $(INCL_D)\testdsa.h: $(SRC_D)\apps\testdsa.h $(CP) $(SRC_D)\apps\testdsa.h $(INCL_D)\testdsa.h @@ -436,6 +444,9 @@ $(INC_D)\crypto.h: $(SRC_D)\crypto\crypto.h $(INC_D)\cryptall.h: $(SRC_D)\crypto\cryptall.h $(CP) $(SRC_D)\crypto\cryptall.h $(INC_D)\cryptall.h +$(INC_D)\tmdiff.h: $(SRC_D)\crypto\tmdiff.h + $(CP) $(SRC_D)\crypto\tmdiff.h $(INC_D)\tmdiff.h + $(INC_D)\md2.h: $(SRC_D)\crypto\md2\md2.h $(CP) $(SRC_D)\crypto\md2\md2.h $(INC_D)\md2.h @@ -538,6 +549,12 @@ $(INC_D)\txt_db.h: $(SRC_D)\crypto\txt_db\txt_db.h $(INC_D)\pkcs7.h: $(SRC_D)\crypto\pkcs7\pkcs7.h $(CP) $(SRC_D)\crypto\pkcs7\pkcs7.h $(INC_D)\pkcs7.h +$(INC_D)\proxy.h: $(SRC_D)\crypto\proxy\proxy.h + $(CP) $(SRC_D)\crypto\proxy\proxy.h $(INC_D)\proxy.h + +$(INC_D)\comp.h: $(SRC_D)\crypto\comp\comp.h + $(CP) $(SRC_D)\crypto\comp\comp.h $(INC_D)\comp.h + $(INC_D)\ssl.h: $(SRC_D)\ssl\ssl.h $(CP) $(SRC_D)\ssl\ssl.h $(INC_D)\ssl.h @@ -685,6 +702,12 @@ $(OBJ_D)\s_cb.obj: $(SRC_D)\apps\s_cb.c $(OBJ_D)\s_socket.obj: $(SRC_D)\apps\s_socket.c $(CC) /Fo$(OBJ_D)\s_socket.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\s_socket.c +$(OBJ_D)\s_eio.obj: $(SRC_D)\apps\s_eio.c + $(CC) /Fo$(OBJ_D)\s_eio.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\s_eio.c + +$(OBJ_D)\bf_perm.obj: $(SRC_D)\apps\bf_perm.c + $(CC) /Fo$(OBJ_D)\bf_perm.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\bf_perm.c + $(OBJ_D)\version.obj: $(SRC_D)\apps\version.c $(CC) /Fo$(OBJ_D)\version.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\version.c @@ -707,11 +730,14 @@ $(OBJ_D)\mem.obj: $(SRC_D)\crypto\mem.c $(CC) /Fo$(OBJ_D)\mem.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\mem.c $(OBJ_D)\cversion.obj: $(SRC_D)\crypto\cversion.c - $(CC) /Fo$(OBJ_D)\cversion.obj $(SHLIB_CFLAGS) -DCFLAGS="\"$(CC) $(CFLAG)\"" -c $(SRC_D)\crypto\cversion.c + $(CC) /Fo$(OBJ_D)\cversion.obj $(SHLIB_CFLAGS) -DCFLAGS="\"$(CC) $(CFLAG)\"" -DPLATFORM="\"$(PLATFORM)\"" -c $(SRC_D)\crypto\cversion.c $(OBJ_D)\ex_data.obj: $(SRC_D)\crypto\ex_data.c $(CC) /Fo$(OBJ_D)\ex_data.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\ex_data.c +$(OBJ_D)\tmdiff.obj: $(SRC_D)\crypto\tmdiff.c + $(CC) /Fo$(OBJ_D)\tmdiff.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\tmdiff.c + $(OBJ_D)\cpt_err.obj: $(SRC_D)\crypto\cpt_err.c $(CC) /Fo$(OBJ_D)\cpt_err.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\cpt_err.c @@ -922,9 +948,6 @@ $(OBJ_D)\bn_exp.obj: $(SRC_D)\crypto\bn\bn_exp.c $(OBJ_D)\bn_lib.obj: $(SRC_D)\crypto\bn\bn_lib.c $(CC) /Fo$(OBJ_D)\bn_lib.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_lib.c -$(OBJ_D)\bn_mod.obj: $(SRC_D)\crypto\bn\bn_mod.c - $(CC) /Fo$(OBJ_D)\bn_mod.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mod.c - $(OBJ_D)\bn_mul.obj: $(SRC_D)\crypto\bn\bn_mul.c $(CC) /Fo$(OBJ_D)\bn_mul.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mul.c @@ -937,9 +960,6 @@ $(OBJ_D)\bn_rand.obj: $(SRC_D)\crypto\bn\bn_rand.c $(OBJ_D)\bn_shift.obj: $(SRC_D)\crypto\bn\bn_shift.c $(CC) /Fo$(OBJ_D)\bn_shift.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_shift.c -$(OBJ_D)\bn_sub.obj: $(SRC_D)\crypto\bn\bn_sub.c - $(CC) /Fo$(OBJ_D)\bn_sub.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_sub.c - $(OBJ_D)\bn_word.obj: $(SRC_D)\crypto\bn\bn_word.c $(CC) /Fo$(OBJ_D)\bn_word.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_word.c @@ -958,8 +978,8 @@ $(OBJ_D)\bn_err.obj: $(SRC_D)\crypto\bn\bn_err.c $(OBJ_D)\bn_sqr.obj: $(SRC_D)\crypto\bn\bn_sqr.c $(CC) /Fo$(OBJ_D)\bn_sqr.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_sqr.c -$(OBJ_D)\bn_mulw.obj: $(SRC_D)\crypto\bn\bn_mulw.c - $(CC) /Fo$(OBJ_D)\bn_mulw.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mulw.c +$(OBJ_D)\bn_asm.obj: $(SRC_D)\crypto\bn\bn_asm.c + $(CC) /Fo$(OBJ_D)\bn_asm.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_asm.c $(OBJ_D)\bn_recp.obj: $(SRC_D)\crypto\bn\bn_recp.c $(CC) /Fo$(OBJ_D)\bn_recp.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_recp.c @@ -970,6 +990,9 @@ $(OBJ_D)\bn_mont.obj: $(SRC_D)\crypto\bn\bn_mont.c $(OBJ_D)\bn_mpi.obj: $(SRC_D)\crypto\bn\bn_mpi.c $(CC) /Fo$(OBJ_D)\bn_mpi.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mpi.c +$(OBJ_D)\bn_exp2.obj: $(SRC_D)\crypto\bn\bn_exp2.c + $(CC) /Fo$(OBJ_D)\bn_exp2.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_exp2.c + $(OBJ_D)\rsa_eay.obj: $(SRC_D)\crypto\rsa\rsa_eay.c $(CC) /Fo$(OBJ_D)\rsa_eay.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_eay.c @@ -1084,6 +1107,9 @@ $(OBJ_D)\bss_acpt.obj: $(SRC_D)\crypto\bio\bss_acpt.c $(OBJ_D)\bf_nbio.obj: $(SRC_D)\crypto\bio\bf_nbio.c $(CC) /Fo$(OBJ_D)\bf_nbio.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bf_nbio.c +$(OBJ_D)\bss_cs4a.obj: $(SRC_D)\crypto\bio\bss_cs4a.c + $(CC) /Fo$(OBJ_D)\bss_cs4a.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_cs4a.c + $(OBJ_D)\stack.obj: $(SRC_D)\crypto\stack\stack.c $(CC) /Fo$(OBJ_D)\stack.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\stack\stack.c @@ -1099,6 +1125,9 @@ $(OBJ_D)\md_rand.obj: $(SRC_D)\crypto\rand\md_rand.c $(OBJ_D)\randfile.obj: $(SRC_D)\crypto\rand\randfile.c $(CC) /Fo$(OBJ_D)\randfile.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rand\randfile.c +$(OBJ_D)\rand_lib.obj: $(SRC_D)\crypto\rand\rand_lib.c + $(CC) /Fo$(OBJ_D)\rand_lib.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rand\rand_lib.c + $(OBJ_D)\err.obj: $(SRC_D)\crypto\err\err.c $(CC) /Fo$(OBJ_D)\err.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\err\err.c @@ -1108,6 +1137,9 @@ $(OBJ_D)\err_all.obj: $(SRC_D)\crypto\err\err_all.c $(OBJ_D)\err_prn.obj: $(SRC_D)\crypto\err\err_prn.c $(CC) /Fo$(OBJ_D)\err_prn.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\err\err_prn.c +$(OBJ_D)\o_names.obj: $(SRC_D)\crypto\objects\o_names.c + $(CC) /Fo$(OBJ_D)\o_names.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\objects\o_names.c + $(OBJ_D)\obj_dat.obj: $(SRC_D)\crypto\objects\obj_dat.c $(CC) /Fo$(OBJ_D)\obj_dat.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\objects\obj_dat.c @@ -1342,6 +1374,9 @@ $(OBJ_D)\a_d2i_fp.obj: $(SRC_D)\crypto\asn1\a_d2i_fp.c $(OBJ_D)\a_i2d_fp.obj: $(SRC_D)\crypto\asn1\a_i2d_fp.c $(CC) /Fo$(OBJ_D)\a_i2d_fp.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_i2d_fp.c +$(OBJ_D)\a_bmp.obj: $(SRC_D)\crypto\asn1\a_bmp.c + $(CC) /Fo$(OBJ_D)\a_bmp.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_bmp.c + $(OBJ_D)\a_sign.obj: $(SRC_D)\crypto\asn1\a_sign.c $(CC) /Fo$(OBJ_D)\a_sign.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_sign.c @@ -1597,6 +1632,30 @@ $(OBJ_D)\pkcs7err.obj: $(SRC_D)\crypto\pkcs7\pkcs7err.c $(OBJ_D)\pk7_doit.obj: $(SRC_D)\crypto\pkcs7\pk7_doit.c $(CC) /Fo$(OBJ_D)\pk7_doit.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\pkcs7\pk7_doit.c +$(OBJ_D)\proxy.obj: $(SRC_D)\crypto\proxy\proxy.c + $(CC) /Fo$(OBJ_D)\proxy.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\proxy\proxy.c + +$(OBJ_D)\pxy_txt.obj: $(SRC_D)\crypto\proxy\pxy_txt.c + $(CC) /Fo$(OBJ_D)\pxy_txt.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\proxy\pxy_txt.c + +$(OBJ_D)\bf_proxy.obj: $(SRC_D)\crypto\proxy\bf_proxy.c + $(CC) /Fo$(OBJ_D)\bf_proxy.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\proxy\bf_proxy.c + +$(OBJ_D)\pxy_conf.obj: $(SRC_D)\crypto\proxy\pxy_conf.c + $(CC) /Fo$(OBJ_D)\pxy_conf.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\proxy\pxy_conf.c + +$(OBJ_D)\pxy_err.obj: $(SRC_D)\crypto\proxy\pxy_err.c + $(CC) /Fo$(OBJ_D)\pxy_err.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\proxy\pxy_err.c + +$(OBJ_D)\comp_lib.obj: $(SRC_D)\crypto\comp\comp_lib.c + $(CC) /Fo$(OBJ_D)\comp_lib.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\comp\comp_lib.c + +$(OBJ_D)\c_rle.obj: $(SRC_D)\crypto\comp\c_rle.c + $(CC) /Fo$(OBJ_D)\c_rle.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\comp\c_rle.c + +$(OBJ_D)\c_zlib.obj: $(SRC_D)\crypto\comp\c_zlib.c + $(CC) /Fo$(OBJ_D)\c_zlib.obj $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\comp\c_zlib.c + $(OBJ_D)\s2_meth.obj: $(SRC_D)\ssl\s2_meth.c $(CC) /Fo$(OBJ_D)\s2_meth.obj $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s2_meth.c @@ -1699,6 +1758,9 @@ $(OBJ_D)\ssl_algs.obj: $(SRC_D)\ssl\ssl_algs.c $(OBJ_D)\bio_ssl.obj: $(SRC_D)\ssl\bio_ssl.c $(CC) /Fo$(OBJ_D)\bio_ssl.obj $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\bio_ssl.c +$(OBJ_D)\pxy_ssl.obj: $(SRC_D)\ssl\pxy_ssl.c + $(CC) /Fo$(OBJ_D)\pxy_ssl.obj $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\pxy_ssl.c + $(OBJ_D)\ssl_err.obj: $(SRC_D)\ssl\ssl_err.c $(CC) /Fo$(OBJ_D)\ssl_err.obj $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\ssl_err.c @@ -1892,6 +1954,7 @@ $(O_SSL): $(SSLOBJ) $(LINK) $(MLFLAGS) @<< $(SHLIB_EX_OBJ) + $(OBJ_D)\bio_ssl.obj + + $(OBJ_D)\pxy_ssl.obj + $(OBJ_D)\s23_clnt.obj + $(OBJ_D)\s23_lib.obj + $(OBJ_D)\s23_meth.obj + @@ -1948,8 +2011,9 @@ y $(O_CRYPTO): $(CRYPTOOBJ) $(LINK) $(MLFLAGS) @<< $(SHLIB_EX_OBJ) + - $(BN_MULW_OBJ) + + $(BN_ASM_OBJ) + $(OBJ_D)\a_bitstr.obj + + $(OBJ_D)\a_bmp.obj + $(OBJ_D)\a_bool.obj + $(OBJ_D)\a_bytes.obj + $(OBJ_D)\a_d2i_fp.obj + @@ -1980,6 +2044,7 @@ $(O_CRYPTO): $(CRYPTOOBJ) $(OBJ_D)\bf_nbio.obj + $(OBJ_D)\bf_null.obj + $(OBJ_D)\bf_ofb64.obj + + $(OBJ_D)\bf_proxy.obj + $(OBJ_D)\bf_skey.obj + $(OBJ_D)\bio_b64.obj + $(OBJ_D)\bio_cb.obj + @@ -1992,9 +2057,9 @@ $(O_CRYPTO): $(CRYPTOOBJ) $(OBJ_D)\bn_div.obj + $(OBJ_D)\bn_err.obj + $(OBJ_D)\bn_exp.obj + + $(OBJ_D)\bn_exp2.obj + $(OBJ_D)\bn_gcd.obj + $(OBJ_D)\bn_lib.obj + - $(OBJ_D)\bn_mod.obj + $(OBJ_D)\bn_mont.obj + $(OBJ_D)\bn_mpi.obj + $(OBJ_D)\bn_mul.obj + @@ -2004,10 +2069,10 @@ $(O_CRYPTO): $(CRYPTOOBJ) $(OBJ_D)\bn_recp.obj + $(OBJ_D)\bn_shift.obj + $(OBJ_D)\bn_sqr.obj + - $(OBJ_D)\bn_sub.obj + $(OBJ_D)\bn_word.obj + $(OBJ_D)\bss_acpt.obj + $(OBJ_D)\bss_conn.obj + + $(OBJ_D)\bss_cs4a.obj + $(OBJ_D)\bss_fd.obj + $(OBJ_D)\bss_file.obj + $(OBJ_D)\bss_mem.obj + @@ -2022,12 +2087,15 @@ $(O_CRYPTO): $(CRYPTOOBJ) $(OBJ_D)\c_ecb.obj + $(OBJ_D)\c_enc.obj + $(OBJ_D)\c_ofb64.obj + + $(OBJ_D)\c_rle.obj + $(OBJ_D)\c_skey.obj + + $(OBJ_D)\c_zlib.obj + $(OBJ_D)\cbc_cksm.obj + $(OBJ_D)\cbc_enc.obj + $(OBJ_D)\cfb64ede.obj + $(OBJ_D)\cfb64enc.obj + $(OBJ_D)\cfb_enc.obj + + $(OBJ_D)\comp_lib.obj + $(OBJ_D)\conf.obj + $(OBJ_D)\conf_err.obj + $(OBJ_D)\cpt_err.obj + @@ -2138,6 +2206,7 @@ $(O_CRYPTO): $(CRYPTOOBJ) $(OBJ_D)\mem.obj + $(OBJ_D)\n_pkey.obj + $(OBJ_D)\names.obj + + $(OBJ_D)\o_names.obj + $(OBJ_D)\obj_dat.obj + $(OBJ_D)\obj_err.obj + $(OBJ_D)\obj_lib.obj + @@ -2171,8 +2240,13 @@ $(O_CRYPTO): $(CRYPTOOBJ) $(OBJ_D)\pk7_doit.obj + $(OBJ_D)\pk7_lib.obj + $(OBJ_D)\pkcs7err.obj + + $(OBJ_D)\proxy.obj + + $(OBJ_D)\pxy_conf.obj + + $(OBJ_D)\pxy_err.obj + + $(OBJ_D)\pxy_txt.obj + $(OBJ_D)\qud_cksm.obj + $(OBJ_D)\rand_key.obj + + $(OBJ_D)\rand_lib.obj + $(OBJ_D)\randfile.obj + $(OBJ_D)\rc2_cbc.obj + $(OBJ_D)\rc2_ecb.obj + @@ -2211,6 +2285,7 @@ $(O_CRYPTO): $(CRYPTOOBJ) $(OBJ_D)\t_pkey.obj + $(OBJ_D)\t_req.obj + $(OBJ_D)\t_x509.obj + + $(OBJ_D)\tmdiff.obj + $(OBJ_D)\txt_db.obj + $(OBJ_D)\v3_net.obj + $(OBJ_D)\v3_x509.obj + @@ -2260,6 +2335,7 @@ $(BIN_D)\$(E_EXE).exe: $(E_OBJ) $(LIBS_DEP) $(APP_EX_OBJ) + $(OBJ_D)\apps.obj + $(OBJ_D)\asn1pars.obj + + $(OBJ_D)\bf_perm.obj + $(OBJ_D)\ca.obj + $(OBJ_D)\ciphers.obj + $(OBJ_D)\crl.obj + diff --git a/perl/OpenSSL.xs b/perl/OpenSSL.xs index 582b5705a..3e3d1debe 100644 --- a/perl/OpenSSL.xs +++ b/perl/OpenSSL.xs @@ -10,6 +10,7 @@ char *obj; ret=sv_newmortal(); else ret=newSViv(0); +printf(">new_ref %d\n",type); sv_setref_pv(ret,type,(void *)obj); return(ret); } @@ -27,6 +28,7 @@ char *argp; fprintf(stderr,"ex_new %08X %s\n",obj,argp); sv=sv_newmortal(); sv_setref_pv(sv,argp,(void *)obj); +printf("%d>new_ref '%s'\n",sv,argp); CRYPTO_set_ex_data(ad,idx,(char *)sv); return(1); } diff --git a/perl/SSLeay.xs b/perl/SSLeay.xs index 582b5705a..3e3d1debe 100644 --- a/perl/SSLeay.xs +++ b/perl/SSLeay.xs @@ -10,6 +10,7 @@ char *obj; ret=sv_newmortal(); else ret=newSViv(0); +printf(">new_ref %d\n",type); sv_setref_pv(ret,type,(void *)obj); return(ret); } @@ -27,6 +28,7 @@ char *argp; fprintf(stderr,"ex_new %08X %s\n",obj,argp); sv=sv_newmortal(); sv_setref_pv(sv,argp,(void *)obj); +printf("%d>new_ref '%s'\n",sv,argp); CRYPTO_set_ex_data(ad,idx,(char *)sv); return(1); } diff --git a/perl/bio.pl b/perl/bio.pl index be27581c0..70a97e792 100644 --- a/perl/bio.pl +++ b/perl/bio.pl @@ -5,13 +5,15 @@ use ExtUtils::testlib; use SSLeay; $cmd=<<"EOF"; +GET / HTTP/1.0 EOF $conn="localhost:4433"; $conn=$ARGV[0] if $#ARGV >= 0; $bio=SSLeay::BIO::new("connect"); -$bio->set_callback(sub {print STDERR $_[0]->number_read."\n"; $_[$#_] }); +#$bio->set_callback(sub {print STDERR SSLeay::BIO::number_read($_[0])."\n"; $_[$#_] }); +#$bio->set_callback(sub {print STDERR "$#_:".$_[0].":$_[1]:$_[2]:$_[3]:$_[4]:\n"; $_[$#_] }); $bio->hostname($conn) || die $ssl->error(); diff --git a/perl/bio.xs b/perl/bio.xs index 3782d4206..a9d32d840 100644 --- a/perl/bio.xs +++ b/perl/bio.xs @@ -25,7 +25,7 @@ int ret; SAVETMPS; PUSHMARK(sp); - XPUSHs(me); + XPUSHs(sv_2mortal(newSViv(me))); XPUSHs(sv_2mortal(newSViv(state))); XPUSHs(sv_2mortal(newSViv(cmd))); if ((state == BIO_CB_READ) || (state == BIO_CB_WRITE)) @@ -60,7 +60,8 @@ int ret; int boot_bio() { p5_bio_ex_bio_ptr= - BIO_get_ex_new_index(0,"SSLeay::BIO",ex_new,NULL,ex_cleanup); + BIO_get_ex_new_index(0,"SSLeay::BIO",ex_new,NULL, + ex_cleanup); p5_bio_ex_bio_callback= BIO_get_ex_new_index(0,"bio_callback",NULL,NULL, ex_cleanup); @@ -97,9 +98,8 @@ p5_BIO_new_buffer_ssl_connect(...) } EXTEND(sp,1); bio=BIO_new_buffer_ssl_connect(ctx); - arg=new_ref("SSLeay::BIO",(char *)bio,0); + arg=(SV *)BIO_get_ex_data(bio,p5_bio_ex_bio_ptr); PUSHs(arg); - BIO_set_ex_data(bio,p5_bio_ex_bio_ptr,(char *)arg); void p5_BIO_new_ssl_connect(...) @@ -124,9 +124,8 @@ p5_BIO_new_ssl_connect(...) } EXTEND(sp,1); bio=BIO_new_ssl_connect(ctx); - arg=new_ref("SSLeay::BIO",(char *)bio,0); + arg=(SV *)BIO_get_ex_data(bio,p5_bio_ex_bio_ptr); PUSHs(arg); - BIO_set_ex_data(bio,p5_bio_ex_bio_ptr,(char *)arg); void p5_BIO_new(...) @@ -154,16 +153,15 @@ p5_BIO_new(...) bio=BIO_new(BIO_f_buffer()); else croak("unknown BIO type"); - arg=new_ref("SSLeay::BIO",(char *)bio,0); + arg=(SV *)BIO_get_ex_data(bio,p5_bio_ex_bio_ptr); PUSHs(arg); - BIO_set_ex_data(bio,p5_bio_ex_bio_ptr,(char *)arg); int p5_BIO_hostname(bio,name) BIO *bio; char *name; CODE: - RETVAL=BIO_set_hostname(bio,name); + RETVAL=BIO_set_conn_hostname(bio,name); OUTPUT: RETVAL @@ -218,18 +216,20 @@ p5_BIO_pop(b) if (arg == NULL) { arg=new_ref("SSLeay::BIO",(char *)bio,0); - PUSHs(arg); BIO_set_ex_data(bio,p5_bio_ex_bio_ptr,(char *)arg); + PUSHs(arg); } else { /* it was pushed in */ SvREFCNT_inc(arg); PUSHs(arg); +#if 0 /* This does not need to be done. */ if (bio->references < 1) abort(); /* decrement the reference count */ BIO_free(bio); +#endif } } @@ -253,7 +253,7 @@ p5_BIO_sysread(bio,in,num, ...) if (offset < 0) { if (-offset > olen) - croad("Offset outside string"); + croak("Offset outside string"); offset+=olen; } } @@ -356,8 +356,9 @@ p5_BIO_next_bio(b) if (arg == NULL) { arg=new_ref("SSLeay::BIO",(char *)bio,0); - PUSHs(arg); BIO_set_ex_data(bio,p5_bio_ex_bio_ptr,(char *)arg); + bio->references++; + PUSHs(arg); } else { @@ -398,6 +399,7 @@ p5_BIO_set_callback(bio,cb,...) arg=sv_mortalcopy(ST(1)); SvREFCNT_inc(arg); BIO_set_ex_data(bio,p5_bio_ex_bio_callback,(char *)arg); + printf("%08lx < bio_ptr\n",BIO_get_ex_data(bio,p5_bio_ex_bio_ptr)); BIO_set_callback(bio,p5_bio_callback); void diff --git a/perl/callback.c b/perl/callback.c index 01840abc8..4e39c16d7 100644 --- a/perl/callback.c +++ b/perl/callback.c @@ -80,7 +80,7 @@ char *argp; { SV *sv; -fprintf(stderr,"ex_new %08X %s\n",obj,argp); +fprintf(stderr,"ex_new idx=%d %08X %s\n",idx,obj,argp); sv=sv_newmortal(); sv_setref_pv(sv,argp,(void *)obj); CRYPTO_set_ex_data(ad,idx,(char *)sv); @@ -4,22 +4,8 @@ use ExtUtils::testlib; use SSLeay; -$data=<>; - -#$b=SSLeay::BN::hex2bn($a); -#$data=$b->bn2bin; - -#substr($data,0,8)=""; -#print $data; - -$md=SSLeay::MD::new("md5"); -$md->init(); -$md->update("test"); -$key=$md->final(); - -$rc4=SSLeay::Cipher::new("rc4"); -$rc4->init($key,"",1); -$out=$rc4->cipher($data); - -print $out; - +for (7 .. 7926) + { + my $num = SSLeay::BN::dec2bn($_); + print "$_ is ".($num->is_prime ? 'prime' : 'composite'), "\n"; + } diff --git a/perl/openssl_bio.xs b/perl/openssl_bio.xs index 3782d4206..a9d32d840 100644 --- a/perl/openssl_bio.xs +++ b/perl/openssl_bio.xs @@ -25,7 +25,7 @@ int ret; SAVETMPS; PUSHMARK(sp); - XPUSHs(me); + XPUSHs(sv_2mortal(newSViv(me))); XPUSHs(sv_2mortal(newSViv(state))); XPUSHs(sv_2mortal(newSViv(cmd))); if ((state == BIO_CB_READ) || (state == BIO_CB_WRITE)) @@ -60,7 +60,8 @@ int ret; int boot_bio() { p5_bio_ex_bio_ptr= - BIO_get_ex_new_index(0,"SSLeay::BIO",ex_new,NULL,ex_cleanup); + BIO_get_ex_new_index(0,"SSLeay::BIO",ex_new,NULL, + ex_cleanup); p5_bio_ex_bio_callback= BIO_get_ex_new_index(0,"bio_callback",NULL,NULL, ex_cleanup); @@ -97,9 +98,8 @@ p5_BIO_new_buffer_ssl_connect(...) } EXTEND(sp,1); bio=BIO_new_buffer_ssl_connect(ctx); - arg=new_ref("SSLeay::BIO",(char *)bio,0); + arg=(SV *)BIO_get_ex_data(bio,p5_bio_ex_bio_ptr); PUSHs(arg); - BIO_set_ex_data(bio,p5_bio_ex_bio_ptr,(char *)arg); void p5_BIO_new_ssl_connect(...) @@ -124,9 +124,8 @@ p5_BIO_new_ssl_connect(...) } EXTEND(sp,1); bio=BIO_new_ssl_connect(ctx); - arg=new_ref("SSLeay::BIO",(char *)bio,0); + arg=(SV *)BIO_get_ex_data(bio,p5_bio_ex_bio_ptr); PUSHs(arg); - BIO_set_ex_data(bio,p5_bio_ex_bio_ptr,(char *)arg); void p5_BIO_new(...) @@ -154,16 +153,15 @@ p5_BIO_new(...) bio=BIO_new(BIO_f_buffer()); else croak("unknown BIO type"); - arg=new_ref("SSLeay::BIO",(char *)bio,0); + arg=(SV *)BIO_get_ex_data(bio,p5_bio_ex_bio_ptr); PUSHs(arg); - BIO_set_ex_data(bio,p5_bio_ex_bio_ptr,(char *)arg); int p5_BIO_hostname(bio,name) BIO *bio; char *name; CODE: - RETVAL=BIO_set_hostname(bio,name); + RETVAL=BIO_set_conn_hostname(bio,name); OUTPUT: RETVAL @@ -218,18 +216,20 @@ p5_BIO_pop(b) if (arg == NULL) { arg=new_ref("SSLeay::BIO",(char *)bio,0); - PUSHs(arg); BIO_set_ex_data(bio,p5_bio_ex_bio_ptr,(char *)arg); + PUSHs(arg); } else { /* it was pushed in */ SvREFCNT_inc(arg); PUSHs(arg); +#if 0 /* This does not need to be done. */ if (bio->references < 1) abort(); /* decrement the reference count */ BIO_free(bio); +#endif } } @@ -253,7 +253,7 @@ p5_BIO_sysread(bio,in,num, ...) if (offset < 0) { if (-offset > olen) - croad("Offset outside string"); + croak("Offset outside string"); offset+=olen; } } @@ -356,8 +356,9 @@ p5_BIO_next_bio(b) if (arg == NULL) { arg=new_ref("SSLeay::BIO",(char *)bio,0); - PUSHs(arg); BIO_set_ex_data(bio,p5_bio_ex_bio_ptr,(char *)arg); + bio->references++; + PUSHs(arg); } else { @@ -398,6 +399,7 @@ p5_BIO_set_callback(bio,cb,...) arg=sv_mortalcopy(ST(1)); SvREFCNT_inc(arg); BIO_set_ex_data(bio,p5_bio_ex_bio_callback,(char *)arg); + printf("%08lx < bio_ptr\n",BIO_get_ex_data(bio,p5_bio_ex_bio_ptr)); BIO_set_callback(bio,p5_bio_callback); void diff --git a/perl/openssl_cb.c b/perl/openssl_cb.c index 01840abc8..4e39c16d7 100644 --- a/perl/openssl_cb.c +++ b/perl/openssl_cb.c @@ -80,7 +80,7 @@ char *argp; { SV *sv; -fprintf(stderr,"ex_new %08X %s\n",obj,argp); +fprintf(stderr,"ex_new idx=%d %08X %s\n",idx,obj,argp); sv=sv_newmortal(); sv_setref_pv(sv,argp,(void *)obj); CRYPTO_set_ex_data(ad,idx,(char *)sv); diff --git a/perl/openssl_ssl.xs b/perl/openssl_ssl.xs index 6777cf7ad..05834797e 100644 --- a/perl/openssl_ssl.xs +++ b/perl/openssl_ssl.xs @@ -241,7 +241,7 @@ p5_SSL_sysread(ssl,in,num, ...) if (offset < 0) { if (-offset > olen) - croad("Offset outside string"); + croak("Offset outside string"); offset+=olen; } } diff --git a/perl/ssl.pl b/perl/ssl.pl index 4a5569fab..d38b84d68 100644 --- a/perl/ssl.pl +++ b/perl/ssl.pl @@ -6,11 +6,11 @@ use SSLeay; $ssl_ctx=SSL::CTX->new("SSLv3"); -$ssl_ctx->set_options("-info_callback" => - sub { - print STDERR $_[0]->state()."\n"; - } - ); +#$ssl_ctx->set_options("-info_callback" => +# sub { +# print STDERR $_[0]->state()."\n"; +# } +# ); $conn="localhost:4433"; $conn=$ARGV[0] if $#ARGV >= 0; diff --git a/perl/ssl.xs b/perl/ssl.xs index 6777cf7ad..05834797e 100644 --- a/perl/ssl.xs +++ b/perl/ssl.xs @@ -241,7 +241,7 @@ p5_SSL_sysread(ssl,in,num, ...) if (offset < 0) { if (-offset > olen) - croad("Offset outside string"); + croak("Offset outside string"); offset+=olen; } } diff --git a/rsaref/rsar_err.c b/rsaref/rsar_err.c index 34840e99f..3ba902766 100644 --- a/rsaref/rsar_err.c +++ b/rsaref/rsar_err.c @@ -118,8 +118,8 @@ void ERR_load_RSAREF_strings() { static int init=1; - if (init); - {; + if (init) + { init=0; #ifndef NO_ERR ERR_load_strings(ERR_LIB_RSAREF,RSAREF_str_functs); @@ -1,40 +1,12 @@ -/* return the actual cipher being used */ -char *SSL_CIPHER_get_name(c) -SSL_CIPHER *c; - { - if (c != NULL) - return(c->name); - return("UNKNOWN"); - } - -/* number of bits for symetric cipher */ -int SSL_CIPHER_get_bits(c,alg_bits) -SSL_CIPHER *c; -int *alg_bits; - { - int ret=0,a=0; - EVP_CIPHER *enc; - - if (c != NULL) - { - if (!ssl_cipher_get_evp(c,&enc,NULL)) - return(0); - - a=EVP_CIPHER_key_length(enc)*8; - - if (s->session->cipher->algorithms & SSL_EXP) - { - if (c->algorithm2 & SSL2_CF_8_BYTE_ENC) - ret=64; - else - ret=40; - } - else - ret=a; - } - - if (alg_bits != NULL) *alg_bits=a; - - return(ret); - } - + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_TLSV1_ALERT_DECRYPTION_FAILED); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_TLSV1_ALERT_RECORD_OVERFLOW + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_TLSV1_ALERT_UNKNOWN_CA); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_TLSV1_ALERT_ACCESS_DENIED); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_TLSV1_ALERT_DECODE_ERROR); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_TLSV1_ALERT_DECRYPT_ERROR); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_TLSV1_ALERT_EXPORT_RESTRICION); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_TLSV1_ALERT_PROTOCOL_VERSION); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_TLSV1_ALERT_INTERNAL_ERROR); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_TLSV1_ALERT_USER_CANCLED); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_TLSV1_ALERT_NO_RENEGOTIATION); diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c index a4661ebb6..597cc8772 100644 --- a/ssl/s23_clnt.c +++ b/ssl/s23_clnt.c @@ -179,7 +179,7 @@ SSL *s; ret=ssl23_get_server_hello(s); if (ret >= 0) cb=NULL; goto end; - break; + /* break; */ default: SSLerr(SSL_F_SSL23_CONNECT,SSL_R_UNKNOWN_STATE); @@ -443,7 +443,7 @@ SSL *s; } s->rwstate=SSL_NOTHING; - SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,1000+p[6]); + SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_AD_REASON_OFFSET+p[6]); goto err; } else diff --git a/ssl/s23_lib.c b/ssl/s23_lib.c index e16f64110..1eb2b3a33 100644 --- a/ssl/s23_lib.c +++ b/ssl/s23_lib.c @@ -78,7 +78,7 @@ static int ssl23_put_cipher_by_char(); static SSL_CIPHER *ssl23_get_cipher_by_char(); #endif -char *SSL23_version_str="SSLv2/3 compatablity part of SSLeay 0.7.0 30-Jan-1997"; +char *SSL23_version_str="SSLv2/3 compatablity part of SSLeay 0.9.1a 06-Jul-1998"; static SSL_METHOD SSLv23_data= { TLS1_VERSION, @@ -92,6 +92,7 @@ static SSL_METHOD SSLv23_data= { ssl23_write, ssl_undefined_function, ssl_undefined_function, + ssl_ok, ssl3_ctrl, ssl3_ctx_ctrl, ssl23_get_cipher_by_char, diff --git a/ssl/s23_srvr.c b/ssl/s23_srvr.c index c7b9ecbcf..888ffaca0 100644 --- a/ssl/s23_srvr.c +++ b/ssl/s23_srvr.c @@ -166,7 +166,7 @@ SSL *s; ret=ssl23_get_client_hello(s); if (ret >= 0) cb=NULL; goto end; - break; + /* break; */ default: SSLerr(SSL_F_SSL23_ACCEPT,SSL_R_UNKNOWN_STATE); @@ -237,9 +237,15 @@ SSL *s; { s->state=SSL23_ST_SR_CLNT_HELLO_B; } + else if (!(s->options & SSL_OP_NO_SSLv2)) + { + type=1; + } } else if (!(s->options & SSL_OP_NO_SSLv3)) s->state=SSL23_ST_SR_CLNT_HELLO_B; + else if (!(s->options & SSL_OP_NO_SSLv2)) + type=1; if (s->options & SSL_OP_NON_EXPORT_FIRST) { @@ -313,15 +319,15 @@ SSL *s; else if (!(s->options & SSL_OP_NO_SSLv3)) type=3; } - else if ((strncmp("GET ", p,4) == 0) || - (strncmp("POST ",p,5) == 0) || - (strncmp("HEAD ",p,5) == 0) || - (strncmp("PUT ", p,4) == 0)) + else if ((strncmp("GET ", (char *)p,4) == 0) || + (strncmp("POST ",(char *)p,5) == 0) || + (strncmp("HEAD ",(char *)p,5) == 0) || + (strncmp("PUT ", (char *)p,4) == 0)) { SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTP_REQUEST); goto err; } - else if (strncmp("CONNECT",p,7) == 0) + else if (strncmp("CONNECT",(char *)p,7) == 0) { SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTPS_PROXY_REQUEST); goto err; @@ -387,7 +393,7 @@ next_bit: } s2n(j,dd); - /* compression */ + /* COMPRESSION */ *(d++)=1; *(d++)=0; diff --git a/ssl/s2_clnt.c b/ssl/s2_clnt.c index 16df9ec56..2170e2928 100644 --- a/ssl/s2_clnt.c +++ b/ssl/s2_clnt.c @@ -268,7 +268,7 @@ SSL *s; if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1); goto end; - break; + /* break; */ default: SSLerr(SSL_F_SSL2_CONNECT,SSL_R_UNKNOWN_STATE); return(-1); @@ -587,6 +587,11 @@ SSL *s; SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_PUBLIC_KEY_ENCRYPT_ERROR); return(-1); } +#ifdef PKCS1_CHECK + if (s->options & SSL_OP_PKCS1_CHECK_1) d[1]++; + if (s->options & SSL_OP_PKCS1_CHECK_2) + sess->master_key[clear]++; +#endif s2n(enc,p); d+=enc; karg=sess->key_arg_length; diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c index 275eb52f1..172fc361c 100644 --- a/ssl/s2_lib.c +++ b/ssl/s2_lib.c @@ -62,14 +62,12 @@ #include "ssl_locl.h" #ifndef NOPROTO -static int ssl2_ok(SSL *s); static long ssl2_default_timeout(void ); #else -static int ssl2_ok(); static long ssl2_default_timeout(); #endif -char *ssl2_version_str="SSLv2 part of SSLeay 0.9.0b 29-Jun-1998"; +char *ssl2_version_str="SSLv2 part of SSLeay 0.9.1a 06-Jul-1998"; #define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER)) @@ -184,7 +182,8 @@ static SSL_METHOD SSLv2_data= { ssl2_peek, ssl2_write, ssl2_shutdown, - ssl2_ok, + ssl_ok, /* NULL - renegotiate */ + ssl_ok, /* NULL - check renegotiate */ ssl2_ctrl, /* local */ ssl2_ctx_ctrl, /* local */ ssl2_get_cipher_by_char, @@ -429,12 +428,6 @@ SSL *s; s->error=0; */ } -static int ssl2_ok(s) -SSL *s; - { - return(1); - } - int ssl2_shutdown(s) SSL *s; { diff --git a/ssl/s3_both.c b/ssl/s3_both.c index 6de62e159..251bcedd7 100644 --- a/ssl/s3_both.c +++ b/ssl/s3_both.c @@ -92,6 +92,13 @@ int slen; p+=i; l=i; +#ifdef WIN16 + /* MSVC 1.5 does not clear the top bytes of the word unless + * I do this. + */ + l&=0xffff; +#endif + *(d++)=SSL3_MT_FINISHED; l2n3(l,d); s->init_num=(int)l+4; @@ -236,6 +243,23 @@ X509 *x; X509_STORE_CTX_cleanup(&xs_ctx); } + /* Thwate special :-) */ + if (s->ctx->extra_certs != NULL) + for (i=0; i<sk_num(s->ctx->extra_certs); i++) + { + x=(X509 *)sk_value(s->ctx->extra_certs,i); + n=i2d_X509(x,NULL); + if (!BUF_MEM_grow(buf,(int)(n+l+3))) + { + SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB); + return(0); + } + p=(unsigned char *)&(buf->data[l]); + l2n3(n,p); + i2d_X509(x,&p); + l+=n+3; + } + l-=7; p=(unsigned char *)&(buf->data[4]); l2n3(l,p); diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 940c6a458..d4ff1d99c 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -430,7 +430,7 @@ SSL *s; if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1); goto end; - break; + /* break; */ default: SSLerr(SSL_F_SSL3_CONNECT,SSL_R_UNKNOWN_STATE); @@ -478,7 +478,8 @@ SSL *s; if (s->state == SSL3_ST_CW_CLNT_HELLO_A) { if ((s->session == NULL) || - (s->session->ssl_version != s->version)) + (s->session->ssl_version != s->version) || + (s->session->not_resumable)) { if (!ssl_get_new_session(s,0)) goto err; @@ -488,7 +489,7 @@ SSL *s; p=s->s3->client_random; Time=time(NULL); /* Time */ l2n(Time,p); - RAND_bytes(&(p[4]),SSL3_RANDOM_SIZE-sizeof(Time)); + RAND_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time)); /* Do the message type and length last */ d=p= &(buf[4]); @@ -523,6 +524,7 @@ SSL *s; p+=i; /* hardwire in the NULL compression algorithm. */ + /* COMPRESSION */ *(p++)=1; *(p++)=0; @@ -643,6 +645,7 @@ SSL *s; s->s3->tmp.new_cipher=c; /* lets get the compression algorithm */ + /* COMPRESSION */ j= *(p++); if (j != 0) { @@ -771,7 +774,7 @@ SSL *s; pkey=X509_get_pubkey(x); - if (EVP_PKEY_missing_parameters(pkey)) + if ((pkey == NULL) || EVP_PKEY_missing_parameters(pkey)) { x=NULL; al=SSL3_AL_FATAL; @@ -998,6 +1001,13 @@ SSL *s; goto f_err; } #endif + if (alg & SSL_aFZA) + { + al=SSL_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER); + goto f_err; + } + /* p points to the next byte, there are 'n' bytes left */ @@ -1014,7 +1024,7 @@ SSL *s; /* wrong packet length */ al=SSL_AD_DECODE_ERROR; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_WRONG_SIGNATURE_LENGTH); - goto err; + goto f_err; } #ifndef NO_RSA @@ -1167,6 +1177,15 @@ SSL *s; /* get the CA RDNs */ n2s(p,llen); +#if 0 +{ +FILE *out; +out=fopen("/tmp/vsign.der","w"); +fwrite(p,1,llen,out); +fclose(out); +} +#endif + if ((llen+ctype_num+2+1) != n) { ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR); @@ -1286,7 +1305,7 @@ SSL *s; if (l & SSL_kRSA) { RSA *rsa; - unsigned char tmp_buf[48]; + unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH]; if (s->session->cert->rsa_tmp != NULL) rsa=s->session->cert->rsa_tmp; @@ -1315,6 +1334,10 @@ SSL *s; p+=2; n=RSA_public_encrypt(SSL_MAX_MASTER_KEY_LENGTH, tmp_buf,p,rsa,RSA_PKCS1_PADDING); +#ifdef PKCS1_CHECK + if (s->options & SSL_OP_PKCS1_CHECK_1) p[1]++; + if (s->options & SSL_OP_PKCS1_CHECK_2) tmp_buf[0]=0x70; +#endif if (n <= 0) { SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_ENCRYPT); @@ -1331,8 +1354,8 @@ SSL *s; s->session->master_key_length= s->method->ssl3_enc->generate_master_secret(s, s->session->master_key, - tmp_buf,48); - memset(tmp_buf,0,48); + tmp_buf,SSL_MAX_MASTER_KEY_LENGTH); + memset(tmp_buf,0,SSL_MAX_MASTER_KEY_LENGTH); } else #endif diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index bbd9b637c..116b09615 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -136,7 +136,7 @@ int which; unsigned char *ms,*key,*iv,*er1,*er2; EVP_CIPHER_CTX *dd; EVP_CIPHER *c; - SSL_COMPRESSION *comp; + COMP_METHOD *comp; EVP_MD *m; MD5_CTX md; int exp,n,i,j,k; @@ -155,7 +155,25 @@ int which; goto err; dd= s->enc_read_ctx; s->read_hash=m; - s->read_compression=comp; + /* COMPRESS */ + if (s->expand != NULL) + { + COMP_CTX_free(s->expand); + s->expand=NULL; + } + if (comp != NULL) + { + s->expand=COMP_CTX_new(comp); + if (s->expand == NULL) + { + SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE,SSL_R_COMPRESSION_LIBRARY_ERROR); + goto err2; + } + s->s3->rrec.comp=(unsigned char *) + Malloc(SSL3_RT_MAX_PLAIN_LENGTH); + if (s->s3->rrec.comp == NULL) + goto err; + } memset(&(s->s3->read_sequence[0]),0,8); mac_secret= &(s->s3->read_mac_secret[0]); } @@ -167,7 +185,21 @@ int which; goto err; dd= s->enc_write_ctx; s->write_hash=m; - s->write_compression=comp; + /* COMPRESS */ + if (s->compress != NULL) + { + COMP_CTX_free(s->compress); + s->compress=NULL; + } + if (comp != NULL) + { + s->compress=COMP_CTX_new(comp); + if (s->compress == NULL) + { + SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE,SSL_R_COMPRESSION_LIBRARY_ERROR); + goto err2; + } + } memset(&(s->s3->write_sequence[0]),0,8); mac_secret= &(s->s3->write_mac_secret[0]); } @@ -258,6 +290,11 @@ SSL *s; s->s3->tmp.new_sym_enc=c; s->s3->tmp.new_hash=hash; +#ifdef ZLIB + s->s3->tmp.new_compression=COMP_zlib(); +#endif +/* s->s3->tmp.new_compression=COMP_rle(); */ +/* s->session->compress_meth= xxxxx */ exp=(s->session->cipher->algorithms & SSL_EXPORT)?1:0; @@ -302,35 +339,28 @@ int send; unsigned long l; int bs,i; EVP_CIPHER *enc; - SSL_COMPRESSION *comp; if (send) { ds=s->enc_write_ctx; rec= &(s->s3->wrec); if (s->enc_write_ctx == NULL) - { enc=NULL; comp=NULL; } + enc=NULL; else - { enc=EVP_CIPHER_CTX_cipher(s->enc_write_ctx); - comp=s->write_compression; - } } else { ds=s->enc_read_ctx; rec= &(s->s3->rrec); if (s->enc_read_ctx == NULL) - { enc=NULL; comp=NULL; } + enc=NULL; else - { enc=EVP_CIPHER_CTX_cipher(s->enc_read_ctx); - comp=s->read_compression; - } } if ((s->session == NULL) || (ds == NULL) || - ((enc == NULL) && (comp == NULL))) + (enc == NULL)) { memcpy(rec->data,rec->input,rec->length); rec->input=rec->data; @@ -340,6 +370,8 @@ int send; l=rec->length; bs=EVP_CIPHER_block_size(ds->cipher); + /* COMPRESS */ + /* This should be using (bs-1) and bs instead of 7 and 8 */ if ((bs != 1) && send) { diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 0fd945025..41b181407 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -60,7 +60,7 @@ #include "objects.h" #include "ssl_locl.h" -char *ssl3_version_str="SSLv3 part of SSLeay 0.9.0b 29-Jun-1998"; +char *ssl3_version_str="SSLv3 part of SSLeay 0.9.1a 06-Jul-1998"; #define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER)) @@ -384,6 +384,7 @@ static SSL_METHOD SSLv3_data= { ssl3_write, ssl3_shutdown, ssl3_renegotiate, + ssl3_renegotiate_check, ssl3_ctrl, ssl3_ctx_ctrl, ssl3_get_cipher_by_char, @@ -460,6 +461,8 @@ SSL *s; Free(s->s3->rbuf.buf); if (s->s3->wbuf.buf != NULL) Free(s->s3->wbuf.buf); + if (s->s3->rrec.comp != NULL) + Free(s->s3->rrec.comp); #ifndef NO_DH if (s->s3->tmp.dh != NULL) DH_free(s->s3->tmp.dh); @@ -486,6 +489,13 @@ SSL *s; memset(s->s3,0,sizeof(SSL3_CTX)); if (rp != NULL) s->s3->rbuf.buf=rp; if (wp != NULL) s->s3->wbuf.buf=wp; + + if (s->s3->rrec.comp != NULL) + { + Free(s->s3->rrec.comp); + s->s3->rrec.comp=NULL; + } + s->packet_length=0; s->s3->renegotiate=0; s->s3->total_renegotiations=0; @@ -519,6 +529,9 @@ char *parg; case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS: ret=s->s3->total_renegotiations; break; + case SSL_CTRL_GET_FLAGS: + ret=s->s3->flags; + break; default: break; } @@ -546,7 +559,7 @@ char *parg; return(1); else return(0); - break; + /* break; */ case SSL_CTRL_SET_TMP_RSA: { RSA *rsa; @@ -574,7 +587,7 @@ char *parg; return(1); } } - break; + /* break; */ case SSL_CTRL_SET_TMP_RSA_CB: cert->rsa_tmp_cb=(RSA *(*)())parg; break; @@ -583,6 +596,7 @@ char *parg; case SSL_CTRL_SET_TMP_DH: { DH *new=NULL,*dh; + int rret=0; dh=(DH *)parg; if ( ((new=DHparams_dup(dh)) == NULL) || @@ -590,21 +604,31 @@ char *parg; { SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB); if (new != NULL) DH_free(new); - return(0); } else { if (cert->dh_tmp != NULL) DH_free(cert->dh_tmp); cert->dh_tmp=new; - return(1); + rret=1; } + return(rret); } - break; + /*break; */ case SSL_CTRL_SET_TMP_DH_CB: cert->dh_tmp_cb=(DH *(*)())parg; break; #endif + /* A Thwate special :-) */ + case SSL_CTRL_EXTRA_CHAIN_CERT: + if (ctx->extra_certs == NULL) + { + if ((ctx->extra_certs=sk_new_null()) == NULL) + return(0); + } + sk_push(ctx->extra_certs,(char *)parg); + break; + default: return(0); } @@ -743,28 +767,30 @@ unsigned char *p; #ifndef NO_DH if (alg & (SSL_kDHr|SSL_kEDH)) { -#ifndef NO_RSA +# ifndef NO_RSA p[ret++]=SSL3_CT_RSA_FIXED_DH; -#endif -#ifndef NO_DSA +# endif +# ifndef NO_DSA p[ret++]=SSL3_CT_DSS_FIXED_DH; -#endif +# endif } if ((s->version == SSL3_VERSION) && (alg & (SSL_kEDH|SSL_kDHd|SSL_kDHr))) { -#ifndef NO_RSA +# ifndef NO_RSA p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH; -#endif -#ifndef NO_DSA +# endif +# ifndef NO_DSA p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH; -#endif +# endif } #endif /* !NO_DH */ #ifndef NO_RSA p[ret++]=SSL3_CT_RSA_SIGN; #endif +#ifndef NO_DSA p[ret++]=SSL3_CT_DSS_SIGN; +#endif return(ret); } diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c index 238508034..444263b70 100644 --- a/ssl/s3_pkt.c +++ b/ssl/s3_pkt.c @@ -79,6 +79,18 @@ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED); * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN); * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_TLSV1_ALERT_DECRYPTION_FAILED); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_TLSV1_ALERT_RECORD_OVERFLOW); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_TLSV1_ALERT_UNKNOWN_CA); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_TLSV1_ALERT_ACCESS_DENIED); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_TLSV1_ALERT_DECODE_ERROR); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_TLSV1_ALERT_DECRYPT_ERROR); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_TLSV1_ALERT_EXPORT_RESTRICION); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_TLSV1_ALERT_PROTOCOL_VERSION); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_TLSV1_ALERT_INTERNAL_ERROR); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_TLSV1_ALERT_USER_CANCLED); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_TLSV1_ALERT_NO_RENEGOTIATION); */ #ifndef NOPROTO @@ -213,7 +225,6 @@ int extend; static int ssl3_get_record(s) SSL *s; { - char tmp_buf[512]; int ssl_major,ssl_minor,al; int n,i,ret= -1; SSL3_BUFFER *rb; @@ -331,7 +342,6 @@ again: /* decrypt in place in 'rr->input' */ rr->data=rr->input; - memcpy(tmp_buf,rr->input,(rr->length > 512)?512:rr->length); if (!s->method->ssl3_enc->enc(s,0)) { @@ -340,7 +350,7 @@ again: } #ifdef TLS_DEBUG printf("dec %d\n",rr->length); -{ int z; for (z=0; z<rr->length; z++) printf("%02X%c",rr->data[z],((z+1)%16)?' ':'\n'); } +{ unsigned int z; for (z=0; z<rr->length; z++) printf("%02X%c",rr->data[z],((z+1)%16)?' ':'\n'); } printf("\n"); #endif /* r->length is now the compressed data plus mac */ @@ -378,7 +388,7 @@ printf("\n"); } /* r->length is now just compressed */ - if ((sess != NULL) && (sess->read_compression != NULL)) + if (s->expand != NULL) { if (rr->length > (unsigned int)SSL3_RT_MAX_COMPRESSED_LENGTH+extra) @@ -427,12 +437,37 @@ err: static int do_uncompress(ssl) SSL *ssl; { + int i; + SSL3_RECORD *rr; + + rr= &(ssl->s3->rrec); + i=COMP_expand_block(ssl->expand,rr->comp, + SSL3_RT_MAX_PLAIN_LENGTH,rr->data,(int)rr->length); + if (i < 0) + return(0); + else + rr->length=i; + rr->data=rr->comp; + return(1); } static int do_compress(ssl) SSL *ssl; { + int i; + SSL3_RECORD *wr; + + wr= &(ssl->s3->wrec); + i=COMP_compress_block(ssl->compress,wr->data, + SSL3_RT_MAX_COMPRESSED_LENGTH, + wr->input,(int)wr->length); + if (i < 0) + return(0); + else + wr->length=i; + + wr->input=wr->data; return(1); } @@ -552,7 +587,7 @@ unsigned int len; * wr->data */ /* first we compress */ - if ((sess != NULL) && (sess->write_compression != NULL)) + if (s->compress != NULL) { if (!do_compress(s)) { @@ -786,7 +821,8 @@ start: s->rwstate=SSL_NOTHING; s->s3->fatal_alert=n; - SSLerr(SSL_F_SSL3_READ_BYTES,1000+n); + SSLerr(SSL_F_SSL3_READ_BYTES, + SSL_AD_REASON_OFFSET+n); sprintf(tmp,"%d",n); ERR_add_error_data(2,"SSL alert number ",tmp); s->shutdown|=SSL_RECEIVED_SHUTDOWN; diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 64903af15..743f8ea23 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -1259,7 +1259,7 @@ SSL *s; i=RSA_private_decrypt((int)n,p,p,rsa,RSA_PKCS1_PADDING); #if 1 - /* If a bad decrypt, use a dud master key */ + /* If a bad decrypt, use a random master key */ if ((i != SSL_MAX_MASTER_KEY_LENGTH) || ((p[0] != (s->version>>8)) || (p[1] != (s->version & 0xff)))) diff --git a/ssl/ssl.err b/ssl/ssl.err index c54326c62..10ca9c534 100644 --- a/ssl/ssl.err +++ b/ssl/ssl.err @@ -105,11 +105,12 @@ #define SSL_F_SSL_USE_RSAPRIVATEKEY 201 #define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 202 #define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 203 -#define SSL_F_SSL_WRITE 204 -#define SSL_F_TLS1_CHANGE_CIPHER_STATE 205 -#define SSL_F_TLS1_ENC 206 -#define SSL_F_TLS1_SETUP_KEY_BLOCK 207 -#define SSL_F_WRITE_PENDING 208 +#define SSL_F_SSL_VERIFY_CERT_CHAIN 204 +#define SSL_F_SSL_WRITE 205 +#define SSL_F_TLS1_CHANGE_CIPHER_STATE 206 +#define SSL_F_TLS1_ENC 207 +#define SSL_F_TLS1_SETUP_KEY_BLOCK 208 +#define SSL_F_WRITE_PENDING 209 /* Reason codes. */ #define SSL_R_APP_DATA_IN_HANDSHAKE 100 @@ -154,83 +155,85 @@ #define SSL_R_CIPHER_TABLE_SRC_ERROR 139 #define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140 #define SSL_R_COMPRESSION_FAILURE 141 -#define SSL_R_CONNECTION_ID_IS_DIFFERENT 142 -#define SSL_R_CONNECTION_TYPE_NOT_SET 143 -#define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 144 -#define SSL_R_DATA_LENGTH_TOO_LONG 145 -#define SSL_R_DECRYPTION_FAILED 146 -#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 147 -#define SSL_R_DIGEST_CHECK_FAILED 148 -#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 149 -#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 150 -#define SSL_R_EXCESSIVE_MESSAGE_SIZE 151 -#define SSL_R_EXTRA_DATA_IN_MESSAGE 152 -#define SSL_R_GOT_A_FIN_BEFORE_A_CCS 153 -#define SSL_R_HTTPS_PROXY_REQUEST 154 -#define SSL_R_HTTP_REQUEST 155 -#define SSL_R_INTERNAL_ERROR 156 -#define SSL_R_INVALID_CHALLENGE_LENGTH 157 -#define SSL_R_LENGTH_MISMATCH 158 -#define SSL_R_LENGTH_TOO_SHORT 159 -#define SSL_R_LIBRARY_HAS_NO_CIPHERS 160 -#define SSL_R_MISSING_DH_DSA_CERT 161 -#define SSL_R_MISSING_DH_KEY 162 -#define SSL_R_MISSING_DH_RSA_CERT 163 -#define SSL_R_MISSING_DSA_SIGNING_CERT 164 -#define SSL_R_MISSING_EXPORT_TMP_DH_KEY 165 -#define SSL_R_MISSING_EXPORT_TMP_RSA_KEY 166 -#define SSL_R_MISSING_RSA_CERTIFICATE 167 -#define SSL_R_MISSING_RSA_ENCRYPTING_CERT 168 -#define SSL_R_MISSING_RSA_SIGNING_CERT 169 -#define SSL_R_MISSING_TMP_DH_KEY 170 -#define SSL_R_MISSING_TMP_RSA_KEY 171 -#define SSL_R_MISSING_TMP_RSA_PKEY 172 -#define SSL_R_MISSING_VERIFY_MESSAGE 173 -#define SSL_R_NON_SSLV2_INITIAL_PACKET 174 -#define SSL_R_NO_CERTIFICATES_RETURNED 175 -#define SSL_R_NO_CERTIFICATE_ASSIGNED 176 -#define SSL_R_NO_CERTIFICATE_RETURNED 177 -#define SSL_R_NO_CERTIFICATE_SET 178 -#define SSL_R_NO_CERTIFICATE_SPECIFIED 179 -#define SSL_R_NO_CIPHERS_AVAILABLE 180 -#define SSL_R_NO_CIPHERS_PASSED 181 -#define SSL_R_NO_CIPHERS_SPECIFIED 182 -#define SSL_R_NO_CIPHER_LIST 183 -#define SSL_R_NO_CIPHER_MATCH 184 -#define SSL_R_NO_CLIENT_CERT_RECEIVED 185 -#define SSL_R_NO_COMPRESSION_SPECIFIED 186 -#define SSL_R_NO_PRIVATEKEY 187 -#define SSL_R_NO_PRIVATE_KEY_ASSIGNED 188 -#define SSL_R_NO_PROTOCOLS_AVAILABLE 189 -#define SSL_R_NO_PUBLICKEY 190 -#define SSL_R_NO_SHARED_CIPHER 191 -#define SSL_R_NULL_SSL_CTX 192 -#define SSL_R_NULL_SSL_METHOD_PASSED 193 -#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 194 -#define SSL_R_PACKET_LENGTH_TOO_LONG 195 -#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 196 -#define SSL_R_PEER_ERROR 197 -#define SSL_R_PEER_ERROR_CERTIFICATE 198 -#define SSL_R_PEER_ERROR_NO_CERTIFICATE 199 -#define SSL_R_PEER_ERROR_NO_CIPHER 200 -#define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 201 -#define SSL_R_PRE_MAC_LENGTH_TOO_LONG 202 -#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS 203 -#define SSL_R_PROTOCOL_IS_SHUTDOWN 204 -#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR 205 -#define SSL_R_PUBLIC_KEY_IS_NOT_RSA 206 -#define SSL_R_PUBLIC_KEY_NOT_RSA 207 -#define SSL_R_READ_BIO_NOT_SET 208 -#define SSL_R_READ_WRONG_PACKET_TYPE 209 -#define SSL_R_RECORD_LENGTH_MISMATCH 210 -#define SSL_R_RECORD_TOO_LARGE 211 -#define SSL_R_REQUIRED_CIPHER_MISSING 212 -#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 213 -#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 214 -#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 215 -#define SSL_R_SHORT_READ 216 -#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 217 -#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 218 +#define SSL_R_COMPRESSION_LIBRARY_ERROR 142 +#define SSL_R_CONNECTION_ID_IS_DIFFERENT 143 +#define SSL_R_CONNECTION_TYPE_NOT_SET 144 +#define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 145 +#define SSL_R_DATA_LENGTH_TOO_LONG 146 +#define SSL_R_DECRYPTION_FAILED 147 +#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148 +#define SSL_R_DIGEST_CHECK_FAILED 149 +#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150 +#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151 +#define SSL_R_EXCESSIVE_MESSAGE_SIZE 152 +#define SSL_R_EXTRA_DATA_IN_MESSAGE 153 +#define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154 +#define SSL_R_HTTPS_PROXY_REQUEST 155 +#define SSL_R_HTTP_REQUEST 156 +#define SSL_R_INTERNAL_ERROR 157 +#define SSL_R_INVALID_CHALLENGE_LENGTH 158 +#define SSL_R_LENGTH_MISMATCH 159 +#define SSL_R_LENGTH_TOO_SHORT 160 +#define SSL_R_LIBRARY_HAS_NO_CIPHERS 161 +#define SSL_R_MISSING_DH_DSA_CERT 162 +#define SSL_R_MISSING_DH_KEY 163 +#define SSL_R_MISSING_DH_RSA_CERT 164 +#define SSL_R_MISSING_DSA_SIGNING_CERT 165 +#define SSL_R_MISSING_EXPORT_TMP_DH_KEY 166 +#define SSL_R_MISSING_EXPORT_TMP_RSA_KEY 167 +#define SSL_R_MISSING_RSA_CERTIFICATE 168 +#define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169 +#define SSL_R_MISSING_RSA_SIGNING_CERT 170 +#define SSL_R_MISSING_TMP_DH_KEY 171 +#define SSL_R_MISSING_TMP_RSA_KEY 172 +#define SSL_R_MISSING_TMP_RSA_PKEY 173 +#define SSL_R_MISSING_VERIFY_MESSAGE 174 +#define SSL_R_NON_SSLV2_INITIAL_PACKET 175 +#define SSL_R_NO_CERTIFICATES_RETURNED 176 +#define SSL_R_NO_CERTIFICATE_ASSIGNED 177 +#define SSL_R_NO_CERTIFICATE_RETURNED 178 +#define SSL_R_NO_CERTIFICATE_SET 179 +#define SSL_R_NO_CERTIFICATE_SPECIFIED 180 +#define SSL_R_NO_CIPHERS_AVAILABLE 181 +#define SSL_R_NO_CIPHERS_PASSED 182 +#define SSL_R_NO_CIPHERS_SPECIFIED 183 +#define SSL_R_NO_CIPHER_LIST 184 +#define SSL_R_NO_CIPHER_MATCH 185 +#define SSL_R_NO_CLIENT_CERT_RECEIVED 186 +#define SSL_R_NO_COMPRESSION_SPECIFIED 187 +#define SSL_R_NO_PRIVATEKEY 188 +#define SSL_R_NO_PRIVATE_KEY_ASSIGNED 189 +#define SSL_R_NO_PROTOCOLS_AVAILABLE 190 +#define SSL_R_NO_PUBLICKEY 191 +#define SSL_R_NO_SHARED_CIPHER 192 +#define SSL_R_NO_VERIFY_CALLBACK 193 +#define SSL_R_NULL_SSL_CTX 194 +#define SSL_R_NULL_SSL_METHOD_PASSED 195 +#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 196 +#define SSL_R_PACKET_LENGTH_TOO_LONG 197 +#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 198 +#define SSL_R_PEER_ERROR 199 +#define SSL_R_PEER_ERROR_CERTIFICATE 200 +#define SSL_R_PEER_ERROR_NO_CERTIFICATE 201 +#define SSL_R_PEER_ERROR_NO_CIPHER 202 +#define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 203 +#define SSL_R_PRE_MAC_LENGTH_TOO_LONG 204 +#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS 205 +#define SSL_R_PROTOCOL_IS_SHUTDOWN 206 +#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR 207 +#define SSL_R_PUBLIC_KEY_IS_NOT_RSA 208 +#define SSL_R_PUBLIC_KEY_NOT_RSA 209 +#define SSL_R_READ_BIO_NOT_SET 210 +#define SSL_R_READ_WRONG_PACKET_TYPE 211 +#define SSL_R_RECORD_LENGTH_MISMATCH 212 +#define SSL_R_RECORD_TOO_LARGE 213 +#define SSL_R_REQUIRED_CIPHER_MISSING 214 +#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 215 +#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 216 +#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 217 +#define SSL_R_SHORT_READ 218 +#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 219 +#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 220 #define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042 #define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020 #define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED 1045 @@ -240,51 +243,64 @@ #define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040 #define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047 #define SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041 -#define SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE 219 -#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE 220 -#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER 221 -#define SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 222 +#define SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE 221 +#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE 222 +#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER 223 +#define SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 224 #define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010 -#define SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE 223 +#define SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE 225 #define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE 1043 -#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 224 -#define SSL_R_SSL_HANDSHAKE_FAILURE 225 -#define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS 226 -#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT 227 -#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 228 -#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 229 -#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 230 -#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 231 -#define SSL_R_UNABLE_TO_DECODE_DH_CERTS 232 -#define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY 233 -#define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS 234 -#define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 235 -#define SSL_R_UNABLE_TO_FIND_SSL_METHOD 236 -#define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES 237 -#define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES 238 -#define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 239 -#define SSL_R_UNEXPECTED_MESSAGE 240 -#define SSL_R_UNEXPECTED_RECORD 241 -#define SSL_R_UNKNOWN_ALERT_TYPE 242 -#define SSL_R_UNKNOWN_CERTIFICATE_TYPE 243 -#define SSL_R_UNKNOWN_CIPHER_RETURNED 244 -#define SSL_R_UNKNOWN_CIPHER_TYPE 245 -#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 246 -#define SSL_R_UNKNOWN_PKEY_TYPE 247 -#define SSL_R_UNKNOWN_PROTOCOL 248 -#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 249 -#define SSL_R_UNKNOWN_SSL_VERSION 250 -#define SSL_R_UNKNOWN_STATE 251 -#define SSL_R_UNSUPPORTED_CIPHER 252 -#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 253 -#define SSL_R_UNSUPPORTED_PROTOCOL 254 -#define SSL_R_UNSUPPORTED_SSL_VERSION 255 -#define SSL_R_WRITE_BIO_NOT_SET 256 -#define SSL_R_WRONG_CIPHER_RETURNED 257 -#define SSL_R_WRONG_MESSAGE_TYPE 258 -#define SSL_R_WRONG_NUMBER_OF_KEY_BITS 259 -#define SSL_R_WRONG_SIGNATURE_LENGTH 260 -#define SSL_R_WRONG_SIGNATURE_SIZE 261 -#define SSL_R_WRONG_SSL_VERSION 262 -#define SSL_R_WRONG_VERSION_NUMBER 263 -#define SSL_R_X509_LIB 264 +#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 226 +#define SSL_R_SSL_HANDSHAKE_FAILURE 227 +#define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS 228 +#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT 229 +#define SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049 +#define SSL_R_TLSV1_ALERT_DECODE_ERROR 1050 +#define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021 +#define SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051 +#define SSL_R_TLSV1_ALERT_EXPORT_RESTRICION 1060 +#define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071 +#define SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080 +#define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100 +#define SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070 +#define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW 1022 +#define SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048 +#define SSL_R_TLSV1_ALERT_USER_CANCLED 1090 +#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 230 +#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 231 +#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 232 +#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 233 +#define SSL_R_UNABLE_TO_DECODE_DH_CERTS 234 +#define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY 235 +#define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS 236 +#define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 237 +#define SSL_R_UNABLE_TO_FIND_SSL_METHOD 238 +#define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES 239 +#define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES 240 +#define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 241 +#define SSL_R_UNEXPECTED_MESSAGE 242 +#define SSL_R_UNEXPECTED_RECORD 243 +#define SSL_R_UNKNOWN_ALERT_TYPE 244 +#define SSL_R_UNKNOWN_CERTIFICATE_TYPE 245 +#define SSL_R_UNKNOWN_CIPHER_RETURNED 246 +#define SSL_R_UNKNOWN_CIPHER_TYPE 247 +#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 248 +#define SSL_R_UNKNOWN_PKEY_TYPE 249 +#define SSL_R_UNKNOWN_PROTOCOL 250 +#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 251 +#define SSL_R_UNKNOWN_SSL_VERSION 252 +#define SSL_R_UNKNOWN_STATE 253 +#define SSL_R_UNSUPPORTED_CIPHER 254 +#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 255 +#define SSL_R_UNSUPPORTED_PROTOCOL 256 +#define SSL_R_UNSUPPORTED_SSL_VERSION 257 +#define SSL_R_WRITE_BIO_NOT_SET 258 +#define SSL_R_WRONG_CIPHER_RETURNED 259 +#define SSL_R_WRONG_MESSAGE_TYPE 260 +#define SSL_R_WRONG_NUMBER_OF_KEY_BITS 261 +#define SSL_R_WRONG_SIGNATURE_LENGTH 262 +#define SSL_R_WRONG_SIGNATURE_SIZE 263 +#define SSL_R_WRONG_SSL_VERSION 264 +#define SSL_R_WRONG_VERSION_NUMBER 265 +#define SSL_R_X509_LIB 266 +#define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS 267 @@ -124,6 +124,7 @@ extern "C" { #define SSL_TXT_EXPORT "EXPORT" #define SSL_TXT_SSLV2 "SSLv2" #define SSL_TXT_SSLV3 "SSLv3" +#define SSL_TXT_TLSV1 "TLSv1" #define SSL_TXT_ALL "ALL" /* 'DEFAULT' at the start of the cipher list insert the following string @@ -178,6 +179,7 @@ typedef struct ssl_method_st int (*ssl_write)(); int (*ssl_shutdown)(); int (*ssl_renegotiate)(); + int (*ssl_renegotiate_check)(); long (*ssl_ctrl)(); long (*ssl_ctx_ctrl)(); SSL_CIPHER *(*get_cipher_by_char)(); @@ -190,11 +192,6 @@ typedef struct ssl_method_st struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */ } SSL_METHOD; -typedef struct ssl_compression_st - { - char *stuff; - } SSL_COMPRESSION; - /* Lets make this into an ASN.1 type structure as follows * SSL_SESSION_ID ::= SEQUENCE { * version INTEGER, -- structure version number @@ -206,6 +203,7 @@ typedef struct ssl_compression_st * Time [ 1 ] EXPLICIT INTEGER, -- optional Start Time * Timeout [ 2 ] EXPLICIT INTEGER, -- optional Timeout ins seconds * Peer [ 3 ] EXPLICIT X509, -- optional Peer Certificate + * Compression [4] IMPLICIT ASN1_OBJECT -- compression OID XXXXX * } * Look in ssl/ssl_asn1.c for more details * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-). @@ -237,8 +235,11 @@ typedef struct ssl_session_st long timeout; long time; - SSL_COMPRESSION *read_compression; - SSL_COMPRESSION *write_compression; +#ifdef HEADER_COMP_H + COMP_CTX *compress_meth; +#else + char *compress_meth; +#endif SSL_CIPHER *cipher; unsigned long cipher_id; /* when ASN.1 loaded, this @@ -262,13 +263,17 @@ typedef struct ssl_session_st #define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L #define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L #define SSL_OP_TLS_D5_BUG 0x00000100L -#define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L +#define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L /* If set, only use tmp_dh parameters once */ #define SSL_OP_SINGLE_DH_USE 0x00100000L /* Set to also use the tmp_rsa key when doing RSA operations. */ #define SSL_OP_EPHEMERAL_RSA 0x00200000L +/* The next flag deliberatly changes the ciphertest, this is a check + * for the PKCS#1 attack */ +#define SSL_OP_PKCS1_CHECK_1 0x08000000L +#define SSL_OP_PKCS1_CHECK_2 0x10000000L #define SSL_OP_NETSCAPE_CA_DN_BUG 0x20000000L #define SSL_OP_NON_EXPORT_FIRST 0x40000000L #define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x80000000L @@ -385,6 +390,8 @@ typedef struct ssl_ctx_st EVP_MD *rsa_md5;/* For SSLv2 - name is 'ssl2-md5' */ EVP_MD *md5; /* For SSLv3/TLSv1 'ssl3-md5' */ EVP_MD *sha1; /* For SSLv3/TLSv1 'ssl3->sha1' */ + + STACK *extra_certs; } SSL_CTX; #define SSL_SESS_CACHE_OFF 0x0000 @@ -512,11 +519,19 @@ typedef struct ssl_st EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */ EVP_MD *read_hash; /* used for mac generation */ - SSL_COMPRESSION *read_compression; /* compression */ +#ifdef HEADER_COMP_H + COMP_CTX *expand; /* uncompress */ +#else + char *expand; +#endif EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */ EVP_MD *write_hash; /* used for mac generation */ - SSL_COMPRESSION *write_compression; /* compression */ +#ifdef HEADER_COMP_H + COMP_CTX *compress; /* compression */ +#else + char *compress; +#endif /* session info */ @@ -660,6 +675,7 @@ typedef struct ssl_st PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL) #endif +#define SSL_AD_REASON_OFFSET 1000 /* These alert types are for SSLv3 and TLSv1 */ #define SSL_AD_CLOSE_NOTIFY SSL3_AD_CLOSE_NOTIFY #define SSL_AD_UNEXPECTED_MESSAGE SSL3_AD_UNEXPECTED_MESSAGE /* fatal */ @@ -706,6 +722,9 @@ typedef struct ssl_st #define SSL_CTRL_GET_NUM_RENEGOTIATIONS 8 #define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS 9 #define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS 10 +#define SSL_CTRL_GET_FLAGS 11 + +#define SSL_CTRL_EXTRA_CHAIN_CERT 11 #define SSL_session_reused(ssl) \ SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL) @@ -724,14 +743,17 @@ typedef struct ssl_st SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)dh) /* For the next 2, the callbacks are - * RSA *tmp_rsa_cb(int export) - * DH *tmp_dh_cb(int export) + * RSA *tmp_rsa_cb(SSL *ssl,int export) + * DH *tmp_dh_cb(SSL *ssl,int export) */ #define SSL_CTX_set_tmp_rsa_callback(ctx,cb) \ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA_CB,0,(char *)cb) #define SSL_CTX_set_tmp_dh_callback(ctx,dh) \ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH_CB,0,(char *)dh) +#define SSL_CTX_add_extra_chain_cert(ctx,x509) \ + SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509) + #ifndef NOPROTO #ifdef HEADER_BIO_H @@ -944,6 +966,8 @@ char *SSL_CTX_get_ex_data(SSL_CTX *ssl,int idx); int SSL_CTX_get_ex_new_index(long argl, char *argp, int (*new_func)(), int (*dup_func)(), void (*free_func)()); +int SSL_get_ex_data_X509_STORE_CTX_idx(void ); + #else BIO_METHOD *BIO_f_ssl(); @@ -1120,6 +1144,7 @@ X509 *SSL_get_certificate(); #ifdef this_is_for_mk1mf_pl EVP *SSL_get_privatekey(); +#endif void SSL_CTX_set_quiet_shutdown(); int SSL_CTX_get_quiet_shutdown(); @@ -1133,7 +1158,7 @@ int SSL_CTX_load_verify_locations(); SSL_SESSION *SSL_get_session(); SSL_CTX *SSL_get_SSL_CTX(); void SSL_set_info_callback(); -int (*SSL_get_info_callback())(); +void (*SSL_get_info_callback())(); int SSL_state(); void SSL_set_verify_result(); long SSL_get_verify_result(); @@ -1150,7 +1175,9 @@ int SSL_CTX_set_ex_data(); char *SSL_CTX_get_ex_data(); int SSL_CTX_get_ex_new_index(); -#endif +int SSL_get_ex_data_X509_STORE_CTX_idx(); + +/* #endif */ #endif @@ -1262,11 +1289,12 @@ int SSL_CTX_get_ex_new_index(); #define SSL_F_SSL_USE_RSAPRIVATEKEY 201 #define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 202 #define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 203 -#define SSL_F_SSL_WRITE 204 -#define SSL_F_TLS1_CHANGE_CIPHER_STATE 205 -#define SSL_F_TLS1_ENC 206 -#define SSL_F_TLS1_SETUP_KEY_BLOCK 207 -#define SSL_F_WRITE_PENDING 208 +#define SSL_F_SSL_VERIFY_CERT_CHAIN 204 +#define SSL_F_SSL_WRITE 205 +#define SSL_F_TLS1_CHANGE_CIPHER_STATE 206 +#define SSL_F_TLS1_ENC 207 +#define SSL_F_TLS1_SETUP_KEY_BLOCK 208 +#define SSL_F_WRITE_PENDING 209 /* Reason codes. */ #define SSL_R_APP_DATA_IN_HANDSHAKE 100 @@ -1311,83 +1339,85 @@ int SSL_CTX_get_ex_new_index(); #define SSL_R_CIPHER_TABLE_SRC_ERROR 139 #define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140 #define SSL_R_COMPRESSION_FAILURE 141 -#define SSL_R_CONNECTION_ID_IS_DIFFERENT 142 -#define SSL_R_CONNECTION_TYPE_NOT_SET 143 -#define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 144 -#define SSL_R_DATA_LENGTH_TOO_LONG 145 -#define SSL_R_DECRYPTION_FAILED 146 -#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 147 -#define SSL_R_DIGEST_CHECK_FAILED 148 -#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 149 -#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 150 -#define SSL_R_EXCESSIVE_MESSAGE_SIZE 151 -#define SSL_R_EXTRA_DATA_IN_MESSAGE 152 -#define SSL_R_GOT_A_FIN_BEFORE_A_CCS 153 -#define SSL_R_HTTPS_PROXY_REQUEST 154 -#define SSL_R_HTTP_REQUEST 155 -#define SSL_R_INTERNAL_ERROR 156 -#define SSL_R_INVALID_CHALLENGE_LENGTH 157 -#define SSL_R_LENGTH_MISMATCH 158 -#define SSL_R_LENGTH_TOO_SHORT 159 -#define SSL_R_LIBRARY_HAS_NO_CIPHERS 160 -#define SSL_R_MISSING_DH_DSA_CERT 161 -#define SSL_R_MISSING_DH_KEY 162 -#define SSL_R_MISSING_DH_RSA_CERT 163 -#define SSL_R_MISSING_DSA_SIGNING_CERT 164 -#define SSL_R_MISSING_EXPORT_TMP_DH_KEY 165 -#define SSL_R_MISSING_EXPORT_TMP_RSA_KEY 166 -#define SSL_R_MISSING_RSA_CERTIFICATE 167 -#define SSL_R_MISSING_RSA_ENCRYPTING_CERT 168 -#define SSL_R_MISSING_RSA_SIGNING_CERT 169 -#define SSL_R_MISSING_TMP_DH_KEY 170 -#define SSL_R_MISSING_TMP_RSA_KEY 171 -#define SSL_R_MISSING_TMP_RSA_PKEY 172 -#define SSL_R_MISSING_VERIFY_MESSAGE 173 -#define SSL_R_NON_SSLV2_INITIAL_PACKET 174 -#define SSL_R_NO_CERTIFICATES_RETURNED 175 -#define SSL_R_NO_CERTIFICATE_ASSIGNED 176 -#define SSL_R_NO_CERTIFICATE_RETURNED 177 -#define SSL_R_NO_CERTIFICATE_SET 178 -#define SSL_R_NO_CERTIFICATE_SPECIFIED 179 -#define SSL_R_NO_CIPHERS_AVAILABLE 180 -#define SSL_R_NO_CIPHERS_PASSED 181 -#define SSL_R_NO_CIPHERS_SPECIFIED 182 -#define SSL_R_NO_CIPHER_LIST 183 -#define SSL_R_NO_CIPHER_MATCH 184 -#define SSL_R_NO_CLIENT_CERT_RECEIVED 185 -#define SSL_R_NO_COMPRESSION_SPECIFIED 186 -#define SSL_R_NO_PRIVATEKEY 187 -#define SSL_R_NO_PRIVATE_KEY_ASSIGNED 188 -#define SSL_R_NO_PROTOCOLS_AVAILABLE 189 -#define SSL_R_NO_PUBLICKEY 190 -#define SSL_R_NO_SHARED_CIPHER 191 -#define SSL_R_NULL_SSL_CTX 192 -#define SSL_R_NULL_SSL_METHOD_PASSED 193 -#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 194 -#define SSL_R_PACKET_LENGTH_TOO_LONG 195 -#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 196 -#define SSL_R_PEER_ERROR 197 -#define SSL_R_PEER_ERROR_CERTIFICATE 198 -#define SSL_R_PEER_ERROR_NO_CERTIFICATE 199 -#define SSL_R_PEER_ERROR_NO_CIPHER 200 -#define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 201 -#define SSL_R_PRE_MAC_LENGTH_TOO_LONG 202 -#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS 203 -#define SSL_R_PROTOCOL_IS_SHUTDOWN 204 -#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR 205 -#define SSL_R_PUBLIC_KEY_IS_NOT_RSA 206 -#define SSL_R_PUBLIC_KEY_NOT_RSA 207 -#define SSL_R_READ_BIO_NOT_SET 208 -#define SSL_R_READ_WRONG_PACKET_TYPE 209 -#define SSL_R_RECORD_LENGTH_MISMATCH 210 -#define SSL_R_RECORD_TOO_LARGE 211 -#define SSL_R_REQUIRED_CIPHER_MISSING 212 -#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 213 -#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 214 -#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 215 -#define SSL_R_SHORT_READ 216 -#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 217 -#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 218 +#define SSL_R_COMPRESSION_LIBRARY_ERROR 142 +#define SSL_R_CONNECTION_ID_IS_DIFFERENT 143 +#define SSL_R_CONNECTION_TYPE_NOT_SET 144 +#define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 145 +#define SSL_R_DATA_LENGTH_TOO_LONG 146 +#define SSL_R_DECRYPTION_FAILED 147 +#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148 +#define SSL_R_DIGEST_CHECK_FAILED 149 +#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150 +#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151 +#define SSL_R_EXCESSIVE_MESSAGE_SIZE 152 +#define SSL_R_EXTRA_DATA_IN_MESSAGE 153 +#define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154 +#define SSL_R_HTTPS_PROXY_REQUEST 155 +#define SSL_R_HTTP_REQUEST 156 +#define SSL_R_INTERNAL_ERROR 157 +#define SSL_R_INVALID_CHALLENGE_LENGTH 158 +#define SSL_R_LENGTH_MISMATCH 159 +#define SSL_R_LENGTH_TOO_SHORT 160 +#define SSL_R_LIBRARY_HAS_NO_CIPHERS 161 +#define SSL_R_MISSING_DH_DSA_CERT 162 +#define SSL_R_MISSING_DH_KEY 163 +#define SSL_R_MISSING_DH_RSA_CERT 164 +#define SSL_R_MISSING_DSA_SIGNING_CERT 165 +#define SSL_R_MISSING_EXPORT_TMP_DH_KEY 166 +#define SSL_R_MISSING_EXPORT_TMP_RSA_KEY 167 +#define SSL_R_MISSING_RSA_CERTIFICATE 168 +#define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169 +#define SSL_R_MISSING_RSA_SIGNING_CERT 170 +#define SSL_R_MISSING_TMP_DH_KEY 171 +#define SSL_R_MISSING_TMP_RSA_KEY 172 +#define SSL_R_MISSING_TMP_RSA_PKEY 173 +#define SSL_R_MISSING_VERIFY_MESSAGE 174 +#define SSL_R_NON_SSLV2_INITIAL_PACKET 175 +#define SSL_R_NO_CERTIFICATES_RETURNED 176 +#define SSL_R_NO_CERTIFICATE_ASSIGNED 177 +#define SSL_R_NO_CERTIFICATE_RETURNED 178 +#define SSL_R_NO_CERTIFICATE_SET 179 +#define SSL_R_NO_CERTIFICATE_SPECIFIED 180 +#define SSL_R_NO_CIPHERS_AVAILABLE 181 +#define SSL_R_NO_CIPHERS_PASSED 182 +#define SSL_R_NO_CIPHERS_SPECIFIED 183 +#define SSL_R_NO_CIPHER_LIST 184 +#define SSL_R_NO_CIPHER_MATCH 185 +#define SSL_R_NO_CLIENT_CERT_RECEIVED 186 +#define SSL_R_NO_COMPRESSION_SPECIFIED 187 +#define SSL_R_NO_PRIVATEKEY 188 +#define SSL_R_NO_PRIVATE_KEY_ASSIGNED 189 +#define SSL_R_NO_PROTOCOLS_AVAILABLE 190 +#define SSL_R_NO_PUBLICKEY 191 +#define SSL_R_NO_SHARED_CIPHER 192 +#define SSL_R_NO_VERIFY_CALLBACK 193 +#define SSL_R_NULL_SSL_CTX 194 +#define SSL_R_NULL_SSL_METHOD_PASSED 195 +#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 196 +#define SSL_R_PACKET_LENGTH_TOO_LONG 197 +#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 198 +#define SSL_R_PEER_ERROR 199 +#define SSL_R_PEER_ERROR_CERTIFICATE 200 +#define SSL_R_PEER_ERROR_NO_CERTIFICATE 201 +#define SSL_R_PEER_ERROR_NO_CIPHER 202 +#define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 203 +#define SSL_R_PRE_MAC_LENGTH_TOO_LONG 204 +#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS 205 +#define SSL_R_PROTOCOL_IS_SHUTDOWN 206 +#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR 207 +#define SSL_R_PUBLIC_KEY_IS_NOT_RSA 208 +#define SSL_R_PUBLIC_KEY_NOT_RSA 209 +#define SSL_R_READ_BIO_NOT_SET 210 +#define SSL_R_READ_WRONG_PACKET_TYPE 211 +#define SSL_R_RECORD_LENGTH_MISMATCH 212 +#define SSL_R_RECORD_TOO_LARGE 213 +#define SSL_R_REQUIRED_CIPHER_MISSING 214 +#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 215 +#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 216 +#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 217 +#define SSL_R_SHORT_READ 218 +#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 219 +#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 220 #define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042 #define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020 #define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED 1045 @@ -1397,54 +1427,67 @@ int SSL_CTX_get_ex_new_index(); #define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040 #define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047 #define SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041 -#define SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE 219 -#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE 220 -#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER 221 -#define SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 222 +#define SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE 221 +#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE 222 +#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER 223 +#define SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 224 #define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010 -#define SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE 223 +#define SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE 225 #define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE 1043 -#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 224 -#define SSL_R_SSL_HANDSHAKE_FAILURE 225 -#define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS 226 -#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT 227 -#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 228 -#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 229 -#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 230 -#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 231 -#define SSL_R_UNABLE_TO_DECODE_DH_CERTS 232 -#define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY 233 -#define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS 234 -#define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 235 -#define SSL_R_UNABLE_TO_FIND_SSL_METHOD 236 -#define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES 237 -#define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES 238 -#define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 239 -#define SSL_R_UNEXPECTED_MESSAGE 240 -#define SSL_R_UNEXPECTED_RECORD 241 -#define SSL_R_UNKNOWN_ALERT_TYPE 242 -#define SSL_R_UNKNOWN_CERTIFICATE_TYPE 243 -#define SSL_R_UNKNOWN_CIPHER_RETURNED 244 -#define SSL_R_UNKNOWN_CIPHER_TYPE 245 -#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 246 -#define SSL_R_UNKNOWN_PKEY_TYPE 247 -#define SSL_R_UNKNOWN_PROTOCOL 248 -#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 249 -#define SSL_R_UNKNOWN_SSL_VERSION 250 -#define SSL_R_UNKNOWN_STATE 251 -#define SSL_R_UNSUPPORTED_CIPHER 252 -#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 253 -#define SSL_R_UNSUPPORTED_PROTOCOL 254 -#define SSL_R_UNSUPPORTED_SSL_VERSION 255 -#define SSL_R_WRITE_BIO_NOT_SET 256 -#define SSL_R_WRONG_CIPHER_RETURNED 257 -#define SSL_R_WRONG_MESSAGE_TYPE 258 -#define SSL_R_WRONG_NUMBER_OF_KEY_BITS 259 -#define SSL_R_WRONG_SIGNATURE_LENGTH 260 -#define SSL_R_WRONG_SIGNATURE_SIZE 261 -#define SSL_R_WRONG_SSL_VERSION 262 -#define SSL_R_WRONG_VERSION_NUMBER 263 -#define SSL_R_X509_LIB 264 +#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 226 +#define SSL_R_SSL_HANDSHAKE_FAILURE 227 +#define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS 228 +#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT 229 +#define SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049 +#define SSL_R_TLSV1_ALERT_DECODE_ERROR 1050 +#define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021 +#define SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051 +#define SSL_R_TLSV1_ALERT_EXPORT_RESTRICION 1060 +#define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071 +#define SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080 +#define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100 +#define SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070 +#define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW 1022 +#define SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048 +#define SSL_R_TLSV1_ALERT_USER_CANCLED 1090 +#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 230 +#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 231 +#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 232 +#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 233 +#define SSL_R_UNABLE_TO_DECODE_DH_CERTS 234 +#define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY 235 +#define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS 236 +#define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 237 +#define SSL_R_UNABLE_TO_FIND_SSL_METHOD 238 +#define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES 239 +#define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES 240 +#define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 241 +#define SSL_R_UNEXPECTED_MESSAGE 242 +#define SSL_R_UNEXPECTED_RECORD 243 +#define SSL_R_UNKNOWN_ALERT_TYPE 244 +#define SSL_R_UNKNOWN_CERTIFICATE_TYPE 245 +#define SSL_R_UNKNOWN_CIPHER_RETURNED 246 +#define SSL_R_UNKNOWN_CIPHER_TYPE 247 +#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 248 +#define SSL_R_UNKNOWN_PKEY_TYPE 249 +#define SSL_R_UNKNOWN_PROTOCOL 250 +#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 251 +#define SSL_R_UNKNOWN_SSL_VERSION 252 +#define SSL_R_UNKNOWN_STATE 253 +#define SSL_R_UNSUPPORTED_CIPHER 254 +#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 255 +#define SSL_R_UNSUPPORTED_PROTOCOL 256 +#define SSL_R_UNSUPPORTED_SSL_VERSION 257 +#define SSL_R_WRITE_BIO_NOT_SET 258 +#define SSL_R_WRONG_CIPHER_RETURNED 259 +#define SSL_R_WRONG_MESSAGE_TYPE 260 +#define SSL_R_WRONG_NUMBER_OF_KEY_BITS 261 +#define SSL_R_WRONG_SIGNATURE_LENGTH 262 +#define SSL_R_WRONG_SIGNATURE_SIZE 263 +#define SSL_R_WRONG_SSL_VERSION 264 +#define SSL_R_WRONG_VERSION_NUMBER 265 +#define SSL_R_X509_LIB 266 +#define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS 267 #ifdef __cplusplus } diff --git a/ssl/ssl3.h b/ssl/ssl3.h index 95772eef6..7c5c94d7c 100644 --- a/ssl/ssl3.h +++ b/ssl/ssl3.h @@ -208,7 +208,7 @@ typedef struct ssl3_record_st /*r */ unsigned int off; /* read/write offset into 'buf' */ /*rw*/ unsigned char *data; /* pointer to the record data */ /*rw*/ unsigned char *input; /* where the decode bytes are */ -/*rw*/ unsigned char *comp; /* only used with decompression */ +/*r */ unsigned char *comp; /* only used with decompression - malloc()ed */ } SSL3_RECORD; typedef struct ssl3_buffer_st @@ -220,10 +220,6 @@ typedef struct ssl3_buffer_st /*rw*/ unsigned char *buf; /* SSL3_RT_MAX_PACKET_SIZE bytes */ } SSL3_BUFFER; -typedef struct ssl3_compression_st { - int nothing; - } SSL3_COMPRESSION; - #define SSL3_CT_RSA_SIGN 1 #define SSL3_CT_DSS_SIGN 2 #define SSL3_CT_RSA_FIXED_DH 3 @@ -236,7 +232,7 @@ typedef struct ssl3_compression_st { #define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001 #define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002 #define SSL3_FLAGS_POP_BUFFER 0x0004 -#define TLS1_FLAGS_TLS_PADDING_BUG 0x0008 +#define TLS1_FLAGS_TLS_PADDING_BUG 0x0008 #if 0 #define AD_CLOSE_NOTIFY 0 @@ -344,7 +340,11 @@ typedef struct ssl3_ctx_st EVP_CIPHER *new_sym_enc; EVP_MD *new_hash; - SSL_COMPRESSION *new_compression; +#ifdef HEADER_COMP_H + COMP_METHOD *new_compression; +#else + char *new_compression; +#endif int cert_request; } tmp; } SSL3_CTX; diff --git a/ssl/ssl_algs.c b/ssl/ssl_algs.c index 65f3a5938..92ec322da 100644 --- a/ssl/ssl_algs.c +++ b/ssl/ssl_algs.c @@ -82,12 +82,12 @@ void SSLeay_add_ssl_algorithms() #endif #ifndef NO_MD5 EVP_add_digest(EVP_md5()); - EVP_add_alias(SN_md5,"ssl2-md5"); - EVP_add_alias(SN_md5,"ssl3-md5"); + EVP_add_digest_alias(SN_md5,"ssl2-md5"); + EVP_add_digest_alias(SN_md5,"ssl3-md5"); #endif #ifndef NO_SHA1 EVP_add_digest(EVP_sha1()); /* RSA with sha1 */ - EVP_add_alias(SN_sha1,"ssl3-sha1"); + EVP_add_digest_alias(SN_sha1,"ssl3-sha1"); #endif #if !defined(NO_SHA1) && !defined(NO_DSA) EVP_add_digest(EVP_dss1()); /* DSA with sha1 */ diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index c1cb86e1b..783c079e1 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -62,6 +62,18 @@ #include "pem.h" #include "ssl_locl.h" +int SSL_get_ex_data_X509_STORE_CTX_idx() + { + static int ssl_x509_store_ctx_idx= -1; + + if (ssl_x509_store_ctx_idx < 0) + { + ssl_x509_store_ctx_idx=X509_STORE_CTX_get_ex_new_index( + 0,"SSL for verifiy callback",NULL,NULL,NULL); + } + return(ssl_x509_store_ctx_idx); + } + CERT *ssl_cert_new() { CERT *ret; @@ -150,15 +162,24 @@ STACK *sk; x=(X509 *)sk_value(sk,0); X509_STORE_CTX_init(&ctx,s->ctx->cert_store,x,sk); - X509_STORE_CTX_set_app_data(&ctx,(char *)s); + X509_STORE_CTX_set_ex_data(&ctx,SSL_get_ex_data_X509_STORE_CTX_idx(), + (char *)s); if (s->ctx->app_verify_callback != NULL) i=s->ctx->app_verify_callback(&ctx); else + { +#ifndef NO_X509_VERIFY i=X509_verify_cert(&ctx); +#else + i=0; + ctx.error=X509_V_ERR_APPLICATION_VERIFICATION; + SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN,SSL_R_NO_VERIFY_CALLBACK); +#endif + } - X509_STORE_CTX_cleanup(&ctx); s->verify_result=ctx.error; + X509_STORE_CTX_cleanup(&ctx); return(i); } diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index 820994408..87e384f8f 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -145,6 +145,7 @@ static SSL_CIPHER cipher_aliases[]={ {0,SSL_TXT_EXPORT,0,SSL_EXPORT,0,SSL_EXP_MASK}, {0,SSL_TXT_SSLV2,0,SSL_SSLV2,0,SSL_SSL_MASK}, {0,SSL_TXT_SSLV3,0,SSL_SSLV3,0,SSL_SSL_MASK}, + {0,SSL_TXT_TLSV1,0,SSL_SSLV3,0,SSL_SSL_MASK}, {0,SSL_TXT_LOW, 0,SSL_LOW,0,SSL_STRONG_MASK}, {0,SSL_TXT_MEDIUM,0,SSL_MEDIUM,0,SSL_STRONG_MASK}, {0,SSL_TXT_HIGH, 0,SSL_HIGH,0,SSL_STRONG_MASK}, @@ -208,7 +209,6 @@ EVP_MD **md; case SSL_eNULL: i=SSL_ENC_NULL_IDX; break; - break; default: i= -1; break; diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index bcbb98591..847f0f3f8 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -167,6 +167,7 @@ static ERR_STRING_DATA SSL_str_functs[]= {ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY,0), "SSL_use_RSAPrivateKey"}, {ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1,0), "SSL_use_RSAPrivateKey_ASN1"}, {ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,0), "SSL_use_RSAPrivateKey_file"}, +{ERR_PACK(0,SSL_F_SSL_VERIFY_CERT_CHAIN,0), "SSL_VERIFY_CERT_CHAIN"}, {ERR_PACK(0,SSL_F_SSL_WRITE,0), "SSL_write"}, {ERR_PACK(0,SSL_F_TLS1_CHANGE_CIPHER_STATE,0), "TLS1_CHANGE_CIPHER_STATE"}, {ERR_PACK(0,SSL_F_TLS1_ENC,0), "TLS1_ENC"}, @@ -219,6 +220,7 @@ static ERR_STRING_DATA SSL_str_reasons[]= {SSL_R_CIPHER_TABLE_SRC_ERROR ,"cipher table src error"}, {SSL_R_COMPRESSED_LENGTH_TOO_LONG ,"compressed length too long"}, {SSL_R_COMPRESSION_FAILURE ,"compression failure"}, +{SSL_R_COMPRESSION_LIBRARY_ERROR ,"compression library error"}, {SSL_R_CONNECTION_ID_IS_DIFFERENT ,"connection id is different"}, {SSL_R_CONNECTION_TYPE_NOT_SET ,"connection type not set"}, {SSL_R_DATA_BETWEEN_CCS_AND_FINISHED ,"data between ccs and finished"}, @@ -269,6 +271,7 @@ static ERR_STRING_DATA SSL_str_reasons[]= {SSL_R_NO_PROTOCOLS_AVAILABLE ,"no protocols available"}, {SSL_R_NO_PUBLICKEY ,"no publickey"}, {SSL_R_NO_SHARED_CIPHER ,"no shared cipher"}, +{SSL_R_NO_VERIFY_CALLBACK ,"no verify callback"}, {SSL_R_NULL_SSL_CTX ,"null ssl ctx"}, {SSL_R_NULL_SSL_METHOD_PASSED ,"null ssl method passed"}, {SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED ,"old session cipher not returned"}, @@ -316,6 +319,18 @@ static ERR_STRING_DATA SSL_str_reasons[]= {SSL_R_SSL_HANDSHAKE_FAILURE ,"ssl handshake failure"}, {SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS ,"ssl library has no ciphers"}, {SSL_R_SSL_SESSION_ID_IS_DIFFERENT ,"ssl session id is different"}, +{SSL_R_TLSV1_ALERT_ACCESS_DENIED ,"tlsv1 alert access denied"}, +{SSL_R_TLSV1_ALERT_DECODE_ERROR ,"tlsv1 alert decode error"}, +{SSL_R_TLSV1_ALERT_DECRYPTION_FAILED ,"tlsv1 alert decryption failed"}, +{SSL_R_TLSV1_ALERT_DECRYPT_ERROR ,"tlsv1 alert decrypt error"}, +{SSL_R_TLSV1_ALERT_EXPORT_RESTRICION ,"tlsv1 alert export restricion"}, +{SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY ,"tlsv1 alert insufficient security"}, +{SSL_R_TLSV1_ALERT_INTERNAL_ERROR ,"tlsv1 alert internal error"}, +{SSL_R_TLSV1_ALERT_NO_RENEGOTIATION ,"tlsv1 alert no renegotiation"}, +{SSL_R_TLSV1_ALERT_PROTOCOL_VERSION ,"tlsv1 alert protocol version"}, +{SSL_R_TLSV1_ALERT_RECORD_OVERFLOW ,"tlsv1 alert record overflow"}, +{SSL_R_TLSV1_ALERT_UNKNOWN_CA ,"tlsv1 alert unknown ca"}, +{SSL_R_TLSV1_ALERT_USER_CANCLED ,"tlsv1 alert user cancled"}, {SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER,"tls client cert req with anon cipher"}, {SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST,"tls peer did not respond with certificate list"}, {SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG,"tls rsa encrypted value length is wrong"}, @@ -353,6 +368,7 @@ static ERR_STRING_DATA SSL_str_reasons[]= {SSL_R_WRONG_SSL_VERSION ,"wrong ssl version"}, {SSL_R_WRONG_VERSION_NUMBER ,"wrong version number"}, {SSL_R_X509_LIB ,"x509 lib"}, +{SSL_R_X509_VERIFICATION_SETUP_PROBLEMS ,"x509 verification setup problems"}, {0,NULL}, }; @@ -362,8 +378,8 @@ void ERR_load_SSL_strings() { static int init=1; - if (init); - {; + if (init) + { init=0; #ifndef NO_ERR ERR_load_strings(ERR_LIB_SSL,SSL_str_functs); diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index f562ec6b1..b16339848 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -61,7 +61,7 @@ #include "lhash.h" #include "ssl_locl.h" -char *SSL_version_str="SSLeay 0.9.0b 29-Jun-1998"; +char *SSL_version_str="SSLeay 0.9.1a 06-Jul-1998"; static STACK *ssl_meth=NULL; static STACK *ssl_ctx_meth=NULL; @@ -248,6 +248,11 @@ SSL *s; ssl_clear_cipher_ctx(s); + if (s->expand != NULL) + COMP_CTX_free(s->expand); + if (s->compress != NULL) + COMP_CTX_free(s->compress); + if (s->cert != NULL) ssl_cert_free(s->cert); /* Free up if allocated */ @@ -839,8 +844,11 @@ SSL_SESSION *a; { unsigned long l; - l= (a->session_id[0] )|(a->session_id[1]<< 8L)| - (a->session_id[2]<<16L)|(a->session_id[3]<<24L); + l=(unsigned long) + ((unsigned int) a->session_id[0] )| + ((unsigned int) a->session_id[1]<< 8L)| + ((unsigned long)a->session_id[2]<<16L)| + ((unsigned long)a->session_id[3]<<24L); return(l); } @@ -858,13 +866,19 @@ SSL_SESSION *b; SSL_CTX *SSL_CTX_new(meth) SSL_METHOD *meth; { - SSL_CTX *ret; + SSL_CTX *ret=NULL; if (meth == NULL) { SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_NULL_SSL_METHOD_PASSED); return(NULL); } + + if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) + { + SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_X509_VERIFICATION_SETUP_PROBLEMS); + goto err; + } ret=(SSL_CTX *)Malloc(sizeof(SSL_CTX)); if (ret == NULL) goto err; @@ -956,6 +970,8 @@ SSL_METHOD *meth; CRYPTO_new_ex_data(ssl_ctx_meth,(char *)ret,&ret->ex_data); + ret->extra_certs=NULL; + return(ret); err: SSLerr(SSL_F_SSL_CTX_NEW,ERR_R_MALLOC_FAILURE); @@ -1000,6 +1016,8 @@ SSL_CTX *a; ssl_cert_free(a->default_cert); if (a->client_CA != NULL) sk_pop_free(a->client_CA,X509_NAME_free); + if (a->extra_certs != NULL) + sk_pop_free(a->extra_certs,X509_free); Free((char *)a); } @@ -1341,7 +1359,9 @@ SSL *s; SSLerr(SSL_F_SSL_DO_HANDSHAKE,SSL_R_CONNECTION_TYPE_NOT_SET); return(-1); } - if (s->s3->renegotiate) ssl3_renegotiate_check(s); + + s->method->ssl_renegotiate_check(s); + if (SSL_in_init(s) || SSL_in_before(s)) { ret=s->handshake_func(s); @@ -1615,6 +1635,7 @@ SSL *ssl; return(ssl->ctx); } +#ifndef NO_STDIO int SSL_CTX_set_default_verify_paths(ctx) SSL_CTX *ctx; { @@ -1628,6 +1649,7 @@ char *CApath; { return(X509_STORE_load_locations(ctx->cert_store,CAfile,CApath)); } +#endif void SSL_set_info_callback(ssl,cb) SSL *ssl; @@ -1639,7 +1661,7 @@ void (*cb)(); void (*SSL_get_info_callback(ssl))() SSL *ssl; { - return(ssl->info_callback); + return((void (*)())ssl->info_callback); } int SSL_state(ssl) @@ -1715,6 +1737,12 @@ int idx; return(CRYPTO_get_ex_data(&s->ex_data,idx)); } +int ssl_ok(s) +SSL *s; + { + return(1); + } + #if defined(_WINDLL) && defined(WIN16) #include "../crypto/bio/bss_file.c" #endif diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index b29517081..71d4c08c0 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -66,6 +66,7 @@ #include "e_os.h" #include "buffer.h" +#include "comp.h" #include "bio.h" #include "crypto.h" #include "evp.h" @@ -74,6 +75,7 @@ #include "err.h" #include "ssl.h" +#define PKCS1_CHECK #define c2l(c,l) (l = ((unsigned long)(*((c)++))) , \ l|=(((unsigned long)(*((c)++)))<< 8), \ @@ -126,18 +128,18 @@ } \ } -#define n2s(c,s) (s =((unsigned int)(*((c)++)))<< 8, \ - s|=((unsigned int)(*((c)++)))) -#define s2n(s,c) (*((c)++)=(unsigned char)(((s)>> 8)&0xff), \ - *((c)++)=(unsigned char)(((s) )&0xff)) +#define n2s(c,s) ((s=(((unsigned int)(c[0]))<< 8)| \ + (((unsigned int)(c[1])) )),c+=2) +#define s2n(s,c) ((c[0]=(unsigned char)(((s)>> 8)&0xff), \ + c[1]=(unsigned char)(((s) )&0xff)),c+=2) -#define n2l3(c,l) (l =((unsigned long)(*((c)++)))<<16, \ - l|=((unsigned long)(*((c)++)))<< 8, \ - l|=((unsigned long)(*((c)++)))) +#define n2l3(c,l) ((l =(((unsigned long)(c[0]))<<16)| \ + (((unsigned long)(c[1]))<< 8)| \ + (((unsigned long)(c[2])) )),c+=3) -#define l2n3(l,c) (*((c)++)=(unsigned char)(((l)>>16)&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ - *((c)++)=(unsigned char)(((l) )&0xff)) +#define l2n3(l,c) ((c[0]=(unsigned char)(((l)>>16)&0xff), \ + c[1]=(unsigned char)(((l)>> 8)&0xff), \ + c[2]=(unsigned char)(((l) )&0xff)),c+=3) /* LOCAL STUFF */ @@ -313,6 +315,14 @@ typedef struct ssl3_enc_method int (*alert_value)(); } SSL3_ENC_METHOD; +/* Used for holding the relevent compression methods loaded into SSL_CTX */ +typedef struct ssl3_comp_st + { + int comp_id; /* The identifer byte for this compression type */ + char *name; /* Text name used for the compression type */ + COMP_METHOD *method; /* The method :-) */ + } SSL3_COMP; + extern SSL3_ENC_METHOD ssl3_undef_enc_method; extern SSL_CIPHER ssl2_ciphers[]; extern SSL_CIPHER ssl3_ciphers[]; @@ -431,7 +441,6 @@ void tls1_clear(SSL *s); long tls1_ctrl(SSL *s,int cmd, long larg, char *parg); SSL_METHOD *tlsv1_base_method(void ); - int ssl_init_wbio_buffer(SSL *s, int push); int tls1_change_cipher_state(SSL *s, int which); @@ -445,6 +454,7 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, int len); int tls1_alert_code(int code); int ssl3_alert_code(int code); +int ssl_ok(SSL *s); #else @@ -556,3 +566,19 @@ int ssl_init_wbio_buffer(); #endif #endif +int ssl3_cert_verify_mac(); +int ssl3_alert_code(); +int tls1_new(); +void tls1_free(); +void tls1_clear(); +long tls1_ctrl(); +SSL_METHOD *tlsv1_base_method(); +int tls1_change_cipher_state(); +int tls1_setup_key_block(); +int tls1_enc(); +int tls1_final_finish_mac(); +int tls1_cert_verify_mac(); +int tls1_mac(); +int tls1_generate_master_secret(); +int tls1_alert_code(); +int ssl_ok(); diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c index 140475e5f..a8a62f1b0 100644 --- a/ssl/ssl_rsa.c +++ b/ssl/ssl_rsa.c @@ -229,6 +229,10 @@ EVP_PKEY *pkey; if (c->pkeys[i].x509 != NULL) { + EVP_PKEY_copy_parameters( + X509_get_pubkey(c->pkeys[i].x509),pkey); + ERR_clear_error(); + #ifndef NO_RSA /* Don't check the public/private key, this is mostly * for smart cards. */ @@ -504,6 +508,19 @@ X509 *x; if (c->pkeys[i].privatekey != NULL) { + EVP_PKEY_copy_parameters(pkey,c->pkeys[i].privatekey); + ERR_clear_error(); + +#ifndef NO_RSA + /* Don't check the public/private key, this is mostly + * for smart cards. */ + if ((c->pkeys[i].privatekey->type == EVP_PKEY_RSA) && + (RSA_flags(c->pkeys[i].privatekey->pkey.rsa) & + RSA_METHOD_FLAG_NO_CHECK)) + ok=1; + else +#endif + { if (!X509_check_private_key(x,c->pkeys[i].privatekey)) { if ((i == SSL_PKEY_DH_RSA) || (i == SSL_PKEY_DH_DSA)) @@ -527,6 +544,7 @@ X509 *x; } else ok=1; + } /* NO_RSA */ } else ok=1; diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 8212600e4..d4978a7d5 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -69,7 +69,7 @@ static void SSL_SESSION_list_remove(); static void SSL_SESSION_list_add(); #endif -static ssl_session_num=0; +static int ssl_session_num=0; static STACK *ssl_session_meth=NULL; SSL_SESSION *SSL_get_session(ssl) diff --git a/ssl/ssltest.c b/ssl/ssltest.c index f9dca4e3e..ff686913d 100644 --- a/ssl/ssltest.c +++ b/ssl/ssltest.c @@ -361,6 +361,7 @@ end: if (bio_stdout != NULL) BIO_free(bio_stdout); + ERR_free_strings(); ERR_remove_state(0); EVP_cleanup(); CRYPTO_mem_leaks(bio_err); diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index fbdd3bffb..893c0bc73 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -155,7 +155,7 @@ int num; memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE); p+=SSL3_RANDOM_SIZE; - tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,p-buf, + tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(p-buf), s->session->master_key,s->session->master_key_length, km,tmp,num); } @@ -175,7 +175,7 @@ int which; int client_write; EVP_CIPHER_CTX *dd; EVP_CIPHER *c; - SSL_COMPRESSION *comp; + COMP_METHOD *comp; EVP_MD *m; int exp,n,i,j,k,exp_label_len; @@ -193,7 +193,24 @@ int which; goto err; dd= s->enc_read_ctx; s->read_hash=m; - s->read_compression=comp; + if (s->expand != NULL) + { + COMP_CTX_free(s->expand); + s->expand=NULL; + } + if (comp != NULL) + { + s->expand=COMP_CTX_new(comp); + if (s->expand == NULL) + { + SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,SSL_R_COMPRESSION_LIBRARY_ERROR); + goto err2; + } + s->s3->rrec.comp=(unsigned char *) + Malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH); + if (s->s3->rrec.comp == NULL) + goto err; + } memset(&(s->s3->read_sequence[0]),0,8); mac_secret= &(s->s3->read_mac_secret[0]); } @@ -205,7 +222,20 @@ int which; goto err; dd= s->enc_write_ctx; s->write_hash=m; - s->write_compression=comp; + if (s->compress != NULL) + { + COMP_CTX_free(s->compress); + s->compress=NULL; + } + if (comp != NULL) + { + s->compress=COMP_CTX_new(comp); + if (s->compress == NULL) + { + SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,SSL_R_COMPRESSION_LIBRARY_ERROR); + goto err2; + } + } memset(&(s->s3->write_sequence[0]),0,8); mac_secret= &(s->s3->write_mac_secret[0]); } @@ -262,7 +292,7 @@ printf("which = %04X\nmac key=",which); p+=SSL3_RANDOM_SIZE; memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE); p+=SSL3_RANDOM_SIZE; - tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,p-buf,key,j, + tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(p-buf),key,j, tmp1,tmp2,EVP_CIPHER_key_length(c)); key=tmp1; @@ -277,7 +307,7 @@ printf("which = %04X\nmac key=",which); memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE); p+=SSL3_RANDOM_SIZE; tls1_PRF(s->ctx->md5,s->ctx->sha1, - buf,p-buf,"",0,iv1,iv2,k*2); + buf,(int)(p-buf),"",0,iv1,iv2,k*2); if (client_write) iv=iv1; else @@ -374,7 +404,6 @@ int send; unsigned long l; int bs,i,ii,j,k,n=0; EVP_CIPHER *enc; - SSL_COMPRESSION *comp; if (send) { @@ -383,12 +412,9 @@ int send; ds=s->enc_write_ctx; rec= &(s->s3->wrec); if (s->enc_write_ctx == NULL) - { enc=NULL; comp=NULL; } + enc=NULL; else - { enc=EVP_CIPHER_CTX_cipher(s->enc_write_ctx); - comp=s->write_compression; - } } else { @@ -397,16 +423,13 @@ int send; ds=s->enc_read_ctx; rec= &(s->s3->rrec); if (s->enc_read_ctx == NULL) - { enc=NULL; comp=NULL; } + enc=NULL; else - { enc=EVP_CIPHER_CTX_cipher(s->enc_read_ctx); - comp=s->read_compression; - } } if ((s->session == NULL) || (ds == NULL) || - ((enc == NULL) && (comp == NULL))) + (enc == NULL)) { memcpy(rec->data,rec->input,rec->length); rec->input=rec->data; @@ -507,7 +530,7 @@ unsigned char *out; EVP_DigestFinal(&ctx,q,&i); q+=i; - tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,q-buf, + tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(q-buf), s->session->master_key,s->session->master_key_length, out,buf2,12); memset(&ctx,0,sizeof(EVP_MD_CTX)); @@ -560,20 +583,20 @@ int send; #ifdef TLS_DEBUG printf("sec="); -{int z; for (z=0; z<md_size; z++) printf("%02X ",mac_sec[z]); printf("\n"); } +{unsigned int z; for (z=0; z<md_size; z++) printf("%02X ",mac_sec[z]); printf("\n"); } printf("seq="); {int z; for (z=0; z<8; z++) printf("%02X ",seq[z]); printf("\n"); } printf("buf="); {int z; for (z=0; z<5; z++) printf("%02X ",buf[z]); printf("\n"); } printf("rec="); -{int z; for (z=0; z<rec->length; z++) printf("%02X ",buf[z]); printf("\n"); } +{unsigned int z; for (z=0; z<rec->length; z++) printf("%02X ",buf[z]); printf("\n"); } #endif for (i=7; i>=0; i--) if (++seq[i]) break; #ifdef TLS_DEBUG -{int z; for (z=0; z<md_size; z++) printf("%02X ",md[z]); printf("\n"); } +{unsigned int z; for (z=0; z<md_size; z++) printf("%02X ",md[z]); printf("\n"); } #endif return(md_size); } diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index f9fbfa414..2a319cd09 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -60,7 +60,7 @@ #include "objects.h" #include "ssl_locl.h" -char *tls1_version_str="TLSv1 part of SSLeay 0.9.0b 29-Jun-1998"; +char *tls1_version_str="TLSv1 part of SSLeay 0.9.1a 06-Jul-1998"; #ifndef NO_PROTO static long tls1_default_timeout(void); @@ -94,6 +94,7 @@ static SSL_METHOD TLSv1_data= { ssl3_write, ssl3_shutdown, ssl3_renegotiate, + ssl3_renegotiate_check, ssl3_ctrl, ssl3_ctx_ctrl, ssl3_get_cipher_by_char, diff --git a/test/Makefile.ssl b/test/Makefile.ssl index b3de76751..e57acd76b 100644 --- a/test/Makefile.ssl +++ b/test/Makefile.ssl @@ -102,7 +102,7 @@ apps: @(cd ../apps; $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' all) test_des: - #./$(DESTEST) + ./$(DESTEST) test_idea: ./$(IDEATEST) diff --git a/test/certCA.srl b/test/certCA.srl index 2bbd69c2e..3ad5abd03 100644 --- a/test/certCA.srl +++ b/test/certCA.srl @@ -1 +1 @@ -70 +99 diff --git a/test/testkey.pem b/test/testkey.pem index 562e77cb9..33b8f08ae 100644 --- a/test/testkey.pem +++ b/test/testkey.pem @@ -1,9 +1,9 @@ -----BEGIN RSA PRIVATE KEY----- -MIIBOgIBAAJBAMIvB0MXsW7gNKJp7/7fTjmd/vdXk51GcgIxergzS13i6nCAL+97 -vD7erU7M5s6kWCm4/U8Q6wcY7jwauiUO7iUCAwEAAQJBAIsOypCNYw8XmBnG64sF -tysjrfbKzHcQf4x6intmoE42dSc1SkyJXvQiNcXaiS5bGBGrfRkabE8j4X9mmMd6 -S/ECIQD0YIYwjPYLDDJGa2kog42JSiEu15dAOcAJTsnhiHvKbwIhAMtrXLguHYKb -ScrW/q8Uq+eRcMHwgbuBvnqmzAMln6qrAiAEctFehuJftxwfLgtfAm4MJr5N5PzK -3YJCaR3BrkNanwIgNcJh9qr5UZMIpXq8RDkKVWCylA6jupJHbNK4B/zhfZECIB+9 -Is3OLPuWFJmk9eQcUaNQZJ5WwEBsaGQ12JeW7Kpe +MIIBOwIBAAJBANRkqBhIy4l2LDZohAgbgsO+b0dtSfInKPpaA+SnD3x1UpOPSOjc +Xqf97dqdjO9Kk6I+RO6/DbT3KyXMmzjRJ/sCAwEAAQJBAMfjC0f/in6OFsIFzuyK +Z6Cs4rGIK2WYcTpb6PoSN8LaN0khhkn8PAua72FnTiRwLEyoBqwl+g/jNy8Dio8K +47ECIQD8401+qBwqoIpSPX7lHwa0kO9wqFG6MVMF0jdhIWOgHQIhANcBx4yghPDl +7WgtodDlqgwn+iKUUpZW2d3YF3MCoJz3AiAUZqXuzNMQ4UinX8yn4TviPzsBxKJr +OeVvt8i97jqiRQIhANZRaMdN7pZuq0KwUd94PxQU+WpkrRo9Arj3QRCcqtsrAiAf +ppDnmxlAEwjl8GOerlaKXUICnF7v3SjELP9tH9cQtA== -----END RSA PRIVATE KEY----- diff --git a/test/testreq.pem b/test/testreq.pem index b20137b6e..d2a9421f4 100644 --- a/test/testreq.pem +++ b/test/testreq.pem @@ -2,8 +2,8 @@ MIIBQjCB7QIBADCBhzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx ETAPBgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdFNvZnQgUHR5IEx0ZDET MBEGA1UEAxMKRXJpYyBZb3VuZzEfMB0GCSqGSIb3DQEJARYQZWF5QG1pbmNvbS5v -ei5hdTBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDCLwdDF7Fu4DSiae/+3045nf73 -V5OdRnICMXq4M0td4upwgC/ve7w+3q1OzObOpFgpuP1PEOsHGO48GrolDu4lAgMB -AAGgADANBgkqhkiG9w0BAQQFAANBAItCGg8qCPSoASvm3QUx/6PpreQclDO0bM2l -eacLlzSHBUvaSqapR/pHfHG2r9l6PuEr/rrYHo+ZrAraSyPhEBc= +ei5hdTBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDUZKgYSMuJdiw2aIQIG4LDvm9H +bUnyJyj6WgPkpw98dVKTj0jo3F6n/e3anYzvSpOiPkTuvw209yslzJs40Sf7AgMB +AAGgADANBgkqhkiG9w0BAQQFAANBAES6okHo15lRtghclOyzSQ7pTUva8h5nxiKu +62HR6t9kAIU1apoOdM/Rn1e6dF3+aZjpxY0uIdNg+q2VSyeBdsM= -----END CERTIFICATE REQUEST----- diff --git a/tools/c_rehash b/tools/c_rehash index cd4e26a49..99ab7ebaa 100644 --- a/tools/c_rehash +++ b/tools/c_rehash @@ -4,7 +4,7 @@ # on the command line. # -if [ "$SSLEAY"x = "x" -o ! -x $SSLEAY ]; then +if [ "$SSLEAY"x = "x" -o ! -x "$SSLEAY" ]; then SSLEAY='ssleay' export SSLEAY fi diff --git a/util/ck_errf.pl b/util/ck_errf.pl index 3af91744c..7a24d6c5a 100755 --- a/util/ck_errf.pl +++ b/util/ck_errf.pl @@ -40,5 +40,6 @@ foreach $file (@ARGV) # print "$func:$1\n"; } } + close(IN); } diff --git a/util/libeay.num b/util/libeay.num index fcaf25428..2d5e55ad4 100755 --- a/util/libeay.num +++ b/util/libeay.num @@ -580,7 +580,7 @@ X509_NAME_oneline 585 X509_NAME_print 586 X509_NAME_set 587 X509_OBJECT_free_contents 588 -X509_OBJECT_retrive_by_subject 589 +X509_OBJECT_retrieve_by_subject 589 X509_OBJECT_up_ref_count 590 X509_PKEY_free 591 X509_PKEY_new 592 @@ -695,12 +695,12 @@ a2i_ASN1_INTEGER 700 a2i_ASN1_STRING 701 asn1_Finish 702 asn1_GetSequence 703 -bn_div64 704 +bn_div_words 704 bn_expand2 705 bn_mul_add_words 706 bn_mul_words 707 -bn_qadd 708 -bn_qsub 709 +BN_uadd 708 +BN_usub 709 bn_sqr_words 710 crypt 711 d2i_ASN1_BIT_STRING 712 @@ -1063,3 +1063,64 @@ EVP_rc5_32_12_16_cfb 1088 EVP_rc5_32_12_16_ecb 1089 EVP_rc5_32_12_16_ofb 1090 asn1_add_error 1091 +d2i_ASN1_BMPSTRING 1092 +i2d_ASN1_BMPSTRING 1093 +BIO_f_ber 1094 +BN_init 1095 +COMP_CTX_new 1096 +COMP_CTX_free 1097 +COMP_CTX_compress_block 1098 +COMP_CTX_expand_block 1099 +X509_STORE_CTX_get_ex_new_index 1100 +OBJ_NAME_add 1101 +BIO_socket_nbio 1102 +EVP_rc2_64_cbc 1103 +OBJ_NAME_cleanup 1104 +OBJ_NAME_get 1105 +OBJ_NAME_init 1106 +OBJ_NAME_new_index 1107 +OBJ_NAME_remove 1108 +BN_MONT_CTX_copy 1109 +BIO_new_socks4a_connect 1110 +BIO_s_socks4a_connect 1111 +PROXY_set_connect_mode 1112 +RAND_SSLeay 1113 +RAND_set_rand_method 1114 +RSA_memory_lock 1115 +bn_sub_words 1116 +bn_mul_normal 1117 +bn_mul_comba8 1118 +bn_mul_comba4 1119 +bn_sqr_normal 1120 +bn_sqr_comba8 1121 +bn_sqr_comba4 1122 +bn_cmp_words 1123 +bn_mul_recursive 1124 +bn_mul_part_recursive 1125 +bn_sqr_recursive 1126 +bn_mul_low_normal 1127 +BN_RECP_CTX_init 1128 +BN_RECP_CTX_new 1129 +BN_RECP_CTX_free 1130 +BN_RECP_CTX_set 1131 +BN_mod_mul_reciprocal 1132 +BN_mod_exp_recp 1133 +BN_div_recp 1134 +BN_CTX_init 1135 +BN_MONT_CTX_init 1136 +RAND_get_rand_method 1137 +PKCS7_add_attribute 1138 +PKCS7_add_signed_attribute 1139 +PKCS7_digest_from_attributes 1140 +PKCS7_get_attribute 1141 +PKCS7_get_issuer_and_serial 1142 +PKCS7_get_signed_attribute 1143 +COMP_compress_block 1144 +COMP_expand_block 1145 +COMP_rle 1146 +COMP_zlib 1147 +ms_time_diff 1148 +ms_time_new 1149 +ms_time_free 1150 +ms_time_cmp 1151 +ms_time_get 1152 diff --git a/util/mk1mf.pl b/util/mk1mf.pl index 6f0881a29..8992d1683 100755 --- a/util/mk1mf.pl +++ b/util/mk1mf.pl @@ -21,11 +21,12 @@ $infile="MINFO"; "BC-W31", "Borland C++ 4.5 - Windows 3.1 - PROBABLY NOT WORKING", "BC-MSDOS","Borland C++ 4.5 - MSDOS", "linux-elf","Linux elf", + "ultrix-mips","DEC mips ultrix", "FreeBSD","FreeBSD distribution", "default","cc under unix", ); -$type=""; +$platform=""; foreach (@ARGV) { if (/^no-rc2$/) { $no_rc2=1; } @@ -53,7 +54,7 @@ foreach (@ARGV) elsif (/^just-ssl$/) { $no_rc2=$no_idea=$no_des=$no_bf=$no_cast=1; $no_md2=$no_sha=$no_mdc2=$no_dsa=$no_dh=1; - $no_ssl2=$no_err=1; } + $no_ssl2=$no_err=$no_rmd160=$no_rc5=1; } elsif (/^rsaref$/) { $rsaref=1; } elsif (/^gcc$/) { $gcc=1; } @@ -98,7 +99,7 @@ TMP=tmpdir OUT=outdir SRC=srcdir BIN=binpath INC=header-outdir CC=C-compiler EOF exit(1); } - $type=$_; + $platform=$_; } } @@ -126,61 +127,67 @@ $bin_dir=(defined($VARS{'BIN'}))?$VARS{'BIN'}:''; # $bin_dir.=$o causes a core dump on my sparc :-( push(@INC,"util/pl","pl"); -if ($type eq "VC-MSDOS") +if ($platform eq "VC-MSDOS") { $asmbits=16; $msdos=1; require 'VC-16.pl'; } -elsif ($type eq "VC-W31-16") +elsif ($platform eq "VC-W31-16") { $asmbits=16; $msdos=1; $win16=1; require 'VC-16.pl'; } -elsif (($type eq "VC-W31-32") || ($type eq "VC-WIN16")) +elsif (($platform eq "VC-W31-32") || ($platform eq "VC-WIN16")) { $asmbits=32; $msdos=1; $win16=1; require 'VC-16.pl'; } -elsif (($type eq "VC-WIN32") || ($type eq "VC-NT")) +elsif (($platform eq "VC-WIN32") || ($platform eq "VC-NT")) { require 'VC-32.pl'; } -elsif ($type eq "BC-NT") +elsif ($platform eq "BC-NT") { $bc=1; require 'BC-32.pl'; } -elsif ($type eq "BC-W31") +elsif ($platform eq "BC-W31") { $bc=1; $msdos=1; $w16=1; require 'BC-16.pl'; } -elsif ($type eq "BC-Q16") +elsif ($platform eq "BC-Q16") { $msdos=1; $w16=1; $shlib=0; $qw=1; require 'BC-16.pl'; } -elsif ($type eq "BC-MSDOS") +elsif ($platform eq "BC-MSDOS") { $asmbits=16; $msdos=1; require 'BC-16.pl'; } -elsif ($type eq "FreeBSD") +elsif ($platform eq "FreeBSD") { require 'unix.pl'; $cflags='-DTERMIO -D_ANSI_SOURCE -O2 -fomit-frame-pointer'; } -elsif ($type eq "linux-elf") +elsif ($platform eq "linux-elf") { require "unix.pl"; require "linux.pl"; $unix=1; } +elsif ($platform eq "ultrix-mips") + { + require "unix.pl"; + require "ultrix.pl"; + $unix=1; + } else { require "unix.pl"; @@ -230,7 +237,7 @@ if ($ranlib ne "") if ($msdos) { - $banner ="\t\@echo Make sure you have run 'perl Configure $type' in the\n"; + $banner ="\t\@echo Make sure you have run 'perl Configure $platform' in the\n"; $banner.="\t\@echo top level directory, if you don't have perl, you will\n"; $banner.="\t\@echo need to probably edit crypto/bn/bn.h, check the\n"; $banner.="\t\@echo documentation for details.\n"; @@ -258,6 +265,7 @@ $defs= <<"EOF"; INSTALLTOP=$INSTALLTOP # Set your compiler options +PLATFORM=$platform CC=$bin_dir${cc} CFLAG=$cflags APP_CFLAG=$app_cflag @@ -275,12 +283,10 @@ SRC_D=$src_dir LINK=$link LFLAGS=$lflags -BN_MULW_OBJ=$bn_mulw_obj -BN_MULW_SRC=$bn_mulw_src +BN_ASM_OBJ=$bn_asm_obj +BN_ASM_SRC=$bn_asm_src DES_ENC_OBJ=$des_enc_obj DES_ENC_SRC=$des_enc_src -DES_CRYPT_OBJ=$des_crypt_obj -DES_CRYPT_SRC=$des_crypt_src BF_ENC_OBJ=$bf_enc_obj BF_ENC_SRC=$bf_enc_src CAST_ENC_OBJ=$cast_enc_obj @@ -496,10 +502,10 @@ foreach (values %lib_nam) next; } - if (($bn_mulw_obj ne "") && ($_ eq "CRYPTO")) + if (($bn_asm_obj ne "") && ($_ eq "CRYPTO")) { - $lib_obj =~ s/\s\S*\/bn_mulw\S*/ \$(BN_MULW_OBJ)/; - $rules.=&do_asm_rule($bn_mulw_obj,$bn_mulw_src); + $lib_obj =~ s/\s\S*\/bn_asm\S*/ \$(BN_ASM_OBJ)/; + $rules.=&do_asm_rule($bn_asm_obj,$bn_asm_src); } if (($des_enc_obj ne "") && ($_ eq "CRYPTO")) { @@ -615,6 +621,7 @@ sub var_add @a=grep(!/(^md2)|(_md2$)/,@a) if $no_md2; @a=grep(!/(^md5)|(_md5$)/,@a) if $no_md5; + @a=grep(!/(rmd)|(ripemd)/,@a) if $no_rmd160; @a=grep(!/(^d2i_r_)|(^i2d_r_)/,@a) if $no_rsa; @a=grep(!/(^p_open$)|(^p_seal$)/,@a) if $no_rsa; @@ -677,7 +684,7 @@ sub do_defs if (($_ =~ /bss_file/) && ($postfix eq ".h")) { $pf=".c"; } else { $pf=$postfix; } - if ($_ =~ /BN_MULW/) { $t="$_ "; } + if ($_ =~ /BN_ASM/) { $t="$_ "; } elsif ($_ =~ /DES_ENC/) { $t="$_ "; } elsif ($_ =~ /BF_ENC/) { $t="$_ "; } elsif ($_ =~ /CAST_ENC/){ $t="$_ "; } @@ -704,23 +711,6 @@ sub bname return($ret); } -# do a rule for each file that says 'copy' to new direcory on change -sub do_copy_rule - { - local($to,$files,$p)=@_; - local($ret,$_,$n,$pp); - - $files =~ s/\//$o/g if $o ne '/'; - foreach (split(/\s+/,$files)) - { - $n=&bname($_); - if ($n =~ /bss_file/) - { $pp=".c"; } - else { $pp=$p; } - $ret.="$to${o}$n$pp: \$(SRC_D)$o$_$pp\n\t\$(CP) \$(SRC_D)$o$_$pp $to${o}$n$pp\n\n"; - } - return($ret); - } ############################################################## # do a rule for each file that says 'compile' to new direcory @@ -747,7 +737,7 @@ sub cc_compile_target local($ret); # EAY EAY - $ex_flags.=' -DCFLAGS="\"$(CC) $(CFLAG)\""' if ($source =~ /cversion/); + $ex_flags.=' -DCFLAGS="\"$(CC) $(CFLAG)\"" -DPLATFORM="\"$(PLATFORM)\""' if ($source =~ /cversion/); $target =~ s/\//$o/g if $o ne "/"; $source =~ s/\//$o/g if $o ne "/"; $ret ="$target: \$(SRC_D)$o$source\n\t"; @@ -791,3 +781,20 @@ sub do_shlib_rule return($ret); } +# do a rule for each file that says 'copy' to new direcory on change +sub do_copy_rule + { + local($to,$files,$p)=@_; + local($ret,$_,$n,$pp); + + $files =~ s/\//$o/g if $o ne '/'; + foreach (split(/\s+/,$files)) + { + $n=&bname($_); + if ($n =~ /bss_file/) + { $pp=".c"; } + else { $pp=$p; } + $ret.="$to${o}$n$pp: \$(SRC_D)$o$_$pp\n\t\$(CP) \$(SRC_D)$o$_$pp $to${o}$n$pp\n\n"; + } + return($ret); + } diff --git a/util/mkdef.pl b/util/mkdef.pl index b8e99f012..0d66a9099 100755 --- a/util/mkdef.pl +++ b/util/mkdef.pl @@ -67,6 +67,8 @@ $crypto.=" crypto/x509/x509.h"; $crypto.=" crypto/x509/x509_vfy.h"; $crypto.=" crypto/rand/rand.h"; $crypto.=" crypto/hmac/hmac.h"; +$crypto.=" crypto/comp/comp.h"; +$crypto.=" crypto/tmdiff.h"; $match{'NOPROTO'}=1; $match2{'PERL5'}=1; diff --git a/util/pl/BC-16.pl b/util/pl/BC-16.pl index 99128809c..6c6df4fe0 100644 --- a/util/pl/BC-16.pl +++ b/util/pl/BC-16.pl @@ -66,18 +66,18 @@ $asm='bcc -c -B -Tml'; $afile='/o'; if ($no_asm) { - $bn_mulw_obj=''; - $bn_mulw_src=''; + $bn_asm_obj=''; + $bn_asm_src=''; } elsif ($asmbits == 32) { - $bn_mulw_obj='crypto\bn\asm\x86w32.obj'; - $bn_mulw_src='crypto\bn\asm\x86w32.asm'; + $bn_asm_obj='crypto\bn\asm\x86w32.obj'; + $bn_asm_src='crypto\bn\asm\x86w32.asm'; } else { - $bn_mulw_obj='crypto\bn\asm\x86w16.obj'; - $bn_mulw_src='crypto\bn\asm\x86w16.asm'; + $bn_asm_obj='crypto\bn\asm\x86w16.obj'; + $bn_asm_src='crypto\bn\asm\x86w16.asm'; } sub do_lib_rule diff --git a/util/pl/BC-32.pl b/util/pl/BC-32.pl index 988512175..d1dcadd94 100644 --- a/util/pl/BC-32.pl +++ b/util/pl/BC-32.pl @@ -55,13 +55,13 @@ $asm='ml /Cp /c /Cx'; $afile='/Fo'; if ($noasm) { - $bn_mulw_obj=''; - $bn_mulw_src=''; + $bn_asm_obj=''; + $bn_asm_src=''; } else { - $bn_mulw_obj='crypto\bn\asm\x86b32.obj'; - $bn_mulw_src='crypto\bn\asm\x86m32.asm'; + $bn_asm_obj='crypto\bn\asm\x86b32.obj'; + $bn_asm_src='crypto\bn\asm\x86m32.asm'; } sub do_lib_rule diff --git a/util/pl/VC-16.pl b/util/pl/VC-16.pl index 8119f50c2..a5079d4ca 100644 --- a/util/pl/VC-16.pl +++ b/util/pl/VC-16.pl @@ -84,8 +84,8 @@ $lfile=''; $asm='ml /Cp /c /Cx'; $afile='/Fo'; -$bn_mulw_obj=''; -$bn_mulw_src=''; +$bn_asm_obj=''; +$bn_asm_src=''; $des_enc_obj=''; $des_enc_src=''; $bf_enc_obj=''; @@ -95,13 +95,13 @@ if (!$no_asm) { if ($asmbits == 32) { - $bn_mulw_obj='crypto\bn\asm\x86w32.obj'; - $bn_mulw_src='crypto\bn\asm\x86w32.asm'; + $bn_asm_obj='crypto\bn\asm\x86w32.obj'; + $bn_asm_src='crypto\bn\asm\x86w32.asm'; } else { - $bn_mulw_obj='crypto\bn\asm\x86w16.obj'; - $bn_mulw_src='crypto\bn\asm\x86w16.asm'; + $bn_asm_obj='crypto\bn\asm\x86w16.obj'; + $bn_asm_src='crypto\bn\asm\x86w16.asm'; } } diff --git a/util/pl/VC-32.pl b/util/pl/VC-32.pl index 4e369f6f1..9167abfce 100644 --- a/util/pl/VC-32.pl +++ b/util/pl/VC-32.pl @@ -7,7 +7,7 @@ $crypto="libeay32"; $RSAref="RSAref32"; $o='\\'; -$cp='copy'; +$cp='"copy /b nul+ "'; # Timestamps get stuffed otherwise $rm='del'; # C compiler stuff @@ -22,7 +22,7 @@ $inc_def="inc32"; if ($debug) { - $cflags=" /MDd /W3 /WX /Zi /Yd /Od /nologo -DWINDOWS -DWIN32 -D_DEBUG -DL_ENDIAN"; + $cflags=" /MDd /W3 /WX /Zi /Yd /Od /nologo -DWINDOWS -DWIN32 -D_DEBUG -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -DDEBUG"; $lflags.=" /debug"; $mlflags.=' /debug'; } @@ -53,8 +53,8 @@ $asm='ml /Cp /coff /c /Cx'; $asm.=" /Zi" if $debug; $afile='/Fo'; -$bn_mulw_obj=''; -$bn_mulw_src=''; +$bn_asm_obj=''; +$bn_asm_src=''; $des_enc_obj=''; $des_enc_src=''; $bf_enc_obj=''; @@ -62,8 +62,8 @@ $bf_enc_src=''; if (!$no_asm) { - $bn_mulw_obj='crypto\bn\asm\bn-win32.obj'; - $bn_mulw_src='crypto\bn\asm\bn-win32.asm'; + $bn_asm_obj='crypto\bn\asm\bn-win32.obj'; + $bn_asm_src='crypto\bn\asm\bn-win32.asm'; $des_enc_obj='crypto\des\asm\d-win32.obj crypto\des\asm\y-win32.obj'; $des_enc_src='crypto\des\asm\d-win32.asm crypto\des\asm\y-win32.asm'; $bf_enc_obj='crypto\bf\asm\b-win32.obj'; @@ -92,6 +92,8 @@ if ($shlib) $tmp_def="tmp32dll"; } +$cflags.=" /Fd$out_def"; + sub do_lib_rule { local($objs,$target,$name,$shlib)=@_; diff --git a/util/pl/linux.pl b/util/pl/linux.pl index d87a6634d..a8cfdc578 100644 --- a/util/pl/linux.pl +++ b/util/pl/linux.pl @@ -17,8 +17,8 @@ else if (!$no_asm) { - $bn_mulw_obj='$(OBJ_D)/bn86-elf.o'; - $bn_mulw_src='crypto/bn/asm/bn86unix.cpp'; + $bn_asm_obj='$(OBJ_D)/bn86-elf.o'; + $bn_asm_src='crypto/bn/asm/bn86unix.cpp'; $des_enc_obj='$(OBJ_D)/dx86-elf.o $(OBJ_D)/yx86-elf.o'; $des_enc_src='crypto/des/asm/dx86unix.cpp crypto/des/asm/yx86unix.cpp'; $bf_enc_obj='$(OBJ_D)/bx86-elf.o'; @@ -27,8 +27,12 @@ if (!$no_asm) $cast_enc_src='crypto/cast/asm/cx86unix.cpp'; $rc4_enc_obj='$(OBJ_D)/rx86-elf.o'; $rc4_enc_src='crypto/rc4/asm/rx86unix.cpp'; + $rc5_enc_obj='$(OBJ_D)/r586-elf.o'; + $rc5_enc_src='crypto/rc5/asm/r586unix.cpp'; $md5_asm_obj='$(OBJ_D)/mx86-elf.o'; $md5_asm_src='crypto/md5/asm/mx86unix.cpp'; + $rmd160_asm_obj='$(OBJ_D)/rm86-elf.o'; + $rmd160_asm_src='crypto/ripemd/asm/rm86unix.cpp'; $sha1_asm_obj='$(OBJ_D)/sx86-elf.o'; $sha1_asm_src='crypto/sha/asm/sx86unix.cpp'; $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM"; @@ -51,9 +55,9 @@ sub do_shlib_rule $target =~ s/\//$o/g if $o ne '/'; ($Name=$name) =~ tr/a-z/A-Z/; - $ret.="\$(LIB_D)$o$target: \$(${Name}OBJ)\n"; - $ret.="\t\$(RM) \$(LIB_D)$o$target\n"; - $ret.="\tgcc \${CFLAGS} -shared -Wl,-soname,$target -o \$(LIB_D)$o$target \$(${Name}OBJ)\n"; + $ret.="$target: \$(${Name}OBJ)\n"; + $ret.="\t\$(RM) target\n"; + $ret.="\tgcc \${CFLAGS} -shared -Wl,-soname,$target -o $target \$(${Name}OBJ)\n"; ($t=$target) =~ s/(^.*)\/[^\/]*$/$1/; if ($so_name ne "") { diff --git a/util/pl/unix.pl b/util/pl/unix.pl index 36311711c..aa2d7d1f3 100644 --- a/util/pl/unix.pl +++ b/util/pl/unix.pl @@ -46,8 +46,8 @@ $lfile=''; $asm='as'; $afile='-o '; -$bn_mulw_obj=""; -$bn_mulw_src=""; +$bn_asm_obj=""; +$bn_asm_src=""; $des_enc_obj=""; $des_enc_src=""; $bf_enc_obj=""; @@ -59,7 +59,7 @@ sub do_lib_rule local($ret,$_,$Name); $target =~ s/\//$o/g if $o ne '/'; - $target="\$(LIB_D)$o$target"; + $target="$target"; ($Name=$name) =~ tr/a-z/A-Z/; $ret.="$target: \$(${Name}OBJ)\n"; diff --git a/util/ssleay.num b/util/ssleay.num index 359fa15df..5608e2335 100755 --- a/util/ssleay.num +++ b/util/ssleay.num @@ -154,3 +154,4 @@ TLSv1_server_method 171 TLSv1_client_method 172 BIO_new_buffer_ssl_connect 173 BIO_new_ssl_connect 174 +SSL_get_ex_data_X509_STORE_CTX_idx 175 diff --git a/util/up_ver.pl b/util/up_ver.pl index e4a13bf09..ed9aa59af 100755 --- a/util/up_ver.pl +++ b/util/up_ver.pl @@ -34,6 +34,7 @@ "ssl/ssl_lib.c", "ssl/s2_lib.c", "ssl/s3_lib.c", + "ssl/s23_lib.c", "ssl/t1_lib.c", "README", ); diff --git a/util/x86asm.sh b/util/x86asm.sh index 81d328986..d2090a984 100755 --- a/util/x86asm.sh +++ b/util/x86asm.sh @@ -2,8 +2,8 @@ echo Generating x86 assember echo Bignum -(cd crypto/bn/asm; perl bn-586.pl cpp > bn86unix.cpp) -(cd crypto/bn/asm; perl bn-586.pl win32 > bn-win32.asm) +(cd crypto/bn/asm; perl x86.pl cpp > bn86unix.cpp) +(cd crypto/bn/asm; perl x86.pl win32 > bn-win32.asm) echo DES (cd crypto/des/asm; perl des-586.pl cpp > dx86unix.cpp) |