diff options
197 files changed, 6441 insertions, 3600 deletions
@@ -1,10 +1,225 @@ - OpenSSL CHANGES _______________ Changes between 0.9.6 and 0.9.7 [xx XXX 2000] - *) Add VMS support for the Rijndael code + *) Changed the LHASH code to use prototypes for callbacks, and created + macros to declare and implement thin (optionally static) functions + that provide type-safety and avoid function pointer casting for the + type-specific callbacks. + [Geoff Thorpe] + + *) Use better test patterns in bntest. + [Ulf Möller] + + *) Added Kerberos Cipher Suites to be used with TLS, as written in + RFC 2712. + [Veers Staats <staatsvr@asc.hpc.mil>, + Jeffrey Altman <jaltman@columbia.edu>, via Richard Levitte] + + *) rand_win.c fix for Borland C. + [Ulf Möller] + + *) BN_rshift bugfix for n == 0. + [Bodo Moeller] + + *) Reformat the FAQ so the different questions and answers can be divided + in sections depending on the subject. + [Richard Levitte] + + *) Have the zlib compression code load ZLIB.DLL dynamically under + Windows. + [Richard Levitte] + + *) New function BN_mod_sqrt for computing square roots modulo a prime + (Tonelli-Shanks algorithm). + [Lenka Fibikova <fibikova@exp-math.uni-essen.de>, Bodo Moeller] + + *) Store verify_result within SSL_SESSION also for client side to + avoid potential security hole. (Re-used sessions on the client side + always resulted in verify_result==X509_V_OK, not using the original + result of the server certificate verification.) + [Lutz Jaenicke] + + *) Make BN_mod_inverse faster by explicitly handling small quotients + in the Euclid loop. (Speed gain about 20% for small moduli [256 or + 512 bits], about 30% for larger ones [1024 or 2048 bits].) + [Bodo Moeller] + + *) Disable ssl2_peek and ssl3_peek (i.e., both implementations + of SSL_peek) because they both are completely broken. + They will be fixed RSN by adding an additional 'peek' parameter + to the internal read functions. + [Bodo Moeller] + + *) New function BN_kronecker. + [Bodo Moeller] + + *) Fix BN_gcd so that it works on negative inputs; the result is + positive unless both parameters are zero. + Previously something reasonably close to an infinite loop was + possible because numbers could be growing instead of shrinking + in the implementation of Euclid's algorithm. + [Bodo Moeller] + + *) Fix BN_is_word() and BN_is_one() macros to take into account the + sign of the number in question. + + Fix BN_is_word(a,w) to work correctly for w == 0. + + The old BN_is_word(a,w) macro is now called BN_abs_is_word(a,w) + because its test if the absolute value of 'a' equals 'w'. + Note that BN_abs_is_word does *not* handle w == 0 reliably; + it exists mostly for use in the implementations of BN_is_zero(), + BN_is_one(), and BN_is_word(). + [Bodo Moeller] + + *) Initialise "ex_data" member of RSA/DSA/DH structures prior to calling + the method-specific "init()" handler. Also clean up ex_data after + calling the method-specific "finish()" handler. Previously, this was + happening the other way round. + [Geoff Thorpe] + + *) New function BN_swap. + [Bodo Moeller] + + *) Use BN_nnmod instead of BN_mod in crypto/bn/bn_exp.c so that + the exponentiation functions are more likely to produce reasonable + results on negative inputs. + [Bodo Moeller] + + *) Change BN_mod_mul so that the result is always non-negative. + Previously, it could be negative if one of the factors was negative; + I don't think anyone really wanted that behaviour. + [Bodo Moeller] + + *) Move BN_mod_... functions into new file crypto/bn/bn_mod.c + (except for exponentiation, which stays in crypto/bn/bn_exp.c, + and BN_mod_mul_reciprocal, which stays in crypto/bn/bn_recp.c) + and add new functions: + + BN_nnmod + BN_mod_sqr + BN_mod_add + BN_mod_add_quick + BN_mod_sub + BN_mod_sub_quick + BN_mod_lshift1 + BN_mod_lshift1_quick + BN_mod_lshift + BN_mod_lshift_quick + + These functions always generate non-negative results. + + BN_nnmod otherwise is like BN_mod (if BN_mod computes a remainder r + such that |m| < r < 0, BN_nnmod will output rem + |m| instead). + + BN_mod_XXX_quick(r, a, [b,] m) generates the same result as + BN_mod_XXX(r, a, [b,] m, ctx), but requires that a [and b] + be reduced modulo m. + [Lenka Fibikova <fibikova@exp-math.uni-essen.de>, Bodo Moeller] + + *) Remove a few calls to bn_wexpand() in BN_sqr() (the one in there + was actually never needed) and in BN_mul(). The removal in BN_mul() + required a small change in bn_mul_part_recursive() and the addition + of the functions bn_cmp_part_words(), bn_sub_part_words() and + bn_add_part_words(), which do the same thing as bn_cmp_words(), + bn_sub_words() and bn_add_words() except they take arrays with + differing sizes. + [Richard Levitte] + + *) In 'openssl passwd', verify passwords read from the terminal + unless the '-salt' option is used (which usually means that + verification would just waste user's time since the resulting + hash is going to be compared with some given password hash) + or the new '-noverify' option is used. + + This is an incompatible change, but it does not affect + non-interactive use of 'openssl passwd' (passwords on the command + line, '-stdin' option, '-in ...' option) and thus should not + cause any problems. + [Bodo Moeller] + + *) Remove all references to RSAref, since there's no more need for it. + [Richard Levitte] + + *) Increase BN_CTX_NUM (the number of BIGNUMs in a BN_CTX) to 16. + The previous value, 12, was not always sufficient for BN_mod_exp(). + [Bodo Moeller] + + *) Make DSO load along a path given through an environment variable + (SHLIB_PATH) with shl_load(). + [Richard Levitte] + + *) Constify the ENGINE code as a result of BIGNUM constification. + Also constify the RSA code and most things related to it. In a + few places, most notable in the depth of the ASN.1 code, ugly + casts back to non-const were required (to be solved at a later + time) + [Richard Levitte] + + *) Make it so the openssl application has all engines loaded by default. + [Richard Levitte] + + *) Constify the BIGNUM routines a little more. + [Richard Levitte] + + *) Make sure that shared libraries get the internal name engine with + the full version number and not just 0. This should mark the + shared libraries as not backward compatible. Of course, this should + be changed again when we can guarantee backward binary compatibility. + [Richard Levitte] + + *) Add the following functions: + + ENGINE_load_cswift() + ENGINE_load_chil() + ENGINE_load_atalla() + ENGINE_load_nuron() + ENGINE_load_builtin_engines() + + That way, an application can itself choose if external engines that + are built-in in OpenSSL shall ever be used or not. The benefit is + that applications won't have to be linked with libdl or other dso + libraries unless it's really needed. + + Changed 'openssl engine' to load all engines on demand. + Changed the engine header files to avoid the duplication of some + declarations (they differed!). + [Richard Levitte] + + *) 'openssl engine' can now list capabilities. + [Richard Levitte] + + *) Better error reporting in 'openssl engine'. + [Richard Levitte] + + *) Never call load_dh_param(NULL) in s_server. + [Bodo Moeller] + + *) Add engine application. It can currently list engines by name and + identity, and test if they are actually available. + [Richard Levitte] + + *) Add support for shared libraries under Irix. + [Albert Chin-A-Young <china@thewrittenword.com>] + + *) Improve RPM specification file by forcing symbolic linking and making + sure the installed documentation is also owned by root.root. + [Damien Miller <djm@mindrot.org>] + + *) Add configuration option to build on Linux on both big-endian and + little-endian MIPS. + [Ralf Baechle <ralf@uni-koblenz.de>] + + *) Give the OpenSSL applications more possibilities to make use of + keys (public as well as private) handled by engines. + [Richard Levitte] + + *) Add OCSP code that comes from CertCo. + [Richard Levitte] + + *) Add VMS support for the Rijndael code. [Richard Levitte] *) Added untested support for Nuron crypto accelerator. @@ -10,7 +10,7 @@ use strict; # see INSTALL for instructions. -my $usage="Usage: Configure [no-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [rsaref] [no-threads] [no-asm] [no-dso] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] os/compiler[:flags]\n"; +my $usage="Usage: Configure [no-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [no-threads] [no-asm] [no-dso] [no-krb5] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx=vvv] os/compiler[:flags]\n"; # Options: # @@ -23,12 +23,21 @@ my $usage="Usage: Configure [no-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [- # default). This needn't be set in advance, you can # just as well use "make INSTALL_PREFIX=/whatever install". # +# --with-krb5-dir Declare where Kerberos 5 lives. The libraries are expected +# to live in the subdirectory lib/ and the header files in +# include/. +# --with-krb5-lib Declare where the Kerberos 5 libraries live. +# (Default: KRB5_DIR/lib) +# --with-krb5-include Declare where the Kerberos 5 header files live. +# (Default: KRB5_DIR/include) +# --with-krb5-flavor Declare what flavor of Kerberos 5 is used. Currently +# supported values are "MIT" and "Heimdal". +# # no-hw-xxx do not compile support for specific crypto hardware. # Generic OpenSSL-style methods relating to this support # are always compiled but return NULL if the hardware # support isn't compiled. # no-hw do not compile support for any crypto hardware. -# rsaref use RSAref # [no-]threads [don't] try to create a library that is suitable for # multithreaded applications (default is "threads" if we # know how to do it) @@ -36,6 +45,7 @@ my $usage="Usage: Configure [no-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [- # no-asm do not use assembler # no-dso do not compile in any native shared-library methods. This # will ensure that all methods just return NULL. +# no-krb5 do not compile in any KRB5 library or code. # 386 generate 80386 code # no-<cipher> build without specified algorithm (rsa, idea, rc5, ...) # -<xxx> +<xxx> compiler options are passed through @@ -119,7 +129,7 @@ my %table=( "debug-bodo", "gcc:-DL_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DBIO_PAIR_DEBUG -g -m486 -pedantic -Wshadow -Wall::-D_REENTRANT::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}", "debug-ulf", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}", "debug-steve", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -O2 -m486 -pedantic -Wall -Werror -Wshadow -pipe::-D_REENTRANT::${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}", -"debug-levitte-linux-elf","gcc:-DUSE_ALLOCATING_PRINT -DRL_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe::-D_REENTRANT:-ldl:::::::::::dlfcn", +"debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe::-D_REENTRANT:-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "dist", "cc:-O::(unknown):::::", # Basic configs that should work on any (32 and less bit) box @@ -177,17 +187,17 @@ my %table=( #### IRIX 5.x configs # -mips2 flag is added by ./config when appropriate. -"irix-gcc","gcc:-O3 -DTERMIOS -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK DES_UNROLL DES_RISC2 DES_PTR BF_PTR:::", -"irix-cc", "cc:-O2 -use_readonly_const -DTERMIOS -DB_ENDIAN::(unknown)::BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC2 DES_UNROLL BF_PTR:::", +"irix-gcc","gcc:-O3 -DTERMIOS -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK DES_UNROLL DES_RISC2 DES_PTR BF_PTR::::::::::dlfcn:irix-shared::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"irix-cc", "cc:-O2 -use_readonly_const -DTERMIOS -DB_ENDIAN::(unknown)::BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC2 DES_UNROLL BF_PTR::::::::::dlfcn:irix-shared::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", #### IRIX 6.x configs # Only N32 and N64 ABIs are supported. If you need O32 ABI build, invoke # './Configure irix-[g]cc' manually. # -mips4 flag is added by ./config when appropriate. -"irix-mips3-gcc","gcc:-mabi=n32 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:asm/mips3.o::", -"irix-mips3-cc", "cc:-n32 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:asm/mips3.o::", +"irix-mips3-gcc","gcc:-mabi=n32 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:asm/mips3.o:::::::::dlfcn:irix-shared::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"irix-mips3-cc", "cc:-n32 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:asm/mips3.o:::::::::dlfcn:irix-shared::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # N64 ABI builds. -"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:asm/mips3.o::", -"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:asm/mips3.o::", +"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:asm/mips3.o:::::::::dlfcn:irix-shared::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:asm/mips3.o:::::::::dlfcn:irix-shared::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", #### Unified HP-UX ANSI C configs. # Special notes: @@ -220,40 +230,40 @@ my %table=( #!#"hpux-parisc-cc","cc:-Ae +O3 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY:::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl", # Since there is mention of this in shlib/hpux10-cc.sh "hpux-parisc-cc-o4","cc:-Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY:::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W:::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W:::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "hpux64-parisc-cc","cc:-Ae +DD64 +O3 +ESlit -z -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT:-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dlfcn:hpux64-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # More attempts at unified 10.X and 11.X targets for HP C compiler. # # Chris Ruemmler <ruemmler@cup.hp.com> # Kevin Steves <ks@hp.se> -"hpux-parisc-cc","cc:+O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT:-ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT:-ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2.o:::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux-parisc-cc","cc:+O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT:-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT:-Wl,+s -ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2.o:::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT:-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2W.o:::::::::dlfcn:hpux64-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"hpux-parisc1_1-cc","cc:+DA1.1 +DS1.1 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT:-ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux-parisc1_1-cc","cc:+DA1.1 +DS1.1 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT:-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # HPUX 9.X config. # Don't use the bundled cc. It is broken. Use HP ANSI C if possible, or # egcs. gcc 2.8.1 is also broken. -"hpux-cc", "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::(unknown):-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux-cc", "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::(unknown):-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # If hpux-cc fails (e.g. during "make test"), try the next one; otherwise, # please report your OS and compiler version to the openssl-bugs@openssl.org # mailing list. -"hpux-brokencc", "cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::(unknown):-ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux-brokencc", "cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::(unknown):-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"hpux-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown):-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown):-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # If hpux-gcc fails, try this one: -"hpux-brokengcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown):-ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux-brokengcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown):-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # HPUX 10.X config. Supports threads. -"hpux10-cc", "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::-D_REENTRANT:-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux10-cc", "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::-D_REENTRANT:-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # If hpux10-cc fails, try this one (if still fails, try deleting BN_LLONG): -"hpux10-brokencc", "cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::-D_REENTRANT:-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux10-brokencc", "cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::-D_REENTRANT:-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"hpux10-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT:-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux10-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT:-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # If hpux10-gcc fails, try this one: -"hpux10-brokengcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT:-ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux10-brokengcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT:-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # HPUX 11.X from www.globus.org. # Only works on PA-RISC 2.0 cpus, and not optimized. Why? @@ -267,9 +277,9 @@ my %table=( # Dec Alpha, OSF/1 - the alpha164-cc is the flags for a 21164A with # the new compiler # For gcc, the following gave a %50 speedup on a 164 over the 'DES_INT' version -"alpha-gcc","gcc:-O3::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1:asm/alpha.o:::::::::dlfcn:true64-shared::.so", -"alpha-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK:asm/alpha.o:::::::::dlfcn:true64-shared::.so", -"alpha164-cc", "cc:-std1 -tune host -fast -readonly_strings::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK:asm/alpha.o:::::::::dlfcn:true64-shared::.so", +"alpha-gcc","gcc:-O3::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1:asm/alpha.o:::::::::dlfcn:tru64-shared::.so", +"alpha-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK:asm/alpha.o:::::::::dlfcn:tru64-shared::.so", +"alpha164-cc", "cc:-std1 -tune host -fast -readonly_strings::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK:asm/alpha.o:::::::::dlfcn:tru64-shared::.so", "FreeBSD-alpha","gcc:-DTERMIOS -O -fomit-frame-pointer::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", #### Alpha Linux with GNU C and Compaq C setups @@ -299,7 +309,8 @@ my %table=( "debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT:-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn", "debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT:-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn", "linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}", -"linux-mips", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown)::BN_LLONG:::", +"linux-mipsel", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown)::BN_LLONG:::", +"linux-mips", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown)::BN_LLONG:::", "linux-ppc", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG::", "linux-m68k", "gcc:-DB_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG::", "linux-ia64", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown)::SIXTY_FOUR_BIT_LONG::", @@ -407,8 +418,9 @@ my %table=( "OpenBSD", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown)::BN_LLONG RC2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "OpenBSD-mips","gcc:-O2 -DL_ENDIAN::(unknown):BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:::::::::::dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -##### MacOS X (a.k.a. Rhapsody) setup +##### MacOS X (a.k.a. Rhapsody or Darwin) setup "rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown)::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::", +"darwin-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown)::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::", ##### Sony NEWS-OS 4.x "newsos4-gcc","gcc:-O -DB_ENDIAN -DNEWS4::(unknown):-lmld -liberty:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::", @@ -423,6 +435,7 @@ my $openssldir=""; my $install_prefix=""; my $no_threads=0; my $no_shared=1; +my $no_krb5=0; my $threads=0; my $no_asm=0; my $no_dso=0; @@ -465,6 +478,7 @@ my $libs; my $target; my $options; my $symlink; +my %withargs=(); my @argvcopy=@ARGV; my $argvstring=""; @@ -509,6 +523,8 @@ PROCESS_ARGS: } elsif (/^no-dso$/) { $no_dso=1; } + elsif (/^no-krb5$/) + { $no_krb5=1; } elsif (/^no-threads$/) { $no_threads=1; } elsif (/^threads$/) @@ -563,9 +579,9 @@ PROCESS_ARGS: { $processor=386; } elsif (/^rsaref$/) { - $libs.= "-lRSAglue -lrsaref "; - $flags.= "-DRSAref "; - $openssl_other_defines .= "#define RSAref\n"; + # No RSAref support any more since it's not needed. + # The check for the option is there so scripts aren't + # broken } elsif (/^[-+]/) { @@ -589,6 +605,10 @@ PROCESS_ARGS: { $install_prefix=$1; } + elsif (/^--with-krb5-(dir|lib|include|flavor)=(.*)$/) + { + $withargs{"krb5-".$1}=$2; + } else { print STDERR $usage; @@ -653,6 +673,38 @@ print "IsWindows=$IsWindows\n"; split(/\s*:\s*/,$table{$target} . ":" x 30 , -1); $cflags="$flags$cflags" if ($flags ne ""); +# Kerberos settings. The flavor must be provided from outside, either through +# the script "config" or manually. +if ($no_krb5 + || !defined($withargs{"krb5-flavor"}) + || $withargs{"krb5-flavor"} eq "") + { + $cflags="-DNO_KRB5 $cflags"; + } +else + { + if ($withargs{"krb5-flavor"} =~ /^[Hh]eimdal$/) + { + $withargs{"krb5-dir"} = "/usr/heimdal" + if $withargs{"krb5-dir"} eq ""; + $withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}. + "/lib -lgssapi -lkrb5 -lcom_err" + if $withargs{"krb5-lib"} eq ""; + $cflags="-DKRB5_HEIMDAL $cflags"; + } + if ($withargs{"krb5-flavor"} =~ /^[Mm][Ii][Tt]$/) + { + $withargs{"krb5-dir"} = "/usr/kerberos" + if $withargs{"krb5-dir"} eq ""; + $withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}. + "/lib -lgssapi_krb5 -lkrb5 -lcom_err -lk5crypto" + if $withargs{"krb5-lib"} eq ""; + $cflags="-DKRB5_MIT $cflags"; + } + $withargs{"krb5-include"} = "-I".$withargs{"krb5-dir"}."/include" + if $withargs{"krb5-include"} eq "" && $withargs{"krb5-dir"} ne ""; + } + # The DSO code currently always implements all functions so that no # applications will have to worry about that from a compilation point # of view. However, the "method"s may return zero unless that platform @@ -845,6 +897,8 @@ while (<IN>) s/^PROCESSOR=.*/PROCESSOR= $processor/; s/^RANLIB=.*/RANLIB= $ranlib/; s/^PERL=.*/PERL= $perl/; + s/^KRB5_INCLUDES=.*/KRB5_INCLUDES=$withargs{"krb5-include"}/; + s/^LIBKRB5=.*/LIBKRB5=$withargs{"krb5-lib"}/; s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/; s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/; s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared); @@ -878,6 +932,10 @@ print "RMD160_OBJ_ASM=$rmd160_obj\n"; print "PROCESSOR =$processor\n"; print "RANLIB =$ranlib\n"; print "PERL =$perl\n"; +print "KRB5_INCLUDES =",$withargs{"krb5-include"},"\n" + if $withargs{"krb5-include"} ne ""; +print "LIBKRB5 =",$withargs{"krb5-lib"},"\n" + if $withargs{"krb5-lib"} ne ""; my $des_ptr=0; my $des_risc1=0; @@ -1,20 +1,22 @@ OpenSSL - Frequently Asked Questions -------------------------------------- +[MISC] Miscellaneous questions + * Which is the current version of OpenSSL? * Where is the documentation? * How can I contact the OpenSSL developers? +* Where can I get a compiled version of OpenSSL? +* Why aren't tools like 'autoconf' and 'libtool' used? + +[LEGAL] Legal questions + * Do I need patent licenses to use OpenSSL? -* Is OpenSSL thread-safe? +* Can I use OpenSSL with GPL software? + +[USER] Questions on using the OpenSSL applications + * Why do I get a "PRNG not seeded" error message? -* Why does the linker complain about undefined symbols? -* Where can I get a compiled version of OpenSSL? -* I've compiled a program under Windows and it crashes: why? -* How do I read or write a DER encoded buffer using the ASN1 functions? -* I've tried using <M_some_evil_pkcs12_macro> and I get errors why? -* I've called <some function> and it fails, why? -* I just get a load of numbers for the error output, what do they mean? -* Why do I get errors about unknown algorithms? * How do I create certificates or certificate requests? * Why can't I create certificate requests? * Why does <SSL program> fail with a certificate verify error? @@ -22,14 +24,31 @@ OpenSSL - Frequently Asked Questions * How can I create DSA certificates? * Why can't I make an SSL connection using a DSA certificate? * How can I remove the passphrase on a private key? -* Why can't the OpenSSH configure script detect OpenSSL? + +[BUILD] Questions about building and testing OpenSSL + +* Why does the linker complain about undefined symbols? * Why does the OpenSSL test fail with "bc: command not found"? * Why does the OpenSSL test fail with "bc: 1 no implemented"? * Why does the OpenSSL compilation fail on Alpha True64 Unix? * Why does the OpenSSL compilation fail with "ar: command not found"? * Why does the OpenSSL compilation fail on Win32 with VC++? -* Why aren't tools like 'autoconf' and 'libtool' used? +[PROG] Questions about programming with OpenSSL + +* Is OpenSSL thread-safe? +* I've compiled a program under Windows and it crashes: why? +* How do I read or write a DER encoded buffer using the ASN1 functions? +* I've tried using <M_some_evil_pkcs12_macro> and I get errors why? +* I've called <some function> and it fails, why? +* I just get a load of numbers for the error output, what do they mean? +* Why do I get errors about unknown algorithms? +* Why can't the OpenSSH configure script detect OpenSSL? +* Can I use OpenSSL's SSL library with non-blocking I/O? + +=============================================================================== + +[MISC] ======================================================================== * Which is the current version of OpenSSL? @@ -80,6 +99,36 @@ OpenSSL. Information on the OpenSSL mailing lists is available from <URL: http://www.openssl.org>. +* Where can I get a compiled version of OpenSSL? + +Some applications that use OpenSSL are distributed in binary form. +When using such an application, you don't need to install OpenSSL +yourself; the application will include the required parts (e.g. DLLs). + +If you want to install OpenSSL on a Windows system and you don't have +a C compiler, read the "Mingw32" section of INSTALL.W32 for information +on how to obtain and install the free GNU C compiler. + +A number of Linux and *BSD distributions include OpenSSL. + + +* Why aren't tools like 'autoconf' and 'libtool' used? + +autoconf is a nice tool, but is unfortunately very Unix-centric. +Although one can come up with solution to have ports keep in track, +there's also some work needed for that, and can be quite painful at +times. If there was a 'autoconf'-like tool that generated perl +scripts or something similarly general, it would probably be used +in OpenSSL much earlier. + +libtool has repeatadly been reported by some members of the OpenSSL +development and others to be a pain to use. So far, those in the +development team who have said anything about this have expressed +a wish to avoid libtool for that reason. + + +[LEGAL] ======================================================================= + * Do I need patent licenses to use OpenSSL? The patents section of the README file lists patents that may apply to @@ -91,17 +140,25 @@ You can configure OpenSSL so as not to use RC5 and IDEA by using ./config no-rc5 no-idea -* Is OpenSSL thread-safe? +* Can I use OpenSSL with GPL software? -Yes (with limitations: an SSL connection may not concurrently be used -by multiple threads). On Windows and many Unix systems, OpenSSL -automatically uses the multi-threaded versions of the standard -libraries. If your platform is not one of these, consult the INSTALL -file. +On many systems including the major Linux and BSD distributions, yes (the +GPL does not place restrictions on using libraries that are part of the +normal operating system distribution). -Multi-threaded applications must provide two callback functions to -OpenSSL. This is described in the threads(3) manpage. +On other systems, the situation is less clear. Some GPL software copyright +holders claim that you infringe on their rights if you use OpenSSL with +their software on operating systems that don't normally include OpenSSL. +If you develop open source software that uses OpenSSL, you may find it +useful to choose an other license than the GPL, or state explicitely that +"This program is released under the GPL with the additional exemption that +compiling, linking, and/or using OpenSSL is allowed." If you are using +GPL software developed by others, you may want to ask the copyright holder +for permission to use their software with OpenSSL. + + +[USER] ======================================================================== * Why do I get a "PRNG not seeded" error message? @@ -140,6 +197,70 @@ versions. However, be warned that /dev/random is usually a blocking device, which may have some effects on OpenSSL. +* How do I create certificates or certificate requests? + +Check out the CA.pl(1) manual page. This provides a simple wrapper round +the 'req', 'verify', 'ca' and 'pkcs12' utilities. For finer control check +out the manual pages for the individual utilities and the certificate +extensions documentation (currently in doc/openssl.txt). + + +* Why can't I create certificate requests? + +You typically get the error: + + unable to find 'distinguished_name' in config + problems making Certificate Request + +This is because it can't find the configuration file. Check out the +DIAGNOSTICS section of req(1) for more information. + + +* Why does <SSL program> fail with a certificate verify error? + +This problem is usually indicated by log messages saying something like +"unable to get local issuer certificate" or "self signed certificate". +When a certificate is verified its root CA must be "trusted" by OpenSSL +this typically means that the CA certificate must be placed in a directory +or file and the relevant program configured to read it. The OpenSSL program +'verify' behaves in a similar way and issues similar error messages: check +the verify(1) program manual page for more information. + + +* Why can I only use weak ciphers when I connect to a server using OpenSSL? + +This is almost certainly because you are using an old "export grade" browser +which only supports weak encryption. Upgrade your browser to support 128 bit +ciphers. + + +* How can I create DSA certificates? + +Check the CA.pl(1) manual page for a DSA certificate example. + + +* Why can't I make an SSL connection to a server using a DSA certificate? + +Typically you'll see a message saying there are no shared ciphers when +the same setup works fine with an RSA certificate. There are two possible +causes. The client may not support connections to DSA servers most web +browsers (including Netscape and MSIE) only support connections to servers +supporting RSA cipher suites. The other cause is that a set of DH parameters +has not been supplied to the server. DH parameters can be created with the +dhparam(1) command and loaded using the SSL_CTX_set_tmp_dh() for example: +check the source to s_server in apps/s_server.c for an example. + + +* How can I remove the passphrase on a private key? + +Firstly you should be really *really* sure you want to do this. Leaving +a private key unencrypted is a major security risk. If you decide that +you do have to do this check the EXAMPLES sections of the rsa(1) and +dsa(1) manual pages. + + +[BUILD] ======================================================================= + * Why does the linker complain about undefined symbols? Maybe the compilation was interrupted, and make doesn't notice that @@ -164,17 +285,98 @@ If none of these helps, you may want to try using the current snapshot. If the problem persists, please submit a bug report. -* Where can I get a compiled version of OpenSSL? +* Why does the OpenSSL test fail with "bc: command not found"? -Some applications that use OpenSSL are distributed in binary form. -When using such an application, you don't need to install OpenSSL -yourself; the application will include the required parts (e.g. DLLs). +You didn't install "bc", the Unix calculator. If you want to run the +tests, get GNU bc from ftp://ftp.gnu.org or from your OS distributor. -If you want to install OpenSSL on a Windows system and you don't have -a C compiler, read the "Mingw32" section of INSTALL.W32 for information -on how to obtain and install the free GNU C compiler. -A number of Linux and *BSD distributions include OpenSSL. +* Why does the OpenSSL test fail with "bc: 1 no implemented"? + +On some SCO installations or versions, bc has a bug that gets triggered when +you run the test suite (using "make test"). The message returned is "bc: +1 not implemented". The best way to deal with this is to find another +implementation of bc and compile/install it. For example, GNU bc (see +http://www.gnu.org/software/software.html for download instructions) can +be safely used. + + +* Why does the OpenSSL compilation fail on Alpha True64 Unix? + +On some Alpha installations running True64 Unix and Compaq C, the compilation +of crypto/sha/sha_dgst.c fails with the message 'Fatal: Insufficient virtual +memory to continue compilation.' As far as the tests have shown, this may be +a compiler bug. What happens is that it eats up a lot of resident memory +to build something, probably a table. The problem is clearly in the +optimization code, because if one eliminates optimization completely (-O0), +the compilation goes through (and the compiler consumes about 2MB of resident +memory instead of 240MB or whatever one's limit is currently). + +There are three options to solve this problem: + +1. set your current data segment size soft limit higher. Experience shows +that about 241000 kbytes seems to be enough on an AlphaServer DS10. You do +this with the command 'ulimit -Sd nnnnnn', where 'nnnnnn' is the number of +kbytes to set the limit to. + +2. If you have a hard limit that is lower than what you need and you can't +get it changed, you can compile all of OpenSSL with -O0 as optimization +level. This is however not a very nice thing to do for those who expect to +get the best result from OpenSSL. A bit more complicated solution is the +following: + +----- snip:start ----- + make DIRS=crypto SDIRS=sha "`grep '^CFLAG=' Makefile.ssl | \ + sed -e 's/ -O[0-9] / -O0 /'`" + rm `ls crypto/*.o crypto/sha/*.o | grep -v 'sha_dgst\.o'` + make +----- snip:end ----- + +This will only compile sha_dgst.c with -O0, the rest with the optimization +level chosen by the configuration process. When the above is done, do the +test and installation and you're set. + + +* Why does the OpenSSL compilation fail with "ar: command not found"? + +Getting this message is quite usual on Solaris 2, because Sun has hidden +away 'ar' and other development commands in directories that aren't in +$PATH by default. One of those directories is '/usr/ccs/bin'. The +quickest way to fix this is to do the following (it assumes you use sh +or any sh-compatible shell): + +----- snip:start ----- + PATH=${PATH}:/usr/ccs/bin; export PATH +----- snip:end ----- + +and then redo the compilation. What you should really do is make sure +'/usr/ccs/bin' is permanently in your $PATH, for example through your +'.profile' (again, assuming you use a sh-compatible shell). + + +* Why does the OpenSSL compilation fail on Win32 with VC++? + +Sometimes, you may get reports from VC++ command line (cl) that it +can't find standard include files like stdio.h and other weirdnesses. +One possible cause is that the environment isn't correctly set up. +To solve that problem, one should run VCVARS32.BAT which is found in +the 'bin' subdirectory of the VC++ installation directory (somewhere +under 'Program Files'). This needs to be done prior to running NMAKE, +and the changes are only valid for the current DOS session. + + +[PROG] ======================================================================== + +* Is OpenSSL thread-safe? + +Yes (with limitations: an SSL connection may not concurrently be used +by multiple threads). On Windows and many Unix systems, OpenSSL +automatically uses the multi-threaded versions of the standard +libraries. If your platform is not one of these, consult the INSTALL +file. + +Multi-threaded applications must provide two callback functions to +OpenSSL. This is described in the threads(3) manpage. * I've compiled a program under Windows and it crashes: why? @@ -261,68 +463,6 @@ is forgetting to load OpenSSL's table of algorithms with OpenSSL_add_all_algorithms(). See the manual page for more information. -* How do I create certificates or certificate requests? - -Check out the CA.pl(1) manual page. This provides a simple wrapper round -the 'req', 'verify', 'ca' and 'pkcs12' utilities. For finer control check -out the manual pages for the individual utilities and the certificate -extensions documentation (currently in doc/openssl.txt). - - -* Why can't I create certificate requests? - -You typically get the error: - - unable to find 'distinguished_name' in config - problems making Certificate Request - -This is because it can't find the configuration file. Check out the -DIAGNOSTICS section of req(1) for more information. - - -* Why does <SSL program> fail with a certificate verify error? - -This problem is usually indicated by log messages saying something like -"unable to get local issuer certificate" or "self signed certificate". -When a certificate is verified its root CA must be "trusted" by OpenSSL -this typically means that the CA certificate must be placed in a directory -or file and the relevant program configured to read it. The OpenSSL program -'verify' behaves in a similar way and issues similar error messages: check -the verify(1) program manual page for more information. - - -* Why can I only use weak ciphers when I connect to a server using OpenSSL? - -This is almost certainly because you are using an old "export grade" browser -which only supports weak encryption. Upgrade your browser to support 128 bit -ciphers. - - -* How can I create DSA certificates? - -Check the CA.pl(1) manual page for a DSA certificate example. - - -* Why can't I make an SSL connection to a server using a DSA certificate? - -Typically you'll see a message saying there are no shared ciphers when -the same setup works fine with an RSA certificate. There are two possible -causes. The client may not support connections to DSA servers most web -browsers (including Netscape and MSIE) only support connections to servers -supporting RSA cipher suites. The other cause is that a set of DH parameters -has not been supplied to the server. DH parameters can be created with the -dhparam(1) command and loaded using the SSL_CTX_set_tmp_dh() for example: -check the source to s_server in apps/s_server.c for an example. - - -* How can I remove the passphrase on a private key? - -Firstly you should be really *really* sure you want to do this. Leaving -a private key unencrypted is a major security risk. If you decide that -you do have to do this check the EXAMPLES sections of the rsa(1) and -dsa(1) manual pages. - - * Why can't the OpenSSH configure script detect OpenSSL? There is a problem with OpenSSH 1.2.2p1, in that the configure script @@ -364,97 +504,19 @@ applied to the OpenSSH distribution: ----- snip:end ----- -* Why does the OpenSSL test fail with "bc: command not found"? - -You didn't install "bc", the Unix calculator. If you want to run the -tests, get GNU bc from ftp://ftp.gnu.org or from your OS distributor. - - -* Why does the OpenSSL test fail with "bc: 1 no implemented"? - -On some SCO installations or versions, bc has a bug that gets triggered when -you run the test suite (using "make test"). The message returned is "bc: -1 not implemented". The best way to deal with this is to find another -implementation of bc and compile/install it. For example, GNU bc (see -http://www.gnu.org/software/software.html for download instructions) can -be safely used. - - -* Why does the OpenSSL compilation fail on Alpha True64 Unix? - -On some Alpha installations running True64 Unix and Compaq C, the compilation -of crypto/sha/sha_dgst.c fails with the message 'Fatal: Insufficient virtual -memory to continue compilation.' As far as the tests have shown, this may be -a compiler bug. What happens is that it eats up a lot of resident memory -to build something, probably a table. The problem is clearly in the -optimization code, because if one eliminates optimization completely (-O0), -the compilation goes through (and the compiler consumes about 2MB of resident -memory instead of 240MB or whatever one's limit is currently). +* Can I use OpenSSL's SSL library with non-blocking I/O? -There are three options to solve this problem: +Yes; make sure to read the SSL_get_error(3) manual page! -1. set your current data segment size soft limit higher. Experience shows -that about 241000 kbytes seems to be enough on an AlphaServer DS10. You do -this with the command 'ulimit -Sd nnnnnn', where 'nnnnnn' is the number of -kbytes to set the limit to. +A pitfall to avoid: Don't assume that SSL_read() will just read from +the underlying transport or that SSL_write() will just write to it -- +it is also possible that SSL_write() cannot do any useful work until +there is data to read, or that SSL_read() cannot do anything until it +is possible to send data. One reason for this is that the peer may +request a new TLS/SSL handshake at any time during the protocol, +requiring a bi-directional message exchange; both SSL_read() and +SSL_write() will try to continue any pending handshake. -2. If you have a hard limit that is lower than what you need and you can't -get it changed, you can compile all of OpenSSL with -O0 as optimization -level. This is however not a very nice thing to do for those who expect to -get the best result from OpenSSL. A bit more complicated solution is the -following: ------ snip:start ----- - make DIRS=crypto SDIRS=sha "`grep '^CFLAG=' Makefile.ssl | \ - sed -e 's/ -O[0-9] / -O0 /'`" - rm `ls crypto/*.o crypto/sha/*.o | grep -v 'sha_dgst\.o'` - make ------ snip:end ----- - -This will only compile sha_dgst.c with -O0, the rest with the optimization -level chosen by the configuration process. When the above is done, do the -test and installation and you're set. - - -* Why does the OpenSSL compilation fail with "ar: command not found"? - -Getting this message is quite usual on Solaris 2, because Sun has hidden -away 'ar' and other development commands in directories that aren't in -$PATH by default. One of those directories is '/usr/ccs/bin'. The -quickest way to fix this is to do the following (it assumes you use sh -or any sh-compatible shell): - ------ snip:start ----- - PATH=${PATH}:/usr/ccs/bin; export PATH ------ snip:end ----- - -and then redo the compilation. What you should really do is make sure -'/usr/ccs/bin' is permanently in your $PATH, for example through your -'.profile' (again, assuming you use a sh-compatible shell). - - -* Why does the OpenSSL compilation fail on Win32 with VC++? - -Sometimes, you may get reports from VC++ command line (cl) that it -can't find standard include files like stdio.h and other weirdnesses. -One possible cause is that the environment isn't correctly set up. -To solve that problem, one should run VCVARS32.BAT which is found in -the 'bin' subdirectory of the VC++ installation directory (somewhere -under 'Program Files'). This needs to be done prior to running NMAKE, -and the changes are only valid for the current DOS session. - - -* Why aren't tools like 'autoconf' and 'libtool' used? - -autoconf is a nice tool, but is unfortunately very Unix-centric. -Although one can come up with solution to have ports keep in track, -there's also some work needed for that, and can be quite painful at -times. If there was a 'autoconf'-like tool that generated perl -scripts or something similarly general, it would probably be used -in OpenSSL much earlier. - -libtool has repeatadly been reported by some members of the OpenSSL -development and others to be a pain to use. So far, those in the -development team who have said anything about this have expressed -a wish to avoid libtool for that reason. +=============================================================================== @@ -43,9 +43,6 @@ --openssldir=DIR Directory for OpenSSL files. If no prefix is specified, the library files and binaries are also installed there. - rsaref Build with RSADSI's RSAREF toolkit (this assumes that - librsaref.a is in the library search path). - no-threads Don't try to build with support for multi-threaded applications. diff --git a/Makefile.org b/Makefile.org index 184fd768e1..c50cab6a72 100644 --- a/Makefile.org +++ b/Makefile.org @@ -24,7 +24,6 @@ INSTALLTOP=/usr/local/ssl # Do not edit this manually. Use Configure --openssldir=DIR do change this! OPENSSLDIR=/usr/local/ssl -# RSAref - Define if we are to link with RSAref. # NO_IDEA - Define to build without the IDEA algorithm # NO_RC4 - Define to build without the RC4 algorithm # NO_RC2 - Define to build without the RC2 algorithm @@ -150,11 +149,15 @@ RMD160_ASM_OBJ= asm/rm86-out.o #RMD160_ASM_OBJ= asm/rm86-out.o # a.out, FreeBSD #RMD160_ASM_OBJ= asm/rm86bsdi.o # bsdi +# KRB5 stuff +KRB5_INCLUDES= +LIBKRB5= + # When we're prepared to use shared libraries in the programs we link here # we might set SHLIB_MARK to '$(SHARED_LIBS)'. SHLIB_MARK= -DIRS= crypto ssl rsaref $(SHLIB_MARK) apps test tools +DIRS= crypto ssl $(SHLIB_MARK) apps test tools SHLIBDIRS= crypto ssl # dirs in crypto to build @@ -163,7 +166,11 @@ SDIRS= \ des rc2 rc4 rc5 idea bf cast \ bn rsa dsa dh dso engine rijndael \ buffer bio stack lhash rand err objects \ - evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp + evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp + +# tests to perform. "alltests" is a special word indicating that all tests +# should be performed. +TESTS = alltests MAKEFILE= Makefile.ssl MAKE= make -f Makefile.ssl @@ -201,7 +208,7 @@ sub_all: do \ if [ -d "$$i" ]; then \ (cd $$i && echo "making all in $$i..." && \ - $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' all ) || exit 1; \ + $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' all ) || exit 1; \ else \ $(MAKE) $$i; \ fi; \ @@ -254,14 +261,14 @@ do_bsd-gcc-shared: linux-shared do_linux-shared: libs='${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ ( set -x; ${CC} -shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ - -Wl,-S,-soname=lib$$i.so.${SHLIB_MAJOR} \ + -Wl,-S,-soname=lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ -Wl,--whole-archive lib$$i.a \ -Wl,--no-whole-archive $$libs ${EX_LIBS} -lc ) || exit 1; \ libs="$$libs -L. -l$$i"; \ done # This assumes that GNU utilities are *not* used -do_true64-shared: +do_tru64-shared: libs='${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ ( set -x; ${CC} -shared -no_archive -o lib$$i.so \ -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \ @@ -273,28 +280,55 @@ do_true64-shared: do_solaris-shared: libs='${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ ( set -x; ${CC} -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ - -h lib$$i.so.${SHLIB_MAJOR} \ + -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ -z allextract lib$$i.a $$libs ${EX_LIBS} -lc ) || exit 1; \ libs="$$libs -L. -l$$i"; \ done # This assumes that GNU utilities are *not* used -do_hpux-shared: +do_irix-shared: libs='${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ + ( set -x; ${CC} -shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ + -Wl,-soname,lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ + -all lib$$i.a $$libs ${EX_LIBS} -lc) || exit 1; \ + libs="$$libs -L. -l$$i"; \ + done + +# This assumes that GNU utilities are *not* used +# HP-UX includes the full pathname of libs we depend on, so we would get +# ./libcrypto (with ./ as path information) compiled into libssl, hence +# we omit the SHLIBDEPS. Applications must be linked with -lssl -lcrypto +# anyway. +# The object modules are loaded from lib$i.a using the undocumented -Fl +# option. +# +# WARNING: Until DSO is fixed to support a search path, we support SHLIB_PATH +# by temporarily specifying "+s"! +# +do_hpux-shared: + for i in ${SHLIBDIRS}; do \ ( set -x; /usr/ccs/bin/ld +vnocompatwarnings \ - -b -z -o lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \ + -b -z +s \ + -o lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \ +h lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \ - -Fl lib$$i.a $$libs ${EX_LIBS} -lc ) || exit 1; \ - libs="$$libs -L. -l$$i"; \ + -Fl lib$$i.a -ldld -lc ) || exit 1; \ done # This assumes that GNU utilities are *not* used +# HP-UX includes the full pathname of libs we depend on, so we would get +# ./libcrypto (with ./ as path information) compiled into libssl, hence +# we omit the SHLIBDEPS. Applications must be linked with -lssl -lcrypto +# anyway. +# +# HP-UX in 64bit mode has "+s" enabled by default; it will search for +# shared libraries along LD_LIBRARY_PATH _and_ SHLIB_PATH. +# do_hpux64-shared: - libs='${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ - ( set -x; /usr/ccs/bin/ld -b -z -o lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \ + for i in ${SHLIBDIRS}; do \ + ( set -x; /usr/ccs/bin/ld -b -z \ + -o lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \ +h lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \ - +forceload lib$$i.a $$libs ${EX_LIBS} -lc ) || exit 1; \ - libs="$$libs -L. -l$$i"; \ + +forceload lib$$i.a -ldl -lc ) || exit 1; \ done Makefile.ssl: Makefile.org @@ -343,7 +377,7 @@ links: @for i in $(DIRS); do \ if [ -d "$$i" ]; then \ (cd $$i && echo "making links in $$i..." && \ - $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PERL='${PERL}' links ) || exit 1; \ + $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PERL='${PERL}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' links ) || exit 1; \ fi; \ done; @@ -366,7 +400,7 @@ test: tests tests: rehash @(cd test && echo "testing..." && \ - $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SDIRS='${SDIRS}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' tests ); + $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SDIRS='${SDIRS}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' tests ); @apps/openssl version -a report: @@ -475,8 +509,8 @@ install: all install_docs do \ if [ -f "$$i" ]; then \ ( echo installing $$i; \ - cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i ); \ + cp -f $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \ + chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i ); \ fi \ done; \ ( here="`pwd`"; \ @@ -5,6 +5,13 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 0.9.6 and OpenSSL x.x.x: + + o New library section OCSP. + o Complete haul-over of the ASN.1 library section [1]. + + [1] The haul-over is currently a separate line of development. + Major changes between OpenSSL 0.9.5a and OpenSSL 0.9.6: o Some documentation for BIO and SSL libraries. diff --git a/README.ENGINE b/README.ENGINE index 3d88ed152f..0d698b7446 100644 --- a/README.ENGINE +++ b/README.ENGINE @@ -13,11 +13,10 @@ o CryptoSwift o Compaq Atalla o nCipher CHIL + o Nuron A number of things are still needed and are being worked on: - o An openssl utility command to handle or at least check available - engines. o A better way of handling the methods that are handled by the engines. o Documentation! @@ -25,25 +24,6 @@ What already exists is fairly stable as far as it has been tested, but the test base has been a bit small most of the time. - Because of this experimental status and what's lacking, the ENGINE - component is not yet part of the default OpenSSL distribution. However, - we have made a separate kit for those who want to try this out, to be - found in the same places as the default OpenSSL distribution, but with - "-engine-" being part of the kit file name. For example, version 0.9.6 - is distributed in the following two files: - - openssl-0.9.6.tar.gz - openssl-engine-0.9.6.tar.gz - - NOTES - ===== - - openssl-engine-0.9.6.tar.gz does not depend on openssl-0.9.6.tar, you do - not need to download both. - - openssl-engine-0.9.6.tar.gz is usable even if you don't have an external - crypto device. The internal OpenSSL functions are contained in the - engine "openssl", and will be used by default. No external crypto device is chosen unless you say so. You have actively tell the openssl utility commands to use it through a new command line @@ -1,6 +1,6 @@ OpenSSL STATUS Last modified at - ______________ $Date: 2000/10/26 21:07:27 $ + ______________ $Date: 2000/12/06 18:34:02 $ DEVELOPMENT STATE @@ -34,8 +34,10 @@ o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). - Dynamic thread-lock support. Shared library support for VMS. + OCSP + Kerberos 5 authentication + Constification NEEDS PATCH @@ -584,7 +584,7 @@ $rc4_obj = $rmd160_obj = $rc5_obj = $dso_scheme = dlfcn -$shared_target= true64-shared +$shared_target= tru64-shared $shared_cflag = $shared_extension = .so @@ -605,7 +605,7 @@ $rc4_obj = $rmd160_obj = $rc5_obj = $dso_scheme = dlfcn -$shared_target= true64-shared +$shared_target= tru64-shared $shared_cflag = $shared_extension = .so @@ -626,7 +626,7 @@ $rc4_obj = $rmd160_obj = $rc5_obj = $dso_scheme = dlfcn -$shared_target= true64-shared +$shared_target= tru64-shared $shared_cflag = $shared_extension = .so @@ -735,6 +735,27 @@ $shared_target= $shared_cflag = $shared_extension = +*** darwin-ppc-cc +$cc = cc +$cflags = -O3 -DB_ENDIAN +$unistd = +$thread_cflag = (unknown) +$lflags = +$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR +$bn_obj = +$des_obj = +$bf_obj = +$md5_obj = +$sha1_obj = +$cast_obj = +$rc4_obj = +$rmd160_obj = +$rc5_obj = +$dso_scheme = +$shared_target= +$shared_cflag = +$shared_extension = + *** debug $cc = gcc $cflags = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror @@ -842,24 +863,24 @@ $shared_extension = *** debug-levitte-linux-elf $cc = gcc -$cflags = -DUSE_ALLOCATING_PRINT -DRL_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe +$cflags = -DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe $unistd = $thread_cflag = -D_REENTRANT $lflags = -ldl -$bn_ops = -$bn_obj = -$des_obj = -$bf_obj = -$md5_obj = -$sha1_obj = -$cast_obj = -$rc4_obj = -$rmd160_obj = -$rc5_obj = +$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT +$bn_obj = asm/bn86-elf.o asm/co86-elf.o +$des_obj = asm/dx86-elf.o asm/yx86-elf.o +$bf_obj = asm/bx86-elf.o +$md5_obj = asm/mx86-elf.o +$sha1_obj = asm/sx86-elf.o +$cast_obj = asm/cx86-elf.o +$rc4_obj = asm/rx86-elf.o +$rmd160_obj = asm/rm86-elf.o +$rc5_obj = asm/r586-elf.o $dso_scheme = dlfcn -$shared_target= -$shared_cflag = -$shared_extension = +$shared_target= linux-shared +$shared_cflag = -fPIC +$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR) *** debug-linux-elf $cc = gcc @@ -1160,7 +1181,7 @@ $cc = cc $cflags = -DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z $unistd = $thread_cflag = (unknown) -$lflags = -ldld +$lflags = -Wl,+s -ldld $bn_ops = DES_PTR DES_UNROLL DES_RISC1 $bn_obj = $des_obj = @@ -1181,7 +1202,7 @@ $cc = gcc $cflags = -DB_ENDIAN -DBN_DIV2W -O3 $unistd = $thread_cflag = (unknown) -$lflags = -ldld +$lflags = -Wl,+s -ldld $bn_ops = DES_PTR DES_UNROLL DES_RISC1 $bn_obj = $des_obj = @@ -1202,7 +1223,7 @@ $cc = cc $cflags = -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z $unistd = $thread_cflag = (unknown) -$lflags = -ldld +$lflags = -Wl,+s -ldld $bn_ops = BN_LLONG DES_PTR DES_UNROLL DES_RISC1 $bn_obj = $des_obj = @@ -1223,7 +1244,7 @@ $cc = gcc $cflags = -DB_ENDIAN -DBN_DIV2W -O3 $unistd = $thread_cflag = (unknown) -$lflags = -ldld +$lflags = -Wl,+s -ldld $bn_ops = BN_LLONG DES_PTR DES_UNROLL DES_RISC1 $bn_obj = $des_obj = @@ -1244,7 +1265,7 @@ $cc = cc $cflags = +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY $unistd = $thread_cflag = -D_REENTRANT -$lflags = -ldld +$lflags = -Wl,+s -ldld $bn_ops = MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT $bn_obj = $des_obj = @@ -1286,7 +1307,7 @@ $cc = gcc $cflags = -O3 -DB_ENDIAN -DBN_DIV2W $unistd = $thread_cflag = -$lflags = -ldld +$lflags = -Wl,+s -ldld $bn_ops = BN_LLONG DES_PTR DES_UNROLL DES_RISC1 $bn_obj = $des_obj = @@ -1307,7 +1328,7 @@ $cc = cc $cflags = +DA1.1 +DS1.1 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY $unistd = $thread_cflag = -D_REENTRANT -$lflags = -ldld +$lflags = -Wl,+s -ldld $bn_ops = MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT $bn_obj = $des_obj = @@ -1328,7 +1349,7 @@ $cc = cc $cflags = +DA2.0 +DS2.0 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY $unistd = $thread_cflag = -D_REENTRANT -$lflags = -ldld +$lflags = -Wl,+s -ldld $bn_ops = SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT $bn_obj = asm/pa-risc2.o $des_obj = @@ -1349,7 +1370,7 @@ $cc = cc $cflags = -DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z $unistd = $thread_cflag = -D_REENTRANT -$lflags = -ldld +$lflags = -Wl,+s -ldld $bn_ops = BN_LLONG DES_PTR DES_UNROLL DES_RISC1 $bn_obj = $des_obj = @@ -1370,7 +1391,7 @@ $cc = gcc $cflags = -DB_ENDIAN -DBN_DIV2W -O3 $unistd = $thread_cflag = -D_REENTRANT -$lflags = -ldld +$lflags = -Wl,+s -ldld $bn_ops = DES_PTR DES_UNROLL DES_RISC1 $bn_obj = $des_obj = @@ -1391,7 +1412,7 @@ $cc = cc $cflags = -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z $unistd = $thread_cflag = -D_REENTRANT -$lflags = -ldld +$lflags = -Wl,+s -ldld $bn_ops = BN_LLONG DES_PTR DES_UNROLL DES_RISC1 $bn_obj = $des_obj = @@ -1412,7 +1433,7 @@ $cc = gcc $cflags = -DB_ENDIAN -DBN_DIV2W -O3 $unistd = $thread_cflag = -D_REENTRANT -$lflags = -ldld +$lflags = -Wl,+s -ldld $bn_ops = BN_LLONG DES_PTR DES_UNROLL DES_RISC1 $bn_obj = $des_obj = @@ -1486,10 +1507,10 @@ $cast_obj = $rc4_obj = $rmd160_obj = $rc5_obj = -$dso_scheme = -$shared_target= +$dso_scheme = dlfcn +$shared_target= irix-shared $shared_cflag = -$shared_extension = +$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR) *** irix-gcc $cc = gcc @@ -1507,10 +1528,10 @@ $cast_obj = $rc4_obj = $rmd160_obj = $rc5_obj = -$dso_scheme = -$shared_target= +$dso_scheme = dlfcn +$shared_target= irix-shared $shared_cflag = -$shared_extension = +$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR) *** irix-mips3-cc $cc = cc @@ -1528,10 +1549,10 @@ $cast_obj = $rc4_obj = $rmd160_obj = $rc5_obj = -$dso_scheme = -$shared_target= +$dso_scheme = dlfcn +$shared_target= irix-shared $shared_cflag = -$shared_extension = +$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR) *** irix-mips3-gcc $cc = gcc @@ -1549,10 +1570,10 @@ $cast_obj = $rc4_obj = $rmd160_obj = $rc5_obj = -$dso_scheme = -$shared_target= +$dso_scheme = dlfcn +$shared_target= irix-shared $shared_cflag = -$shared_extension = +$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR) *** irix64-mips4-cc $cc = cc @@ -1570,10 +1591,10 @@ $cast_obj = $rc4_obj = $rmd160_obj = $rc5_obj = -$dso_scheme = -$shared_target= +$dso_scheme = dlfcn +$shared_target= irix-shared $shared_cflag = -$shared_extension = +$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR) *** irix64-mips4-gcc $cc = gcc @@ -1591,10 +1612,10 @@ $cast_obj = $rc4_obj = $rmd160_obj = $rc5_obj = -$dso_scheme = -$shared_target= +$dso_scheme = dlfcn +$shared_target= irix-shared $shared_cflag = -$shared_extension = +$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR) *** linux-alpha+bwx-ccc $cc = ccc @@ -1787,6 +1808,27 @@ $shared_extension = *** linux-mips $cc = gcc +$cflags = -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall +$unistd = +$thread_cflag = (unknown) +$lflags = +$bn_ops = BN_LLONG +$bn_obj = +$des_obj = +$bf_obj = +$md5_obj = +$sha1_obj = +$cast_obj = +$rc4_obj = +$rmd160_obj = +$rc5_obj = +$dso_scheme = +$shared_target= +$shared_cflag = +$shared_extension = + +*** linux-mipsel +$cc = gcc $cflags = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall $unistd = $thread_cflag = (unknown) diff --git a/apps/Makefile.ssl b/apps/Makefile.ssl index 10b94e1756..3f76156b6b 100644 --- a/apps/Makefile.ssl +++ b/apps/Makefile.ssl @@ -5,7 +5,7 @@ DIR= apps TOP= .. CC= cc -INCLUDES= -I../include +INCLUDES= -I../include $(KRB5_INCLUDES) CFLAG= -g -static INSTALL_PREFIX= INSTALLTOP= /usr/local/ssl @@ -15,6 +15,9 @@ MAKEDEPEND= $(TOP)/util/domd $(TOP) MAKEFILE= Makefile.ssl PERL=/usr/local/bin/perl RM= rm -f +# KRB5 stuff +KRB5_INCLUDES= +LIBKRB5= PEX_LIBS= EX_LIBS= @@ -38,7 +41,7 @@ E_EXE= verify asn1pars req dgst dh dhparam enc passwd gendh errstr \ ca crl rsa rsautl dsa dsaparam \ x509 genrsa gendsa s_server s_client speed \ s_time version pkcs7 crl2pkcs7 sess_id ciphers nseq pkcs12 \ - pkcs8 spkac smime rand + pkcs8 spkac smime rand engine PROGS= $(PROGRAM).c @@ -54,14 +57,14 @@ E_OBJ= verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o er rsa.o rsautl.o dsa.o dsaparam.o \ x509.o genrsa.o gendsa.o s_server.o s_client.o speed.o \ s_time.o $(A_OBJ) $(S_OBJ) $(RAND_OBJ) version.o sess_id.o \ - ciphers.o nseq.o pkcs12.o pkcs8.o spkac.o smime.o rand.o + ciphers.o nseq.o pkcs12.o pkcs8.o spkac.o smime.o rand.o engine.o E_SRC= verify.c asn1pars.c req.c dgst.c dh.c enc.c passwd.c gendh.c errstr.c ca.c \ pkcs7.c crl2p7.c crl.c \ rsa.c rsautl.c dsa.c dsaparam.c \ x509.c genrsa.c gendsa.c s_server.c s_client.c speed.c \ s_time.c $(A_SRC) $(S_SRC) $(RAND_SRC) version.c sess_id.c \ - ciphers.c nseq.c pkcs12.c pkcs8.c spkac.c smime.c rand.c + ciphers.c nseq.c pkcs12.c pkcs8.c spkac.c smime.c rand.c engine.c SRC=$(E_SRC) @@ -134,7 +137,7 @@ $(DLIBCRYPTO): $(PROGRAM): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL) $(RM) $(PROGRAM) - $(CC) -o $(PROGRAM) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBCRYPTO) $(EX_LIBS) + $(CC) -o $(PROGRAM) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) -(cd ..; OPENSSL="`pwd`/apps/openssl"; export OPENSSL; $(PERL) tools/c_rehash certs) progs.h: progs.pl @@ -150,19 +153,20 @@ app_rand.o: ../include/openssl/conf.h ../include/openssl/crypto.h app_rand.o: ../include/openssl/des.h ../include/openssl/dh.h app_rand.o: ../include/openssl/dsa.h ../include/openssl/e_os.h app_rand.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -app_rand.o: ../include/openssl/evp.h ../include/openssl/idea.h -app_rand.o: ../include/openssl/lhash.h ../include/openssl/md2.h -app_rand.o: ../include/openssl/md4.h ../include/openssl/md5.h -app_rand.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -app_rand.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -app_rand.o: ../include/openssl/opensslv.h ../include/openssl/pkcs7.h -app_rand.o: ../include/openssl/rand.h ../include/openssl/rc2.h -app_rand.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -app_rand.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -app_rand.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -app_rand.o: ../include/openssl/safestack.h ../include/openssl/sha.h -app_rand.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -app_rand.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h +app_rand.o: ../include/openssl/engine.h ../include/openssl/evp.h +app_rand.o: ../include/openssl/idea.h ../include/openssl/lhash.h +app_rand.o: ../include/openssl/md2.h ../include/openssl/md4.h +app_rand.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +app_rand.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +app_rand.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +app_rand.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +app_rand.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +app_rand.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +app_rand.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +app_rand.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +app_rand.o: ../include/openssl/sha.h ../include/openssl/stack.h +app_rand.o: ../include/openssl/symhacks.h ../include/openssl/x509.h +app_rand.o: ../include/openssl/x509_vfy.h apps.h apps.o: ../include/openssl/asn1.h ../include/openssl/bio.h apps.o: ../include/openssl/blowfish.h ../include/openssl/bn.h apps.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -170,16 +174,17 @@ apps.o: ../include/openssl/conf.h ../include/openssl/crypto.h apps.o: ../include/openssl/des.h ../include/openssl/dh.h apps.o: ../include/openssl/dsa.h ../include/openssl/e_os.h apps.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -apps.o: ../include/openssl/err.h ../include/openssl/evp.h -apps.o: ../include/openssl/idea.h ../include/openssl/lhash.h -apps.o: ../include/openssl/md2.h ../include/openssl/md4.h -apps.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -apps.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -apps.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -apps.o: ../include/openssl/pem.h ../include/openssl/pem2.h -apps.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h +apps.o: ../include/openssl/engine.h ../include/openssl/err.h +apps.o: ../include/openssl/evp.h ../include/openssl/idea.h +apps.o: ../include/openssl/lhash.h ../include/openssl/md2.h +apps.o: ../include/openssl/md4.h ../include/openssl/md5.h +apps.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +apps.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +apps.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +apps.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h +apps.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h apps.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -apps.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h +apps.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h apps.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h apps.o: ../include/openssl/rsa.h ../include/openssl/safestack.h apps.o: ../include/openssl/sha.h ../include/openssl/stack.h @@ -192,16 +197,17 @@ asn1pars.o: ../include/openssl/conf.h ../include/openssl/crypto.h asn1pars.o: ../include/openssl/des.h ../include/openssl/dh.h asn1pars.o: ../include/openssl/dsa.h ../include/openssl/e_os.h asn1pars.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -asn1pars.o: ../include/openssl/err.h ../include/openssl/evp.h -asn1pars.o: ../include/openssl/idea.h ../include/openssl/lhash.h -asn1pars.o: ../include/openssl/md2.h ../include/openssl/md4.h -asn1pars.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -asn1pars.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -asn1pars.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -asn1pars.o: ../include/openssl/pem.h ../include/openssl/pem2.h -asn1pars.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +asn1pars.o: ../include/openssl/engine.h ../include/openssl/err.h +asn1pars.o: ../include/openssl/evp.h ../include/openssl/idea.h +asn1pars.o: ../include/openssl/lhash.h ../include/openssl/md2.h +asn1pars.o: ../include/openssl/md4.h ../include/openssl/md5.h +asn1pars.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +asn1pars.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +asn1pars.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +asn1pars.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +asn1pars.o: ../include/openssl/rand.h ../include/openssl/rc2.h asn1pars.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -asn1pars.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +asn1pars.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h asn1pars.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h asn1pars.o: ../include/openssl/safestack.h ../include/openssl/sha.h asn1pars.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -222,7 +228,7 @@ ca.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h ca.o: ../include/openssl/pem.h ../include/openssl/pem2.h ca.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h ca.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -ca.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h +ca.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h ca.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h ca.o: ../include/openssl/rsa.h ../include/openssl/safestack.h ca.o: ../include/openssl/sha.h ../include/openssl/stack.h @@ -236,23 +242,25 @@ ciphers.o: ../include/openssl/comp.h ../include/openssl/conf.h ciphers.o: ../include/openssl/crypto.h ../include/openssl/des.h ciphers.o: ../include/openssl/dh.h ../include/openssl/dsa.h ciphers.o: ../include/openssl/e_os.h ../include/openssl/e_os.h -ciphers.o: ../include/openssl/e_os2.h ../include/openssl/err.h -ciphers.o: ../include/openssl/evp.h ../include/openssl/idea.h +ciphers.o: ../include/openssl/e_os2.h ../include/openssl/engine.h +ciphers.o: ../include/openssl/err.h ../include/openssl/evp.h +ciphers.o: ../include/openssl/idea.h ../include/openssl/kssl.h ciphers.o: ../include/openssl/lhash.h ../include/openssl/md2.h ciphers.o: ../include/openssl/md4.h ../include/openssl/md5.h ciphers.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h ciphers.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h ciphers.o: ../include/openssl/opensslv.h ../include/openssl/pem.h ciphers.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -ciphers.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -ciphers.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -ciphers.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -ciphers.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -ciphers.o: ../include/openssl/sha.h ../include/openssl/ssl.h -ciphers.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -ciphers.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -ciphers.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -ciphers.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h +ciphers.o: ../include/openssl/rand.h ../include/openssl/rc2.h +ciphers.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +ciphers.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +ciphers.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +ciphers.o: ../include/openssl/safestack.h ../include/openssl/sha.h +ciphers.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +ciphers.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +ciphers.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +ciphers.o: ../include/openssl/tls1.h ../include/openssl/x509.h +ciphers.o: ../include/openssl/x509_vfy.h apps.h crl.o: ../include/openssl/asn1.h ../include/openssl/bio.h crl.o: ../include/openssl/blowfish.h ../include/openssl/bn.h crl.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -260,16 +268,17 @@ crl.o: ../include/openssl/conf.h ../include/openssl/crypto.h crl.o: ../include/openssl/des.h ../include/openssl/dh.h crl.o: ../include/openssl/dsa.h ../include/openssl/e_os.h crl.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -crl.o: ../include/openssl/err.h ../include/openssl/evp.h -crl.o: ../include/openssl/idea.h ../include/openssl/lhash.h -crl.o: ../include/openssl/md2.h ../include/openssl/md4.h -crl.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -crl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -crl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -crl.o: ../include/openssl/pem.h ../include/openssl/pem2.h -crl.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +crl.o: ../include/openssl/engine.h ../include/openssl/err.h +crl.o: ../include/openssl/evp.h ../include/openssl/idea.h +crl.o: ../include/openssl/lhash.h ../include/openssl/md2.h +crl.o: ../include/openssl/md4.h ../include/openssl/md5.h +crl.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +crl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +crl.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +crl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +crl.o: ../include/openssl/rand.h ../include/openssl/rc2.h crl.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -crl.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +crl.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h crl.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h crl.o: ../include/openssl/safestack.h ../include/openssl/sha.h crl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -282,16 +291,17 @@ crl2p7.o: ../include/openssl/conf.h ../include/openssl/crypto.h crl2p7.o: ../include/openssl/des.h ../include/openssl/dh.h crl2p7.o: ../include/openssl/dsa.h ../include/openssl/e_os.h crl2p7.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -crl2p7.o: ../include/openssl/err.h ../include/openssl/evp.h -crl2p7.o: ../include/openssl/idea.h ../include/openssl/lhash.h -crl2p7.o: ../include/openssl/md2.h ../include/openssl/md4.h -crl2p7.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -crl2p7.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -crl2p7.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -crl2p7.o: ../include/openssl/pem.h ../include/openssl/pem2.h -crl2p7.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +crl2p7.o: ../include/openssl/engine.h ../include/openssl/err.h +crl2p7.o: ../include/openssl/evp.h ../include/openssl/idea.h +crl2p7.o: ../include/openssl/lhash.h ../include/openssl/md2.h +crl2p7.o: ../include/openssl/md4.h ../include/openssl/md5.h +crl2p7.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +crl2p7.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +crl2p7.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +crl2p7.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +crl2p7.o: ../include/openssl/rand.h ../include/openssl/rc2.h crl2p7.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -crl2p7.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +crl2p7.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h crl2p7.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h crl2p7.o: ../include/openssl/safestack.h ../include/openssl/sha.h crl2p7.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -313,7 +323,7 @@ dgst.o: ../include/openssl/opensslv.h ../include/openssl/pem.h dgst.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h dgst.o: ../include/openssl/rand.h ../include/openssl/rc2.h dgst.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -dgst.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +dgst.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h dgst.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h dgst.o: ../include/openssl/safestack.h ../include/openssl/sha.h dgst.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -334,7 +344,7 @@ dh.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h dh.o: ../include/openssl/pem.h ../include/openssl/pem2.h dh.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h dh.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -dh.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h +dh.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h dh.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h dh.o: ../include/openssl/rsa.h ../include/openssl/safestack.h dh.o: ../include/openssl/sha.h ../include/openssl/stack.h @@ -357,7 +367,7 @@ dsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h dsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h dsa.o: ../include/openssl/rand.h ../include/openssl/rc2.h dsa.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -dsa.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +dsa.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h dsa.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h dsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h dsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -379,7 +389,7 @@ dsaparam.o: ../include/openssl/opensslv.h ../include/openssl/pem.h dsaparam.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h dsaparam.o: ../include/openssl/rand.h ../include/openssl/rc2.h dsaparam.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -dsaparam.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +dsaparam.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h dsaparam.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h dsaparam.o: ../include/openssl/safestack.h ../include/openssl/sha.h dsaparam.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -401,11 +411,37 @@ enc.o: ../include/openssl/opensslv.h ../include/openssl/pem.h enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h enc.o: ../include/openssl/rand.h ../include/openssl/rc2.h enc.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -enc.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +enc.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h enc.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h +engine.o: ../include/openssl/asn1.h ../include/openssl/bio.h +engine.o: ../include/openssl/blowfish.h ../include/openssl/bn.h +engine.o: ../include/openssl/buffer.h ../include/openssl/cast.h +engine.o: ../include/openssl/comp.h ../include/openssl/conf.h +engine.o: ../include/openssl/crypto.h ../include/openssl/des.h +engine.o: ../include/openssl/dh.h ../include/openssl/dsa.h +engine.o: ../include/openssl/e_os.h ../include/openssl/e_os.h +engine.o: ../include/openssl/e_os2.h ../include/openssl/engine.h +engine.o: ../include/openssl/err.h ../include/openssl/evp.h +engine.o: ../include/openssl/idea.h ../include/openssl/kssl.h +engine.o: ../include/openssl/lhash.h ../include/openssl/md2.h +engine.o: ../include/openssl/md4.h ../include/openssl/md5.h +engine.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +engine.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +engine.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +engine.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +engine.o: ../include/openssl/rand.h ../include/openssl/rc2.h +engine.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +engine.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +engine.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +engine.o: ../include/openssl/safestack.h ../include/openssl/sha.h +engine.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +engine.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +engine.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +engine.o: ../include/openssl/tls1.h ../include/openssl/x509.h +engine.o: ../include/openssl/x509_vfy.h apps.h errstr.o: ../include/openssl/asn1.h ../include/openssl/bio.h errstr.o: ../include/openssl/blowfish.h ../include/openssl/bn.h errstr.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -413,23 +449,25 @@ errstr.o: ../include/openssl/comp.h ../include/openssl/conf.h errstr.o: ../include/openssl/crypto.h ../include/openssl/des.h errstr.o: ../include/openssl/dh.h ../include/openssl/dsa.h errstr.o: ../include/openssl/e_os.h ../include/openssl/e_os.h -errstr.o: ../include/openssl/e_os2.h ../include/openssl/err.h -errstr.o: ../include/openssl/evp.h ../include/openssl/idea.h +errstr.o: ../include/openssl/e_os2.h ../include/openssl/engine.h +errstr.o: ../include/openssl/err.h ../include/openssl/evp.h +errstr.o: ../include/openssl/idea.h ../include/openssl/kssl.h errstr.o: ../include/openssl/lhash.h ../include/openssl/md2.h errstr.o: ../include/openssl/md4.h ../include/openssl/md5.h errstr.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h errstr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h errstr.o: ../include/openssl/opensslv.h ../include/openssl/pem.h errstr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -errstr.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -errstr.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -errstr.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -errstr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -errstr.o: ../include/openssl/sha.h ../include/openssl/ssl.h -errstr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -errstr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -errstr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -errstr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h +errstr.o: ../include/openssl/rand.h ../include/openssl/rc2.h +errstr.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +errstr.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +errstr.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +errstr.o: ../include/openssl/safestack.h ../include/openssl/sha.h +errstr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +errstr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +errstr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +errstr.o: ../include/openssl/tls1.h ../include/openssl/x509.h +errstr.o: ../include/openssl/x509_vfy.h apps.h gendh.o: ../include/openssl/asn1.h ../include/openssl/bio.h gendh.o: ../include/openssl/blowfish.h ../include/openssl/bn.h gendh.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -447,7 +485,7 @@ gendh.o: ../include/openssl/opensslv.h ../include/openssl/pem.h gendh.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h gendh.o: ../include/openssl/rand.h ../include/openssl/rc2.h gendh.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -gendh.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +gendh.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h gendh.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h gendh.o: ../include/openssl/safestack.h ../include/openssl/sha.h gendh.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -469,7 +507,7 @@ gendsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h gendsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h gendsa.o: ../include/openssl/rand.h ../include/openssl/rc2.h gendsa.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -gendsa.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +gendsa.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h gendsa.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h gendsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h gendsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -491,7 +529,7 @@ genrsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h genrsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h genrsa.o: ../include/openssl/rand.h ../include/openssl/rc2.h genrsa.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -genrsa.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +genrsa.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h genrsa.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h genrsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h genrsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -503,16 +541,17 @@ nseq.o: ../include/openssl/conf.h ../include/openssl/crypto.h nseq.o: ../include/openssl/des.h ../include/openssl/dh.h nseq.o: ../include/openssl/dsa.h ../include/openssl/e_os.h nseq.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -nseq.o: ../include/openssl/err.h ../include/openssl/evp.h -nseq.o: ../include/openssl/idea.h ../include/openssl/lhash.h -nseq.o: ../include/openssl/md2.h ../include/openssl/md4.h -nseq.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -nseq.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -nseq.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -nseq.o: ../include/openssl/pem.h ../include/openssl/pem2.h -nseq.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +nseq.o: ../include/openssl/engine.h ../include/openssl/err.h +nseq.o: ../include/openssl/evp.h ../include/openssl/idea.h +nseq.o: ../include/openssl/lhash.h ../include/openssl/md2.h +nseq.o: ../include/openssl/md4.h ../include/openssl/md5.h +nseq.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +nseq.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +nseq.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +nseq.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +nseq.o: ../include/openssl/rand.h ../include/openssl/rc2.h nseq.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -nseq.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +nseq.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h nseq.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h nseq.o: ../include/openssl/safestack.h ../include/openssl/sha.h nseq.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -524,24 +563,25 @@ openssl.o: ../include/openssl/comp.h ../include/openssl/conf.h openssl.o: ../include/openssl/crypto.h ../include/openssl/des.h openssl.o: ../include/openssl/dh.h ../include/openssl/dsa.h openssl.o: ../include/openssl/e_os.h ../include/openssl/e_os.h -openssl.o: ../include/openssl/e_os2.h ../include/openssl/err.h -openssl.o: ../include/openssl/evp.h ../include/openssl/idea.h +openssl.o: ../include/openssl/e_os2.h ../include/openssl/engine.h +openssl.o: ../include/openssl/err.h ../include/openssl/evp.h +openssl.o: ../include/openssl/idea.h ../include/openssl/kssl.h openssl.o: ../include/openssl/lhash.h ../include/openssl/md2.h openssl.o: ../include/openssl/md4.h ../include/openssl/md5.h openssl.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h openssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h openssl.o: ../include/openssl/opensslv.h ../include/openssl/pem.h openssl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -openssl.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -openssl.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -openssl.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -openssl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -openssl.o: ../include/openssl/sha.h ../include/openssl/ssl.h -openssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -openssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -openssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -openssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -openssl.o: progs.h s_apps.h +openssl.o: ../include/openssl/rand.h ../include/openssl/rc2.h +openssl.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +openssl.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +openssl.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +openssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h +openssl.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +openssl.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +openssl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +openssl.o: ../include/openssl/tls1.h ../include/openssl/x509.h +openssl.o: ../include/openssl/x509_vfy.h apps.h progs.h s_apps.h passwd.o: ../include/openssl/asn1.h ../include/openssl/bio.h passwd.o: ../include/openssl/blowfish.h ../include/openssl/bn.h passwd.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -549,20 +589,20 @@ passwd.o: ../include/openssl/conf.h ../include/openssl/crypto.h passwd.o: ../include/openssl/des.h ../include/openssl/dh.h passwd.o: ../include/openssl/dsa.h ../include/openssl/e_os.h passwd.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -passwd.o: ../include/openssl/err.h ../include/openssl/evp.h -passwd.o: ../include/openssl/idea.h ../include/openssl/lhash.h -passwd.o: ../include/openssl/md2.h ../include/openssl/md4.h -passwd.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -passwd.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -passwd.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -passwd.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -passwd.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -passwd.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -passwd.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -passwd.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -passwd.o: ../include/openssl/sha.h ../include/openssl/stack.h -passwd.o: ../include/openssl/symhacks.h ../include/openssl/x509.h -passwd.o: ../include/openssl/x509_vfy.h apps.h +passwd.o: ../include/openssl/engine.h ../include/openssl/err.h +passwd.o: ../include/openssl/evp.h ../include/openssl/idea.h +passwd.o: ../include/openssl/lhash.h ../include/openssl/md2.h +passwd.o: ../include/openssl/md4.h ../include/openssl/md5.h +passwd.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +passwd.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +passwd.o: ../include/openssl/opensslv.h ../include/openssl/pkcs7.h +passwd.o: ../include/openssl/rand.h ../include/openssl/rc2.h +passwd.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +passwd.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +passwd.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +passwd.o: ../include/openssl/safestack.h ../include/openssl/sha.h +passwd.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +passwd.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h pkcs12.o: ../include/openssl/asn1.h ../include/openssl/bio.h pkcs12.o: ../include/openssl/blowfish.h ../include/openssl/bn.h pkcs12.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -580,7 +620,7 @@ pkcs12.o: ../include/openssl/opensslv.h ../include/openssl/pem.h pkcs12.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h pkcs12.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h pkcs12.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -pkcs12.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h +pkcs12.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h pkcs12.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h pkcs12.o: ../include/openssl/rsa.h ../include/openssl/safestack.h pkcs12.o: ../include/openssl/sha.h ../include/openssl/stack.h @@ -603,7 +643,7 @@ pkcs7.o: ../include/openssl/opensslv.h ../include/openssl/pem.h pkcs7.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h pkcs7.o: ../include/openssl/rand.h ../include/openssl/rc2.h pkcs7.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -pkcs7.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +pkcs7.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h pkcs7.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h pkcs7.o: ../include/openssl/safestack.h ../include/openssl/sha.h pkcs7.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -625,7 +665,7 @@ pkcs8.o: ../include/openssl/opensslv.h ../include/openssl/pem.h pkcs8.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h pkcs8.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h pkcs8.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -pkcs8.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h +pkcs8.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h pkcs8.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h pkcs8.o: ../include/openssl/rsa.h ../include/openssl/safestack.h pkcs8.o: ../include/openssl/sha.h ../include/openssl/stack.h @@ -647,7 +687,7 @@ rand.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h rand.o: ../include/openssl/opensslv.h ../include/openssl/pkcs7.h rand.o: ../include/openssl/rand.h ../include/openssl/rc2.h rand.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -rand.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +rand.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h rand.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h rand.o: ../include/openssl/safestack.h ../include/openssl/sha.h rand.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -669,7 +709,7 @@ req.o: ../include/openssl/opensslv.h ../include/openssl/pem.h req.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h req.o: ../include/openssl/rand.h ../include/openssl/rc2.h req.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -req.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +req.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h req.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h req.o: ../include/openssl/safestack.h ../include/openssl/sha.h req.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -692,7 +732,7 @@ rsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h rsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h rsa.o: ../include/openssl/rand.h ../include/openssl/rc2.h rsa.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -rsa.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +rsa.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h rsa.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h rsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h rsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -704,16 +744,17 @@ rsautl.o: ../include/openssl/conf.h ../include/openssl/crypto.h rsautl.o: ../include/openssl/des.h ../include/openssl/dh.h rsautl.o: ../include/openssl/dsa.h ../include/openssl/e_os.h rsautl.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -rsautl.o: ../include/openssl/err.h ../include/openssl/evp.h -rsautl.o: ../include/openssl/idea.h ../include/openssl/lhash.h -rsautl.o: ../include/openssl/md2.h ../include/openssl/md4.h -rsautl.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -rsautl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -rsautl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -rsautl.o: ../include/openssl/pem.h ../include/openssl/pem2.h -rsautl.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +rsautl.o: ../include/openssl/engine.h ../include/openssl/err.h +rsautl.o: ../include/openssl/evp.h ../include/openssl/idea.h +rsautl.o: ../include/openssl/lhash.h ../include/openssl/md2.h +rsautl.o: ../include/openssl/md4.h ../include/openssl/md5.h +rsautl.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +rsautl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +rsautl.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +rsautl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +rsautl.o: ../include/openssl/rand.h ../include/openssl/rc2.h rsautl.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -rsautl.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +rsautl.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h rsautl.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h rsautl.o: ../include/openssl/safestack.h ../include/openssl/sha.h rsautl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -725,23 +766,25 @@ s_cb.o: ../include/openssl/comp.h ../include/openssl/conf.h s_cb.o: ../include/openssl/crypto.h ../include/openssl/des.h s_cb.o: ../include/openssl/dh.h ../include/openssl/dsa.h s_cb.o: ../include/openssl/e_os.h ../include/openssl/e_os.h -s_cb.o: ../include/openssl/e_os2.h ../include/openssl/err.h -s_cb.o: ../include/openssl/evp.h ../include/openssl/idea.h +s_cb.o: ../include/openssl/e_os2.h ../include/openssl/engine.h +s_cb.o: ../include/openssl/err.h ../include/openssl/evp.h +s_cb.o: ../include/openssl/idea.h ../include/openssl/kssl.h s_cb.o: ../include/openssl/lhash.h ../include/openssl/md2.h s_cb.o: ../include/openssl/md4.h ../include/openssl/md5.h s_cb.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h s_cb.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h s_cb.o: ../include/openssl/opensslv.h ../include/openssl/pem.h s_cb.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s_cb.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s_cb.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s_cb.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s_cb.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s_cb.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s_cb.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s_cb.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s_cb.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s_cb.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h s_apps.h +s_cb.o: ../include/openssl/rand.h ../include/openssl/rc2.h +s_cb.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s_cb.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s_cb.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s_cb.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s_cb.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s_cb.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s_cb.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s_cb.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s_cb.o: ../include/openssl/x509_vfy.h apps.h s_apps.h s_client.o: ../include/openssl/asn1.h ../include/openssl/bio.h s_client.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s_client.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -751,23 +794,23 @@ s_client.o: ../include/openssl/dh.h ../include/openssl/dsa.h s_client.o: ../include/openssl/e_os.h ../include/openssl/e_os.h s_client.o: ../include/openssl/e_os2.h ../include/openssl/engine.h s_client.o: ../include/openssl/err.h ../include/openssl/evp.h -s_client.o: ../include/openssl/idea.h ../include/openssl/lhash.h -s_client.o: ../include/openssl/md2.h ../include/openssl/md4.h -s_client.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -s_client.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -s_client.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -s_client.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s_client.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -s_client.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s_client.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s_client.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s_client.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s_client.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s_client.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s_client.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s_client.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s_client.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -s_client.o: s_apps.h +s_client.o: ../include/openssl/idea.h ../include/openssl/kssl.h +s_client.o: ../include/openssl/lhash.h ../include/openssl/md2.h +s_client.o: ../include/openssl/md4.h ../include/openssl/md5.h +s_client.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +s_client.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +s_client.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +s_client.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s_client.o: ../include/openssl/rand.h ../include/openssl/rc2.h +s_client.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s_client.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s_client.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s_client.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s_client.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s_client.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s_client.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s_client.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s_client.o: ../include/openssl/x509_vfy.h apps.h s_apps.h s_server.o: ../include/openssl/asn1.h ../include/openssl/bio.h s_server.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s_server.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -777,23 +820,23 @@ s_server.o: ../include/openssl/dh.h ../include/openssl/dsa.h s_server.o: ../include/openssl/e_os.h ../include/openssl/e_os.h s_server.o: ../include/openssl/e_os2.h ../include/openssl/engine.h s_server.o: ../include/openssl/err.h ../include/openssl/evp.h -s_server.o: ../include/openssl/idea.h ../include/openssl/lhash.h -s_server.o: ../include/openssl/md2.h ../include/openssl/md4.h -s_server.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -s_server.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -s_server.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -s_server.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s_server.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -s_server.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s_server.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s_server.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s_server.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s_server.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s_server.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s_server.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s_server.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s_server.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -s_server.o: s_apps.h +s_server.o: ../include/openssl/idea.h ../include/openssl/kssl.h +s_server.o: ../include/openssl/lhash.h ../include/openssl/md2.h +s_server.o: ../include/openssl/md4.h ../include/openssl/md5.h +s_server.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +s_server.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +s_server.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +s_server.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s_server.o: ../include/openssl/rand.h ../include/openssl/rc2.h +s_server.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s_server.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s_server.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s_server.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s_server.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s_server.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s_server.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s_server.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s_server.o: ../include/openssl/x509_vfy.h apps.h s_apps.h s_socket.o: ../include/openssl/asn1.h ../include/openssl/bio.h s_socket.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s_socket.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -801,23 +844,25 @@ s_socket.o: ../include/openssl/comp.h ../include/openssl/conf.h s_socket.o: ../include/openssl/crypto.h ../include/openssl/des.h s_socket.o: ../include/openssl/dh.h ../include/openssl/dsa.h s_socket.o: ../include/openssl/e_os.h ../include/openssl/e_os.h -s_socket.o: ../include/openssl/e_os2.h ../include/openssl/evp.h -s_socket.o: ../include/openssl/idea.h ../include/openssl/lhash.h +s_socket.o: ../include/openssl/e_os2.h ../include/openssl/engine.h +s_socket.o: ../include/openssl/evp.h ../include/openssl/idea.h +s_socket.o: ../include/openssl/kssl.h ../include/openssl/lhash.h s_socket.o: ../include/openssl/md2.h ../include/openssl/md4.h s_socket.o: ../include/openssl/md5.h ../include/openssl/mdc2.h s_socket.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h s_socket.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h s_socket.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s_socket.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -s_socket.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -s_socket.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -s_socket.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -s_socket.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s_socket.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s_socket.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s_socket.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -s_socket.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s_socket.o: ../include/openssl/x509_vfy.h apps.h s_apps.h +s_socket.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +s_socket.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +s_socket.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +s_socket.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +s_socket.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +s_socket.o: ../include/openssl/sha.h ../include/openssl/ssl.h +s_socket.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +s_socket.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s_socket.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +s_socket.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h +s_socket.o: s_apps.h s_time.o: ../include/openssl/asn1.h ../include/openssl/bio.h s_time.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s_time.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -825,24 +870,25 @@ s_time.o: ../include/openssl/comp.h ../include/openssl/conf.h s_time.o: ../include/openssl/crypto.h ../include/openssl/des.h s_time.o: ../include/openssl/dh.h ../include/openssl/dsa.h s_time.o: ../include/openssl/e_os.h ../include/openssl/e_os.h -s_time.o: ../include/openssl/e_os2.h ../include/openssl/err.h -s_time.o: ../include/openssl/evp.h ../include/openssl/idea.h +s_time.o: ../include/openssl/e_os2.h ../include/openssl/engine.h +s_time.o: ../include/openssl/err.h ../include/openssl/evp.h +s_time.o: ../include/openssl/idea.h ../include/openssl/kssl.h s_time.o: ../include/openssl/lhash.h ../include/openssl/md2.h s_time.o: ../include/openssl/md4.h ../include/openssl/md5.h s_time.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h s_time.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h s_time.o: ../include/openssl/opensslv.h ../include/openssl/pem.h s_time.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s_time.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s_time.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s_time.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s_time.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s_time.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s_time.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s_time.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s_time.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s_time.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -s_time.o: s_apps.h +s_time.o: ../include/openssl/rand.h ../include/openssl/rc2.h +s_time.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s_time.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s_time.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s_time.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s_time.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s_time.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s_time.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s_time.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s_time.o: ../include/openssl/x509_vfy.h apps.h s_apps.h sess_id.o: ../include/openssl/asn1.h ../include/openssl/bio.h sess_id.o: ../include/openssl/blowfish.h ../include/openssl/bn.h sess_id.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -850,23 +896,25 @@ sess_id.o: ../include/openssl/comp.h ../include/openssl/conf.h sess_id.o: ../include/openssl/crypto.h ../include/openssl/des.h sess_id.o: ../include/openssl/dh.h ../include/openssl/dsa.h sess_id.o: ../include/openssl/e_os.h ../include/openssl/e_os.h -sess_id.o: ../include/openssl/e_os2.h ../include/openssl/err.h -sess_id.o: ../include/openssl/evp.h ../include/openssl/idea.h +sess_id.o: ../include/openssl/e_os2.h ../include/openssl/engine.h +sess_id.o: ../include/openssl/err.h ../include/openssl/evp.h +sess_id.o: ../include/openssl/idea.h ../include/openssl/kssl.h sess_id.o: ../include/openssl/lhash.h ../include/openssl/md2.h sess_id.o: ../include/openssl/md4.h ../include/openssl/md5.h sess_id.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h sess_id.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h sess_id.o: ../include/openssl/opensslv.h ../include/openssl/pem.h sess_id.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -sess_id.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -sess_id.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -sess_id.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -sess_id.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -sess_id.o: ../include/openssl/sha.h ../include/openssl/ssl.h -sess_id.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -sess_id.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -sess_id.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -sess_id.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h +sess_id.o: ../include/openssl/rand.h ../include/openssl/rc2.h +sess_id.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +sess_id.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +sess_id.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +sess_id.o: ../include/openssl/safestack.h ../include/openssl/sha.h +sess_id.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +sess_id.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +sess_id.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +sess_id.o: ../include/openssl/tls1.h ../include/openssl/x509.h +sess_id.o: ../include/openssl/x509_vfy.h apps.h smime.o: ../include/openssl/asn1.h ../include/openssl/bio.h smime.o: ../include/openssl/blowfish.h ../include/openssl/bn.h smime.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -884,7 +932,7 @@ smime.o: ../include/openssl/opensslv.h ../include/openssl/pem.h smime.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h smime.o: ../include/openssl/rand.h ../include/openssl/rc2.h smime.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -smime.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +smime.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h smime.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h smime.o: ../include/openssl/safestack.h ../include/openssl/sha.h smime.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -905,7 +953,7 @@ speed.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h speed.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h speed.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h speed.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -speed.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h +speed.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h speed.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h speed.o: ../include/openssl/rsa.h ../include/openssl/safestack.h speed.o: ../include/openssl/sha.h ../include/openssl/stack.h @@ -928,7 +976,7 @@ spkac.o: ../include/openssl/opensslv.h ../include/openssl/pem.h spkac.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h spkac.o: ../include/openssl/rand.h ../include/openssl/rc2.h spkac.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -spkac.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +spkac.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h spkac.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h spkac.o: ../include/openssl/safestack.h ../include/openssl/sha.h spkac.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -950,7 +998,7 @@ verify.o: ../include/openssl/opensslv.h ../include/openssl/pem.h verify.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h verify.o: ../include/openssl/rand.h ../include/openssl/rc2.h verify.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -verify.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +verify.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h verify.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h verify.o: ../include/openssl/safestack.h ../include/openssl/sha.h verify.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -963,14 +1011,15 @@ version.o: ../include/openssl/conf.h ../include/openssl/crypto.h version.o: ../include/openssl/des.h ../include/openssl/dh.h version.o: ../include/openssl/dsa.h ../include/openssl/e_os.h version.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -version.o: ../include/openssl/evp.h ../include/openssl/idea.h -version.o: ../include/openssl/lhash.h ../include/openssl/md2.h -version.o: ../include/openssl/md4.h ../include/openssl/md5.h -version.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -version.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -version.o: ../include/openssl/opensslv.h ../include/openssl/pkcs7.h +version.o: ../include/openssl/engine.h ../include/openssl/evp.h +version.o: ../include/openssl/idea.h ../include/openssl/lhash.h +version.o: ../include/openssl/md2.h ../include/openssl/md4.h +version.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +version.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +version.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +version.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h version.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -version.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h +version.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h version.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h version.o: ../include/openssl/rsa.h ../include/openssl/safestack.h version.o: ../include/openssl/sha.h ../include/openssl/stack.h @@ -993,7 +1042,7 @@ x509.o: ../include/openssl/opensslv.h ../include/openssl/pem.h x509.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h x509.o: ../include/openssl/rand.h ../include/openssl/rc2.h x509.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -x509.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +x509.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h x509.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h x509.o: ../include/openssl/safestack.h ../include/openssl/sha.h x509.o: ../include/openssl/stack.h ../include/openssl/symhacks.h diff --git a/apps/apps.c b/apps/apps.c index 0190d71ee2..a04f871d0a 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -553,7 +553,7 @@ end: return(x); } -EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass) +EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass, ENGINE *e) { BIO *key=NULL; EVP_PKEY *pkey=NULL; @@ -563,6 +563,14 @@ EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass) BIO_printf(err,"no keyfile specified\n"); goto end; } + if (format == FORMAT_ENGINE) + { + if (!e) + BIO_printf(bio_err,"no engine specified\n"); + else + pkey = ENGINE_load_private_key(e, file, pass); + goto end; + } key=BIO_new(BIO_s_file()); if (key == NULL) { @@ -602,7 +610,7 @@ EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass) return(pkey); } -EVP_PKEY *load_pubkey(BIO *err, char *file, int format) +EVP_PKEY *load_pubkey(BIO *err, char *file, int format, ENGINE *e) { BIO *key=NULL; EVP_PKEY *pkey=NULL; @@ -612,6 +620,14 @@ EVP_PKEY *load_pubkey(BIO *err, char *file, int format) BIO_printf(err,"no keyfile specified\n"); goto end; } + if (format == FORMAT_ENGINE) + { + if (!e) + BIO_printf(bio_err,"no engine specified\n"); + else + pkey = ENGINE_load_public_key(e, file, NULL); + goto end; + } key=BIO_new(BIO_s_file()); if (key == NULL) { diff --git a/apps/apps.h b/apps/apps.h index 7a834f9d89..11133cb1d2 100644 --- a/apps/apps.h +++ b/apps/apps.h @@ -67,6 +67,7 @@ #include <openssl/x509.h> #include <openssl/lhash.h> #include <openssl/conf.h> +#include <openssl/engine.h> int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn); int app_RAND_write_file(const char *file, BIO *bio_e); @@ -121,14 +122,16 @@ extern BIO *bio_err; # ifdef _O_BINARY # define apps_startup() \ _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \ - SSLeay_add_all_algorithms() + SSLeay_add_all_algorithms(); ENGINE_load_builtin_engines() # else # define apps_startup() \ _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \ - SSLeay_add_all_algorithms() + SSLeay_add_all_algorithms(); ENGINE_load_builtin_engines() # endif # else -# define apps_startup() do_pipe_sig(); SSLeay_add_all_algorithms(); +# define apps_startup() \ + do_pipe_sig(); SSLeay_add_all_algorithms(); \ + ENGINE_load_builtin_engines() # endif #endif @@ -152,8 +155,8 @@ int set_name_ex(unsigned long *flags, const char *arg); int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2); int add_oid_section(BIO *err, LHASH *conf); X509 *load_cert(BIO *err, char *file, int format); -EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass); -EVP_PKEY *load_pubkey(BIO *err, char *file, int format); +EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass, ENGINE *e); +EVP_PKEY *load_pubkey(BIO *err, char *file, int format, ENGINE *e); STACK_OF(X509) *load_certs(BIO *err, char *file, int format); #define FORMAT_UNDEF 0 @@ -153,7 +153,8 @@ static char *ca_usage[]={ " -days arg - number of days to certify the certificate for\n", " -md arg - md to use, one of md2, md5, sha or sha1\n", " -policy arg - The CA 'policy' to support\n", -" -keyfile arg - PEM private key file\n", +" -keyfile arg - private key file\n", +" -keyform arg - private key file format (PEM or ENGINE)\n", " -key arg - key to decode the private key if it is encrypted\n", " -cert file - The CA certificate\n", " -in file - The input PEM encoded certificate request(s)\n", @@ -179,11 +180,11 @@ extern int EF_ALIGNMENT; #endif static void lookup_fail(char *name,char *tag); -static unsigned long index_serial_hash(char **a); -static int index_serial_cmp(char **a, char **b); -static unsigned long index_name_hash(char **a); +static unsigned long index_serial_hash(const char **a); +static int index_serial_cmp(const char **a, const char **b); +static unsigned long index_name_hash(const char **a); static int index_name_qual(char **a); -static int index_name_cmp(char **a,char **b); +static int index_name_cmp(const char **a,const char **b); static BIGNUM *load_serial(char *serialfile); static int save_serial(char *serialfile, BIGNUM *serial); static int certify(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509, @@ -214,6 +215,12 @@ static char *section=NULL; static int preserve=0; static int msie_hack=0; +static IMPLEMENT_LHASH_HASH_FN(index_serial_hash,const char **) +static IMPLEMENT_LHASH_COMP_FN(index_serial_cmp,const char **) +static IMPLEMENT_LHASH_HASH_FN(index_name_hash,const char **) +static IMPLEMENT_LHASH_COMP_FN(index_name_cmp,const char **) + + int MAIN(int, char **); int MAIN(int argc, char **argv) @@ -236,6 +243,7 @@ int MAIN(int argc, char **argv) char *policy=NULL; char *keyfile=NULL; char *certfile=NULL; + int keyform=FORMAT_PEM; char *infile=NULL; char *spkac_file=NULL; char *ss_cert_file=NULL; @@ -337,6 +345,11 @@ EF_ALIGNMENT=0; if (--argc < 1) goto bad; keyfile= *(++argv); } + else if (strcmp(*argv,"-keyform") == 0) + { + if (--argc < 1) goto bad; + keyform=str2fmt(*(++argv)); + } else if (strcmp(*argv,"-passin") == 0) { if (--argc < 1) goto bad; @@ -563,14 +576,31 @@ bad: BIO_printf(bio_err,"Error getting password\n"); goto err; } - if (BIO_read_filename(in,keyfile) <= 0) + if (keyform == FORMAT_ENGINE) { - perror(keyfile); - BIO_printf(bio_err,"trying to load CA private key\n"); - goto err; + if (!e) + { + BIO_printf(bio_err,"no engine specified\n"); + goto err; + } + pkey = ENGINE_load_private_key(e, keyfile, key); } + else if (keyform == FORMAT_PEM) + { + if (BIO_read_filename(in,keyfile) <= 0) + { + perror(keyfile); + BIO_printf(bio_err,"trying to load CA private key\n"); + goto err; + } pkey=PEM_read_bio_PrivateKey(in,NULL,NULL,key); - if(key) memset(key,0,strlen(key)); + } + else + { + BIO_printf(bio_err,"bad input format specified for key file\n"); + goto err; + } + if(key) memset(key,0,strlen(key)); if (pkey == NULL) { BIO_printf(bio_err,"unable to load CA private key\n"); @@ -729,15 +759,17 @@ bad: BIO_printf(bio_err,"generating index\n"); } - if (!TXT_DB_create_index(db,DB_serial,NULL,index_serial_hash, - index_serial_cmp)) + if (!TXT_DB_create_index(db, DB_serial, NULL, + LHASH_HASH_FN(index_serial_hash), + LHASH_COMP_FN(index_serial_cmp))) { BIO_printf(bio_err,"error creating serial number index:(%ld,%ld,%ld)\n",db->error,db->arg1,db->arg2); goto err; } - if (!TXT_DB_create_index(db,DB_name,index_name_qual,index_name_hash, - index_name_cmp)) + if (!TXT_DB_create_index(db, DB_name, index_name_qual, + LHASH_HASH_FN(index_name_hash), + LHASH_COMP_FN(index_name_cmp))) { BIO_printf(bio_err,"error creating name index:(%ld,%ld,%ld)\n", db->error,db->arg1,db->arg2); @@ -1302,31 +1334,31 @@ static void lookup_fail(char *name, char *tag) BIO_printf(bio_err,"variable lookup failed for %s::%s\n",name,tag); } -static unsigned long index_serial_hash(char **a) +static unsigned long index_serial_hash(const char **a) { - char *n; + const char *n; n=a[DB_serial]; while (*n == '0') n++; return(lh_strhash(n)); } -static int index_serial_cmp(char **a, char **b) +static int index_serial_cmp(const char **a, const char **b) { - char *aa,*bb; + const char *aa,*bb; for (aa=a[DB_serial]; *aa == '0'; aa++); for (bb=b[DB_serial]; *bb == '0'; bb++); return(strcmp(aa,bb)); } -static unsigned long index_name_hash(char **a) +static unsigned long index_name_hash(const char **a) { return(lh_strhash(a[DB_name])); } static int index_name_qual(char **a) { return(a[0][0] == 'V'); } -static int index_name_cmp(char **a, char **b) +static int index_name_cmp(const char **a, const char **b) { return(strcmp(a[DB_name], b[DB_name])); } @@ -2227,7 +2259,7 @@ static int do_revoke(X509 *x509, TXT_DB *db) goto err; } - else if (index_name_cmp(row,rrow)) + else if (index_name_cmp((const char **)row,(const char **)rrow)) { BIO_printf(bio_err,"ERROR:name does not match %s\n", row[DB_name]); diff --git a/apps/dgst.c b/apps/dgst.c index ab3e2dbb02..4f1660c2a6 100644 --- a/apps/dgst.c +++ b/apps/dgst.c @@ -74,7 +74,7 @@ #undef PROG #define PROG dgst_main -void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, char binout, +void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout, EVP_PKEY *key, unsigned char *sigin, int siglen); int MAIN(int, char **); @@ -93,9 +93,10 @@ int MAIN(int argc, char **argv) char pname[PROG_NAME_SIZE]; int separator=0; int debug=0; + int keyform=FORMAT_PEM; const char *outfile = NULL, *keyfile = NULL; const char *sigfile = NULL, *randfile = NULL; - char out_bin = -1, want_pub = 0, do_verify = 0; + int out_bin = -1, want_pub = 0, do_verify = 0; EVP_PKEY *sigkey = NULL; unsigned char *sigbuf = NULL; int siglen = 0; @@ -157,6 +158,11 @@ int MAIN(int argc, char **argv) if (--argc < 1) break; sigfile=*(++argv); } + else if (strcmp(*argv,"-keyform") == 0) + { + if (--argc < 1) break; + keyform=str2fmt(*(++argv)); + } else if (strcmp(*argv,"-engine") == 0) { if (--argc < 1) break; @@ -196,6 +202,7 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err,"-sign file sign digest using private key in file\n"); BIO_printf(bio_err,"-verify file verify a signature using public key in file\n"); BIO_printf(bio_err,"-prverify file verify a signature using private key in file\n"); + BIO_printf(bio_err,"-keyform arg key file format (PEM or ENGINE)\n"); BIO_printf(bio_err,"-signature file signature to verify\n"); BIO_printf(bio_err,"-binary output in binary form\n"); BIO_printf(bio_err,"-engine e use engine e, possibly a hardware device.\n"); @@ -280,20 +287,47 @@ int MAIN(int argc, char **argv) goto end; } - if(keyfile) { - BIO *keybio; - keybio = BIO_new_file(keyfile, "r"); - if(!keybio) { - BIO_printf(bio_err, "Error opening key file %s\n", - keyfile); - ERR_print_errors(bio_err); + if(keyfile) + { + if (keyform == FORMAT_PEM) + { + BIO *keybio; + keybio = BIO_new_file(keyfile, "r"); + if(!keybio) + { + BIO_printf(bio_err, + "Error opening key file %s\n", + keyfile); + ERR_print_errors(bio_err); + goto end; + } + if(want_pub) + sigkey = PEM_read_bio_PUBKEY(keybio, + NULL, NULL, NULL); + else + sigkey = PEM_read_bio_PrivateKey(keybio, + NULL, NULL, NULL); + BIO_free(keybio); + } + else if (keyform == FORMAT_ENGINE) + { + if (!e) + { + BIO_printf(bio_err,"no engine specified\n"); + goto end; + } + if (want_pub) + sigkey = ENGINE_load_public_key(e, keyfile, NULL); + else + sigkey = ENGINE_load_private_key(e, keyfile, NULL); + } + else + { + BIO_printf(bio_err, + "bad input format specified for key file\n"); goto end; - } + } - if(want_pub) - sigkey = PEM_read_bio_PUBKEY(keybio, NULL, NULL, NULL); - else sigkey = PEM_read_bio_PrivateKey(keybio, NULL, NULL, NULL); - BIO_free(keybio); if(!sigkey) { BIO_printf(bio_err, "Error reading key file %s\n", keyfile); @@ -365,7 +399,7 @@ end: EXIT(err); } -void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, char binout, +void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout, EVP_PKEY *key, unsigned char *sigin, int siglen) { int len; diff --git a/apps/enc.c b/apps/enc.c index 84179f57a0..f43bb029a9 100644 --- a/apps/enc.c +++ b/apps/enc.c @@ -71,6 +71,7 @@ #endif #include <openssl/pem.h> #include <openssl/engine.h> +#include <ctype.h> int set_hex(char *in,unsigned char *out,int size); #undef SIZE @@ -81,6 +82,24 @@ int set_hex(char *in,unsigned char *out,int size); #define BSIZE (8*1024) #define PROG enc_main +void show_ciphers(const OBJ_NAME *name,void *bio_) + { + BIO *bio=bio_; + static int n; + + if(!islower(*name->name)) + return; + + BIO_printf(bio,"-%-25s",name->name); + if(++n == 3) + { + BIO_printf(bio,"\n"); + n=0; + } + else + BIO_printf(bio," "); + } + int MAIN(int, char **); int MAIN(int argc, char **argv) @@ -92,7 +111,7 @@ int MAIN(int argc, char **argv) unsigned char *buff=NULL,*bufsize=NULL; int bsize=BSIZE,verbose=0; int ret=1,inl; - unsigned char key[24],iv[MD5_DIGEST_LENGTH]; + unsigned char key[EVP_MAX_KEY_LENGTH],iv[EVP_MAX_IV_LENGTH]; unsigned char salt[PKCS5_SALT_LEN]; char *str=NULL, *passarg = NULL, *pass = NULL; char *hkey=NULL,*hiv=NULL,*hsalt = NULL; @@ -252,76 +271,11 @@ bad: BIO_printf(bio_err,"%-14s use engine e, possibly a hardware device.\n","-engine e"); BIO_printf(bio_err,"Cipher Types\n"); - BIO_printf(bio_err,"des : 56 bit key DES encryption\n"); - BIO_printf(bio_err,"des_ede :112 bit key ede DES encryption\n"); - BIO_printf(bio_err,"des_ede3:168 bit key ede DES encryption\n"); -#ifndef NO_IDEA - BIO_printf(bio_err,"idea :128 bit key IDEA encryption\n"); -#endif -#ifndef NO_RC4 - BIO_printf(bio_err,"rc2 :128 bit key RC2 encryption\n"); -#endif -#ifndef NO_BF - BIO_printf(bio_err,"bf :128 bit key Blowfish encryption\n"); -#endif -#ifndef NO_RC4 - BIO_printf(bio_err," -%-5s :128 bit key RC4 encryption\n", - LN_rc4); -#endif + OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, + show_ciphers, + bio_err); + BIO_printf(bio_err,"\n"); - BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s", - LN_des_ecb,LN_des_cbc, - LN_des_cfb64,LN_des_ofb64); - BIO_printf(bio_err," -%-4s (%s)\n", - "des", LN_des_cbc); - - BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s", - LN_des_ede,LN_des_ede_cbc, - LN_des_ede_cfb64,LN_des_ede_ofb64); - BIO_printf(bio_err," -desx -none\n"); - - - BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s", - LN_des_ede3,LN_des_ede3_cbc, - LN_des_ede3_cfb64,LN_des_ede3_ofb64); - BIO_printf(bio_err," -%-4s (%s)\n", - "des3", LN_des_ede3_cbc); - -#ifndef NO_IDEA - BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s", - LN_idea_ecb, LN_idea_cbc, - LN_idea_cfb64, LN_idea_ofb64); - BIO_printf(bio_err," -%-4s (%s)\n","idea",LN_idea_cbc); -#endif -#ifndef NO_RC2 - BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s", - LN_rc2_ecb, LN_rc2_cbc, - LN_rc2_cfb64, LN_rc2_ofb64); - BIO_printf(bio_err," -%-4s (%s)\n","rc2", LN_rc2_cbc); -#endif -#ifndef NO_BF - BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s", - LN_bf_ecb, LN_bf_cbc, - LN_bf_cfb64, LN_bf_ofb64); - BIO_printf(bio_err," -%-4s (%s)\n","bf", LN_bf_cbc); -#endif -#ifndef NO_CAST - BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s", - LN_cast5_ecb, LN_cast5_cbc, - LN_cast5_cfb64, LN_cast5_ofb64); - BIO_printf(bio_err," -%-4s (%s)\n","cast", LN_cast5_cbc); -#endif -#ifndef NO_RC5 - BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s", - LN_rc5_ecb, LN_rc5_cbc, - LN_rc5_cfb64, LN_rc5_ofb64); - BIO_printf(bio_err," -%-4s (%s)\n","rc5", LN_rc5_cbc); -#endif -#ifndef NO_RIJNDAEL - BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s\n", - LN_rijndael_ecb_k128_b128,"","","",""); -#endif - goto end; } argc--; @@ -542,12 +496,12 @@ bad: else memset(str,0,strlen(str)); } - if ((hiv != NULL) && !set_hex(hiv,iv,8)) + if ((hiv != NULL) && !set_hex(hiv,iv,sizeof iv)) { BIO_printf(bio_err,"invalid hex iv value\n"); goto end; } - if ((hkey != NULL) && !set_hex(hkey,key,24)) + if ((hkey != NULL) && !set_hex(hkey,key,sizeof key)) { BIO_printf(bio_err,"invalid hex key value\n"); goto end; diff --git a/apps/makeapps.com b/apps/makeapps.com index 7e9d0ac8d6..0bd5e2e51e 100644 --- a/apps/makeapps.com +++ b/apps/makeapps.com @@ -157,13 +157,13 @@ $ LIB_FILES = "VERIFY;ASN1PARS;REQ;DGST;DH;DHPARAM;ENC;PASSWD;GENDH;ERRSTR;"+- "RSA;RSAUTL;DSA;DSAPARAM;"+- "X509;GENRSA;GENDSA;S_SERVER;S_CLIENT;SPEED;"+- "S_TIME;APPS;S_CB;S_SOCKET;APP_RAND;VERSION;SESS_ID;"+- - "CIPHERS;NSEQ;PKCS12;PKCS8;SPKAC;SMIME;RAND" + "CIPHERS;NSEQ;PKCS12;PKCS8;SPKAC;SMIME;RAND;ENGINE" $ APP_FILES := OPENSSL,'OBJ_DIR'VERIFY.OBJ,ASN1PARS.OBJ,REQ.OBJ,DGST.OBJ,DH.OBJ,DHPARAM.OBJ,ENC.OBJ,PASSWD.OBJ,GENDH.OBJ,ERRSTR.OBJ,- CA.OBJ,PKCS7.OBJ,CRL2P7.OBJ,CRL.OBJ,- RSA.OBJ,RSAUTL.OBJ,DSA.OBJ,DSAPARAM.OBJ,- X509.OBJ,GENRSA.OBJ,GENDSA.OBJ,S_SERVER.OBJ,S_CLIENT.OBJ,SPEED.OBJ,- S_TIME.OBJ,APPS.OBJ,S_CB.OBJ,S_SOCKET.OBJ,APP_RAND.OBJ,VERSION.OBJ,SESS_ID.OBJ,- - CIPHERS.OBJ,NSEQ.OBJ,PKCS12.OBJ,PKCS8.OBJ,SPKAC.OBJ,SMIME.OBJ,RAND.OBJ + CIPHERS.OBJ,NSEQ.OBJ,PKCS12.OBJ,PKCS8.OBJ,SPKAC.OBJ,SMIME.OBJ,RAND.OBJ,ENGINE.OBJ $ TCPIP_PROGRAMS = ",," $ IF COMPILER .EQS. "VAXC" THEN - TCPIP_PROGRAMS = ",OPENSSL," @@ -581,6 +581,7 @@ $ CHECK_OPTIONS: $! $! Check To See If P1 Is Blank. $! +$ P1 = "NORSAREF" $ IF (P1.EQS."NORSAREF") $ THEN $! diff --git a/apps/openssl.c b/apps/openssl.c index 4f61006b73..b7e50c7374 100644 --- a/apps/openssl.c +++ b/apps/openssl.c @@ -85,6 +85,9 @@ char *default_config_file=NULL; BIO *bio_err=NULL; #endif +static IMPLEMENT_LHASH_HASH_FN(hash,FUNCTION *) +static IMPLEMENT_LHASH_COMP_FN(cmp,FUNCTION *) + int main(int Argc, char *Argv[]) { ARGS arg; @@ -112,6 +115,7 @@ int main(int Argc, char *Argv[]) BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); ERR_load_crypto_strings(); + ENGINE_load_builtin_engines(); /* Lets load up our environment a little */ p=getenv("OPENSSL_CONF"); @@ -350,7 +354,9 @@ static LHASH *prog_init(void) ; qsort(functions,i,sizeof *functions,SortFnByName); - if ((ret=lh_new(hash,cmp)) == NULL) return(NULL); + if ((ret=lh_new(LHASH_HASH_FN(hash), + LHASH_COMP_FN(cmp))) == NULL) + return(NULL); for (f=functions; f->name != NULL; f++) lh_insert(ret,f); diff --git a/apps/passwd.c b/apps/passwd.c index 6851a9927d..c92ff40beb 100644 --- a/apps/passwd.c +++ b/apps/passwd.c @@ -50,6 +50,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p, * -salt string - salt * -in file - read passwords from file * -stdin - read passwords from stdin + * -noverify - never verify when reading password from terminal * -quiet - no warnings * -table - format output as table * -reverse - switch table columns @@ -62,6 +63,7 @@ int MAIN(int argc, char **argv) int ret = 1; char *infile = NULL; int in_stdin = 0; + int in_noverify = 0; char *salt = NULL, *passwd = NULL, **passwds = NULL; char *salt_malloc = NULL, *passwd_malloc = NULL; size_t passwd_malloc_size = 0; @@ -128,6 +130,8 @@ int MAIN(int argc, char **argv) else badopt = 1; } + else if (strcmp(argv[i], "-noverify") == 0) + in_noverify = 1; else if (strcmp(argv[i], "-quiet") == 0) quiet = 1; else if (strcmp(argv[i], "-table") == 0) @@ -174,6 +178,7 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "-salt string use provided salt\n"); BIO_printf(bio_err, "-in file read passwords from file\n"); BIO_printf(bio_err, "-stdin read passwords from stdin\n"); + BIO_printf(bio_err, "-noverify never verify when reading password from terminal\n"); BIO_printf(bio_err, "-quiet no warnings\n"); BIO_printf(bio_err, "-table format output as table\n"); BIO_printf(bio_err, "-reverse switch table columns\n"); @@ -222,7 +227,7 @@ int MAIN(int argc, char **argv) passwds = passwds_static; if (in == NULL) - if (EVP_read_pw_string(passwd_malloc, passwd_malloc_size, "Password: ", 0) != 0) + if (EVP_read_pw_string(passwd_malloc, passwd_malloc_size, "Password: ", !(passed_salt || in_noverify)) != 0) goto err; passwds[0] = passwd_malloc; } diff --git a/apps/progs.h b/apps/progs.h index fbc65de632..dfc48b0d60 100644 --- a/apps/progs.h +++ b/apps/progs.h @@ -35,6 +35,7 @@ extern int pkcs8_main(int argc,char *argv[]); extern int spkac_main(int argc,char *argv[]); extern int smime_main(int argc,char *argv[]); extern int rand_main(int argc,char *argv[]); +extern int engine_main(int argc,char *argv[]); #define FUNC_TYPE_GENERAL 1 #define FUNC_TYPE_MD 2 @@ -109,6 +110,7 @@ FUNCTION functions[] = { {FUNC_TYPE_GENERAL,"spkac",spkac_main}, {FUNC_TYPE_GENERAL,"smime",smime_main}, {FUNC_TYPE_GENERAL,"rand",rand_main}, + {FUNC_TYPE_GENERAL,"engine",engine_main}, {FUNC_TYPE_MD,"md2",dgst_main}, {FUNC_TYPE_MD,"md4",dgst_main}, {FUNC_TYPE_MD,"md5",dgst_main}, diff --git a/apps/req.c b/apps/req.c index a279598689..7b8b4dbd60 100644 --- a/apps/req.c +++ b/apps/req.c @@ -102,7 +102,7 @@ * -nodes - no des encryption * -config file - Load configuration file. * -key file - make a request using key in file (or use it for verification). - * -keyform - key file format. + * -keyform arg - key file format. * -rand file(s) - load the file(s) into the PRNG. * -newkey - make a key and a request. * -modulus - print RSA modulus. diff --git a/apps/rsa.c b/apps/rsa.c index 700df4223e..825d925c66 100644 --- a/apps/rsa.c +++ b/apps/rsa.c @@ -265,7 +265,7 @@ bad: else if (informat == FORMAT_NETSCAPE) { BUF_MEM *buf=NULL; - unsigned char *p; + const unsigned char *p; int size=0; buf=BUF_MEM_new(); diff --git a/apps/rsautl.c b/apps/rsautl.c index de231b0456..1bbf33d5d9 100644 --- a/apps/rsautl.c +++ b/apps/rsautl.c @@ -62,6 +62,7 @@ #include <string.h> #include <openssl/err.h> #include <openssl/pem.h> +#include <openssl/engine.h> #define RSA_SIGN 1 #define RSA_VERIFY 2 @@ -82,8 +83,10 @@ int MAIN(int argc, char **); int MAIN(int argc, char **argv) { + ENGINE *e = NULL; BIO *in = NULL, *out = NULL; char *infile = NULL, *outfile = NULL; + char *engine = NULL; char *keyfile = NULL; char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY; int keyform = FORMAT_PEM; @@ -117,6 +120,9 @@ int MAIN(int argc, char **argv) } else if(!strcmp(*argv, "-inkey")) { if (--argc < 1) badarg = 1; keyfile = *(++argv); + } else if(!strcmp(*argv, "-engine")) { + if (--argc < 1) badarg = 1; + engine = *(++argv); } else if(!strcmp(*argv, "-pubin")) { key_type = KEY_PUBKEY; } else if(!strcmp(*argv, "-certin")) { @@ -151,16 +157,34 @@ int MAIN(int argc, char **argv) goto end; } + if (engine != NULL) + { + if((e = ENGINE_by_id(engine)) == NULL) + { + BIO_printf(bio_err,"invalid engine \"%s\"\n", + engine); + goto end; + } + if(!ENGINE_set_default(e, ENGINE_METHOD_ALL)) + { + BIO_printf(bio_err,"can't use that engine\n"); + goto end; + } + BIO_printf(bio_err,"engine \"%s\" set.\n", engine); + /* Free our "structural" reference. */ + ENGINE_free(e); + } + /* FIXME: seed PRNG only if needed */ app_RAND_load_file(NULL, bio_err, 0); switch(key_type) { case KEY_PRIVKEY: - pkey = load_key(bio_err, keyfile, keyform, NULL); + pkey = load_key(bio_err, keyfile, keyform, NULL, e); break; case KEY_PUBKEY: - pkey = load_pubkey(bio_err, keyfile, keyform); + pkey = load_pubkey(bio_err, keyfile, keyform, e); break; case KEY_CERT: diff --git a/apps/s_client.c b/apps/s_client.c index 45d627a60a..1a94cdec65 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -420,6 +420,12 @@ bad: con=SSL_new(ctx); +#ifndef NO_KRB5 + if (con && (con->kssl_ctx = kssl_ctx_new()) != NULL) + { + kssl_ctx_setstring(con->kssl_ctx, KSSL_SERVER, host); + } +#endif /* NO_KRB5 */ /* SSL_set_cipher_list(con,"RC4-MD5"); */ re_start: diff --git a/apps/s_server.c b/apps/s_server.c index 61a77dff11..383e2304d7 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -416,9 +416,6 @@ int MAIN(int argc, char *argv[]) int state=0; SSL_METHOD *meth=NULL; ENGINE *e=NULL; -#ifndef NO_DH - DH *dh=NULL; -#endif #if !defined(NO_SSL2) && !defined(NO_SSL3) meth=SSLv23_server_method(); @@ -682,7 +679,13 @@ bad: #ifndef NO_DH if (!no_dhe) { - dh=load_dh_param(dhfile ? dhfile : s_cert_file); + DH *dh=NULL; + + if (dhfile) + dh = load_dh_param(dhfile); + else if (s_cert_file) + dh = load_dh_param(s_cert_file); + if (dh != NULL) { BIO_printf(bio_s_out,"Setting temp DH parameters\n"); @@ -818,6 +821,13 @@ static int sv_body(char *hostname, int s, unsigned char *context) if (con == NULL) { con=SSL_new(ctx); +#ifndef NO_KRB5 + if ((con->kssl_ctx = kssl_ctx_new()) != NULL) + { + kssl_ctx_setstring(con->kssl_ctx, KSSL_SERVICE, KRB5SVC); + kssl_ctx_setstring(con->kssl_ctx, KSSL_KEYTAB, KRB5KEYTAB); + } +#endif /* NO_KRB5 */ if(context) SSL_set_session_id_context(con, context, strlen((char *)context)); diff --git a/apps/smime.c b/apps/smime.c index 16b940084b..0a16bbc4dd 100644 --- a/apps/smime.c +++ b/apps/smime.c @@ -399,7 +399,7 @@ int MAIN(int argc, char **argv) } else keyfile = NULL; if(keyfile) { - if(!(key = load_key(bio_err,keyfile, FORMAT_PEM, passin))) { + if(!(key = load_key(bio_err,keyfile, FORMAT_PEM, passin, NULL))) { BIO_printf(bio_err, "Can't read recipient certificate file %s\n", keyfile); ERR_print_errors(bio_err); goto end; diff --git a/apps/speed.c b/apps/speed.c index ba41916371..1634498c75 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -82,13 +82,15 @@ #include <openssl/rand.h> #include <openssl/err.h> #include <openssl/engine.h> +#include <openssl/evp.h> +#include <openssl/objects.h> #if defined(__FreeBSD__) # define USE_TOD #elif !defined(MSDOS) && (!defined(VMS) || defined(__DECC)) # define TIMES #endif -#if !defined(_UNICOS) && !defined(__OpenBSD__) && !defined(sgi) && !defined(__FreeBSD__) && !(defined(__bsdi) || defined(__bsdi__)) && !defined(_AIX) && !defined(MPE) +#if !defined(_UNICOS) && !defined(__OpenBSD__) && !defined(sgi) && !defined(__FreeBSD__) && !(defined(__bsdi) || defined(__bsdi__)) && !defined(_AIX) && !defined(MPE) && !defined(__NetBSD__) /* FIXME */ # define TIMEB #endif @@ -196,7 +198,7 @@ int run=0; static double Time_F(int s, int usertime); -static void print_message(char *s,long num,int length); +static void print_message(const char *s,long num,int length); static void pkey_print_message(char *str,char *str2,long num,int bits,int sec); #ifdef SIGALRM #if defined(__STDC__) || defined(sgi) || defined(_AIX) @@ -314,11 +316,11 @@ int MAIN(int argc, char **argv) ENGINE *e; unsigned char *buf=NULL,*buf2=NULL; int mret=1; -#define ALGOR_NUM 15 +#define ALGOR_NUM 16 #define SIZE_NUM 5 #define RSA_NUM 4 #define DSA_NUM 3 - long count,rsa_count; + long count,rsa_count,save_count=0; int i,j,k; unsigned rsa_num; #ifndef NO_MD2 @@ -384,10 +386,11 @@ int MAIN(int argc, char **argv) #define D_CBC_RC5 12 #define D_CBC_BF 13 #define D_CBC_CAST 14 +#define D_EVP 15 double d,results[ALGOR_NUM][SIZE_NUM]; static int lengths[SIZE_NUM]={8,64,256,1024,8*1024}; long c[ALGOR_NUM][SIZE_NUM]; - static char *names[ALGOR_NUM]={ + static const char *names[ALGOR_NUM]={ "md2","mdc2","md4","md5","hmac(md5)","sha1","rmd160","rc4", "des cbc","des ede3","idea cbc", "rc2 cbc","rc5-32/12 cbc","blowfish cbc","cast cbc"}; @@ -420,6 +423,7 @@ int MAIN(int argc, char **argv) int doit[ALGOR_NUM]; int pr_header=0; int usertime=1; + const EVP_CIPHER *evp=NULL; #ifndef TIMES usertime=-1; @@ -472,6 +476,23 @@ int MAIN(int argc, char **argv) { if ((argc > 0) && (strcmp(*argv,"-elapsed") == 0)) usertime = 0; + else if ((argc > 0) && (strcmp(*argv,"-evp") == 0)) + { + argc--; + argv++; + if(argc == 0) + { + BIO_printf(bio_err,"no EVP given\n"); + goto end; + } + evp=EVP_get_cipherbyname(*argv); + if(!evp) + { + BIO_printf(bio_err,"%s is an unknown cipher\n",*argv); + goto end; + } + doit[D_EVP]=1; + } else if ((argc > 0) && (strcmp(*argv,"-engine") == 0)) { @@ -547,7 +568,7 @@ int MAIN(int argc, char **argv) else #endif #ifndef NO_RSA -#ifdef RSAref +#if 0 /* was: #ifdef RSAref */ if (strcmp(*argv,"rsaref") == 0) { RSA_set_default_openssl_method(RSA_PKCS1_RSAref()); @@ -719,7 +740,10 @@ int MAIN(int argc, char **argv) if (j == 0) { for (i=0; i<ALGOR_NUM; i++) - doit[i]=1; + { + if (i != D_EVP) + doit[i]=1; + } for (i=0; i<RSA_NUM; i++) rsa_doit[i]=1; for (i=0; i<DSA_NUM; i++) @@ -739,7 +763,7 @@ int MAIN(int argc, char **argv) #ifndef NO_RSA for (i=0; i<RSA_NUM; i++) { - unsigned char *p; + const unsigned char *p; p=rsa_data[i]; rsa_key[i]=d2i_RSAPrivateKey(NULL,&p,rsa_data_length[i]); @@ -804,6 +828,7 @@ int MAIN(int argc, char **argv) &(sch[0]),DES_ENCRYPT); d=Time_F(STOP,usertime); } while (d <3); + save_count=count; c[D_MD2][0]=count/10; c[D_MDC2][0]=count/10; c[D_MD4][0]=count; @@ -1160,6 +1185,28 @@ int MAIN(int argc, char **argv) } #endif + if (doit[D_EVP]) + { + for (j=0; j<SIZE_NUM; j++) + { + EVP_CIPHER_CTX ctx; + int outl; + + names[D_EVP]=OBJ_nid2ln(evp->nid); + print_message(names[D_EVP],save_count, + lengths[j]); + EVP_EncryptInit(&ctx,evp,key16,iv); + Time_F(START,usertime); + for (count=0,run=1; COND(save_count*4*lengths[0]/lengths[j]); count++) + EVP_EncryptUpdate(&ctx,buf,&outl,buf,lengths[j]); + EVP_EncryptFinal(&ctx,buf,&outl); + d=Time_F(STOP,usertime); + BIO_printf(bio_err,"%ld %s's in %.2fs\n", + count,names[D_EVP],d); + results[D_EVP][j]=((double)count)/d*lengths[j]; + } + } + RAND_pseudo_bytes(buf,36); #ifndef NO_RSA for (j=0; j<RSA_NUM; j++) @@ -1429,7 +1476,7 @@ end: EXIT(mret); } -static void print_message(char *s, long num, int length) +static void print_message(const char *s, long num, int length) { #ifdef SIGALRM BIO_printf(bio_err,"Doing %s for %ds on %d size blocks: ",s,SECONDS,length); diff --git a/apps/x509.c b/apps/x509.c index 8712339717..de25790145 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -106,6 +106,7 @@ static char *x509_usage[]={ " -fingerprint - print the certificate fingerprint\n", " -alias - output certificate alias\n", " -noout - no certificate output\n", +" -ocspid - print OCSP hash values for the subject name and public key\n", " -trustout - output a \"trusted\" certificate\n", " -clrtrust - clear all trusted purposes\n", " -clrreject - clear all rejected purposes\n", @@ -163,6 +164,7 @@ int MAIN(int argc, char **argv) char *CAkeyfile=NULL,*CAserial=NULL; char *alias=NULL; int text=0,serial=0,hash=0,subject=0,issuer=0,startdate=0,enddate=0; + int ocspid=0; int noout=0,sign_flag=0,CA_flag=0,CA_createserial=0,email=0; int trustout=0,clrtrust=0,clrreject=0,aliasout=0,clrext=0; int C=0; @@ -412,6 +414,8 @@ int MAIN(int argc, char **argv) clrext = 1; } #endif + else if (strcmp(*argv,"-ocspid") == 0) + ocspid= ++num; else if ((md_alg=EVP_get_digestbyname(*argv + 1))) { /* ok */ @@ -849,7 +853,7 @@ bad: if (Upkey == NULL) { Upkey=load_key(bio_err, - keyfile,keyformat, passin); + keyfile,keyformat, passin, e); if (Upkey == NULL) goto end; } #ifndef NO_DSA @@ -867,7 +871,8 @@ bad: if (CAkeyfile != NULL) { CApkey=load_key(bio_err, - CAkeyfile,CAkeyformat, passin); + CAkeyfile,CAkeyformat, passin, + e); if (CApkey == NULL) goto end; } #ifndef NO_DSA @@ -894,7 +899,7 @@ bad: else { pk=load_key(bio_err, - keyfile,FORMAT_PEM, passin); + keyfile,FORMAT_PEM, passin, e); if (pk == NULL) goto end; } @@ -917,6 +922,10 @@ bad: } noout=1; } + else if (ocspid == i) + { + X509_ocspid_print(out, x); + } } } @@ -203,6 +203,10 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in echo "ppc-apple-rhapsody"; exit 0 ;; + Darwin:*) + echo "ppc-apple-darwin"; exit 0 + ;; + SunOS:5.*) echo "${MACHINE}-whatever-solaris2"; exit 0 ;; @@ -413,11 +417,27 @@ case "$GUESSOS" in esac fi ;; - mips-*-linux?) OUT="linux-mips" ;; + mips-*-linux?) + cat >dummy.c <<EOF +#include <stdio.h> /* for printf() prototype */ + int main (argc, argv) int argc; char *argv[]; { +#ifdef __MIPSEB__ + printf ("linux-%s\n", argv[1]); +#endif +#ifdef __MIPSEL__ + printf ("linux-%sel\n", argv[1]); +#endif + return 0; +} +EOF + ${CC} -o dummy dummy.c && OUT=`./dummy ${MACHINE}` + rm dummy dummy.c + ;; ppc-*-linux2) OUT="linux-ppc" ;; m68k-*-linux*) OUT="linux-m68k" ;; ia64-*-linux?) OUT="linux-ia64" ;; ppc-apple-rhapsody) OUT="rhapsody-ppc-cc" ;; + ppc-apple-darwin) OUT="darwin-ppc-cc" ;; sparc64-*-linux2) #Before we can uncomment following lines we have to wait at least #till 64-bit glibc for SPARC is operational:-( @@ -427,7 +447,7 @@ case "$GUESSOS" in #read waste < /dev/tty OUT="linux-sparcv9" ;; sparc-*-linux2) - KARCH=`awk '/type/{print$3}' /proc/cpuinfo` + KARCH=`awk '/^type/{print$3}' /proc/cpuinfo` case ${KARCH:-sun4} in sun4u*) OUT="linux-sparcv9" ;; sun4m) OUT="linux-sparcv8" ;; @@ -521,6 +541,27 @@ do fi done +# Discover Kerberos 5 (since it's still a prototype, we don't +# do any guesses yet, that's why this section is commented away. +#if [ -d /usr/kerberos ]; then +# krb5_dir=/usr/kerberos +# if [ \( -f $krb5_dir/lib/libgssapi_krb5.a -o -f $krb5_dir/lib/libgssapi_krb5.so* \)\ +# -a \( -f $krb5_dir/lib/libkrb5.a -o -f $krb5_dir/lib/libkrb5.so* \)\ +# -a \( -f $krb5_dir/lib/libcom_err.a -o -f $krb5_dir/lib/libcom_err.so* \)\ +# -a \( -f $krb5_dir/lib/libk5crypto.a -o -f $krb5_dir/lib/libk5crypto.so* \)\ +# -a \( -f $krb5_dir/include/krb5.h \) ]; then +# options="$options --with-krb5-flavor=MIT" +# fi +#elif [ -d /usr/heimdal ]; then +# krb5_dir=/usr/heimdal +# if [ \( -f $krb5_dir/lib/libgssapi.a -o -f $krb5_dir/lib/libgssapi.so* \)\ +# -a \( -f $krb5_dir/lib/libkrb5.a -o -f $krb5_dir/lib/libkrb5.so* \)\ +# -a \( -f $krb5_dir/lib/libcom_err.a -o -f $krb5_dir/lib/libcom_err.so* \)\ +# -a \( -f $krb5_dir/include/krb5.h \) ]; then +# options="$options --with-krb5-flavor=Heimdal" +# fi +#fi + if [ -z "$OUT" ]; then OUT="$CC" fi diff --git a/crypto/asn1/Makefile.ssl b/crypto/asn1/Makefile.ssl index 2720dd65f1..5dd662843b 100644 --- a/crypto/asn1/Makefile.ssl +++ b/crypto/asn1/Makefile.ssl @@ -157,8 +157,7 @@ a_digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h a_digest.o: ../../include/openssl/opensslconf.h a_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h a_digest.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -a_digest.o: ../../include/openssl/rc5.h -a_digest.o: ../../include/openssl/rijndael-alg-fst.h +a_digest.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h a_digest.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h a_digest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h a_digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -275,12 +274,12 @@ a_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h a_sign.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h a_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h a_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -a_sign.o: ../../include/openssl/rijndael-alg-fst.h -a_sign.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -a_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -a_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -a_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -a_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +a_sign.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +a_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +a_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +a_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +a_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +a_sign.o: ../cryptlib.h a_strex.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h a_strex.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h a_strex.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -294,12 +293,12 @@ a_strex.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h a_strex.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h a_strex.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h a_strex.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -a_strex.o: ../../include/openssl/rijndael-alg-fst.h -a_strex.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -a_strex.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -a_strex.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -a_strex.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -a_strex.o: ../../include/openssl/x509_vfy.h charmap.h +a_strex.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +a_strex.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +a_strex.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +a_strex.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +a_strex.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +a_strex.o: charmap.h a_strnid.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h a_strnid.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h a_strnid.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h @@ -355,8 +354,7 @@ a_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h a_verify.o: ../../include/openssl/opensslconf.h a_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h a_verify.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -a_verify.o: ../../include/openssl/rc5.h -a_verify.o: ../../include/openssl/rijndael-alg-fst.h +a_verify.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h a_verify.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h a_verify.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h a_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -406,7 +404,7 @@ d2i_pr.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h d2i_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h d2i_pr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h d2i_pr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -d2i_pr.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +d2i_pr.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h d2i_pr.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h d2i_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h d2i_pr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -424,7 +422,7 @@ d2i_pu.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h d2i_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h d2i_pu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h d2i_pu.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -d2i_pu.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +d2i_pu.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h d2i_pu.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h d2i_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h d2i_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -475,7 +473,7 @@ i2d_pr.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h i2d_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h i2d_pr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h i2d_pr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -i2d_pr.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +i2d_pr.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h i2d_pr.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h i2d_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h i2d_pr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -493,7 +491,7 @@ i2d_pu.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h i2d_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h i2d_pu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h i2d_pu.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -i2d_pu.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +i2d_pu.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h i2d_pu.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h i2d_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h i2d_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -513,12 +511,12 @@ n_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h n_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h n_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h n_pkey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -n_pkey.o: ../../include/openssl/rijndael-alg-fst.h -n_pkey.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -n_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -n_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -n_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -n_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +n_pkey.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +n_pkey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +n_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +n_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +n_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +n_pkey.o: ../cryptlib.h nsseq.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h nsseq.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h nsseq.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h @@ -532,7 +530,7 @@ nsseq.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h nsseq.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h nsseq.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h nsseq.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -nsseq.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +nsseq.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h nsseq.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h nsseq.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h nsseq.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -553,12 +551,12 @@ p5_pbe.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p5_pbe.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h p5_pbe.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h p5_pbe.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p5_pbe.o: ../../include/openssl/rijndael-alg-fst.h -p5_pbe.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p5_pbe.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p5_pbe.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p5_pbe.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p5_pbe.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +p5_pbe.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +p5_pbe.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p5_pbe.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p5_pbe.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p5_pbe.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p5_pbe.o: ../cryptlib.h p5_pbev2.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h p5_pbev2.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h p5_pbev2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h @@ -574,12 +572,12 @@ p5_pbev2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p5_pbev2.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h p5_pbev2.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h p5_pbev2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p5_pbev2.o: ../../include/openssl/rijndael-alg-fst.h -p5_pbev2.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p5_pbev2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p5_pbev2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p5_pbev2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p5_pbev2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +p5_pbev2.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +p5_pbev2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p5_pbev2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p5_pbev2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p5_pbev2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p5_pbev2.o: ../cryptlib.h p8_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h p8_pkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h p8_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h @@ -594,7 +592,7 @@ p8_pkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h p8_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p8_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h p8_pkey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p8_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +p8_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h p8_pkey.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h p8_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p8_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -615,13 +613,12 @@ t_bitst.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h t_bitst.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h t_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h t_bitst.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -t_bitst.o: ../../include/openssl/rijndael-alg-fst.h -t_bitst.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -t_bitst.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -t_bitst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_bitst.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -t_bitst.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -t_bitst.o: ../cryptlib.h +t_bitst.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +t_bitst.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +t_bitst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +t_bitst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +t_bitst.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +t_bitst.o: ../../include/openssl/x509v3.h ../cryptlib.h t_crl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h t_crl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h t_crl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -637,13 +634,12 @@ t_crl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h t_crl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h t_crl.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h t_crl.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -t_crl.o: ../../include/openssl/rijndael-alg-fst.h -t_crl.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -t_crl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -t_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -t_crl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -t_crl.o: ../cryptlib.h +t_crl.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +t_crl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +t_crl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +t_crl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +t_crl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +t_crl.o: ../../include/openssl/x509v3.h ../cryptlib.h t_pkey.o: ../../include/openssl/bio.h ../../include/openssl/bn.h t_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h t_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h @@ -668,13 +664,12 @@ t_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h t_req.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h t_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h t_req.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -t_req.o: ../../include/openssl/rijndael-alg-fst.h -t_req.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -t_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -t_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -t_req.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -t_req.o: ../cryptlib.h +t_req.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +t_req.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +t_req.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +t_req.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +t_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +t_req.o: ../../include/openssl/x509v3.h ../cryptlib.h t_spki.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h t_spki.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h t_spki.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -689,12 +684,12 @@ t_spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h t_spki.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h t_spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h t_spki.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -t_spki.o: ../../include/openssl/rijndael-alg-fst.h -t_spki.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -t_spki.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -t_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -t_spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +t_spki.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +t_spki.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +t_spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +t_spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +t_spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +t_spki.o: ../cryptlib.h t_x509.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h t_x509.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h t_x509.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -710,13 +705,12 @@ t_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h t_x509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h t_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h t_x509.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -t_x509.o: ../../include/openssl/rijndael-alg-fst.h -t_x509.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -t_x509.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -t_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -t_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -t_x509.o: ../cryptlib.h +t_x509.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +t_x509.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +t_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +t_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +t_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +t_x509.o: ../../include/openssl/x509v3.h ../cryptlib.h t_x509a.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h t_x509a.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h t_x509a.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -731,12 +725,12 @@ t_x509a.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h t_x509a.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h t_x509a.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h t_x509a.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -t_x509a.o: ../../include/openssl/rijndael-alg-fst.h -t_x509a.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -t_x509a.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -t_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -t_x509a.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +t_x509a.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +t_x509a.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +t_x509a.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +t_x509a.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +t_x509a.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +t_x509a.o: ../cryptlib.h tasn_dec.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h tasn_dec.o: ../../include/openssl/bio.h ../../include/openssl/bn.h tasn_dec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h @@ -789,7 +783,7 @@ x_algor.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h x_algor.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_algor.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x_algor.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_algor.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +x_algor.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x_algor.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x_algor.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_algor.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -809,8 +803,7 @@ x_attrib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h x_attrib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_attrib.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x_attrib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_attrib.o: ../../include/openssl/rc5.h -x_attrib.o: ../../include/openssl/rijndael-alg-fst.h +x_attrib.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x_attrib.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x_attrib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_attrib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -839,7 +832,7 @@ x_crl.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h x_crl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_crl.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x_crl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_crl.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +x_crl.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x_crl.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x_crl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -858,7 +851,7 @@ x_exten.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h x_exten.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_exten.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x_exten.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_exten.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +x_exten.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x_exten.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x_exten.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_exten.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -878,12 +871,12 @@ x_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x_info.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h x_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h x_info.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x_info.o: ../../include/openssl/rijndael-alg-fst.h -x_info.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -x_info.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -x_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_info.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -x_info.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +x_info.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +x_info.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +x_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +x_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +x_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +x_info.o: ../cryptlib.h x_long.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h x_long.o: ../../include/openssl/bio.h ../../include/openssl/bn.h x_long.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h @@ -906,7 +899,7 @@ x_name.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h x_name.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_name.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x_name.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_name.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +x_name.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x_name.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x_name.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_name.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -926,7 +919,7 @@ x_pkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h x_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x_pkey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +x_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x_pkey.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -946,8 +939,7 @@ x_pubkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h x_pubkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_pubkey.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x_pubkey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_pubkey.o: ../../include/openssl/rc5.h -x_pubkey.o: ../../include/openssl/rijndael-alg-fst.h +x_pubkey.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x_pubkey.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x_pubkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_pubkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -967,7 +959,7 @@ x_req.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h x_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_req.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x_req.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_req.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +x_req.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x_req.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -987,7 +979,7 @@ x_sig.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h x_sig.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_sig.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x_sig.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_sig.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +x_sig.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x_sig.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x_sig.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_sig.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -1007,7 +999,7 @@ x_spki.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h x_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_spki.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x_spki.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_spki.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +x_spki.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x_spki.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x_spki.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -1027,7 +1019,7 @@ x_val.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h x_val.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_val.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x_val.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_val.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +x_val.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x_val.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x_val.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_val.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -1048,7 +1040,7 @@ x_x509.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h x_x509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x_x509.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_x509.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +x_x509.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x_x509.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x_x509.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -1069,7 +1061,7 @@ x_x509a.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h x_x509a.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_x509a.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x_x509a.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_x509a.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +x_x509a.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x_x509a.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x_x509a.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h index 63aa37665c..a068035947 100644 --- a/crypto/asn1/asn1.h +++ b/crypto/asn1/asn1.h @@ -288,6 +288,7 @@ typedef struct ASN1_VALUE_st ASN1_VALUE; /* Declare ASN1 functions: the implement macro in in asn1t.h */ #define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type) + #define DECLARE_ASN1_FUNCTIONS_name(type, name) \ type *name##_new(void); \ void name##_free(type *a); \ @@ -298,6 +299,15 @@ typedef struct ASN1_VALUE_st ASN1_VALUE; int i2d_##name(type *a, unsigned char **out); \ extern const ASN1_ITEM name##_it; +#define DECLARE_ASN1_ENCODE_FUNCTIONS_const(type, name) \ + type *d2i_##name(type **a, const unsigned char **in, long len); \ + int i2d_##name(const type *a, unsigned char **out); \ + extern const ASN1_ITEM name##_it; + +#define DECLARE_ASN1_FUNCTIONS_const(name) \ + name *name##_new(void); \ + void name##_free(name *a); + /* Parameters used by ASN1_STRING_print_ex() */ /* These determine which characters to escape: @@ -913,24 +923,58 @@ int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); #define ASN1_F_BN_TO_ASN1_INTEGER 139 #define ASN1_F_COLLECT_DATA 140 #define ASN1_F_D2I_ASN1_BIT_STRING 141 +#define ASN1_F_D2I_ASN1_BMPSTRING 178 #define ASN1_F_D2I_ASN1_BOOLEAN 142 #define ASN1_F_D2I_ASN1_BYTES 143 #define ASN1_F_D2I_ASN1_GENERALIZEDTIME 144 #define ASN1_F_D2I_ASN1_HEADER 145 #define ASN1_F_D2I_ASN1_INTEGER 146 +#define ASN1_F_D2I_ASN1_NULL 179 #define ASN1_F_D2I_ASN1_OBJECT 147 #define ASN1_F_D2I_ASN1_SET 148 #define ASN1_F_D2I_ASN1_TYPE_BYTES 149 #define ASN1_F_D2I_ASN1_UINTEGER 150 #define ASN1_F_D2I_ASN1_UTCTIME 151 +#define ASN1_F_D2I_ASN1_VISIBLESTRING 180 #define ASN1_F_D2I_DHPARAMS 152 #define ASN1_F_D2I_DSAPARAMS 153 #define ASN1_F_D2I_DSAPRIVATEKEY 154 #define ASN1_F_D2I_DSAPUBLICKEY 155 #define ASN1_F_D2I_NETSCAPE_RSA 156 #define ASN1_F_D2I_NETSCAPE_RSA_2 157 +#define ASN1_F_D2I_OCSP_BASICRESP 181 +#define ASN1_F_D2I_OCSP_CERTID 182 +#define ASN1_F_D2I_OCSP_CERTSTATUS 183 +#define ASN1_F_D2I_OCSP_CRLID 184 +#define ASN1_F_D2I_OCSP_ONEREQ 185 +#define ASN1_F_D2I_OCSP_REQINFO 186 +#define ASN1_F_D2I_OCSP_REQUEST 187 +#define ASN1_F_D2I_OCSP_RESPBYTES 188 +#define ASN1_F_D2I_OCSP_RESPDATA 189 +#define ASN1_F_D2I_OCSP_RESPID 190 +#define ASN1_F_D2I_OCSP_RESPONSE 191 +#define ASN1_F_D2I_OCSP_REVOKEDINFO 192 +#define ASN1_F_D2I_OCSP_SERVICELOC 193 +#define ASN1_F_D2I_OCSP_SIGNATURE 194 +#define ASN1_F_D2I_OCSP_SINGLERESP 195 +#define ASN1_F_D2I_PKCS12 196 +#define ASN1_F_D2I_PKCS12_BAGS 197 +#define ASN1_F_D2I_PKCS12_MAC_DATA 198 +#define ASN1_F_D2I_PKCS12_SAFEBAG 199 +#define ASN1_F_D2I_PKCS7 200 +#define ASN1_F_D2I_PKCS7_DIGEST 201 +#define ASN1_F_D2I_PKCS7_ENCRYPT 202 +#define ASN1_F_D2I_PKCS7_ENC_CONTENT 203 +#define ASN1_F_D2I_PKCS7_ENVELOPE 204 +#define ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL 205 +#define ASN1_F_D2I_PKCS7_RECIP_INFO 206 +#define ASN1_F_D2I_PKCS7_SIGNED 207 +#define ASN1_F_D2I_PKCS7_SIGNER_INFO 208 +#define ASN1_F_D2I_PKCS7_SIGN_ENVELOPE 209 #define ASN1_F_D2I_PRIVATEKEY 158 #define ASN1_F_D2I_PUBLICKEY 159 +#define ASN1_F_D2I_X509 210 +#define ASN1_F_D2I_X509_CINF 211 #define ASN1_F_D2I_X509_NAME 160 #define ASN1_F_D2I_X509_PKEY 161 #define ASN1_F_I2D_ASN1_TIME 162 @@ -944,10 +988,41 @@ int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); #define ASN1_F_I2D_PUBLICKEY 170 #define ASN1_F_I2D_RSA_PUBKEY 171 #define ASN1_F_LONG_C2I 172 +#define ASN1_F_OCSP_BASICRESP_NEW 212 +#define ASN1_F_OCSP_CERTID_NEW 213 +#define ASN1_F_OCSP_CERTSTATUS_NEW 214 +#define ASN1_F_OCSP_CRLID_NEW 215 +#define ASN1_F_OCSP_ONEREQ_NEW 216 +#define ASN1_F_OCSP_REQINFO_NEW 217 +#define ASN1_F_OCSP_REQUEST_NEW 218 +#define ASN1_F_OCSP_RESPBYTES_NEW 219 +#define ASN1_F_OCSP_RESPDATA_NEW 220 +#define ASN1_F_OCSP_RESPID_NEW 221 +#define ASN1_F_OCSP_RESPONSE_NEW 222 +#define ASN1_F_OCSP_REVOKEDINFO_NEW 223 +#define ASN1_F_OCSP_SERVICELOC_NEW 224 +#define ASN1_F_OCSP_SIGNATURE_NEW 225 +#define ASN1_F_OCSP_SINGLERESP_NEW 226 +#define ASN1_F_PKCS12_BAGS_NEW 227 +#define ASN1_F_PKCS12_MAC_DATA_NEW 228 +#define ASN1_F_PKCS12_NEW 229 +#define ASN1_F_PKCS12_SAFEBAG_NEW 230 #define ASN1_F_PKCS5_PBE2_SET 173 +#define ASN1_F_PKCS7_DIGEST_NEW 231 +#define ASN1_F_PKCS7_ENCRYPT_NEW 232 +#define ASN1_F_PKCS7_ENC_CONTENT_NEW 233 +#define ASN1_F_PKCS7_ENVELOPE_NEW 234 +#define ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW 235 +#define ASN1_F_PKCS7_NEW 236 +#define ASN1_F_PKCS7_RECIP_INFO_NEW 237 +#define ASN1_F_PKCS7_SIGNED_NEW 238 +#define ASN1_F_PKCS7_SIGNER_INFO_NEW 239 +#define ASN1_F_PKCS7_SIGN_ENVELOPE_NEW 240 +#define ASN1_F_X509_CINF_NEW 241 #define ASN1_F_X509_CRL_ADD0_REVOKED 174 #define ASN1_F_X509_INFO_NEW 175 #define ASN1_F_X509_NAME_NEW 176 +#define ASN1_F_X509_NEW 242 #define ASN1_F_X509_PKEY_NEW 177 /* Reason codes. */ @@ -955,7 +1030,9 @@ int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); #define ASN1_R_BAD_CLASS 101 #define ASN1_R_BAD_OBJECT_HEADER 102 #define ASN1_R_BAD_PASSWORD_READ 103 +#define ASN1_R_BAD_PKCS7_CONTENT 171 #define ASN1_R_BAD_TAG 104 +#define ASN1_R_BAD_TYPE 172 #define ASN1_R_BN_LIB 105 #define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106 #define ASN1_R_BUFFER_TOO_SMALL 107 @@ -969,6 +1046,7 @@ int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); #define ASN1_R_EXPECTING_AN_INTEGER 115 #define ASN1_R_EXPECTING_AN_OBJECT 116 #define ASN1_R_EXPECTING_A_BOOLEAN 117 +#define ASN1_R_EXPECTING_A_NULL 173 #define ASN1_R_EXPECTING_A_TIME 118 #define ASN1_R_EXPLICIT_LENGTH_MISMATCH 119 #define ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED 120 diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c index 9ab1891b8f..e75dfc71bf 100644 --- a/crypto/asn1/asn1_err.c +++ b/crypto/asn1/asn1_err.c @@ -108,24 +108,58 @@ static ERR_STRING_DATA ASN1_str_functs[]= {ERR_PACK(0,ASN1_F_BN_TO_ASN1_INTEGER,0), "BN_to_ASN1_INTEGER"}, {ERR_PACK(0,ASN1_F_COLLECT_DATA,0), "COLLECT_DATA"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_BIT_STRING,0), "D2I_ASN1_BIT_STRING"}, +{ERR_PACK(0,ASN1_F_D2I_ASN1_BMPSTRING,0), "D2I_ASN1_BMPSTRING"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_BOOLEAN,0), "d2i_ASN1_BOOLEAN"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_BYTES,0), "d2i_ASN1_bytes"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_GENERALIZEDTIME,0), "D2I_ASN1_GENERALIZEDTIME"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_HEADER,0), "d2i_ASN1_HEADER"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_INTEGER,0), "D2I_ASN1_INTEGER"}, +{ERR_PACK(0,ASN1_F_D2I_ASN1_NULL,0), "D2I_ASN1_NULL"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_OBJECT,0), "d2i_ASN1_OBJECT"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_SET,0), "d2i_ASN1_SET"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE_BYTES,0), "d2i_ASN1_type_bytes"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_UINTEGER,0), "d2i_ASN1_UINTEGER"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_UTCTIME,0), "D2I_ASN1_UTCTIME"}, +{ERR_PACK(0,ASN1_F_D2I_ASN1_VISIBLESTRING,0), "D2I_ASN1_VISIBLESTRING"}, {ERR_PACK(0,ASN1_F_D2I_DHPARAMS,0), "d2i_DHparams"}, {ERR_PACK(0,ASN1_F_D2I_DSAPARAMS,0), "d2i_DSAparams"}, {ERR_PACK(0,ASN1_F_D2I_DSAPRIVATEKEY,0), "d2i_DSAPrivateKey"}, {ERR_PACK(0,ASN1_F_D2I_DSAPUBLICKEY,0), "d2i_DSAPublicKey"}, {ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA,0), "d2i_Netscape_RSA"}, {ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA_2,0), "d2i_Netscape_RSA_2"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_BASICRESP,0), "d2i_OCSP_BASICRESP"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_CERTID,0), "d2i_OCSP_CERTID"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_CERTSTATUS,0), "d2i_OCSP_CERTSTATUS"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_CRLID,0), "d2i_OCSP_CRLID"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_ONEREQ,0), "d2i_OCSP_ONEREQ"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_REQINFO,0), "d2i_OCSP_REQINFO"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_REQUEST,0), "d2i_OCSP_REQUEST"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_RESPBYTES,0), "d2i_OCSP_RESPBYTES"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_RESPDATA,0), "d2i_OCSP_RESPDATA"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_RESPID,0), "d2i_OCSP_RESPID"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_RESPONSE,0), "d2i_OCSP_RESPONSE"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_REVOKEDINFO,0), "d2i_OCSP_REVOKEDINFO"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_SERVICELOC,0), "d2i_OCSP_SERVICELOC"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_SIGNATURE,0), "d2i_OCSP_SIGNATURE"}, +{ERR_PACK(0,ASN1_F_D2I_OCSP_SINGLERESP,0), "d2i_OCSP_SINGLERESP"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS12,0), "D2I_PKCS12"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS12_BAGS,0), "D2I_PKCS12_BAGS"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS12_MAC_DATA,0), "D2I_PKCS12_MAC_DATA"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS12_SAFEBAG,0), "D2I_PKCS12_SAFEBAG"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7,0), "D2I_PKCS7"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_DIGEST,0), "D2I_PKCS7_DIGEST"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENCRYPT,0), "D2I_PKCS7_ENCRYPT"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENC_CONTENT,0), "D2I_PKCS7_ENC_CONTENT"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENVELOPE,0), "D2I_PKCS7_ENVELOPE"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL,0), "D2I_PKCS7_ISSUER_AND_SERIAL"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_RECIP_INFO,0), "D2I_PKCS7_RECIP_INFO"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNED,0), "D2I_PKCS7_SIGNED"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNER_INFO,0), "D2I_PKCS7_SIGNER_INFO"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGN_ENVELOPE,0), "D2I_PKCS7_SIGN_ENVELOPE"}, {ERR_PACK(0,ASN1_F_D2I_PRIVATEKEY,0), "d2i_PrivateKey"}, {ERR_PACK(0,ASN1_F_D2I_PUBLICKEY,0), "d2i_PublicKey"}, +{ERR_PACK(0,ASN1_F_D2I_X509,0), "D2I_X509"}, +{ERR_PACK(0,ASN1_F_D2I_X509_CINF,0), "D2I_X509_CINF"}, {ERR_PACK(0,ASN1_F_D2I_X509_NAME,0), "D2I_X509_NAME"}, {ERR_PACK(0,ASN1_F_D2I_X509_PKEY,0), "d2i_X509_PKEY"}, {ERR_PACK(0,ASN1_F_I2D_ASN1_TIME,0), "I2D_ASN1_TIME"}, @@ -139,10 +173,41 @@ static ERR_STRING_DATA ASN1_str_functs[]= {ERR_PACK(0,ASN1_F_I2D_PUBLICKEY,0), "i2d_PublicKey"}, {ERR_PACK(0,ASN1_F_I2D_RSA_PUBKEY,0), "i2d_RSA_PUBKEY"}, {ERR_PACK(0,ASN1_F_LONG_C2I,0), "LONG_C2I"}, +{ERR_PACK(0,ASN1_F_OCSP_BASICRESP_NEW,0), "OCSP_BASICRESP_new"}, +{ERR_PACK(0,ASN1_F_OCSP_CERTID_NEW,0), "OCSP_CERTID_new"}, +{ERR_PACK(0,ASN1_F_OCSP_CERTSTATUS_NEW,0), "OCSP_CERTSTATUS_new"}, +{ERR_PACK(0,ASN1_F_OCSP_CRLID_NEW,0), "OCSP_CRLID_new"}, +{ERR_PACK(0,ASN1_F_OCSP_ONEREQ_NEW,0), "OCSP_ONEREQ_new"}, +{ERR_PACK(0,ASN1_F_OCSP_REQINFO_NEW,0), "OCSP_REQINFO_new"}, +{ERR_PACK(0,ASN1_F_OCSP_REQUEST_NEW,0), "OCSP_REQUEST_new"}, +{ERR_PACK(0,ASN1_F_OCSP_RESPBYTES_NEW,0), "OCSP_RESPBYTES_new"}, +{ERR_PACK(0,ASN1_F_OCSP_RESPDATA_NEW,0), "OCSP_RESPDATA_new"}, +{ERR_PACK(0,ASN1_F_OCSP_RESPID_NEW,0), "OCSP_RESPID_new"}, +{ERR_PACK(0,ASN1_F_OCSP_RESPONSE_NEW,0), "OCSP_RESPONSE_new"}, +{ERR_PACK(0,ASN1_F_OCSP_REVOKEDINFO_NEW,0), "OCSP_REVOKEDINFO_new"}, +{ERR_PACK(0,ASN1_F_OCSP_SERVICELOC_NEW,0), "OCSP_SERVICELOC_new"}, +{ERR_PACK(0,ASN1_F_OCSP_SIGNATURE_NEW,0), "OCSP_SIGNATURE_new"}, +{ERR_PACK(0,ASN1_F_OCSP_SINGLERESP_NEW,0), "OCSP_SINGLERESP_new"}, +{ERR_PACK(0,ASN1_F_PKCS12_BAGS_NEW,0), "PKCS12_BAGS_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS12_MAC_DATA_NEW,0), "PKCS12_MAC_DATA_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS12_NEW,0), "PKCS12_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS12_SAFEBAG_NEW,0), "PKCS12_SAFEBAG_NEW"}, {ERR_PACK(0,ASN1_F_PKCS5_PBE2_SET,0), "PKCS5_pbe2_set"}, +{ERR_PACK(0,ASN1_F_PKCS7_DIGEST_NEW,0), "PKCS7_DIGEST_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_ENCRYPT_NEW,0), "PKCS7_ENCRYPT_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_ENC_CONTENT_NEW,0), "PKCS7_ENC_CONTENT_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_ENVELOPE_NEW,0), "PKCS7_ENVELOPE_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW,0), "PKCS7_ISSUER_AND_SERIAL_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_NEW,0), "PKCS7_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_RECIP_INFO_NEW,0), "PKCS7_RECIP_INFO_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_SIGNED_NEW,0), "PKCS7_SIGNED_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_SIGNER_INFO_NEW,0), "PKCS7_SIGNER_INFO_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_SIGN_ENVELOPE_NEW,0), "PKCS7_SIGN_ENVELOPE_NEW"}, +{ERR_PACK(0,ASN1_F_X509_CINF_NEW,0), "X509_CINF_NEW"}, {ERR_PACK(0,ASN1_F_X509_CRL_ADD0_REVOKED,0), "X509_CRL_add0_revoked"}, {ERR_PACK(0,ASN1_F_X509_INFO_NEW,0), "X509_INFO_new"}, {ERR_PACK(0,ASN1_F_X509_NAME_NEW,0), "X509_NAME_NEW"}, +{ERR_PACK(0,ASN1_F_X509_NEW,0), "X509_NEW"}, {ERR_PACK(0,ASN1_F_X509_PKEY_NEW,0), "X509_PKEY_new"}, {0,NULL} }; @@ -153,7 +218,9 @@ static ERR_STRING_DATA ASN1_str_reasons[]= {ASN1_R_BAD_CLASS ,"bad class"}, {ASN1_R_BAD_OBJECT_HEADER ,"bad object header"}, {ASN1_R_BAD_PASSWORD_READ ,"bad password read"}, +{ASN1_R_BAD_PKCS7_CONTENT ,"bad pkcs7 content"}, {ASN1_R_BAD_TAG ,"bad tag"}, +{ASN1_R_BAD_TYPE ,"bad type"}, {ASN1_R_BN_LIB ,"bn lib"}, {ASN1_R_BOOLEAN_IS_WRONG_LENGTH ,"boolean is wrong length"}, {ASN1_R_BUFFER_TOO_SMALL ,"buffer too small"}, @@ -167,6 +234,7 @@ static ERR_STRING_DATA ASN1_str_reasons[]= {ASN1_R_EXPECTING_AN_INTEGER ,"expecting an integer"}, {ASN1_R_EXPECTING_AN_OBJECT ,"expecting an object"}, {ASN1_R_EXPECTING_A_BOOLEAN ,"expecting a boolean"}, +{ASN1_R_EXPECTING_A_NULL ,"expecting a null"}, {ASN1_R_EXPECTING_A_TIME ,"expecting a time"}, {ASN1_R_EXPLICIT_LENGTH_MISMATCH ,"explicit length mismatch"}, {ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED ,"explicit tag not constructed"}, diff --git a/crypto/asn1/asn1_mac.h b/crypto/asn1/asn1_mac.h index 4512ba6cc6..be65b7b54f 100644 --- a/crypto/asn1/asn1_mac.h +++ b/crypto/asn1/asn1_mac.h @@ -76,8 +76,8 @@ extern "C" { ASN1_CTX c; \ type ret=NULL; \ \ - c.pp=pp; \ - c.q= *pp; \ + c.pp=(unsigned char **)pp; \ + c.q= *(unsigned char **)pp; \ c.error=ERR_R_NESTED_ASN1_ERROR; \ if ((a == NULL) || ((*a) == NULL)) \ { if ((ret=(type)func()) == NULL) \ @@ -85,13 +85,13 @@ extern "C" { else ret=(*a); #define M_ASN1_D2I_Init() \ - c.p= *pp; \ + c.p= *(unsigned char **)pp; \ c.max=(length == 0)?0:(c.p+length); #define M_ASN1_D2I_Finish_2(a) \ if (!asn1_Finish(&c)) \ { c.line=__LINE__; goto err; } \ - *pp=c.p; \ + *(unsigned char **)pp=c.p; \ if (a != NULL) (*a)=ret; \ return(ret); @@ -99,7 +99,7 @@ extern "C" { M_ASN1_D2I_Finish_2(a); \ err:\ ASN1_MAC_H_err((e),c.error,c.line); \ - asn1_add_error(*pp,(int)(c.q- *pp)); \ + asn1_add_error(*(unsigned char **)pp,(int)(c.q- *pp)); \ if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \ return(NULL) diff --git a/crypto/asn1/asn1t.h b/crypto/asn1/asn1t.h index 3ed21d474f..430c37124a 100644 --- a/crypto/asn1/asn1t.h +++ b/crypto/asn1/asn1t.h @@ -657,7 +657,7 @@ typedef struct ASN1_AUX_st { #define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \ IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname) -#define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \ +#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \ stname *fname##_new(void) \ { \ return (stname *)ASN1_item_new(&itname##_it); \ @@ -665,8 +665,11 @@ typedef struct ASN1_AUX_st { void fname##_free(stname *a) \ { \ ASN1_item_free((ASN1_VALUE *)a, &itname##_it); \ - } \ - IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) + } + +#define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \ + IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \ + IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) #define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \ stname *d2i_##fname(stname **a, unsigned char **in, long len) \ @@ -678,6 +681,26 @@ typedef struct ASN1_AUX_st { return ASN1_item_i2d((ASN1_VALUE *)a, out, &itname##_it);\ } +/* This includes evil casts to remove const: they will go away when full + * ASN1 constification is done. + */ +#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \ + stname *d2i_##fname(stname **a, const unsigned char **in, long len) \ + { \ + return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, (unsigned char **)in, len, &itname##_it);\ + } \ + int i2d_##fname(const stname *a, unsigned char **out) \ + { \ + return ASN1_item_i2d((ASN1_VALUE *)a, out, &itname##_it);\ + } + +#define IMPLEMENT_ASN1_FUNCTIONS_const(name) \ + IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name) + +#define IMPLEMENT_ASN1_FUNCTIONS_const_fname(stname, itname, fname) \ + IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \ + IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) + /* external definitions for primitive types */ extern const ASN1_ITEM ASN1_BOOLEAN_it; diff --git a/crypto/asn1/d2i_pr.c b/crypto/asn1/d2i_pr.c index c92b8325d8..31584fe090 100644 --- a/crypto/asn1/d2i_pr.c +++ b/crypto/asn1/d2i_pr.c @@ -84,7 +84,8 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, unsigned char **pp, { #ifndef NO_RSA case EVP_PKEY_RSA: - if ((ret->pkey.rsa=d2i_RSAPrivateKey(NULL,pp,length)) == NULL) + if ((ret->pkey.rsa=d2i_RSAPrivateKey(NULL, + (const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */ { ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB); goto err; @@ -93,7 +94,8 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, unsigned char **pp, #endif #ifndef NO_DSA case EVP_PKEY_DSA: - if ((ret->pkey.dsa=d2i_DSAPrivateKey(NULL,pp,length)) == NULL) + if ((ret->pkey.dsa=d2i_DSAPrivateKey(NULL, + (const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */ { ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB); goto err; diff --git a/crypto/asn1/d2i_pu.c b/crypto/asn1/d2i_pu.c index e0d203cef7..9eedde3de4 100644 --- a/crypto/asn1/d2i_pu.c +++ b/crypto/asn1/d2i_pu.c @@ -84,7 +84,8 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, unsigned char **pp, { #ifndef NO_RSA case EVP_PKEY_RSA: - if ((ret->pkey.rsa=d2i_RSAPublicKey(NULL,pp,length)) == NULL) + if ((ret->pkey.rsa=d2i_RSAPublicKey(NULL, + (const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */ { ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB); goto err; @@ -93,7 +94,8 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, unsigned char **pp, #endif #ifndef NO_DSA case EVP_PKEY_DSA: - if ((ret->pkey.dsa=d2i_DSAPublicKey(NULL,pp,length)) == NULL) + if ((ret->pkey.dsa=d2i_DSAPublicKey(NULL, + (const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */ { ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB); goto err; diff --git a/crypto/asn1/n_pkey.c b/crypto/asn1/n_pkey.c index ffe7928d7d..82a621224b 100644 --- a/crypto/asn1/n_pkey.c +++ b/crypto/asn1/n_pkey.c @@ -92,7 +92,7 @@ ASN1_BROKEN_SEQUENCE(NETSCAPE_ENCRYPTED_PKEY) = { ASN1_SIMPLE(NETSCAPE_ENCRYPTED_PKEY, enckey, X509_SIG) } ASN1_BROKEN_SEQUENCE_END(NETSCAPE_ENCRYPTED_PKEY); -IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_ENCRYPTED_PKEY) +IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY) ASN1_SEQUENCE(NETSCAPE_PKEY) = { ASN1_SIMPLE(NETSCAPE_PKEY, version, LONG), @@ -100,17 +100,17 @@ ASN1_SEQUENCE(NETSCAPE_PKEY) = { ASN1_SIMPLE(NETSCAPE_PKEY, private_key, ASN1_OCTET_STRING) } ASN1_SEQUENCE_END(NETSCAPE_PKEY); -IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_PKEY) +IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_PKEY) static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, int (*cb)(), int sgckey); -int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)()) +int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, int (*cb)()) { return i2d_RSA_NET(a, pp, cb, 0); } -int i2d_RSA_NET(RSA *a, unsigned char **pp, int (*cb)(), int sgckey) +int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey) { int i, j, ret = 0; int rsalen, pkeylen, olen; @@ -223,15 +223,15 @@ err: } -RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)()) +RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int (*cb)()) { return d2i_RSA_NET(a, pp, length, cb, 0); } -RSA *d2i_RSA_NET(RSA **a, unsigned char **pp, long length, int (*cb)(), int sgckey) +RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), int sgckey) { RSA *ret=NULL; - unsigned char *p, *kp; + const unsigned char *p, *kp; NETSCAPE_ENCRYPTED_PKEY *enckey = NULL; p = *pp; @@ -273,7 +273,8 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, NETSCAPE_PKEY *pkey=NULL; RSA *ret=NULL; int i,j; - unsigned char buf[256],*zz; + unsigned char buf[256]; + const unsigned char *zz; unsigned char key[EVP_MAX_KEY_LENGTH]; EVP_CIPHER_CTX ctx; diff --git a/crypto/asn1/t_pkey.c b/crypto/asn1/t_pkey.c index ae18da96e3..62bc704d32 100644 --- a/crypto/asn1/t_pkey.c +++ b/crypto/asn1/t_pkey.c @@ -74,7 +74,7 @@ static int print(BIO *fp,const char *str,BIGNUM *num, unsigned char *buf,int off); #ifndef NO_RSA #ifndef NO_FP_API -int RSA_print_fp(FILE *fp, RSA *x, int off) +int RSA_print_fp(FILE *fp, const RSA *x, int off) { BIO *b; int ret; @@ -91,7 +91,7 @@ int RSA_print_fp(FILE *fp, RSA *x, int off) } #endif -int RSA_print(BIO *bp, RSA *x, int off) +int RSA_print(BIO *bp, const RSA *x, int off) { char str[128]; const char *s; @@ -140,7 +140,7 @@ err: #ifndef NO_DSA #ifndef NO_FP_API -int DSA_print_fp(FILE *fp, DSA *x, int off) +int DSA_print_fp(FILE *fp, const DSA *x, int off) { BIO *b; int ret; @@ -157,7 +157,7 @@ int DSA_print_fp(FILE *fp, DSA *x, int off) } #endif -int DSA_print(BIO *bp, DSA *x, int off) +int DSA_print(BIO *bp, const DSA *x, int off) { char str[128]; unsigned char *m=NULL; @@ -261,7 +261,7 @@ static int print(BIO *bp, const char *number, BIGNUM *num, unsigned char *buf, #ifndef NO_DH #ifndef NO_FP_API -int DHparams_print_fp(FILE *fp, DH *x) +int DHparams_print_fp(FILE *fp, const DH *x) { BIO *b; int ret; @@ -278,7 +278,7 @@ int DHparams_print_fp(FILE *fp, DH *x) } #endif -int DHparams_print(BIO *bp, DH *x) +int DHparams_print(BIO *bp, const DH *x) { unsigned char *m=NULL; int reason=ERR_R_BUF_LIB,i,ret=0; @@ -314,7 +314,7 @@ err: #ifndef NO_DSA #ifndef NO_FP_API -int DSAparams_print_fp(FILE *fp, DSA *x) +int DSAparams_print_fp(FILE *fp, const DSA *x) { BIO *b; int ret; @@ -331,7 +331,7 @@ int DSAparams_print_fp(FILE *fp, DSA *x) } #endif -int DSAparams_print(BIO *bp, DSA *x) +int DSAparams_print(BIO *bp, const DSA *x) { unsigned char *m=NULL; int reason=ERR_R_BUF_LIB,i,ret=0; diff --git a/crypto/asn1/t_x509.c b/crypto/asn1/t_x509.c index f2979bf5a7..823c20860c 100644 --- a/crypto/asn1/t_x509.c +++ b/crypto/asn1/t_x509.c @@ -282,6 +282,56 @@ err: return(ret); } +int X509_ocspid_print (BIO *bp, X509 *x) + { + unsigned char *der=NULL ; + unsigned char *dertmp; + int derlen; + int i; + SHA_CTX SHA1buf ; + unsigned char SHA1md[SHA_DIGEST_LENGTH]; + + /* display the hash of the subject as it would appear + in OCSP requests */ + if (BIO_printf(bp," Subject OCSP hash: ") <= 0) + goto err; + derlen = i2d_X509_NAME(x->cert_info->subject, NULL); + if ((der = dertmp = (unsigned char *)OPENSSL_malloc (derlen)) == NULL) + goto err; + i2d_X509_NAME(x->cert_info->subject, &dertmp); + + SHA1_Init(&SHA1buf); + SHA1_Update(&SHA1buf, der, derlen); + SHA1_Final(SHA1md,&SHA1buf); + for (i=0; i < SHA_DIGEST_LENGTH; i++) + { + if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) goto err; + } + OPENSSL_free (der); + der=NULL; + + /* display the hash of the public key as it would appear + in OCSP requests */ + if (BIO_printf(bp,"\n Public key OCSP hash: ") <= 0) + goto err; + + SHA1_Init(&SHA1buf); + SHA1_Update(&SHA1buf, x->cert_info->key->public_key->data, + x->cert_info->key->public_key->length); + SHA1_Final(SHA1md,&SHA1buf); + for (i=0; i < SHA_DIGEST_LENGTH; i++) + { + if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) + goto err; + } + BIO_printf(bp,"\n"); + + return (1); +err: + if (der != NULL) OPENSSL_free(der); + return(0); + } + int ASN1_STRING_print(BIO *bp, ASN1_STRING *v) { int i,n; diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c index cd5144d3d1..8cef2cfb17 100644 --- a/crypto/asn1/x_pubkey.c +++ b/crypto/asn1/x_pubkey.c @@ -169,6 +169,7 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) long j; int type; unsigned char *p; + const unsigned char *cp; #ifndef NO_DSA X509_ALGOR *a; #endif @@ -200,9 +201,9 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) if (a->parameter->type == V_ASN1_SEQUENCE) { ret->pkey.dsa->write_params=0; - p=a->parameter->value.sequence->data; + cp=p=a->parameter->value.sequence->data; j=a->parameter->value.sequence->length; - if (!d2i_DSAparams(&ret->pkey.dsa,&p,(long)j)) + if (!d2i_DSAparams(&ret->pkey.dsa,&cp,(long)j)) goto err; } ret->save_parameters=1; diff --git a/crypto/bio/Makefile.ssl b/crypto/bio/Makefile.ssl index 4ca495d281..9a69e3af45 100644 --- a/crypto/bio/Makefile.ssl +++ b/crypto/bio/Makefile.ssl @@ -123,7 +123,7 @@ bf_buff.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h bf_buff.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h bf_buff.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h bf_buff.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -bf_buff.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +bf_buff.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h bf_buff.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h bf_buff.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h bf_buff.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -142,11 +142,11 @@ bf_nbio.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h bf_nbio.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h bf_nbio.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h bf_nbio.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -bf_nbio.o: ../../include/openssl/rijndael-alg-fst.h -bf_nbio.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -bf_nbio.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -bf_nbio.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -bf_nbio.o: ../../include/openssl/symhacks.h ../cryptlib.h +bf_nbio.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +bf_nbio.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +bf_nbio.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +bf_nbio.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +bf_nbio.o: ../cryptlib.h bf_null.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h bf_null.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h bf_null.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -160,7 +160,7 @@ bf_null.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h bf_null.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h bf_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h bf_null.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -bf_null.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +bf_null.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h bf_null.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h bf_null.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h bf_null.o: ../../include/openssl/sha.h ../../include/openssl/stack.h diff --git a/crypto/bn/Makefile.ssl b/crypto/bn/Makefile.ssl index ad36267e26..dd5c35bf64 100644 --- a/crypto/bn/Makefile.ssl +++ b/crypto/bn/Makefile.ssl @@ -35,15 +35,15 @@ TEST=bntest.c exptest.c APPS= LIB=$(TOP)/libcrypto.a -LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c \ +LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \ bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \ - bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c bn_recp.c bn_mont.c \ - bn_mpi.c bn_exp2.c + bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \ + bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c -LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o \ +LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \ bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \ - bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) bn_recp.o bn_mont.o \ - bn_mpi.o bn_exp2.o + bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \ + bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o SRC= $(LIBSRC) @@ -230,6 +230,8 @@ bn_gcd.o: ../../include/openssl/err.h ../../include/openssl/lhash.h bn_gcd.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h bn_gcd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h bn_gcd.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h +bn_kron.o: ../../include/openssl/bn.h ../../include/openssl/opensslconf.h +bn_kron.o: bn_lcl.h bn_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h bn_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_lib.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h @@ -237,6 +239,13 @@ bn_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h bn_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h bn_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h bn_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h +bn_mod.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +bn_mod.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +bn_mod.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +bn_mod.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +bn_mod.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +bn_mod.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_mod.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mont.o: ../../include/openssl/bio.h ../../include/openssl/bn.h bn_mont.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_mont.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h @@ -304,6 +313,13 @@ bn_sqr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h bn_sqr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h bn_sqr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h bn_sqr.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h +bn_sqrt.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +bn_sqrt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +bn_sqrt.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +bn_sqrt.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +bn_sqrt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +bn_sqrt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_sqrt.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_word.o: ../../include/openssl/bio.h ../../include/openssl/bn.h bn_word.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_word.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h diff --git a/crypto/bn/asm/vms.mar b/crypto/bn/asm/vms.mar index ac9d57d7b0..754ab5347a 100644 --- a/crypto/bn/asm/vms.mar +++ b/crypto/bn/asm/vms.mar @@ -162,442 +162,236 @@ n=12 ;(AP) n by value (input) movl #1,r0 ; return SS$_NORMAL ret - .title (generated) - - .psect code,nowrt - -.entry BN_DIV_WORDS,^m<r2,r3,r4,r5,r6,r7,r8,r9,r10> - subl2 #4,sp - - clrl r9 - movl #2,r8 - - tstl 12(ap) - bneq noname.2 - mnegl #1,r10 - brw noname.3 - tstl r0 - nop -noname.2: - - pushl 12(ap) - calls #1,BN_NUM_BITS_WORD - movl r0,r7 - - cmpl r7,#32 - beql noname.4 - ashl r7,#1,r2 - cmpl 4(ap),r2 - blequ noname.4 - - pushl r7 - calls #1,BN_DIV_WORDS_ABORT -noname.4: - - subl3 r7,#32,r7 - - movl 12(ap),r2 - cmpl 4(ap),r2 - blssu noname.5 - subl2 r2,4(ap) -noname.5: - - tstl r7 - beql noname.6 - - ashl r7,r2,12(ap) - - ashl r7,4(ap),r4 - subl3 r7,#32,r3 - subl3 r3,#32,r2 - extzv r3,r2,8(ap),r2 - bisl3 r4,r2,4(ap) - - ashl r7,8(ap),8(ap) -noname.6: - - bicl3 #65535,12(ap),r2 - extzv #16,#16,r2,r5 - - bicl3 #-65536,12(ap),r6 - -noname.7: - - moval 4(ap),r2 - movzwl 2(r2),r0 - cmpl r0,r5 - bneq noname.8 - - movzwl #65535,r4 - brb noname.9 -noname.8: - - clrl r1 - movl (r2),r0 - movl r5,r2 - bgeq vcg.1 - cmpl r2,r0 - bgtru vcg.2 - incl r1 - brb vcg.2 - nop -vcg.1: - ediv r2,r0,r1,r0 -vcg.2: - movl r1,r4 -noname.9: - -noname.10: - - mull3 r5,r4,r0 - subl3 r0,4(ap),r3 - - bicl3 #65535,r3,r0 - bneq noname.13 - mull3 r6,r4,r2 - ashl #16,r3,r1 - bicl3 #65535,8(ap),r0 - extzv #16,#16,r0,r0 - addl2 r0,r1 - cmpl r2,r1 - bgtru noname.12 -noname.11: - - brb noname.13 - nop -noname.12: - - decl r4 - brb noname.10 -noname.13: - - mull3 r5,r4,r1 - - mull3 r6,r4,r0 - - extzv #16,#16,r0,r3 - - ashl #16,r0,r2 - bicl3 #65535,r2,r0 - - addl2 r3,r1 - - moval 8(ap),r3 - cmpl (r3),r0 - bgequ noname.15 - incl r1 -noname.15: - - subl2 r0,(r3) - - cmpl 4(ap),r1 - bgequ noname.16 - - addl2 12(ap),4(ap) - - decl r4 -noname.16: + .title vax_bn_div_words unsigned divide +; +; Richard Levitte 20-Nov-2000 +; +; ULONG bn_div_words(ULONG h, ULONG l, ULONG d) +; { +; return ((ULONG)((((ULLONG)h)<<32)|l) / (ULLONG)d); +; } +; +; Using EDIV would be very easy, if it didn't do signed calculations. +; Therefore, som extra things have to happen around it. The way to +; handle that is to shift all operands right one step (basically dividing +; them by 2) and handle the different cases depending on what the lowest +; bit of each operand was. +; +; To start with, let's define the following: +; +; a' = l & 1 +; a2 = <h,l> >> 1 # UNSIGNED shift! +; b' = d & 1 +; b2 = d >> 1 # UNSIGNED shift! +; +; Now, use EDIV to calculate a quotient and a remainder: +; +; q'' = a2/b2 +; r'' = a2 - q''*b2 +; +; If b' is 0, the quotient is already correct, we just need to adjust the +; remainder: +; +; if (b' == 0) +; { +; r = 2*r'' + a' +; q = q'' +; } +; +; If b' is 1, we need to do other adjustements. The first thought is the +; following (note that r' will not always have the right value, but an +; adjustement follows further down): +; +; if (b' == 1) +; { +; q' = q'' +; r' = a - q'*b +; +; However, one can note the folowing relationship: +; +; r'' = a2 - q''*b2 +; => 2*r'' = 2*a2 - 2*q''*b2 +; = { a = 2*a2 + a', b = 2*b2 + b' = 2*b2 + 1, +; q' = q'' } +; = a - a' - q'*(b - 1) +; = a - q'*b - a' + q' +; = r' - a' + q' +; => r' = 2*r'' - q' + a' +; +; This enables us to use r'' instead of discarding and calculating another +; modulo: +; +; if (b' == 1) +; { +; q' = q'' +; r' = (r'' << 1) - q' + a' +; +; Now, all we have to do is adjust r', because it might be < 0: +; +; while (r' < 0) +; { +; r' = r' + b +; q' = q' - 1 +; } +; } +; +; return q' - subl2 r1,4(ap) +h=4 ;(AP) h by value (input) +l=8 ;(AP) l by value (input) +d=12 ;(AP) d by value (input) - decl r8 - beql noname.18 -noname.17: +;aprim=r5 +;a2=r6 +;a20=r6 +;a21=r7 +;bprim=r8 +;b2=r9 +;qprim=r10 ; initially used as q'' +;rprim=r11 ; initially used as r'' - ashl #16,r4,r9 - ashl #16,4(ap),r2 - movzwl 2(r3),r0 - bisl2 r0,r2 - bicl3 #0,r2,4(ap) + .psect code,nowrt - bicl3 #-65536,(r3),r0 - ashl #16,r0,(r3) - brw noname.7 - nop -noname.18: +.entry bn_div_words,^m<r2,r3,r4,r5,r6,r7,r8,r9,r10,r11> + movl l(ap),r2 + movl h(ap),r3 + movl d(ap),r4 - bisl2 r4,r9 + movl #0,r5 + movl #0,r8 + movl #0,r0 - movl r9,r10 + rotl #-1,r2,r6 ; a20 = l >> 1 (almost) + rotl #-1,r3,r7 ; a21 = h >> 1 (almost) + rotl #-1,r4,r9 ; b2 = d >> 1 (almost) -noname.3: + tstl r6 + bgeq 1$ + xorl2 #^X80000000,r6 ; fixup a20 so highest bit is 0 + incl r5 ; a' = 1 +1$: + tstl r7 + bgeq 2$ + xorl2 #^X80000000,r6 ; fixup a20 so highest bit is 1, + ; since that's what was lowest in a21 + xorl2 #^X80000000,r7 ; fixup a21 so highest bit is 1 +2$: + tstl r9 + bgeq 666$ ; Uh-oh, the divisor is 0... + bgtr 3$ + xorl2 #^X80000000,r9 ; fixup b2 so highest bit is 1 + incl r8 +3$: + tstl r9 + bneq 4$ ; if b2 is 0, we know that bprim is 1 + tstl r7 + bneq 666$ ; if higher half isn't 0, we overflow + movl r0,r6 ; otherwise, we have our result + brb 42$ +4$: + ediv r9,r6,r10,r11 + + tstl r8 + bneq 5$ ; If b' != 0, go to the other part +; addl3 r11,r11,r1 +; addl2 r5,r1 + brb 42$ +5$: + ashl #1,r11,r11 + subl2 r10,r11 + addl2 r5,r11 + bgeq 7$ +6$: + decl r10 + addl2 r4,r11 + blss 6$ +7$: +; movl r11,r1 +42$: movl r10,r0 - ret - tstl r0 - +666$: + ret - .psect code,nowrt - -.entry BN_ADD_WORDS,^m<r2,r3,r4,r5,r6,r7> - - tstl 16(ap) - bgtr noname.21 - clrl r7 - brw noname.22 -noname.21: - - clrl r4 - - tstl r0 -noname.23: - - movl 8(ap),r6 - addl3 r4,(r6),r2 - - bicl2 #0,r2 - - clrl r0 - cmpl r2,r4 - bgequ vcg.3 - incl r0 -vcg.3: - movl r0,r4 - - movl 12(ap),r5 - addl3 (r5),r2,r1 - bicl2 #0,r1 - - clrl r0 - cmpl r1,r2 - bgequ vcg.4 - incl r0 -vcg.4: - addl2 r0,r4 - - movl 4(ap),r3 - movl r1,(r3) - - decl 16(ap) - bgtr gen.1 - brw noname.25 -gen.1: -noname.24: - - addl3 r4,4(r6),r2 - - bicl2 #0,r2 - - clrl r0 - cmpl r2,r4 - bgequ vcg.5 - incl r0 -vcg.5: - movl r0,r4 - - addl3 4(r5),r2,r1 - bicl2 #0,r1 - - clrl r0 - cmpl r1,r2 - bgequ vcg.6 - incl r0 -vcg.6: - addl2 r0,r4 - - movl r1,4(r3) - - decl 16(ap) - bleq noname.25 -noname.26: - - addl3 r4,8(r6),r2 - - bicl2 #0,r2 - - clrl r0 - cmpl r2,r4 - bgequ vcg.7 - incl r0 -vcg.7: - movl r0,r4 - - addl3 8(r5),r2,r1 - bicl2 #0,r1 - - clrl r0 - cmpl r1,r2 - bgequ vcg.8 - incl r0 -vcg.8: - addl2 r0,r4 - - movl r1,8(r3) - - decl 16(ap) - bleq noname.25 -noname.27: - - addl3 r4,12(r6),r2 - - bicl2 #0,r2 - - clrl r0 - cmpl r2,r4 - bgequ vcg.9 - incl r0 -vcg.9: - movl r0,r4 - - addl3 12(r5),r2,r1 - bicl2 #0,r1 - - clrl r0 - cmpl r1,r2 - bgequ vcg.10 - incl r0 -vcg.10: - addl2 r0,r4 + .title vax_bn_add_words unsigned add of two arrays +; +; Richard Levitte 20-Nov-2000 +; +; ULONG bn_add_words(ULONG r[], ULONG a[], ULONG b[], int n) { +; ULONG c = 0; +; int i; +; for (i = 0; i < n; i++) <c,r[i]> = a[i] + b[i] + c; +; return(c); +; } - movl r1,12(r3) +r=4 ;(AP) r by reference (output) +a=8 ;(AP) a by reference (input) +b=12 ;(AP) b by reference (input) +n=16 ;(AP) n by value (input) - decl 16(ap) - bleq noname.25 -noname.28: - addl3 #16,r6,8(ap) + .psect code,nowrt - addl3 #16,r5,12(ap) +.entry bn_add_words,^m<r2,r3,r4,r5,r6> - addl3 #16,r3,4(ap) - brw noname.23 - tstl r0 -noname.25: + moval @r(ap),r2 + moval @a(ap),r3 + moval @b(ap),r4 + movl n(ap),r5 ; assumed >0 by C code + clrl r0 ; c - movl r4,r7 + tstl r5 ; carry = 0 + bleq 666$ -noname.22: - movl r7,r0 - ret - nop +0$: + movl (r3)+,r6 ; carry untouched + adwc (r4)+,r6 ; carry used and touched + movl r6,(r2)+ ; carry untouched + sobgtr r5,0$ ; carry untouched + adwc #0,r0 +666$: + ret + .title vax_bn_sub_words unsigned add of two arrays +; +; Richard Levitte 20-Nov-2000 +; +; ULONG bn_sub_words(ULONG r[], ULONG a[], ULONG b[], int n) { +; ULONG c = 0; +; int i; +; for (i = 0; i < n; i++) <c,r[i]> = a[i] - b[i] - c; +; return(c); +; } -;r=4 ;(AP) -;a=8 ;(AP) -;b=12 ;(AP) -;n=16 ;(AP) n by value (input) +r=4 ;(AP) r by reference (output) +a=8 ;(AP) a by reference (input) +b=12 ;(AP) b by reference (input) +n=16 ;(AP) n by value (input) - .psect code,nowrt -.entry BN_SUB_WORDS,^m<r2,r3,r4,r5,r6,r7> + .psect code,nowrt - clrl r6 +.entry bn_sub_words,^m<r2,r3,r4,r5,r6> - tstl 16(ap) - bgtr noname.31 - clrl r7 - brw noname.32 - tstl r0 -noname.31: + moval @r(ap),r2 + moval @a(ap),r3 + moval @b(ap),r4 + movl n(ap),r5 ; assumed >0 by C code + clrl r0 ; c -noname.33: + tstl r5 ; carry = 0 + bleq 666$ - movl 8(ap),r5 - movl (r5),r1 - movl 12(ap),r4 - movl (r4),r2 - - movl 4(ap),r3 - subl3 r2,r1,r0 - subl2 r6,r0 - bicl3 #0,r0,(r3) - - cmpl r1,r2 - beql noname.34 - clrl r0 - cmpl r1,r2 - bgequ vcg.11 - incl r0 -vcg.11: - movl r0,r6 -noname.34: - - decl 16(ap) - bgtr gen.2 - brw noname.36 -gen.2: -noname.35: - - movl 4(r5),r2 - movl 4(r4),r1 - - subl3 r1,r2,r0 - subl2 r6,r0 - bicl3 #0,r0,4(r3) - - cmpl r2,r1 - beql noname.37 - clrl r0 - cmpl r2,r1 - bgequ vcg.12 - incl r0 -vcg.12: - movl r0,r6 -noname.37: - - decl 16(ap) - bleq noname.36 -noname.38: - - movl 8(r5),r1 - movl 8(r4),r2 - - subl3 r2,r1,r0 - subl2 r6,r0 - bicl3 #0,r0,8(r3) - - cmpl r1,r2 - beql noname.39 - clrl r0 - cmpl r1,r2 - bgequ vcg.13 - incl r0 -vcg.13: - movl r0,r6 -noname.39: - - decl 16(ap) - bleq noname.36 -noname.40: - - movl 12(r5),r1 - movl 12(r4),r2 - - subl3 r2,r1,r0 - subl2 r6,r0 - bicl3 #0,r0,12(r3) - - cmpl r1,r2 - beql noname.41 - clrl r0 - cmpl r1,r2 - bgequ vcg.14 - incl r0 -vcg.14: - movl r0,r6 -noname.41: - - decl 16(ap) - bleq noname.36 -noname.42: - - addl3 #16,r5,8(ap) - - addl3 #16,r4,12(ap) - - addl3 #16,r3,4(ap) - brw noname.33 - tstl r0 -noname.36: - - movl r6,r7 - -noname.32: - movl r7,r0 - ret - nop +0$: + movl (r3)+,r6 ; carry untouched + sbwc (r4)+,r6 ; carry used and touched + movl r6,(r2)+ ; carry untouched + sobgtr r5,0$ ; carry untouched + adwc #0,r0 +666$: + ret ;r=4 ;(AP) @@ -6615,81 +6409,3 @@ noname.610: ; For now, the code below doesn't work, so I end this prematurely. .end - - .title vax_bn_div64 division 64/32=>32 -; -; r.l. 16-jan-1998 -; -; unsigned int bn_div64(unsigned long h, unsigned long l, unsigned long d) -; return <h,l>/d; -; - - .psect code,nowrt - -h=4 ;(AP) by value (input) -l=8 ;(AP) by value (input) -d=12 ;(AP) by value (input) - -.entry bn_div64,^m<r2,r3,r4,r5,r6,r7,r8,r9> - - movl l(ap),r2 ; l - movl h(ap),r3 ; h - movl d(ap),r4 ; d - clrl r5 ; q - clrl r6 ; r - - ; Treat "negative" specially - tstl r3 - blss 30$ - - tstl r4 - beql 90$ - - ediv r4,r2,r5,r6 - bvs 666$ - - movl r5,r0 - ret - -30$: - ; The theory here is to do some harmless shifting and a little - ; bit of rounding (brackets are to designate when decimals are - ; cut off): - ; - ; result = 2 * [ ([<h,0>/2] + [d/2]) / d ] + [ l / d ] - - movl #0,r7 - movl r3,r8 ; copy h - ashq #-1,r7,r7 ; [<h,0>/2] => <r8,r7> - bicl2 #^X80000000,r8 ; Remove "sign" - - movl r4,r9 ; copy d - ashl #-1,r9,r9 ; [d/2] => r9 - bicl2 #^X80000000,r9 ; Remove "sign" - - addl2 r9,r7 - adwc #0,r8 ; [<h,0>/2] + [d/2] => <r8,r7> - - ediv r4,r7,r5,r6 ; [ ([<h,0>/2] + [d/2]) / d ] => <r5,r6> - bvs 666$ - - movl #0,r6 - ashq #1,r5,r5 ; 2 * [ ([<h,0>/2] + [d/2]) / d ] => r5 - - movl #0,r3 - ediv r4,r2,r8,r9 ; [ l / d ] => <r8,r9> - - addl2 r8,r5 ; - bcs 666$ - - movl r5,r0 - ret - -90$: - movl #-1,r0 - ret - -666$: - - -.end diff --git a/crypto/bn/bn.h b/crypto/bn/bn.h index 1eb8395b25..47e355ea9d 100644 --- a/crypto/bn/bn.h +++ b/crypto/bn/bn.h @@ -75,8 +75,6 @@ extern "C" { #define BN_MUL_COMBA #define BN_SQR_COMBA #define BN_RECURSION -#define RECP_MUL_MOD -#define MONT_MUL_MOD /* This next option uses the C libraries (2 word)/(1 word) function. * If it is not defined, I use my C version (which is slower). @@ -90,6 +88,7 @@ extern "C" { * be on. Again this in only really a problem on machines * using "long long's", are 32bit, and are not using my assembler code. */ #if defined(MSDOS) || defined(WINDOWS) || defined(WIN32) || defined(linux) +#undef BN_DIV2W #define BN_DIV2W #endif @@ -239,7 +238,7 @@ typedef struct bignum_st } BIGNUM; /* Used for temp variables */ -#define BN_CTX_NUM 12 +#define BN_CTX_NUM 20 #define BN_CTX_NUM_POS 12 typedef struct bignum_ctx { @@ -283,9 +282,6 @@ typedef struct bn_recp_ctx_st int flags; } BN_RECP_CTX; -#define BN_to_montgomery(r,a,mont,ctx) BN_mod_mul_montgomery(\ - r,a,&((mont)->RR),(mont),ctx) - #define BN_prime_checks 0 /* default: select number of iterations based on the size of the number */ @@ -308,10 +304,15 @@ typedef struct bn_recp_ctx_st /* b >= 100 */ 27) #define BN_num_bytes(a) ((BN_num_bits(a)+7)/8) -#define BN_is_word(a,w) (((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w))) -#define BN_is_zero(a) (((a)->top == 0) || BN_is_word(a,0)) -#define BN_is_one(a) (BN_is_word((a),1)) -#define BN_is_odd(a) (((a)->top > 0) && ((a)->d[0] & 1)) + +/* Note that BN_abs_is_word does not work reliably for w == 0 */ +#define BN_abs_is_word(a,w) (((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w))) +#define BN_is_zero(a) (((a)->top == 0) || BN_abs_is_word(a,0)) +#define BN_is_one(a) (BN_abs_is_word((a),1) && !(a)->neg) +#define BN_is_word(a,w) ((w) ? BN_abs_is_word((a),(w)) && !(a)->neg : \ + BN_is_zero((a))) +#define BN_is_odd(a) (((a)->top > 0) && ((a)->d[0] & 1)) + #define BN_one(a) (BN_set_word((a),1)) #define BN_zero(a) (BN_set_word((a),0)) @@ -334,44 +335,62 @@ BIGNUM *BN_new(void); void BN_init(BIGNUM *); void BN_clear_free(BIGNUM *a); BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b); +void BN_swap(BIGNUM *a, BIGNUM *b); BIGNUM *BN_bin2bn(const unsigned char *s,int len,BIGNUM *ret); int BN_bn2bin(const BIGNUM *a, unsigned char *to); -BIGNUM *BN_mpi2bn(unsigned char *s,int len,BIGNUM *ret); +BIGNUM *BN_mpi2bn(const unsigned char *s,int len,BIGNUM *ret); int BN_bn2mpi(const BIGNUM *a, unsigned char *to); int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); -int BN_mod(BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx); +int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); +int BN_sqr(BIGNUM *r, const BIGNUM *a,BN_CTX *ctx); + int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, - BN_CTX *ctx); -int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx); -int BN_sqr(BIGNUM *r, BIGNUM *a,BN_CTX *ctx); + BN_CTX *ctx); +#define BN_mod(rem,m,d,ctx) BN_div(NULL,(rem),(m),(d),(ctx)) +int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx); +int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); +int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m); +int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); +int BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m); +int BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, + const BIGNUM *m, BN_CTX *ctx); +int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); +int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); +int BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m); +int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m, BN_CTX *ctx); +int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m); + BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w); BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w); int BN_mul_word(BIGNUM *a, BN_ULONG w); int BN_add_word(BIGNUM *a, BN_ULONG w); int BN_sub_word(BIGNUM *a, BN_ULONG w); int BN_set_word(BIGNUM *a, BN_ULONG w); -BN_ULONG BN_get_word(BIGNUM *a); +BN_ULONG BN_get_word(const BIGNUM *a); + int BN_cmp(const BIGNUM *a, const BIGNUM *b); void BN_free(BIGNUM *a); int BN_is_bit_set(const BIGNUM *a, int n); int BN_lshift(BIGNUM *r, const BIGNUM *a, int n); -int BN_lshift1(BIGNUM *r, BIGNUM *a); -int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p,BN_CTX *ctx); -int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m,BN_CTX *ctx); -int BN_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +int BN_lshift1(BIGNUM *r, const BIGNUM *a); +int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,BN_CTX *ctx); + +int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m,BN_CTX *ctx); +int BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); -int BN_mod_exp2_mont(BIGNUM *r, BIGNUM *a1, BIGNUM *p1,BIGNUM *a2, - BIGNUM *p2,BIGNUM *m,BN_CTX *ctx,BN_MONT_CTX *m_ctx); -int BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p, - BIGNUM *m,BN_CTX *ctx); + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1, + const BIGNUM *a2, const BIGNUM *p2,const BIGNUM *m, + BN_CTX *ctx,BN_MONT_CTX *m_ctx); +int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m,BN_CTX *ctx); + int BN_mask_bits(BIGNUM *a,int n); -int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); #ifndef NO_FP_API int BN_print_fp(FILE *fp, const BIGNUM *a); #endif @@ -380,9 +399,9 @@ int BN_print(BIO *fp, const BIGNUM *a); #else int BN_print(void *fp, const BIGNUM *a); #endif -int BN_reciprocal(BIGNUM *r, BIGNUM *m, int len, BN_CTX *ctx); -int BN_rshift(BIGNUM *r, BIGNUM *a, int n); -int BN_rshift1(BIGNUM *r, BIGNUM *a); +int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx); +int BN_rshift(BIGNUM *r, const BIGNUM *a, int n); +int BN_rshift1(BIGNUM *r, const BIGNUM *a); void BN_clear(BIGNUM *a); BIGNUM *BN_dup(const BIGNUM *a); int BN_ucmp(const BIGNUM *a, const BIGNUM *b); @@ -392,23 +411,31 @@ char * BN_bn2hex(const BIGNUM *a); char * BN_bn2dec(const BIGNUM *a); int BN_hex2bn(BIGNUM **a, const char *str); int BN_dec2bn(BIGNUM **a, const char *str); -int BN_gcd(BIGNUM *r,BIGNUM *in_a,BIGNUM *in_b,BN_CTX *ctx); -BIGNUM *BN_mod_inverse(BIGNUM *ret,BIGNUM *a, const BIGNUM *n,BN_CTX *ctx); -BIGNUM *BN_generate_prime(BIGNUM *ret,int bits,int safe,BIGNUM *add, - BIGNUM *rem,void (*callback)(int,int,void *),void *cb_arg); +int BN_gcd(BIGNUM *r,const BIGNUM *a,const BIGNUM *b,BN_CTX *ctx); +int BN_kronecker(const BIGNUM *a,const BIGNUM *b,BN_CTX *ctx); /* returns -2 for error */ +BIGNUM *BN_mod_inverse(BIGNUM *ret, + const BIGNUM *a, const BIGNUM *n,BN_CTX *ctx); +BIGNUM *BN_mod_sqrt(BIGNUM *ret, + const BIGNUM *a, const BIGNUM *n,BN_CTX *ctx); +BIGNUM *BN_generate_prime(BIGNUM *ret,int bits,int safe, + const BIGNUM *add, const BIGNUM *rem, + void (*callback)(int,int,void *),void *cb_arg); int BN_is_prime(const BIGNUM *p,int nchecks, - void (*callback)(int,int,void *), - BN_CTX *ctx,void *cb_arg); + void (*callback)(int,int,void *), + BN_CTX *ctx,void *cb_arg); int BN_is_prime_fasttest(const BIGNUM *p,int nchecks, - void (*callback)(int,int,void *),BN_CTX *ctx,void *cb_arg, - int do_trial_division); + void (*callback)(int,int,void *),BN_CTX *ctx,void *cb_arg, + int do_trial_division); void ERR_load_BN_strings(void ); BN_MONT_CTX *BN_MONT_CTX_new(void ); void BN_MONT_CTX_init(BN_MONT_CTX *ctx); -int BN_mod_mul_montgomery(BIGNUM *r,BIGNUM *a,BIGNUM *b,BN_MONT_CTX *mont, - BN_CTX *ctx); -int BN_from_montgomery(BIGNUM *r,BIGNUM *a,BN_MONT_CTX *mont,BN_CTX *ctx); +int BN_mod_mul_montgomery(BIGNUM *r,const BIGNUM *a,const BIGNUM *b, + BN_MONT_CTX *mont, BN_CTX *ctx); +#define BN_to_montgomery(r,a,mont,ctx) BN_mod_mul_montgomery(\ + (r),(a),&((mont)->RR),(mont),(ctx)) +int BN_from_montgomery(BIGNUM *r,const BIGNUM *a, + BN_MONT_CTX *mont, BN_CTX *ctx); void BN_MONT_CTX_free(BN_MONT_CTX *mont); int BN_MONT_CTX_set(BN_MONT_CTX *mont,const BIGNUM *modulus,BN_CTX *ctx); BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to,BN_MONT_CTX *from); @@ -426,12 +453,12 @@ void BN_RECP_CTX_init(BN_RECP_CTX *recp); BN_RECP_CTX *BN_RECP_CTX_new(void); void BN_RECP_CTX_free(BN_RECP_CTX *recp); int BN_RECP_CTX_set(BN_RECP_CTX *recp,const BIGNUM *rdiv,BN_CTX *ctx); -int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *x, BIGNUM *y, - BN_RECP_CTX *recp,BN_CTX *ctx); +int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y, + BN_RECP_CTX *recp,BN_CTX *ctx); int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); -int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, - BN_RECP_CTX *recp, BN_CTX *ctx); + const BIGNUM *m, BN_CTX *ctx); +int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, + BN_RECP_CTX *recp, BN_CTX *ctx); /* library internal functions */ @@ -439,6 +466,7 @@ int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, (a):bn_expand2((a),(bits)/BN_BITS2+1)) #define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words))) BIGNUM *bn_expand2(BIGNUM *a, int words); +BIGNUM *bn_dup_expand(const BIGNUM *a, int words); #define bn_fix_top(a) \ { \ @@ -450,15 +478,15 @@ BIGNUM *bn_expand2(BIGNUM *a, int words); } \ } -BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w); -BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w); -void bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num); +BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w); +BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w); +void bn_sqr_words(BN_ULONG *rp, const BN_ULONG *ap, int num); BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d); -BN_ULONG bn_add_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num); -BN_ULONG bn_sub_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num); +BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int num); +BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int num); #ifdef BN_DEBUG - void bn_dump1(FILE *o, const char *a, BN_ULONG *b,int n); +void bn_dump1(FILE *o, const char *a, const BN_ULONG *b,int n); # define bn_print(a) {fprintf(stderr, #a "="); BN_print_fp(stderr,a); \ fprintf(stderr,"\n");} # define bn_dump(a,n) bn_dump1(stderr,#a,a,n); @@ -467,6 +495,8 @@ BN_ULONG bn_sub_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num); # define bn_dump(a,b) #endif +int BN_bntest_rand(BIGNUM *rnd, int bits, int top,int bottom); + /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. @@ -485,11 +515,14 @@ BN_ULONG bn_sub_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num); #define BN_F_BN_CTX_NEW 106 #define BN_F_BN_DIV 107 #define BN_F_BN_EXPAND2 108 +#define BN_F_BN_EXPAND_INTERNAL 120 #define BN_F_BN_MOD_EXP2_MONT 118 #define BN_F_BN_MOD_EXP_MONT 109 #define BN_F_BN_MOD_EXP_MONT_WORD 117 #define BN_F_BN_MOD_INVERSE 110 +#define BN_F_BN_MOD_LSHIFT_QUICK 119 #define BN_F_BN_MOD_MUL_RECIPROCAL 111 +#define BN_F_BN_MOD_SQRT 121 #define BN_F_BN_MPI2BN 112 #define BN_F_BN_NEW 113 #define BN_F_BN_RAND 114 @@ -498,13 +531,18 @@ BN_ULONG bn_sub_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num); /* Reason codes. */ #define BN_R_ARG2_LT_ARG3 100 #define BN_R_BAD_RECIPROCAL 101 +#define BN_R_BIGNUM_TOO_LONG 114 #define BN_R_CALLED_WITH_EVEN_MODULUS 102 #define BN_R_DIV_BY_ZERO 103 #define BN_R_ENCODING_ERROR 104 #define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA 105 +#define BN_R_INPUT_NOT_REDUCED 110 #define BN_R_INVALID_LENGTH 106 +#define BN_R_NOT_A_SQUARE 111 #define BN_R_NOT_INITIALIZED 107 #define BN_R_NO_INVERSE 108 +#define BN_R_P_IS_NOT_PRIME 112 +#define BN_R_TOO_MANY_ITERATIONS 113 #define BN_R_TOO_MANY_TEMPORARY_VARIABLES 109 #ifdef __cplusplus diff --git a/crypto/bn/bn_asm.c b/crypto/bn/bn_asm.c index 44e52a40db..be8aa3ffc5 100644 --- a/crypto/bn/bn_asm.c +++ b/crypto/bn/bn_asm.c @@ -68,7 +68,7 @@ #if defined(BN_LLONG) || defined(BN_UMULT_HIGH) -BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w) +BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w) { BN_ULONG c1=0; @@ -93,7 +93,7 @@ BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w) return(c1); } -BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w) +BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w) { BN_ULONG c1=0; @@ -117,7 +117,7 @@ BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w) return(c1); } -void bn_sqr_words(BN_ULONG *r, BN_ULONG *a, int n) +void bn_sqr_words(BN_ULONG *r, const BN_ULONG *a, int n) { assert(n >= 0); if (n <= 0) return; @@ -139,7 +139,7 @@ void bn_sqr_words(BN_ULONG *r, BN_ULONG *a, int n) #else /* !(defined(BN_LLONG) || defined(BN_UMULT_HIGH)) */ -BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w) +BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w) { BN_ULONG c=0; BN_ULONG bl,bh; @@ -166,7 +166,7 @@ BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w) return(c); } -BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w) +BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w) { BN_ULONG carry=0; BN_ULONG bl,bh; @@ -193,7 +193,7 @@ BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w) return(carry); } -void bn_sqr_words(BN_ULONG *r, BN_ULONG *a, int n) +void bn_sqr_words(BN_ULONG *r, const BN_ULONG *a, int n) { assert(n >= 0); if (n <= 0) return; @@ -296,7 +296,7 @@ BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d) #endif /* !defined(BN_LLONG) && defined(BN_DIV2W) */ #ifdef BN_LLONG -BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n) +BN_ULONG bn_add_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n) { BN_ULLONG ll=0; @@ -332,7 +332,7 @@ BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n) return((BN_ULONG)ll); } #else /* !BN_LLONG */ -BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n) +BN_ULONG bn_add_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n) { BN_ULONG c,l,t; @@ -382,7 +382,7 @@ BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n) } #endif /* !BN_LLONG */ -BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n) +BN_ULONG bn_sub_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n) { BN_ULONG t1,t2; int c=0; @@ -673,7 +673,7 @@ void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b) r[7]=c2; } -void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a) +void bn_sqr_comba8(BN_ULONG *r, const BN_ULONG *a) { #ifdef BN_LLONG BN_ULLONG t,tt; @@ -754,7 +754,7 @@ void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a) r[15]=c1; } -void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a) +void bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a) { #ifdef BN_LLONG BN_ULLONG t,tt; diff --git a/crypto/bn/bn_ctx.c b/crypto/bn/bn_ctx.c index b1a8d7571e..28b334fbd5 100644 --- a/crypto/bn/bn_ctx.c +++ b/crypto/bn/bn_ctx.c @@ -112,8 +112,14 @@ void BN_CTX_start(BN_CTX *ctx) ctx->depth++; } + BIGNUM *BN_CTX_get(BN_CTX *ctx) { + /* Note: If BN_CTX_get is ever changed to allocate BIGNUMs dynamically, + * make sure that if BN_CTX_get fails once it will return NULL again + * until BN_CTX_end is called. (This is so that callers have to check + * only the last return value.) + */ if (ctx->depth > BN_CTX_NUM_POS || ctx->tos >= BN_CTX_NUM) { if (!ctx->too_many) diff --git a/crypto/bn/bn_div.c b/crypto/bn/bn_div.c index c3772c243b..2e600c7c54 100644 --- a/crypto/bn/bn_div.c +++ b/crypto/bn/bn_div.c @@ -61,6 +61,7 @@ #include "cryptlib.h" #include "bn_lcl.h" + /* The old slow way */ #if 0 int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, @@ -152,6 +153,14 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, # endif /* __GNUC__ */ #endif /* NO_ASM */ + +/* BN_div computes dv := num / divisor, rounding towards zero, and sets up + * rm such that dv*divisor + rm = num holds. + * Thus: + * dv->neg == num->neg ^ divisor->neg (unless the result is zero) + * rm->neg == num->neg (unless the remainder is zero) + * If 'dv' or 'rm' is NULL, the respective value is not returned. + */ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, BN_CTX *ctx) { @@ -180,13 +189,13 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, BN_CTX_start(ctx); tmp=BN_CTX_get(ctx); - tmp->neg=0; snum=BN_CTX_get(ctx); sdiv=BN_CTX_get(ctx); if (dv == NULL) res=BN_CTX_get(ctx); else res=dv; - if (res == NULL) goto err; + if (sdiv == NULL || res == NULL) goto err; + tmp->neg=0; /* First we normalise the numbers */ norm_shift=BN_BITS2-((BN_num_bits(divisor))%BN_BITS2); @@ -331,7 +340,8 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, if (rm != NULL) { BN_rshift(rm,snum,norm_shift); - rm->neg=num->neg; + if (!BN_is_zero(rm)) + rm->neg = num->neg; } BN_CTX_end(ctx); return(1); @@ -341,40 +351,3 @@ err: } #endif - -/* rem != m */ -int BN_mod(BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx) - { -#if 0 /* The old slow way */ - int i,nm,nd; - BIGNUM *dv; - - if (BN_ucmp(m,d) < 0) - return((BN_copy(rem,m) == NULL)?0:1); - - BN_CTX_start(ctx); - dv=BN_CTX_get(ctx); - - if (!BN_copy(rem,m)) goto err; - - nm=BN_num_bits(rem); - nd=BN_num_bits(d); - if (!BN_lshift(dv,d,nm-nd)) goto err; - for (i=nm-nd; i>=0; i--) - { - if (BN_cmp(rem,dv) >= 0) - { - if (!BN_sub(rem,rem,dv)) goto err; - } - if (!BN_rshift1(dv,dv)) goto err; - } - BN_CTX_end(ctx); - return(1); - err: - BN_CTX_end(ctx); - return(0); -#else - return(BN_div(NULL,rem,m,d,ctx)); -#endif - } - diff --git a/crypto/bn/bn_err.c b/crypto/bn/bn_err.c index 86550c4c21..d7f0493f47 100644 --- a/crypto/bn/bn_err.c +++ b/crypto/bn/bn_err.c @@ -76,11 +76,14 @@ static ERR_STRING_DATA BN_str_functs[]= {ERR_PACK(0,BN_F_BN_CTX_NEW,0), "BN_CTX_new"}, {ERR_PACK(0,BN_F_BN_DIV,0), "BN_div"}, {ERR_PACK(0,BN_F_BN_EXPAND2,0), "bn_expand2"}, +{ERR_PACK(0,BN_F_BN_EXPAND_INTERNAL,0), "BN_EXPAND_INTERNAL"}, {ERR_PACK(0,BN_F_BN_MOD_EXP2_MONT,0), "BN_mod_exp2_mont"}, {ERR_PACK(0,BN_F_BN_MOD_EXP_MONT,0), "BN_mod_exp_mont"}, {ERR_PACK(0,BN_F_BN_MOD_EXP_MONT_WORD,0), "BN_mod_exp_mont_word"}, {ERR_PACK(0,BN_F_BN_MOD_INVERSE,0), "BN_mod_inverse"}, +{ERR_PACK(0,BN_F_BN_MOD_LSHIFT_QUICK,0), "BN_mod_lshift_quick"}, {ERR_PACK(0,BN_F_BN_MOD_MUL_RECIPROCAL,0), "BN_mod_mul_reciprocal"}, +{ERR_PACK(0,BN_F_BN_MOD_SQRT,0), "BN_mod_sqrt"}, {ERR_PACK(0,BN_F_BN_MPI2BN,0), "BN_mpi2bn"}, {ERR_PACK(0,BN_F_BN_NEW,0), "BN_new"}, {ERR_PACK(0,BN_F_BN_RAND,0), "BN_rand"}, @@ -92,13 +95,18 @@ static ERR_STRING_DATA BN_str_reasons[]= { {BN_R_ARG2_LT_ARG3 ,"arg2 lt arg3"}, {BN_R_BAD_RECIPROCAL ,"bad reciprocal"}, +{BN_R_BIGNUM_TOO_LONG ,"bignum too long"}, {BN_R_CALLED_WITH_EVEN_MODULUS ,"called with even modulus"}, {BN_R_DIV_BY_ZERO ,"div by zero"}, {BN_R_ENCODING_ERROR ,"encoding error"}, {BN_R_EXPAND_ON_STATIC_BIGNUM_DATA ,"expand on static bignum data"}, +{BN_R_INPUT_NOT_REDUCED ,"input not reduced"}, {BN_R_INVALID_LENGTH ,"invalid length"}, +{BN_R_NOT_A_SQUARE ,"not a square"}, {BN_R_NOT_INITIALIZED ,"not initialized"}, {BN_R_NO_INVERSE ,"no inverse"}, +{BN_R_P_IS_NOT_PRIME ,"p is not prime"}, +{BN_R_TOO_MANY_ITERATIONS ,"too many iterations"}, {BN_R_TOO_MANY_TEMPORARY_VARIABLES ,"too many temporary variables"}, {0,NULL} }; diff --git a/crypto/bn/bn_exp.c b/crypto/bn/bn_exp.c index d2c91628ac..1739be6864 100644 --- a/crypto/bn/bn_exp.c +++ b/crypto/bn/bn_exp.c @@ -110,38 +110,13 @@ */ -#include <stdio.h> #include "cryptlib.h" #include "bn_lcl.h" #define TABLE_SIZE 32 -/* slow but works */ -int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m, BN_CTX *ctx) - { - BIGNUM *t; - int r=0; - - bn_check_top(a); - bn_check_top(b); - bn_check_top(m); - - BN_CTX_start(ctx); - if ((t = BN_CTX_get(ctx)) == NULL) goto err; - if (a == b) - { if (!BN_sqr(t,a,ctx)) goto err; } - else - { if (!BN_mul(t,a,b,ctx)) goto err; } - if (!BN_mod(ret,t,m,ctx)) goto err; - r=1; -err: - BN_CTX_end(ctx); - return(r); - } - - /* this one works - simple but works */ -int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx) +int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) { int i,bits,ret=0; BIGNUM *v,*rr; @@ -176,7 +151,7 @@ err: } -int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m, +int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx) { int ret; @@ -185,6 +160,40 @@ int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m, bn_check_top(p); bn_check_top(m); + /* For even modulus m = 2^k*m_odd, it might make sense to compute + * a^p mod m_odd and a^p mod 2^k separately (with Montgomery + * exponentiation for the odd part), using appropriate exponent + * reductions, and combine the results using the CRT. + * + * For now, we use Montgomery only if the modulus is odd; otherwise, + * exponentiation using the reciprocal-based quick remaindering + * algorithm is used. + * + * (Timing obtained with expspeed.c [computations a^p mod m + * where a, p, m are of the same length: 256, 512, 1024, 2048, + * 4096, 8192 bits], compared to the running time of the + * standard algorithm: + * + * BN_mod_exp_mont 33 .. 40 % [AMD K6-2, Linux, debug configuration] + * 55 .. 77 % [UltraSparc processor, but + * debug-solaris-sparcv8-gcc conf.] + * + * BN_mod_exp_recp 50 .. 70 % [AMD K6-2, Linux, debug configuration] + * 62 .. 118 % [UltraSparc, debug-solaris-sparcv8-gcc] + * + * On the Sparc, BN_mod_exp_recp was faster than BN_mod_exp_mont + * at 2048 and more bits, but at 512 and 1024 bits, it was + * slower even than the standard algorithm! + * + * "Real" timings [linux-elf, solaris-sparcv9-gcc configurations] + * should be obtained when the new Montgomery reduction code + * has been integrated into OpenSSL.) + */ + +#define MONT_MUL_MOD +#define MONT_EXP_WORD +#define RECP_MUL_MOD + #ifdef MONT_MUL_MOD /* I have finally been able to take out this pre-condition of * the top bit being set. It was caused by an error in BN_div @@ -194,12 +203,14 @@ int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m, if (BN_is_odd(m)) { - if (a->top == 1) +# ifdef MONT_EXP_WORD + if (a->top == 1 && !a->neg) { BN_ULONG A = a->d[0]; ret=BN_mod_exp_mont_word(r,A,p,m,ctx,NULL); } else +# endif ret=BN_mod_exp_mont(r,a,p,m,ctx,NULL); } else @@ -227,8 +238,8 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, if (bits == 0) { - BN_one(r); - return(1); + ret = BN_one(r); + return ret; } BN_CTX_start(ctx); @@ -240,7 +251,12 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_init(&(val[0])); ts=1; - if (!BN_mod(&(val[0]),a,m,ctx)) goto err; /* 1 */ + if (!BN_nnmod(&(val[0]),a,m,ctx)) goto err; /* 1 */ + if (BN_is_zero(&(val[0]))) + { + ret = BN_zero(r); + goto err; + } window = BN_window_bits_for_exponent_size(bits); if (window > 1) @@ -325,13 +341,13 @@ err: } -int BN_mod_exp_mont(BIGNUM *rr, BIGNUM *a, const BIGNUM *p, +int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) { int i,j,bits,ret=0,wstart,wend,window,wvalue; int start=1,ts=0; BIGNUM *d,*r; - BIGNUM *aa; + const BIGNUM *aa; BIGNUM val[TABLE_SIZE]; BN_MONT_CTX *mont=NULL; @@ -347,9 +363,10 @@ int BN_mod_exp_mont(BIGNUM *rr, BIGNUM *a, const BIGNUM *p, bits=BN_num_bits(p); if (bits == 0) { - BN_one(rr); - return(1); + ret = BN_one(rr); + return ret; } + BN_CTX_start(ctx); d = BN_CTX_get(ctx); r = BN_CTX_get(ctx); @@ -368,14 +385,19 @@ int BN_mod_exp_mont(BIGNUM *rr, BIGNUM *a, const BIGNUM *p, BN_init(&val[0]); ts=1; - if (BN_ucmp(a,m) >= 0) + if (a->neg || BN_ucmp(a,m) >= 0) { - if (!BN_mod(&(val[0]),a,m,ctx)) + if (!BN_nnmod(&(val[0]),a,m,ctx)) goto err; aa= &(val[0]); } else aa=a; + if (BN_is_zero(aa)) + { + ret = BN_zero(rr); + goto err; + } if (!BN_to_montgomery(&(val[0]),aa,mont,ctx)) goto err; /* 1 */ window = BN_window_bits_for_exponent_size(bits); @@ -484,17 +506,26 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, bn_check_top(p); bn_check_top(m); - if (!(m->d[0] & 1)) + if (m->top == 0 || !(m->d[0] & 1)) { BNerr(BN_F_BN_MOD_EXP_MONT_WORD,BN_R_CALLED_WITH_EVEN_MODULUS); return(0); } + if (m->top == 1) + a %= m->d[0]; /* make sure that 'a' is reduced */ + bits = BN_num_bits(p); if (bits == 0) { - BN_one(rr); - return(1); + ret = BN_one(rr); + return ret; + } + if (a == 0) + { + ret = BN_zero(rr); + return ret; } + BN_CTX_start(ctx); d = BN_CTX_get(ctx); r = BN_CTX_get(ctx); @@ -590,8 +621,9 @@ err: /* The old fallback, simple version :-) */ -int BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m, - BN_CTX *ctx) +int BN_mod_exp_simple(BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, + BN_CTX *ctx) { int i,j,bits,ret=0,wstart,wend,window,wvalue,ts=0; int start=1; @@ -602,8 +634,8 @@ int BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m, if (bits == 0) { - BN_one(r); - return(1); + ret = BN_one(r); + return ret; } BN_CTX_start(ctx); @@ -611,7 +643,12 @@ int BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m, BN_init(&(val[0])); ts=1; - if (!BN_mod(&(val[0]),a,m,ctx)) goto err; /* 1 */ + if (!BN_nnmod(&(val[0]),a,m,ctx)) goto err; /* 1 */ + if (BN_is_zero(&(val[0]))) + { + ret = BN_zero(r); + goto err; + } window = BN_window_bits_for_exponent_size(bits); if (window > 1) diff --git a/crypto/bn/bn_exp2.c b/crypto/bn/bn_exp2.c index 29029f4c72..73ccd58a83 100644 --- a/crypto/bn/bn_exp2.c +++ b/crypto/bn/bn_exp2.c @@ -115,13 +115,14 @@ #define TABLE_SIZE 32 -int BN_mod_exp2_mont(BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, BIGNUM *a2, - BIGNUM *p2, BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) +int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1, + const BIGNUM *a2, const BIGNUM *p2, const BIGNUM *m, + BN_CTX *ctx, BN_MONT_CTX *in_mont) { int i,j,bits,b,bits1,bits2,ret=0,wpos1,wpos2,window1,window2,wvalue1,wvalue2; int r_is_one=1,ts1=0,ts2=0; BIGNUM *d,*r; - BIGNUM *a_mod_m; + const BIGNUM *a_mod_m; BIGNUM val1[TABLE_SIZE], val2[TABLE_SIZE]; BN_MONT_CTX *mont=NULL; @@ -140,9 +141,10 @@ int BN_mod_exp2_mont(BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, BIGNUM *a2, bits2=BN_num_bits(p2); if ((bits1 == 0) && (bits2 == 0)) { - BN_one(rr); - return(1); + ret = BN_one(rr); + return ret; } + bits=(bits1 > bits2)?bits1:bits2; BN_CTX_start(ctx); @@ -166,7 +168,7 @@ int BN_mod_exp2_mont(BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, BIGNUM *a2, */ BN_init(&val1[0]); ts1=1; - if (BN_ucmp(a1,m) >= 0) + if (a1->neg || BN_ucmp(a1,m) >= 0) { if (!BN_mod(&(val1[0]),a1,m,ctx)) goto err; @@ -174,6 +176,12 @@ int BN_mod_exp2_mont(BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, BIGNUM *a2, } else a_mod_m = a1; + if (BN_is_zero(a_mod_m)) + { + ret = BN_zero(rr); + goto err; + } + if (!BN_to_montgomery(&(val1[0]),a_mod_m,mont,ctx)) goto err; if (window1 > 1) { @@ -195,7 +203,7 @@ int BN_mod_exp2_mont(BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, BIGNUM *a2, */ BN_init(&val2[0]); ts2=1; - if (BN_ucmp(a2,m) >= 0) + if (a2->neg || BN_ucmp(a2,m) >= 0) { if (!BN_mod(&(val2[0]),a2,m,ctx)) goto err; @@ -203,6 +211,11 @@ int BN_mod_exp2_mont(BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, BIGNUM *a2, } else a_mod_m = a2; + if (BN_is_zero(a_mod_m)) + { + ret = BN_zero(rr); + goto err; + } if (!BN_to_montgomery(&(val2[0]),a_mod_m,mont,ctx)) goto err; if (window2 > 1) { diff --git a/crypto/bn/bn_gcd.c b/crypto/bn/bn_gcd.c index 398207196b..d5caf5136f 100644 --- a/crypto/bn/bn_gcd.c +++ b/crypto/bn/bn_gcd.c @@ -55,14 +55,66 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ +/* ==================================================================== + * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ -#include <stdio.h> #include "cryptlib.h" #include "bn_lcl.h" static BIGNUM *euclid(BIGNUM *a, BIGNUM *b); -int BN_gcd(BIGNUM *r, BIGNUM *in_a, BIGNUM *in_b, BN_CTX *ctx) +int BN_gcd(BIGNUM *r, const BIGNUM *in_a, const BIGNUM *in_b, BN_CTX *ctx) { BIGNUM *a,*b,*t; int ret=0; @@ -77,6 +129,8 @@ int BN_gcd(BIGNUM *r, BIGNUM *in_a, BIGNUM *in_b, BN_CTX *ctx) if (BN_copy(a,in_a) == NULL) goto err; if (BN_copy(b,in_b) == NULL) goto err; + a->neg = 0; + b->neg = 0; if (BN_cmp(a,b) < 0) { t=a; a=b; b=t; } t=euclid(a,b); @@ -97,10 +151,10 @@ static BIGNUM *euclid(BIGNUM *a, BIGNUM *b) bn_check_top(a); bn_check_top(b); - for (;;) + /* 0 <= b <= a */ + while (!BN_is_zero(b)) { - if (BN_is_zero(b)) - break; + /* 0 < b <= a */ if (BN_is_odd(a)) { @@ -133,7 +187,9 @@ static BIGNUM *euclid(BIGNUM *a, BIGNUM *b) shifts++; } } + /* 0 <= b <= a */ } + if (shifts) { if (!BN_lshift(a,a,shifts)) goto err; @@ -143,11 +199,13 @@ err: return(NULL); } + /* solves ax == 1 (mod n) */ -BIGNUM *BN_mod_inverse(BIGNUM *in, BIGNUM *a, const BIGNUM *n, BN_CTX *ctx) +BIGNUM *BN_mod_inverse(BIGNUM *in, + const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx) { - BIGNUM *A,*B,*X,*Y,*M,*D,*R=NULL; - BIGNUM *T,*ret=NULL; + BIGNUM *A,*B,*X,*Y,*M,*D,*T,*R=NULL; + BIGNUM *ret=NULL; int sign; bn_check_top(a); @@ -160,7 +218,8 @@ BIGNUM *BN_mod_inverse(BIGNUM *in, BIGNUM *a, const BIGNUM *n, BN_CTX *ctx) D = BN_CTX_get(ctx); M = BN_CTX_get(ctx); Y = BN_CTX_get(ctx); - if (Y == NULL) goto err; + T = BN_CTX_get(ctx); + if (T == NULL) goto err; if (in == NULL) R=BN_new(); @@ -168,34 +227,166 @@ BIGNUM *BN_mod_inverse(BIGNUM *in, BIGNUM *a, const BIGNUM *n, BN_CTX *ctx) R=in; if (R == NULL) goto err; - BN_zero(X); - BN_one(Y); - if (BN_copy(A,a) == NULL) goto err; - if (BN_copy(B,n) == NULL) goto err; - sign=1; + BN_one(X); + BN_zero(Y); + if (BN_copy(B,a) == NULL) goto err; + if (BN_copy(A,n) == NULL) goto err; + A->neg = 0; + if (B->neg || (BN_ucmp(B, A) >= 0)) + { + if (!BN_nnmod(B, B, A, ctx)) goto err; + } + sign = -1; + /* From B = a mod |n|, A = |n| it follows that + * + * 0 <= B < A, + * sign*X*a == B (mod |n|), + * -sign*Y*a == A (mod |n|). + */ while (!BN_is_zero(B)) { - if (!BN_div(D,M,A,B,ctx)) goto err; - T=A; + BIGNUM *tmp; + + /* + * 0 < B < A, + * (*) sign*X*a == B (mod |n|), + * -sign*Y*a == A (mod |n|) + */ + + /* (D, M) := (A/B, A%B) ... */ + if (BN_num_bits(A) == BN_num_bits(B)) + { + if (!BN_one(D)) goto err; + if (!BN_sub(M,A,B)) goto err; + } + else if (BN_num_bits(A) == BN_num_bits(B) + 1) + { + /* A/B is 1, 2, or 3 */ + if (!BN_lshift1(T,B)) goto err; + if (BN_ucmp(A,T) < 0) + { + /* A < 2*B, so D=1 */ + if (!BN_one(D)) goto err; + if (!BN_sub(M,A,B)) goto err; + } + else + { + /* A >= 2*B, so D=2 or D=3 */ + if (!BN_sub(M,A,T)) goto err; + if (!BN_add(D,T,B)) goto err; /* use D (:= 3*B) as temp */ + if (BN_ucmp(A,D) < 0) + { + /* A < 3*B, so D=2 */ + if (!BN_set_word(D,2)) goto err; + /* M (= A - 2*B) already has the correct value */ + } + else + { + /* only D=3 remains */ + if (!BN_set_word(D,3)) goto err; + /* currently M = A - 2*B, but we need M = A - 3*B */ + if (!BN_sub(M,M,B)) goto err; + } + } + } + else + { + if (!BN_div(D,M,A,B,ctx)) goto err; + } + + /* Now + * A = D*B + M; + * thus we have + * (**) -sign*Y*a == D*B + M (mod |n|). + */ + + tmp=A; /* keep the BIGNUM object, the value does not matter */ + + /* (A, B) := (B, A mod B) ... */ A=B; B=M; - /* T has a struct, M does not */ + /* ... so we have 0 <= B < A again */ + + /* Since the former M is now B and the former B is now A, + * (**) translates into + * -sign*Y*a == D*A + B (mod |n|), + * i.e. + * -sign*Y*a - D*A == B (mod |n|). + * Similarly, (*) translates into + * sign*X*a == A (mod |n|). + * + * Thus, + * -sign*Y*a - D*sign*X*a == B (mod |n|), + * i.e. + * -sign*(Y + D*X)*a == B (mod |n|). + * + * So if we set (X, Y, sign) := (Y + D*X, X, -sign), we arrive back at + * sign*X*a == B (mod |n|), + * -sign*Y*a == A (mod |n|). + * Note that X and Y stay non-negative all the time. + */ - if (!BN_mul(T,D,X,ctx)) goto err; - if (!BN_add(T,T,Y)) goto err; - M=Y; + /* most of the time D is very small, so we can optimize tmp := D*X+Y */ + if (BN_is_one(D)) + { + if (!BN_add(tmp,X,Y)) goto err; + } + else + { + if (BN_is_word(D,2)) + { + if (!BN_lshift1(tmp,X)) goto err; + } + else if (BN_is_word(D,4)) + { + if (!BN_lshift(tmp,X,2)) goto err; + } + else if (D->top == 1) + { + if (!BN_copy(tmp,X)) goto err; + if (!BN_mul_word(tmp,D->d[0])) goto err; + } + else + { + if (!BN_mul(tmp,D,X,ctx)) goto err; + } + if (!BN_add(tmp,tmp,Y)) goto err; + } + + M=Y; /* keep the BIGNUM object, the value does not matter */ Y=X; - X=T; - sign= -sign; + X=tmp; + sign = -sign; } + + /* + * The while loop (Euclid's algorithm) ends when + * A == gcd(a,n); + * we have + * -sign*Y*a == A (mod |n|), + * where Y is non-negative. + */ + if (sign < 0) { if (!BN_sub(Y,n,Y)) goto err; } + /* Now Y*a == A (mod |n|). */ + if (BN_is_one(A)) - { if (!BN_mod(R,Y,n,ctx)) goto err; } + { + /* Y*a == 1 (mod |n|) */ + if (BN_ucmp(Y,n) < 0) + { + if (!BN_copy(R,Y)) goto err; + } + else + { + if (!BN_nnmod(R,Y,n,ctx)) goto err; + } + } else { BNerr(BN_F_BN_MOD_INVERSE,BN_R_NO_INVERSE); @@ -207,4 +398,3 @@ err: BN_CTX_end(ctx); return(ret); } - diff --git a/crypto/bn/bn_lcl.h b/crypto/bn/bn_lcl.h index 9c959921b4..39ad05631a 100644 --- a/crypto/bn/bn_lcl.h +++ b/crypto/bn/bn_lcl.h @@ -398,14 +398,17 @@ extern "C" { void bn_mul_normal(BN_ULONG *r,BN_ULONG *a,int na,BN_ULONG *b,int nb); void bn_mul_comba8(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b); void bn_mul_comba4(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b); -void bn_sqr_normal(BN_ULONG *r, BN_ULONG *a, int n, BN_ULONG *tmp); -void bn_sqr_comba8(BN_ULONG *r,BN_ULONG *a); -void bn_sqr_comba4(BN_ULONG *r,BN_ULONG *a); -int bn_cmp_words(BN_ULONG *a,BN_ULONG *b,int n); -void bn_mul_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2,BN_ULONG *t); +void bn_sqr_normal(BN_ULONG *r, const BN_ULONG *a, int n, BN_ULONG *tmp); +void bn_sqr_comba8(BN_ULONG *r,const BN_ULONG *a); +void bn_sqr_comba4(BN_ULONG *r,const BN_ULONG *a); +int bn_cmp_words(const BN_ULONG *a,const BN_ULONG *b,int n); +int bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b, + int cl, int dl); +void bn_mul_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2, + int dna,int dnb,BN_ULONG *t); void bn_mul_part_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, - int tn, int n,BN_ULONG *t); -void bn_sqr_recursive(BN_ULONG *r,BN_ULONG *a, int n2, BN_ULONG *t); + int n,int tna,int tnb,BN_ULONG *t); +void bn_sqr_recursive(BN_ULONG *r,const BN_ULONG *a, int n2, BN_ULONG *t); void bn_mul_low_normal(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, int n); void bn_mul_low_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2, BN_ULONG *t); diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c index b6b0ce4b3c..e37b85bfc5 100644 --- a/crypto/bn/bn_lib.c +++ b/crypto/bn/bn_lib.c @@ -62,6 +62,7 @@ #endif #include <assert.h> +#include <limits.h> #include <stdio.h> #include "cryptlib.h" #include "bn_lcl.h" @@ -304,166 +305,168 @@ BIGNUM *BN_new(void) return(ret); } -/* This is an internal function that should not be used in applications. - * It ensures that 'b' has enough room for a 'words' word number number. - * It is mostly used by the various BIGNUM routines. If there is an error, - * NULL is returned. If not, 'b' is returned. */ - -BIGNUM *bn_expand2(BIGNUM *b, int words) +/* This is used both by bn_expand2() and bn_dup_expand() */ +/* The caller MUST check that words > b->dmax before calling this */ +static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words) { - BN_ULONG *A,*a; + BN_ULONG *A,*a = NULL; const BN_ULONG *B; int i; - bn_check_top(b); + if (words > (INT_MAX/(4*BN_BITS2))) + { + BNerr(BN_F_BN_EXPAND_INTERNAL,BN_R_BIGNUM_TOO_LONG); + return NULL; + } - if (words > b->dmax) + bn_check_top(b); + if (BN_get_flags(b,BN_FLG_STATIC_DATA)) + { + BNerr(BN_F_BN_EXPAND_INTERNAL,BN_R_EXPAND_ON_STATIC_BIGNUM_DATA); + return(NULL); + } + a=A=(BN_ULONG *)OPENSSL_malloc(sizeof(BN_ULONG)*(words+1)); + if (A == NULL) { - bn_check_top(b); - if (BN_get_flags(b,BN_FLG_STATIC_DATA)) + BNerr(BN_F_BN_EXPAND_INTERNAL,ERR_R_MALLOC_FAILURE); + return(NULL); + } +#if 1 + B=b->d; + /* Check if the previous number needs to be copied */ + if (B != NULL) + { + for (i=b->top>>2; i>0; i--,A+=4,B+=4) { - BNerr(BN_F_BN_EXPAND2,BN_R_EXPAND_ON_STATIC_BIGNUM_DATA); - return(NULL); + /* + * The fact that the loop is unrolled + * 4-wise is a tribute to Intel. It's + * the one that doesn't have enough + * registers to accomodate more data. + * I'd unroll it 8-wise otherwise:-) + * + * <appro@fy.chalmers.se> + */ + BN_ULONG a0,a1,a2,a3; + a0=B[0]; a1=B[1]; a2=B[2]; a3=B[3]; + A[0]=a0; A[1]=a1; A[2]=a2; A[3]=a3; } - a=A=(BN_ULONG *)OPENSSL_malloc(sizeof(BN_ULONG)*(words+1)); - if (A == NULL) + switch (b->top&3) { - BNerr(BN_F_BN_EXPAND2,ERR_R_MALLOC_FAILURE); - return(NULL); + case 3: A[2]=B[2]; + case 2: A[1]=B[1]; + case 1: A[0]=B[0]; + case 0: /* workaround for ultrix cc: without 'case 0', the optimizer does + * the switch table by doing a=top&3; a--; goto jump_table[a]; + * which fails for top== 0 */ + ; } -#if 1 - B=b->d; - /* Check if the previous number needs to be copied */ - if (B != NULL) - { -#if 0 - /* This lot is an unrolled loop to copy b->top - * BN_ULONGs from B to A - */ -/* - * I have nothing against unrolling but it's usually done for - * several reasons, namely: - * - minimize percentage of decision making code, i.e. branches; - * - avoid cache trashing; - * - make it possible to schedule loads earlier; - * Now let's examine the code below. The cornerstone of C is - * "programmer is always right" and that's what we love it for:-) - * For this very reason C compilers have to be paranoid when it - * comes to data aliasing and assume the worst. Yeah, but what - * does it mean in real life? This means that loop body below will - * be compiled to sequence of loads immediately followed by stores - * as compiler assumes the worst, something in A==B+1 style. As a - * result CPU pipeline is going to starve for incoming data. Secondly - * if A and B happen to share same cache line such code is going to - * cause severe cache trashing. Both factors have severe impact on - * performance of modern CPUs and this is the reason why this - * particular piece of code is #ifdefed away and replaced by more - * "friendly" version found in #else section below. This comment - * also applies to BN_copy function. - * - * <appro@fy.chalmers.se> - */ - for (i=b->top&(~7); i>0; i-=8) - { - A[0]=B[0]; A[1]=B[1]; A[2]=B[2]; A[3]=B[3]; - A[4]=B[4]; A[5]=B[5]; A[6]=B[6]; A[7]=B[7]; - A+=8; - B+=8; - } - switch (b->top&7) - { - case 7: - A[6]=B[6]; - case 6: - A[5]=B[5]; - case 5: - A[4]=B[4]; - case 4: - A[3]=B[3]; - case 3: - A[2]=B[2]; - case 2: - A[1]=B[1]; - case 1: - A[0]=B[0]; - case 0: - /* I need the 'case 0' entry for utrix cc. - * If the optimizer is turned on, it does the - * switch table by doing - * a=top&7 - * a--; - * goto jump_table[a]; - * If top is 0, this makes us jump to 0xffffffc - * which is rather bad :-(. - * eric 23-Apr-1998 - */ - ; - } + } + + /* Now need to zero any data between b->top and b->max */ + /* XXX Why? */ + + A= &(a[b->top]); + for (i=(words - b->top)>>3; i>0; i--,A+=8) + { + A[0]=0; A[1]=0; A[2]=0; A[3]=0; + A[4]=0; A[5]=0; A[6]=0; A[7]=0; + } + for (i=(words - b->top)&7; i>0; i--,A++) + A[0]=0; #else - for (i=b->top>>2; i>0; i--,A+=4,B+=4) + memset(A,0,sizeof(BN_ULONG)*(words+1)); + memcpy(A,b->d,sizeof(b->d[0])*b->top); +#endif + + return(a); + } + +/* This is an internal function that can be used instead of bn_expand2() + * when there is a need to copy BIGNUMs instead of only expanding the + * data part, while still expanding them. + * Especially useful when needing to expand BIGNUMs that are declared + * 'const' and should therefore not be changed. + * The reason to use this instead of a BN_dup() followed by a bn_expand2() + * is memory allocation overhead. A BN_dup() followed by a bn_expand2() + * will allocate new memory for the BIGNUM data twice, and free it once, + * while bn_dup_expand() makes sure allocation is made only once. + */ + +BIGNUM *bn_dup_expand(const BIGNUM *b, int words) + { + BIGNUM *r = NULL; + + if (words > b->dmax) + { + BN_ULONG *a = bn_expand_internal(b, words); + + if (a) + { + r = BN_new(); + if (r) { - /* - * The fact that the loop is unrolled - * 4-wise is a tribute to Intel. It's - * the one that doesn't have enough - * registers to accomodate more data. - * I'd unroll it 8-wise otherwise:-) - * - * <appro@fy.chalmers.se> - */ - BN_ULONG a0,a1,a2,a3; - a0=B[0]; a1=B[1]; a2=B[2]; a3=B[3]; - A[0]=a0; A[1]=a1; A[2]=a2; A[3]=a3; + r->top = b->top; + r->dmax = words; + r->neg = b->neg; + r->d = a; } - switch (b->top&3) + else { - case 3: A[2]=B[2]; - case 2: A[1]=B[1]; - case 1: A[0]=B[0]; - case 0: ; /* ultrix cc workaround, see above */ + /* r == NULL, BN_new failure */ + OPENSSL_free(a); } -#endif - OPENSSL_free(b->d); } + /* If a == NULL, there was an error in allocation in + bn_expand_internal(), and NULL should be returned */ + } + else + { + r = BN_dup(b); + } + + return r; + } - b->d=a; - b->dmax=words; +/* This is an internal function that should not be used in applications. + * It ensures that 'b' has enough room for a 'words' word number number. + * It is mostly used by the various BIGNUM routines. If there is an error, + * NULL is returned. If not, 'b' is returned. */ - /* Now need to zero any data between b->top and b->max */ +BIGNUM *bn_expand2(BIGNUM *b, int words) + { + if (words > b->dmax) + { + BN_ULONG *a = bn_expand_internal(b, words); - A= &(b->d[b->top]); - for (i=(b->dmax - b->top)>>3; i>0; i--,A+=8) + if (a) { - A[0]=0; A[1]=0; A[2]=0; A[3]=0; - A[4]=0; A[5]=0; A[6]=0; A[7]=0; - } - for (i=(b->dmax - b->top)&7; i>0; i--,A++) - A[0]=0; -#else - memset(A,0,sizeof(BN_ULONG)*(words+1)); - memcpy(A,b->d,sizeof(b->d[0])*b->top); + if (b->d) + OPENSSL_free(b->d); b->d=a; - b->max=words; -#endif - -/* memset(&(p[b->max]),0,((words+1)-b->max)*sizeof(BN_ULONG)); */ -/* { int i; for (i=b->max; i<words+1; i++) p[i]=i;} */ - + b->dmax=words; + } + else + b = NULL; } - return(b); + return b; } BIGNUM *BN_dup(const BIGNUM *a) { - BIGNUM *r; + BIGNUM *r, *t; if (a == NULL) return NULL; bn_check_top(a); - r=BN_new(); - if (r == NULL) return(NULL); - return((BIGNUM *)BN_copy(r,a)); + t = BN_new(); + if (t == NULL) return(NULL); + r = BN_copy(t, a); + /* now r == t || r == NULL */ + if (r == NULL) + BN_free(t); + return r; } BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b) @@ -491,7 +494,7 @@ BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b) case 3: A[2]=B[2]; case 2: A[1]=B[1]; case 1: A[0]=B[0]; - case 0: ; /* ultrix cc workaround, see comments in bn_expand2 */ + case 0: ; /* ultrix cc workaround, see comments in bn_expand_internal */ } #else memcpy(a->d,b->d,sizeof(b->d[0])*b->top); @@ -505,6 +508,35 @@ BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b) return(a); } +void BN_swap(BIGNUM *a, BIGNUM *b) + { + int flags_old_a, flags_old_b; + BN_ULONG *tmp_d; + int tmp_top, tmp_dmax, tmp_neg; + + flags_old_a = a->flags; + flags_old_b = b->flags; + + tmp_d = a->d; + tmp_top = a->top; + tmp_dmax = a->dmax; + tmp_neg = a->neg; + + a->d = b->d; + a->top = b->top; + a->dmax = b->dmax; + a->neg = b->neg; + + b->d = tmp_d; + b->top = tmp_top; + b->dmax = tmp_dmax; + b->neg = tmp_neg; + + a->flags = (flags_old_a & BN_FLG_MALLOCED) | (flags_old_b & BN_FLG_STATIC_DATA); + b->flags = (flags_old_b & BN_FLG_MALLOCED) | (flags_old_a & BN_FLG_STATIC_DATA); + } + + void BN_clear(BIGNUM *a) { if (a->d != NULL) @@ -513,7 +545,7 @@ void BN_clear(BIGNUM *a) a->neg=0; } -BN_ULONG BN_get_word(BIGNUM *a) +BN_ULONG BN_get_word(const BIGNUM *a) { int i,n; BN_ULONG ret=0; @@ -561,7 +593,6 @@ int BN_set_word(BIGNUM *a, BN_ULONG w) return(1); } -/* ignore negative */ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret) { unsigned int i,m; @@ -582,6 +613,7 @@ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret) i=((n-1)/BN_BYTES)+1; m=((n-1)%(BN_BYTES)); ret->top=i; + ret->neg=0; while (n-- > 0) { l=(l<<8L)| *(s++); @@ -736,7 +768,7 @@ int BN_mask_bits(BIGNUM *a, int n) return(1); } -int bn_cmp_words(BN_ULONG *a, BN_ULONG *b, int n) +int bn_cmp_words(const BN_ULONG *a, const BN_ULONG *b, int n) { int i; BN_ULONG aa,bb; @@ -753,3 +785,34 @@ int bn_cmp_words(BN_ULONG *a, BN_ULONG *b, int n) return(0); } +/* Here follows a specialised variants of bn_cmp_words(). It has the + property of performing the operation on arrays of different sizes. + The sizes of those arrays is expressed through cl, which is the + common length ( basicall, min(len(a),len(b)) ), and dl, which is the + delta between the two lengths, calculated as len(a)-len(b). + All lengths are the number of BN_ULONGs... */ + +int bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b, + int cl, int dl) + { + int n,i; + n = cl-1; + + if (dl < 0) + { + for (i=dl; i<0; i++) + { + if (b[n-i] != 0) + return -1; /* a < b */ + } + } + if (dl > 0) + { + for (i=dl; i>0; i--) + { + if (a[n+i] != 0) + return 1; /* a > b */ + } + } + return bn_cmp_words(a,b,cl); + } diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c index 8cf1febacc..7f8296c893 100644 --- a/crypto/bn/bn_mont.c +++ b/crypto/bn/bn_mont.c @@ -69,20 +69,17 @@ #define MONT_WORD /* use the faster word-based algorithm */ -int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b, +int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_MONT_CTX *mont, BN_CTX *ctx) { - BIGNUM *tmp,*tmp2; + BIGNUM *tmp; int ret=0; BN_CTX_start(ctx); tmp = BN_CTX_get(ctx); - tmp2 = BN_CTX_get(ctx); - if (tmp == NULL || tmp2 == NULL) goto err; + if (tmp == NULL) goto err; bn_check_top(tmp); - bn_check_top(tmp2); - if (a == b) { if (!BN_sqr(tmp,a,ctx)) goto err; @@ -99,7 +96,7 @@ err: return(ret); } -int BN_from_montgomery(BIGNUM *ret, BIGNUM *a, BN_MONT_CTX *mont, +int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont, BN_CTX *ctx) { int retn=0; @@ -144,7 +141,7 @@ int BN_from_montgomery(BIGNUM *ret, BIGNUM *a, BN_MONT_CTX *mont, n0=mont->n0; #ifdef BN_COUNT - printf("word BN_from_montgomery %d * %d\n",nl,nl); + fprintf(stderr,"word BN_from_montgomery %d * %d\n",nl,nl); #endif for (i=0; i<nl; i++) { diff --git a/crypto/bn/bn_mpi.c b/crypto/bn/bn_mpi.c index 80e1dca6b7..05fa9d1e9a 100644 --- a/crypto/bn/bn_mpi.c +++ b/crypto/bn/bn_mpi.c @@ -88,7 +88,7 @@ int BN_bn2mpi(const BIGNUM *a, unsigned char *d) return(num+4+ext); } -BIGNUM *BN_mpi2bn(unsigned char *d, int n, BIGNUM *a) +BIGNUM *BN_mpi2bn(const unsigned char *d, int n, BIGNUM *a) { long len; int neg=0; diff --git a/crypto/bn/bn_mul.c b/crypto/bn/bn_mul.c index 3e8d8b9567..eb5d525613 100644 --- a/crypto/bn/bn_mul.c +++ b/crypto/bn/bn_mul.c @@ -56,10 +56,323 @@ * [including the GNU Public Licence.] */ +#ifndef BN_DEBUG +# undef NDEBUG /* avoid conflicting definitions */ +# define NDEBUG +#endif + #include <stdio.h> +#include <assert.h> #include "cryptlib.h" #include "bn_lcl.h" +/* Here follows specialised variants of bn_add_words() and + bn_sub_words(). They have the property performing operations on + arrays of different sizes. The sizes of those arrays is expressed through + cl, which is the common length ( basicall, min(len(a),len(b)) ), and dl, + which is the delta between the two lengths, calculated as len(a)-len(b). + All lengths are the number of BN_ULONGs... For the operations that require + a result array as parameter, it must have the length cl+abs(dl). + These functions should probably end up in bn_asm.c as soon as there are + assembler counterparts for the systems that use assembler files. */ + +BN_ULONG bn_sub_part_words(BN_ULONG *r, + const BN_ULONG *a, const BN_ULONG *b, + int cl, int dl) + { + BN_ULONG c, t; + + assert(cl >= 0); + c = bn_sub_words(r, a, b, cl); + + if (dl == 0) + return c; + + r += cl; + a += cl; + b += cl; + + if (dl < 0) + { +#ifdef BN_COUNT + fprintf(stderr, " bn_sub_part_words %d + %d (dl < 0, c = %d)\n", cl, dl, c); +#endif + for (;;) + { + t = b[0]; + r[0] = (0-t-c)&BN_MASK2; + if (t != 0) c=1; + if (++dl >= 0) break; + + t = b[1]; + r[1] = (0-t-c)&BN_MASK2; + if (t != 0) c=1; + if (++dl >= 0) break; + + t = b[2]; + r[2] = (0-t-c)&BN_MASK2; + if (t != 0) c=1; + if (++dl >= 0) break; + + t = b[3]; + r[3] = (0-t-c)&BN_MASK2; + if (t != 0) c=1; + if (++dl >= 0) break; + + b += 4; + r += 4; + } + } + else + { + int save_dl = dl; +#ifdef BN_COUNT + fprintf(stderr, " bn_sub_part_words %d + %d (dl > 0, c = %d)\n", cl, dl, c); +#endif + while(c) + { + t = a[0]; + r[0] = (t-c)&BN_MASK2; + if (t != 0) c=0; + if (--dl <= 0) break; + + t = a[1]; + r[1] = (t-c)&BN_MASK2; + if (t != 0) c=0; + if (--dl <= 0) break; + + t = a[2]; + r[2] = (t-c)&BN_MASK2; + if (t != 0) c=0; + if (--dl <= 0) break; + + t = a[3]; + r[3] = (t-c)&BN_MASK2; + if (t != 0) c=0; + if (--dl <= 0) break; + + save_dl = dl; + a += 4; + r += 4; + } + if (dl > 0) + { +#ifdef BN_COUNT + fprintf(stderr, " bn_sub_part_words %d + %d (dl > 0, c == 0)\n", cl, dl); +#endif + if (save_dl > dl) + { + switch (save_dl - dl) + { + case 1: + r[1] = a[1]; + if (--dl <= 0) break; + case 2: + r[2] = a[2]; + if (--dl <= 0) break; + case 3: + r[3] = a[3]; + if (--dl <= 0) break; + } + a += 4; + r += 4; + } + } + if (dl > 0) + { +#ifdef BN_COUNT + fprintf(stderr, " bn_sub_part_words %d + %d (dl > 0, copy)\n", cl, dl); +#endif + for(;;) + { + r[0] = a[0]; + if (--dl <= 0) break; + r[1] = a[1]; + if (--dl <= 0) break; + r[2] = a[2]; + if (--dl <= 0) break; + r[3] = a[3]; + if (--dl <= 0) break; + + a += 4; + r += 4; + } + } + } + return c; + } + +BN_ULONG bn_add_part_words(BN_ULONG *r, + const BN_ULONG *a, const BN_ULONG *b, + int cl, int dl) + { + BN_ULONG c, l, t; + + assert(cl >= 0); + c = bn_add_words(r, a, b, cl); + + if (dl == 0) + return c; + + r += cl; + a += cl; + b += cl; + + if (dl < 0) + { + int save_dl = dl; +#ifdef BN_COUNT + fprintf(stderr, " bn_add_part_words %d + %d (dl < 0, c = %d)\n", cl, dl, c); +#endif + while (c) + { + l=(c+b[0])&BN_MASK2; + c=(l < c); + r[0]=l; + if (++dl >= 0) break; + + l=(c+b[1])&BN_MASK2; + c=(l < c); + r[1]=l; + if (++dl >= 0) break; + + l=(c+b[2])&BN_MASK2; + c=(l < c); + r[2]=l; + if (++dl >= 0) break; + + l=(c+b[3])&BN_MASK2; + c=(l < c); + r[3]=l; + if (++dl >= 0) break; + + save_dl = dl; + b+=4; + r+=4; + } + if (dl < 0) + { +#ifdef BN_COUNT + fprintf(stderr, " bn_add_part_words %d + %d (dl < 0, c == 0)\n", cl, dl); +#endif + if (save_dl < dl) + { + switch (dl - save_dl) + { + case 1: + r[1] = b[1]; + if (++dl >= 0) break; + case 2: + r[2] = b[2]; + if (++dl >= 0) break; + case 3: + r[3] = b[3]; + if (++dl >= 0) break; + } + b += 4; + r += 4; + } + } + if (dl < 0) + { +#ifdef BN_COUNT + fprintf(stderr, " bn_add_part_words %d + %d (dl < 0, copy)\n", cl, dl); +#endif + for(;;) + { + r[0] = b[0]; + if (++dl >= 0) break; + r[1] = b[1]; + if (++dl >= 0) break; + r[2] = b[2]; + if (++dl >= 0) break; + r[3] = b[3]; + if (++dl >= 0) break; + + b += 4; + r += 4; + } + } + } + else + { + int save_dl = dl; +#ifdef BN_COUNT + fprintf(stderr, " bn_add_part_words %d + %d (dl > 0)\n", cl, dl); +#endif + while (c) + { + t=(a[0]+c)&BN_MASK2; + c=(t < c); + r[0]=t; + if (--dl <= 0) break; + + t=(a[1]+c)&BN_MASK2; + c=(t < c); + r[1]=t; + if (--dl <= 0) break; + + t=(a[2]+c)&BN_MASK2; + c=(t < c); + r[2]=t; + if (--dl <= 0) break; + + t=(a[3]+c)&BN_MASK2; + c=(t < c); + r[3]=t; + if (--dl <= 0) break; + + save_dl = dl; + a+=4; + r+=4; + } +#ifdef BN_COUNT + fprintf(stderr, " bn_add_part_words %d + %d (dl > 0, c == 0)\n", cl, dl); +#endif + if (dl > 0) + { + if (save_dl > dl) + { + switch (save_dl - dl) + { + case 1: + r[1] = a[1]; + if (--dl <= 0) break; + case 2: + r[2] = a[2]; + if (--dl <= 0) break; + case 3: + r[3] = a[3]; + if (--dl <= 0) break; + } + a += 4; + r += 4; + } + } + if (dl > 0) + { +#ifdef BN_COUNT + fprintf(stderr, " bn_add_part_words %d + %d (dl > 0, copy)\n", cl, dl); +#endif + for(;;) + { + r[0] = a[0]; + if (--dl <= 0) break; + r[1] = a[1]; + if (--dl <= 0) break; + r[2] = a[2]; + if (--dl <= 0) break; + r[3] = a[3]; + if (--dl <= 0) break; + + a += 4; + r += 4; + } + } + } + return c; + } + #ifdef BN_RECURSION /* Karatsuba recursive multiplication algorithm * (cf. Knuth, The Art of Computer Programming, Vol. 2) */ @@ -75,14 +388,15 @@ * a[1]*b[1] */ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, - BN_ULONG *t) + int dna, int dnb, BN_ULONG *t) { int n=n2/2,c1,c2; + int tna=n+dna, tnb=n+dnb; unsigned int neg,zero; BN_ULONG ln,lo,*p; # ifdef BN_COUNT - printf(" bn_mul_recursive %d * %d\n",n2,n2); + fprintf(stderr," bn_mul_recursive %d * %d\n",n2,n2); # endif # ifdef BN_MUL_COMBA # if 0 @@ -105,21 +419,21 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, return; } /* r=(a[0]-a[1])*(b[1]-b[0]) */ - c1=bn_cmp_words(a,&(a[n]),n); - c2=bn_cmp_words(&(b[n]),b,n); + c1=bn_cmp_part_words(a,&(a[n]),tna,n-tna); + c2=bn_cmp_part_words(&(b[n]),b,tnb,tnb-n); zero=neg=0; switch (c1*3+c2) { case -4: - bn_sub_words(t, &(a[n]),a, n); /* - */ - bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ + bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */ + bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */ break; case -3: zero=1; break; case -2: - bn_sub_words(t, &(a[n]),a, n); /* - */ - bn_sub_words(&(t[n]),&(b[n]),b, n); /* + */ + bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */ + bn_sub_part_words(&(t[n]),&(b[n]),b, tnb,tnb-n); /* + */ neg=1; break; case -1: @@ -128,16 +442,16 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, zero=1; break; case 2: - bn_sub_words(t, a, &(a[n]),n); /* + */ - bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ + bn_sub_part_words(t, a, &(a[n]),tna,n-tna); /* + */ + bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */ neg=1; break; case 3: zero=1; break; case 4: - bn_sub_words(t, a, &(a[n]),n); - bn_sub_words(&(t[n]),&(b[n]),b, n); + bn_sub_part_words(t, a, &(a[n]),tna,n-tna); + bn_sub_part_words(&(t[n]),&(b[n]),b, tnb,tnb-n); break; } @@ -167,11 +481,11 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, { p= &(t[n2*2]); if (!zero) - bn_mul_recursive(&(t[n2]),t,&(t[n]),n,p); + bn_mul_recursive(&(t[n2]),t,&(t[n]),n,0,0,p); else memset(&(t[n2]),0,n2*sizeof(BN_ULONG)); - bn_mul_recursive(r,a,b,n,p); - bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),n,p); + bn_mul_recursive(r,a,b,n,0,0,p); + bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),n,dna,dnb,p); } /* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign @@ -220,39 +534,39 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, /* n+tn is the word length * t needs to be n*4 is size, as does r */ -void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int tn, - int n, BN_ULONG *t) +void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n, + int tna, int tnb, BN_ULONG *t) { int i,j,n2=n*2; unsigned int c1,c2,neg,zero; BN_ULONG ln,lo,*p; # ifdef BN_COUNT - printf(" bn_mul_part_recursive %d * %d\n",tn+n,tn+n); + fprintf(stderr," bn_mul_part_recursive (%d+%d) * (%d+%d)\n", + tna, n, tnb, n); # endif if (n < 8) { - i=tn+n; - bn_mul_normal(r,a,i,b,i); + bn_mul_normal(r,a,n+tna,b,n+tnb); return; } /* r=(a[0]-a[1])*(b[1]-b[0]) */ - c1=bn_cmp_words(a,&(a[n]),n); - c2=bn_cmp_words(&(b[n]),b,n); + c1=bn_cmp_part_words(a,&(a[n]),tna,n-tna); + c2=bn_cmp_part_words(&(b[n]),b,tnb,tnb-n); zero=neg=0; switch (c1*3+c2) { case -4: - bn_sub_words(t, &(a[n]),a, n); /* - */ - bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ + bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */ + bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */ break; case -3: zero=1; /* break; */ case -2: - bn_sub_words(t, &(a[n]),a, n); /* - */ - bn_sub_words(&(t[n]),&(b[n]),b, n); /* + */ + bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */ + bn_sub_part_words(&(t[n]),&(b[n]),b, tnb,tnb-n); /* + */ neg=1; break; case -1: @@ -261,16 +575,16 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int tn, zero=1; /* break; */ case 2: - bn_sub_words(t, a, &(a[n]),n); /* + */ - bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ + bn_sub_part_words(t, a, &(a[n]),tna,n-tna); /* + */ + bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */ neg=1; break; case 3: zero=1; /* break; */ case 4: - bn_sub_words(t, a, &(a[n]),n); - bn_sub_words(&(t[n]),&(b[n]),b, n); + bn_sub_part_words(t, a, &(a[n]),tna,n-tna); + bn_sub_part_words(&(t[n]),&(b[n]),b, tnb,tnb-n); break; } /* The zero case isn't yet implemented here. The speedup @@ -289,54 +603,59 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int tn, { bn_mul_comba8(&(t[n2]),t,&(t[n])); bn_mul_comba8(r,a,b); - bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn); - memset(&(r[n2+tn*2]),0,sizeof(BN_ULONG)*(n2-tn*2)); + bn_mul_normal(&(r[n2]),&(a[n]),tna,&(b[n]),tnb); + memset(&(r[n2+tna+tnb]),0,sizeof(BN_ULONG)*(n2-tna-tnb)); } else { p= &(t[n2*2]); - bn_mul_recursive(&(t[n2]),t,&(t[n]),n,p); - bn_mul_recursive(r,a,b,n,p); + bn_mul_recursive(&(t[n2]),t,&(t[n]),n,0,0,p); + bn_mul_recursive(r,a,b,n,0,0,p); i=n/2; /* If there is only a bottom half to the number, * just do it */ - j=tn-i; + if (tna > tnb) + j = tna - i; + else + j = tnb - i; if (j == 0) { - bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),i,p); + bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]), + i,tna-i,tnb-i,p); memset(&(r[n2+i*2]),0,sizeof(BN_ULONG)*(n2-i*2)); } else if (j > 0) /* eg, n == 16, i == 8 and tn == 11 */ { bn_mul_part_recursive(&(r[n2]),&(a[n]),&(b[n]), - j,i,p); - memset(&(r[n2+tn*2]),0, - sizeof(BN_ULONG)*(n2-tn*2)); + i,tna-i,tnb-i,p); + memset(&(r[n2+tna+tnb]),0, + sizeof(BN_ULONG)*(n2-tna-tnb)); } else /* (j < 0) eg, n == 16, i == 8 and tn == 5 */ { memset(&(r[n2]),0,sizeof(BN_ULONG)*n2); - if (tn < BN_MUL_RECURSIVE_SIZE_NORMAL) + if (tna < BN_MUL_RECURSIVE_SIZE_NORMAL + && tnb < BN_MUL_RECURSIVE_SIZE_NORMAL) { - bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn); + bn_mul_normal(&(r[n2]),&(a[n]),tna,&(b[n]),tnb); } else { for (;;) { i/=2; - if (i < tn) + if (i < tna && i < tnb) { bn_mul_part_recursive(&(r[n2]), &(a[n]),&(b[n]), - tn-i,i,p); + i,tna-i,tnb-i,p); break; } - else if (i == tn) + else if (i <= tna && i <= tnb) { bn_mul_recursive(&(r[n2]), &(a[n]),&(b[n]), - i,p); + i,tna-i,tnb-i,p); break; } } @@ -397,10 +716,10 @@ void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, int n=n2/2; # ifdef BN_COUNT - printf(" bn_mul_low_recursive %d * %d\n",n2,n2); + fprintf(stderr," bn_mul_low_recursive %d * %d\n",n2,n2); # endif - bn_mul_recursive(r,a,b,n,&(t[0])); + bn_mul_recursive(r,a,b,n,0,0,&(t[0])); if (n >= BN_MUL_LOW_RECURSIVE_SIZE_NORMAL) { bn_mul_low_recursive(&(t[0]),&(a[0]),&(b[n]),n,&(t[n2])); @@ -431,7 +750,7 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2, BN_ULONG ll,lc,*lp,*mp; # ifdef BN_COUNT - printf(" bn_mul_high %d * %d\n",n2,n2); + fprintf(stderr," bn_mul_high %d * %d\n",n2,n2); # endif n=n2/2; @@ -484,8 +803,8 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2, else # endif { - bn_mul_recursive(&(t[0]),&(r[0]),&(r[n]),n,&(t[n2])); - bn_mul_recursive(r,&(a[n]),&(b[n]),n,&(t[n2])); + bn_mul_recursive(&(t[0]),&(r[0]),&(r[n]),n,0,0,&(t[n2])); + bn_mul_recursive(r,&(a[n]),&(b[n]),n,0,0,&(t[n2])); } /* s0 == low(al*bl) @@ -608,11 +927,11 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2, } #endif /* BN_RECURSION */ -int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx) +int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) { + int ret=0; int top,al,bl; BIGNUM *rr; - int ret = 0; #if defined(BN_MUL_COMBA) || defined(BN_RECURSION) int i; #endif @@ -622,7 +941,7 @@ int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx) #endif #ifdef BN_COUNT - printf("BN_mul %d * %d\n",a->top,b->top); + fprintf(stderr,"BN_mul %d * %d\n",a->top,b->top); #endif bn_check_top(a); @@ -675,17 +994,55 @@ int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx) #ifdef BN_RECURSION if ((al >= BN_MULL_SIZE_NORMAL) && (bl >= BN_MULL_SIZE_NORMAL)) { + if (i >= -1 && i <= 1) + { + int sav_j =0; + /* Find out the power of two lower or equal + to the longest of the two numbers */ + if (i >= 0) + { + j = BN_num_bits_word((BN_ULONG)al); + } + if (i == -1) + { + j = BN_num_bits_word((BN_ULONG)bl); + } + sav_j = j; + j = 1<<(j-1); + assert(j <= al || j <= bl); + k = j+j; + t = BN_CTX_get(ctx); + if (al > j || bl > j) + { + bn_wexpand(t,k*4); + bn_wexpand(rr,k*4); + bn_mul_part_recursive(rr->d,a->d,b->d, + j,al-j,bl-j,t->d); + } + else /* al <= j || bl <= j */ + { + bn_wexpand(t,k*2); + bn_wexpand(rr,k*2); + bn_mul_recursive(rr->d,a->d,b->d, + j,al-j,bl-j,t->d); + } + rr->top=top; + goto end; + } +#if 0 if (i == 1 && !BN_get_flags(b,BN_FLG_STATIC_DATA)) { - bn_wexpand(b,al); - b->d[bl]=0; + BIGNUM *tmp_bn = (BIGNUM *)b; + bn_wexpand(tmp_bn,al); + tmp_bn->d[bl]=0; bl++; i--; } else if (i == -1 && !BN_get_flags(a,BN_FLG_STATIC_DATA)) { - bn_wexpand(a,bl); - a->d[al]=0; + BIGNUM *tmp_bn = (BIGNUM *)a; + bn_wexpand(tmp_bn,bl); + tmp_bn->d[al]=0; al++; i++; } @@ -705,19 +1062,14 @@ int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx) } else { - bn_wexpand(a,k); - bn_wexpand(b,k); bn_wexpand(t,k*4); bn_wexpand(rr,k*4); - for (i=a->top; i<k; i++) - a->d[i]=0; - for (i=b->top; i<k; i++) - b->d[i]=0; bn_mul_part_recursive(rr->d,a->d,b->d,al-j,j,t->d); } rr->top=top; goto end; } +#endif } #endif /* BN_RECURSION */ if (bn_wexpand(rr,top) == NULL) goto err; @@ -740,7 +1092,7 @@ void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb) BN_ULONG *rr; #ifdef BN_COUNT - printf(" bn_mul_normal %d * %d\n",na,nb); + fprintf(stderr," bn_mul_normal %d * %d\n",na,nb); #endif if (na < nb) @@ -774,7 +1126,7 @@ void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb) void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n) { #ifdef BN_COUNT - printf(" bn_mul_low_normal %d * %d\n",n,n); + fprintf(stderr," bn_mul_low_normal %d * %d\n",n,n); #endif bn_mul_words(r,a,n,b[0]); diff --git a/crypto/bn/bn_prime.c b/crypto/bn/bn_prime.c index a5f01b92eb..b75e58c6ae 100644 --- a/crypto/bn/bn_prime.c +++ b/crypto/bn/bn_prime.c @@ -125,12 +125,13 @@ static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1, const BIGNUM *a1_odd, int k, BN_CTX *ctx, BN_MONT_CTX *mont); static int probable_prime(BIGNUM *rnd, int bits); static int probable_prime_dh(BIGNUM *rnd, int bits, - BIGNUM *add, BIGNUM *rem, BN_CTX *ctx); + const BIGNUM *add, const BIGNUM *rem, BN_CTX *ctx); static int probable_prime_dh_safe(BIGNUM *rnd, int bits, - BIGNUM *add, BIGNUM *rem, BN_CTX *ctx); + const BIGNUM *add, const BIGNUM *rem, BN_CTX *ctx); -BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe, BIGNUM *add, - BIGNUM *rem, void (*callback)(int,int,void *), void *cb_arg) +BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe, + const BIGNUM *add, const BIGNUM *rem, + void (*callback)(int,int,void *), void *cb_arg) { BIGNUM *rnd=NULL; BIGNUM t; @@ -376,8 +377,8 @@ again: return(1); } -static int probable_prime_dh(BIGNUM *rnd, int bits, BIGNUM *add, BIGNUM *rem, - BN_CTX *ctx) +static int probable_prime_dh(BIGNUM *rnd, int bits, + const BIGNUM *add, const BIGNUM *rem, BN_CTX *ctx) { int i,ret=0; BIGNUM *t1; @@ -413,8 +414,8 @@ err: return(ret); } -static int probable_prime_dh_safe(BIGNUM *p, int bits, BIGNUM *padd, - BIGNUM *rem, BN_CTX *ctx) +static int probable_prime_dh_safe(BIGNUM *p, int bits, const BIGNUM *padd, + const BIGNUM *rem, BN_CTX *ctx) { int i,ret=0; BIGNUM *t1,*qadd,*q; diff --git a/crypto/bn/bn_print.c b/crypto/bn/bn_print.c index 532e66bcc3..d1986d72d0 100644 --- a/crypto/bn/bn_print.c +++ b/crypto/bn/bn_print.c @@ -321,7 +321,7 @@ end: #endif #ifdef BN_DEBUG -void bn_dump1(FILE *o, const char *a, BN_ULONG *b,int n) +void bn_dump1(FILE *o, const char *a, const BN_ULONG *b,int n) { int i; fprintf(o, "%s=", a); diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c index 21ecbc04ed..bab4510345 100644 --- a/crypto/bn/bn_rand.c +++ b/crypto/bn/bn_rand.c @@ -100,6 +100,27 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom) goto err; } +#if 1 + if (pseudorand == 2) + { + /* generate patterns that are more likely to trigger BN + library bugs */ + int i; + unsigned char c; + + for (i = 0; i < bytes; i++) + { + RAND_pseudo_bytes(&c, 1); + if (c >= 128 && i > 0) + buf[i] = buf[i-1]; + else if (c < 42) + buf[i] = 0; + else if (c < 84) + buf[i] = 255; + } + } +#endif + if (top) { if (bit == 0) @@ -140,3 +161,10 @@ int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom) { return bnrand(1, rnd, bits, top, bottom); } + +#if 1 +int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom) + { + return bnrand(2, rnd, bits, top, bottom); + } +#endif diff --git a/crypto/bn/bn_recp.c b/crypto/bn/bn_recp.c index d019941d6b..0700a0f063 100644 --- a/crypto/bn/bn_recp.c +++ b/crypto/bn/bn_recp.c @@ -100,11 +100,12 @@ int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *d, BN_CTX *ctx) return(1); } -int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *x, BIGNUM *y, BN_RECP_CTX *recp, - BN_CTX *ctx) +int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y, + BN_RECP_CTX *recp, BN_CTX *ctx) { int ret=0; BIGNUM *a; + const BIGNUM *ca; BN_CTX_start(ctx); if ((a = BN_CTX_get(ctx)) == NULL) goto err; @@ -114,19 +115,20 @@ int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *x, BIGNUM *y, BN_RECP_CTX *recp, { if (!BN_sqr(a,x,ctx)) goto err; } else { if (!BN_mul(a,x,y,ctx)) goto err; } + ca = a; } else - a=x; /* Just do the mod */ + ca=x; /* Just do the mod */ - BN_div_recp(NULL,r,a,recp,ctx); + BN_div_recp(NULL,r,ca,recp,ctx); ret=1; err: BN_CTX_end(ctx); return(ret); } -int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, BN_RECP_CTX *recp, - BN_CTX *ctx) +int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, + BN_RECP_CTX *recp, BN_CTX *ctx) { int i,j,ret=0; BIGNUM *a,*b,*d,*r; @@ -165,7 +167,8 @@ int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, BN_RECP_CTX *recp, if (i != recp->shift) recp->shift=BN_reciprocal(&(recp->Nr),&(recp->N), - i,ctx); + i,ctx); /* BN_reciprocal returns i, or -1 for an error */ + if (recp->shift == -1) goto err; if (!BN_rshift(a,m,j)) goto err; if (!BN_mul(b,a,&(recp->Nr),ctx)) goto err; @@ -201,7 +204,8 @@ err: * We actually calculate with an extra word of precision, so * we can do faster division if the remainder is not required. */ -int BN_reciprocal(BIGNUM *r, BIGNUM *m, int len, BN_CTX *ctx) +/* r := 2^len / m */ +int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx) { int ret= -1; BIGNUM t; diff --git a/crypto/bn/bn_shift.c b/crypto/bn/bn_shift.c index 0883247384..70f785ea18 100644 --- a/crypto/bn/bn_shift.c +++ b/crypto/bn/bn_shift.c @@ -60,7 +60,7 @@ #include "cryptlib.h" #include "bn_lcl.h" -int BN_lshift1(BIGNUM *r, BIGNUM *a) +int BN_lshift1(BIGNUM *r, const BIGNUM *a) { register BN_ULONG *ap,*rp,t,c; int i; @@ -92,7 +92,7 @@ int BN_lshift1(BIGNUM *r, BIGNUM *a) return(1); } -int BN_rshift1(BIGNUM *r, BIGNUM *a) +int BN_rshift1(BIGNUM *r, const BIGNUM *a) { BN_ULONG *ap,*rp,t,c; int i; @@ -128,8 +128,8 @@ int BN_lshift(BIGNUM *r, const BIGNUM *a, int n) BN_ULONG l; r->neg=a->neg; - if (bn_wexpand(r,a->top+(n/BN_BITS2)+1) == NULL) return(0); nw=n/BN_BITS2; + if (bn_wexpand(r,a->top+nw+1) == NULL) return(0); lb=n%BN_BITS2; rb=BN_BITS2-lb; f=a->d; @@ -153,7 +153,7 @@ int BN_lshift(BIGNUM *r, const BIGNUM *a, int n) return(1); } -int BN_rshift(BIGNUM *r, BIGNUM *a, int n) +int BN_rshift(BIGNUM *r, const BIGNUM *a, int n) { int i,j,nw,lb,rb; BN_ULONG *t,*f; @@ -172,6 +172,11 @@ int BN_rshift(BIGNUM *r, BIGNUM *a, int n) r->neg=a->neg; if (bn_wexpand(r,a->top-nw+1) == NULL) return(0); } + else + { + if (n == 0) + return 1; /* or the copying loop will go berserk */ + } f= &(a->d[nw]); t=r->d; diff --git a/crypto/bn/bn_sqr.c b/crypto/bn/bn_sqr.c index 75f4f38392..b75e6194d0 100644 --- a/crypto/bn/bn_sqr.c +++ b/crypto/bn/bn_sqr.c @@ -62,14 +62,14 @@ /* r must not be a */ /* I've just gone over this and it is now %20 faster on x86 - eay - 27 Jun 96 */ -int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx) +int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) { int max,al; int ret = 0; BIGNUM *tmp,*rr; #ifdef BN_COUNT -printf("BN_sqr %d * %d\n",a->top,a->top); + fprintf(stderr,"BN_sqr %d * %d\n",a->top,a->top); #endif bn_check_top(a); @@ -88,7 +88,6 @@ printf("BN_sqr %d * %d\n",a->top,a->top); max=(al+al); if (bn_wexpand(rr,max+1) == NULL) goto err; - r->neg=0; if (al == 4) { #ifndef BN_SQR_COMBA @@ -124,7 +123,6 @@ printf("BN_sqr %d * %d\n",a->top,a->top); k=j+j; if (al == j) { - if (bn_wexpand(a,k*2) == NULL) goto err; if (bn_wexpand(tmp,k*2) == NULL) goto err; bn_sqr_recursive(rr->d,a->d,al,tmp->d); } @@ -141,6 +139,7 @@ printf("BN_sqr %d * %d\n",a->top,a->top); } rr->top=max; + rr->neg=0; if ((max > 0) && (rr->d[max-1] == 0)) rr->top--; if (rr != r) BN_copy(r,rr); ret = 1; @@ -150,10 +149,11 @@ printf("BN_sqr %d * %d\n",a->top,a->top); } /* tmp must have 2*n words */ -void bn_sqr_normal(BN_ULONG *r, BN_ULONG *a, int n, BN_ULONG *tmp) +void bn_sqr_normal(BN_ULONG *r, const BN_ULONG *a, int n, BN_ULONG *tmp) { int i,j,max; - BN_ULONG *ap,*rp; + const BN_ULONG *ap; + BN_ULONG *rp; max=n*2; ap=a; @@ -197,14 +197,14 @@ void bn_sqr_normal(BN_ULONG *r, BN_ULONG *a, int n, BN_ULONG *tmp) * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0]) * a[1]*b[1] */ -void bn_sqr_recursive(BN_ULONG *r, BN_ULONG *a, int n2, BN_ULONG *t) +void bn_sqr_recursive(BN_ULONG *r, const BN_ULONG *a, int n2, BN_ULONG *t) { int n=n2/2; int zero,c1; BN_ULONG ln,lo,*p; #ifdef BN_COUNT -printf(" bn_sqr_recursive %d * %d\n",n2,n2); + fprintf(stderr," bn_sqr_recursive %d * %d\n",n2,n2); #endif if (n2 == 4) { diff --git a/crypto/bn/bn_sqrt.c b/crypto/bn/bn_sqrt.c index a54d9d2919..2a72c189cb 100644 --- a/crypto/bn/bn_sqrt.c +++ b/crypto/bn/bn_sqrt.c @@ -93,20 +93,6 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) return(NULL); } - if (BN_is_zero(a) || BN_is_one(a)) - { - if (ret == NULL) - ret = BN_new(); - if (ret == NULL) - goto end; - if (!BN_set_word(ret, BN_is_one(a))) - { - BN_free(ret); - return NULL; - } - return ret; - } - #if 0 /* if BN_mod_sqrt is used with correct input, this just wastes time */ r = BN_kronecker(a, p, ctx); if (r < -1) return NULL; @@ -133,9 +119,7 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) e = 1; while (!BN_is_bit_set(p, e)) e++; - if (e > 2) - /* we don't need this q if e = 1 or 2 */ - if (!BN_rshift(q, p, e)) goto end; + if (!BN_rshift(q, p, e)) goto end; q->neg = 0; if (e == 1) @@ -145,74 +129,16 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) * directly by modular exponentiation. * We have * 2 * (p+1)/4 == 1 (mod (p-1)/2), - * so we can use exponent (p+1)/4, i.e. (p-3)/4 + 1. + * so we can use exponent (p+1)/4, i.e. (q+1)/2. */ - if (!BN_rshift(q, p, 2)) goto end; - if (!BN_add_word(q, 1)) goto end; + if (!BN_add_word(q,1)) goto end; + if (!BN_rshift1(q,q)) goto end; if (!BN_mod_exp(ret, a, q, p, ctx)) goto end; err = 0; goto end; } - if (e == 2) - { - /* p == 5 (mod 8) - * - * In this case 2 is always a non-square since - * Legendre(2,p) = (-1)^((p^2-1)/8) for any odd prime. - * So if a really is a square, then 2*a is a non-square. - * Thus for - * b := (2*a)^((p-5)/8), - * i := (2*a)*b^2 - * we have - * i^2 = (2*a)^((1 + (p-5)/4)*2) - * = (2*a)^((p-1)/2) - * = -1; - * so if we set - * x := a*b*(i-1), - * then - * x^2 = a^2 * b^2 * (i^2 - 2*i + 1) - * = a^2 * b^2 * (-2*i) - * = a*(-i)*(2*a*b^2) - * = a*(-i)*i - * = a. - * - * (This is due to A.O.L. Atkin, - * <URL: http://listserv.nodak.edu/scripts/wa.exe?A2=ind9211&L=nmbrthry&O=T&P=562>, - * November 1992.) - */ - - /* make sure that a is reduced modulo p */ - if (a->neg || BN_ucmp(a, p) >= 0) - { - if (!BN_nnmod(x, a, p, ctx)) goto end; - a = x; /* use x as temporary variable */ - } - - /* t := 2*a */ - if (!BN_mod_lshift1_quick(t, a, p)) goto end; - - /* b := (2*a)^((p-5)/8) */ - if (!BN_rshift(q, p, 3)) goto end; - if (!BN_mod_exp(b, t, q, p, ctx)) goto end; - - /* y := b^2 */ - if (!BN_mod_sqr(y, b, p, ctx)) goto end; - - /* t := (2*a)*b^2 - 1*/ - if (!BN_mod_mul(t, t, y, p, ctx)) goto end; - if (!BN_sub_word(t, 1)) goto end; /* cannot become negative */ - - /* x = a*b*t */ - if (!BN_mod_mul(x, a, b, p, ctx)) goto end; - if (!BN_mod_mul(x, x, t, p, ctx)) goto end; - - if (!BN_copy(ret, x)) goto end; - err = 0; - goto end; - } - - /* e > 2, so we really have to use the Tonelli/Shanks algorithm. + /* e > 1, so we really have to use the Tonelli/Shanks algorithm. * First, find some y that is not a square. */ i = 2; do diff --git a/crypto/bn/bntest.c b/crypto/bn/bntest.c index 0a97af69c5..91563dd222 100644 --- a/crypto/bn/bntest.c +++ b/crypto/bn/bntest.c @@ -91,6 +91,8 @@ int test_mod(BIO *bp,BN_CTX *ctx); int test_mod_mul(BIO *bp,BN_CTX *ctx); int test_mod_exp(BIO *bp,BN_CTX *ctx); int test_exp(BIO *bp,BN_CTX *ctx); +int test_kron(BIO *bp,BN_CTX *ctx); +int test_sqrt(BIO *bp,BN_CTX *ctx); int rand_neg(void); static int results=0; @@ -122,9 +124,7 @@ int main(int argc, char *argv[]) results = 0; - RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we don't - * even check its return value - * (which we should) */ + RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */ argc--; argv++; @@ -228,6 +228,14 @@ int main(int argc, char *argv[]) if (!test_exp(out,ctx)) goto err; BIO_flush(out); + message(out,"BN_kronecker"); + if (!test_kron(out,ctx)) goto err; + BIO_flush(out); + + message(out,"BN_mod_sqrt"); + if (!test_sqrt(out,ctx)) goto err; + BIO_flush(out); + BN_CTX_free(ctx); BIO_free(out); @@ -247,21 +255,17 @@ int test_add(BIO *bp) { BIGNUM a,b,c; int i; - int j; BN_init(&a); BN_init(&b); BN_init(&c); - BN_rand(&a,512,0,0); + BN_bntest_rand(&a,512,0,0); for (i=0; i<num0; i++) { - BN_rand(&b,450+i,0,0); + BN_bntest_rand(&b,450+i,0,0); a.neg=rand_neg(); b.neg=rand_neg(); - if (bp == NULL) - for (j=0; j<10000; j++) - BN_add(&c,&a,&b); BN_add(&c,&a,&b); if (bp != NULL) { @@ -295,7 +299,6 @@ int test_sub(BIO *bp) { BIGNUM a,b,c; int i; - int j; BN_init(&a); BN_init(&b); @@ -305,20 +308,17 @@ int test_sub(BIO *bp) { if (i < num1) { - BN_rand(&a,512,0,0); + BN_bntest_rand(&a,512,0,0); BN_copy(&b,&a); if (BN_set_bit(&a,i)==0) return(0); BN_add_word(&b,i); } else { - BN_rand(&b,400+i-num1,0,0); + BN_bntest_rand(&b,400+i-num1,0,0); a.neg=rand_neg(); b.neg=rand_neg(); } - if (bp == NULL) - for (j=0; j<10000; j++) - BN_sub(&c,&a,&b); BN_sub(&c,&a,&b); if (bp != NULL) { @@ -350,7 +350,6 @@ int test_div(BIO *bp, BN_CTX *ctx) { BIGNUM a,b,c,d,e; int i; - int j; BN_init(&a); BN_init(&b); @@ -362,18 +361,15 @@ int test_div(BIO *bp, BN_CTX *ctx) { if (i < num1) { - BN_rand(&a,400,0,0); + BN_bntest_rand(&a,400,0,0); BN_copy(&b,&a); BN_lshift(&a,&a,i); BN_add_word(&a,i); } else - BN_rand(&b,50+3*(i-num1),0,0); + BN_bntest_rand(&b,50+3*(i-num1),0,0); a.neg=rand_neg(); b.neg=rand_neg(); - if (bp == NULL) - for (j=0; j<100; j++) - BN_div(&d,&c,&a,&b,ctx); BN_div(&d,&c,&a,&b,ctx); if (bp != NULL) { @@ -419,7 +415,6 @@ int test_div_recp(BIO *bp, BN_CTX *ctx) BIGNUM a,b,c,d,e; BN_RECP_CTX recp; int i; - int j; BN_RECP_CTX_init(&recp); BN_init(&a); @@ -432,19 +427,16 @@ int test_div_recp(BIO *bp, BN_CTX *ctx) { if (i < num1) { - BN_rand(&a,400,0,0); + BN_bntest_rand(&a,400,0,0); BN_copy(&b,&a); BN_lshift(&a,&a,i); BN_add_word(&a,i); } else - BN_rand(&b,50+3*(i-num1),0,0); + BN_bntest_rand(&b,50+3*(i-num1),0,0); a.neg=rand_neg(); b.neg=rand_neg(); BN_RECP_CTX_set(&recp,&b,ctx); - if (bp == NULL) - for (j=0; j<100; j++) - BN_div_recp(&d,&c,&a,&recp,ctx); BN_div_recp(&d,&c,&a,&recp,ctx); if (bp != NULL) { @@ -495,7 +487,6 @@ int test_mul(BIO *bp) { BIGNUM a,b,c,d,e; int i; - int j; BN_CTX ctx; BN_CTX_init(&ctx); @@ -509,16 +500,13 @@ int test_mul(BIO *bp) { if (i <= num1) { - BN_rand(&a,100,0,0); - BN_rand(&b,100,0,0); + BN_bntest_rand(&a,100,0,0); + BN_bntest_rand(&b,100,0,0); } else - BN_rand(&b,i-num1,0,0); + BN_bntest_rand(&b,i-num1,0,0); a.neg=rand_neg(); b.neg=rand_neg(); - if (bp == NULL) - for (j=0; j<100; j++) - BN_mul(&c,&a,&b,&ctx); BN_mul(&c,&a,&b,&ctx); if (bp != NULL) { @@ -553,7 +541,6 @@ int test_sqr(BIO *bp, BN_CTX *ctx) { BIGNUM a,c,d,e; int i; - int j; BN_init(&a); BN_init(&c); @@ -562,11 +549,8 @@ int test_sqr(BIO *bp, BN_CTX *ctx) for (i=0; i<num0; i++) { - BN_rand(&a,40+i*10,0,0); + BN_bntest_rand(&a,40+i*10,0,0); a.neg=rand_neg(); - if (bp == NULL) - for (j=0; j<100; j++) - BN_sqr(&c,&a,ctx); BN_sqr(&c,&a,ctx); if (bp != NULL) { @@ -600,7 +584,6 @@ int test_mont(BIO *bp, BN_CTX *ctx) BIGNUM a,b,c,d,A,B; BIGNUM n; int i; - int j; BN_MONT_CTX *mont; BN_init(&a); @@ -613,23 +596,23 @@ int test_mont(BIO *bp, BN_CTX *ctx) mont=BN_MONT_CTX_new(); - BN_rand(&a,100,0,0); /**/ - BN_rand(&b,100,0,0); /**/ + BN_bntest_rand(&a,100,0,0); /**/ + BN_bntest_rand(&b,100,0,0); /**/ for (i=0; i<num2; i++) { int bits = (200*(i+1))/num2; if (bits == 0) continue; - BN_rand(&n,bits,0,1); + BN_bntest_rand(&n,bits,0,1); BN_MONT_CTX_set(mont,&n,ctx); + BN_nnmod(&a,&a,&n,ctx); + BN_nnmod(&b,&b,&n,ctx); + BN_to_montgomery(&A,&a,mont,ctx); BN_to_montgomery(&B,&b,mont,ctx); - if (bp == NULL) - for (j=0; j<100; j++) - BN_mod_mul_montgomery(&c,&A,&B,mont,ctx);/**/ BN_mod_mul_montgomery(&c,&A,&B,mont,ctx);/**/ BN_from_montgomery(&A,&c,mont,ctx);/**/ if (bp != NULL) @@ -675,7 +658,6 @@ int test_mod(BIO *bp, BN_CTX *ctx) { BIGNUM *a,*b,*c,*d,*e; int i; - int j; a=BN_new(); b=BN_new(); @@ -683,15 +665,12 @@ int test_mod(BIO *bp, BN_CTX *ctx) d=BN_new(); e=BN_new(); - BN_rand(a,1024,0,0); /**/ + BN_bntest_rand(a,1024,0,0); /**/ for (i=0; i<num0; i++) { - BN_rand(b,450+i*10,0,0); /**/ + BN_bntest_rand(b,450+i*10,0,0); /**/ a->neg=rand_neg(); b->neg=rand_neg(); - if (bp == NULL) - for (j=0; j<100; j++) - BN_mod(c,a,b,ctx);/**/ BN_mod(c,a,b,ctx);/**/ if (bp != NULL) { @@ -732,17 +711,13 @@ int test_mod_mul(BIO *bp, BN_CTX *ctx) d=BN_new(); e=BN_new(); - BN_rand(c,1024,0,0); /**/ + BN_bntest_rand(c,1024,0,0); /**/ for (i=0; i<num0; i++) { - BN_rand(a,475+i*10,0,0); /**/ - BN_rand(b,425+i*11,0,0); /**/ + BN_bntest_rand(a,475+i*10,0,0); /**/ + BN_bntest_rand(b,425+i*11,0,0); /**/ a->neg=rand_neg(); b->neg=rand_neg(); - /* if (bp == NULL) - for (j=0; j<100; j++) - BN_mod_mul(d,a,b,c,ctx);*/ /**/ - if (!BN_mod_mul(e,a,b,c,ctx)) { unsigned long l; @@ -761,6 +736,16 @@ int test_mod_mul(BIO *bp, BN_CTX *ctx) BN_print(bp,b); BIO_puts(bp," % "); BN_print(bp,c); + if ((a->neg ^ b->neg) && !BN_is_zero(e)) + { + /* If (a*b) % c is negative, c must be added + * in order to obtain the normalized remainder + * (new with OpenSSL 0.9.7, previous versions of + * BN_mod_mul could generate negative results) + */ + BIO_puts(bp," + "); + BN_print(bp,c); + } BIO_puts(bp," - "); } BN_print(bp,e); @@ -772,6 +757,7 @@ int test_mod_mul(BIO *bp, BN_CTX *ctx) if(!BN_is_zero(b)) { fprintf(stderr,"Modulo multiply test failed!\n"); + ERR_print_errors_fp(stderr); return 0; } } @@ -794,11 +780,11 @@ int test_mod_exp(BIO *bp, BN_CTX *ctx) d=BN_new(); e=BN_new(); - BN_rand(c,30,0,1); /* must be odd for montgomery */ + BN_bntest_rand(c,30,0,1); /* must be odd for montgomery */ for (i=0; i<num2; i++) { - BN_rand(a,20+i*5,0,0); /**/ - BN_rand(b,2+i,0,0); /**/ + BN_bntest_rand(a,20+i*5,0,0); /**/ + BN_bntest_rand(b,2+i,0,0); /**/ if (!BN_mod_exp(d,a,b,c,ctx)) return(00); @@ -848,8 +834,8 @@ int test_exp(BIO *bp, BN_CTX *ctx) for (i=0; i<num2; i++) { - BN_rand(a,20+i*5,0,0); /**/ - BN_rand(b,2+i,0,0); /**/ + BN_bntest_rand(a,20+i*5,0,0); /**/ + BN_bntest_rand(b,2+i,0,0); /**/ if (!BN_exp(d,a,b,ctx)) return(00); @@ -884,6 +870,172 @@ int test_exp(BIO *bp, BN_CTX *ctx) return(1); } +static void genprime_cb(int p, int n, void *arg) + { + char c='*'; + + if (p == 0) c='.'; + if (p == 1) c='+'; + if (p == 2) c='*'; + if (p == 3) c='\n'; + putc(c, stderr); + fflush(stderr); + (void)n; + (void)arg; + } + +int test_kron(BIO *bp, BN_CTX *ctx) + { + BIGNUM *a,*b,*r,*t; + int i; + int legendre, kronecker; + int ret = 0; + + a = BN_new(); + b = BN_new(); + r = BN_new(); + t = BN_new(); + if (a == NULL || b == NULL || r == NULL || t == NULL) goto err; + + /* We test BN_kronecker(a, b, ctx) just for b odd (Jacobi symbol). + * In this case we know that if b is prime, then BN_kronecker(a, b, ctx) + * is congruent to $a^{(b-1)/2}$, modulo $b$ (Legendre symbol). + * So we generate a random prime b and compare these values + * for a number of random a's. (That is, we run the Solovay-Strassen + * primality test to confirm that b is prime, except that we + * don't want to test whether b is prime but whether BN_kronecker + * works.) */ + + if (!BN_generate_prime(b, 512, 0, NULL, NULL, genprime_cb, NULL)) goto err; + putc('\n', stderr); + + for (i = 0; i < num0; i++) + { + if (!BN_bntest_rand(a, 512, 0, 0)) goto err; + a->neg = rand_neg(); + + /* t := (b-1)/2 (note that b is odd) */ + if (!BN_copy(t, b)) goto err; + if (!BN_sub_word(t, 1)) goto err; + if (!BN_rshift1(t, t)) goto err; + /* r := a^t mod b */ + if (!BN_mod_exp(r, a, t, b, ctx)) goto err; + + if (BN_is_word(r, 1)) + legendre = 1; + else if (BN_is_zero(r)) + legendre = 0; + else + { + if (!BN_add_word(r, 1)) goto err; + if (0 != BN_cmp(r, b)) + { + fprintf(stderr, "Legendre symbol computation failed\n"); + goto err; + } + legendre = -1; + } + + kronecker = BN_kronecker(a, b, ctx); + if (kronecker < -1) goto err; + + if (legendre != kronecker) + { + fprintf(stderr, "legendre != kronecker; a = "); + BN_print_fp(stderr, a); + fprintf(stderr, ", b = "); + BN_print_fp(stderr, b); + fprintf(stderr, "\n"); + goto err; + } + + putc('.', stderr); + fflush(stderr); + } + + putc('\n', stderr); + fflush(stderr); + ret = 1; + err: + if (a != NULL) BN_free(a); + if (b != NULL) BN_free(b); + if (r != NULL) BN_free(r); + if (t != NULL) BN_free(t); + return ret; + } + +int test_sqrt(BIO *bp, BN_CTX *ctx) + { + BIGNUM *a,*p,*r; + int i, j; + int ret = 0; + + a = BN_new(); + p = BN_new(); + r = BN_new(); + if (a == NULL || p == NULL || r == NULL) goto err; + + for (i = 0; i < 16; i++) + { + if (i < 8) + { + unsigned primes[8] = { 2, 3, 5, 7, 11, 13, 17, 19 }; + + if (!BN_set_word(p, primes[i])) goto err; + } + else + { + if (!BN_set_word(a, 32)) goto err; + if (!BN_set_word(r, 2*i + 1)) goto err; + + if (!BN_generate_prime(p, 256, 0, a, r, genprime_cb, NULL)) goto err; + putc('\n', stderr); + } + + for (j = 0; j < num2; j++) + { + /* construct 'a' such that it is a square modulo p, + * but in general not a proper square and not reduced modulo p */ + if (!BN_bntest_rand(r, 256, 0, 3)) goto err; + if (!BN_nnmod(r, r, p, ctx)) goto err; + if (!BN_mod_sqr(r, r, p, ctx)) goto err; + if (!BN_bntest_rand(a, 256, 0, 3)) goto err; + if (!BN_nnmod(a, a, p, ctx)) goto err; + if (!BN_mod_sqr(a, a, p, ctx)) goto err; + if (!BN_mul(a, a, r, ctx)) goto err; + + if (!BN_mod_sqrt(r, a, p, ctx)) goto err; + if (!BN_mod_sqr(r, r, p, ctx)) goto err; + + if (!BN_nnmod(a, a, p, ctx)) goto err; + + if (BN_cmp(a, r) != 0) + { + fprintf(stderr, "BN_mod_sqrt failed: a = "); + BN_print_fp(stderr, a); + fprintf(stderr, ", r = "); + BN_print_fp(stderr, r); + fprintf(stderr, ", p = "); + BN_print_fp(stderr, p); + fprintf(stderr, "\n"); + goto err; + } + + putc('.', stderr); + fflush(stderr); + } + + putc('\n', stderr); + fflush(stderr); + } + ret = 1; + err: + if (a != NULL) BN_free(a); + if (p != NULL) BN_free(p); + if (r != NULL) BN_free(r); + return ret; + } + int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_) { BIGNUM *a,*b,*c,*d; @@ -899,7 +1051,7 @@ int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_) else { a=BN_new(); - BN_rand(a,200,0,0); /**/ + BN_bntest_rand(a,200,0,0); /**/ a->neg=rand_neg(); } for (i=0; i<num0; i++) @@ -951,7 +1103,7 @@ int test_lshift1(BIO *bp) b=BN_new(); c=BN_new(); - BN_rand(a,200,0,0); /**/ + BN_bntest_rand(a,200,0,0); /**/ a->neg=rand_neg(); for (i=0; i<num0; i++) { @@ -995,7 +1147,7 @@ int test_rshift(BIO *bp,BN_CTX *ctx) e=BN_new(); BN_one(c); - BN_rand(a,200,0,0); /**/ + BN_bntest_rand(a,200,0,0); /**/ a->neg=rand_neg(); for (i=0; i<num0; i++) { @@ -1038,7 +1190,7 @@ int test_rshift1(BIO *bp) b=BN_new(); c=BN_new(); - BN_rand(a,200,0,0); /**/ + BN_bntest_rand(a,200,0,0); /**/ a->neg=rand_neg(); for (i=0; i<num0; i++) { diff --git a/crypto/bn/expspeed.c b/crypto/bn/expspeed.c index 2044ab9bff..c55347e297 100644 --- a/crypto/bn/expspeed.c +++ b/crypto/bn/expspeed.c @@ -61,6 +61,28 @@ /* most of this code has been pilfered from my libdes speed.c program */ #define BASENUM 5000 +#define NUM_START 0 + + +/* determine timings for modexp, gcd, or modular inverse */ +#define TEST_EXP +#undef TEST_GCD +#undef TEST_KRON +#undef TEST_INV +#undef TEST_SQRT +#define P_MOD_64 9 /* least significant 6 bits for prime to be used for BN_sqrt timings */ + +#if defined(TEST_EXP) + defined(TEST_GCD) + defined(TEST_KRON) + defined(TEST_INV) +defined(TEST_SQRT) != 1 +# error "choose one test" +#endif + +#if defined(TEST_INV) || defined(TEST_SQRT) +# define C_PRIME +static void genprime_cb(int p, int n, void *arg); +#endif + + + #undef PROG #define PROG bnspeed_main @@ -70,6 +92,7 @@ #include <string.h> #include <openssl/crypto.h> #include <openssl/err.h> +#include <openssl/rand.h> #if !defined(MSDOS) && (!defined(VMS) || defined(__DECC)) #define TIMES @@ -161,11 +184,16 @@ static double Time_F(int s) #endif } -#define NUM_SIZES 6 -static int sizes[NUM_SIZES]={256,512,1024,2048,4096,8192}; -static int mul_c[NUM_SIZES]={8*8*8*8*8,8*8*8*8,8*8*8,8*8,8,1}; +#define NUM_SIZES 7 +#if NUM_START > NUM_SIZES +# error "NUM_START > NUM_SIZES" +#endif +static int sizes[NUM_SIZES]={128,256,512,1024,2048,4096,8192}; +static int mul_c[NUM_SIZES]={8*8*8*8*8*8,8*8*8*8*8,8*8*8*8,8*8*8,8*8,8,1}; /*static int sizes[NUM_SIZES]={59,179,299,419,539}; */ +#define RAND_SEED(string) { const char str[] = string; RAND_seed(string, sizeof str); } + void do_mul_exp(BIGNUM *r,BIGNUM *a,BIGNUM *b,BIGNUM *c,BN_CTX *ctx); int main(int argc, char **argv) @@ -173,13 +201,23 @@ int main(int argc, char **argv) BN_CTX *ctx; BIGNUM *a,*b,*c,*r; +#if 1 + if (!CRYPTO_set_mem_debug_functions(0,0,0,0,0)) + abort(); +#endif + ctx=BN_CTX_new(); a=BN_new(); b=BN_new(); c=BN_new(); r=BN_new(); + while (!RAND_status()) + /* not enough bits */ + RAND_SEED("I demand a manual recount!"); + do_mul_exp(r,a,b,c,ctx); + return 0; } void do_mul_exp(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx) @@ -187,29 +225,107 @@ void do_mul_exp(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx) int i,k; double tm; long num; - BN_MONT_CTX m; - - memset(&m,0,sizeof(m)); num=BASENUM; - for (i=0; i<NUM_SIZES; i++) + for (i=NUM_START; i<NUM_SIZES; i++) { - BN_rand(a,sizes[i],1,0); - BN_rand(b,sizes[i],1,0); - BN_rand(c,sizes[i],1,1); - BN_mod(a,a,c,ctx); - BN_mod(b,b,c,ctx); - - BN_MONT_CTX_set(&m,c,ctx); +#ifdef C_PRIME +# ifdef TEST_SQRT + if (!BN_set_word(a, 64)) goto err; + if (!BN_set_word(b, P_MOD_64)) goto err; +# define ADD a +# define REM b +# else +# define ADD NULL +# define REM NULL +# endif + if (!BN_generate_prime(c,sizes[i],0,ADD,REM,genprime_cb,NULL)) goto err; + putc('\n', stderr); + fflush(stderr); +#endif - Time_F(START); for (k=0; k<num; k++) - BN_mod_exp_mont(r,a,b,c,ctx,&m); + { + if (k%50 == 0) /* Average over num/50 different choices of random numbers. */ + { + if (!BN_pseudo_rand(a,sizes[i],1,0)) goto err; + + if (!BN_pseudo_rand(b,sizes[i],1,0)) goto err; + +#ifndef C_PRIME + if (!BN_pseudo_rand(c,sizes[i],1,1)) goto err; +#endif + +#ifdef TEST_SQRT + if (!BN_mod_sqr(a,a,c,ctx)) goto err; + if (!BN_mod_sqr(b,b,c,ctx)) goto err; +#else + if (!BN_nnmod(a,a,c,ctx)) goto err; + if (!BN_nnmod(b,b,c,ctx)) goto err; +#endif + + if (k == 0) + Time_F(START); + } + +#if defined(TEST_EXP) + if (!BN_mod_exp(r,a,b,c,ctx)) goto err; +#elif defined(TEST_GCD) + if (!BN_gcd(r,a,b,ctx)) goto err; + if (!BN_gcd(r,b,c,ctx)) goto err; + if (!BN_gcd(r,c,a,ctx)) goto err; +#elif defined(TEST_KRON) + if (-2 == BN_kronecker(a,b,ctx)) goto err; + if (-2 == BN_kronecker(b,c,ctx)) goto err; + if (-2 == BN_kronecker(c,a,ctx)) goto err; +#elif defined(TEST_INV) + if (!BN_mod_inverse(r,a,c,ctx)) goto err; + if (!BN_mod_inverse(r,b,c,ctx)) goto err; +#else /* TEST_SQRT */ + if (!BN_mod_sqrt(r,a,c,ctx)) goto err; + if (!BN_mod_sqrt(r,b,c,ctx)) goto err; +#endif + } tm=Time_F(STOP); - printf("mul %4d ^ %4d %% %d -> %8.3fms %5.1f\n",sizes[i],sizes[i],sizes[i],tm*1000.0/num,tm*mul_c[i]/num); + printf( +#if defined(TEST_EXP) + "modexp %4d ^ %4d %% %4d" +#elif defined(TEST_GCD) + "3*gcd %4d %4d %4d" +#elif defined(TEST_KRON) + "3*kronecker %4d %4d %4d" +#elif defined(TEST_INV) + "2*inv %4d %4d mod %4d" +#else /* TEST_SQRT */ + "2*sqrt [prime == %d (mod 64)] %4d %4d mod %4d" +#endif + " -> %8.3fms %5.1f (%ld)\n", +#ifdef TEST_SQRT + P_MOD_64, +#endif + sizes[i],sizes[i],sizes[i],tm*1000.0/num,tm*mul_c[i]/num, num); num/=7; if (num <= 0) num=1; } + return; + err: + ERR_print_errors_fp(stderr); } + +#ifdef C_PRIME +static void genprime_cb(int p, int n, void *arg) + { + char c='*'; + + if (p == 0) c='.'; + if (p == 1) c='+'; + if (p == 2) c='*'; + if (p == 3) c='\n'; + putc(c, stderr); + fflush(stderr); + (void)n; + (void)arg; + } +#endif diff --git a/crypto/comp/c_rle.c b/crypto/comp/c_rle.c index 1a819e3737..efd366fa22 100644 --- a/crypto/comp/c_rle.c +++ b/crypto/comp/c_rle.c @@ -17,6 +17,7 @@ static COMP_METHOD rle_method={ rle_compress_block, rle_expand_block, NULL, + NULL, }; COMP_METHOD *COMP_rle(void) diff --git a/crypto/comp/c_zlib.c b/crypto/comp/c_zlib.c index 6684ab4841..c2ff6c7011 100644 --- a/crypto/comp/c_zlib.c +++ b/crypto/comp/c_zlib.c @@ -6,11 +6,10 @@ COMP_METHOD *COMP_zlib(void ); -#ifndef ZLIB - -static COMP_METHOD zlib_method={ +static COMP_METHOD zlib_method_nozlib={ NID_undef, - "(null)", + "(undef)", + NULL, NULL, NULL, NULL, @@ -18,6 +17,8 @@ static COMP_METHOD zlib_method={ NULL, }; +#ifndef ZLIB +#undef ZLIB_SHARED #else #include <zlib.h> @@ -38,8 +39,56 @@ static COMP_METHOD zlib_method={ zlib_compress_block, zlib_expand_block, NULL, + NULL, }; +/* + * When OpenSSL is built on Windows, we do not want to require that + * the ZLIB.DLL be available in order for the OpenSSL DLLs to + * work. Therefore, all ZLIB routines are loaded at run time + * and we do not link to a .LIB file. + */ +#if defined(WINDOWS) || defined(WIN32) +# include <windows.h> + +# define Z_CALLCONV _stdcall +# define ZLIB_SHARED +#else +# define Z_CALLCONV +#endif /* !(WINDOWS || WIN32) */ + +#ifdef ZLIB_SHARED +#include <openssl/dso.h> + +/* Prototypes for built in stubs */ +static int stub_compress(Bytef *dest,uLongf *destLen, + const Bytef *source, uLong sourceLen); +static int stub_inflateEnd(z_streamp strm); +static int stub_inflate(z_streamp strm, int flush); +static int stub_inflateInit_(z_streamp strm, const char * version, + int stream_size); + +/* Function pointers */ +typedef int (Z_CALLCONV *compress_ft)(Bytef *dest,uLongf *destLen, + const Bytef *source, uLong sourceLen); +typedef int (Z_CALLCONV *inflateEnd_ft)(z_streamp strm); +typedef int (Z_CALLCONV *inflate_ft)(z_streamp strm, int flush); +typedef int (Z_CALLCONV *inflateInit__ft)(z_streamp strm, + const char * version, int stream_size); +static compress_ft p_compress=NULL; +static inflateEnd_ft p_inflateEnd=NULL; +static inflate_ft p_inflate=NULL; +static inflateInit__ft p_inflateInit_=NULL; + +static int zlib_loaded = 0; /* only attempt to init func pts once */ +static DSO *zlib_dso = NULL; + +#define compress stub_compress +#define inflateEnd stub_inflateEnd +#define inflate stub_inflate +#define inflateInit_ stub_inflateInit_ +#endif /* ZLIB_SHARED */ + static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out, unsigned int olen, unsigned char *in, unsigned int ilen) { @@ -66,7 +115,10 @@ static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out, memcpy(&(out[1]),in,ilen); l=ilen+1; } -fprintf(stderr,"compress(%4d)->%4d %s\n",ilen,(int)l,(clear)?"clear":"zlib"); +#ifdef DEBUG_ZLIB + fprintf(stderr,"compress(%4d)->%4d %s\n", + ilen,(int)l,(clear)?"clear":"zlib"); +#endif return((int)l); } @@ -88,7 +140,10 @@ static int zlib_expand_block(COMP_CTX *ctx, unsigned char *out, memcpy(out,&(in[1]),ilen-1); l=ilen-1; } - fprintf(stderr,"expand (%4d)->%4d %s\n",ilen,(int)l,in[0]?"zlib":"clear"); +#ifdef DEBUG_ZLIB + fprintf(stderr,"expand (%4d)->%4d %s\n", + ilen,(int)l,in[0]?"zlib":"clear"); +#endif return((int)l); } @@ -128,6 +183,78 @@ static int zz_uncompress (Bytef *dest, uLongf *destLen, const Bytef *source, COMP_METHOD *COMP_zlib(void) { - return(&zlib_method); + COMP_METHOD *meth = &zlib_method_nozlib; + +#ifdef ZLIB_SHARED + if (!zlib_loaded) + { +#if defined(WINDOWS) || defined(WIN32) + zlib_dso = DSO_load(NULL, "ZLIB", NULL, 0); +#else + zlib_dso = DSO_load(NULL, "z", NULL, 0); +#endif + if (zlib_dso != NULL) + { + p_compress + = (compress_ft) DSO_bind_func(zlib_dso, + "compress"); + p_inflateEnd + = (inflateEnd_ft) DSO_bind_func(zlib_dso, + "inflateEnd"); + p_inflate + = (inflate_ft) DSO_bind_func(zlib_dso, + "inflate"); + p_inflateInit_ + = (inflateInit__ft) DSO_bind_func(zlib_dso, + "inflateInit_"); + zlib_loaded++; + meth = &zlib_method; + } + } + +#elif defined(ZLIB) + meth = &zlib_method; +#endif + + return(meth); + } + +#ifdef ZLIB_SHARED +/* Stubs for each function to be dynamicly loaded */ +static int +stub_compress(Bytef *dest,uLongf *destLen,const Bytef *source, uLong sourceLen) + { + if (p_compress) + return(p_compress(dest,destLen,source,sourceLen)); + else + return(Z_MEM_ERROR); + } + +static int +stub_inflateEnd(z_streamp strm) + { + if ( p_inflateEnd ) + return(p_inflateEnd(strm)); + else + return(Z_MEM_ERROR); + } + +static int +stub_inflate(z_streamp strm, int flush) + { + if ( p_inflate ) + return(p_inflate(strm,flush)); + else + return(Z_MEM_ERROR); + } + +static int +stub_inflateInit_(z_streamp strm, const char * version, int stream_size) + { + if ( p_inflateInit_ ) + return(p_inflateInit_(strm,version,stream_size)); + else + return(Z_MEM_ERROR); } +#endif /* ZLIB_SHARED */ diff --git a/crypto/comp/comp.h b/crypto/comp/comp.h index 0922609542..aee8fcdef9 100644 --- a/crypto/comp/comp.h +++ b/crypto/comp/comp.h @@ -39,9 +39,7 @@ int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen, int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen, unsigned char *in, int ilen); COMP_METHOD *COMP_rle(void ); -#ifdef ZLIB COMP_METHOD *COMP_zlib(void ); -#endif /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes diff --git a/crypto/conf/cnf_save.c b/crypto/conf/cnf_save.c index e907cc2242..efbb61373e 100644 --- a/crypto/conf/cnf_save.c +++ b/crypto/conf/cnf_save.c @@ -73,7 +73,7 @@ main() exit(1); } - lh_doall(conf,print_conf); + lh_doall(conf,(LHASH_DOALL_FN_TYPE)print_conf); } diff --git a/crypto/conf/conf_api.c b/crypto/conf/conf_api.c index 7abeeced07..64bbd971ab 100644 --- a/crypto/conf/conf_api.c +++ b/crypto/conf/conf_api.c @@ -73,6 +73,9 @@ static void value_free_stack(CONF_VALUE *a,LHASH *conf); static unsigned long hash(CONF_VALUE *v); static int cmp_conf(CONF_VALUE *a,CONF_VALUE *b); +static IMPLEMENT_LHASH_HASH_FN(hash, CONF_VALUE *) +static IMPLEMENT_LHASH_COMP_FN(cmp_conf, CONF_VALUE *) + /* Up until OpenSSL 0.9.5a, this was get_section */ CONF_VALUE *_CONF_get_section(CONF *conf, char *section) { @@ -181,7 +184,8 @@ int _CONF_new_data(CONF *conf) return 0; } if (conf->data == NULL) - if ((conf->data = lh_new(hash,cmp_conf)) == NULL) + if ((conf->data = lh_new(LHASH_HASH_FN(hash), + LHASH_COMP_FN(cmp_conf))) == NULL) { return 0; } @@ -194,12 +198,14 @@ void _CONF_free_data(CONF *conf) conf->data->down_load=0; /* evil thing to make sure the 'OPENSSL_free()' * works as expected */ - lh_doall_arg(conf->data,(void (*)())value_free_hash,conf->data); + lh_doall_arg(conf->data, (LHASH_DOALL_ARG_FN_TYPE)value_free_hash, + conf->data); /* We now have only 'section' entries in the hash table. * Due to problems with */ - lh_doall_arg(conf->data,(void (*)())value_free_stack,conf->data); + lh_doall_arg(conf->data, (LHASH_DOALL_ARG_FN_TYPE)value_free_stack, + conf->data); lh_free(conf->data); } diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c index 6825d96455..1d30f6f771 100644 --- a/crypto/conf/conf_def.c +++ b/crypto/conf/conf_def.c @@ -712,7 +712,7 @@ static void dump_value(CONF_VALUE *a, BIO *out) static int def_dump(CONF *conf, BIO *out) { - lh_doall_arg(conf->data, (void (*)())dump_value, out); + lh_doall_arg(conf->data, (LHASH_DOALL_ARG_FN_TYPE)dump_value, out); return 1; } diff --git a/crypto/crypto-lib.com b/crypto/crypto-lib.com index 70e3c91b34..70544994d6 100644 --- a/crypto/crypto-lib.com +++ b/crypto/crypto-lib.com @@ -196,7 +196,7 @@ $ LIB_BF = "bf_skey,bf_ecb,bf_enc,bf_cfb64,bf_ofb64" $ LIB_CAST = "c_skey,c_ecb,c_enc,c_cfb64,c_ofb64" $ LIB_BN_ASM = "[.asm]vms.mar,vms-helper" $ IF F$TRNLNM("OPENSSL_NO_ASM").OR.ARCH.EQS."AXP" THEN LIB_BN_ASM = "bn_asm" -$ LIB_BN = "bn_add,bn_div,bn_exp,bn_lib,bn_ctx,bn_mul,"+ - +$ LIB_BN = "bn_add,bn_div,bn_exp,bn_lib,bn_ctx,bn_mul,bn_mod,bn_kron,bn_sqrt"+ - "bn_print,bn_rand,bn_shift,bn_word,bn_blind,"+ - "bn_gcd,bn_prime,bn_err,bn_sqr,"+LIB_BN_ASM+",bn_recp,bn_mont,"+ - "bn_mpi,bn_exp2" @@ -206,9 +206,9 @@ $ LIB_DSA = "dsa_gen,dsa_key,dsa_lib,dsa_asn1,dsa_vrf,dsa_sign,dsa_err,dsa_ossl" $ LIB_DH = "dh_gen,dh_key,dh_lib,dh_check,dh_err" $ LIB_DSO = "dso_dl,dso_dlfcn,dso_err,dso_lib,dso_null,"+ - "dso_openssl,dso_win32,dso_vms" -$ LIB_ENGINE = "engine_err,engine_lib,engine_list,engine_openssl,"+ - - "hw_atalla,hw_cswift,hw_ncipher" -$ LIB_RIJNDAEL = "rijndael-alg-fst" +$ LIB_ENGINE = "engine_err,engine_lib,engine_list,engine_all,engine_openssl,"+ - + "hw_atalla,hw_cswift,hw_ncipher,hw_nuron" +$ LIB_RIJNDAEL = "rd_fst" $ LIB_BUFFER = "buffer,buf_err" $ LIB_BIO = "bio_lib,bio_cb,bio_err,"+ - "bss_mem,bss_null,bss_fd,"+ - @@ -223,7 +223,7 @@ $ LIB_ERR = "err,err_all,err_prn" $ LIB_OBJECTS = "o_names,obj_dat,obj_lib,obj_err" $ LIB_EVP = "encode,digest,evp_enc,evp_key,"+ - "e_des,e_bf,e_idea,e_des3,"+ - - "e_rc4,names,"+ - + "e_rc4,e_rd,names,"+ - "e_xcbc_d,e_rc2,e_cast,e_rc5" $ LIB_EVP_2 = "m_null,m_md2,m_md4,m_md5,m_sha,m_sha1," + - "m_dss,m_dss1,m_mdc2,m_ripemd,"+ - @@ -896,6 +896,7 @@ $ ENDIF $! $! Check To See If P2 Is Blank. $! +$ P2 = "NORSAREF" $ IF (P2.EQS."NORSAREF") $ THEN $! diff --git a/crypto/crypto.h b/crypto/crypto.h index 52ee97b71a..08bb1fc83e 100644 --- a/crypto/crypto.h +++ b/crypto/crypto.h @@ -281,7 +281,7 @@ unsigned long SSLeay(void); int CRYPTO_get_ex_new_index(int idx, STACK_OF(CRYPTO_EX_DATA_FUNCS) **skp, long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val); -void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *ad,int idx); +void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad,int idx); int CRYPTO_dup_ex_data(STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth, CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from); void CRYPTO_free_ex_data(STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth, void *obj, CRYPTO_EX_DATA *ad); diff --git a/crypto/dh/Makefile.ssl b/crypto/dh/Makefile.ssl index 2e26f8b406..ccbac65a92 100644 --- a/crypto/dh/Makefile.ssl +++ b/crypto/dh/Makefile.ssl @@ -125,7 +125,7 @@ dh_key.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h dh_key.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h dh_key.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h dh_key.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -dh_key.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +dh_key.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h dh_key.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h dh_key.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h dh_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -144,7 +144,7 @@ dh_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h dh_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h dh_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h dh_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -dh_lib.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +dh_lib.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h dh_lib.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h dh_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h dh_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h index 7a8d9f88c2..7e732e1c32 100644 --- a/crypto/dh/dh.h +++ b/crypto/dh/dh.h @@ -81,9 +81,9 @@ typedef struct dh_method { const char *name; /* Methods here */ int (*generate_key)(DH *dh); - int (*compute_key)(unsigned char *key,BIGNUM *pub_key,DH *dh); - int (*bn_mod_exp)(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, + int (*compute_key)(unsigned char *key,const BIGNUM *pub_key,DH *dh); + int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a, + const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* Can be null */ int (*init)(DH *dh); @@ -152,13 +152,13 @@ struct dh_st (unsigned char *)(x)) #endif -DH_METHOD *DH_OpenSSL(void); +const DH_METHOD *DH_OpenSSL(void); -void DH_set_default_openssl_method(DH_METHOD *meth); -DH_METHOD *DH_get_default_openssl_method(void); +void DH_set_default_openssl_method(const DH_METHOD *meth); +const DH_METHOD *DH_get_default_openssl_method(void); #if 0 -DH_METHOD *DH_set_method(DH *dh, DH_METHOD *meth); -DH *DH_new_method(DH_METHOD *meth); +const DH_METHOD *DH_set_method(DH *dh, const DH_METHOD *meth); +DH *DH_new_method(const DH_METHOD *meth); #else int DH_set_method(DH *dh, struct engine_st *engine); DH *DH_new_method(struct engine_st *engine); @@ -166,27 +166,27 @@ DH *DH_new_method(struct engine_st *engine); DH * DH_new(void); void DH_free(DH *dh); -int DH_size(DH *dh); +int DH_size(const DH *dh); int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); int DH_set_ex_data(DH *d, int idx, void *arg); void *DH_get_ex_data(DH *d, int idx); DH * DH_generate_parameters(int prime_len,int generator, void (*callback)(int,int,void *),void *cb_arg); -int DH_check(DH *dh,int *codes); +int DH_check(const DH *dh,int *codes); int DH_generate_key(DH *dh); -int DH_compute_key(unsigned char *key,BIGNUM *pub_key,DH *dh); -DH * d2i_DHparams(DH **a,unsigned char **pp, long length); -int i2d_DHparams(DH *a,unsigned char **pp); +int DH_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh); +DH * d2i_DHparams(DH **a,const unsigned char **pp, long length); +int i2d_DHparams(const DH *a,unsigned char **pp); #ifndef NO_FP_API -int DHparams_print_fp(FILE *fp, DH *x); +int DHparams_print_fp(FILE *fp, const DH *x); #endif #ifndef NO_BIO -int DHparams_print(BIO *bp, DH *x); +int DHparams_print(BIO *bp, const DH *x); #else -int DHparams_print(char *bp, DH *x); +int DHparams_print(char *bp, const DH *x); #endif -void ERR_load_DH_strings(void ); +void ERR_load_DH_strings(void); /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes diff --git a/crypto/dh/dh_asn1.c b/crypto/dh/dh_asn1.c index 20aa68f98f..1f26be7ae7 100644 --- a/crypto/dh/dh_asn1.c +++ b/crypto/dh/dh_asn1.c @@ -84,4 +84,4 @@ ASN1_SEQUENCE_cb(DHparams, dh_cb) = { ASN1_OPT(DH, length, ZLONG), } ASN1_SEQUENCE_END_cb(DH, DHparams); -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DH, DHparams, DHparams) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DH, DHparams, DHparams) diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c index 7e5cfd8bfc..f0373f7d68 100644 --- a/crypto/dh/dh_check.c +++ b/crypto/dh/dh_check.c @@ -70,7 +70,7 @@ * should hold. */ -int DH_check(DH *dh, int *ret) +int DH_check(const DH *dh, int *ret) { int ok=0; BN_CTX *ctx=NULL; diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c index 6915d79dcc..0e4fee101f 100644 --- a/crypto/dh/dh_key.c +++ b/crypto/dh/dh_key.c @@ -64,8 +64,9 @@ #include <openssl/engine.h> static int generate_key(DH *dh); -static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh); -static int dh_bn_mod_exp(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh); +static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); static int dh_init(DH *dh); @@ -76,7 +77,7 @@ int DH_generate_key(DH *dh) return ENGINE_get_DH(dh->engine)->generate_key(dh); } -int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh) +int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) { return ENGINE_get_DH(dh->engine)->compute_key(key, pub_key, dh); } @@ -92,7 +93,7 @@ dh_finish, NULL }; -DH_METHOD *DH_OpenSSL(void) +const DH_METHOD *DH_OpenSSL(void) { return &dh_ossl; } @@ -155,7 +156,7 @@ err: return(ok); } -static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh) +static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) { BN_CTX ctx; BN_MONT_CTX *mont; @@ -193,7 +194,8 @@ err: return(ret); } -static int dh_bn_mod_exp(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c index 66803b5565..c0a2472751 100644 --- a/crypto/dh/dh_lib.c +++ b/crypto/dh/dh_lib.c @@ -64,11 +64,11 @@ const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT; -static DH_METHOD *default_DH_method; +static const DH_METHOD *default_DH_method; static int dh_meth_num = 0; static STACK_OF(CRYPTO_EX_DATA_FUNCS) *dh_meth = NULL; -void DH_set_default_openssl_method(DH_METHOD *meth) +void DH_set_default_openssl_method(const DH_METHOD *meth) { ENGINE *e; /* We'll need to notify the "openssl" ENGINE of this @@ -87,7 +87,7 @@ void DH_set_default_openssl_method(DH_METHOD *meth) } } -DH_METHOD *DH_get_default_openssl_method(void) +const DH_METHOD *DH_get_default_openssl_method(void) { if(!default_DH_method) default_DH_method = DH_OpenSSL(); return default_DH_method; @@ -107,7 +107,7 @@ DH_METHOD *DH_set_method(DH *dh, DH_METHOD *meth) int DH_set_method(DH *dh, ENGINE *engine) { ENGINE *mtmp; - DH_METHOD *meth; + const DH_METHOD *meth; mtmp = dh->engine; meth = ENGINE_get_DH(mtmp); if (!ENGINE_init(engine)) @@ -133,7 +133,7 @@ DH *DH_new_method(DH_METHOD *meth) DH *DH_new_method(ENGINE *engine) #endif { - DH_METHOD *meth; + const DH_METHOD *meth; DH *ret; ret=(DH *)OPENSSL_malloc(sizeof(DH)); @@ -168,19 +168,19 @@ DH *DH_new_method(ENGINE *engine) ret->method_mont_p=NULL; ret->references = 1; ret->flags=meth->flags; + CRYPTO_new_ex_data(dh_meth,ret,&ret->ex_data); if ((meth->init != NULL) && !meth->init(ret)) { + CRYPTO_free_ex_data(dh_meth,ret,&ret->ex_data); OPENSSL_free(ret); ret=NULL; } - else - CRYPTO_new_ex_data(dh_meth,ret,&ret->ex_data); return(ret); } void DH_free(DH *r) { - DH_METHOD *meth; + const DH_METHOD *meth; int i; if(r == NULL) return; i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DH); @@ -196,12 +196,12 @@ void DH_free(DH *r) } #endif - CRYPTO_free_ex_data(dh_meth, r, &r->ex_data); - meth = ENGINE_get_DH(r->engine); if(meth->finish) meth->finish(r); ENGINE_finish(r->engine); + CRYPTO_free_ex_data(dh_meth, r, &r->ex_data); + if (r->p != NULL) BN_clear_free(r->p); if (r->g != NULL) BN_clear_free(r->g); if (r->q != NULL) BN_clear_free(r->q); @@ -231,7 +231,7 @@ void *DH_get_ex_data(DH *d, int idx) return(CRYPTO_get_ex_data(&d->ex_data,idx)); } -int DH_size(DH *dh) +int DH_size(const DH *dh) { return(BN_num_bytes(dh->p)); } diff --git a/crypto/dsa/Makefile.ssl b/crypto/dsa/Makefile.ssl index 07994477b5..e7351630e0 100644 --- a/crypto/dsa/Makefile.ssl +++ b/crypto/dsa/Makefile.ssl @@ -129,7 +129,7 @@ dsa_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h dsa_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h dsa_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h dsa_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -dsa_lib.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +dsa_lib.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h dsa_lib.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h dsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h dsa_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -148,8 +148,7 @@ dsa_ossl.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h dsa_ossl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h dsa_ossl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -dsa_ossl.o: ../../include/openssl/rc5.h -dsa_ossl.o: ../../include/openssl/rijndael-alg-fst.h +dsa_ossl.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h dsa_ossl.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h dsa_ossl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h dsa_ossl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -168,8 +167,7 @@ dsa_sign.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h dsa_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h dsa_sign.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -dsa_sign.o: ../../include/openssl/rc5.h -dsa_sign.o: ../../include/openssl/rijndael-alg-fst.h +dsa_sign.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h dsa_sign.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h dsa_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h dsa_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -189,8 +187,8 @@ dsa_vrf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h dsa_vrf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h dsa_vrf.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h dsa_vrf.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -dsa_vrf.o: ../../include/openssl/rijndael-alg-fst.h -dsa_vrf.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -dsa_vrf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -dsa_vrf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -dsa_vrf.o: ../../include/openssl/symhacks.h ../cryptlib.h +dsa_vrf.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +dsa_vrf.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +dsa_vrf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +dsa_vrf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +dsa_vrf.o: ../cryptlib.h diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h index af4ee835c8..9d72647808 100644 --- a/crypto/dsa/dsa.h +++ b/crypto/dsa/dsa.h @@ -154,19 +154,19 @@ struct dsa_st DSA_SIG * DSA_SIG_new(void); void DSA_SIG_free(DSA_SIG *a); -int i2d_DSA_SIG(DSA_SIG *a, unsigned char **pp); -DSA_SIG * d2i_DSA_SIG(DSA_SIG **v, unsigned char **pp, long length); +int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp); +DSA_SIG * d2i_DSA_SIG(DSA_SIG **v, const unsigned char **pp, long length); DSA_SIG * DSA_do_sign(const unsigned char *dgst,int dlen,DSA *dsa); int DSA_do_verify(const unsigned char *dgst,int dgst_len, DSA_SIG *sig,DSA *dsa); -DSA_METHOD *DSA_OpenSSL(void); +const DSA_METHOD *DSA_OpenSSL(void); -void DSA_set_default_openssl_method(DSA_METHOD *); -DSA_METHOD *DSA_get_default_openssl_method(void); +void DSA_set_default_openssl_method(const DSA_METHOD *); +const DSA_METHOD *DSA_get_default_openssl_method(void); #if 0 -DSA_METHOD *DSA_set_method(DSA *dsa, DSA_METHOD *); +const DSA_METHOD *DSA_set_method(DSA *dsa, DSA_METHOD *); #else int DSA_set_method(DSA *dsa, struct engine_st *engine); #endif @@ -177,13 +177,13 @@ DSA * DSA_new_method(DSA_METHOD *meth); #else DSA * DSA_new_method(struct engine_st *engine); #endif -int DSA_size(DSA *); +int DSA_size(const DSA *); /* next 4 return -1 on error */ int DSA_sign_setup( DSA *dsa,BN_CTX *ctx_in,BIGNUM **kinvp,BIGNUM **rp); int DSA_sign(int type,const unsigned char *dgst,int dlen, unsigned char *sig, unsigned int *siglen, DSA *dsa); int DSA_verify(int type,const unsigned char *dgst,int dgst_len, - unsigned char *sigbuf, int siglen, DSA *dsa); + const unsigned char *sigbuf, int siglen, DSA *dsa); void DSA_free (DSA *r); int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); @@ -192,24 +192,25 @@ void *DSA_get_ex_data(DSA *d, int idx); void ERR_load_DSA_strings(void ); -DSA * d2i_DSAPublicKey(DSA **a, unsigned char **pp, long length); -DSA * d2i_DSAPrivateKey(DSA **a, unsigned char **pp, long length); -DSA * d2i_DSAparams(DSA **a, unsigned char **pp, long length); -DSA * DSA_generate_parameters(int bits, unsigned char *seed,int seed_len, +DSA * d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length); +DSA * d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length); +DSA * d2i_DSAparams(DSA **a, const unsigned char **pp, long length); +DSA * DSA_generate_parameters(int bits, + unsigned char *seed,int seed_len, int *counter_ret, unsigned long *h_ret,void (*callback)(int, int, void *),void *cb_arg); int DSA_generate_key(DSA *a); -int i2d_DSAPublicKey(DSA *a, unsigned char **pp); -int i2d_DSAPrivateKey(DSA *a, unsigned char **pp); -int i2d_DSAparams(DSA *a,unsigned char **pp); +int i2d_DSAPublicKey(const DSA *a, unsigned char **pp); +int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp); +int i2d_DSAparams(const DSA *a,unsigned char **pp); #ifndef NO_BIO -int DSAparams_print(BIO *bp, DSA *x); -int DSA_print(BIO *bp, DSA *x, int off); +int DSAparams_print(BIO *bp, const DSA *x); +int DSA_print(BIO *bp, const DSA *x, int off); #endif #ifndef NO_FP_API -int DSAparams_print_fp(FILE *fp, DSA *x); -int DSA_print_fp(FILE *bp, DSA *x, int off); +int DSAparams_print_fp(FILE *fp, const DSA *x); +int DSA_print_fp(FILE *bp, const DSA *x, int off); #endif #define DSS_prime_checks 50 @@ -221,7 +222,7 @@ int DSA_print_fp(FILE *bp, DSA *x, int off); #ifndef NO_DH /* Convert DSA structure (key or just parameters) into DH structure * (be careful to avoid small subgroup attacks when using this!) */ -DH *DSA_dup_DH(DSA *r); +DH *DSA_dup_DH(const DSA *r); #endif /* BEGIN ERROR CODES */ diff --git a/crypto/dsa/dsa_asn1.c b/crypto/dsa/dsa_asn1.c index 186932b001..fba2f73023 100644 --- a/crypto/dsa/dsa_asn1.c +++ b/crypto/dsa/dsa_asn1.c @@ -83,7 +83,7 @@ ASN1_SEQUENCE_cb(DSA_SIG, sig_cb) = { ASN1_SIMPLE(DSA_SIG, s, CBIGNUM) } ASN1_SEQUENCE_END_cb(DSA_SIG, DSA_SIG); -IMPLEMENT_ASN1_FUNCTIONS(DSA_SIG) +IMPLEMENT_ASN1_FUNCTIONS_const(DSA_SIG) /* Override the default free and new methods */ static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) @@ -109,7 +109,7 @@ ASN1_SEQUENCE_cb(DSAPrivateKey, dsa_cb) = { ASN1_SIMPLE(DSA, priv_key, BIGNUM) } ASN1_SEQUENCE_END_cb(DSA, DSAPrivateKey); -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DSA, DSAPrivateKey, DSAPrivateKey) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPrivateKey, DSAPrivateKey) ASN1_SEQUENCE_cb(DSAparams, dsa_cb) = { ASN1_SIMPLE(DSA, p, BIGNUM), @@ -117,7 +117,7 @@ ASN1_SEQUENCE_cb(DSAparams, dsa_cb) = { ASN1_SIMPLE(DSA, g, BIGNUM), } ASN1_SEQUENCE_END_cb(DSA, DSAparams); -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DSA, DSAparams, DSAparams) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAparams, DSAparams) /* DSA public key is a bit trickier... its effectively a CHOICE type * decided by a field called write_params which can either write out @@ -137,4 +137,4 @@ ASN1_CHOICE_cb(DSAPublicKey, dsa_cb) = { ASN1_EX_COMBINE(0, 0, dsa_pub_internal) } ASN1_CHOICE_END_cb(DSA, DSAPublicKey, write_params); -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DSA, DSAPublicKey, DSAPublicKey) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPublicKey, DSAPublicKey) diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c index 2294a362d9..e911e5ae73 100644 --- a/crypto/dsa/dsa_gen.c +++ b/crypto/dsa/dsa_gen.c @@ -79,7 +79,8 @@ #include <openssl/dsa.h> #include <openssl/rand.h> -DSA *DSA_generate_parameters(int bits, unsigned char *seed_in, int seed_len, +DSA *DSA_generate_parameters(int bits, + unsigned char *seed_in, int seed_len, int *counter_ret, unsigned long *h_ret, void (*callback)(int, int, void *), void *cb_arg) diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c index b31b946ad3..6002711661 100644 --- a/crypto/dsa/dsa_lib.c +++ b/crypto/dsa/dsa_lib.c @@ -67,11 +67,11 @@ const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT; -static DSA_METHOD *default_DSA_method; +static const DSA_METHOD *default_DSA_method; static int dsa_meth_num = 0; static STACK_OF(CRYPTO_EX_DATA_FUNCS) *dsa_meth = NULL; -void DSA_set_default_openssl_method(DSA_METHOD *meth) +void DSA_set_default_openssl_method(const DSA_METHOD *meth) { ENGINE *e; /* We'll need to notify the "openssl" ENGINE of this @@ -90,7 +90,7 @@ void DSA_set_default_openssl_method(DSA_METHOD *meth) } } -DSA_METHOD *DSA_get_default_openssl_method(void) +const DSA_METHOD *DSA_get_default_openssl_method(void) { if(!default_DSA_method) default_DSA_method = DSA_OpenSSL(); return default_DSA_method; @@ -115,7 +115,7 @@ DSA_METHOD *DSA_set_method(DSA *dsa, DSA_METHOD *meth) int DSA_set_method(DSA *dsa, ENGINE *engine) { ENGINE *mtmp; - DSA_METHOD *meth; + const DSA_METHOD *meth; mtmp = dsa->engine; meth = ENGINE_get_DSA(mtmp); if (!ENGINE_init(engine)) @@ -137,7 +137,7 @@ DSA *DSA_new_method(DSA_METHOD *meth) DSA *DSA_new_method(ENGINE *engine) #endif { - DSA_METHOD *meth; + const DSA_METHOD *meth; DSA *ret; ret=(DSA *)OPENSSL_malloc(sizeof(DSA)); @@ -173,20 +173,20 @@ DSA *DSA_new_method(ENGINE *engine) ret->references=1; ret->flags=meth->flags; + CRYPTO_new_ex_data(dsa_meth,ret,&ret->ex_data); if ((meth->init != NULL) && !meth->init(ret)) { + CRYPTO_free_ex_data(dsa_meth,ret,&ret->ex_data); OPENSSL_free(ret); ret=NULL; } - else - CRYPTO_new_ex_data(dsa_meth,ret,&ret->ex_data); return(ret); } void DSA_free(DSA *r) { - DSA_METHOD *meth; + const DSA_METHOD *meth; int i; if (r == NULL) return; @@ -204,12 +204,12 @@ void DSA_free(DSA *r) } #endif - CRYPTO_free_ex_data(dsa_meth, r, &r->ex_data); - meth = ENGINE_get_DSA(r->engine); if(meth->finish) meth->finish(r); ENGINE_finish(r->engine); + CRYPTO_free_ex_data(dsa_meth, r, &r->ex_data); + if (r->p != NULL) BN_clear_free(r->p); if (r->q != NULL) BN_clear_free(r->q); if (r->g != NULL) BN_clear_free(r->g); @@ -220,7 +220,7 @@ void DSA_free(DSA *r) OPENSSL_free(r); } -int DSA_size(DSA *r) +int DSA_size(const DSA *r) { int ret,i; ASN1_INTEGER bs; @@ -258,7 +258,7 @@ void *DSA_get_ex_data(DSA *d, int idx) } #ifndef NO_DH -DH *DSA_dup_DH(DSA *r) +DH *DSA_dup_DH(const DSA *r) { /* DSA has p, q, g, optional pub_key, optional priv_key. * DH has p, optional length, g, optional pub_key, optional priv_key. diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c index 96295dc24f..4b600fa731 100644 --- a/crypto/dsa/dsa_ossl.c +++ b/crypto/dsa/dsa_ossl.c @@ -92,7 +92,7 @@ dsa_finish, NULL }; -DSA_METHOD *DSA_OpenSSL(void) +const DSA_METHOD *DSA_OpenSSL(void) { return &openssl_dsa_meth; } diff --git a/crypto/dsa/dsa_vrf.c b/crypto/dsa/dsa_vrf.c index 2e891ae491..28b6712341 100644 --- a/crypto/dsa/dsa_vrf.c +++ b/crypto/dsa/dsa_vrf.c @@ -80,7 +80,7 @@ int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, * -1: error */ int DSA_verify(int type, const unsigned char *dgst, int dgst_len, - unsigned char *sigbuf, int siglen, DSA *dsa) + const unsigned char *sigbuf, int siglen, DSA *dsa) { DSA_SIG *s; int ret=-1; diff --git a/crypto/dso/dso_dl.c b/crypto/dso/dso_dl.c index c38d8863e5..4dbb51fb8c 100644 --- a/crypto/dso/dso_dl.c +++ b/crypto/dso/dso_dl.c @@ -126,7 +126,7 @@ static int dl_load(DSO *dso) DSOerr(DSO_F_DL_LOAD,DSO_R_NO_FILENAME); goto err; } - ptr = shl_load(filename, BIND_IMMEDIATE, NULL); + ptr = shl_load(filename, BIND_IMMEDIATE|DYNAMIC_PATH, NULL); if(ptr == NULL) { DSOerr(DSO_F_DL_LOAD,DSO_R_LOAD_FAILED); diff --git a/crypto/dso/dso_lib.c b/crypto/dso/dso_lib.c index 0202978fd8..ef39a528c7 100644 --- a/crypto/dso/dso_lib.c +++ b/crypto/dso/dso_lib.c @@ -108,7 +108,7 @@ DSO *DSO_new_method(DSO_METHOD *meth) } memset(ret, 0, sizeof(DSO)); ret->meth_data = sk_new_null(); - if((ret->meth_data = sk_new_null()) == NULL) + if(ret->meth_data == NULL) { /* sk_new doesn't generate any errors so we do */ DSOerr(DSO_F_DSO_NEW_METHOD,ERR_R_MALLOC_FAILURE); @@ -209,7 +209,7 @@ DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags) else ret = dso; /* Don't load if we're currently already loaded */ - if(dso->filename != NULL) + if(ret->filename != NULL) { DSOerr(DSO_F_DSO_LOAD,DSO_R_DSO_ALREADY_LOADED); goto err; @@ -217,12 +217,12 @@ DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags) /* filename can only be NULL if we were passed a dso that already has * one set. */ if(filename != NULL) - if(!DSO_set_filename(dso, filename)) + if(!DSO_set_filename(ret, filename)) { DSOerr(DSO_F_DSO_LOAD,DSO_R_SET_FILENAME_FAILED); goto err; } - filename = dso->filename; + filename = ret->filename; if(filename == NULL) { DSOerr(DSO_F_DSO_LOAD,DSO_R_NO_FILENAME); diff --git a/crypto/engine/Makefile.ssl b/crypto/engine/Makefile.ssl index 8974ecd9c5..90c12632f1 100644 --- a/crypto/engine/Makefile.ssl +++ b/crypto/engine/Makefile.ssl @@ -22,9 +22,9 @@ TEST= enginetest.c APPS= LIB=$(TOP)/libcrypto.a -LIBSRC= engine_err.c engine_lib.c engine_list.c engine_openssl.c \ +LIBSRC= engine_err.c engine_lib.c engine_list.c engine_all.c engine_openssl.c \ hw_atalla.c hw_cswift.c hw_ncipher.c hw_nuron.c -LIBOBJ= engine_err.o engine_lib.o engine_list.o engine_openssl.o \ +LIBOBJ= engine_err.o engine_lib.o engine_list.o engine_all.o engine_openssl.o \ hw_atalla.o hw_cswift.o hw_ncipher.o hw_nuron.o SRC= $(LIBSRC) @@ -80,6 +80,25 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. +engine_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +engine_all.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +engine_all.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h +engine_all.o: ../../include/openssl/des.h ../../include/openssl/dh.h +engine_all.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +engine_all.o: ../../include/openssl/engine.h ../../include/openssl/err.h +engine_all.o: ../../include/openssl/evp.h ../../include/openssl/idea.h +engine_all.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h +engine_all.o: ../../include/openssl/md4.h ../../include/openssl/md5.h +engine_all.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +engine_all.o: ../../include/openssl/objects.h +engine_all.o: ../../include/openssl/opensslconf.h +engine_all.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h +engine_all.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h +engine_all.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h +engine_all.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h +engine_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +engine_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +engine_all.o: ../../include/openssl/symhacks.h engine_int.h engine_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h engine_err.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h engine_err.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h @@ -94,8 +113,7 @@ engine_err.o: ../../include/openssl/objects.h engine_err.o: ../../include/openssl/opensslconf.h engine_err.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h engine_err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -engine_err.o: ../../include/openssl/rc5.h -engine_err.o: ../../include/openssl/rijndael-alg-fst.h +engine_err.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h engine_err.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h engine_err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h engine_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -115,8 +133,7 @@ engine_lib.o: ../../include/openssl/objects.h engine_lib.o: ../../include/openssl/opensslconf.h engine_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h engine_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -engine_lib.o: ../../include/openssl/rc5.h -engine_lib.o: ../../include/openssl/rijndael-alg-fst.h +engine_lib.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h engine_lib.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h engine_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h engine_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -136,8 +153,7 @@ engine_list.o: ../../include/openssl/objects.h engine_list.o: ../../include/openssl/opensslconf.h engine_list.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h engine_list.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -engine_list.o: ../../include/openssl/rc5.h -engine_list.o: ../../include/openssl/rijndael-alg-fst.h +engine_list.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h engine_list.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h engine_list.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h engine_list.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -158,8 +174,7 @@ engine_openssl.o: ../../include/openssl/objects.h engine_openssl.o: ../../include/openssl/opensslconf.h engine_openssl.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h engine_openssl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -engine_openssl.o: ../../include/openssl/rc5.h -engine_openssl.o: ../../include/openssl/rijndael-alg-fst.h +engine_openssl.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h engine_openssl.o: ../../include/openssl/rijndael.h engine_openssl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h engine_openssl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h @@ -180,8 +195,7 @@ hw_atalla.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h hw_atalla.o: ../../include/openssl/opensslconf.h hw_atalla.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h hw_atalla.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -hw_atalla.o: ../../include/openssl/rc5.h -hw_atalla.o: ../../include/openssl/rijndael-alg-fst.h +hw_atalla.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h hw_atalla.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h hw_atalla.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h hw_atalla.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -202,8 +216,7 @@ hw_cswift.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h hw_cswift.o: ../../include/openssl/opensslconf.h hw_cswift.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h hw_cswift.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -hw_cswift.o: ../../include/openssl/rc5.h -hw_cswift.o: ../../include/openssl/rijndael-alg-fst.h +hw_cswift.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h hw_cswift.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h hw_cswift.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h hw_cswift.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -226,13 +239,12 @@ hw_ncipher.o: ../../include/openssl/opensslv.h ../../include/openssl/pem.h hw_ncipher.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h hw_ncipher.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h hw_ncipher.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -hw_ncipher.o: ../../include/openssl/rijndael-alg-fst.h -hw_ncipher.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -hw_ncipher.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -hw_ncipher.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -hw_ncipher.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -hw_ncipher.o: ../../include/openssl/x509_vfy.h ../cryptlib.h engine_int.h -hw_ncipher.o: vendor_defns/hwcryptohook.h +hw_ncipher.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +hw_ncipher.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +hw_ncipher.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +hw_ncipher.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +hw_ncipher.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +hw_ncipher.o: ../cryptlib.h engine_int.h vendor_defns/hwcryptohook.h hw_nuron.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h hw_nuron.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h hw_nuron.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -248,8 +260,7 @@ hw_nuron.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h hw_nuron.o: ../../include/openssl/opensslconf.h hw_nuron.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h hw_nuron.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -hw_nuron.o: ../../include/openssl/rc5.h -hw_nuron.o: ../../include/openssl/rijndael-alg-fst.h +hw_nuron.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h hw_nuron.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h hw_nuron.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h hw_nuron.o: ../../include/openssl/sha.h ../../include/openssl/stack.h diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h index 78cf41c378..d57cdab59a 100644 --- a/crypto/engine/engine.h +++ b/crypto/engine/engine.h @@ -89,6 +89,9 @@ extern "C" { * the error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED. */ #define ENGINE_CTRL_SET_LOGSTREAM 1 #define ENGINE_CTRL_SET_PASSWORD_CALLBACK 2 +#define ENGINE_CTRL_HUP 3 /* Close and reinitialise any + handles/connections etc. */ + /* Flags specific to the nCipher "chil" engine */ #define ENGINE_CTRL_CHIL_SET_FORKCHECK 100 /* Depending on the value of the (long)i argument, this sets or @@ -102,23 +105,22 @@ extern "C" { /* As we're missing a BIGNUM_METHOD, we need a couple of locally * defined function types that engines can implement. */ -#ifndef HEADER_ENGINE_INT_H /* mod_exp operation, calculates; r = a ^ p mod m * NB: ctx can be NULL, but if supplied, the implementation may use * it if it wishes. */ -typedef int (*BN_MOD_EXP)(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +typedef int (*BN_MOD_EXP)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx); /* private key operation for RSA, provided seperately in case other * RSA implementations wish to use it. */ -typedef int (*BN_MOD_EXP_CRT)(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +typedef int (*BN_MOD_EXP_CRT)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1, const BIGNUM *iqmp, BN_CTX *ctx); /* Generic function pointer */ -typedef void (*ENGINE_GEN_FUNC_PTR)(); +typedef int (*ENGINE_GEN_FUNC_PTR)(); /* Generic function pointer taking no arguments */ -typedef void (*ENGINE_GEN_INT_FUNC_PTR)(void); +typedef int (*ENGINE_GEN_INT_FUNC_PTR)(void); /* Specific control function pointer */ typedef int (*ENGINE_CTRL_FUNC_PTR)(int cmd, long i, void *p, void (*f)()); @@ -126,8 +128,8 @@ typedef int (*ENGINE_CTRL_FUNC_PTR)(int cmd, long i, void *p, void (*f)()); * pointers (not dynamic because static is fine for now and we otherwise * have to hook an appropriate load/unload function in to initialise and * cleanup). */ +struct engine_st; typedef struct engine_st ENGINE; -#endif /* STRUCTURE functions ... all of these functions deal with pointers to * ENGINE structures where the pointers have a "structural reference". @@ -151,6 +153,13 @@ int ENGINE_add(ENGINE *e); int ENGINE_remove(ENGINE *e); /* Retrieve an engine from the list by its unique "id" value. */ ENGINE *ENGINE_by_id(const char *id); +/* Add all the built-in engines. By default, only the OpenSSL software + engine is loaded */ +void ENGINE_load_cswift(void); +void ENGINE_load_chil(void); +void ENGINE_load_atalla(void); +void ENGINE_load_nuron(void); +void ENGINE_load_builtin_engines(void); /* These functions are useful for manufacturing new ENGINE * structures. They don't address reference counting at all - @@ -172,9 +181,9 @@ ENGINE *ENGINE_new(void); int ENGINE_free(ENGINE *e); int ENGINE_set_id(ENGINE *e, const char *id); int ENGINE_set_name(ENGINE *e, const char *name); -int ENGINE_set_RSA(ENGINE *e, RSA_METHOD *rsa_meth); -int ENGINE_set_DSA(ENGINE *e, DSA_METHOD *dsa_meth); -int ENGINE_set_DH(ENGINE *e, DH_METHOD *dh_meth); +int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth); +int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth); +int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth); int ENGINE_set_RAND(ENGINE *e, RAND_METHOD *rand_meth); int ENGINE_set_BN_mod_exp(ENGINE *e, BN_MOD_EXP bn_mod_exp); int ENGINE_set_BN_mod_exp_crt(ENGINE *e, BN_MOD_EXP_CRT bn_mod_exp_crt); @@ -189,9 +198,9 @@ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f); * reference may be problematic! */ const char *ENGINE_get_id(ENGINE *e); const char *ENGINE_get_name(ENGINE *e); -RSA_METHOD *ENGINE_get_RSA(ENGINE *e); -DSA_METHOD *ENGINE_get_DSA(ENGINE *e); -DH_METHOD *ENGINE_get_DH(ENGINE *e); +const RSA_METHOD *ENGINE_get_RSA(ENGINE *e); +const DSA_METHOD *ENGINE_get_DSA(ENGINE *e); +const DH_METHOD *ENGINE_get_DH(ENGINE *e); RAND_METHOD *ENGINE_get_RAND(ENGINE *e); BN_MOD_EXP ENGINE_get_BN_mod_exp(ENGINE *e); BN_MOD_EXP_CRT ENGINE_get_BN_mod_exp_crt(ENGINE *e); @@ -297,10 +306,10 @@ void ERR_load_ENGINE_strings(void); /* Error codes for the ENGINE functions. */ /* Function codes. */ -#define ENGINE_F_ATALLA_FINISH 135 -#define ENGINE_F_ATALLA_INIT 136 -#define ENGINE_F_ATALLA_MOD_EXP 137 -#define ENGINE_F_ATALLA_RSA_MOD_EXP 138 +#define ENGINE_F_ATALLA_FINISH 159 +#define ENGINE_F_ATALLA_INIT 160 +#define ENGINE_F_ATALLA_MOD_EXP 161 +#define ENGINE_F_ATALLA_RSA_MOD_EXP 162 #define ENGINE_F_CSWIFT_DSA_SIGN 133 #define ENGINE_F_CSWIFT_DSA_VERIFY 134 #define ENGINE_F_CSWIFT_FINISH 100 diff --git a/crypto/engine/engine_int.h b/crypto/engine/engine_int.h index d4aa8faca2..b04067992b 100644 --- a/crypto/engine/engine_int.h +++ b/crypto/engine/engine_int.h @@ -66,6 +66,9 @@ #include <openssl/bn.h> #include <openssl/evp.h> +/* Take public definitions from engine.h */ +#include <openssl/engine.h> + #ifdef __cplusplus extern "C" { #endif @@ -73,38 +76,15 @@ extern "C" { /* Bitwise OR-able values for the "flags" variable in ENGINE. */ #define ENGINE_FLAGS_MALLOCED 0x0001 -#ifndef HEADER_ENGINE_H -/* Regrettably, we need to reproduce the "BN" function types here - * because there is no such "BIGNUM_METHOD" as there is with RSA, - * DSA, etc. We do this so that we don't have a case where engine.h - * and engine_int.h conflict with each other. */ -typedef int (*BN_MOD_EXP)(BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); - -/* private key operation for RSA, provided seperately in case other - * RSA implementations wish to use it. */ -typedef int (*BN_MOD_EXP_CRT)(BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1, - const BIGNUM *iqmp, BN_CTX *ctx); - -/* Generic function pointer */ -typedef int (*ENGINE_GEN_FUNC_PTR)(); -/* Generic function pointer taking no arguments */ -typedef int (*ENGINE_GEN_INT_FUNC_PTR)(void); -/* Specific control function pointer */ -typedef int (*ENGINE_CTRL_FUNC_PTR)(int cmd, long i, void *p, void (*f)()); - -#endif - /* This is a structure for storing implementations of various crypto * algorithms and functions. */ -typedef struct engine_st +struct engine_st { const char *id; const char *name; - RSA_METHOD *rsa_meth; - DSA_METHOD *dsa_meth; - DH_METHOD *dh_meth; + const RSA_METHOD *rsa_meth; + const DSA_METHOD *dsa_meth; + const DH_METHOD *dh_meth; RAND_METHOD *rand_meth; BN_MOD_EXP bn_mod_exp; BN_MOD_EXP_CRT bn_mod_exp_crt; @@ -125,7 +105,7 @@ typedef struct engine_st /* Used to maintain the linked-list of engines. */ struct engine_st *prev; struct engine_st *next; - } ENGINE; + }; /* BUILT-IN ENGINES. (these functions are only ever called once and * do not return references - they are purely for bootstrapping). */ diff --git a/crypto/engine/engine_lib.c b/crypto/engine/engine_lib.c index 1df07af03a..48c4fb10cb 100644 --- a/crypto/engine/engine_lib.c +++ b/crypto/engine/engine_lib.c @@ -286,8 +286,6 @@ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id, return pkey; } -/* Initialise a engine type for use (or up its functional reference count - * if it's already in use). */ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) { if(e == NULL) diff --git a/crypto/engine/engine_list.c b/crypto/engine/engine_list.c index 8fe4f305b4..8be1cb6d40 100644 --- a/crypto/engine/engine_list.c +++ b/crypto/engine/engine_list.c @@ -185,24 +185,6 @@ static int engine_internal_check(void) * with our statically compiled-in engines. */ if(!engine_list_add(ENGINE_openssl())) return 0; -#ifndef NO_HW -#ifndef NO_HW_CSWIFT - if(!engine_list_add(ENGINE_cswift())) - return 0; -#endif /* !NO_HW_CSWIFT */ -#ifndef NO_HW_NCIPHER - if(!engine_list_add(ENGINE_ncipher())) - return 0; -#endif /* !NO_HW_NCIPHER */ -#ifndef NO_HW_ATALLA - if(!engine_list_add(ENGINE_atalla())) - return 0; -#endif /* !NO_HW_ATALLA */ -#ifndef NO_HW_NURON - if(!engine_list_add(ENGINE_nuron())) - return 0; -#endif /* !NO_HW_NURON */ -#endif /* !NO_HW */ engine_list_flag = 1; return 1; } @@ -448,7 +430,7 @@ int ENGINE_set_name(ENGINE *e, const char *name) return 1; } -int ENGINE_set_RSA(ENGINE *e, RSA_METHOD *rsa_meth) +int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth) { if((e == NULL) || (rsa_meth == NULL)) { @@ -460,7 +442,7 @@ int ENGINE_set_RSA(ENGINE *e, RSA_METHOD *rsa_meth) return 1; } -int ENGINE_set_DSA(ENGINE *e, DSA_METHOD *dsa_meth) +int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth) { if((e == NULL) || (dsa_meth == NULL)) { @@ -472,7 +454,7 @@ int ENGINE_set_DSA(ENGINE *e, DSA_METHOD *dsa_meth) return 1; } -int ENGINE_set_DH(ENGINE *e, DH_METHOD *dh_meth) +int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth) { if((e == NULL) || (dh_meth == NULL)) { @@ -578,7 +560,7 @@ const char *ENGINE_get_name(ENGINE *e) return e->name; } -RSA_METHOD *ENGINE_get_RSA(ENGINE *e) +const RSA_METHOD *ENGINE_get_RSA(ENGINE *e) { if(e == NULL) { @@ -589,7 +571,7 @@ RSA_METHOD *ENGINE_get_RSA(ENGINE *e) return e->rsa_meth; } -DSA_METHOD *ENGINE_get_DSA(ENGINE *e) +const DSA_METHOD *ENGINE_get_DSA(ENGINE *e) { if(e == NULL) { @@ -600,7 +582,7 @@ DSA_METHOD *ENGINE_get_DSA(ENGINE *e) return e->dsa_meth; } -DH_METHOD *ENGINE_get_DH(ENGINE *e) +const DH_METHOD *ENGINE_get_DH(ENGINE *e) { if(e == NULL) { diff --git a/crypto/engine/engine_openssl.c b/crypto/engine/engine_openssl.c index 9636f51168..a6292a0af2 100644 --- a/crypto/engine/engine_openssl.c +++ b/crypto/engine/engine_openssl.c @@ -72,7 +72,7 @@ /* This is the only function we need to implement as OpenSSL * doesn't have a native CRT mod_exp. Perhaps this should be * BN_mod_exp_crt and moved into crypto/bn/ ?? ... dunno. */ -static int openssl_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int openssl_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1, const BIGNUM *iqmp, BN_CTX *ctx); @@ -112,7 +112,7 @@ ENGINE *ENGINE_openssl() } /* Chinese Remainder Theorem, taken and adapted from rsa_eay.c */ -static int openssl_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int openssl_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1, const BIGNUM *iqmp, BN_CTX *ctx) { diff --git a/crypto/engine/hw_atalla.c b/crypto/engine/hw_atalla.c index e536420480..4bea8e8cc1 100644 --- a/crypto/engine/hw_atalla.c +++ b/crypto/engine/hw_atalla.c @@ -76,13 +76,13 @@ static int atalla_init(void); static int atalla_finish(void); /* BIGNUM stuff */ -static int atalla_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx); /* RSA stuff */ -static int atalla_rsa_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa); +static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa); /* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int atalla_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* DSA stuff */ @@ -95,7 +95,8 @@ static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, /* DH stuff */ /* This function is alised to mod_exp (with the DH and mont dropped). */ -static int atalla_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); @@ -170,9 +171,9 @@ static ENGINE engine_atalla = * (indeed - the lock will already be held by our caller!!!) */ ENGINE *ENGINE_atalla() { - RSA_METHOD *meth1; - DSA_METHOD *meth2; - DH_METHOD *meth3; + const RSA_METHOD *meth1; + const DSA_METHOD *meth2; + const DH_METHOD *meth3; /* We know that the "PKCS1_SSLeay()" functions hook properly * to the atalla-specific mod_exp and mod_exp_crt so we use @@ -215,7 +216,7 @@ static tfnASI_RSAPrivateKeyOpFn *p_Atalla_RSAPrivateKeyOpFn = NULL; static tfnASI_GetPerformanceStatistics *p_Atalla_GetPerformanceStatistics = NULL; /* (de)initialisation functions. */ -static int atalla_init() +static int atalla_init(void) { tfnASI_GetHardwareConfig *p1; tfnASI_RSAPrivateKeyOpFn *p2; @@ -274,7 +275,7 @@ err: return 0; } -static int atalla_finish() +static int atalla_finish(void) { if(atalla_dso == NULL) { @@ -293,7 +294,7 @@ static int atalla_finish() return 1; } -static int atalla_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx) { /* I need somewhere to store temporary serialised values for @@ -366,7 +367,7 @@ err: return to_return; } -static int atalla_rsa_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa) +static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) { BN_CTX *ctx = NULL; int to_return = 0; @@ -426,14 +427,15 @@ static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, } /* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int atalla_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return atalla_mod_exp(r, a, p, m, ctx); } /* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int atalla_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return atalla_mod_exp(r, a, p, m, ctx); diff --git a/crypto/engine/hw_cswift.c b/crypto/engine/hw_cswift.c index 5747973c74..ebb0ab0f77 100644 --- a/crypto/engine/hw_cswift.c +++ b/crypto/engine/hw_cswift.c @@ -88,16 +88,16 @@ static int cswift_init(void); static int cswift_finish(void); /* BIGNUM stuff */ -static int cswift_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx); -static int cswift_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1, const BIGNUM *iqmp, BN_CTX *ctx); /* RSA stuff */ -static int cswift_rsa_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa); +static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa); /* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int cswift_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* DSA stuff */ @@ -107,7 +107,8 @@ static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len, /* DH stuff */ /* This function is alised to mod_exp (with the DH and mont dropped). */ -static int cswift_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); @@ -182,8 +183,8 @@ static ENGINE engine_cswift = * (indeed - the lock will already be held by our caller!!!) */ ENGINE *ENGINE_cswift() { - RSA_METHOD *meth1; - DH_METHOD *meth2; + const RSA_METHOD *meth1; + const DH_METHOD *meth2; /* We know that the "PKCS1_SSLeay()" functions hook properly * to the cswift-specific mod_exp and mod_exp_crt so we use @@ -250,7 +251,7 @@ static void release_context(SW_CONTEXT_HANDLE hac) } /* (de)initialisation functions. */ -static int cswift_init() +static int cswift_init(void) { SW_CONTEXT_HANDLE hac; t_swAcquireAccContext *p1; @@ -307,7 +308,7 @@ err: return 0; } -static int cswift_finish() +static int cswift_finish(void) { if(cswift_dso == NULL) { @@ -328,7 +329,7 @@ static int cswift_finish() } /* Un petit mod_exp */ -static int cswift_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx) { /* I need somewhere to store temporary serialised values for @@ -428,7 +429,7 @@ err: } /* Un petit mod_exp chinois */ -static int cswift_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1, const BIGNUM *iqmp, BN_CTX *ctx) { @@ -541,7 +542,7 @@ err: return to_return; } -static int cswift_rsa_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa) +static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) { BN_CTX *ctx; int to_return = 0; @@ -562,7 +563,7 @@ err: } /* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int cswift_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return cswift_mod_exp(r, a, p, m, ctx); @@ -796,7 +797,8 @@ err: } /* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int cswift_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return cswift_mod_exp(r, a, p, m, ctx); diff --git a/crypto/engine/hw_ncipher.c b/crypto/engine/hw_ncipher.c index f6b06e468f..0057ca966c 100644 --- a/crypto/engine/hw_ncipher.c +++ b/crypto/engine/hw_ncipher.c @@ -93,19 +93,20 @@ static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex*); static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex*); /* BIGNUM stuff */ -static int hwcrhk_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx); /* RSA stuff */ -static int hwcrhk_rsa_mod_exp(BIGNUM *r, BIGNUM *I, RSA *rsa); +static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa); /* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int hwcrhk_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* DH stuff */ /* This function is alised to mod_exp (with the DH and mont dropped). */ -static int hwcrhk_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* RAND stuff */ static int hwcrhk_rand_bytes(unsigned char *buf, int num); @@ -291,8 +292,8 @@ static HWCryptoHook_InitInfo hwcrhk_globals = { * (indeed - the lock will already be held by our caller!!!) */ ENGINE *ENGINE_ncipher() { - RSA_METHOD *meth1; - DH_METHOD *meth2; + const RSA_METHOD *meth1; + const DH_METHOD *meth2; /* We know that the "PKCS1_SSLeay()" functions hook properly * to the cswift-specific mod_exp and mod_exp_crt so we use @@ -375,7 +376,7 @@ static void release_context(HWCryptoHook_ContextHandle hac) } /* (de)initialisation functions. */ -static int hwcrhk_init() +static int hwcrhk_init(void) { HWCryptoHook_Init_t *p1; HWCryptoHook_Finish_t *p2; @@ -474,7 +475,7 @@ err: return 0; } -static int hwcrhk_finish() +static int hwcrhk_finish(void) { int to_return = 1; if(hwcrhk_dso == NULL) @@ -681,7 +682,7 @@ static EVP_PKEY *hwcrhk_load_pubkey(const char *key_id, const char *passphrase) } /* A little mod_exp */ -static int hwcrhk_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx) { char tempbuf[1024]; @@ -737,7 +738,7 @@ err: return to_return; } -static int hwcrhk_rsa_mod_exp(BIGNUM *r, BIGNUM *I, RSA *rsa) +static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa) { char tempbuf[1024]; HWCryptoHook_ErrMsgBuf rmsg; @@ -853,14 +854,15 @@ err: } /* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int hwcrhk_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return hwcrhk_mod_exp(r, a, p, m, ctx); } /* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int hwcrhk_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return hwcrhk_mod_exp(r, a, p, m, ctx); diff --git a/crypto/engine/hw_nuron.c b/crypto/engine/hw_nuron.c index d8a3e3f1fa..504febc1a1 100644 --- a/crypto/engine/hw_nuron.c +++ b/crypto/engine/hw_nuron.c @@ -62,18 +62,17 @@ #include <openssl/dso.h> #include "engine_int.h" #include <openssl/engine.h> -#include <dlfcn.h> #ifndef NO_HW #ifndef NO_HW_NURON -typedef int tfnModExp(BIGNUM *r,BIGNUM *a,const BIGNUM *p,const BIGNUM *m); +typedef int tfnModExp(BIGNUM *r,const BIGNUM *a,const BIGNUM *p,const BIGNUM *m); static tfnModExp *pfnModExp = NULL; static DSO *pvDSOHandle = NULL; -static int nuron_init() +static int nuron_init(void) { if(pvDSOHandle != NULL) { @@ -99,7 +98,7 @@ static int nuron_init() return 1; } -static int nuron_finish() +static int nuron_finish(void) { if(pvDSOHandle == NULL) { @@ -116,7 +115,7 @@ static int nuron_finish() return 1; } -static int nuron_mod_exp(BIGNUM *r,BIGNUM *a,const BIGNUM *p, +static int nuron_mod_exp(BIGNUM *r,const BIGNUM *a,const BIGNUM *p, const BIGNUM *m,BN_CTX *ctx) { if(!pvDSOHandle) @@ -127,7 +126,7 @@ static int nuron_mod_exp(BIGNUM *r,BIGNUM *a,const BIGNUM *p, return pfnModExp(r,a,p,m); } -static int nuron_rsa_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa) +static int nuron_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) { return nuron_mod_exp(r0,I,rsa->d,rsa->n,NULL); } @@ -171,15 +170,16 @@ static int nuron_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, } /* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int nuron_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int nuron_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return nuron_mod_exp(r, a, p, m, ctx); } /* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int nuron_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) +static int nuron_mod_exp_dh(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return nuron_mod_exp(r, a, p, m, ctx); } @@ -251,9 +251,9 @@ static ENGINE engine_nuron = * (indeed - the lock will already be held by our caller!!!) */ ENGINE *ENGINE_nuron() { - RSA_METHOD *meth1; - DSA_METHOD *meth2; - DH_METHOD *meth3; + const RSA_METHOD *meth1; + const DSA_METHOD *meth2; + const DH_METHOD *meth3; /* We know that the "PKCS1_SSLeay()" functions hook properly * to the nuron-specific mod_exp and mod_exp_crt so we use diff --git a/crypto/engine/vendor_defns/cswift.h b/crypto/engine/vendor_defns/cswift.h index 0af14a1a92..517d1a8500 100644 --- a/crypto/engine/vendor_defns/cswift.h +++ b/crypto/engine/vendor_defns/cswift.h @@ -156,6 +156,27 @@ typedef struct _SW_LARGENUMBER { /* bytes in network (big endian) order */ } SW_LARGENUMBER; +#if defined(WIN32) + #include <windows.h> + typedef HANDLE SW_OSHANDLE; /* handle to kernel object */ + #define SW_OS_INVALID_HANDLE INVALID_HANDLE_VALUE + #define SW_CALLCONV _stdcall +#elif defined(MAC) + /* async callback mechanisms */ + /* swiftCallbackLevel */ + #define SW_MAC_CALLBACK_LEVEL_NO 0 + #define SW_MAC_CALLBACK_LEVEL_HARDWARE 1 /* from the hardware ISR */ + #define SW_MAC_CALLBACK_LEVEL_SECONDARY 2 /* as secondary ISR */ + typedef int SW_MAC_CALLBACK_LEVEL; + typedef int SW_OSHANDLE; + #define SW_OS_INVALID_HANDLE (-1) + #define SW_CALLCONV +#else /* Unix variants */ + typedef int SW_OSHANDLE; /* handle to driver */ + #define SW_OS_INVALID_HANDLE (-1) + #define SW_CALLCONV +#endif + typedef struct _SW_CRT { SW_LARGENUMBER p; /* prime number p */ SW_LARGENUMBER q; /* prime number q */ @@ -196,16 +217,16 @@ typedef SW_U32 SW_CONTEXT_HANDLE; /* opaque context handle */ /* Now the OpenSSL bits, these function types are the for the function * pointers that will bound into the Rainbow shared libraries. */ -typedef SW_STATUS t_swAcquireAccContext(SW_CONTEXT_HANDLE *hac); -typedef SW_STATUS t_swAttachKeyParam(SW_CONTEXT_HANDLE hac, - SW_PARAM *key_params); -typedef SW_STATUS t_swSimpleRequest(SW_CONTEXT_HANDLE hac, - SW_COMMAND_CODE cmd, - SW_LARGENUMBER pin[], - SW_U32 pin_count, - SW_LARGENUMBER pout[], - SW_U32 pout_count); -typedef SW_STATUS t_swReleaseAccContext(SW_CONTEXT_HANDLE hac); +typedef SW_STATUS SW_CALLCONV t_swAcquireAccContext(SW_CONTEXT_HANDLE *hac); +typedef SW_STATUS SW_CALLCONV t_swAttachKeyParam(SW_CONTEXT_HANDLE hac, + SW_PARAM *key_params); +typedef SW_STATUS SW_CALLCONV t_swSimpleRequest(SW_CONTEXT_HANDLE hac, + SW_COMMAND_CODE cmd, + SW_LARGENUMBER pin[], + SW_U32 pin_count, + SW_LARGENUMBER pout[], + SW_U32 pout_count); +typedef SW_STATUS SW_CALLCONV t_swReleaseAccContext(SW_CONTEXT_HANDLE hac); #ifdef __cplusplus } diff --git a/crypto/err/Makefile.ssl b/crypto/err/Makefile.ssl index 00ee86f3c4..58cd8f03e4 100644 --- a/crypto/err/Makefile.ssl +++ b/crypto/err/Makefile.ssl @@ -103,12 +103,12 @@ err_all.o: ../../include/openssl/opensslv.h ../../include/openssl/pem2.h err_all.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h err_all.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h err_all.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -err_all.o: ../../include/openssl/rijndael-alg-fst.h -err_all.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -err_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -err_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -err_all.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -err_all.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +err_all.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +err_all.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +err_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +err_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +err_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +err_all.o: ../../include/openssl/x509v3.h err_prn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h err_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h err_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h diff --git a/crypto/err/err.c b/crypto/err/err.c index 99272e437c..3b4de23775 100644 --- a/crypto/err/err.c +++ b/crypto/err/err.c @@ -129,6 +129,12 @@ static unsigned long pid_hash(ERR_STATE *pid); static int pid_cmp(ERR_STATE *a,ERR_STATE *pid); static unsigned long get_error_values(int inc,const char **file,int *line, const char **data,int *flags); + +static IMPLEMENT_LHASH_HASH_FN(err_hash, ERR_STRING_DATA *) +static IMPLEMENT_LHASH_COMP_FN(err_cmp, ERR_STRING_DATA *) +static IMPLEMENT_LHASH_HASH_FN(pid_hash, ERR_STATE *) +static IMPLEMENT_LHASH_COMP_FN(pid_cmp, ERR_STATE *) + static void ERR_STATE_free(ERR_STATE *s); #ifndef NO_ERR static ERR_STRING_DATA ERR_str_libraries[]= @@ -316,7 +322,8 @@ void ERR_load_strings(int lib, ERR_STRING_DATA *str) if (error_hash == NULL) { CRYPTO_w_lock(CRYPTO_LOCK_ERR_HASH); - error_hash=lh_new(err_hash,err_cmp); + error_hash=lh_new(LHASH_HASH_FN(err_hash), + LHASH_COMP_FN(err_cmp)); if (error_hash == NULL) { CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH); @@ -706,7 +713,8 @@ ERR_STATE *ERR_get_state(void) /* no entry yet in thread_hash for current thread - * thus, it may have changed since we last looked at it */ if (thread_hash == NULL) - thread_hash = lh_new(pid_hash, pid_cmp); + thread_hash = lh_new(LHASH_HASH_FN(pid_hash), + LHASH_COMP_FN(pid_cmp)); if (thread_hash == NULL) thread_state_exists = 0; /* allocation error */ else diff --git a/crypto/err/err.h b/crypto/err/err.h index 7388a4a937..b4ced575df 100644 --- a/crypto/err/err.h +++ b/crypto/err/err.h @@ -133,6 +133,7 @@ typedef struct err_state_st #define ERR_LIB_RAND 36 #define ERR_LIB_DSO 37 #define ERR_LIB_ENGINE 38 +#define ERR_LIB_OCSP 39 #define ERR_LIB_USER 128 @@ -163,6 +164,7 @@ typedef struct err_state_st #define RANDerr(f,r) ERR_PUT_error(ERR_LIB_RAND,(f),(r),ERR_file_name,__LINE__) #define DSOerr(f,r) ERR_PUT_error(ERR_LIB_DSO,(f),(r),ERR_file_name,__LINE__) #define ENGINEerr(f,r) ERR_PUT_error(ERR_LIB_ENGINE,(f),(r),ERR_file_name,__LINE__) +#define OCSPerr(f,r) ERR_PUT_error(ERR_LIB_OCSP,(f),(r),ERR_file_name,__LINE__) /* Borland C seems too stupid to be able to shift and do longs in * the pre-processor :-( */ diff --git a/crypto/err/err_all.c b/crypto/err/err_all.c index b8315d8272..d4f169ec01 100644 --- a/crypto/err/err_all.c +++ b/crypto/err/err_all.c @@ -64,7 +64,7 @@ #ifndef NO_RSA #include <openssl/rsa.h> #endif -#ifdef RSAref +#if 0 /* was: #ifdef RSAref */ #include <openssl/rsaref.h> #endif #ifndef NO_DH @@ -98,7 +98,7 @@ void ERR_load_crypto_strings(void) ERR_load_BIO_strings(); ERR_load_CONF_strings(); #ifndef NO_RSA -#ifdef RSAref +#if 0 /* was: #ifdef RSAref */ ERR_load_RSAREF_strings(); #else ERR_load_RSA_strings(); diff --git a/crypto/err/openssl.ec b/crypto/err/openssl.ec index 861d680e07..717c6eeba1 100644 --- a/crypto/err/openssl.ec +++ b/crypto/err/openssl.ec @@ -9,6 +9,7 @@ L EVP crypto/evp/evp.h crypto/evp/evp_err.c L BUF crypto/buffer/buffer.h crypto/buffer/buf_err.c L BIO crypto/bio/bio.h crypto/bio/bio_err.c L OBJ crypto/objects/objects.h crypto/objects/obj_err.c +L OCSP crypto/ocsp/ocsp.h crypto/ocsp/ocsp_err.c L PEM crypto/pem/pem.h crypto/pem/pem_err.c L X509 crypto/x509/x509.h crypto/x509/x509_err.c L NONE crypto/x509/x509_vfy.h NONE @@ -19,7 +20,6 @@ L CONF crypto/conf/conf.h crypto/conf/conf_err.c #L PROXY crypto/proxy/proxy.h crypto/proxy/proxy_err.c L PKCS7 crypto/pkcs7/pkcs7.h crypto/pkcs7/pkcs7err.c L PKCS12 crypto/pkcs12/pkcs12.h crypto/pkcs12/pk12err.c -L RSAREF rsaref/rsaref.h rsaref/rsar_err.c L SSL ssl/ssl.h ssl/ssl_err.c L COMP crypto/comp/comp.h crypto/comp/comp_err.c L RAND crypto/rand/rand.h crypto/rand/rand_err.c diff --git a/crypto/evp/Makefile.ssl b/crypto/evp/Makefile.ssl index 0f059047a9..71d7bd97fd 100644 --- a/crypto/evp/Makefile.ssl +++ b/crypto/evp/Makefile.ssl @@ -111,7 +111,7 @@ bio_b64.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h bio_b64.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h bio_b64.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h bio_b64.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -bio_b64.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +bio_b64.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h bio_b64.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h bio_b64.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h bio_b64.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -129,7 +129,7 @@ bio_enc.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h bio_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h bio_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h bio_enc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -bio_enc.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +bio_enc.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h bio_enc.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h bio_enc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h bio_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -147,7 +147,7 @@ bio_md.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h bio_md.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h bio_md.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h bio_md.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -bio_md.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +bio_md.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h bio_md.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h bio_md.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h bio_md.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -166,11 +166,11 @@ bio_ok.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h bio_ok.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h bio_ok.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h bio_ok.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -bio_ok.o: ../../include/openssl/rijndael-alg-fst.h -bio_ok.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -bio_ok.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -bio_ok.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -bio_ok.o: ../../include/openssl/symhacks.h ../cryptlib.h +bio_ok.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +bio_ok.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +bio_ok.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +bio_ok.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +bio_ok.o: ../cryptlib.h c_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h c_all.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h c_all.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -184,7 +184,7 @@ c_all.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h c_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h c_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h c_all.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -c_all.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +c_all.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h c_all.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h c_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h c_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -203,7 +203,7 @@ c_allc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h c_allc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h c_allc.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h c_allc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -c_allc.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +c_allc.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h c_allc.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h c_allc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h c_allc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -223,7 +223,7 @@ c_alld.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h c_alld.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h c_alld.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h c_alld.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -c_alld.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +c_alld.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h c_alld.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h c_alld.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h c_alld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -242,7 +242,7 @@ digest.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h digest.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h digest.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -digest.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +digest.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h digest.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h digest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -260,7 +260,7 @@ e_bf.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h e_bf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h e_bf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h e_bf.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_bf.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +e_bf.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h e_bf.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h e_bf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h e_bf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -278,7 +278,7 @@ e_cast.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h e_cast.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h e_cast.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h e_cast.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_cast.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +e_cast.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h e_cast.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h e_cast.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h e_cast.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -296,7 +296,7 @@ e_des.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h e_des.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h e_des.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h e_des.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_des.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +e_des.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h e_des.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h e_des.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h e_des.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -314,7 +314,7 @@ e_des3.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h e_des3.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h e_des3.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h e_des3.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_des3.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +e_des3.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h e_des3.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h e_des3.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h e_des3.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -332,7 +332,7 @@ e_idea.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h e_idea.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h e_idea.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h e_idea.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_idea.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +e_idea.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h e_idea.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h e_idea.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h e_idea.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -350,7 +350,7 @@ e_null.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h e_null.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h e_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h e_null.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_null.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +e_null.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h e_null.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h e_null.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h e_null.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -368,7 +368,7 @@ e_rc2.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h e_rc2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h e_rc2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h e_rc2.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_rc2.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +e_rc2.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h e_rc2.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h e_rc2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h e_rc2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -386,7 +386,7 @@ e_rc4.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h e_rc4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h e_rc4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h e_rc4.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_rc4.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +e_rc4.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h e_rc4.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h e_rc4.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h e_rc4.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -404,7 +404,7 @@ e_rc5.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h e_rc5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h e_rc5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h e_rc5.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_rc5.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +e_rc5.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h e_rc5.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h e_rc5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h e_rc5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -421,7 +421,7 @@ e_rd.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h e_rd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h e_rd.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h e_rd.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_rd.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +e_rd.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h e_rd.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h e_rd.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h e_rd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -440,11 +440,11 @@ e_xcbc_d.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h e_xcbc_d.o: ../../include/openssl/opensslconf.h e_xcbc_d.o: ../../include/openssl/opensslv.h ../../include/openssl/rc2.h e_xcbc_d.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -e_xcbc_d.o: ../../include/openssl/rijndael-alg-fst.h -e_xcbc_d.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -e_xcbc_d.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_xcbc_d.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -e_xcbc_d.o: ../../include/openssl/symhacks.h ../cryptlib.h +e_xcbc_d.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +e_xcbc_d.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +e_xcbc_d.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +e_xcbc_d.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +e_xcbc_d.o: ../cryptlib.h encode.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h encode.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h encode.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -458,7 +458,7 @@ encode.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h encode.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h encode.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h encode.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -encode.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +encode.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h encode.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h encode.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h encode.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -476,7 +476,7 @@ evp_enc.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h evp_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h evp_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h evp_enc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -evp_enc.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +evp_enc.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h evp_enc.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h evp_enc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h evp_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -493,7 +493,7 @@ evp_err.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h evp_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h evp_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h evp_err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -evp_err.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +evp_err.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h evp_err.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h evp_err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h evp_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -512,12 +512,12 @@ evp_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h evp_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h evp_key.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h evp_key.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -evp_key.o: ../../include/openssl/rijndael-alg-fst.h -evp_key.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -evp_key.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -evp_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -evp_key.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -evp_key.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +evp_key.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +evp_key.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +evp_key.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +evp_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +evp_key.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +evp_key.o: ../cryptlib.h evp_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h evp_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h evp_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -531,7 +531,7 @@ evp_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h evp_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h evp_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h evp_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -evp_lib.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +evp_lib.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h evp_lib.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h evp_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h evp_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -550,12 +550,12 @@ evp_pbe.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h evp_pbe.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h evp_pbe.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h evp_pbe.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -evp_pbe.o: ../../include/openssl/rijndael-alg-fst.h -evp_pbe.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -evp_pbe.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -evp_pbe.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -evp_pbe.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -evp_pbe.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +evp_pbe.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +evp_pbe.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +evp_pbe.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +evp_pbe.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +evp_pbe.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +evp_pbe.o: ../cryptlib.h evp_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h evp_pkey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h evp_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -571,12 +571,12 @@ evp_pkey.o: ../../include/openssl/opensslconf.h evp_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h evp_pkey.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h evp_pkey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -evp_pkey.o: ../../include/openssl/rijndael-alg-fst.h -evp_pkey.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -evp_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -evp_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -evp_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -evp_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +evp_pkey.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +evp_pkey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +evp_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +evp_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +evp_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +evp_pkey.o: ../cryptlib.h m_dss.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h m_dss.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h m_dss.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -591,12 +591,12 @@ m_dss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h m_dss.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h m_dss.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h m_dss.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_dss.o: ../../include/openssl/rijndael-alg-fst.h -m_dss.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -m_dss.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -m_dss.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -m_dss.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -m_dss.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +m_dss.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +m_dss.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +m_dss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +m_dss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +m_dss.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +m_dss.o: ../cryptlib.h m_dss1.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h m_dss1.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h m_dss1.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -611,12 +611,12 @@ m_dss1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h m_dss1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h m_dss1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h m_dss1.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_dss1.o: ../../include/openssl/rijndael-alg-fst.h -m_dss1.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -m_dss1.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -m_dss1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -m_dss1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -m_dss1.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +m_dss1.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +m_dss1.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +m_dss1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +m_dss1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +m_dss1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +m_dss1.o: ../cryptlib.h m_md2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h m_md2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h m_md2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -631,12 +631,12 @@ m_md2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h m_md2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h m_md2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h m_md2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_md2.o: ../../include/openssl/rijndael-alg-fst.h -m_md2.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -m_md2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -m_md2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -m_md2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -m_md2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +m_md2.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +m_md2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +m_md2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +m_md2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +m_md2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +m_md2.o: ../cryptlib.h m_md4.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h m_md4.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h m_md4.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -651,12 +651,12 @@ m_md4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h m_md4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h m_md4.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h m_md4.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_md4.o: ../../include/openssl/rijndael-alg-fst.h -m_md4.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -m_md4.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -m_md4.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -m_md4.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -m_md4.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +m_md4.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +m_md4.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +m_md4.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +m_md4.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +m_md4.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +m_md4.o: ../cryptlib.h m_md5.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h m_md5.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h m_md5.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -671,12 +671,12 @@ m_md5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h m_md5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h m_md5.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h m_md5.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_md5.o: ../../include/openssl/rijndael-alg-fst.h -m_md5.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -m_md5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -m_md5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -m_md5.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -m_md5.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +m_md5.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +m_md5.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +m_md5.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +m_md5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +m_md5.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +m_md5.o: ../cryptlib.h m_mdc2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h m_mdc2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h m_mdc2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -691,12 +691,12 @@ m_mdc2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h m_mdc2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h m_mdc2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h m_mdc2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_mdc2.o: ../../include/openssl/rijndael-alg-fst.h -m_mdc2.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -m_mdc2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -m_mdc2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -m_mdc2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -m_mdc2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +m_mdc2.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +m_mdc2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +m_mdc2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +m_mdc2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +m_mdc2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +m_mdc2.o: ../cryptlib.h m_null.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h m_null.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h m_null.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -711,12 +711,12 @@ m_null.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h m_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h m_null.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h m_null.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_null.o: ../../include/openssl/rijndael-alg-fst.h -m_null.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -m_null.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -m_null.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -m_null.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -m_null.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +m_null.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +m_null.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +m_null.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +m_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +m_null.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +m_null.o: ../cryptlib.h m_ripemd.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h m_ripemd.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h m_ripemd.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -731,8 +731,7 @@ m_ripemd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h m_ripemd.o: ../../include/openssl/opensslconf.h m_ripemd.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h m_ripemd.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -m_ripemd.o: ../../include/openssl/rc5.h -m_ripemd.o: ../../include/openssl/rijndael-alg-fst.h +m_ripemd.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h m_ripemd.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h m_ripemd.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h m_ripemd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -752,12 +751,12 @@ m_sha.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h m_sha.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h m_sha.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h m_sha.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_sha.o: ../../include/openssl/rijndael-alg-fst.h -m_sha.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -m_sha.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -m_sha.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -m_sha.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -m_sha.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +m_sha.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +m_sha.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +m_sha.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +m_sha.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +m_sha.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +m_sha.o: ../cryptlib.h m_sha1.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h m_sha1.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h m_sha1.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -772,12 +771,12 @@ m_sha1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h m_sha1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h m_sha1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h m_sha1.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_sha1.o: ../../include/openssl/rijndael-alg-fst.h -m_sha1.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -m_sha1.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -m_sha1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -m_sha1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -m_sha1.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +m_sha1.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +m_sha1.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +m_sha1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +m_sha1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +m_sha1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +m_sha1.o: ../cryptlib.h names.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h names.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h names.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -792,12 +791,12 @@ names.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h names.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h names.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h names.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -names.o: ../../include/openssl/rijndael-alg-fst.h -names.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -names.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -names.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -names.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -names.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +names.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +names.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +names.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +names.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +names.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +names.o: ../cryptlib.h p5_crpt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h p5_crpt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h p5_crpt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -812,12 +811,12 @@ p5_crpt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p5_crpt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p5_crpt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h p5_crpt.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p5_crpt.o: ../../include/openssl/rijndael-alg-fst.h -p5_crpt.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p5_crpt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p5_crpt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p5_crpt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p5_crpt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +p5_crpt.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +p5_crpt.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p5_crpt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p5_crpt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p5_crpt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p5_crpt.o: ../cryptlib.h p5_crpt2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h p5_crpt2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h p5_crpt2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -832,8 +831,7 @@ p5_crpt2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h p5_crpt2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p5_crpt2.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h p5_crpt2.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p5_crpt2.o: ../../include/openssl/rc5.h -p5_crpt2.o: ../../include/openssl/rijndael-alg-fst.h +p5_crpt2.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h p5_crpt2.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h p5_crpt2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p5_crpt2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -853,7 +851,7 @@ p_dec.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p_dec.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p_dec.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h p_dec.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p_dec.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +p_dec.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h p_dec.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h p_dec.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p_dec.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -873,7 +871,7 @@ p_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p_enc.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h p_enc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p_enc.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +p_enc.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h p_enc.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h p_enc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -893,7 +891,7 @@ p_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h p_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h p_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p_lib.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +p_lib.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h p_lib.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h p_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -913,12 +911,12 @@ p_open.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p_open.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p_open.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h p_open.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p_open.o: ../../include/openssl/rijndael-alg-fst.h -p_open.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p_open.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p_open.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p_open.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p_open.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +p_open.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +p_open.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p_open.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p_open.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p_open.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p_open.o: ../cryptlib.h p_seal.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h p_seal.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h p_seal.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -933,7 +931,7 @@ p_seal.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p_seal.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h p_seal.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p_seal.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +p_seal.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h p_seal.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h p_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -953,12 +951,12 @@ p_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p_sign.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h p_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p_sign.o: ../../include/openssl/rijndael-alg-fst.h -p_sign.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +p_sign.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +p_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p_sign.o: ../cryptlib.h p_verify.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h p_verify.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h p_verify.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -973,8 +971,7 @@ p_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p_verify.o: ../../include/openssl/opensslconf.h p_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h p_verify.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p_verify.o: ../../include/openssl/rc5.h -p_verify.o: ../../include/openssl/rijndael-alg-fst.h +p_verify.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h p_verify.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h p_verify.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h diff --git a/crypto/evp/bio_enc.c b/crypto/evp/bio_enc.c index 831c71a2b5..f8336f2610 100644 --- a/crypto/evp/bio_enc.c +++ b/crypto/evp/bio_enc.c @@ -71,6 +71,7 @@ static int enc_new(BIO *h); static int enc_free(BIO *data); static long enc_callback_ctrl(BIO *h, int cmd, bio_info_cb *fps); #define ENC_BLOCK_SIZE (1024*4) +#define BUF_OFFSET 8 /* XXX: why? */ typedef struct enc_struct { @@ -80,7 +81,7 @@ typedef struct enc_struct int finished; int ok; /* bad decrypt */ EVP_CIPHER_CTX cipher; - char buf[ENC_BLOCK_SIZE+10]; + char buf[ENC_BLOCK_SIZE+BUF_OFFSET+2/*why?*/]; } BIO_ENC_CTX; static BIO_METHOD methods_enc= @@ -172,7 +173,7 @@ static int enc_read(BIO *b, char *out, int outl) /* read in at offset 8, read the EVP_Cipher * documentation about why */ - i=BIO_read(b->next_bio,&(ctx->buf[8]),ENC_BLOCK_SIZE); + i=BIO_read(b->next_bio,&(ctx->buf[BUF_OFFSET]),ENC_BLOCK_SIZE); if (i <= 0) { @@ -196,7 +197,7 @@ static int enc_read(BIO *b, char *out, int outl) { EVP_CipherUpdate(&(ctx->cipher), (unsigned char *)ctx->buf,&ctx->buf_len, - (unsigned char *)&(ctx->buf[8]),i); + (unsigned char *)&(ctx->buf[BUF_OFFSET]),i); ctx->cont=1; /* Note: it is possible for EVP_CipherUpdate to * decrypt zero bytes because this is or looks like diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c index a9aba4ae70..7bf42b3002 100644 --- a/crypto/evp/e_des3.c +++ b/crypto/evp/e_des3.c @@ -93,6 +93,17 @@ static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) { +#ifdef KSSL_DEBUG + { + int i; + char *cp; + printf("des_ede_cbc_cipher(ctx=%lx, buflen=%d)\n", ctx, ctx->buf_len); + printf("\t iv= "); + for(i=0;i<8;i++) + printf("%02X",ctx->iv[i]); + printf("\n"); + } +#endif /* KSSL_DEBUG */ des_ede3_cbc_encrypt(in, out, (long)inl, ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3, (des_cblock *)ctx->iv, ctx->encrypt); @@ -145,6 +156,16 @@ static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { des_cblock *deskey = (des_cblock *)key; +#ifdef KSSL_DEBUG + { + int i; + printf("des_ede3_init_key(ctx=%lx)\n", ctx); + printf("\tKEY= "); + for(i=0;i<24;i++) printf("%02X",key[i]); printf("\n"); + printf("\t IV= "); + for(i=0;i<8;i++) printf("%02X",iv[i]); printf("\n"); + } +#endif /* KSSL_DEBUG */ des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1); des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2); diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index e8621973ec..17a0f306eb 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -121,6 +121,7 @@ #define EVP_MAX_MD_SIZE (16+20) /* The SSLv3 md5+sha1 type */ #define EVP_MAX_KEY_LENGTH 32 #define EVP_MAX_IV_LENGTH 16 +#define EVP_MAX_BLOCK_LENGTH 32 #define PKCS5_SALT_LEN 8 /* Default PKCS#5 iteration count */ @@ -396,7 +397,7 @@ struct evp_cipher_ctx_st unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */ unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */ - unsigned char buf[EVP_MAX_IV_LENGTH]; /* saved partial block */ + unsigned char buf[EVP_MAX_BLOCK_LENGTH];/* saved partial block */ int num; /* used by cfb/ofb mode */ void *app_data; /* application stuff */ diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c index 8df2874f3c..0f34847333 100644 --- a/crypto/evp/evp_pkey.c +++ b/crypto/evp/evp_pkey.c @@ -82,6 +82,7 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8) #endif X509_ALGOR *a; unsigned char *p; + const unsigned char *cp; int pkeylen; char obj_tmp[80]; @@ -103,7 +104,8 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8) { #ifndef NO_RSA case NID_rsaEncryption: - if (!(rsa = d2i_RSAPrivateKey (NULL, &p, pkeylen))) { + cp = p; + if (!(rsa = d2i_RSAPrivateKey (NULL,&cp, pkeylen))) { EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); return NULL; } @@ -163,9 +165,9 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8) EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); goto dsaerr; } - p = param->value.sequence->data; + cp = p = param->value.sequence->data; plen = param->value.sequence->length; - if (!(dsa = d2i_DSAparams (NULL, &p, plen))) { + if (!(dsa = d2i_DSAparams (NULL, &cp, plen))) { EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); goto dsaerr; } diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 62398ed74d..14af3198dc 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -99,7 +99,7 @@ int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode) #ifndef NO_DSA if (pkey->type == EVP_PKEY_DSA) { - int ret=pkey->save_parameters=mode; + int ret=pkey->save_parameters; if (mode >= 0) pkey->save_parameters=mode; diff --git a/crypto/ex_data.c b/crypto/ex_data.c index 739e543d78..35ea2c2982 100644 --- a/crypto/ex_data.c +++ b/crypto/ex_data.c @@ -131,7 +131,7 @@ int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val) return(1); } -void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *ad, int idx) +void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx) { if (ad->sk == NULL) return(0); diff --git a/crypto/hmac/Makefile.ssl b/crypto/hmac/Makefile.ssl index a15f775c98..ab2e9a83c9 100644 --- a/crypto/hmac/Makefile.ssl +++ b/crypto/hmac/Makefile.ssl @@ -91,8 +91,7 @@ hmac.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h hmac.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h hmac.o: ../../include/openssl/opensslv.h ../../include/openssl/rc2.h hmac.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -hmac.o: ../../include/openssl/rijndael-alg-fst.h -hmac.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -hmac.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -hmac.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -hmac.o: ../../include/openssl/symhacks.h +hmac.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +hmac.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +hmac.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +hmac.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h diff --git a/crypto/install.com b/crypto/install.com index 4780118ab9..96db3abbb1 100644 --- a/crypto/install.com +++ b/crypto/install.com @@ -58,7 +58,7 @@ $ EXHEADER_DSA := dsa.h $ EXHEADER_DH := dh.h $ EXHEADER_DSO := dso.h $ EXHEADER_ENGINE := engine.h -$ EXHEADER_RIJNDAEL := rijndael-alg-fst.h,rijndael.h +$ EXHEADER_RIJNDAEL := rd_fst.h,rijndael.h $ EXHEADER_BUFFER := buffer.h $ EXHEADER_BIO := bio.h $ EXHEADER_STACK := stack.h,safestack.h diff --git a/crypto/lhash/lh_stats.c b/crypto/lhash/lh_stats.c index ee0600060e..62dab3acc9 100644 --- a/crypto/lhash/lh_stats.c +++ b/crypto/lhash/lh_stats.c @@ -139,7 +139,7 @@ void lh_node_usage_stats(LHASH *lh, FILE *out) #else #ifndef NO_FP_API -void lh_stats(LHASH *lh, FILE *fp) +void lh_stats(const LHASH *lh, FILE *fp) { BIO *bp; @@ -151,7 +151,7 @@ void lh_stats(LHASH *lh, FILE *fp) end:; } -void lh_node_stats(LHASH *lh, FILE *fp) +void lh_node_stats(const LHASH *lh, FILE *fp) { BIO *bp; @@ -163,7 +163,7 @@ void lh_node_stats(LHASH *lh, FILE *fp) end:; } -void lh_node_usage_stats(LHASH *lh, FILE *fp) +void lh_node_usage_stats(const LHASH *lh, FILE *fp) { BIO *bp; @@ -177,7 +177,7 @@ end:; #endif -void lh_stats_bio(LHASH *lh, BIO *out) +void lh_stats_bio(const LHASH *lh, BIO *out) { char buf[128]; @@ -225,7 +225,7 @@ void lh_stats_bio(LHASH *lh, BIO *out) #endif } -void lh_node_stats_bio(LHASH *lh, BIO *out) +void lh_node_stats_bio(const LHASH *lh, BIO *out) { LHASH_NODE *n; unsigned int i,num; @@ -240,7 +240,7 @@ void lh_node_stats_bio(LHASH *lh, BIO *out) } } -void lh_node_usage_stats_bio(LHASH *lh, BIO *out) +void lh_node_usage_stats_bio(const LHASH *lh, BIO *out) { LHASH_NODE *n; unsigned long num; diff --git a/crypto/lhash/lhash.c b/crypto/lhash/lhash.c index 7da14620a4..60699f45cc 100644 --- a/crypto/lhash/lhash.c +++ b/crypto/lhash/lhash.c @@ -111,7 +111,7 @@ static void expand(LHASH *lh); static void contract(LHASH *lh); static LHASH_NODE **getrn(LHASH *lh, void *data, unsigned long *rhash); -LHASH *lh_new(unsigned long (*h)(), int (*c)()) +LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c) { LHASH *ret; int i; @@ -122,8 +122,8 @@ LHASH *lh_new(unsigned long (*h)(), int (*c)()) goto err1; for (i=0; i<MIN_NODES; i++) ret->b[i]=NULL; - ret->comp=((c == NULL)?(int (*)())strcmp:c); - ret->hash=((h == NULL)?(unsigned long (*)())lh_strhash:h); + ret->comp=((c == NULL)?(LHASH_COMP_FN_TYPE)strcmp:c); + ret->hash=((h == NULL)?(LHASH_HASH_FN_TYPE)lh_strhash:h); ret->num_nodes=MIN_NODES/2; ret->num_alloc_nodes=MIN_NODES; ret->p=0; @@ -267,12 +267,19 @@ void *lh_retrieve(LHASH *lh, void *data) return(ret); } -void lh_doall(LHASH *lh, void (*func)()) +void lh_doall(LHASH *lh, LHASH_DOALL_FN_TYPE func) { - lh_doall_arg(lh,func,NULL); + /* Yikes that's bad - we're accepting a function that accepts 2 + * parameters (albeit we have to waive type-safety here) and then + * forcibly calling that callback with *3* parameters leaving the 3rd + * NULL. Obviously this "works" otherwise it wouldn't have survived so + * long, but is it "good"?? + * FIXME: Use an internal function from this and the "_arg" version that + * doesn't assume the ability to mutate function prototypes so badly. */ + lh_doall_arg(lh, (LHASH_DOALL_ARG_FN_TYPE)func, NULL); } -void lh_doall_arg(LHASH *lh, void (*func)(), void *arg) +void lh_doall_arg(LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg) { int i; LHASH_NODE *a,*n; @@ -312,7 +319,7 @@ static void expand(LHASH *lh) #ifndef NO_HASH_COMP hash=np->hash; #else - hash=(*(lh->hash))(np->data); + hash=lh->hash(np->data); lh->num_hash_calls++; #endif if ((hash%nni) != p) @@ -415,7 +422,7 @@ static LHASH_NODE **getrn(LHASH *lh, void *data, unsigned long *rhash) } #endif lh->num_comp_calls++; - if ((*cf)(n1->data,data) == 0) + if(cf(n1->data,data) == 0) break; ret= &(n1->next); } @@ -455,7 +462,7 @@ unsigned long lh_strhash(const char *c) return((ret>>16)^ret); } -unsigned long lh_num_items(LHASH *lh) +unsigned long lh_num_items(const LHASH *lh) { return lh ? lh->num_items : 0; } diff --git a/crypto/lhash/lhash.h b/crypto/lhash/lhash.h index b8ff021906..6420512079 100644 --- a/crypto/lhash/lhash.h +++ b/crypto/lhash/lhash.h @@ -84,11 +84,42 @@ typedef struct lhash_node_st #endif } LHASH_NODE; +typedef int (*LHASH_COMP_FN_TYPE)(void *, void *); +typedef unsigned long (*LHASH_HASH_FN_TYPE)(void *); +typedef void (*LHASH_DOALL_FN_TYPE)(void *); +typedef void (*LHASH_DOALL_ARG_FN_TYPE)(void *, void *); + +/* Macros for declaring and implementing type-safe wrappers for LHASH callbacks. + * This way, callbacks can be provided to LHASH structures without function + * pointer casting and the macro-defined callbacks provide per-variable casting + * before deferring to the underlying type-specific callbacks. NB: It is + * possible to place a "static" in front of both the DECLARE and IMPLEMENT + * macros if the functions are strictly internal. */ + +/* First: "hash" functions */ +#define DECLARE_LHASH_HASH_FN(f_name,o_type) \ + unsigned long f_name##_LHASH_HASH(void *); +#define IMPLEMENT_LHASH_HASH_FN(f_name,o_type) \ + unsigned long f_name##_LHASH_HASH(void *arg) { \ + o_type a = (o_type)arg; \ + return f_name(a); } +#define LHASH_HASH_FN(f_name) f_name##_LHASH_HASH + +/* Second: "compare" functions */ +#define DECLARE_LHASH_COMP_FN(f_name,o_type) \ + int f_name##_LHASH_COMP(void *, void *); +#define IMPLEMENT_LHASH_COMP_FN(f_name,o_type) \ + int f_name##_LHASH_COMP(void *arg1, void *arg2) { \ + o_type a = (o_type)arg1; \ + o_type b = (o_type)arg2; \ + return f_name(a,b); } +#define LHASH_COMP_FN(f_name) f_name##_LHASH_COMP + typedef struct lhash_st { LHASH_NODE **b; - int (*comp)(); - unsigned long (*hash)(); + LHASH_COMP_FN_TYPE comp; + LHASH_HASH_FN_TYPE hash; unsigned int num_nodes; unsigned int num_alloc_nodes; unsigned int p; @@ -120,26 +151,26 @@ typedef struct lhash_st * in lh_insert(). */ #define lh_error(lh) ((lh)->error) -LHASH *lh_new(unsigned long (*h)(/* void *a */), int (*c)(/* void *a,void *b */)); +LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c); void lh_free(LHASH *lh); void *lh_insert(LHASH *lh, void *data); void *lh_delete(LHASH *lh, void *data); void *lh_retrieve(LHASH *lh, void *data); - void lh_doall(LHASH *lh, void (*func)(/*void *b*/)); -void lh_doall_arg(LHASH *lh, void (*func)(/*void *a,void *b*/),void *arg); +void lh_doall(LHASH *lh, LHASH_DOALL_FN_TYPE func); +void lh_doall_arg(LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg); unsigned long lh_strhash(const char *c); -unsigned long lh_num_items(LHASH *lh); +unsigned long lh_num_items(const LHASH *lh); #ifndef NO_FP_API -void lh_stats(LHASH *lh, FILE *out); -void lh_node_stats(LHASH *lh, FILE *out); -void lh_node_usage_stats(LHASH *lh, FILE *out); +void lh_stats(const LHASH *lh, FILE *out); +void lh_node_stats(const LHASH *lh, FILE *out); +void lh_node_usage_stats(const LHASH *lh, FILE *out); #endif #ifndef NO_BIO -void lh_stats_bio(LHASH *lh, BIO *out); -void lh_node_stats_bio(LHASH *lh, BIO *out); -void lh_node_usage_stats_bio(LHASH *lh, BIO *out); +void lh_stats_bio(const LHASH *lh, BIO *out); +void lh_node_stats_bio(const LHASH *lh, BIO *out); +void lh_node_usage_stats_bio(const LHASH *lh, BIO *out); #endif #ifdef __cplusplus } diff --git a/crypto/md32_common.h b/crypto/md32_common.h index 1a404a458d..3d9f8d0349 100644 --- a/crypto/md32_common.h +++ b/crypto/md32_common.h @@ -179,7 +179,7 @@ */ #undef ROTATE #ifndef PEDANTIC -# if defined(_MSC_VER) +# if 0 /* defined(_MSC_VER) */ # define ROTATE(a,n) _lrotl(a,n) # elif defined(__MWERKS__) # if defined(__POWERPC__) diff --git a/crypto/mem_dbg.c b/crypto/mem_dbg.c index 866c53e73a..56ce7dddea 100644 --- a/crypto/mem_dbg.c +++ b/crypto/mem_dbg.c @@ -234,6 +234,9 @@ static unsigned long mem_hash(MEM *a) return(ret); } +static IMPLEMENT_LHASH_HASH_FN(mem_hash, MEM *) +static IMPLEMENT_LHASH_COMP_FN(mem_cmp, MEM *) + static int app_info_cmp(APP_INFO *a, APP_INFO *b) { return(a->thread != b->thread); @@ -249,7 +252,10 @@ static unsigned long app_info_hash(APP_INFO *a) return(ret); } -static APP_INFO *pop_info() +static IMPLEMENT_LHASH_HASH_FN(app_info_hash, APP_INFO *) +static IMPLEMENT_LHASH_COMP_FN(app_info_cmp, APP_INFO *) + +static APP_INFO *pop_info(void) { APP_INFO tmp; APP_INFO *ret = NULL; @@ -266,7 +272,7 @@ static APP_INFO *pop_info() next->references++; lh_insert(amih,(char *)next); } -#ifdef LEVITTE_DEBUG +#ifdef LEVITTE_DEBUG_MEM if (ret->thread != tmp.thread) { fprintf(stderr, "pop_info(): deleted info has other thread ID (%lu) than the current thread (%lu)!!!!\n", @@ -302,7 +308,8 @@ int CRYPTO_push_info_(const char *info, const char *file, int line) } if (amih == NULL) { - if ((amih=lh_new(app_info_hash,app_info_cmp)) == NULL) + if ((amih=lh_new(LHASH_HASH_FN(app_info_hash), + LHASH_COMP_FN(app_info_cmp))) == NULL) { OPENSSL_free(ami); ret=0; @@ -319,7 +326,7 @@ int CRYPTO_push_info_(const char *info, const char *file, int line) if ((amim=(APP_INFO *)lh_insert(amih,(char *)ami)) != NULL) { -#ifdef LEVITTE_DEBUG +#ifdef LEVITTE_DEBUG_MEM if (ami->thread != amim->thread) { fprintf(stderr, "CRYPTO_push_info(): previous info has other thread ID (%lu) than the current thread (%lu)!!!!\n", @@ -394,7 +401,8 @@ void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line, } if (mh == NULL) { - if ((mh=lh_new(mem_hash,mem_cmp)) == NULL) + if ((mh=lh_new(LHASH_HASH_FN(mem_hash), + LHASH_COMP_FN(mem_cmp))) == NULL) { OPENSSL_free(addr); OPENSSL_free(m); @@ -418,8 +426,8 @@ void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line, m->order=order; } m->order=order++; -#ifdef LEVITTE_DEBUG - fprintf(stderr, "LEVITTE_DEBUG: [%5d] %c 0x%p (%d)\n", +#ifdef LEVITTE_DEBUG_MEM + fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5d] %c 0x%p (%d)\n", m->order, (before_p & 128) ? '*' : '+', m->addr, m->num); @@ -473,8 +481,8 @@ void CRYPTO_dbg_free(void *addr, int before_p) mp=(MEM *)lh_delete(mh,(char *)&m); if (mp != NULL) { -#ifdef LEVITTE_DEBUG - fprintf(stderr, "LEVITTE_DEBUG: [%5d] - 0x%p (%d)\n", +#ifdef LEVITTE_DEBUG_MEM + fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5d] - 0x%p (%d)\n", mp->order, mp->addr, mp->num); #endif if (mp->app_info != NULL) @@ -497,8 +505,8 @@ void CRYPTO_dbg_realloc(void *addr1, void *addr2, int num, { MEM m,*mp; -#ifdef LEVITTE_DEBUG - fprintf(stderr, "LEVITTE_DEBUG: --> CRYPTO_dbg_malloc(addr1 = %p, addr2 = %p, num = %d, file = \"%s\", line = %d, before_p = %d)\n", +#ifdef LEVITTE_DEBUG_MEM + fprintf(stderr, "LEVITTE_DEBUG_MEM: --> CRYPTO_dbg_malloc(addr1 = %p, addr2 = %p, num = %d, file = \"%s\", line = %d, before_p = %d)\n", addr1, addr2, num, file, line, before_p); #endif @@ -524,8 +532,8 @@ void CRYPTO_dbg_realloc(void *addr1, void *addr2, int num, mp=(MEM *)lh_delete(mh,(char *)&m); if (mp != NULL) { -#ifdef LEVITTE_DEBUG - fprintf(stderr, "LEVITTE_DEBUG: [%5d] * 0x%p (%d) -> 0x%p (%d)\n", +#ifdef LEVITTE_DEBUG_MEM + fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5d] * 0x%p (%d) -> 0x%p (%d)\n", mp->order, mp->addr, mp->num, addr2, num); @@ -626,7 +634,7 @@ static void print_leak(MEM *m, MEM_LEAK *l) } while(amip && amip->thread == ti); -#ifdef LEVITTE_DEBUG +#ifdef LEVITTE_DEBUG_MEM if (amip) { fprintf(stderr, "Thread switch detected in backtrace!!!!\n"); @@ -647,7 +655,8 @@ void CRYPTO_mem_leaks(BIO *b) ml.chunks=0; MemCheck_off(); /* obtains CRYPTO_LOCK_MALLOC2 */ if (mh != NULL) - lh_doall_arg(mh,(void (*)())print_leak,(char *)&ml); + lh_doall_arg(mh, (LHASH_DOALL_ARG_FN_TYPE)print_leak, + (char *)&ml); if (ml.chunks != 0) { sprintf(buf,"%ld bytes leaked in %d chunks\n", @@ -725,6 +734,6 @@ void CRYPTO_mem_leaks_cb(void (*cb)(unsigned long, const char *, int, int, void { if (mh == NULL) return; CRYPTO_w_lock(CRYPTO_LOCK_MALLOC2); - lh_doall_arg(mh,(void (*)())cb_leak,(void *)&cb); + lh_doall_arg(mh, (LHASH_DOALL_ARG_FN_TYPE)cb_leak,(void *)&cb); CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC2); } diff --git a/crypto/objects/Makefile.ssl b/crypto/objects/Makefile.ssl index 7b01d4b085..55635aef12 100644 --- a/crypto/objects/Makefile.ssl +++ b/crypto/objects/Makefile.ssl @@ -44,10 +44,10 @@ lib: $(LIBOBJ) @touch lib obj_dat.h: objects.h objects.txt obj_mac.h - perl obj_dat.pl obj_mac.h obj_dat.h + $(PERL) obj_dat.pl obj_mac.h obj_dat.h obj_mac.h: objects.txt obj_mac.num - perl objects.pl objects.txt obj_mac.num obj_mac.h + $(PERL) objects.pl objects.txt obj_mac.num obj_mac.h files: $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO diff --git a/crypto/objects/o_names.c b/crypto/objects/o_names.c index dca988230e..ccf3a18726 100644 --- a/crypto/objects/o_names.c +++ b/crypto/objects/o_names.c @@ -14,9 +14,9 @@ static int names_type_num=OBJ_NAME_TYPE_NUM; typedef struct name_funcs_st { - unsigned long (*hash_func)(); - int (*cmp_func)(); - void (*free_func)(); + unsigned long (*hash_func)(const char *name); + int (*cmp_func)(const char *a,const char *b); + void (*free_func)(const char *, int, const char *); } NAME_FUNCS; DECLARE_STACK_OF(NAME_FUNCS) @@ -27,17 +27,21 @@ static STACK_OF(NAME_FUNCS) *name_funcs_stack; static unsigned long obj_name_hash(OBJ_NAME *a); static int obj_name_cmp(OBJ_NAME *a,OBJ_NAME *b); +static IMPLEMENT_LHASH_HASH_FN(obj_name_hash, OBJ_NAME *) +static IMPLEMENT_LHASH_COMP_FN(obj_name_cmp, OBJ_NAME *) + int OBJ_NAME_init(void) { if (names_lh != NULL) return(1); MemCheck_off(); - names_lh=lh_new(obj_name_hash,obj_name_cmp); + names_lh=lh_new(LHASH_HASH_FN(obj_name_hash), + LHASH_COMP_FN(obj_name_cmp)); MemCheck_on(); return(names_lh != NULL); } int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *), - int (*cmp_func)(const void *, const void *), + int (*cmp_func)(const char *, const char *), void (*free_func)(const char *, int, const char *)) { int ret; @@ -62,12 +66,12 @@ int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *), MemCheck_off(); name_funcs = OPENSSL_malloc(sizeof(NAME_FUNCS)); name_funcs->hash_func = lh_strhash; - name_funcs->cmp_func = (int (*)())strcmp; + name_funcs->cmp_func = strcmp; name_funcs->free_func = 0; /* NULL is often declared to - * ((void *)0), which according - * to Compaq C is not really - * compatible with a function - * pointer. -- Richard Levitte*/ + * ((void *)0), which according + * to Compaq C is not really + * compatible with a function + * pointer. -- Richard Levitte*/ sk_NAME_FUNCS_push(name_funcs_stack,name_funcs); MemCheck_on(); } @@ -132,7 +136,7 @@ const char *OBJ_NAME_get(const char *name, int type) on.type=type; for (;;) - { + { ret=(OBJ_NAME *)lh_retrieve(names_lh,&on); if (ret == NULL) return(NULL); if ((ret->alias) && !alias) @@ -224,12 +228,80 @@ int OBJ_NAME_remove(const char *name, int type) return(0); } +struct doall + { + int type; + void (*fn)(const OBJ_NAME *,void *arg); + void *arg; + }; + +static void do_all_fn(const OBJ_NAME *name,struct doall *d) + { + if(name->type == d->type) + d->fn(name,d->arg); + } + +void OBJ_NAME_do_all(int type,void (*fn)(const OBJ_NAME *,void *arg),void *arg) + { + struct doall d; + + d.type=type; + d.fn=fn; + d.arg=arg; + + lh_doall_arg(names_lh,(LHASH_DOALL_ARG_FN_TYPE)do_all_fn,&d); + } + +struct doall_sorted + { + int type; + int n; + const OBJ_NAME **names; + }; + +static void do_all_sorted_fn(const OBJ_NAME *name,void *d_) + { + struct doall_sorted *d=d_; + + if(name->type != d->type) + return; + + d->names[d->n++]=name; + } + +static int do_all_sorted_cmp(const void *n1_,const void *n2_) + { + const OBJ_NAME * const *n1=n1_; + const OBJ_NAME * const *n2=n2_; + + return strcmp((*n1)->name,(*n2)->name); + } + +void OBJ_NAME_do_all_sorted(int type,void (*fn)(const OBJ_NAME *,void *arg), + void *arg) + { + struct doall_sorted d; + int n; + + d.type=type; + d.names=OPENSSL_malloc(lh_num_items(names_lh)*sizeof *d.names); + d.n=0; + OBJ_NAME_do_all(type,do_all_sorted_fn,&d); + + qsort(d.names,d.n,sizeof *d.names,do_all_sorted_cmp); + + for(n=0 ; n < d.n ; ++n) + fn(d.names[n],arg); + + OPENSSL_free(d.names); + } + static int free_type; static void names_lh_free(OBJ_NAME *onp, int type) { if(onp == NULL) - return; + return; if ((free_type < 0) || (free_type == onp->type)) { @@ -252,7 +324,7 @@ void OBJ_NAME_cleanup(int type) down_load=names_lh->down_load; names_lh->down_load=0; - lh_doall(names_lh,names_lh_free); + lh_doall(names_lh,(LHASH_DOALL_FN_TYPE)names_lh_free); if (type < 0) { lh_free(names_lh); diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c index 4b1bb9583a..6eb9f48861 100644 --- a/crypto/objects/obj_dat.c +++ b/crypto/objects/obj_dat.c @@ -174,10 +174,13 @@ static int add_cmp(ADDED_OBJ *ca, ADDED_OBJ *cb) return(1); /* should not get here */ } +static IMPLEMENT_LHASH_HASH_FN(add_hash, ADDED_OBJ *) +static IMPLEMENT_LHASH_COMP_FN(add_cmp, ADDED_OBJ *) + static int init_added(void) { if (added != NULL) return(1); - added=lh_new(add_hash,add_cmp); + added=lh_new(LHASH_HASH_FN(add_hash),LHASH_COMP_FN(add_cmp)); return(added != NULL); } @@ -203,9 +206,9 @@ void OBJ_cleanup(void) { if (added == NULL) return; added->down_load=0; - lh_doall(added,cleanup1); /* zero counters */ - lh_doall(added,cleanup2); /* set counters */ - lh_doall(added,cleanup3); /* free objects */ + lh_doall(added,(LHASH_DOALL_FN_TYPE)cleanup1); /* zero counters */ + lh_doall(added,(LHASH_DOALL_FN_TYPE)cleanup2); /* set counters */ + lh_doall(added,(LHASH_DOALL_FN_TYPE)cleanup3); /* free objects */ lh_free(added); added=NULL; } diff --git a/crypto/objects/objects.h b/crypto/objects/objects.h index c099e2e84e..8918683aab 100644 --- a/crypto/objects/objects.h +++ b/crypto/objects/objects.h @@ -985,12 +985,17 @@ typedef struct obj_name_st int OBJ_NAME_init(void); -int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *),int (*cmp_func)(const void *, const void *), - void (*free_func)(const char *, int, const char *)); +int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *), + int (*cmp_func)(const char *, const char *), + void (*free_func)(const char *, int, const char *)); const char *OBJ_NAME_get(const char *name,int type); int OBJ_NAME_add(const char *name,int type,const char *data); int OBJ_NAME_remove(const char *name,int type); void OBJ_NAME_cleanup(int type); /* -1 for everything */ +void OBJ_NAME_do_all(int type,void (*fn)(const OBJ_NAME *,void *arg), + void *arg); +void OBJ_NAME_do_all_sorted(int type,void (*fn)(const OBJ_NAME *,void *arg), + void *arg); ASN1_OBJECT * OBJ_dup(ASN1_OBJECT *o); ASN1_OBJECT * OBJ_nid2obj(int n); diff --git a/crypto/pem/Makefile.ssl b/crypto/pem/Makefile.ssl index e26c079b4e..19465558f8 100644 --- a/crypto/pem/Makefile.ssl +++ b/crypto/pem/Makefile.ssl @@ -95,12 +95,12 @@ pem_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h pem_all.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h pem_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h pem_all.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pem_all.o: ../../include/openssl/rijndael-alg-fst.h -pem_all.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -pem_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pem_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pem_all.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -pem_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +pem_all.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +pem_all.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +pem_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pem_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pem_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +pem_all.o: ../cryptlib.h pem_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h pem_err.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h pem_err.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -115,7 +115,7 @@ pem_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h pem_err.o: ../../include/openssl/opensslv.h ../../include/openssl/pem.h pem_err.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h pem_err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pem_err.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +pem_err.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h pem_err.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h pem_err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h pem_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -136,8 +136,7 @@ pem_info.o: ../../include/openssl/opensslconf.h pem_info.o: ../../include/openssl/opensslv.h ../../include/openssl/pem.h pem_info.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h pem_info.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pem_info.o: ../../include/openssl/rc5.h -pem_info.o: ../../include/openssl/rijndael-alg-fst.h +pem_info.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h pem_info.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h pem_info.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h pem_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -159,12 +158,12 @@ pem_lib.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h pem_lib.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h pem_lib.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h pem_lib.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pem_lib.o: ../../include/openssl/rijndael-alg-fst.h -pem_lib.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -pem_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pem_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pem_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -pem_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +pem_lib.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +pem_lib.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +pem_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pem_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pem_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +pem_lib.o: ../cryptlib.h pem_seal.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h pem_seal.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h pem_seal.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -181,12 +180,12 @@ pem_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/pem.h pem_seal.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h pem_seal.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h pem_seal.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pem_seal.o: ../../include/openssl/rijndael-alg-fst.h -pem_seal.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -pem_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pem_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pem_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -pem_seal.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +pem_seal.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +pem_seal.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +pem_seal.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pem_seal.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pem_seal.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +pem_seal.o: ../cryptlib.h pem_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h pem_sign.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h pem_sign.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -203,9 +202,9 @@ pem_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/pem.h pem_sign.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h pem_sign.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h pem_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pem_sign.o: ../../include/openssl/rijndael-alg-fst.h -pem_sign.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -pem_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pem_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pem_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -pem_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +pem_sign.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +pem_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +pem_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pem_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pem_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +pem_sign.o: ../cryptlib.h diff --git a/crypto/perlasm/x86unix.pl b/crypto/perlasm/x86unix.pl index 309060ea00..61b0311c92 100644 --- a/crypto/perlasm/x86unix.pl +++ b/crypto/perlasm/x86unix.pl @@ -3,6 +3,8 @@ package x86unix; $label="L000"; +$const=""; +$constl=0; $align=($main'aout)?"4":"16"; $under=($main'aout)?"_":""; @@ -341,9 +343,12 @@ sub main'function_end popl %ebx popl %ebp ret +$const .${func}_end: EOF push(@out,$tmp); + $const=""; + if ($main'cpp) { push(@out,"\tSIZE($func,.${func}_end-$func)\n"); } elsif ($main'gaswin) @@ -459,3 +464,75 @@ sub main'data_word { push(@out,"\t.long $_[0]\n"); } + +# debug output functions: puts, putx, printf + +sub main'puts + { + &pushvars(); + &main'push('$Lstring' . ++$constl); + &main'call('puts'); + $stack-=4; + &main'add("esp",4); + &popvars(); + + $const .= "Lstring$constl:\n\t.string \"@_[0]\"\n"; + } + +sub main'putx + { + &pushvars(); + &main'push($_[0]); + &main'push('$Lstring' . ++$constl); + &main'call('printf'); + &main'add("esp",8); + $stack-=8; + &popvars(); + + $const .= "Lstring$constl:\n\t.string \"\%X\"\n"; + } + +sub main'printf + { + $ostack = $stack; + &pushvars(); + for ($i = @_ - 1; $i >= 0; $i--) + { + if ($i == 0) # change this to support %s format strings + { + &main'push('$Lstring' . ++$constl); + $const .= "Lstring$constl:\n\t.string \"@_[$i]\"\n"; + } + else + { + if ($_[$i] =~ /([0-9]*)\(%esp\)/) + { + &main'push(($1 + $stack - $ostack) . '(%esp)'); + } + else + { + &main'push($_[$i]); + } + } + } + &main'call('printf'); + $stack-=4*@_; + &main'add("esp",4*@_); + &popvars(); + } + +sub pushvars + { + &out0("pushf"); + &main'push("edx"); + &main'push("ecx"); + &main'push("eax"); + } + +sub popvars + { + &main'pop("eax"); + &main'pop("ecx"); + &main'pop("edx"); + &out0("popf"); + } diff --git a/crypto/pkcs12/Makefile.ssl b/crypto/pkcs12/Makefile.ssl index b28e441287..794185354e 100644 --- a/crypto/pkcs12/Makefile.ssl +++ b/crypto/pkcs12/Makefile.ssl @@ -99,7 +99,7 @@ p12_add.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p12_add.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p12_add.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h p12_add.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_add.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +p12_add.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h p12_add.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h p12_add.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p12_add.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -120,12 +120,12 @@ p12_asn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p12_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h p12_asn.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h p12_asn.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_asn.o: ../../include/openssl/rijndael-alg-fst.h -p12_asn.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p12_asn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_asn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_asn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p12_asn.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +p12_asn.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +p12_asn.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p12_asn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p12_asn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p12_asn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p12_asn.o: ../cryptlib.h p12_attr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h p12_attr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h p12_attr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -141,12 +141,12 @@ p12_attr.o: ../../include/openssl/opensslconf.h p12_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h p12_attr.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h p12_attr.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_attr.o: ../../include/openssl/rijndael-alg-fst.h -p12_attr.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p12_attr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_attr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_attr.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p12_attr.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +p12_attr.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +p12_attr.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p12_attr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p12_attr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p12_attr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p12_attr.o: ../cryptlib.h p12_crpt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h p12_crpt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h p12_crpt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -162,12 +162,12 @@ p12_crpt.o: ../../include/openssl/opensslconf.h p12_crpt.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h p12_crpt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h p12_crpt.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_crpt.o: ../../include/openssl/rijndael-alg-fst.h -p12_crpt.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p12_crpt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_crpt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_crpt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p12_crpt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +p12_crpt.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +p12_crpt.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p12_crpt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p12_crpt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p12_crpt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p12_crpt.o: ../cryptlib.h p12_crt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h p12_crt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h p12_crt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -182,7 +182,7 @@ p12_crt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p12_crt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p12_crt.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h p12_crt.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_crt.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +p12_crt.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h p12_crt.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h p12_crt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p12_crt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -203,12 +203,12 @@ p12_decr.o: ../../include/openssl/opensslconf.h p12_decr.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h p12_decr.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h p12_decr.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_decr.o: ../../include/openssl/rijndael-alg-fst.h -p12_decr.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p12_decr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_decr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_decr.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p12_decr.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +p12_decr.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +p12_decr.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p12_decr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p12_decr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p12_decr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p12_decr.o: ../cryptlib.h p12_init.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h p12_init.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h p12_init.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -224,12 +224,12 @@ p12_init.o: ../../include/openssl/opensslconf.h p12_init.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h p12_init.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h p12_init.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_init.o: ../../include/openssl/rijndael-alg-fst.h -p12_init.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p12_init.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_init.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_init.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p12_init.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +p12_init.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +p12_init.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p12_init.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p12_init.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p12_init.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p12_init.o: ../cryptlib.h p12_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h p12_key.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h p12_key.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -244,7 +244,7 @@ p12_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p12_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p12_key.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h p12_key.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_key.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +p12_key.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h p12_key.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h p12_key.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p12_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -265,12 +265,12 @@ p12_kiss.o: ../../include/openssl/opensslconf.h p12_kiss.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h p12_kiss.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h p12_kiss.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_kiss.o: ../../include/openssl/rijndael-alg-fst.h -p12_kiss.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p12_kiss.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_kiss.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_kiss.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p12_kiss.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +p12_kiss.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +p12_kiss.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p12_kiss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p12_kiss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p12_kiss.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p12_kiss.o: ../cryptlib.h p12_mutl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h p12_mutl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h p12_mutl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -286,8 +286,7 @@ p12_mutl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p12_mutl.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h p12_mutl.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h p12_mutl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_mutl.o: ../../include/openssl/rc5.h -p12_mutl.o: ../../include/openssl/rijndael-alg-fst.h +p12_mutl.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h p12_mutl.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h p12_mutl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p12_mutl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -308,12 +307,11 @@ p12_npas.o: ../../include/openssl/opensslv.h ../../include/openssl/pem.h p12_npas.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h p12_npas.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h p12_npas.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_npas.o: ../../include/openssl/rijndael-alg-fst.h -p12_npas.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p12_npas.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_npas.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_npas.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p12_npas.o: ../../include/openssl/x509_vfy.h +p12_npas.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +p12_npas.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p12_npas.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p12_npas.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p12_npas.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h p12_utl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h p12_utl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h p12_utl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -328,7 +326,7 @@ p12_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p12_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p12_utl.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h p12_utl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_utl.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +p12_utl.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h p12_utl.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h p12_utl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p12_utl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -348,9 +346,8 @@ pk12err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h pk12err.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h pk12err.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h pk12err.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pk12err.o: ../../include/openssl/rijndael-alg-fst.h -pk12err.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -pk12err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pk12err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pk12err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -pk12err.o: ../../include/openssl/x509_vfy.h +pk12err.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +pk12err.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +pk12err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pk12err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pk12err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h diff --git a/crypto/pkcs7/Makefile.ssl b/crypto/pkcs7/Makefile.ssl index bf0247cda8..ab87fb7056 100644 --- a/crypto/pkcs7/Makefile.ssl +++ b/crypto/pkcs7/Makefile.ssl @@ -114,8 +114,7 @@ pk7_asn1.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h pk7_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h pk7_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h pk7_asn1.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pk7_asn1.o: ../../include/openssl/rc5.h -pk7_asn1.o: ../../include/openssl/rijndael-alg-fst.h +pk7_asn1.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h pk7_asn1.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h pk7_asn1.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h pk7_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -135,8 +134,7 @@ pk7_attr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h pk7_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/pem.h pk7_attr.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h pk7_attr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pk7_attr.o: ../../include/openssl/rc5.h -pk7_attr.o: ../../include/openssl/rijndael-alg-fst.h +pk7_attr.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h pk7_attr.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h pk7_attr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h pk7_attr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -158,13 +156,12 @@ pk7_doit.o: ../../include/openssl/opensslconf.h pk7_doit.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h pk7_doit.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h pk7_doit.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pk7_doit.o: ../../include/openssl/rijndael-alg-fst.h -pk7_doit.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -pk7_doit.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pk7_doit.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pk7_doit.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -pk7_doit.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -pk7_doit.o: ../cryptlib.h +pk7_doit.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +pk7_doit.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +pk7_doit.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pk7_doit.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pk7_doit.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +pk7_doit.o: ../../include/openssl/x509v3.h ../cryptlib.h pk7_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h pk7_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h pk7_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -179,12 +176,12 @@ pk7_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h pk7_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h pk7_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h pk7_lib.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pk7_lib.o: ../../include/openssl/rijndael-alg-fst.h -pk7_lib.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -pk7_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pk7_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pk7_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -pk7_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +pk7_lib.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +pk7_lib.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +pk7_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pk7_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pk7_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +pk7_lib.o: ../cryptlib.h pk7_mime.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h pk7_mime.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h pk7_mime.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -200,12 +197,12 @@ pk7_mime.o: ../../include/openssl/opensslconf.h pk7_mime.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h pk7_mime.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h pk7_mime.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pk7_mime.o: ../../include/openssl/rijndael-alg-fst.h -pk7_mime.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -pk7_mime.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pk7_mime.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pk7_mime.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -pk7_mime.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +pk7_mime.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +pk7_mime.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +pk7_mime.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pk7_mime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pk7_mime.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +pk7_mime.o: ../cryptlib.h pk7_smime.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h pk7_smime.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h pk7_smime.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -221,8 +218,7 @@ pk7_smime.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h pk7_smime.o: ../../include/openssl/opensslconf.h pk7_smime.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h pk7_smime.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pk7_smime.o: ../../include/openssl/rc5.h -pk7_smime.o: ../../include/openssl/rijndael-alg-fst.h +pk7_smime.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h pk7_smime.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h pk7_smime.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h pk7_smime.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -242,8 +238,7 @@ pkcs7err.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h pkcs7err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h pkcs7err.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h pkcs7err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pkcs7err.o: ../../include/openssl/rc5.h -pkcs7err.o: ../../include/openssl/rijndael-alg-fst.h +pkcs7err.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h pkcs7err.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h pkcs7err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h pkcs7err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h diff --git a/crypto/rand/Makefile.ssl b/crypto/rand/Makefile.ssl index a005df2019..712938bcf4 100644 --- a/crypto/rand/Makefile.ssl +++ b/crypto/rand/Makefile.ssl @@ -104,8 +104,7 @@ rand_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h rand_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h rand_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h rand_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -rand_lib.o: ../../include/openssl/rc5.h -rand_lib.o: ../../include/openssl/rijndael-alg-fst.h +rand_lib.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h rand_lib.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h rand_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h rand_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h diff --git a/crypto/rand/rand_win.c b/crypto/rand/rand_win.c index 9f2dcff9a9..f0655803f0 100644 --- a/crypto/rand/rand_win.c +++ b/crypto/rand/rand_win.c @@ -310,7 +310,7 @@ int RAND_poll(void) { if (gen(hProvider, sizeof(buf), buf) != 0) { - RAND_add(buf, sizeof(buf), sizeof(buf)); + RAND_add(buf, sizeof(buf), 0); #ifdef DEBUG printf("randomness from PROV_RSA_FULL\n"); #endif @@ -461,7 +461,7 @@ int RAND_poll(void) hlist.th32ProcessID, hlist.th32HeapID)) { - int entrycnt = 50; + int entrycnt = 80; do RAND_add(&hentry, hentry.dwSize, 5); @@ -570,7 +570,7 @@ static void readtimer(void) DWORD w; LARGE_INTEGER l; static int have_perfc = 1; -#ifndef __GNUC__ +#ifdef _MSC_VER static int have_tsc = 1; DWORD cyclecount; diff --git a/crypto/rijndael/Makefile.ssl b/crypto/rijndael/Makefile.ssl index 01da7ac8b3..6ed8aa3c03 100644 --- a/crypto/rijndael/Makefile.ssl +++ b/crypto/rijndael/Makefile.ssl @@ -28,12 +28,12 @@ TEST= APPS= LIB=$(TOP)/libcrypto.a -LIBSRC=rijndael-alg-fst.c -LIBOBJ=rijndael-alg-fst.o +LIBSRC=rd_fst.c +LIBOBJ=rd_fst.o SRC= $(LIBSRC) -EXHEADER=rijndael-alg-fst.h rijndael.h +EXHEADER=rd_fst.h rijndael.h top: (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) @@ -83,4 +83,4 @@ clean: # DO NOT DELETE THIS LINE -rijndael-alg-fst.o: boxes-fst-corrected.dat rijndael-alg-fst.h +rd_fst.o: boxes-fst-corrected.dat rd_fst.h diff --git a/crypto/rijndael/rijndael.h b/crypto/rijndael/rijndael.h index 34741a83b9..8287ca67c1 100644 --- a/crypto/rijndael/rijndael.h +++ b/crypto/rijndael/rijndael.h @@ -1,4 +1,4 @@ -#include "rijndael-alg-fst.h" +#include "openssl/rd_fst.h" #define RIJNDAEL_MAX_IV 16 diff --git a/crypto/rsa/Makefile.ssl b/crypto/rsa/Makefile.ssl index c34648d3e4..6f18d2bf04 100644 --- a/crypto/rsa/Makefile.ssl +++ b/crypto/rsa/Makefile.ssl @@ -112,7 +112,7 @@ rsa_eay.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h rsa_eay.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h rsa_eay.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h rsa_eay.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -rsa_eay.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +rsa_eay.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h rsa_eay.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h rsa_eay.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h rsa_eay.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -145,7 +145,7 @@ rsa_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h rsa_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h rsa_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h rsa_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -rsa_lib.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +rsa_lib.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h rsa_lib.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h rsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h rsa_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -199,8 +199,7 @@ rsa_saos.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h rsa_saos.o: ../../include/openssl/opensslconf.h rsa_saos.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h rsa_saos.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -rsa_saos.o: ../../include/openssl/rc5.h -rsa_saos.o: ../../include/openssl/rijndael-alg-fst.h +rsa_saos.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h rsa_saos.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h rsa_saos.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h rsa_saos.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -221,12 +220,12 @@ rsa_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h rsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h rsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h rsa_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -rsa_sign.o: ../../include/openssl/rijndael-alg-fst.h -rsa_sign.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -rsa_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -rsa_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -rsa_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -rsa_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +rsa_sign.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +rsa_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +rsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +rsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +rsa_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +rsa_sign.o: ../cryptlib.h rsa_ssl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h rsa_ssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h rsa_ssl.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h index b537b48ca2..a488b80763 100644 --- a/crypto/rsa/rsa.h +++ b/crypto/rsa/rsa.h @@ -78,16 +78,20 @@ typedef struct rsa_st RSA; typedef struct rsa_meth_st { const char *name; - int (*rsa_pub_enc)(int flen,unsigned char *from,unsigned char *to, + int (*rsa_pub_enc)(int flen,const unsigned char *from, + unsigned char *to, RSA *rsa,int padding); - int (*rsa_pub_dec)(int flen,unsigned char *from,unsigned char *to, + int (*rsa_pub_dec)(int flen,const unsigned char *from, + unsigned char *to, RSA *rsa,int padding); - int (*rsa_priv_enc)(int flen,unsigned char *from,unsigned char *to, + int (*rsa_priv_enc)(int flen,const unsigned char *from, + unsigned char *to, RSA *rsa,int padding); - int (*rsa_priv_dec)(int flen,unsigned char *from,unsigned char *to, + int (*rsa_priv_dec)(int flen,const unsigned char *from, + unsigned char *to, RSA *rsa,int padding); - int (*rsa_mod_exp)(BIGNUM *r0,BIGNUM *I,RSA *rsa); /* Can be null */ - int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p, + int (*rsa_mod_exp)(BIGNUM *r0,const BIGNUM *I,RSA *rsa); /* Can be null */ + int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* Can be null */ int (*init)(RSA *rsa); /* called at new */ @@ -101,10 +105,12 @@ typedef struct rsa_meth_st * compatibility this functionality is only enabled if the RSA_FLAG_SIGN_VER * option is set in 'flags'. */ - int (*rsa_sign)(int type, unsigned char *m, unsigned int m_len, - unsigned char *sigret, unsigned int *siglen, RSA *rsa); - int (*rsa_verify)(int dtype, unsigned char *m, unsigned int m_len, - unsigned char *sigbuf, unsigned int siglen, RSA *rsa); + int (*rsa_sign)(int type, + const unsigned char *m, unsigned int m_len, + unsigned char *sigret, unsigned int *siglen, const RSA *rsa); + int (*rsa_verify)(int dtype, + const unsigned char *m, unsigned int m_len, + unsigned char *sigbuf, unsigned int siglen, const RSA *rsa); } RSA_METHOD; @@ -177,26 +183,26 @@ RSA * RSA_new_method(RSA_METHOD *method); #else RSA * RSA_new_method(struct engine_st *engine); #endif -int RSA_size(RSA *); +int RSA_size(const RSA *); RSA * RSA_generate_key(int bits, unsigned long e,void (*callback)(int,int,void *),void *cb_arg); -int RSA_check_key(RSA *); +int RSA_check_key(const RSA *); /* next 4 return -1 on error */ -int RSA_public_encrypt(int flen, unsigned char *from, +int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); -int RSA_private_encrypt(int flen, unsigned char *from, +int RSA_private_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); -int RSA_public_decrypt(int flen, unsigned char *from, +int RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); -int RSA_private_decrypt(int flen, unsigned char *from, +int RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); void RSA_free (RSA *r); -int RSA_flags(RSA *r); +int RSA_flags(const RSA *r); -void RSA_set_default_openssl_method(RSA_METHOD *meth); -RSA_METHOD *RSA_get_default_openssl_method(void); -RSA_METHOD *RSA_get_method(RSA *rsa); +void RSA_set_default_openssl_method(const RSA_METHOD *meth); +const RSA_METHOD *RSA_get_default_openssl_method(void); +const RSA_METHOD *RSA_get_method(const RSA *rsa); #if 0 RSA_METHOD *RSA_set_method(RSA *rsa, RSA_METHOD *meth); #else @@ -207,77 +213,82 @@ int RSA_set_method(RSA *rsa, struct engine_st *engine); int RSA_memory_lock(RSA *r); /* If you have RSAref compiled in. */ -RSA_METHOD *RSA_PKCS1_RSAref(void); +const RSA_METHOD *RSA_PKCS1_RSAref(void); /* these are the actual SSLeay RSA functions */ -RSA_METHOD *RSA_PKCS1_SSLeay(void); +const RSA_METHOD *RSA_PKCS1_SSLeay(void); -RSA_METHOD *RSA_null_method(void); +const RSA_METHOD *RSA_null_method(void); void ERR_load_RSA_strings(void ); -RSA * d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length); -int i2d_RSAPublicKey(RSA *a, unsigned char **pp); -RSA * d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length); -int i2d_RSAPrivateKey(RSA *a, unsigned char **pp); +RSA * d2i_RSAPublicKey(RSA **a, const unsigned char **pp, long length); +int i2d_RSAPublicKey(const RSA *a, unsigned char **pp); +RSA * d2i_RSAPrivateKey(RSA **a, const unsigned char **pp, long length); +int i2d_RSAPrivateKey(const RSA *a, unsigned char **pp); #ifndef NO_FP_API -int RSA_print_fp(FILE *fp, RSA *r,int offset); +int RSA_print_fp(FILE *fp, const RSA *r,int offset); #endif #ifndef NO_BIO -int RSA_print(BIO *bp, RSA *r,int offset); +int RSA_print(BIO *bp, const RSA *r,int offset); #endif -int i2d_RSA_NET(RSA *a, unsigned char **pp, int (*cb)(), int sgckey); -RSA *d2i_RSA_NET(RSA **a, unsigned char **pp, long length, int (*cb)(), int sgckey); +int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey); +RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), int sgckey); -int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)()); -RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)()); +int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, int (*cb)()); +RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int (*cb)()); +/* Naughty internal function required elsewhere, to handle a MS structure + * that is the same as the netscape one :-) */ +RSA *d2i_Netscape_RSA_2(RSA **a, const unsigned char **pp, long length, int (*cb)()); /* The following 2 functions sign and verify a X509_SIG ASN1 object * inside PKCS#1 padded RSA encryption */ -int RSA_sign(int type, unsigned char *m, unsigned int m_len, +int RSA_sign(int type, const unsigned char *m, unsigned int m_len, unsigned char *sigret, unsigned int *siglen, RSA *rsa); -int RSA_verify(int type, unsigned char *m, unsigned int m_len, +int RSA_verify(int type, const unsigned char *m, unsigned int m_len, unsigned char *sigbuf, unsigned int siglen, RSA *rsa); /* The following 2 function sign and verify a ASN1_OCTET_STRING * object inside PKCS#1 padded RSA encryption */ -int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, +int RSA_sign_ASN1_OCTET_STRING(int type, + const unsigned char *m, unsigned int m_len, unsigned char *sigret, unsigned int *siglen, RSA *rsa); -int RSA_verify_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, +int RSA_verify_ASN1_OCTET_STRING(int type, + const unsigned char *m, unsigned int m_len, unsigned char *sigbuf, unsigned int siglen, RSA *rsa); int RSA_blinding_on(RSA *rsa, BN_CTX *ctx); void RSA_blinding_off(RSA *rsa); int RSA_padding_add_PKCS1_type_1(unsigned char *to,int tlen, - unsigned char *f,int fl); + const unsigned char *f,int fl); int RSA_padding_check_PKCS1_type_1(unsigned char *to,int tlen, - unsigned char *f,int fl,int rsa_len); + const unsigned char *f,int fl,int rsa_len); int RSA_padding_add_PKCS1_type_2(unsigned char *to,int tlen, - unsigned char *f,int fl); + const unsigned char *f,int fl); int RSA_padding_check_PKCS1_type_2(unsigned char *to,int tlen, - unsigned char *f,int fl,int rsa_len); + const unsigned char *f,int fl,int rsa_len); int RSA_padding_add_PKCS1_OAEP(unsigned char *to,int tlen, - unsigned char *f,int fl,unsigned char *p, - int pl); + const unsigned char *f,int fl, + const unsigned char *p,int pl); int RSA_padding_check_PKCS1_OAEP(unsigned char *to,int tlen, - unsigned char *f,int fl,int rsa_len, - unsigned char *p,int pl); + const unsigned char *f,int fl,int rsa_len, + const unsigned char *p,int pl); int RSA_padding_add_SSLv23(unsigned char *to,int tlen, - unsigned char *f,int fl); + const unsigned char *f,int fl); int RSA_padding_check_SSLv23(unsigned char *to,int tlen, - unsigned char *f,int fl,int rsa_len); + const unsigned char *f,int fl,int rsa_len); int RSA_padding_add_none(unsigned char *to,int tlen, - unsigned char *f,int fl); + const unsigned char *f,int fl); int RSA_padding_check_none(unsigned char *to,int tlen, - unsigned char *f,int fl,int rsa_len); + const unsigned char *f,int fl,int rsa_len); int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); int RSA_set_ex_data(RSA *r,int idx,void *arg); -void *RSA_get_ex_data(RSA *r, int idx); +void *RSA_get_ex_data(const RSA *r, int idx); /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes diff --git a/crypto/rsa/rsa_asn1.c b/crypto/rsa/rsa_asn1.c index fc8e97edee..0585b241e6 100644 --- a/crypto/rsa/rsa_asn1.c +++ b/crypto/rsa/rsa_asn1.c @@ -106,6 +106,6 @@ ASN1_SEQUENCE_cb(RSAPublicKey, rsa_cb) = { ASN1_SIMPLE(RSA, e, BIGNUM), } ASN1_SEQUENCE_END_cb(RSA, RSAPublicKey); -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(RSA, RSAPrivateKey, RSAPrivateKey) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPrivateKey, RSAPrivateKey) -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(RSA, RSAPublicKey, RSAPublicKey) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPublicKey, RSAPublicKey) diff --git a/crypto/rsa/rsa_chk.c b/crypto/rsa/rsa_chk.c index 91b9115798..002f2cb487 100644 --- a/crypto/rsa/rsa_chk.c +++ b/crypto/rsa/rsa_chk.c @@ -53,7 +53,7 @@ #include <openssl/rsa.h> -int RSA_check_key(RSA *key) +int RSA_check_key(const RSA *key) { BIGNUM *i, *j, *k, *l, *m; BN_CTX *ctx; diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c index 8b8a1e279a..37baaacfc7 100644 --- a/crypto/rsa/rsa_eay.c +++ b/crypto/rsa/rsa_eay.c @@ -65,15 +65,15 @@ #ifndef RSA_NULL -static int RSA_eay_public_encrypt(int flen, unsigned char *from, +static int RSA_eay_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); -static int RSA_eay_private_encrypt(int flen, unsigned char *from, +static int RSA_eay_private_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); -static int RSA_eay_public_decrypt(int flen, unsigned char *from, +static int RSA_eay_public_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); -static int RSA_eay_private_decrypt(int flen, unsigned char *from, +static int RSA_eay_private_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); -static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *i, RSA *rsa); +static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *i, RSA *rsa); static int RSA_eay_init(RSA *rsa); static int RSA_eay_finish(RSA *rsa); static RSA_METHOD rsa_pkcs1_eay_meth={ @@ -90,12 +90,12 @@ static RSA_METHOD rsa_pkcs1_eay_meth={ NULL, }; -RSA_METHOD *RSA_PKCS1_SSLeay(void) +const RSA_METHOD *RSA_PKCS1_SSLeay(void) { return(&rsa_pkcs1_eay_meth); } -static int RSA_eay_public_encrypt(int flen, unsigned char *from, +static int RSA_eay_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { const RSA_METHOD *meth; @@ -169,7 +169,7 @@ err: return(r); } -static int RSA_eay_private_encrypt(int flen, unsigned char *from, +static int RSA_eay_private_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { const RSA_METHOD *meth; @@ -247,7 +247,7 @@ err: return(r); } -static int RSA_eay_private_decrypt(int flen, unsigned char *from, +static int RSA_eay_private_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { const RSA_METHOD *meth; @@ -342,7 +342,7 @@ err: return(r); } -static int RSA_eay_public_decrypt(int flen, unsigned char *from, +static int RSA_eay_public_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { const RSA_METHOD *meth; @@ -416,7 +416,7 @@ err: return(r); } -static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa) +static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) { const RSA_METHOD *meth; BIGNUM r1,m1; diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index 5e1e8fcdf3..d09dbd4a33 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -66,7 +66,7 @@ const char *RSA_version="RSA" OPENSSL_VERSION_PTEXT; -static RSA_METHOD *default_RSA_meth=NULL; +static const RSA_METHOD *default_RSA_meth=NULL; static int rsa_meth_num=0; static STACK_OF(CRYPTO_EX_DATA_FUNCS) *rsa_meth=NULL; @@ -75,7 +75,7 @@ RSA *RSA_new(void) return(RSA_new_method(NULL)); } -void RSA_set_default_openssl_method(RSA_METHOD *meth) +void RSA_set_default_openssl_method(const RSA_METHOD *meth) { ENGINE *e; /* We'll need to notify the "openssl" ENGINE of this @@ -94,14 +94,14 @@ void RSA_set_default_openssl_method(RSA_METHOD *meth) } } -RSA_METHOD *RSA_get_default_openssl_method(void) +const RSA_METHOD *RSA_get_default_openssl_method(void) { if (default_RSA_meth == NULL) { #ifdef RSA_NULL default_RSA_meth=RSA_null_method(); #else -#ifdef RSAref +#if 0 /* was: #ifdef RSAref */ default_RSA_meth=RSA_PKCS1_RSAref(); #else default_RSA_meth=RSA_PKCS1_SSLeay(); @@ -112,7 +112,7 @@ RSA_METHOD *RSA_get_default_openssl_method(void) return default_RSA_meth; } -RSA_METHOD *RSA_get_method(RSA *rsa) +const RSA_METHOD *RSA_get_method(const RSA *rsa) { return ENGINE_get_RSA(rsa->engine); } @@ -131,7 +131,7 @@ RSA_METHOD *RSA_set_method(RSA *rsa, RSA_METHOD *meth) int RSA_set_method(RSA *rsa, ENGINE *engine) { ENGINE *mtmp; - RSA_METHOD *meth; + const RSA_METHOD *meth; mtmp = rsa->engine; meth = ENGINE_get_RSA(mtmp); if (!ENGINE_init(engine)) @@ -152,7 +152,7 @@ RSA *RSA_new_method(RSA_METHOD *meth) RSA *RSA_new_method(ENGINE *engine) #endif { - RSA_METHOD *meth; + const RSA_METHOD *meth; RSA *ret; ret=(RSA *)OPENSSL_malloc(sizeof(RSA)); @@ -191,19 +191,19 @@ RSA *RSA_new_method(ENGINE *engine) ret->blinding=NULL; ret->bignum_data=NULL; ret->flags=meth->flags; + CRYPTO_new_ex_data(rsa_meth,ret,&ret->ex_data); if ((meth->init != NULL) && !meth->init(ret)) { + CRYPTO_free_ex_data(rsa_meth, ret, &ret->ex_data); OPENSSL_free(ret); ret=NULL; } - else - CRYPTO_new_ex_data(rsa_meth,ret,&ret->ex_data); return(ret); } void RSA_free(RSA *r) { - RSA_METHOD *meth; + const RSA_METHOD *meth; int i; if (r == NULL) return; @@ -221,13 +221,13 @@ void RSA_free(RSA *r) } #endif - CRYPTO_free_ex_data(rsa_meth,r,&r->ex_data); - meth = ENGINE_get_RSA(r->engine); if (meth->finish != NULL) meth->finish(r); ENGINE_finish(r->engine); + CRYPTO_free_ex_data(rsa_meth,r,&r->ex_data); + if (r->n != NULL) BN_clear_free(r->n); if (r->e != NULL) BN_clear_free(r->e); if (r->d != NULL) BN_clear_free(r->d); @@ -254,45 +254,45 @@ int RSA_set_ex_data(RSA *r, int idx, void *arg) return(CRYPTO_set_ex_data(&r->ex_data,idx,arg)); } -void *RSA_get_ex_data(RSA *r, int idx) +void *RSA_get_ex_data(const RSA *r, int idx) { return(CRYPTO_get_ex_data(&r->ex_data,idx)); } -int RSA_size(RSA *r) +int RSA_size(const RSA *r) { return(BN_num_bytes(r->n)); } -int RSA_public_encrypt(int flen, unsigned char *from, unsigned char *to, +int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { return(ENGINE_get_RSA(rsa->engine)->rsa_pub_enc(flen, from, to, rsa, padding)); } -int RSA_private_encrypt(int flen, unsigned char *from, unsigned char *to, +int RSA_private_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { return(ENGINE_get_RSA(rsa->engine)->rsa_priv_enc(flen, from, to, rsa, padding)); } -int RSA_private_decrypt(int flen, unsigned char *from, unsigned char *to, +int RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { return(ENGINE_get_RSA(rsa->engine)->rsa_priv_dec(flen, from, to, rsa, padding)); } -int RSA_public_decrypt(int flen, unsigned char *from, unsigned char *to, +int RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { return(ENGINE_get_RSA(rsa->engine)->rsa_pub_dec(flen, from, to, rsa, padding)); } -int RSA_flags(RSA *r) +int RSA_flags(const RSA *r) { return((r == NULL)?0:ENGINE_get_RSA(r->engine)->flags); } diff --git a/crypto/rsa/rsa_none.c b/crypto/rsa/rsa_none.c index f22fce5016..e6f3e627ca 100644 --- a/crypto/rsa/rsa_none.c +++ b/crypto/rsa/rsa_none.c @@ -62,8 +62,8 @@ #include <openssl/rsa.h> #include <openssl/rand.h> -int RSA_padding_add_none(unsigned char *to, int tlen, unsigned char *from, - int flen) +int RSA_padding_add_none(unsigned char *to, int tlen, + const unsigned char *from, int flen) { if (flen > tlen) { @@ -81,8 +81,8 @@ int RSA_padding_add_none(unsigned char *to, int tlen, unsigned char *from, return(1); } -int RSA_padding_check_none(unsigned char *to, int tlen, unsigned char *from, - int flen, int num) +int RSA_padding_check_none(unsigned char *to, int tlen, + const unsigned char *from, int flen, int num) { if (flen > tlen) diff --git a/crypto/rsa/rsa_null.c b/crypto/rsa/rsa_null.c index 7b58a0eca3..64057fbdcf 100644 --- a/crypto/rsa/rsa_null.c +++ b/crypto/rsa/rsa_null.c @@ -69,16 +69,16 @@ * operations (like storing RSA keys) are permitted. */ -static int RSA_null_public_encrypt(int flen, unsigned char *from, +static int RSA_null_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); -static int RSA_null_private_encrypt(int flen, unsigned char *from, +static int RSA_null_private_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); -static int RSA_null_public_decrypt(int flen, unsigned char *from, +static int RSA_null_public_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); -static int RSA_null_private_decrypt(int flen, unsigned char *from, +static int RSA_null_private_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); #if 0 /* not currently used */ -static int RSA_null_mod_exp(BIGNUM *r0, BIGNUM *i, RSA *rsa); +static int RSA_null_mod_exp(const BIGNUM *r0, const BIGNUM *i, RSA *rsa); #endif static int RSA_null_init(RSA *rsa); static int RSA_null_finish(RSA *rsa); @@ -88,40 +88,41 @@ static RSA_METHOD rsa_null_meth={ RSA_null_public_decrypt, RSA_null_private_encrypt, RSA_null_private_decrypt, - NULL, NULL, + NULL, + NULL, RSA_null_init, RSA_null_finish, 0, NULL, }; -RSA_METHOD *RSA_null_method(void) +const RSA_METHOD *RSA_null_method(void) { return(&rsa_null_meth); } -static int RSA_null_public_encrypt(int flen, unsigned char *from, +static int RSA_null_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); return -1; } -static int RSA_null_private_encrypt(int flen, unsigned char *from, +static int RSA_null_private_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); return -1; } -static int RSA_null_private_decrypt(int flen, unsigned char *from, +static int RSA_null_private_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); return -1; } -static int RSA_null_public_decrypt(int flen, unsigned char *from, +static int RSA_null_public_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c index fd0b7f361f..8d306d1ead 100644 --- a/crypto/rsa/rsa_oaep.c +++ b/crypto/rsa/rsa_oaep.c @@ -2,7 +2,22 @@ /* Written by Ulf Moeller. This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. */ -/* EME_OAEP as defined in RFC 2437 (PKCS #1 v2.0) */ +/* EME-OAEP as defined in RFC 2437 (PKCS #1 v2.0) */ + +/* See Victor Shoup, "OAEP reconsidered," Nov. 2000, + * <URL: http://www.shoup.net/papers/oaep.ps.Z> + * for problems with the security proof for the + * original OAEP scheme, which EME-OAEP is based on. + * + * Note that for RSA OAEP a security proof in the + * random oracle model *does* exist if 160 < log_2(N/e); + * cf. section 7.2 ("But RSA-OAEP with exponent 3 is + * provably secure") of Shoup's paper. (The slight + * differences between the OAEP definition used by Shoup + * and OAEP as defined in RFC 2437 should not affect + * this result.) + */ + #if !defined(NO_SHA) && !defined(NO_SHA1) #include <stdio.h> @@ -12,10 +27,12 @@ #include <openssl/sha.h> #include <openssl/rand.h> -int MGF1(unsigned char *mask, long len, unsigned char *seed, long seedlen); +int MGF1(unsigned char *mask, long len, + const unsigned char *seed, long seedlen); int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, - unsigned char *from, int flen, unsigned char *param, int plen) + const unsigned char *from, int flen, + const unsigned char *param, int plen) { int i, emlen = tlen - 1; unsigned char *db, *seed; @@ -71,11 +88,11 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, } int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, - unsigned char *from, int flen, int num, unsigned char *param, - int plen) + const unsigned char *from, int flen, int num, + const unsigned char *param, int plen) { int i, dblen, mlen = -1; - unsigned char *maskeddb; + const unsigned char *maskeddb; int lzero; unsigned char *db, seed[SHA_DIGEST_LENGTH], phash[SHA_DIGEST_LENGTH]; @@ -132,7 +149,8 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, return (mlen); } -int MGF1(unsigned char *mask, long len, unsigned char *seed, long seedlen) +int MGF1(unsigned char *mask, long len, + const unsigned char *seed, long seedlen) { long i, outlen = 0; unsigned char cnt[4]; diff --git a/crypto/rsa/rsa_pk1.c b/crypto/rsa/rsa_pk1.c index 48a32bc264..c1edd6764f 100644 --- a/crypto/rsa/rsa_pk1.c +++ b/crypto/rsa/rsa_pk1.c @@ -63,7 +63,7 @@ #include <openssl/rand.h> int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen, - unsigned char *from, int flen) + const unsigned char *from, int flen) { int j; unsigned char *p; @@ -89,10 +89,10 @@ int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen, } int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen, - unsigned char *from, int flen, int num) + const unsigned char *from, int flen, int num) { int i,j; - unsigned char *p; + const unsigned char *p; p=from; if ((num != (flen+1)) || (*(p++) != 01)) @@ -141,7 +141,7 @@ int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen, } int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen, - unsigned char *from, int flen) + const unsigned char *from, int flen) { int i,j; unsigned char *p; @@ -179,10 +179,10 @@ int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen, } int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, - unsigned char *from, int flen, int num) + const unsigned char *from, int flen, int num) { int i,j; - unsigned char *p; + const unsigned char *p; p=from; if ((num != (flen+1)) || (*(p++) != 02)) diff --git a/crypto/rsa/rsa_saos.c b/crypto/rsa/rsa_saos.c index c77f4381ff..85adacc08f 100644 --- a/crypto/rsa/rsa_saos.c +++ b/crypto/rsa/rsa_saos.c @@ -63,8 +63,9 @@ #include <openssl/objects.h> #include <openssl/x509.h> -int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, - unsigned char *sigret, unsigned int *siglen, RSA *rsa) +int RSA_sign_ASN1_OCTET_STRING(int type, + const unsigned char *m, unsigned int m_len, + unsigned char *sigret, unsigned int *siglen, RSA *rsa) { ASN1_OCTET_STRING sig; int i,j,ret=1; @@ -72,7 +73,7 @@ int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, sig.type=V_ASN1_OCTET_STRING; sig.length=m_len; - sig.data=m; + sig.data=(unsigned char *)m; i=i2d_ASN1_OCTET_STRING(&sig,NULL); j=RSA_size(rsa); @@ -100,9 +101,10 @@ int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, return(ret); } -int RSA_verify_ASN1_OCTET_STRING(int dtype, unsigned char *m, - unsigned int m_len, unsigned char *sigbuf, unsigned int siglen, - RSA *rsa) +int RSA_verify_ASN1_OCTET_STRING(int dtype, + const unsigned char *m, + unsigned int m_len, unsigned char *sigbuf, unsigned int siglen, + RSA *rsa) { int i,ret=0; unsigned char *p,*s; diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c index cf00876292..80a22e8abc 100644 --- a/crypto/rsa/rsa_sign.c +++ b/crypto/rsa/rsa_sign.c @@ -67,13 +67,14 @@ /* Size of an SSL signature: MD5+SHA1 */ #define SSL_SIG_LENGTH 36 -int RSA_sign(int type, unsigned char *m, unsigned int m_len, +int RSA_sign(int type, const unsigned char *m, unsigned int m_len, unsigned char *sigret, unsigned int *siglen, RSA *rsa) { X509_SIG sig; ASN1_TYPE parameter; int i,j,ret=1; - unsigned char *p,*s = NULL; + unsigned char *p, *tmps = NULL; + const unsigned char *s = NULL; X509_ALGOR algor; ASN1_OCTET_STRING digest; if(rsa->flags & RSA_FLAG_SIGN_VER) @@ -105,7 +106,7 @@ int RSA_sign(int type, unsigned char *m, unsigned int m_len, sig.algor->parameter= ¶meter; sig.digest= &digest; - sig.digest->data=m; + sig.digest->data=(unsigned char *)m; /* TMP UGLY CAST */ sig.digest->length=m_len; i=i2d_X509_SIG(&sig,NULL); @@ -117,14 +118,15 @@ int RSA_sign(int type, unsigned char *m, unsigned int m_len, return(0); } if(type != NID_md5_sha1) { - s=(unsigned char *)OPENSSL_malloc((unsigned int)j+1); - if (s == NULL) + tmps=(unsigned char *)OPENSSL_malloc((unsigned int)j+1); + if (tmps == NULL) { RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE); return(0); } - p=s; + p=tmps; i2d_X509_SIG(&sig,&p); + s=tmps; } i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING); if (i <= 0) @@ -133,13 +135,13 @@ int RSA_sign(int type, unsigned char *m, unsigned int m_len, *siglen=i; if(type != NID_md5_sha1) { - memset(s,0,(unsigned int)j+1); - OPENSSL_free(s); + memset(tmps,0,(unsigned int)j+1); + OPENSSL_free(tmps); } return(ret); } -int RSA_verify(int dtype, unsigned char *m, unsigned int m_len, +int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, unsigned char *sigbuf, unsigned int siglen, RSA *rsa) { int i,ret=0,sigtype; diff --git a/crypto/rsa/rsa_ssl.c b/crypto/rsa/rsa_ssl.c index 482f4a8273..ea72629494 100644 --- a/crypto/rsa/rsa_ssl.c +++ b/crypto/rsa/rsa_ssl.c @@ -62,8 +62,8 @@ #include <openssl/rsa.h> #include <openssl/rand.h> -int RSA_padding_add_SSLv23(unsigned char *to, int tlen, unsigned char *from, - int flen) +int RSA_padding_add_SSLv23(unsigned char *to, int tlen, + const unsigned char *from, int flen) { int i,j; unsigned char *p; @@ -102,11 +102,11 @@ int RSA_padding_add_SSLv23(unsigned char *to, int tlen, unsigned char *from, return(1); } -int RSA_padding_check_SSLv23(unsigned char *to, int tlen, unsigned char *from, - int flen, int num) +int RSA_padding_check_SSLv23(unsigned char *to, int tlen, + const unsigned char *from, int flen, int num) { int i,j,k; - unsigned char *p; + const unsigned char *p; p=from; if (flen < 10) diff --git a/crypto/stack/safestack.h b/crypto/stack/safestack.h index c070bbe0f9..67bce3f5ea 100644 --- a/crypto/stack/safestack.h +++ b/crypto/stack/safestack.h @@ -504,6 +504,46 @@ STACK_OF(type) \ #define sk_NAME_FUNCS_pop(st) SKM_sk_pop(NAME_FUNCS, (st)) #define sk_NAME_FUNCS_sort(st) SKM_sk_sort(NAME_FUNCS, (st)) +#define sk_OCSP_ONEREQ_new(st) SKM_sk_new(OCSP_ONEREQ, (st)) +#define sk_OCSP_ONEREQ_new_null() SKM_sk_new_null(OCSP_ONEREQ) +#define sk_OCSP_ONEREQ_free(st) SKM_sk_free(OCSP_ONEREQ, (st)) +#define sk_OCSP_ONEREQ_num(st) SKM_sk_num(OCSP_ONEREQ, (st)) +#define sk_OCSP_ONEREQ_value(st, i) SKM_sk_value(OCSP_ONEREQ, (st), (i)) +#define sk_OCSP_ONEREQ_set(st, i, val) SKM_sk_set(OCSP_ONEREQ, (st), (i), (val)) +#define sk_OCSP_ONEREQ_zero(st) SKM_sk_zero(OCSP_ONEREQ, (st)) +#define sk_OCSP_ONEREQ_push(st, val) SKM_sk_push(OCSP_ONEREQ, (st), (val)) +#define sk_OCSP_ONEREQ_unshift(st, val) SKM_sk_unshift(OCSP_ONEREQ, (st), (val)) +#define sk_OCSP_ONEREQ_find(st, val) SKM_sk_find(OCSP_ONEREQ, (st), (val)) +#define sk_OCSP_ONEREQ_delete(st, i) SKM_sk_delete(OCSP_ONEREQ, (st), (i)) +#define sk_OCSP_ONEREQ_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_ONEREQ, (st), (ptr)) +#define sk_OCSP_ONEREQ_insert(st, val, i) SKM_sk_insert(OCSP_ONEREQ, (st), (val), (i)) +#define sk_OCSP_ONEREQ_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_ONEREQ, (st), (cmp)) +#define sk_OCSP_ONEREQ_dup(st) SKM_sk_dup(OCSP_ONEREQ, st) +#define sk_OCSP_ONEREQ_pop_free(st, free_func) SKM_sk_pop_free(OCSP_ONEREQ, (st), (free_func)) +#define sk_OCSP_ONEREQ_shift(st) SKM_sk_shift(OCSP_ONEREQ, (st)) +#define sk_OCSP_ONEREQ_pop(st) SKM_sk_pop(OCSP_ONEREQ, (st)) +#define sk_OCSP_ONEREQ_sort(st) SKM_sk_sort(OCSP_ONEREQ, (st)) + +#define sk_OCSP_SINGLERESP_new(st) SKM_sk_new(OCSP_SINGLERESP, (st)) +#define sk_OCSP_SINGLERESP_new_null() SKM_sk_new_null(OCSP_SINGLERESP) +#define sk_OCSP_SINGLERESP_free(st) SKM_sk_free(OCSP_SINGLERESP, (st)) +#define sk_OCSP_SINGLERESP_num(st) SKM_sk_num(OCSP_SINGLERESP, (st)) +#define sk_OCSP_SINGLERESP_value(st, i) SKM_sk_value(OCSP_SINGLERESP, (st), (i)) +#define sk_OCSP_SINGLERESP_set(st, i, val) SKM_sk_set(OCSP_SINGLERESP, (st), (i), (val)) +#define sk_OCSP_SINGLERESP_zero(st) SKM_sk_zero(OCSP_SINGLERESP, (st)) +#define sk_OCSP_SINGLERESP_push(st, val) SKM_sk_push(OCSP_SINGLERESP, (st), (val)) +#define sk_OCSP_SINGLERESP_unshift(st, val) SKM_sk_unshift(OCSP_SINGLERESP, (st), (val)) +#define sk_OCSP_SINGLERESP_find(st, val) SKM_sk_find(OCSP_SINGLERESP, (st), (val)) +#define sk_OCSP_SINGLERESP_delete(st, i) SKM_sk_delete(OCSP_SINGLERESP, (st), (i)) +#define sk_OCSP_SINGLERESP_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_SINGLERESP, (st), (ptr)) +#define sk_OCSP_SINGLERESP_insert(st, val, i) SKM_sk_insert(OCSP_SINGLERESP, (st), (val), (i)) +#define sk_OCSP_SINGLERESP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_SINGLERESP, (st), (cmp)) +#define sk_OCSP_SINGLERESP_dup(st) SKM_sk_dup(OCSP_SINGLERESP, st) +#define sk_OCSP_SINGLERESP_pop_free(st, free_func) SKM_sk_pop_free(OCSP_SINGLERESP, (st), (free_func)) +#define sk_OCSP_SINGLERESP_shift(st) SKM_sk_shift(OCSP_SINGLERESP, (st)) +#define sk_OCSP_SINGLERESP_pop(st) SKM_sk_pop(OCSP_SINGLERESP, (st)) +#define sk_OCSP_SINGLERESP_sort(st) SKM_sk_sort(OCSP_SINGLERESP, (st)) + #define sk_PKCS12_SAFEBAG_new(st) SKM_sk_new(PKCS12_SAFEBAG, (st)) #define sk_PKCS12_SAFEBAG_new_null() SKM_sk_new_null(PKCS12_SAFEBAG) #define sk_PKCS12_SAFEBAG_free(st) SKM_sk_free(PKCS12_SAFEBAG, (st)) @@ -1018,6 +1058,24 @@ STACK_OF(type) \ #define ASN1_seq_unpack_GENERAL_NAME(buf, len, d2i_func, free_func) \ SKM_ASN1_seq_unpack(GENERAL_NAME, (buf), (len), (d2i_func), (free_func)) +#define d2i_ASN1_SET_OF_OCSP_ONEREQ(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ + SKM_ASN1_SET_OF_d2i(OCSP_ONEREQ, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) +#define i2d_ASN1_SET_OF_OCSP_ONEREQ(st, pp, i2d_func, ex_tag, ex_class, is_set) \ + SKM_ASN1_SET_OF_i2d(OCSP_ONEREQ, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set)) +#define ASN1_seq_pack_OCSP_ONEREQ(st, i2d_func, buf, len) \ + SKM_ASN1_seq_pack(OCSP_ONEREQ, (st), (i2d_func), (buf), (len)) +#define ASN1_seq_unpack_OCSP_ONEREQ(buf, len, d2i_func, free_func) \ + SKM_ASN1_seq_unpack(OCSP_ONEREQ, (buf), (len), (d2i_func), (free_func)) + +#define d2i_ASN1_SET_OF_OCSP_SINGLERESP(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ + SKM_ASN1_SET_OF_d2i(OCSP_SINGLERESP, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) +#define i2d_ASN1_SET_OF_OCSP_SINGLERESP(st, pp, i2d_func, ex_tag, ex_class, is_set) \ + SKM_ASN1_SET_OF_i2d(OCSP_SINGLERESP, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set)) +#define ASN1_seq_pack_OCSP_SINGLERESP(st, i2d_func, buf, len) \ + SKM_ASN1_seq_pack(OCSP_SINGLERESP, (st), (i2d_func), (buf), (len)) +#define ASN1_seq_unpack_OCSP_SINGLERESP(buf, len, d2i_func, free_func) \ + SKM_ASN1_seq_unpack(OCSP_SINGLERESP, (buf), (len), (d2i_func), (free_func)) + #define d2i_ASN1_SET_OF_PKCS12_SAFEBAG(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ SKM_ASN1_SET_OF_d2i(PKCS12_SAFEBAG, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) #define i2d_ASN1_SET_OF_PKCS12_SAFEBAG(st, pp, i2d_func, ex_tag, ex_class, is_set) \ diff --git a/crypto/txt_db/txt_db.c b/crypto/txt_db/txt_db.c index 3b04fe280c..eb13f6040a 100644 --- a/crypto/txt_db/txt_db.c +++ b/crypto/txt_db/txt_db.c @@ -211,7 +211,7 @@ char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value) } int TXT_DB_create_index(TXT_DB *db, int field, int (*qual)(), - unsigned long (*hash)(), int (*cmp)()) + LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp) { LHASH *idx; char *r; diff --git a/crypto/txt_db/txt_db.h b/crypto/txt_db/txt_db.h index 342533d40d..e530af6605 100644 --- a/crypto/txt_db/txt_db.h +++ b/crypto/txt_db/txt_db.h @@ -96,7 +96,7 @@ TXT_DB *TXT_DB_read(char *in, int num); long TXT_DB_write(char *out, TXT_DB *db); #endif int TXT_DB_create_index(TXT_DB *db,int field,int (*qual)(), - unsigned long (*hash)(),int (*cmp)()); + LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp); void TXT_DB_free(TXT_DB *db); char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value); int TXT_DB_insert(TXT_DB *db,char **value); diff --git a/crypto/x509/Makefile.ssl b/crypto/x509/Makefile.ssl index 848364de9e..c3ee997b8b 100644 --- a/crypto/x509/Makefile.ssl +++ b/crypto/x509/Makefile.ssl @@ -103,12 +103,12 @@ by_dir.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h by_dir.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h by_dir.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h by_dir.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -by_dir.o: ../../include/openssl/rijndael-alg-fst.h -by_dir.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -by_dir.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -by_dir.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -by_dir.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -by_dir.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +by_dir.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +by_dir.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +by_dir.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +by_dir.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +by_dir.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +by_dir.o: ../cryptlib.h by_file.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h by_file.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h by_file.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -124,12 +124,12 @@ by_file.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h by_file.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h by_file.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h by_file.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -by_file.o: ../../include/openssl/rijndael-alg-fst.h -by_file.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -by_file.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -by_file.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -by_file.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -by_file.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +by_file.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +by_file.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +by_file.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +by_file.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +by_file.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +by_file.o: ../cryptlib.h x509_att.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h x509_att.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h x509_att.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -145,8 +145,7 @@ x509_att.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_att.o: ../../include/openssl/opensslconf.h x509_att.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509_att.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509_att.o: ../../include/openssl/rc5.h -x509_att.o: ../../include/openssl/rijndael-alg-fst.h +x509_att.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509_att.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509_att.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509_att.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -168,8 +167,7 @@ x509_cmp.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_cmp.o: ../../include/openssl/opensslconf.h x509_cmp.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509_cmp.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509_cmp.o: ../../include/openssl/rc5.h -x509_cmp.o: ../../include/openssl/rijndael-alg-fst.h +x509_cmp.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509_cmp.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509_cmp.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509_cmp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -190,12 +188,12 @@ x509_d2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_d2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h x509_d2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h x509_d2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_d2.o: ../../include/openssl/rijndael-alg-fst.h -x509_d2.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -x509_d2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -x509_d2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x509_d2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -x509_d2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +x509_d2.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +x509_d2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +x509_d2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +x509_d2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +x509_d2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +x509_d2.o: ../cryptlib.h x509_def.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h x509_def.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h x509_def.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -210,8 +208,7 @@ x509_def.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_def.o: ../../include/openssl/opensslconf.h x509_def.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509_def.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509_def.o: ../../include/openssl/rc5.h -x509_def.o: ../../include/openssl/rijndael-alg-fst.h +x509_def.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509_def.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509_def.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509_def.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -230,8 +227,7 @@ x509_err.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h x509_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x509_err.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509_err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509_err.o: ../../include/openssl/rc5.h -x509_err.o: ../../include/openssl/rijndael-alg-fst.h +x509_err.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509_err.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509_err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -252,8 +248,7 @@ x509_ext.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_ext.o: ../../include/openssl/opensslconf.h x509_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509_ext.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509_ext.o: ../../include/openssl/rc5.h -x509_ext.o: ../../include/openssl/rijndael-alg-fst.h +x509_ext.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509_ext.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509_ext.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509_ext.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -274,12 +269,12 @@ x509_lu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_lu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h x509_lu.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h x509_lu.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_lu.o: ../../include/openssl/rijndael-alg-fst.h -x509_lu.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -x509_lu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -x509_lu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x509_lu.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -x509_lu.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +x509_lu.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +x509_lu.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +x509_lu.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +x509_lu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +x509_lu.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +x509_lu.o: ../cryptlib.h x509_obj.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h x509_obj.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h x509_obj.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -294,8 +289,7 @@ x509_obj.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_obj.o: ../../include/openssl/opensslconf.h x509_obj.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509_obj.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509_obj.o: ../../include/openssl/rc5.h -x509_obj.o: ../../include/openssl/rijndael-alg-fst.h +x509_obj.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509_obj.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509_obj.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509_obj.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -315,8 +309,7 @@ x509_r2x.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_r2x.o: ../../include/openssl/opensslconf.h x509_r2x.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509_r2x.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509_r2x.o: ../../include/openssl/rc5.h -x509_r2x.o: ../../include/openssl/rijndael-alg-fst.h +x509_r2x.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509_r2x.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509_r2x.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509_r2x.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -337,8 +330,7 @@ x509_req.o: ../../include/openssl/opensslconf.h x509_req.o: ../../include/openssl/opensslv.h ../../include/openssl/pem.h x509_req.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h x509_req.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509_req.o: ../../include/openssl/rc5.h -x509_req.o: ../../include/openssl/rijndael-alg-fst.h +x509_req.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509_req.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -358,8 +350,7 @@ x509_set.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_set.o: ../../include/openssl/opensslconf.h x509_set.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509_set.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509_set.o: ../../include/openssl/rc5.h -x509_set.o: ../../include/openssl/rijndael-alg-fst.h +x509_set.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509_set.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509_set.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509_set.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -380,8 +371,7 @@ x509_trs.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_trs.o: ../../include/openssl/opensslconf.h x509_trs.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509_trs.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509_trs.o: ../../include/openssl/rc5.h -x509_trs.o: ../../include/openssl/rijndael-alg-fst.h +x509_trs.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509_trs.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509_trs.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509_trs.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -402,8 +392,7 @@ x509_txt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_txt.o: ../../include/openssl/opensslconf.h x509_txt.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509_txt.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509_txt.o: ../../include/openssl/rc5.h -x509_txt.o: ../../include/openssl/rijndael-alg-fst.h +x509_txt.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509_txt.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509_txt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509_txt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -424,13 +413,12 @@ x509_v3.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_v3.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h x509_v3.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h x509_v3.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_v3.o: ../../include/openssl/rijndael-alg-fst.h -x509_v3.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -x509_v3.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -x509_v3.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x509_v3.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -x509_v3.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -x509_v3.o: ../cryptlib.h +x509_v3.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +x509_v3.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +x509_v3.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +x509_v3.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +x509_v3.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +x509_v3.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_vfy.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h x509_vfy.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h x509_vfy.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -446,8 +434,7 @@ x509_vfy.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_vfy.o: ../../include/openssl/opensslconf.h x509_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509_vfy.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509_vfy.o: ../../include/openssl/rc5.h -x509_vfy.o: ../../include/openssl/rijndael-alg-fst.h +x509_vfy.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509_vfy.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509_vfy.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509_vfy.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -468,8 +455,7 @@ x509name.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509name.o: ../../include/openssl/opensslconf.h x509name.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509name.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509name.o: ../../include/openssl/rc5.h -x509name.o: ../../include/openssl/rijndael-alg-fst.h +x509name.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509name.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509name.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509name.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -489,8 +475,7 @@ x509rset.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509rset.o: ../../include/openssl/opensslconf.h x509rset.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509rset.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509rset.o: ../../include/openssl/rc5.h -x509rset.o: ../../include/openssl/rijndael-alg-fst.h +x509rset.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509rset.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509rset.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509rset.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -510,8 +495,7 @@ x509spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509spki.o: ../../include/openssl/opensslconf.h x509spki.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509spki.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509spki.o: ../../include/openssl/rc5.h -x509spki.o: ../../include/openssl/rijndael-alg-fst.h +x509spki.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509spki.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509spki.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -531,8 +515,7 @@ x509type.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509type.o: ../../include/openssl/opensslconf.h x509type.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509type.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509type.o: ../../include/openssl/rc5.h -x509type.o: ../../include/openssl/rijndael-alg-fst.h +x509type.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h x509type.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x509type.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509type.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -552,9 +535,9 @@ x_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h x_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h x_all.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x_all.o: ../../include/openssl/rijndael-alg-fst.h -x_all.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -x_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -x_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_all.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -x_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +x_all.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +x_all.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +x_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +x_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +x_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +x_all.o: ../cryptlib.h diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h index 63ed24cee2..82714b7601 100644 --- a/crypto/x509/x509.h +++ b/crypto/x509/x509.h @@ -984,6 +984,7 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase); int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags); int X509_print_ex(BIO *bp,X509 *x, unsigned long nmflag, unsigned long cflag); int X509_print(BIO *bp,X509 *x); +int X509_ocspid_print(BIO *bp,X509 *x); int X509_CERT_AUX_print(BIO *bp,X509_CERT_AUX *x, int indent); int X509_CRL_print(BIO *bp,X509_CRL *x); int X509_REQ_print(BIO *bp,X509_REQ *req); diff --git a/crypto/x509v3/Makefile.ssl b/crypto/x509v3/Makefile.ssl index 5335ff5ae2..0c59c84041 100644 --- a/crypto/x509v3/Makefile.ssl +++ b/crypto/x509v3/Makefile.ssl @@ -98,7 +98,7 @@ v3_akey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h v3_akey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3_akey.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h v3_akey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_akey.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +v3_akey.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h v3_akey.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h v3_akey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h v3_akey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -120,13 +120,12 @@ v3_alt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_alt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_alt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h v3_alt.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_alt.o: ../../include/openssl/rijndael-alg-fst.h -v3_alt.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -v3_alt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_alt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_alt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -v3_alt.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_alt.o: ../cryptlib.h +v3_alt.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +v3_alt.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +v3_alt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_alt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_alt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_alt.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_bcons.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h v3_bcons.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h v3_bcons.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h @@ -142,8 +141,7 @@ v3_bcons.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h v3_bcons.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3_bcons.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h v3_bcons.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_bcons.o: ../../include/openssl/rc5.h -v3_bcons.o: ../../include/openssl/rijndael-alg-fst.h +v3_bcons.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h v3_bcons.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h v3_bcons.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h v3_bcons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -165,8 +163,7 @@ v3_bitst.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_bitst.o: ../../include/openssl/opensslconf.h v3_bitst.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h v3_bitst.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_bitst.o: ../../include/openssl/rc5.h -v3_bitst.o: ../../include/openssl/rijndael-alg-fst.h +v3_bitst.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h v3_bitst.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h v3_bitst.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h v3_bitst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -188,13 +185,12 @@ v3_conf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_conf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_conf.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h v3_conf.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_conf.o: ../../include/openssl/rijndael-alg-fst.h -v3_conf.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -v3_conf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_conf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_conf.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -v3_conf.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_conf.o: ../cryptlib.h +v3_conf.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +v3_conf.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +v3_conf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_conf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_conf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_conf.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_cpols.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h v3_cpols.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h v3_cpols.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h @@ -210,8 +206,7 @@ v3_cpols.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h v3_cpols.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3_cpols.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h v3_cpols.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_cpols.o: ../../include/openssl/rc5.h -v3_cpols.o: ../../include/openssl/rijndael-alg-fst.h +v3_cpols.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h v3_cpols.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h v3_cpols.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h v3_cpols.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -233,7 +228,7 @@ v3_crld.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h v3_crld.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3_crld.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h v3_crld.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_crld.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +v3_crld.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h v3_crld.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h v3_crld.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h v3_crld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -255,13 +250,12 @@ v3_enum.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_enum.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_enum.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h v3_enum.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_enum.o: ../../include/openssl/rijndael-alg-fst.h -v3_enum.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -v3_enum.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_enum.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_enum.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -v3_enum.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_enum.o: ../cryptlib.h +v3_enum.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +v3_enum.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +v3_enum.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_enum.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_enum.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_extku.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h v3_extku.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h v3_extku.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h @@ -277,8 +271,7 @@ v3_extku.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h v3_extku.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3_extku.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h v3_extku.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_extku.o: ../../include/openssl/rc5.h -v3_extku.o: ../../include/openssl/rijndael-alg-fst.h +v3_extku.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h v3_extku.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h v3_extku.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h v3_extku.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -300,7 +293,7 @@ v3_genn.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h v3_genn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3_genn.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h v3_genn.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_genn.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +v3_genn.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h v3_genn.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h v3_genn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h v3_genn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -322,13 +315,12 @@ v3_ia5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_ia5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_ia5.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h v3_ia5.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_ia5.o: ../../include/openssl/rijndael-alg-fst.h -v3_ia5.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -v3_ia5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_ia5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_ia5.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -v3_ia5.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_ia5.o: ../cryptlib.h +v3_ia5.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +v3_ia5.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +v3_ia5.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_ia5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_ia5.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_ia5.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_info.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h v3_info.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h v3_info.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h @@ -344,7 +336,7 @@ v3_info.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h v3_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3_info.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h v3_info.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_info.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +v3_info.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h v3_info.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h v3_info.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h v3_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -366,13 +358,12 @@ v3_int.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_int.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_int.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h v3_int.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_int.o: ../../include/openssl/rijndael-alg-fst.h -v3_int.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -v3_int.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_int.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_int.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -v3_int.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_int.o: ../cryptlib.h +v3_int.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +v3_int.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +v3_int.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_int.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_int.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_int.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h v3_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h v3_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -388,13 +379,12 @@ v3_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h v3_lib.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_lib.o: ../../include/openssl/rijndael-alg-fst.h -v3_lib.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -v3_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -v3_lib.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_lib.o: ../cryptlib.h ext_dat.h +v3_lib.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +v3_lib.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +v3_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_lib.o: ../../include/openssl/x509v3.h ../cryptlib.h ext_dat.h v3_pku.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h v3_pku.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h v3_pku.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h @@ -410,7 +400,7 @@ v3_pku.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h v3_pku.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3_pku.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h v3_pku.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_pku.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +v3_pku.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h v3_pku.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h v3_pku.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h v3_pku.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -432,13 +422,12 @@ v3_prn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_prn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_prn.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h v3_prn.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_prn.o: ../../include/openssl/rijndael-alg-fst.h -v3_prn.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -v3_prn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_prn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_prn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -v3_prn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_prn.o: ../cryptlib.h +v3_prn.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +v3_prn.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +v3_prn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_prn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_prn.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_purp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h v3_purp.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h v3_purp.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -454,13 +443,12 @@ v3_purp.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_purp.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_purp.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h v3_purp.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_purp.o: ../../include/openssl/rijndael-alg-fst.h -v3_purp.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -v3_purp.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_purp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_purp.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -v3_purp.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_purp.o: ../cryptlib.h +v3_purp.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +v3_purp.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +v3_purp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_purp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_purp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_purp.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_skey.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h v3_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h v3_skey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -476,13 +464,12 @@ v3_skey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_skey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h v3_skey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_skey.o: ../../include/openssl/rijndael-alg-fst.h -v3_skey.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -v3_skey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_skey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_skey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -v3_skey.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_skey.o: ../cryptlib.h +v3_skey.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +v3_skey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +v3_skey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_skey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_skey.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_sxnet.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h v3_sxnet.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h v3_sxnet.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h @@ -498,8 +485,7 @@ v3_sxnet.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h v3_sxnet.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3_sxnet.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h v3_sxnet.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_sxnet.o: ../../include/openssl/rc5.h -v3_sxnet.o: ../../include/openssl/rijndael-alg-fst.h +v3_sxnet.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h v3_sxnet.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h v3_sxnet.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h v3_sxnet.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -521,13 +507,12 @@ v3_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_utl.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h v3_utl.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_utl.o: ../../include/openssl/rijndael-alg-fst.h -v3_utl.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -v3_utl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_utl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_utl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -v3_utl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_utl.o: ../cryptlib.h +v3_utl.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +v3_utl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +v3_utl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_utl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_utl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_utl.o: ../../include/openssl/x509v3.h ../cryptlib.h v3err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h v3err.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h v3err.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -542,7 +527,7 @@ v3err.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h v3err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3err.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h v3err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3err.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h +v3err.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h v3err.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h v3err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h v3err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h diff --git a/crypto/x509v3/v3_info.c b/crypto/x509v3/v3_info.c index 543bd4f0be..35d95ad51c 100644 --- a/crypto/x509v3/v3_info.c +++ b/crypto/x509v3/v3_info.c @@ -174,3 +174,12 @@ static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *metho sk_ACCESS_DESCRIPTION_pop_free(ainfo, ACCESS_DESCRIPTION_free); return NULL; } + +int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a) + { + i2a_ASN1_OBJECT(bp, a->method); +#ifdef UNDEF + i2a_GENERAL_NAME(bp, a->location); +#endif + return 2; + } diff --git a/crypto/x509v3/x509v3.h b/crypto/x509v3/x509v3.h index f777f07442..fb70fde1b5 100644 --- a/crypto/x509v3/x509v3.h +++ b/crypto/x509v3/x509v3.h @@ -432,6 +432,7 @@ char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5); ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); DECLARE_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE) +int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a); DECLARE_ASN1_FUNCTIONS(CERTIFICATEPOLICIES) DECLARE_ASN1_FUNCTIONS(POLICYINFO) diff --git a/demos/state_machine/state_machine.c b/demos/state_machine/state_machine.c index 0140fbca70..9cede29350 100644 --- a/demos/state_machine/state_machine.c +++ b/demos/state_machine/state_machine.c @@ -347,7 +347,7 @@ int main(int argc,char **argv) } /* FIXME: we should only extract if stdout is ready */ - n=SSLStateMachine_read_extract(pMachine,buf,n); + n=SSLStateMachine_read_extract(pMachine,buf,sizeof buf); if(n < 0) { SSLStateMachine_print_error(pMachine,"read extract failed"); diff --git a/doc/apps/passwd.pod b/doc/apps/passwd.pod index 6e098940c7..07d849c824 100644 --- a/doc/apps/passwd.pod +++ b/doc/apps/passwd.pod @@ -13,6 +13,7 @@ B<openssl passwd> [B<-salt> I<string>] [B<-in> I<file>] [B<-stdin>] +[B<-noverify>] [B<-quiet>] [B<-table>] {I<password>} @@ -22,7 +23,7 @@ B<openssl passwd> The B<passwd> command computes the hash of a password typed at run-time or the hash of each password in a list. The password list is taken from the named file for option B<-in file>, from stdin for -option B<-stdin>, and from the command line otherwise. +option B<-stdin>, or from the command line, or from the terminal otherwise. The Unix standard algorithm B<crypt> and the MD5-based BSD password algorithm B<1> and its Apache variant B<apr1> are available. @@ -45,6 +46,7 @@ Use the B<apr1> algorithm (Apache variant of the BSD algorithm). =item B<-salt> I<string> Use the specified salt. +When reading a password from the terminal, this implies B<-noverify>. =item B<-in> I<file> @@ -54,6 +56,10 @@ Read passwords from I<file>. Read passwords from B<stdin>. +=item B<-noverify> + +Don't verify when reading a password from the terminal. + =item B<-quiet> Don't output warnings when passwords given at the command line are truncated. diff --git a/doc/crypto/BIO_new_bio_pair.pod b/doc/crypto/BIO_new_bio_pair.pod index 2256ba9d34..58a3fb2a9d 100644 --- a/doc/crypto/BIO_new_bio_pair.pod +++ b/doc/crypto/BIO_new_bio_pair.pod @@ -12,7 +12,8 @@ BIO_new_bio_pair - create a new BIO pair =head1 DESCRIPTION -BIO_new_bio_pair() creates a buffering BIO pair. It has two endpoints between +BIO_new_bio_pair() creates a buffering BIO pair based on the +L<SSL_set_bio(3)|SSL_set_bio(3)> method. The BIO pair has two endpoints between which data can be buffered. Its typical use is to connect one endpoint as underlying input/output BIO to an SSL and access the other one controlled by the program instead of accessing the network connection directly. diff --git a/doc/crypto/BN_add.pod b/doc/crypto/BN_add.pod index 0541d45643..57ae2f17af 100644 --- a/doc/crypto/BN_add.pod +++ b/doc/crypto/BN_add.pod @@ -2,8 +2,9 @@ =head1 NAME -BN_add, BN_sub, BN_mul, BN_div, BN_sqr, BN_mod, BN_mod_mul, BN_exp, -BN_mod_exp, BN_gcd - arithmetic operations on BIGNUMs +BN_add, BN_sub, BN_mul, BN_sqr, BN_div, BN_mod, BN_nnmod, BN_mod_add, +BN_mod_sub, BN_mod_mul, BN_mod_sqr, BN_exp, BN_mod_exp, BN_gcd - +arithmetic operations on BIGNUMs =head1 SYNOPSIS @@ -15,16 +16,26 @@ BN_mod_exp, BN_gcd - arithmetic operations on BIGNUMs int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx); + int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx); + int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d, BN_CTX *ctx); - int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx); - int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); - int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m, + int BN_nnmod(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); + + int BN_mod_add(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m, + BN_CTX *ctx); + + int BN_mod_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m, + BN_CTX *ctx); + + int BN_mod_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); + int BN_mod_sqr(BIGNUM *r, BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); + int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx); int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, @@ -34,45 +45,59 @@ BN_mod_exp, BN_gcd - arithmetic operations on BIGNUMs =head1 DESCRIPTION -BN_add() adds B<a> and B<b> and places the result in B<r> (C<r=a+b>). -B<r> may be the same B<BIGNUM> as B<a> or B<b>. +BN_add() adds I<a> and I<b> and places the result in I<r> (C<r=a+b>). +I<r> may be the same B<BIGNUM> as I<a> or I<b>. -BN_sub() subtracts B<b> from B<a> and places the result in B<r> (C<r=a-b>). +BN_sub() subtracts I<b> from I<a> and places the result in I<r> (C<r=a-b>). -BN_mul() multiplies B<a> and B<b> and places the result in B<r> (C<r=a*b>). -B<r> may be the same B<BIGNUM> as B<a> or B<b>. +BN_mul() multiplies I<a> and I<b> and places the result in I<r> (C<r=a*b>). +I<r> may be the same B<BIGNUM> as I<a> or I<b>. For multiplication by powers of 2, use L<BN_lshift(3)|BN_lshift(3)>. -BN_div() divides B<a> by B<d> and places the result in B<dv> and the -remainder in B<rem> (C<dv=a/d, rem=a%d>). Either of B<dv> and B<rem> may -be NULL, in which case the respective value is not returned. +BN_sqr() takes the square of I<a> and places the result in I<r> +(C<r=a^2>). I<r> and I<a> may be the same B<BIGNUM>. +This function is faster than BN_mul(r,a,a). + +BN_div() divides I<a> by I<d> and places the result in I<dv> and the +remainder in I<rem> (C<dv=a/d, rem=a%d>). Either of I<dv> and I<rem> may +be B<NULL>, in which case the respective value is not returned. +The result is rounded towards zero; thus if I<a> is negative, the +remainder will be zero or negative. For division by powers of 2, use BN_rshift(3). -BN_sqr() takes the square of B<a> and places the result in B<r> -(C<r=a^2>). B<r> and B<a> may be the same B<BIGNUM>. -This function is faster than BN_mul(r,a,a). +BN_mod() corresponds to BN_div() with I<dv> set to B<NULL>. + +BN_nnmod() reduces I<a> modulo I<m> and places the non-negative +remainder in I<r>. + +BN_mod_add() adds I<a> to I<b> modulo I<m> and places the non-negative +result in I<r>. + +BN_mod_sub() substracts I<b> from I<a> modulo I<m> and places the +non-negative result in I<r>. -BN_mod() find the remainder of B<a> divided by B<m> and places it in -B<rem> (C<rem=a%m>). +BN_mod_mul() multiplies I<a> by I<b> and finds the non-negative +remainder respective to modulus I<m> (C<r=(a*b) mod m>). I<r> may be +the same B<BIGNUM> as I<a> or I<b>. For more efficient algorithms for +repeated computations using the same modulus, see +L<BN_mod_mul_montgomery(3)|BN_mod_mul_montgomery(3)> and +L<BN_mod_mul_reciprocal(3)|BN_mod_mul_reciprocal(3)>. -BN_mod_mul() multiplies B<a> by B<b> and finds the remainder when -divided by B<m> (C<r=(a*b)%m>). B<r> may be the same B<BIGNUM> as B<a> -or B<b>. For a more efficient algorithm, see -L<BN_mod_mul_montgomery(3)|BN_mod_mul_montgomery(3)>; for repeated -computations using the same modulus, see L<BN_mod_mul_reciprocal(3)|BN_mod_mul_reciprocal(3)>. +BN_mod_sqr() takes the square of I<a> modulo B<m> and places the +result in I<r>. -BN_exp() raises B<a> to the B<p>-th power and places the result in B<r> +BN_exp() raises I<a> to the I<p>-th power and places the result in I<r> (C<r=a^p>). This function is faster than repeated applications of BN_mul(). -BN_mod_exp() computes B<a> to the B<p>-th power modulo B<m> (C<r=a^p % +BN_mod_exp() computes I<a> to the I<p>-th power modulo I<m> (C<r=a^p % m>). This function uses less time and space than BN_exp(). -BN_gcd() computes the greatest common divisor of B<a> and B<b> and -places the result in B<r>. B<r> may be the same B<BIGNUM> as B<a> or -B<b>. +BN_gcd() computes the greatest common divisor of I<a> and I<b> and +places the result in I<r>. I<r> may be the same B<BIGNUM> as I<a> or +I<b>. -For all functions, B<ctx> is a previously allocated B<BN_CTX> used for +For all functions, I<ctx> is a previously allocated B<BN_CTX> used for temporary variables; see L<BN_CTX_new(3)|BN_CTX_new(3)>. Unless noted otherwise, the result B<BIGNUM> must be different from @@ -91,9 +116,11 @@ L<BN_add_word(3)|BN_add_word(3)>, L<BN_set_bit(3)|BN_set_bit(3)> =head1 HISTORY -BN_add(), BN_sub(), BN_div(), BN_sqr(), BN_mod(), BN_mod_mul(), +BN_add(), BN_sub(), BN_sqr(), BN_div(), BN_mod(), BN_mod_mul(), BN_mod_exp() and BN_gcd() are available in all versions of SSLeay and -OpenSSL. The B<ctx> argument to BN_mul() was added in SSLeay +OpenSSL. The I<ctx> argument to BN_mul() was added in SSLeay 0.9.1b. BN_exp() appeared in SSLeay 0.9.0. +BN_nnmod(), BN_mod_add(), BN_mod_sub(), and BN_mod_sqr() were added in +OpenSSL 0.9.7. =cut diff --git a/doc/crypto/BN_mod_mul_montgomery.pod b/doc/crypto/BN_mod_mul_montgomery.pod index 0b8ab512df..ed4af7a214 100644 --- a/doc/crypto/BN_mod_mul_montgomery.pod +++ b/doc/crypto/BN_mod_mul_montgomery.pod @@ -36,22 +36,23 @@ using the same modulus. BN_MONT_CTX_new() allocates and initializes a B<BN_MONT_CTX> structure. BN_MONT_CTX_init() initializes an existing uninitialized B<BN_MONT_CTX>. -BN_MONT_CTX_set() sets up the B<mont> structure from the modulus B<m> +BN_MONT_CTX_set() sets up the I<mont> structure from the modulus I<m> by precomputing its inverse and a value R. -BN_MONT_CTX_copy() copies the B<BN_MONT_CTX> B<from> to B<to>. +BN_MONT_CTX_copy() copies the B<BN_MONT_CTX> I<from> to I<to>. BN_MONT_CTX_free() frees the components of the B<BN_MONT_CTX>, and, if it was created by BN_MONT_CTX_new(), also the structure itself. -BN_mod_mul_montgomery() computes Mont(B<a>,B<b>):=B<a>*B<b>*R^-1 and places -the result in B<r>. +BN_mod_mul_montgomery() computes Mont(I<a>,I<b>):=I<a>*I<b>*R^-1 and places +the result in I<r>. -BN_from_montgomery() performs the Montgomery reduction B<r> = B<a>*R^-1. +BN_from_montgomery() performs the Montgomery reduction I<r> = I<a>*R^-1. -BN_to_montgomery() computes Mont(B<a>,R^2), i.e. B<a>*R. +BN_to_montgomery() computes Mont(I<a>,R^2), i.e. I<a>*R. +Note that I<a> must be non-negative and smaller than the modulus. -For all functions, B<ctx> is a previously allocated B<BN_CTX> used for +For all functions, I<ctx> is a previously allocated B<BN_CTX> used for temporary variables. The B<BN_MONT_CTX> structure is defined as follows: @@ -79,6 +80,11 @@ BN_MONT_CTX_init() and BN_MONT_CTX_free() have no return values. For the other functions, 1 is returned for success, 0 on error. The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. +=head1 WARNING + +The inputs must be reduced modulo B<m>, otherwise the result will be +outside the expected range. + =head1 SEE ALSO L<bn(3)|bn(3)>, L<err(3)|err(3)>, L<BN_add(3)|BN_add(3)>, diff --git a/doc/crypto/RSA_public_encrypt.pod b/doc/crypto/RSA_public_encrypt.pod index 02edb7aa75..e20dfcb551 100644 --- a/doc/crypto/RSA_public_encrypt.pod +++ b/doc/crypto/RSA_public_encrypt.pod @@ -74,10 +74,6 @@ SSL, PKCS #1 v2.0 L<err(3)|err(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_size(3)|RSA_size(3)> -=head1 NOTES - -The L<RSA_PKCS1_RSAref(3)|RSA_PKCS1_RSAref(3)> method supports only the RSA_PKCS1_PADDING mode. - =head1 HISTORY The B<padding> argument was added in SSLeay 0.8. RSA_NO_PADDING is diff --git a/doc/crypto/RSA_set_method.pod b/doc/crypto/RSA_set_method.pod index bc0891a445..14917dd35f 100644 --- a/doc/crypto/RSA_set_method.pod +++ b/doc/crypto/RSA_set_method.pod @@ -3,7 +3,7 @@ =head1 NAME RSA_set_default_method, RSA_get_default_method, RSA_set_method, -RSA_get_method, RSA_PKCS1_SSLeay, RSA_PKCS1_RSAref, +RSA_get_method, RSA_PKCS1_SSLeay, RSA_null_method, RSA_flags, RSA_new_method - select RSA method =head1 SYNOPSIS @@ -21,8 +21,6 @@ RSA_null_method, RSA_flags, RSA_new_method - select RSA method RSA_METHOD *RSA_PKCS1_SSLeay(void); - RSA_METHOD *RSA_PKCS1_RSAref(void); - RSA_METHOD *RSA_null_method(void); int RSA_flags(RSA *rsa); @@ -35,17 +33,8 @@ An B<RSA_METHOD> specifies the functions that OpenSSL uses for RSA operations. By modifying the method, alternative implementations such as hardware accelerators may be used. -Initially, the default is to use the OpenSSL internal implementation, -unless OpenSSL was configured with the C<rsaref> or C<-DRSA_NULL> -options. RSA_PKCS1_SSLeay() returns a pointer to that method. - -RSA_PKCS1_RSAref() returns a pointer to a method that uses the RSAref -library. This is the default method in the C<rsaref> configuration; -the function is not available in other configurations. -RSA_null_method() returns a pointer to a method that does not support -the RSA transformation. It is the default if OpenSSL is compiled with -C<-DRSA_NULL>. These methods may be useful in the USA because of a -patent on the RSA cryptosystem. +Initially, the default is to use the OpenSSL internal implementation. +RSA_PKCS1_SSLeay() returns a pointer to that method. RSA_set_default_openssl_method() makes B<meth> the default method for all B<RSA> structures created later. B<NB:> This is true only whilst the default engine @@ -132,9 +121,8 @@ the default engine for RSA operations is used. =head1 RETURN VALUES -RSA_PKCS1_SSLeay(), RSA_PKCS1_RSAref(), RSA_PKCS1_null_method(), -RSA_get_default_openssl_method() and RSA_get_method() return pointers to -the respective RSA_METHODs. +RSA_PKCS1_SSLeay(), RSA_PKCS1_null_method(), RSA_get_default_openssl_method() +and RSA_get_method() return pointers to the respective RSA_METHODs. RSA_set_default_openssl_method() returns no value. @@ -163,6 +151,6 @@ added in OpenSSL 0.9.4. RSA_set_default_openssl_method() and RSA_get_default_openssl_method() replaced RSA_set_default_method() and RSA_get_default_method() respectively, and RSA_set_method() and RSA_new_method() were altered to use B<ENGINE>s -rather than B<DH_METHOD>s during development of OpenSSL 0.9.6. +rather than B<RSA_METHOD>s during development of OpenSSL 0.9.6. =cut diff --git a/doc/crypto/bn.pod b/doc/crypto/bn.pod index 1504a1c92d..224dfe166a 100644 --- a/doc/crypto/bn.pod +++ b/doc/crypto/bn.pod @@ -21,19 +21,27 @@ bn - multiprecision integer arithmetics BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b); BIGNUM *BN_dup(const BIGNUM *a); + BIGNUM *BN_swap(BIGNUM *a, BIGNUM *b); + int BN_num_bytes(const BIGNUM *a); int BN_num_bits(const BIGNUM *a); int BN_num_bits_word(BN_ULONG w); - int BN_add(BIGNUM *r, BIGNUM *a, BIGNUM *b); + int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx); + int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx); int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d, BN_CTX *ctx); - int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx); int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); + int BN_nnmod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); + int BN_mod_add(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m, + BN_CTX *ctx); + int BN_mod_sub(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m, + BN_CTX *ctx); int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); + int BN_mod_sqr(BIGNUM *ret, BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx); int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx); @@ -137,7 +145,7 @@ of B<BIGNUM>s to external formats is described in L<BN_bn2bin(3)|BN_bn2bin(3)>. L<bn_internal(3)|bn_internal(3)>, L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<BN_new(3)|BN_new(3)>, L<BN_CTX_new(3)|BN_CTX_new(3)>, -L<BN_copy(3)|BN_copy(3)>, L<BN_num_bytes(3)|BN_num_bytes(3)>, +L<BN_copy(3)|BN_copy(3)>, L<BN_swap(3)|BN_swap(3)>, L<BN_num_bytes(3)|BN_num_bytes(3)>, L<BN_add(3)|BN_add(3)>, L<BN_add_word(3)|BN_add_word(3)>, L<BN_cmp(3)|BN_cmp(3)>, L<BN_zero(3)|BN_zero(3)>, L<BN_rand(3)|BN_rand(3)>, L<BN_generate_prime(3)|BN_generate_prime(3)>, L<BN_set_bit(3)|BN_set_bit(3)>, diff --git a/doc/crypto/bn_internal.pod b/doc/crypto/bn_internal.pod index 8da244aed4..d6f3cfe2ee 100644 --- a/doc/crypto/bn_internal.pod +++ b/doc/crypto/bn_internal.pod @@ -34,9 +34,9 @@ library internal functions int nb); void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n); void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, - BN_ULONG *tmp); + int dna,int dnb,BN_ULONG *tmp); void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, - int tn, int n, BN_ULONG *tmp); + int n, int tna,int tnb, BN_ULONG *tmp); void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, BN_ULONG *tmp); void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, @@ -152,14 +152,15 @@ bn_mul_low_normal(B<r>, B<a>, B<b>, B<n>) operates on the B<n> word arrays B<r>, B<a> and B<b>. It computes the B<n> low words of B<a>*B<b> and places the result in B<r>. -bn_mul_recursive(B<r>, B<a>, B<b>, B<n2>, B<t>) operates on the B<n2> -word arrays B<a> and B<b> and the 2*B<n2> word arrays B<r> and B<t>. -B<n2> must be a power of 2. It computes B<a>*B<b> and places the -result in B<r>. +bn_mul_recursive(B<r>, B<a>, B<b>, B<n2>, B<dna>, B<dnb>, B<t>) operates +on the word arrays B<a> and B<b> of length B<n2>+B<dna> and B<n2>+B<dnb> +(B<dna> and B<dnb> are currently allowed to be 0 or negative) and the 2*B<n2> +word arrays B<r> and B<t>. B<n2> must be a power of 2. It computes +B<a>*B<b> and places the result in B<r>. -bn_mul_part_recursive(B<r>, B<a>, B<b>, B<tn>, B<n>, B<tmp>) operates -on the B<n>+B<tn> word arrays B<a> and B<b> and the 4*B<n> word arrays -B<r> and B<tmp>. +bn_mul_part_recursive(B<r>, B<a>, B<b>, B<n>, B<tna>, B<tnb, B<tmp>) +operates on the word arrays B<a> and B<b> of length B<n>+B<tna> and +B<n>+B<tnb> and the 4*B<n> word arrays B<r> and B<tmp>. bn_mul_low_recursive(B<r>, B<a>, B<b>, B<n2>, B<tmp>) operates on the B<n2> word arrays B<r> and B<tmp> and the B<n2>/2 word arrays B<a> diff --git a/doc/crypto/lhash.pod b/doc/crypto/lhash.pod index 4e87aee824..8c4ca6ab33 100644 --- a/doc/crypto/lhash.pod +++ b/doc/crypto/lhash.pod @@ -9,20 +9,24 @@ lh_doall_arg, lh_error - dynamic hash table #include <openssl/lhash.h> - LHASH *lh_new(unsigned long (*hash)(/*void *a*/), - int (*compare)(/*void *a,void *b*/)); + LHASH *lh_new(LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE compare); void lh_free(LHASH *table); void *lh_insert(LHASH *table, void *data); void *lh_delete(LHASH *table, void *data); void *lh_retrieve(LHASH *table, void *data); - void lh_doall(LHASH *table, void (*func)(/*void *b*/)); - void lh_doall_arg(LHASH *table, void (*func)(/*void *a,void *b*/), + void lh_doall(LHASH *table, LHASH_DOALL_FN_TYPE func); + void lh_doall_arg(LHASH *table, LHASH_DOALL_ARG_FN_TYPE func, void *arg); int lh_error(LHASH *table); + typedef int (*LHASH_COMP_FN_TYPE)(void *, void *); + typedef unsigned long (*LHASH_HASH_FN_TYPE)(void *); + typedef void (*LHASH_DOALL_FN_TYPE)(void *); + typedef void (*LHASH_DOALL_ARG_FN_TYPE)(void *, void *); + =head1 DESCRIPTION This library implements dynamic hash tables. The hash table entries @@ -34,7 +38,44 @@ the structure and returns an unsigned long hash value of its key field. The hash value is normally truncated to a power of 2, so make sure that your hash function returns well mixed low order bits. B<compare> takes two arguments, and returns 0 if their keys are -equal, non-zero otherwise. +equal, non-zero otherwise. If your hash table will contain items of +some uniform type, and similarly the B<hash> and B<compare> callbacks +hash or compare the same type, then the B<DECLARE_LHASH_HASH_FN> and +B<IMPLEMENT_LHASH_COMP_FN> macros can be used to create callback +wrappers of the prototypes required in lh_new(). These provide +per-variable casts before calling the type-specific callbacks written +by the application author. These macros are defined as; + + #define DECLARE_LHASH_HASH_FN(f_name,o_type) \ + unsigned long f_name##_LHASH_HASH(void *); + #define IMPLEMENT_LHASH_HASH_FN(f_name,o_type) \ + unsigned long f_name##_LHASH_HASH(void *arg) { \ + o_type a = (o_type)arg; \ + return f_name(a); } + #define LHASH_HASH_FN(f_name) f_name##_LHASH_HASH + + #define DECLARE_LHASH_COMP_FN(f_name,o_type) \ + int f_name##_LHASH_COMP(void *, void *); + #define IMPLEMENT_LHASH_COMP_FN(f_name,o_type) \ + int f_name##_LHASH_COMP(void *arg1, void *arg2) { \ + o_type a = (o_type)arg1; \ + o_type b = (o_type)arg2; \ + return f_name(a,b); } + #define LHASH_COMP_FN(f_name) f_name##_LHASH_COMP + +An example of a hash table storing (pointers to) a structure type 'foo' +could be defined as follows; + + unsigned long foo_hash(foo *tohash); + int foo_compare(foo *arg1, foo *arg2); + static IMPLEMENT_LHASH_HASH_FN(foo_hash, foo *) + static IMPLEMENT_LHASH_COMP_FN(foo_compare, foo *); + /* ... */ + int main(int argc, char *argv[]) { + LHASH *hashtable = lh_new(LHASH_HASH_FN(foo_hash), + LHASH_COMP_FN(foo_compare)); + /* ... */ + } lh_free() frees the B<LHASH> structure B<table>. Allocated hash table entries will not be freed; consider using lh_doall() to deallocate any @@ -56,7 +97,7 @@ the data item as parameters. This function can be quite useful when used as follows: void cleanup(STUFF *a) { STUFF_free(a); } - lh_doall(hash,cleanup); + lh_doall(hash,(LHASH_DOALL_FN_TYPE)cleanup); lh_free(hash); This can be used to free all the entries. lh_free() then cleans up the 'buckets' that point to nothing. When doing this, be careful if you @@ -67,7 +108,9 @@ solution to this problem is to set hash-E<gt>down_load=0 before you start. This will stop the hash table ever being decreased in size. lh_doall_arg() is the same as lh_doall() except that B<func> will -be called with B<arg> as the second argument. +be called with B<arg> as the second argument and B<func> should be +of type B<LHASH_DOALL_ARG_FN_TYPE> (a callback prototype that is +passed an extra argument). lh_error() can be used to determine if an error occurred in the last operation. lh_error() is a macro. diff --git a/doc/crypto/rsa.pod b/doc/crypto/rsa.pod index ef0d4df205..09ad30cab1 100644 --- a/doc/crypto/rsa.pod +++ b/doc/crypto/rsa.pod @@ -37,7 +37,6 @@ rsa - RSA public key cryptosystem int RSA_set_method(RSA *rsa, ENGINE *engine); RSA_METHOD *RSA_get_method(RSA *rsa); RSA_METHOD *RSA_PKCS1_SSLeay(void); - RSA_METHOD *RSA_PKCS1_RSAref(void); RSA_METHOD *RSA_null_method(void); int RSA_flags(RSA *rsa); RSA *RSA_new_method(ENGINE *engine); diff --git a/doc/ssl/SSL_CIPHER_get_name.pod b/doc/ssl/SSL_CIPHER_get_name.pod index 7fea14ee68..bf851dcea5 100644 --- a/doc/ssl/SSL_CIPHER_get_name.pod +++ b/doc/ssl/SSL_CIPHER_get_name.pod @@ -2,8 +2,7 @@ =head1 NAME -SSL_CIPHER_get_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, -SSL_CIPHER_description - get SSL_CIPHER properties +SSL_CIPHER_get_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_description - get SSL_CIPHER properties =head1 SYNOPSIS @@ -29,9 +28,10 @@ SSL_CIPHER_get_version() returns the protocol version for B<cipher>, currently SSL_CIPHER_description() returns a textual description of the cipher used into the buffer B<buf> of length B<len> provided. B<len> must be at least -128 bytes, otherwise the string "Buffer too small" is returned. If B<buf> -is NULL, a buffer of 128 bytes is allocated using OPENSSL_malloc(). If the -allocation fails, the string "OPENSSL_malloc Error" is returned. +128 bytes, otherwise a pointer to the the string "Buffer too small" is +returned. If B<buf> is NULL, a buffer of 128 bytes is allocated using +OPENSSL_malloc(). If the allocation fails, a pointer to the string +"OPENSSL_malloc Error" is returned. =head1 NOTES @@ -40,11 +40,66 @@ export cipher like e.g. EXP-RC4-MD5 has only 40 secret bits. The algorithm does use the full 128 bits (which would be returned for B<alg_bits>), of which however 88bits are fixed. The search space is hence only 40 bits. +The string returned by SSL_CIPHER_description() in case of success consists +of cleartext information seperated by one or more blanks in the following +sequence: + +=over 4 + +=item <ciphername> + +Textual representation of the cipher name. + +=item <protocol version> + +Protocol version: B<SSLv2>, B<SSLv3>. The TLSv1 ciphers are flagged with SSLv3. + +=item Kx=<key exchange> + +Key exchange method: B<RSA> (for export ciphers as B<RSA(512)> or +B<RSA(1024)>), B<DH> (for export ciphers as B<DH(512)> or B<DH(1024)>), +B<DH/RSA>, B<DH/DSS>, B<Fortezza>. + +=item Au=<authentication> + +Authentication method: B<RSA>, B<DSS>, B<DH>, B<None>. None is the +representation of anonymous ciphers. + +=item Enc=<symmectric encryption method> + +Encryption method with number of secret bits: B<DES(40)>, B<DES(56)>, +B<3DES(168)>, B<RC4(40)>, B<RC4(56)>, B<RC4(64)>, B<RC4(128)>, +B<RC2(40)>, B<RC2(56)>, B<RC2(128)>, B<IDEA(128)>, B<Fortezza>, B<None>. + +=item Mac=<message authentication code> + +Message digest: B<MD5>, B<SHA1>. + +=item <export flag> + +If the cipher is flagged exportable with respect to old US crypto +regulations, the word "B<export>" is printed. + +=back + +=head1 EXAMPLES + +Some examples for the output of SSL_CIPHER_description(): + + EDH-RSA-DES-CBC3-SHA SSLv3 Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1 + EDH-DSS-DES-CBC3-SHA SSLv3 Kx=DH Au=DSS Enc=3DES(168) Mac=SHA1 + RC4-MD5 SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 + EXP-RC4-MD5 SSLv3 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export + =head1 BUGS If SSL_CIPHER_description() is called with B<cipher> being NULL, the library crashes. +If SSL_CIPHER_description() cannot handle a built-in cipher, the according +description of the cipher property is B<unknown>. This case should not +occur. + =head1 RETURN VALUES See DESCRIPTION @@ -52,6 +107,6 @@ See DESCRIPTION =head1 SEE ALSO L<ssl(3)|ssl(3)>, L<SSL_get_current_cipher(3)|SSL_get_current_cipher(3)>, -L<SSL_get_ciphers(3)|SSL_get_ciphers(3)> +L<SSL_get_ciphers(3)|SSL_get_ciphers(3)>, L<ciphers(1)|ciphers(1)> =cut diff --git a/doc/ssl/SSL_CTX_load_verify_locations.pod b/doc/ssl/SSL_CTX_load_verify_locations.pod index aeeee1a3be..8e11606dad 100644 --- a/doc/ssl/SSL_CTX_load_verify_locations.pod +++ b/doc/ssl/SSL_CTX_load_verify_locations.pod @@ -46,7 +46,7 @@ is performed in the ordering of the extension number, regardless of other properties of the certificates. Use the B<c_rehash> utility to create the necessary links. -The certificates in B<CAfile> are only looked up when required, e.g. when +The certificates in B<CApath> are only looked up when required, e.g. when building the certificate chain or when actually performing the verification of a peer certificate. @@ -62,6 +62,9 @@ matching the parameters is found, the verification process will be performed; no other certificates for the same parameters will be searched in case of failure. +When building its own certificate chain, an OpenSSL client/server will +try to fill in missing certificates from B<CAfile>/B<CApath>. + =head1 WARNINGS If several CA certificates matching the name, key identifier, and serial diff --git a/doc/ssl/SSL_get_error.pod b/doc/ssl/SSL_get_error.pod index d85b564258..bd6872f61f 100644 --- a/doc/ssl/SSL_get_error.pod +++ b/doc/ssl/SSL_get_error.pod @@ -48,16 +48,26 @@ has been closed. =item SSL_ERROR_WANT_READ, SSL_ERROR_WANT_WRITE The operation did not complete; the same TLS/SSL I/O function should be -called again later. There will be protocol progress if, by then, the -underlying B<BIO> has data available for reading (if the result code is -B<SSL_ERROR_WANT_READ>) or allows writing data (B<SSL_ERROR_WANT_WRITE>). -For socket B<BIO>s (e.g. when SSL_set_fd() was used) this means that -select() or poll() on the underlying socket can be used to find out -when the TLS/SSL I/O function should be retried. +called again later. If, by then, the underlying B<BIO> has data +available for reading (if the result code is B<SSL_ERROR_WANT_READ>) +or allows writing data (B<SSL_ERROR_WANT_WRITE>), then some TLS/SSL +protocol progress will take place, i.e. at least part of an TLS/SSL +record will be read or written. Note that the retry may again lead to +a B<SSL_ERROR_WANT_READ> or B<SSL_ERROR_WANT_WRITE> condition. +There is no fixed upper limit for the number of iterations that +may be necessary until progress becomes visible at application +protocol level. + +For socket B<BIO>s (e.g. when SSL_set_fd() was used), select() or +poll() on the underlying socket can be used to find out when the +TLS/SSL I/O function should be retried. Caveat: Any TLS/SSL I/O function can lead to either of -B<SSL_ERROR_WANT_READ> and B<SSL_ERROR_WANT_WRITE>, i.e. SSL_read() -may want to write data and SSL_write() may want to read data. +B<SSL_ERROR_WANT_READ> and B<SSL_ERROR_WANT_WRITE>. In particular, +SSL_read() may want to write data and SSL_write() may want to read +data. This is mainly because TLS/SSL handshakes may occur at any time +during the protocol (initiated by either the client or the server); +SSL_read() and SSL_write() will handle any pending handshakes. =item SSL_ERROR_WANT_X509_LOOKUP diff --git a/doc/standards.txt b/doc/standards.txt index 61ccc5d7e0..596d9001e6 100644 --- a/doc/standards.txt +++ b/doc/standards.txt @@ -24,7 +24,8 @@ http://www.rsasecurity.com/rsalabs/pkcs/. Implemented: ------------ -These are documents that describe things that are implemented in OpenSSL. +These are documents that describe things that are implemented (in +whole or at least great parts) in OpenSSL. 1319 The MD2 Message-Digest Algorithm. B. Kaliski. April 1992. (Format: TXT=25661 bytes) (Status: INFORMATIONAL) @@ -59,6 +60,11 @@ PKCS#8: Private-Key Information Syntax Standard PKCS#12: Personal Information Exchange Syntax Standard, version 1.0. +2560 X.509 Internet Public Key Infrastructure Online Certificate + Status Protocol - OCSP. M. Myers, R. Ankney, A. Malpani, S. Galperin, + C. Adams. June 1999. (Format: TXT=43243 bytes) (Status: PROPOSED + STANDARD) + Related: -------- @@ -84,6 +90,10 @@ STARTTLS documents. Certification and Related Services. B. Kaliski. February 1993. (Format: TXT=17537 bytes) (Status: PROPOSED STANDARD) +2256 A Summary of the X.500(96) User Schema for use with LDAPv3. M. + Wahl. December 1997. (Format: TXT=32377 bytes) (Status: PROPOSED + STANDARD) + 2487 SMTP Service Extension for Secure SMTP over TLS. P. Hoffman. January 1999. (Format: TXT=15120 bytes) (Status: PROPOSED STANDARD) @@ -114,8 +124,7 @@ To be implemented: These are documents that describe things that are planed to be implemented in the hopefully short future. -2560 X.509 Internet Public Key Infrastructure Online Certificate - Status Protocol - OCSP. M. Myers, R. Ankney, A. Malpani, S. Galperin, - C. Adams. June 1999. (Format: TXT=43243 bytes) (Status: PROPOSED - STANDARD) +2712 Addition of Kerberos Cipher Suites to Transport Layer Security + (TLS). A. Medvinsky, M. Hur. October 1999. (Format: TXT=13763 bytes) + (Status: PROPOSED STANDARD) diff --git a/makevms.com b/makevms.com index 15cbc9ce9d..f3372ca3b2 100755 --- a/makevms.com +++ b/makevms.com @@ -389,7 +389,7 @@ $ EXHEADER_DSA := dsa.h $ EXHEADER_DH := dh.h $ EXHEADER_DSO := dso.h $ EXHEADER_ENGINE := engine.h -$ EXHEADER_RIJNDAEL := rijndael-alg-fst.h,rijndael.h +$ EXHEADER_RIJNDAEL := rd_fst.h,rijndael.h $ EXHEADER_BUFFER := buffer.h $ EXHEADER_BIO := bio.h $ EXHEADER_STACK := stack.h,safestack.h @@ -425,8 +425,8 @@ $ LOOP_SDIRS_END: $! $! Copy All The ".H" Files From The [.RSAREF] Directory. $! -$ EXHEADER := rsaref.h -$ COPY SYS$DISK:[.RSAREF]'EXHEADER' SYS$DISK:[.INCLUDE.OPENSSL] +$! EXHEADER := rsaref.h +$! COPY SYS$DISK:[.RSAREF]'EXHEADER' SYS$DISK:[.INCLUDE.OPENSSL] $! $! Copy All The ".H" Files From The [.SSL] Directory. $! @@ -473,6 +473,9 @@ $! $! Build The [.xxx.EXE.RSAREF]LIBRSAGLUE Library. $! $ RSAREF: +$ WRITE SYS$OUTPUT "" +$ WRITE SYS$OUTPUT "RSAref glue library not built, since it's no longer needed" +$ RETURN $! $! Tell The User What We Are Doing. $! @@ -648,7 +651,6 @@ $ WRITE SYS$OUTPUT " CONFIG : Just build the [.CRYPTO]OPENSSLCONF.H fi $ WRITE SYS$OUTPUT " BUILDINF : Just build the [.CRYPTO]BUILDINF.H file." $ WRITE SYS$OUTPUT " SOFTLINKS: Just Fix The Unix soft links." $ WRITE SYS$OUTPUT " BUILDALL : Same as ALL, except CONFIG, BUILDINF and SOFTILNKS aren't done." -$ WRITE SYS$OUTPUT " RSAREF : To Build Just The [.xxx.EXE.RSAREF]LIBRSAGLUE.OLB Library." $ WRITE SYS$OUTPUT " CRYPTO : To Build Just The [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library." $ WRITE SYS$OUTPUT " CRYPTO/x : To Build Just The x Part Of The" $ WRITE SYS$OUTPUT " [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library." @@ -677,6 +679,7 @@ $ ENDIF $! $! Check To See If P2 Is Blank. $! +$ P2 = "NORSAREF" $ IF (P2.EQS."NORSAREF") $ THEN $! diff --git a/ms/testss.bat b/ms/testss.bat index 36863a5017..d9ae625439 100755 --- a/ms/testss.bat +++ b/ms/testss.bat @@ -1,4 +1,4 @@ -echo=on
+echo on
rem set ssleay=..\out\ssleay
set ssleay=%1
diff --git a/openssl.spec b/openssl.spec index fa8c16b7c7..501151ab47 100644 --- a/openssl.spec +++ b/openssl.spec @@ -2,7 +2,7 @@ %define libmin 9 %define librel 6 #%define librev -Release: 1 +Release: 2 %define openssldir /var/ssl @@ -109,12 +109,12 @@ for x in $RPM_BUILD_ROOT/usr/man/man*/* do mv ${x} ${x}ssl done -# Install RSAref stuff -install -m644 rsaref/rsaref.h $RPM_BUILD_ROOT/usr/include/openssl -install -m644 libRSAglue.a $RPM_BUILD_ROOT/usr/lib +## Install RSAref stuff +#install -m644 rsaref/rsaref.h $RPM_BUILD_ROOT/usr/include/openssl +#install -m644 libRSAglue.a $RPM_BUILD_ROOT/usr/lib # Make backwards-compatibility symlink to ssleay -ln -s /usr/bin/openssl $RPM_BUILD_ROOT/usr/bin/ssleay +ln -sf /usr/bin/openssl $RPM_BUILD_ROOT/usr/bin/ssleay # Install shared libs install -m644 libcrypto.a $RPM_BUILD_ROOT/usr/lib @@ -123,10 +123,10 @@ install -m644 libssl.a $RPM_BUILD_ROOT/usr/lib install -m755 libssl.so.%{libmaj}.%{libmin}.%{librel} $RPM_BUILD_ROOT/usr/lib ( cd $RPM_BUILD_ROOT/usr/lib - ln -s libcrypto.so.%{libmaj}.%{libmin}.%{librel} libcrypto.so.%{libmaj} - ln -s libcrypto.so.%{libmaj}.%{libmin}.%{librel} libcrypto.so - ln -s libssl.so.%{libmaj}.%{libmin}.%{librel} libssl.so.%{libmaj} - ln -s libssl.so.%{libmaj}.%{libmin}.%{librel} libssl.so + ln -sf libcrypto.so.%{libmaj}.%{libmin}.%{librel} libcrypto.so.%{libmaj} + ln -sf libcrypto.so.%{libmaj}.%{libmin}.%{librel} libcrypto.so + ln -sf libssl.so.%{libmaj}.%{libmin}.%{librel} libssl.so.%{libmaj} + ln -sf libssl.so.%{libmaj}.%{libmin}.%{librel} libssl.so ) %clean @@ -148,14 +148,15 @@ rm -rf $RPM_BUILD_ROOT %dir %attr(0750,root,root) %{openssldir}/private %files devel +%defattr(0644,root,root,0755) %doc CHANGES CHANGES.SSLeay LICENSE NEWS README -%defattr(0644,root,root,0755) %attr(0644,root,root) /usr/lib/*.a %attr(0644,root,root) /usr/include/openssl/* %attr(0644,root,root) /usr/man/man[3]/* %files doc +%defattr(0644,root,root,0755) %doc CHANGES CHANGES.SSLeay LICENSE NEWS README %doc doc @@ -166,6 +167,14 @@ ldconfig ldconfig %changelog +* Sat Oct 21 2000 Horms <horms@vergenet.net> +- Make sure symlinks are created by using -f flag to ln. + Otherwise some .so libraries are copied rather than + linked in the resulting binary RPM. This causes the package + to be larger than neccessary and makes ldconfig complain. +* Fri Oct 13 2000 Horms <horms@vergenet.net> +- Make defattr is set for files in all packages so packages built as + non-root will still be installed with files owned by root. * Thu Sep 14 2000 Richard Levitte <richard@levitte.org> - Changed to adapt to the new (supported) way of making shared libraries - Installs all static libraries, not just libRSAglue.a diff --git a/ssl/Makefile.ssl b/ssl/Makefile.ssl index 37f1ef0a08..7205e25c5a 100644 --- a/ssl/Makefile.ssl +++ b/ssl/Makefile.ssl @@ -5,7 +5,7 @@ DIR= ssl TOP= .. CC= cc -INCLUDES= -I../crypto -I../include +INCLUDES= -I../crypto -I../include $(KRB5_INCLUDES) CFLAG=-g INSTALL_PREFIX= OPENSSLDIR= /usr/local/ssl @@ -14,6 +14,9 @@ MAKE= make -f Makefile.ssl MAKEDEPEND= $(TOP)/util/domd $(TOP) MAKEFILE= Makefile.ssl AR= ar r +# KRB5 stuff +KRB5_INCLUDES= +LIBKRB5= CFLAGS= $(INCLUDES) $(CFLAG) @@ -30,7 +33,7 @@ LIBSRC= \ ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \ ssl_ciph.c ssl_stat.c ssl_rsa.c \ ssl_asn1.c ssl_txt.c ssl_algs.c \ - bio_ssl.c ssl_err.c + bio_ssl.c ssl_err.c kssl.c LIBOBJ= \ s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o \ s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o \ @@ -39,11 +42,11 @@ LIBOBJ= \ ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \ ssl_ciph.o ssl_stat.o ssl_rsa.o \ ssl_asn1.o ssl_txt.o ssl_algs.o \ - bio_ssl.o ssl_err.o + bio_ssl.o ssl_err.o kssl.o SRC= $(LIBSRC) -EXHEADER= ssl.h ssl2.h ssl3.h ssl23.h tls1.h +EXHEADER= ssl.h ssl2.h ssl3.h ssl23.h tls1.h kssl.h HEADER= $(EXHEADER) ssl_locl.h ALL= $(GENERAL) $(SRC) $(HEADER) @@ -102,22 +105,45 @@ bio_ssl.o: ../include/openssl/comp.h ../include/openssl/crypto.h bio_ssl.o: ../include/openssl/des.h ../include/openssl/dh.h bio_ssl.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h bio_ssl.o: ../include/openssl/err.h ../include/openssl/evp.h -bio_ssl.o: ../include/openssl/idea.h ../include/openssl/lhash.h -bio_ssl.o: ../include/openssl/md2.h ../include/openssl/md4.h -bio_ssl.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -bio_ssl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -bio_ssl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -bio_ssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h -bio_ssl.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -bio_ssl.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -bio_ssl.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -bio_ssl.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -bio_ssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h -bio_ssl.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -bio_ssl.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -bio_ssl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -bio_ssl.o: ../include/openssl/tls1.h ../include/openssl/x509.h -bio_ssl.o: ../include/openssl/x509_vfy.h +bio_ssl.o: ../include/openssl/idea.h ../include/openssl/kssl.h +bio_ssl.o: ../include/openssl/lhash.h ../include/openssl/md2.h +bio_ssl.o: ../include/openssl/md4.h ../include/openssl/md5.h +bio_ssl.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +bio_ssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +bio_ssl.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +bio_ssl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +bio_ssl.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +bio_ssl.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +bio_ssl.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +bio_ssl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +bio_ssl.o: ../include/openssl/sha.h ../include/openssl/ssl.h +bio_ssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +bio_ssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +bio_ssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +bio_ssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +kssl.o: ../include/openssl/asn1.h ../include/openssl/bio.h +kssl.o: ../include/openssl/blowfish.h ../include/openssl/bn.h +kssl.o: ../include/openssl/buffer.h ../include/openssl/cast.h +kssl.o: ../include/openssl/comp.h ../include/openssl/crypto.h +kssl.o: ../include/openssl/des.h ../include/openssl/dh.h +kssl.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h +kssl.o: ../include/openssl/evp.h ../include/openssl/idea.h +kssl.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +kssl.o: ../include/openssl/md2.h ../include/openssl/md4.h +kssl.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +kssl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +kssl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +kssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h +kssl.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +kssl.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +kssl.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +kssl.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +kssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h +kssl.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +kssl.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +kssl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +kssl.o: ../include/openssl/tls1.h ../include/openssl/x509.h +kssl.o: ../include/openssl/x509_vfy.h s23_clnt.o: ../include/openssl/asn1.h ../include/openssl/bio.h s23_clnt.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s23_clnt.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -126,22 +152,22 @@ s23_clnt.o: ../include/openssl/des.h ../include/openssl/dh.h s23_clnt.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s23_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h s23_clnt.o: ../include/openssl/evp.h ../include/openssl/idea.h -s23_clnt.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s23_clnt.o: ../include/openssl/md4.h ../include/openssl/md5.h -s23_clnt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s23_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s23_clnt.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s23_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s23_clnt.o: ../include/openssl/rand.h ../include/openssl/rc2.h -s23_clnt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -s23_clnt.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -s23_clnt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -s23_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s23_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s23_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s23_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -s23_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s23_clnt.o: ../include/openssl/x509_vfy.h ssl_locl.h +s23_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s23_clnt.o: ../include/openssl/md2.h ../include/openssl/md4.h +s23_clnt.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s23_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s23_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s23_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s23_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +s23_clnt.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +s23_clnt.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +s23_clnt.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +s23_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +s23_clnt.o: ../include/openssl/sha.h ../include/openssl/ssl.h +s23_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +s23_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s23_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +s23_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h s23_lib.o: ../include/openssl/asn1.h ../include/openssl/bio.h s23_lib.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s23_lib.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -150,21 +176,22 @@ s23_lib.o: ../include/openssl/des.h ../include/openssl/dh.h s23_lib.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s23_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h s23_lib.o: ../include/openssl/evp.h ../include/openssl/idea.h -s23_lib.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s23_lib.o: ../include/openssl/md4.h ../include/openssl/md5.h -s23_lib.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s23_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s23_lib.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s23_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s23_lib.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s23_lib.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s23_lib.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s23_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s23_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s23_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s23_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s23_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s23_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +s23_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s23_lib.o: ../include/openssl/md2.h ../include/openssl/md4.h +s23_lib.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s23_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s23_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s23_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s23_lib.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +s23_lib.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s23_lib.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s23_lib.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s23_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s23_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s23_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s23_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s23_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s23_lib.o: ../include/openssl/x509_vfy.h ssl_locl.h s23_meth.o: ../include/openssl/asn1.h ../include/openssl/bio.h s23_meth.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s23_meth.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -173,21 +200,22 @@ s23_meth.o: ../include/openssl/des.h ../include/openssl/dh.h s23_meth.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s23_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h s23_meth.o: ../include/openssl/evp.h ../include/openssl/idea.h -s23_meth.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s23_meth.o: ../include/openssl/md4.h ../include/openssl/md5.h -s23_meth.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s23_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s23_meth.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s23_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s23_meth.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s23_meth.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s23_meth.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s23_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s23_meth.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s23_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s23_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s23_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s23_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +s23_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s23_meth.o: ../include/openssl/md2.h ../include/openssl/md4.h +s23_meth.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s23_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s23_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s23_meth.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s23_meth.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +s23_meth.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s23_meth.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s23_meth.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s23_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s23_meth.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s23_meth.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s23_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s23_meth.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s23_meth.o: ../include/openssl/x509_vfy.h ssl_locl.h s23_pkt.o: ../include/openssl/asn1.h ../include/openssl/bio.h s23_pkt.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s23_pkt.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -196,21 +224,22 @@ s23_pkt.o: ../include/openssl/des.h ../include/openssl/dh.h s23_pkt.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s23_pkt.o: ../include/openssl/e_os2.h ../include/openssl/err.h s23_pkt.o: ../include/openssl/evp.h ../include/openssl/idea.h -s23_pkt.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s23_pkt.o: ../include/openssl/md4.h ../include/openssl/md5.h -s23_pkt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s23_pkt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s23_pkt.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s23_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s23_pkt.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s23_pkt.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s23_pkt.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s23_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s23_pkt.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s23_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s23_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s23_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s23_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +s23_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s23_pkt.o: ../include/openssl/md2.h ../include/openssl/md4.h +s23_pkt.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s23_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s23_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s23_pkt.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s23_pkt.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +s23_pkt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s23_pkt.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s23_pkt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s23_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s23_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s23_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s23_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s23_pkt.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s23_pkt.o: ../include/openssl/x509_vfy.h ssl_locl.h s23_srvr.o: ../include/openssl/asn1.h ../include/openssl/bio.h s23_srvr.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s23_srvr.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -219,22 +248,22 @@ s23_srvr.o: ../include/openssl/des.h ../include/openssl/dh.h s23_srvr.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s23_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h s23_srvr.o: ../include/openssl/evp.h ../include/openssl/idea.h -s23_srvr.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s23_srvr.o: ../include/openssl/md4.h ../include/openssl/md5.h -s23_srvr.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s23_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s23_srvr.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s23_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s23_srvr.o: ../include/openssl/rand.h ../include/openssl/rc2.h -s23_srvr.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -s23_srvr.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -s23_srvr.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -s23_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s23_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s23_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s23_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -s23_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s23_srvr.o: ../include/openssl/x509_vfy.h ssl_locl.h +s23_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s23_srvr.o: ../include/openssl/md2.h ../include/openssl/md4.h +s23_srvr.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s23_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s23_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s23_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s23_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +s23_srvr.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +s23_srvr.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +s23_srvr.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +s23_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +s23_srvr.o: ../include/openssl/sha.h ../include/openssl/ssl.h +s23_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +s23_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s23_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +s23_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h s2_clnt.o: ../include/openssl/asn1.h ../include/openssl/bio.h s2_clnt.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s2_clnt.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -243,22 +272,22 @@ s2_clnt.o: ../include/openssl/des.h ../include/openssl/dh.h s2_clnt.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s2_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h s2_clnt.o: ../include/openssl/evp.h ../include/openssl/idea.h -s2_clnt.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s2_clnt.o: ../include/openssl/md4.h ../include/openssl/md5.h -s2_clnt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s2_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s2_clnt.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s2_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s2_clnt.o: ../include/openssl/rand.h ../include/openssl/rc2.h -s2_clnt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -s2_clnt.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -s2_clnt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -s2_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s2_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s2_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s2_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -s2_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s2_clnt.o: ../include/openssl/x509_vfy.h ssl_locl.h +s2_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s2_clnt.o: ../include/openssl/md2.h ../include/openssl/md4.h +s2_clnt.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s2_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s2_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s2_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s2_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +s2_clnt.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +s2_clnt.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +s2_clnt.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +s2_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +s2_clnt.o: ../include/openssl/sha.h ../include/openssl/ssl.h +s2_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +s2_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s2_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +s2_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h s2_enc.o: ../include/openssl/asn1.h ../include/openssl/bio.h s2_enc.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s2_enc.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -267,21 +296,22 @@ s2_enc.o: ../include/openssl/des.h ../include/openssl/dh.h s2_enc.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s2_enc.o: ../include/openssl/e_os2.h ../include/openssl/err.h s2_enc.o: ../include/openssl/evp.h ../include/openssl/idea.h -s2_enc.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s2_enc.o: ../include/openssl/md4.h ../include/openssl/md5.h -s2_enc.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s2_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s2_enc.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s2_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s2_enc.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s2_enc.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s2_enc.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s2_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s2_enc.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s2_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s2_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s2_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s2_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +s2_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s2_enc.o: ../include/openssl/md2.h ../include/openssl/md4.h +s2_enc.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s2_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s2_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s2_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s2_enc.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +s2_enc.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s2_enc.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s2_enc.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s2_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s2_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s2_enc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s2_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s2_enc.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s2_enc.o: ../include/openssl/x509_vfy.h ssl_locl.h s2_lib.o: ../include/openssl/asn1.h ../include/openssl/bio.h s2_lib.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s2_lib.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -290,21 +320,22 @@ s2_lib.o: ../include/openssl/des.h ../include/openssl/dh.h s2_lib.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s2_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h s2_lib.o: ../include/openssl/evp.h ../include/openssl/idea.h -s2_lib.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s2_lib.o: ../include/openssl/md4.h ../include/openssl/md5.h -s2_lib.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s2_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s2_lib.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s2_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s2_lib.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s2_lib.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s2_lib.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s2_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s2_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s2_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s2_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s2_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s2_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +s2_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s2_lib.o: ../include/openssl/md2.h ../include/openssl/md4.h +s2_lib.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s2_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s2_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s2_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s2_lib.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +s2_lib.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s2_lib.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s2_lib.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s2_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s2_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s2_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s2_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s2_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s2_lib.o: ../include/openssl/x509_vfy.h ssl_locl.h s2_meth.o: ../include/openssl/asn1.h ../include/openssl/bio.h s2_meth.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s2_meth.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -313,21 +344,22 @@ s2_meth.o: ../include/openssl/des.h ../include/openssl/dh.h s2_meth.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s2_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h s2_meth.o: ../include/openssl/evp.h ../include/openssl/idea.h -s2_meth.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s2_meth.o: ../include/openssl/md4.h ../include/openssl/md5.h -s2_meth.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s2_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s2_meth.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s2_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s2_meth.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s2_meth.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s2_meth.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s2_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s2_meth.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s2_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s2_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s2_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s2_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +s2_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s2_meth.o: ../include/openssl/md2.h ../include/openssl/md4.h +s2_meth.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s2_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s2_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s2_meth.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s2_meth.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +s2_meth.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s2_meth.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s2_meth.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s2_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s2_meth.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s2_meth.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s2_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s2_meth.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s2_meth.o: ../include/openssl/x509_vfy.h ssl_locl.h s2_pkt.o: ../include/openssl/asn1.h ../include/openssl/bio.h s2_pkt.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s2_pkt.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -336,21 +368,22 @@ s2_pkt.o: ../include/openssl/des.h ../include/openssl/dh.h s2_pkt.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s2_pkt.o: ../include/openssl/e_os2.h ../include/openssl/err.h s2_pkt.o: ../include/openssl/evp.h ../include/openssl/idea.h -s2_pkt.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s2_pkt.o: ../include/openssl/md4.h ../include/openssl/md5.h -s2_pkt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s2_pkt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s2_pkt.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s2_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s2_pkt.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s2_pkt.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s2_pkt.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s2_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s2_pkt.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s2_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s2_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s2_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s2_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +s2_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s2_pkt.o: ../include/openssl/md2.h ../include/openssl/md4.h +s2_pkt.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s2_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s2_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s2_pkt.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s2_pkt.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +s2_pkt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s2_pkt.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s2_pkt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s2_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s2_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s2_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s2_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s2_pkt.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s2_pkt.o: ../include/openssl/x509_vfy.h ssl_locl.h s2_srvr.o: ../include/openssl/asn1.h ../include/openssl/bio.h s2_srvr.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s2_srvr.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -359,22 +392,22 @@ s2_srvr.o: ../include/openssl/des.h ../include/openssl/dh.h s2_srvr.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s2_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h s2_srvr.o: ../include/openssl/evp.h ../include/openssl/idea.h -s2_srvr.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s2_srvr.o: ../include/openssl/md4.h ../include/openssl/md5.h -s2_srvr.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s2_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s2_srvr.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s2_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s2_srvr.o: ../include/openssl/rand.h ../include/openssl/rc2.h -s2_srvr.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -s2_srvr.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -s2_srvr.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -s2_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s2_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s2_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s2_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -s2_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s2_srvr.o: ../include/openssl/x509_vfy.h ssl_locl.h +s2_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s2_srvr.o: ../include/openssl/md2.h ../include/openssl/md4.h +s2_srvr.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s2_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s2_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s2_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s2_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +s2_srvr.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +s2_srvr.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +s2_srvr.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +s2_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +s2_srvr.o: ../include/openssl/sha.h ../include/openssl/ssl.h +s2_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +s2_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s2_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +s2_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h s3_both.o: ../include/openssl/asn1.h ../include/openssl/bio.h s3_both.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s3_both.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -383,22 +416,22 @@ s3_both.o: ../include/openssl/des.h ../include/openssl/dh.h s3_both.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s3_both.o: ../include/openssl/e_os2.h ../include/openssl/err.h s3_both.o: ../include/openssl/evp.h ../include/openssl/idea.h -s3_both.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s3_both.o: ../include/openssl/md4.h ../include/openssl/md5.h -s3_both.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s3_both.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s3_both.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s3_both.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s3_both.o: ../include/openssl/rand.h ../include/openssl/rc2.h -s3_both.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -s3_both.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -s3_both.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -s3_both.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s3_both.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s3_both.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s3_both.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -s3_both.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s3_both.o: ../include/openssl/x509_vfy.h ssl_locl.h +s3_both.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s3_both.o: ../include/openssl/md2.h ../include/openssl/md4.h +s3_both.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s3_both.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s3_both.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s3_both.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s3_both.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +s3_both.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +s3_both.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +s3_both.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +s3_both.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +s3_both.o: ../include/openssl/sha.h ../include/openssl/ssl.h +s3_both.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +s3_both.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s3_both.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +s3_both.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h s3_clnt.o: ../include/openssl/asn1.h ../include/openssl/bio.h s3_clnt.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s3_clnt.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -407,22 +440,23 @@ s3_clnt.o: ../include/openssl/des.h ../include/openssl/dh.h s3_clnt.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s3_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h s3_clnt.o: ../include/openssl/evp.h ../include/openssl/idea.h -s3_clnt.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s3_clnt.o: ../include/openssl/md4.h ../include/openssl/md5.h -s3_clnt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s3_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s3_clnt.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s3_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s3_clnt.o: ../include/openssl/rand.h ../include/openssl/rc2.h -s3_clnt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -s3_clnt.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -s3_clnt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -s3_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s3_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s3_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s3_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -s3_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s3_clnt.o: ../include/openssl/x509_vfy.h ssl_locl.h +s3_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s3_clnt.o: ../include/openssl/md2.h ../include/openssl/md4.h +s3_clnt.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s3_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s3_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s3_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s3_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +s3_clnt.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +s3_clnt.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +s3_clnt.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +s3_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +s3_clnt.o: ../include/openssl/sha.h ../include/openssl/ssl.h +s3_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +s3_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s3_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +s3_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl.h +s3_clnt.o: ssl_locl.h s3_enc.o: ../include/openssl/asn1.h ../include/openssl/bio.h s3_enc.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s3_enc.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -431,21 +465,22 @@ s3_enc.o: ../include/openssl/des.h ../include/openssl/dh.h s3_enc.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s3_enc.o: ../include/openssl/e_os2.h ../include/openssl/err.h s3_enc.o: ../include/openssl/evp.h ../include/openssl/idea.h -s3_enc.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s3_enc.o: ../include/openssl/md4.h ../include/openssl/md5.h -s3_enc.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s3_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s3_enc.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s3_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s3_enc.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s3_enc.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s3_enc.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s3_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s3_enc.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s3_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s3_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s3_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s3_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +s3_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s3_enc.o: ../include/openssl/md2.h ../include/openssl/md4.h +s3_enc.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s3_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s3_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s3_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s3_enc.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +s3_enc.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s3_enc.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s3_enc.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s3_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s3_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s3_enc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s3_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s3_enc.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s3_enc.o: ../include/openssl/x509_vfy.h ssl_locl.h s3_lib.o: ../include/openssl/asn1.h ../include/openssl/bio.h s3_lib.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s3_lib.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -454,21 +489,22 @@ s3_lib.o: ../include/openssl/des.h ../include/openssl/dh.h s3_lib.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s3_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h s3_lib.o: ../include/openssl/evp.h ../include/openssl/idea.h -s3_lib.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s3_lib.o: ../include/openssl/md4.h ../include/openssl/md5.h -s3_lib.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s3_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s3_lib.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s3_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s3_lib.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s3_lib.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s3_lib.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s3_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s3_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s3_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s3_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s3_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s3_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +s3_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s3_lib.o: ../include/openssl/md2.h ../include/openssl/md4.h +s3_lib.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s3_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s3_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s3_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s3_lib.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +s3_lib.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s3_lib.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s3_lib.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s3_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s3_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s3_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s3_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s3_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s3_lib.o: ../include/openssl/x509_vfy.h ssl_locl.h s3_meth.o: ../include/openssl/asn1.h ../include/openssl/bio.h s3_meth.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s3_meth.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -477,21 +513,22 @@ s3_meth.o: ../include/openssl/des.h ../include/openssl/dh.h s3_meth.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s3_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h s3_meth.o: ../include/openssl/evp.h ../include/openssl/idea.h -s3_meth.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s3_meth.o: ../include/openssl/md4.h ../include/openssl/md5.h -s3_meth.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s3_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s3_meth.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s3_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s3_meth.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s3_meth.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s3_meth.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s3_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s3_meth.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s3_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s3_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s3_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s3_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +s3_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s3_meth.o: ../include/openssl/md2.h ../include/openssl/md4.h +s3_meth.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s3_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s3_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s3_meth.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s3_meth.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +s3_meth.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s3_meth.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s3_meth.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s3_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s3_meth.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s3_meth.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s3_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s3_meth.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s3_meth.o: ../include/openssl/x509_vfy.h ssl_locl.h s3_pkt.o: ../include/openssl/asn1.h ../include/openssl/bio.h s3_pkt.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s3_pkt.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -500,21 +537,22 @@ s3_pkt.o: ../include/openssl/des.h ../include/openssl/dh.h s3_pkt.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s3_pkt.o: ../include/openssl/e_os2.h ../include/openssl/err.h s3_pkt.o: ../include/openssl/evp.h ../include/openssl/idea.h -s3_pkt.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s3_pkt.o: ../include/openssl/md4.h ../include/openssl/md5.h -s3_pkt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s3_pkt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s3_pkt.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s3_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s3_pkt.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s3_pkt.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -s3_pkt.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -s3_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s3_pkt.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s3_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s3_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s3_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s3_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +s3_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s3_pkt.o: ../include/openssl/md2.h ../include/openssl/md4.h +s3_pkt.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s3_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s3_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s3_pkt.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s3_pkt.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +s3_pkt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s3_pkt.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +s3_pkt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s3_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s3_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s3_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s3_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s3_pkt.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s3_pkt.o: ../include/openssl/x509_vfy.h ssl_locl.h s3_srvr.o: ../include/openssl/asn1.h ../include/openssl/bio.h s3_srvr.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s3_srvr.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -523,22 +561,23 @@ s3_srvr.o: ../include/openssl/des.h ../include/openssl/dh.h s3_srvr.o: ../include/openssl/dsa.h ../include/openssl/e_os.h s3_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h s3_srvr.o: ../include/openssl/evp.h ../include/openssl/idea.h -s3_srvr.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s3_srvr.o: ../include/openssl/md4.h ../include/openssl/md5.h -s3_srvr.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s3_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s3_srvr.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s3_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s3_srvr.o: ../include/openssl/rand.h ../include/openssl/rc2.h -s3_srvr.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -s3_srvr.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -s3_srvr.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -s3_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s3_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s3_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s3_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -s3_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s3_srvr.o: ../include/openssl/x509_vfy.h ssl_locl.h +s3_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s3_srvr.o: ../include/openssl/md2.h ../include/openssl/md4.h +s3_srvr.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +s3_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s3_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s3_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s3_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +s3_srvr.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +s3_srvr.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +s3_srvr.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +s3_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +s3_srvr.o: ../include/openssl/sha.h ../include/openssl/ssl.h +s3_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +s3_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s3_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +s3_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl.h +s3_srvr.o: ssl_locl.h ssl_algs.o: ../include/openssl/asn1.h ../include/openssl/bio.h ssl_algs.o: ../include/openssl/blowfish.h ../include/openssl/bn.h ssl_algs.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -547,21 +586,22 @@ ssl_algs.o: ../include/openssl/des.h ../include/openssl/dh.h ssl_algs.o: ../include/openssl/dsa.h ../include/openssl/e_os.h ssl_algs.o: ../include/openssl/e_os2.h ../include/openssl/err.h ssl_algs.o: ../include/openssl/evp.h ../include/openssl/idea.h -ssl_algs.o: ../include/openssl/lhash.h ../include/openssl/md2.h -ssl_algs.o: ../include/openssl/md4.h ../include/openssl/md5.h -ssl_algs.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -ssl_algs.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -ssl_algs.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -ssl_algs.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -ssl_algs.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -ssl_algs.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -ssl_algs.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -ssl_algs.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -ssl_algs.o: ../include/openssl/sha.h ../include/openssl/ssl.h -ssl_algs.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -ssl_algs.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -ssl_algs.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -ssl_algs.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +ssl_algs.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +ssl_algs.o: ../include/openssl/md2.h ../include/openssl/md4.h +ssl_algs.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +ssl_algs.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +ssl_algs.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +ssl_algs.o: ../include/openssl/pem.h ../include/openssl/pem2.h +ssl_algs.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +ssl_algs.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +ssl_algs.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +ssl_algs.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +ssl_algs.o: ../include/openssl/safestack.h ../include/openssl/sha.h +ssl_algs.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +ssl_algs.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +ssl_algs.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +ssl_algs.o: ../include/openssl/tls1.h ../include/openssl/x509.h +ssl_algs.o: ../include/openssl/x509_vfy.h ssl_locl.h ssl_asn1.o: ../include/openssl/asn1.h ../include/openssl/asn1_mac.h ssl_asn1.o: ../include/openssl/bio.h ../include/openssl/blowfish.h ssl_asn1.o: ../include/openssl/bn.h ../include/openssl/buffer.h @@ -570,22 +610,22 @@ ssl_asn1.o: ../include/openssl/crypto.h ../include/openssl/des.h ssl_asn1.o: ../include/openssl/dh.h ../include/openssl/dsa.h ssl_asn1.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h ssl_asn1.o: ../include/openssl/err.h ../include/openssl/evp.h -ssl_asn1.o: ../include/openssl/idea.h ../include/openssl/lhash.h -ssl_asn1.o: ../include/openssl/md2.h ../include/openssl/md4.h -ssl_asn1.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -ssl_asn1.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -ssl_asn1.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -ssl_asn1.o: ../include/openssl/pem.h ../include/openssl/pem2.h -ssl_asn1.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -ssl_asn1.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -ssl_asn1.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -ssl_asn1.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -ssl_asn1.o: ../include/openssl/safestack.h ../include/openssl/sha.h -ssl_asn1.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -ssl_asn1.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -ssl_asn1.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -ssl_asn1.o: ../include/openssl/tls1.h ../include/openssl/x509.h -ssl_asn1.o: ../include/openssl/x509_vfy.h ssl_locl.h +ssl_asn1.o: ../include/openssl/idea.h ../include/openssl/kssl.h +ssl_asn1.o: ../include/openssl/lhash.h ../include/openssl/md2.h +ssl_asn1.o: ../include/openssl/md4.h ../include/openssl/md5.h +ssl_asn1.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +ssl_asn1.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +ssl_asn1.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +ssl_asn1.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +ssl_asn1.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +ssl_asn1.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +ssl_asn1.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +ssl_asn1.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +ssl_asn1.o: ../include/openssl/sha.h ../include/openssl/ssl.h +ssl_asn1.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +ssl_asn1.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +ssl_asn1.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +ssl_asn1.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h ssl_cert.o: ../include/openssl/asn1.h ../include/openssl/bio.h ssl_cert.o: ../include/openssl/blowfish.h ../include/openssl/bn.h ssl_cert.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -595,23 +635,23 @@ ssl_cert.o: ../include/openssl/dh.h ../include/openssl/dsa.h ssl_cert.o: ../include/openssl/e_os.h ../include/openssl/e_os.h ssl_cert.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h ssl_cert.o: ../include/openssl/err.h ../include/openssl/evp.h -ssl_cert.o: ../include/openssl/idea.h ../include/openssl/lhash.h -ssl_cert.o: ../include/openssl/md2.h ../include/openssl/md4.h -ssl_cert.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -ssl_cert.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -ssl_cert.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -ssl_cert.o: ../include/openssl/pem.h ../include/openssl/pem2.h -ssl_cert.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -ssl_cert.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -ssl_cert.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -ssl_cert.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -ssl_cert.o: ../include/openssl/safestack.h ../include/openssl/sha.h -ssl_cert.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -ssl_cert.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -ssl_cert.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -ssl_cert.o: ../include/openssl/tls1.h ../include/openssl/x509.h -ssl_cert.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h -ssl_cert.o: ssl_locl.h +ssl_cert.o: ../include/openssl/idea.h ../include/openssl/kssl.h +ssl_cert.o: ../include/openssl/lhash.h ../include/openssl/md2.h +ssl_cert.o: ../include/openssl/md4.h ../include/openssl/md5.h +ssl_cert.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +ssl_cert.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +ssl_cert.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +ssl_cert.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +ssl_cert.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +ssl_cert.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +ssl_cert.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +ssl_cert.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +ssl_cert.o: ../include/openssl/sha.h ../include/openssl/ssl.h +ssl_cert.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +ssl_cert.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +ssl_cert.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +ssl_cert.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +ssl_cert.o: ../include/openssl/x509v3.h ssl_locl.h ssl_ciph.o: ../include/openssl/asn1.h ../include/openssl/bio.h ssl_ciph.o: ../include/openssl/blowfish.h ../include/openssl/bn.h ssl_ciph.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -620,21 +660,22 @@ ssl_ciph.o: ../include/openssl/des.h ../include/openssl/dh.h ssl_ciph.o: ../include/openssl/dsa.h ../include/openssl/e_os.h ssl_ciph.o: ../include/openssl/e_os2.h ../include/openssl/err.h ssl_ciph.o: ../include/openssl/evp.h ../include/openssl/idea.h -ssl_ciph.o: ../include/openssl/lhash.h ../include/openssl/md2.h -ssl_ciph.o: ../include/openssl/md4.h ../include/openssl/md5.h -ssl_ciph.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -ssl_ciph.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -ssl_ciph.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -ssl_ciph.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -ssl_ciph.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -ssl_ciph.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -ssl_ciph.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -ssl_ciph.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -ssl_ciph.o: ../include/openssl/sha.h ../include/openssl/ssl.h -ssl_ciph.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -ssl_ciph.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -ssl_ciph.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -ssl_ciph.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +ssl_ciph.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +ssl_ciph.o: ../include/openssl/md2.h ../include/openssl/md4.h +ssl_ciph.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +ssl_ciph.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +ssl_ciph.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +ssl_ciph.o: ../include/openssl/pem.h ../include/openssl/pem2.h +ssl_ciph.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +ssl_ciph.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +ssl_ciph.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +ssl_ciph.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +ssl_ciph.o: ../include/openssl/safestack.h ../include/openssl/sha.h +ssl_ciph.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +ssl_ciph.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +ssl_ciph.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +ssl_ciph.o: ../include/openssl/tls1.h ../include/openssl/x509.h +ssl_ciph.o: ../include/openssl/x509_vfy.h ssl_locl.h ssl_err.o: ../include/openssl/asn1.h ../include/openssl/bio.h ssl_err.o: ../include/openssl/blowfish.h ../include/openssl/bn.h ssl_err.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -642,22 +683,22 @@ ssl_err.o: ../include/openssl/comp.h ../include/openssl/crypto.h ssl_err.o: ../include/openssl/des.h ../include/openssl/dh.h ssl_err.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h ssl_err.o: ../include/openssl/err.h ../include/openssl/evp.h -ssl_err.o: ../include/openssl/idea.h ../include/openssl/lhash.h -ssl_err.o: ../include/openssl/md2.h ../include/openssl/md4.h -ssl_err.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -ssl_err.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -ssl_err.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -ssl_err.o: ../include/openssl/pem.h ../include/openssl/pem2.h -ssl_err.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -ssl_err.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -ssl_err.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -ssl_err.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -ssl_err.o: ../include/openssl/safestack.h ../include/openssl/sha.h -ssl_err.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -ssl_err.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -ssl_err.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -ssl_err.o: ../include/openssl/tls1.h ../include/openssl/x509.h -ssl_err.o: ../include/openssl/x509_vfy.h +ssl_err.o: ../include/openssl/idea.h ../include/openssl/kssl.h +ssl_err.o: ../include/openssl/lhash.h ../include/openssl/md2.h +ssl_err.o: ../include/openssl/md4.h ../include/openssl/md5.h +ssl_err.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +ssl_err.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +ssl_err.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +ssl_err.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +ssl_err.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +ssl_err.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +ssl_err.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +ssl_err.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +ssl_err.o: ../include/openssl/sha.h ../include/openssl/ssl.h +ssl_err.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +ssl_err.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +ssl_err.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +ssl_err.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_err2.o: ../include/openssl/asn1.h ../include/openssl/bio.h ssl_err2.o: ../include/openssl/blowfish.h ../include/openssl/bn.h ssl_err2.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -665,22 +706,22 @@ ssl_err2.o: ../include/openssl/comp.h ../include/openssl/crypto.h ssl_err2.o: ../include/openssl/des.h ../include/openssl/dh.h ssl_err2.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h ssl_err2.o: ../include/openssl/err.h ../include/openssl/evp.h -ssl_err2.o: ../include/openssl/idea.h ../include/openssl/lhash.h -ssl_err2.o: ../include/openssl/md2.h ../include/openssl/md4.h -ssl_err2.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -ssl_err2.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -ssl_err2.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -ssl_err2.o: ../include/openssl/pem.h ../include/openssl/pem2.h -ssl_err2.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -ssl_err2.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -ssl_err2.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -ssl_err2.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -ssl_err2.o: ../include/openssl/safestack.h ../include/openssl/sha.h -ssl_err2.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -ssl_err2.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -ssl_err2.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -ssl_err2.o: ../include/openssl/tls1.h ../include/openssl/x509.h -ssl_err2.o: ../include/openssl/x509_vfy.h +ssl_err2.o: ../include/openssl/idea.h ../include/openssl/kssl.h +ssl_err2.o: ../include/openssl/lhash.h ../include/openssl/md2.h +ssl_err2.o: ../include/openssl/md4.h ../include/openssl/md5.h +ssl_err2.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +ssl_err2.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +ssl_err2.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +ssl_err2.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +ssl_err2.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +ssl_err2.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +ssl_err2.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +ssl_err2.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +ssl_err2.o: ../include/openssl/sha.h ../include/openssl/ssl.h +ssl_err2.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +ssl_err2.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +ssl_err2.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +ssl_err2.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_lib.o: ../include/openssl/asn1.h ../include/openssl/bio.h ssl_lib.o: ../include/openssl/blowfish.h ../include/openssl/bn.h ssl_lib.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -690,22 +731,22 @@ ssl_lib.o: ../include/openssl/dh.h ../include/openssl/dsa.h ssl_lib.o: ../include/openssl/e_os.h ../include/openssl/e_os.h ssl_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h ssl_lib.o: ../include/openssl/evp.h ../include/openssl/idea.h -ssl_lib.o: ../include/openssl/lhash.h ../include/openssl/md2.h -ssl_lib.o: ../include/openssl/md4.h ../include/openssl/md5.h -ssl_lib.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -ssl_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -ssl_lib.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -ssl_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -ssl_lib.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -ssl_lib.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -ssl_lib.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -ssl_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -ssl_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h -ssl_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -ssl_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -ssl_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -ssl_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -ssl_lib.o: ../include/openssl/x509v3.h ssl_locl.h +ssl_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +ssl_lib.o: ../include/openssl/md2.h ../include/openssl/md4.h +ssl_lib.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +ssl_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +ssl_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +ssl_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h +ssl_lib.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +ssl_lib.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +ssl_lib.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +ssl_lib.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +ssl_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h +ssl_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +ssl_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +ssl_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +ssl_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h +ssl_lib.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h ssl_locl.h ssl_rsa.o: ../include/openssl/asn1.h ../include/openssl/bio.h ssl_rsa.o: ../include/openssl/blowfish.h ../include/openssl/bn.h ssl_rsa.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -714,21 +755,22 @@ ssl_rsa.o: ../include/openssl/des.h ../include/openssl/dh.h ssl_rsa.o: ../include/openssl/dsa.h ../include/openssl/e_os.h ssl_rsa.o: ../include/openssl/e_os2.h ../include/openssl/err.h ssl_rsa.o: ../include/openssl/evp.h ../include/openssl/idea.h -ssl_rsa.o: ../include/openssl/lhash.h ../include/openssl/md2.h -ssl_rsa.o: ../include/openssl/md4.h ../include/openssl/md5.h -ssl_rsa.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -ssl_rsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -ssl_rsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -ssl_rsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -ssl_rsa.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -ssl_rsa.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -ssl_rsa.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -ssl_rsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -ssl_rsa.o: ../include/openssl/sha.h ../include/openssl/ssl.h -ssl_rsa.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -ssl_rsa.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -ssl_rsa.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -ssl_rsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +ssl_rsa.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +ssl_rsa.o: ../include/openssl/md2.h ../include/openssl/md4.h +ssl_rsa.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +ssl_rsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +ssl_rsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +ssl_rsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h +ssl_rsa.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +ssl_rsa.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +ssl_rsa.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +ssl_rsa.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +ssl_rsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h +ssl_rsa.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +ssl_rsa.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +ssl_rsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +ssl_rsa.o: ../include/openssl/tls1.h ../include/openssl/x509.h +ssl_rsa.o: ../include/openssl/x509_vfy.h ssl_locl.h ssl_sess.o: ../include/openssl/asn1.h ../include/openssl/bio.h ssl_sess.o: ../include/openssl/blowfish.h ../include/openssl/bn.h ssl_sess.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -737,22 +779,22 @@ ssl_sess.o: ../include/openssl/des.h ../include/openssl/dh.h ssl_sess.o: ../include/openssl/dsa.h ../include/openssl/e_os.h ssl_sess.o: ../include/openssl/e_os2.h ../include/openssl/err.h ssl_sess.o: ../include/openssl/evp.h ../include/openssl/idea.h -ssl_sess.o: ../include/openssl/lhash.h ../include/openssl/md2.h -ssl_sess.o: ../include/openssl/md4.h ../include/openssl/md5.h -ssl_sess.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -ssl_sess.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -ssl_sess.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -ssl_sess.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -ssl_sess.o: ../include/openssl/rand.h ../include/openssl/rc2.h -ssl_sess.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -ssl_sess.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -ssl_sess.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -ssl_sess.o: ../include/openssl/safestack.h ../include/openssl/sha.h -ssl_sess.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -ssl_sess.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -ssl_sess.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -ssl_sess.o: ../include/openssl/tls1.h ../include/openssl/x509.h -ssl_sess.o: ../include/openssl/x509_vfy.h ssl_locl.h +ssl_sess.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +ssl_sess.o: ../include/openssl/md2.h ../include/openssl/md4.h +ssl_sess.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +ssl_sess.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +ssl_sess.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +ssl_sess.o: ../include/openssl/pem.h ../include/openssl/pem2.h +ssl_sess.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +ssl_sess.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +ssl_sess.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +ssl_sess.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +ssl_sess.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +ssl_sess.o: ../include/openssl/sha.h ../include/openssl/ssl.h +ssl_sess.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +ssl_sess.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +ssl_sess.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +ssl_sess.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h ssl_stat.o: ../include/openssl/asn1.h ../include/openssl/bio.h ssl_stat.o: ../include/openssl/blowfish.h ../include/openssl/bn.h ssl_stat.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -761,21 +803,22 @@ ssl_stat.o: ../include/openssl/des.h ../include/openssl/dh.h ssl_stat.o: ../include/openssl/dsa.h ../include/openssl/e_os.h ssl_stat.o: ../include/openssl/e_os2.h ../include/openssl/err.h ssl_stat.o: ../include/openssl/evp.h ../include/openssl/idea.h -ssl_stat.o: ../include/openssl/lhash.h ../include/openssl/md2.h -ssl_stat.o: ../include/openssl/md4.h ../include/openssl/md5.h -ssl_stat.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -ssl_stat.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -ssl_stat.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -ssl_stat.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -ssl_stat.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -ssl_stat.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -ssl_stat.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -ssl_stat.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -ssl_stat.o: ../include/openssl/sha.h ../include/openssl/ssl.h -ssl_stat.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -ssl_stat.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -ssl_stat.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -ssl_stat.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +ssl_stat.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +ssl_stat.o: ../include/openssl/md2.h ../include/openssl/md4.h +ssl_stat.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +ssl_stat.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +ssl_stat.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +ssl_stat.o: ../include/openssl/pem.h ../include/openssl/pem2.h +ssl_stat.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +ssl_stat.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +ssl_stat.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +ssl_stat.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +ssl_stat.o: ../include/openssl/safestack.h ../include/openssl/sha.h +ssl_stat.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +ssl_stat.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +ssl_stat.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +ssl_stat.o: ../include/openssl/tls1.h ../include/openssl/x509.h +ssl_stat.o: ../include/openssl/x509_vfy.h ssl_locl.h ssl_txt.o: ../include/openssl/asn1.h ../include/openssl/bio.h ssl_txt.o: ../include/openssl/blowfish.h ../include/openssl/bn.h ssl_txt.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -784,21 +827,22 @@ ssl_txt.o: ../include/openssl/des.h ../include/openssl/dh.h ssl_txt.o: ../include/openssl/dsa.h ../include/openssl/e_os.h ssl_txt.o: ../include/openssl/e_os2.h ../include/openssl/err.h ssl_txt.o: ../include/openssl/evp.h ../include/openssl/idea.h -ssl_txt.o: ../include/openssl/lhash.h ../include/openssl/md2.h -ssl_txt.o: ../include/openssl/md4.h ../include/openssl/md5.h -ssl_txt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -ssl_txt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -ssl_txt.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -ssl_txt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -ssl_txt.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -ssl_txt.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -ssl_txt.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -ssl_txt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -ssl_txt.o: ../include/openssl/sha.h ../include/openssl/ssl.h -ssl_txt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -ssl_txt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -ssl_txt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -ssl_txt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +ssl_txt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +ssl_txt.o: ../include/openssl/md2.h ../include/openssl/md4.h +ssl_txt.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +ssl_txt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +ssl_txt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +ssl_txt.o: ../include/openssl/pem.h ../include/openssl/pem2.h +ssl_txt.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +ssl_txt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +ssl_txt.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +ssl_txt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +ssl_txt.o: ../include/openssl/safestack.h ../include/openssl/sha.h +ssl_txt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +ssl_txt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +ssl_txt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +ssl_txt.o: ../include/openssl/tls1.h ../include/openssl/x509.h +ssl_txt.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_clnt.o: ../include/openssl/asn1.h ../include/openssl/bio.h t1_clnt.o: ../include/openssl/blowfish.h ../include/openssl/bn.h t1_clnt.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -807,22 +851,22 @@ t1_clnt.o: ../include/openssl/des.h ../include/openssl/dh.h t1_clnt.o: ../include/openssl/dsa.h ../include/openssl/e_os.h t1_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h t1_clnt.o: ../include/openssl/evp.h ../include/openssl/idea.h -t1_clnt.o: ../include/openssl/lhash.h ../include/openssl/md2.h -t1_clnt.o: ../include/openssl/md4.h ../include/openssl/md5.h -t1_clnt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -t1_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -t1_clnt.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -t1_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -t1_clnt.o: ../include/openssl/rand.h ../include/openssl/rc2.h -t1_clnt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -t1_clnt.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -t1_clnt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -t1_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h -t1_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -t1_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -t1_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -t1_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h -t1_clnt.o: ../include/openssl/x509_vfy.h ssl_locl.h +t1_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +t1_clnt.o: ../include/openssl/md2.h ../include/openssl/md4.h +t1_clnt.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +t1_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +t1_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +t1_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h +t1_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +t1_clnt.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +t1_clnt.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +t1_clnt.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +t1_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +t1_clnt.o: ../include/openssl/sha.h ../include/openssl/ssl.h +t1_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +t1_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +t1_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +t1_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h t1_enc.o: ../include/openssl/asn1.h ../include/openssl/bio.h t1_enc.o: ../include/openssl/blowfish.h ../include/openssl/bn.h t1_enc.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -831,22 +875,22 @@ t1_enc.o: ../include/openssl/des.h ../include/openssl/dh.h t1_enc.o: ../include/openssl/dsa.h ../include/openssl/e_os.h t1_enc.o: ../include/openssl/e_os2.h ../include/openssl/err.h t1_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h -t1_enc.o: ../include/openssl/idea.h ../include/openssl/lhash.h -t1_enc.o: ../include/openssl/md2.h ../include/openssl/md4.h -t1_enc.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -t1_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -t1_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -t1_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h -t1_enc.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -t1_enc.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -t1_enc.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -t1_enc.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -t1_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h -t1_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -t1_enc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -t1_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -t1_enc.o: ../include/openssl/tls1.h ../include/openssl/x509.h -t1_enc.o: ../include/openssl/x509_vfy.h ssl_locl.h +t1_enc.o: ../include/openssl/idea.h ../include/openssl/kssl.h +t1_enc.o: ../include/openssl/lhash.h ../include/openssl/md2.h +t1_enc.o: ../include/openssl/md4.h ../include/openssl/md5.h +t1_enc.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +t1_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +t1_enc.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +t1_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +t1_enc.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +t1_enc.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +t1_enc.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +t1_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +t1_enc.o: ../include/openssl/sha.h ../include/openssl/ssl.h +t1_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +t1_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +t1_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +t1_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h t1_lib.o: ../include/openssl/asn1.h ../include/openssl/bio.h t1_lib.o: ../include/openssl/blowfish.h ../include/openssl/bn.h t1_lib.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -855,21 +899,22 @@ t1_lib.o: ../include/openssl/des.h ../include/openssl/dh.h t1_lib.o: ../include/openssl/dsa.h ../include/openssl/e_os.h t1_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h t1_lib.o: ../include/openssl/evp.h ../include/openssl/idea.h -t1_lib.o: ../include/openssl/lhash.h ../include/openssl/md2.h -t1_lib.o: ../include/openssl/md4.h ../include/openssl/md5.h -t1_lib.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -t1_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -t1_lib.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -t1_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -t1_lib.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -t1_lib.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -t1_lib.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -t1_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -t1_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h -t1_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -t1_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -t1_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -t1_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +t1_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +t1_lib.o: ../include/openssl/md2.h ../include/openssl/md4.h +t1_lib.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +t1_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +t1_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +t1_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h +t1_lib.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +t1_lib.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +t1_lib.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +t1_lib.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +t1_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h +t1_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +t1_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +t1_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +t1_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h +t1_lib.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_meth.o: ../include/openssl/asn1.h ../include/openssl/bio.h t1_meth.o: ../include/openssl/blowfish.h ../include/openssl/bn.h t1_meth.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -878,21 +923,22 @@ t1_meth.o: ../include/openssl/des.h ../include/openssl/dh.h t1_meth.o: ../include/openssl/dsa.h ../include/openssl/e_os.h t1_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h t1_meth.o: ../include/openssl/evp.h ../include/openssl/idea.h -t1_meth.o: ../include/openssl/lhash.h ../include/openssl/md2.h -t1_meth.o: ../include/openssl/md4.h ../include/openssl/md5.h -t1_meth.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -t1_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -t1_meth.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -t1_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -t1_meth.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -t1_meth.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h -t1_meth.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h -t1_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -t1_meth.o: ../include/openssl/sha.h ../include/openssl/ssl.h -t1_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -t1_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -t1_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -t1_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h +t1_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +t1_meth.o: ../include/openssl/md2.h ../include/openssl/md4.h +t1_meth.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +t1_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +t1_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +t1_meth.o: ../include/openssl/pem.h ../include/openssl/pem2.h +t1_meth.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +t1_meth.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +t1_meth.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h +t1_meth.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +t1_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h +t1_meth.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +t1_meth.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +t1_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +t1_meth.o: ../include/openssl/tls1.h ../include/openssl/x509.h +t1_meth.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_srvr.o: ../include/openssl/asn1.h ../include/openssl/bio.h t1_srvr.o: ../include/openssl/blowfish.h ../include/openssl/bn.h t1_srvr.o: ../include/openssl/buffer.h ../include/openssl/cast.h @@ -901,19 +947,19 @@ t1_srvr.o: ../include/openssl/des.h ../include/openssl/dh.h t1_srvr.o: ../include/openssl/dsa.h ../include/openssl/e_os.h t1_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h t1_srvr.o: ../include/openssl/evp.h ../include/openssl/idea.h -t1_srvr.o: ../include/openssl/lhash.h ../include/openssl/md2.h -t1_srvr.o: ../include/openssl/md4.h ../include/openssl/md5.h -t1_srvr.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -t1_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -t1_srvr.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -t1_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -t1_srvr.o: ../include/openssl/rand.h ../include/openssl/rc2.h -t1_srvr.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -t1_srvr.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -t1_srvr.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -t1_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h -t1_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -t1_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -t1_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -t1_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h -t1_srvr.o: ../include/openssl/x509_vfy.h ssl_locl.h +t1_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +t1_srvr.o: ../include/openssl/md2.h ../include/openssl/md4.h +t1_srvr.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +t1_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +t1_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +t1_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h +t1_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +t1_srvr.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +t1_srvr.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +t1_srvr.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +t1_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +t1_srvr.o: ../include/openssl/sha.h ../include/openssl/ssl.h +t1_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +t1_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +t1_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +t1_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h diff --git a/ssl/s2_clnt.c b/ssl/s2_clnt.c index 47dd09c286..28d6d65296 100644 --- a/ssl/s2_clnt.c +++ b/ssl/s2_clnt.c @@ -921,6 +921,7 @@ int ssl2_set_certificate(SSL *s, int type, int len, unsigned char *data) goto err; } ERR_clear_error(); /* but we keep s->verify_result */ + s->session->verify_result = s->verify_result; /* server's cert for this session */ sc=ssl_sess_cert_new(); diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c index 129ed89d97..a6f4db36c0 100644 --- a/ssl/s2_lib.c +++ b/ssl/s2_lib.c @@ -260,6 +260,9 @@ SSL_CIPHER *ssl2_get_cipher(unsigned int u) int ssl2_pending(SSL *s) { + /* Unlike ssl2_pending, this one probably works (if read-ahead + * is disabled), but it should be examined + * XXX */ return(s->s2->ract_data_length); } diff --git a/ssl/s2_pkt.c b/ssl/s2_pkt.c index 56662f29fa..0b48ea2894 100644 --- a/ssl/s2_pkt.c +++ b/ssl/s2_pkt.c @@ -68,6 +68,10 @@ static int write_pending(SSL *s, const unsigned char *buf, unsigned int len); static int ssl_mt_error(int n); int ssl2_peek(SSL *s, char *buf, int len) { +#if 1 + SSLerr(SSL_F_SSL2_PEEK, SSL_R_FIXME); /* function is totally broken */ + return -1; +#else int ret; ret=ssl2_read(s,buf,len); @@ -77,6 +81,7 @@ int ssl2_peek(SSL *s, char *buf, int len) s->s2->ract_data-=ret; } return(ret); +#endif } /* SSL_read - diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 62040f9f1d..3b3c35b9d3 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -65,6 +65,10 @@ #include <openssl/evp.h> #include "ssl_locl.h" +#ifndef NO_KRB5 +#include "kssl.h" +#endif + static SSL_METHOD *ssl3_get_client_method(int ver); static int ssl3_client_hello(SSL *s); static int ssl3_get_server_hello(SSL *s); @@ -687,6 +691,7 @@ static int ssl3_get_server_certificate(SSL *s) STACK_OF(X509) *sk=NULL; SESS_CERT *sc; EVP_PKEY *pkey=NULL; + int need_cert = 1; /* VRS: 0=> will allow null cert if auth == KRB5 */ n=ssl3_get_message(s, SSL3_ST_CR_CERT_A, @@ -782,10 +787,23 @@ static int ssl3_get_server_certificate(SSL *s) * certificate, which we don't include in s3_srvr.c */ x=sk_X509_value(sk,0); sk=NULL; + /* VRS 19990621: possible memory leak; sk=null ==> !sk_pop_free() @end */ pkey=X509_get_pubkey(x); - if ((pkey == NULL) || EVP_PKEY_missing_parameters(pkey)) + /* VRS: allow null cert if auth == KRB5 */ + need_cert = + ((s->s3->tmp.new_cipher->algorithms & (SSL_MKEY_MASK|SSL_AUTH_MASK)) + == (SSL_aKRB5|SSL_kKRB5))? 0: 1; + +#ifdef KSSL_DEBUG + printf("pkey,x = %p, %p\n", pkey,x); + printf("ssl_cert_type(x,pkey) = %d\n", ssl_cert_type(x,pkey)); + printf("cipher, alg, nc = %s, %lx, %d\n", s->s3->tmp.new_cipher->name, + s->s3->tmp.new_cipher->algorithms, need_cert); +#endif /* KSSL_DEBUG */ + + if (need_cert && ((pkey == NULL) || EVP_PKEY_missing_parameters(pkey))) { x=NULL; al=SSL3_AL_FATAL; @@ -794,7 +812,7 @@ static int ssl3_get_server_certificate(SSL *s) } i=ssl_cert_type(x,pkey); - if (i < 0) + if (need_cert && i < 0) { x=NULL; al=SSL3_AL_FATAL; @@ -802,19 +820,32 @@ static int ssl3_get_server_certificate(SSL *s) goto f_err; } - sc->peer_cert_type=i; - CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509); - if (sc->peer_pkeys[i].x509 != NULL) /* Why would this ever happen? - * We just created sc a couple of - * lines ago. */ - X509_free(sc->peer_pkeys[i].x509); - sc->peer_pkeys[i].x509=x; - sc->peer_key= &(sc->peer_pkeys[i]); - - if (s->session->peer != NULL) - X509_free(s->session->peer); - CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509); - s->session->peer=x; + if (need_cert) + { + sc->peer_cert_type=i; + CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509); + /* Why would the following ever happen? + * We just created sc a couple of lines ago. */ + if (sc->peer_pkeys[i].x509 != NULL) + X509_free(sc->peer_pkeys[i].x509); + sc->peer_pkeys[i].x509=x; + sc->peer_key= &(sc->peer_pkeys[i]); + + if (s->session->peer != NULL) + X509_free(s->session->peer); + CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509); + s->session->peer=x; + } + else + { + sc->peer_cert_type=i; + sc->peer_key= NULL; + + if (s->session->peer != NULL) + X509_free(s->session->peer); + s->session->peer=NULL; + } + s->session->verify_result = s->verify_result; x=NULL; ret=1; @@ -1321,6 +1352,9 @@ static int ssl3_send_client_key_exchange(SSL *s) unsigned char *q; EVP_PKEY *pkey=NULL; #endif +#ifndef NO_KRB5 + KSSL_ERR kssl_err; +#endif /* NO_KRB5 */ if (s->state == SSL3_ST_CW_KEY_EXCH_A) { @@ -1329,8 +1363,10 @@ static int ssl3_send_client_key_exchange(SSL *s) l=s->s3->tmp.new_cipher->algorithms; + /* Fool emacs indentation */ + if (0) {} #ifndef NO_RSA - if (l & SSL_kRSA) + else if (l & SSL_kRSA) { RSA *rsa; unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH]; @@ -1387,10 +1423,75 @@ static int ssl3_send_client_key_exchange(SSL *s) tmp_buf,SSL_MAX_MASTER_KEY_LENGTH); memset(tmp_buf,0,SSL_MAX_MASTER_KEY_LENGTH); } - else +#endif +#ifndef NO_KRB5 + else if (l & SSL_kKRB5) + { + krb5_error_code krb5rc; + KSSL_CTX *kssl_ctx = s->kssl_ctx; + krb5_data krb5_ap_req; + +#ifdef KSSL_DEBUG + printf("ssl3_send_client_key_exchange(%lx & %lx)\n", + l, SSL_kKRB5); +#endif /* KSSL_DEBUG */ + + /* + ** Tried to send random tmp_buf[] as PMS in Kerberos ticket + ** by passing krb5_mk_req_extended(ctx,authctx,opts, tmp_buf, ...) + ** but: I can't retrieve the PMS on the other side! There is + ** some indication in the krb5 source that this is only used + ** to generate a checksum. OTOH, the Tung book shows data + ** ("GET widget01.txt") being passed in krb5_mk_req_extended() + ** by way of krb5_sendauth(). I don't get it. + ** Until Kerberos goes 3DES, the big PMS secret would only be + ** encrypted in 1-DES anyway. So losing the PMS shouldn't be + ** a big deal. + */ + krb5rc = kssl_cget_tkt(kssl_ctx, &krb5_ap_req, + &kssl_err); +#ifdef KSSL_DEBUG + { + printf("kssl_cget_tkt rtn %d\n", krb5rc); + kssl_ctx_show(kssl_ctx); + if (krb5rc && kssl_err.text) + printf("kssl_cget_tkt kssl_err=%s\n", kssl_err.text); + } +#endif /* KSSL_DEBUG */ + + if (krb5rc) + { + ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE); + SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, kssl_err.reason); + goto err; + } + + /* Send ticket (copy to *p, set n = length) + */ + n = krb5_ap_req.length; + memcpy(p, krb5_ap_req.data, krb5_ap_req.length); + if (krb5_ap_req.data) + kssl_krb5_free_data_contents(NULL,&krb5_ap_req); + + /* 19991013 VRS - 3DES is kind of bogus here, + ** at least until Kerberos supports 3DES. The only + ** real secret is the 8-byte Kerberos session key; + ** the other key material ((s->) client_random, server_random) + ** could be sniffed. Mixing in these nonces should help + ** protect against replay attacks, however. + ** + ** Alternate code for Kerberos Purists: + ** + ** memcpy(s->session->master_key, kssl_ctx->key, kssl_ctx->length); + ** s->session->master_key_length = kssl_ctx->length; + */ + s->session->master_key_length= + s->method->ssl3_enc->generate_master_secret(s, + s->session->master_key, kssl_ctx->key,kssl_ctx->length); + } #endif #ifndef NO_DH - if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) + else if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) { DH *dh_srvr,*dh_clnt; @@ -1444,8 +1545,8 @@ static int ssl3_send_client_key_exchange(SSL *s) /* perhaps clean things up a bit EAY EAY EAY EAY*/ } - else #endif + else { ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE); SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR); @@ -1640,7 +1741,7 @@ static int ssl3_check_cert_and_algorithm(SSL *s) algs=s->s3->tmp.new_cipher->algorithms; /* we don't have a certificate */ - if (algs & (SSL_aDH|SSL_aNULL)) + if (algs & (SSL_aDH|SSL_aNULL|SSL_aKRB5)) return(1); #ifndef NO_RSA diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index cee2021b6b..f8df4ee226 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -473,6 +473,95 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_ALL_STRENGTHS, }, +#ifndef NO_KRB5 +/* The Kerberos ciphers +** 20000107 VRS: And the first shall be last, +** in hopes of avoiding the lynx ssl renegotiation problem. +*/ +/* Cipher 21 VRS */ + { + 1, + SSL3_TXT_KRB5_DES_40_CBC_SHA, + SSL3_CK_KRB5_DES_40_CBC_SHA, + SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_SHA1 |SSL_SSLV3, + SSL_EXPORT|SSL_EXP40, + 0, + 40, + 56, + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, + +/* Cipher 22 VRS */ + { + 1, + SSL3_TXT_KRB5_DES_40_CBC_MD5, + SSL3_CK_KRB5_DES_40_CBC_MD5, + SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_MD5 |SSL_SSLV3, + SSL_EXPORT|SSL_EXP40, + 0, + 40, + 56, + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, + +/* Cipher 23 VRS */ + { + 1, + SSL3_TXT_KRB5_DES_64_CBC_SHA, + SSL3_CK_KRB5_DES_64_CBC_SHA, + SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_SHA1 |SSL_SSLV3, + SSL_NOT_EXP|SSL_LOW, + 0, + 56, + 56, + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, + +/* Cipher 24 VRS */ + { + 1, + SSL3_TXT_KRB5_DES_64_CBC_MD5, + SSL3_CK_KRB5_DES_64_CBC_MD5, + SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_MD5 |SSL_SSLV3, + SSL_NOT_EXP|SSL_LOW, + 0, + 56, + 56, + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, + +/* Cipher 25 VRS */ + { + 1, + SSL3_TXT_KRB5_DES_192_CBC3_SHA, + SSL3_CK_KRB5_DES_192_CBC3_SHA, + SSL_kKRB5|SSL_aKRB5| SSL_3DES|SSL_SHA1 |SSL_SSLV3, + SSL_NOT_EXP|SSL_HIGH, + 0, + 112, + 168, + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, + +/* Cipher 26 VRS */ + { + 1, + SSL3_TXT_KRB5_DES_192_CBC3_MD5, + SSL3_CK_KRB5_DES_192_CBC3_MD5, + SSL_kKRB5|SSL_aKRB5| SSL_3DES|SSL_MD5 |SSL_SSLV3, + SSL_NOT_EXP|SSL_HIGH, + 0, + 112, + 168, + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, +#endif /* NO_KRB5 */ #if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES /* New TLS Export CipherSuites */ /* Cipher 60 */ @@ -638,10 +727,10 @@ SSL_CIPHER *ssl3_get_cipher(unsigned int u) return(NULL); } -/* The problem is that it may not be the correct record type */ int ssl3_pending(SSL *s) { - return(s->s3->rrec.length); + /* The problem is that it may not be the correct record type */ + return(s->s3->rrec.length); /* FIXME */ } int ssl3_new(SSL *s) @@ -1076,10 +1165,10 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *have, sk_SSL_CIPHER_set_cmp_func(pref,ssl_cipher_ptr_id_cmp); #ifdef CIPHER_DEBUG - printf("Have:\n"); - for(i=0 ; i < sk_num(pref) ; ++i) + printf("Have %d from %p:\n", sk_SSL_CIPHER_num(pref), pref); + for(i=0 ; i < sk_SSL_CIPHER_num(pref) ; ++i) { - c=(SSL_CIPHER *)sk_value(pref,i); + c=sk_SSL_CIPHER_value(pref,i); printf("%p:%s\n",c,c->name); } #endif @@ -1092,6 +1181,10 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *have, mask=cert->mask; emask=cert->export_mask; +#ifdef KSSL_DEBUG + printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms); +#endif /* KSSL_DEBUG */ + alg=c->algorithms&(SSL_MKEY_MASK|SSL_AUTH_MASK); if (SSL_C_IS_EXPORT(c)) { @@ -1280,6 +1373,10 @@ int ssl3_read(SSL *s, void *buf, int len) int ssl3_peek(SSL *s, char *buf, int len) { +#if 1 + SSLerr(SSL_F_SSL3_PEEK, SSL_R_FIXME); /* function is totally broken */ + return -1; +#else SSL3_RECORD *rr; int n; @@ -1298,6 +1395,7 @@ int ssl3_peek(SSL *s, char *buf, int len) n=len; memcpy(buf,&(rr->data[rr->off]),(unsigned int)n); return(n); +#endif } int ssl3_renegotiate(SSL *s) diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index bb8cfb31e5..4704dfb598 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -70,6 +70,10 @@ #include <openssl/x509.h> #include "ssl_locl.h" +#ifndef NO_KRB5 +#include "kssl.h" +#endif /* NO_KRB5 */ + static SSL_METHOD *ssl3_get_server_method(int ver); static int ssl3_get_client_hello(SSL *s); static int ssl3_check_client_hello(SSL *s); @@ -262,7 +266,11 @@ int ssl3_accept(SSL *s) /* clear this, it may get reset by * send_server_key_exchange */ - if (s->options & SSL_OP_EPHEMERAL_RSA) + if ((s->options & SSL_OP_EPHEMERAL_RSA) +#ifndef NO_KRB5 + && !(l & SSL_KRB5) +#endif /* NO_KRB5 */ + ) s->s3->tmp.use_rsa_tmp=1; else s->s3->tmp.use_rsa_tmp=0; @@ -1257,12 +1265,15 @@ static int ssl3_get_client_key_exchange(SSL *s) BIGNUM *pub=NULL; DH *dh_srvr; #endif +#ifndef NO_KRB5 + KSSL_ERR kssl_err; +#endif /* NO_KRB5 */ n=ssl3_get_message(s, SSL3_ST_SR_KEY_EXCH_A, SSL3_ST_SR_KEY_EXCH_B, SSL3_MT_CLIENT_KEY_EXCHANGE, - 400, /* ???? */ + 2048, /* ??? */ &ok); if (!ok) return((int)n); @@ -1417,6 +1428,53 @@ static int ssl3_get_client_key_exchange(SSL *s) } else #endif +#ifndef NO_KRB5 + if (l & SSL_kKRB5) + { + krb5_error_code krb5rc; + KSSL_CTX *kssl_ctx = s->kssl_ctx; + + if (!kssl_ctx) kssl_ctx = kssl_ctx_new(); + if ((krb5rc = kssl_sget_tkt(kssl_ctx, + s->init_buf->data, s->init_buf->length, + &kssl_err)) != 0) + { +#ifdef KSSL_DEBUG + printf("kssl_sget_tkt rtn %d [%d]\n", + krb5rc, kssl_err.reason); + if (kssl_err.text) + printf("kssl_err text= %s\n", kssl_err.text); +#endif /* KSSL_DEBUG */ + SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, + kssl_err.reason); + goto err; + } + +#ifdef KSSL_DEBUG + kssl_ctx_show(kssl_ctx); +#endif /* KSSL_DEBUG */ + + /* 19991013 VRS - 3DES is kind of bogus here, + ** at least until Kerberos supports 3DES. The only + ** real secret is the 8-byte Kerberos session key; + ** the other key material (client_random, server_random) + ** could be sniffed. Nonces may help against replays though. + ** + ** Alternate code for Kerberos Purists: + ** + ** memcpy(s->session->master_key, kssl_ctx->key, kssl_ctx->length); + ** s->session->master_key_length = kssl_ctx->length; + */ + s->session->master_key_length= + s->method->ssl3_enc->generate_master_secret(s, + s->session->master_key, kssl_ctx->key, kssl_ctx->length); + /* Was doing kssl_ctx_free() here, but it caused problems for apache. + ** kssl_ctx = kssl_ctx_free(kssl_ctx); + ** if (s->kssl_ctx) s->kssl_ctx = NULL; + */ + } + else +#endif /* NO_KRB5 */ { al=SSL_AD_HANDSHAKE_FAILURE; SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_UNKNOWN_CIPHER_TYPE); @@ -1737,7 +1795,11 @@ int ssl3_send_server_certificate(SSL *s) if (s->state == SSL3_ST_SW_CERT_A) { x=ssl_get_server_send_cert(s); - if (x == NULL) + if (x == NULL && + /* VRS: allow null cert if auth == KRB5 */ + (s->s3->tmp.new_cipher->algorithms + & (SSL_MKEY_MASK|SSL_AUTH_MASK)) + != (SSL_aKRB5|SSL_kKRB5)) { SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,SSL_R_INTERNAL_ERROR); return(0); diff --git a/ssl/ssl-lib.com b/ssl/ssl-lib.com index 0a8581898c..05c458d191 100644 --- a/ssl/ssl-lib.com +++ b/ssl/ssl-lib.com @@ -647,6 +647,7 @@ $ ENDIF $! $! Check To See If P2 Is Blank. $! +$ p2 = "NORSAREF" $ IF (P2.EQS."NORSAREF") $ THEN $! @@ -68,6 +68,9 @@ #ifndef NO_X509 #include <openssl/x509.h> #endif +#ifndef NO_KRB5 +#include <openssl/kssl.h> +#endif #include <openssl/safestack.h> #ifdef __cplusplus @@ -92,6 +95,15 @@ extern "C" { #define SSL_TXT_DES_192_EDE3_CBC_WITH_MD5 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5 #define SSL_TXT_DES_192_EDE3_CBC_WITH_SHA SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA +/* VRS Additional Kerberos5 entries + */ +#define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA +#define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5 +#define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA +#define SSL_TXT_KRB5_DES_64_CBC_MD5 SSL3_TXT_KRB5_DES_64_CBC_MD5 +#define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA +#define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5 + #define SSL_MAX_SSL_SESSION_ID_LENGTH 32 #define SSL_MAX_SID_CTX_LENGTH 32 @@ -112,6 +124,10 @@ extern "C" { #define SSL_TXT_eNULL "eNULL" #define SSL_TXT_NULL "NULL" +#define SSL_TXT_kKRB5 "kKRB5" +#define SSL_TXT_aKRB5 "aKRB5" +#define SSL_TXT_KRB5 "KRB5" + #define SSL_TXT_kRSA "kRSA" #define SSL_TXT_kDHr "kDHr" #define SSL_TXT_kDHd "kDHd" @@ -655,6 +671,10 @@ struct ssl_st int error; /* error bytes to be written */ int error_code; /* actual code */ +#ifndef NO_KRB5 + KSSL_CTX *kssl_ctx; /* Kerberos 5 context */ +#endif /* NO_KRB5 */ + SSL_CTX *ctx; /* set this flag to 1 and a sleep(1) is put into all SSL_read() * and SSL_write() calls, good for nbio debuging :-) */ @@ -1239,6 +1259,7 @@ int SSL_COMP_add_compression_method(int id,char *cm); #define SSL_F_SSL2_ACCEPT 122 #define SSL_F_SSL2_CONNECT 123 #define SSL_F_SSL2_ENC_INIT 124 +#define SSL_F_SSL2_PEEK 234 #define SSL_F_SSL2_READ 125 #define SSL_F_SSL2_SET_CERTIFICATE 126 #define SSL_F_SSL2_WRITE 127 @@ -1264,6 +1285,7 @@ int SSL_COMP_add_compression_method(int id,char *cm); #define SSL_F_SSL3_GET_SERVER_DONE 145 #define SSL_F_SSL3_GET_SERVER_HELLO 146 #define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147 +#define SSL_F_SSL3_PEEK 235 #define SSL_F_SSL3_READ_BYTES 148 #define SSL_F_SSL3_READ_N 149 #define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST 150 @@ -1406,6 +1428,7 @@ int SSL_COMP_add_compression_method(int id,char *cm); #define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151 #define SSL_R_EXCESSIVE_MESSAGE_SIZE 152 #define SSL_R_EXTRA_DATA_IN_MESSAGE 153 +#define SSL_R_FIXME 1101 #define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154 #define SSL_R_HTTPS_PROXY_REQUEST 155 #define SSL_R_HTTP_REQUEST 156 @@ -1414,6 +1437,13 @@ int SSL_COMP_add_compression_method(int id,char *cm); #define SSL_R_INVALID_COMMAND 280 #define SSL_R_INVALID_PURPOSE 278 #define SSL_R_INVALID_TRUST 279 +#define SSL_R_KRB5_C_CC_PRINC 1094 +#define SSL_R_KRB5_C_GET_CRED 1095 +#define SSL_R_KRB5_C_INIT 1096 +#define SSL_R_KRB5_C_MK_REQ 1097 +#define SSL_R_KRB5_S_BAD_TICKET 1098 +#define SSL_R_KRB5_S_INIT 1099 +#define SSL_R_KRB5_S_RD_REQ 1100 #define SSL_R_LENGTH_MISMATCH 159 #define SSL_R_LENGTH_TOO_SHORT 160 #define SSL_R_LIBRARY_BUG 274 diff --git a/ssl/ssl3.h b/ssl/ssl3.h index 7ee1feaa67..4d62ba52b9 100644 --- a/ssl/ssl3.h +++ b/ssl/ssl3.h @@ -105,6 +105,22 @@ extern "C" { #define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D #define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E +/* VRS Additional Kerberos5 entries + */ +#define SSL3_CK_KRB5_DES_40_CBC_SHA 0x03000021 +#define SSL3_CK_KRB5_DES_40_CBC_MD5 0x03000022 +#define SSL3_CK_KRB5_DES_64_CBC_SHA 0x03000023 +#define SSL3_CK_KRB5_DES_64_CBC_MD5 0x03000024 +#define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x03000025 +#define SSL3_CK_KRB5_DES_192_CBC3_MD5 0x03000026 + +#define SSL3_TXT_KRB5_DES_40_CBC_SHA "EXP-KRB5-DES-CBC-SHA" +#define SSL3_TXT_KRB5_DES_40_CBC_MD5 "EXP-KRB5-DES-CBC-MD5" +#define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA" +#define SSL3_TXT_KRB5_DES_64_CBC_MD5 "KRB5-DES-CBC-MD5" +#define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA" +#define SSL3_TXT_KRB5_DES_192_CBC3_MD5 "KRB5-DES-CBC3-MD5" + #define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5" #define SSL3_TXT_RSA_NULL_SHA "NULL-SHA" #define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5" diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index c26df62c20..130bb79068 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -131,6 +131,7 @@ int SSL_get_ex_data_X509_STORE_CTX_idx(void) { static int ssl_x509_store_ctx_idx= -1; + /* FIXME: should do locking */ if (ssl_x509_store_ctx_idx < 0) { ssl_x509_store_ctx_idx=X509_STORE_CTX_get_ex_new_index( @@ -271,7 +272,9 @@ CERT *ssl_cert_dup(CERT *cert) return(ret); +#ifndef NO_DH /* avoid 'unreferenced label' warning if NO_DH is defined */ err: +#endif #ifndef NO_RSA if (ret->rsa_tmp != NULL) RSA_free(ret->rsa_tmp); diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index f63163f26c..a196d5e574 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -100,6 +100,7 @@ typedef struct cipher_order_st static const SSL_CIPHER cipher_aliases[]={ /* Don't include eNULL unless specifically enabled */ {0,SSL_TXT_ALL, 0,SSL_ALL & ~SSL_eNULL, SSL_ALL ,0,0,0,SSL_ALL,SSL_ALL}, /* must be first */ + {0,SSL_TXT_kKRB5,0,SSL_kKRB5,0,0,0,0,SSL_MKEY_MASK,0}, /* VRS Kerberos5 */ {0,SSL_TXT_kRSA,0,SSL_kRSA, 0,0,0,0,SSL_MKEY_MASK,0}, {0,SSL_TXT_kDHr,0,SSL_kDHr, 0,0,0,0,SSL_MKEY_MASK,0}, {0,SSL_TXT_kDHd,0,SSL_kDHd, 0,0,0,0,SSL_MKEY_MASK,0}, @@ -108,6 +109,7 @@ static const SSL_CIPHER cipher_aliases[]={ {0,SSL_TXT_DH, 0,SSL_DH, 0,0,0,0,SSL_MKEY_MASK,0}, {0,SSL_TXT_EDH, 0,SSL_EDH, 0,0,0,0,SSL_MKEY_MASK|SSL_AUTH_MASK,0}, + {0,SSL_TXT_aKRB5,0,SSL_aKRB5,0,0,0,0,SSL_AUTH_MASK,0}, /* VRS Kerberos5 */ {0,SSL_TXT_aRSA,0,SSL_aRSA, 0,0,0,0,SSL_AUTH_MASK,0}, {0,SSL_TXT_aDSS,0,SSL_aDSS, 0,0,0,0,SSL_AUTH_MASK,0}, {0,SSL_TXT_aFZA,0,SSL_aFZA, 0,0,0,0,SSL_AUTH_MASK,0}, @@ -128,6 +130,7 @@ static const SSL_CIPHER cipher_aliases[]={ {0,SSL_TXT_SHA, 0,SSL_SHA, 0,0,0,0,SSL_MAC_MASK,0}, {0,SSL_TXT_NULL,0,SSL_NULL, 0,0,0,0,SSL_ENC_MASK,0}, + {0,SSL_TXT_KRB5,0,SSL_KRB5, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0}, {0,SSL_TXT_RSA, 0,SSL_RSA, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0}, {0,SSL_TXT_ADH, 0,SSL_ADH, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0}, {0,SSL_TXT_FZA, 0,SSL_FZA, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK|SSL_ENC_MASK,0}, @@ -291,6 +294,9 @@ static unsigned long ssl_cipher_get_disabled(void) #ifdef NO_DH mask |= SSL_kDHr|SSL_kDHd|SSL_kEDH|SSL_aDH; #endif +#ifdef NO_KRB5 + mask |= SSL_kKRB5|SSL_aKRB5; +#endif #ifdef SSL_FORBID_ENULL mask |= SSL_eNULL; @@ -336,6 +342,9 @@ static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, list[list_num].prev = NULL; list[list_num].active = 0; list_num++; +#ifdef KSSL_DEBUG + printf("\t%d: %s %lx %lx\n",i,c->name,c->id,c->algorithms); +#endif /* KSSL_DEBUG */ /* if (!sk_push(ca_list,(char *)c)) goto err; */ @@ -738,6 +747,9 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, * it is used for allocation. */ num_of_ciphers = ssl_method->num_ciphers(); +#ifdef KSSL_DEBUG + printf("ssl_create_cipher_list() for %d ciphers\n", num_of_ciphers); +#endif /* KSSL_DEBUG */ list = (CIPHER_ORDER *)OPENSSL_malloc(sizeof(CIPHER_ORDER) * num_of_ciphers); if (list == NULL) { @@ -872,8 +884,12 @@ char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len) char *ver,*exp; char *kx,*au,*enc,*mac; unsigned long alg,alg2,alg_s; +#ifdef KSSL_DEBUG + static char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx\n"; +#else static char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n"; - +#endif /* KSSL_DEBUG */ + alg=cipher->algorithms; alg_s=cipher->algo_strength; alg2=cipher->algorithm2; @@ -901,6 +917,10 @@ char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len) case SSL_kDHd: kx="DH/DSS"; break; + case SSL_kKRB5: /* VRS */ + case SSL_KRB5: /* VRS */ + kx="KRB5"; + break; case SSL_kFZA: kx="Fortezza"; break; @@ -922,6 +942,10 @@ char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len) case SSL_aDH: au="DH"; break; + case SSL_aKRB5: /* VRS */ + case SSL_KRB5: /* VRS */ + au="KRB5"; + break; case SSL_aFZA: case SSL_aNULL: au="None"; @@ -982,7 +1006,11 @@ char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len) else if (len < 128) return("Buffer too small"); +#ifdef KSSL_DEBUG + BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp,alg); +#else BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp); +#endif /* KSSL_DEBUG */ return(buf); } @@ -1053,6 +1081,10 @@ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm) SSL_COMP *comp; STACK_OF(SSL_COMP) *sk; + if (cm == NULL || cm->type == NID_undef) + return 1; + + MemCheck_off(); comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP)); comp->id=id; comp->method=cm; @@ -1062,10 +1094,13 @@ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm) sk=ssl_comp_methods; if ((sk == NULL) || !sk_SSL_COMP_push(sk,comp)) { + MemCheck_on(); SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,ERR_R_MALLOC_FAILURE); return(0); } else + { + MemCheck_on(); return(1); + } } - diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index 17b4caf528..91e9ab825e 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -91,6 +91,7 @@ static ERR_STRING_DATA SSL_str_functs[]= {ERR_PACK(0,SSL_F_SSL2_ACCEPT,0), "SSL2_ACCEPT"}, {ERR_PACK(0,SSL_F_SSL2_CONNECT,0), "SSL2_CONNECT"}, {ERR_PACK(0,SSL_F_SSL2_ENC_INIT,0), "SSL2_ENC_INIT"}, +{ERR_PACK(0,SSL_F_SSL2_PEEK,0), "SSL2_PEEK"}, {ERR_PACK(0,SSL_F_SSL2_READ,0), "SSL2_READ"}, {ERR_PACK(0,SSL_F_SSL2_SET_CERTIFICATE,0), "SSL2_SET_CERTIFICATE"}, {ERR_PACK(0,SSL_F_SSL2_WRITE,0), "SSL2_WRITE"}, @@ -116,6 +117,7 @@ static ERR_STRING_DATA SSL_str_functs[]= {ERR_PACK(0,SSL_F_SSL3_GET_SERVER_DONE,0), "SSL3_GET_SERVER_DONE"}, {ERR_PACK(0,SSL_F_SSL3_GET_SERVER_HELLO,0), "SSL3_GET_SERVER_HELLO"}, {ERR_PACK(0,SSL_F_SSL3_OUTPUT_CERT_CHAIN,0), "SSL3_OUTPUT_CERT_CHAIN"}, +{ERR_PACK(0,SSL_F_SSL3_PEEK,0), "SSL3_PEEK"}, {ERR_PACK(0,SSL_F_SSL3_READ_BYTES,0), "SSL3_READ_BYTES"}, {ERR_PACK(0,SSL_F_SSL3_READ_N,0), "SSL3_READ_N"}, {ERR_PACK(0,SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,0), "SSL3_SEND_CERTIFICATE_REQUEST"}, @@ -261,6 +263,7 @@ static ERR_STRING_DATA SSL_str_reasons[]= {SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST ,"error in received cipher list"}, {SSL_R_EXCESSIVE_MESSAGE_SIZE ,"excessive message size"}, {SSL_R_EXTRA_DATA_IN_MESSAGE ,"extra data in message"}, +{SSL_R_FIXME ,"FIXME"}, {SSL_R_GOT_A_FIN_BEFORE_A_CCS ,"got a fin before a ccs"}, {SSL_R_HTTPS_PROXY_REQUEST ,"https proxy request"}, {SSL_R_HTTP_REQUEST ,"http request"}, @@ -269,6 +272,13 @@ static ERR_STRING_DATA SSL_str_reasons[]= {SSL_R_INVALID_COMMAND ,"invalid command"}, {SSL_R_INVALID_PURPOSE ,"invalid purpose"}, {SSL_R_INVALID_TRUST ,"invalid trust"}, +{SSL_R_KRB5_C_CC_PRINC ,"krb5 c cc princ"}, +{SSL_R_KRB5_C_GET_CRED ,"krb5 c get cred"}, +{SSL_R_KRB5_C_INIT ,"krb5 c init"}, +{SSL_R_KRB5_C_MK_REQ ,"krb5 c mk req"}, +{SSL_R_KRB5_S_BAD_TICKET ,"krb5 s bad ticket"}, +{SSL_R_KRB5_S_INIT ,"krb5 s init"}, +{SSL_R_KRB5_S_RD_REQ ,"krb5 s rd req"}, {SSL_R_LENGTH_MISMATCH ,"length mismatch"}, {SSL_R_LENGTH_TOO_SHORT ,"length too short"}, {SSL_R_LIBRARY_BUG ,"library bug"}, diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index ed2b820984..685fc5560a 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -191,6 +191,10 @@ SSL *SSL_new(SSL_CTX *ctx) if (s == NULL) goto err; memset(s,0,sizeof(SSL)); +#ifndef NO_KRB5 + s->kssl_ctx = kssl_ctx_new(); +#endif /* NO_KRB5 */ + if (ctx->cert != NULL) { /* Earlier library versions used to copy the pointer to @@ -576,6 +580,13 @@ int SSL_get_read_ahead(SSL *s) int SSL_pending(SSL *s) { + /* SSL_pending cannot work properly if read-ahead is enabled + * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)), + * and it is impossible to fix since SSL_pending cannot report + * errors that may be observed while scanning the new data. + * (Note that SSL_pending() is often used as a boolean value, + * so we'd better not return -1.) + */ return(s->method->ssl_pending(s)); } @@ -1090,6 +1101,9 @@ int SSL_SESSION_cmp(SSL_SESSION *a,SSL_SESSION *b) return(memcmp(a->session_id,b->session_id,a->session_id_length)); } +static IMPLEMENT_LHASH_HASH_FN(SSL_SESSION_hash, SSL_SESSION *) +static IMPLEMENT_LHASH_COMP_FN(SSL_SESSION_cmp, SSL_SESSION *) + SSL_CTX *SSL_CTX_new(SSL_METHOD *meth) { SSL_CTX *ret=NULL; @@ -1153,7 +1167,8 @@ SSL_CTX *SSL_CTX_new(SSL_METHOD *meth) ret->default_passwd_callback_userdata=NULL; ret->client_cert_cb=NULL; - ret->sessions=lh_new(SSL_SESSION_hash,SSL_SESSION_cmp); + ret->sessions=lh_new(LHASH_HASH_FN(SSL_SESSION_hash), + LHASH_COMP_FN(SSL_SESSION_cmp)); if (ret->sessions == NULL) goto err; ret->cert_store=X509_STORE_new(); if (ret->cert_store == NULL) goto err; @@ -1200,8 +1215,10 @@ err2: return(NULL); } +#if 0 static void SSL_COMP_free(SSL_COMP *comp) { OPENSSL_free(comp); } +#endif void SSL_CTX_free(SSL_CTX *a) { @@ -1240,8 +1257,12 @@ void SSL_CTX_free(SSL_CTX *a) sk_X509_NAME_pop_free(a->client_CA,X509_NAME_free); if (a->extra_certs != NULL) sk_X509_pop_free(a->extra_certs,X509_free); +#if 0 /* This should never be done, since it removes a global database */ if (a->comp_methods != NULL) sk_SSL_COMP_pop_free(a->comp_methods,SSL_COMP_free); +#else + a->comp_methods = NULL; +#endif OPENSSL_free(a); } @@ -1372,6 +1393,11 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher) mask|=SSL_aNULL; emask|=SSL_aNULL; +#ifndef NO_KRB5 + mask|=SSL_kKRB5|SSL_aKRB5; + emask|=SSL_kKRB5|SSL_aKRB5; +#endif + c->mask=mask; c->export_mask=emask; c->valid=1; @@ -1404,6 +1430,11 @@ X509 *ssl_get_server_send_cert(SSL *s) else i=SSL_PKEY_RSA_ENC; } + else if (kalg & SSL_aKRB5) + { + /* VRS something else here? */ + return(NULL); + } else /* if (kalg & SSL_aNULL) */ { SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,SSL_R_INTERNAL_ERROR); diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index d70fff4627..e56bbf9c3a 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -168,48 +168,51 @@ * that the different entities within are mutually exclusive: * ONLY ONE BIT PER MASK CAN BE SET AT A TIME. */ -#define SSL_MKEY_MASK 0x0000001FL +#define SSL_MKEY_MASK 0x0000003FL #define SSL_kRSA 0x00000001L /* RSA key exchange */ #define SSL_kDHr 0x00000002L /* DH cert RSA CA cert */ #define SSL_kDHd 0x00000004L /* DH cert DSA CA cert */ #define SSL_kFZA 0x00000008L #define SSL_kEDH 0x00000010L /* tmp DH key no DH cert */ +#define SSL_kKRB5 0x00000020L /* Kerberos5 key exchange */ #define SSL_EDH (SSL_kEDH|(SSL_AUTH_MASK^SSL_aNULL)) -#define SSL_AUTH_MASK 0x000003e0L -#define SSL_aRSA 0x00000020L /* Authenticate with RSA */ -#define SSL_aDSS 0x00000040L /* Authenticate with DSS */ +#define SSL_AUTH_MASK 0x00000FC0L +#define SSL_aRSA 0x00000040L /* Authenticate with RSA */ +#define SSL_aDSS 0x00000080L /* Authenticate with DSS */ #define SSL_DSS SSL_aDSS -#define SSL_aFZA 0x00000080L -#define SSL_aNULL 0x00000100L /* no Authenticate, ADH */ -#define SSL_aDH 0x00000200L /* no Authenticate, ADH */ +#define SSL_aFZA 0x00000100L +#define SSL_aNULL 0x00000200L /* no Authenticate, ADH */ +#define SSL_aDH 0x00000400L /* no Authenticate, ADH */ +#define SSL_aKRB5 0x00000800L /* Authenticate with KRB5 */ #define SSL_NULL (SSL_eNULL) #define SSL_ADH (SSL_kEDH|SSL_aNULL) #define SSL_RSA (SSL_kRSA|SSL_aRSA) #define SSL_DH (SSL_kDHr|SSL_kDHd|SSL_kEDH) #define SSL_FZA (SSL_aFZA|SSL_kFZA|SSL_eFZA) - -#define SSL_ENC_MASK 0x0001Fc00L -#define SSL_DES 0x00000400L -#define SSL_3DES 0x00000800L -#define SSL_RC4 0x00001000L -#define SSL_RC2 0x00002000L -#define SSL_IDEA 0x00004000L -#define SSL_eFZA 0x00008000L -#define SSL_eNULL 0x00010000L - -#define SSL_MAC_MASK 0x00060000L -#define SSL_MD5 0x00020000L -#define SSL_SHA1 0x00040000L +#define SSL_KRB5 (SSL_kKRB5|SSL_aKRB5) + +#define SSL_ENC_MASK 0x0007F000L +#define SSL_DES 0x00001000L +#define SSL_3DES 0x00002000L +#define SSL_RC4 0x00004000L +#define SSL_RC2 0x00008000L +#define SSL_IDEA 0x00010000L +#define SSL_eFZA 0x00020000L +#define SSL_eNULL 0x00040000L + +#define SSL_MAC_MASK 0x00180000L +#define SSL_MD5 0x00080000L +#define SSL_SHA1 0x00100000L #define SSL_SHA (SSL_SHA1) -#define SSL_SSL_MASK 0x00180000L -#define SSL_SSLV2 0x00080000L -#define SSL_SSLV3 0x00100000L +#define SSL_SSL_MASK 0x00600000L +#define SSL_SSLV2 0x00200000L +#define SSL_SSLV3 0x00400000L #define SSL_TLSV1 SSL_SSLV3 /* for now */ -/* we have used 001fffff - 11 bits left to go */ +/* we have used 007fffff - 9 bits left to go */ /* * Export and cipher strength information. For each cipher we have to decide diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c index 6ec7a5cdb1..34a4d27dbe 100644 --- a/ssl/ssl_rsa.c +++ b/ssl/ssl_rsa.c @@ -303,7 +303,7 @@ end: int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len) { int ret; - unsigned char *p; + const unsigned char *p; RSA *rsa; p=d; @@ -641,7 +641,7 @@ end: int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len) { int ret; - unsigned char *p; + const unsigned char *p; RSA *rsa; p=d; diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 416def8908..830f1d9b0f 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -508,6 +508,7 @@ int SSL_set_session(SSL *s, SSL_SESSION *session) if (s->session != NULL) SSL_SESSION_free(s->session); s->session=session; + s->verify_result = s->session->verify_result; /* CRYPTO_w_unlock(CRYPTO_LOCK_SSL);*/ ret=1; } @@ -605,7 +606,7 @@ void SSL_CTX_flush_sessions(SSL_CTX *s, long t) CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); i=tp.cache->down_load; tp.cache->down_load=0; - lh_doall_arg(tp.cache,(void (*)())timeout,&tp); + lh_doall_arg(tp.cache, (LHASH_DOALL_ARG_FN_TYPE)timeout, &tp); tp.cache->down_load=i; CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); } diff --git a/ssl/ssltest.c b/ssl/ssltest.c index 4763f2a6d7..77ac362c81 100644 --- a/ssl/ssltest.c +++ b/ssl/ssltest.c @@ -74,6 +74,7 @@ #include <openssl/err.h> #include <openssl/rand.h> #ifdef WINDOWS +#include <winsock.h> #include "../crypto/bio/bss_file.c" #endif @@ -85,6 +86,11 @@ # define TEST_CLIENT_CERT "../apps/client.pem" #endif +/* There is really no standard for this, so let's assign some tentative + numbers. In any case, these numbers are only for this test */ +#define COMP_RLE 1 +#define COMP_ZLIB 2 + static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx); #ifndef NO_RSA static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export,int keylength); @@ -148,6 +154,8 @@ static void sv_usage(void) fprintf(stderr," -bio_pair - Use BIO pairs\n"); fprintf(stderr," -f - Test even cases that can't work\n"); fprintf(stderr," -time - measure processor time used by client and server\n"); + fprintf(stderr," -zlib - use zlib compression\n"); + fprintf(stderr," -time - use rle compression\n"); } static void print_details(SSL *c_ssl, const char *prefix) @@ -220,6 +228,8 @@ int main(int argc, char *argv[]) int no_dhe = 0; int print_time = 0; clock_t s_time = 0, c_time = 0; + int comp = 0; + COMP_METHOD *cm = NULL; verbose = 0; debug = 0; @@ -333,6 +343,14 @@ int main(int argc, char *argv[]) { print_time = 1; } + else if (strcmp(*argv,"-zlib") == 0) + { + comp = COMP_ZLIB; + } + else if (strcmp(*argv,"-rle") == 0) + { + comp = COMP_RLE; + } else { fprintf(stderr,"unknown option %s\n",*argv); @@ -374,6 +392,23 @@ bad: SSL_library_init(); SSL_load_error_strings(); + if (comp == COMP_ZLIB) cm = COMP_zlib(); + if (comp == COMP_RLE) cm = COMP_rle(); + if (cm != NULL) + { + if (cm->type != NID_undef) + SSL_COMP_add_compression_method(comp, cm); + else + { + fprintf(stderr, + "Warning: %s compression not supported\n", + (comp == COMP_RLE ? "rle" : + (comp == COMP_ZLIB ? "zlib" : + "unknown"))); + ERR_print_errors_fp(stderr); + } + } + #if !defined(NO_SSL2) && !defined(NO_SSL3) if (ssl2) meth=SSLv2_method(); @@ -483,6 +518,19 @@ bad: c_ssl=SSL_new(c_ctx); s_ssl=SSL_new(s_ctx); +#ifndef NO_KRB5 + if (c_ssl && c_ssl->kssl_ctx) + { + char localhost[257]; + + if (gethostname(localhost, 256) == 0) + { + kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER, + localhost); + } + } +#endif /* NO_KRB5 */ + for (i=0; i<number; i++) { if (!reuse) SSL_set_session(c_ssl,NULL); diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 0d34357eb4..ae33bda78f 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -148,6 +148,17 @@ static void tls1_generate_key_block(SSL *s, unsigned char *km, tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(p-buf), s->session->master_key,s->session->master_key_length, km,tmp,num); +#ifdef KSSL_DEBUG + printf("tls1_generate_key_block() ==> %d byte master_key =\n\t", + s->session->master_key_length); + { + int i; + for (i=0; i < s->session->master_key_length; i++) + { + printf("%02X", s->session->master_key[i]); + } + printf("\n"); } +#endif /* KSSL_DEBUG */ } int tls1_change_cipher_state(SSL *s, int which) @@ -174,6 +185,21 @@ int tls1_change_cipher_state(SSL *s, int which) comp=s->s3->tmp.new_compression; key_block=s->s3->tmp.key_block; +#ifdef KSSL_DEBUG + printf("tls1_change_cipher_state(which= %d) w/\n", which); + printf("\talg= %ld, comp= %p\n", s->s3->tmp.new_cipher->algorithms, + comp); + printf("\tevp_cipher == %p ==? &d_cbc_ede_cipher3\n", c); + printf("\tevp_cipher: nid, blksz= %d, %d, keylen=%d, ivlen=%d\n", + c->nid,c->block_size,c->key_len,c->iv_len); + printf("\tkey_block: len= %d, data= ", s->s3->tmp.key_block_length); + { + int i; + for (i=0; i<s->s3->tmp.key_block_length; i++) + printf("%02x", key_block[i]); printf("\n"); + } +#endif /* KSSL_DEBUG */ + if (which & SSL3_CC_READ) { if ((s->enc_read_ctx == NULL) && @@ -309,6 +335,16 @@ printf("which = %04X\nmac key=",which); } s->session->key_arg_length=0; +#ifdef KSSL_DEBUG + { + int i; + printf("EVP_CipherInit(dd,c,key=,iv=,which)\n"); + printf("\tkey= "); for (i=0; i<c->key_len; i++) printf("%02x", key[i]); + printf("\n"); + printf("\t iv= "); for (i=0; i<c->iv_len; i++) printf("%02x", iv[i]); + printf("\n"); + } +#endif /* KSSL_DEBUG */ EVP_CipherInit(dd,c,key,iv,(which & SSL3_CC_WRITE)); #ifdef TLS_DEBUG @@ -338,6 +374,10 @@ int tls1_setup_key_block(SSL *s) int num; SSL_COMP *comp; +#ifdef KSSL_DEBUG + printf ("tls1_setup_key_block()\n"); +#endif /* KSSL_DEBUG */ + if (s->s3->tmp.key_block_length != 0) return(1); @@ -417,6 +457,10 @@ int tls1_enc(SSL *s, int send) enc=EVP_CIPHER_CTX_cipher(s->enc_read_ctx); } +#ifdef KSSL_DEBUG + printf("tls1_enc(%d)\n", send); +#endif /* KSSL_DEBUG */ + if ((s->session == NULL) || (ds == NULL) || (enc == NULL)) { @@ -447,8 +491,35 @@ int tls1_enc(SSL *s, int send) rec->length+=i; } +#ifdef KSSL_DEBUG + { + unsigned long i; + printf("EVP_Cipher(ds=%p,rec->data=%p,rec->input=%p,l=%ld) ==>\n", + ds,rec->data,rec->input,l); + printf("\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%d %d], %d iv_len\n", + ds->buf_len, ds->cipher->key_len, + DES_KEY_SZ, DES_SCHEDULE_SZ, + ds->cipher->iv_len); + printf("\t\tIV: "); + for (i=0; i<ds->cipher->iv_len; i++) printf("%02X", ds->iv[i]); + printf("\n"); + printf("\trec->input="); + for (i=0; i<l; i++) printf(" %02x", rec->input[i]); + printf("\n"); + } +#endif /* KSSL_DEBUG */ + EVP_Cipher(ds,rec->data,rec->input,l); +#ifdef KSSL_DEBUG + { + unsigned long i; + printf("\trec->data="); + for (i=0; i<l; i++) + printf(" %02x", rec->data[i]); printf("\n"); + } +#endif /* KSSL_DEBUG */ + if ((bs != 1) && !send) { ii=i=rec->data[l-1]; @@ -586,6 +657,10 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, unsigned char buf[SSL3_RANDOM_SIZE*2+TLS_MD_MASTER_SECRET_CONST_SIZE]; unsigned char buff[SSL_MAX_MASTER_KEY_LENGTH]; +#ifdef KSSL_DEBUG + printf ("tls1_generate_master_secret(%p,%p, %p, %d)\n", s,out, p,len); +#endif /* KSSL_DEBUG */ + /* Setup the stuff to munge */ memcpy(buf,TLS_MD_MASTER_SECRET_CONST, TLS_MD_MASTER_SECRET_CONST_SIZE); @@ -596,6 +671,9 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, tls1_PRF(s->ctx->md5,s->ctx->sha1, buf,TLS_MD_MASTER_SECRET_CONST_SIZE+SSL3_RANDOM_SIZE*2,p,len, s->session->master_key,buff,SSL3_MASTER_SECRET_SIZE); +#ifdef KSSL_DEBUG + printf ("tls1_generate_master_secret() complete\n"); +#endif /* KSSL_DEBUG */ return(SSL3_MASTER_SECRET_SIZE); } diff --git a/test/Makefile.ssl b/test/Makefile.ssl index eea811dcb9..9eb48bc718 100644 --- a/test/Makefile.ssl +++ b/test/Makefile.ssl @@ -5,7 +5,7 @@ DIR= test TOP= .. CC= cc -INCLUDES= -I../include +INCLUDES= -I../include $(KRB5_INCLUDES) CFLAG= -g INSTALL_PREFIX= OPENSSLDIR= /usr/local/ssl @@ -55,6 +55,8 @@ SSLTEST= ssltest RSATEST= rsa_test ENGINETEST= enginetest +TESTS= alltests + EXE= $(BNTEST) $(IDEATEST) $(MD2TEST) $(MD4TEST) $(MD5TEST) $(HMACTEST) \ $(RC2TEST) $(RC4TEST) $(RC5TEST) \ $(DESTEST) $(SHATEST) $(SHA1TEST) $(MDC2TEST) $(RMDTEST) \ @@ -101,16 +103,18 @@ install: tags: ctags $(SRC) -tests: exe apps \ +tests: exe apps $(TESTS) + +apps: + @(cd ../apps; $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' all) + +alltests: \ test_des test_idea test_sha test_md4 test_md5 test_hmac \ test_md2 test_mdc2 \ - test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast \ + test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast test_rd \ test_rand test_bn test_enc test_x509 test_rsa test_crl test_sid \ test_gen test_req test_pkcs7 test_verify test_dh test_dsa \ - test_ss test_ca test_engine test_ssl test_rd - -apps: - @(cd ../apps; $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' all) + test_ss test_ca test_engine test_ssl test_des: ./$(DESTEST) @@ -324,7 +328,7 @@ $(METHTEST): $(METHTEST).o $(DLIBCRYPTO) $(CC) -o $(METHTEST) $(CFLAGS) $(METHTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) $(SSLTEST): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) - $(CC) -o $(SSLTEST) $(CFLAGS) $(SSLTEST).o $(PEX_LIBS) $(LIBSSL) $(LIBCRYPTO) $(EX_LIBS) + $(CC) -o $(SSLTEST) $(CFLAGS) $(SSLTEST).o $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) $(ENGINETEST): $(ENGINETEST).o $(DLIBCRYPTO) $(CC) -o $(ENGINETEST) $(CFLAGS) $(ENGINETEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) @@ -352,7 +356,7 @@ bntest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h bntest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h bntest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h bntest.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -bntest.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h +bntest.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h bntest.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h bntest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h bntest.o: ../include/openssl/sha.h ../include/openssl/stack.h @@ -386,7 +390,7 @@ enginetest.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h enginetest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h enginetest.o: ../include/openssl/opensslv.h ../include/openssl/rand.h enginetest.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -enginetest.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h +enginetest.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h enginetest.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h enginetest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h enginetest.o: ../include/openssl/sha.h ../include/openssl/stack.h @@ -409,7 +413,7 @@ hmactest.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h hmactest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h hmactest.o: ../include/openssl/opensslv.h ../include/openssl/rc2.h hmactest.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -hmactest.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h +hmactest.o: ../include/openssl/rd_fst.h ../include/openssl/rijndael.h hmactest.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h hmactest.o: ../include/openssl/safestack.h ../include/openssl/sha.h hmactest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h @@ -441,19 +445,19 @@ ssltest.o: ../include/openssl/des.h ../include/openssl/dh.h ssltest.o: ../include/openssl/dsa.h ../include/openssl/e_os.h ssltest.o: ../include/openssl/e_os2.h ../include/openssl/err.h ssltest.o: ../include/openssl/evp.h ../include/openssl/idea.h -ssltest.o: ../include/openssl/lhash.h ../include/openssl/md2.h -ssltest.o: ../include/openssl/md4.h ../include/openssl/md5.h -ssltest.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -ssltest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -ssltest.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -ssltest.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -ssltest.o: ../include/openssl/rand.h ../include/openssl/rc2.h -ssltest.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -ssltest.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h -ssltest.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -ssltest.o: ../include/openssl/safestack.h ../include/openssl/sha.h -ssltest.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -ssltest.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -ssltest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -ssltest.o: ../include/openssl/tls1.h ../include/openssl/x509.h -ssltest.o: ../include/openssl/x509_vfy.h +ssltest.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +ssltest.o: ../include/openssl/md2.h ../include/openssl/md4.h +ssltest.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +ssltest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +ssltest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +ssltest.o: ../include/openssl/pem.h ../include/openssl/pem2.h +ssltest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +ssltest.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +ssltest.o: ../include/openssl/rc5.h ../include/openssl/rd_fst.h +ssltest.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h +ssltest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +ssltest.o: ../include/openssl/sha.h ../include/openssl/ssl.h +ssltest.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +ssltest.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +ssltest.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +ssltest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h diff --git a/test/maketests.com b/test/maketests.com index 3eba56eb1e..0f6d90fae8 100644 --- a/test/maketests.com +++ b/test/maketests.com @@ -514,6 +514,7 @@ $ CHECK_OPTIONS: $! $! Check To See If P1 Is Blank. $! +$ P1 = "NORSAREF" $ IF (P1.EQS."NORSAREF") $ THEN $! diff --git a/test/tests.com b/test/tests.com index 4d9e308a43..a7257d412a 100644 --- a/test/tests.com +++ b/test/tests.com @@ -225,6 +225,10 @@ $ write sys$output "Generate and certify a test certificate via the 'ca' pro $ @testca.com $ endif $ return +$ test_engine: +$ write sys$output "test Rijndael" +$ !mcr 'texe_dir''rdtest' +$ return $ $ $ exit: diff --git a/test/testssl b/test/testssl index 2151a6438c..3ca5c8010b 100644 --- a/test/testssl +++ b/test/testssl @@ -24,105 +24,111 @@ else CA="-CAfile $3" fi +if [ "$4" = "" ]; then + extra="" +else + extra="$4" +fi + ############################################################################# echo test sslv2 -$ssltest -ssl2 || exit 1 +$ssltest -ssl2 $extra || exit 1 echo test sslv2 with server authentication -$ssltest -ssl2 -server_auth $CA || exit 1 +$ssltest -ssl2 -server_auth $CA $extra || exit 1 if [ $dsa_cert = NO ]; then echo test sslv2 with client authentication - $ssltest -ssl2 -client_auth $CA || exit 1 + $ssltest -ssl2 -client_auth $CA $extra || exit 1 echo test sslv2 with both client and server authentication - $ssltest -ssl2 -server_auth -client_auth $CA || exit 1 + $ssltest -ssl2 -server_auth -client_auth $CA $extra || exit 1 fi echo test sslv3 -$ssltest -ssl3 || exit 1 +$ssltest -ssl3 $extra || exit 1 echo test sslv3 with server authentication -$ssltest -ssl3 -server_auth $CA || exit 1 +$ssltest -ssl3 -server_auth $CA $extra || exit 1 echo test sslv3 with client authentication -$ssltest -ssl3 -client_auth $CA || exit 1 +$ssltest -ssl3 -client_auth $CA $extra || exit 1 echo test sslv3 with both client and server authentication -$ssltest -ssl3 -server_auth -client_auth $CA || exit 1 +$ssltest -ssl3 -server_auth -client_auth $CA $extra || exit 1 echo test sslv2/sslv3 -$ssltest || exit 1 +$ssltest $extra || exit 1 echo test sslv2/sslv3 with server authentication -$ssltest -server_auth $CA || exit 1 +$ssltest -server_auth $CA $extra || exit 1 echo test sslv2/sslv3 with client authentication -$ssltest -client_auth $CA || exit 1 +$ssltest -client_auth $CA $extra || exit 1 echo test sslv2/sslv3 with both client and server authentication -$ssltest -server_auth -client_auth $CA || exit 1 +$ssltest -server_auth -client_auth $CA $extra || exit 1 echo test sslv2 via BIO pair -$ssltest -bio_pair -ssl2 || exit 1 +$ssltest -bio_pair -ssl2 $extra || exit 1 echo test sslv2 with server authentication via BIO pair -$ssltest -bio_pair -ssl2 -server_auth $CA || exit 1 +$ssltest -bio_pair -ssl2 -server_auth $CA $extra || exit 1 if [ $dsa_cert = NO ]; then echo test sslv2 with client authentication via BIO pair - $ssltest -bio_pair -ssl2 -client_auth $CA || exit 1 + $ssltest -bio_pair -ssl2 -client_auth $CA $extra || exit 1 echo test sslv2 with both client and server authentication via BIO pair - $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA || exit 1 + $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra || exit 1 fi echo test sslv3 via BIO pair -$ssltest -bio_pair -ssl3 || exit 1 +$ssltest -bio_pair -ssl3 $extra || exit 1 echo test sslv3 with server authentication via BIO pair -$ssltest -bio_pair -ssl3 -server_auth $CA || exit 1 +$ssltest -bio_pair -ssl3 -server_auth $CA $extra || exit 1 echo test sslv3 with client authentication via BIO pair -$ssltest -bio_pair -ssl3 -client_auth $CA || exit 1 +$ssltest -bio_pair -ssl3 -client_auth $CA $extra || exit 1 echo test sslv3 with both client and server authentication via BIO pair -$ssltest -bio_pair -ssl3 -server_auth -client_auth $CA || exit 1 +$ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1 echo test sslv2/sslv3 via BIO pair -$ssltest || exit 1 +$ssltest $extra || exit 1 if [ $dsa_cert = NO ]; then echo test sslv2/sslv3 w/o DHE via BIO pair - $ssltest -bio_pair -no_dhe || exit 1 + $ssltest -bio_pair -no_dhe $extra || exit 1 fi echo test sslv2/sslv3 with 1024bit DHE via BIO pair -$ssltest -bio_pair -dhe1024dsa -v || exit 1 +$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1 echo test sslv2/sslv3 with server authentication -$ssltest -bio_pair -server_auth $CA || exit 1 +$ssltest -bio_pair -server_auth $CA $extra || exit 1 echo test sslv2/sslv3 with client authentication via BIO pair -$ssltest -bio_pair -client_auth $CA || exit 1 +$ssltest -bio_pair -client_auth $CA $extra || exit 1 echo test sslv2/sslv3 with both client and server authentication via BIO pair -$ssltest -bio_pair -server_auth -client_auth $CA || exit 1 +$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1 ############################################################################# echo test tls1 with 1024bit anonymous DH, multiple handshakes -$ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time || exit 1 +$ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1 if ../apps/openssl no-rsa; then echo skipping RSA tests else echo test tls1 with 1024bit RSA, no DHE, multiple handshakes - ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time || exit 1 + ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time $extra || exit 1 echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes - ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time || exit 1 + ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1 fi exit 0 diff --git a/util/libeay.num b/util/libeay.num index a3b15bbeb8..020d6ba2e6 100755 --- a/util/libeay.num +++ b/util/libeay.num @@ -483,7 +483,7 @@ RSA_private_decrypt 490 EXIST::FUNCTION:RSA RSA_private_encrypt 491 EXIST::FUNCTION:RSA RSA_public_decrypt 492 EXIST::FUNCTION:RSA RSA_public_encrypt 493 EXIST::FUNCTION:RSA -RSA_set_default_method 494 EXIST::FUNCTION:RSA +RSA_set_default_method 494 NOEXIST::FUNCTION: RSA_sign 495 EXIST::FUNCTION:RSA RSA_sign_ASN1_OCTET_STRING 496 EXIST::FUNCTION:RSA RSA_size 497 EXIST::FUNCTION:RSA @@ -1457,7 +1457,7 @@ d2i_ASN1_SET_OF_ASN1_OBJECT 1844 NOEXIST::FUNCTION: PKCS7_signatureVerify 1845 EXIST::FUNCTION: RSA_set_method 1846 EXIST::FUNCTION:RSA RSA_get_method 1847 EXIST::FUNCTION:RSA -RSA_get_default_method 1848 EXIST::FUNCTION:RSA +RSA_get_default_method 1848 NOEXIST::FUNCTION: RSA_check_key 1869 EXIST::FUNCTION:RSA OBJ_obj2txt 1870 EXIST::FUNCTION: DSA_dup_DH 1871 EXIST::FUNCTION:DSA,DH @@ -1481,9 +1481,9 @@ DSA_new_method 1888 EXIST::FUNCTION:DSA DH_new_method 1889 EXIST::FUNCTION:DH DH_OpenSSL 1890 EXIST::FUNCTION:DH DSA_get_ex_new_index 1891 EXIST::FUNCTION:DSA -DH_get_default_method 1892 EXIST::FUNCTION:DH +DH_get_default_method 1892 NOEXIST::FUNCTION: DSA_set_ex_data 1893 EXIST::FUNCTION:DSA -DH_set_default_method 1894 EXIST::FUNCTION:DH +DH_set_default_method 1894 NOEXIST::FUNCTION: DSA_get_ex_data 1895 EXIST::FUNCTION:DSA X509V3_EXT_REQ_add_conf 1896 EXIST::FUNCTION: NETSCAPE_SPKI_print 1897 EXIST::FUNCTION: @@ -1519,7 +1519,7 @@ EVP_PKEY_get1_DSA 1935 EXIST::FUNCTION:DSA ASN1_BMPSTRING_new 1936 EXIST::FUNCTION: ASN1_mbstring_copy 1937 EXIST::FUNCTION: ASN1_UTF8STRING_new 1938 EXIST::FUNCTION: -DSA_get_default_method 1941 EXIST::FUNCTION:DSA +DSA_get_default_method 1941 NOEXIST::FUNCTION: i2d_ASN1_SET_OF_ACCESS_DESCRIPTION 1945 NOEXIST::FUNCTION: ASN1_T61STRING_free 1946 EXIST::FUNCTION: DSA_set_method 1949 EXIST::FUNCTION:DSA @@ -1554,7 +1554,7 @@ i2d_RSA_PUBKEY_bio 1985 EXIST::FUNCTION:RSA ASN1_BIT_STRING_num_asc 1986 EXIST::FUNCTION: i2d_PUBKEY 1987 EXIST::FUNCTION: ASN1_UTCTIME_free 1988 EXIST::FUNCTION: -DSA_set_default_method 1989 EXIST::FUNCTION:DSA +DSA_set_default_method 1989 NOEXIST::FUNCTION: X509_PURPOSE_get_by_id 1990 EXIST::FUNCTION: ACCESS_DESCRIPTION_free 1994 EXIST::FUNCTION: PEM_read_bio_PUBKEY 1995 EXIST::FUNCTION: @@ -1777,7 +1777,7 @@ NCONF_load_fp 2278 EXIST::FUNCTION:FP_API NCONF_new 2279 EXIST::FUNCTION: NCONF_get_string 2280 EXIST::FUNCTION: NCONF_free 2281 EXIST::FUNCTION: -NCONF_get_number 2282 EXIST::FUNCTION: +NCONF_get_number 2282 NOEXIST::FUNCTION: CONF_dump_fp 2283 EXIST::FUNCTION: NCONF_load_bio 2284 EXIST::FUNCTION: NCONF_dump_fp 2285 EXIST::FUNCTION: @@ -1795,7 +1795,7 @@ i2d_ASN1_SET_OF_PKCS7 2328 NOEXIST::FUNCTION: BIO_vfree 2334 EXIST::FUNCTION: d2i_ASN1_SET_OF_ASN1_INTEGER 2339 NOEXIST::FUNCTION: d2i_ASN1_SET_OF_PKCS12_SAFEBAG 2341 NOEXIST::FUNCTION: -ASN1_UTCTIME_get 2350 EXIST::FUNCTION: +ASN1_UTCTIME_get 2350 NOEXIST::FUNCTION: X509_REQ_digest 2362 EXIST::FUNCTION: X509_CRL_digest 2391 EXIST::FUNCTION: d2i_ASN1_SET_OF_PKCS7 2397 NOEXIST::FUNCTION: @@ -1872,7 +1872,7 @@ DSO_METHOD_vms 2462 EXIST::FUNCTION: BIO_f_linebuffer 2463 EXIST:VMS:FUNCTION: X509_print_ex 2464 EXIST::FUNCTION: X509_print_ex_fp 2465 EXIST::FUNCTION:FP_API -EVP_rijndael_ecb 2466 EXIST::FUNCTION: +EVP_rijndael_ecb 2466 EXIST::FUNCTION:RIJNDAEL NCONF_get_number_e 2467 EXIST::FUNCTION: ERR_load_ENGINE_strings 2468 EXIST::FUNCTION: ENGINE_set_DSA 2469 EXIST::FUNCTION: @@ -1937,3 +1937,134 @@ DH_set_default_openssl_method 2525 EXIST::FUNCTION:DH ENGINE_get_DSA 2526 EXIST::FUNCTION: ENGINE_get_ctrl_function 2527 EXIST::FUNCTION: ENGINE_set_ctrl_function 2528 EXIST::FUNCTION: +i2d_OCSP_CERTSTATUS 2529 EXIST::FUNCTION: +i2d_OCSP_REQINFO 2530 EXIST::FUNCTION: +OCSP_request_sign 2531 EXIST::FUNCTION: +OCSP_SINGLERESP_free 2532 EXIST::FUNCTION: +i2d_OCSP_ONEREQ 2533 EXIST::FUNCTION: +OCSP_SERVICELOC_free 2534 EXIST::FUNCTION: +d2i_OCSP_RESPDATA 2535 EXIST::FUNCTION: +OCSP_RESPDATA_new 2536 EXIST::FUNCTION: +d2i_OCSP_REVOKEDINFO 2537 EXIST::FUNCTION: +OCSP_basic_response_new 2538 EXIST::FUNCTION: +d2i_OCSP_CERTID 2539 EXIST::FUNCTION: +OCSP_ONEREQ_free 2540 EXIST::FUNCTION: +ERR_load_OCSP_strings 2541 EXIST::FUNCTION: +ocspResponseStatus2string 2542 EXIST::FUNCTION: +OCSP_basic_response_add 2543 EXIST::FUNCTION: +OCSP_CERTID_free 2544 EXIST::FUNCTION: +OCSP_CRLID_free 2545 EXIST::FUNCTION: +i2a_OCSP_CERTID 2546 EXIST::FUNCTION: +i2a_OCSP_RESPBYTES 2547 EXIST::FUNCTION: +OCSP_CRLID_new 2548 EXIST::FUNCTION: +d2i_OCSP_BASICRESP 2549 EXIST::FUNCTION: +OCSP_accept_responses_new 2550 EXIST::FUNCTION: +i2a_OCSP_CERTSTATUS 2551 EXIST::FUNCTION: +OCSP_request_new 2552 EXIST::FUNCTION: +OCSP_response_verify 2553 EXIST::FUNCTION: +i2a_OCSP_CRLID 2554 EXIST::FUNCTION: +OCSP_CERTSTATUS_new 2555 EXIST::FUNCTION: +i2d_OCSP_CRLID 2556 EXIST::FUNCTION: +OCSP_request_add 2557 EXIST::FUNCTION: +OCSP_SINGLERESP_new 2558 EXIST::FUNCTION: +OCSP_CERTSTATUS_free 2559 EXIST::FUNCTION: +OCSP_REQINFO_new 2560 EXIST::FUNCTION: +i2d_OCSP_RESPID 2561 EXIST::FUNCTION: +d2i_OCSP_REQUEST 2562 EXIST::FUNCTION: +d2i_OCSP_CERTSTATUS 2563 EXIST::FUNCTION: +d2i_OCSP_REQINFO 2564 EXIST::FUNCTION: +OCSP_REVOKEDINFO_free 2565 EXIST::FUNCTION: +d2i_OCSP_ONEREQ 2566 EXIST::FUNCTION: +i2a_ACCESS_DESCRIPTION 2567 EXIST::FUNCTION: +OCSP_cert_status_new 2568 EXIST::FUNCTION: +i2d_OCSP_RESPBYTES 2569 EXIST::FUNCTION: +i2a_OCSP_REQUEST 2570 EXIST::FUNCTION: +OCSP_extension_print 2571 EXIST::FUNCTION: +i2a_OCSP_SIGNATURE 2572 EXIST::FUNCTION: +i2a_OCSP_REQINFO 2573 EXIST::FUNCTION: +OCSP_REQINFO_free 2574 EXIST::FUNCTION: +i2d_OCSP_SINGLERESP 2575 EXIST::FUNCTION: +i2d_OCSP_SERVICELOC 2576 EXIST::FUNCTION: +i2a_OCSP_RESPONSE 2577 EXIST::FUNCTION: +OCSP_BASICRESP_free 2578 EXIST::FUNCTION: +i2a_OCSP_ONEREQ 2579 EXIST::FUNCTION: +OCSP_REQUEST_print 2580 EXIST::FUNCTION: +OCSP_CERTID_new 2581 EXIST::FUNCTION: +OCSP_url_svcloc_new 2582 EXIST::FUNCTION: +OCSP_extensions_print 2583 EXIST::FUNCTION: +OCSP_archive_cutoff_new 2584 EXIST::FUNCTION: +ASN1_STRING_encode 2585 EXIST::FUNCTION: +i2a_OCSP_RESPDATA 2586 EXIST::FUNCTION: +OCSP_REQUEST_free 2587 EXIST::FUNCTION: +OCSP_SERVICELOC_new 2588 EXIST::FUNCTION: +OCSP_SERVICELOC_print 2589 EXIST::FUNCTION: +OCSP_cert_id_new 2590 EXIST::FUNCTION: +cRLReason2string 2591 EXIST::FUNCTION: +OCSP_RESPBYTES_new 2592 EXIST::FUNCTION: +i2d_OCSP_RESPONSE 2593 EXIST::FUNCTION: +i2d_OCSP_SIGNATURE 2594 EXIST::FUNCTION: +OCSP_RESPDATA_free 2595 EXIST::FUNCTION: +ocspCertStatus2string 2596 EXIST::FUNCTION: +OCSP_basic_response_verify 2597 EXIST::FUNCTION: +OCSP_nonce_new 2598 EXIST::FUNCTION: +OCSP_RESPONSE_free 2599 EXIST::FUNCTION: +OCSP_REQUEST_new 2600 EXIST::FUNCTION: +i2a_OCSP_SINGLERESP 2601 EXIST::FUNCTION: +OCSP_RESPONSE_new 2602 EXIST::FUNCTION: +OCSP_RESPONSE_print 2603 EXIST::FUNCTION: +d2i_OCSP_CRLID 2604 EXIST::FUNCTION: +i2a_OCSP_BASICRESP 2605 EXIST::FUNCTION: +OCSP_REVOKEDINFO_new 2606 EXIST::FUNCTION: +i2a_OCSP_SERVICELOC 2607 EXIST::FUNCTION: +i2d_OCSP_RESPDATA 2608 EXIST::FUNCTION: +OCSP_CRLID_print 2609 EXIST::FUNCTION: +d2i_OCSP_RESPID 2610 EXIST::FUNCTION: +OCSP_RESPID_free 2611 EXIST::FUNCTION: +OCSP_ONEREQ_new 2612 EXIST::FUNCTION: +i2d_OCSP_REVOKEDINFO 2613 EXIST::FUNCTION: +d2i_OCSP_RESPBYTES 2614 EXIST::FUNCTION: +i2d_OCSP_CERTID 2615 EXIST::FUNCTION: +d2i_OCSP_SINGLERESP 2616 EXIST::FUNCTION: +OCSP_crlID_new 2617 EXIST::FUNCTION: +OCSP_BASICRESP_new 2618 EXIST::FUNCTION: +d2i_OCSP_SERVICELOC 2619 EXIST::FUNCTION: +OCSP_response_new 2620 EXIST::FUNCTION: +i2a_OCSP_RESPID 2621 EXIST::FUNCTION: +OCSP_nochain_new 2622 NOEXIST::FUNCTION: +OCSP_RESPID_new 2623 EXIST::FUNCTION: +OCSP_add_standard_extension 2624 NOEXIST::FUNCTION: +OCSP_RESPBYTES_free 2625 EXIST::FUNCTION: +i2d_OCSP_BASICRESP 2626 EXIST::FUNCTION: +OCSP_SIGNATURE_new 2627 EXIST::FUNCTION: +OCSP_SIGNATURE_free 2628 EXIST::FUNCTION: +i2a_OCSP_REVOKEDINFO 2629 EXIST::FUNCTION: +OCSP_basic_response_sign 2630 EXIST::FUNCTION: +d2i_OCSP_RESPONSE 2631 EXIST::FUNCTION: +d2i_OCSP_SIGNATURE 2632 EXIST::FUNCTION: +X509_ocspid_print 2633 EXIST::FUNCTION: +OCSP_request_verify 2634 EXIST::FUNCTION: +i2d_OCSP_REQUEST 2635 EXIST::FUNCTION: +ENGINE_load_chil 2636 EXIST::FUNCTION: +ENGINE_load_cswift 2637 EXIST::FUNCTION: +ENGINE_load_builtin_engines 2638 EXIST::FUNCTION: +bn_dup_expand 2639 EXIST::FUNCTION: +ENGINE_load_nuron 2640 EXIST::FUNCTION: +ENGINE_load_atalla 2641 EXIST::FUNCTION: +rijndaelEncryptRound 2642 EXIST::FUNCTION: +rijndaelDecrypt 2643 EXIST::FUNCTION: +rijndaelKeyEncToDec 2644 EXIST::FUNCTION: +rijndaelDecryptRound 2645 EXIST::FUNCTION: +rijndaelEncrypt 2646 EXIST::FUNCTION: +rijndaelKeySched 2647 EXIST::FUNCTION: +OBJ_NAME_do_all_sorted 2648 EXIST::FUNCTION: +OBJ_NAME_do_all 2649 EXIST::FUNCTION: +BN_nnmod 2650 EXIST::FUNCTION: +BN_swap 2651 EXIST::FUNCTION: +BN_mod_add 2652 EXIST::FUNCTION: +BN_mod_lshift1 2653 EXIST::FUNCTION: +BN_mod_lshift 2654 EXIST::FUNCTION: +BN_mod_sub_quick 2655 EXIST::FUNCTION: +BN_mod_lshift1_quick 2656 EXIST::FUNCTION: +BN_mod_lshift_quick 2657 EXIST::FUNCTION: +BN_mod_add_quick 2658 EXIST::FUNCTION: +BN_mod_sub 2659 EXIST::FUNCTION: diff --git a/util/mk1mf.pl b/util/mk1mf.pl index 46755fa287..ccdeb56c57 100755 --- a/util/mk1mf.pl +++ b/util/mk1mf.pl @@ -68,7 +68,6 @@ and [options] can be one of debug - Debug build profile - Profiling build gcc - Use Gcc (unix) - rsaref - Build to require RSAref Values that can be set TMP=tmpdir OUT=outdir SRC=srcdir BIN=binpath INC=header-outdir CC=C-compiler @@ -218,7 +217,7 @@ $cflags.=" -DNO_SOCK" if $no_sock; $cflags.=" -DNO_SSL2" if $no_ssl2; $cflags.=" -DNO_SSL3" if $no_ssl3; $cflags.=" -DNO_ERR" if $no_err; -$cflags.=" -DRSAref" if $rsaref ne ""; +#$cflags.=" -DRSAref" if $rsaref ne ""; ## if ($unix) ## { $cflags="$c_flags" if ($c_flags ne ""); } @@ -873,6 +872,7 @@ sub read_options elsif (/^no-dsa$/) { $no_dsa=1; } elsif (/^no-dh$/) { $no_dh=1; } elsif (/^no-hmac$/) { $no_hmac=1; } + elsif (/^no-rijndael$/) { $no_rijndael=1; } elsif (/^no-asm$/) { $no_asm=1; } elsif (/^nasm$/) { $nasm=1; } elsif (/^gaswin$/) { $gaswin=1; } @@ -885,7 +885,7 @@ sub read_options $no_md2=$no_sha=$no_mdc2=$no_dsa=$no_dh=1; $no_ssl2=$no_err=$no_rmd160=$no_rc5=1; } - elsif (/^rsaref$/) { $rsaref=1; } + elsif (/^rsaref$/) { } elsif (/^gcc$/) { $gcc=1; } elsif (/^debug$/) { $debug=1; } elsif (/^profile$/) { $profile=1; } diff --git a/util/mkdef.pl b/util/mkdef.pl index ba453358cf..e9e21caa75 100755 --- a/util/mkdef.pl +++ b/util/mkdef.pl @@ -76,7 +76,8 @@ my @known_platforms = ( "__FreeBSD__", "VMS", "WIN16", "WIN32", "WINNT", "PERL5", "NeXT" ); my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", "CAST", "MD2", "MD4", "MD5", "SHA", "RIPEMD", - "MDC2", "RSA", "DSA", "DH", "HMAC", "FP_API" ); + "MDC2", "RSA", "DSA", "DH", "HMAC", "FP_API", + "RIJNDAEL" ); my $options=""; open(IN,"<Makefile.ssl") || die "unable to open Makefile.ssl!\n"; @@ -91,7 +92,7 @@ close(IN); my $no_rc2; my $no_rc4; my $no_rc5; my $no_idea; my $no_des; my $no_bf; my $no_cast; my $no_md2; my $no_md4; my $no_md5; my $no_sha; my $no_ripemd; my $no_mdc2; -my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; +my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_rijndael; my $no_fp_api; foreach (@ARGV, split(/ /, $options)) @@ -103,7 +104,7 @@ foreach (@ARGV, split(/ /, $options)) $NT = 1; } $VMS=1 if $_ eq "VMS"; - $rsaref=1 if $_ eq "rsaref"; + #$rsaref=1 if $_ eq "rsaref"; $do_ssl=1 if $_ eq "ssleay"; $do_ssl=1 if $_ eq "ssl"; @@ -132,6 +133,7 @@ foreach (@ARGV, split(/ /, $options)) elsif (/^no-dsa$/) { $no_dsa=1; } elsif (/^no-dh$/) { $no_dh=1; } elsif (/^no-hmac$/) { $no_hmac=1; } + elsif (/^no-rijndael$/) { $no_rijndael=1; } } @@ -147,7 +149,7 @@ if ($W16) { if (!$do_ssl && !$do_crypto) { - print STDERR "usage: $0 ( ssl | crypto ) [ 16 | 32 | NT ] [rsaref]\n"; + print STDERR "usage: $0 ( ssl | crypto ) [ 16 | 32 | NT ]\n"; exit(1); } @@ -172,6 +174,8 @@ $crypto.=" crypto/md5/md5.h" unless $no_md5; $crypto.=" crypto/mdc2/mdc2.h" unless $no_mdc2; $crypto.=" crypto/sha/sha.h" unless $no_sha; $crypto.=" crypto/ripemd/ripemd.h" unless $no_ripemd; +$crypto.=" crypto/rijndael/rijndael.h" unless $no_rijndael; +$crypto.=" crypto/rijndael/rd_fst.h" unless $no_rijndael; $crypto.=" crypto/bn/bn.h"; $crypto.=" crypto/rsa/rsa.h" unless $no_rsa; @@ -202,6 +206,7 @@ $crypto.=" crypto/x509/x509_vfy.h"; $crypto.=" crypto/x509v3/x509v3.h"; $crypto.=" crypto/rand/rand.h"; $crypto.=" crypto/comp/comp.h"; +$crypto.=" crypto/ocsp/ocsp.h"; $crypto.=" crypto/tmdiff.h"; my $symhacks="crypto/symhacks.h"; @@ -607,6 +612,7 @@ sub maybe_add_info { (my $name, *nums, my @symbols) = @_; my $sym; my $new_info = 0; + my %syms=(); print STDERR "Updating $name info\n"; foreach $sym (@symbols) { @@ -620,6 +626,16 @@ sub maybe_add_info { #print STDERR "DEBUG: maybe_add_info for $s: \"$dummy\" => \"$i\"\n"; } } + $syms{sym} = 1; + } + + my @s=sort { &parse_number($nums{$a},"n") <=> &parse_number($nums{$b},"n") } keys %nums; + foreach $sym (@s) { + (my $n, my $i) = split /\\/, $nums{$sym}; + if (!defined($syms{sym})) { + $new_info++; + #print STDERR "DEBUG: maybe_add_info for $sym: -> undefined\n"; + } } if ($new_info) { print STDERR "$new_info old symbols got an info update\n"; @@ -746,6 +762,7 @@ EOF && (!@a || (!$no_dsa || !grep(/^DSA$/,@a))) && (!@a || (!$no_dh || !grep(/^DH$/,@a))) && (!@a || (!$no_hmac || !grep(/^HMAC$/,@a))) + && (!@a || (!$no_rijndael || !grep(/^RIJNDAEL$/,@a))) && (!@a || (!$no_fp_api || !grep(/^FP_API$/,@a))) ) { printf OUT " %s%-40s@%d\n",($W32)?"":"_",$s,$n; @@ -847,12 +864,19 @@ sub rewrite_numbers $rsyms{$s} = 1; } + my %syms = (); + foreach $_ (@symbols) { + (my $n, my $i) = split /\\/; + $syms{$n} = 1; + } + my @s=sort { &parse_number($nums{$a},"n") <=> &parse_number($nums{$b},"n") } keys %nums; foreach $sym (@s) { (my $n, my $i) = split /\\/, $nums{$sym}; next if defined($i) && $i =~ /^.*?:.*?:\w+\(\w+\)/; next if defined($rsyms{$sym}); - $i="NOEXIST::FUNCTION:" if !defined($i) || $i eq ""; + $i="NOEXIST::FUNCTION:" + if !defined($i) || $i eq "" || !defined($syms{$sym}); printf OUT "%s%-40s%d\t%s\n","",$sym,$n,$i; if (exists $r{$sym}) { (my $s, $i) = split /\\/,$r{$sym}; diff --git a/util/mkerr.pl b/util/mkerr.pl index 7d98b5234d..407ca20313 100644 --- a/util/mkerr.pl +++ b/util/mkerr.pl @@ -38,7 +38,7 @@ while (@ARGV) { } if($recurse) { - @source = (<crypto/*.c>, <crypto/*/*.c>, <rsaref/*.c>, <ssl/*.c>); + @source = (<crypto/*.c>, <crypto/*/*.c>, <ssl/*.c>); } else { @source = @ARGV; } diff --git a/util/mkfiles.pl b/util/mkfiles.pl index 470feea76f..128ed39411 100755 --- a/util/mkfiles.pl +++ b/util/mkfiles.pl @@ -23,6 +23,7 @@ my @dirs = ( "crypto/idea", "crypto/bf", "crypto/cast", +"crypto/rijndael", "crypto/bn", "crypto/rsa", "crypto/dsa", @@ -46,8 +47,8 @@ my @dirs = ( "crypto/pkcs12", "crypto/comp", "crypto/engine", +"crypto/ocsp", "ssl", -"rsaref", "apps", "test", "tools" diff --git a/util/mkstack.pl b/util/mkstack.pl index 3ee13fe7c9..085c50f790 100755 --- a/util/mkstack.pl +++ b/util/mkstack.pl @@ -21,7 +21,7 @@ while (@ARGV) { } -@source = (<crypto/*.[ch]>, <crypto/*/*.[ch]>, <rsaref/*.[ch]>, <ssl/*.[ch]>); +@source = (<crypto/*.[ch]>, <crypto/*/*.[ch]>, <ssl/*.[ch]>); foreach $file (@source) { next if -l $file; |