summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--CHANGES77
-rwxr-xr-xConfigure452
-rw-r--r--FAQ37
-rw-r--r--INSTALL14
-rw-r--r--INSTALL.DJGPP47
-rw-r--r--Makefile.org74
-rw-r--r--Makefile.shared162
-rw-r--r--NEWS13
-rw-r--r--PROBLEMS9
-rw-r--r--STATUS2
-rw-r--r--TABLE1856
-rw-r--r--VMS/cert_tool/hostaddr.c484
-rw-r--r--VMS/cert_tool/hostname.c520
-rw-r--r--VMS/cert_tool/ssl$auth_cert.com639
-rw-r--r--VMS/cert_tool/ssl$auto_cert.com101
-rw-r--r--VMS/cert_tool/ssl$cert_tool.com231
-rw-r--r--VMS/cert_tool/ssl$conf_util.com220
-rw-r--r--VMS/cert_tool/ssl$draw_box.com109
-rw-r--r--VMS/cert_tool/ssl$exit_cmd.tpu1
-rw-r--r--VMS/cert_tool/ssl$fill_box.com65
-rw-r--r--VMS/cert_tool/ssl$hash_cert.com235
-rw-r--r--VMS/cert_tool/ssl$init_env.com61
-rw-r--r--VMS/cert_tool/ssl$init_term.com55
-rw-r--r--VMS/cert_tool/ssl$pick_file.com230
-rw-r--r--VMS/cert_tool/ssl$rem_env.com62
-rw-r--r--VMS/cert_tool/ssl$rqst_cert.com769
-rw-r--r--VMS/cert_tool/ssl$self_cert.com725
-rw-r--r--VMS/cert_tool/ssl$show_file.com205
-rw-r--r--VMS/cert_tool/ssl$sign_cert.com759
-rw-r--r--VMS/cert_tool/ssl$view_cert.com245
-rw-r--r--VMS/compaq/build_pcsi_kit.com98
-rw-r--r--VMS/compaq/cpq-axpvms-ssl-t0100--1.pcsi$desc259
-rw-r--r--VMS/compaq/cpq-axpvms-ssl-t0100--1.pcsi$text82
-rw-r--r--VMS/compaq/ssl$ivp.com164
-rw-r--r--VMS/compaq/ssl$pcsi.com70
-rw-r--r--VMS/compaq/ssl$syshutdown.com8
-rw-r--r--VMS/compaq/ssl$systartup.com7
-rw-r--r--VMS/compaq/ssl010.release_notes25
-rw-r--r--VMS/compaq/submit_build.com242
-rw-r--r--VMS/install.com209
-rw-r--r--VMS/mkshared.com41
-rw-r--r--VMS/tcpip_shr_decc.opt1
-rw-r--r--apps/CA.pl.in18
-rw-r--r--apps/CA.sh10
-rw-r--r--apps/Makefile.ssl29
-rw-r--r--apps/apps.c202
-rw-r--r--apps/apps.h3
-rw-r--r--apps/ca.c55
-rw-r--r--apps/crl.c6
-rw-r--r--apps/der_chop.in305
-rw-r--r--apps/dgst.c35
-rw-r--r--apps/ec.c4
-rw-r--r--apps/ecparam.c4
-rw-r--r--apps/enc.c10
-rw-r--r--apps/makeapps.com155
-rw-r--r--apps/openssl-vms.cnf57
-rw-r--r--apps/openssl.c28
-rw-r--r--apps/openssl.cnf53
-rw-r--r--apps/pkcs12.c19
-rw-r--r--apps/req.c11
-rw-r--r--apps/s_apps.h3
-rw-r--r--apps/s_cb.c32
-rw-r--r--apps/s_client.c122
-rw-r--r--apps/s_server.c166
-rw-r--r--apps/s_socket.c1
-rw-r--r--apps/smime.c539
-rw-r--r--apps/speed.c5
-rw-r--r--apps/term_sock.c583
-rw-r--r--apps/term_sock.h21
-rw-r--r--apps/verify.c44
-rw-r--r--apps/x509.c11
-rw-r--r--certs/ICE-CA.pem59
-rw-r--r--certs/ICE-root.pem48
-rw-r--r--certs/ICE-user.pem63
-rw-r--r--certs/ICE.crl9
-rw-r--r--certs/RegTP-4R.pem19
-rw-r--r--certs/ca-cert.pem33
-rw-r--r--certs/dsa-ca.pem43
-rw-r--r--certs/dsa-pca.pem49
-rw-r--r--certs/factory.pem15
-rw-r--r--certs/nortelCA.pem16
-rw-r--r--certs/pca-cert.pem33
-rw-r--r--certs/rsa-cca.pem19
-rw-r--r--certs/timCA.pem16
-rw-r--r--certs/tjhCA.pem15
-rw-r--r--certs/vsign2.pem18
-rw-r--r--certs/vsigntca.pem18
-rwxr-xr-xconfig216
-rw-r--r--crypto/LPdir_unix.c52
-rw-r--r--crypto/LPdir_vms.c26
-rw-r--r--crypto/LPdir_win.c118
-rw-r--r--crypto/LPdir_win32.c27
-rw-r--r--crypto/LPdir_wince.c28
-rw-r--r--crypto/Makefile.ssl27
-rw-r--r--crypto/aes/Makefile.ssl26
-rw-r--r--crypto/aes/aes.h4
-rw-r--r--crypto/aes/aes_cbc.c44
-rw-r--r--crypto/aes/aes_cfb.c67
-rw-r--r--crypto/aes/aes_core.c21
-rw-r--r--crypto/aes/aes_ctr.c8
-rw-r--r--crypto/aes/aes_locl.h6
-rw-r--r--crypto/aes/asm/aes-ia64.S1424
-rw-r--r--crypto/asn1/Makefile.ssl2
-rw-r--r--crypto/asn1/a_bitstr.c8
-rw-r--r--crypto/asn1/a_digest.c7
-rw-r--r--crypto/asn1/a_enum.c2
-rw-r--r--crypto/asn1/a_gentm.c12
-rw-r--r--crypto/asn1/a_int.c21
-rw-r--r--crypto/asn1/a_set.c23
-rw-r--r--crypto/asn1/a_type.c5
-rw-r--r--crypto/asn1/a_utctm.c11
-rw-r--r--crypto/asn1/a_verify.c7
-rw-r--r--crypto/asn1/asn1.h10
-rw-r--r--crypto/asn1/asn1_err.c8
-rw-r--r--crypto/asn1/asn1_lib.c1
-rw-r--r--crypto/asn1/evp_asn1.c6
-rw-r--r--crypto/asn1/p5_pbe.c26
-rw-r--r--crypto/asn1/t_bitst.c5
-rw-r--r--crypto/asn1/x_crl.c40
-rw-r--r--crypto/asn1/x_name.c19
-rw-r--r--crypto/asn1/x_pubkey.c52
-rw-r--r--crypto/bf/Makefile.ssl24
-rw-r--r--crypto/bio/Makefile.ssl2
-rw-r--r--crypto/bio/b_dump.c65
-rw-r--r--crypto/bio/b_sock.c52
-rw-r--r--crypto/bio/bio.h28
-rw-r--r--crypto/bio/bss_conn.c74
-rw-r--r--crypto/bio/bss_file.c2
-rw-r--r--crypto/bio/bss_log.c28
-rw-r--r--crypto/bio/bss_sock.c75
-rw-r--r--crypto/bn/Makefile.ssl67
-rw-r--r--crypto/bn/asm/bn-586.pl9
-rw-r--r--crypto/bn/bn_ctx.c3
-rw-r--r--crypto/bn/bn_mont.c2
-rw-r--r--crypto/bn/bn_print.c20
-rw-r--r--crypto/bn/bntest.c22
-rw-r--r--crypto/buffer/Makefile.ssl2
-rw-r--r--crypto/cast/Makefile.ssl24
-rw-r--r--crypto/comp/Makefile.ssl5
-rw-r--r--crypto/comp/c_zlib.c13
-rw-r--r--crypto/conf/Makefile.ssl2
-rw-r--r--crypto/conf/conf_def.c10
-rw-r--r--crypto/cryptlib.c46
-rw-r--r--crypto/cryptlib.h3
-rw-r--r--crypto/crypto-lib.com140
-rw-r--r--crypto/crypto.h3
-rw-r--r--crypto/des/.cvsignore3
-rw-r--r--crypto/des/Makefile.ssl45
-rw-r--r--crypto/des/cfb64ede.c1
-rw-r--r--crypto/des/des-lib.com159
-rw-r--r--crypto/dh/Makefile.ssl2
-rw-r--r--crypto/dsa/Makefile.ssl2
-rw-r--r--crypto/dsa/dsa_gen.c40
-rw-r--r--crypto/dso/Makefile.ssl2
-rw-r--r--crypto/dso/dso_vms.c46
-rw-r--r--crypto/ec/Makefile.ssl2
-rw-r--r--crypto/ec/ec2_smpl.c49
-rw-r--r--crypto/ec/ecp_smpl.c53
-rw-r--r--crypto/ecdh/Makefile.ssl2
-rw-r--r--crypto/ecdh/ech_key.c2
-rw-r--r--crypto/ecdh/ech_lib.c8
-rw-r--r--crypto/ecdsa/Makefile.ssl2
-rw-r--r--crypto/ecdsa/ecdsatest.c2
-rw-r--r--crypto/ecdsa/ecs_lib.c8
-rw-r--r--crypto/ecdsa/ecs_sign.c2
-rw-r--r--crypto/ecdsa/ecs_vrf.c2
-rw-r--r--crypto/engine/Makefile.ssl16
-rw-r--r--crypto/engine/eng_all.c3
-rw-r--r--crypto/engine/engine.h1
-rw-r--r--crypto/err/Makefile.ssl2
-rw-r--r--crypto/err/err.c72
-rw-r--r--crypto/evp/Makefile.ssl2
-rw-r--r--crypto/evp/bio_md.c10
-rw-r--r--crypto/evp/bio_ok.c60
-rw-r--r--crypto/evp/c_all.c6
-rw-r--r--crypto/evp/evp_pkey.c124
-rw-r--r--crypto/hmac/Makefile.ssl2
-rw-r--r--crypto/hmac/hmac.c2
-rw-r--r--crypto/idea/Makefile.ssl2
-rw-r--r--crypto/install.com26
-rw-r--r--crypto/krb5/Makefile.ssl2
-rw-r--r--crypto/lhash/Makefile.ssl2
-rw-r--r--crypto/md2/Makefile.ssl2
-rw-r--r--crypto/md2/md2.h2
-rw-r--r--crypto/md2/md2test.c2
-rw-r--r--crypto/md32_common.h8
-rw-r--r--crypto/md4/Makefile.ssl2
-rw-r--r--crypto/md4/md4.h2
-rw-r--r--crypto/md4/md4test.c2
-rw-r--r--crypto/md5/Makefile.ssl24
-rw-r--r--crypto/md5/md5.h2
-rw-r--r--crypto/md5/md5test.c2
-rw-r--r--crypto/mdc2/Makefile.ssl2
-rw-r--r--crypto/mdc2/mdc2.h2
-rw-r--r--crypto/mdc2/mdc2dgst.c3
-rw-r--r--crypto/mem.c25
-rw-r--r--crypto/o_dir.c2
-rw-r--r--crypto/o_str.c21
-rw-r--r--crypto/o_time.c21
-rw-r--r--crypto/objects/.cvsignore2
-rw-r--r--crypto/objects/Makefile.ssl13
-rw-r--r--crypto/objects/o_names.c7
-rw-r--r--crypto/objects/obj_dat.c12
-rw-r--r--crypto/objects/obj_dat.h2419
-rw-r--r--crypto/objects/obj_err.c4
-rw-r--r--crypto/objects/obj_mac.h512
-rw-r--r--crypto/objects/obj_mac.num490
-rw-r--r--crypto/objects/objects.h2
-rw-r--r--crypto/objects/objects.txt9
-rw-r--r--crypto/ocsp/Makefile.ssl2
-rw-r--r--crypto/pem/Makefile.ssl2
-rw-r--r--crypto/pem/pem_lib.c12
-rw-r--r--crypto/perlasm/x86asm.pl21
-rw-r--r--crypto/perlasm/x86ms.pl49
-rw-r--r--crypto/perlasm/x86nasm.pl114
-rw-r--r--crypto/perlasm/x86unix.pl169
-rw-r--r--crypto/pkcs12/Makefile.ssl2
-rw-r--r--crypto/pkcs12/p12_crpt.c6
-rw-r--r--crypto/pkcs12/p12_init.c12
-rw-r--r--crypto/pkcs12/p12_kiss.c18
-rw-r--r--crypto/pkcs12/p12_mutl.c5
-rw-r--r--crypto/pkcs7/Makefile.ssl2
-rw-r--r--crypto/pkcs7/pk7_attr.c9
-rw-r--r--crypto/pkcs7/pk7_doit.c42
-rw-r--r--crypto/pkcs7/pk7_lib.c48
-rw-r--r--crypto/pkcs7/pk7_smime.c37
-rw-r--r--crypto/rand/Makefile.ssl2
-rw-r--r--crypto/rand/rand_unix.c35
-rw-r--r--crypto/rand/rand_vms.c170
-rw-r--r--crypto/rand/rand_win.c102
-rw-r--r--crypto/rc2/Makefile.ssl2
-rw-r--r--crypto/rc4/Makefile.ssl48
-rw-r--r--crypto/rc4/asm/rc4-586.pl114
-rwxr-xr-xcrypto/rc4/asm/rc4-amd64.pl176
-rw-r--r--crypto/rc4/rc4.c3
-rw-r--r--crypto/rc4/rc4.h4
-rw-r--r--crypto/rc4/rc4_enc.c10
-rw-r--r--crypto/rc4/rc4_locl.h1
-rw-r--r--crypto/rc4/rc4_skey.c51
-rw-r--r--crypto/rc4/rc4test.c36
-rw-r--r--crypto/rc5/Makefile.ssl24
-rw-r--r--crypto/ripemd/Makefile.ssl24
-rw-r--r--crypto/ripemd/ripemd.h2
-rw-r--r--crypto/ripemd/rmdtest.c2
-rw-r--r--crypto/rsa/Makefile.ssl2
-rw-r--r--crypto/rsa/rsa_gen.c16
-rw-r--r--crypto/rsa/rsa_saos.c7
-rw-r--r--crypto/rsa/rsa_sign.c9
-rw-r--r--crypto/sha/Makefile.ssl52
-rw-r--r--crypto/sha/asm/sha1-586.pl71
-rwxr-xr-xcrypto/sha/asm/sha512-ia64.pl2
-rw-r--r--crypto/sha/sha.h5
-rw-r--r--crypto/sha/sha1test.c2
-rw-r--r--crypto/sha/sha256.c14
-rw-r--r--crypto/sha/sha256t.c44
-rw-r--r--crypto/sha/sha512.c76
-rw-r--r--crypto/sha/sha512t.c71
-rw-r--r--crypto/sha/sha_locl.h5
-rw-r--r--crypto/sha/shatest.c2
-rw-r--r--crypto/stack/Makefile.ssl2
-rw-r--r--crypto/stack/safestack.h87
-rw-r--r--crypto/stack/stack.c7
-rw-r--r--crypto/stack/stack.h1
-rw-r--r--crypto/store/Makefile.ssl2
-rw-r--r--crypto/symhacks.h2
-rw-r--r--crypto/threads/pthreads-vms.com10
-rw-r--r--crypto/txt_db/Makefile.ssl2
-rw-r--r--crypto/ui/Makefile.ssl2
-rw-r--r--crypto/ui/ui_openssl.c7
-rw-r--r--crypto/x509/Makefile.ssl20
-rw-r--r--crypto/x509/by_file.c4
-rw-r--r--crypto/x509/x509.h2
-rw-r--r--crypto/x509/x509_cmp.c40
-rw-r--r--crypto/x509/x509_lu.c28
-rw-r--r--crypto/x509/x509_r2x.c6
-rw-r--r--crypto/x509/x509_req.c32
-rw-r--r--crypto/x509/x509_txt.c17
-rw-r--r--crypto/x509/x509_vfy.c283
-rw-r--r--crypto/x509/x509_vfy.h109
-rw-r--r--crypto/x509/x509cset.c1
-rw-r--r--crypto/x509/x_all.c1
-rw-r--r--crypto/x509v3/Makefile.ssl36
-rw-r--r--crypto/x509v3/ext_dat.h3
-rw-r--r--crypto/x509v3/v3_bitst.c7
-rw-r--r--crypto/x509v3/v3_ia5.c5
-rw-r--r--crypto/x509v3/v3_purp.c77
-rw-r--r--crypto/x509v3/v3err.c14
-rw-r--r--crypto/x509v3/x509v3.h29
-rw-r--r--demos/engines/rsaref/rsaref.c6
-rw-r--r--demos/install.com50
-rw-r--r--demos/vms_examples/ssl$bio_cli.c298
-rw-r--r--demos/vms_examples/ssl$bio_serv.c311
-rw-r--r--demos/vms_examples/ssl$cli_sess_renego.c361
-rw-r--r--demos/vms_examples/ssl$cli_sess_renego_cli_ver.c360
-rw-r--r--demos/vms_examples/ssl$cli_sess_reuse.c319
-rw-r--r--demos/vms_examples/ssl$cli_sess_reuse_cli_ver.c322
-rw-r--r--demos/vms_examples/ssl$cli_verify_client.c296
-rw-r--r--demos/vms_examples/ssl$examples_setup.com174
-rw-r--r--demos/vms_examples/ssl$serv_sess_renego.c379
-rw-r--r--demos/vms_examples/ssl$serv_sess_renego_cli_ver.c379
-rw-r--r--demos/vms_examples/ssl$serv_sess_reuse.c316
-rw-r--r--demos/vms_examples/ssl$serv_sess_reuse_cli_ver.c329
-rw-r--r--demos/vms_examples/ssl$serv_verify_client.c307
-rw-r--r--demos/vms_examples/ssl$simple_cli.c290
-rw-r--r--demos/vms_examples/ssl$simple_serv.c299
-rw-r--r--doc/apps/asn1parse.pod2
-rw-r--r--doc/apps/ca.pod9
-rw-r--r--doc/apps/config.pod2
-rw-r--r--doc/apps/dgst.pod6
-rw-r--r--doc/apps/ecparam.pod12
-rw-r--r--doc/apps/enc.pod2
-rw-r--r--doc/apps/s_client.pod16
-rw-r--r--doc/apps/s_server.pod23
-rw-r--r--doc/crypto/ASN1_STRING_print_ex.pod6
-rw-r--r--doc/crypto/ERR_error_string.pod2
-rw-r--r--doc/crypto/EVP_BytesToKey.pod2
-rw-r--r--doc/crypto/SSLeay_version.pod74
-rw-r--r--doc/crypto/X509_NAME_print_ex.pod4
-rw-r--r--doc/crypto/des_modes.pod2
-rw-r--r--doc/ssl/SSL_shutdown.pod2
-rw-r--r--e_os.h1
-rw-r--r--e_os2.h7
-rw-r--r--engines/makeengines.com100
-rw-r--r--engines/vendor_defns/hwcryptohook.h2
-rw-r--r--install.com10
-rwxr-xr-xmakevms.com224
-rwxr-xr-xms/test.bat40
-rwxr-xr-xms/testss.bat2
-rw-r--r--ssl/Makefile.ssl2
-rw-r--r--ssl/install.com19
-rw-r--r--ssl/ssl-lib.com109
-rw-r--r--ssl/ssl.h10
-rw-r--r--ssl/ssl_cert.c14
-rw-r--r--ssl/ssl_ciph.c2
-rw-r--r--ssl/ssl_lib.c43
-rw-r--r--ssl/ssltest.c492
-rw-r--r--test/CAss.cnf4
-rw-r--r--test/Makefile.ssl242
-rw-r--r--test/Uss.cnf8
-rw-r--r--test/install.com87
-rw-r--r--test/maketests.com117
-rw-r--r--test/tcrl9
-rw-r--r--test/testca7
-rw-r--r--test/testenc2
-rw-r--r--test/testgen6
-rw-r--r--test/tests.com9
-rw-r--r--test/testss86
-rw-r--r--test/testssl14
-rw-r--r--test/tpkcs79
-rw-r--r--test/tpkcs7d9
-rw-r--r--test/treq9
-rw-r--r--test/trsa11
-rw-r--r--test/tsid9
-rw-r--r--test/tx5099
-rwxr-xr-xutil/cygwin.sh8
-rwxr-xr-xutil/libeay.num925
-rwxr-xr-xutil/mkdef.pl2
-rw-r--r--util/mkerr.pl4
-rwxr-xr-xutil/mklink.pl1
-rwxr-xr-xutil/mkstack.pl1
-rw-r--r--util/pl/VC-CE.pl2
361 files changed, 20833 insertions, 9471 deletions
diff --git a/CHANGES b/CHANGES
index 28b0e29514..49630ea76e 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,44 +4,6 @@
Changes between 0.9.7e and 0.9.8 [xx XXX xxxx]
- *) Add processing of proxy certificates (see RFC 3820). This work was
- sponsored by KTH (The Royal Institute of Technology in Stockholm) and
- EGEE (Enabling Grids for E-science in Europe).
- [Richard Levitte]
-
- *) RC4 performance overhaul on modern architectures/implementations, such
- as Intel P4, IA-64 and AMD64.
- [Andy Polyakov]
-
- *) New utility extract-section.pl. This can be used specify an alternative
- section number in a pod file instead of having to treat each file as
- a separate case in Makefile. This can be done by adding two lines to the
- pod file:
-
- =for comment openssl_section:XXX
-
- The blank line is mandatory.
-
- [Steve Henson]
-
- *) New arguments -certform, -keyform and -pass for s_client and s_server
- to allow alternative format key and certificate files and passphrase
- sources.
- [Steve Henson]
-
- *) New structure X509_VERIFY_PARAM which combines current verify parameters,
- update associated structures and add various utility functions.
-
- Add new policy related verify parameters, include policy checking in
- standard verify code. Enhance 'smime' application with extra parameters
- to support policy checking and print out.
- [Steve Henson]
-
- *) Add a new engine to support VIA PadLock ACE extensions in the VIA C3
- Nehemiah processors. These extensions support AES encryption in hardware
- as well as RNG (though RNG support is currently disabled).
- [Michal Ludvig <michal@logix.cz>, with help from Andy Polyakov]
-
*) Deprecate BN_[get|set]_params() functions (they were ignored internally).
[Geoff Thorpe]
@@ -748,44 +710,7 @@
differing sizes.
[Richard Levitte]
- Changes between 0.9.7e and 0.9.7f [XX xxx XXXX]
-
- *) Prompt for pass phrases when appropriate for PKCS12 input format.
- [Steve Henson]
-
- *) Add lots of checks for memory allocation failure, error codes to indicate
- failure and freeing up memory if a failure occurs.
- [Nauticus Networks SSL Team <openssl@nauticusnet.com>, Steve Henson]
-
- *) Add new -passin argument to dgst.
- [Steve Henson]
-
- *) Perform some character comparisons of different types in X509_NAME_cmp:
- this is needed for some certificates that reencode DNs into UTF8Strings
- (in violation of RFC3280) and can't or wont issue name rollover
- certificates.
- [Steve Henson]
-
- *) Make an explicit check during certificate validation to see that
- the CA setting in each certificate on the chain is correct. As a
- side effect always do the following basic checks on extensions,
- not just when there's an associated purpose to the check:
-
- - if there is an unhandled critical extension (unless the user
- has chosen to ignore this fault)
- - if the path length has been exceeded (if one is set at all)
- - that certain extensions fit the associated purpose (if one has
- been given)
- [Richard Levitte]
-
- Changes between 0.9.7d and 0.9.7e [25 Oct 2004]
-
- *) Avoid a race condition when CRLs are checked in a multi threaded
- environment. This would happen due to the reordering of the revoked
- entries during signature checking and serial number lookup. Now the
- encoding is cached and the serial number sort performed under a lock.
- Add new STACK function sk_is_sorted().
- [Steve Henson]
+ Changes between 0.9.7d and 0.9.7e [XX xxx XXXX]
*) Add Delta CRL to the extension code.
[Steve Henson]
diff --git a/Configure b/Configure
index 9ad095705a..d8ae13c356 100755
--- a/Configure
+++ b/Configure
@@ -55,7 +55,6 @@ my $usage="Usage: Configure [no-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-
# zlib-dynamic Like "zlib", but the zlib library is expected to be a shared
# library and will be loaded in run-time by the OpenSSL library.
# 386 generate 80386 code
-# no-sse2 disables IA-32 SSE2 code, above option implies no-sse2
# no-<cipher> build without specified algorithm (rsa, idea, rc5, ...)
# -<xxx> +<xxx> compiler options are passed through
#
@@ -87,15 +86,9 @@ my $usage="Usage: Configure [no-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-
# (intended for 64-bit CPUs running 32-bit OS).
# BF_PTR use 'pointer arithmatic' for Blowfish (unsafe on Alpha).
# BF_PTR2 intel specific version (generic version is more efficient).
-#
-# Following are set automatically by this script
-#
# MD5_ASM use some extra md5 assember,
# SHA1_ASM use some extra sha1 assember, must define L_ENDIAN for x86
# RMD160_ASM use some extra ripemd160 assember,
-# SHA256_ASM sha256_block is implemented in assembler
-# SHA512_ASM sha512_block is implemented in assembler
-# AES_ASM ASE_[en|de]crypt is implemented in assembler
my $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL";
@@ -114,25 +107,19 @@ my $tlib="-lnsl -lsocket";
my $bits1="THIRTY_TWO_BIT ";
my $bits2="SIXTY_FOUR_BIT ";
-my $x86_elf_asm="x86cpuid-elf.o:asm/bn86-elf.o asm/co86-elf.o:asm/dx86-elf.o asm/yx86-elf.o:asm/ax86-elf.o:asm/bx86-elf.o:asm/mx86-elf.o:asm/sx86-elf.o asm/s512sse2-elf.o:asm/cx86-elf.o:asm/rx86-elf.o:asm/rm86-elf.o:asm/r586-elf.o";
-my $x86_coff_asm="x86cpuid-cof.o:asm/bn86-cof.o asm/co86-cof.o:asm/dx86-cof.o asm/yx86-cof.o:asm/ax86-cof.o:asm/bx86-cof.o:asm/mx86-cof.o:asm/sx86-cof.o asm/s512sse2-cof.o:asm/cx86-cof.o:asm/rx86-cof.o:asm/rm86-cof.o:asm/r586-cof.o";
-my $x86_out_asm="x86cpuid-out.o:bn86-out.o co86-out.o:dx86-out.o yx86-out.o:ax86-out.o:bx86-out.o:mx86-out.o:sx86-out.o s512sse2-out.o:cx86-out.o:rx86-out.o:rm86-out.o:r586-out.o";
+my $x86_elf_asm="asm/bn86-elf.o asm/co86-elf.o:asm/dx86-elf.o asm/yx86-elf.o:asm/bx86-elf.o:asm/mx86-elf.o:asm/sx86-elf.o:asm/cx86-elf.o:asm/rx86-elf.o:asm/rm86-elf.o:asm/r586-elf.o";
+my $x86_out_asm="asm/bn86-out.o asm/co86-out.o:asm/dx86-out.o asm/yx86-out.o:asm/bx86-out.o:asm/mx86-out.o:asm/sx86-out.o:asm/cx86-out.o:asm/rx86-out.o:asm/rm86-out.o:asm/r586-out.o";
+my $x86_bsdi_asm="asm/bn86bsdi.o asm/co86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/mx86bsdi.o:asm/sx86bsdi.o:asm/cx86bsdi.o:asm/rx86bsdi.o:asm/rm86bsdi.o:asm/r586bsdi.o";
-my $x86_64_asm="amd64cpuid.o:asm/x86_64-gcc.o:::::::asm/rc4-amd64.o::";
-my $ia64_asm=":asm/ia64.o::aes_core.o aes_cbc.o asm/aes-ia64.o:::asm/sha1-ia64.o asm/sha256-ia64.o asm/sha512-ia64.o::asm/rc4-ia64.o::";
+my $mips3_irix_asm="asm/mips3.o::::::::";
+# There seems to be boundary faults in asm/alpha.s.
+#my $alpha_asm="asm/alpha.o::::::::";
+my $alpha_asm="::::::::";
-my $no_asm="::::::::::";
+# -DB_ENDIAN slows things down on a sparc for md5, but helps sha1.
+# So the md5_locl.h file has an undef B_ENDIAN if sun is defined
-# As for $BSDthreads. Idea is to maintain "collective" set of flags,
-# which would cover all BSD flavors. -pthread applies to them all,
-# but is treated differently. OpenBSD expands is as -D_POSIX_THREAD
-# -lc_r, which is sufficient. FreeBSD 4.x expands it as -lc_r,
-# which has to be accompanied by explicit -D_THREAD_SAFE and
-# sometimes -D_REENTRANT. FreeBSD 5.x expands it as -lc_r, which
-# seems to be sufficient?
-my $BSDthreads="-pthread -D_THREAD_SAFE -D_REENTRANT";
-
-#config-string $cc : $cflags : $unistd : $thread_cflag : $sys_id : $lflags : $bn_ops : $cpuid_obj : $bn_obj : $des_obj : $aes_obj : $bf_obj : $md5_obj : $sha1_obj : $cast_obj : $rc4_obj : $rmd160_obj : $rc5_obj : $dso_scheme : $shared_target : $shared_cflag : $shared_ldflag : $shared_extension : $ranlib : $arflags
+#config-string $cc : $cflags : $unistd : $thread_cflag : $sys_id : $lflags : $bn_ops : $bn_obj : $des_obj : $bf_obj : $md5_obj : $sha1_obj : $cast_obj : $rc4_obj : $rmd160_obj : $rc5_obj : $dso_scheme : $shared_target : $shared_cflag : $shared_ldflag : $shared_extension : $ranlib : $arflags
my %table=(
# File 'TABLE' (created by 'make TABLE') contains the data from this list,
@@ -147,25 +134,21 @@ my %table=(
# Our development configs
"purify", "purify gcc:-g -DPURIFY -Wall::(unknown)::-lsocket -lnsl::::",
"debug", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror::(unknown)::-lefence::::",
-"debug-ben", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::asm/bn86-elf.o asm/co86-elf.o",
+"debug-ben", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::asm/bn86-elf.o asm/co86-elf.o",
"debug-ben-openbsd","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::",
"debug-ben-openbsd-debug","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::",
"debug-ben-debug", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::::",
"debug-ben-strict", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown)::::::",
"debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
"debug-bodo", "gcc:-DL_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DBIO_PAIR_DEBUG -DPEDANTIC -g -m486 -pedantic -Wshadow -Wall::-D_REENTRANT:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
-"debug-ulf", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DBN_DEBUG_RAND -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations:::CYGWIN32:::${no_asm}:win32:cygwin-shared:::.dll",
-"debug-steve", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -mcpu=i486 -pedantic -Wno-long-long -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared",
-"debug-steve-linux-pseudo64", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DOPENSSL_NO_ASM -g -mcpu=i486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:SIXTY_FOUR_BIT:${no_asm}:dlfcn:linux-shared",
+"debug-ulf", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DBN_DEBUG_RAND -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations:::CYGWIN32::::win32:cygwin-shared:::.dll",
+"debug-steve", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -mcpu=i486 -pedantic -Wno-long-long -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared",
+"debug-steve-linux-pseudo64", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DOPENSSL_NO_ASM -g -mcpu=i486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:SIXTY_FOUR_BIT::dlfcn:linux-shared",
"debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-levitte-linux-elf-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-levitte-linux-noasm-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-geoff","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-linux-pentium","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentium -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
-"debug-linux-ppro","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentiumpro -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
-"debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT::-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-levitte-linux-noasm-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-geoff","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"dist", "cc:-O::(unknown)::::::",
# Basic configs that should work on any (32 and less bit) box
@@ -173,10 +156,10 @@ my %table=(
"cc", "cc:-O::(unknown)::::::",
####VOS Configurations
-"vos-gcc","gcc:-b hppa1.1-stratus-vos -O3 -Wall -Wuninitialized -D_POSIX_C_SOURCE=200112L -D_BSD::(unknown):VOS:-Wl,-map:BN_LLONG:${no_asm}:::::.so:",
-"debug-vos-gcc","gcc:-b hppa1.1-stratus-vos -O0 -g -Wall -D_POSIX_C_SOURCE=200112L -D_BSD -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG::(unknown):VOS:-Wl,-map:BN_LLONG:${no_asm}:::::.so:",
-"vos-vcc","vcc:-b i386-stratus-vos -O3 -D_POSIX_C_SOURCE=200112L -D_BSD::(unknown):VOS:-Wl,-map::${no_asm}:::::.so:",
-"debug-vos-vcc","vcc:-b i386-stratus-vos -O0 -g -D_POSIX_C_SOURCE=200112L -D_BSD -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG::(unknown):VOS:-Wl,-map::${no_asm}:::::.so:",
+"vos-gcc","gcc:-b hppa1.1-stratus-vos -O3 -Wall -Wuninitialized -D_POSIX_C_SOURCE=200112L -D_BSD::(unknown):VOS:-Wl,-map:BN_LLONG:::::::::::::.so:",
+"debug-vos-gcc","gcc:-b hppa1.1-stratus-vos -O0 -g -Wall -D_POSIX_C_SOURCE=200112L -D_BSD -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG::(unknown):VOS:-Wl,-map:BN_LLONG:::::::::::::.so:",
+"vos-vcc","vcc:-b i386-stratus-vos -O3 -D_POSIX_C_SOURCE=200112L -D_BSD::(unknown):VOS:-Wl,-map::::::::::::::.so:",
+"debug-vos-vcc","vcc:-b i386-stratus-vos -O0 -g -D_POSIX_C_SOURCE=200112L -D_BSD -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG::(unknown):VOS:-Wl,-map::::::::::::::.so:",
#### Solaris x86 with GNU C setups
# -DOPENSSL_NO_INLINE_ASM switches off inline assembler. We have to do it
@@ -185,47 +168,66 @@ my %table=(
# 7_x86) /usr/ccs/bin/as fails to assemble with "Illegal mnemonic"
# error message.
"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DOPENSSL_NO_INLINE_ASM::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
#### Solaris x86 with Sun C setups
-"solaris-x86-cc","cc:-fast -O -Xa::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-x86-cc","cc:-fast -O -Xa::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
#### SPARC Solaris with GNU C setups
-"solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::asm/sparcv8.o:asm/des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:asm/des_enc-sparc.o fcrypt_b.o::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# -m32 should be safe to add as long as driver recognizes -mcpu=ultrasparc
-"solaris-sparcv9-gcc","gcc:-m32 -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::asm/sparcv8plus.o:asm/des_enc-sparc.o fcrypt_b.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris64-sparcv9-gcc","gcc:-m64 -mcpu=ultrasparc -O3 -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:::asm/des_enc-sparc.o fcrypt_b.o:::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-fPIC:-m64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv9-gcc","gcc:-m32 -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:asm/des_enc-sparc.o fcrypt_b.o::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# gcc pre-2.8 doesn't understand -mcpu=ultrasparc, so fall down to -mv8
+# but keep the assembler modules.
+"solaris-sparcv9-gcc27","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus-gcc27.o:asm/des_enc-sparc.o fcrypt_b.o::asm/md5-sparcv8plus-gcc27.o::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris64-sparcv9-gcc","gcc:-m64 -mcpu=ultrasparc -O3 -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::asm/des_enc-sparc.o fcrypt_b.o::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-fPIC:-m64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
####
-"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::asm/sparcv8.o::::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-solaris-sparcv9-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -O -g -mcpu=ultrasparc -pedantic -ansi -Wall -Wshadow -Wno-long-long -D__EXTENSIONS__ -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::asm/sparcv8plus.o:asm/des_enc-sparc.o fcrypt_b.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-solaris-sparcv9-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -O -g -mcpu=ultrasparc -pedantic -ansi -Wall -Wshadow -Wno-long-long -D__EXTENSIONS__ -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:asm/des_enc-sparc.o fcrypt_b.o::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
#### SPARC Solaris with Sun C setups
+# DO NOT use /xO[34] on sparc with SC3.0. It is broken, and will not pass the tests
+"solaris-sparc-sc3","cc:-fast -O -Xa -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# SC4.0 doesn't pass 'make test', upgrade to SC5.0 or SC4.2.
# SC4.2 is ok, better than gcc even on bn as long as you tell it -xarch=v8
# SC5.0 note: Compiler common patch 107357-01 or later is required!
-"solaris-sparcv7-cc","cc:-xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::asm/sparcv8.o:asm/des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR::asm/sparcv8plus.o:asm/des_enc-sparc.o fcrypt_b.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:::asm/des_enc-sparc.o fcrypt_b.o:::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-KPIC:-xarch=v9:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):/usr/ccs/bin/ar rs",
+"solaris-sparcv7-cc","cc:-xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o:asm/des_enc-sparc.o fcrypt_b.o::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:asm/des_enc-sparc.o fcrypt_b.o::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::asm/des_enc-sparc.o fcrypt_b.o::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-KPIC:-xarch=v9:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):/usr/ccs/bin/ar rs",
####
-"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::asm/sparcv8.o::::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR::asm/sparcv8plus.o::::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+#### SPARC Linux setups
+"linux-sparcv7","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::",
+# Ray Miller <ray.miller@computing-services.oxford.ac.uk> has patiently
+# assisted with debugging of following two configs.
+"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:asm/des_enc-sparc.o fcrypt_b.o::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# it's a real mess with -mcpu=ultrasparc option under Linux, but
+# -Wa,-Av8plus should do the trick no matter what.
+"linux-sparcv9","gcc:-mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:asm/des_enc-sparc.o fcrypt_b.o::asm/md5-sparcv8plus.o::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# GCC 3.1 is a requirement
+"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::asm/des_enc-sparc.o fcrypt_b.o::asm/md5-sparcv9.o::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-#### SunOS configs, assuming sparc for the gcc one.
-#"sunos-cc", "cc:-O4 -DNOPROTO -DNOCONST::(unknown):SUNOS::DES_UNROLL:${no_asm}::",
-"sunos-gcc","gcc:-O3 -mv8 -Dssize_t=int::(unknown):SUNOS::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL DES_PTR DES_RISC1:${no_asm}::",
+# Sunos configs, assuming sparc for the gcc one.
+##"sunos-cc", "cc:-O4 -DNOPROTO -DNOCONST::(unknown):SUNOS::DES_UNROLL:::",
+"sunos-gcc","gcc:-O3 -mv8 -Dssize_t=int::(unknown):SUNOS::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL DES_PTR DES_RISC1:::",
#### IRIX 5.x configs
# -mips2 flag is added by ./config when appropriate.
-"irix-gcc","gcc:-O3 -DTERMIOS -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK DES_UNROLL DES_RISC2 DES_PTR BF_PTR:${no_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"irix-cc", "cc:-O2 -use_readonly_const -DTERMIOS -DB_ENDIAN::(unknown):::BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC2 DES_UNROLL BF_PTR:${no_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"irix-gcc","gcc:-O3 -DTERMIOS -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK DES_UNROLL DES_RISC2 DES_PTR BF_PTR::::::::::dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"irix-cc", "cc:-O2 -use_readonly_const -DTERMIOS -DB_ENDIAN::(unknown):::BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC2 DES_UNROLL BF_PTR::::::::::dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
#### IRIX 6.x configs
# Only N32 and N64 ABIs are supported. If you need O32 ABI build, invoke
# './Configure irix-cc -o32' manually.
-"irix-mips3-gcc","gcc:-mabi=n32 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT::asm/mips3.o::::::::::dlfcn:irix-shared::-mabi=n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT::asm/mips3.o::::::::::dlfcn:irix-shared::-n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# -mips4 flag is added by ./config when appropriate.
+"irix-mips3-gcc","gcc:-mabi=n32 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:${mips3_irix_asm}:dlfcn:irix-shared::-mabi=n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:${mips3_irix_asm}:dlfcn:irix-shared::-n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# N64 ABI builds.
-"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG::asm/mips3.o::::::::::dlfcn:irix-shared::-mabi=64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG::asm/mips3.o::::::::::dlfcn:irix-shared::-64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_irix_asm}:dlfcn:irix-shared::-mabi=64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_irix_asm}:dlfcn:irix-shared::-64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
#### Unified HP-UX ANSI C configs.
# Special notes:
@@ -256,43 +258,89 @@ my %table=(
# <appro@fy.chalmers.se>
#
# Since there is mention of this in shlib/hpux10-cc.sh
-"hpux-parisc-cc-o4","cc:-Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux-parisc2-gcc","gcc:-march=2.0 -O3 -DB_ENDIAN -D_REENTRANT::::-Wl,+s -ldld:SIXTY_FOUR_BIT RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL DES_RISC1::asm/pa-risc2.o::::::::::dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux64-parisc2-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::asm/pa-risc2W.o::::::::::dlfcn:hpux-shared:-fpic:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-parisc-cc-o4","cc:-Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W::::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-parisc2-gcc","gcc:-march=2.0 -O3 -DB_ENDIAN::-D_REENTRANT::-Wl,+s -ldld:SIXTY_FOUR_BIT RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL DES_RISC1:asm/pa-risc2.o:::::::::dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# 64bit PARISC for GCC without optimization, which seems to make problems.
+# Submitted by <ross.alexander@uk.neceur.com>
+"hpux64-parisc-gcc","gcc:-DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dlfcn:hpux-shared:-fpic:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux64-parisc2-gcc","gcc:-O3 -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2W.o:::::::::dlfcn:hpux-shared:-fpic:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# More attempts at unified 10.X and 11.X targets for HP C compiler.
#
# Chris Ruemmler <ruemmler@cup.hp.com>
# Kevin Steves <ks@hp.se>
-"hpux-parisc-cc","cc:+O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux-parisc1_0-cc","cc:+DAportable +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT::::-Wl,+s -ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::asm/pa-risc2.o::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::asm/pa-risc2W.o::::::::::dlfcn:hpux-shared:+Z:+DD64 -b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-parisc-cc","cc:+O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2.o:::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2W.o:::::::::dlfcn:hpux-shared:+Z:+DD64 -b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# Isn't the line below meaningless? HP-UX cc optimizes for host by default.
+# hpux-parisc1_0-cc with +DAportable flag would make more sense. <appro>
+"hpux-parisc1_1-cc","cc:+DA1.1 +DS1.1 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# HP/UX IA-64 targets
-"hpux-ia64-cc","cc:-Ae +DD32 +O2 +Olit=all -z -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:+Z:+DD32 -b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-ia64-cc","cc:-Ae +DD32 +O3 +Olit=all -z -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o:::::::::dlfcn:hpux-shared:+Z:+DD32 -b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# Frank Geurts <frank.geurts@nl.abnamro.com> has patiently assisted with
# with debugging of the following config.
-"hpux64-ia64-cc","cc:-Ae +DD64 +O3 +Olit=all -z -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:+Z:+DD64 -b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# GCC builds...
-"hpux-ia64-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT::asm/ia64.o::asm/aes-ia64.o:::asm/sha256-ia64.o asm/sha512-ia64.o::asm/rc4-ia64.o:::dlfcn:hpux-shared:-fpic:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux64-ia64-gcc","gcc:-mlp64 -O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:-fpic:-mlp64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
-# Legacy HPUX 9.X configs...
-"hpux-cc", "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O2 -z::(unknown)::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown)::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux64-ia64-cc","cc:-Ae +DD64 +O3 +Olit=all -z -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o:::::::::dlfcn:hpux-shared:+Z:+DD64 -b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# GCC builds [not tested yet]...
+# _ILP32 should have been defined by compiler driver, but it isn't...
+"hpux-ia64-gcc","gcc:-O3 -DB_ENDIAN -D_ILP32::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/ia64.o:::::::::dlfcn:hpux-shared:-fpic:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux64-ia64-gcc","gcc:-mlp64 -O3 -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/ia64.o:::::::::dlfcn:hpux-shared:-fpic:-mlp64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+# HPUX 9.X config.
+# Don't use the bundled cc. It is broken. Use HP ANSI C if possible, or
+# egcs. gcc 2.8.1 is also broken.
+
+"hpux-cc", "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::(unknown)::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# If hpux-cc fails (e.g. during "make test"), try the next one; otherwise,
+# please report your OS and compiler version to the openssl-bugs@openssl.org
+# mailing list.
+"hpux-brokencc", "cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::(unknown)::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+"hpux-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown)::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# If hpux-gcc fails, try this one:
+"hpux-brokengcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown)::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+# HPUX 9.X on Motorola 68k platforms with gcc
+"hpux-m68k-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown):::BN_LLONG DES_PTR DES_UNROLL:::::::::::::",
+
+# HPUX 10.X config. Supports threads.
+"hpux10-cc", "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# If hpux10-cc fails, try this one (if still fails, try deleting BN_LLONG):
+"hpux10-brokencc", "cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+"hpux10-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# If hpux10-gcc fails, try this one:
+"hpux10-brokengcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+# HPUX 11.X from www.globus.org.
+# Only works on PA-RISC 2.0 cpus, and not optimized. Why?
+#"hpux11-32bit-cc","cc:+DA2.0 -DB_ENDIAN -D_HPUX_SOURCE -Aa -Ae +ESlit::-D_REENTRANT:::DES_PTR DES_UNROLL DES_RISC1:::",
+#"hpux11-64bit-cc","cc:+DA2.0W -g -D_HPUX_SOURCE -Aa -Ae +ESlit::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT :::",
+# Use unified settings above instead.
#### HP MPE/iX http://jazz.external.hp.com/src/openssl/
-"MPE/iX-gcc", "gcc:-D_ENDIAN -DBN_DIV2W -O3 -D_POSIX_SOURCE -D_SOCKET_SOURCE -I/SYSLOG/PUB::(unknown):MPE:-L/SYSLOG/PUB -lsyslog -lsocket -lcurses:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:::",
+"MPE/iX-gcc", "gcc:-D_ENDIAN -DBN_DIV2W -O3 -D_POSIX_SOURCE -D_SOCKET_SOURCE -I/SYSLOG/PUB::(unknown):MPE:-L/SYSLOG/PUB -lsyslog -lsocket -lcurses:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:::",
-# DEC Alpha OSF/1/Tru64 targets.
+#### PARISC Linux setups
+"linux-parisc","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT:::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::",
+
+# Dec Alpha, OSF/1 - the alpha164-cc is historical, for the conversion
+# from the older DEC C Compiler to the newer compiler. It's now the
+# same as the preferred entry, alpha-cc. If you are still using the
+# older compiler (you're at 3.x or earlier, or perhaps very early 4.x)
+# you should use `alphaold-cc'.
#
# "What's in a name? That which we call a rose
# By any other word would smell as sweet."
#
# - William Shakespeare, "Romeo & Juliet", Act II, scene II.
#
+# For OSF/1 3.2b and earlier, and Digital UNIX 3.2c - 3.2g, with the
+# vendor compiler, use alphaold-cc.
+# For Digital UNIX 4.0 - 4.0e, with the vendor compiler, use alpha-cc.
+# For Tru64 UNIX 4.f - current, with the vendor compiler, use alpha-cc.
+#
# There's also an alternate target available (which `config' will never
# select) called alpha-cc-rpath. This target builds an RPATH into the
# shared libraries, which is very convenient on Tru64 since binaries
@@ -302,38 +350,16 @@ my %table=(
#
# For gcc, the following gave a %50 speedup on a 164 over the 'DES_INT' version
#
-"osf1-alpha-gcc", "gcc:-O3::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1:${no_asm}:dlfcn:alpha-osf1-shared:::.so",
-"ofs1-alpha-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${no_asm}:dlfcn:alpha-osf1-shared:::.so",
-"tru64-alpha-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${no_asm}:dlfcn:tru64-shared:::.so",
-"alpha-cc-rpath", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${no_asm}:dlfcn:tru64-shared-rpath:::.so",
+"alpha-gcc","gcc:-O3::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so",
+"alphaold-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so",
+"alpha164-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:tru64-shared:::.so",
+"alpha-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:tru64-shared:::.so",
+"alpha-cc-rpath", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:tru64-shared-rpath:::.so",
+#
+# This probably belongs in a different section.
+#
+"FreeBSD-alpha","gcc:-DTERMIOS -O -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-####
-#### Variety of LINUX:-)
-####
-# *-generic* is endian-neutral target, but ./config is free to
-# throw in -D[BL]_ENDIAN, whichever appropriate...
-"linux-generic32","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-ppc", "gcc:-DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::asm/linux_ppc32.o::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-#### IA-32 targets...
-"linux-ia32-icc", "icc:-DL_ENDIAN -DTERMIO -O2 -no_cpprt::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}",
-####
-"linux-generic64","gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# -bpowerpc64-linux is transient option, -m64 should be the one to use...
-"linux-ppc64", "gcc:-bpowerpc64-linux -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::asm/linux_ppc64.o::::::::::dlfcn:linux-shared:-fPIC:-bpowerpc64-linux:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-ia64", "gcc:-DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-#### SPARC Linux setups
-# Ray Miller <ray.miller@computing-services.oxford.ac.uk> has patiently
-# assisted with debugging of following two configs.
-"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::asm/sparcv8.o:asm/des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# it's a real mess with -mcpu=ultrasparc option under Linux, but
-# -Wa,-Av8plus should do the trick no matter what.
-"linux-sparcv9","gcc:-m32 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::asm/sparcv8plus.o:asm/des_enc-sparc.o fcrypt_b.o:::asm/md5-sparcv8plus.o::::::dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# GCC 3.1 is a requirement
-"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::asm/des_enc-sparc.o fcrypt_b.o:::asm/md5-sparcv9.o::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
#### Alpha Linux with GNU C and Compaq C setups
# Special notes:
# - linux-alpha+bwx-gcc is ment to be used from ./config only. If you
@@ -347,38 +373,61 @@ my %table=(
#
# <appro@fy.chalmers.se>
#
-"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${no_asm}",
-"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${no_asm}",
-
-#### *BSD [do see comment about ${BSDthreads} above!]
-"BSD-generic32","gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"BSD-x86", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"BSD-x86-elf", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"BSD-sparcv8", "gcc:-DB_ENDIAN -DTERMIOS -O3 -mv8 -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::asm/sparcv8.o:asm/des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
-"BSD-generic64","gcc:-DTERMIOS -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# -DMD32_REG_T=int doesn't actually belong in sparc64 target, it
-# simply *happens* to work around a compiler bug in gcc 3.3.3,
-# triggered by RIPEMD160 code.
-"BSD-sparc64", "gcc:-DB_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR:::asm/des_enc-sparc.o fcrypt_b.o:::asm/md5-sparcv9.o::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"BSD-ia64", "gcc:-DL_ENDIAN -DTERMIOS -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"BSD-x86_64", "gcc:-DL_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
+"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
-"bsdi-elf-gcc", "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# assembler versions -- currently defunct:
+##"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer:::(unknown):SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:${alpha_asm}",
+# The intel boxes :-), It would be worth seeing if bsdi-gcc can use the
+# bn86-elf.o file file since it is hand tweaked assembler.
+"linux-ia32-icc", "icc:-DL_ENDIAN -DTERMIO -O2 -no_cpprt::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-pentium", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -mcpu=pentium -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-ppro", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -mcpu=pentiumpro -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-k6", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -mcpu=k6 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-pentium","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentium -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
+"debug-linux-ppro","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentiumpro -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
+"debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT::-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}",
+"linux-mipsel", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-mips", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-ppc", "gcc:-DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:asm/linux_ppc32.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-ppc64", "gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:asm/linux_ppc64.o:::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-m68k", "gcc:-DB_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG::",
+"linux-s390", "gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-s390x", "gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-ia64", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-ia64-ecc", "ecc:-DL_ENDIAN -DTERMIO -O2 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:asm/x86_64-gcc.o::::::asm/rc4-amd64.o:::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"NetBSD-sparc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"NetBSD-m68", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"NetBSD-x86", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"FreeBSD-elf", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::-pthread -D_REENTRANT -D_THREAD_SAFE -D_THREADSAFE:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"FreeBSD-sparc64","gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer::-pthread -D_REENTRANT -D_THREAD_SAFE -D_THREADSAFE:::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2 BF_PTR::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"FreeBSD-ia64","gcc:-DL_ENDIAN -DTERMIOS -O -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64-cpp.o:::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"FreeBSD", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}",
+"bsdi-gcc", "gcc:-O3 -ffast-math -DL_ENDIAN -DPERL5 -m486::(unknown):::RSA_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_bsdi_asm}",
+"bsdi-elf-gcc", "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"nextstep", "cc:-O -Wall:<libc.h>:(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::",
"nextstep3.3", "cc:-O3 -Wall:<libc.h>:(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::",
# NCR MP-RAS UNIX ver 02.03.01
"ncr-scde","cc:-O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw::(unknown)::-lsocket -lnsl -lc89:${x86_gcc_des} ${x86_gcc_opts}:::",
-# QNX
+# QNX 4
"qnx4", "cc:-DL_ENDIAN -DTERMIO::(unknown):::${x86_gcc_des} ${x86_gcc_opts}:",
+
+# QNX 6
"qnx6", "cc:-DL_ENDIAN -DTERMIOS::(unknown)::-lsocket:${x86_gcc_des} ${x86_gcc_opts}:",
-#### SCO/Caldera targets.
+# Linux on ARM
+"linux-elf-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+# SCO/Caldera targets.
#
# Originally we had like unixware-*, unixware-*-pentium, unixware-*-p6, etc.
# Now we only have blended unixware-* as it's the only one used by ./config.
@@ -401,13 +450,14 @@ my %table=(
"sco5-cc", "cc:-belf::(unknown)::-lsocket -lnsl:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:svr3-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"sco5-gcc", "gcc:-O3 -fomit-frame-pointer::(unknown)::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:svr3-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-#### IBM's AIX.
-"aix3-cc", "cc:-O -DB_ENDIAN -qmaxmem=16384::(unknown):AIX::BN_LLONG RC4_CHAR:::",
-"aix-gcc", "gcc:-O -DB_ENDIAN::-D_THREAD_SAFE:AIX::BN_LLONG RC4_CHAR::asm/aix_ppc32.o::::::::::dlfcn:",
+
+# IBM's AIX.
+"aix-gcc", "gcc:-O -DB_ENDIAN::(unknown):AIX::BN_LLONG RC4_CHAR:asm/aix_ppc32.o:::::::::dlfcn:",
+"aix43-cc", "cc:-O -DB_ENDIAN -qmaxmem=16384::(unknown):::BN_LLONG RC4_CHAR:asm/aix_ppc32.o:::::::::dlfcn:aix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::",
# Below targets assume AIX 5. Idea is to effectively disregard $OBJECT_MODE
# at build time. $OBJECT_MODE is respected at ./config stage!
-"aix-cc", "cc:-q32 -O -DB_ENDIAN -qmaxmem=16384::-qthreaded:AIX::BN_LLONG RC4_CHAR::asm/aix_ppc32.o::::::::::dlfcn:aix-shared::-q32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32",
-"aix64-cc", "cc:-q64 -O -DB_ENDIAN -qmaxmem=16384::(unknown):AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR::asm/aix_ppc64.o::::::::::dlfcn:aix-shared::-q64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 64",
+"aix-cc", "cc:-q32 -O -DB_ENDIAN -qmaxmem=16384::(unknown):AIX::BN_LLONG RC4_CHAR:asm/aix_ppc32.o:::::::::dlfcn:aix-shared::-q32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32",
+"aix64-cc", "cc:-q64 -O -DB_ENDIAN -qmaxmem=16384::(unknown):AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR:asm/aix_ppc64.o:::::::::dlfcn:aix-shared::-q64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 64",
#
# Cray T90 and similar (SDSC)
@@ -442,7 +492,7 @@ my %table=(
# Sinix/ReliantUNIX RM400
# NOTE: The CDS++ Compiler up to V2.0Bsomething has the IRIX_CC_BUG optimizer problem. Better use -g */
-"ReliantUNIX","cc:-KPIC -g -DTERMIOS -DB_ENDIAN::-Kthread:SNI:-lsocket -lnsl -lc -L/usr/ucblib -lucb:BN_LLONG DES_PTR DES_RISC2 DES_UNROLL BF_PTR:${no_asm}:dlfcn:reliantunix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"ReliantUNIX","cc:-KPIC -g -DTERMIOS -DB_ENDIAN::-Kthread:SNI:-lsocket -lnsl -lc -L/usr/ucblib -lucb:BN_LLONG DES_PTR DES_RISC2 DES_UNROLL BF_PTR::::::::::dlfcn:reliantunix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"SINIX","cc:-O::(unknown):SNI:-lsocket -lnsl -lc -L/usr/ucblib -lucb:RC4_INDEX RC4_CHAR:::",
"SINIX-N","/usr/ucb/cc:-O2 -misaligned::(unknown)::-lucb:RC4_INDEX RC4_CHAR:::",
@@ -455,33 +505,30 @@ my %table=(
#
"OS390-Unix","c89.sh:-O -DB_ENDIAN -DCHARSET_EBCDIC -DNO_SYS_PARAM_H -D_ALL_SOURCE::(unknown):::THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR:::",
-# Win64 targets, WIN64I denotes IA-64 and WIN64A - AMD64
-"VC-WIN64I","cl::::WIN64I::SIXTY_FOUR_BIT EXPORT_VAR_AS_FN:${no_asm}:win32",
-"VC-WIN64A","cl::::WIN64A::SIXTY_FOUR_BIT EXPORT_VAR_AS_FN:${no_asm}:win32",
+# Windows NT, Microsoft Visual C++ 4.0
-# Visual C targets
-"VC-NT","cl::::WINNT::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32",
-"VC-CE","cl::::WINCE::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32",
-"VC-WIN32","cl::::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32",
+"VC-NT","cl::::WINNT::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}::::::::::win32",
+"VC-CE","cl::::WINCE::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}::::::::::win32",
+"VC-WIN32","cl::::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}::::::::::win32",
"VC-WIN16","cl:::(unknown):WIN16::MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT:::",
"VC-W31-16","cl:::(unknown):WIN16::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT:::",
"VC-W31-32","cl::::WIN16::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT:::",
"VC-MSDOS","cl:::(unknown):MSDOS::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT:::",
# Borland C++ 4.5
-"BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX EXPORT_VAR_AS_FN:${no_asm}:win32",
+"BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX EXPORT_VAR_AS_FN::::::::::win32",
"BC-16","bcc:::(unknown):WIN16::BN_LLONG DES_PTR RC4_INDEX SIXTEEN_BIT:::",
# MinGW
-"mingw", "gcc:-mno-cygwin -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall:::MINGW32:-mno-cygwin -lwsock32 -lgdi32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_coff_asm}:win32:cygwin-shared:-D_DLL:-shared:.dll",
+"mingw", "gcc:-DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -mno-cygwin -Wall:::MINGW32:-mno-cygwin -lwsock32 -lgdi32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:win32::::.dll",
# UWIN
-"UWIN", "cc:-DTERMIOS -DL_ENDIAN -O -Wall:::UWIN::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:win32",
+"UWIN", "cc:-DTERMIOS -DL_ENDIAN -O -Wall:::UWIN::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32",
# Cygwin
-"Cygwin-pre1.3", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:win32",
-"Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_coff_asm}:win32:cygwin-shared:-D_DLL:-shared:.dll",
-"debug-Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::CYGWIN32:::${no_asm}:win32:cygwin-shared:::.dll",
+"Cygwin-pre1.3", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32",
+"Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:win32:cygwin-shared:::.dll",
+"debug-Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::CYGWIN32::::win32:cygwin-shared:::.dll",
# NetWare from David Ward (dsward@novell.com) - requires MetroWerks NLM development tools
# netware-clib => legacy CLib c-runtime support
@@ -491,7 +538,7 @@ my %table=(
"netware-libc-gcc", "i586-netware-gcc:-nostdinc -I/ndk/libc/include -I/ndk/libc/include/winsock -DL_ENDIAN -DNETWARE_LIBC -DOPENSSL_SYSNAME_NETWARE -DTERMIO -O2 -Wall::::${x86_gcc_opts}:::",
# DJGPP
-"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall -DDEVRANDOM=\"/dev/urandom\\x24\":::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:",
+"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::",
# Ultrix from Bernhard Simon <simon@zid.tuwien.ac.at>
"ultrix-cc","cc:-std1 -O -Olimit 2500 -DL_ENDIAN::(unknown):::::::",
@@ -499,10 +546,23 @@ my %table=(
# K&R C is no longer supported; you need gcc on old Ultrix installations
##"ultrix","cc:-O2 -DNOPROTO -DNOCONST -DL_ENDIAN::(unknown):::::::",
+# Some OpenBSD from Bob Beck <beck@obtuse.com>
+"OpenBSD", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"OpenBSD-alpha", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"OpenBSD-i386", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"OpenBSD-m68k", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"OpenBSD-m88k", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"OpenBSD-mips", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"OpenBSD-powerpc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"OpenBSD-sparc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::asm/des_enc-sparc.o fcrypt_b.o::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"OpenBSD-sparc64", "gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2 BF_PTR::asm/des_enc-sparc.o fcrypt_b.o::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"OpenBSD-vax", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"OpenBSD-hppa", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
##### MacOS X (a.k.a. Rhapsody or Darwin) setup
-"rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX_RHAPSODY::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}::",
-"darwin-ppc-cc","cc:-O3 -fno-common -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::asm/osx_ppc32.o:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
-"darwin-i386-cc","cc:-O3 -fomit-frame-pointer -fno-common -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX_RHAPSODY::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::",
+"darwin-ppc-cc","cc:-O3 -fno-common -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/osx_ppc32.o::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"darwin-i386-cc","cc:-O3 -fomit-frame-pointer -fno-common -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
##### A/UX
"aux3-gcc","gcc:-O2 -DTERMIO::(unknown):AUX:-lbsd:RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::",
@@ -521,17 +581,15 @@ my %table=(
"vxworks-ppc750","ccppc:-ansi -nostdinc -DPPC750 -D_REENTRANT -fvolatile -fno-builtin -fno-for-scope -fsigned-char -Wall -msoft-float -mlongcall -DCPU=PPC604 -I\$(WIND_BASE)/target/h \$(DEBUG_FLAG):::VXWORKS:-r:::::",
"vxworks-ppc750-debug","ccppc:-ansi -nostdinc -DPPC750 -D_REENTRANT -fvolatile -fno-builtin -fno-for-scope -fsigned-char -Wall -msoft-float -mlongcall -DCPU=PPC604 -I\$(WIND_BASE)/target/h -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DDEBUG -g:::VXWORKS:-r:::::",
"vxworks-ppc860","ccppc:-nostdinc -msoft-float -DCPU=PPC860 -DNO_STRINGS_H -I\$(WIND_BASE)/target/h:::VXWORKS:-r:::::",
-"vxworks-mipsle","ccmips:-B\$(WIND_BASE)/host/\$(WIND_HOST_TYPE)/lib/gcc-lib/ -DL_ENDIAN -EL -Wl,-EL -mips2 -mno-branch-likely -G 0 -fno-builtin -msoft-float -DCPU=MIPS32 -DMIPSEL -DNO_STRINGS_H -I\$(WIND_BASE)/target/h:::VXWORKS:-r::${no_asm}::::::ranlibmips:",
+"vxworks-mipsle","ccmips:-B\$(WIND_BASE)/host/\$(WIND_HOST_TYPE)/lib/gcc-lib/ -DL_ENDIAN -EL -Wl,-EL -mips2 -mno-branch-likely -G 0 -fno-builtin -msoft-float -DCPU=MIPS32 -DMIPSEL -DNO_STRINGS_H -I\$(WIND_BASE)/target/h:::VXWORKS:-r::::::::::::::::ranlibmips:",
##### Compaq Non-Stop Kernel (Tandem)
"tandem-c89","c89:-Ww -D__TANDEM -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1 -D_TANDEM_SOURCE -DB_ENDIAN::(unknown):::THIRTY_TWO_BIT:::",
);
-my @MK1MF_Builds=qw(VC-WIN64I VC-WIN64A
- VC-NT VC-CE VC-WIN32
- VC-WIN16 VC-W31-16 VC-W31-32 VC-MSDOS
- BC-32 BC-16 OS2-EMX netware-clib netware-libc);
+my @MK1MF_Builds=qw(VC-NT VC-CE VC-WIN32 VC-WIN16 VC-W31-16 VC-W31-32 VC-MSDOS
+ BC-32 BC-16 Mingw32 OS2-EMX netware-clib netware-libc);
my $idx = 0;
my $idx_cc = $idx++;
@@ -541,10 +599,8 @@ my $idx_thread_cflag = $idx++;
my $idx_sys_id = $idx++;
my $idx_lflags = $idx++;
my $idx_bn_ops = $idx++;
-my $idx_cpuid_obj = $idx++;
my $idx_bn_obj = $idx++;
my $idx_des_obj = $idx++;
-my $idx_aes_obj = $idx++;
my $idx_bf_obj = $idx++;
my $idx_md5_obj = $idx++;
my $idx_sha1_obj = $idx++;
@@ -584,7 +640,6 @@ my $rc2 ="crypto/rc2/rc2.h";
my $bf ="crypto/bf/bf_locl.h";
my $bn_asm ="bn_asm.o";
my $des_enc="des_enc.o fcrypt_b.o";
-my $aes_enc="aes_core.o aes_cbc.o";
my $bf_enc ="bf_enc.o";
my $cast_enc="c_enc.o";
my $rc4_enc="rc4_enc.o";
@@ -603,7 +658,6 @@ my $no_md5=0;
my $no_sha=0;
my $no_rsa=0;
my $no_dh=0;
-my $no_sse2=0;
&usage if ($#ARGV < 0);
@@ -697,8 +751,6 @@ PROCESS_ARGS:
{ $no_ssl3 = 1; }
elsif (/^no-tls1?$/)
{ $no_tls1 = 1; }
- elsif (/^no-sse2$/)
- { $no_sse2 = 1; }
elsif (/^no-(.+)$/)
{
my $algo=$1;
@@ -784,7 +836,7 @@ PROCESS_ARGS:
die "Insufficient data to reconfigure, please do a normal configuration\n";
}
elsif (/^386$/)
- { $processor=386; $no_sse2=1; }
+ { $processor=386; }
elsif (/^rsaref$/)
{
# No RSAref support any more since it's not needed.
@@ -901,10 +953,9 @@ print "Configuring for $target\n";
my $IsMK1MF=scalar grep /^$target$/,@MK1MF_Builds;
-$IsMK1MF=1 if ($target eq "mingw" && $^O ne "cygwin");
-
-$exe_ext=".exe" if ($target eq "Cygwin" || $target eq "DJGPP" || $target eq "mingw");
-$exe_ext=".pm" if ($target =~ /vos/);
+$exe_ext=".exe" if ($target eq "Cygwin");
+$exe_ext=".exe" if ($target eq "DJGPP");
+$exe_ext=".pm" if ($target eq "vos-gcc" or $target eq "debug-vos-gcc" or $target eq "vos-vcc" or $target eq "debug-vos-vcc");
$openssldir="/usr/local/ssl" if ($openssldir eq "" and $prefix eq "");
$prefix=$openssldir if $prefix eq "";
@@ -929,16 +980,14 @@ my $thread_cflag = $fields[$idx_thread_cflag];
my $sys_id = $fields[$idx_sys_id];
my $lflags = $fields[$idx_lflags];
my $bn_ops = $fields[$idx_bn_ops];
-my $cpuid_obj = $fields[$idx_cpuid_obj];
my $bn_obj = $fields[$idx_bn_obj];
my $des_obj = $fields[$idx_des_obj];
-my $aes_obj = $fields[$idx_aes_obj];
my $bf_obj = $fields[$idx_bf_obj];
-my $md5_obj = $fields[$idx_md5_obj];
-my $sha1_obj = $fields[$idx_sha1_obj];
+$md5_obj = $fields[$idx_md5_obj];
+$sha1_obj = $fields[$idx_sha1_obj];
my $cast_obj = $fields[$idx_cast_obj];
my $rc4_obj = $fields[$idx_rc4_obj];
-my $rmd160_obj = $fields[$idx_rmd160_obj];
+$rmd160_obj = $fields[$idx_rmd160_obj];
my $rc5_obj = $fields[$idx_rc5_obj];
my $dso_scheme = $fields[$idx_dso_scheme];
my $shared_target = $fields[$idx_shared_target];
@@ -949,10 +998,8 @@ my $ranlib = $fields[$idx_ranlib];
my $arflags = $fields[$idx_arflags];
my $no_shared_warn=0;
-my $no_user_cflags=0;
-if ($flags ne "") { $cflags="$flags$cflags"; }
-else { $no_user_cflags=1; }
+$cflags="$flags$cflags" if ($flags ne "");
# Kerberos settings. The flavor must be provided from outside, either through
# the script "config" or manually.
@@ -1050,17 +1097,10 @@ if ($thread_cflag ne "(unknown)" && !$no_threads)
# If we know how to do it, support threads by default.
$threads = 1;
}
-if ($thread_cflag eq "(unknown)" && $threads)
+if ($thread_cflag eq "(unknown)")
{
- # If the user asked for "threads", [s]he is also expected to
- # provide any system-dependent compiler options that are
- # necessary.
- if ($no_user_cflags)
- {
- print "You asked for multi-threading support, but didn't\n";
- print "provide any system-specific compiler options\n";
- exit(1);
- }
+ # If the user asked for "threads", hopefully they also provided
+ # any system-dependent compiler options that are necessary.
$thread_cflags="-DOPENSSL_THREADS $cflags" ;
$thread_defines .= "#define OPENSSL_THREADS\n";
}
@@ -1082,7 +1122,7 @@ $lflags="$libs$lflags" if ($libs ne "");
if ($no_asm)
{
- $cpuid_obj=$bn_obj=$des_obj=$aes_obj=$bf_obj=$cast_obj=$rc4_obj=$rc5_obj="";
+ $bn_obj=$des_obj=$bf_obj=$cast_obj=$rc4_obj=$rc5_obj="";
$sha1_obj=$md5_obj=$rmd160_obj="";
}
@@ -1093,7 +1133,7 @@ if (!$no_shared)
if ($threads)
{
- $cflags=$thread_cflags;
+ #$cflags=$thread_cflags;
$openssl_thread_defines .= $thread_defines;
}
@@ -1159,12 +1199,9 @@ if ($ranlib eq "")
#$bn1=$bn_asm unless ($bn1 =~ /\.o$/);
#$bn_obj="$bn1";
-$cpuid_obj="" if ($processor==386);
-
$bn_obj = $bn_asm unless $bn_obj ne "";
# bn86* is the only one implementing bn_*_part_words
$cflags.=" -DOPENSSL_BN_ASM_PART_WORDS" if ($bn_obj =~ /bn86/);
-$cflags.=" -DOPENSSL_IA32_SSE2" if (!$no_sse2 && $bn_obj =~ /bn86/);
$des_obj=$des_enc unless ($des_obj =~ /\.o$/);
$bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/);
@@ -1174,15 +1211,7 @@ $rc5_obj=$rc5_enc unless ($rc5_obj =~ /\.o$/);
if ($sha1_obj =~ /\.o$/)
{
# $sha1_obj=$sha1_enc;
- $cflags.=" -DSHA1_ASM" if ($sha1_obj =~ /sx86/ || $sha1_obj =~ /sha1/);
- $cflags.=" -DSHA256_ASM" if ($sha1_obj =~ /sha256/);
- $cflags.=" -DSHA512_ASM" if ($sha1_obj =~ /sha512/);
- if ($sha1_obj =~ /x86/)
- { if ($no_sse2)
- { $sha1_obj =~ s/\S*sse2\S+//; }
- elsif ($cflags !~ /OPENSSL_IA32_SSE2/)
- { $cflags.=" -DOPENSSL_IA32_SSE2"; }
- }
+ $cflags.=" -DSHA1_ASM";
}
if ($md5_obj =~ /\.o$/)
{
@@ -1194,13 +1223,6 @@ if ($rmd160_obj =~ /\.o$/)
# $rmd160_obj=$rmd160_enc;
$cflags.=" -DRMD160_ASM";
}
-if ($aes_obj =~ /\.o$/)
- {
- $cflags.=" -DAES_ASM";
- }
-else {
- $aes_obj=$aes_enc;
- }
# "Stringify" the C flags string. This permits it to be made part of a string
# and works as well on command lines.
@@ -1274,10 +1296,8 @@ while (<IN>)
s/^DEPFLAG=.*$/DEPFLAG= $depflags/;
s/^EX_LIBS=.*$/EX_LIBS= $lflags/;
s/^EXE_EXT=.*$/EXE_EXT= $exe_ext/;
- s/^CPUID_OBJ=.*$/CPUID_OBJ= $cpuid_obj/;
s/^BN_ASM=.*$/BN_ASM= $bn_obj/;
s/^DES_ENC=.*$/DES_ENC= $des_obj/;
- s/^AES_ASM_OBJ=.*$/AES_ASM_OBJ= $aes_obj/;
s/^BF_ENC=.*$/BF_ENC= $bf_obj/;
s/^CAST_ENC=.*$/CAST_ENC= $cast_obj/;
s/^RC4_ENC=.*$/RC4_ENC= $rc4_obj/;
@@ -1323,10 +1343,8 @@ rename("$Makefile.new",$Makefile) || die "unable to rename $Makefile.new\n";
print "CC =$cc\n";
print "CFLAG =$cflags\n";
print "EX_LIBS =$lflags\n";
-print "CPUID_OBJ =$cpuid_obj\n";
print "BN_ASM =$bn_obj\n";
print "DES_ENC =$des_obj\n";
-print "AES_ASM_OBJ =$aes_obj\n";
print "BF_ENC =$bf_obj\n";
print "CAST_ENC =$cast_obj\n";
print "RC4_ENC =$rc4_obj\n";
@@ -1418,8 +1436,6 @@ print OUT "#ifdef OPENSSL_ALGORITHM_DEFINES\n";
print OUT $openssl_algorithm_defines_trans;
print OUT "#endif\n\n";
-print OUT "#define OPENSSL_CPUID_OBJ\n\n" if ($cpuid_obj);
-
while (<IN>)
{
if (/^#define\s+OPENSSLDIR/)
@@ -1539,10 +1555,12 @@ EOF
if $make_targets ne "";
if ( $perl =~ m@^/@) {
&dofile("tools/c_rehash",$perl,'^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";');
+ &dofile("apps/der_chop",$perl,'^#!/', '#!%s');
&dofile("apps/CA.pl",$perl,'^#!/', '#!%s');
} else {
# No path for Perl known ...
&dofile("tools/c_rehash",'/usr/local/bin/perl','^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";');
+ &dofile("apps/der_chop",'/usr/local/bin/perl','^#!/', '#!%s');
&dofile("apps/CA.pl",'/usr/local/bin/perl','^#!/', '#!%s');
}
if ($depflags ne "" && !$make_depend) {
@@ -1713,7 +1731,7 @@ sub print_table_entry
my $target = shift;
(my $cc,my $cflags,my $unistd,my $thread_cflag,my $sys_id,my $lflags,
- my $bn_ops,my $cpuid_obj,my $bn_obj,my $des_obj,my $aes_obj, my $bf_obj,
+ my $bn_ops,my $bn_obj,my $des_obj,my $bf_obj,
my $md5_obj,my $sha1_obj,my $cast_obj,my $rc4_obj,my $rmd160_obj,
my $rc5_obj,my $dso_scheme,my $shared_target,my $shared_cflag,
my $shared_ldflag,my $shared_extension,my $ranlib,my $arflags)=
@@ -1729,10 +1747,8 @@ sub print_table_entry
\$sys_id = $sys_id
\$lflags = $lflags
\$bn_ops = $bn_ops
-\$cpuid_obj = $cpuid_obj
\$bn_obj = $bn_obj
\$des_obj = $des_obj
-\$aes_obj = $aes_obj
\$bf_obj = $bf_obj
\$md5_obj = $md5_obj
\$sha1_obj = $sha1_obj
diff --git a/FAQ b/FAQ
index 12f3d24d16..25e101adbb 100644
--- a/FAQ
+++ b/FAQ
@@ -52,7 +52,6 @@ OpenSSL - Frequently Asked Questions
* Is OpenSSL thread-safe?
* I've compiled a program under Windows and it crashes: why?
* How do I read or write a DER encoded buffer using the ASN1 functions?
-* OpenSSL uses DER but I need BER format: does OpenSSL support BER?
* I've tried using <M_some_evil_pkcs12_macro> and I get errors why?
* I've called <some function> and it fails, why?
* I just get a load of numbers for the error output, what do they mean?
@@ -61,7 +60,6 @@ OpenSSL - Frequently Asked Questions
* Can I use OpenSSL's SSL library with non-blocking I/O?
* Why doesn't my server application receive a client certificate?
* Why does compilation fail due to an undefined symbol NID_uniqueIdentifier?
-* I think I've detected a memory leak, is this a bug?
===============================================================================
@@ -70,7 +68,7 @@ OpenSSL - Frequently Asked Questions
* Which is the current version of OpenSSL?
The current version is available from <URL: http://www.openssl.org>.
-OpenSSL 0.9.7e was released on October 25, 2004.
+OpenSSL 0.9.7c was released on September 30, 2003.
In addition to the current stable release, you can also access daily
snapshots of the OpenSSL development version at <URL:
@@ -152,8 +150,7 @@ Use MD5 to check that a tarball from a mirror site is identical:
md5sum TARBALL | awk '{print $1;}' | cmp - TARBALL.md5
You can check authenticity using pgp or gpg. You need the OpenSSL team
-member public key used to sign it (download it from a key server, see a
-list of keys at <URL: http://www.openssl.org/about/>). Then
+member public key used to sign it (download it from a key server). Then
just do:
pgp TARBALL.asc
@@ -473,10 +470,6 @@ This will only compile sha_dgst.c with -O0, the rest with the optimization
level chosen by the configuration process. When the above is done, do the
test and installation and you're set.
-3. Reconfigure the toolkit with no-sha0 option to leave out SHA0. It
-should not be used and is not used in SSL/TLS nor any other recognized
-protocol in either case.
-
* Why does the OpenSSL compilation fail with "ar: command not found"?
@@ -690,20 +683,6 @@ and attempts to free the buffer will have unpredictable results
because it no longer points to the same address.
-* OpenSSL uses DER but I need BER format: does OpenSSL support BER?
-
-The short answer is yes, because DER is a special case of BER and OpenSSL
-ASN1 decoders can process BER.
-
-The longer answer is that ASN1 structures can be encoded in a number of
-different ways. One set of ways is the Basic Encoding Rules (BER) with various
-permissible encodings. A restriction of BER is the Distinguished Encoding
-Rules (DER): these uniquely specify how a given structure is encoded.
-
-Therefore, because DER is a special case of BER, DER is an acceptable encoding
-for BER.
-
-
* I've tried using <M_some_evil_pkcs12_macro> and I get errors why?
This usually happens when you try compiling something using the PKCS#12
@@ -786,17 +765,5 @@ The correct name according to RFC2256 (LDAP) is x500UniqueIdentifier.
Change your code to use the new name when compiling against OpenSSL 0.9.7.
-* I think I've detected a memory leak, is this a bug?
-
-In most cases the cause of an apparent memory leak is an OpenSSL internal table
-that is allocated when an application starts up. Since such tables do not grow
-in size over time they are harmless.
-
-These internal tables can be freed up when an application closes using various
-functions. Currently these include: EVP_cleanup(), ERR_remove_state(),
-ERR_free_strings(), ENGINE_cleanup(), CONF_modules_unload() and
-CRYPTO_cleanup_all_ex_data().
-
-
===============================================================================
diff --git a/INSTALL b/INSTALL
index 91b639282f..1a1628f19b 100644
--- a/INSTALL
+++ b/INSTALL
@@ -77,20 +77,6 @@
386 Use the 80386 instruction set only (the default x86 code is
more efficient, but requires at least a 486).
- no-sse2 Exclude SSE2 code pathes. Normally SSE2 extention is
- detected at run-time, but the decision whether or not the
- machine code will be executed is taken solely on CPU
- capability vector. This means that if you happen to run OS
- kernel which does not support SSE2 extension on Intel P4
- processor, then your application might be exposed to
- "illegal instruction" exception. There might be a way
- to enable support in kernel, e.g. FreeBSD kernel can be
- compiled with CPU_ENABLE_SSE, and there is a way to
- disengage SSE2 code pathes upon application start-up,
- but if you aim for wider "audience" running such kernel,
- consider no-sse2. Both 386 and no-asm options above imply
- no-sse2.
-
no-<cipher> Build without the specified cipher (bf, cast, des, dh, dsa,
hmac, md2, md5, mdc2, rc2, rc4, rc5, rsa, sha).
The crypto/<cipher> directory can be removed after running
diff --git a/INSTALL.DJGPP b/INSTALL.DJGPP
index 1047ec90a5..cdeac222b2 100644
--- a/INSTALL.DJGPP
+++ b/INSTALL.DJGPP
@@ -3,45 +3,32 @@
INSTALLATION ON THE DOS PLATFORM WITH DJGPP
-------------------------------------------
- OpenSSL has been ported to DJGPP, a Unix look-alike 32-bit run-time
- environment for 16-bit DOS, but only with long filename support.
- If you wish to compile on native DOS with 8+3 filenames, you will
- have to tweak the installation yourself, including renaming files
- with illegal or duplicate names.
+ Openssl has been ported to DOS, but only with long filename support. If
+ you wish to compile on native DOS with 8+3 filenames, you will have to
+ tweak the installation yourself, including renaming files with illegal
+ or duplicate names.
You should have a full DJGPP environment installed, including the
latest versions of DJGPP, GCC, BINUTILS, BASH, etc. This package
requires that PERL and BC also be installed.
- All of these can be obtained from the usual DJGPP mirror sites or
- directly at "http://www.delorie.com/pub/djgpp". For help on which
- files to download, see the DJGPP "ZIP PICKER" page at
- "http://www.delorie.com/djgpp/zip-picker.html". You also need to have
- the WATT-32 networking package installed before you try to compile
- OpenSSL. This can be obtained from "http://www.bgnett.no/~giva/".
+ All of these can be obtained from the usual DJGPP mirror sites, such
+ as "ftp://ftp.simtel.net/pub/simtelnet/gnu/djgpp". You also need to
+ have the WATT-32 networking package installed before you try to compile
+ openssl. This can be obtained from "http://www.bgnett.no/~giva/".
The Makefile assumes that the WATT-32 code is in the directory
specified by the environment variable WATT_ROOT. If you have watt-32
in directory "watt32" under your main DJGPP directory, specify
WATT_ROOT="/dev/env/DJDIR/watt32".
- To compile OpenSSL, start your BASH shell, then configure for DJGPP by
- running "./Configure" with appropriate arguments:
-
- ./Configure no-threads --prefix=/dev/env/DJDIR DJGPP
+ To compile openssl, start your BASH shell. Then configure for DOS by
+ running "./Configure" with appropriate arguments. The basic syntax for
+ DOS is:
+ ./Configure no-threads --prefix=/dev/env/DJDIR DJGPP
- And finally fire up "make". You may run out of DPMI selectors when
- running in a DOS box under Windows. If so, just close the BASH
- shell, go back to Windows, and restart BASH. Then run "make" again.
-
- RUN-TIME CAVEAT LECTOR
- --------------
-
- Quoting FAQ:
-
- "Cryptographic software needs a source of unpredictable data to work
- correctly. Many open source operating systems provide a "randomness
- device" (/dev/urandom or /dev/random) that serves this purpose."
+ You may run out of DPMI selectors when running in a DOS box under
+ Windows. If so, just close the BASH shell, go back to Windows, and
+ restart BASH. Then run "make" again.
- As of version 0.9.7f DJGPP port checks upon /dev/urandom$ for a 3rd
- party "randomness" DOS driver. One such driver, NOISE.SYS, can be
- obtained from "http://www.rahul.net/dkaufman/index.html".
+ Building openssl under DJGPP has been tested with DJGPP 2.03,
+ GCC 2.952, GCC 2.953, perl 5.005_02 and perl 5.006_01.
diff --git a/Makefile.org b/Makefile.org
index 9a71cc6dce..96b9ff885a 100644
--- a/Makefile.org
+++ b/Makefile.org
@@ -80,13 +80,6 @@ MAKEDEPPROG=makedepend
AS=$(CC) -c
ASFLAG=$(CFLAG)
-# For x86 assembler: Set PROCESSOR to 386 if you want to support
-# the 80386.
-PROCESSOR=
-
-# CPUID module collects small commonly used assembler snippets
-CPUID_OBJ=
-
# Set BN_ASM to bn_asm.o if you want to use the C version
BN_ASM= bn_asm.o
#BN_ASM= bn_asm.o
@@ -102,6 +95,10 @@ BN_ASM= bn_asm.o
#BN_ASM= asm/x86w16.o # 16 bit code for Windows 3.1/DOS
#BN_ASM= asm/x86w32.o # 32 bit code for Windows 3.1
+# For x86 assembler: Set PROCESSOR to 386 if you want to support
+# the 80386.
+PROCESSOR=
+
# Set DES_ENC to des_enc.o if you want to use the C version
#There are 4 x86 assember options.
DES_ENC= asm/dx86-out.o asm/yx86-out.o
@@ -111,8 +108,6 @@ DES_ENC= asm/dx86-out.o asm/yx86-out.o
#DES_ENC= asm/dx86-out.o asm/yx86-out.o # a.out, FreeBSD
#DES_ENC= asm/dx86bsdi.o asm/yx86bsdi.o # bsdi
-AES_ASM_OBJ=aes_core.o aes_cbc.o
-
# Set BF_ENC to bf_enc.o if you want to use the C version
#There are 4 x86 assember options.
BF_ENC= asm/bx86-out.o
@@ -222,29 +217,10 @@ HEADER= e_os.h
all: Makefile.ssl build_all openssl.pc
-BUILDENV= PLATFORM='${PLATFORM}' PROCESSOR='${PROCESSOR}' \
- SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' \
- CC='${CC}' CFLAG='${CFLAG}' \
- AS='${CC}' ASFLAG='${CFLAG} -c' \
- AR='${AR}' PERL='${PERL}' RANLIB='${RANLIB}' \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
- KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' \
- EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' \
- SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' \
- PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' \
- CPUID_OBJ='${CPUID_OBJ}' \
- BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' \
- AES_ASM_OBJ='${AES_ASM_OBJ}' \
- BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' \
- RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' \
- SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' \
- MD5_ASM_OBJ='${MD5_ASM_OBJ}' \
- RMD160_ASM_OBJ='${RMD160_ASM_OBJ}'
-
BUILD_CMD=if echo " $(DIRS) " | grep " $$dir " >/dev/null 2>/dev/null; then \
if [ -d "$$dir" ]; then \
(cd $$dir && echo "making $$target in $$dir..." && \
- $(MAKE) -e $(BUILDENV) $$target ) || exit 1; \
+ $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' AS='${AS}' ASFLAG='${ASFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' SHARED_LDFLAGS='${SHARED_LDFLAGS}' LIBRPATH='$(INSTALLTOP)/lib' $$target ) || exit 1; \
else \
$(MAKE) $$dir; \
fi; fi
@@ -276,7 +252,6 @@ libcrypto$(SHLIB_EXT): libcrypto.a
$(MAKE) SHLIBDIRS=crypto build-shared; \
else \
echo "There's no support for shared libraries on this platform" >&2; \
- exit 1; \
fi
libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a
@@ -284,7 +259,6 @@ libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a
$(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \
else \
echo "There's no support for shared libraries on this platform" >&2; \
- exit 1; \
fi
clean-shared:
@@ -318,7 +292,8 @@ do_$(SHLIB_TARGET):
libs="$(LIBKRB5) $$libs"; \
fi; \
$(NEWMAKE) -f Makefile.shared \
- $(BUILDENV) \
+ CC="$(CC)" LDFLAGS="$(LDFLAGS)" \
+ SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
LIBNAME=$$i LIBVERSION=${SHLIB_MAJOR}.${SHLIB_MINOR} \
LIBCOMPATVERSIONS=";${SHLIB_VERSION_HISTORY}" \
LIBDEPS="$$libs $(EX_LIBS)" \
@@ -388,7 +363,7 @@ links:
gentests:
@(cd test && echo "generating dummy tests (if needed)..." && \
- $(MAKE) $(BUILDENV) TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on generate );
+ $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on generate );
dclean:
rm -f *.bak
@@ -402,18 +377,29 @@ dclean:
rehash: rehash.time
rehash.time: certs
- @(OPENSSL="`pwd`/util/opensslwrap.sh"; \
- OPENSSL_DEBUG_MEMORY=on; \
- export OPENSSL OPENSSL_DEBUG_MEMORY; \
- $(PERL) tools/c_rehash certs)
+ @(OPENSSL="`pwd`/apps/openssl$(EXE_EXT)"; OPENSSL_DEBUG_MEMORY=on; \
+ export OPENSSL OPENSSL_DEBUG_MEMORY; \
+ LD_LIBRARY_PATH="`pwd`:$$LD_LIBRARY_PATH"; \
+ DYLD_LIBRARY_PATH="`pwd`:$$DYLD_LIBRARY_PATH"; \
+ SHLIB_PATH="`pwd`:$$SHLIB_PATH"; \
+ LIBPATH="`pwd`:$$LIBPATH"; \
+ if [ "$(PLATFORM)" = "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \
+ export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; \
+ $(PERL) tools/c_rehash certs)
touch rehash.time
test: tests
tests: rehash
@(cd test && echo "testing..." && \
- $(MAKE) -e $(BUILDENV) TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on tests );
- util/opensslwrap.sh version -a
+ $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on tests );
+ @LD_LIBRARY_PATH="`pwd`:$$LD_LIBRARY_PATH"; \
+ DYLD_LIBRARY_PATH="`pwd`:$$DYLD_LIBRARY_PATH"; \
+ SHLIB_PATH="`pwd`:$$SHLIB_PATH"; \
+ LIBPATH="`pwd`:$$LIBPATH"; \
+ if [ "$(PLATFORM)" = "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \
+ export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; \
+ apps/openssl version -a
report:
@$(PERL) util/selftest.pl
@@ -505,7 +491,7 @@ dist:
@$(MAKE) TAR='${TAR}' TARFLAGS='${TARFLAGS}' tar
dist_pem_h:
- (cd crypto/pem; $(MAKE) $(BUILDENV) pem.h; $(MAKE) clean)
+ (cd crypto/pem; $(MAKE) CC='${CC}' SDIRS='${SDIRS}' CFLAG='${CFLAG}' pem.h; $(MAKE) clean)
install: all install_docs install_sw
@@ -518,7 +504,7 @@ install_sw:
$(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
$(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
$(INSTALL_PREFIX)$(OPENSSLDIR)/private
- @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\
+ @set -e; for i in $(EXHEADER) ;\
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
@@ -527,7 +513,7 @@ install_sw:
do \
if [ -d "$$i" ]; then \
(cd $$i; echo "installing $$i..."; \
- $(MAKE) $(BUILDENV) INSTALL_PREFIX='${INSTALL_PREFIX}' OPENSSLDIR='${OPENSSLDIR}' install ); \
+ $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' OPENSSLDIR='${OPENSSLDIR}' EX_LIBS='${EX_LIBS}' SDIRS='${SDIRS}' RANLIB='${RANLIB}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' install ); \
fi; \
done
@set -e; for i in $(LIBS) ;\
@@ -588,7 +574,7 @@ install_docs:
fi; \
set -e; for i in doc/apps/*.pod; do \
fn=`basename $$i .pod`; \
- sec=`$(PERL) util/extract-section.pl 1 < $$i`; \
+ if [ "$$fn" = "config" ]; then sec=5; else sec=1; fi; \
echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
(cd `$(PERL) util/dirname.pl $$i`; \
sh -c "$$pod2man \
@@ -605,7 +591,7 @@ install_docs:
done; \
set -e; for i in doc/crypto/*.pod doc/ssl/*.pod; do \
fn=`basename $$i .pod`; \
- sec=`$(PERL) util/extract-section.pl 3 < $$i`; \
+ if [ "$$fn" = "des_modes" ]; then sec=7; else sec=3; fi; \
echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
(cd `$(PERL) util/dirname.pl $$i`; \
sh -c "$$pod2man \
diff --git a/Makefile.shared b/Makefile.shared
index 8b37a36e47..81a72a4738 100644
--- a/Makefile.shared
+++ b/Makefile.shared
@@ -91,7 +91,7 @@ LINK_APP= \
LIBPATH=`for x in $$LIBDEPS; do if echo $$x | grep '^ *-L' > /dev/null 2>&1; then echo $$x | sed -e 's/^ *-L//'; fi; done | uniq`; \
LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \
LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \
- $$LDCMD $$LDFLAGS -o $$APPNAME $(OBJECTS) $$LIBDEPS )
+ $$LDCMD $(LDFLAGS) $$LDFLAGS -o $$APPNAME $(OBJECTS) $$LIBDEPS )
LINK_SO= \
( $(DEBUG); \
@@ -99,7 +99,7 @@ LINK_SO= \
LIBPATH=`for x in $$LIBDEPS; do if echo $$x | grep '^ *-L' > /dev/null 2>&1; then echo $$x | sed -e 's/^ *-L//'; fi; done | uniq`; \
LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \
LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \
- $$SHAREDCMD $$SHAREDFLAGS -o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \
+ $$SHAREDCMD $(SHARED_LDFLAGS) $$SHAREDFLAGS -o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \
$$ALLSYMSFLAGS $$SHOBJECTS $$NOALLSYMSFLAGS $$LIBDEPS ) && \
$(SYMLINK_SO); ( $(DEBUG); rm -f lib$(LIBNAME).exp )
SYMLINK_SO= \
@@ -138,14 +138,14 @@ DETECT_GNU_LD=(${CC} -Wl,-V /dev/null 2>&1 | grep '^GNU ld' )>/dev/null
DO_GNU_SO=$(CALC_VERSIONS); \
SHLIB=lib$(LIBNAME).so; \
SHLIB_SUFFIX=; \
- LIBDEPS="$(LIBDEPS)"; \
+ LIBDEPS="$(LIBDEPS) -lc"; \
ALLSYMSFLAGS='-Wl,--whole-archive'; \
NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
- SHAREDFLAGS="$(CFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX -Wl,-rpath,$(LIBRPATH)"; \
+ SHAREDFLAGS="-shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX -Wl,-rpath,$(LIBRPATH)"; \
SHAREDCMD='$(CC)'
DO_GNU_APP=LDCMD=$(CC);\
- LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"; \
- LIBDEPS="$(LIBDEPS)"; \
+ LDFLAGS="-Wl,-rpath,$(LIBRPATH)"; \
+ LIBDEPS="$(LIBDEPS) -lc"; \
APPNAME=$(APPNAME)
#This is rather special. It's a special target with which one can link
@@ -155,7 +155,7 @@ DO_GNU_APP=LDCMD=$(CC);\
#else...
link_app.:
LDCMD=$(CC); \
- LDFLAGS="$(CFLAGS)"; \
+ LDFLAGS=""; \
LIBDEPS="$(LIBDEPS)"; \
APPNAME="$(APPNAME)"; \
$(LINK_APP)
@@ -167,36 +167,6 @@ link_a.gnu:
link_app.gnu:
@ $(DO_GNU_APP); $(LINK_APP)
-link_o.bsd:
- @if ${DETECT_GNU_LD}; then $(DO_GNU_SO); else \
- $(CALC_VERSIONS); \
- SHLIB=lib$(LIBNAME).so; \
- SHLIB_SUFFIX=; \
- LIBDEPS=; \
- ALLSYMSFLAGS="-Wl,-Bforcearchive"; \
- NOALLSYMSFLAGS=; \
- SHAREDFLAGS="$(CFLAGS) -shared -nostdlib"; \
- SHAREDCMD=$(CC); \
- fi; $(LINK_SO_O)
-link_a.bsd:
- @if ${DETECT_GNU_LD}; then $(DO_GNU_SO); else \
- $(CALC_VERSIONS); \
- SHLIB=lib$(LIBNAME).so; \
- SHLIB_SUFFIX=; \
- LIBDEPS=; \
- ALLSYMSFLAGS="-Wl,-Bforcearchive"; \
- NOALLSYMSFLAGS=; \
- SHAREDFLAGS="$(CFLAGS) -shared -nostdlib"; \
- SHAREDCMD=$(CC); \
- fi; $(LINK_SO_A)
-link_app.bsd:
- @if ${DETECT_GNU_LD}; then $(DO_GNU_APP); else \
- LDCMD=$(CC); \
- LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBPATH)"; \
- LIBDEPS="$(LIBDEPS)"; \
- APPNAME="$(APPNAME)"; \
- fi; $(LINK_APP)
-
# For Darwin AKA Mac OS/X (dyld)
link_o.darwin:
@ $(CALC_VERSIONS); \
@@ -205,7 +175,7 @@ link_o.darwin:
LIBDEPS="$(LIBDEPS) -lc"; \
ALLSYMSFLAGS='-all_load'; \
NOALLSYMSFLAGS=''; \
- SHAREDFLAGS="$(CFLAGS) -dynamiclib"; \
+ SHAREDFLAGS="-dynamiclib"; \
SHAREDCMD='$(CC)'; \
if [ -n "$(LIBVERSION)" ]; then \
SHAREDFLAGS="$$SHAREDFLAGS -current_version $(LIBVERSION)"; \
@@ -221,7 +191,7 @@ link_a.darwin:
LIBDEPS="$(LIBDEPS) -lc"; \
ALLSYMSFLAGS='-all_load'; \
NOALLSYMSFLAGS=''; \
- SHAREDFLAGS="$(CFLAGS) -dynamiclib"; \
+ SHAREDFLAGS="-dynamiclib"; \
SHAREDCMD='$(CC)'; \
if [ -n "$(LIBVERSION)" ]; then \
SHAREDFLAGS="$$SHAREDFLAGS -current_version $(LIBVERSION)"; \
@@ -232,7 +202,7 @@ link_a.darwin:
$(LINK_SO_A)
link_app.darwin:
LDCMD=$(CC);\
- LDFLAGS="$(CFLAGS)"; \
+ LDFLAGS=""; \
LIBDEPS="$(LIBDEPS) -lc"; \
APPNAME="$(APPNAME)"; \
$(LINK_APP)
@@ -241,33 +211,31 @@ link_o.cygwin:
@ $(CALC_VERSIONS); \
INHIBIT_SYMLINKS=yes; \
SHLIB=cyg$(LIBNAME); \
- expr $(PLATFORM) : 'mingw' > /dev/null && SHLIB=$(LIBNAME)eay32; \
SHLIB_SUFFIX=.dll; \
- LIBDEPS="$(LIBDEPS)"; \
+ LIBDEPS="$(LIBDEPS) -lc"; \
SHLIB_SOVER=-$(LIBVERSION); \
ALLSYMSFLAGS='-Wl,--whole-archive'; \
NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
- SHAREDFLAGS="$(CFLAGS) -Wl,-Bsymbolic -Wl,--out-implib,lib$(LIBNAME).dll.a"; \
+ SHAREDFLAGS="-shared -Wl,-Bsymbolic -Wl,--out-implib,lib$(LIBNAME).dll.a"; \
SHAREDCMD='${CC}'; \
$(LINK_SO_O)
link_a.cygwin:
@ $(CALC_VERSIONS); \
INHIBIT_SYMLINKS=yes; \
SHLIB=cyg$(LIBNAME); \
- expr $(PLATFORM) : 'mingw' > /dev/null && SHLIB=$(LIBNAME)eay32; \
SHLIB_SUFFIX=.dll; \
- LIBDEPS="$(LIBDEPS)"; \
+ LIBDEPS="$(LIBDEPS) -lc"; \
SHLIB_SOVER=; \
ALLSYMSFLAGS='-Wl,--whole-archive'; \
NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
- SHAREDFLAGS="$(CFLAGS) -Wl,-Bsymbolic -Wl,--out-implib,lib$(LIBNAME).dll.a"; \
+ SHAREDFLAGS="-shared -Wl,-Bsymbolic -Wl,--out-implib,lib$(LIBNAME).dll.a"; \
SHAREDCMD='${CC}'; \
$(LINK_SO_A)
link_app.cygwin:
LDCMD=$(CC);\
- LDFLAGS="$(CFLAGS)"; \
- LIBDEPS="$(LIBDEPS)"; \
- APPNAME="$(APPNAME)"; \
+ LDFLAGS=""; \
+ LIBDEPS="$(LIBDEPS) -lc"; \
+ APPNAME="$(APPNAME).exe"
$(LINK_APP)
link_o.alpha-osf1:
@@ -286,7 +254,7 @@ link_o.alpha-osf1:
SHLIB_SOVER=; \
ALLSYMSFLAGS='-all'; \
NOALLSYMSFLAGS='-none'; \
- SHAREDFLAGS="$(CFLAGS) -shared"; \
+ SHAREDFLAGS="-shared"; \
SHAREDCMD='$(CC)'; \
if [ -n "$$SHLIB_HIST" ]; then \
SHAREDFLAGS="$$SHAREDFLAGS -set_version \"$$SHLIB_HIST\""; \
@@ -309,7 +277,7 @@ link_a.alpha-osf1:
SHLIB_SOVER=; \
ALLSYMSFLAGS='-all'; \
NOALLSYMSFLAGS='-none'; \
- SHAREDFLAGS="$(CFLAGS) -shared"; \
+ SHAREDFLAGS="-shared"; \
SHAREDCMD='$(CC)'; \
if [ -n "$$SHLIB_HIST" ]; then \
SHAREDFLAGS="$$SHAREDFLAGS -set_version \"$$SHLIB_HIST\""; \
@@ -321,7 +289,7 @@ link_app.alpha-osf1:
$(DO_GNU_APP); \
else \
LDCMD=$(CC);\
- LDFLAGS="$(CFLAGS)"; \
+ LDFLAGS=""; \
LIBDEPS="$(LIBDEPS) -lc"; \
APPNAME="$(APPNAME)"
fi; \
@@ -335,7 +303,7 @@ link_o.tru64:
else \
SHLIB=lib$(LIBNAME).so; \
SHLIB_SUFFIX=; \
- LIBDEPS="$(LIBDEPS)"; \
+ LIBDEPS="$(LIBDEPS) -lc"; \
SHLIB_HIST=`echo "$(LIBCOMPATVERSIONS)" | cut -d';' -f2 | sed -e 's/ */:/'`; \
if [ -n "$$SHLIB_HIST" ]; then \
SHLIB_HIST="$${SHLIB_HIST}:$(LIBVERSION)"; \
@@ -345,7 +313,7 @@ link_o.tru64:
SHLIB_SOVER=; \
ALLSYMSFLAGS='-all'; \
NOALLSYMSFLAGS='-none'; \
- SHAREDFLAGS="$(CFLAGS) -shared -msym -rpath $(LIBRPATH)"; \
+ SHAREDFLAGS="-shared -msym -rpath $(LIBRPATH)"; \
SHAREDCMD='$(CC)'; \
if [ -n "$$SHLIB_HIST" ]; then \
SHAREDFLAGS="$$SHAREDFLAGS -set_version \"$$SHLIB_HIST\""; \
@@ -358,7 +326,7 @@ link_a.tru64:
else \
SHLIB=lib$(LIBNAME).so; \
SHLIB_SUFFIX=; \
- LIBDEPS="$(LIBDEPS)"; \
+ LIBDEPS="$(LIBDEPS) -lc"; \
SHLIB_HIST=`echo "$(LIBCOMPATVERSIONS)" | cut -d';' -f2 | sed -e 's/ */:/'`; \
if [ -n "$$SHLIB_HIST" ]; then \
SHLIB_HIST="$${SHLIB_HIST}:$(LIBVERSION)"; \
@@ -368,7 +336,7 @@ link_a.tru64:
SHLIB_SOVER=; \
ALLSYMSFLAGS='-all'; \
NOALLSYMSFLAGS='-none'; \
- SHAREDFLAGS="$(CFLAGS) -shared -msym -rpath $(LIBRPATH)"; \
+ SHAREDFLAGS="-shared -msym -rpath $(LIBRPATH)"; \
SHAREDCMD='$(CC)'; \
if [ -n "$$SHLIB_HIST" ]; then \
SHAREDFLAGS="$$SHAREDFLAGS -set_version \"$$SHLIB_HIST\""; \
@@ -380,8 +348,8 @@ link_app.tru64:
$(DO_GNU_APP); \
else \
LDCMD=$(CC);\
- LDFLAGS="$(CFLAGS) -rpath $(LIBRPATH)"; \
- LIBDEPS="$(LIBDEPS)"; \
+ LDFLAGS="-rpath $(LIBRPATH)"; \
+ LIBDEPS="$(LIBDEPS) -lc"; \
APPNAME="$(APPNAME)"; \
fi; \
$(LINK_APP)
@@ -394,7 +362,7 @@ link_o.tru64-rpath:
else \
SHLIB=lib$(LIBNAME).so; \
SHLIB_SUFFIX=; \
- LIBDEPS="$(LIBDEPS)"; \
+ LIBDEPS="$(LIBDEPS) -lc"; \
SHLIB_HIST=`echo "$(LIBCOMPATVERSIONS)" | cut -d';' -f2 | sed -e 's/ */:/'`; \
if [ -n "$$SHLIB_HIST" ]; then \
SHLIB_HIST="$${SHLIB_HIST}:$(LIBVERSION)"; \
@@ -404,7 +372,7 @@ link_o.tru64-rpath:
SHLIB_SOVER=; \
ALLSYMSFLAGS='-all'; \
NOALLSYMSFLAGS='-none'; \
- SHAREDFLAGS="$(CFLAGS) -shared -msym -rpath $(LIBRPATH)"; \
+ SHAREDFLAGS="-shared -msym -rpath $(LIBRPATH)"; \
SHAREDCMD='$(CC)'; \
if [ -n "$$SHLIB_HIST" ]; then \
SHAREDFLAGS="$$SHAREDFLAGS -set_version \"$$SHLIB_HIST\""; \
@@ -417,7 +385,7 @@ link_a.tru64-rpath:
else \
SHLIB=lib$(LIBNAME).so; \
SHLIB_SUFFIX=; \
- LIBDEPS="$(LIBDEPS)"; \
+ LIBDEPS="$(LIBDEPS) -lc"; \
SHLIB_HIST=`echo "$(LIBCOMPATVERSIONS)" | cut -d';' -f2 | sed -e 's/ */:/'`; \
if [ -n "$$SHLIB_HIST" ]; then \
SHLIB_HIST="$${SHLIB_HIST}:$(LIBVERSION)"; \
@@ -427,7 +395,7 @@ link_a.tru64-rpath:
SHLIB_SOVER=; \
ALLSYMSFLAGS='-all'; \
NOALLSYMSFLAGS='-none'; \
- SHAREDFLAGS="$(CFLAGS) -shared -msym -rpath $(LIBRPATH)"; \
+ SHAREDFLAGS="-shared -msym -rpath $(LIBRPATH)"; \
SHAREDCMD='$(CC)'; \
if [ -n "$$SHLIB_HIST" ]; then \
SHAREDFLAGS="$$SHAREDFLAGS -set_version \"$$SHLIB_HIST\""; \
@@ -439,8 +407,8 @@ link_app.tru64-rpath:
$(DO_GNU_APP); \
else \
LDCMD=$(CC);\
- LDFLAGS="$(CFLAGS) -rpath $(LIBRPATH)"; \
- LIBDEPS="$(LIBDEPS)"; \
+ LDFLAGS="-rpath $(LIBRPATH)"; \
+ LIBDEPS="$(LIBDEPS) -lc"; \
APPNAME="$(APPNAME)"; \
fi; \
$(LINK_APP)
@@ -454,10 +422,10 @@ link_o.solaris:
(${CC} -v 2>&1 | grep gcc) > /dev/null && MINUSZ='-Wl,-z,'; \
SHLIB=lib$(LIBNAME).so; \
SHLIB_SUFFIX=; \
- LIBDEPS="$(LIBDEPS)"; \
+ LIBDEPS="$(LIBDEPS) -lc"; \
ALLSYMSFLAGS="$${MINUSZ}allextract"; \
NOALLSYMSFLAGS="$${MINUSZ}defaultextract"; \
- SHAREDFLAGS="$(CFLAGS) -G -dy -z text -h $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX -R $(LIBRPATH) -Wl,-Bsymbolic"; \
+ SHAREDFLAGS="-G -dy -z text -h $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX -R $(LIBRPATH)"; \
SHAREDCMD='$(CC)'; \
fi; \
$(LINK_SO_O)
@@ -470,10 +438,10 @@ link_a.solaris:
(${CC} -v 2>&1 | grep gcc) > /dev/null && MINUSZ='-Wl,-z,'; \
SHLIB=lib$(LIBNAME).so; \
SHLIB_SUFFIX=;\
- LIBDEPS="$(LIBDEPS)"; \
+ LIBDEPS="$(LIBDEPS) -lc"; \
ALLSYMSFLAGS="$${MINUSZ}allextract"; \
NOALLSYMSFLAGS="$${MINUSZ}defaultextract"; \
- SHAREDFLAGS="$(CFLAGS) -G -dy -z text -h $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX -R $(LIBRPATH) -Wl,-Bsymbolic"; \
+ SHAREDFLAGS="-G -dy -z text -h $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX -R $(LIBRPATH)"; \
SHAREDCMD='$(CC)'; \
fi; \
$(LINK_SO_A)
@@ -482,8 +450,8 @@ link_app.solaris:
$(DO_GNU_APP); \
else \
LDCMD=$(CC);\
- LDFLAGS="$(CFLAGS) -R $(LIBRPATH)"; \
- LIBDEPS="$(LIBDEPS)"; \
+ LDFLAGS="-R $(LIBRPATH)"; \
+ LIBDEPS="$(LIBDEPS) -lc"; \
APPNAME="$(APPNAME)"; \
fi; \
$(LINK_APP)
@@ -499,7 +467,7 @@ link_o.svr3:
LIBDEPS="$(LIBDEPS) -lc"; \
ALLSYMSFLAGS=''; \
NOALLSYMSFLAGS=''; \
- SHAREDFLAGS="$(CFLAGS) -G -h $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"; \
+ SHAREDFLAGS="-G -h $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"; \
SHAREDCMD='$(CC)'; \
fi; \
$(LINK_SO_O)
@@ -513,7 +481,7 @@ link_a.svr3:
LIBDEPS="$(LIBDEPS) -lc"; \
ALLSYMSFLAGS=''; \
NOALLSYMSFLAGS=''; \
- SHAREDFLAGS="$(CFLAGS) -G -h $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"; \
+ SHAREDFLAGS="-G -h $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"; \
SHAREDCMD='$(CC)'; \
fi; \
$(LINK_SO_A_UNPACKED)
@@ -522,7 +490,7 @@ link_app.svr3:
$(DO_GNU_APP); \
else \
LDCMD=$(CC);\
- LDFLAGS="$(CFLAGS)"; \
+ LDFLAGS=""; \
LIBDEPS="$(LIBDEPS) -lc"; \
APPNAME="$(APPNAME)"; \
fi; \
@@ -541,7 +509,7 @@ link_o.svr5:
LIBDEPS="$(LIBDEPS) -lc"; \
ALLSYMSFLAGS=''; \
NOALLSYMSFLAGS=''; \
- SHAREDFLAGS="$(CFLAGS) $${SHARE_FLAG} -h $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"; \
+ SHAREDFLAGS="$${SHARE_FLAG} -h $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"; \
SHAREDCMD='$(CC)'; \
fi; \
$(LINK_SO_O)
@@ -557,7 +525,7 @@ link_a.svr5:
LIBDEPS="$(LIBDEPS) -lc"; \
ALLSYMSFLAGS=''; \
NOALLSYMSFLAGS=''; \
- SHAREDFLAGS="$(CFLAGS) $${SHARE_FLAG} -h $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"; \
+ SHAREDFLAGS="$${SHARE_FLAG} -h $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"; \
SHAREDCMD='$(CC)'; \
fi; \
$(LINK_SO_A_UNPACKED)
@@ -566,7 +534,7 @@ link_app.svr5:
$(DO_GNU_APP); \
else \
LDCMD=$(CC);\
- LDFLAGS="$(CFLAGS)"; \
+ LDFLAGS=""; \
LIBDEPS="$(LIBDEPS) -lc"; \
APPNAME="$(APPNAME)"; \
fi; \
@@ -579,12 +547,12 @@ link_o.irix:
$(CALC_VERSIONS); \
SHLIB=lib$(LIBNAME).so; \
SHLIB_SUFFIX=; \
- LIBDEPS="$(LIBDEPS)"; \
+ LIBDEPS="$(LIBDEPS) -lc"; \
MINUSWL=""; \
($(CC) -v 2>&1 | grep gcc) > /dev/null && MINUSWL="-Wl,"; \
ALLSYMSFLAGS="$${MINUSWL}-all"; \
- NOALLSYMSFLAGS="$${MINUSWL}-none"; \
- SHAREDFLAGS="$(CFLAGS) -shared -Wl,-soname,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX -Wl,-rpath,$(LIBRPATH)"; \
+ NOALLSYMSFLAGS="$${MINUSWL}-notall"; \
+ SHAREDFLAGS="-shared -Wl,-soname,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX -Wl,-rpath,$(LIBRPATH)"; \
SHAREDCMD='$(CC)'; \
fi; \
$(LINK_SO_O)
@@ -595,12 +563,12 @@ link_a.irix:
$(CALC_VERSIONS); \
SHLIB=lib$(LIBNAME).so; \
SHLIB_SUFFIX=; \
- LIBDEPS="$(LIBDEPS)"; \
+ LIBDEPS="$(LIBDEPS) -lc"; \
MINUSWL=""; \
($(CC) -v 2>&1 | grep gcc) > /dev/null && MINUSWL="-Wl,"; \
ALLSYMSFLAGS="$${MINUSWL}-all"; \
- NOALLSYMSFLAGS="$${MINUSWL}-none"; \
- SHAREDFLAGS="$(CFLAGS) -shared -Wl,-soname,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX -Wl,-rpath,$(LIBRPATH)"; \
+ NOALLSYMSFLAGS="$${MINUSWL}-notall"; \
+ SHAREDFLAGS="-shared -Wl,-soname,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX -Wl,-rpath,$(LIBRPATH)"; \
SHAREDCMD='$(CC)'; \
fi; \
$(LINK_SO_A)
@@ -609,8 +577,8 @@ link_app.irix:
$(DO_GNU_APP); \
else \
LDCMD=$(CC);\
- LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"; \
- LIBDEPS="$(LIBDEPS)"; \
+ LDFLAGS="-Wl,-rpath,$(LIBRPATH)"; \
+ LIBDEPS="$(LIBDEPS) -lc"; \
APPNAME="$(APPNAME)"; \
fi; \
$(LINK_APP)
@@ -627,13 +595,12 @@ link_o.hpux:
@if ${DETECT_GNU_LD}; then $(DO_GNU_SO); else \
$(CALC_VERSIONS); \
SHLIB=lib$(LIBNAME).sl; \
- expr $(PLATFORM) : '.*ia64' > /dev/null && SHLIB=lib$(LIBNAME).so; \
SHLIB_SUFFIX=; \
LIBDEPS="$(LIBDEPS)"; \
ALLSYMSFLAGS='-Wl,-Fl'; \
NOALLSYMSFLAGS=''; \
expr $(PLATFORM) : 'hpux64' > /dev/null && ALLSYMSFLAGS='-Wl,+forceload'; \
- SHAREDFLAGS="$(CFLAGS) -Wl,-B,symbolic,+vnocompatwarnings,-z,+s,+cdp,../:,+cdp,./:,+h,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX,+b,$(LIBRPATH)"; \
+ SHAREDFLAGS="-Wl,-B,symbolic,+vnocompatwarnings,-z,+s,+cdp,../:,+cdp,./:,+h,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX,+b,$(LIBRPATH)"; \
SHAREDCMD=$(CC); \
fi; \
$(LINK_SO_O) && chmod a=rx $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX
@@ -641,20 +608,19 @@ link_a.hpux:
@if ${DETECT_GNU_LD}; then $(DO_GNU_SO); else \
$(CALC_VERSIONS); \
SHLIB=lib$(LIBNAME).sl; \
- expr $(PLATFORM) : '.*ia64' > /dev/null && SHLIB=lib$(LIBNAME).so; \
SHLIB_SUFFIX=; \
LIBDEPS="$(LIBDEPS)"; \
ALLSYMSFLAGS='-Wl,-Fl'; \
NOALLSYMSFLAGS=''; \
expr $(PLATFORM) : 'hpux64' > /dev/null && ALLSYMSFLAGS='-Wl,+forceload'; \
- SHAREDFLAGS="$(CFLAGS) -Wl,-B,symbolic,+vnocompatwarnings,-z,+s,+cdp,../:,+cdp,./:,+h,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX,+b,$(LIBRPATH)"; \
+ SHAREDFLAGS="-Wl,-B,symbolic,+vnocompatwarnings,-z,+s,+cdp,../:,+cdp,./:,+h,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX,+b,$(LIBRPATH)"; \
SHAREDCMD='$(CC)'; \
fi; \
$(LINK_SO_A) && chmod a=rx $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX
link_app.hpux:
@if ${DETECT_GNU_LD}; then $(DO_GNU_APP); else \
LDCMD=$(CC);\
- LDFLAGS="$(CFLAGS) -Wl,+s,+cdp,../:,+cdp,./:,+b,$(LIBRPATH)"; \
+ LDFLAGS="-Wl,+s,+cdp,../:,+cdp,./:,+b,$(LIBRPATH)"; \
LIBDEPS="$(LIBDEPS)"; \
APPNAME="$(APPNAME)"; \
fi; \
@@ -667,7 +633,7 @@ link_o.aix:
LIBDEPS="$(LIBDEPS) -lc"; \
ALLSYMSFLAGS='-bnogc'; \
NOALLSYMSFLAGS=''; \
- SHAREDFLAGS='$(CFLAGS) -G -bE:lib$(LIBNAME).exp -bM:SRE -blibpath:$(LIBRPATH)'; \
+ SHAREDFLAGS='-G -bE:lib$(LIBNAME).exp -bM:SRE -blibpath:$(LIBRPATH)'; \
SHAREDCMD='$(CC)'; \
$(LINK_SO_O)
link_a.aix:
@@ -677,12 +643,12 @@ link_a.aix:
LIBDEPS="$(LIBDEPS) -lc"; \
ALLSYMSFLAGS='-bnogc'; \
NOALLSYMSFLAGS=''; \
- SHAREDFLAGS='$(CFLAGS) -G -bE:lib$(LIBNAME).exp -bM:SRE -blibpath:$(LIBRPATH)'; \
+ SHAREDFLAGS='-G -bE:lib$(LIBNAME).exp -bM:SRE -blibpath:$(LIBRPATH)'; \
SHAREDCMD='$(CC)'; \
$(LINK_SO_A_VIA_O)
link_app.aix:
LDCMD=$(CC);\
- LDFLAGS="$(CFLAGS) -blibpath:$(LIBRPATH)"; \
+ LDFLAGS="-blibpath:$(LIBRPATH)"; \
LIBDEPS="$(LIBDEPS) -lc"; \
APPNAME="$(APPNAME)"
$(LINK_APP)
@@ -694,7 +660,7 @@ link_o.reliantunix:
LIBDEPS="$(LIBDEPS) -lc"; \
ALLSYMSFLAGS=; \
NOALLSYMSFLAGS=''; \
- SHAREDFLAGS='$(CFLAGS) -G'; \
+ SHAREDFLAGS='-G'; \
SHAREDCMD='$(CC)'; \
$(LINK_SO_O)
link_a.reliantunix:
@@ -704,12 +670,12 @@ link_a.reliantunix:
LIBDEPS="$(LIBDEPS) -lc"; \
ALLSYMSFLAGS=; \
NOALLSYMSFLAGS=''; \
- SHAREDFLAGS='$(CFLAGS) -G'; \
+ SHAREDFLAGS='-G'; \
SHAREDCMD='$(CC)'; \
$(LINK_SO_A_UNPACKED)
link_app.reliantunix:
LDCMD=$(CC);\
- LDFLAGS="$(CFLAGS)"; \
+ LDFLAGS=""; \
LIBDEPS="$(LIBDEPS) -lc"; \
APPNAME="$(APPNAME)"
$(LINK_APP)
@@ -728,7 +694,6 @@ symlink.darwin:
symlink.hpux:
@ $(CALC_VERSIONS); \
SHLIB=lib$(LIBNAME).sl; \
- expr $(PLATFORM) : '.*ia64' > /dev/null && SHLIB=lib$(LIBNAME).so; \
$(SYMLINK_SO)
# The following lines means those specific architectures do no symlinks
symlink.cygwin symlib.alpha-osf1 symlink.tru64 symlink.tru64-rpath:
@@ -737,10 +702,7 @@ symlink.cygwin symlib.alpha-osf1 symlink.tru64 symlink.tru64-rpath:
link_o.bsd-gcc-shared link_o.linux-shared link_o.gnu-shared: link_o.gnu
link_a.bsd-gcc-shared link_a.linux-shared link_a.gnu-shared: link_a.gnu
link_app.bsd-gcc-shared link_app.linux-shared link_app.gnu-shared: link_app.gnu
-symlink.bsd-gcc-shared symlink.bsd-shared symlink.linux-shared symlink.gnu-shared: symlink.gnu
-link_o.bsd-shared: link_o.bsd
-link_a.bsd-shared: link_a.bsd
-link_app.bsd-shared: link_app.bsd
+symlink.bsd-gcc-shared symlink.linux-shared symlink.gnu-shared: symlink.gnu
link_o.darwin-shared: link_o.darwin
link_a.darwin-shared: link_a.darwin
link_app.darwin-shared: link_app.darwin
diff --git a/NEWS b/NEWS
index 496f59de41..f0282ebb87 100644
--- a/NEWS
+++ b/NEWS
@@ -5,19 +5,6 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
- Major changes between OpenSSL 0.9.7d and OpenSSL 0.9.7e:
-
- o Fix race condition in CRL checking code.
- o Fixes to PKCS#7 (S/MIME) code.
-
- Major changes between OpenSSL 0.9.7c and OpenSSL 0.9.7d:
-
- o Security: Fix Kerberos ciphersuite SSL/TLS handshaking bug
- o Security: Fix null-pointer assignment in do_change_cipher_spec()
- o Allow multiple active certificates with same subject in CA index
- o Multiple X509 verification fixes
- o Speed up HMAC and other operations
-
Major changes between OpenSSL 0.9.7b and OpenSSL 0.9.7c:
o Security: fix various ASN1 parsing bugs.
diff --git a/PROBLEMS b/PROBLEMS
index 8301624639..85e96a5ebe 100644
--- a/PROBLEMS
+++ b/PROBLEMS
@@ -90,6 +90,15 @@ failures in other parts of the code.
Workaround: modify the target to +O2 when building with no-asm.
+* Poor support for AIX shared builds.
+
+do_aix-shared rule is not flexible enough to parameterize through a
+config-line. './Configure aix43-cc shared' is working, but not
+'./Configure aix64-gcc shared'. In latter case make fails to create shared
+libraries. It's possible to build 64-bit shared libraries by running
+'env OBJECT_MODE=64 make', but we need more elegant solution. Preferably one
+supporting even gcc shared builds. See RT#463 for background information.
+
* Problems building shared libraries on SCO OpenServer Release 5.0.6
with gcc 2.95.3
diff --git a/STATUS b/STATUS
index fe860ae309..10e3a8dd16 100644
--- a/STATUS
+++ b/STATUS
@@ -1,6 +1,6 @@
OpenSSL STATUS Last modified at
- ______________ $Date: 2003/02/28 15:17:45 $
+ ______________ $Date: 2003/04/04 15:17:19 $
DEVELOPMENT STATE
diff --git a/TABLE b/TABLE
index 9f901a0d84..d6589c95c8 100644
--- a/TABLE
+++ b/TABLE
@@ -8,10 +8,8 @@ $thread_cflag = (unknown)
$sys_id = WIN16
$lflags =
$bn_ops = BN_LLONG DES_PTR RC4_INDEX SIXTEEN_BIT
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -35,10 +33,8 @@ $thread_cflag =
$sys_id = WIN32
$lflags =
$bn_ops = BN_LLONG DES_PTR RC4_INDEX EXPORT_VAR_AS_FN
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -62,10 +58,8 @@ $thread_cflag = (unknown)
$sys_id =
$lflags = -lsocket -lnsl
$bn_ops = THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -81,18 +75,116 @@ $shared_extension =
$ranlib =
$arflags =
-*** BSD-generic32
+*** Cygwin
+$cc = gcc
+$cflags = -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall
+$unistd =
+$thread_cflag =
+$sys_id = CYGWIN32
+$lflags =
+$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
+$bn_obj = asm/bn86-out.o asm/co86-out.o
+$des_obj = asm/dx86-out.o asm/yx86-out.o
+$bf_obj = asm/bx86-out.o
+$md5_obj = asm/mx86-out.o
+$sha1_obj = asm/sx86-out.o
+$cast_obj = asm/cx86-out.o
+$rc4_obj = asm/rx86-out.o
+$rmd160_obj = asm/rm86-out.o
+$rc5_obj = asm/r586-out.o
+$dso_scheme = win32
+$shared_target= cygwin-shared
+$shared_cflag =
+$shared_ldflag =
+$shared_extension = .dll
+$ranlib =
+$arflags =
+
+*** Cygwin-pre1.3
+$cc = gcc
+$cflags = -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall
+$unistd =
+$thread_cflag = (unknown)
+$sys_id = CYGWIN32
+$lflags =
+$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
+$bn_obj =
+$des_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme = win32
+$shared_target=
+$shared_cflag =
+$shared_ldflag =
+$shared_extension =
+$ranlib =
+$arflags =
+
+*** DJGPP
$cc = gcc
-$cflags = -DTERMIOS -O3 -fomit-frame-pointer -Wall
+$cflags = -I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall
$unistd =
-$thread_cflag = -pthread -D_THREAD_SAFE -D_REENTRANT
+$thread_cflag =
+$sys_id = MSDOS
+$lflags = -L/dev/env/WATT_ROOT/lib -lwatt
+$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
+$bn_obj =
+$des_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme =
+$shared_target=
+$shared_cflag =
+$shared_ldflag =
+$shared_extension =
+$ranlib =
+$arflags =
+
+*** FreeBSD
+$cc = gcc
+$cflags = -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall
+$unistd =
+$thread_cflag = (unknown)
$sys_id =
$lflags =
-$bn_ops = BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL
-$cpuid_obj =
+$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
+$bn_obj = asm/bn86-out.o asm/co86-out.o
+$des_obj = asm/dx86-out.o asm/yx86-out.o
+$bf_obj = asm/bx86-out.o
+$md5_obj = asm/mx86-out.o
+$sha1_obj = asm/sx86-out.o
+$cast_obj = asm/cx86-out.o
+$rc4_obj = asm/rx86-out.o
+$rmd160_obj = asm/rm86-out.o
+$rc5_obj = asm/r586-out.o
+$dso_scheme =
+$shared_target=
+$shared_cflag =
+$shared_ldflag =
+$shared_extension =
+$ranlib =
+$arflags =
+
+*** FreeBSD-alpha
+$cc = gcc
+$cflags = -DTERMIOS -O -fomit-frame-pointer
+$unistd =
+$thread_cflag = (unknown)
+$sys_id =
+$lflags =
+$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -108,18 +200,41 @@ $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
-*** BSD-generic64
+*** FreeBSD-elf
$cc = gcc
-$cflags = -DTERMIOS -O3 -Wall
+$cflags = -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall
$unistd =
-$thread_cflag = -pthread -D_THREAD_SAFE -D_REENTRANT
+$thread_cflag = -pthread -D_REENTRANT -D_THREAD_SAFE -D_THREADSAFE
$sys_id =
$lflags =
-$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL
-$cpuid_obj =
-$bn_obj =
+$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
+$bn_obj = asm/bn86-elf.o asm/co86-elf.o
+$des_obj = asm/dx86-elf.o asm/yx86-elf.o
+$bf_obj = asm/bx86-elf.o
+$md5_obj = asm/mx86-elf.o
+$sha1_obj = asm/sx86-elf.o
+$cast_obj = asm/cx86-elf.o
+$rc4_obj = asm/rx86-elf.o
+$rmd160_obj = asm/rm86-elf.o
+$rc5_obj = asm/r586-elf.o
+$dso_scheme = dlfcn
+$shared_target= bsd-gcc-shared
+$shared_cflag = -fPIC
+$shared_ldflag =
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib =
+$arflags =
+
+*** FreeBSD-ia64
+$cc = gcc
+$cflags = -DL_ENDIAN -DTERMIOS -O -fomit-frame-pointer
+$unistd =
+$thread_cflag = (unknown)
+$sys_id =
+$lflags =
+$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR
+$bn_obj = asm/ia64-cpp.o
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -135,23 +250,21 @@ $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
-*** BSD-ia64
+*** FreeBSD-sparc64
$cc = gcc
-$cflags = -DL_ENDIAN -DTERMIOS -O3 -Wall
+$cflags = -DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer
$unistd =
-$thread_cflag = -pthread -D_THREAD_SAFE -D_REENTRANT
+$thread_cflag = -pthread -D_REENTRANT -D_THREAD_SAFE -D_THREADSAFE
$sys_id =
$lflags =
-$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK
-$cpuid_obj =
-$bn_obj = asm/ia64.o
+$bn_ops = SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2 BF_PTR
+$bn_obj =
$des_obj =
-$aes_obj = aes_core.o aes_cbc.o asm/aes-ia64.o
$bf_obj =
$md5_obj =
-$sha1_obj = asm/sha1-ia64.o asm/sha256-ia64.o asm/sha512-ia64.o
+$sha1_obj =
$cast_obj =
-$rc4_obj = asm/rc4-ia64.o
+$rc4_obj =
$rmd160_obj =
$rc5_obj =
$dso_scheme = dlfcn
@@ -162,20 +275,43 @@ $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
-*** BSD-sparc64
+*** MPE/iX-gcc
$cc = gcc
-$cflags = -DB_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall
+$cflags = -D_ENDIAN -DBN_DIV2W -O3 -D_POSIX_SOURCE -D_SOCKET_SOURCE -I/SYSLOG/PUB
$unistd =
-$thread_cflag = -pthread -D_THREAD_SAFE -D_REENTRANT
+$thread_cflag = (unknown)
+$sys_id = MPE
+$lflags = -L/SYSLOG/PUB -lsyslog -lsocket -lcurses
+$bn_ops = BN_LLONG DES_PTR DES_UNROLL DES_RISC1
+$bn_obj =
+$des_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme =
+$shared_target=
+$shared_cflag =
+$shared_ldflag =
+$shared_extension =
+$ranlib =
+$arflags =
+
+*** NetBSD-m68
+$cc = gcc
+$cflags = -DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN
+$unistd =
+$thread_cflag = (unknown)
$sys_id =
$lflags =
-$bn_ops = SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR
-$cpuid_obj =
+$bn_ops = BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL
$bn_obj =
-$des_obj = asm/des_enc-sparc.o fcrypt_b.o
-$aes_obj =
+$des_obj =
$bf_obj =
-$md5_obj = asm/md5-sparcv9.o
+$md5_obj =
$sha1_obj =
$cast_obj =
$rc4_obj =
@@ -189,18 +325,16 @@ $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
-*** BSD-sparcv8
+*** NetBSD-sparc
$cc = gcc
-$cflags = -DB_ENDIAN -DTERMIOS -O3 -mv8 -Wall
+$cflags = -DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN
$unistd =
-$thread_cflag = -pthread -D_THREAD_SAFE -D_REENTRANT
+$thread_cflag = (unknown)
$sys_id =
$lflags =
-$bn_ops = BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL
-$cpuid_obj =
-$bn_obj = asm/sparcv8.o
-$des_obj = asm/des_enc-sparc.o fcrypt_b.o
-$aes_obj =
+$bn_ops = BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL
+$bn_obj =
+$des_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -216,77 +350,121 @@ $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
-*** BSD-x86
+*** NetBSD-x86
$cc = gcc
-$cflags = -DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall
+$cflags = -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall
$unistd =
-$thread_cflag = -pthread -D_THREAD_SAFE -D_REENTRANT
+$thread_cflag = (unknown)
$sys_id =
$lflags =
$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj = x86cpuid-out.o
-$bn_obj = bn86-out.o co86-out.o
-$des_obj = dx86-out.o yx86-out.o
-$aes_obj = ax86-out.o
-$bf_obj = bx86-out.o
-$md5_obj = mx86-out.o
-$sha1_obj = sx86-out.o s512sse2-out.o
-$cast_obj = cx86-out.o
-$rc4_obj = rx86-out.o
-$rmd160_obj = rm86-out.o
-$rc5_obj = r586-out.o
+$bn_obj =
+$des_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
$dso_scheme = dlfcn
-$shared_target= bsd-shared
+$shared_target= bsd-gcc-shared
$shared_cflag = -fPIC
$shared_ldflag =
$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
-*** BSD-x86-elf
+*** OS2-EMX
$cc = gcc
-$cflags = -DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall
+$cflags =
$unistd =
-$thread_cflag = -pthread -D_THREAD_SAFE -D_REENTRANT
+$thread_cflag =
$sys_id =
$lflags =
-$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj = x86cpuid-elf.o
-$bn_obj = asm/bn86-elf.o asm/co86-elf.o
-$des_obj = asm/dx86-elf.o asm/yx86-elf.o
-$aes_obj = asm/ax86-elf.o
-$bf_obj = asm/bx86-elf.o
-$md5_obj = asm/mx86-elf.o
-$sha1_obj = asm/sx86-elf.o asm/s512sse2-elf.o
-$cast_obj = asm/cx86-elf.o
-$rc4_obj = asm/rx86-elf.o
-$rmd160_obj = asm/rm86-elf.o
-$rc5_obj = asm/r586-elf.o
+$bn_ops =
+$bn_obj =
+$des_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme =
+$shared_target=
+$shared_cflag =
+$shared_ldflag =
+$shared_extension =
+$ranlib =
+$arflags =
+
+*** OS390-Unix
+$cc = c89.sh
+$cflags = -O -DB_ENDIAN -DCHARSET_EBCDIC -DNO_SYS_PARAM_H -D_ALL_SOURCE
+$unistd =
+$thread_cflag = (unknown)
+$sys_id =
+$lflags =
+$bn_ops = THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR
+$bn_obj =
+$des_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme =
+$shared_target=
+$shared_cflag =
+$shared_ldflag =
+$shared_extension =
+$ranlib =
+$arflags =
+
+*** OpenBSD
+$cc = gcc
+$cflags = -DTERMIOS -O3 -fomit-frame-pointer
+$unistd =
+$thread_cflag = (unknown)
+$sys_id =
+$lflags =
+$bn_ops = BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL
+$bn_obj =
+$des_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
$dso_scheme = dlfcn
-$shared_target= bsd-shared
+$shared_target= bsd-gcc-shared
$shared_cflag = -fPIC
$shared_ldflag =
$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
-*** BSD-x86_64
+*** OpenBSD-alpha
$cc = gcc
-$cflags = -DL_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall
+$cflags = -DTERMIOS -O3 -fomit-frame-pointer
$unistd =
-$thread_cflag = -pthread -D_THREAD_SAFE -D_REENTRANT
+$thread_cflag = (unknown)
$sys_id =
$lflags =
-$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL
-$cpuid_obj = amd64cpuid.o
-$bn_obj = asm/x86_64-gcc.o
+$bn_ops = SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2
+$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
$cast_obj =
-$rc4_obj = asm/rc4-amd64.o
+$rc4_obj =
$rmd160_obj =
$rc5_obj =
$dso_scheme = dlfcn
@@ -297,45 +475,66 @@ $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
-*** Cygwin
+*** OpenBSD-hppa
$cc = gcc
-$cflags = -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall
+$cflags = -DTERMIOS -O3 -fomit-frame-pointer
$unistd =
-$thread_cflag =
-$sys_id = CYGWIN32
+$thread_cflag = (unknown)
+$sys_id =
$lflags =
-$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj = x86cpuid-cof.o
-$bn_obj = asm/bn86-cof.o asm/co86-cof.o
-$des_obj = asm/dx86-cof.o asm/yx86-cof.o
-$aes_obj = asm/ax86-cof.o
-$bf_obj = asm/bx86-cof.o
-$md5_obj = asm/mx86-cof.o
-$sha1_obj = asm/sx86-cof.o asm/s512sse2-cof.o
-$cast_obj = asm/cx86-cof.o
-$rc4_obj = asm/rx86-cof.o
-$rmd160_obj = asm/rm86-cof.o
-$rc5_obj = asm/r586-cof.o
-$dso_scheme = win32
-$shared_target= cygwin-shared
-$shared_cflag = -D_DLL
-$shared_ldflag = -shared
-$shared_extension = .dll
+$bn_ops = BN_LLONG RC2_CHAR RC4_INDEX DES_UNROLL
+$bn_obj =
+$des_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme = dlfcn
+$shared_target= bsd-gcc-shared
+$shared_cflag = -fPIC
+$shared_ldflag =
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
-*** Cygwin-pre1.3
+*** OpenBSD-i386
$cc = gcc
-$cflags = -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall
+$cflags = -DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer
$unistd =
$thread_cflag = (unknown)
-$sys_id = CYGWIN32
+$sys_id =
$lflags =
$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj =
+$bn_obj = asm/bn86-out.o asm/co86-out.o
+$des_obj = asm/dx86-out.o asm/yx86-out.o
+$bf_obj = asm/bx86-out.o
+$md5_obj = asm/mx86-out.o
+$sha1_obj = asm/sx86-out.o
+$cast_obj = asm/cx86-out.o
+$rc4_obj = asm/rx86-out.o
+$rmd160_obj = asm/rm86-out.o
+$rc5_obj = asm/r586-out.o
+$dso_scheme = dlfcn
+$shared_target= bsd-gcc-shared
+$shared_cflag = -fPIC
+$shared_ldflag =
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib =
+$arflags =
+
+*** OpenBSD-m68k
+$cc = gcc
+$cflags = -DTERMIOS -O3 -fomit-frame-pointer
+$unistd =
+$thread_cflag = (unknown)
+$sys_id =
+$lflags =
+$bn_ops = BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -343,53 +542,49 @@ $cast_obj =
$rc4_obj =
$rmd160_obj =
$rc5_obj =
-$dso_scheme = win32
-$shared_target=
-$shared_cflag =
+$dso_scheme = dlfcn
+$shared_target= bsd-gcc-shared
+$shared_cflag = -fPIC
$shared_ldflag =
-$shared_extension =
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
-*** DJGPP
+*** OpenBSD-m88k
$cc = gcc
-$cflags = -I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall -DDEVRANDOM="/dev/urandom\x24"
+$cflags = -DTERMIOS -O3 -fomit-frame-pointer
$unistd =
-$thread_cflag =
-$sys_id = MSDOS
-$lflags = -L/dev/env/WATT_ROOT/lib -lwatt
-$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj = x86cpuid-out.o
-$bn_obj = bn86-out.o co86-out.o
-$des_obj = dx86-out.o yx86-out.o
-$aes_obj = ax86-out.o
-$bf_obj = bx86-out.o
-$md5_obj = mx86-out.o
-$sha1_obj = sx86-out.o s512sse2-out.o
-$cast_obj = cx86-out.o
-$rc4_obj = rx86-out.o
-$rmd160_obj = rm86-out.o
-$rc5_obj = r586-out.o
-$dso_scheme =
-$shared_target=
-$shared_cflag =
+$thread_cflag = (unknown)
+$sys_id =
+$lflags =
+$bn_ops = BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL
+$bn_obj =
+$des_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme = dlfcn
+$shared_target= bsd-gcc-shared
+$shared_cflag = -fPIC
$shared_ldflag =
-$shared_extension =
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
-*** MPE/iX-gcc
+*** OpenBSD-mips
$cc = gcc
-$cflags = -D_ENDIAN -DBN_DIV2W -O3 -D_POSIX_SOURCE -D_SOCKET_SOURCE -I/SYSLOG/PUB
+$cflags = -DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer
$unistd =
$thread_cflag = (unknown)
-$sys_id = MPE
-$lflags = -L/SYSLOG/PUB -lsyslog -lsocket -lcurses
-$bn_ops = BN_LLONG DES_PTR DES_UNROLL DES_RISC1
-$cpuid_obj =
+$sys_id =
+$lflags =
+$bn_ops = BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -397,26 +592,24 @@ $cast_obj =
$rc4_obj =
$rmd160_obj =
$rc5_obj =
-$dso_scheme =
-$shared_target=
-$shared_cflag =
+$dso_scheme = dlfcn
+$shared_target= bsd-gcc-shared
+$shared_cflag = -fPIC
$shared_ldflag =
-$shared_extension =
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
-*** OS2-EMX
+*** OpenBSD-powerpc
$cc = gcc
-$cflags =
+$cflags = -DTERMIOS -O3 -fomit-frame-pointer
$unistd =
-$thread_cflag =
+$thread_cflag = (unknown)
$sys_id =
$lflags =
-$bn_ops =
-$cpuid_obj =
+$bn_ops = BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -424,26 +617,74 @@ $cast_obj =
$rc4_obj =
$rmd160_obj =
$rc5_obj =
-$dso_scheme =
-$shared_target=
-$shared_cflag =
+$dso_scheme = dlfcn
+$shared_target= bsd-gcc-shared
+$shared_cflag = -fPIC
$shared_ldflag =
-$shared_extension =
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
-*** OS390-Unix
-$cc = c89.sh
-$cflags = -O -DB_ENDIAN -DCHARSET_EBCDIC -DNO_SYS_PARAM_H -D_ALL_SOURCE
+*** OpenBSD-sparc
+$cc = gcc
+$cflags = -DTERMIOS -O3 -fomit-frame-pointer
$unistd =
$thread_cflag = (unknown)
$sys_id =
$lflags =
-$bn_ops = THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR
-$cpuid_obj =
+$bn_ops = BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL
+$bn_obj =
+$des_obj = asm/des_enc-sparc.o fcrypt_b.o
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme = dlfcn
+$shared_target= bsd-gcc-shared
+$shared_cflag = -fPIC
+$shared_ldflag =
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib =
+$arflags =
+
+*** OpenBSD-sparc64
+$cc = gcc
+$cflags = -DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer
+$unistd =
+$thread_cflag = (unknown)
+$sys_id =
+$lflags =
+$bn_ops = SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2 BF_PTR
+$bn_obj =
+$des_obj = asm/des_enc-sparc.o fcrypt_b.o
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme = dlfcn
+$shared_target= bsd-gcc-shared
+$shared_cflag = -fPIC
+$shared_ldflag =
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib =
+$arflags =
+
+*** OpenBSD-vax
+$cc = gcc
+$cflags = -DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer
+$unistd =
+$thread_cflag = (unknown)
+$sys_id =
+$lflags =
+$bn_ops = BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -451,11 +692,11 @@ $cast_obj =
$rc4_obj =
$rmd160_obj =
$rc5_obj =
-$dso_scheme =
-$shared_target=
-$shared_cflag =
+$dso_scheme = dlfcn
+$shared_target= bsd-gcc-shared
+$shared_cflag = -fPIC
$shared_ldflag =
-$shared_extension =
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
@@ -467,13 +708,11 @@ $thread_cflag = -Kthread
$sys_id =
$lflags = -lsocket -lnsl
$bn_ops = BN_LLONG MD2_CHAR RC4_INDEX DES_PTR DES_RISC1 DES_UNROLL
-$cpuid_obj = x86cpuid-elf.o
$bn_obj = asm/bn86-elf.o asm/co86-elf.o
$des_obj = asm/dx86-elf.o asm/yx86-elf.o
-$aes_obj = asm/ax86-elf.o
$bf_obj = asm/bx86-elf.o
$md5_obj = asm/mx86-elf.o
-$sha1_obj = asm/sx86-elf.o asm/s512sse2-elf.o
+$sha1_obj = asm/sx86-elf.o
$cast_obj = asm/cx86-elf.o
$rc4_obj = asm/rx86-elf.o
$rmd160_obj = asm/rm86-elf.o
@@ -494,13 +733,11 @@ $thread_cflag = -pthread
$sys_id =
$lflags = -lsocket -lnsl
$bn_ops = BN_LLONG MD2_CHAR RC4_INDEX DES_PTR DES_RISC1 DES_UNROLL
-$cpuid_obj = x86cpuid-elf.o
$bn_obj = asm/bn86-elf.o asm/co86-elf.o
$des_obj = asm/dx86-elf.o asm/yx86-elf.o
-$aes_obj = asm/ax86-elf.o
$bf_obj = asm/bx86-elf.o
$md5_obj = asm/mx86-elf.o
-$sha1_obj = asm/sx86-elf.o asm/s512sse2-elf.o
+$sha1_obj = asm/sx86-elf.o
$cast_obj = asm/cx86-elf.o
$rc4_obj = asm/rx86-elf.o
$rmd160_obj = asm/rm86-elf.o
@@ -521,10 +758,8 @@ $thread_cflag = -Kthread
$sys_id = SNI
$lflags = -lsocket -lnsl -lc -L/usr/ucblib -lucb
$bn_ops = BN_LLONG DES_PTR DES_RISC2 DES_UNROLL BF_PTR
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -548,10 +783,8 @@ $thread_cflag = (unknown)
$sys_id = SNI
$lflags = -lsocket -lnsl -lc -L/usr/ucblib -lucb
$bn_ops = RC4_INDEX RC4_CHAR
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -575,10 +808,8 @@ $thread_cflag = (unknown)
$sys_id =
$lflags = -lucb
$bn_ops = RC4_INDEX RC4_CHAR
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -602,10 +833,8 @@ $thread_cflag =
$sys_id = UWIN
$lflags =
$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -629,10 +858,8 @@ $thread_cflag =
$sys_id = WINCE
$lflags =
$bn_ops = BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN RC4_INDEX MD2_INT
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -656,10 +883,8 @@ $thread_cflag = (unknown)
$sys_id = MSDOS
$lflags =
$bn_ops = BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -683,10 +908,8 @@ $thread_cflag =
$sys_id = WINNT
$lflags =
$bn_ops = BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN RC4_INDEX MD2_INT
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -710,10 +933,8 @@ $thread_cflag = (unknown)
$sys_id = WIN16
$lflags =
$bn_ops = BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -737,10 +958,8 @@ $thread_cflag =
$sys_id = WIN16
$lflags =
$bn_ops = BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -764,10 +983,8 @@ $thread_cflag = (unknown)
$sys_id = WIN16
$lflags =
$bn_ops = MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -791,10 +1008,8 @@ $thread_cflag =
$sys_id = WIN32
$lflags =
$bn_ops = BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN RC4_INDEX MD2_INT
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -810,18 +1025,16 @@ $shared_extension =
$ranlib =
$arflags =
-*** VC-WIN64A
-$cc = cl
-$cflags =
+*** aix-cc
+$cc = cc
+$cflags = -q32 -O -DB_ENDIAN -qmaxmem=16384
$unistd =
-$thread_cflag =
-$sys_id = WIN64A
+$thread_cflag = (unknown)
+$sys_id = AIX
$lflags =
-$bn_ops = SIXTY_FOUR_BIT EXPORT_VAR_AS_FN
-$cpuid_obj =
-$bn_obj =
+$bn_ops = BN_LLONG RC4_CHAR
+$bn_obj = asm/aix_ppc32.o
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -829,26 +1042,24 @@ $cast_obj =
$rc4_obj =
$rmd160_obj =
$rc5_obj =
-$dso_scheme = win32
-$shared_target=
+$dso_scheme = dlfcn
+$shared_target= aix-shared
$shared_cflag =
-$shared_ldflag =
-$shared_extension =
+$shared_ldflag = -q32
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
-$arflags =
+$arflags = -X 32
-*** VC-WIN64I
-$cc = cl
-$cflags =
+*** aix-gcc
+$cc = gcc
+$cflags = -O -DB_ENDIAN
$unistd =
-$thread_cflag =
-$sys_id = WIN64I
+$thread_cflag = (unknown)
+$sys_id = AIX
$lflags =
-$bn_ops = SIXTY_FOUR_BIT EXPORT_VAR_AS_FN
-$cpuid_obj =
-$bn_obj =
+$bn_ops = BN_LLONG RC4_CHAR
+$bn_obj = asm/aix_ppc32.o
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -856,7 +1067,7 @@ $cast_obj =
$rc4_obj =
$rmd160_obj =
$rc5_obj =
-$dso_scheme = win32
+$dso_scheme = dlfcn
$shared_target=
$shared_cflag =
$shared_ldflag =
@@ -864,18 +1075,16 @@ $shared_extension =
$ranlib =
$arflags =
-*** aix-cc
+*** aix43-cc
$cc = cc
-$cflags = -q32 -O -DB_ENDIAN -qmaxmem=16384
+$cflags = -O -DB_ENDIAN -qmaxmem=16384
$unistd =
-$thread_cflag = -qthreaded
-$sys_id = AIX
+$thread_cflag = (unknown)
+$sys_id =
$lflags =
$bn_ops = BN_LLONG RC4_CHAR
-$cpuid_obj =
$bn_obj = asm/aix_ppc32.o
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -886,23 +1095,21 @@ $rc5_obj =
$dso_scheme = dlfcn
$shared_target= aix-shared
$shared_cflag =
-$shared_ldflag = -q32
+$shared_ldflag =
$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
-$arflags = -X 32
+$arflags =
-*** aix-gcc
-$cc = gcc
-$cflags = -O -DB_ENDIAN
+*** aix64-cc
+$cc = cc
+$cflags = -q64 -O -DB_ENDIAN -qmaxmem=16384
$unistd =
-$thread_cflag = -D_THREAD_SAFE
+$thread_cflag = (unknown)
$sys_id = AIX
$lflags =
-$bn_ops = BN_LLONG RC4_CHAR
-$cpuid_obj =
-$bn_obj = asm/aix_ppc32.o
+$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHAR
+$bn_obj = asm/aix_ppc64.o
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -911,25 +1118,48 @@ $rc4_obj =
$rmd160_obj =
$rc5_obj =
$dso_scheme = dlfcn
-$shared_target=
+$shared_target= aix-shared
+$shared_cflag =
+$shared_ldflag = -q64
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib =
+$arflags = -X 64
+
+*** alpha-cc
+$cc = cc
+$cflags = -std1 -tune host -fast -readonly_strings
+$unistd =
+$thread_cflag = -pthread
+$sys_id =
+$lflags =
+$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK
+$bn_obj =
+$des_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme = dlfcn
+$shared_target= tru64-shared
$shared_cflag =
$shared_ldflag =
-$shared_extension =
+$shared_extension = .so
$ranlib =
$arflags =
-*** aix3-cc
+*** alpha-cc-rpath
$cc = cc
-$cflags = -O -DB_ENDIAN -qmaxmem=16384
+$cflags = -std1 -tune host -fast -readonly_strings
$unistd =
-$thread_cflag = (unknown)
-$sys_id = AIX
+$thread_cflag = -pthread
+$sys_id =
$lflags =
-$bn_ops = BN_LLONG RC4_CHAR
-$cpuid_obj =
+$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -937,26 +1167,24 @@ $cast_obj =
$rc4_obj =
$rmd160_obj =
$rc5_obj =
-$dso_scheme =
-$shared_target=
+$dso_scheme = dlfcn
+$shared_target= tru64-shared-rpath
$shared_cflag =
$shared_ldflag =
-$shared_extension =
+$shared_extension = .so
$ranlib =
$arflags =
-*** aix64-cc
-$cc = cc
-$cflags = -q64 -O -DB_ENDIAN -qmaxmem=16384
+*** alpha-gcc
+$cc = gcc
+$cflags = -O3
$unistd =
$thread_cflag = (unknown)
-$sys_id = AIX
+$sys_id =
$lflags =
-$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHAR
-$cpuid_obj =
-$bn_obj = asm/aix_ppc64.o
+$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1
+$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -965,14 +1193,14 @@ $rc4_obj =
$rmd160_obj =
$rc5_obj =
$dso_scheme = dlfcn
-$shared_target= aix-shared
+$shared_target= alpha-osf1-shared
$shared_cflag =
-$shared_ldflag = -q64
-$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$shared_ldflag =
+$shared_extension = .so
$ranlib =
-$arflags = -X 64
+$arflags =
-*** alpha-cc-rpath
+*** alpha164-cc
$cc = cc
$cflags = -std1 -tune host -fast -readonly_strings
$unistd =
@@ -980,10 +1208,8 @@ $thread_cflag = -pthread
$sys_id =
$lflags =
$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -992,7 +1218,32 @@ $rc4_obj =
$rmd160_obj =
$rc5_obj =
$dso_scheme = dlfcn
-$shared_target= tru64-shared-rpath
+$shared_target= tru64-shared
+$shared_cflag =
+$shared_ldflag =
+$shared_extension = .so
+$ranlib =
+$arflags =
+
+*** alphaold-cc
+$cc = cc
+$cflags = -std1 -tune host -O4 -readonly_strings
+$unistd =
+$thread_cflag = (unknown)
+$sys_id =
+$lflags =
+$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK
+$bn_obj =
+$des_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme = dlfcn
+$shared_target= alpha-osf1-shared
$shared_cflag =
$shared_ldflag =
$shared_extension = .so
@@ -1007,10 +1258,8 @@ $thread_cflag = (unknown)
$sys_id = AUX
$lflags = -lbsd
$bn_ops = RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -1034,13 +1283,11 @@ $thread_cflag = (unknown)
$sys_id =
$lflags = -ldl
$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj = x86cpuid-elf.o
$bn_obj = asm/bn86-elf.o asm/co86-elf.o
$des_obj = asm/dx86-elf.o asm/yx86-elf.o
-$aes_obj = asm/ax86-elf.o
$bf_obj = asm/bx86-elf.o
$md5_obj = asm/mx86-elf.o
-$sha1_obj = asm/sx86-elf.o asm/s512sse2-elf.o
+$sha1_obj = asm/sx86-elf.o
$cast_obj = asm/cx86-elf.o
$rc4_obj = asm/rx86-elf.o
$rmd160_obj = asm/rm86-elf.o
@@ -1053,6 +1300,31 @@ $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
+*** bsdi-gcc
+$cc = gcc
+$cflags = -O3 -ffast-math -DL_ENDIAN -DPERL5 -m486
+$unistd =
+$thread_cflag = (unknown)
+$sys_id =
+$lflags =
+$bn_ops = RSA_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
+$bn_obj = asm/bn86bsdi.o asm/co86bsdi.o
+$des_obj = asm/dx86bsdi.o asm/yx86bsdi.o
+$bf_obj = asm/bx86bsdi.o
+$md5_obj = asm/mx86bsdi.o
+$sha1_obj = asm/sx86bsdi.o
+$cast_obj = asm/cx86bsdi.o
+$rc4_obj = asm/rx86bsdi.o
+$rmd160_obj = asm/rm86bsdi.o
+$rc5_obj = asm/r586bsdi.o
+$dso_scheme =
+$shared_target=
+$shared_cflag =
+$shared_ldflag =
+$shared_extension =
+$ranlib =
+$arflags =
+
*** cc
$cc = cc
$cflags = -O
@@ -1061,10 +1333,8 @@ $thread_cflag = (unknown)
$sys_id =
$lflags =
$bn_ops =
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -1088,10 +1358,8 @@ $thread_cflag = (unknown)
$sys_id = CRAY
$lflags =
$bn_ops = SIXTY_FOUR_BIT_LONG DES_INT
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -1115,10 +1383,8 @@ $thread_cflag = (unknown)
$sys_id = CRAY
$lflags =
$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -1142,10 +1408,8 @@ $thread_cflag = -D_REENTRANT
$sys_id = MACOSX
$lflags =
$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -1169,10 +1433,8 @@ $thread_cflag = -D_REENTRANT
$sys_id = MACOSX
$lflags =
$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
-$cpuid_obj =
$bn_obj = asm/osx_ppc32.o
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -1196,10 +1458,8 @@ $thread_cflag = (unknown)
$sys_id =
$lflags = -lefence
$bn_ops =
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -1223,22 +1483,20 @@ $thread_cflag =
$sys_id = CYGWIN32
$lflags =
$bn_ops =
-$cpuid_obj =
$bn_obj =
-$des_obj =
-$aes_obj =
-$bf_obj =
+$des_obj = win32
+$bf_obj = cygwin-shared
$md5_obj =
$sha1_obj =
-$cast_obj =
+$cast_obj = .dll
$rc4_obj =
$rmd160_obj =
$rc5_obj =
-$dso_scheme = win32
-$shared_target= cygwin-shared
+$dso_scheme =
+$shared_target=
$shared_cflag =
$shared_ldflag =
-$shared_extension = .dll
+$shared_extension =
$ranlib =
$arflags =
@@ -1250,10 +1508,8 @@ $thread_cflag = (unknown)
$sys_id =
$lflags =
$bn_ops =
-$cpuid_obj =
$bn_obj = asm/bn86-elf.o asm/co86-elf.o
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -1277,10 +1533,8 @@ $thread_cflag = (unknown)
$sys_id =
$lflags =
$bn_ops =
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -1304,10 +1558,8 @@ $thread_cflag = (unknown)
$sys_id =
$lflags =
$bn_ops =
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -1331,10 +1583,8 @@ $thread_cflag = (unknown)
$sys_id =
$lflags =
$bn_ops =
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -1358,10 +1608,8 @@ $thread_cflag = (unknown)
$sys_id =
$lflags =
$bn_ops =
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -1385,13 +1633,11 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags =
$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj = x86cpuid-elf.o
$bn_obj = asm/bn86-elf.o asm/co86-elf.o
$des_obj = asm/dx86-elf.o asm/yx86-elf.o
-$aes_obj = asm/ax86-elf.o
$bf_obj = asm/bx86-elf.o
$md5_obj = asm/mx86-elf.o
-$sha1_obj = asm/sx86-elf.o asm/s512sse2-elf.o
+$sha1_obj = asm/sx86-elf.o
$cast_obj = asm/cx86-elf.o
$rc4_obj = asm/rx86-elf.o
$rmd160_obj = asm/rm86-elf.o
@@ -1412,10 +1658,8 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -ldl
$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -1439,13 +1683,11 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -ldl
$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj = x86cpuid-elf.o
$bn_obj = asm/bn86-elf.o asm/co86-elf.o
$des_obj = asm/dx86-elf.o asm/yx86-elf.o
-$aes_obj = asm/ax86-elf.o
$bf_obj = asm/bx86-elf.o
$md5_obj = asm/mx86-elf.o
-$sha1_obj = asm/sx86-elf.o asm/s512sse2-elf.o
+$sha1_obj = asm/sx86-elf.o
$cast_obj = asm/cx86-elf.o
$rc4_obj = asm/rx86-elf.o
$rmd160_obj = asm/rm86-elf.o
@@ -1466,13 +1708,11 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -ldl
$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj = x86cpuid-elf.o
$bn_obj = asm/bn86-elf.o asm/co86-elf.o
$des_obj = asm/dx86-elf.o asm/yx86-elf.o
-$aes_obj = asm/ax86-elf.o
$bf_obj = asm/bx86-elf.o
$md5_obj = asm/mx86-elf.o
-$sha1_obj = asm/sx86-elf.o asm/s512sse2-elf.o
+$sha1_obj = asm/sx86-elf.o
$cast_obj = asm/cx86-elf.o
$rc4_obj = asm/rx86-elf.o
$rmd160_obj = asm/rm86-elf.o
@@ -1493,10 +1733,8 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -ldl
$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -1520,10 +1758,8 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -ldl
$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -1547,13 +1783,11 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -lefence -ldl
$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj = x86cpuid-elf.o
$bn_obj = asm/bn86-elf.o asm/co86-elf.o
$des_obj = asm/dx86-elf.o asm/yx86-elf.o
-$aes_obj = asm/ax86-elf.o
$bf_obj = asm/bx86-elf.o
$md5_obj = asm/mx86-elf.o
-$sha1_obj = asm/sx86-elf.o asm/s512sse2-elf.o
+$sha1_obj = asm/sx86-elf.o
$cast_obj = asm/cx86-elf.o
$rc4_obj = asm/rx86-elf.o
$rmd160_obj = asm/rm86-elf.o
@@ -1574,13 +1808,11 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -ldl
$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj = x86cpuid-elf.o
$bn_obj = asm/bn86-elf.o asm/co86-elf.o
$des_obj = asm/dx86-elf.o asm/yx86-elf.o
-$aes_obj = asm/ax86-elf.o
$bf_obj = asm/bx86-elf.o
$md5_obj = asm/mx86-elf.o
-$sha1_obj = asm/sx86-elf.o asm/s512sse2-elf.o
+$sha1_obj = asm/sx86-elf.o
$cast_obj = asm/cx86-elf.o
$rc4_obj = asm/rx86-elf.o
$rmd160_obj = asm/rm86-elf.o
@@ -1601,13 +1833,11 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -ldl
$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj = x86cpuid-elf.o
$bn_obj = asm/bn86-elf.o asm/co86-elf.o
$des_obj = asm/dx86-elf.o asm/yx86-elf.o
-$aes_obj = asm/ax86-elf.o
$bf_obj = asm/bx86-elf.o
$md5_obj = asm/mx86-elf.o
-$sha1_obj = asm/sx86-elf.o asm/s512sse2-elf.o
+$sha1_obj = asm/sx86-elf.o
$cast_obj = asm/cx86-elf.o
$rc4_obj = asm/rx86-elf.o
$rmd160_obj = asm/rm86-elf.o
@@ -1628,13 +1858,11 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -ldl
$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj = x86cpuid-elf.o
$bn_obj = asm/bn86-elf.o asm/co86-elf.o
$des_obj = asm/dx86-elf.o asm/yx86-elf.o
-$aes_obj = asm/ax86-elf.o
$bf_obj = asm/bx86-elf.o
$md5_obj = asm/mx86-elf.o
-$sha1_obj = asm/sx86-elf.o asm/s512sse2-elf.o
+$sha1_obj = asm/sx86-elf.o
$cast_obj = asm/cx86-elf.o
$rc4_obj = asm/rx86-elf.o
$rmd160_obj = asm/rm86-elf.o
@@ -1655,13 +1883,11 @@ $thread_cflag = (unknown)
$sys_id =
$lflags =
$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj = x86cpuid-elf.o
$bn_obj = asm/bn86-elf.o asm/co86-elf.o
$des_obj = asm/dx86-elf.o asm/yx86-elf.o
-$aes_obj = asm/ax86-elf.o
$bf_obj = asm/bx86-elf.o
$md5_obj = asm/mx86-elf.o
-$sha1_obj = asm/sx86-elf.o asm/s512sse2-elf.o
+$sha1_obj = asm/sx86-elf.o
$cast_obj = asm/cx86-elf.o
$rc4_obj = asm/rx86-elf.o
$rmd160_obj = asm/rm86-elf.o
@@ -1682,10 +1908,8 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -lsocket -lnsl -ldl
$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR
-$cpuid_obj =
$bn_obj = asm/sparcv8.o
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -1709,10 +1933,8 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -lsocket -lnsl -ldl
$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
-$cpuid_obj =
$bn_obj = asm/sparcv8.o
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -1736,10 +1958,8 @@ $thread_cflag = -D_REENTRANT
$sys_id = ULTRASPARC
$lflags = -lsocket -lnsl -ldl
$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR
-$cpuid_obj =
$bn_obj = asm/sparcv8plus.o
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj = asm/md5-sparcv8plus.o
$sha1_obj =
@@ -1763,10 +1983,8 @@ $thread_cflag = -D_REENTRANT
$sys_id = ULTRASPARC
$lflags = -lsocket -lnsl -ldl
$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
-$cpuid_obj =
$bn_obj = asm/sparcv8plus.o
$des_obj = asm/des_enc-sparc.o fcrypt_b.o
-$aes_obj =
$bf_obj =
$md5_obj = asm/md5-sparcv8plus.o
$sha1_obj =
@@ -1789,14 +2007,12 @@ $unistd =
$thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -rdynamic -ldl
-$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj = x86cpuid-elf.o
+$bn_ops = DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
$bn_obj = asm/bn86-elf.o asm/co86-elf.o
$des_obj = asm/dx86-elf.o asm/yx86-elf.o
-$aes_obj = asm/ax86-elf.o
$bf_obj = asm/bx86-elf.o
$md5_obj = asm/mx86-elf.o
-$sha1_obj = asm/sx86-elf.o asm/s512sse2-elf.o
+$sha1_obj = asm/sx86-elf.o
$cast_obj = asm/cx86-elf.o
$rc4_obj = asm/rx86-elf.o
$rmd160_obj = asm/rm86-elf.o
@@ -1817,19 +2033,17 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -rdynamic -ldl
$bn_ops = SIXTY_FOUR_BIT
-$cpuid_obj =
$bn_obj =
-$des_obj =
-$aes_obj =
-$bf_obj =
+$des_obj = dlfcn
+$bf_obj = linux-shared
$md5_obj =
$sha1_obj =
$cast_obj =
$rc4_obj =
$rmd160_obj =
$rc5_obj =
-$dso_scheme = dlfcn
-$shared_target= linux-shared
+$dso_scheme =
+$shared_target=
$shared_cflag =
$shared_ldflag =
$shared_extension =
@@ -1844,22 +2058,20 @@ $thread_cflag =
$sys_id = CYGWIN32
$lflags =
$bn_ops =
-$cpuid_obj =
$bn_obj =
-$des_obj =
-$aes_obj =
-$bf_obj =
+$des_obj = win32
+$bf_obj = cygwin-shared
$md5_obj =
$sha1_obj =
-$cast_obj =
+$cast_obj = .dll
$rc4_obj =
$rmd160_obj =
$rc5_obj =
-$dso_scheme = win32
-$shared_target= cygwin-shared
+$dso_scheme =
+$shared_target=
$shared_cflag =
$shared_ldflag =
-$shared_extension = .dll
+$shared_extension =
$ranlib =
$arflags =
@@ -1871,10 +2083,8 @@ $thread_cflag = (unknown)
$sys_id = VOS
$lflags = -Wl,-map
$bn_ops = BN_LLONG
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -1885,8 +2095,8 @@ $rc5_obj =
$dso_scheme =
$shared_target=
$shared_cflag =
-$shared_ldflag =
-$shared_extension = .so
+$shared_ldflag = .so
+$shared_extension =
$ranlib =
$arflags =
@@ -1898,10 +2108,8 @@ $thread_cflag = (unknown)
$sys_id = VOS
$lflags = -Wl,-map
$bn_ops =
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -1912,8 +2120,8 @@ $rc5_obj =
$dso_scheme =
$shared_target=
$shared_cflag =
-$shared_ldflag =
-$shared_extension = .so
+$shared_ldflag = .so
+$shared_extension =
$ranlib =
$arflags =
@@ -1925,10 +2133,8 @@ $thread_cflag = (unknown)
$sys_id =
$lflags =
$bn_ops = RC4_INDEX DES_UNROLL
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -1952,10 +2158,8 @@ $thread_cflag = (unknown)
$sys_id =
$lflags = -lnsl -lsocket
$bn_ops = RC4_INDEX DES_UNROLL
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -1979,13 +2183,11 @@ $thread_cflag = (unknown)
$sys_id =
$lflags = -lnsl -lsocket
$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj = x86cpuid-elf.o
$bn_obj = asm/bn86-elf.o asm/co86-elf.o
$des_obj = asm/dx86-elf.o asm/yx86-elf.o
-$aes_obj = asm/ax86-elf.o
$bf_obj = asm/bx86-elf.o
$md5_obj = asm/mx86-elf.o
-$sha1_obj = asm/sx86-elf.o asm/s512sse2-elf.o
+$sha1_obj = asm/sx86-elf.o
$cast_obj = asm/cx86-elf.o
$rc4_obj = asm/rx86-elf.o
$rmd160_obj = asm/rm86-elf.o
@@ -2006,10 +2208,8 @@ $thread_cflag = (unknown)
$sys_id =
$lflags =
$bn_ops =
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -2033,10 +2233,8 @@ $thread_cflag = (unknown)
$sys_id =
$lflags =
$bn_ops = BN_LLONG
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -2052,18 +2250,66 @@ $shared_extension =
$ranlib =
$arflags =
-*** hpux-cc
+*** hpux-brokencc
$cc = cc
-$cflags = -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O2 -z
+$cflags = -DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z
+$unistd =
+$thread_cflag = (unknown)
+$sys_id =
+$lflags = -Wl,+s -ldld
+$bn_ops = DES_PTR DES_UNROLL DES_RISC1
+$bn_obj =
+$des_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme = dl
+$shared_target= hpux-shared
+$shared_cflag = +Z
+$shared_ldflag =
+$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib =
+$arflags =
+
+*** hpux-brokengcc
+$cc = gcc
+$cflags = -DB_ENDIAN -DBN_DIV2W -O3
$unistd =
$thread_cflag = (unknown)
$sys_id =
$lflags = -Wl,+s -ldld
$bn_ops = DES_PTR DES_UNROLL DES_RISC1
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme = dl
+$shared_target= hpux-shared
+$shared_cflag = -fPIC
+$shared_ldflag =
+$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib =
+$arflags =
+
+*** hpux-cc
+$cc = cc
+$cflags = -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z
+$unistd =
+$thread_cflag = (unknown)
+$sys_id =
+$lflags = -Wl,+s -ldld
+$bn_ops = BN_LLONG DES_PTR DES_UNROLL DES_RISC1
+$bn_obj =
+$des_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -2086,11 +2332,9 @@ $unistd =
$thread_cflag = (unknown)
$sys_id =
$lflags = -Wl,+s -ldld
-$bn_ops = DES_PTR DES_UNROLL DES_RISC1
-$cpuid_obj =
+$bn_ops = BN_LLONG DES_PTR DES_UNROLL DES_RISC1
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -2108,48 +2352,44 @@ $arflags =
*** hpux-ia64-cc
$cc = cc
-$cflags = -Ae +DD32 +O2 +Olit=all -z -DB_ENDIAN -D_REENTRANT
+$cflags = -Ae +DD32 +O3 +Olit=all -z -DB_ENDIAN
$unistd =
-$thread_cflag =
+$thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -ldl
-$bn_ops = SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT
-$cpuid_obj =
-$bn_obj = asm/ia64.o
+$bn_ops = SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
+$bn_obj = asm/ia64-cpp.o
$des_obj =
-$aes_obj = aes_core.o aes_cbc.o asm/aes-ia64.o
$bf_obj =
$md5_obj =
-$sha1_obj = asm/sha1-ia64.o asm/sha256-ia64.o asm/sha512-ia64.o
+$sha1_obj =
$cast_obj =
-$rc4_obj = asm/rc4-ia64.o
+$rc4_obj =
$rmd160_obj =
$rc5_obj =
$dso_scheme = dlfcn
$shared_target= hpux-shared
$shared_cflag = +Z
$shared_ldflag = +DD32 -b
-$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
*** hpux-ia64-gcc
$cc = gcc
-$cflags = -O3 -DB_ENDIAN -D_REENTRANT
+$cflags = -O3 -DB_ENDIAN -D_ILP32
$unistd =
-$thread_cflag =
+$thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -ldl
-$bn_ops = SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT
-$cpuid_obj =
+$bn_ops = SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
$bn_obj = asm/ia64.o
$des_obj =
-$aes_obj = asm/aes-ia64.o
$bf_obj =
$md5_obj =
-$sha1_obj = asm/sha256-ia64.o asm/sha512-ia64.o
+$sha1_obj =
$cast_obj =
-$rc4_obj = asm/rc4-ia64.o
+$rc4_obj =
$rmd160_obj =
$rc5_obj =
$dso_scheme = dlfcn
@@ -2160,6 +2400,31 @@ $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
+*** hpux-m68k-gcc
+$cc = gcc
+$cflags = -DB_ENDIAN -DBN_DIV2W -O3
+$unistd =
+$thread_cflag = (unknown)
+$sys_id =
+$lflags =
+$bn_ops = BN_LLONG DES_PTR DES_UNROLL
+$bn_obj =
+$des_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme =
+$shared_target=
+$shared_cflag =
+$shared_ldflag =
+$shared_extension =
+$ranlib =
+$arflags =
+
*** hpux-parisc-cc
$cc = cc
$cflags = +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY
@@ -2168,10 +2433,8 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -Wl,+s -ldld
$bn_ops = MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -2191,14 +2454,12 @@ $arflags =
$cc = cc
$cflags = -Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY
$unistd =
-$thread_cflag = -D_REENTRANT
+$thread_cflag =
$sys_id =
$lflags = -ldld
$bn_ops = BN_LLONG DES_PTR DES_UNROLL DES_RISC1
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -2218,14 +2479,12 @@ $arflags =
$cc = gcc
$cflags = -O3 -DB_ENDIAN -DBN_DIV2W
$unistd =
-$thread_cflag = -D_REENTRANT
+$thread_cflag =
$sys_id =
$lflags = -Wl,+s -ldld
$bn_ops = BN_LLONG DES_PTR DES_UNROLL DES_RISC1
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -2241,18 +2500,16 @@ $shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
-*** hpux-parisc1_0-cc
+*** hpux-parisc1_1-cc
$cc = cc
-$cflags = +DAportable +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY
+$cflags = +DA1.1 +DS1.1 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY
$unistd =
$thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -Wl,+s -ldld
$bn_ops = MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -2270,16 +2527,14 @@ $arflags =
*** hpux-parisc2-cc
$cc = cc
-$cflags = +DA2.0 +DS2.0 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT
+$cflags = +DA2.0 +DS2.0 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY
$unistd =
-$thread_cflag =
+$thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -Wl,+s -ldld
$bn_ops = SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
-$cpuid_obj =
$bn_obj = asm/pa-risc2.o
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -2297,16 +2552,14 @@ $arflags =
*** hpux-parisc2-gcc
$cc = gcc
-$cflags = -march=2.0 -O3 -DB_ENDIAN -D_REENTRANT
+$cflags = -march=2.0 -O3 -DB_ENDIAN
$unistd =
-$thread_cflag =
+$thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -Wl,+s -ldld
$bn_ops = SIXTY_FOUR_BIT RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL DES_RISC1
-$cpuid_obj =
$bn_obj = asm/pa-risc2.o
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -2322,50 +2575,146 @@ $shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
+*** hpux10-brokencc
+$cc = cc
+$cflags = -DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z
+$unistd =
+$thread_cflag = -D_REENTRANT
+$sys_id =
+$lflags = -Wl,+s -ldld
+$bn_ops = BN_LLONG DES_PTR DES_UNROLL DES_RISC1
+$bn_obj =
+$des_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme = dl
+$shared_target= hpux-shared
+$shared_cflag = +Z
+$shared_ldflag =
+$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib =
+$arflags =
+
+*** hpux10-brokengcc
+$cc = gcc
+$cflags = -DB_ENDIAN -DBN_DIV2W -O3
+$unistd =
+$thread_cflag = -D_REENTRANT
+$sys_id =
+$lflags = -Wl,+s -ldld
+$bn_ops = DES_PTR DES_UNROLL DES_RISC1
+$bn_obj =
+$des_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme = dl
+$shared_target= hpux-shared
+$shared_cflag = -fPIC
+$shared_ldflag =
+$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib =
+$arflags =
+
+*** hpux10-cc
+$cc = cc
+$cflags = -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z
+$unistd =
+$thread_cflag = -D_REENTRANT
+$sys_id =
+$lflags = -Wl,+s -ldld
+$bn_ops = BN_LLONG DES_PTR DES_UNROLL DES_RISC1
+$bn_obj =
+$des_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme = dl
+$shared_target= hpux-shared
+$shared_cflag = +Z
+$shared_ldflag =
+$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib =
+$arflags =
+
+*** hpux10-gcc
+$cc = gcc
+$cflags = -DB_ENDIAN -DBN_DIV2W -O3
+$unistd =
+$thread_cflag = -D_REENTRANT
+$sys_id =
+$lflags = -Wl,+s -ldld
+$bn_ops = BN_LLONG DES_PTR DES_UNROLL DES_RISC1
+$bn_obj =
+$des_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme = dl
+$shared_target= hpux-shared
+$shared_cflag = -fPIC
+$shared_ldflag =
+$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib =
+$arflags =
+
*** hpux64-ia64-cc
$cc = cc
-$cflags = -Ae +DD64 +O3 +Olit=all -z -DB_ENDIAN -D_REENTRANT
+$cflags = -Ae +DD64 +O3 +Olit=all -z -DB_ENDIAN
$unistd =
-$thread_cflag =
+$thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -ldl
-$bn_ops = SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT
-$cpuid_obj =
-$bn_obj = asm/ia64.o
+$bn_ops = SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
+$bn_obj = asm/ia64-cpp.o
$des_obj =
-$aes_obj = aes_core.o aes_cbc.o asm/aes-ia64.o
$bf_obj =
$md5_obj =
-$sha1_obj = asm/sha1-ia64.o asm/sha256-ia64.o asm/sha512-ia64.o
+$sha1_obj =
$cast_obj =
-$rc4_obj = asm/rc4-ia64.o
+$rc4_obj =
$rmd160_obj =
$rc5_obj =
$dso_scheme = dlfcn
$shared_target= hpux-shared
$shared_cflag = +Z
$shared_ldflag = +DD64 -b
-$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
*** hpux64-ia64-gcc
$cc = gcc
-$cflags = -mlp64 -O3 -DB_ENDIAN -D_REENTRANT
+$cflags = -mlp64 -O3 -DB_ENDIAN
$unistd =
-$thread_cflag =
+$thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -ldl
-$bn_ops = SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT
-$cpuid_obj =
+$bn_ops = SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
$bn_obj = asm/ia64.o
$des_obj =
-$aes_obj = aes_core.o aes_cbc.o asm/aes-ia64.o
$bf_obj =
$md5_obj =
-$sha1_obj = asm/sha1-ia64.o asm/sha256-ia64.o asm/sha512-ia64.o
+$sha1_obj =
$cast_obj =
-$rc4_obj = asm/rc4-ia64.o
+$rc4_obj =
$rmd160_obj =
$rc5_obj =
$dso_scheme = dlfcn
@@ -2376,18 +2725,41 @@ $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
+*** hpux64-parisc-gcc
+$cc = gcc
+$cflags = -DB_ENDIAN -DMD32_XARRAY
+$unistd =
+$thread_cflag = -D_REENTRANT
+$sys_id =
+$lflags = -ldl
+$bn_ops = SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
+$bn_obj =
+$des_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme = dlfcn
+$shared_target= hpux-shared
+$shared_cflag = -fpic
+$shared_ldflag = -shared
+$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib =
+$arflags =
+
*** hpux64-parisc2-cc
$cc = cc
-$cflags = +DD64 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT
+$cflags = +DD64 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY
$unistd =
-$thread_cflag =
+$thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -ldl
$bn_ops = SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
-$cpuid_obj =
$bn_obj = asm/pa-risc2W.o
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -2405,16 +2777,14 @@ $arflags =
*** hpux64-parisc2-gcc
$cc = gcc
-$cflags = -O3 -DB_ENDIAN -D_REENTRANT
+$cflags = -O3 -DB_ENDIAN
$unistd =
-$thread_cflag =
+$thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -ldl
$bn_ops = SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
-$cpuid_obj =
$bn_obj = asm/pa-risc2W.o
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -2438,13 +2808,11 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -ldl
$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj = x86cpuid-elf.o
$bn_obj = asm/bn86-elf.o asm/co86-elf.o
$des_obj = asm/dx86-elf.o asm/yx86-elf.o
-$aes_obj = asm/ax86-elf.o
$bf_obj = asm/bx86-elf.o
$md5_obj = asm/mx86-elf.o
-$sha1_obj = asm/sx86-elf.o asm/s512sse2-elf.o
+$sha1_obj = asm/sx86-elf.o
$cast_obj = asm/cx86-elf.o
$rc4_obj = asm/rx86-elf.o
$rmd160_obj = asm/rm86-elf.o
@@ -2465,10 +2833,8 @@ $thread_cflag = (unknown)
$sys_id =
$lflags =
$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC2 DES_UNROLL BF_PTR
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -2492,10 +2858,8 @@ $thread_cflag = (unknown)
$sys_id =
$lflags =
$bn_ops = BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK DES_UNROLL DES_RISC2 DES_PTR BF_PTR
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -2519,10 +2883,8 @@ $thread_cflag = -D_SGI_MP_SOURCE
$sys_id =
$lflags =
$bn_ops = DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT
-$cpuid_obj =
$bn_obj = asm/mips3.o
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -2546,10 +2908,8 @@ $thread_cflag = -D_SGI_MP_SOURCE
$sys_id =
$lflags =
$bn_ops = MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT
-$cpuid_obj =
$bn_obj = asm/mips3.o
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -2573,10 +2933,8 @@ $thread_cflag = -D_SGI_MP_SOURCE
$sys_id =
$lflags =
$bn_ops = RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG
-$cpuid_obj =
$bn_obj = asm/mips3.o
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -2600,10 +2958,8 @@ $thread_cflag = -D_SGI_MP_SOURCE
$sys_id =
$lflags =
$bn_ops = RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG
-$cpuid_obj =
$bn_obj = asm/mips3.o
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -2627,10 +2983,8 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags =
$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -2654,10 +3008,8 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -ldl
$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -2681,10 +3033,8 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags =
$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -2708,10 +3058,8 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -ldl
$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -2735,17 +3083,15 @@ $thread_cflag = (unknown)
$sys_id =
$lflags =
$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj = x86cpuid-out.o
-$bn_obj = bn86-out.o co86-out.o
-$des_obj = dx86-out.o yx86-out.o
-$aes_obj = ax86-out.o
-$bf_obj = bx86-out.o
-$md5_obj = mx86-out.o
-$sha1_obj = sx86-out.o s512sse2-out.o
-$cast_obj = cx86-out.o
-$rc4_obj = rx86-out.o
-$rmd160_obj = rm86-out.o
-$rc5_obj = r586-out.o
+$bn_obj = asm/bn86-out.o asm/co86-out.o
+$des_obj = asm/dx86-out.o asm/yx86-out.o
+$bf_obj = asm/bx86-out.o
+$md5_obj = asm/mx86-out.o
+$sha1_obj = asm/sx86-out.o
+$cast_obj = asm/cx86-out.o
+$rc4_obj = asm/rx86-out.o
+$rmd160_obj = asm/rm86-out.o
+$rc5_obj = asm/r586-out.o
$dso_scheme =
$shared_target=
$shared_cflag =
@@ -2756,19 +3102,17 @@ $arflags =
*** linux-elf
$cc = gcc
-$cflags = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
+$cflags = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall
$unistd =
$thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -ldl
$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj = x86cpuid-elf.o
$bn_obj = asm/bn86-elf.o asm/co86-elf.o
$des_obj = asm/dx86-elf.o asm/yx86-elf.o
-$aes_obj = asm/ax86-elf.o
$bf_obj = asm/bx86-elf.o
$md5_obj = asm/mx86-elf.o
-$sha1_obj = asm/sx86-elf.o asm/s512sse2-elf.o
+$sha1_obj = asm/sx86-elf.o
$cast_obj = asm/cx86-elf.o
$rc4_obj = asm/rx86-elf.o
$rmd160_obj = asm/rm86-elf.o
@@ -2781,18 +3125,16 @@ $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
-*** linux-generic32
+*** linux-elf-arm
$cc = gcc
-$cflags = -DTERMIO -O3 -fomit-frame-pointer -Wall
+$cflags = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
$unistd =
$thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -ldl
-$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR
-$cpuid_obj =
+$bn_ops = BN_LLONG
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -2808,18 +3150,41 @@ $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
-*** linux-generic64
+*** linux-ia32-icc
+$cc = icc
+$cflags = -DL_ENDIAN -DTERMIO -O2 -no_cpprt
+$unistd =
+$thread_cflag = -D_REENTRANT
+$sys_id =
+$lflags = -ldl
+$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
+$bn_obj = asm/bn86-elf.o asm/co86-elf.o
+$des_obj = asm/dx86-elf.o asm/yx86-elf.o
+$bf_obj = asm/bx86-elf.o
+$md5_obj = asm/mx86-elf.o
+$sha1_obj = asm/sx86-elf.o
+$cast_obj = asm/cx86-elf.o
+$rc4_obj = asm/rx86-elf.o
+$rmd160_obj = asm/rm86-elf.o
+$rc5_obj = asm/r586-elf.o
+$dso_scheme = dlfcn
+$shared_target= linux-shared
+$shared_cflag = -KPIC
+$shared_ldflag =
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib =
+$arflags =
+
+*** linux-ia64
$cc = gcc
-$cflags = -DTERMIO -O3 -Wall
+$cflags = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
$unistd =
$thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -ldl
-$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR
-$cpuid_obj =
-$bn_obj =
+$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR
+$bn_obj = asm/ia64.o
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -2835,50 +3200,96 @@ $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
-*** linux-ia32-icc
-$cc = icc
-$cflags = -DL_ENDIAN -DTERMIO -O2 -no_cpprt
+*** linux-ia64-ecc
+$cc = ecc
+$cflags = -DL_ENDIAN -DTERMIO -O2 -Wall
+$unistd =
+$thread_cflag = -D_REENTRANT
+$sys_id =
+$lflags = -ldl
+$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR
+$bn_obj = asm/ia64.o
+$des_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme = dlfcn
+$shared_target= linux-shared
+$shared_cflag = -fPIC
+$shared_ldflag =
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib =
+$arflags =
+
+*** linux-k6
+$cc = gcc
+$cflags = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -mcpu=k6 -Wall
$unistd =
$thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -ldl
$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj = x86cpuid-elf.o
$bn_obj = asm/bn86-elf.o asm/co86-elf.o
$des_obj = asm/dx86-elf.o asm/yx86-elf.o
-$aes_obj = asm/ax86-elf.o
$bf_obj = asm/bx86-elf.o
$md5_obj = asm/mx86-elf.o
-$sha1_obj = asm/sx86-elf.o asm/s512sse2-elf.o
+$sha1_obj = asm/sx86-elf.o
$cast_obj = asm/cx86-elf.o
$rc4_obj = asm/rx86-elf.o
$rmd160_obj = asm/rm86-elf.o
$rc5_obj = asm/r586-elf.o
$dso_scheme = dlfcn
$shared_target= linux-shared
-$shared_cflag = -KPIC
+$shared_cflag = -fPIC
$shared_ldflag =
$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
-*** linux-ia64
+*** linux-m68k
$cc = gcc
-$cflags = -DL_ENDIAN -DTERMIO -O3 -Wall
+$cflags = -DB_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall
+$unistd =
+$thread_cflag = -D_REENTRANT
+$sys_id =
+$lflags =
+$bn_ops = BN_LLONG
+$bn_obj =
+$des_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme =
+$shared_target=
+$shared_cflag =
+$shared_ldflag =
+$shared_extension =
+$ranlib =
+$arflags =
+
+*** linux-mips
+$cc = gcc
+$cflags = -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
$unistd =
$thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -ldl
-$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK
-$cpuid_obj =
-$bn_obj = asm/ia64.o
+$bn_ops = BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2
+$bn_obj =
$des_obj =
-$aes_obj = aes_core.o aes_cbc.o asm/aes-ia64.o
$bf_obj =
$md5_obj =
-$sha1_obj = asm/sha1-ia64.o asm/sha256-ia64.o asm/sha512-ia64.o
+$sha1_obj =
$cast_obj =
-$rc4_obj = asm/rc4-ia64.o
+$rc4_obj =
$rmd160_obj =
$rc5_obj =
$dso_scheme = dlfcn
@@ -2889,25 +3300,73 @@ $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
-*** linux-ia64-ecc
-$cc = ecc
-$cflags = -DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt
+*** linux-mipsel
+$cc = gcc
+$cflags = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
$unistd =
$thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -ldl
-$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK
-$cpuid_obj =
-$bn_obj = asm/ia64.o
+$bn_ops = BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2
+$bn_obj =
+$des_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme = dlfcn
+$shared_target= linux-shared
+$shared_cflag = -fPIC
+$shared_ldflag =
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib =
+$arflags =
+
+*** linux-parisc
+$cc = gcc
+$cflags = -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W
+$unistd =
+$thread_cflag = -D_REENTRANT
+$sys_id =
+$lflags =
+$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
+$bn_obj =
$des_obj =
-$aes_obj = aes_core.o aes_cbc.o asm/aes-ia64.o
$bf_obj =
$md5_obj =
-$sha1_obj = asm/sha1-ia64.o asm/sha256-ia64.o asm/sha512-ia64.o
+$sha1_obj =
$cast_obj =
-$rc4_obj = asm/rc4-ia64.o
+$rc4_obj =
$rmd160_obj =
$rc5_obj =
+$dso_scheme =
+$shared_target=
+$shared_cflag =
+$shared_ldflag =
+$shared_extension =
+$ranlib =
+$arflags =
+
+*** linux-pentium
+$cc = gcc
+$cflags = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -mcpu=pentium -Wall
+$unistd =
+$thread_cflag = -D_REENTRANT
+$sys_id =
+$lflags = -ldl
+$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
+$bn_obj = asm/bn86-elf.o asm/co86-elf.o
+$des_obj = asm/dx86-elf.o asm/yx86-elf.o
+$bf_obj = asm/bx86-elf.o
+$md5_obj = asm/mx86-elf.o
+$sha1_obj = asm/sx86-elf.o
+$cast_obj = asm/cx86-elf.o
+$rc4_obj = asm/rx86-elf.o
+$rmd160_obj = asm/rm86-elf.o
+$rc5_obj = asm/r586-elf.o
$dso_scheme = dlfcn
$shared_target= linux-shared
$shared_cflag = -fPIC
@@ -2924,10 +3383,8 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -ldl
$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL
-$cpuid_obj =
$bn_obj = asm/linux_ppc32.o
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -2945,16 +3402,14 @@ $arflags =
*** linux-ppc64
$cc = gcc
-$cflags = -bpowerpc64-linux -DB_ENDIAN -DTERMIO -O3 -Wall
+$cflags = -m64 -DB_ENDIAN -DTERMIO -O3 -Wall
$unistd =
$thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -ldl
$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL
-$cpuid_obj =
$bn_obj = asm/linux_ppc64.o
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -2965,11 +3420,111 @@ $rc5_obj =
$dso_scheme = dlfcn
$shared_target= linux-shared
$shared_cflag = -fPIC
-$shared_ldflag = -bpowerpc64-linux
+$shared_ldflag = -m64
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib =
+$arflags =
+
+*** linux-ppro
+$cc = gcc
+$cflags = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -mcpu=pentiumpro -Wall
+$unistd =
+$thread_cflag = -D_REENTRANT
+$sys_id =
+$lflags = -ldl
+$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
+$bn_obj = asm/bn86-elf.o asm/co86-elf.o
+$des_obj = asm/dx86-elf.o asm/yx86-elf.o
+$bf_obj = asm/bx86-elf.o
+$md5_obj = asm/mx86-elf.o
+$sha1_obj = asm/sx86-elf.o
+$cast_obj = asm/cx86-elf.o
+$rc4_obj = asm/rx86-elf.o
+$rmd160_obj = asm/rm86-elf.o
+$rc5_obj = asm/r586-elf.o
+$dso_scheme = dlfcn
+$shared_target= linux-shared
+$shared_cflag = -fPIC
+$shared_ldflag =
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib =
+$arflags =
+
+*** linux-s390
+$cc = gcc
+$cflags = -DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall
+$unistd =
+$thread_cflag = -D_REENTRANT
+$sys_id =
+$lflags = -ldl
+$bn_ops = BN_LLONG
+$bn_obj =
+$des_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme = dlfcn
+$shared_target= linux-shared
+$shared_cflag = -fPIC
+$shared_ldflag =
$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
+*** linux-s390x
+$cc = gcc
+$cflags = -DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall
+$unistd =
+$thread_cflag = -D_REENTRANT
+$sys_id =
+$lflags = -ldl
+$bn_ops = SIXTY_FOUR_BIT_LONG
+$bn_obj =
+$des_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme = dlfcn
+$shared_target= linux-shared
+$shared_cflag = -fPIC
+$shared_ldflag =
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib =
+$arflags =
+
+*** linux-sparcv7
+$cc = gcc
+$cflags = -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
+$unistd =
+$thread_cflag = -D_REENTRANT
+$sys_id =
+$lflags =
+$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
+$bn_obj =
+$des_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme =
+$shared_target=
+$shared_cflag =
+$shared_ldflag =
+$shared_extension =
+$ranlib =
+$arflags =
+
*** linux-sparcv8
$cc = gcc
$cflags = -mv8 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W
@@ -2978,10 +3533,8 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -ldl
$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
-$cpuid_obj =
$bn_obj = asm/sparcv8.o
$des_obj = asm/des_enc-sparc.o fcrypt_b.o
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -2999,16 +3552,14 @@ $arflags =
*** linux-sparcv9
$cc = gcc
-$cflags = -m32 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W
+$cflags = -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W
$unistd =
$thread_cflag = -D_REENTRANT
$sys_id = ULTRASPARC
$lflags = -ldl
$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
-$cpuid_obj =
$bn_obj = asm/sparcv8plus.o
$des_obj = asm/des_enc-sparc.o fcrypt_b.o
-$aes_obj =
$bf_obj =
$md5_obj = asm/md5-sparcv8plus.o
$sha1_obj =
@@ -3019,7 +3570,7 @@ $rc5_obj =
$dso_scheme = dlfcn
$shared_target= linux-shared
$shared_cflag = -fPIC
-$shared_ldflag = -m32
+$shared_ldflag =
$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
@@ -3032,10 +3583,8 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -ldl
$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL
-$cpuid_obj = amd64cpuid.o
$bn_obj = asm/x86_64-gcc.o
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -3059,10 +3608,8 @@ $thread_cflag = -D_REENTRANT
$sys_id = ULTRASPARC
$lflags = -ldl
$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
-$cpuid_obj =
$bn_obj =
$des_obj = asm/des_enc-sparc.o fcrypt_b.o
-$aes_obj =
$bf_obj =
$md5_obj = asm/md5-sparcv9.o
$sha1_obj =
@@ -3080,27 +3627,25 @@ $arflags =
*** mingw
$cc = gcc
-$cflags = -mno-cygwin -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall
+$cflags = -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -mno-cygwin -Wall
$unistd =
$thread_cflag =
$sys_id = MINGW32
$lflags = -mno-cygwin -lwsock32 -lgdi32
$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj = x86cpuid-cof.o
-$bn_obj = asm/bn86-cof.o asm/co86-cof.o
-$des_obj = asm/dx86-cof.o asm/yx86-cof.o
-$aes_obj = asm/ax86-cof.o
-$bf_obj = asm/bx86-cof.o
-$md5_obj = asm/mx86-cof.o
-$sha1_obj = asm/sx86-cof.o asm/s512sse2-cof.o
-$cast_obj = asm/cx86-cof.o
-$rc4_obj = asm/rx86-cof.o
-$rmd160_obj = asm/rm86-cof.o
-$rc5_obj = asm/r586-cof.o
+$bn_obj = asm/bn86-out.o asm/co86-out.o
+$des_obj = asm/dx86-out.o asm/yx86-out.o
+$bf_obj = asm/bx86-out.o
+$md5_obj = asm/mx86-out.o
+$sha1_obj = asm/sx86-out.o
+$cast_obj = asm/cx86-out.o
+$rc4_obj = asm/rx86-out.o
+$rmd160_obj = asm/rm86-out.o
+$rc5_obj = asm/r586-out.o
$dso_scheme = win32
-$shared_target= cygwin-shared
-$shared_cflag = -D_DLL
-$shared_ldflag = -shared
+$shared_target=
+$shared_cflag =
+$shared_ldflag =
$shared_extension = .dll
$ranlib =
$arflags =
@@ -3113,10 +3658,8 @@ $thread_cflag = (unknown)
$sys_id =
$lflags = -lsocket -lnsl -lc89
$bn_ops = DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -3140,10 +3683,8 @@ $thread_cflag =
$sys_id =
$lflags = RC4_INDEX MD2_INT
$bn_ops =
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -3167,10 +3708,8 @@ $thread_cflag =
$sys_id =
$lflags = BN_LLONG RC4_INDEX MD2_INT
$bn_ops =
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -3194,10 +3733,8 @@ $thread_cflag =
$sys_id =
$lflags = RC4_INDEX MD2_INT
$bn_ops =
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -3221,10 +3758,8 @@ $thread_cflag = (unknown)
$sys_id = NEWS4
$lflags = -lmld -liberty
$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -3248,10 +3783,8 @@ $thread_cflag = (unknown)
$sys_id =
$lflags =
$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -3275,10 +3808,8 @@ $thread_cflag = (unknown)
$sys_id =
$lflags =
$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -3294,60 +3825,6 @@ $shared_extension =
$ranlib =
$arflags =
-*** ofs1-alpha-cc
-$cc = cc
-$cflags = -std1 -tune host -O4 -readonly_strings
-$unistd =
-$thread_cflag = (unknown)
-$sys_id =
-$lflags =
-$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK
-$cpuid_obj =
-$bn_obj =
-$des_obj =
-$aes_obj =
-$bf_obj =
-$md5_obj =
-$sha1_obj =
-$cast_obj =
-$rc4_obj =
-$rmd160_obj =
-$rc5_obj =
-$dso_scheme = dlfcn
-$shared_target= alpha-osf1-shared
-$shared_cflag =
-$shared_ldflag =
-$shared_extension = .so
-$ranlib =
-$arflags =
-
-*** osf1-alpha-gcc
-$cc = gcc
-$cflags = -O3
-$unistd =
-$thread_cflag = (unknown)
-$sys_id =
-$lflags =
-$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1
-$cpuid_obj =
-$bn_obj =
-$des_obj =
-$aes_obj =
-$bf_obj =
-$md5_obj =
-$sha1_obj =
-$cast_obj =
-$rc4_obj =
-$rmd160_obj =
-$rc5_obj =
-$dso_scheme = dlfcn
-$shared_target= alpha-osf1-shared
-$shared_cflag =
-$shared_ldflag =
-$shared_extension = .so
-$ranlib =
-$arflags =
-
*** purify
$cc = purify gcc
$cflags = -g -DPURIFY -Wall
@@ -3356,10 +3833,8 @@ $thread_cflag = (unknown)
$sys_id =
$lflags = -lsocket -lnsl
$bn_ops =
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -3383,10 +3858,8 @@ $thread_cflag = (unknown)
$sys_id =
$lflags =
$bn_ops = DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -3410,10 +3883,8 @@ $thread_cflag = (unknown)
$sys_id =
$lflags = -lsocket
$bn_ops = DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -3437,10 +3908,8 @@ $thread_cflag = (unknown)
$sys_id = MACOSX_RHAPSODY
$lflags =
$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -3464,10 +3933,8 @@ $thread_cflag = (unknown)
$sys_id =
$lflags = -lsocket
$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -3491,13 +3958,11 @@ $thread_cflag = (unknown)
$sys_id =
$lflags = -lsocket -lnsl
$bn_ops = DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj = x86cpuid-elf.o
$bn_obj = asm/bn86-elf.o asm/co86-elf.o
$des_obj = asm/dx86-elf.o asm/yx86-elf.o
-$aes_obj = asm/ax86-elf.o
$bf_obj = asm/bx86-elf.o
$md5_obj = asm/mx86-elf.o
-$sha1_obj = asm/sx86-elf.o asm/s512sse2-elf.o
+$sha1_obj = asm/sx86-elf.o
$cast_obj = asm/cx86-elf.o
$rc4_obj = asm/rx86-elf.o
$rmd160_obj = asm/rm86-elf.o
@@ -3518,13 +3983,11 @@ $thread_cflag = (unknown)
$sys_id =
$lflags = -lsocket -lnsl
$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj = x86cpuid-elf.o
$bn_obj = asm/bn86-elf.o asm/co86-elf.o
$des_obj = asm/dx86-elf.o asm/yx86-elf.o
-$aes_obj = asm/ax86-elf.o
$bf_obj = asm/bx86-elf.o
$md5_obj = asm/mx86-elf.o
-$sha1_obj = asm/sx86-elf.o asm/s512sse2-elf.o
+$sha1_obj = asm/sx86-elf.o
$cast_obj = asm/cx86-elf.o
$rc4_obj = asm/rx86-elf.o
$rmd160_obj = asm/rm86-elf.o
@@ -3537,6 +4000,31 @@ $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
+*** solaris-sparc-sc3
+$cc = cc
+$cflags = -fast -O -Xa -DB_ENDIAN
+$unistd =
+$thread_cflag = -D_REENTRANT
+$sys_id =
+$lflags = -lsocket -lnsl -ldl
+$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR
+$bn_obj =
+$des_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme = dlfcn
+$shared_target= solaris-shared
+$shared_cflag = -KPIC
+$shared_ldflag =
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib =
+$arflags =
+
*** solaris-sparcv7-cc
$cc = cc
$cflags = -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W
@@ -3545,10 +4033,8 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -lsocket -lnsl -ldl
$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -3572,10 +4058,8 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -lsocket -lnsl -ldl
$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -3599,10 +4083,8 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -lsocket -lnsl -ldl
$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR
-$cpuid_obj =
$bn_obj = asm/sparcv8.o
$des_obj = asm/des_enc-sparc.o fcrypt_b.o
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -3626,10 +4108,8 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -lsocket -lnsl -ldl
$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
-$cpuid_obj =
$bn_obj = asm/sparcv8.o
$des_obj = asm/des_enc-sparc.o fcrypt_b.o
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -3653,10 +4133,8 @@ $thread_cflag = -D_REENTRANT
$sys_id = ULTRASPARC
$lflags = -lsocket -lnsl -ldl
$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR
-$cpuid_obj =
$bn_obj = asm/sparcv8plus.o
$des_obj = asm/des_enc-sparc.o fcrypt_b.o
-$aes_obj =
$bf_obj =
$md5_obj = asm/md5-sparcv8plus.o
$sha1_obj =
@@ -3680,10 +4158,8 @@ $thread_cflag = -D_REENTRANT
$sys_id = ULTRASPARC
$lflags = -lsocket -lnsl -ldl
$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
-$cpuid_obj =
$bn_obj = asm/sparcv8plus.o
$des_obj = asm/des_enc-sparc.o fcrypt_b.o
-$aes_obj =
$bf_obj =
$md5_obj = asm/md5-sparcv8plus.o
$sha1_obj =
@@ -3699,6 +4175,31 @@ $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
$arflags =
+*** solaris-sparcv9-gcc27
+$cc = gcc
+$cflags = -mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W
+$unistd =
+$thread_cflag = -D_REENTRANT
+$sys_id = ULTRASPARC
+$lflags = -lsocket -lnsl -ldl
+$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
+$bn_obj = asm/sparcv8plus-gcc27.o
+$des_obj = asm/des_enc-sparc.o fcrypt_b.o
+$bf_obj =
+$md5_obj = asm/md5-sparcv8plus-gcc27.o
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme = dlfcn
+$shared_target= solaris-shared
+$shared_cflag = -fPIC
+$shared_ldflag = -shared
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib =
+$arflags =
+
*** solaris-x86-cc
$cc = cc
$cflags = -fast -O -Xa
@@ -3707,10 +4208,8 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -lsocket -lnsl -ldl
$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -3734,13 +4233,11 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -lsocket -lnsl -ldl
$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj = x86cpuid-elf.o
$bn_obj = asm/bn86-elf.o asm/co86-elf.o
$des_obj = asm/dx86-elf.o asm/yx86-elf.o
-$aes_obj = asm/ax86-elf.o
$bf_obj = asm/bx86-elf.o
$md5_obj = asm/mx86-elf.o
-$sha1_obj = asm/sx86-elf.o asm/s512sse2-elf.o
+$sha1_obj = asm/sx86-elf.o
$cast_obj = asm/cx86-elf.o
$rc4_obj = asm/rx86-elf.o
$rmd160_obj = asm/rm86-elf.o
@@ -3761,10 +4258,8 @@ $thread_cflag = -D_REENTRANT
$sys_id = ULTRASPARC
$lflags = -lsocket -lnsl -ldl
$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR
-$cpuid_obj =
$bn_obj =
$des_obj = asm/des_enc-sparc.o fcrypt_b.o
-$aes_obj =
$bf_obj =
$md5_obj = asm/md5-sparcv9.o
$sha1_obj =
@@ -3788,10 +4283,8 @@ $thread_cflag = -D_REENTRANT
$sys_id = ULTRASPARC
$lflags = -lsocket -lnsl -ldl
$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR
-$cpuid_obj =
$bn_obj =
$des_obj = asm/des_enc-sparc.o fcrypt_b.o
-$aes_obj =
$bf_obj =
$md5_obj = asm/md5-sparcv9.o
$sha1_obj =
@@ -3815,10 +4308,8 @@ $thread_cflag = (unknown)
$sys_id = SUNOS
$lflags =
$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL DES_PTR DES_RISC1
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -3842,10 +4333,8 @@ $thread_cflag = (unknown)
$sys_id =
$lflags =
$bn_ops = THIRTY_TWO_BIT
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -3861,33 +4350,6 @@ $shared_extension =
$ranlib =
$arflags =
-*** tru64-alpha-cc
-$cc = cc
-$cflags = -std1 -tune host -fast -readonly_strings
-$unistd =
-$thread_cflag = -pthread
-$sys_id =
-$lflags =
-$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK
-$cpuid_obj =
-$bn_obj =
-$des_obj =
-$aes_obj =
-$bf_obj =
-$md5_obj =
-$sha1_obj =
-$cast_obj =
-$rc4_obj =
-$rmd160_obj =
-$rc5_obj =
-$dso_scheme = dlfcn
-$shared_target= tru64-shared
-$shared_cflag =
-$shared_ldflag =
-$shared_extension = .so
-$ranlib =
-$arflags =
-
*** ultrix-cc
$cc = cc
$cflags = -std1 -O -Olimit 2500 -DL_ENDIAN
@@ -3896,10 +4358,8 @@ $thread_cflag = (unknown)
$sys_id =
$lflags =
$bn_ops =
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -3923,10 +4383,8 @@ $thread_cflag = (unknown)
$sys_id =
$lflags =
$bn_ops =
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -3950,10 +4408,8 @@ $thread_cflag = -Kthread
$sys_id =
$lflags = -lsocket -lnsl -lresolv -lx
$bn_ops = DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -3977,10 +4433,8 @@ $thread_cflag = -Kthread
$sys_id =
$lflags = -lsocket -lnsl -lresolv -lx
$bn_ops = DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -4004,13 +4458,11 @@ $thread_cflag = -Kthread
$sys_id =
$lflags = -lsocket -lnsl
$bn_ops = BN_LLONG MD2_CHAR RC4_INDEX DES_PTR DES_RISC1 DES_UNROLL
-$cpuid_obj = x86cpuid-elf.o
$bn_obj = asm/bn86-elf.o asm/co86-elf.o
$des_obj = asm/dx86-elf.o asm/yx86-elf.o
-$aes_obj = asm/ax86-elf.o
$bf_obj = asm/bx86-elf.o
$md5_obj = asm/mx86-elf.o
-$sha1_obj = asm/sx86-elf.o asm/s512sse2-elf.o
+$sha1_obj = asm/sx86-elf.o
$cast_obj = asm/cx86-elf.o
$rc4_obj = asm/rx86-elf.o
$rmd160_obj = asm/rm86-elf.o
@@ -4031,13 +4483,11 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -lsocket -lnsl
$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj = x86cpuid-elf.o
$bn_obj = asm/bn86-elf.o asm/co86-elf.o
$des_obj = asm/dx86-elf.o asm/yx86-elf.o
-$aes_obj = asm/ax86-elf.o
$bf_obj = asm/bx86-elf.o
$md5_obj = asm/mx86-elf.o
-$sha1_obj = asm/sx86-elf.o asm/s512sse2-elf.o
+$sha1_obj = asm/sx86-elf.o
$cast_obj = asm/cx86-elf.o
$rc4_obj = asm/rx86-elf.o
$rmd160_obj = asm/rm86-elf.o
@@ -4058,10 +4508,8 @@ $thread_cflag = (unknown)
$sys_id = VOS
$lflags = -Wl,-map
$bn_ops = BN_LLONG
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -4072,8 +4520,8 @@ $rc5_obj =
$dso_scheme =
$shared_target=
$shared_cflag =
-$shared_ldflag =
-$shared_extension = .so
+$shared_ldflag = .so
+$shared_extension =
$ranlib =
$arflags =
@@ -4085,10 +4533,8 @@ $thread_cflag = (unknown)
$sys_id = VOS
$lflags = -Wl,-map
$bn_ops =
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -4099,8 +4545,8 @@ $rc5_obj =
$dso_scheme =
$shared_target=
$shared_cflag =
-$shared_ldflag =
-$shared_extension = .so
+$shared_ldflag = .so
+$shared_extension =
$ranlib =
$arflags =
@@ -4112,10 +4558,8 @@ $thread_cflag =
$sys_id = VXWORKS
$lflags = -r
$bn_ops =
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -4139,10 +4583,8 @@ $thread_cflag =
$sys_id = VXWORKS
$lflags = -r
$bn_ops =
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -4166,10 +4608,8 @@ $thread_cflag =
$sys_id = VXWORKS
$lflags = -r
$bn_ops =
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -4193,10 +4633,8 @@ $thread_cflag =
$sys_id = VXWORKS
$lflags = -r
$bn_ops =
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
@@ -4220,10 +4658,8 @@ $thread_cflag =
$sys_id = VXWORKS
$lflags = -r
$bn_ops =
-$cpuid_obj =
$bn_obj =
$des_obj =
-$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
diff --git a/VMS/cert_tool/hostaddr.c b/VMS/cert_tool/hostaddr.c
new file mode 100644
index 0000000000..691f073b6a
--- /dev/null
+++ b/VMS/cert_tool/hostaddr.c
@@ -0,0 +1,484 @@
+#include <openssl/opensslconf.h>
+
+#ifdef OPENSSL_SYS_VMS
+#pragma module HOSTADDR "X-1"
+
+/*
+**
+** Copyright (c) 2000 Compaq Computer Corporation
+** COMPAQ Registered in U.S. Patent and Trademark Office.
+**
+** Confidential computer software. Valid license from Compaq or
+** authorized sublicensor required for possession, use or copying.
+** Consistent with FAR 12.211 and 12.212, Commercial Computer Software,
+** Computer Software Documentation, and Technical Data for Commercial
+** Items are licensed to the U.S. Government under vendor's standard
+** commercial license.
+**
+*/
+
+/*
+**++
+**
+** FACILITY: Apache Web Server
+**
+** ABSTRACT:
+**
+** This program determine the hostaddr of the default node or of
+** a given hostname.
+**
+** The command line syntax is:
+**
+** HOSTADDR [-l log-name] [-s sym-name] [host-name]
+**
+** where:
+**
+** -l log-name specifies an optional logical name to receive hostname.
+**
+** -c sym-name specifies an optional symbol name to receive hostname.
+**
+** host-name specifies an optional host name to resolve.
+**
+** AUTHOR: Matthew Doremus CREATION DATE: 07-Jul-2000
+**
+** Modification History:
+**
+** X-1 Matthew Doremus 07-Jul-2000
+** Initial development
+**
+**--
+**
+** Compile/Link instructions:
+**
+** OpenVMS Alpha/VAX:
+** $ CC HOSTADDR+SYS$LIBRARY:SYS$LIB_C/LIBRARY
+** $ LINK HOSTADDR
+**
+*/
+
+/*
+** Define __NEW_STARLET if it's not already defined
+*/
+#ifndef __NEW_STARLET
+#define __NEW_STARLET
+#define __NEW_STARLET_SET
+#endif
+
+/*
+** Include the necessary header files
+*/
+#include <lib$routines>
+#include <libclidef>
+#include <descrip>
+#include <stdlib>
+#include <string>
+char *strdup(__const_char_ptr64);
+#include <stdio>
+#include <unistd>
+#include <types>
+#include <if>
+#include <socket>
+#include <types>
+#include <socket>
+#include <netdb>
+#include <in>
+
+/*
+** Undefine __NEW_STARLET if we had defined it
+*/
+#ifndef __NEW_STARLET_SET
+#undef __NEW_STARLET_SET
+#undef __NEW_STARLET
+#endif
+
+/*
+** Option Data Structure
+*/
+typedef struct _opt_data {
+ char *log_name;
+ char *sym_name;
+ char *host_name;
+ } OPT_DATA;
+
+/*
+** Local Routine Prototypes
+*/
+static void
+ParseCmdLine (
+ int,
+ char *[],
+ OPT_DATA *);
+
+static void
+SetLogName (
+ char *,
+ char *);
+
+static void
+SetSymName (
+ char *,
+ char *);
+
+static void
+Usage ();
+
+/*
+**
+** main - Main processing routine for the HOSTADDR utility
+**
+** Functional Description:
+**
+** This routine controls overall program execution.
+**
+** Usage:
+**
+** main argc, argv
+**
+** Formal parameters:
+**
+** argc - (IN) argument count
+** argv - (IN) address of an argument array
+**
+** Implicit Parameters:
+**
+** None
+**
+** Routine Value:
+**
+** None
+**
+** Side Effects:
+**
+** None
+**
+*/
+int
+main (
+ int argc,
+ char *argv[]
+ )
+{
+struct in_addr *addr_ptr;
+char hostname[512+1];
+struct hostent *hp;
+OPT_DATA OptData;
+char *hostaddr;
+int addr_max,
+ i;
+
+/*
+** Parse the command line
+*/
+ParseCmdLine (argc, argv, &OptData);
+
+/*
+** If no host name was given, then use gethostname otherwise
+** use the host name given.
+*/
+if (! OptData.host_name)
+ {
+ if (gethostname (hostname, sizeof (hostname) - 1))
+ {
+ perror ("gethostname");
+ exit (1);
+ }
+ }
+else
+ strcpy (hostname, OptData.host_name);
+
+/*
+** Get the host address using gethostbyname
+*/
+if (! (hp = gethostbyname (hostname)))
+ {
+ perror ("gethostbyname");
+ exit (1);
+ }
+
+/*
+** Format the host address(es) into a comma separated list
+*/
+addr_max = hp->h_length / sizeof (struct in_addr);
+hostaddr = malloc ((addr_max * (15 + 1)) + 1);
+addr_ptr = (struct in_addr *) hp->h_addr;
+for (i = 0; i < addr_max; i++)
+ {
+ if (i > 0)
+ strcat (hostaddr, ",");
+ addr_ptr = addr_ptr + (i * sizeof (struct in_addr));
+ sprintf (hostaddr + strlen (hostaddr), "%d.%d.%d.%d",
+ addr_ptr->s_net, addr_ptr->s_host,
+ addr_ptr->s_lh, addr_ptr->s_impno);
+ }
+
+/*
+** Define a logical name if one was provided
+*/
+if (OptData.log_name)
+ SetLogName (OptData.log_name, hostaddr);
+
+/*
+** Define a symbol name if one was provided
+*/
+if (OptData.sym_name)
+ SetSymName (OptData.sym_name, hostaddr);
+
+/*
+** print the host address if no logical or symbol name was provided
+*/
+if (! OptData.log_name && ! OptData.sym_name)
+ printf ("%s\n", hostaddr);
+
+}
+
+/*
+**
+** ParseCmdLine - Parse the command line options
+**
+** Functional Description:
+**
+** This routine parses the command line options.
+**
+** Usage:
+**
+** ParseCmdLine argc, argv, OptData
+**
+** Formal parameters:
+**
+** argc - (IN) argument count
+** argv - (IN) address of an argument array
+** OptData - (OUT) address of command option data structure
+** which will contain the parsed input.
+**
+** Implicit Parameters:
+**
+** None
+**
+** Routine Value:
+**
+** None
+**
+** Side Effects:
+**
+** None
+**
+*/
+static void
+ParseCmdLine (
+ int argc,
+ char *argv[],
+ OPT_DATA *OptData
+ )
+{
+int option,
+ i;
+
+/*
+** Initialize the option data
+*/
+OptData->log_name = NULL;
+OptData->sym_name = NULL;
+OptData->host_name = NULL;
+
+/*
+** Process the command line options
+*/
+while ((option = getopt (argc, argv, "l:s:?")) != EOF)
+ {
+ switch (option)
+ {
+ /*
+ ** Output to logical name ?
+ */
+ case 'l':
+ OptData->log_name = strdup (optarg);
+ break;
+
+ /*
+ ** Output to symbol name ?
+ */
+ case 's':
+ OptData->sym_name = strdup (optarg);
+ break;
+
+ /*
+ ** Invalid argument ?
+ */
+ case '?':
+ default:
+ Usage ();
+ exit (1);
+ break;
+ }
+ }
+
+/*
+** Are the number of parameters correct ?
+*/
+if (argc - optind > 1)
+ {
+ Usage ();
+ exit (1);
+ }
+
+/*
+** Host Name provided ?
+*/
+if (argc - optind == 1)
+ OptData->host_name = strdup (argv[optind]);
+
+}
+
+/*
+**
+** SetLogName - Set a logical name & value
+**
+** Functional Description:
+**
+** This routine sets a logical name & value.
+**
+** Usage:
+**
+** SetLogName LogName, LogValue
+**
+** Formal parameters:
+**
+** LogName - (IN) address of the logical name
+** LogValue - (IN) address of the logical value
+**
+** Implicit Parameters:
+**
+** None
+**
+** Routine Value:
+**
+** None
+**
+** Side Effects:
+**
+** None
+**
+*/
+static void
+SetLogName (
+ char *LogName,
+ char *LogValue
+ )
+{
+struct dsc$descriptor_s log_nam_desc = {0, DSC$K_DTYPE_T, DSC$K_CLASS_S, 0};
+struct dsc$descriptor_s log_val_desc = {0, DSC$K_DTYPE_T, DSC$K_CLASS_S, 0};
+int status;
+
+/*
+** Setup the logical name & value descriptors
+*/
+log_nam_desc.dsc$w_length = strlen (LogName);
+log_nam_desc.dsc$a_pointer = LogName;
+log_val_desc.dsc$w_length = strlen (LogValue);
+log_val_desc.dsc$a_pointer = LogValue;
+
+/*
+** Set the logical name & value
+*/
+status = lib$set_logical (&log_nam_desc, &log_val_desc, 0, 0, 0);
+if (! (status & 1))
+ exit (status);
+
+}
+
+/*
+**
+** SetSymName - Set a symbol name & value
+**
+** Functional Description:
+**
+** This routine sets a symbol name & value.
+**
+** Usage:
+**
+** SetSymName SymName, SymValue
+**
+** Formal parameters:
+**
+** SymName - (IN) address of the symbol name
+** SymValue - (IN) address of the Symbol value
+**
+** Implicit Parameters:
+**
+** None
+**
+** Routine Value:
+**
+** None
+**
+** Side Effects:
+**
+** None
+**
+*/
+static void
+SetSymName (
+ char *SymName,
+ char *SymValue
+ )
+{
+struct dsc$descriptor_s sym_nam_desc = {0, DSC$K_DTYPE_T, DSC$K_CLASS_S, 0};
+struct dsc$descriptor_s sym_val_desc = {0, DSC$K_DTYPE_T, DSC$K_CLASS_S, 0};
+int status;
+int lib$k_cli_local_sym = LIB$K_CLI_LOCAL_SYM;
+
+/*
+** Setup the symbol name & value descriptors
+*/
+sym_nam_desc.dsc$w_length = strlen (SymName);
+sym_nam_desc.dsc$a_pointer = SymName;
+sym_val_desc.dsc$w_length = strlen (SymValue);
+sym_val_desc.dsc$a_pointer = SymValue;
+
+/*
+** Set the symbol name & value
+*/
+status = lib$set_symbol (&sym_nam_desc, &sym_val_desc, &lib$k_cli_local_sym);
+if (! (status & 1))
+ exit (status);
+
+}
+
+/*
+**
+** Usage - Display the acceptable unix style command usage
+**
+** Functional Description:
+**
+** This routine displays to standard output the appropriate unix style
+** command usage.
+**
+** Usage:
+**
+** Usage
+**
+** Formal parameters:
+**
+** None
+**
+** Implicit Parameters:
+**
+** None
+**
+** Routine Value:
+**
+** None
+**
+** Side Effects:
+**
+** None
+**
+*/
+static void
+Usage ()
+{
+
+fprintf (stdout, "Usage: HOSTADDR [-l log-name] [-s sym-name] [host-name]\n");
+
+}
+#endif /* #ifdef OPENSSL_SYS_VMS */
diff --git a/VMS/cert_tool/hostname.c b/VMS/cert_tool/hostname.c
new file mode 100644
index 0000000000..f16f680aa9
--- /dev/null
+++ b/VMS/cert_tool/hostname.c
@@ -0,0 +1,520 @@
+#include <openssl/opensslconf.h>
+
+#ifdef OPENSSL_SYS_VMS
+#pragma module HOSTNAME "X-1"
+
+/*
+**
+** Copyright (c) 2000 Compaq Computer Corporation
+** COMPAQ Registered in U.S. Patent and Trademark Office.
+**
+** Confidential computer software. Valid license from Compaq or
+** authorized sublicensor required for possession, use or copying.
+** Consistent with FAR 12.211 and 12.212, Commercial Computer Software,
+** Computer Software Documentation, and Technical Data for Commercial
+** Items are licensed to the U.S. Government under vendor's standard
+** commercial license.
+**
+*/
+
+/*
+**++
+**
+** FACILITY: Apache Web Server
+**
+** ABSTRACT:
+**
+** This program determine the hostname of the default node or of
+** a given hostaddr.
+**
+** The command line syntax is:
+**
+** HOSTNAME [-l log-name] [-s sym-name] [host-addr]
+**
+** where:
+**
+** -l log-name specifies an optional logical name to receive hostname.
+**
+** -c sym-name specifies an optional symbol name to receive hostname.
+**
+** host-addr specifies an optional host address to resolve.
+**
+** AUTHOR: Matthew Doremus CREATION DATE: 07-Jul-2000
+**
+** Modification History:
+**
+** X-1 Matthew Doremus 07-Jul-2000
+** Initial development
+**
+**--
+**
+** Compile/Link instructions:
+**
+** OpenVMS Alpha/VAX:
+** $ CC HOSTNAME+SYS$LIBRARY:SYS$LIB_C/LIBRARY
+** $ LINK HOSTNAME
+**
+*/
+
+/*
+** Define __NEW_STARLET if it's not already defined
+*/
+#ifndef __NEW_STARLET
+#define __NEW_STARLET
+#define __NEW_STARLET_SET
+#endif
+
+/*
+** Include the necessary header files
+*/
+#include <lib$routines>
+#include <libclidef>
+#include <descrip>
+#include <stdlib>
+#include <string>
+#include <strings>
+char *strdup(__const_char_ptr64);
+#include <stdio>
+#include <unistd>
+#include <types>
+#include <if>
+#include <socket>
+#include <types>
+#include <socket>
+#include <netdb>
+#include <in>
+
+/*
+** Undefine __NEW_STARLET if we had defined it
+*/
+#ifndef __NEW_STARLET_SET
+#undef __NEW_STARLET_SET
+#undef __NEW_STARLET
+#endif
+
+/*
+** Option Data Structure
+*/
+typedef struct _opt_data {
+ char *log_name;
+ char *sym_name;
+ unsigned char host_addr[4];
+ } OPT_DATA;
+
+/*
+** Local Routine Prototypes
+*/
+static void
+ParseCmdLine (
+ int,
+ char *[],
+ OPT_DATA *);
+
+static void
+SetLogName (
+ char *,
+ char *);
+
+static void
+SetSymName (
+ char *,
+ char *);
+
+static void
+Usage ();
+
+/*
+**
+** main - Main processing routine for the HOSTNAME utility
+**
+** Functional Description:
+**
+** This routine controls overall program execution.
+**
+** Usage:
+**
+** main argc, argv
+**
+** Formal parameters:
+**
+** argc - (IN) argument count
+** argv - (IN) address of an argument array
+**
+** Implicit Parameters:
+**
+** None
+**
+** Routine Value:
+**
+** None
+**
+** Side Effects:
+**
+** None
+**
+*/
+int
+main (
+ int argc,
+ char *argv[]
+ )
+{
+struct in_addr host_addr;
+char hostname[512+1];
+struct hostent *hp;
+OPT_DATA OptData;
+int i;
+
+/*
+** Parse the command line
+*/
+ParseCmdLine (argc, argv, &OptData);
+
+/*
+** If no host address was given, then use gethostname otherwise
+** use gethostbyaddr.
+*/
+if (! OptData.host_addr[0] && ! OptData.host_addr[1] &&
+ ! OptData.host_addr[2] && ! OptData.host_addr[3])
+ {
+ if (gethostname (hostname, sizeof (hostname) - 1))
+ {
+ perror ("gethostname");
+ exit (1);
+ }
+
+ if (! (hp = gethostbyname (hostname)))
+ {
+ perror ("gethostbyname");
+ exit (1);
+ }
+ }
+else
+ {
+ host_addr.s_net = OptData.host_addr[0];
+ host_addr.s_host = OptData.host_addr[1];
+ host_addr.s_lh = OptData.host_addr[2];
+ host_addr.s_impno = OptData.host_addr[3];
+
+ if (! (hp = gethostbyaddr (&host_addr, sizeof (host_addr), AF_INET)))
+ {
+ perror ("gethostbyaddr");
+ exit (1);
+ }
+ }
+
+/*
+** Let's try to determine the best available fully qualified hostname.
+*/
+if (hp->h_name)
+ {
+ strcpy (hostname, hp->h_name);
+ if (! strchr (hostname, '.'))
+ {
+ for (i = 0; hp->h_aliases[i]; i++)
+ {
+ if (strchr (hp->h_aliases[i], '.') &&
+ ! strncasecmp (hp->h_aliases[i], hostname, strlen (hostname)))
+ {
+ strcpy (hostname, hp->h_aliases[i]);
+ break;
+ }
+ }
+ }
+ }
+else
+ strcpy (hostname, "(unavailable)");
+
+/*
+** Define a logical name if one was provided
+*/
+if (OptData.log_name)
+ SetLogName (OptData.log_name, hostname);
+
+/*
+** Define a symbol name if one was provided
+*/
+if (OptData.sym_name)
+ SetSymName (OptData.sym_name, hostname);
+
+/*
+** print the host name if no logical or symbol name was provided
+*/
+if (! OptData.log_name && ! OptData.sym_name)
+ printf ("%s\n", hostname);
+
+}
+
+/*
+**
+** ParseCmdLine - Parse the command line options
+**
+** Functional Description:
+**
+** This routine parses the command line options.
+**
+** Usage:
+**
+** ParseCmdLine argc, argv, OptData
+**
+** Formal parameters:
+**
+** argc - (IN) argument count
+** argv - (IN) address of an argument array
+** OptData - (OUT) address of command option data structure
+** which will contain the parsed input.
+**
+** Implicit Parameters:
+**
+** None
+**
+** Routine Value:
+**
+** None
+**
+** Side Effects:
+**
+** None
+**
+*/
+static void
+ParseCmdLine (
+ int argc,
+ char *argv[],
+ OPT_DATA *OptData
+ )
+{
+int option,
+ i;
+
+/*
+** Initialize the option data
+*/
+OptData->log_name = NULL;
+OptData->sym_name = NULL;
+OptData->host_addr[0] = 0;
+OptData->host_addr[1] = 0;
+OptData->host_addr[2] = 0;
+OptData->host_addr[3] = 0;
+
+/*
+** Process the command line options
+*/
+while ((option = getopt (argc, argv, "l:s:?")) != EOF)
+ {
+ switch (option)
+ {
+ /*
+ ** Output to logical name ?
+ */
+ case 'l':
+ OptData->log_name = strdup (optarg);
+ break;
+
+ /*
+ ** Output to symbol name ?
+ */
+ case 's':
+ OptData->sym_name = strdup (optarg);
+ break;
+
+ /*
+ ** Invalid argument ?
+ */
+ case '?':
+ default:
+ Usage ();
+ exit (1);
+ break;
+ }
+ }
+
+/*
+** Are the number of parameters correct ?
+*/
+if (argc - optind > 1)
+ {
+ Usage ();
+ exit (1);
+ }
+
+/*
+** Host Address provided ?
+*/
+if (argc - optind == 1)
+ {
+ char *addr_ptr = argv[optind],
+ *addr_sep;
+
+ for (i = 0; i < 4; i++)
+ {
+ if ((addr_sep = strchr (addr_ptr, '.')) && (i < 3))
+ *addr_sep = '\0';
+
+ if (strlen (addr_ptr) == 0 || atoi (addr_ptr) > 255 ||
+ strspn (addr_ptr, "0123456789") != strlen (addr_ptr))
+ {
+ printf ("Invalid TCP/IP address format.\n");
+ exit (1);
+ }
+
+ OptData->host_addr[i] = atoi (addr_ptr);
+ if (addr_sep)
+ addr_ptr = addr_sep + 1;
+ }
+ }
+}
+
+/*
+**
+** SetLogName - Set a logical name & value
+**
+** Functional Description:
+**
+** This routine sets a logical name & value.
+**
+** Usage:
+**
+** SetLogName LogName, LogValue
+**
+** Formal parameters:
+**
+** LogName - (IN) address of the logical name
+** LogValue - (IN) address of the logical value
+**
+** Implicit Parameters:
+**
+** None
+**
+** Routine Value:
+**
+** None
+**
+** Side Effects:
+**
+** None
+**
+*/
+static void
+SetLogName (
+ char *LogName,
+ char *LogValue
+ )
+{
+struct dsc$descriptor_s log_nam_desc = {0, DSC$K_DTYPE_T, DSC$K_CLASS_S, 0};
+struct dsc$descriptor_s log_val_desc = {0, DSC$K_DTYPE_T, DSC$K_CLASS_S, 0};
+int status;
+
+/*
+** Setup the logical name & value descriptors
+*/
+log_nam_desc.dsc$w_length = strlen (LogName);
+log_nam_desc.dsc$a_pointer = LogName;
+log_val_desc.dsc$w_length = strlen (LogValue);
+log_val_desc.dsc$a_pointer = LogValue;
+
+/*
+** Set the logical name & value
+*/
+status = lib$set_logical (&log_nam_desc, &log_val_desc, 0, 0, 0);
+if (! (status & 1))
+ exit (status);
+
+}
+
+/*
+**
+** SetSymName - Set a symbol name & value
+**
+** Functional Description:
+**
+** This routine sets a symbol name & value.
+**
+** Usage:
+**
+** SetSymName SymName, SymValue
+**
+** Formal parameters:
+**
+** SymName - (IN) address of the symbol name
+** SymValue - (IN) address of the Symbol value
+**
+** Implicit Parameters:
+**
+** None
+**
+** Routine Value:
+**
+** None
+**
+** Side Effects:
+**
+** None
+**
+*/
+static void
+SetSymName (
+ char *SymName,
+ char *SymValue
+ )
+{
+struct dsc$descriptor_s sym_nam_desc = {0, DSC$K_DTYPE_T, DSC$K_CLASS_S, 0};
+struct dsc$descriptor_s sym_val_desc = {0, DSC$K_DTYPE_T, DSC$K_CLASS_S, 0};
+int status;
+int lib$k_cli_local_sym = LIB$K_CLI_LOCAL_SYM;
+
+/*
+** Setup the symbol name & value descriptors
+*/
+sym_nam_desc.dsc$w_length = strlen (SymName);
+sym_nam_desc.dsc$a_pointer = SymName;
+sym_val_desc.dsc$w_length = strlen (SymValue);
+sym_val_desc.dsc$a_pointer = SymValue;
+
+/*
+** Set the symbol name & value
+*/
+status = lib$set_symbol (&sym_nam_desc, &sym_val_desc, &lib$k_cli_local_sym);
+if (! (status & 1))
+ exit (status);
+
+}
+
+/*
+**
+** Usage - Display the acceptable unix style command usage
+**
+** Functional Description:
+**
+** This routine displays to standard output the appropriate unix style
+** command usage.
+**
+** Usage:
+**
+** Usage
+**
+** Formal parameters:
+**
+** None
+**
+** Implicit Parameters:
+**
+** None
+**
+** Routine Value:
+**
+** None
+**
+** Side Effects:
+**
+** None
+**
+*/
+static void
+Usage ()
+{
+
+fprintf (stdout, "Usage: HOSTNAME [-l log-name] [-s sym-name] [host-addr]\n");
+
+}
+#endif /* #ifdef OPENSSL_SYS_VMS */
diff --git a/VMS/cert_tool/ssl$auth_cert.com b/VMS/cert_tool/ssl$auth_cert.com
new file mode 100644
index 0000000000..33f5bd3b69
--- /dev/null
+++ b/VMS/cert_tool/ssl$auth_cert.com
@@ -0,0 +1,639 @@
+$!
+$!------------------------------------------------------------------------------
+$! SSL$AUTH_CERT.COM - SSL Certificate Authority procedure
+$!------------------------------------------------------------------------------
+$!
+$ Verify = F$VERIFY (0)
+$ Set NoOn
+$ Set NoControl=Y
+$!
+$!------------------------------------------------------------------------------
+$! Description
+$!------------------------------------------------------------------------------
+$!
+$! This procedure prompts the user through creating a Server Certificate.
+$!
+$! There are no parameters used.
+$!
+$!------------------------------------------------------------------------------
+$! Define symbols
+$!------------------------------------------------------------------------------
+$!
+$ DELETE := DELETE
+$ SAY := WRITE SYS$OUTPUT
+$ ASK := READ SYS$COMMAND /END_OF_FILE=EXIT /PROMPT=
+$ PID = F$GETJPI ("","PID")
+$ TT_NOECHO = F$GETDVI ("TT:","TT_NOECHO")
+$ On Control_Y THEN GOTO EXIT
+$ Set Control=Y
+$!
+$ TT_ROWS = F$GETDVI ("TT:","TT_PAGE")
+$ TT_COLS = F$GETDVI ("TT:","DEVBUFSIZ")
+$!
+$ GET_USER_DATA := CALL GET_USER_DATA
+$ SET_USER_DATA := CALL SET_USER_DATA
+$ DEL_USER_DATA := CALL DEL_USER_DATA
+$ INIT_TERM := @SSL$COM:SSL$INIT_TERM
+$ SHOW_FILE := @SSL$COM:SSL$SHOW_FILE
+$ SSL_CONF_FILE = F$TRNLMN ("SSL$CA_CONF")
+$ GET_CONF_DATA := @SSL$COM:SSL$CONF_UTIL 'SSL_CONF_FILE' GET
+$ SET_CONF_DATA := @SSL$COM:SSL$CONF_UTIL 'SSL_CONF_FILE' SET
+$!
+$ ESC[0,8] = 27 ! Set the Escape Character
+$ BELL[0,8] = 7 ! Ring the terminal Bell
+$ RED = 1 ! Color - Red
+$ FGD = 30 ! Foreground
+$ BGD = 0 ! Background
+$ CSCR = ESC + "[2J" ! Clear the Screen
+$ CEOS = ESC + "[0J" ! Clear to the End of the Screen
+$ CEOL = ESC + "[0K" ! Clear to the End of the Line
+$ NORM = ESC + "[0m" ! Turn Attributes off
+$ BLNK = ESC + "[5m" ! Turn on BLINK Attribute
+$ WIDE = ESC + "#6" ! Turn on WIDE Attribute
+$!
+$!------------------------------------------------------------------------------
+$! Run the SSL setup if it hasn't been run yet
+$!------------------------------------------------------------------------------
+$!
+$ IF F$TRNLNM ("SSL$CA_CONF") .EQS. ""
+$ THEN
+$ IF F$SEARCH ("SSL$COM:SSL$INIT_ENV.COM") .NES. ""
+$ THEN
+$ @SSL$COM:SSL$INIT_ENV.COM
+$ ELSE
+$ SAY BELL, "Unable to locate SSL$COM:SSL$INIT_ENV.COM ..."
+$ GOTO EXIT
+$ ENDIF
+$ ENDIF
+$!
+$!------------------------------------------------------------------------------
+$! Display the Page Header
+$!------------------------------------------------------------------------------
+$!
+$ INIT_TERM
+$ BCOLOR = BGD
+$ FCOLOR = FGD + RED
+$ COLOR = ESC + "[''BCOLOR';''FCOLOR'm"
+$!
+$ TEXT = "SSL Certificate Tool"
+$ COL = (TT_COLS - (F$LENGTH (TEXT) * 2)) / 4
+$!
+$ SAY ESC + "[01;01H", CSCR
+$ SAY ESC + "[02;''COL'H", COLOR, WIDE, TEXT, NORM
+$!
+$ TEXT = "Create Certification Authority"
+$ COL = (TT_COLS - F$LENGTH (TEXT)) / 2
+$!
+$ SAY ESC + "[04;01H"
+$ SAY ESC + "[04;''COL'H", COLOR, TEXT, NORM
+$!
+$ ROW = 6
+$ COL = 2
+$ TOP_ROW = ROW
+$ MSG_ROW = TT_ROWS - 1
+$!
+$!------------------------------------------------------------------------------
+$! Initialize the Request Data
+$!------------------------------------------------------------------------------
+$!
+$ IF F$SEARCH ("''SSL_CONF_FILE'") .NES. ""
+$ THEN
+$ SAY ESC + "[''MSG_ROW';01H", BLNK, " Reading Configuration ...", NORM
+$ ELSE
+$ SAY ESC + "[''MSG_ROW';01H", BLNK, " Initializing Configuration ...", NORM
+$ ENDIF
+$!
+$ _request_name = "req"
+$!
+$ _distinguished_name = "CA_distinguished_name"
+$ _distinguished_name_upd = "Y"
+$!
+$ _default_bits = "1024"
+$ _default_bits_upd = "Y"
+$!
+$ _default_days = "1825"
+$ _default_days_upd = "Y"
+$!
+$ _default_keyfile = "SSL$KEY:SERVER_CA.KEY"
+$ _default_keyfile_upd = "Y"
+$!
+$ _default_crtfile = "SSL$CRT:SERVER_CA.CRT"
+$ _default_crtfile_upd = "Y"
+$!
+$ _countryName_prompt = "Country Name ?"
+$ _countryName_min = "2"
+$ _countryName_max = "2"
+$ _countryName_default = "US"
+$ _countryName_upd = "Y"
+$ _countryName_cnt = 4
+$!
+$ _0organizationName_prompt = "Organization Name ?"
+$ _0organizationName_default = ""
+$ _0organizationName_upd = "Y"
+$ _0organizationName_cnt = 2
+$!
+$ _organizationalUnitName_prompt = "Organization Unit Name ?"
+$ _organizationalUnitName_default = ""
+$ _organizationalUnitName_upd = "Y"
+$ _organizationalUnitName_cnt = 2
+$!
+$ _commonName_prompt = "Common Name ?"
+$ _commonName_max = "64"
+$ _commonName_default = "CA Authority"
+$ _commonName_upd = "Y"
+$ _commonName_cnt = 3
+$!
+$ IF F$SEARCH ("''SSL_CONF_FILE'") .NES. ""
+$ THEN
+$ GET_CONF_DATA "[''_request_name']#distinguished_name"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _distinguished_name = SSL_CONF_DATA
+$ _distinguished_name_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_request_name']#default_bits"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _default_bits = SSL_CONF_DATA
+$ _default_bits_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_request_name']#default_days"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _default_days = SSL_CONF_DATA
+$ _default_days_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_request_name']#default_keyfile"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _default_keyfile = F$PARSE (SSL_CONF_DATA,"SSL$ROOT:",,"DEVICE") + -
+ F$PARSE (SSL_CONF_DATA,"[KEY]",,"DIRECTORY") + -
+ F$PARSE (SSL_CONF_DATA,"SERVER",,"NAME") + -
+ F$PARSE (SSL_CONF_DATA,".KEY",,"TYPE")
+$ _default_keyfile_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_request_name']#default_crtfile"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _default_crtfile = F$PARSE (SSL_CONF_DATA,"SSL$ROOT:",,"DEVICE") + -
+ F$PARSE (SSL_CONF_DATA,"[CRT]",,"DIRECTORY") + -
+ F$PARSE (SSL_CONF_DATA,"SERVER",,"NAME") + -
+ F$PARSE (SSL_CONF_DATA,".CRT",,"TYPE")
+$ _default_crtfile_upd = "N"
+$ ENDIF
+$!
+$ CTR = 0
+$ GET_CONF_DATA "[''_distinguished_name']#countryName"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _countryName_prompt = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ GET_CONF_DATA "[''_distinguished_name']#countryName_min"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _countryName_min = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ GET_CONF_DATA "[''_distinguished_name']#countryName_max"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _countryName_max = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ GET_CONF_DATA "[''_distinguished_name']#countryName_default"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _countryName_default = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ IF _countryName_cnt .EQ. CTR THEN _countryName_upd = "N"
+$!
+$ CTR = 0
+$ GET_CONF_DATA "[''_distinguished_name']#0.organizationName"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _0organizationName_prompt = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ GET_CONF_DATA "[''_distinguished_name']#0.organizationName_default"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _0organizationName_default = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ IF _0organizationName_cnt .EQ. CTR THEN _0organizationName_upd = "N"
+$!
+$ CTR = 0
+$ GET_CONF_DATA "[''_distinguished_name']#organizationalUnitName"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _organizationalUnitName_prompt = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ GET_CONF_DATA "[''_distinguished_name']#organizationalUnitName_default"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _organizationalUnitName_default = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ IF _organizationalUnitName_cnt .EQ. CTR THEN _organizationalUnitName_upd = "N"
+$!
+$ CTR = 0
+$ GET_CONF_DATA "[''_distinguished_name']#commonName"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _commonName_prompt = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ GET_CONF_DATA "[''_distinguished_name']#commonName_max"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _commonName_max = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ GET_CONF_DATA "[''_distinguished_name']#commonName_default"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _commonName_default = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ IF _commonName_cnt .EQ. CTR THEN _commonName_upd = "N"
+$ ENDIF
+$!
+$ SET_USER_DATA "[]#pem_pass_phrase#-##PEM Pass Phrase ?#P#1###Y#Y"
+$ SET_USER_DATA "[''_request_name']#default_bits#D#''_default_bits'#Encryption Bits ?#I###''_default_bits_upd'#Y#N"
+$ SET_USER_DATA "[''_request_name']#default_days#D#''_default_days'#Default Days ?#I###''_default_days_upd'#Y#N"
+$ SET_USER_DATA "[''_request_name']#default_keyfile#D#''_default_keyfile'#CA certificate Key File ?#F###''_default_keyfile_upd'#Y#N"
+$ SET_USER_DATA "[''_request_name']#default_crtfile#D#''_default_crtfile'#CA certificate File ?#F###''_default_crtfile_upd'#Y#N"
+$ SET_USER_DATA "[''_request_name']#distinguished_name#D#''_distinguished_name'##S###''_distinguished_name_upd'#N#N"
+$ SET_USER_DATA "[''_distinguished_name']#countryName#P#''_countryName_default'#''_countryName_prompt'#S#''_countryName_min'#''_countryName_max'#''_countryName_upd'#Y#N"
+$ SET_USER_DATA "[''_distinguished_name']#0.organizationName#P#''_0organizationName_default'#''_0organizationName_prompt'#S###''_0organizationName_upd'#Y#N"
+$ SET_USER_DATA "[''_distinguished_name']#organizationalUnitName#P#''_organizationalUnitName_default'#''_organizationalUnitName_prompt'#S###''_organizationUnitName_upd'#Y#N"
+$ SET_USER_DATA "[''_distinguished_name']#commonName#P#''_commonName_default'#''_commonName_prompt'#S##''_commonName_max'#''_commonName_upd'#Y#N"
+$ SET_USER_DATA "[]#display_certificate#-#N#Display the CA certificate ?#S##1##Y#N"
+$!
+$ SAY ESC + "[''MSG_ROW';01H", CEOS
+$!
+$!------------------------------------------------------------------------------
+$! Confirm/Update the SSL Configuration Data
+$!------------------------------------------------------------------------------
+$!
+$ CTR = 1
+$!
+$PROMPT_LOOP:
+$!
+$ IF CTR .LE. SSL_USER_DATA_MAX
+$ THEN
+$ KEY = F$ELEMENT (0,"#",SSL_USER_DATA_'CTR') ! Key Name
+$ ITM = F$ELEMENT (1,"#",SSL_USER_DATA_'CTR') ! Item Name
+$ VAL = F$ELEMENT (2,"#",SSL_USER_DATA_'CTR') ! Item Value Contains Default or Prompt
+$ DEF = F$ELEMENT (3,"#",SSL_USER_DATA_'CTR') ! Default Value
+$ PRM = F$ELEMENT (4,"#",SSL_USER_DATA_'CTR') ! Prompt Value
+$ TYP = F$ELEMENT (5,"#",SSL_USER_DATA_'CTR') ! Value Type
+$ MIN = F$ELEMENT (6,"#",SSL_USER_DATA_'CTR') ! Value Minimum Length
+$ MAX = F$ELEMENT (7,"#",SSL_USER_DATA_'CTR') ! Value Maximum Length
+$ UPD = F$ELEMENT (8,"#",SSL_USER_DATA_'CTR') ! Entry Updated ?
+$ REQ = F$ELEMENT (9,"#",SSL_USER_DATA_'CTR') ! Entry Required for Input ?
+$ CFM = F$ELEMENT (10,"#",SSL_USER_DATA_'CTR')! Confirm Input ?
+$ CONFIRMED = 0
+$ IF REQ .EQS. "N"
+$ THEN
+$ CTR = CTR + 1
+$ GOTO PROMPT_LOOP
+$ ENDIF
+$ IF ROW .GT. MSG_ROW - 2
+$ THEN
+$ SAY ESC + "[''TOP_ROW';01H", CEOS
+$ ROW = TOP_ROW
+$ ENDIF
+$!
+$CONFIRM_LOOP:
+$!
+$ IF PRM .EQS. ""
+$ THEN
+$ PROMPT = ESC + "[''ROW';''COL'H''ITM' ? [''DEF'] ''CEOL'"
+$ ELSE
+$ PROMPT = ESC + "[''ROW';''COL'H''PRM' [''DEF'] ''CEOL'"
+$ ENDIF
+$ IF TYP .EQS. "P" THEN SET TERMINAL /NOECHO
+$ ASK "''PROMPT'" ANS /END_OF_FILE=EXIT
+$ IF TYP .EQS. "P" THEN SET TERMINAL /ECHO
+$ ANS = F$EDIT (ANS,"TRIM")
+$ IF ANS .EQS. "" THEN ANS = DEF
+$ IF TYP .EQS. "F"
+$ THEN
+$ ANS = F$PARSE ("''ANS'","''DEF'",,,"SYNTAX_ONLY")
+$ ENDIF
+$ IF TYP .EQS. "I" .AND. F$TYPE (ANS) .NES. "INTEGER"
+$ THEN
+$ CALL INVALID_ENTRY
+$ SAY ESC + "[''ROW';01H", CEOS
+$ GOTO PROMPT_LOOP
+$ ENDIF
+$ IF (TYP .EQS. "S" .OR. TYP .EQS. "P") .AND. -
+ ((MIN .NES. "" .AND. F$LENGTH (ANS) .LT. F$INTEGER(MIN)) .OR. -
+ (MAX .NES. "" .AND. F$LENGTH (ANS) .GT. F$INTEGER(MAX)))
+$ THEN
+$ CALL INVALID_ENTRY
+$ SAY ESC + "[''ROW';01H", CEOS
+$ IF TYP .EQS. "S" THEN GOTO PROMPT_LOOP
+$ IF TYP .EQS. "P" THEN GOTO CONFIRM_LOOP
+$ ENDIF
+$ ROW = ROW + 1
+$ IF CFM .EQS. "Y"
+$ THEN
+$ IF CONFIRMED .EQ. 0
+$ THEN
+$ CONFIRMED = 1
+$ CONFIRMED_ANS = ANS
+$ PRM = "Confirm ''PRM'"
+$ GOTO CONFIRM_LOOP
+$ ELSE
+$ IF ANS .NES. CONFIRMED_ANS
+$ THEN
+$ CALL INVALID_ENTRY
+$ ROW = ROW - 2
+$ SAY ESC + "[''ROW';01H", CEOS
+$ GOTO PROMPT_LOOP
+$ ENDIF
+$ ENDIF
+$ ENDIF
+$ IF ANS .NES. DEF THEN SSL_USER_DATA_'CTR' = "''KEY'#''ITM'#''VAL'#''ANS'#''PRM'#''TYP'#''MIN'#''MAX'#Y#''REQ'#''CFM'"
+$ CTR = CTR + 1
+$ GOTO PROMPT_LOOP
+$ ENDIF
+$!
+$!------------------------------------------------------------------------------
+$! Save the SSL Configuration Data
+$!------------------------------------------------------------------------------
+$!
+$ CTR = 1
+$ SAY ESC + "[''MSG_ROW';01H", BLNK, " Saving Configuration ...", NORM
+$!
+$SAVE_CONF_LOOP:
+$!
+$ IF CTR .LE. SSL_USER_DATA_MAX
+$ THEN
+$ KEY = F$ELEMENT (0,"#",SSL_USER_DATA_'CTR') ! Key Name
+$ ITM = F$ELEMENT (1,"#",SSL_USER_DATA_'CTR') ! Item Name
+$ VAL = F$ELEMENT (2,"#",SSL_USER_DATA_'CTR') ! Item Value Contains Default or Prompt
+$ DEF = F$ELEMENT (3,"#",SSL_USER_DATA_'CTR') ! Default Value
+$ PRM = F$ELEMENT (4,"#",SSL_USER_DATA_'CTR') ! Prompt Value
+$ TYP = F$ELEMENT (5,"#",SSL_USER_DATA_'CTR') ! Value Type
+$ MIN = F$ELEMENT (6,"#",SSL_USER_DATA_'CTR') ! Value Minimum Length
+$ MAX = F$ELEMENT (7,"#",SSL_USER_DATA_'CTR') ! Value Maximum Length
+$ UPD = F$ELEMENT (8,"#",SSL_USER_DATA_'CTR') ! Entry Updated ?
+$ REQ = F$ELEMENT (9,"#",SSL_USER_DATA_'CTR') ! Entry Required for Input ?
+$ CFM = F$ELEMENT (10,"#",SSL_USER_DATA_'CTR')! Confirm Input ?
+$ IF UPD .NES. "Y" .OR. VAL .EQS. "-"
+$ THEN
+$ CTR = CTR + 1
+$ GOTO SAVE_CONF_LOOP
+$ ENDIF
+$ IF VAL .EQS. "D"
+$ THEN
+$ SET_CONF_DATA "''KEY'#''ITM'" "''DEF'"
+$ ELSE
+$ SET_CONF_DATA "''KEY'#''ITM'" "''PRM'"
+$ SET_CONF_DATA "''KEY'#''ITM'_default" "''DEF'"
+$ ENDIF
+$ IF MIN .NES. "" THEN SET_CONF_DATA "''KEY'#''ITM'_min" "''MIN'"
+$ IF MAX .NES. "" THEN SET_CONF_DATA "''KEY'#''ITM'_max" "''MAX'"
+$ CTR = CTR + 1
+$ GOTO SAVE_CONF_LOOP
+$ ENDIF
+$!
+$ PURGE /NOLOG /NOCONFIRM 'SSL_CONF_FILE'
+$ RENAME 'SSL_CONF_FILE'; ;1
+$!
+$ SAY ESC + "[''MSG_ROW';01H", CEOS
+$!
+$!------------------------------------------------------------------------------
+$! Create the Certificiate Authority
+$!------------------------------------------------------------------------------
+$!
+$ SAY ESC + "[''MSG_ROW';01H", BLNK, " Creating Certificate Authority ...", NORM
+$!
+$ X1 = 2
+$ Y1 = TOP_ROW
+$ X2 = TT_COLS - 2
+$ Y2 = MSG_ROW - 1
+$!
+$ GET_USER_DATA "[''_request_name']#default_days"
+$ _default_days = SSL_USER_DATA
+$ GET_USER_DATA "[''_request_name']#default_keyfile"
+$ _default_keyfile = SSL_USER_DATA
+$ GET_USER_DATA "[''_request_name']#default_crtfile"
+$ _default_crtfile = SSL_USER_DATA
+$ GET_USER_DATA "[]#pem_pass_phrase"
+$ _pem_pass_phrase = SSL_USER_DATA
+$ GET_USER_DATA "[]#display_certificate"
+$ _display_certificate = SSL_USER_DATA
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ SHOW SYSTEM /FULL /OUT=SYS$LOGIN:SSL_REQ_'PID'.RND
+$!
+$ OPEN /WRITE OFILE SYS$LOGIN:SSL_REQ_'PID'.COM
+$ WRITE OFILE "$ DEFINE /USER /NOLOG RANDFILE SYS$LOGIN:SSL_REQ_''PID'.RND"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$ERROR SYS$LOGIN:SSL_REQ_''PID'.LOG"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$OUTPUT SYS$LOGIN:SSL_REQ_''PID'.LOG"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$COMMAND SYS$INPUT"
+$ WRITE OFILE "$ OPENSSL req -config ''SSL_CONF_FILE' -new -x509 -days ''_default_days' -keyout ''_default_keyfile' -out ''_default_crtfile'"
+$ WRITE OFILE "''_pem_pass_phrase'"
+$ WRITE OFILE "''_pem_pass_phrase'"
+$ WRITE OFILE ""
+$ WRITE OFILE ""
+$ WRITE OFILE ""
+$ WRITE OFILE ""
+$ CLOSE OFILE
+$!
+$ @SYS$LOGIN:SSL_REQ_'PID'.COM
+$!
+$ DELETE/NOLOG/NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.RND;*
+$ DELETE/NOLOG/NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.COM;*
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ SEARCH SYS$LOGIN:SSL_REQ_'PID'.LOG /OUT=SYS$LOGIN:SSL_REQ_'PID'.ERR ":error:"
+$ IF F$SEARCH ("SYS$LOGIN:SSL_REQ_''PID'.ERR") .NES. ""
+$ THEN
+$ IF F$FILE_ATTRIBUTE ("SYS$LOGIN:SSL_REQ_''PID'.ERR","ALQ") .NE. 0
+$ THEN
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.ERR;*
+$ SAY ESC + "[''MSG_ROW';01H''BELL'''CEOS'"
+$ SHOW_FILE "SYS$LOGIN:SSL_REQ_''PID'.LOG" 'X1' 'Y1' 'X2' 'Y2' "< ERROR >"
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.LOG;*
+$ GOTO EXIT
+$ ENDIF
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.ERR;*
+$ ENDIF
+$!
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.LOG;*
+$!
+$ IF F$EDIT (_display_certificate,"TRIM,UPCASE") .EQS. "Y"
+$ THEN
+$ SAY ESC + "[''MSG_ROW';01H", BLNK, " Generating Output ...", NORM, CEOL
+$!
+$ OPEN /WRITE OFILE SYS$LOGIN:SSL_X509_'PID'.COM
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$ERROR SYS$LOGIN:SSL_X509_''PID'.LOG"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$OUTPUT SYS$LOGIN:SSL_X509_''PID'.LOG"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$COMMAND SYS$INPUT"
+$ WRITE OFILE "$ OPENSSL x509 -noout -text -in ''_default_crtfile'"
+$ CLOSE OFILE
+$!
+$ @SYS$LOGIN:SSL_X509_'PID'.COM
+$!
+$ DELETE/NOLOG/NOCONFIRM SYS$LOGIN:SSL_X509_'PID'.COM;*
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ SEARCH SYS$LOGIN:SSL_X509_'PID'.LOG /OUT=SYS$LOGIN:SSL_X509_'PID'.ERR ":error:"
+$ IF F$SEARCH ("SYS$LOGIN:SSL_X509_''PID'.ERR") .NES. ""
+$ THEN
+$ IF F$FILE_ATTRIBUTE ("SYS$LOGIN:SSL_X509_''PID'.ERR","ALQ") .NE. 0
+$ THEN
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_X509_'PID'.ERR;*
+$ SAY ESC + "[''MSG_ROW';01H''BELL'''CEOS'"
+$ SHOW_FILE "SYS$LOGIN:SSL_X509_''PID'.LOG" 'X1' 'Y1' 'X2' 'Y2' "< ERROR >"
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_X509_'PID'.LOG;*
+$ GOTO EXIT
+$ ENDIF
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_X509_'PID'.ERR;*
+$ ENDIF
+$!
+$ SAY ESC + "[''MSG_ROW';01H''CEOS'"
+$ SHOW_FILE "SYS$LOGIN:SSL_X509_''PID'.LOG" 'X1' 'Y1' 'X2' 'Y2' "< ''_default_crtfile' >"
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_X509_'PID'.LOG;*
+$ GOTO EXIT
+$ ENDIF
+$!
+$ TEXT = "Press return to continue"
+$ COL = (TT_COLS - F$LENGTH (TEXT)) / 2
+$!
+$ SAY ESC + "[''MSG_ROW';01H", CEOS
+$ PROMPT = ESC + "[''MSG_ROW';''COL'H''TEXT'"
+$ ASK "''PROMPT'" OPT
+$!
+$GOTO EXIT
+$!
+$!------------------------------------------------------------------------------
+$! Set the User Data
+$!------------------------------------------------------------------------------
+$!
+$SET_USER_DATA: SUBROUTINE
+$!
+$ IF F$TYPE (SSL_USER_DATA_MAX) .EQS. ""
+$ THEN
+$ SSL_USER_DATA_MAX == 1
+$ ELSE
+$ SSL_USER_DATA_MAX == SSL_USER_DATA_MAX + 1
+$ ENDIF
+$!
+$ SSL_USER_DATA_'SSL_USER_DATA_MAX' == "''P1'"
+$!
+$ EXIT
+$!
+$ ENDSUBROUTINE
+$!
+$!------------------------------------------------------------------------------
+$! Get the User Data
+$!------------------------------------------------------------------------------
+$!
+$GET_USER_DATA: SUBROUTINE
+$!
+$ CTR = 1
+$ USER_KEY = F$ELEMENT (0,"#",P1)
+$ USER_ITM = F$ELEMENT (1,"#",P1)
+$!
+$GET_USER_DATA_LOOP:
+$!
+$ IF CTR .LE. SSL_USER_DATA_MAX
+$ THEN
+$ KEY = F$ELEMENT (0,"#",SSL_USER_DATA_'CTR') ! Key Name
+$ ITM = F$ELEMENT (1,"#",SSL_USER_DATA_'CTR') ! Item Name
+$ VAL = F$ELEMENT (2,"#",SSL_USER_DATA_'CTR') ! Item Value Contains Default or Prompt
+$ DEF = F$ELEMENT (3,"#",SSL_USER_DATA_'CTR') ! Default Value
+$ PRM = F$ELEMENT (4,"#",SSL_USER_DATA_'CTR') ! Prompt Value
+$ IF USER_KEY .NES. KEY .OR. USER_ITM .NES. ITM
+$ THEN
+$ CTR = CTR + 1
+$ GOTO GET_USER_DATA_LOOP
+$ ENDIF
+$ IF VAL .EQS. "-" THEN SSL_USER_DATA == "''DEF'"
+$ IF VAL .EQS. "D" THEN SSL_USER_DATA == "''DEF'"
+$ IF VAL .EQS. "P" THEN SSL_USER_DATA == "''PRM'"
+$ ENDIF
+$!
+$ EXIT
+$!
+$ ENDSUBROUTINE
+$!
+$!------------------------------------------------------------------------------
+$! Delete the User Data
+$!------------------------------------------------------------------------------
+$!
+$DEL_USER_DATA: SUBROUTINE
+$!
+$ IF F$TYPE (SSL_USER_DATA_MAX) .EQS. "" THEN GOTO DEL_USER_DATA_END
+$!
+$DEL_USER_DATA_LOOP:
+$!
+$ IF F$TYPE (SSL_USER_DATA_'SSL_USER_DATA_MAX') .NES. ""
+$ THEN
+$ DELETE /SYMBOL /GLOBAL SSL_USER_DATA_'SSL_USER_DATA_MAX'
+$ SSL_USER_DATA_MAX == SSL_USER_DATA_MAX - 1
+$ GOTO DEL_USER_DATA_LOOP
+$ ENDIF
+$!
+$ DELETE /SYMBOL /GLOBAL SSL_USER_DATA_MAX
+$!
+$DEL_USER_DATA_END:
+$!
+$ IF F$TYPE (SSL_USER_DATA) .NES. "" THEN DELETE /SYMBOL /GLOBAL SSL_USER_DATA
+$!
+$ EXIT
+$!
+$ ENDSUBROUTINE
+$!
+$!------------------------------------------------------------------------------
+$! Display the invalid entry
+$!------------------------------------------------------------------------------
+$!
+$INVALID_ENTRY: SUBROUTINE
+$!
+$ SAY ESC + "[''MSG_ROW';01H", BELL, " Invalid Entry, Try again ...''CEOL'"
+$ Wait 00:00:01.5
+$ SAY ESC + "[''MSG_ROW';01H", CEOL
+$!
+$ EXIT
+$!
+$ ENDSUBROUTINE
+$!
+$!------------------------------------------------------------------------------
+$! Exit the procedure
+$!------------------------------------------------------------------------------
+$!
+$EXIT:
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ CLOSE OFILE
+$!
+$ DEL_USER_DATA
+$!
+$ IF F$TYPE (SSL_CONF_DATA) .NES. "" THEN DELETE /SYMBOL /GLOBAL SSL_CONF_DATA
+$!
+$ IF F$GETDVI ("TT:","TT_NOECHO") .AND. .NOT. TT_NOECHO THEN SET TERMINAL /ECHO
+$!
+$ IF F$SEARCH ("SYS$LOGIN:SSL_REQ_''PID'.%%%;*") .NES. "" THEN DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.%%%;*
+$ IF F$SEARCH ("SYS$LOGIN:SSL_X509_''PID'.%%%;*") .NES. "" THEN DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_X509_'PID'.%%%;*
+$!
+$ Verify = F$VERIFY (Verify)
+$!
+$ EXIT
diff --git a/VMS/cert_tool/ssl$auto_cert.com b/VMS/cert_tool/ssl$auto_cert.com
new file mode 100644
index 0000000000..39e4679e14
--- /dev/null
+++ b/VMS/cert_tool/ssl$auto_cert.com
@@ -0,0 +1,101 @@
+$!
+$!------------------------------------------------------------------------------
+$! SSL$AUTO_CERT.COM - SSL Automatic Self-Signed Certificate procedure
+$!------------------------------------------------------------------------------
+$!
+$ Verify = F$VERIFY (0)
+$!
+$ Set NoOn
+$ Set NoControl=Y
+$!
+$!------------------------------------------------------------------------------
+$! Define Symbols
+$!------------------------------------------------------------------------------
+$!
+$ OPENSSL :== $ SSL$EXE:OPENSSL
+$ HOSTNAME :== $ SSL$EXE:SSL$HOSTNAME
+$!
+$ HOSTNAME -s HOST_NAME
+$ PID = F$GETJPI ("","PID")
+$ USER = F$EDIT (F$GETJPI ("","USERNAME"),"TRIM")
+$ KEY_FILE = "SSL$KEY:SERVER.KEY"
+$ CRT_FILE = "SSL$CRT:SERVER.CRT"
+$!
+$!------------------------------------------------------------------------------
+$! Create a Temporary SSL Configuration
+$!------------------------------------------------------------------------------
+$!
+$ OPEN /WRITE CFILE SYS$LOGIN:SSL_'PID'.CNF
+$ WRITE CFILE "[req]"
+$ WRITE CFILE "default_bits = 1024"
+$ WRITE CFILE "distinguished_name = REQ_distinguished_name"
+$ WRITE CFILE "[REQ_distinguished_name]"
+$ WRITE CFILE "countryName = Country Name ?"
+$ WRITE CFILE "countryName_default = "
+$ WRITE CFILE "stateOrProvinceName = State or Province Name ?"
+$ WRITE CFILE "stateOrProvinceName_default = "
+$ WRITE CFILE "localityName = City Name ?"
+$ WRITE CFILE "localityName_default = "
+$ WRITE CFILE "0.organizationName = Organization Name ?"
+$ WRITE CFILE "0.organizationName_default = "
+$ WRITE CFILE "organizationalUnitName = Organization Unit Name ?
+$ WRITE CFILE "organizationalUnitName_default = "
+$ WRITE CFILE "commonName = Common Name ?"
+$ WRITE CFILE "commonName_default = ''HOST_NAME'"
+$ WRITE CFILE "emailAddress = Email Address ?"
+$ WRITE CFILE "emailAddress_default = ''USER'@''HOST_NAME'"
+$ CLOSE CFILE
+$!
+$!------------------------------------------------------------------------------
+$! Create the Self-Signed Server Certificiate
+$!------------------------------------------------------------------------------
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ SHOW SYSTEM /FULL /OUT=SYS$LOGIN:SSL_'PID'.RND
+$!
+$ OPEN /WRITE OFILE SYS$LOGIN:SSL_'PID'.COM
+$ WRITE OFILE "$ DEFINE /USER /NOLOG RANDFILE SYS$LOGIN:SSL_''PID'.RND"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$ERROR SYS$LOGIN:SSL_''PID'.LOG"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$OUTPUT SYS$LOGIN:SSL_''PID'.LOG"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$COMMAND SYS$INPUT"
+$ WRITE OFILE "$ OPENSSL req -nodes -new -days 30 -x509 -config SYS$LOGIN:SSL_''PID'.CNF -keyout ''KEY_FILE' -out ''CRT_FILE'"
+$ WRITE OFILE ""
+$ WRITE OFILE ""
+$ WRITE OFILE ""
+$ WRITE OFILE ""
+$ WRITE OFILE ""
+$ WRITE OFILE ""
+$ WRITE OFILE ""
+$ CLOSE OFILE
+$!
+$ @SYS$LOGIN:SSL_'PID'.COM
+$!
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_'PID'.CNF;*
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_'PID'.RND;*
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_'PID'.COM;*
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ SEARCH SYS$LOGIN:SSL_'PID'.LOG /OUT=SYS$LOGIN:SSL_'PID'.ERR ":error:"
+$!
+$ IF F$SEARCH ("SYS$LOGIN:SSL_''PID'.ERR") .NES. ""
+$ THEN
+$ IF F$FILE_ATTRIBUTE ("SYS$LOGIN:SSL_''PID'.ERR","ALQ") .NE. 0
+$ THEN
+$ TYPE SYS$LOGIN:SSL_'PID'.LOG
+$ ENDIF
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_'PID'.ERR;*
+$ ENDIF
+$!
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_'PID'.LOG;*
+$!
+$!------------------------------------------------------------------------------
+$! Exit
+$!------------------------------------------------------------------------------
+$!
+$EXIT:
+$!
+$ Verify = F$VERIFY (Verify)
+$!
+$ EXIT
diff --git a/VMS/cert_tool/ssl$cert_tool.com b/VMS/cert_tool/ssl$cert_tool.com
new file mode 100644
index 0000000000..4c64b89b7d
--- /dev/null
+++ b/VMS/cert_tool/ssl$cert_tool.com
@@ -0,0 +1,231 @@
+$!
+$!------------------------------------------------------------------------------
+$! SSL$CERT_TOOL.COM - SSL Certificate Tool procedure
+$!------------------------------------------------------------------------------
+$!
+$ Verify = F$VERIFY (0)
+$ Set NoOn
+$ Set NoControl=Y
+$!
+$!------------------------------------------------------------------------------
+$! Description
+$!------------------------------------------------------------------------------
+$!
+$! This procedure provides the user a menu from which they can choose desired
+$! SSL Certificate processing.
+$!
+$! There are no parameters used.
+$!
+$!------------------------------------------------------------------------------
+$! Define symbols
+$!------------------------------------------------------------------------------
+$!
+$ DELETE := DELETE
+$ SAY := WRITE SYS$OUTPUT
+$ ASK := READ SYS$COMMAND /END_OF_FILE=EXIT /PROMPT=
+$ On Control_Y THEN GOTO EXIT
+$ Set Control=Y
+$!
+$ TT_ROWS = f$getdvi ("TT:","TT_PAGE")
+$ TT_COLS = f$getdvi ("TT:","DEVBUFSIZ")
+$!
+$ SET_MENU_DATA := CALL SET_MENU_DATA
+$ DEL_MENU_DATA := CALL DEL_MENU_DATA
+$!
+$ ESC[0,8] = 27 ! Set the Escape Character
+$ BELL[0,8] = 7 ! Ring the terminal Bell
+$ RED = 1 ! Color - Red
+$ FGD = 30 ! Foreground
+$ BGD = 0 ! Background
+$ CSCR = ESC + "[2J" ! Clear the Screen
+$ CEOS = ESC + "[0J" ! Clear to the End of the Screen
+$ CEOL = ESC + "[0K" ! Clear to the End of the Line
+$ NORM = ESC + "[0m" ! Turn Attributes off
+$ BOLD = ESC + "[1m" ! Turn on BOLD Attribute
+$ WIDE = ESC + "#6" ! Turn on WIDE Attribute
+$!
+$!------------------------------------------------------------------------------
+$! Run the SSL setup if it hasn't been run yet
+$!------------------------------------------------------------------------------
+$!
+$ IF F$TRNLNM ("SSL$CA_CONF") .EQS. ""
+$ THEN
+$ IF F$SEARCH ("SSL$COM:SSL$INIT_ENV.COM") .NES. ""
+$ THEN
+$ @SSL$COM:SSL$INIT_ENV.COM
+$ ELSE
+$ SAY BELL, "Unable to locate SSL$COM:SSL$INIT_ENV.COM ..."
+$ GOTO EXIT
+$ ENDIF
+$ ENDIF
+$!
+$!------------------------------------------------------------------------------
+$! Initialize the Menu Items
+$!------------------------------------------------------------------------------
+$!
+$ SET_MENU_DATA "View a Certificate#@SSL$COM:SSL$VIEW_CERT.COM CRT"
+$ SET_MENU_DATA "View a Certificate Signing Request#@SSL$COM:SSL$VIEW_CERT.COM CSR"
+$ SET_MENU_DATA "Create a Certificate Signing Request#@SSL$COM:SSL$RQST_CERT.COM"
+$ SET_MENU_DATA "Create a Self-Signed Certificate#@SSL$COM:SSL$SELF_CERT.COM"
+$ SET_MENU_DATA "Create a CA (Certification Authority) Certificate#@SSL$COM:SSL$AUTH_CERT.COM"
+$ SET_MENU_DATA "Sign a Certificate Signing Request#@SSL$COM:SSL$SIGN_CERT.COM"
+$ SET_MENU_DATA "Hash Certificates#@SSL$COM:SSL$HASH_CERT.COM CRT"
+$ SET_MENU_DATA "Hash Certificate Revocations#@SSL$COM:SSL$HASH_CERT.COM CRL"
+$ SET_MENU_DATA "Exit#GOTO EXIT"
+$!
+$!------------------------------------------------------------------------------
+$! Display the Page Header
+$!------------------------------------------------------------------------------
+$!
+$PAGE_LOOP:
+$!
+$ BCOLOR = BGD
+$ FCOLOR = FGD + RED
+$ COLOR = ESC + "[''BCOLOR';''FCOLOR'm"
+$!
+$ TEXT = "SSL Certificate Tool"
+$ COL = (TT_COLS - (F$LENGTH (TEXT) * 2)) / 4
+$!
+$ SAY ESC + "[01;01H", CSCR
+$ SAY ESC + "[02;''COL'H", COLOR, WIDE, TEXT, NORM
+$!
+$ TEXT = "Main Menu"
+$ COL = (TT_COLS - F$LENGTH (TEXT)) / 2
+$!
+$ SAY ESC + "[04;01H"
+$ SAY ESC + "[04;''COL'H", COLOR, TEXT, NORM
+$!
+$ CTR = 1
+$ ROW = 6
+$ COL = (TT_COLS - (SSL_MENU_ITEM_MAX + 4)) / 2
+$ TOP_ROW = ROW
+$ SEP_ROWS = 2
+$ MSG_ROW = TT_ROWS - 1
+$!
+$!------------------------------------------------------------------------------
+$! Process the menu options
+$!------------------------------------------------------------------------------
+$!
+$MENU_LOOP:
+$!
+$ IF CTR .LE. SSL_MENU_DATA_MAX
+$ THEN
+$ OPT = F$ELEMENT (0,"#",SSL_MENU_DATA_'CTR') ! Option String
+$ CMD = F$ELEMENT (1,"#",SSL_MENU_DATA_'CTR') ! Command String
+$ IF ROW .GE. (MSG_ROW - (SEP_ROWS + 2)) .AND. SEP_ROWS .GT. 1
+$ THEN
+$ SAY ESC + "[''TOP_ROW';01H", CEOS
+$ ROW = TOP_ROW
+$ SEP_ROWS = 1
+$ CTR = 1
+$ ELSE
+$ NUM = F$FAO ("!2SL", CTR)
+$ SAY ESC + "[''ROW';''COL'H", BOLD, "''NUM'. ", NORM, "''OPT'"
+$ ROW = ROW + SEP_ROWS
+$ CTR = CTR + 1
+$ ENDIF
+$ GOTO MENU_LOOP
+$ ENDIF
+$!
+$ ROW = ROW + 1
+$!
+$!------------------------------------------------------------------------------
+$! Prompt the user for input
+$!------------------------------------------------------------------------------
+$!
+$PROMPT_LOOP:
+$!
+$ PROMPT = ESC + "[''ROW';''COL'HEnter Option: ''CEOL'"
+$ ASK "''PROMPT'" OPT /END_OF_FILE=EXIT
+$ OPT = F$EDIT (OPT, "TRIM")
+$ IF OPT .EQS. "" THEN GOTO PROMPT_LOOP
+$!
+$ IF F$TYPE (OPT) .NES. "INTEGER" .OR. -
+ F$INTEGER (OPT) .LE. 0 .OR. -
+ F$INTEGER (OPT) .GT. SSL_MENU_DATA_MAX
+$ THEN
+$ CALL INVALID_OPTION
+$ GOTO PROMPT_LOOP
+$ ENDIF
+$!
+$ CMD = F$ELEMENT (1,"#",SSL_MENU_DATA_'OPT')
+$!
+$ 'CMD'
+$!
+$ GOTO PAGE_LOOP
+$!
+$!------------------------------------------------------------------------------
+$! Set the Menu Data
+$!------------------------------------------------------------------------------
+$!
+$SET_MENU_DATA: SUBROUTINE
+$!
+$ IF F$TYPE (SSL_MENU_DATA_MAX) .EQS. ""
+$ THEN
+$ SSL_MENU_DATA_MAX == 1
+$ SSL_MENU_ITEM_MAX == 0
+$ ELSE
+$ SSL_MENU_DATA_MAX == SSL_MENU_DATA_MAX + 1
+$ ENDIF
+$!
+$ SSL_MENU_DATA_'SSL_MENU_DATA_MAX' == "''P1'"
+$!
+$ MENU_ITEM = F$ELEMENT (0,"#",SSL_MENU_DATA_'SSL_MENU_DATA_MAX')
+$ IF F$LENGTH (MENU_ITEM) .GT. SSL_MENU_ITEM_MAX THEN SSL_MENU_ITEM_MAX == F$LENGTH (MENU_ITEM)
+$!
+$ EXIT
+$!
+$ ENDSUBROUTINE
+$!
+$!------------------------------------------------------------------------------
+$! Delete the Menu Data
+$!------------------------------------------------------------------------------
+$!
+$DEL_MENU_DATA: SUBROUTINE
+$!
+$ IF F$TYPE (SSL_MENU_DATA_MAX) .EQS. "" THEN GOTO DEL_MENU_DATA_END
+$!
+$DEL_MENU_DATA_LOOP:
+$!
+$ IF F$TYPE (SSL_MENU_DATA_'SSL_MENU_DATA_MAX') .NES. ""
+$ THEN
+$ DELETE /SYMBOL /GLOBAL SSL_MENU_DATA_'SSL_MENU_DATA_MAX'
+$ SSL_MENU_DATA_MAX == SSL_MENU_DATA_MAX - 1
+$ GOTO DEL_MENU_DATA_LOOP
+$ ENDIF
+$!
+$ DELETE /SYMBOL /GLOBAL SSL_MENU_DATA_MAX
+$!
+$DEL_MENU_DATA_END:
+$!
+$ IF F$TYPE (SSL_MENU_ITEM_MAX) .NES. "" THEN DELETE /SYMBOL /GLOBAL SSL_MENU_ITEM_MAX
+$!
+$ EXIT
+$!
+$ ENDSUBROUTINE
+$!
+$!------------------------------------------------------------------------------
+$! Display the invalid entry
+$!------------------------------------------------------------------------------
+$!
+$INVALID_OPTION: SUBROUTINE
+$!
+$ SAY ESC + "[''MSG_ROW';01H", BELL, " Invalid Option, Try again ...''CEOL'"
+$ Wait 00:00:01.5
+$ SAY ESC + "[''MSG_ROW';01H", CEOL
+$!
+$ EXIT
+$!
+$ ENDSUBROUTINE
+$!
+$!------------------------------------------------------------------------------
+$! Exit
+$!------------------------------------------------------------------------------
+$!
+$EXIT:
+$!
+$ DEL_MENU_DATA
+$!
+$ Verify = F$VERIFY (Verify)
+$!
+$ EXIT
diff --git a/VMS/cert_tool/ssl$conf_util.com b/VMS/cert_tool/ssl$conf_util.com
new file mode 100644
index 0000000000..80c11092a7
--- /dev/null
+++ b/VMS/cert_tool/ssl$conf_util.com
@@ -0,0 +1,220 @@
+$!
+$!------------------------------------------------------------------------------
+$! SSL$CONF_UTIL.COM - SSL Configuration Utility procedure
+$!------------------------------------------------------------------------------
+$!
+$ Verify = F$VERIFY (0)
+$ Set NoOn
+$ Set NoControl=Y
+$!
+$!------------------------------------------------------------------------------
+$! Description
+$!------------------------------------------------------------------------------
+$!
+$! This procedure gets or sets a given key item in a SSL configuration file.
+$! The parameters used are:
+$!
+$! P1 - SSL Configuration File
+$! P2 - SSL Configuration Function (i.e. GET/SET)
+$! P3 - SSL Configuration Key/Item (delimited by '#')
+$! P4 - SSL Configuration Key/Item Value (for SET function only)
+$!
+$!------------------------------------------------------------------------------
+$! Define symbols
+$!------------------------------------------------------------------------------
+$!
+$ SSL_CONF_DATA == ""
+$ SAY := WRITE SYS$OUTPUT
+$ ASK := READ SYS$COMMAND /END_OF_FILE=EXIT /PROMPT=
+$ On Control_Y THEN GOTO EXIT
+$ Set Control=Y
+$!
+$!------------------------------------------------------------------------------
+$! Process parameters
+$!------------------------------------------------------------------------------
+$!
+$ KEY_FOUND = 0
+$ ITM_FOUND = 0
+$ P1 = F$EDIT (P1,"TRIM")
+$ P2 = F$EDIT (P2,"TRIM,UPCASE")
+$ KEY = F$ELEMENT (0,"#",P3)
+$ ITM = F$ELEMENT (1,"#",P3)
+$!
+$!------------------------------------------------------------------------------
+$! Process the configuration function
+$!------------------------------------------------------------------------------
+$!
+$ IF P2 .EQS. "GET" THEN GOSUB GET_CONF_DATA
+$ IF P2 .EQS. "SET" THEN GOSUB SET_CONF_DATA
+$!
+$ GOTO EXIT
+$!
+$!------------------------------------------------------------------------------
+$! Get the configuration data
+$!------------------------------------------------------------------------------
+$!
+$GET_CONF_DATA:
+$!
+$ OPEN /READ /ERROR=OPEN_ERROR IFILE 'P1'
+$!
+$GET_CONF_DATA_LOOP:
+$!
+$ READ /ERROR=READ_ERROR /END_OF_FILE=GET_CONF_DATA_END IFILE IREC
+$!
+$ SREC = IREC
+$ IPOS = F$LOCATE ("#",IREC)
+$ IF IPOS .NE. F$LENGTH (IREC) THEN IREC = F$EXTRACT (0,IPOS,IREC)
+$ IREC = F$EDIT (IREC,"COLLAPSE")
+
+$ IF IREC .EQS. "" THEN GOTO GET_CONF_DATA_LOOP
+$!
+$ IF IREC .EQS. KEY
+$ THEN
+$ KEY_FOUND = 1
+$ GOTO GET_CONF_DATA_LOOP
+$ ENDIF
+$!
+$ IF KEY_FOUND .EQ. 1
+$ THEN
+$ IF F$EXTRACT (0,1,IREC) .EQS. "[" .AND. F$EXTRACT (F$LENGTH (IREC)-1,1,IREC) .EQS. "]"
+$ THEN
+$ SSL_CONF_DATA == ""
+$ GOTO GET_CONF_DATA_END
+$ ENDIF
+$!
+$ IF ITM .EQS. F$EDIT (F$ELEMENT (0,"=",IREC),"TRIM")
+$ THEN
+$ VAL = F$EDIT (F$ELEMENT (1,"=",SREC),"TRIM")
+$ SSL_CONF_DATA == "''VAL'"
+$ GOTO GET_CONF_DATA_END
+$ ENDIF
+$ ENDIF
+$!
+$ GOTO GET_CONF_DATA_LOOP
+$!
+$GET_CONF_DATA_END:
+$!
+$ CLOSE /ERROR=CLOSE_ERROR IFILE
+$!
+$ RETURN
+$!
+$!------------------------------------------------------------------------------
+$! Set the configuration data
+$!------------------------------------------------------------------------------
+$!
+$SET_CONF_DATA:
+$!
+$ IF F$SEARCH ("''P1'") .EQS. "" THEN CREATE /NOLOG 'P1'
+$!
+$ OPEN /READ /ERROR=OPEN_ERROR IFILE 'P1'
+$ OPEN /WRITE /ERROR=OPEN_ERROR OFILE 'P1'
+$!
+$SET_CONF_DATA_LOOP:
+$!
+$ READ /ERROR=READ_ERROR /END_OF_FILE=SET_CONF_DATA_END IFILE IREC
+$!
+$ IF ITM_FOUND .EQ. 1
+$ THEN
+$ WRITE /ERROR=WRITE_ERROR OFILE IREC
+$ GOTO SET_CONF_DATA_LOOP
+$ ENDIF
+$!
+$ SREC = IREC
+$ IPOS = F$LOCATE ("#",IREC)
+$ IF IPOS .NE. F$LENGTH (IREC) THEN IREC = F$EXTRACT (0,IPOS,IREC)
+$ IREC = F$EDIT (IREC,"COLLAPSE")
+$!
+$ IF IREC .EQS. ""
+$ THEN
+$ WRITE /ERROR=WRITE_ERROR OFILE SREC
+$ GOTO SET_CONF_DATA_LOOP
+$ ENDIF
+$!
+$ IF IREC .EQS. KEY
+$ THEN
+$ KEY_FOUND = 1
+$ WRITE /ERROR=WRITE_ERROR OFILE SREC
+$ GOTO SET_CONF_DATA_LOOP
+$ ENDIF
+$!
+$ IF KEY_FOUND .EQ. 1
+$ THEN
+$ IF F$EXTRACT (0,1,IREC) .EQS. "[" .AND. F$EXTRACT (F$LENGTH (IREC)-1,1,IREC) .EQS. "]"
+$ THEN
+$ WRITE /ERROR=WRITE_ERROR OFILE "''ITM' = ''P4'"
+$ WRITE /ERROR=WRITE_ERROR OFILE SREC
+$ ITM_FOUND = 1
+$ GOTO SET_CONF_DATA_LOOP
+$ ENDIF
+$!
+$ IF ITM .EQS. F$EDIT (F$ELEMENT (0,"=",IREC),"TRIM")
+$ THEN
+$ WRITE /ERROR=WRITE_ERROR OFILE "''ITM' = ''P4'"
+$ ITM_FOUND = 1
+$ GOTO SET_CONF_DATA_LOOP
+$ ENDIF
+$ ENDIF
+$!
+$ WRITE /ERROR=WRITE_ERROR OFILE SREC
+$!
+$ GOTO SET_CONF_DATA_LOOP
+$!
+$SET_CONF_DATA_END:
+$!
+$ IF KEY_FOUND .EQ. 0
+$ THEN
+$ WRITE /ERROR=WRITE_ERROR OFILE "''KEY'"
+$ WRITE /ERROR=WRITE_ERROR OFILE "''ITM' = ''P4'"
+$ ENDIF
+$!
+$ IF KEY_FOUND .EQ. 1 .AND. ITM_FOUND .EQ. 0
+$ THEN
+$ WRITE /ERROR=WRITE_ERROR OFILE "''ITM' = ''P4'"
+$ ENDIF
+$!
+$ CLOSE IFILE
+$ CLOSE OFILE
+$!
+$ RETURN
+$!
+$!------------------------------------------------------------------------------
+$! File Errors
+$!------------------------------------------------------------------------------
+$!
+$OPEN_ERROR:
+$!
+$ SAY "Open error for file ''P1' ... aborting ''P2'"
+$ GOTO EXIT
+$!
+$READ_ERROR:
+$!
+$ SAY "Read error for file ''P1' ... aborting ''P2'"
+$ GOTO EXIT
+$!
+$WRITE_ERROR:
+$!
+$ SAY "Write error for file ''P1' ... aborting ''P2'"
+$ GOTO EXIT
+$!
+$CLOSE_ERROR:
+$!
+$ SAY "Close error for file ''P1' ... aborting ''P2'"
+$ GOTO EXIT
+$!
+$!------------------------------------------------------------------------------
+$! Exit
+$!------------------------------------------------------------------------------
+$!
+$EXIT:
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ CLOSE IFILE
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ CLOSE OFILE
+$!
+$ Verify = F$VERIFY (Verify)
+$!
+$ EXIT 1
diff --git a/VMS/cert_tool/ssl$draw_box.com b/VMS/cert_tool/ssl$draw_box.com
new file mode 100644
index 0000000000..58ced48d15
--- /dev/null
+++ b/VMS/cert_tool/ssl$draw_box.com
@@ -0,0 +1,109 @@
+$!
+$!------------------------------------------------------------------------------
+$! SSL$DRAW_BOX.COM - SSL Draw Box procedure
+$!------------------------------------------------------------------------------
+$!
+$ Verify = F$VERIFY (0)
+$ Set NoOn
+$ Set NoControl=Y
+$!
+$!------------------------------------------------------------------------------
+$! Description
+$!------------------------------------------------------------------------------
+$!
+$! This procedure draws a box with the specified coordinates.
+$!
+$! The parameters used are:
+$!
+$! P1 - X1 coordinate
+$! P2 - Y1 coordinate
+$! P3 - X2 coordinate
+$! P4 - Y3 coordinate
+$! P5 - Box Header (Optional)
+$! P6 - Box Footer (Optional)
+$! P7 - Fill Box (Optional)
+$!
+$!------------------------------------------------------------------------------
+$! Define symbols
+$!------------------------------------------------------------------------------
+$!
+$ SAY := WRITE SYS$OUTPUT
+$ On Control_Y THEN GOTO EXIT
+$ Set Control=Y
+$!
+$ FILL_BOX := @SSL$COM:SSL$FILL_BOX
+$!
+$ ESC[0,8] = 27 ! Set the Escape Character
+$ GRPH_ON[0,8] = 14 ! Turn GRAPHICS mode On
+$ GRPH_OFF[0,8] = 15 ! Turn GRAPHICS mode Off
+$ NORM = ESC + "[0m" ! Turn Attributes off
+$ BOLD = ESC + "[1m" ! Turn on BOLD Attribute
+$!
+$!------------------------------------------------------------------------------
+$! Draw the box
+$!------------------------------------------------------------------------------
+$!
+$ X1 = F$INTEGER (P1)
+$ Y1 = F$INTEGER (P2)
+$ X2 = F$INTEGER (P3)
+$ Y2 = F$INTEGER (P4)
+$!
+$ ROW = Y1 + 1
+$ COL = X1 + 1
+$ SIDE1 = X1
+$ SIDE2 = X2 + 1
+$ TOP = "l" + F$FAO("!#*q", x2 - x1) + "k"
+$ BOT = "m" + F$FAO("!#*q", x2 - x1) + "j"
+$!
+$ SAY ESC + "[''Y1';''X1'H", BOLD, GRPH_ON, TOP, GRPH_OFF, NORM
+$!
+$SIDES:
+$!
+$ SAY ESC + "[''ROW';''SIDE1'H",BOLD,GRPH_ON,"x",GRPH_OFF,NORM
+$ SAY ESC + "[''ROW';''SIDE2'H",BOLD,GRPH_ON,"x",GRPH_OFF,NORM
+$!
+$ IF ROW .LT. Y2
+$ THEN
+$ ROW = ROW + 1
+$ GOTO SIDES
+$ ENDIF
+$!
+$ SAY ESC + "[''Y2';''X1'H", BOLD, GRPH_ON, BOT, GRPH_OFF, NORM
+$!
+$ IF P5 .NES. ""
+$ THEN
+$ IF F$LENGTH(P5) .GT. X2 - X1
+$ THEN
+$ HEADER = F$EXTRACT (0, (X2 - X1 - 4), P5)
+$ ELSE
+$ HEADER = P5
+$ ENDIF
+$ COL = X1 + ((X2 - X1 - F$LENGTH(HEADER)) / 2)
+$ SAY ESC + "[''Y1';''COL'H''BOLD'''HEADER'''NORM'"
+$ ENDIF
+$!
+$ IF P6 .NES. ""
+$ THEN
+$ IF F$LENGTH(P6) .GT. X2 - X1
+$ THEN
+$ FOOTER = F$EXTRACT (0, (X2 - X1 - 4), P6)
+$ ELSE
+$ FOOTER = P6
+$ ENDIF
+$ COL = X1 + ((X2 - X1 - F$LENGTH(FOOTER)) / 2)
+$ SAY ESC + "[''Y2';''COL'H''BOLD'''FOOTER'''NORM'"
+$ ENDIF
+$!
+$ IF P7 .EQS. "" .OR. P7 .EQS. "Y" THEN FILL_BOX 'X1' 'Y1' 'X2' 'Y2'
+$!
+$ GOTO EXIT
+$!
+$!------------------------------------------------------------------------------
+$! Exit
+$!------------------------------------------------------------------------------
+$!
+$EXIT:
+$!
+$ Verify = F$VERIFY (Verify)
+$!
+$ EXIT
diff --git a/VMS/cert_tool/ssl$exit_cmd.tpu b/VMS/cert_tool/ssl$exit_cmd.tpu
new file mode 100644
index 0000000000..89f0dc1c86
--- /dev/null
+++ b/VMS/cert_tool/ssl$exit_cmd.tpu
@@ -0,0 +1 @@
+EXIT
diff --git a/VMS/cert_tool/ssl$fill_box.com b/VMS/cert_tool/ssl$fill_box.com
new file mode 100644
index 0000000000..704ec6b4d2
--- /dev/null
+++ b/VMS/cert_tool/ssl$fill_box.com
@@ -0,0 +1,65 @@
+$!
+$!------------------------------------------------------------------------------
+$! SSL$FILL_BOX.COM - SSL Fill Box procedure
+$!------------------------------------------------------------------------------
+$!
+$ Verify = F$VERIFY (0)
+$ Set NoOn
+$ Set NoControl=Y
+$!
+$!------------------------------------------------------------------------------
+$! Description
+$!------------------------------------------------------------------------------
+$!
+$! This procedure draws a box with the specified coordinates.
+$!
+$! The parameters used are:
+$!
+$! P1 - X1 coordinate
+$! P2 - Y1 coordinate
+$! P3 - X2 coordinate
+$! P4 - Y2 coordinate
+$!
+$!------------------------------------------------------------------------------
+$! Define symbols
+$!------------------------------------------------------------------------------
+$!
+$ SAY := WRITE SYS$OUTPUT
+$ On Control_Y THEN GOTO EXIT
+$ Set Control=Y
+$!
+$ ESC[0,8] = 27 ! Set the Escape Character
+$!
+$!------------------------------------------------------------------------------
+$! Draw the box
+$!------------------------------------------------------------------------------
+$!
+$ X1 = F$INTEGER (P1)
+$ Y1 = F$INTEGER (P2)
+$ X2 = F$INTEGER (P3)
+$ Y2 = F$INTEGER (P4)
+$!
+$ ROW = Y1 + 1
+$ COL = X1 + 1
+$ FILL = F$FAO("!#* ", X2 - X1)
+$!
+$FILL_LOOP:
+$!
+$ IF ROW .LT. Y2
+$ THEN
+$ SAY ESC + "[''ROW';''COL'H",FILL
+$ ROW = ROW + 1
+$ GOTO FILL_LOOP
+$ ENDIF
+$!
+$ GOTO EXIT
+$!
+$!------------------------------------------------------------------------------
+$! Exit
+$!------------------------------------------------------------------------------
+$!
+$EXIT:
+$!
+$ Verify = F$VERIFY (Verify)
+$!
+$ EXIT
diff --git a/VMS/cert_tool/ssl$hash_cert.com b/VMS/cert_tool/ssl$hash_cert.com
new file mode 100644
index 0000000000..fef0677316
--- /dev/null
+++ b/VMS/cert_tool/ssl$hash_cert.com
@@ -0,0 +1,235 @@
+$!
+$!------------------------------------------------------------------------------
+$! SSL$HASH_CERT.COM - SSL Hash Certificate procedure
+$!------------------------------------------------------------------------------
+$!
+$ Verify = F$VERIFY (0)
+$ Set NoOn
+$ Set NoControl=Y
+$!
+$!------------------------------------------------------------------------------
+$! Description
+$!------------------------------------------------------------------------------
+$!
+$! This procedure prompts the user through hashing Certificates.
+$!
+$! The parameters used are:
+$!
+$! P1 - Certificate or Certificate Revocation List (i.e. "CRT" or "CRL")
+$!
+$!------------------------------------------------------------------------------
+$! Define symbols
+$!------------------------------------------------------------------------------
+$!
+$ DELETE := DELETE
+$ SAY := WRITE SYS$OUTPUT
+$ ASK := READ SYS$COMMAND /END_OF_FILE=EXIT /PROMPT=
+$ On Control_Y THEN GOTO EXIT
+$ Set Control=Y
+$!
+$ TT_ROWS = F$GETDVI ("TT:","TT_PAGE")
+$ TT_COLS = F$GETDVI ("TT:","DEVBUFSIZ")
+$!
+$ INIT_TERM := @SSL$COM:SSL$INIT_TERM
+$!
+$ ESC[0,8] = 27 ! Set the Escape Character
+$ BELL[0,8] = 7 ! Ring the terminal Bell
+$ RED = 1 ! Color - Red
+$ FGD = 30 ! Foreground
+$ BGD = 0 ! Background
+$ CSCR = ESC + "[2J" ! Clear the Screen
+$ CEOS = ESC + "[0J" ! Clear to the End of the Screen
+$ CEOL = ESC + "[0K" ! Clear to the End of the Line
+$ NORM = ESC + "[0m" ! Turn Attributes off
+$ BLNK = ESC + "[5m" ! Turn on BLINK Attribute
+$ WIDE = ESC + "#6" ! Turn on WIDE Attribute
+$!
+$!------------------------------------------------------------------------------
+$! Run the SSL setup if it hasn't been run yet
+$!------------------------------------------------------------------------------
+$!
+$ IF F$TRNLNM ("SSL$ROOT") .EQS. ""
+$ THEN
+$ IF F$SEARCH ("SSL$COM:SSL$INIT_ENV.COM") .NES. ""
+$ THEN
+$ @SSL$COM:SSL$INIT_ENV.COM
+$ ELSE
+$ SAY BELL, "Unable to locate SSL$COM:SSL$INIT_ENV.COM ..."
+$ GOTO EXIT
+$ ENDIF
+$ ENDIF
+$!
+$!------------------------------------------------------------------------------
+$! Display the Page Header
+$!------------------------------------------------------------------------------
+$!
+$ INIT_TERM
+$ BCOLOR = BGD
+$ FCOLOR = FGD + RED
+$ COLOR = ESC + "[''BCOLOR';''FCOLOR'm"
+$!
+$ TEXT = "SSL Certificate Tool"
+$ COL = (TT_COLS - (F$LENGTH (TEXT) * 2)) / 4
+$!
+$ SAY ESC + "[01;01H", CSCR
+$ SAY ESC + "[02;''COL'H", COLOR, WIDE, TEXT, NORM
+$!
+$ IF P1 .EQS. "CRT"
+$ THEN
+$ TEXT = "Hash Certification Authorities"
+$ ELSE
+$ TEXT = "Hash Certificate Revocations"
+$ ENDIF
+$ COL = (TT_COLS - F$LENGTH (TEXT)) / 2
+$!
+$ SAY ESC + "[04;01H"
+$ SAY ESC + "[04;''COL'H", COLOR, TEXT, NORM
+$!
+$ CTR = 1
+$ ROW = 6
+$ COL = 2
+$ TOP_ROW = ROW
+$ MSG_ROW = TT_ROWS - 1
+$!
+$!------------------------------------------------------------------------------
+$! Initialize the Request Data
+$!------------------------------------------------------------------------------
+$!
+$ IF P1 .EQS. "CRT"
+$ THEN
+$ PRM = "Certificate Path:"
+$ DEF = "SSL$CRT:*.CRT"
+$ ENDIF
+$!
+$ IF P1 .EQS. "CRL"
+$ THEN
+$ PRM = "Certificate Revocation Path:"
+$ DEF = "SSL$CRT:*.CRL"
+$ ENDIF
+$!
+$ SAY ESC + "[''MSG_ROW';01H", CEOS
+$!
+$!------------------------------------------------------------------------------
+$! Confirm/Update the SSL Configuration Data
+$!------------------------------------------------------------------------------
+$!
+$PROMPT_LOOP:
+$!
+$ PROMPT = ESC + "[''ROW';''COL'H''PRM' ? [''DEF'] ''CEOL'"
+$ ASK "''PROMPT'" _hash_path_name
+$ _hash_path_name = F$EDIT (_hash_path_name,"TRIM")
+$ IF _hash_path_name .EQS. "" THEN _hash_path_name = DEF
+$!
+$ HASH_DEV = F$PARSE (_hash_path_name,DEF,,"DEVICE")
+$ HASH_DIR = F$PARSE (_hash_path_name,DEF,,"DIRECTORY")
+$ HASH_NAM = F$PARSE (_hash_path_name,DEF,,"NAME")
+$ HASH_TYP = F$PARSE (_hash_path_name,DEF,,"TYPE")
+$ _hash_path_name = HASH_DEV + HASH_DIR + HASH_NAM + HASH_TYP
+$!
+$!------------------------------------------------------------------------------
+$! Create the Certificiate Hashes
+$!------------------------------------------------------------------------------
+$!
+$ IF P1 .EQS. "CRT"
+$ THEN
+$ SAY ESC + "[''MSG_ROW';01H", BLNK, " Hashing Certificate Authorities ...", NORM, CEOL
+$ ENDIF
+$!
+$ IF P1 .EQS. "CRL"
+$ THEN
+$ SAY ESC + "[''MSG_ROW';01H", BLNK, " Hashing Certificate Revocations ...", NORM, CEOL
+$ ENDIF
+$!
+$ IF F$SEARCH ("''HASH_DEV'''HASH_DIR'DELETE_HASH_FILES.COM") .NES. ""
+$ THEN
+$ @'HASH_DEV''HASH_DIR'DELETE_HASH_FILES.COM
+$ DELETE 'HASH_DEV''HASH_DIR'DELETE_HASH_FILES.COM;*
+$ ENDIF
+$!
+$ CTR = 0
+$!
+$ OPEN /WRITE OFILE 'HASH_DEV''HASH_DIR'DELETE_HASH_FILES.COM
+$!
+$CERT_LOOP:
+$!
+$ CERT_FILE = F$SEARCH ("''_hash_path_name'", 1)
+$ IF CERT_FILE .EQS. "" THEN GOTO CERT_END
+$ CTR = CTR + 1
+$!
+$ CALL HASH_CERT 'P1' 'CERT_FILE'
+$!
+$ GOTO CERT_LOOP
+$!
+$CERT_END:
+$!
+$ CLOSE OFILE
+$!
+$ IF CTR .EQ. 0
+$ THEN
+$ TEXT = "No files found, Press return to continue"
+$ ELSE
+$ TEXT = "Press return to continue"
+$ ENDIF
+$ COL = (TT_COLS - F$LENGTH (TEXT)) / 2
+$!
+$ IF CTR .EQ. 0
+$ THEN
+$ SAY BELL, ESC + "[''MSG_ROW';01H", CEOS
+$ ELSE
+$ SAY ESC + "[''MSG_ROW';01H", CEOS
+$ ENDIF
+$ PROMPT = ESC + "[''MSG_ROW';''COL'H''TEXT'"
+$ ASK "''PROMPT'" OPT
+$!
+$ GOTO EXIT
+$!
+$!------------------------------------------------------------------------------
+$! Hash Certificate Subroutine
+$!------------------------------------------------------------------------------
+$!
+$HASH_CERT: SUBROUTINE
+$!
+$ IF P1 .EQS. "CRT"
+$ THEN
+$ HASH_SUFF = ""
+$ HASH_FUNC = "$SSL$EXE:OPENSSL X509 -HASH -NOOUT -IN"
+$ ELSE
+$ HASH_SUFF = "R"
+$ HASH_FUNC = "$SSL$EXE:OPENSSL CRL -HASH -NOOUT -IN"
+$ ENDIF
+$!
+$ PIPE HASH_FUNC 'P2' | (READ SYS$INPUT VAL ; DEFINE/NOLOG/JOB HASH_VAL &VAL)
+$ HASH_VAL = F$TRNLNM ("HASH_VAL")
+$ DEASSIGN /JOB HASH_VAL
+$!
+$ IDX = 0
+$!
+$IDX_LOOP:
+$!
+$ HASH_FILE = "''HASH_DEV'''HASH_DIR'''HASH_VAL'.''HASH_SUFF'''IDX'"
+$ IF F$SEARCH ("''HASH_FILE'") .NES. ""
+$ THEN
+$ IDX = IDX + 1
+$ GOTO IDX_LOOP
+$ ENDIF
+$!
+$ COPY 'P2' 'HASH_FILE'
+$ WRITE OFILE "$ DELETE ''HASH_FILE';*"
+$!
+$ EXIT
+$!
+$ ENDSUBOUTINE
+$!
+$!------------------------------------------------------------------------------
+$! Exit the procedure
+$!------------------------------------------------------------------------------
+$!
+$EXIT:
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ CLOSE OFILE
+$!
+$ Verify = F$VERIFY (Verify)
+$!
+$ EXIT
diff --git a/VMS/cert_tool/ssl$init_env.com b/VMS/cert_tool/ssl$init_env.com
new file mode 100644
index 0000000000..bf9f509fa4
--- /dev/null
+++ b/VMS/cert_tool/ssl$init_env.com
@@ -0,0 +1,61 @@
+$!
+$!------------------------------------------------------------------------------
+$! SSL$INIT_ENV.COM - SSL Initialize Environment
+$!------------------------------------------------------------------------------
+$!
+$ Verify = F$VERIFY (0)
+$ Set NoOn
+$!
+$!------------------------------------------------------------------------------
+$! Description
+$!------------------------------------------------------------------------------
+$!
+$! This procedure sets up the SSL environment logicals & symbols.
+$!
+$! P1 = Mode of the logicals (ie - "/SYSTEM/EXECUTIVE_MODE").
+$! Note - if P1 is not passed in, P1 will default to PROCESS.
+$!
+$!------------------------------------------------------------------------------
+$! Initialization
+$!------------------------------------------------------------------------------
+$!
+$ IF F$TRNLNM("SSL$ROOT") .EQS. ""
+$ THEN
+$ WRITE SYS$OUTPUT " "
+$ WRITE SYS$OUTPUT " SSL-E-ERROR, SSL has not been started."
+$ WRITE SYS$OUTPUT " "
+$ WRITE SYS$OUTPUT " Execute the command procedure, SYS$STARTUP:SSL$STARTUP.COM, and then try this procedure again."
+$ WRITE SYS$OUTPUT " "
+$ EXIT
+$ ENDIF
+$!
+$ IF P1 .EQS. ""
+$ THEN
+$ P1 = "/PROCESS"
+$ ENDIF
+$!
+$!------------------------------------------------------------------------------
+$! Define logicals
+$!------------------------------------------------------------------------------
+$!
+$ DEFINE 'P1 SSL$CA_CONF SSL$ROOT:[CONF]SSL$CA.CNF
+$ DEFINE 'P1 SSL$CONF SSL$ROOT:[CONF]SSL$CERT.CNF
+$ DEFINE 'P1 SSL$COM SSL$ROOT:[COM]
+$ DEFINE 'P1 SSL$CRT SSL$ROOT:[CERTS]
+$ DEFINE 'P1 SSL$CSR SSL$ROOT:[CERTS]
+$ DEFINE 'P1 SSL$KEY SSL$ROOT:[CERTS]
+$ DEFINE 'P1 SSL$DB SSL$ROOT:[PRIVATE]
+$!
+$!------------------------------------------------------------------------------
+$! Define foreign symbols
+$!------------------------------------------------------------------------------
+$!
+$ OPENSSL :== $ SSL$EXE:OPENSSL
+$ HOSTADDR :== $ SSL$EXE:SSL$HOSTADDR
+$ HOSTNAME :== $ SSL$EXE:SSL$HOSTNAME
+$!
+$!------------------------------------------------------------------------------
+$! Exit
+$!------------------------------------------------------------------------------
+$!
+$ EXIT
diff --git a/VMS/cert_tool/ssl$init_term.com b/VMS/cert_tool/ssl$init_term.com
new file mode 100644
index 0000000000..3af0eb52fa
--- /dev/null
+++ b/VMS/cert_tool/ssl$init_term.com
@@ -0,0 +1,55 @@
+$!
+$!------------------------------------------------------------------------------
+$! SSL$INIT_TERM.COM - SSL Initialize Terminal procedure
+$!------------------------------------------------------------------------------
+$!
+$ Verify = F$VERIFY (0)
+$ Set NoOn
+$ Set NoControl=Y
+$!
+$!------------------------------------------------------------------------------
+$! Description
+$!------------------------------------------------------------------------------
+$!
+$! This procedure initializes the terminal attributes.
+$!
+$! The parameters used are:
+$!
+$!------------------------------------------------------------------------------
+$! Define symbols
+$!------------------------------------------------------------------------------
+$!
+$ On Control_Y THEN GOTO EXIT
+$ Set Control=Y
+$!
+$ EDIT := EDIT
+$!
+$!------------------------------------------------------------------------------
+$! Initialize the terminal with TPU
+$!------------------------------------------------------------------------------
+$!
+$ IF F$SEARCH ("SSL$COM:SSL$EXIT_CMD.TPU") .EQS. ""
+$ THEN
+$ OPEN /WRITE OFILE SSL$COM:SSL$EXIT_CMD.TPU
+$ WRITE OFILE "EXIT"
+$ CLOSE OFILE
+$ ENDIF
+$!
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$INPUT SYS$COMMAND
+$ EDIT /TPU /COMMAND=OPENSS$COM:SSL$EXIT_CMD.TPU
+$!
+$!------------------------------------------------------------------------------
+$! Exit
+$!------------------------------------------------------------------------------
+$!
+$EXIT:
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ CLOSE OFILE
+$!
+$ Verify = F$VERIFY (Verify)
+$!
+$ EXIT
diff --git a/VMS/cert_tool/ssl$pick_file.com b/VMS/cert_tool/ssl$pick_file.com
new file mode 100644
index 0000000000..0355ef7428
--- /dev/null
+++ b/VMS/cert_tool/ssl$pick_file.com
@@ -0,0 +1,230 @@
+$!
+$!------------------------------------------------------------------------------
+$! SSL$PICK_FILE.COM - SSL Pick File procedure
+$!------------------------------------------------------------------------------
+$!
+$ Verify = F$VERIFY (0)
+$ Set NoOn
+$ Set NoControl=Y
+$!
+$!------------------------------------------------------------------------------
+$! Description
+$!------------------------------------------------------------------------------
+$!
+$! This procedure display the contents of a given file in a box size specified.
+$!
+$! The parameters used are:
+$!
+$! P1 - File Spec to Parse
+$! P2 - X1 coordinate
+$! P3 - Y1 coordinate
+$! P4 - X2 coordinate
+$! P5 - Y3 coordinate
+$! P6 - File Pick Header (Optional)
+$!
+$!------------------------------------------------------------------------------
+$! Define symbols
+$!------------------------------------------------------------------------------
+$!
+$ SSL_FILE_NAME == ""
+$ SAY := WRITE SYS$OUTPUT
+$ ASK := READ SYS$COMMAND /END_OF_FILE=EXIT /PROMPT=
+$ On Control_Y THEN GOTO EXIT
+$ Set Control=Y
+$!
+$ DRAW_BOX := @SSL$COM:SSL$DRAW_BOX
+$ FILL_BOX := @SSL$COM:SSL$FILL_BOX
+$!
+$ ESC[0,8] = 27 ! Set the Escape Character
+$ BELL[0,8] = 7 ! Ring the terminal Bell
+$ CEOL = ESC + "[0K" ! Clear to the End of the Line
+$ NORM = ESC + "[0m" ! Turn Attributes off
+$ BOLD = ESC + "[1m" ! Turn on BOLD Attribute
+$!
+$!------------------------------------------------------------------------------
+$! Display the Page Header
+$!------------------------------------------------------------------------------
+$!
+$ P1 = F$EDIT (P1, "TRIM")
+$ P2 = F$INTEGER (P2)
+$ P3 = F$INTEGER (P3)
+$ P4 = F$INTEGER (P4)
+$ P5 = F$INTEGER (P5)
+$ FILE_MAX = 0
+$!
+$SEARCH_LOOP:
+$!
+$ FILE = F$SEARCH ("''P1'",1)
+$ IF FILE .NES. ""
+$ THEN
+$ IF FILE_MAX .EQ. 1
+$ THEN
+$ IF FILE_1 .EQS. FILE THEN GOTO SEARCH_END
+$ ENDIF
+$ FILE_MAX = FILE_MAX + 1
+$ FILE_'FILE_MAX' = FILE
+$ GOTO SEARCH_LOOP
+$ ENDIF
+$!
+$SEARCH_END:
+$!
+$ IF FILE_MAX .EQ. 0
+$ THEN
+$ DRAW_BOX 'P2' 'P3' 'P4' 'P5' "''P6'" " No Files Found, Press Return to Exit "
+$ INPUT_ROW = P5 + 1
+$ PROMPT = ESC + "[''INPUT_ROW';01H ''CEOL'"
+$ ASK "''PROMPT'" OPT
+$ GOTO EXIT
+$ ENDIF
+$!
+$ COL = P2 + 2
+$ ROW = P3 + 2
+$ TOP_ROW = ROW
+$ INPUT_ROW = P5 + 1
+$ BOX_WIDTH = P4 - (P2 + 2)
+$ BOX_HEIGHT = P5 - (P3 + 3)
+$!
+$ FILE_CTR = 1
+$ PAGE_CTR = 1
+$ PAGE_'PAGE_CTR'_FILE_CTR = FILE_CTR
+$ FILES_PER_PAGE = BOX_HEIGHT
+$ PAGE_MAX = FILE_MAX / FILES_PER_PAGE
+$ IF PAGE_MAX * FILES_PER_PAGE .LT. FILE_MAX THEN PAGE_MAX = PAGE_MAX + 1
+$!
+$ DRAW_BOX 'P2' 'P3' 'P4' 'P5' "''P6'" " Enter B for Back, N for Next, Ctrl-Z to Exit or Enter a File Number "
+$ PAGE_TXT = F$FAO (" Page !UL of !UL ", PAGE_CTR, PAGE_MAX)
+$ _COL = P2 + (BOX_WIDTH - F$LENGTH (PAGE_TXT)) + 2
+$ SAY ESC + "[''P3';''_COL'H''BOLD'''PAGE_TXT'''NORM'"
+$!
+$DISPLAY_LOOP:
+$!
+$ IF FILE_CTR .LE. FILE_MAX .AND. F$TYPE (FILE_'FILE_CTR') .NES. ""
+$ THEN
+$ FILE = FILE_'FILE_CTR'
+$ ELSE
+$ FILE = ""
+$ ENDIF
+$ WRAP_IN_PROGRESS = 0
+$!
+$WRAP_LOOP:
+$!
+$ IF ROW .LE. (P5 - 2) .AND. -
+ FILE_CTR .LE. PAGE_CTR * FILES_PER_PAGE
+$ THEN
+$ IF F$LENGTH (FILE) .GT. BOX_WIDTH
+$ THEN
+$ IF WRAP_IN_PROGRESS .EQ. 0
+$ THEN
+$ CTR_TXT = F$FAO ("!3UL. ",FILE_CTR)
+$ WRAP_IN_PROGRESS = 1
+$ ELSE
+$ CTR_TXT = " "
+$ ENDIF
+$ FILE_SEG = F$EXTRACT (0, BOX_WIDTH - F$LENGTH (CTR_TXT), FILE)
+$ SAY ESC + "[''ROW';''COL'H''BOLD'''CTR_TXT'''NORM'''FILE_SEG'"
+$ FILE = F$EXTRACT (BOX_WIDTH - F$LENGTH (CTR_TXT), F$LENGTH (FILE) - (BOX_WIDTH + F$LENGTH (CTR_TXT)), FILE)
+$ ROW = ROW + 1
+$ GOTO WRAP_LOOP
+$ ELSE
+$ IF FILE .NES. ""
+$ THEN
+$ IF WRAP_IN_PROGRESS .EQ. 0
+$ THEN
+$ CTR_TXT = F$FAO ("!3UL. ",FILE_CTR)
+$ ELSE
+$ CTR_TXT = " "
+$ ENDIF
+$ SAY ESC + "[''ROW';''COL'H''BOLD'''CTR_TXT'''NORM'''FILE'"
+$ ENDIF
+$ ENDIF
+$ ELSE
+$!
+$RETRY:
+$!
+$ PROMPT = ESC + "[''INPUT_ROW';01H ''CEOL'"
+$ ASK "''PROMPT'" OPT
+$ IF F$TYPE (OPT) .NES. "INTEGER" .AND. -
+ F$EDIT (OPT,"TRIM,UPCASE") .NES. "B" .AND. -
+ F$EDIT (OPT,"TRIM,UPCASE") .NES. "N"
+$ THEN
+$ CALL INVALID_ENTRY
+$ GOTO RETRY
+$ ENDIF
+$ IF F$TYPE (OPT) .EQS. "INTEGER"
+$ THEN
+$ IF OPT .GT. 0 .AND. -
+ OPT .LE. FILE_MAX .AND. -
+ OPT .LE. (FILE_CTR - 1) .AND. -
+ OPT .GE. (FILE_CTR - 1 - FILES_PER_PAGE)
+$ THEN
+$ SSL_FILE_NAME == FILE_'OPT'
+$ GOTO EXIT
+$ ELSE
+$ CALL INVALID_ENTRY
+$ GOTO RETRY
+$ ENDIF
+$ ENDIF
+$ IF F$EDIT (OPT,"TRIM,UPCASE") .EQS. "B"
+$ THEN
+$ IF PAGE_CTR .GT. 1
+$ THEN
+$ ROW = TOP_ROW
+$ PAGE_CTR = PAGE_CTR - 1
+$ FILE_CTR = PAGE_'PAGE_CTR'_FILE_CTR
+$ PAGE_TXT = F$FAO (" Page !UL of !UL ", PAGE_CTR, PAGE_MAX)
+$ _COL = P2 + (BOX_WIDTH - F$LENGTH (PAGE_TXT)) + 2
+$ SAY ESC + "[''P3';''_COL'H''BOLD'''PAGE_TXT'''NORM'"
+$ FILL_BOX 'P2' 'P3' 'P4' 'P5'
+$ GOTO DISPLAY_LOOP
+$ ELSE
+$ CALL INVALID_ENTRY
+$ GOTO RETRY
+$ ENDIF
+$ ENDIF
+$ IF F$EDIT (OPT,"TRIM,UPCASE") .EQS. "N"
+$ THEN
+$ IF PAGE_CTR .LT. PAGE_MAX
+$ THEN
+$ PAGE_CTR = PAGE_CTR + 1
+$ PAGE_'PAGE_CTR'_FILE_CTR = FILE_CTR
+$ FILE_CTR = PAGE_'PAGE_CTR'_FILE_CTR
+$ PAGE_TXT = F$FAO (" Page !UL of !UL ", PAGE_CTR, PAGE_MAX)
+$ _COL = P2 + (BOX_WIDTH - F$LENGTH (PAGE_TXT)) + 2
+$ SAY ESC + "[''P3';''_COL'H''BOLD'''PAGE_TXT'''NORM'"
+$ FILL_BOX 'P2' 'P3' 'P4' 'P5'
+$ ELSE
+$ CALL INVALID_ENTRY
+$ GOTO RETRY
+$ ENDIF
+$ ENDIF
+$ FILL_BOX 'P2' 'P3' 'P4' 'P5'
+$ ROW = TOP_ROW
+$ GOTO WRAP_LOOP
+$ ENDIF
+$ FILE_CTR = FILE_CTR + 1
+$ ROW = ROW + 1
+$ GOTO DISPLAY_LOOP
+$!
+$!------------------------------------------------------------------------------
+$! Display the invalid entry
+$!------------------------------------------------------------------------------
+$!
+$INVALID_ENTRY: SUBROUTINE
+$!
+$ SAY ESC + "[''INPUT_ROW';01H", BELL, " Invalid Entry, Try again ...''CEOL'"
+$ Wait 00:00:01.5
+$ SAY ESC + "[''INPUT_ROW';01H", CEOL
+$!
+$ EXIT
+$!
+$ ENDSUBROUTINE
+$!
+$!------------------------------------------------------------------------------
+$! Exit
+$!------------------------------------------------------------------------------
+$!
+$EXIT:
+$!
+$ Verify = F$VERIFY (Verify)
+$!
+$ EXIT
diff --git a/VMS/cert_tool/ssl$rem_env.com b/VMS/cert_tool/ssl$rem_env.com
new file mode 100644
index 0000000000..6b8332f3cf
--- /dev/null
+++ b/VMS/cert_tool/ssl$rem_env.com
@@ -0,0 +1,62 @@
+$!
+$!------------------------------------------------------------------------------
+$! SSL$REM_ENV.COM - Remove the SSL Initialize Environment
+$!------------------------------------------------------------------------------
+$!
+$ Verify = F$VERIFY (0)
+$ Set NoOn
+$!
+$!------------------------------------------------------------------------------
+$! Description
+$!------------------------------------------------------------------------------
+$!
+$! This procedure deletes the SSL environment logicals & symbols set up by
+$! SSL$INIT_ENV.COM.
+$!
+$! P1 = Mode of the logicals (ie - "/SYSTEM/EXECUTIVE_MODE").
+$! Note - if P1 is not passed in, P1 will default to PROCESS.
+$!
+$!------------------------------------------------------------------------------
+$! Initialization
+$!------------------------------------------------------------------------------
+$!
+$ IF F$TRNLNM("SSL$ROOT") .EQS. ""
+$ THEN
+$ WRITE SYS$OUTPUT " "
+$ WRITE SYS$OUTPUT " SSL-E-ERROR, SSL has not been started."
+$ WRITE SYS$OUTPUT " "
+$ WRITE SYS$OUTPUT " Execute the command procedure, SYS$STARTUP:SSL$STARTUP.COM, and then try this procedure again."
+$ WRITE SYS$OUTPUT " "
+$ EXIT
+$ ENDIF
+$!
+$ IF P1 .EQS. ""
+$ THEN
+$ P1 = "/PROCESS"
+$ ENDIF
+$!
+$!------------------------------------------------------------------------------
+$! Define logicals
+$!------------------------------------------------------------------------------
+$!
+$ DEASSIGN 'P1 SSL$CA_CONF
+$ DEASSIGN 'P1 SSL$CONF
+$ DEASSIGN 'P1 SSL$COM
+$ DEASSIGN 'P1 SSL$CRT
+$ DEASSIGN 'P1 SSL$CSR
+$ DEASSIGN 'P1 SSL$KEY
+$ DEASSIGN 'P1 SSL$DB
+$!
+$!------------------------------------------------------------------------------
+$! Define foreign symbols
+$!------------------------------------------------------------------------------
+$!
+$ DELETE/SYMBOL/GLOBAL OPENSSL
+$ DELETE/SYMBOL/GLOBAL HOSTADDR
+$ DELETE/SYMBOL/GLOBAL HOSTNAME
+$!
+$!------------------------------------------------------------------------------
+$! Exit
+$!------------------------------------------------------------------------------
+$!
+$ EXIT
diff --git a/VMS/cert_tool/ssl$rqst_cert.com b/VMS/cert_tool/ssl$rqst_cert.com
new file mode 100644
index 0000000000..1b60001077
--- /dev/null
+++ b/VMS/cert_tool/ssl$rqst_cert.com
@@ -0,0 +1,769 @@
+$!
+$!------------------------------------------------------------------------------
+$! SSL$RQST_CERT.COM - SSL Certificate Request procedure
+$!------------------------------------------------------------------------------
+$!
+$ Verify = F$VERIFY (0)
+$ Set NoOn
+$ Set NoControl=Y
+$!
+$!------------------------------------------------------------------------------
+$! Description
+$!------------------------------------------------------------------------------
+$!
+$! This procedure prompts the user through creating a Certificate Request.
+$!
+$! There are no parameters used.
+$!
+$!------------------------------------------------------------------------------
+$! Define symbols
+$!------------------------------------------------------------------------------
+$!
+$ DELETE := DELETE
+$ SAY := WRITE SYS$OUTPUT
+$ ASK := READ SYS$COMMAND /END_OF_FILE=EXIT /PROMPT=
+$ PID = F$GETJPI ("","PID")
+$ TT_NOECHO = F$GETDVI ("TT:","TT_NOECHO")
+$ On Control_Y THEN GOTO EXIT
+$ Set Control=Y
+$!
+$ TT_ROWS = F$GETDVI ("TT:","TT_PAGE")
+$ TT_COLS = F$GETDVI ("TT:","DEVBUFSIZ")
+$!
+$ GET_USER_DATA := CALL GET_USER_DATA
+$ SET_USER_DATA := CALL SET_USER_DATA
+$ DEL_USER_DATA := CALL DEL_USER_DATA
+$ INIT_TERM := @SSL$COM:SSL$INIT_TERM
+$ SHOW_FILE := @SSL$COM:SSL$SHOW_FILE
+$ SSL_CONF_FILE = F$TRNLNM ("SSL$CONF")
+$ GET_CONF_DATA := @SSL$COM:SSL$CONF_UTIL 'SSL_CONF_FILE' GET
+$ SET_CONF_DATA := @SSL$COM:SSL$CONF_UTIL 'SSL_CONF_FILE' SET
+$!
+$ ESC[0,8] = 27 ! Set the Escape Character
+$ BELL[0,8] = 7 ! Ring the terminal Bell
+$ RED = 1 ! Color - Red
+$ FGD = 30 ! Foreground
+$ BGD = 0 ! Background
+$ CSCR = ESC + "[2J" ! Clear the Screen
+$ CEOS = ESC + "[0J" ! Clear to the End of the Screen
+$ CEOL = ESC + "[0K" ! Clear to the End of the Line
+$ NORM = ESC + "[0m" ! Turn Attributes off
+$ BLNK = ESC + "[5m" ! Turn on BLINK Attribute
+$ WIDE = ESC + "#6" ! Turn on WIDE Attribute
+$!
+$!------------------------------------------------------------------------------
+$! Run the SSL setup if it hasn't been run yet
+$!------------------------------------------------------------------------------
+$!
+$ IF F$TRNLNM ("SSL$ROOT") .EQS. ""
+$ THEN
+$ IF F$SEARCH ("SSL$COM:SSL$INIT_ENV.COM") .NES. ""
+$ THEN
+$ @SSL$COM:SSL$INIT_ENV.COM
+$ ELSE
+$ SAY BELL, "Unable to locate SSL$COM:SSL$INIT_ENV.COM ..."
+$ GOTO EXIT
+$ ENDIF
+$ ENDIF
+$!
+$!------------------------------------------------------------------------------
+$! Display the Page Header
+$!------------------------------------------------------------------------------
+$!
+$ INIT_TERM
+$ BCOLOR = BGD
+$ FCOLOR = FGD + RED
+$ COLOR = ESC + "[''BCOLOR';''FCOLOR'm"
+$!
+$ TEXT = "SSL Certificate Tool"
+$ COL = (TT_COLS - (F$LENGTH (TEXT) * 2)) / 4
+$!
+$ SAY ESC + "[01;01H", CSCR
+$ SAY ESC + "[02;''COL'H", COLOR, WIDE, TEXT, NORM
+$!
+$ TEXT = "Create Certificate Request"
+$ COL = (TT_COLS - F$LENGTH (TEXT)) / 2
+$!
+$ SAY ESC + "[04;01H"
+$ SAY ESC + "[04;''COL'H", COLOR, TEXT, NORM
+$!
+$ ROW = 6
+$ COL = 2
+$ TOP_ROW = ROW
+$ MSG_ROW = TT_ROWS - 1
+$!
+$!------------------------------------------------------------------------------
+$! Initialize the Request Data
+$!------------------------------------------------------------------------------
+$!
+$ IF F$SEARCH ("''SSL_CONF_FILE'") .NES. ""
+$ THEN
+$ SAY ESC + "[''MSG_ROW';01H", BLNK, " Reading Configuration ...", NORM
+$ ELSE
+$ SAY ESC + "[''MSG_ROW';01H", BLNK, " Initializing Configuration ...", NORM
+$ ENDIF
+$!
+$ _request_name = "req"
+$!
+$ _distinguished_name = "REQ_distinguished_name"
+$ _distinguished_name_upd = "Y"
+$!
+$ _default_bits = "1024"
+$ _default_bits_upd = "Y"
+$!
+$ _default_keyfile = "SSL$KEY:SERVER.KEY"
+$ _default_keyfile_upd = "Y"
+$!
+$ _default_csrfile = "SSL$CSR:SERVER.CSR"
+$ _default_csrfile_upd = "Y"
+$!
+$ _countryName_prompt = "Country Name ?"
+$ _countryName_min = "2"
+$ _countryName_max = "2"
+$ _countryName_default = "US"
+$ _countryName_upd = "Y"
+$ _countryName_cnt = 4
+$!
+$ _stateOrProvinceName_prompt = "State or Province Name ?"
+$ _stateOrProvinceName_default = ""
+$ _stateOrProvinceName_upd = "Y"
+$ _stateOrProvinceName_cnt = 2
+$!
+$ _localityName_prompt = "City Name ?"
+$ _localityName_default = ""
+$ _localityName_upd = "Y"
+$ _localityName_cnt = 2
+$!
+$ _0organizationName_prompt = "Organization Name ?"
+$ _0organizationName_default = ""
+$ _0organizationName_upd = "Y"
+$ _0organizationName_cnt = 2
+$!
+$ _organizationalUnitName_prompt = "Organization Unit Name ?"
+$ _organizationalUnitName_default = ""
+$ _organizationalUnitName_upd = "Y"
+$ _organizationalUnitName_cnt = 2
+$!
+$ _commonName_prompt = "Common Name ?"
+$ _commonName_max = "64"
+$ HOSTNAME -s _commonName_default
+$ _commonName_upd = "Y"
+$ _commonName_cnt = 3
+$!
+$ _emailAddress_prompt = "Email Address ?"
+$ _emailAddress_max = "40"
+$ _emailAddress_default = "webmaster@''_commonName_default'"
+$ _emailAddress_upd = "Y"
+$ _emailAddress_cnt = 3
+$!
+$ IF F$SEARCH ("''SSL_CONF_FILE'") .NES. ""
+$ THEN
+$ GET_CONF_DATA "[''_request_name']#distinguished_name"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _distinguished_name = SSL_CONF_DATA
+$ _distinguished_name_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_request_name']#default_bits"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _default_bits = SSL_CONF_DATA
+$ _default_bits_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_request_name']#default_keyfile"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _default_keyfile = F$PARSE (SSL_CONF_DATA,"SSL$ROOT:",,"DEVICE") + -
+ F$PARSE (SSL_CONF_DATA,"[KEY]",,"DIRECTORY") + -
+ F$PARSE (SSL_CONF_DATA,"SERVER",,"NAME") + -
+ F$PARSE (SSL_CONF_DATA,".KEY",,"TYPE")
+$ _default_keyfile_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_request_name']#default_csrfile"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _default_csrfile = F$PARSE (SSL_CONF_DATA,"SSL$ROOT:",,"DEVICE") + -
+ F$PARSE (SSL_CONF_DATA,"[CSR]",,"DIRECTORY") + -
+ F$PARSE (SSL_CONF_DATA,"SERVER",,"NAME") + -
+ F$PARSE (SSL_CONF_DATA,".CSR",,"TYPE")
+$ _default_csrfile_upd = "N"
+$ ENDIF
+$!
+$ CTR = 0
+$ GET_CONF_DATA "[''_distinguished_name']#countryName"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _countryName_prompt = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ GET_CONF_DATA "[''_distinguished_name']#countryName_min"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _countryName_min = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ GET_CONF_DATA "[''_distinguished_name']#countryName_max"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _countryName_max = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ GET_CONF_DATA "[''_distinguished_name']#countryName_default"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _countryName_default = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ IF _countryName_cnt .EQ. CTR THEN _countryName_upd = "N"
+$!
+$ CTR = 0
+$ GET_CONF_DATA "[''_distinguished_name']#stateOrProvinceName"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _stateOrProvinceName_prompt = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ GET_CONF_DATA "[''_distinguished_name']#stateOrProvinceName_default"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _stateOrProvinceName_default = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ IF _stateOrProvinceName_cnt .EQ. CTR THEN _stateOrProvinceName_upd = "N"
+$!
+$ CTR = 0
+$ GET_CONF_DATA "[''_distinguished_name']#localityName"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _localityName_prompt = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ GET_CONF_DATA "[''_distinguished_name']#localityName_default"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _localityName_default = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ IF _localityName_cnt .EQ. CTR THEN _localityName_upd = "N"
+$!
+$ CTR = 0
+$ GET_CONF_DATA "[''_distinguished_name']#0.organizationName"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _0organizationName_prompt = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ GET_CONF_DATA "[''_distinguished_name']#0.organizationName_default"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _0organizationName_default = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ IF _0organizationName_cnt .EQ. CTR THEN _0organizationName_upd = "N"
+$!
+$ CTR = 0
+$ GET_CONF_DATA "[''_distinguished_name']#organizationalUnitName"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _organizationalUnitName_prompt = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ GET_CONF_DATA "[''_distinguished_name']#organizationalUnitName_default"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _organizationalUnitName_default = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ IF _organizationalUnitName_cnt .EQ. CTR THEN _organizationalUnitName_upd = "N"
+$!
+$ CTR = 0
+$ GET_CONF_DATA "[''_distinguished_name']#commonName"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _commonName_prompt = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ GET_CONF_DATA "[''_distinguished_name']#commonName_max"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _commonName_max = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ GET_CONF_DATA "[''_distinguished_name']#commonName_default"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _commonName_default = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ IF _commonName_cnt .EQ. CTR THEN _commonName_upd = "N"
+$!
+$ CTR = 0
+$ GET_CONF_DATA "[''_distinguished_name']#emailAddress"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _emailAddress_prompt = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ GET_CONF_DATA "[''_distinguished_name']#emailAddress_max"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _emailAddress_max = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ GET_CONF_DATA "[''_distinguished_name']#emailAddress_default"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _emailAddress_default = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ IF _emailAddress_cnt .EQ. CTR THEN _emailAddress_upd = "N"
+$ ENDIF
+$!
+$ SET_USER_DATA "[]#encrypt_key#-#N#Encrypt Private Key ?#S##1##Y#N"
+$ SET_USER_DATA "[]#pem_pass_phrase#-##PEM Pass Phrase ?#P#1###Y#Y"
+$ SET_USER_DATA "[''_request_name']#default_bits#D#''_default_bits'#Encryption Bits ?#I###''_default_bits_upd'#Y#N"
+$ SET_USER_DATA "[''_request_name']#default_keyfile#D#''_default_keyfile'#Certificate Key File ?#F###''_default_keyfile_upd'#Y#N"
+$ SET_USER_DATA "[''_request_name']#default_csrfile#D#''_default_csrfile'#Certificate Request File ?#F###''_default_csrfile_upd'#Y#N"
+$ SET_USER_DATA "[''_request_name']#distinguished_name#D#''_distinguished_name'##S###''_distinguished_name_upd'#N#N"
+$ SET_USER_DATA "[''_distinguished_name']#countryName#P#''_countryName_default'#''_countryName_prompt'#S#''_countryName_min'#''_countryName_max'#''_countryName_upd'#Y#N"
+$ SET_USER_DATA "[''_distinguished_name']#stateOrProvinceName#P#''_stateOrProvinceName_default'#''_stateOrProvinceName_prompt'#S###''_stateOrProvinceName_upd'#Y#N"
+$ SET_USER_DATA "[''_distinguished_name']#localityName#P#''_localityName_default'#''_localityName_prompt'#S###''_localityName_upd'#Y#N"
+$ SET_USER_DATA "[''_distinguished_name']#0.organizationName#P#''_0organizationName_default'#''_0organizationName_prompt'#S###''_0organizationName_upd'#Y#N"
+$ SET_USER_DATA "[''_distinguished_name']#organizationalUnitName#P#''_organizationalUnitName_default'#''_organizationalUnitName_prompt'#S###''_organizationUnitName_upd'#Y#N"
+$ SET_USER_DATA "[''_distinguished_name']#commonName#P#''_commonName_default'#''_commonName_prompt'#S##''_commonName_max'#''_commonName_upd'#Y#N"
+$ SET_USER_DATA "[''_distinguished_name']#emailAddress#P#''_emailAddress_default'#''_emailAddress_prompt'#S##''_emailAddress_max'#''_emailAddress_upd'#Y#N"
+$ SET_USER_DATA "[]#display_certificate#-#N#Display the Certificate ?#S##1##Y#N"
+$!
+$ SAY ESC + "[''MSG_ROW';01H", CEOS
+$!
+$!------------------------------------------------------------------------------
+$! Confirm/Update the SSL Configuration Data
+$!------------------------------------------------------------------------------
+$!
+$ CTR = 1
+$!
+$PROMPT_LOOP:
+$!
+$ IF CTR .LE. SSL_USER_DATA_MAX
+$ THEN
+$ KEY = F$ELEMENT (0,"#",SSL_USER_DATA_'CTR') ! Key Name
+$ ITM = F$ELEMENT (1,"#",SSL_USER_DATA_'CTR') ! Item Name
+$ VAL = F$ELEMENT (2,"#",SSL_USER_DATA_'CTR') ! Item Value Contains Default or Prompt
+$ DEF = F$ELEMENT (3,"#",SSL_USER_DATA_'CTR') ! Default Value
+$ PRM = F$ELEMENT (4,"#",SSL_USER_DATA_'CTR') ! Prompt Value
+$ TYP = F$ELEMENT (5,"#",SSL_USER_DATA_'CTR') ! Value Type
+$ MIN = F$ELEMENT (6,"#",SSL_USER_DATA_'CTR') ! Value Minimum Length
+$ MAX = F$ELEMENT (7,"#",SSL_USER_DATA_'CTR') ! Value Maximum Length
+$ UPD = F$ELEMENT (8,"#",SSL_USER_DATA_'CTR') ! Entry Updated ?
+$ REQ = F$ELEMENT (9,"#",SSL_USER_DATA_'CTR') ! Entry Required for Input ?
+$ CFM = F$ELEMENT (10,"#",SSL_USER_DATA_'CTR')! Confirm Input ?
+$!
+$! The PEM Pass Phrase prompt is dependant on the answer to encrypt the private key
+$!
+$ IF KEY .EQS. "[]" .AND. ITM .EQS. "pem_pass_phrase"
+$ THEN
+$ GET_USER_DATA "[]#encrypt_key"
+$ _encrypt_key = SSL_USER_DATA
+$ IF F$EDIT (_encrypt_key,"UPCASE") .NES. "Y"
+$ THEN
+$ CTR = CTR + 1
+$ GOTO PROMPT_LOOP
+$ ENDIF
+$ ENDIF
+$!
+$ CONFIRMED = 0
+$ IF REQ .EQS. "N"
+$ THEN
+$ CTR = CTR + 1
+$ GOTO PROMPT_LOOP
+$ ENDIF
+$ IF ROW .GT. MSG_ROW - 2
+$ THEN
+$ SAY ESC + "[''TOP_ROW';01H", CEOS
+$ ROW = TOP_ROW
+$ ENDIF
+$!
+$CONFIRM_LOOP:
+$!
+$ IF PRM .EQS. ""
+$ THEN
+$ PROMPT = ESC + "[''ROW';''COL'H''ITM' ? [''DEF'] ''CEOL'"
+$ ELSE
+$ PROMPT = ESC + "[''ROW';''COL'H''PRM' [''DEF'] ''CEOL'"
+$ ENDIF
+$ IF TYP .EQS. "P" THEN SET TERMINAL /NOECHO
+$ ASK "''PROMPT'" ANS /END_OF_FILE=EXIT
+$ IF TYP .EQS. "P" THEN SET TERMINAL /ECHO
+$ ANS = F$EDIT (ANS,"TRIM")
+$ IF ANS .EQS. "" THEN ANS = DEF
+$ IF TYP .EQS. "F"
+$ THEN
+$ ANS = F$PARSE ("''ANS'","''DEF'",,,"SYNTAX_ONLY")
+$ ENDIF
+$ IF TYP .EQS. "I" .AND. F$TYPE (ANS) .NES. "INTEGER"
+$ THEN
+$ CALL INVALID_ENTRY
+$ SAY ESC + "[''ROW';01H", CEOS
+$ GOTO PROMPT_LOOP
+$ ENDIF
+$ IF (TYP .EQS. "S" .OR. TYP .EQS. "P") .AND. -
+ ((MIN .NES. "" .AND. F$LENGTH (ANS) .LT. F$INTEGER(MIN)) .OR. -
+ (MAX .NES. "" .AND. F$LENGTH (ANS) .GT. F$INTEGER(MAX)))
+$ THEN
+$ CALL INVALID_ENTRY
+$ SAY ESC + "[''ROW';01H", CEOS
+$ IF TYP .EQS. "S" THEN GOTO PROMPT_LOOP
+$ IF TYP .EQS. "P" THEN GOTO CONFIRM_LOOP
+$ ENDIF
+$ ROW = ROW + 1
+$ IF CFM .EQS. "Y"
+$ THEN
+$ IF CONFIRMED .EQ. 0
+$ THEN
+$ CONFIRMED = 1
+$ CONFIRMED_ANS = ANS
+$ PRM = "Confirm ''PRM'"
+$ GOTO CONFIRM_LOOP
+$ ELSE
+$ IF ANS .NES. CONFIRMED_ANS
+$ THEN
+$ CALL INVALID_ENTRY
+$ ROW = ROW - 2
+$ SAY ESC + "[''ROW';01H", CEOS
+$ GOTO PROMPT_LOOP
+$ ENDIF
+$ ENDIF
+$ ENDIF
+$ IF ANS .NES. DEF THEN SSL_USER_DATA_'CTR' = "''KEY'#''ITM'#''VAL'#''ANS'#''PRM'#''TYP'#''MIN'#''MAX'#Y#''REQ'#''CFM'"
+$ CTR = CTR + 1
+$ GOTO PROMPT_LOOP
+$ ENDIF
+$!
+$!------------------------------------------------------------------------------
+$! Save the SSL Configuration Data
+$!------------------------------------------------------------------------------
+$!
+$ CTR = 1
+$ SAY ESC + "[''MSG_ROW';01H", BLNK, " Saving Configuration ...", NORM
+$!
+$SAVE_CONF_LOOP:
+$!
+$ IF CTR .LE. SSL_USER_DATA_MAX
+$ THEN
+$ KEY = F$ELEMENT (0,"#",SSL_USER_DATA_'CTR') ! Key Name
+$ ITM = F$ELEMENT (1,"#",SSL_USER_DATA_'CTR') ! Item Name
+$ VAL = F$ELEMENT (2,"#",SSL_USER_DATA_'CTR') ! Item Value Contains Default or Prompt
+$ DEF = F$ELEMENT (3,"#",SSL_USER_DATA_'CTR') ! Default Value
+$ PRM = F$ELEMENT (4,"#",SSL_USER_DATA_'CTR') ! Prompt Value
+$ TYP = F$ELEMENT (5,"#",SSL_USER_DATA_'CTR') ! Value Type
+$ MIN = F$ELEMENT (6,"#",SSL_USER_DATA_'CTR') ! Value Minimum Length
+$ MAX = F$ELEMENT (7,"#",SSL_USER_DATA_'CTR') ! Value Maximum Length
+$ UPD = F$ELEMENT (8,"#",SSL_USER_DATA_'CTR') ! Entry Updated ?
+$ REQ = F$ELEMENT (9,"#",SSL_USER_DATA_'CTR') ! Entry Required for Input ?
+$ CFM = F$ELEMENT (10,"#",SSL_USER_DATA_'CTR')! Confirm Input ?
+$ IF UPD .NES. "Y" .OR. VAL .EQS. "-"
+$ THEN
+$ CTR = CTR + 1
+$ GOTO SAVE_CONF_LOOP
+$ ENDIF
+$ IF VAL .EQS. "D"
+$ THEN
+$ SET_CONF_DATA "''KEY'#''ITM'" "''DEF'"
+$ ELSE
+$ SET_CONF_DATA "''KEY'#''ITM'" "''PRM'"
+$ SET_CONF_DATA "''KEY'#''ITM'_default" "''DEF'"
+$ ENDIF
+$ IF MIN .NES. "" THEN SET_CONF_DATA "''KEY'#''ITM'_min" "''MIN'"
+$ IF MAX .NES. "" THEN SET_CONF_DATA "''KEY'#''ITM'_max" "''MAX'"
+$ CTR = CTR + 1
+$ GOTO SAVE_CONF_LOOP
+$ ENDIF
+$!
+$ PURGE /NOLOG /NOCONFIRM 'SSL_CONF_FILE'
+$ RENAME 'SSL_CONF_FILE'; ;1
+$!
+$ SAY ESC + "[''MSG_ROW';01H", CEOS
+$!
+$!------------------------------------------------------------------------------
+$! Create the Server Certificiate
+$!------------------------------------------------------------------------------
+$!
+$ SAY ESC + "[''MSG_ROW';01H", BLNK, " Creating Certificate Request ...", NORM
+$!
+$ X1 = 2
+$ Y1 = TOP_ROW
+$ X2 = TT_COLS - 2
+$ Y2 = MSG_ROW - 1
+$!
+$ GET_USER_DATA "[]#encrypt_key"
+$ _encrypt_key = SSL_USER_DATA
+$ IF F$EDIT (_encrypt_key,"UPCASE") .EQS. "Y"
+$ THEN
+$ GET_USER_DATA "[]#pem_pass_phrase"
+$ _pem_pass_phrase = SSL_USER_DATA
+$ ENDIF
+$ GET_USER_DATA "[req]#default_bits"
+$ _default_bits = SSL_USER_DATA
+$ GET_USER_DATA "[req]#default_keyfile"
+$ _default_keyfile = SSL_USER_DATA
+$ GET_USER_DATA "[req]#default_csrfile"
+$ _default_csrfile = SSL_USER_DATA
+$ GET_USER_DATA "[]#display_certificate"
+$ _display_certificate = SSL_USER_DATA
+$!
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ SHOW SYSTEM /FULL /OUT=SYS$LOGIN:SSL_GENRSA_'PID'.RND
+$!
+$ OPEN /WRITE OFILE SYS$LOGIN:SSL_GENRSA_'PID'.COM
+$ WRITE OFILE "$ DEFINE /USER /NOLOG RANDFILE SYS$LOGIN:SSL_GENRSA_''PID'.RND"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$ERROR SYS$LOGIN:SSL_GENRSA_''PID'.LOG"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$OUTPUT SYS$LOGIN:SSL_GENRSA_''PID'.LOG"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$COMMAND SYS$INPUT"
+$ IF _encrypt_key .EQS. "Y"
+$ THEN
+$ WRITE OFILE "$ OPENSSL genrsa -des3 -out ''_default_keyfile' ''_default_bits'"
+$ WRITE OFILE "''_pem_pass_phrase'"
+$ WRITE OFILE "''_pem_pass_phrase'"
+$ ELSE
+$ WRITE OFILE "$ OPENSSL genrsa -out ''_default_keyfile' ''_default_bits'"
+$ ENDIF
+$ CLOSE OFILE
+$!
+$ @SYS$LOGIN:SSL_GENRSA_'PID'.COM
+$!
+$ DELETE/NOLOG/NOCONFIRM SYS$LOGIN:SSL_GENRSA_'PID'.RND;*
+$ DELETE/NOLOG/NOCONFIRM SYS$LOGIN:SSL_GENRSA_'PID'.COM;*
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ SEARCH SYS$LOGIN:SSL_GENRSA_'PID'.LOG /OUT=SYS$LOGIN:SSL_GENRSA_'PID'.ERR ":error:"
+$ IF F$SEARCH ("SYS$LOGIN:SSL_GENRSA_''PID'.ERR") .NES. ""
+$ THEN
+$ IF F$FILE_ATTRIBUTE ("SYS$LOGIN:SSL_GENRSA_''PID'.ERR","ALQ") .NE. 0
+$ THEN
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_GENRSA_'PID'.ERR;*
+$ SAY ESC + "[''MSG_ROW';01H''BELL'''CEOS'"
+$ SHOW_FILE "SYS$LOGIN:SSL_GENRSA_''PID'.LOG" 'X1' 'Y1' 'X2' 'Y2' "< ERROR >"
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_GENRSA_'PID'.LOG;*
+$ GOTO EXIT
+$ ENDIF
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_GENRSA_'PID'.ERR;*
+$ ENDIF
+$!
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_GENRSA_'PID'.LOG;*
+$!
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ SHOW SYSTEM /FULL /OUT=SYS$LOGIN:SSL_REQ_'PID'.RND
+$!
+$ OPEN /WRITE OFILE SYS$LOGIN:SSL_REQ_'PID'.COM
+$ WRITE OFILE "$ DEFINE /USER /NOLOG RANDFILE SYS$LOGIN:SSL_REQ_''PID'.RND"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$ERROR SYS$LOGIN:SSL_REQ_''PID'.LOG"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$OUTPUT SYS$LOGIN:SSL_REQ_''PID'.LOG"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$COMMAND SYS$INPUT"
+$ IF _encrypt_key .EQS. "Y"
+$ THEN
+$ WRITE OFILE "$ OPENSSL req -new -config ''SSL_CONF_FILE' -key ''_default_keyfile' -out ''_default_csrfile'"
+$ WRITE OFILE "''_pem_pass_phrase'"
+$ WRITE OFILE "''_pem_pass_phrase'"
+$ ELSE
+$ WRITE OFILE "$ OPENSSL req -new -nodes -config ''SSL_CONF_FILE' -keyout ''_default_keyfile' -out ''_default_csrfile'"
+$ ENDIF
+$ WRITE OFILE ""
+$ WRITE OFILE ""
+$ WRITE OFILE ""
+$ WRITE OFILE ""
+$ WRITE OFILE ""
+$ WRITE OFILE ""
+$ WRITE OFILE ""
+$ CLOSE OFILE
+$!
+$ @SYS$LOGIN:SSL_REQ_'PID'.COM
+$!
+$ DELETE/NOLOG/NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.COM;*
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ SEARCH SYS$LOGIN:SSL_REQ_'PID'.LOG /OUT=SYS$LOGIN:SSL_REQ_'PID'.ERR ":error:"
+$ IF F$SEARCH ("SYS$LOGIN:SSL_REQ_''PID'.ERR") .NES. ""
+$ THEN
+$ IF F$FILE_ATTRIBUTE ("SYS$LOGIN:SSL_REQ_''PID'.ERR","ALQ") .NE. 0
+$ THEN
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.ERR;*
+$ SAY ESC + "[''MSG_ROW';01H''BELL'''CEOS'"
+$ SHOW_FILE "SYS$LOGIN:SSL_REQ_''PID'.LOG" 'X1' 'Y1' 'X2' 'Y2' "< ERROR >"
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.LOG;*
+$ GOTO EXIT
+$ ENDIF
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.ERR;*
+$ ENDIF
+$!
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.LOG;*
+$!
+$ IF F$EDIT (_display_certificate,"TRIM,UPCASE") .EQS. "Y"
+$ THEN
+$ SAY ESC + "[''MSG_ROW';01H", BLNK, " Generating Output ...", NORM, CEOL
+$!
+$ OPEN /WRITE OFILE SYS$LOGIN:SSL_REQ_'PID'.COM
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$ERROR SYS$LOGIN:SSL_REQ_''PID'.LOG"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$OUTPUT SYS$LOGIN:SSL_REQ_''PID'.LOG"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$COMMAND SYS$INPUT"
+$ WRITE OFILE "$ OPENSSL req -noout -text -config ''SSL_CONF_FILE' -in ''_default_csrfile'"
+$ CLOSE OFILE
+$!
+$ @SYS$LOGIN:SSL_REQ_'PID'.COM
+$!
+$ DELETE/NOLOG/NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.COM;*
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ SEARCH SYS$LOGIN:SSL_REQ_'PID'.LOG /OUT=SYS$LOGIN:SSL_REQ_'PID'.ERR ":error:"
+$ IF F$SEARCH ("SYS$LOGIN:SSL_REQ_''PID'.ERR") .NES. ""
+$ THEN
+$ IF F$FILE_ATTRIBUTE ("SYS$LOGIN:SSL_REQ_''PID'.ERR","ALQ") .NE. 0
+$ THEN
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.ERR;*
+$ SAY ESC + "[''MSG_ROW';01H''BELL'''CEOS'"
+$ SHOW_FILE "SYS$LOGIN:SSL_REQ_''PID'.LOG" 'X1' 'Y1' 'X2' 'Y2' "< ERROR >"
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.LOG;*
+$ GOTO EXIT
+$ ENDIF
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.ERR;*
+$ ENDIF
+$!
+$ SAY ESC + "[''MSG_ROW';01H''CEOS'"
+$ SHOW_FILE "SYS$LOGIN:SSL_REQ_''PID'.LOG" 'X1' 'Y1' 'X2' 'Y2' "< ''_default_csrfile' >"
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.LOG;*
+$ GOTO EXIT
+$ ENDIF
+$!
+$ TEXT = "Press return to continue"
+$ COL = (TT_COLS - F$LENGTH (TEXT)) / 2
+$!
+$ SAY ESC + "[''MSG_ROW';01H", CEOS
+$ PROMPT = ESC + "[''MSG_ROW';''COL'H''TEXT'"
+$ ASK "''PROMPT'" OPT
+$!
+$GOTO EXIT
+$!
+$!------------------------------------------------------------------------------
+$! Set the User Data
+$!------------------------------------------------------------------------------
+$!
+$SET_USER_DATA: SUBROUTINE
+$!
+$ IF F$TYPE (SSL_USER_DATA_MAX) .EQS. ""
+$ THEN
+$ SSL_USER_DATA_MAX == 1
+$ ELSE
+$ SSL_USER_DATA_MAX == SSL_USER_DATA_MAX + 1
+$ ENDIF
+$!
+$ SSL_USER_DATA_'SSL_USER_DATA_MAX' == "''P1'"
+$!
+$ EXIT
+$!
+$ ENDSUBROUTINE
+$!
+$!------------------------------------------------------------------------------
+$! Get the User Data
+$!------------------------------------------------------------------------------
+$!
+$GET_USER_DATA: SUBROUTINE
+$!
+$ CTR = 1
+$ USER_KEY = F$ELEMENT (0,"#",P1)
+$ USER_ITM = F$ELEMENT (1,"#",P1)
+$!
+$GET_USER_DATA_LOOP:
+$!
+$ IF CTR .LE. SSL_USER_DATA_MAX
+$ THEN
+$ KEY = F$ELEMENT (0,"#",SSL_USER_DATA_'CTR') ! Key Name
+$ ITM = F$ELEMENT (1,"#",SSL_USER_DATA_'CTR') ! Item Name
+$ VAL = F$ELEMENT (2,"#",SSL_USER_DATA_'CTR') ! Item Value Contains Default or Prompt
+$ DEF = F$ELEMENT (3,"#",SSL_USER_DATA_'CTR') ! Default Value
+$ PRM = F$ELEMENT (4,"#",SSL_USER_DATA_'CTR') ! Prompt Value
+$ IF USER_KEY .NES. KEY .OR. USER_ITM .NES. ITM
+$ THEN
+$ CTR = CTR + 1
+$ GOTO GET_USER_DATA_LOOP
+$ ENDIF
+$ IF VAL .EQS. "-" THEN SSL_USER_DATA == "''DEF'"
+$ IF VAL .EQS. "D" THEN SSL_USER_DATA == "''DEF'"
+$ IF VAL .EQS. "P" THEN SSL_USER_DATA == "''PRM'"
+$ ENDIF
+$!
+$ EXIT
+$!
+$ ENDSUBROUTINE
+$!
+$!------------------------------------------------------------------------------
+$! Delete the User Data
+$!------------------------------------------------------------------------------
+$!
+$DEL_USER_DATA: SUBROUTINE
+$!
+$ IF F$TYPE (SSL_USER_DATA_MAX) .EQS. "" THEN GOTO DEL_USER_DATA_END
+$!
+$DEL_USER_DATA_LOOP:
+$!
+$ IF F$TYPE (SSL_USER_DATA_'SSL_USER_DATA_MAX') .NES. ""
+$ THEN
+$ DELETE /SYMBOL /GLOBAL SSL_USER_DATA_'SSL_USER_DATA_MAX'
+$ SSL_USER_DATA_MAX == SSL_USER_DATA_MAX - 1
+$ GOTO DEL_USER_DATA_LOOP
+$ ENDIF
+$!
+$ DELETE /SYMBOL /GLOBAL SSL_USER_DATA_MAX
+$!
+$DEL_USER_DATA_END:
+$!
+$ IF F$TYPE (SSL_USER_DATA) .NES. "" THEN DELETE /SYMBOL /GLOBAL SSL_USER_DATA
+$!
+$ EXIT
+$!
+$ ENDSUBROUTINE
+$!
+$!------------------------------------------------------------------------------
+$! Display the invalid entry
+$!------------------------------------------------------------------------------
+$!
+$INVALID_ENTRY: SUBROUTINE
+$!
+$ SAY ESC + "[''MSG_ROW';01H", BELL, " Invalid Entry, Try again ...''CEOL'"
+$ Wait 00:00:01.5
+$ SAY ESC + "[''MSG_ROW';01H", CEOL
+$!
+$ EXIT
+$!
+$ ENDSUBROUTINE
+$!
+$!------------------------------------------------------------------------------
+$!
+$!------------------------------------------------------------------------------
+$!
+$EXIT:
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ CLOSE OFILE
+$!
+$ DEL_USER_DATA
+$!
+$ IF F$TYPE (SSL_CONF_DATA) .NES. "" THEN DELETE /SYMBOL /GLOBAL SSL_CONF_DATA
+$!
+$ IF F$GETDVI ("TT:","TT_NOECHO") .AND. .NOT. TT_NOECHO THEN SET TERMINAL /ECHO
+$!
+$ IF F$SEARCH ("SYS$LOGIN:SSL_GENRSA_''PID'.%%%;*") .NES. "" THEN DELETE/NOLOG/NOCONFIRM SYS$LOGIN:SSL_GENRSA_'PID'.%%%;*
+$ IF F$SEARCH ("SYS$LOGIN:SSL_REQ_''PID'.%%%;*") .NES. "" THEN DELETE/NOLOG/NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.%%%;*
+$!
+$ Verify = F$VERIFY (Verify)
+$!
+$ EXIT
diff --git a/VMS/cert_tool/ssl$self_cert.com b/VMS/cert_tool/ssl$self_cert.com
new file mode 100644
index 0000000000..6ccb9e0949
--- /dev/null
+++ b/VMS/cert_tool/ssl$self_cert.com
@@ -0,0 +1,725 @@
+$!
+$!------------------------------------------------------------------------------
+$! SSL$SELF_CERT.COM - SSL Self Signed Certificate procedure
+$!------------------------------------------------------------------------------
+$!
+$ Verify = F$VERIFY (0)
+$ Set NoOn
+$ Set NoControl=Y
+$!
+$!------------------------------------------------------------------------------
+$! Description
+$!------------------------------------------------------------------------------
+$!
+$! This procedure prompts the user through creating a Server Certificate.
+$!
+$! There are no parameters used.
+$!
+$!------------------------------------------------------------------------------
+$! Define symbols
+$!------------------------------------------------------------------------------
+$!
+$ DELETE := DELETE
+$ SAY := WRITE SYS$OUTPUT
+$ ASK := READ SYS$COMMAND /END_OF_FILE=EXIT /PROMPT=
+$ PID = F$GETJPI ("","PID")
+$ TT_NOECHO = F$GETDVI ("TT:","TT_NOECHO")
+$ On Control_Y THEN GOTO EXIT
+$ Set Control=Y
+$!
+$ TT_ROWS = F$GETDVI ("TT:","TT_PAGE")
+$ TT_COLS = F$GETDVI ("TT:","DEVBUFSIZ")
+$!
+$ GET_USER_DATA := CALL GET_USER_DATA
+$ SET_USER_DATA := CALL SET_USER_DATA
+$ DEL_USER_DATA := CALL DEL_USER_DATA
+$ INIT_TERM := @SSL$COM:SSL$INIT_TERM
+$ SHOW_FILE := @SSL$COM:SSL$SHOW_FILE
+$ SSL_CONF_FILE = F$TRNLNM ("SSL$CONF")
+$ GET_CONF_DATA := @SSL$COM:SSL$CONF_UTIL 'SSL_CONF_FILE' GET
+$ SET_CONF_DATA := @SSL$COM:SSL$CONF_UTIL 'SSL_CONF_FILE' SET
+$!
+$ ESC[0,8] = 27 ! Set the Escape Character
+$ BELL[0,8] = 7 ! Ring the terminal Bell
+$ RED = 1 ! Color - Red
+$ FGD = 30 ! Foreground
+$ BGD = 0 ! Background
+$ CSCR = ESC + "[2J" ! Clear the Screen
+$ CEOS = ESC + "[0J" ! Clear to the End of the Screen
+$ CEOL = ESC + "[0K" ! Clear to the End of the Line
+$ NORM = ESC + "[0m" ! Turn Attributes off
+$ BLNK = ESC + "[5m" ! Turn on BLINK Attribute
+$ WIDE = ESC + "#6" ! Turn on WIDE Attribute
+$!
+$!------------------------------------------------------------------------------
+$! Run the SSL setup if it hasn't been run yet
+$!------------------------------------------------------------------------------
+$!
+$ IF F$TRNLNM ("SSL$ROOT") .EQS. ""
+$ THEN
+$ IF F$SEARCH ("SSL$COM:SSL$INIT_ENV.COM") .NES. ""
+$ THEN
+$ @SSL$COM:SSL$INIT_ENV.COM
+$ ELSE
+$ SAY BELL, "Unable to locate SSL$COM:SSL$INIT_ENV.COM ..."
+$ GOTO EXIT
+$ ENDIF
+$ ENDIF
+$!
+$!------------------------------------------------------------------------------
+$! Display the Page Header
+$!------------------------------------------------------------------------------
+$!
+$ INIT_TERM
+$ BCOLOR = BGD
+$ FCOLOR = FGD + RED
+$ COLOR = ESC + "[''BCOLOR';''FCOLOR'm"
+$!
+$ TEXT = "SSL Certificate Tool"
+$ COL = (TT_COLS - (F$LENGTH (TEXT) * 2)) / 4
+$!
+$ SAY ESC + "[01;01H", CSCR
+$ SAY ESC + "[02;''COL'H", COLOR, WIDE, TEXT, NORM
+$!
+$ TEXT = "Create Self-Signed Certificate"
+$ COL = (TT_COLS - F$LENGTH (TEXT)) / 2
+$!
+$ SAY ESC + "[04;01H"
+$ SAY ESC + "[04;''COL'H", COLOR, TEXT, NORM
+$!
+$ ROW = 6
+$ COL = 2
+$ TOP_ROW = ROW
+$ MSG_ROW = TT_ROWS - 1
+$!
+$!------------------------------------------------------------------------------
+$! Initialize the Request Data
+$!------------------------------------------------------------------------------
+$!
+$ IF F$SEARCH ("''SSL_CONF_FILE'") .NES. ""
+$ THEN
+$ SAY ESC + "[''MSG_ROW';01H", BLNK, " Reading Configuration ...", NORM
+$ ELSE
+$ SAY ESC + "[''MSG_ROW';01H", BLNK, " Initializing Configuration ...", NORM
+$ ENDIF
+$!
+$ _request_name = "req"
+$!
+$ _distinguished_name = "REQ_distinguished_name"
+$ _distinguished_name_upd = "Y"
+$!
+$ _default_bits = "1024"
+$ _default_bits_upd = "Y"
+$!
+$ _default_keyfile = "SSL$KEY:SERVER.KEY"
+$ _default_keyfile_upd = "Y"
+$!
+$ _default_crtfile = "SSL$CRT:SERVER.CRT"
+$ _default_crtfile_upd = "Y"
+$!
+$ _countryName_prompt = "Country Name ?"
+$ _countryName_min = "2"
+$ _countryName_max = "2"
+$ _countryName_default = "US"
+$ _countryName_upd = "Y"
+$ _countryName_cnt = 4
+$!
+$ _stateOrProvinceName_prompt = "State or Province Name ?"
+$ _stateOrProvinceName_default = ""
+$ _stateOrProvinceName_upd = "Y"
+$ _stateOrProvinceName_cnt = 2
+$!
+$ _localityName_prompt = "City Name ?"
+$ _localityName_default = ""
+$ _localityName_upd = "Y"
+$ _localityName_cnt = 2
+$!
+$ _0organizationName_prompt = "Organization Name ?"
+$ _0organizationName_default = ""
+$ _0organizationName_upd = "Y"
+$ _0organizationName_cnt = 2
+$!
+$ _organizationalUnitName_prompt = "Organization Unit Name ?"
+$ _organizationalUnitName_default = ""
+$ _organizationalUnitName_upd = "Y"
+$ _organizationalUnitName_cnt = 2
+$!
+$ _commonName_prompt = "Common Name ?"
+$ _commonName_max = "64"
+$ HOSTNAME -s _commonName_default
+$ _commonName_upd = "Y"
+$ _commonName_cnt = 3
+$!
+$ _emailAddress_prompt = "Email Address ?"
+$ _emailAddress_max = "40"
+$ _emailAddress_default = "webmaster@''_commonName_default'"
+$ _emailAddress_upd = "Y"
+$ _emailAddress_cnt = 3
+$!
+$ IF F$SEARCH ("''SSL_CONF_FILE'") .NES. ""
+$ THEN
+$ GET_CONF_DATA "[''_request_name']#distinguished_name"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _distinguished_name = SSL_CONF_DATA
+$ _distinguished_name_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_request_name']#default_bits"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _default_bits = SSL_CONF_DATA
+$ _default_bits_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_request_name']#default_keyfile"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _default_keyfile = F$PARSE (SSL_CONF_DATA,"SSL$ROOT:",,"DEVICE") + -
+ F$PARSE (SSL_CONF_DATA,"[KEY]",,"DIRECTORY") + -
+ F$PARSE (SSL_CONF_DATA,"SERVER",,"NAME") + -
+ F$PARSE (SSL_CONF_DATA,".KEY",,"TYPE")
+$ _default_keyfile_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_request_name']#default_crtfile"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _default_crtfile = F$PARSE (SSL_CONF_DATA,"SSL$ROOT:",,"DEVICE") + -
+ F$PARSE (SSL_CONF_DATA,"[CRT]",,"DIRECTORY") + -
+ F$PARSE (SSL_CONF_DATA,"SERVER",,"NAME") + -
+ F$PARSE (SSL_CONF_DATA,".CRT",,"TYPE")
+$ _default_crtfile_upd = "N"
+$ ENDIF
+$!
+$ CTR = 0
+$ GET_CONF_DATA "[''_distinguished_name']#countryName"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _countryName_prompt = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ GET_CONF_DATA "[''_distinguished_name']#countryName_min"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _countryName_min = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ GET_CONF_DATA "[''_distinguished_name']#countryName_max"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _countryName_max = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ GET_CONF_DATA "[''_distinguished_name']#countryName_default"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _countryName_default = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ IF _countryName_cnt .EQS. CTR THEN _countryName_upd = "N"
+$!
+$ CTR = 0
+$ GET_CONF_DATA "[''_distinguished_name']#stateOrProvinceName"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _stateOrProvinceName_prompt = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ GET_CONF_DATA "[''_distinguished_name']#stateOrProvinceName_default"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _stateOrProvinceName_default = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ IF _stateOrProvinceName_cnt .EQ. CTR THEN _stateOrProvinceName_upd = "N"
+$!
+$ CTR = 0
+$ GET_CONF_DATA "[''_distinguished_name']#localityName"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _localityName_prompt = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ GET_CONF_DATA "[''_distinguished_name']#localityName_default"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _localityName_default = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ IF _localityName_cnt .EQ. CTR THEN _localityName_default_upd = "N"
+$!
+$ CTR = 0
+$ GET_CONF_DATA "[''_distinguished_name']#0.organizationName"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _0organizationName_prompt = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ GET_CONF_DATA "[''_distinguished_name']#0.organizationName_default"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _0organizationName_default = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ IF _0organizationName_cnt .EQ. CTR THEN _0organizationName_default_upd = "N"
+$!
+$ CTR = 0
+$ GET_CONF_DATA "[''_distinguished_name']#organizationalUnitName"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _organizationalUnitName_prompt = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ GET_CONF_DATA "[''_distinguished_name']#organizationalUnitName_default"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _organizationalUnitName_default = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ IF _organizationalUnitName_cnt .EQ. CTR THEN _organizationalUnitName_upd = "N"
+$!
+$ CTR = 0
+$ GET_CONF_DATA "[''_distinguished_name']#commonName"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _commonName_prompt = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ GET_CONF_DATA "[''_distinguished_name']#commonName_max"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _commonName_max = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ GET_CONF_DATA "[''_distinguished_name']#commonName_default"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _commonName_default = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ IF _commonName_cnt .EQ. CTR THEN _commonName_default_upd = "N"
+$!
+$ CTR = 0
+$ GET_CONF_DATA "[''_distinguished_name']#emailAddress"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _emailAddress_prompt = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ GET_CONF_DATA "[''_distinguished_name']#emailAddress_max"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _emailAddress_max = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ GET_CONF_DATA "[''_distinguished_name']#emailAddress_default"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _emailAddress_default = SSL_CONF_DATA
+$ CTR = CTR + 1
+$ ENDIF
+$ IF _emailAddress_cnt .EQ. CTR THEN _emailAddress_default_upd = "N"
+$ ENDIF
+$!
+$ SET_USER_DATA "[]#encrypt_key#-#N#Encrypt Private Key ?#S##1##Y#N"
+$ SET_USER_DATA "[]#pem_pass_phrase#-##PEM Pass Phrase ?#P#1###Y#Y"
+$ SET_USER_DATA "[''_request_name']#default_bits#D#''_default_bits'#Encryption Bits ?#I###''_default_bits_upd'#Y#N"
+$ SET_USER_DATA "[''_request_name']#default_keyfile#D#''_default_keyfile'#Certificate Key File ?#F###''_default_keyfile_upd'#Y#N"
+$ SET_USER_DATA "[''_request_name']#default_crtfile#D#''_default_crtfile'#Certificate File ?#F###''_default_crtfile_upd'#Y#N"
+$ SET_USER_DATA "[''_request_name']#distinguished_name#D#''_distinguished_name'##S###''_distinguished_name_upd'#N#N"
+$ SET_USER_DATA "[''_distinguished_name']#countryName#P#''_countryName_default'#''_countryName_prompt'#S#''_countryName_min'#''#''_countryName_upd'#Y#N"
+$ SET_USER_DATA "[''_distinguished_name']#stateOrProvinceName#P#''_stateOrProvinceName_default'#''_stateOrProvinceName_prompt'####''_stateOrProvinceName_upd'#Y#N"
+$ SET_USER_DATA "[''_distinguished_name']#localityName#P#''_localityName_default'#''_localityName_prompt'#S###''_localityName_upd'#Y#N"
+$ SET_USER_DATA "[''_distinguished_name']#0.organizationName#P#''_0organizationName_default'#''_0organizationName_prompt'#S###''_0organizationalName_upd'#Y#N"
+$ SET_USER_DATA "[''_distinguished_name']#organizationalUnitName#P#''_organizationalUnitName_default'#''_organizationalUnitName_prompt#S###''_organizationalUnitName_upd'#Y#N"
+$ SET_USER_DATA "[''_distinguished_name']#commonName#P#''_commonName_default'#''_commonName_prompt'#S##''_commonName_max'#''_commonName_upd'#Y#N"
+$ SET_USER_DATA "[''_distinguished_name']#emailAddress#P#''_emailAddress_default'#''_emailAddress_prompt'#S##''_emailAddress_max'#''_emailAddress_upd'#Y#N"
+$ SET_USER_DATA "[]#display_certificate#-#N#Display the Certificate ?#S##1##Y#N"
+$!
+$ SAY ESC + "[''MSG_ROW';01H", CEOS
+$!
+$!------------------------------------------------------------------------------
+$! Confirm/Update the SSL Configuration Data
+$!------------------------------------------------------------------------------
+$!
+$ CTR = 1
+$!
+$PROMPT_LOOP:
+$!
+$ IF CTR .LE. SSL_USER_DATA_MAX
+$ THEN
+$ KEY = F$ELEMENT (0,"#",SSL_USER_DATA_'CTR') ! Key Name
+$ ITM = F$ELEMENT (1,"#",SSL_USER_DATA_'CTR') ! Item Name
+$ VAL = F$ELEMENT (2,"#",SSL_USER_DATA_'CTR') ! Item Value Contains Default or Prompt
+$ DEF = F$ELEMENT (3,"#",SSL_USER_DATA_'CTR') ! Default Value
+$ PRM = F$ELEMENT (4,"#",SSL_USER_DATA_'CTR') ! Prompt Value
+$ TYP = F$ELEMENT (5,"#",SSL_USER_DATA_'CTR') ! Value Type
+$ MIN = F$ELEMENT (6,"#",SSL_USER_DATA_'CTR') ! Value Minimum Length
+$ MAX = F$ELEMENT (7,"#",SSL_USER_DATA_'CTR') ! Value Maximum Length
+$ UPD = F$ELEMENT (8,"#",SSL_USER_DATA_'CTR') ! Entry Updated ?
+$ REQ = F$ELEMENT (9,"#",SSL_USER_DATA_'CTR') ! Entry Required for Input ?
+$ CFM = F$ELEMENT (10,"#",SSL_USER_DATA_'CTR')! Confirm Input ?
+$!
+$! The PEM Pass Phrase prompt is dependant on the answer to encrypt the private key
+$!
+$ IF KEY .EQS. "[]" .AND. ITM .EQS. "pem_pass_phrase"
+$ THEN
+$ GET_USER_DATA "[]#encrypt_key"
+$ _encrypt_key = SSL_USER_DATA
+$ IF F$EDIT (_encrypt_key,"UPCASE") .NES. "Y"
+$ THEN
+$ CTR = CTR + 1
+$ GOTO PROMPT_LOOP
+$ ENDIF
+$ ENDIF
+$!
+$ CONFIRMED = 0
+$ IF REQ .EQS. "N"
+$ THEN
+$ CTR = CTR + 1
+$ GOTO PROMPT_LOOP
+$ ENDIF
+$ IF ROW .GT. MSG_ROW - 2
+$ THEN
+$ SAY ESC + "[''TOP_ROW';01H", CEOS
+$ ROW = TOP_ROW
+$ ENDIF
+$!
+$CONFIRM_LOOP:
+$!
+$ IF PRM .EQS. ""
+$ THEN
+$ PROMPT = ESC + "[''ROW';''COL'H''ITM' ? [''DEF'] ''CEOL'"
+$ ELSE
+$ PROMPT = ESC + "[''ROW';''COL'H''PRM' [''DEF'] ''CEOL'"
+$ ENDIF
+$ IF TYP .EQS. "P" THEN SET TERMINAL /NOECHO
+$ ASK "''PROMPT'" ANS /END_OF_FILE=EXIT
+$ IF TYP .EQS. "P" THEN SET TERMINAL /ECHO
+$ ANS = F$EDIT (ANS,"TRIM")
+$ IF ANS .EQS. "" THEN ANS = DEF
+$ IF TYP .EQS. "F"
+$ THEN
+$ ANS = F$PARSE ("''ANS'","''DEF'",,,"SYNTAX_ONLY")
+$ ENDIF
+$ IF TYP .EQS. "I" .AND. F$TYPE (ANS) .NES. "INTEGER"
+$ THEN
+$ CALL INVALID_ENTRY
+$ SAY ESC + "[''ROW';01H", CEOS
+$ GOTO PROMPT_LOOP
+$ ENDIF
+$ IF (TYP .EQS. "S" .OR. TYP .EQS. "P") .AND. -
+ ((MIN .NES. "" .AND. F$LENGTH (ANS) .LT. F$INTEGER(MIN)) .OR. -
+ (MAX .NES. "" .AND. F$LENGTH (ANS) .GT. F$INTEGER(MAX)))
+$ THEN
+$ CALL INVALID_ENTRY
+$ SAY ESC + "[''ROW';01H", CEOS
+$ IF TYP .EQS. "S" THEN GOTO PROMPT_LOOP
+$ IF TYP .EQS. "P" THEN GOTO CONFIRM_LOOP
+$ ENDIF
+$ ROW = ROW + 1
+$ IF CFM .EQS. "Y"
+$ THEN
+$ IF CONFIRMED .EQ. 0
+$ THEN
+$ CONFIRMED = 1
+$ CONFIRMED_ANS = ANS
+$ PRM = "Confirm ''PRM'"
+$ GOTO CONFIRM_LOOP
+$ ELSE
+$ IF ANS .NES. CONFIRMED_ANS
+$ THEN
+$ CALL INVALID_ENTRY
+$ ROW = ROW - 2
+$ SAY ESC + "[''ROW';01H", CEOS
+$ GOTO PROMPT_LOOP
+$ ENDIF
+$ ENDIF
+$ ENDIF
+$ IF ANS .NES. DEF THEN SSL_USER_DATA_'CTR' = "''KEY'#''ITM'#''VAL'#''ANS'#''PRM'#''TYP'#''MIN'#''MAX'#Y#''REQ'#''CFM'"
+$ CTR = CTR + 1
+$ GOTO PROMPT_LOOP
+$ ENDIF
+$!
+$!------------------------------------------------------------------------------
+$! Save the SSL Configuration Data
+$!------------------------------------------------------------------------------
+$!
+$ CTR = 1
+$ SAY ESC + "[''MSG_ROW';01H", BLNK, " Saving Configuration ...", NORM
+$!
+$SAVE_CONF_LOOP:
+$!
+$ IF CTR .LE. SSL_USER_DATA_MAX
+$ THEN
+$ KEY = F$ELEMENT (0,"#",SSL_USER_DATA_'CTR') ! Key Name
+$ ITM = F$ELEMENT (1,"#",SSL_USER_DATA_'CTR') ! Item Name
+$ VAL = F$ELEMENT (2,"#",SSL_USER_DATA_'CTR') ! Item Value Contains Default or Prompt
+$ DEF = F$ELEMENT (3,"#",SSL_USER_DATA_'CTR') ! Default Value
+$ PRM = F$ELEMENT (4,"#",SSL_USER_DATA_'CTR') ! Prompt Value
+$ TYP = F$ELEMENT (5,"#",SSL_USER_DATA_'CTR') ! Value Type
+$ MIN = F$ELEMENT (6,"#",SSL_USER_DATA_'CTR') ! Value Minimum Length
+$ MAX = F$ELEMENT (7,"#",SSL_USER_DATA_'CTR') ! Value Maximum Length
+$ UPD = F$ELEMENT (8,"#",SSL_USER_DATA_'CTR') ! Entry Updated ?
+$ REQ = F$ELEMENT (9,"#",SSL_USER_DATA_'CTR') ! Entry Required for Input ?
+$ CFM = F$ELEMENT (10,"#",SSL_USER_DATA_'CTR')! Confirm Input ?
+$ IF UPD .NES. "Y" .OR. VAL .EQS. "-"
+$ THEN
+$ CTR = CTR + 1
+$ GOTO SAVE_CONF_LOOP
+$ ENDIF
+$ IF VAL .EQS. "D"
+$ THEN
+$ SET_CONF_DATA "''KEY'#''ITM'" "''DEF'"
+$ ELSE
+$ SET_CONF_DATA "''KEY'#''ITM'" "''PRM'"
+$ SET_CONF_DATA "''KEY'#''ITM'_default" "''DEF'"
+$ ENDIF
+$ IF MIN .NES. "" THEN SET_CONF_DATA "''KEY'#''ITM'_min" "''MIN'"
+$ IF MAX .NES. "" THEN SET_CONF_DATA "''KEY'#''ITM'_max" "''MAX'"
+$ CTR = CTR + 1
+$ GOTO SAVE_CONF_LOOP
+$ ENDIF
+$!
+$ PURGE /NOLOG /NOCONFIRM 'SSL_CONF_FILE'
+$ RENAME 'SSL_CONF_FILE'; ;1
+$!
+$ SAY ESC + "[''MSG_ROW';01H", CEOS
+$!
+$!------------------------------------------------------------------------------
+$! Create the Server Certificiate
+$!------------------------------------------------------------------------------
+$!
+$ SAY ESC + "[''MSG_ROW';01H", BLNK, " Creating Self-Signed Certificate ...", NORM
+$!
+$ X1 = 2
+$ Y1 = TOP_ROW
+$ X2 = TT_COLS - 2
+$ Y2 = MSG_ROW - 1
+$!
+$ GET_USER_DATA "[]#encrypt_key"
+$ _encrypt_key = SSL_USER_DATA
+$ IF F$EDIT (_encrypt_key,"UPCASE") .EQS. "Y"
+$ THEN
+$ GET_USER_DATA "[]#pem_pass_phrase"
+$ _pem_pass_phrase = SSL_USER_DATA
+$ ENDIF
+$ GET_USER_DATA "[''_request_name']#default_bits"
+$ _default_bits = SSL_USER_DATA
+$ GET_USER_DATA "[''_request_name']#default_keyfile"
+$ _default_keyfile = SSL_USER_DATA
+$ GET_USER_DATA "[''_request_name']#default_crtfile"
+$ _default_crtfile = SSL_USER_DATA
+$ GET_USER_DATA "[]#display_certificate"
+$ _display_certificate = SSL_USER_DATA
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ SHOW SYSTEM /FULL /OUT=SYS$LOGIN:SSL_REQ_'PID'.RND
+$!
+$ OPEN /WRITE OFILE SYS$LOGIN:SSL_REQ_'PID'.COM
+$ WRITE OFILE "$ DEFINE /USER /NOLOG RANDFILE SYS$LOGIN:SSL_REQ_''PID'.RND"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$ERROR SYS$LOGIN:SSL_REQ_''PID'.LOG"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$OUTPUT SYS$LOGIN:SSL_REQ_''PID'.LOG"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$COMMAND SYS$INPUT"
+$ IF F$EDIT (_encrypt_key,"UPCASE") .EQS. "Y"
+$ THEN
+$ WRITE OFILE "$ OPENSSL req -config ''SSL_CONF_FILE' -new -days 365 -x509 -keyout ''_default_keyfile' -out ''_default_crtfile'"
+$ WRITE OFILE "''_pem_pass_phrase'"
+$ WRITE OFILE "''_pem_pass_phrase'"
+$ ELSE
+$ WRITE OFILE "$ OPENSSL req -config ''SSL_CONF_FILE' -nodes -new -days 365 -x509 -keyout ''_default_keyfile' -out ''_default_crtfile'"
+$ ENDIF
+$ WRITE OFILE ""
+$ WRITE OFILE ""
+$ WRITE OFILE ""
+$ WRITE OFILE ""
+$ WRITE OFILE ""
+$ WRITE OFILE ""
+$ WRITE OFILE ""
+$ CLOSE OFILE
+$!
+$ @SYS$LOGIN:SSL_REQ_'PID'.COM
+$!
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.COM;*
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ SEARCH SYS$LOGIN:SSL_REQ_'PID'.LOG /OUT=SYS$LOGIN:SSL_REQ_'PID'.ERR ":error:"
+$ IF F$SEARCH ("SYS$LOGIN:SSL_REQ_''PID'.ERR") .NES. ""
+$ THEN
+$ IF F$FILE_ATTRIBUTE ("SYS$LOGIN:SSL_REQ_''PID'.ERR","ALQ") .NE. 0
+$ THEN
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.ERR;*
+$ SAY ESC + "[''MSG_ROW';01H''BELL'''CEOS'"
+$ SHOW_FILE "SYS$LOGIN:SSL_REQ_''PID'.LOG" 'X1' 'Y1' 'X2' 'Y2' "< ERROR >"
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.LOG;*
+$ GOTO EXIT
+$ ENDIF
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.ERR;*
+$ ENDIF
+$!
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.LOG;*
+$!
+$ IF F$EDIT (_display_certificate,"TRIM,UPCASE") .EQS. "Y"
+$ THEN
+$ SAY ESC + "[''MSG_ROW';01H", BLNK, " Generating Output ...", NORM, CEOL
+$!
+$ OPEN /WRITE OFILE SYS$LOGIN:SSL_X509_'PID'.COM
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$ERROR SYS$LOGIN:SSL_X509_''PID'.LOG"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$OUTPUT SYS$LOGIN:SSL_X509_''PID'.LOG"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$COMMAND SYS$INPUT"
+$ WRITE OFILE "$ OPENSSL x509 -noout -text -in ''_default_crtfile'"
+$ CLOSE OFILE
+$!
+$ @SYS$LOGIN:SSL_X509_'PID'.COM
+$!
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_X509_'PID'.COM;*
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ SEARCH SYS$LOGIN:SSL_X509_'PID'.LOG /OUT=SYS$LOGIN:SSL_X509_'PID'.ERR ":error:"
+$ IF F$SEARCH ("SYS$LOGIN:SSL_X509_''PID'.ERR") .NES. ""
+$ THEN
+$ IF F$FILE_ATTRIBUTE ("SYS$LOGIN:SSL_X509_''PID'.ERR","ALQ") .NE. 0
+$ THEN
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_X509_'PID'.ERR;*
+$ SAY ESC + "[''MSG_ROW';01H''BELL'''CEOS'"
+$ SHOW_FILE "SYS$LOGIN:SSL_X509_''PID'.LOG" 'X1' 'Y1' 'X2' 'Y2' "< ERROR >"
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_X509_'PID'.LOG;*
+$ GOTO EXIT
+$ ENDIF
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_X509_'PID'.ERR;*
+$ ENDIF
+$!
+$ SAY ESC + "[''MSG_ROW';01H''CEOS'"
+$ SHOW_FILE "SYS$LOGIN:SSL_X509_''PID'.LOG" 'X1' 'Y1' 'X2' 'Y2' "< ''_default_crtfile' >"
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_X509_'PID'.LOG;*
+$ GOTO EXIT
+$ ENDIF
+$!
+$ TEXT = "Press return to continue"
+$ COL = (TT_COLS - F$LENGTH (TEXT)) / 2
+$!
+$ SAY ESC + "[''MSG_ROW';01H", CEOS
+$ PROMPT = ESC + "[''MSG_ROW';''COL'H''TEXT'"
+$ ASK "''PROMPT'" OPT
+$!
+$GOTO EXIT
+z$!
+$!------------------------------------------------------------------------------
+$! Set the User Data
+$!------------------------------------------------------------------------------
+$!
+$SET_USER_DATA: SUBROUTINE
+$!
+$ IF F$TYPE (SSL_USER_DATA_MAX) .EQS. ""
+$ THEN
+$ SSL_USER_DATA_MAX == 1
+$ ELSE
+$ SSL_USER_DATA_MAX == SSL_USER_DATA_MAX + 1
+$ ENDIF
+$!
+$ SSL_USER_DATA_'SSL_USER_DATA_MAX' == "''P1'"
+$!
+$ EXIT
+$!
+$ ENDSUBROUTINE
+$!
+$!------------------------------------------------------------------------------
+$! Find the Request Data
+$!------------------------------------------------------------------------------
+$!
+$GET_USER_DATA: SUBROUTINE
+$!
+$ CTR = 1
+$ USER_KEY = F$ELEMENT (0,"#",P1)
+$ USER_ITM = F$ELEMENT (1,"#",P1)
+$!
+$GET_USER_DATA_LOOP:
+$!
+$ IF CTR .LE. SSL_USER_DATA_MAX
+$ THEN
+$ KEY = F$ELEMENT (0,"#",SSL_USER_DATA_'CTR') ! Key Name
+$ ITM = F$ELEMENT (1,"#",SSL_USER_DATA_'CTR') ! Item Name
+$ VAL = F$ELEMENT (2,"#",SSL_USER_DATA_'CTR') ! Item Value Contains Default or Prompt
+$ DEF = F$ELEMENT (3,"#",SSL_USER_DATA_'CTR') ! Default Value
+$ PRM = F$ELEMENT (4,"#",SSL_USER_DATA_'CTR') ! Prompt Value
+$ IF USER_KEY .NES. KEY .OR. USER_ITM .NES. ITM
+$ THEN
+$ CTR = CTR + 1
+$ GOTO GET_USER_DATA_LOOP
+$ ENDIF
+$ IF VAL .EQS. "-" THEN SSL_USER_DATA == "''DEF'"
+$ IF VAL .EQS. "D" THEN SSL_USER_DATA == "''DEF'"
+$ IF VAL .EQS. "P" THEN SSL_USER_DATA == "''PRM'"
+$ ENDIF
+$!
+$ EXIT
+$!
+$ ENDSUBROUTINE
+$!
+$!------------------------------------------------------------------------------
+$! Delete the User Data
+$!------------------------------------------------------------------------------
+$!
+$DEL_USER_DATA: SUBROUTINE
+$!
+$ IF F$TYPE (SSL_USER_DATA_MAX) .EQS. "" THEN GOTO DEL_USER_DATA_END
+$!
+$DEL_USER_DATA_LOOP:
+$!
+$ IF F$TYPE (SSL_USER_DATA_'SSL_USER_DATA_MAX') .NES. ""
+$ THEN
+$ DELETE /SYMBOL /GLOBAL SSL_USER_DATA_'SSL_USER_DATA_MAX'
+$ SSL_USER_DATA_MAX == SSL_USER_DATA_MAX - 1
+$ GOTO DEL_USER_DATA_LOOP
+$ ENDIF
+$!
+$ DELETE /SYMBOL /GLOBAL SSL_USER_DATA_MAX
+$!
+$DEL_USER_DATA_END:
+$!
+$ IF F$TYPE (SSL_USER_DATA) .NES. "" THEN DELETE /SYMBOL /GLOBAL SSL_USER_DATA
+$!
+$ EXIT
+$!
+$ ENDSUBROUTINE
+$!
+$!------------------------------------------------------------------------------
+$! Display the invalid entry
+$!------------------------------------------------------------------------------
+$!
+$INVALID_ENTRY: SUBROUTINE
+$!
+$ SAY ESC + "[''MSG_ROW';01H", BELL, " Invalid Entry, Try again ...''CEOL'"
+$ Wait 00:00:01.5
+$ SAY ESC + "[''MSG_ROW';01H", CEOL
+$!
+$ EXIT
+$!
+$ ENDSUBROUTINE
+$!
+$!------------------------------------------------------------------------------
+$!
+$!------------------------------------------------------------------------------
+$!
+$EXIT:
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ CLOSE OFILE
+$!
+$ DEL_USER_DATA
+$!
+$ IF F$TYPE (SSL_CONF_DATA) .NES. "" THEN DELETE /SYMBOL /GLOBAL SSL_CONF_DATA
+$!
+$ IF F$GETDVI ("TT:","TT_NOECHO") .AND. .NOT. TT_NOECHO THEN SET TERMINAL /ECHO
+$!
+$ IF F$SEARCH ("SYS$LOGIN:SSL_REQ_''PID'.%%%;*") .NES. "" THEN DELETE/NOLOG/NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.%%%;*
+$ IF F$SEARCH ("SYS$LOGIN:SSL_X509_''PID'.%%%;*") .NES. "" THEN DELETE/NOLOG/NOCONFIRM SYS$LOGIN:SSL_X509_'PID'.%%%;*
+$!
+$ Verify = F$VERIFY (Verify)
+$!
+$ EXIT
diff --git a/VMS/cert_tool/ssl$show_file.com b/VMS/cert_tool/ssl$show_file.com
new file mode 100644
index 0000000000..a8eecbebed
--- /dev/null
+++ b/VMS/cert_tool/ssl$show_file.com
@@ -0,0 +1,205 @@
+$!
+$!------------------------------------------------------------------------------
+$! SSL$SHOW_FILE.COM - SSL Show File procedure
+$!------------------------------------------------------------------------------
+$!
+$ Verify = F$VERIFY (0)
+$ Set NoOn
+$ Set NoControl=Y
+$!
+$!------------------------------------------------------------------------------
+$! Description
+$!------------------------------------------------------------------------------
+$!
+$! This procedure display the contents of a given file in a box size specified.
+$!
+$! The parameters used are:
+$!
+$! P1 - File to View
+$! P2 - X1 coordinate
+$! P3 - Y1 coordinate
+$! P4 - X2 coordinate
+$! P5 - Y3 coordinate
+$! P6 - File Box Title (Optional)
+$!
+$!------------------------------------------------------------------------------
+$! Define symbols
+$!------------------------------------------------------------------------------
+$!
+$ SAY := WRITE SYS$OUTPUT
+$ ASK := READ SYS$COMMAND /END_OF_FILE=EXIT /PROMPT=
+$ On Control_Y THEN GOTO EXIT
+$ Set Control=Y
+$!
+$ DRAW_BOX := @SSL$COM:SSL$DRAW_BOX
+$ FILL_BOX := @SSL$COM:SSL$FILL_BOX
+$!
+$ ESC[0,8] = 27 ! Set the Escape Character
+$ CEOL = ESC + "[0K" ! Clear to the End of the Line
+$ NORM = ESC + "[0m" ! Turn Attributes off
+$ BOLD = ESC + "[1m" ! Turn on BOLD Attribute
+$!
+$!------------------------------------------------------------------------------
+$! Display the Page Header
+$!------------------------------------------------------------------------------
+$!
+$ REC_MAX = 0
+$ OPEN /READ IFILE 'P1'
+$!
+$READ_LOOP:
+$!
+$ READ /END_OF_FILE=READ_END IFILE IREC
+$ REC_MAX = REC_MAX + 1
+$ REC_'REC_MAX' = IREC
+$ GOTO READ_LOOP
+$!
+$READ_END:
+$!
+$ CLOSE IFILE
+$!
+$ IF REC_MAX .EQ. 0
+$ THEN
+$ DRAW_BOX 'P2' 'P3' 'P4' 'P5' "''P6'" " ** End-of-File **, Press Return to Exit "
+$ INPUT_ROW = P5 + 1
+$ PROMPT = ESC + "[''INPUT_ROW';01H ''CEOL'"
+$ ASK "''PROMPT'" OPT
+$ GOTO EXIT
+$ ENDIF
+$!
+$ COL = P2 + 2
+$ ROW = P3 + 2
+$ TOP_ROW = ROW
+$ INPUT_ROW = P5 + 1
+$ BOX_WIDTH = P4 - (P2 + 2)
+$ BOX_HEIGHT = P5 - (P3 + 3)
+$!
+$ REC_CTR = 1
+$ PAGE_CTR = 1
+$ PAGE_'PAGE_CTR'_REC_CTR = REC_CTR
+$ RECS_PER_PAGE = BOX_HEIGHT
+$ PAGE_MAX = REC_MAX / RECS_PER_PAGE
+$ IF PAGE_MAX * RECS_PER_PAGE .LT. REC_MAX THEN PAGE_MAX = PAGE_MAX + 1
+$!
+$ DRAW_BOX 'P2' 'P3' 'P4' 'P5' "''P6'" " Enter B for Back, N for Next, Ctrl-Z to Exit "
+$ PAGE_TXT = F$FAO (" Page !UL of !UL ", PAGE_CTR, PAGE_MAX)
+$ _COL = P2 + (BOX_WIDTH - F$LENGTH (PAGE_TXT)) + 2
+$ SAY ESC + "[''P3';''_COL'H''BOLD'''PAGE_TXT'''NORM'"
+$!
+$DISPLAY_LOOP:
+$!
+$ IF REC_CTR .LE. REC_MAX .AND. F$TYPE (REC_'REC_CTR') .NES. ""
+$ THEN
+$ REC = REC_'REC_CTR'
+$ ENDIF
+$ WRAP_IN_PROGRESS = 0
+$!
+$WRAP_LOOP:
+$!
+$ IF ROW .LE. (P5 - 2) .AND. -
+ REC_CTR .LE. PAGE_CTR * RECS_PER_PAGE
+$ THEN
+$ IF F$LENGTH (REC) .GT. BOX_WIDTH
+$ THEN
+$ IF WRAP_IN_PROGRESS .EQ. 0
+$ THEN
+$ WRAP_IN_PROGRESS = 1
+$ _COL = COL
+$ ELSE
+$ _COL = COL - 1
+$ ENDIF
+$ REC_SEG = F$EXTRACT (0, BOX_WIDTH, REC)
+$ SAY ESC + "[''ROW';''_COL'H", REC_SEG
+$ REC = ">" + F$EXTRACT (BOX_WIDTH, F$LENGTH (REC)-BOX_WIDTH, REC)
+$ ROW = ROW + 1
+$ GOTO WRAP_LOOP
+$ ELSE
+$ IF REC_CTR .LE. REC_MAX .AND. F$TYPE (REC_'REC_CTR') .NES. ""
+$ THEN
+$ IF WRAP_IN_PROGRESS .EQ. 1
+$ THEN
+$ _COL = COL - 1
+$ ELSE
+$ _COL = COL
+$ ENDIF
+$ SAY ESC + "[''ROW';''_COL'H", REC
+$ ENDIF
+$ ENDIF
+$ ELSE
+$!
+$RETRY:
+$!
+$ PROMPT = ESC + "[''INPUT_ROW';01H ''CEOL'"
+$ ASK "''PROMPT'" OPT
+$ IF F$EDIT (OPT,"TRIM,UPCASE") .NES. "B" .AND. -
+ F$EDIT (OPT,"TRIM,UPCASE") .NES. "N"
+$ THEN
+$ CALL INVALID_ENTRY
+$ GOTO RETRY
+$ ENDIF
+$ IF F$EDIT (OPT,"TRIM,UPCASE") .EQS. "B"
+$ THEN
+$ IF PAGE_CTR .GT. 1
+$ THEN
+$ ROW = TOP_ROW
+$ PAGE_CTR = PAGE_CTR - 1
+$ REC_CTR = PAGE_'PAGE_CTR'_REC_CTR
+$ PAGE_TXT = F$FAO (" Page !UL of !UL ", PAGE_CTR, PAGE_MAX)
+$ _COL = P2 + (BOX_WIDTH - F$LENGTH (PAGE_TXT)) + 2
+$ SAY ESC + "[''P3';''_COL'H''BOLD'''PAGE_TXT'''NORM'"
+$ FILL_BOX 'P2' 'P3' 'P4' 'P5'
+$ GOTO DISPLAY_LOOP
+$ ELSE
+$ CALL INVALID_ENTRY
+$ GOTO RETRY
+$ ENDIF
+$ ENDIF
+$ IF F$EDIT (OPT,"TRIM,UPCASE") .EQS. "N"
+$ THEN
+$ IF PAGE_CTR .LT. PAGE_MAX
+$ THEN
+$ PAGE_CTR = PAGE_CTR + 1
+$ PAGE_'PAGE_CTR'_REC_CTR = REC_CTR
+$ PAGE_TXT = F$FAO (" Page !UL of !UL ", PAGE_CTR, PAGE_MAX)
+$ _COL = P2 + (BOX_WIDTH - F$LENGTH (PAGE_TXT)) + 2
+$ SAY ESC + "[''P3';''_COL'H''BOLD'''PAGE_TXT'''NORM'"
+$ FILL_BOX 'P2' 'P3' 'P4' 'P5'
+$ ELSE
+$ CALL INVALID_ENTRY
+$ GOTO RETRY
+$ ENDIF
+$ ENDIF
+$ FILL_BOX 'P2' 'P3' 'P4' 'P5'
+$ ROW = TOP_ROW
+$ GOTO WRAP_LOOP
+$ ENDIF
+$ REC_CTR = REC_CTR + 1
+$ ROW = ROW + 1
+$ GOTO DISPLAY_LOOP
+$!
+$!------------------------------------------------------------------------------
+$! Display the invalid entry
+$!------------------------------------------------------------------------------
+$!
+$INVALID_ENTRY: SUBROUTINE
+$!
+$ SAY ESC + "[''INPUT_ROW';01H", BELL, " Invalid Entry, Try again ...''CEOL'"
+$ Wait 00:00:01.5
+$ SAY ESC + "[''INPUT_ROW';01H", CEOL
+$!
+$ EXIT
+$!
+$ ENDSUBROUTINE
+$!
+$!------------------------------------------------------------------------------
+$! Exit
+$!------------------------------------------------------------------------------
+$!
+$EXIT:
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ CLOSE IFILE
+$!
+$ Verify = F$VERIFY (Verify)
+$!
+$ EXIT
diff --git a/VMS/cert_tool/ssl$sign_cert.com b/VMS/cert_tool/ssl$sign_cert.com
new file mode 100644
index 0000000000..0413b84a32
--- /dev/null
+++ b/VMS/cert_tool/ssl$sign_cert.com
@@ -0,0 +1,759 @@
+$!
+$!------------------------------------------------------------------------------
+$! SSL$SIGN_CERT.COM - SSL Sign Certificate Request procedure
+$!------------------------------------------------------------------------------
+$!
+$ Verify = F$VERIFY (0)
+$ Set NoOn
+$ Set NoControl=Y
+$!
+$!------------------------------------------------------------------------------
+$! Description
+$!------------------------------------------------------------------------------
+$!
+$! This procedure prompts the user through creating a Server Certificate.
+$!
+$! There are no parameters used.
+$!
+$!------------------------------------------------------------------------------
+$! Define symbols
+$!------------------------------------------------------------------------------
+$!
+$ DELETE := DELETE
+$ SAY := WRITE SYS$OUTPUT
+$ ASK := READ SYS$COMMAND /END_OF_FILE=EXIT /PROMPT=
+$ PID = F$GETJPI ("","PID")
+$ TT_NOECHO = F$GETDVI ("TT:","TT_NOECHO")
+$ On Control_Y THEN GOTO EXIT
+$ Set Control=Y
+$!
+$ TT_ROWS = F$GETDVI ("TT:","TT_PAGE")
+$ TT_COLS = F$GETDVI ("TT:","DEVBUFSIZ")
+$!
+$ GET_USER_DATA := CALL GET_USER_DATA
+$ SET_USER_DATA := CALL SET_USER_DATA
+$ DEL_USER_DATA := CALL DEL_USER_DATA
+$ INIT_TERM := @SSL$COM:SSL$INIT_TERM
+$ SHOW_FILE := @SSL$COM:SSL$SHOW_FILE
+$ SSL_CONF_FILE = F$TRNLMN ("SSL$CA_CONF")
+$ GET_CONF_DATA := @SSL$COM:SSL$CONF_UTIL 'SSL_CONF_FILE' GET
+$ SET_CONF_DATA := @SSL$COM:SSL$CONF_UTIL 'SSL_CONF_FILE' SET
+$!
+$ ESC[0,8] = 27 ! Set the Escape Character
+$ BELL[0,8] = 7 ! Ring the terminal Bell
+$ RED = 1 ! Color - Red
+$ FGD = 30 ! Foreground
+$ BGD = 0 ! Background
+$ CSCR = ESC + "[2J" ! Clear the Screen
+$ CEOS = ESC + "[0J" ! Clear to the End of the Screen
+$ CEOL = ESC + "[0K" ! Clear to the End of the Line
+$ NORM = ESC + "[0m" ! Turn Attributes off
+$ BLNK = ESC + "[5m" ! Turn on BLINK Attribute
+$ WIDE = ESC + "#6" ! Turn on WIDE Attribute
+$!
+$!------------------------------------------------------------------------------
+$! Run the SSL setup if it hasn't been run yet
+$!------------------------------------------------------------------------------
+$!
+$ IF F$TRNLNM ("SSL$ROOT") .EQS. ""
+$ THEN
+$ IF F$SEARCH ("SSL$COM:SSL$INIT_ENV.COM") .NES. ""
+$ THEN
+$ @SSL$COM:SSL$INIT_ENV.COM
+$ ELSE
+$ SAY BELL, "Unable to locate SSL$COM:SSL$INIT_ENV.COM ..."
+$ GOTO EXIT
+$ ENDIF
+$ ENDIF
+$!
+$!------------------------------------------------------------------------------
+$! Display the Page Header
+$!------------------------------------------------------------------------------
+$!
+$ INIT_TERM
+$ BCOLOR = BGD
+$ FCOLOR = FGD + RED
+$ COLOR = ESC + "[''BCOLOR';''FCOLOR'm"
+$!
+$ TEXT = "SSL Certificate Tool"
+$ COL = (TT_COLS - (F$LENGTH (TEXT) * 2)) / 4
+$!
+$ SAY ESC + "[01;01H", CSCR
+$ SAY ESC + "[02;''COL'H", COLOR, WIDE, TEXT, NORM
+$!
+$ TEXT = "Sign Certificate Request"
+$ COL = (TT_COLS - F$LENGTH (TEXT)) / 2
+$!
+$ SAY ESC + "[04;01H"
+$ SAY ESC + "[04;''COL'H", COLOR, TEXT, NORM
+$!
+$ CTR = 1
+$ ROW = 6
+$ COL = 2
+$ TOP_ROW = ROW
+$ MSG_ROW = TT_ROWS - 1
+$!
+$!------------------------------------------------------------------------------
+$! Initialize the Request Data
+$!------------------------------------------------------------------------------
+$!
+$ IF F$SEARCH ("''SSL_CONF_FILE'") .NES. ""
+$ THEN
+$ SAY ESC + "[''MSG_ROW';01H", BLNK, " Reading Configuration ...", NORM
+$ ELSE
+$ SAY ESC + "[''MSG_ROW';01H", BLNK, " Initializing Configuration ...", NORM
+$ ENDIF
+$!
+$ _ca = "ca"
+$!
+$ _default_ca = "CA_default_ca"
+$ _default_ca_upd = "Y"
+$!
+$ _default_serfile = "SSL$DB:SERIAL.TXT"
+$ _default_serfile_upd = "Y"
+$!
+$ _default_idxfile = "SSL$DB:INDEX.TXT"
+$ _default_idxfile_upd = "Y"
+$!
+$ _default_crtfile = "SSL$CRT:SERVER_CA.CRT"
+$ _default_crtfile_upd = "Y"
+$!
+$ _default_keyfile = "SSL$KEY:SERVER_CA.KEY"
+$ _default_keyfile_upd = "Y"
+$!
+$ _default_csrfile = "SSL$CSR:SERVER.CSR"
+$ _default_csrfile_upd = "Y"
+$!
+$ _default_sgnfile = "SSL$CRT:SIGNED.CRT"
+$ _default_sgnfile_upd = "Y"
+$!
+$ _default_newcert = "SSL$CRT"
+$ _default_newcert_upd = "Y"
+$!
+$ _default_md = "md5"
+$ _default_md_upd = "Y"
+$!
+$ _default_days = "365"
+$ _default_days_upd = "Y"
+$!
+$ _default_policy = "policy_anything"
+$ _default_policy_upd = "Y"
+$!
+$ _policy_countryName = "optional"
+$ _policy_countryName_upd = "Y"
+$!
+$ _policy_stateOrProvinceName = "optional"
+$ _policy_stateOrProvinceName_upd = "Y"
+$!
+$ _policy_localityName = "optional"
+$ _policy_localityName_upd = "Y"
+$!
+$ _policy_organizationName = "optional"
+$ _policy_organizationName_upd = "Y"
+$!
+$ _policy_organizationalUnitName = "optional"
+$ _policy_organizationalUnitName_upd = "Y"
+$!
+$ _policy_commonName = "supplied"
+$ _policy_commonName_upd = "Y"
+$!
+$ _policy_emailAddress = "optional"
+$ _policy_emailAddress_upd = "Y"
+$!
+$ _default_x509_extensions = "CA_x509_extensions"
+$ _default_x509_extensions_upd = "Y"
+$!
+$ _x509_basicContraints = "CA:FALSE"
+$ _x509_basicContraints_upd = "Y"
+$!
+$ _x509_nsCertType = "client,email,objsign,server"
+$ _x509_nsCertType_upd = "Y"
+$!
+$ _x509_nsComment = "SSL Generated Certificate"
+$ _x509_nsComment_upd = "Y"
+$!
+$ _x509_subjectKeyIdentifier = "hash"
+$ _x509_subjectKeyIdentifier_upd = "Y"
+$!
+$ _x509_authorityKeyIdentifier = "keyid,issuer:always"
+$ _x509_authorityKeyIdentifier_upd = "Y"
+$!
+$ IF F$SEARCH ("''SSL_CONF_FILE'") .NES. ""
+$ THEN
+$ GET_CONF_DATA "[''_ca']#default_ca"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _default_ca = SSL_CONF_DATA
+$ _default_ca_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_default_ca']#serial"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _default_serfile = F$PARSE (SSL_CONF_DATA,"SSL$ROOT:",,"DEVICE") + -
+ F$PARSE (SSL_CONF_DATA,"[DB]",,"DIRECTORY") + -
+ F$PARSE (SSL_CONF_DATA,"SERIAL",,"NAME") + -
+ F$PARSE (SSL_CONF_DATA,".TXT",,"TYPE")
+$ _default_serfile_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_default_ca']#database"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _default_idxfile = F$PARSE (SSL_CONF_DATA,"SSL$ROOT:",,"DEVICE") + -
+ F$PARSE (SSL_CONF_DATA,"[DB]",,"DIRECTORY") + -
+ F$PARSE (SSL_CONF_DATA,"INDEX",,"NAME") + -
+ F$PARSE (SSL_CONF_DATA,".TXT",,"TYPE")
+$ _default_idxfile_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_default_ca']#certificate"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _default_crtfile = F$PARSE (SSL_CONF_DATA,"SSL$ROOT:",,"DEVICE") + -
+ F$PARSE (SSL_CONF_DATA,"[CRT]",,"DIRECTORY") + -
+ F$PARSE (SSL_CONF_DATA,"SERVER_CA",,"NAME") + -
+ F$PARSE (SSL_CONF_DATA,".CRT",,"TYPE")
+$ _default_crtfile_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_default_ca']#private_key"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _default_keyfile = F$PARSE (SSL_CONF_DATA,"SSL$ROOT:",,"DEVICE") + -
+ F$PARSE (SSL_CONF_DATA,"[KEY]",,"DIRECTORY") + -
+ F$PARSE (SSL_CONF_DATA,"SERVER_CA",,"NAME") + -
+ F$PARSE (SSL_CONF_DATA,".KEY",,"TYPE")
+$ _default_keyfile_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_default_ca']#new_certs_dir"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _default_newcert = SSL_CONF_DATA
+$ _default_newcert_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_default_ca']#default_md"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _default_md = SSL_CONF_DATA
+$ _default_md_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_default_ca']#default_days"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _default_days = SSL_CONF_DATA
+$ _default_days_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_default_ca']#policy"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _default_policy = SSL_CONF_DATA
+$ _default_policy_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_default_policy']#countryName"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _policy_countryName = SSL_CONF_DATA
+$ _policy_countryName_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_default_policy']#stateOrProvinceName"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _policy_stateOrProvinceName = SSL_CONF_DATA
+$ _policy_stateOrProvinceName_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_default_policy']#localityName"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _policy_localityName = SSL_CONF_DATA
+$ _policy_localityName_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_default_policy']#organizationName"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _policy_organizationName = SSL_CONF_DATA
+$ _policy_organizationName_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_default_policy']#organizationalUnitName"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _policy_organizationalUnitName = SSL_CONF_DATA
+$ _policy_organizationalUnitName_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_default_policy']#commonName"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _policy_commonName = SSL_CONF_DATA
+$ _policy_commonName_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_default_policy']#emailAddress"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _policy_emailAddress = SSL_CONF_DATA
+$ _policy_emailAddress_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_default_ca']#x509_extensions"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _default_x509_extensions = SSL_CONF_DATA
+$ _default_x509_extensions_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_default_x509_extensions']#basicConstraints"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _x509_basicConstraints = SSL_CONF_DATA
+$ _x509_basicConstraints_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_default_x509_extensions']#nsCertType"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _x509_nsCertType = SSL_CONF_DATA
+$ _x509_nsCertType_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_default_x509_extensions']#nsComment"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _x509_nsComment = SSL_CONF_DATA
+$ _x509_nsComment_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_default_x509_extensions']#subjectKeyIdentifier"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _x509_subjectKeyIdentifier = SSL_CONF_DATA
+$ _x509_subjectKeyIdentifier_upd = "N"
+$ ENDIF
+$!
+$ GET_CONF_DATA "[''_default_x509_extensions']#authorityKeyIdentifier"
+$ IF SSL_CONF_DATA .NES. ""
+$ THEN
+$ _x509_authorityKeyIdentifier = SSL_CONF_DATA
+$ _x509_authorityKeyIdentifier_upd = "N"
+$ ENDIF
+$ ENDIF
+$!
+$ SET_USER_DATA "[''_ca']#default_ca#D#''_default_ca'##S###''_default_ca_upd'#N#N"
+$ SET_USER_DATA "[''_default_ca']#serial#D#''_default_serfile'#Serial File ?#F###''_default_serfile_upd'#N#N"
+$ SET_USER_DATA "[''_default_ca']#database#D#''_default_idxfile'#Database File ?#F###''_default_idxfile_upd'#N#N"
+$ SET_USER_DATA "[''_default_ca']#certificate#D#''_default_crtfile'#CA Certificate File ?#F###''_default_crtfile_upd'#Y#N"
+$ SET_USER_DATA "[''_default_ca']#private_key#D#''_default_keyfile'#CA Certificate Key File ?#F###''_default_keyfile_upd'#Y#N"
+$ SET_USER_DATA "[]#default_csrfile#-#''_default_csrfile'#Certificate Request File ?#F###''_default_csrfile_upd'#Y#N"
+$ SET_USER_DATA "[]#default_sgnfile#-#''_default_sgnfile'#Signed Certificate File ?#F###''_default_sgnfile_upd'#Y#N"
+$ SET_USER_DATA "[''_default_ca']#new_certs_dir#D#''_default_newcert'#New Certificate Directory ?#S###''_default_newcert_upd'#N#N"
+$ SET_USER_DATA "[''_default_ca']#default_md#D#''_default_md'#Default Digest ?#I###''_default_md_upd'#N#N"
+$ SET_USER_DATA "[''_default_ca']#default_days#D#''_default_days'#Default Days ?#I###''_default_days_upd'#Y#N"
+$ SET_USER_DATA "[''_default_ca']#policy#D#''_default_policy'#Default Policy ?#S###''_default_policy_upd'#N#N"
+$ SET_USER_DATA "[''_default_policy']#countryName#D#''_policy_countryName'#Country Name Policy ?#S###''_policy_countryName_upd'#N#N"
+$ SET_USER_DATA "[''_default_policy']#stateOrProvinceName#D#''_policy_stateOrProvinceName'#State or Province Name Policy ?#S###''_policy_stateOrProvinceName_upd'#N#N"
+$ SET_USER_DATA "[''_default_policy']#localityName#D#''_policy_localityName'#Locality Name Policy ?#S###''_policy_localityName_upd'#N#N"
+$ SET_USER_DATA "[''_default_policy']#organizationName#D#''_policy_organizationName'#Organization Name Policy ?#S###''_policy_organizationName_upd'#N#N"
+$ SET_USER_DATA "[''_default_policy']#organizationalUnitName#D#''_policy_organizationalUnitName'#Organization Unit Name Policy ?#S###''_policy_organizationalUnitName_upd'#N#N"
+$ SET_USER_DATA "[''_default_policy']#commonName#D#''_policy_commonName'#Common Name Policy ?#S###''_policy_commonName_upd'#N#N"
+$ SET_USER_DATA "[''_default_policy']#emailAddress#D#''_policy_emailAddress'#Email Address Policy ?#S###''_policy_emailAddress_upd'#N#N"
+$ SET_USER_DATA "[''_default_ca']#x509_extensions#D#''_default_x509_extensions'#X509 Extensions ?#S###''_default_x509_extensions_upd'#N#N"
+$ SET_USER_DATA "[''_default_x509_extensions']#basicConstraints#D#''_x509_basicConstraints'#X509 Basic Constraints ?#S###''_x509_basicConstraints_upd'#N#N"
+$ SET_USER_DATA "[''_default_x509_extensions']#nsCertType#D#''_x509_nsCertType'#X509 NS Cert Type ?#S###''_x509_nsCertType_upd'#N#N"
+$ SET_USER_DATA "[''_default_x509_extensions']#nsComment#D#''_x509_nsComment'#X509 NS Comment ?#S###''_x509_nsComment_upd'#N#N"
+$ SET_USER_DATA "[''_default_x509_extensions']#subjectKeyIdentifier#D#''_x509_subjectKeyIdentifier'#X509 Subject Key Identifier ?#S###''_x509_subjectKeyIdentifier_upd'#N#N"
+$ SET_USER_DATA "[''_default_x509_extensions']#authorityKeyIdentifier#D#''_x509_authorityKeyIdentifier'#X509 Authority Key Identifier ?#S###''_x509_authorityKeyIdentifier_upd'#N#N"
+$ SET_USER_DATA "[]#pem_pass_phrase#-##PEM Pass Phrase ?#P#1###Y#N"
+$ SET_USER_DATA "[]#display_certificate#-#N#Display the Certificate ?#S##1##Y#N"
+$!
+$ SAY ESC + "[''MSG_ROW';01H", CEOS
+$!
+$!------------------------------------------------------------------------------
+$! Confirm/Update the SSL Configuration Data
+$!------------------------------------------------------------------------------
+$!
+$PROMPT_LOOP:
+$!
+$ IF CTR .LE. SSL_USER_DATA_MAX
+$ THEN
+$ KEY = F$ELEMENT (0,"#",SSL_USER_DATA_'CTR') ! Key Name
+$ ITM = F$ELEMENT (1,"#",SSL_USER_DATA_'CTR') ! Item Name
+$ VAL = F$ELEMENT (2,"#",SSL_USER_DATA_'CTR') ! Item Value Contains Default or Prompt
+$ DEF = F$ELEMENT (3,"#",SSL_USER_DATA_'CTR') ! Default Value
+$ PRM = F$ELEMENT (4,"#",SSL_USER_DATA_'CTR') ! Prompt Value
+$ TYP = F$ELEMENT (5,"#",SSL_USER_DATA_'CTR') ! Value Type
+$ MIN = F$ELEMENT (6,"#",SSL_USER_DATA_'CTR') ! Value Minimum Length
+$ MAX = F$ELEMENT (7,"#",SSL_USER_DATA_'CTR') ! Value Maximum Length
+$ UPD = F$ELEMENT (8,"#",SSL_USER_DATA_'CTR') ! Entry Updated ?
+$ REQ = F$ELEMENT (9,"#",SSL_USER_DATA_'CTR') ! Entry Required for Input ?
+$ CFM = F$ELEMENT (10,"#",SSL_USER_DATA_'CTR')! Confirm Input ?
+$ CONFIRMED = 0
+$ IF REQ .EQS. "N"
+$ THEN
+$ CTR = CTR + 1
+$ GOTO PROMPT_LOOP
+$ ENDIF
+$ IF ROW .GT. MSG_ROW - 2
+$ THEN
+$ SAY ESC + "[''TOP_ROW';01H", CEOS
+$ ROW = TOP_ROW
+$ ENDIF
+$!
+$CONFIRM_LOOP:
+$!
+$ IF PRM .EQS. ""
+$ THEN
+$ PROMPT = ESC + "[''ROW';''COL'H''ITM' ? [''DEF'] ''CEOL'"
+$ ELSE
+$ PROMPT = ESC + "[''ROW';''COL'H''PRM' [''DEF'] ''CEOL'"
+$ ENDIF
+$ IF TYP .EQS. "P" THEN SET TERMINAL /NOECHO
+$ ASK "''PROMPT'" ANS /END_OF_FILE=EXIT
+$ IF TYP .EQS. "P" THEN SET TERMINAL /ECHO
+$ ANS = F$EDIT (ANS,"TRIM")
+$ IF ANS .EQS. "" THEN ANS = DEF
+$ IF TYP .EQS. "F"
+$ THEN
+$ ANS = F$PARSE ("''ANS'","''DEF'",,,"SYNTAX_ONLY")
+$ ENDIF
+$ IF TYP .EQS. "I" .AND. F$TYPE (ANS) .NES. "INTEGER"
+$ THEN
+$ CALL INVALID_ENTRY
+$ SAY ESC + "[''ROW';01H", CEOS
+$ GOTO PROMPT_LOOP
+$ ENDIF
+$ IF (TYP .EQS. "S" .OR. TYP .EQS. "P") .AND. -
+ ((MIN .NES. "" .AND. F$LENGTH (ANS) .LT. F$INTEGER(MIN)) .OR. -
+ (MAX .NES. "" .AND. F$LENGTH (ANS) .GT. F$INTEGER(MAX)))
+$ THEN
+$ CALL INVALID_ENTRY
+$ SAY ESC + "[''ROW';01H", CEOS
+$ IF TYP .EQS. "S" THEN GOTO PROMPT_LOOP
+$ IF TYP .EQS. "P" THEN GOTO CONFIRM_LOOP
+$ ENDIF
+$ ROW = ROW + 1
+$ IF CFM .EQS. "Y"
+$ THEN
+$ IF CONFIRMED .EQ. 0
+$ THEN
+$ CONFIRMED = 1
+$ CONFIRMED_ANS = ANS
+$ PRM = "Confirm ''PRM'"
+$ GOTO CONFIRM_LOOP
+$ ELSE
+$ IF ANS .NES. CONFIRMED_ANS
+$ THEN
+$ CALL INVALID_ENTRY
+$ ROW = ROW - 2
+$ SAY ESC + "[''ROW';01H", CEOS
+$ GOTO PROMPT_LOOP
+$ ENDIF
+$ ENDIF
+$ ENDIF
+$ IF ANS .NES. DEF THEN SSL_USER_DATA_'CTR' = "''KEY'#''ITM'#''VAL'#''ANS'#''PRM'#''TYP'#''MIN'#''MAX'#Y#''REQ'#''CFM'"
+$ CTR = CTR + 1
+$ GOTO PROMPT_LOOP
+$ ENDIF
+$!
+$!------------------------------------------------------------------------------
+$! Save the SSL Configuration Data
+$!------------------------------------------------------------------------------
+$!
+$ CTR = 1
+$ SAY ESC + "[''MSG_ROW';01H", BLNK, " Saving Configuration ...", NORM
+$!
+$SAVE_CONF_LOOP:
+$!
+$ IF CTR .LE. SSL_USER_DATA_MAX
+$ THEN
+$ KEY = F$ELEMENT (0,"#",SSL_USER_DATA_'CTR') ! Key Name
+$ ITM = F$ELEMENT (1,"#",SSL_USER_DATA_'CTR') ! Item Name
+$ VAL = F$ELEMENT (2,"#",SSL_USER_DATA_'CTR') ! Item Value Contains Default or Prompt
+$ DEF = F$ELEMENT (3,"#",SSL_USER_DATA_'CTR') ! Default Value
+$ PRM = F$ELEMENT (4,"#",SSL_USER_DATA_'CTR') ! Prompt Value
+$ TYP = F$ELEMENT (5,"#",SSL_USER_DATA_'CTR') ! Value Type
+$ MIN = F$ELEMENT (6,"#",SSL_USER_DATA_'CTR') ! Value Minimum Length
+$ MAX = F$ELEMENT (7,"#",SSL_USER_DATA_'CTR') ! Value Maximum Length
+$ UPD = F$ELEMENT (8,"#",SSL_USER_DATA_'CTR') ! Entry Updated ?
+$ REQ = F$ELEMENT (9,"#",SSL_USER_DATA_'CTR') ! Entry Required for Input ?
+$ CFM = F$ELEMENT (10,"#",SSL_USER_DATA_'CTR')! Confirm Input ?
+$ IF UPD .NES. "Y" .OR. VAL .EQS. "-"
+$ THEN
+$ CTR = CTR + 1
+$ GOTO SAVE_CONF_LOOP
+$ ENDIF
+$ IF VAL .EQS. "D"
+$ THEN
+$ SET_CONF_DATA "''KEY'#''ITM'" "''DEF'"
+$ ELSE
+$ SET_CONF_DATA "''KEY'#''ITM'" "''PRM'"
+$ SET_CONF_DATA "''KEY'#''ITM'_default" "''DEF'"
+$ ENDIF
+$ IF MIN .NES. "" THEN SET_CONF_DATA "''KEY'#''ITM'_min" "''MIN'"
+$ IF MAX .NES. "" THEN SET_CONF_DATA "''KEY'#''ITM'_max" "''MAX'"
+$ CTR = CTR + 1
+$ GOTO SAVE_CONF_LOOP
+$ ENDIF
+$!
+$ PURGE /NOLOG /NOCONFIRM 'SSL_CONF_FILE'
+$ RENAME 'SSL_CONF_FILE'; ;1
+$!
+$ SAY ESC + "[''MSG_ROW';01H", CEOS
+$!
+$!------------------------------------------------------------------------------
+$! Create the Certificiate Authority
+$!------------------------------------------------------------------------------
+$!
+$SKIP:
+$!
+$ SAY ESC + "[''MSG_ROW';01H", BLNK, " Signing Certificate Request ...", NORM
+$!
+$ X1 = 2
+$ Y1 = TOP_ROW
+$ X2 = TT_COLS - 2
+$ Y2 = MSG_ROW - 1
+$!
+$ GET_USER_DATA "[]#pem_pass_phrase"
+$ _pem_pass_phrase = SSL_USER_DATA
+$ GET_USER_DATA "[''_default_ca']#database"
+$ _default_idxfile = SSL_USER_DATA
+$ GET_USER_DATA "[''_default_ca']#serial"
+$ _default_serfile = SSL_USER_DATA
+$ GET_USER_DATA "[]#default_csrfile"
+$ _default_csrfile = SSL_USER_DATA
+$ GET_USER_DATA "[]#default_sgnfile"
+$ _default_sgnfile = SSL_USER_DATA
+$ GET_USER_DATA "[]#display_certificate"
+$ _display_certificate = SSL_USER_DATA
+$!
+$ IF F$SEARCH ("''_default_idxfile'") .EQS. ""
+$ THEN
+$ OPEN /WRITE OFILE '_default_idxfile'
+$ CLOSE OFILE
+$ ENDIF
+$!
+$ IF F$SEARCH ("''_default_serfile'") .EQS. ""
+$ THEN
+$ OPEN /WRITE OFILE '_default_serfile'
+$ WRITE OFILE "01"
+$ CLOSE OFILE
+$ ENDIF
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ SHOW SYSTEM /FULL /OUT=SYS$LOGIN:SSL_CA_'PID'.RND
+$!
+$ OPEN /WRITE OFILE SYS$LOGIN:SSL_CA_'PID'.COM
+$ WRITE OFILE "$ SET NOON"
+$ WRITE OFILE "$ SET MESSAGE /NOFACILITY /NOIDENTIFICATION /NOSEVERITY /NOTEXT"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG RANDFILE SYS$LOGIN:SSL_CA_''PID'.RND"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$ERROR SYS$LOGIN:SSL_CA_''PID'.LOG"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$OUTPUT SYS$LOGIN:SSL_CA_''PID'.LOG"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$COMMAND SYS$INPUT"
+$ WRITE OFILE "$ OPENSSL ca -config ''SSL_CONF_FILE' -out ''_default_sgnfile' -infiles ''_default_csrfile'"
+$ WRITE OFILE "''_pem_pass_phrase'"
+$ WRITE OFILE "y"
+$ WRITE OFILE "y"
+$ WRITE OFILE "$ SET MESSAGE /FACILITY /IDENTIFICATION /SEVERITY /TEXT"
+$ CLOSE OFILE
+$!
+$ @SYS$LOGIN:SSL_CA_'PID'.COM
+$!
+$ DELETE/NOLOG/NOCONFIRM SYS$LOGIN:SSL_CA_'PID'.RND;*
+$ DELETE/NOLOG/NOCONFIRM SYS$LOGIN:SSL_CA_'PID'.COM;*
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ SEARCH SYS$LOGIN:SSL_CA_'PID'.LOG /OUT=SYS$LOGIN:SSL_CA_'PID'.ERR "error:"
+$ IF F$SEARCH ("SYS$LOGIN:SSL_CA_''PID'.ERR") .NES. ""
+$ THEN
+$ IF F$FILE_ATTRIBUTE ("SYS$LOGIN:SSL_CA_''PID'.ERR","ALQ") .NE. 0
+$ THEN
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_CA_'PID'.ERR;*
+$ SAY ESC + "[''MSG_ROW';01H''BELL'''CEOS'"
+$ SHOW_FILE "SYS$LOGIN:SSL_CA_''PID'.LOG" 'X1' 'Y1' 'X2' 'Y2' "< ERROR >"
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_CA_'PID'.LOG;*
+$ GOTO EXIT
+$ ENDIF
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_CA_'PID'.ERR;*
+$ ENDIF
+$!
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_CA_'PID'.LOG;*
+$!
+$ IF F$EDIT (_display_certificate,"TRIM,UPCASE") .EQS. "Y"
+$ THEN
+$ SAY ESC + "[''MSG_ROW';01H", BLNK, " Generating Output ...", NORM, CEOL
+$!
+$ OPEN /WRITE OFILE SYS$LOGIN:SSL_X509_'PID'.COM
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$ERROR SYS$LOGIN:SSL_X509_''PID'.LOG"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$OUTPUT SYS$LOGIN:SSL_X509_''PID'.LOG"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$COMMAND SYS$INPUT"
+$ WRITE OFILE "$ OPENSSL x509 -noout -text -in ''_default_sgnfile'"
+$ CLOSE OFILE
+$!
+$ @SYS$LOGIN:SSL_X509_'PID'.COM
+$!
+$ DELETE/NOLOG/NOCONFIRM SYS$LOGIN:SSL_X509_'PID'.COM;*
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ SEARCH SYS$LOGIN:SSL_X509_'PID'.LOG /OUT=SYS$LOGIN:SSL_X509_'PID'.ERR ":error:"
+$ IF F$SEARCH ("SYS$LOGIN:SSL_X509_''PID'.ERR") .NES. ""
+$ THEN
+$ IF F$FILE_ATTRIBUTE ("SYS$LOGIN:SSL_X509_''PID'.ERR","ALQ") .NE. 0
+$ THEN
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_X509_'PID'.ERR;*
+$ SAY ESC + "[''MSG_ROW';01H''BELL'''CEOS'"
+$ SHOW_FILE "SYS$LOGIN:SSL_X509_''PID'.LOG" 'X1' 'Y1' 'X2' 'Y2' "< ERROR >"
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_X509_'PID'.LOG;*
+$ GOTO EXIT
+$ ENDIF
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_X509_'PID'.ERR;*
+$ ENDIF
+$!
+$ SAY ESC + "[''MSG_ROW';01H''CEOS'"
+$ SHOW_FILE "SYS$LOGIN:SSL_X509_''PID'.LOG" 'X1' 'Y1' 'X2' 'Y2' "< ''_default_sgnfile' >"
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_X509_'PID'.LOG;*
+$ GOTO EXIT
+$ ENDIF
+$!
+$ TEXT = "Press return to continue"
+$ COL = (TT_COLS - F$LENGTH (TEXT)) / 2
+$!
+$ SAY ESC + "[''MSG_ROW';01H", CEOS
+$ PROMPT = ESC + "[''MSG_ROW';''COL'H''TEXT'"
+$ ASK "''PROMPT'" OPT
+$!
+$GOTO EXIT
+$!
+$!------------------------------------------------------------------------------
+$! Set the User Data
+$!------------------------------------------------------------------------------
+$!
+$SET_USER_DATA: SUBROUTINE
+$!
+$ IF F$TYPE (SSL_USER_DATA_MAX) .EQS. ""
+$ THEN
+$ SSL_USER_DATA_MAX == 1
+$ ELSE
+$ SSL_USER_DATA_MAX == SSL_USER_DATA_MAX + 1
+$ ENDIF
+$!
+$ SSL_USER_DATA_'SSL_USER_DATA_MAX' == "''P1'"
+$!
+$ EXIT
+$!
+$ ENDSUBROUTINE
+$!
+$!------------------------------------------------------------------------------
+$! Find the Request Data
+$!------------------------------------------------------------------------------
+$!
+$GET_USER_DATA: SUBROUTINE
+$!
+$ CTR = 1
+$ USER_KEY = F$ELEMENT (0,"#",P1)
+$ USER_ITM = F$ELEMENT (1,"#",P1)
+$!
+$GET_USER_DATA_LOOP:
+$!
+$ IF CTR .LE. SSL_USER_DATA_MAX
+$ THEN
+$ KEY = F$ELEMENT (0,"#",SSL_USER_DATA_'CTR') ! Key Name
+$ ITM = F$ELEMENT (1,"#",SSL_USER_DATA_'CTR') ! Item Name
+$ VAL = F$ELEMENT (2,"#",SSL_USER_DATA_'CTR') ! Item Value Contains Default or Prompt
+$ DEF = F$ELEMENT (3,"#",SSL_USER_DATA_'CTR') ! Default Value
+$ PRM = F$ELEMENT (4,"#",SSL_USER_DATA_'CTR') ! Prompt Value
+$ IF USER_KEY .NES. KEY .OR. USER_ITM .NES. ITM
+$ THEN
+$ CTR = CTR + 1
+$ GOTO GET_USER_DATA_LOOP
+$ ENDIF
+$ IF VAL .EQS. "-" THEN SSL_USER_DATA == "''DEF'"
+$ IF VAL .EQS. "D" THEN SSL_USER_DATA == "''DEF'"
+$ IF VAL .EQS. "P" THEN SSL_USER_DATA == "''PRM'"
+$ ENDIF
+$!
+$ EXIT
+$!
+$ ENDSUBROUTINE
+$!
+$!------------------------------------------------------------------------------
+$! Delete the User Data
+$!------------------------------------------------------------------------------
+$!
+$DEL_USER_DATA: SUBROUTINE
+$!
+$ IF F$TYPE (SSL_USER_DATA_MAX) .EQS. "" THEN GOTO DEL_USER_DATA_END
+$!
+$DEL_USER_DATA_LOOP:
+$!
+$ IF F$TYPE (SSL_USER_DATA_'SSL_USER_DATA_MAX') .NES. ""
+$ THEN
+$ DELETE /SYMBOL /GLOBAL SSL_USER_DATA_'SSL_USER_DATA_MAX'
+$ SSL_USER_DATA_MAX == SSL_USER_DATA_MAX - 1
+$ GOTO DEL_USER_DATA_LOOP
+$ ENDIF
+$!
+$ DELETE /SYMBOL /GLOBAL SSL_USER_DATA_MAX
+$!
+$DEL_USER_DATA_END:
+$!
+$ IF F$TYPE (SSL_USER_DATA) .NES. "" THEN DELETE /SYMBOL /GLOBAL SSL_USER_DATA
+$!
+$ EXIT
+$!
+$ ENDSUBROUTINE
+$!
+$!------------------------------------------------------------------------------
+$! Display the invalid entry
+$!------------------------------------------------------------------------------
+$!
+$INVALID_ENTRY: SUBROUTINE
+$!
+$ SAY ESC + "[''MSG_ROW';01H", BELL, " Invalid Entry, Try again ...''CEOL'"
+$ Wait 00:00:01.5
+$ SAY ESC + "[''MSG_ROW';01H", CEOL
+$!
+$ EXIT
+$!
+$ ENDSUBROUTINE
+$!
+$!------------------------------------------------------------------------------
+$! Exit the procedure
+$!------------------------------------------------------------------------------
+$!
+$EXIT:
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ DEASSIGN SYS$OUTPUT
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ DEASSIGN SYS$ERROR
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ CLOSE OFILE
+$!
+$ DEL_USER_DATA
+$!
+$ IF F$TYPE (SSL_CONF_DATA) .NES. "" THEN DELETE /SYMBOL /GLOBAL SSL_CONF_DATA
+$!
+$ IF F$GETDVI ("TT:","TT_NOECHO") .AND. .NOT. TT_NOECHO THEN SET TERMINAL /ECHO
+$!
+$ IF F$SEARCH ("SYS$LOGIN:SSL_CA_''PID'.%%%;*") .NES. "" THEN DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_CA_'PID'.%%%;*
+$ IF F$SEARCH ("SYS$LOGIN:SSL_X509_''PID'.%%%;*") .NES. "" THEN DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_X509_'PID'.%%%;*
+$!
+$ Verify = F$VERIFY (Verify)
+$!
+$ EXIT
diff --git a/VMS/cert_tool/ssl$view_cert.com b/VMS/cert_tool/ssl$view_cert.com
new file mode 100644
index 0000000000..acd72ef8a9
--- /dev/null
+++ b/VMS/cert_tool/ssl$view_cert.com
@@ -0,0 +1,245 @@
+$!
+$!------------------------------------------------------------------------------
+$! SSL$VIEW_CERT.COM - SSL View Certificate procedure
+$!------------------------------------------------------------------------------
+$!
+$ Verify = F$VERIFY (0)
+$ Set NoOn
+$ Set NoControl=Y
+$!
+$!------------------------------------------------------------------------------
+$! Description
+$!------------------------------------------------------------------------------
+$!
+$! This procedure prompts the user through creating a Server Certificate.
+$!
+$! The parameters used are:
+$!
+$! P1 - Certificate or Certificate Request (i.e. "CRT" or "CSR")
+$!
+$!------------------------------------------------------------------------------
+$! Define symbols
+$!------------------------------------------------------------------------------
+$!
+$ DELETE := DELETE
+$ SAY := WRITE SYS$OUTPUT
+$ ASK := READ SYS$COMMAND /END_OF_FILE=EXIT /PROMPT=
+$ PID = F$GETJPI ("","PID")
+$ TT_NOECHO = F$GETDVI ("TT:","TT_NOECHO")
+$ On Control_Y THEN GOTO EXIT
+$ Set Control=Y
+$!
+$ TT_ROWS = F$GETDVI ("TT:","TT_PAGE")
+$ TT_COLS = F$GETDVI ("TT:","DEVBUFSIZ")
+$!
+$ INIT_TERM := @SSL$COM:SSL$INIT_TERM
+$ PICK_FILE := @SSL$COM:SSL$PICK_FILE
+$ SHOW_FILE := @SSL$COM:SSL$SHOW_FILE
+$!
+$ ESC[0,8] = 27 ! Set the Escape Character
+$ BELL[0,8] = 7 ! Ring the terminal Bell
+$ RED = 1 ! Color - Red
+$ FGD = 30 ! Foreground
+$ BGD = 0 ! Background
+$ CSCR = ESC + "[2J" ! Clear the Screen
+$ CEOS = ESC + "[0J" ! Clear to the End of the Screen
+$ CEOL = ESC + "[0K" ! Clear to the End of the Line
+$ NORM = ESC + "[0m" ! Turn Attributes off
+$ BLNK = ESC + "[5m" ! Turn on BLINK Attribute
+$ WIDE = ESC + "#6" ! Turn on WIDE Attribute
+$!
+$!------------------------------------------------------------------------------
+$! Run the SSL setup if it hasn't been run yet
+$!------------------------------------------------------------------------------
+$!
+$ IF F$TRNLNM ("SSL$ROOT") .EQS. ""
+$ THEN
+$ IF F$SEARCH ("SSL$COM:SSL$INIT_ENV.COM") .NES. ""
+$ THEN
+$ @SSL$COM:SSL$INIT_ENV.COM
+$ ELSE
+$ SAY BELL, "Unable to locate SSL$COM:SSL$INIT_ENV.COM ..."
+$ GOTO EXIT
+$ ENDIF
+$ ENDIF
+$!
+$!------------------------------------------------------------------------------
+$! Display the Page Header
+$!------------------------------------------------------------------------------
+$!
+$ INIT_TERM
+$ BCOLOR = BGD
+$ FCOLOR = FGD + RED
+$ COLOR = ESC + "[''BCOLOR';''FCOLOR'm"
+$!
+$ TEXT = "SSL Certificate Tool"
+$ COL = (TT_COLS - (F$LENGTH (TEXT) * 2)) / 4
+$!
+$ SAY ESC + "[01;01H", CSCR
+$ SAY ESC + "[02;''COL'H", COLOR, WIDE, TEXT, NORM
+$!
+$ IF P1 .EQS. "CSR"
+$ THEN
+$ TEXT = "View Certificate Request"
+$ ELSE
+$ TEXT = "View Certificate"
+$ ENDIF
+$ COL = (TT_COLS - F$LENGTH (TEXT)) / 2
+$!
+$ SAY ESC + "[04;01H"
+$ SAY ESC + "[04;''COL'H", COLOR, TEXT, NORM
+$!
+$ CTR = 1
+$ ROW = 6
+$ COL = 2
+$ TOP_ROW = ROW
+$ MSG_ROW = TT_ROWS - 1
+$!
+$!------------------------------------------------------------------------------
+$! Initialize the Request Data
+$!------------------------------------------------------------------------------
+$!
+$ IF P1 .NES. "CRT" .AND. P1 .NES. "CSR"
+$ THEN
+$ PRM = "Display File:"
+$ DEF = "*.*"
+$ ENDIF
+$!
+$ IF P1 .EQS. "CRT"
+$ THEN
+$ PRM = "Display Certificate File:"
+$ DEF = "SSL$CRT:*.CRT"
+$ ENDIF
+$!
+$ IF P1 .EQS. "CSR"
+$ THEN
+$ PRM = "Display Certificate Request File:"
+$ DEF = "SSL$CSR:*.CSR"
+$ ENDIF
+$!
+$ SAY ESC + "[''MSG_ROW';01H", CEOS
+$!
+$!------------------------------------------------------------------------------
+$! Confirm/Update the SSL Configuration Data
+$!------------------------------------------------------------------------------
+$!
+$PROMPT_LOOP:
+$!
+$ PROMPT = ESC + "[''ROW';''COL'H''PRM' ? [''DEF'] ''CEOL'"
+$ ASK "''PROMPT'" _view_file_name
+$ _view_file_name = F$EDIT (_view_file_name,"TRIM")
+$ IF _view_file_name .EQS. "" THEN _view_file_name = DEF
+$!
+$ X1 = 2
+$ Y1 = TOP_ROW
+$ X2 = TT_COLS - 2
+$ Y2 = MSG_ROW - 1
+$!
+$PICK_FILE:
+$!
+$ PICK_FILE "''_view_file_name'" 'X1' 'Y1' 'X2' 'Y2' "< Select a File >"
+$!
+$ SAY ESC + "[''TOP_ROW';01H", CEOS
+$!
+$ IF SSL_FILE_NAME .EQS. "" THEN GOTO EXIT
+$!
+$!------------------------------------------------------------------------------
+$! Create the Certificiate Authority
+$!------------------------------------------------------------------------------
+$!
+$ SAY ESC + "[''MSG_ROW';01H", BLNK, " Generating Output ...", NORM, CEOL
+$!
+$ IF P1 .EQS. "CRT"
+$ THEN
+$ OPEN /WRITE OFILE SYS$LOGIN:SSL_X509_'PID'.COM
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$ERROR SYS$LOGIN:SSL_X509_''PID'.LOG"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$OUTPUT SYS$LOGIN:SSL_X509_''PID'.LOG"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$COMMAND SYS$INPUT"
+$ WRITE OFILE "$ OPENSSL x509 -noout -text -in ''SSL_FILE_NAME'"
+$ CLOSE OFILE
+$!
+$ @SYS$LOGIN:SSL_X509_'PID'.COM
+$!
+$ DELETE/NOLOG/NOCONFIRM SYS$LOGIN:SSL_X509_'PID'.COM;*
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ SEARCH SYS$LOGIN:SSL_X509_'PID'.LOG /OUT=SYS$LOGIN:SSL_X509_'PID'.ERR ":error:"
+$ IF F$SEARCH ("SYS$LOGIN:SSL_X509_''PID'.ERR") .NES. ""
+$ THEN
+$ IF F$FILE_ATTRIBUTE ("SYS$LOGIN:SSL_X509_''PID'.ERR","ALQ") .NE. 0
+$ THEN
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_X509_'PID'.ERR;*
+$ SAY ESC + "[''MSG_ROW';01H''BELL'''CEOS'"
+$ SHOW_FILE "SYS$LOGIN:SSL_X509_''PID'.LOG" 'X1' 'Y1' 'X2' 'Y2' "< ERROR >"
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_X509_'PID'.LOG;*
+$ GOTO EXIT
+$ ENDIF
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_X509_'PID'.ERR;*
+$ ENDIF
+$!
+$ SAY ESC + "[''MSG_ROW';01H''CEOS'"
+$ SHOW_FILE "SYS$LOGIN:SSL_X509_''PID'.LOG" 'X1' 'Y1' 'X2' 'Y2' "< ''SSL_FILE_NAME' >"
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_X509_'PID'.LOG;*
+$ GOTO PICK_FILE
+$ ENDIF
+$!
+$ IF P1 .EQS. "CSR"
+$ THEN
+$ OPEN /WRITE OFILE SYS$LOGIN:SSL_REQ_'PID'.COM
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$ERROR SYS$LOGIN:SSL_REQ_''PID'.LOG"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$OUTPUT SYS$LOGIN:SSL_REQ_''PID'.LOG"
+$ WRITE OFILE "$ DEFINE /USER /NOLOG SYS$COMMAND SYS$INPUT"
+$ WRITE OFILE "$ OPENSSL req -noout -text -in ''SSL_FILE_NAME'"
+$ CLOSE OFILE
+$!
+$ @SYS$LOGIN:SSL_REQ_'PID'.COM
+$!
+$ DELETE/NOLOG/NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.COM;*
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ SEARCH SYS$LOGIN:SSL_REQ_'PID'.LOG /OUT=SYS$LOGIN:SSL_REQ_'PID'.ERR ":error:"
+$ IF F$SEARCH ("SYS$LOGIN:SSL_REQ_''PID'.ERR") .NES. ""
+$ THEN
+$ IF F$FILE_ATTRIBUTE ("SYS$LOGIN:SSL_REQ_''PID'.ERR","ALQ") .NE. 0
+$ THEN
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.ERR;*
+$ SAY ESC + "[''MSG_ROW';01H''BELL'''CEOS'"
+$ SHOW_FILE "SYS$LOGIN:SSL_REQ_''PID'.LOG" 'X1' 'Y1' 'X2' 'Y2' "< ERROR >"
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.LOG;*
+$ GOTO EXIT
+$ ENDIF
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.ERR;*
+$ ENDIF
+$!
+$ SAY ESC + "[''MSG_ROW';01H''CEOS'"
+$ SHOW_FILE "SYS$LOGIN:SSL_REQ_''PID'.LOG" 'X1' 'Y1' 'X2' 'Y2' "< ''SSL_FILE_NAME' >"
+$ DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.LOG;*
+$ GOTO PICK_FILE
+$ ENDIF
+$!
+$ SAY ESC + "[''MSG_ROW';01H''CEOS'"
+$ SHOW_FILE "''SYS$LOGIN:SSL_FILE_NAME'" 'X1' 'Y1' 'X2' 'Y2' "< ''SSL_FILE_NAME' >"
+$ GOTO PICK_FILE
+$!
+$!------------------------------------------------------------------------------
+$! Exit the procedure
+$!------------------------------------------------------------------------------
+$!
+$EXIT:
+$!
+$ DEFINE /USER /NOLOG SYS$ERROR NL:
+$ DEFINE /USER /NOLOG SYS$OUTPUT NL:
+$ CLOSE OFILE
+$!
+$ IF F$TYPE (SSL_FILE_NAME) .NES. "" THEN DELETE /SYMBOL /GLOBAL SSL_FILE_NAME
+$!
+$ IF F$GETDVI ("TT:","TT_NOECHO") .AND. .NOT. TT_NOECHO THEN SET TERMINAL /ECHO
+$!
+$ IF F$SEARCH ("SYS$LOGIN:SSL_REQ_''PID'.%%%;*") .NES. "" THEN DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_REQ_'PID'.%%%;*
+$ IF F$SEARCH ("SYS$LOGIN:SSL_X509_''PID'.%%%;*") .NES. "" THEN DELETE /NOLOG /NOCONFIRM SYS$LOGIN:SSL_X509_'PID'.%%%;*
+$!
+$ Verify = F$VERIFY (Verify)
+$!
+$ EXIT
diff --git a/VMS/compaq/build_pcsi_kit.com b/VMS/compaq/build_pcsi_kit.com
new file mode 100644
index 0000000000..1d6c246bc0
--- /dev/null
+++ b/VMS/compaq/build_pcsi_kit.com
@@ -0,0 +1,98 @@
+$! BUILD_PCSI_KIT.COM -- Build a PCSI kit
+$!
+$! Written by Richard Levitte <richard@levitte.org>
+$! Release as public domain.
+$!
+$! Use this comannd procedure from the top of the OpenSSL directory tree.
+$! Anything else will fail!
+$!
+$! P1 directory to build in
+$
+$ IF P1 .EQS. ""
+$ THEN
+$ WRITE SYS$OUTPUT "First argument missing."
+$ WRITE SYS$OUTPUT "Should be the directory where you want things installed."
+$ EXIT
+$ ENDIF
+$
+$ CURR_DIR = F$ENVIRONMENT("DEFAULT")
+$
+$ ROOT = F$PARSE(P1,"[]A.;0",,,"SYNTAX_ONLY,NO_CONCEAL") - "A.;0"
+$ ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY")
+$ ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") -
+ - ".][000000" - "[000000." - "][" - "[" - "]"
+$ ROOT = ROOT_DEV + "[" + ROOT_DIR
+$
+$ KIT_DIR = "''ROOT'" + "]"
+$ KIT_AREA = "''ROOT'" + "...]"
+$
+$ @INSTALL 'P1' SSL$
+$
+$ COPY [.VMS.COMPAQ]SSL$PCSI.COM 'ROOT'.COM] /LOG
+$ SET FILE/PROT=WORLD:RE 'ROOT'.COM]SSL$PCSI.COM
+$!
+$! Copy SET_ACLS.COM so that access to the kit area has
+$! the appropriate protections as well.
+$!
+$ COPY SET_ACLS.COM 'ROOT'] /LOG
+$ SET FILE/PROT=WORLD:RE 'ROOT']SET_ACLS.COM
+$!
+$! Create the default CA structure
+$!
+$ CREATE /DIR /PROTECTION=OWNER:RWED 'ROOT'.CA]
+$ CREATE /DIR /PROTECTION=OWNER:RWED 'ROOT'.CA.certs]
+$ CREATE /DIR /PROTECTION=OWNER:RWED 'ROOT'.CA.crl]
+$ CREATE /DIR /PROTECTION=OWNER:RWED 'ROOT'.CA.newcerts]
+$ CREATE /DIR /PROTECTION=OWNER:RWED 'ROOT'.CA.private]
+$
+$ OPEN /WRITE ser_file 'CATOP']serial.
+$ WRITE ser_file "01"
+$ CLOSE ser_file
+$ APPEND/NEW NL: 'CATOP']index.txt
+$
+$ ! The following is to make sure access() doesn't get confused. It
+$ ! really needs one file in the directory to give correct answers...
+$ COPY NLA0: 'CATOP'.certs].;
+$ COPY NLA0: 'CATOP'.crl].;
+$ COPY NLA0: 'CATOP'.newcerts].;
+$ COPY NLA0: 'CATOP'.private].;
+$!
+$!
+$! Build the command procedure to build the kit
+$!
+$ OPEN/WRITE KIT_FILE CREATE_PCSI_KIT.COM
+$!
+$ WRITE KIT_FILE "$!"
+$ WRITE KIT_FILE "$! CREATE_PCSI_KIT.COM - This command procedure creates the actual .PCSI kit."
+$ WRITE KIT_FILE "$!"
+$ WRITE KIT_FILE "$!"
+$ WRITE KIT_FILE "$! Do not edit this file."
+$ WRITE KIT_FILE "$! This file is created by INSTALL.COM, and any changes to this file should"
+$ WRITE KIT_FILE "$! be made in INSTALL.COM."
+$ WRITE KIT_FILE "$!"
+$ WRITE KIT_FILE "$!"
+$ WRITE KIT_FILE " $ product package ssl /destination = ''KIT_DIR' - "
+$ WRITE KIT_FILE " /format = sequential - "
+$ WRITE KIT_FILE " /log - "
+$ WRITE KIT_FILE " /material = ''KIT_AREA' - "
+$ WRITE KIT_FILE " /source = ''CURR_DIR'CPQ-AXPVMS-SSL-T0100--1.PCSI$DESC "
+$ WRITE KIT_FILE "$!"
+$ WRITE KIT_FILE "$ kit_file = f$search(""''KIT_DIR'*.PCSI"") "
+$ WRITE KIT_FILE "$ spool compress/method=dcx_axpexe ''KIT_DIR'''KIT_FILE' ''KIT_DIR'"
+$!
+$ CLOSE KIT_FILE
+$!
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT " Now, to include the 32-bit images and libraries, copy the following"
+$ WRITE SYS$OUTPUT " from a 32-bit build tree:"
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT " COPY [.AXP.EXE.CRYPTO]LIBCRYPTO32.OLB ''root'.ALPHA_LIB]"
+$ WRITE SYS$OUTPUT " COPY [.AXP.EXE.SSL]LIBSSL32.OLB ''root'.ALPHA_LIB]"
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT " COPY [.AXP.EXE.CRYPTO]SSL$LIBCRYPTO_SHR32.EXE ''root'.ALPHA_EXE]"
+$ WRITE SYS$OUTPUT " COPY [.AXP.EXE.SSL]SSL$LIBSSL_SHR32.EXE ''root'.ALPHA_EXE]"
+$ WRITE SYS$OUTPUT ""
+$!
+$ COPY [.VMS.COMPAQ]SSL010.RELEASE_NOTES 'ROOT']/LOG
+$ SET FILE/PROT=WORLD:RE 'ROOT']SSL010.RELEASE_NOTES
+$!
diff --git a/VMS/compaq/cpq-axpvms-ssl-t0100--1.pcsi$desc b/VMS/compaq/cpq-axpvms-ssl-t0100--1.pcsi$desc
new file mode 100644
index 0000000000..eff2475a6e
--- /dev/null
+++ b/VMS/compaq/cpq-axpvms-ssl-t0100--1.pcsi$desc
@@ -0,0 +1,259 @@
+--
+-- CPQ-AXPVMS-SSL-T0100--1.PCSI$DESCRIPTION
+--
+-- KSG00141 Kevin Greaney 21-Jun-2001
+-- Using the ENCRYPT file as a template, create a
+-- .PCSI$DESCRIPTION file for the OpenSSL port.
+--
+--
+-- First, make sure we are running on correct operating system.
+--
+product CPQ AXPVMS SSL T1.0 full ;
+ if (not <software DEC AXPVMS VMS version minimum V7.2>) ;
+ error NOAXPVMS;
+ end if;
+
+--
+-- Now, perform the installation.
+--
+--
+-- Define the SSL root logical name. This is done by
+-- SSL$PCSI.COM. It defines SSL$ROOT to be the
+-- equivalence name of the PCSI$DESTINATION logical when
+-- installing, and deassigns the logical when removing.
+
+ execute
+ install "@pcsi$destination:[ssl.com]ssl$pcsi.com install"
+ remove "@pcsi$destination:[ssl.com]ssl$pcsi.com remove";
+
+--
+-- SSL$STARTUP.COM defines a handfull of logicals and
+-- then executes SSL$SYSTARTUP.COM.
+--
+-- SSL$SHUTDOWN deassigns the logicals defined in the
+-- startup file and then executes SSL$SYSHUTDOWN.COM
+--
+-- Note : If this kit is installed to a disk other than
+-- the system disk, these two files will not end
+-- up on the system disk. They will have to be
+-- moved over manually.
+
+ execute
+ start "@sys$startup:ssl$startup.com"
+ stop "@sys$startup:ssl$shutdown.com";
+
+--
+-- Now, perform the testing, if it was requested.
+--
+-- Find out if the IVP should be run ...
+-- Note : If the user specified /NOTEST on the command
+-- line, the user will still be asked about running
+-- the IVP, but no matter what they answer, the IVP
+-- will NOT be run. This is because /NOTEST
+-- overrides the option here.
+
+ option run_ivp default yes;
+ execute test "@pcsi$destination:[systest]ssl$ivp.com/output=pcsi$destination:[systest]ssl$ivp.log";
+ end option;
+--
+ information POST_INSTALL phase after with helptext;
+ information RELEASE_NOTES phase after ;
+ information START_INSTRUCTION phase after ;
+-- information REINSTALL_PROBLEM phase after ;
+
+--
+-- And finally, define where all the files should be placed.
+--
+ directory [ssl] ;
+ file [ssl.com]ssl$pcsi.com protection private;
+--
+ file [syshlp]ssl010.release_notes release notes;
+
+ if (<software DEC AXPVMS VMS>) ;
+ directory [ssl.alpha_exe] ;
+
+ file [ssl.alpha_exe]ca.com ;
+ file [ssl.alpha_exe]openssl.exe ;
+ file [ssl.alpha_exe]ssl_task.exe ;
+--
+ end if;
+
+ if (<software DEC VAXVMS VMS>) ;
+ directory [ssl.vax_exe] ;
+ file [ssl.vax_exe]ca.com;
+--
+ directory [ssl.vax_lib] ;
+
+ end if;
+
+ file [syslib]ssl$libssl_shr.exe ;
+ file [syslib]ssl$libcrypto_shr.exe ;
+
+ file [syslib]ssl$libssl_shr32.exe ;
+ file [syslib]ssl$libcrypto_shr32.exe ;
+
+ file [ssl.alpha_exe]ssl$hostname.exe;
+ file [ssl.alpha_exe]ssl$hostaddr.exe;
+--
+ directory [ssl.conf] ;
+
+ file [ssl]openssl.cnf ;
+ file [ssl]openssl-vms.cnf ;
+
+--
+ directory [ssl.certs] ;
+--
+ directory [syshlp.examples.ssl] ;
+
+ file [syshlp.examples.ssl]ssl$bio_cli.c ;
+ file [syshlp.examples.ssl]ssl$bio_serv.c ;
+ file [syshlp.examples.ssl]ssl$cli_sess_renego.c ;
+ file [syshlp.examples.ssl]ssl$cli_sess_renego_cli_ver.c ;
+ file [syshlp.examples.ssl]ssl$cli_sess_reuse.c ;
+ file [syshlp.examples.ssl]ssl$cli_sess_reuse_cli_ver.c ;
+ file [syshlp.examples.ssl]ssl$cli_verify_client.c ;
+ file [syshlp.examples.ssl]ssl$serv_sess_renego.c ;
+ file [syshlp.examples.ssl]ssl$serv_sess_renego_cli_ver.c ;
+ file [syshlp.examples.ssl]ssl$serv_sess_reuse.c ;
+ file [syshlp.examples.ssl]ssl$serv_sess_reuse_cli_ver.c ;
+ file [syshlp.examples.ssl]ssl$serv_verify_client.c ;
+ file [syshlp.examples.ssl]ssl$simple_cli.c ;
+ file [syshlp.examples.ssl]ssl$simple_serv.c ;
+ file [syshlp.examples.ssl]ssl$examples_setup.com ;
+
+--
+ directory [ssl.include] ;
+--
+ file [ssl.include]asn1.h ;
+ file [ssl.include]asn1_mac.h;
+ file [ssl.include]bio.h;
+ file [ssl.include]blowfish.h;
+ file [ssl.include]bn.h;
+ file [ssl.include]buffer.h;
+ file [ssl.include]cast.h;
+ file [ssl.include]comp.h;
+ file [ssl.include]conf.h;
+ file [ssl.include]conf_api.h;
+ file [ssl.include]crypto.h;
+ file [ssl.include]des.h;
+ file [ssl.include]dh.h;
+ file [ssl.include]dsa.h;
+ file [ssl.include]dso.h;
+ file [ssl.include]ebcdic.h;
+ file [ssl.include]engine.h;
+ file [ssl.include]err.h;
+ file [ssl.include]evp.h;
+ file [ssl.include]e_os.h;
+ file [ssl.include]e_os2.h;
+ file [ssl.include]hmac.h;
+ file [ssl.include]idea.h;
+ file [ssl.include]lhash.h;
+ file [ssl.include]md2.h;
+ file [ssl.include]md4.h;
+ file [ssl.include]md5.h;
+ file [ssl.include]mdc2.h;
+ file [ssl.include]objects.h;
+ file [ssl.include]obj_mac.h;
+ file [ssl.include]opensslconf.h;
+ file [ssl.include]opensslv.h;
+ file [ssl.include]pem.h;
+ file [ssl.include]pem2.h;
+ file [ssl.include]pkcs12.h;
+ file [ssl.include]pkcs7.h;
+ file [ssl.include]rand.h;
+ file [ssl.include]rc2.h;
+ file [ssl.include]rc4.h;
+ file [ssl.include]rc5.h;
+ file [ssl.include]ripemd.h;
+ file [ssl.include]rsa.h;
+ file [ssl.include]safestack.h;
+ file [ssl.include]sha.h;
+ file [ssl.include]ssl.h;
+ file [ssl.include]ssl2.h;
+ file [ssl.include]ssl23.h;
+ file [ssl.include]ssl3.h;
+ file [ssl.include]stack.h;
+ file [ssl.include]symhacks.h;
+ file [ssl.include]tls1.h;
+ file [ssl.include]tmdiff.h;
+ file [ssl.include]txt_db.h;
+ file [ssl.include]x509.h;
+ file [ssl.include]x509v3.h;
+ file [ssl.include]x509_vfy.h;
+--
+ directory [ssl.lib] ;
+--
+ directory [ssl.private] ;
+
+ file [ssl.private]randfile.;
+--
+ directory [ssl.test] ;
+
+ file [ssl.test]tcrl.com;
+ file [ssl.test]testca.com;
+ file [ssl.test]testenc.com;
+ file [ssl.test]testgen.com;
+ file [ssl.test]testss.com;
+ file [ssl.test]testssl.com;
+ file [ssl.test]tests_share.com;
+ file [ssl.test]tpkcs7.com;
+ file [ssl.test]tpkcs7d.com;
+ file [ssl.test]treq.com;
+ file [ssl.test]trsa.com;
+ file [ssl.test]tsid.com;
+ file [ssl.test]tverify.com;
+ file [ssl.test]tx509.com;
+--
+ file [ssl.test]bftest.exe;
+ file [ssl.test]bntest.exe;
+ file [ssl.test]casttest.exe;
+ file [ssl.test]destest.exe;
+ file [ssl.test]dhtest.exe;
+ file [ssl.test]dsatest.exe;
+ file [ssl.test]exptest.exe;
+ file [ssl.test]hmactest.exe;
+ file [ssl.test]ideatest.exe;
+ file [ssl.test]md2test.exe;
+ file [ssl.test]md4test.exe;
+ file [ssl.test]md5test.exe;
+ file [ssl.test]mdc2test.exe;
+ file [ssl.test]randtest.exe;
+ file [ssl.test]rc2test.exe;
+ file [ssl.test]rc4test.exe;
+ file [ssl.test]rc5test.exe;
+ file [ssl.test]rmdtest.exe;
+ file [ssl.test]rsa_test.exe;
+ file [ssl.test]sha1test.exe;
+ file [ssl.test]shatest.exe;
+ file [ssl.test]ssltest.exe;
+--
+ file [systest]ssl$ivp.com;
+--
+ directory [ssl.com] ;
+
+ file [sys$startup]ssl$startup.com;
+ file [sys$startup]ssl$shutdown.com;
+
+ file [ssl.com]ssl$systartup.com;
+ file [ssl.com]ssl$syshutdown.com;
+ file [ssl.com]ssl$utils.com;
+--
+ file [ssl.com]ssl$auth_cert.com;
+ file [ssl.com]ssl$auto_cert.com;
+ file [ssl.com]ssl$cert_tool.com;
+ file [ssl.com]ssl$conf_util.com;
+ file [ssl.com]ssl$draw_box.com;
+ file [ssl.com]ssl$exit_cmd.tpu;
+ file [ssl.com]ssl$fill_box.com;
+ file [ssl.com]ssl$hash_cert.com;
+ file [ssl.com]ssl$init_env.com;
+ file [ssl.com]ssl$init_term.com;
+ file [ssl.com]ssl$pick_file.com;
+ file [ssl.com]ssl$rem_env.com;
+ file [ssl.com]ssl$rqst_cert.com;
+ file [ssl.com]ssl$self_cert.com;
+ file [ssl.com]ssl$show_file.com;
+ file [ssl.com]ssl$sign_cert.com;
+ file [ssl.com]ssl$view_cert.com;
+--
+end product ;
diff --git a/VMS/compaq/cpq-axpvms-ssl-t0100--1.pcsi$text b/VMS/compaq/cpq-axpvms-ssl-t0100--1.pcsi$text
new file mode 100644
index 0000000000..3bee61801e
--- /dev/null
+++ b/VMS/compaq/cpq-axpvms-ssl-t0100--1.pcsi$text
@@ -0,0 +1,82 @@
+=product CPQ AXPVMS SSL T1.0 full
+1 'PRODUCT
+=prompt SSL for OpenVMS Alpha T1.0 (Based on OpenSSL 0.9.6B).
+SSL for OpenVMS provides a toolkit that implements SSL V2/V3, TLS V1,
+and a general purpose cryptography library.
+
+1 'PRODUCER
+
+1 'NOTICE
+=prompt (c) Compaq Computer Corporation 2002. All rights reserved.
+
+COMPAQ Registered in U.S. Patent and Trademark Office.
+
+Confidential computer software. Valid license from Compaq or
+authorized sublicensor required for possession, use or copying.
+Consistent with FAR 12.211 and 12.212, Commercial Computer Software,
+Computer Software Documentation, and Technical Data for Commercial
+Items are licensed to the U.S. Government under vendor's standard
+commercial license.
+
+This software is installable on OpenVMS processors using the POLYCENTER
+Software Installation utility.
+
+IMPORTANT LEGAL NOTICE:
+
+ Exports of this product are subject to U.S. Export Administration
+ Regulations pertaining to encryption items and may require that
+ individual export authorization be obtained from the U.S.
+ Department of Commerce.
+
+1 START_INSTRUCTION
+=prompt @SYS$STARTUP:SSL$STARTUP.COM should be run at system startup.
+Once the installation is complete, adding the following line to
+SYS$MANAGER:SYSTARTUP_VMS.COM will define the SSL$ logicals
+in the SYSTEM logical name table:
+
+ $ @SYS$STARTUP:SSL$STARTUP.COM "/SYSTEM"
+
+It is also possible to have the logicals placed in other logical
+name tables - EXEC,USER, etc - by replacing the SYSTEM parameter
+above with the alternate table name.
+
+
+1 RELEASE_NOTES
+=prompt Refer to SYS$HELP:SSL010.RELEASE_NOTES for more information.
+The SSL product release notes contain up to date information regarding
+bug fixes, known problems, and general installation information.
+
+1 RUN_IVP
+=prompt Run the installation verification procedure (IVP)?
+This option determines if the installation verification
+procedure will be run as part of the installation. The procedure
+should take few minutes to run, depending on the processor
+speed. If it is not run during the installation, then it
+should be run as part of the post installation procedure.
+
+1 POST_INSTALL
+=prompt There are post installation activities that need to be performed.
+This includes things like defining logical names and running SSL$UTIL.COM
+to define some foreign symbols, and running the IVP if it was not done
+as part of the installation. Refer the to Release Notes for more
+information about activities that should be performed once the installation
+has finished.
+
+SSL has created the following directory structure in
+PCSI$DESTINATION, which defaults to SYS$SYSDEVICE:[VMS$COMMON]:
+
+ [SSL] -
+ [SSL.ALPHA_EXE] - Contains the images for the Alpha platform.
+ [SSL.ALPHA_LIB] - Contains the .OLBs for the Alpha platform.
+ [SSL.CERTS] - Directory to hold certificates
+ [SSL.COM] - Directory to hold the various command procedures.
+ [SSL.CONF] - Contains the configuration files.
+ [SSL.INCLUDE] - Contains the C Header (.H) files.
+ [SSL.PRIVATE] - Files specifically for SSL use such as RANDFILE.
+ [SSL.TEST] - Contains the files used during the IVP.
+
+
+1 NOAXPVMS
+=prompt Minimum OpenVMS Alpha software not found on system, abort installation
+This kit requires a minimum OpenVMS Alpha version of V7.2.
+
diff --git a/VMS/compaq/ssl$ivp.com b/VMS/compaq/ssl$ivp.com
new file mode 100644
index 0000000000..4a013520c3
--- /dev/null
+++ b/VMS/compaq/ssl$ivp.com
@@ -0,0 +1,164 @@
+$!
+$! SSL$IVP.COM -- Performs some tests to show that OpenSSL
+$! was installed properly, and it working
+$! correctly.
+$!
+$! Note: This command procedure is based heavily on TESTS.COM.
+$! Any changes to this file should be considered for
+$! TESTS.COM as well.
+$!
+$! P1 tests to be performed. Empty means all.
+$
+$ __proc = f$element(0,";",f$environment("procedure"))
+$ __here = f$parse(f$parse("A.;",__proc) - "A.;","[]A.;") - "A.;"
+$ __save_default = f$environment("default")
+$ __arch := VAX
+$ if f$getsyi("cpu") .ge. 128 then __arch := AXP
+$!
+$ show time
+$!
+$ arch_name = f$edit(f$getsyi("arch_name"),"UPCASE")
+$!
+$ tcom_dir := ssl$root:[test]
+$ texe_dir := ssl$root:['arch_name'_test]
+$ exe_dir := ssl$root:['arch_name'_EXE]
+$!
+$! set default '__here'
+$ on control_y then goto exit
+$!
+$! Try to run through as many tests as possible
+$! rather than exit out on the first error.
+$!
+$! on error then goto exit
+$
+$ if p1 .nes. ""
+$ then
+$ tests = p1
+$ else
+$ tests := -
+ test_des,test_idea,test_sha,test_md4,test_md5,test_hmac,-
+ test_md2,test_mdc2,-
+ test_rmd,test_rc2,test_rc4,test_rc5,test_bf,test_cast,-
+ test_rand,test_dh !,test_bn,test_dsa
+$ endif ! if p1
+$!
+$ tests = f$edit(tests,"COLLAPSE")
+$!
+$! BNTEST := bntest
+$ EXPTEST := exptest
+$ IDEATEST := ideatest
+$ SHATEST := shatest
+$ SHA1TEST := sha1test
+$ MDC2TEST := mdc2test
+$ RMDTEST := rmdtest
+$ MD2TEST := md2test
+$ MD4TEST := md4test
+$ MD5TEST := md5test
+$ HMACTEST := hmactest
+$ RC2TEST := rc2test
+$ RC4TEST := rc4test
+$ RC5TEST := rc5test
+$ BFTEST := bftest
+$ CASTTEST := casttest
+$ DESTEST := destest
+$ RANDTEST := randtest
+$ DHTEST := dhtest
+$! DSATEST := dsatest
+$ METHTEST := methtest
+$ SSLTEST := ssltest
+$ RSATEST := rsa_test
+$
+$ tests_i = 0
+$ loop_tests:
+$ tests_e = f$element(tests_i,",",tests)
+$ tests_i = tests_i + 1
+$ if tests_e .eqs. "," then goto exit
+$ write sys$output " "
+$ write sys$output " Executing ''tests_e' ... "
+$ write sys$output " "
+$ gosub 'tests_e'
+$ goto loop_tests
+$
+$ test_des:
+$ mcr 'texe_dir''destest'
+$ return
+$ test_idea:
+$ mcr 'texe_dir''ideatest'
+$ return
+$ test_sha:
+$ mcr 'texe_dir''shatest'
+$ mcr 'texe_dir''sha1test'
+$ return
+$ test_mdc2:
+$ mcr 'texe_dir''mdc2test'
+$ return
+$ test_md5:
+$ mcr 'texe_dir''md5test'
+$ return
+$ test_md4:
+$ mcr 'texe_dir''md4test'
+$ return
+$ test_hmac:
+$ mcr 'texe_dir''hmactest'
+$ return
+$ test_md2:
+$ mcr 'texe_dir''md2test'
+$ return
+$ test_rmd:
+$ mcr 'texe_dir''rmdtest'
+$ return
+$ test_bf:
+$ mcr 'texe_dir''bftest'
+$ return
+$ test_cast:
+$ mcr 'texe_dir''casttest'
+$ return
+$ test_rc2:
+$ mcr 'texe_dir''rc2test'
+$ return
+$ test_rc4:
+$ mcr 'texe_dir''rc4test'
+$ return
+$ test_rc5:
+$ mcr 'texe_dir''rc5test'
+$ return
+$ test_rand:
+$ mcr 'texe_dir''randtest'
+$ return
+$ test_bn:
+$ write sys$output "starting big number library test, could take a while..."
+$ create bntest-vms.fdl
+FILE
+ ORGANIZATION sequential
+RECORD
+ FORMAT stream_lf
+$ create/fdl=bntest-vms.fdl bntest-vms.sh
+$ open/append foo bntest-vms.sh
+$ type/output=foo: sys$input:
+<< __FOO__ bc | perl -e 'while (<STDIN>) {if (/^test (.*)/) {print STDERR "\nverify $1";} elsif (!/^0$/) {die "\nFailed! bc: $_";} print STDERR "."; $i++;} print STDERR "\n$i tests passed\n"'
+$ define/user sys$output bntest-vms.tmp
+$ mcr 'texe_dir''bntest'
+$ copy bntest-vms.tmp foo:
+$ delete bntest-vms.tmp;*
+$ type/output=foo: sys$input:
+__FOO__
+$ close foo
+$ write sys$output "-- copy the [.test]bntest-vms.sh file to a Unix system and run it"
+$ write sys$output "-- through sh or bash to verify that the bignum operations went well."
+$ write sys$output ""
+$ write sys$output "test a^b%c implementations"
+$ mcr 'texe_dir''exptest'
+$ return
+$ test_dh:
+$ write sys$output "Generate a set of DH parameters"
+$ mcr 'texe_dir''dhtest'
+$ return
+$ test_dsa:
+$ write sys$output "Generate a set of DSA parameters"
+$ mcr 'texe_dir''dsatest'
+$ return
+$!
+$ exit:
+$! set default '__save_default'
+$ show time
+$ exit
diff --git a/VMS/compaq/ssl$pcsi.com b/VMS/compaq/ssl$pcsi.com
new file mode 100644
index 0000000000..0d86274fec
--- /dev/null
+++ b/VMS/compaq/ssl$pcsi.com
@@ -0,0 +1,70 @@
+$!
+$! SSL$PCSI.COM - This file is executed during the PCSI
+$! installation. It's main task is to
+$! translate the PCSI$DESTINATION logical
+$! and use the equivalence value as the
+$! value for SSL$ROOT.
+$!
+$! P1 = "INSTALL" or "REMOVE", depending whether this procedure
+$! is being called during a PRODUCT INSTALL/REMOVE.
+$!
+$ if p1 .eqs. "INSTALL"
+$ then
+$ ! Give the person doing the installation a clue where the
+$ ! SSL files has been placed. He or she will need
+$ ! to know this in order to configure the new installation and
+$ ! for editing SYS$MANAGER:SYSTARTUP_VMS.COM
+$
+$ ! Rely upon PCSI to set PCSI$DESTINATION up with choice of
+$ ! [] or <> in use on this site and to have translated the device NO_CONCEAL.
+$
+$ raw_dest = f$trnlnm("PCSI$DESTINATION")
+$ raw_dev = f$parse("''raw_dest'",,, "DEVICE", "NO_CONCEAL")
+$ raw_dev = f$edit("''raw_dev'", "UPCASE")
+$ raw_dir = f$parse("''raw_dest'",,, "DIRECTORY", "NO_CONCEAL")
+$ raw_dir = f$edit("''raw_dir'", "UPCASE")
+$
+$ sys_common = f$trnlnm("SYS$COMMON")
+$ sys_common_dev = f$parse("''sys_common'",,, "DEVICE", "NO_CONCEAL")
+$ sys_common_dir = f$parse("''sys_common'",,, "DIRECTORY", "NO_CONCEAL")
+$
+$ if "''raw_dir'" .eqs. "''sys_common_dir'" -
+ .and. "''raw_dev'" .eqs. "''sys_common_dev'"
+$ then
+$ equiv = sys_common - "]" + "SSL.]"
+$ else
+$ len = f$length("''raw_dest'")
+$ end_ch = f$extract(len - 1, 1, "''raw_dest'")
+$ dest_prefix = "''raw_dest'" - "''end_ch'"
+$ dest_prefix = "''dest_prefix'" - "000000."
+$
+$ equiv = "''dest_prefix'SSL.''end_ch'"
+$ endif
+$!
+$ open/write root_file sys$startup:ssl$define_root.com
+$ write root_file "$!"
+$ write root_file "$! Do not edit this file."
+$ write root_file "$! This file is created by SSL$PCSI.COM. SSL$PCSI.COM should"
+$ write root_file "$! be changed to have modifications to this file take effect."
+$ write root_file "$!"
+$ write root_file "$ DEFINE/SYSTEM/EXECUTIVE_MODE/TRANSLATION=CONCEALED SSL$ROOT ''equiv'"
+$ write root_file "$!"
+$ close root_file
+$!
+$ endif
+$!
+$ if p1 .eqs. "REMOVE"
+$ then
+$ if f$trnlnm("SSL$ROOT") .nes. ""
+$ then
+$ deassign/system/executive_mode ssl$root
+$ endif
+$!
+$ if f$search("sys$startup:ssl$define_root.com") .nes. ""
+$ then
+$ delete sys$startup:ssl$define_root.com;*
+$ endif
+$!
+$ endif
+$!
+$ exit
diff --git a/VMS/compaq/ssl$syshutdown.com b/VMS/compaq/ssl$syshutdown.com
new file mode 100644
index 0000000000..a3473c1a30
--- /dev/null
+++ b/VMS/compaq/ssl$syshutdown.com
@@ -0,0 +1,8 @@
+$!
+$! SSL$SYSHUTDOWN.COM - This command procedure is used for site specific SSL
+$! shutdown tasks. Anything setup in SSL$SYSTARTUP.COM
+$! should be cleaned up in this command procedure.
+$!
+$ DEASSIGN/SYSTEM/EXEC RANDFILE
+$ DEASSIGN/SYSTEM/EXEC SSL$RANDFILE
+$!
diff --git a/VMS/compaq/ssl$systartup.com b/VMS/compaq/ssl$systartup.com
new file mode 100644
index 0000000000..a94c249b48
--- /dev/null
+++ b/VMS/compaq/ssl$systartup.com
@@ -0,0 +1,7 @@
+$!
+$!
+$! Add logical to aid random number generators. -- http://www.free.lp.se/openssl/docs/openssl3.html#ss3.1
+$!
+$ DEFINE/SYSTEM/EXEC RANDFILE SSL$ROOT:[PRIVATE]RANDFILE.;
+$ DEFINE/SYSTEM/EXEC SSL$RANDFILE SSL$ROOT:[PRIVATE]RANDFILE.;
+$!
diff --git a/VMS/compaq/ssl010.release_notes b/VMS/compaq/ssl010.release_notes
new file mode 100644
index 0000000000..e380cbb378
--- /dev/null
+++ b/VMS/compaq/ssl010.release_notes
@@ -0,0 +1,25 @@
+
+ Compaq SSL for OpenVMS Alpha
+
+ Field Test Release Notes
+
+ February 2002
+
+ Based on OpenSSL 0.9.6B
+
+ Compaq SSL T1.0 for OpenVMS Alpha
+ CPQ-AXPVMS-SSL-T0100--1.PCSI-DCX-AXPEXE
+
+ ----------------------------------------------
+
+ Compaq is pleased to provide you with the first release of Compaq
+ SSL for OpenVMS Alpha. Compaq SSL (Secure Sockets Layer)
+ is based on the 0.9.6B release from the Open Group. See
+ http://www.openssl.org for more information about OpenSSL.
+
+ Documentation for this kit, including installation and configuration
+ information, release notes, a programming tutorial and API reference,
+ is included in "Open Source Security for OpenVMS Alpha
+ Volume 2: SSL" in HTML, PDF, and PostScript format. This document
+ is included on the OpenVMS field test documentation CD-ROM.
+
diff --git a/VMS/compaq/submit_build.com b/VMS/compaq/submit_build.com
new file mode 100644
index 0000000000..6cf520179b
--- /dev/null
+++ b/VMS/compaq/submit_build.com
@@ -0,0 +1,242 @@
+$!
+$!
+$!
+$ set noon
+$ set proc/priv=all
+$!
+$ arch_name = f$edit(f$getsyi("arch_name"),"UPCASE")
+$!
+$!
+$!
+$ inquire new_build "Is this a new build? [Yes]"
+$ if new_build .eqs. "" then new_build = "Yes"
+$!
+$ if new_build
+$ then
+$!
+$! Get the Build Ident number.
+$!
+$ cms set library crypto$src:[ossl]
+$ cms reserve build_ident.dat ""
+$ open/read build_version build_ident.dat
+$ open/write new_build_version build_ident.dat
+$ read build_version build_ident
+$ build_ident = f$fao("!4ZL",build_ident+1)
+$ write new_build_version build_ident
+$ close build_version
+$ close new_build_version
+$ cms replace build_ident.dat ""
+$!
+$! Determine the platform to be built on.
+$!
+$ask_platform:
+$ inquire build_platform "What platform are we building? (ALPHA or VAX) [''arch_name']
+$ if build_platform .eqs. "" then build_platform = "ALPHA"
+$ if build_platform .nes. "ALPHA" .and. build_platform .nes. "VAX"
+$ then
+$ write sys$output " "
+$ write sys$output " Build platform must be either ALPHA or VAX."
+$ write sys$output " "
+$ goto ask_platform
+$ endif
+$!
+$ask_cc_flags:
+$ inquire cc_qual "What CC qualifiers should be used?"
+$ write build_info "$ CC_QUAL == ""''cc_qual'"" "
+$!
+$! Determine the number of bits - 32 or 64.
+$!
+$ open/write batch_build crypto$res:[ossl]batch_build.com
+$!
+$ write batch_build "$!"
+$ write batch_build "$! Do not edit this file. It is created by SUBMIT_BUILD.COM."
+$ write batch_build "$! Any changes should be made there."
+$ write batch_build "$!"
+$ write batch_build "$ DEFINE/JOB OPENSSL_NO_IDEA TRUE"
+$ write batch_build "$ DEFINE/JOB OPENSSL_NO_RC5 TRUE"
+$ write batch_build "$!"
+$ write batch_build "$!"
+$ write batch_build "$ BUILD_IDENT == ""''build_ident'"" "
+$ write batch_build "$ BUILD_PLATFORM == ""''build_platform'"" "
+$!
+$ if build_platform .eqs. "VAX"
+$ then
+$ build_bits = 32
+$ write batch_build "$!"
+$ write batch_build "$! "
+$ write batch_build "$! Since DECC for VAX does not support"
+$ write batch_build "$! /POINTER_SIZE, we won't use it, and"
+$ write batch_build "$! just let it default to 32 bits on"
+$ write batch_build "$! it's own."
+$ write batch_build "$! "
+$ write batch_build "$! USER_CCFLAGS == ""/pointer_size=32"" "
+$ write batch_build "$ USER_CCFLAGS == """" "
+$ write batch_build "$ BUILD_BITS == ""32"" "
+$!
+$ else
+$ask_bits:
+$ inquire build_bits "How many bits are we building? (32 or 64) [64]"
+$ if build_bits .eqs. "" then build_bits = 64
+$ if build_bits .nes. "32" .and. build_bits .nes. "64"
+$ then
+$ write sys$output " "
+$ write sys$output " Build bits must be either 32 or 64."
+$ write sys$output " "
+$ goto ask_bits
+$ endif
+$ if build_bits .eqs. "64"
+$ then
+$ write batch_build "$ USER_CCFLAGS == ""/pointer_size=64""''cc_qual' "
+$ write batch_build "$ BUILD_BITS == ""64"" "
+$ else
+$ write batch_build "$ USER_CCFLAGS == ""/pointer_size=32""''cc_qual' "
+$ write batch_build "$ BUILD_BITS == ""32"" "
+$ endif
+$ endif
+$!
+$ask_cms_class:
+$ inquire class "What CMS class should be built? [Current]"
+$ if class .eqs. "" then cms_class = "/GEN"
+$ cms_class == "/GEN=" + "''class'"
+$ write batch_build "$ CMS_CLASS == ""''CMS_CLASS'"" "
+$!
+$!
+$! Setup platform specific DECC compiler.
+$!
+$ write batch_build "$!"
+$ write batch_build "$ SET COMMAND CRYPTO$SRC:[OSSL_TOOLS.''build_platform'_DECC_V62]DECC$CLD"
+$ write batch_build "$!"
+$ write batch_build "$ DEFINE DECC$COMPILER CRYPTO$SRC:[OSSL_TOOLS.''build_platform'_DECC_V62]DECC$COMPILER.EXE"
+$ write batch_build "$ DEFINE DECC$COMPILER_MSG CRYPTO$SRC:[OSSL_TOOLS.''build_platform'_DECC_V62]DECC$COMPILER_MSG.EXE"
+$ write batch_build "$ DEFINE DECC$TEXT_LIBRARY CRYPTO$SRC:[OSSL_TOOLS.''build_platform'_DECC_V62]DECC$RTLDEF.TLB"
+$ write batch_build "$ DEFINE DECC$TEXT_LIBRARY_REF CRYPTO$SRC:[OSSL_TOOLS.''build_platform'_DECC_V62]"
+$ write batch_build "$!"
+$!
+$! Determine if this is a debug build.
+$!
+$ inquire debug_build "Debug build? [Yes]"
+$ if debug_build .eqs. "" then debug_build = "Yes"
+$ build_dir = "BUILD_" + "''build_ident'" + "_''build_platform'" + "_''build_bits'"
+$ if debug_build .eqs. "Yes"
+$ then
+$ build_dir = build_dir + "_DEBUG"
+$ debug_switch = "/DEBUG"
+$ debug_parameter = "DEBUG"
+$ else
+$ debug_build = "No"
+$ debug_switch = "/NODEBUG"
+$ debug_parameter = "NODEBUG"
+$ endif
+$!
+$ write sys$output " "
+$ write sys$output " New build directory will be ", build_dir
+$ write sys$output " "
+$!
+$! Close the info file.
+$!
+$ write batch_build "$ BUILD_DEBUG == ""''debug_build'"" "
+$ write batch_build "$ DEBUG_SWITCH == ""''debug_switch'"" "
+$ write batch_build "$ DEBUG_PARAM == ""''debug_parameter'"" "
+$ write batch_build "$"
+$ write batch_build "$ SET DEFAULT CRYPTO$RES:[OSSL.''build_dir']"
+$ write batch_build "$ @makevms CONFIGALL NORSAREF 'p1' DECC NONE 'build_bits' NOTHREAD"
+$ write batch_build "$ OPEN/APPEND OPT SSL_IDENT.OPT"
+$ write batch_build "$ WRITE OPT ""build_ident="""""",build_ident,""_"",build_platform,""_"",build_bits,"""""" """
+$ write batch_build "$ CLOSE OPT"
+$ write batch_build "$ @makevms BUILDALL NORSAREF 'p1' DECC NONE 'build_bits' NOTHREAD"
+$ write batch_build "$ @[.VMS]mkshared SSL$ 'build_bits'"
+$ write batch_build "$"
+$ write batch_build "$ DEASSIGN/JOB OPENSSL_NO_IDEA"
+$ write batch_build "$ DEASSIGN/JOB OPENSSL_NO_RC5"
+$ write batch_build "$!"
+$ write batch_build "$! Make sure that everyone can access the files."
+$ write batch_build "$!"
+$ write batch_build "$ @[.VMS.COMPAQ]set_acls"
+$ write batch_build "$!"
+$ write batch_build "$ MAIL nl: /SUB=""OPENSSL '"+"'build_ident' is done."" smtp%""greaney@star.zko.dec.com"",smtp%""Takaaki.Shinagawa@compaq.com"""
+$ write batch_build "$!"
+$ close batch_build
+$!
+$! Create the new directory structure.
+$!
+$ create/dir crypto$res:[ossl.'build_dir]
+$ set default crypto$res:[ossl.'build_dir]
+$ rename/log crypto$res:[ossl]batch_build.com crypto$res:[ossl.'build_dir]
+$ cms fetch create_dir_struct.com ""
+$ cms fetch fetch_from_cms.com ""
+$ @create_dir_struct crypto$res:[ossl.'build_dir]
+$!
+$! Populate the new directory structure.
+$!
+$ @fetch_from_cms crypto$res:[ossl.'build_dir] crypto$src:[ossl] 'cms_class
+$!
+$ else
+$ inquire build_dir "What build do you want to rebuild? (ie. - BUILD_0001_DEBUG)"
+$ old_tree = "CRYPTO$RES:[OSSL.''build_dir']BATCH_BUILD.COM;"
+$ dirnam = f$parse(old_tree) - ".;"
+$ if "''dirnam'" .eqs. ""
+$ then
+$ write sys$output " "
+$ write sys$output " ''build_dir' can not be parsed."
+$ write sys$output " "
+$ write sys$output " No build done. Exiting"
+$ write sys$output " "
+$ exit
+$ endif
+$!
+$ if f$locate("ALPHA","''build_dir'") .lt. f$length("''build_dir'")
+$ then
+$ build_platform = "ALPHA"
+$ if f$locate("64","''build_dir'") .lt. f$length("''build_dir'")
+$ then
+$ build_bits = 64
+$ else
+$ build_bits = 32
+$ endif
+$ else
+$ build_platform = "VAX"
+$ build_bits = 32
+$ endif
+$!
+$!
+$ if f$locate("DEBUG","''build_dir'") .lt. f$length("''build_dir'")
+$ then
+$ debug_build = "Yes"
+$ debug_switch = "/DEBUG"
+$ debug_parameter = "DEBUG"
+$ else
+$ debug_build = "No"
+$ debug_switch = "/NODEBUG"
+$ debug_parameter = "NODEBUG"
+$ endif
+$ endif
+$!
+$!
+$!
+$ write sys$output " "
+$ write sys$output " All components will now be built. If you only want to build some"
+$ write sys$output " components, it is necessary to first build everything as a base."
+$ write sys$output " See MAKEVMS.COM for more details."
+$ write sys$output " "
+$!
+$!
+$!
+$ if "''build_platform'" .eqs. "ALPHA"
+$ then
+$ submit /log = crypto$res:[ossl.'build_dir'] -
+ /noprint -
+ /notify -
+ /parameters=('debug_parameter') -
+ /queue = ALPHA$BUILD -
+ crypto$res:[ossl.'build_dir']batch_build.com
+$ else
+$! /queue = NATIVE_VAX$BLD -
+$ submit /log = crypto$res:[ossl.'build_dir'] -
+ /noprint -
+ /notify -
+ /parameters=(nodebug) -
+ /queue = VAX$BUILD -
+ crypto$res:[ossl.'build_dir']batch_build.com
+$ endif
+$!
+$exit
diff --git a/VMS/install.com b/VMS/install.com
index f62635f24d..6cc624f035 100644
--- a/VMS/install.com
+++ b/VMS/install.com
@@ -4,6 +4,8 @@ $! Author: Richard Levitte <richard@levitte.org>
$! Time of creation: 23-MAY-1998 19:22
$!
$! P1 root of the directory tree
+$! P2 prefix for certain file (this is really for Compaq, who need to
+$! use the SSL$ prefix)
$!
$ IF P1 .EQS. ""
$ THEN
@@ -12,6 +14,15 @@ $ WRITE SYS$OUTPUT "Should be the directory where you want things installed.
$ EXIT
$ ENDIF
$
+$ IF P2 .NES. ""
+$ THEN
+$ FILE_PREFIX = P2
+$ LOG_PREFIX = P2
+$ ELSE
+$ FILE_PREFIX = "OPENSSL_"
+$ LOG_PREFIX = "SSL"
+$ ENDIF
+$
$ ROOT = F$PARSE(P1,"[]A.;0",,,"SYNTAX_ONLY,NO_CONCEAL") - "A.;0"
$ ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY")
$ ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") -
@@ -26,6 +37,7 @@ $ DEFINE/NOLOG WRK_SSLVEXE WRK_SSLROOT:[VAX_EXE]
$ DEFINE/NOLOG WRK_SSLAEXE WRK_SSLROOT:[ALPHA_EXE]
$ DEFINE/NOLOG WRK_SSLCERTS WRK_SSLROOT:[CERTS]
$ DEFINE/NOLOG WRK_SSLPRIVATE WRK_SSLROOT:[PRIVATE]
+$ DEFINE/NOLOG WRK_SSLCOM WRK_SSLROOT:[COM]
$
$ IF F$PARSE("WRK_SSLROOT:[000000]") .EQS. "" THEN -
CREATE/DIR/LOG WRK_SSLROOT:[000000]
@@ -33,40 +45,197 @@ $ IF F$PARSE("WRK_SSLINCLUDE:") .EQS. "" THEN -
CREATE/DIR/LOG WRK_SSLINCLUDE:
$ IF F$PARSE("WRK_SSLROOT:[VMS]") .EQS. "" THEN -
CREATE/DIR/LOG WRK_SSLROOT:[VMS]
+$ IF F$PARSE("WRK_SSLCOM:") .EQS. "" THEN -
+ CREATE/DIR/LOG WRK_SSLROOT:[COM]
$
$ IF F$SEARCH("WRK_SSLINCLUDE:vms_idhacks.h") .NES. "" THEN -
DELETE WRK_SSLINCLUDE:vms_idhacks.h;*
$
-$ OPEN/WRITE SF WRK_SSLROOT:[VMS]OPENSSL_STARTUP.COM
-$ WRITE SYS$OUTPUT "%OPEN-I-CREATED, ",F$SEARCH("WRK_SSLROOT:[VMS]OPENSSL_STARTUP.COM")," created."
-$ WRITE SF "$! Startup file for Openssl 0.9.2-RL 15-Mar-1999"
+$ OPEN/WRITE SF WRK_SSLCOM:'FILE_PREFIX'STARTUP.COM
+$ WRITE SYS$OUTPUT "%OPEN-I-CREATED, ",F$SEARCH("WRK_SSLCOM:''FILE_PREFIX'STARTUP.COM")," created."
+$ WRITE SF "$! Startup file for OpenSSL"
$ WRITE SF "$!"
$ WRITE SF "$! Do not edit this file, as it will be regenerated during next installation."
-$ WRITE SF "$! Instead, add or change SSLROOT:[VMS]OPENSSL_SYSTARTUP.COM"
+$ WRITE SF "$! Instead, add or change ''LOG_PREFIX'COM:'''FILE_PREFIX'SYSTARTUP.COM"
$ WRITE SF "$!"
-$ WRITE SF "$! P1 a qualifier to DEFINE. For example ""/SYSTEM"" to get the logical names"
-$ WRITE SF "$! defined in the system logical name table."
$ WRITE SF "$!"
$ WRITE SF "$ ARCH = ""VAX"""
$ WRITE SF "$ IF F$GETSYI(""CPU"") .GE. 128 THEN ARCH = ""ALPHA"""
-$ WRITE SF "$ DEFINE/NOLOG'P1 SSLROOT ",ROOT,".] /TRANS=CONC"
-$ WRITE SF "$ DEFINE/NOLOG'P1 SSLLIB SSLROOT:['ARCH'_LIB]"
-$ WRITE SF "$ DEFINE/NOLOG'P1 SSLINCLUDE SSLROOT:[INCLUDE]"
-$ WRITE SF "$ DEFINE/NOLOG'P1 SSLEXE SSLROOT:['ARCH'_EXE]"
-$ WRITE SF "$ DEFINE/NOLOG'P1 SSLCERTS SSLROOT:[CERTS]"
-$ WRITE SF "$ DEFINE/NOLOG'P1 SSLPRIVATE SSLROOT:[PRIVATE]"
+$ WRITE SF "$!"
+$ WRITE SF "$ IF F$SEARCH(""SYS$STARTUP:''FILE_PREFIX'DEFINE_ROOT.COM"") .NES."""" THEN -"
+$ WRITE SF "$ @SYS$STARTUP:''FILE_PREFIX'DEFINE_ROOT.COM"
+$ WRITE SF "$!"
+$ WRITE SF "$!"
+$ WRITE SF "$ DEFINE/NOLOG/SYSTEM/EXEC ''LOG_PREFIX'COM ''LOG_PREFIX'ROOT:[COM]"
+$ WRITE SF "$ DEFINE/NOLOG/SYSTEM/EXEC ''LOG_PREFIX'EXE ''LOG_PREFIX'ROOT:['ARCH'_EXE]"
+$ WRITE SF "$ DEFINE/NOLOG/SYSTEM/EXEC ''LOG_PREFIX'INCLUDE ''LOG_PREFIX'ROOT:[INCLUDE]"
+$ WRITE SF "$ DEFINE/NOLOG/SYSTEM/EXEC ''LOG_PREFIX'CERTS ''LOG_PREFIX'ROOT:[CERTS]"
+$ WRITE SF "$ DEFINE/NOLOG/SYSTEM/EXEC ''LOG_PREFIX'PRIVATE ''LOG_PREFIX'ROOT:[PRIVATE]"
+$ WRITE SF "$ DEFINE/NOLOG/SYSTEM/EXEC ''LOG_PREFIX'KEYS ''LOG_PREFIX'ROOT:[PRIVATE]"
$ WRITE SF "$"
$ WRITE SF "$! This is program can include <openssl/{foo}.h>"
-$ WRITE SF "$ DEFINE/NOLOG'P1 OPENSSL SSLINCLUDE:"
-$ WRITE SF "$"
-$ WRITE SF "$ IF F$SEARCH(""SSLROOT:[VMS]OPENSSL_SYSTARTUP.COM"") .NES."""" THEN -"
-$ WRITE SF " @SSLROOT:[VMS]OPENSSL_SYSTARTUP.COM"
+$ WRITE SF "$ DEFINE/NOLOG/SYSTEM/EXEC OPENSSL ''LOG_PREFIX'INCLUDE:"
+$ WRITE SF "$!"
+$ WRITE SF "$ IF F$SEARCH(""''LOG_PREFIX'COM:''FILE_PREFIX'SYSTARTUP.COM"") .NES."""" THEN -"
+$ WRITE SF " @''LOG_PREFIX'COM:''FILE_PREFIX'SYSTARTUP.COM"
$ WRITE SF "$"
$ WRITE SF "$ EXIT"
$ CLOSE SF
-$ SET FILE/PROT=WORLD:RE WRK_SSLROOT:[VMS]OPENSSL_STARTUP.COM
-$
-$ COPY OPENSSL_UTILS.COM WRK_SSLROOT:[VMS]/LOG
-$ SET FILE/PROT=WORLD:RE WRK_SSLROOT:[VMS]OPENSSL_UTILS.COM
+$ SET FILE/PROT=WORLD:RE WRK_SSLCOM:'FILE_PREFIX'STARTUP.COM
+$!
+$ OPEN/WRITE SF WRK_SSLCOM:'FILE_PREFIX'SHUTDOWN.COM
+$ WRITE SYS$OUTPUT "%OPEN-I-CREATED, ",F$SEARCH("WRK_SSLCOM:''FILE_PREFIX'SHUTDOWN.COM")," created."
+$ WRITE SF "$! Shutdown file for OpenSSL"
+$ WRITE SF "$!"
+$ WRITE SF "$! Do not edit this file, as it will be regenerated during next installation."
+$ WRITE SF "$!"
+$ WRITE SF "$ ARCH = ""VAX"""
+$ WRITE SF "$ IF F$GETSYI(""CPU"") .GE. 128 THEN ARCH = ""ALPHA"""
+$ WRITE SF "$!"
+$ WRITE SF "$ IF F$SEARCH(""''LOG_PREFIX'COM:''FILE_PREFIX'SYSHUTDOWN.COM"") .NES."""" THEN -"
+$ WRITE SF " @''LOG_PREFIX'COM:''FILE_PREFIX'SYSHUTDOWN.COM"
+$ WRITE SF "$!"
+$ WRITE SF "$ IF F$TRNLNM(""''LOG_PREFIX'CERTS"") .NES."""" THEN -"
+$ WRITE SF " DEASSIGN/SYSTEM/EXEC ''LOG_PREFIX'CERTS"
+$!
+$ WRITE SF "$ IF F$TRNLNM(""''LOG_PREFIX'COM"") .NES."""" THEN -"
+$ WRITE SF " DEASSIGN/SYSTEM/EXEC ''LOG_PREFIX'COM"
+$!
+$ WRITE SF "$ IF F$TRNLNM(""''LOG_PREFIX'EXE"") .NES."""" THEN -"
+$ WRITE SF " DEASSIGN/SYSTEM/EXEC ''LOG_PREFIX'EXE"
+$!
+$ WRITE SF "$ IF F$TRNLNM(""''LOG_PREFIX'INCLUDE"") .NES."""" THEN -"
+$ WRITE SF " DEASSIGN/SYSTEM/EXEC ''LOG_PREFIX'INCLUDE"
+$!
+$ WRITE SF "$ IF F$TRNLNM(""''LOG_PREFIX'CERTS"") .NES."""" THEN -"
+$ WRITE SF " DEASSIGN/SYSTEM/EXEC ''LOG_PREFIX'CERTS"
+$!
+$ WRITE SF "$ IF F$TRNLNM(""''LOG_PREFIX'PRIVATE"") .NES."""" THEN -"
+$ WRITE SF " DEASSIGN/SYSTEM/EXEC ''LOG_PREFIX'PRIVATE"
+$!
+$ WRITE SF "$ IF F$TRNLNM(""''LOG_PREFIX'KEYS"") .NES."""" THEN -"
+$ WRITE SF " DEASSIGN/SYSTEM/EXEC ''LOG_PREFIX'KEYS"
+$!
+$ WRITE SF "$!"
+$ WRITE SF "$ IF F$TRNLNM(""OPENSSL"") .NES."""" THEN -"
+$ WRITE SF " DEASSIGN/SYSTEM/EXEC OPENSSL"
+$ WRITE SF "$!"
+$ WRITE SF "$ IF F$TRNLNM(""''LOG_PREFIX'ROOT"") .NES."""" THEN -"
+$ WRITE SF " DEASSIGN/SYSTEM/EXEC ''LOG_PREFIX'ROOT"
+$ WRITE SF "$!"
+$ WRITE SF "$ EXIT"
+$ CLOSE SF
+$ SET FILE/PROT=WORLD:RE WRK_SSLCOM:'FILE_PREFIX'SHUTDOWN.COM
+$!
+$ OPEN/WRITE SF WRK_SSLCOM:'FILE_PREFIX'UTILS.COM
+$ WRITE SYS$OUTPUT "%OPEN-I-CREATED, ",F$SEARCH("WRK_SSLCOM:''FILE_PREFIX'UTILS.COM")," created."
+$ WRITE SF "$!"
+$ WRITE SF "$! APPS.COM"
+$ WRITE SF "$! Written By: Robert Byer"
+$ WRITE SF "$! Vice-President"
+$ WRITE SF "$! A-Com Computing, Inc."
+$ WRITE SF "$! byer@mail.all-net.net"
+$ WRITE SF "$!"
+$ WRITE SF "$!"
+$ WRITE SF "$! Slightly modified by Richard Levitte <richard@levitte.org>"
+$ WRITE SF "$!"
+$ WRITE SF "$ IF P1 .NES. "" THEN GOTO 'P1"
+$ WRITE SF "$!"
+$ WRITE SF "$DEFINE:"
+$ WRITE SF "$!"
+$ WRITE SF "$ OPENSSL :== $''LOG_PREFIX'EXE:OPENSSL"
+$ WRITE SF "$ VERIFY :== $''LOG_PREFIX'EXE:OPENSSL VERIFY"
+$ WRITE SF "$ ASN1PARSE:== $''LOG_PREFIX'EXE:OPENSSL ASN1PARS"
+$ WRITE SF "$ REQ :== $''LOG_PREFIX'EXE:OPENSSL REQ"
+$ WRITE SF "$ DGST :== $''LOG_PREFIX'EXE:OPENSSL DGST"
+$ WRITE SF "$ DH :== $''LOG_PREFIX'EXE:OPENSSL DH"
+$ WRITE SF "$ ENC :== $''LOG_PREFIX'EXE:OPENSSL ENC"
+$ WRITE SF "$ GENDH :== $''LOG_PREFIX'EXE:OPENSSL GENDH"
+$ WRITE SF "$ ERRSTR :== $''LOG_PREFIX'EXE:OPENSSL ERRSTR"
+$ WRITE SF "$ CA :== $''LOG_PREFIX'EXE:OPENSSL CA"
+$ WRITE SF "$ CRL :== $''LOG_PREFIX'EXE:OPENSSL CRL"
+$ WRITE SF "$ RSA :== $''LOG_PREFIX'EXE:OPENSSL RSA"
+$ WRITE SF "$ DSA :== $''LOG_PREFIX'EXE:OPENSSL DSA"
+$ WRITE SF "$ DSAPARAM :== $''LOG_PREFIX'EXE:OPENSSL DSAPARAM"
+$ WRITE SF "$ X509 :== $''LOG_PREFIX'EXE:OPENSSL X509"
+$ WRITE SF "$ GENRSA :== $''LOG_PREFIX'EXE:OPENSSL GENRSA"
+$ WRITE SF "$ GENDSA :== $''LOG_PREFIX'EXE:OPENSSL GENDSA"
+$ WRITE SF "$ S_SERVER :== $''LOG_PREFIX'EXE:OPENSSL S_SERVER"
+$ WRITE SF "$ S_CLIENT :== $''LOG_PREFIX'EXE:OPENSSL S_CLIENT"
+$ WRITE SF "$ SPEED :== $''LOG_PREFIX'EXE:OPENSSL SPEED"
+$ WRITE SF "$ S_TIME :== $''LOG_PREFIX'EXE:OPENSSL S_TIME"
+$ WRITE SF "$ VERSION :== $''LOG_PREFIX'EXE:OPENSSL VERSION"
+$ WRITE SF "$ PKCS7 :== $''LOG_PREFIX'EXE:OPENSSL PKCS7"
+$ WRITE SF "$ CRL2PKCS7:== $''LOG_PREFIX'EXE:OPENSSL CRL2P7"
+$ WRITE SF "$ SESS_ID :== $''LOG_PREFIX'EXE:OPENSSL SESS_ID"
+$ WRITE SF "$ CIPHERS :== $''LOG_PREFIX'EXE:OPENSSL CIPHERS"
+$ WRITE SF "$ NSEQ :== $''LOG_PREFIX'EXE:OPENSSL NSEQ"
+$ WRITE SF "$ PKCS12 :== $''LOG_PREFIX'EXE:OPENSSL PKCS12"
+$ WRITE SF "$!"
+$ WRITE SF "$EXIT"
+$ WRITE SF "$!"
+$ WRITE SF "$REMOVE:"
+$ WRITE SF "$ DELETE/SYMBOL/GLOBAL OPENSSL"
+$ WRITE SF "$ DELETE/SYMBOL/GLOBAL VERIFY"
+$ WRITE SF "$ DELETE/SYMBOL/GLOBAL ASN1PARSE"
+$ WRITE SF "$ DELETE/SYMBOL/GLOBAL REQ"
+$ WRITE SF "$ DELETE/SYMBOL/GLOBAL DGST"
+$ WRITE SF "$ DELETE/SYMBOL/GLOBAL DH"
+$ WRITE SF "$ DELETE/SYMBOL/GLOBAL ENC"
+$ WRITE SF "$ DELETE/SYMBOL/GLOBAL GENDH"
+$ WRITE SF "$ DELETE/SYMBOL/GLOBAL ERRSTR"
+$ WRITE SF "$ DELETE/SYMBOL/GLOBAL CA"
+$ WRITE SF "$ DELETE/SYMBOL/GLOBAL CRL"
+$ WRITE SF "$ DELETE/SYMBOL/GLOBAL RSA"
+$ WRITE SF "$ DELETE/SYMBOL/GLOBAL DSA"
+$ WRITE SF "$ DELETE/SYMBOL/GLOBAL DSAPARAM"
+$ WRITE SF "$ DELETE/SYMBOL/GLOBAL X509"
+$ WRITE SF "$ DELETE/SYMBOL/GLOBAL GENRSA"
+$ WRITE SF "$ DELETE/SYMBOL/GLOBAL GENDSA"
+$ WRITE SF "$ DELETE/SYMBOL/GLOBAL S_SERVER"
+$ WRITE SF "$ DELETE/SYMBOL/GLOBAL S_CLIENT"
+$ WRITE SF "$ DELETE/SYMBOL/GLOBAL SPEED"
+$ WRITE SF "$ DELETE/SYMBOL/GLOBAL S_TIME"
+$ WRITE SF "$ DELETE/SYMBOL/GLOBAL VERSION"
+$ WRITE SF "$ DELETE/SYMBOL/GLOBAL PKCS7"
+$ WRITE SF "$ DELETE/SYMBOL/GLOBAL CRL2PKCS7"
+$ WRITE SF "$ DELETE/SYMBOL/GLOBAL SESS_ID"
+$ WRITE SF "$ DELETE/SYMBOL/GLOBAL CIPHERS"
+$ WRITE SF "$ DELETE/SYMBOL/GLOBAL NSEQ"
+$ WRITE SF "$ DELETE/SYMBOL/GLOBAL PKCS12"
+$ WRITE SF "$!"
+$ WRITE SF "$EXIT"
+$ CLOSE SF
+$ SET FILE/PROT=WORLD:RE WRK_SSLCOM:'FILE_PREFIX'UTILS.COM
+$!
+$ CERT_DIR := [.CERT_TOOL]
+$ CERT_FILES := SSL$AUTH_CERT.COM,SSL$AUTO_CERT.COM,SSL$CERT_TOOL.COM, -
+ SSL$CONF_UTIL.COM,SSL$DRAW_BOX.COM,SSL$EXIT_CMD.TPU, -
+ SSL$FILL_BOX.COM,SSL$HASH_CERT.COM,SSL$HOSTADDR.EXE, -
+ SSL$HOSTNAME.EXE,SSL$INIT_ENV.COM,SSL$INIT_TERM.COM, -
+ SSL$PICK_FILE.COM,SSL$RQST_CERT.COM,SSL$SELF_CERT.COM, -
+ SSL$SHOW_FILE.COM,SSL$SIGN_CERT.COM,SSL$VIEW_CERT.COM, -
+ SSL$REM_ENV.COM
+$!
+$ I = 0
+$ LOOP:
+$ CF = F$EDIT(F$ELEMENT(I, ",", CERT_FILES),"TRIM")
+$ I = I + 1
+$ IF CF .EQS. "," THEN GOTO LOOP_END
+$ SET NOON
+$ IF F$SEARCH(CERT_DIR+CF) .NES. ""
+$ THEN
+$ IF CF - ".EXE" .NES. CF
+$ THEN
+$ COPY 'CERT_DIR''CF' WRK_SSLEXE:*.*/log
+$ SET FILE/PROT=W:RE WRK_SSLEXE:'CF'
+$ ELSE
+$ COPY 'CERT_DIR''CF' WRK_SSLCOM:*.*/log
+$ SET FILE/PROT=W:RE WRK_SSLCOM:'CF'
+$ ENDIF
+$ ENDIF
+$ SET ON
+$ GOTO LOOP
+$ LOOP_END:
$
$ EXIT
diff --git a/VMS/mkshared.com b/VMS/mkshared.com
index 1356fb9dd7..da8f899db8 100644
--- a/VMS/mkshared.com
+++ b/VMS/mkshared.com
@@ -1,7 +1,16 @@
$! MKSHARED.COM -- script to created shareable images on VMS
$!
-$! No command line parameters. This should be run at the start of the source
-$! tree (the same directory where one finds INSTALL.VMS).
+$! This should be run at the start of the source tree (the same directory
+$! where one finds INSTALL.VMS).
+$!
+$! Command line parameters:
+$!
+$! P1 prefix for certain file (this is really for Compaq, who need to
+$! use the SSL$ prefix)
+$! P2 "32" for 32-bit pointer size
+$! "64" for 64-bit pointer size
+$! "" for default pointer size (64 bits on Alpha, 32 bits on VAX)
+$! any other value gets the same effect as ""
$!
$! Input: [.UTIL]LIBEAY.NUM,[.AXP.EXE.CRYPTO]LIBCRYPTO.OLB
$! [.UTIL]SSLEAY.NUM,[.AXP.EXE.SSL]LIBSSL.OLB
@@ -19,15 +28,21 @@ $ write sys$error "ERROR: Couldn't find any library version info..."
$ exit
$ endif
$
+$ file_prefix = p1
+$ if p2 .nes. "" .and. p2 .nes. "32" .and. p2 .nes. "64" then p2 = ""
+$
$ if f$getsyi("CPU") .ge. 128
$ then
+$ if p2 .eqs. "" then p2 = "64"
+$ build_bits = p2
+$ if build_bits .eqs. "64" then build_bits = ""
$ libid = "Crypto"
$ libnum = "[.UTIL]LIBEAY.NUM"
$ libdir = "[.AXP.EXE.CRYPTO]"
$ libolb = "''libdir'LIBCRYPTO.OLB"
$ libopt = "''libdir'LIBCRYPTO.OPT"
$ libmap = "''libdir'LIBCRYPTO.MAP"
-$ libgoal= "''libdir'LIBCRYPTO.EXE"
+$ libgoal= "''libdir'''file_prefix'LIBCRYPTO_SHR''build_bits'.EXE"
$ libref = ""
$ gosub create_axp_shr
$ libid = "SSL"
@@ -36,10 +51,12 @@ $ libdir = "[.AXP.EXE.SSL]"
$ libolb = "''libdir'LIBSSL.OLB"
$ libopt = "''libdir'LIBSSL.OPT"
$ libmap = "''libdir'LIBSSL.MAP"
-$ libgoal= "''libdir'LIBSSL.EXE"
-$ libref = "[.AXP.EXE.CRYPTO]LIBCRYPTO.EXE"
+$ libgoal= "''libdir'''file_prefix'LIBSSL_SHR''build_bits'.EXE"
+$ libref = "[.AXP.EXE.CRYPTO]''file_prefix'LIBCRYPTO_SHR''build_bits'.EXE"
$ gosub create_axp_shr
$ else
+$ p2 = "32"
+$ build_bits = ""
$ libtit = "CRYPTO_TRANSFER_VECTOR"
$ libid = "Crypto"
$ libnum = "[.UTIL]LIBEAY.NUM"
@@ -49,7 +66,7 @@ $ libolb = "''libdir'LIBCRYPTO.OLB"
$ libopt = "''libdir'LIBCRYPTO.OPT"
$ libobj = "''libdir'LIBCRYPTO.OBJ"
$ libmap = "''libdir'LIBCRYPTO.MAP"
-$ libgoal= "''libdir'LIBCRYPTO.EXE"
+$ libgoal= "''libdir'''file_prefix'LIBCRYPTO_SHR''build_bits'.EXE"
$ libref = ""
$ libvec = "LIBCRYPTO"
$ gosub create_vax_shr
@@ -62,8 +79,8 @@ $ libolb = "''libdir'LIBSSL.OLB"
$ libopt = "''libdir'LIBSSL.OPT"
$ libobj = "''libdir'LIBSSL.OBJ"
$ libmap = "''libdir'LIBSSL.MAP"
-$ libgoal= "''libdir'LIBSSL.EXE"
-$ libref = "[.VAX.EXE.CRYPTO]LIBCRYPTO.EXE"
+$ libgoal= "''libdir'''file_prefix'LIBSSL_SHR''build_bits'.EXE"
+$ libref = "[.VAX.EXE.CRYPTO]''file_prefix'LIBCRYPTO_SHR''build_bits'.EXE"
$ libvec = "LIBSSL"
$ gosub create_vax_shr
$ endif
@@ -144,7 +161,7 @@ $ libfirstentry := false
$ textcount = textcount + textcount_this
$ return
$
-$! ----- Subroutines for AXP
+$! ----- Subroutines for VAX
$! -----
$! The creator routine
$ create_vax_shr:
@@ -179,8 +196,8 @@ $ type sys$input:/out=mar:
; Allocate extra storage at end of vector to allow for expansion.
;
$ write mar " .BLKB 32768-<.-",libvec,"_xfer> ; 64 pages total."
-$! libwriter := write_vax_vtransfer_entry
-$! gosub read_func_num
+$ libwriter := write_vax_vtransfer_entry
+$ gosub read_func_num
$ write mar " .END"
$ close mar
$ open/write opt 'libopt'
@@ -202,7 +219,7 @@ $ type sys$input:/out=opt:
PSECT_ATTR=$CHAR_STRING_CONSTANTS,NOWRT
$ libwrch := opt
$ libwriter := write_vax_psect_attr
-$ gosub read_func_num
+$ gosub read_var_num
$ close opt
$ macro/obj='libobj' 'libmar'
$ link/map='libmap'/full/share='libgoal' 'libopt'/option
diff --git a/VMS/tcpip_shr_decc.opt b/VMS/tcpip_shr_decc.opt
new file mode 100644
index 0000000000..33b159e5f5
--- /dev/null
+++ b/VMS/tcpip_shr_decc.opt
@@ -0,0 +1 @@
+sys$share:tcpip$ipc_shr.exe/share
diff --git a/apps/CA.pl.in b/apps/CA.pl.in
index 5d829c05eb..b09820755d 100644
--- a/apps/CA.pl.in
+++ b/apps/CA.pl.in
@@ -36,22 +36,14 @@
# default openssl.cnf file has setup as per the following
# demoCA ... where everything is stored
-my $openssl;
-if(defined $ENV{OPENSSL}) {
- $openssl = $ENV{OPENSSL};
-} else {
- $openssl = "openssl";
- $ENV{OPENSSL} = $openssl;
-}
-
$SSLEAY_CONFIG=$ENV{"SSLEAY_CONFIG"};
$DAYS="-days 365"; # 1 year
$CADAYS="-days 1095"; # 3 years
-$REQ="$openssl req $SSLEAY_CONFIG";
-$CA="$openssl ca $SSLEAY_CONFIG";
-$VERIFY="$openssl verify";
-$X509="$openssl x509";
-$PKCS12="$openssl pkcs12";
+$REQ="openssl req $SSLEAY_CONFIG";
+$CA="openssl ca $SSLEAY_CONFIG";
+$VERIFY="openssl verify";
+$X509="openssl x509";
+$PKCS12="openssl pkcs12";
$CATOP="./demoCA";
$CAKEY="cakey.pem";
diff --git a/apps/CA.sh b/apps/CA.sh
index 46e86bf94b..e63a2267ee 100644
--- a/apps/CA.sh
+++ b/apps/CA.sh
@@ -30,14 +30,12 @@
# default openssl.cnf file has setup as per the following
# demoCA ... where everything is stored
-if [ -z "$OPENSSL" ]; then OPENSSL=openssl; fi
-
DAYS="-days 365" # 1 year
CADAYS="-days 1095" # 3 years
-REQ="$OPENSSL req $SSLEAY_CONFIG"
-CA="$OPENSSL ca $SSLEAY_CONFIG"
-VERIFY="$OPENSSL verify"
-X509="$OPENSSL x509"
+REQ="openssl req $SSLEAY_CONFIG"
+CA="openssl ca $SSLEAY_CONFIG"
+VERIFY="openssl verify"
+X509="openssl x509"
CATOP=./demoCA
CAKEY=./cakey.pem
diff --git a/apps/Makefile.ssl b/apps/Makefile.ssl
index 8fd61bfe54..3d75664660 100644
--- a/apps/Makefile.ssl
+++ b/apps/Makefile.ssl
@@ -38,7 +38,7 @@ LIBSSL=-L.. -lssl
PROGRAM= openssl
-SCRIPTS=CA.sh CA.pl
+SCRIPTS=CA.sh CA.pl der_chop
EXE= $(PROGRAM)$(EXE_EXT)
@@ -62,16 +62,14 @@ E_OBJ= verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o er
rsa.o rsautl.o dsa.o dsaparam.o ec.o ecparam.o \
x509.o genrsa.o gendsa.o s_server.o s_client.o speed.o \
s_time.o $(A_OBJ) $(S_OBJ) $(RAND_OBJ) version.o sess_id.o \
- ciphers.o nseq.o pkcs12.o pkcs8.o spkac.o smime.o rand.o engine.o \
- ocsp.o
+ ciphers.o nseq.o pkcs12.o pkcs8.o spkac.o smime.o rand.o engine.o ocsp.o
E_SRC= verify.c asn1pars.c req.c dgst.c dh.c enc.c passwd.c gendh.c errstr.c ca.c \
pkcs7.c crl2p7.c crl.c \
rsa.c rsautl.c dsa.c dsaparam.c ec.c ecparam.c \
x509.c genrsa.c gendsa.c s_server.c s_client.c speed.c \
s_time.c $(A_SRC) $(S_SRC) $(RAND_SRC) version.c sess_id.c \
- ciphers.c nseq.c pkcs12.c pkcs8.c spkac.c smime.c rand.c engine.c \
- ocsp.c
+ ciphers.c nseq.c pkcs12.c pkcs8.c spkac.c smime.c rand.c engine.c ocsp.c
SRC=$(E_SRC)
@@ -94,8 +92,7 @@ req: sreq.o $(A_OBJ) $(DLIBCRYPTO)
shlib_target="$(SHLIB_TARGET)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=req CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAG)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=req LDFLAGS="$(CFLAG)" \
OBJECTS="sreq.o $(A_OBJ) $(RAND_OBJ)" \
LIBDEPS="$(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -165,16 +162,19 @@ $(EXE): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL)
LIBRARIES="$(LIBSSL) $(LIBKRB5) $(LIBCRYPTO)" ; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(EXE) CC="$(CC)" CFLAGS="$(CFLAG)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(EXE) LDFLAGS="$(CFLAG)" \
OBJECTS="$(PROGRAM).o $(E_OBJ)" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
link_app.$${shlib_target}
- @case "../*.dll" in *\**) ;; *) cp -p ../*.dll .;; esac
- -(cd ..; \
- OPENSSL="`pwd`/util/opensslwrap.sh"; export OPENSSL; \
- $(PERL) tools/c_rehash certs)
+ -(cd ..; OPENSSL="`pwd`/apps/$(EXE)"; export OPENSSL; \
+ LD_LIBRARY_PATH="`pwd`:$$LD_LIBRARY_PATH"; \
+ DYLD_LIBRARY_PATH="`pwd`:$$DYLD_LIBRARY_PATH"; \
+ SHLIB_PATH="`pwd`:$$SHLIB_PATH"; \
+ LIBPATH="`pwd`:$$LIBPATH"; \
+ if [ "$(PLATFORM)" = "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \
+ export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; \
+ $(PERL) tools/c_rehash certs)
progs.h: progs.pl
$(PERL) progs.pl $(E_EXE) >progs.h
@@ -787,8 +787,7 @@ smime.o: ../include/openssl/pem.h ../include/openssl/pem2.h
smime.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
smime.o: ../include/openssl/sha.h ../include/openssl/stack.h
smime.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-smime.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-smime.o: ../include/openssl/x509v3.h apps.h smime.c
+smime.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h smime.c
speed.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
speed.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
speed.o: ../include/openssl/bn.h ../include/openssl/buffer.h
diff --git a/apps/apps.c b/apps/apps.c
index 1bcebc749a..3c3a11ce4d 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -539,7 +539,7 @@ int password_callback(char *buf, int bufsiz, int verify,
char *prompt = NULL;
prompt = UI_construct_prompt(ui, "pass phrase",
- prompt_info);
+ cb_data->prompt_info);
ui_flags |= UI_INPUT_FLAG_DEFAULT_PWD;
UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0);
@@ -688,51 +688,6 @@ int add_oid_section(BIO *err, CONF *conf)
return 1;
}
-static int load_pkcs12(BIO *err, BIO *in, const char *desc,
- pem_password_cb *pem_cb, void *cb_data,
- EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca)
- {
- const char *pass;
- char tpass[PEM_BUFSIZE];
- int len, ret = 0;
- PKCS12 *p12;
- p12 = d2i_PKCS12_bio(in, NULL);
- if (p12 == NULL)
- {
- BIO_printf(err, "Error loading PKCS12 file for %s\n", desc);
- goto die;
- }
- /* See if an empty password will do */
- if (PKCS12_verify_mac(p12, "", 0) || PKCS12_verify_mac(p12, NULL, 0))
- pass = "";
- else
- {
- if (!pem_cb)
- pem_cb = (pem_password_cb *)password_callback;
- len = pem_cb(tpass, PEM_BUFSIZE, 0, cb_data);
- if (len < 0)
- {
- BIO_printf(err, "Passpharse callback error for %s\n",
- desc);
- goto die;
- }
- if (len < PEM_BUFSIZE)
- tpass[len] = 0;
- if (!PKCS12_verify_mac(p12, tpass, len))
- {
- BIO_printf(err,
- "Mac verify error (wrong password?) in PKCS12 file for %s\n", desc);
- goto die;
- }
- pass = tpass;
- }
- ret = PKCS12_parse(p12, pass, pkey, cert, ca);
- die:
- if (p12)
- PKCS12_free(p12);
- return ret;
- }
-
X509 *load_cert(BIO *err, const char *file, int format,
const char *pass, ENGINE *e, const char *cert_descrip)
{
@@ -813,9 +768,11 @@ X509 *load_cert(BIO *err, const char *file, int format,
(pem_password_cb *)password_callback, NULL);
else if (format == FORMAT_PKCS12)
{
- if (!load_pkcs12(err, cert,cert_descrip, NULL, NULL,
- NULL, &x, NULL))
- goto end;
+ PKCS12 *p12 = d2i_PKCS12_bio(cert, NULL);
+
+ PKCS12_parse(p12, NULL, NULL, &x, NULL);
+ PKCS12_free(p12);
+ p12 = NULL;
}
else {
BIO_printf(err,"bad input format specified for %s\n",
@@ -894,10 +851,11 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
#endif
else if (format == FORMAT_PKCS12)
{
- if (!load_pkcs12(err, key, key_descrip,
- (pem_password_cb *)password_callback, &cb_data,
- &pkey, NULL, NULL))
- goto end;
+ PKCS12 *p12 = d2i_PKCS12_bio(key, NULL);
+
+ PKCS12_parse(p12, pass, &pkey, NULL, NULL);
+ PKCS12_free(p12);
+ p12 = NULL;
}
else
{
@@ -2182,141 +2140,3 @@ int WIN32_rename(char *from, char *to)
#endif
}
#endif
-
-int args_verify(char ***pargs, int *pargc,
- int *badarg, BIO *err, X509_VERIFY_PARAM **pm)
- {
- ASN1_OBJECT *otmp = NULL;
- unsigned long flags = 0;
- int i;
- int purpose = 0;
- char **oldargs = *pargs;
- char *arg = **pargs, *argn = (*pargs)[1];
- if (!strcmp(arg, "-policy"))
- {
- if (!argn)
- *badarg = 1;
- else
- {
- otmp = OBJ_txt2obj(argn, 0);
- if (!otmp)
- {
- BIO_printf(err, "Invalid Policy \"%s\"\n",
- argn);
- *badarg = 1;
- }
- }
- (*pargs)++;
- }
- else if (strcmp(arg,"-purpose") == 0)
- {
- X509_PURPOSE *xptmp;
- if (!argn)
- *badarg = 1;
- else
- {
- i = X509_PURPOSE_get_by_sname(argn);
- if(i < 0)
- {
- BIO_printf(err, "unrecognized purpose\n");
- *badarg = 1;
- }
- else
- {
- xptmp = X509_PURPOSE_get0(i);
- purpose = X509_PURPOSE_get_id(xptmp);
- }
- }
- (*pargs)++;
- }
- else if (!strcmp(arg, "-ignore_critical"))
- flags |= X509_V_FLAG_IGNORE_CRITICAL;
- else if (!strcmp(arg, "-issuer_checks"))
- flags |= X509_V_FLAG_CB_ISSUER_CHECK;
- else if (!strcmp(arg, "-crl_check"))
- flags |= X509_V_FLAG_CRL_CHECK;
- else if (!strcmp(arg, "-crl_check_all"))
- flags |= X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL;
- else if (!strcmp(arg, "-policy_check"))
- flags |= X509_V_FLAG_POLICY_CHECK;
- else if (!strcmp(arg, "-explicit_policy"))
- flags |= X509_V_FLAG_EXPLICIT_POLICY;
- else if (!strcmp(arg, "-x509_strict"))
- flags |= X509_V_FLAG_X509_STRICT;
- else if (!strcmp(arg, "-policy_print"))
- flags |= X509_V_FLAG_NOTIFY_POLICY;
- else
- return 0;
-
- if (*badarg)
- {
- if (*pm)
- X509_VERIFY_PARAM_free(*pm);
- *pm = NULL;
- goto end;
- }
-
- if (!*pm && !(*pm = X509_VERIFY_PARAM_new()))
- {
- *badarg = 1;
- goto end;
- }
-
- if (otmp)
- X509_VERIFY_PARAM_add0_policy(*pm, otmp);
- if (flags)
- X509_VERIFY_PARAM_set_flags(*pm, flags);
-
- if (purpose)
- X509_VERIFY_PARAM_set_purpose(*pm, purpose);
-
- end:
-
- (*pargs)++;
-
- if (pargc)
- *pargc -= *pargs - oldargs;
-
- return 1;
-
- }
-
-static void nodes_print(BIO *out, char *name, STACK_OF(X509_POLICY_NODE) *nodes)
- {
- X509_POLICY_NODE *node;
- int i;
- BIO_printf(out, "%s Policies:", name);
- if (nodes)
- {
- BIO_puts(out, "\n");
- for (i = 0; i < sk_X509_POLICY_NODE_num(nodes); i++)
- {
- node = sk_X509_POLICY_NODE_value(nodes, i);
- X509_POLICY_NODE_print(out, node, 2);
- }
- }
- else
- BIO_puts(out, " <empty>\n");
- }
-
-void policies_print(BIO *out, X509_STORE_CTX *ctx)
- {
- X509_POLICY_TREE *tree;
- int explicit_policy;
- int free_out = 0;
- if (out == NULL)
- {
- out = BIO_new_fp(stderr, BIO_NOCLOSE);
- free_out = 1;
- }
- tree = X509_STORE_CTX_get0_policy_tree(ctx);
- explicit_policy = X509_STORE_CTX_get_explicit_policy(ctx);
-
- BIO_printf(out, "Require explicit Policy: %s\n",
- explicit_policy ? "True" : "False");
-
- nodes_print(out, "Authority", X509_policy_tree_get0_policies(tree));
- nodes_print(out, "User", X509_policy_tree_get0_user_policies(tree));
- if (free_out)
- BIO_free(out);
- }
diff --git a/apps/apps.h b/apps/apps.h
index 7d879637b7..e653bf1b46 100644
--- a/apps/apps.h
+++ b/apps/apps.h
@@ -317,9 +317,6 @@ int index_name_cmp(const char **a, const char **b);
int parse_yesno(char *str, int def);
X509_NAME *parse_name(char *str, long chtype, int multirdn);
-int args_verify(char ***pargs, int *pargc,
- int *badarg, BIO *err, X509_VERIFY_PARAM **pm);
-void policies_print(BIO *out, X509_STORE_CTX *ctx);
#define FORMAT_UNDEF 0
#define FORMAT_ASN1 1
diff --git a/apps/ca.c b/apps/ca.c
index 15c5741624..0fd445613d 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -549,6 +549,10 @@ bad:
ERR_load_crypto_strings();
+#ifndef OPENSSL_NO_ENGINE
+ e = setup_engine(bio_err, engine, 0);
+#endif
+
/*****************************************************************/
tofree=NULL;
if (configfile == NULL) configfile = getenv("OPENSSL_CONF");
@@ -593,10 +597,6 @@ bad:
if (!load_config(bio_err, conf))
goto err;
-#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
-#endif
-
/* Lets get the config section we are using */
if (section == NULL)
{
@@ -995,27 +995,25 @@ bad:
}
}
- if ((md == NULL) && ((md=NCONF_get_string(conf,
- section,ENV_DEFAULT_MD)) == NULL))
- {
- lookup_fail(section,ENV_DEFAULT_MD);
- goto err;
- }
-
- if ((dgst=EVP_get_digestbyname(md)) == NULL)
- {
- BIO_printf(bio_err,"%s is an unsupported message digest type\n",md);
- goto err;
- }
-
if (req)
{
+ if ((md == NULL) && ((md=NCONF_get_string(conf,
+ section,ENV_DEFAULT_MD)) == NULL))
+ {
+ lookup_fail(section,ENV_DEFAULT_MD);
+ goto err;
+ }
if ((email_dn == 1) && ((tmp_email_dn=NCONF_get_string(conf,
section,ENV_DEFAULT_EMAIL_DN)) != NULL ))
{
if(strcmp(tmp_email_dn,"no") == 0)
email_dn=0;
}
+ if ((dgst=EVP_get_digestbyname(md)) == NULL)
+ {
+ BIO_printf(bio_err,"%s is an unsupported message digest type\n",md);
+ goto err;
+ }
if (verbose)
BIO_printf(bio_err,"message digest is %s\n",
OBJ_nid2ln(dgst->type));
@@ -1398,15 +1396,28 @@ bad:
/* we now have a CRL */
if (verbose) BIO_printf(bio_err,"signing CRL\n");
-#ifndef OPENSSL_NO_DSA
- if (pkey->type == EVP_PKEY_DSA)
- dgst=EVP_dss1();
+ if (md != NULL)
+ {
+ if ((dgst=EVP_get_digestbyname(md)) == NULL)
+ {
+ BIO_printf(bio_err,"%s is an unsupported message digest type\n",md);
+ goto err;
+ }
+ }
else
+ {
+#ifndef OPENSSL_NO_DSA
+ if (pkey->type == EVP_PKEY_DSA)
+ dgst=EVP_dss1();
+ else
#endif
#ifndef OPENSSL_NO_ECDSA
- if (pkey->type == EVP_PKEY_EC)
- dgst=EVP_ecdsa();
+ if (pkey->type == EVP_PKEY_EC)
+ dgst=EVP_ecdsa();
+ else
#endif
+ dgst=EVP_md5();
+ }
/* Add any extensions asked for */
diff --git a/apps/crl.c b/apps/crl.c
index 878f65468e..81d66587c1 100644
--- a/apps/crl.c
+++ b/apps/crl.c
@@ -355,11 +355,7 @@ bad:
if (text) X509_CRL_print(out, x);
- if (noout)
- {
- ret = 0;
- goto end;
- }
+ if (noout) goto end;
if (outformat == FORMAT_ASN1)
i=(int)i2d_X509_CRL_bio(out,x);
diff --git a/apps/der_chop.in b/apps/der_chop.in
new file mode 100644
index 0000000000..9070b032fc
--- /dev/null
+++ b/apps/der_chop.in
@@ -0,0 +1,305 @@
+#!/usr/local/bin/perl
+#
+# der_chop ... this is one total hack that Eric is really not proud of
+# so don't look at it and don't ask for support
+#
+# The "documentation" for this (i.e. all the comments) are my fault --tjh
+#
+# This program takes the "raw" output of derparse/asn1parse and
+# converts it into tokens and then runs regular expression matches
+# to try to figure out what to grab to get the things that are needed
+# and it is possible that this will do the wrong thing as it is a *hack*
+#
+# SSLeay 0.5.2+ should have direct read support for x509 (via -inform NET)
+# [I know ... promises promises :-)]
+#
+# To convert a Netscape Certificate:
+# der_chop < ServerCert.der > cert.pem
+# To convert a Netscape Key (and encrypt it again to protect it)
+# rsa -inform NET -in ServerKey.der -des > key.pem
+#
+# 23-Apr-96 eay Added the extra ASN.1 string types, I still think this
+# is an evil hack. If nothing else the parsing should
+# be relative, not absolute.
+# 19-Apr-96 tjh hacked (with eay) into 0.5.x format
+#
+# Tim Hudson
+# tjh@cryptsoft.com
+#
+
+
+require 'getopts.pl';
+
+$debug=0;
+
+# this was the 0.4.x way of doing things ...
+$cmd="derparse";
+$x509_cmd="x509";
+$crl_cmd="crl";
+$rc4_cmd="rc4";
+$md2_cmd="md2";
+$md4_cmd="md4";
+$rsa_cmd="rsa -des -inform der ";
+
+# this was the 0.5.x way of doing things ...
+$cmd="openssl asn1parse";
+$x509_cmd="openssl x509";
+$crl_cmd="openssl crl";
+$rc4_cmd="openssl rc4";
+$md2_cmd="openssl md2";
+$md4_cmd="openssl md4";
+$rsa_cmd="openssl rsa -des -inform der ";
+
+&Getopts('vd:') || die "usage:$0 [-v] [-d num] file";
+$depth=($opt_d =~ /^\d+$/)?$opt_d:0;
+
+&init_der();
+
+if ($#ARGV != -1)
+ {
+ foreach $file (@ARGV)
+ {
+ print STDERR "doing $file\n";
+ &dofile($file);
+ }
+ }
+else
+ {
+ $file="/tmp/a$$.DER";
+ open(OUT,">$file") || die "unable to open $file:$!\n";
+ for (;;)
+ {
+ $i=sysread(STDIN,$b,1024*10);
+ last if ($i <= 0);
+ $i=syswrite(OUT,$b,$i);
+ }
+ &dofile($file);
+ unlink($file);
+ }
+
+sub dofile
+ {
+ local($file)=@_;
+ local(@p);
+
+ $b=&load_file($file);
+ @p=&load_file_parse($file);
+
+ foreach $_ (@p)
+ {
+ ($off,$d,$hl,$len)=&parse_line($_);
+ $d-=$depth;
+ next if ($d != 0);
+ next if ($len == 0);
+
+ $o=substr($b,$off,$len+$hl);
+ ($str,@data)=&der_str($o);
+ print "$str\n" if ($opt_v);
+ if ($str =~ /^$crl/)
+ {
+ open(OUT,"|$crl_cmd -inform d -hash -issuer") ||
+ die "unable to run $crl_cmd:$!\n";
+ print OUT $o;
+ close(OUT);
+ }
+ elsif ($str =~ /^$x509/)
+ {
+ open(OUT,"|$x509_cmd -inform d -hash -subject -issuer")
+ || die "unable to run $x509_cmd:$!\n";
+ print OUT $o;
+ close(OUT);
+ }
+ elsif ($str =~ /^$rsa/)
+ {
+ ($type)=($data[3] =~ /OBJECT_IDENTIFIER :(.*)\s*$/);
+ next unless ($type eq "rsaEncryption");
+ ($off,$d,$hl,$len)=&parse_line($data[5]);
+ $os=substr($o,$off+$hl,$len);
+ open(OUT,"|$rsa_cmd")
+ || die "unable to run $rsa_cmd:$!\n";
+ print OUT $os;
+ close(OUT);
+ }
+ elsif ($str =~ /^0G-1D-1G/)
+ {
+ ($off,$d,$hl,$len)=&parse_line($data[1]);
+ $os=substr($o,$off+$hl,$len);
+ print STDERR "<$os>\n" if $opt_v;
+ &do_certificate($o,@data)
+ if (($os eq "certificate") &&
+ ($str =! /^0G-1D-1G-2G-3F-3E-2D/));
+ &do_private_key($o,@data)
+ if (($os eq "private-key") &&
+ ($str =! /^0G-1D-1G-2G-3F-3E-2D/));
+ }
+ }
+ }
+
+sub der_str
+ {
+ local($str)=@_;
+ local(*OUT,*IN,@a,$t,$d,$ret);
+ local($file)="/tmp/b$$.DER";
+ local(@ret);
+
+ open(OUT,">$file");
+ print OUT $str;
+ close(OUT);
+ open(IN,"$cmd -inform 'd' -in $file |") ||
+ die "unable to run $cmd:$!\n";
+ $ret="";
+ while (<IN>)
+ {
+ chop;
+ push(@ret,$_);
+
+ print STDERR "$_\n" if ($debug);
+
+ @a=split(/\s*:\s*/);
+ ($d)=($a[1] =~ /d=\s*(\d+)/);
+ $a[2] =~ s/\s+$//;
+ $t=$DER_s2i{$a[2]};
+ $ret.="$d$t-";
+ }
+ close(IN);
+ unlink($file);
+ chop $ret;
+ $ret =~ s/(-3H(-4G-5F-5[IJKMQRS])+)+/-NAME/g;
+ $ret =~ s/(-3G-4B-4L)+/-RCERT/g;
+ return($ret,@ret);
+ }
+
+sub init_der
+ {
+ $crl= "0G-1G-2G-3F-3E-2G-NAME-2L-2L-2G-RCERT-1G-2F-2E-1C";
+ $x509="0G-1G-2B-2G-3F-3E-2G-NAME-2G-3L-3L-2G-NAME-2G-3G-4F-4E-3C-1G-2F-2E-1C";
+ $rsa= "0G-1B-1G-2F-2E-1D";
+
+ %DER_i2s=(
+ # SSLeay 0.4.x has this list
+ "A","EOC",
+ "B","INTEGER",
+ "C","BIT STRING",
+ "D","OCTET STRING",
+ "E","NULL",
+ "F","OBJECT",
+ "G","SEQUENCE",
+ "H","SET",
+ "I","PRINTABLESTRING",
+ "J","T61STRING",
+ "K","IA5STRING",
+ "L","UTCTIME",
+ "M","NUMERICSTRING",
+ "N","VIDEOTEXSTRING",
+ "O","GENERALIZEDTIME",
+ "P","GRAPHICSTRING",
+ "Q","ISO64STRING",
+ "R","GENERALSTRING",
+ "S","UNIVERSALSTRING",
+
+ # SSLeay 0.5.x changed some things ... and I'm
+ # leaving in the old stuff but adding in these
+ # to handle the new as well --tjh
+ # - Well I've just taken them out and added the extra new
+ # ones :-) - eay
+ );
+
+ foreach (keys %DER_i2s)
+ { $DER_s2i{$DER_i2s{$_}}=$_; }
+ }
+
+sub parse_line
+ {
+ local($_)=@_;
+
+ return(/\s*(\d+):d=\s*(\d+)\s+hl=\s*(\d+)\s+l=\s*(\d+|inf)\s/);
+ }
+
+# 0:d=0 hl=4 l=377 cons: univ: SEQUENCE
+# 4:d=1 hl=2 l= 11 prim: univ: OCTET_STRING
+# 17:d=1 hl=4 l=360 cons: univ: SEQUENCE
+# 21:d=2 hl=2 l= 12 cons: univ: SEQUENCE
+# 23:d=3 hl=2 l= 8 prim: univ: OBJECT_IDENTIFIER :rc4
+# 33:d=3 hl=2 l= 0 prim: univ: NULL
+# 35:d=2 hl=4 l=342 prim: univ: OCTET_STRING
+sub do_private_key
+ {
+ local($data,@struct)=@_;
+ local($file)="/tmp/b$$.DER";
+ local($off,$d,$hl,$len,$_,$b,@p,$s);
+
+ ($type)=($struct[4] =~ /OBJECT_IDENTIFIER :(.*)\s*$/);
+ if ($type eq "rc4")
+ {
+ ($off,$d,$hl,$len)=&parse_line($struct[6]);
+ open(OUT,"|$rc4_cmd >$file") ||
+ die "unable to run $rc4_cmd:$!\n";
+ print OUT substr($data,$off+$hl,$len);
+ close(OUT);
+
+ $b=&load_file($file);
+ unlink($file);
+
+ ($s,@p)=&der_str($b);
+ die "unknown rsa key type\n$s\n"
+ if ($s ne '0G-1B-1G-2F-2E-1D');
+ local($off,$d,$hl,$len)=&parse_line($p[5]);
+ $b=substr($b,$off+$hl,$len);
+ ($s,@p)=&der_str($b);
+ open(OUT,"|$rsa_cmd") || die "unable to run $rsa_cmd:$!\n";
+ print OUT $b;
+ close(OUT);
+ }
+ else
+ {
+ print "'$type' is unknown\n";
+ exit(1);
+ }
+ }
+
+sub do_certificate
+ {
+ local($data,@struct)=@_;
+ local($file)="/tmp/b$$.DER";
+ local($off,$d,$hl,$len,$_,$b,@p,$s);
+
+ ($off,$d,$hl,$len)=&parse_line($struct[2]);
+ $b=substr($data,$off,$len+$hl);
+
+ open(OUT,"|$x509_cmd -inform d") || die "unable to run $x509_cmd:$!\n";
+ print OUT $b;
+ close(OUT);
+ }
+
+sub load_file
+ {
+ local($file)=@_;
+ local(*IN,$r,$b,$i);
+
+ $r="";
+ open(IN,"<$file") || die "unable to open $file:$!\n";
+ for (;;)
+ {
+ $i=sysread(IN,$b,10240);
+ last if ($i <= 0);
+ $r.=$b;
+ }
+ close(IN);
+ return($r);
+ }
+
+sub load_file_parse
+ {
+ local($file)=@_;
+ local(*IN,$r,@ret,$_,$i,$n,$b);
+
+ open(IN,"$cmd -inform d -in $file|")
+ || die "unable to run der_parse\n";
+ while (<IN>)
+ {
+ chop;
+ push(@ret,$_);
+ }
+ return($r,@ret);
+ }
+
diff --git a/apps/dgst.c b/apps/dgst.c
index c13535f3b2..be25dafef7 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -100,7 +100,6 @@ int MAIN(int argc, char **argv)
EVP_PKEY *sigkey = NULL;
unsigned char *sigbuf = NULL;
int siglen = 0;
- char *passargin = NULL, *passin = NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
@@ -146,12 +145,6 @@ int MAIN(int argc, char **argv)
if (--argc < 1) break;
keyfile=*(++argv);
}
- else if (!strcmp(*argv,"-passin"))
- {
- if (--argc < 1)
- break;
- passargin=*++argv;
- }
else if (strcmp(*argv,"-verify") == 0)
{
if (--argc < 1) break;
@@ -229,20 +222,10 @@ int MAIN(int argc, char **argv)
LN_md4,LN_md4);
BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
LN_md2,LN_md2);
-#ifndef OPENSSL_NO_SHA
BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
LN_sha1,LN_sha1);
BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
LN_sha,LN_sha);
-#ifndef OPENSSL_NO_SHA256
- BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
- LN_sha256,LN_sha256);
-#endif
-#ifndef OPENSSL_NO_SHA512
- BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
- LN_sha512,LN_sha512);
-#endif
-#endif
BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
LN_mdc2,LN_mdc2);
BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
@@ -264,12 +247,6 @@ int MAIN(int argc, char **argv)
BIO_set_callback_arg(in,bio_err);
}
- if(!app_passwd(bio_err, passargin, NULL, &passin, NULL))
- {
- BIO_printf(bio_err, "Error getting password\n");
- goto end;
- }
-
if ((in == NULL) || (bmd == NULL))
{
ERR_print_errors(bio_err);
@@ -311,7 +288,7 @@ int MAIN(int argc, char **argv)
sigkey = load_pubkey(bio_err, keyfile, keyform, 0, NULL,
e, "key file");
else
- sigkey = load_key(bio_err, keyfile, keyform, 0, passin,
+ sigkey = load_key(bio_err, keyfile, keyform, 0, NULL,
e, "key file");
if (!sigkey)
{
@@ -345,13 +322,7 @@ int MAIN(int argc, char **argv)
/* we use md as a filter, reading from 'in' */
- if (!BIO_set_md(bmd,md))
- {
- BIO_printf(bio_err, "Error setting digest %s\n", pname);
- ERR_print_errors(bio_err);
- goto end;
- }
-
+ BIO_set_md(bmd,md);
inp=BIO_push(bmd,in);
if (argc == 0)
@@ -398,8 +369,6 @@ end:
OPENSSL_free(buf);
}
if (in != NULL) BIO_free(in);
- if (passin)
- OPENSSL_free(passin);
BIO_free_all(out);
EVP_PKEY_free(sigkey);
if(sigbuf) OPENSSL_free(sigbuf);
diff --git a/apps/ec.c b/apps/ec.c
index 392e6a2ef6..7d57341cb4 100644
--- a/apps/ec.c
+++ b/apps/ec.c
@@ -84,9 +84,7 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
-#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
-#endif
int ret = 1;
EC_KEY *eckey = NULL;
int i, badops = 0;
@@ -251,9 +249,7 @@ bad:
ERR_load_crypto_strings();
-#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
-#endif
if(!app_passwd(bio_err, passargin, passargout, &passin, &passout))
{
diff --git a/apps/ecparam.c b/apps/ecparam.c
index 29d215e883..ae046f9a8d 100644
--- a/apps/ecparam.c
+++ b/apps/ecparam.c
@@ -127,9 +127,7 @@ int MAIN(int argc, char **argv)
char *infile = NULL, *outfile = NULL, *prog;
BIO *in = NULL, *out = NULL;
int informat, outformat, noout = 0, C = 0, ret = 1;
-#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
-#endif
char *engine = NULL;
BIGNUM *ec_p = NULL, *ec_a = NULL, *ec_b = NULL,
@@ -337,9 +335,7 @@ bad:
}
}
-#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
-#endif
if (list_curves)
{
diff --git a/apps/enc.c b/apps/enc.c
index 69f4bebcb9..4261267e97 100644
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -495,11 +495,6 @@ bad:
else
OPENSSL_cleanse(str,strlen(str));
}
- if ((hiv != NULL) && !set_hex(hiv,iv,sizeof iv))
- {
- BIO_printf(bio_err,"invalid hex iv value\n");
- goto end;
- }
if ((hiv == NULL) && (str == NULL))
{
/* No IV was explicitly set and no IV was generated
@@ -508,6 +503,11 @@ bad:
BIO_printf(bio_err, "iv undefined\n");
goto end;
}
+ if ((hiv != NULL) && !set_hex(hiv,iv,sizeof iv))
+ {
+ BIO_printf(bio_err,"invalid hex iv value\n");
+ goto end;
+ }
if ((hkey != NULL) && !set_hex(hkey,key,sizeof key))
{
BIO_printf(bio_err,"invalid hex key value\n");
diff --git a/apps/makeapps.com b/apps/makeapps.com
index 8d121cc15b..2148baa071 100644
--- a/apps/makeapps.com
+++ b/apps/makeapps.com
@@ -34,9 +34,12 @@ $! UCX for UCX
$! SOCKETSHR for SOCKETSHR+NETLIB
$! TCPIP for TCPIP (post UCX)
$!
-$! P4, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
+$! P4, if defined, sets the pointer size to build with. The values can be
+$! be "32" or "64". Any other value will default to "32"
$!
-$! P5, if defined, sets a choice of programs to compile.
+$! P5, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
+$!
+$! P6, if defined, sets a choice of programs to compile.
$!
$!
$! Define A TCP/IP Library That We Will Need To Link To.
@@ -87,11 +90,11 @@ $ WRITE SYS$OUTPUT "Compiling On A ",ARCH," Machine."
$!
$! Define The CRYPTO Library.
$!
-$ CRYPTO_LIB := SYS$DISK:[-.'ARCH'.EXE.CRYPTO]LIBCRYPTO.OLB
+$ CRYPTO_LIB := SYS$DISK:[-.'ARCH'.EXE.CRYPTO]LIBCRYPTO'FILE_POINTER_SIZE'.OLB
$!
$! Define The SSL Library.
$!
-$ SSL_LIB := SYS$DISK:[-.'ARCH'.EXE.SSL]LIBSSL.OLB
+$ SSL_LIB := SYS$DISK:[-.'ARCH'.EXE.SSL]LIBSSL'FILE_POINTER_SIZE'.OLB
$!
$! Define The OBJ Directory.
$!
@@ -110,6 +113,23 @@ $! End The OBJ Directory Check.
$!
$ ENDIF
$!
+$! Define The LIS Directory.
+$!
+$ LIS_DIR := SYS$DISK:[-.'ARCH'.LIS.APPS]
+$!
+$! Check To See If The OBJ Directory Exists.
+$!
+$ IF (F$PARSE(LIS_DIR).EQS."")
+$ THEN
+$!
+$! It Dosen't Exist, So Create It.
+$!
+$ CREATE/DIRECTORY 'LIS_DIR'
+$!
+$! End The LIS Directory Check.
+$!
+$ ENDIF
+$!
$! Define The EXE Directory.
$!
$ EXE_DIR := SYS$DISK:[-.'ARCH'.EXE.APPS]
@@ -140,13 +160,13 @@ $!
$ LIB_FILES = "VERIFY;ASN1PARS;REQ;DGST;DH;DHPARAM;ENC;PASSWD;GENDH;ERRSTR;"+-
"CA;PKCS7;CRL2P7;CRL;"+-
"RSA;RSAUTL;DSA;DSAPARAM;EC;ECPARAM;"+-
- "X509;GENRSA;GENDSA;S_SERVER;S_CLIENT;SPEED;"+-
+ "X509;GENRSA;GENDSA;TERM_SOCK;S_SERVER;S_CLIENT;SPEED;"+-
"S_TIME;APPS;S_CB;S_SOCKET;APP_RAND;VERSION;SESS_ID;"+-
"CIPHERS;NSEQ;PKCS12;PKCS8;SPKAC;SMIME;RAND;ENGINE;OCSP"
$ APP_FILES := OPENSSL,'OBJ_DIR'VERIFY.OBJ,ASN1PARS.OBJ,REQ.OBJ,DGST.OBJ,DH.OBJ,DHPARAM.OBJ,ENC.OBJ,PASSWD.OBJ,GENDH.OBJ,ERRSTR.OBJ,-
CA.OBJ,PKCS7.OBJ,CRL2P7.OBJ,CRL.OBJ,-
RSA.OBJ,RSAUTL.OBJ,DSA.OBJ,DSAPARAM.OBJ,EC.OBJ,ECPARAM.OBJ,-
- X509.OBJ,GENRSA.OBJ,GENDSA.OBJ,S_SERVER.OBJ,S_CLIENT.OBJ,SPEED.OBJ,-
+ X509.OBJ,GENRSA.OBJ,GENDSA.OBJ,TERM_SOCK.OBJ,S_SERVER.OBJ,S_CLIENT.OBJ,SPEED.OBJ,-
S_TIME.OBJ,APPS.OBJ,S_CB.OBJ,S_SOCKET.OBJ,APP_RAND.OBJ,VERSION.OBJ,SESS_ID.OBJ,-
CIPHERS.OBJ,NSEQ.OBJ,PKCS12.OBJ,PKCS8.OBJ,SPKAC.OBJ,SMIME.OBJ,RAND.OBJ,ENGINE.OBJ,OCSP.OBJ
$ TCPIP_PROGRAMS = ",,"
@@ -167,6 +187,7 @@ $!
$! Setup exceptional compilations
$!
$ COMPILEWITH_CC2 = ",S_SERVER,S_CLIENT,"
+$ COMPILEWITH_CC3 = ",TERM_SOCK,"
$!
$ PHASE := LIB
$!
@@ -219,6 +240,14 @@ $! Create The Object File Name.
$!
$ OBJECT_FILE = OBJ_DIR + FILE_NAME + ".OBJ"
$!
+$! Create The Listing File Name.
+$!
+$ LIST_FILE = LIS_DIR + FILE_NAME + ".LIS"
+$!
+$! Create The MAP File Name.
+$!
+$ MAP_FILE = LIS_DIR + FILE_NAME + ".MAP"
+$!
$! Create The Executable File Name.
$!
$ EXE_FILE = EXE_DIR + FILE_NAME + ".EXE"
@@ -232,7 +261,7 @@ $!
$! Tell The User That The File Dosen't Exist.
$!
$ WRITE SYS$OUTPUT ""
-$ WRITE SYS$OUTPUT "The File ",SOURCE_FILE," Dosen't Exist."
+$ WRITE SYS$OUTPUT F$MESSAGE("%X10018290") + ". The File ",SOURCE_FILE," Dosen't Exist."
$ WRITE SYS$OUTPUT ""
$!
$! Exit The Build.
@@ -255,11 +284,16 @@ $!
$! Compile The File.
$!
$ ON ERROR THEN GOTO NEXT_FILE
-$ IF COMPILEWITH_CC2 - FILE_NAME .NES. COMPILEWITH_CC2
+$ IF COMPILEWITH_CC3 - FILE_NAME .NES. COMPILEWITH_CC3
$ THEN
-$ CC2/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$ CC3/OBJECT='OBJECT_FILE'/LIST='LIST_FILE'/MACHINE_CODE 'SOURCE_FILE'
$ ELSE
-$ CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$ IF COMPILEWITH_CC2 - FILE_NAME .NES. COMPILEWITH_CC2
+$ THEN
+$ CC2/OBJECT='OBJECT_FILE'/LIST='LIST_FILE'/MACHINE_CODE 'SOURCE_FILE'
+$ ELSE
+$ CC/OBJECT='OBJECT_FILE'/LIST='LIST_FILE'/MACHINE_CODE 'SOURCE_FILE'
+$ ENDIF
$ ENDIF
$!
$ ON WARNING THEN GOTO NEXT_FILE
@@ -280,30 +314,37 @@ $!
$! Link The Program.
$! Check To See If We Are To Link With A Specific TCP/IP Library.
$!
+$ _save_ver = f$verify(1)
$ IF (TCPIP_LIB.NES."")
$ THEN
$!
-$! Don't Link With The RSAREF Routines And TCP/IP Library.
+$! Check To See If We Are To Link With A Specific TCP/IP Library.
$!
-$ LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' -
+$ LINK /'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' /MAP='MAP_FILE' /FULL/CROSS -
'OBJECT_FILE''EXTRA_OBJ', -
- 'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY, -
- 'TCPIP_LIB','OPT_FILE'/OPTION
+ 'SSL_LIB'/LIBRARY, -
+ 'CRYPTO_LIB'/LIBRARY, -
+ 'TCPIP_LIB', -
+ 'OPT_FILE'/OPTION, -
+ SYS$DISK:[-]SSL_IDENT.OPT/OPTION
$!
$! Else...
$!
$ ELSE
$!
-$! Don't Link With The RSAREF Routines And Link With A TCP/IP Library.
+$! Don't Link With TCP/IP Library.
$!
-$ LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' -
+$ LINK /'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' /MAP='MAP_FILE' /FULL/CROSS -
'OBJECT_FILE''EXTRA_OBJ', -
- 'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY, -
- 'OPT_FILE'/OPTION
+ 'SSL_LIB'/LIBRARY, -
+ 'CRYPTO_LIB'/LIBRARY, -
+ 'OPT_FILE'/OPTION, -
+ SYS$DISK:[-]SSL_IDENT.OPT/OPTION
$!
$! End The TCP/IP Library Check.
$!
$ ENDIF
+$ _save_ver := 'f$verify(_save_ver)
$!
$! Go Back And Do It Again.
$!
@@ -678,12 +719,12 @@ $ CC = "CC"
$ IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" -
THEN CC = "CC/DECC"
$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + -
- "/NOLIST/PREFIX=ALL" + -
+ "/PREFIX=ALL" + -
"/INCLUDE=(SYS$DISK:[-],SYS$DISK:[-.CRYPTO])" + CCEXTRAFLAGS
$!
$! Define The Linker Options File Name.
$!
-$ OPT_FILE = "SYS$DISK:[]VAX_DECC_OPTIONS.OPT"
+$ OPT_FILE = "SYS$DISK:[]''arch'_DECC_OPTIONS.OPT"
$!
$! End DECC Check.
$!
@@ -710,7 +751,7 @@ $ WRITE SYS$OUTPUT "There is no VAX C on Alpha!"
$ EXIT
$ ENDIF
$ IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC"
-$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
+$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'" + -
"/INCLUDE=(SYS$DISK:[-],SYS$DISK:[-.CRYPTO])" + CCEXTRAFLAGS
$ CCDEFS = CCDEFS + ",""VAXC"""
$!
@@ -720,7 +761,7 @@ $ DEFINE/NOLOG SYS SYS$COMMON:[SYSLIB]
$!
$! Define The Linker Options File Name.
$!
-$ OPT_FILE = "SYS$DISK:[]VAX_VAXC_OPTIONS.OPT"
+$ OPT_FILE = "SYS$DISK:[]''arch'_VAXC_OPTIONS.OPT"
$!
$! End VAXC Check
$!
@@ -742,12 +783,12 @@ $!
$! Use GNU C...
$!
$ IF F$TYPE(GCC) .EQS. "" THEN GCC := GCC
-$ CC = GCC+"/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
+$ CC = GCC+"/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'" + -
"/INCLUDE=(SYS$DISK:[-],SYS$DISK:[-.CRYPTO])" + CCEXTRAFLAGS
$!
$! Define The Linker Options File Name.
$!
-$ OPT_FILE = "SYS$DISK:[]VAX_GNUC_OPTIONS.OPT"
+$ OPT_FILE = "SYS$DISK:[]''arch'_GNUC_OPTIONS.OPT"
$!
$! End The GNU C Check.
$!
@@ -884,18 +925,80 @@ $! Done with TCP/IP libraries
$!
$ ENDIF
$!
+$! On Alpha, pointers can be 32 or 64 bit wide. Libraries for both variants
+$! can be built, and will then have "32" in the name for the 32-bit variant.
+$! On VAX as well as the 64-bit variant on Alpha, the name carries no extra
+$! information about pointer size (i.e., 64 bits is default on Alpha and 32
+$! bits is default on VAX).
+$!
+$ IF (P4.NES."32" .AND. P4.NES."64")
+$ THEN
+$!
+$! Set The Default
+$!
+$ P4 = ""
+$!
+$! End of First Check Of P4
+$!
+$ ENDIF
+$!
+$! Check If P4 Isn't Set (Or Set Properly)
+$!
+$ IF (P4.EQS."" .OR. (P4.NES."32" .AND. ARCH.EQS."VAX"))
+$ THEN
+$!
+$! Check If We're On A VAX
+$!
+$ IF ARCH.EQS."VAX"
+$ THEN
+$!
+$! On VAX, We Force 32 Bit Pointers
+$!
+$ P4 = "32"
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$! On Alpha, We Use 64 Bit Pointers By Default
+$!
+$ P4 = "64"
+$!
+$! End Of Check For VAX
+$!
+$ ENDIF
+$!
+$! End Check Of P4
+$!
+$ ENDIF
+$!
+$! Set POINTER_SIZE
+$!
+$ POINTER_SIZE = P4
+$ QUAL_POINTER_SIZE = ""
+$ FILE_POINTER_SIZE = ""
+$ IF ARCH.EQS."AXP"
+$ THEN
+$ QUAL_POINTER_SIZE = "/POINTER_SIZE="+POINTER_SIZE
+$ IF POINTER_SIZE.EQS."32" THEN FILE_POINTER_SIZE = "32"
+$ ENDIF
+$!
+$!
$! Finish up the definition of CC.
$!
$ IF COMPILER .EQS. "DECC"
$ THEN
$ IF CCDISABLEWARNINGS .NES. ""
$ THEN
+$ CC3DISABLEWARNINGS = "/WARNING=(DISABLE=(DOLLARID," + CCDISABLEWARNINGS + "))"
$ CCDISABLEWARNINGS = "/WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))"
$ ENDIF
$ ELSE
$ CCDISABLEWARNINGS = ""
$ ENDIF
+$ CC = CC + QUAL_POINTER_SIZE
$ CC2 = CC + "/DEFINE=(" + CCDEFS + ",_POSIX_C_SOURCE)" + CCDISABLEWARNINGS
+$ CC3 = CC + "/DEFINE=(" + CCDEFS + ",_POSIX_C_SOURCE,_XOPEN_SOURCE)" + CC3DISABLEWARNINGS
$ CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
$!
$! Show user the result
@@ -938,9 +1041,9 @@ $ ENDIF
$!
$! Check if the user wanted to compile just a subset of all the programs.
$!
-$ IF P5 .NES. ""
+$ IF P6 .NES. ""
$ THEN
-$ PROGRAMS = P5
+$ PROGRAMS = P6
$ ENDIF
$!
$! Time To RETURN...
diff --git a/apps/openssl-vms.cnf b/apps/openssl-vms.cnf
index 130b430d42..15073a0a0b 100644
--- a/apps/openssl-vms.cnf
+++ b/apps/openssl-vms.cnf
@@ -78,8 +78,8 @@ policy = policy_match
# For the CA policy
[ policy_match ]
countryName = match
-stateOrProvinceName = match
-organizationName = match
+stateOrProvinceName = supplied
+organizationName = supplied
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
@@ -258,56 +258,3 @@ basicConstraints = CA:true
# issuerAltName=issuer:copy
authorityKeyIdentifier=keyid:always,issuer:always
-
-[ proxy_cert_ext ]
-# These extensions should be added when creating a proxy certificate
-
-# This goes against PKIX guidelines but some CAs do it and some software
-# requires this to avoid interpreting an end user certificate as a CA.
-
-basicConstraints=CA:FALSE
-
-# Here are some examples of the usage of nsCertType. If it is omitted
-# the certificate can be used for anything *except* object signing.
-
-# This is OK for an SSL server.
-# nsCertType = server
-
-# For an object signing certificate this would be used.
-# nsCertType = objsign
-
-# For normal client use this is typical
-# nsCertType = client, email
-
-# and for everything including object signing:
-# nsCertType = client, email, objsign
-
-# This is typical in keyUsage for a client certificate.
-# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-# This will be displayed in Netscape's comment listbox.
-nsComment = "OpenSSL Generated Certificate"
-
-# PKIX recommendations harmless if included in all certificates.
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-
-# This stuff is for subjectAltName and issuerAltname.
-# Import the email address.
-# subjectAltName=email:copy
-# An alternative to produce certificates that aren't
-# deprecated according to PKIX.
-# subjectAltName=email:move
-
-# Copy subject details
-# issuerAltName=issuer:copy
-
-#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
-#nsBaseUrl
-#nsRevocationUrl
-#nsRenewalUrl
-#nsCaPolicyUrl
-#nsSslServerName
-
-# This really needs to be in place for it to be a proxy certificate.
-proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
diff --git a/apps/openssl.c b/apps/openssl.c
index e0d89d4ab4..9f85495075 100644
--- a/apps/openssl.c
+++ b/apps/openssl.c
@@ -140,6 +140,18 @@ static unsigned long MS_CALLBACK hash(const void *a_void);
/* static int MS_CALLBACK cmp(FUNCTION *a,FUNCTION *b); */
static int MS_CALLBACK cmp(const void *a_void,const void *b_void);
static LHASH *prog_init(void );
+
+#if defined(OPENSSL_SYS_VMS) && __INITIAL_POINTER_SIZE == 64
+#pragma __required_pointer_size __save
+#pragma __required_pointer_size 64
+void *_malloc64(size_t);
+#pragma __required_pointer_size 32
+#endif
+typedef char ** Argv_t;
+#if defined(OPENSSL_SYS_VMS) && __INITIAL_POINTER_SIZE == 64
+#pragma __required_pointer_size __restore
+#endif
+
static int do_cmd(LHASH *prog,int argc,char *argv[]);
char *default_config_file=NULL;
@@ -214,7 +226,7 @@ static void lock_dbg_cb(int mode, int type, const char *file, int line)
}
-int main(int Argc, char *Argv[])
+int main(int Argc, Argv_t Argv)
{
ARGS arg;
#define PROG_NAME_SIZE 39
@@ -297,7 +309,21 @@ int main(int Argc, char *Argv[])
{
Argc--;
Argv++;
+#if defined(OPENSSL_SYS_VMS) && __INITIAL_POINTER_SIZE == 64
+ {
+ char **argv64=(char **)_malloc64(sizeof(char *)*Argc); /* memory allocation in 64-bit address */
+
+ for (i=0;i<Argc;i++)
+ {
+ argv64[i]=Argv[i]; /* copying 32-bit Argv to 64-bit argv*/
+ }
+
+ ret=do_cmd(prog,Argc,argv64);
+ free(argv64);
+ }
+#else
ret=do_cmd(prog,Argc,Argv);
+#endif
if (ret < 0) ret=0;
goto end;
}
diff --git a/apps/openssl.cnf b/apps/openssl.cnf
index 6d731cbe8b..8941f454f8 100644
--- a/apps/openssl.cnf
+++ b/apps/openssl.cnf
@@ -258,56 +258,3 @@ basicConstraints = CA:true
# issuerAltName=issuer:copy
authorityKeyIdentifier=keyid:always,issuer:always
-
-[ proxy_cert_ext ]
-# These extensions should be added when creating a proxy certificate
-
-# This goes against PKIX guidelines but some CAs do it and some software
-# requires this to avoid interpreting an end user certificate as a CA.
-
-basicConstraints=CA:FALSE
-
-# Here are some examples of the usage of nsCertType. If it is omitted
-# the certificate can be used for anything *except* object signing.
-
-# This is OK for an SSL server.
-# nsCertType = server
-
-# For an object signing certificate this would be used.
-# nsCertType = objsign
-
-# For normal client use this is typical
-# nsCertType = client, email
-
-# and for everything including object signing:
-# nsCertType = client, email, objsign
-
-# This is typical in keyUsage for a client certificate.
-# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-# This will be displayed in Netscape's comment listbox.
-nsComment = "OpenSSL Generated Certificate"
-
-# PKIX recommendations harmless if included in all certificates.
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-
-# This stuff is for subjectAltName and issuerAltname.
-# Import the email address.
-# subjectAltName=email:copy
-# An alternative to produce certificates that aren't
-# deprecated according to PKIX.
-# subjectAltName=email:move
-
-# Copy subject details
-# issuerAltName=issuer:copy
-
-#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
-#nsBaseUrl
-#nsRevocationUrl
-#nsRenewalUrl
-#nsCaPolicyUrl
-#nsSslServerName
-
-# This really needs to be in place for it to be a proxy certificate.
-proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index c92f713f5c..dd0d29bfaa 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -621,7 +621,7 @@ int MAIN(int argc, char **argv)
CRYPTO_push_info("verify MAC");
#endif
/* If we enter empty password try no password first */
- if(!mpass[0] && PKCS12_verify_mac(p12, NULL, 0)) {
+ if(!macpass[0] && PKCS12_verify_mac(p12, NULL, 0)) {
/* If mac and crypto pass the same set it to NULL too */
if(!twopass) cpass = NULL;
} else if (!PKCS12_verify_mac(p12, mpass, -1)) {
@@ -665,10 +665,9 @@ int MAIN(int argc, char **argv)
int dump_certs_keys_p12 (BIO *out, PKCS12 *p12, char *pass,
int passlen, int options, char *pempass)
{
- STACK_OF(PKCS7) *asafes = NULL;
+ STACK_OF(PKCS7) *asafes;
STACK_OF(PKCS12_SAFEBAG) *bags;
int i, bagnid;
- int ret = 0;
PKCS7 *p7;
if (!( asafes = PKCS12_unpack_authsafes(p12))) return 0;
@@ -686,22 +685,16 @@ int dump_certs_keys_p12 (BIO *out, PKCS12 *p12, char *pass,
}
bags = PKCS12_unpack_p7encdata(p7, pass, passlen);
} else continue;
- if (!bags) goto err;
+ if (!bags) return 0;
if (!dump_certs_pkeys_bags (out, bags, pass, passlen,
options, pempass)) {
sk_PKCS12_SAFEBAG_pop_free (bags, PKCS12_SAFEBAG_free);
- goto err;
+ return 0;
}
sk_PKCS12_SAFEBAG_pop_free (bags, PKCS12_SAFEBAG_free);
- bags = NULL;
}
- ret = 1;
-
- err:
-
- if (asafes)
- sk_PKCS7_pop_free (asafes, PKCS7_free);
- return ret;
+ sk_PKCS7_pop_free (asafes, PKCS7_free);
+ return 1;
}
int dump_certs_pkeys_bags (BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags,
diff --git a/apps/req.c b/apps/req.c
index d634268653..0f3d496d47 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -567,16 +567,13 @@ bad:
else
{
req_conf=config;
-
+ if( verbose )
+ BIO_printf(bio_err,"Using configuration from %s\n",
+ default_config_file);
if (req_conf == NULL)
{
- BIO_printf(bio_err,"Unable to load config info from %s\n", default_config_file);
- if (newreq)
- goto end;
+ BIO_printf(bio_err,"Unable to load config info\n");
}
- else if( verbose )
- BIO_printf(bio_err,"Using configuration from %s\n",
- default_config_file);
}
if (req_conf != NULL)
diff --git a/apps/s_apps.h b/apps/s_apps.h
index 4e989b819c..f4c85aa81f 100644
--- a/apps/s_apps.h
+++ b/apps/s_apps.h
@@ -154,14 +154,13 @@ int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
#endif
#ifdef HEADER_SSL_H
int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file);
-int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key);
#endif
int init_client(int *sock, char *server, int port);
int should_retry(int i);
int extract_port(char *str, short *port_ptr);
int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p);
-long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
+long MS_CALLBACK bio_dump_cb(BIO *bio, int cmd, const char *argp,
int argi, long argl, long ret);
#ifdef HEADER_SSL_H
diff --git a/apps/s_cb.c b/apps/s_cb.c
index 92d9ae8893..28f8acc1e3 100644
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -229,36 +229,8 @@ int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file)
return(1);
}
-int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key)
- {
- if (cert == NULL)
- return 1;
- if (SSL_CTX_use_certificate(ctx,cert) <= 0)
- {
- BIO_printf(bio_err,"error setting certificate\n");
- ERR_print_errors(bio_err);
- return 0;
- }
- if (SSL_CTX_use_PrivateKey(ctx,key) <= 0)
- {
- BIO_printf(bio_err,"error setting private key\n");
- ERR_print_errors(bio_err);
- return 0;
- }
-
-
- /* Now we know that a key and cert have been set against
- * the SSL context */
- if (!SSL_CTX_check_private_key(ctx))
- {
- BIO_printf(bio_err,"Private key does not match the certificate public key\n");
- return 0;
- }
- return 1;
- }
-
-long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
- int argi, long argl, long ret)
+long MS_CALLBACK bio_dump_cb(BIO *bio, int cmd, const char *argp, int argi,
+ long argl, long ret)
{
BIO *out;
diff --git a/apps/s_client.c b/apps/s_client.c
index 2f233da177..4c6830e2ff 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -136,6 +136,10 @@ typedef unsigned int u_int;
#include <openssl/rand.h>
#include "s_apps.h"
+#ifdef OPENSSL_SYS_VMS
+#include "term_sock.h"
+#endif
+
#ifdef OPENSSL_SYS_WINCE
/* Windows CE incorrectly defines fileno as returning void*, so to avoid problems below... */
#ifdef fileno
@@ -189,20 +193,14 @@ static void sc_usage(void)
BIO_printf(bio_err," -verify arg - turn on peer certificate verification\n");
BIO_printf(bio_err," -cert arg - certificate file to use, PEM format assumed\n");
- BIO_printf(bio_err," -certform arg - certificate format (PEM or DER) PEM default\n");
- BIO_printf(bio_err," -key arg - Private key file to use, in cert file if\n");
+ BIO_printf(bio_err," -key arg - Private key file to use, PEM format assumed, in cert file if\n");
BIO_printf(bio_err," not specified but cert file is.\n");
- BIO_printf(bio_err," -keyform arg - key format (PEM or DER) PEM default\n");
- BIO_printf(bio_err," -pass arg - private key file pass phrase source\n");
BIO_printf(bio_err," -CApath arg - PEM format directory of CA's\n");
BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n");
BIO_printf(bio_err," -reconnect - Drop and re-make the connection with the same Session-ID\n");
BIO_printf(bio_err," -pause - sleep(1) after each read(2) and write(2) system call\n");
BIO_printf(bio_err," -showcerts - show all certificates in the chain\n");
BIO_printf(bio_err," -debug - extra output\n");
-#ifdef WATT32
- BIO_printf(bio_err," -wdebug - WATT-32 tcp debugging\n");
-#endif
BIO_printf(bio_err," -msg - Show protocol messages\n");
BIO_printf(bio_err," -nbio_test - more ssl protocol testing\n");
BIO_printf(bio_err," -state - print the 'ssl' states\n");
@@ -247,10 +245,6 @@ int MAIN(int argc, char **argv)
int full_log=1;
char *host=SSL_HOST_NAME;
char *cert_file=NULL,*key_file=NULL;
- int cert_format = FORMAT_PEM, key_format = FORMAT_PEM;
- char *passarg = NULL, *pass = NULL;
- X509 *cert = NULL;
- EVP_PKEY *key = NULL;
char *CApath=NULL,*CAfile=NULL,*cipher=NULL;
int reconnect=0,badop=0,verify=SSL_VERIFY_NONE,bugs=0;
int crlf=0;
@@ -269,7 +263,12 @@ int MAIN(int argc, char **argv)
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE)
struct timeval tv;
#endif
+#ifdef OPENSSL_SYS_VMS
+ int stdin_sock;
+ TerminalSocket (TERM_SOCK_CREATE, &stdin_sock);
+#endif
+
#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
meth=SSLv23_client_method();
#elif !defined(OPENSSL_NO_SSL3)
@@ -339,11 +338,6 @@ int MAIN(int argc, char **argv)
if (--argc < 1) goto bad;
cert_file= *(++argv);
}
- else if (strcmp(*argv,"-certform") == 0)
- {
- if (--argc < 1) goto bad;
- cert_format = str2fmt(*(++argv));
- }
else if (strcmp(*argv,"-crl_check") == 0)
vflags |= X509_V_FLAG_CRL_CHECK;
else if (strcmp(*argv,"-crl_check_all") == 0)
@@ -363,10 +357,6 @@ int MAIN(int argc, char **argv)
c_Pause=1;
else if (strcmp(*argv,"-debug") == 0)
c_debug=1;
-#ifdef WATT32
- else if (strcmp(*argv,"-wdebug") == 0)
- dbug_init();
-#endif
else if (strcmp(*argv,"-msg") == 0)
c_msg=1;
else if (strcmp(*argv,"-showcerts") == 0)
@@ -389,16 +379,6 @@ int MAIN(int argc, char **argv)
#endif
else if (strcmp(*argv,"-bugs") == 0)
bugs=1;
- else if (strcmp(*argv,"-keyform") == 0)
- {
- if (--argc < 1) goto bad;
- key_format = str2fmt(*(++argv));
- }
- else if (strcmp(*argv,"-pass") == 0)
- {
- if (--argc < 1) goto bad;
- passarg = *(++argv);
- }
else if (strcmp(*argv,"-key") == 0)
{
if (--argc < 1) goto bad;
@@ -480,42 +460,6 @@ bad:
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine_id, 1);
#endif
- if (!app_passwd(bio_err, passarg, NULL, &pass, NULL))
- {
- BIO_printf(bio_err, "Error getting password\n");
- goto end;
- }
-
- if (key_file == NULL)
- key_file = cert_file;
-
-
- if (key_file)
-
- {
-
- key = load_key(bio_err, key_file, key_format, 0, pass, e,
- "client certificate private key file");
- if (!key)
- {
- ERR_print_errors(bio_err);
- goto end;
- }
-
- }
-
- if (cert_file)
-
- {
- cert = load_cert(bio_err,cert_file,cert_format,
- NULL, e, "client certificate file");
-
- if (!cert)
- {
- ERR_print_errors(bio_err);
- goto end;
- }
- }
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
&& !RAND_status())
@@ -564,7 +508,7 @@ bad:
#endif
SSL_CTX_set_verify(ctx,verify,verify_callback);
- if (!set_cert_key_stuff(ctx,cert,key))
+ if (!set_cert_stuff(ctx,cert_file,key_file))
goto end;
if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
@@ -623,7 +567,7 @@ re_start:
if (c_debug)
{
con->debug=1;
- BIO_set_callback(sbio,bio_dump_callback);
+ BIO_set_callback(sbio,bio_dump_cb);
BIO_set_callback_arg(sbio,bio_c_out);
}
if (c_msg)
@@ -636,6 +580,11 @@ re_start:
SSL_set_connect_state(con);
/* ok, lets connect */
+#ifdef OPENSSL_SYS_VMS
+ if (stdin_sock > SSL_get_fd(con))
+ width=stdin_sock+1;
+ else
+#endif
width=SSL_get_fd(con)+1;
read_tty=1;
@@ -708,8 +657,12 @@ re_start:
#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE)
if (tty_on)
{
- if (read_tty) FD_SET(fileno(stdin),&readfds);
- if (write_tty) FD_SET(fileno(stdout),&writefds);
+#ifdef OPENSSL_SYS_VMS
+ if (read_tty) FD_SET(stdin_sock,&readfds);
+#else
+ if (read_tty) FD_SET(fileno(stdin),&readfds);
+ if (write_tty) FD_SET(fileno(stdout),&writefds);
+#endif
}
if (read_ssl)
FD_SET(SSL_get_fd(con),&readfds);
@@ -845,7 +798,7 @@ re_start:
goto shut;
}
}
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE)
+#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_NETWARE)
/* Assume Windows/DOS can always write */
else if (!ssl_pending && write_tty)
#else
@@ -935,14 +888,22 @@ printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240
#elif defined (OPENSSL_SYS_NETWARE)
else if (_kbhit())
#else
- else if (FD_ISSET(fileno(stdin),&readfds))
+#ifdef OPENSSL_SYS_VMS
+ else if (FD_ISSET(stdin_sock,&readfds))
+#else
+ else if (FD_ISSET(fileno(stdin),&readfds))
+#endif
#endif
{
if (crlf)
{
int j, lf_num;
- i=read(fileno(stdin),cbuf,BUFSIZZ/2);
+#ifdef OPENSSL_SYS_VMS
+ i=recv(stdin_sock,cbuf,BUFSIZZ/2,0);
+#else
+ i=read(fileno(stdin),cbuf,BUFSIZZ/2);
+#endif
lf_num = 0;
/* both loops are skipped when i <= 0 */
for (j = 0; j < i; j++)
@@ -961,7 +922,11 @@ printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240
assert(lf_num == 0);
}
else
- i=read(fileno(stdin),cbuf,BUFSIZZ);
+#ifdef OPENSSL_SYS_VMS
+ i=recv(stdin_sock,cbuf,BUFSIZZ,0);
+#else
+ i=read(fileno(stdin),cbuf,BUFSIZZ);
+#endif
if ((!c_ign_eof) && ((i <= 0) || (cbuf[0] == 'Q')))
{
@@ -997,12 +962,6 @@ end:
if (con != NULL) SSL_free(con);
if (con2 != NULL) SSL_free(con2);
if (ctx != NULL) SSL_CTX_free(ctx);
- if (cert)
- X509_free(cert);
- if (key)
- EVP_PKEY_free(key);
- if (pass)
- OPENSSL_free(pass);
if (cbuf != NULL) { OPENSSL_cleanse(cbuf,BUFSIZZ); OPENSSL_free(cbuf); }
if (sbuf != NULL) { OPENSSL_cleanse(sbuf,BUFSIZZ); OPENSSL_free(sbuf); }
if (mbuf != NULL) { OPENSSL_cleanse(mbuf,BUFSIZZ); OPENSSL_free(mbuf); }
@@ -1011,6 +970,9 @@ end:
BIO_free(bio_c_out);
bio_c_out=NULL;
}
+#ifdef OPENSSL_SYS_VMS
+ TerminalSocket (TERM_SOCK_DELETE, &stdin_sock);
+#endif
apps_shutdown();
OPENSSL_EXIT(ret);
}
diff --git a/apps/s_server.c b/apps/s_server.c
index 0f102ce7cb..bf2a3d2c93 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -155,6 +155,10 @@ typedef unsigned int u_int;
#include <openssl/rand.h>
#include "s_apps.h"
+#ifdef OPENSSL_SYS_VMS
+#include "term_sock.h"
+#endif
+
#ifdef OPENSSL_SYS_WINCE
/* Windows CE incorrectly defines fileno as returning void*, so to avoid problems below... */
#ifdef fileno
@@ -296,18 +300,12 @@ static void sv_usage(void)
BIO_printf(bio_err," -context arg - set session ID context\n");
BIO_printf(bio_err," -verify arg - turn on peer certificate verification\n");
BIO_printf(bio_err," -Verify arg - turn on peer certificate verification, must have a cert.\n");
- BIO_printf(bio_err," -cert arg - certificate file to use\n");
+ BIO_printf(bio_err," -cert arg - certificate file to use, PEM format assumed\n");
BIO_printf(bio_err," (default is %s)\n",TEST_CERT);
- BIO_printf(bio_err," -certform arg - certificate format (PEM or DER) PEM default\n");
- BIO_printf(bio_err," -key arg - Private Key file to use, in cert file if\n");
+ BIO_printf(bio_err," -key arg - Private Key file to use, PEM format assumed, in cert file if\n");
BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT);
- BIO_printf(bio_err," -keyform arg - key format (PEM, DER or ENGINE) PEM default\n");
- BIO_printf(bio_err," -pass arg - private key file pass phrase source\n");
BIO_printf(bio_err," -dcert arg - second certificate file to use (usually for DSA)\n");
- BIO_printf(bio_err," -dcertform x - second certificate format (PEM or DER) PEM default\n");
BIO_printf(bio_err," -dkey arg - second private key file to use (usually for DSA)\n");
- BIO_printf(bio_err," -dkeyform arg - second key format (PEM, DER or ENGINE) PEM default\n");
- BIO_printf(bio_err," -dpass arg - second private key file pass phrase source\n");
BIO_printf(bio_err," -dhparam arg - DH parameter file to use, in cert file if not specified\n");
BIO_printf(bio_err," or a default set of parameters is used\n");
#ifndef OPENSSL_NO_ECDH
@@ -528,12 +526,6 @@ int MAIN(int argc, char *argv[])
ENGINE *e=NULL;
#endif
char *inrand=NULL;
- int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM;
- char *passarg = NULL, *pass = NULL;
- char *dpassarg = NULL, *dpass = NULL;
- int s_dcert_format = FORMAT_PEM, s_dkey_format = FORMAT_PEM;
- X509 *s_cert = NULL, *s_dcert = NULL;
- EVP_PKEY *s_key = NULL, *s_dkey = NULL;
#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
meth=SSLv23_server_method();
@@ -600,26 +592,11 @@ int MAIN(int argc, char *argv[])
if (--argc < 1) goto bad;
s_cert_file= *(++argv);
}
- else if (strcmp(*argv,"-certform") == 0)
- {
- if (--argc < 1) goto bad;
- s_cert_format = str2fmt(*(++argv));
- }
else if (strcmp(*argv,"-key") == 0)
{
if (--argc < 1) goto bad;
s_key_file= *(++argv);
}
- else if (strcmp(*argv,"-keyform") == 0)
- {
- if (--argc < 1) goto bad;
- s_key_format = str2fmt(*(++argv));
- }
- else if (strcmp(*argv,"-pass") == 0)
- {
- if (--argc < 1) goto bad;
- passarg = *(++argv);
- }
else if (strcmp(*argv,"-dhparam") == 0)
{
if (--argc < 1) goto bad;
@@ -632,26 +609,11 @@ int MAIN(int argc, char *argv[])
named_curve = *(++argv);
}
#endif
- else if (strcmp(*argv,"-dcertform") == 0)
- {
- if (--argc < 1) goto bad;
- s_dcert_format = str2fmt(*(++argv));
- }
else if (strcmp(*argv,"-dcert") == 0)
{
if (--argc < 1) goto bad;
s_dcert_file= *(++argv);
}
- else if (strcmp(*argv,"-dkeyform") == 0)
- {
- if (--argc < 1) goto bad;
- s_dkey_format = str2fmt(*(++argv));
- }
- else if (strcmp(*argv,"-dpass") == 0)
- {
- if (--argc < 1) goto bad;
- dpassarg = *(++argv);
- }
else if (strcmp(*argv,"-dkey") == 0)
{
if (--argc < 1) goto bad;
@@ -781,59 +743,6 @@ bad:
e = setup_engine(bio_err, engine_id, 1);
#endif
- if (!app_passwd(bio_err, passarg, dpassarg, &pass, &dpass))
- {
- BIO_printf(bio_err, "Error getting password\n");
- goto end;
- }
-
-
- if (s_key_file == NULL)
- s_key_file = s_cert_file;
-
- s_key = load_key(bio_err, s_key_file, s_key_format, 0, pass, e,
- "server certificate private key file");
- if (!s_key)
- {
- ERR_print_errors(bio_err);
- goto end;
- }
-
- s_cert = load_cert(bio_err,s_cert_file,s_cert_format,
- NULL, e, "server certificate file");
-
- if (!s_cert)
- {
- ERR_print_errors(bio_err);
- goto end;
- }
-
- if (s_dcert_file)
- {
-
- if (s_dkey_file == NULL)
- s_dkey_file = s_dcert_file;
-
- s_dkey = load_key(bio_err, s_dkey_file, s_dkey_format,
- 0, dpass, e,
- "second certificate private key file");
- if (!s_dkey)
- {
- ERR_print_errors(bio_err);
- goto end;
- }
-
- s_dcert = load_cert(bio_err,s_dcert_file,s_dcert_format,
- NULL, e, "second server certificate file");
-
- if (!s_dcert)
- {
- ERR_print_errors(bio_err);
- goto end;
- }
-
- }
-
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
&& !RAND_status())
{
@@ -998,11 +907,11 @@ bad:
}
#endif
- if (!set_cert_key_stuff(ctx,s_cert,s_key))
+ if (!set_cert_stuff(ctx,s_cert_file,s_key_file))
goto end;
- if (s_dcert != NULL)
+ if (s_dcert_file != NULL)
{
- if (!set_cert_key_stuff(ctx,s_dcert,s_dkey))
+ if (!set_cert_stuff(ctx,s_dcert_file,s_dkey_file))
goto end;
}
@@ -1053,18 +962,6 @@ bad:
ret=0;
end:
if (ctx != NULL) SSL_CTX_free(ctx);
- if (s_cert)
- X509_free(s_cert);
- if (s_dcert)
- X509_free(s_dcert);
- if (s_key)
- EVP_PKEY_free(s_key);
- if (s_dkey)
- EVP_PKEY_free(s_dkey);
- if (pass)
- OPENSSL_free(pass);
- if (dpass)
- OPENSSL_free(dpass);
if (bio_s_out != NULL)
{
BIO_free(bio_s_out);
@@ -1111,7 +1008,12 @@ static int sv_body(char *hostname, int s, unsigned char *context)
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE)
struct timeval tv;
#endif
+#ifdef OPENSSL_SYS_VMS
+ int stdin_sock;
+ TerminalSocket (TERM_SOCK_CREATE, &stdin_sock);
+#endif
+
if ((buf=OPENSSL_malloc(bufsize)) == NULL)
{
BIO_printf(bio_err,"out of memory\n");
@@ -1161,7 +1063,7 @@ static int sv_body(char *hostname, int s, unsigned char *context)
if (s_debug)
{
con->debug=1;
- BIO_set_callback(SSL_get_rbio(con),bio_dump_callback);
+ BIO_set_callback(SSL_get_rbio(con),bio_dump_cb);
BIO_set_callback_arg(SSL_get_rbio(con),bio_s_out);
}
if (s_msg)
@@ -1170,7 +1072,12 @@ static int sv_body(char *hostname, int s, unsigned char *context)
SSL_set_msg_callback_arg(con, bio_s_out);
}
- width=s+1;
+#ifdef OPENSSL_SYS_VMS
+ if (stdin_sock > s)
+ width = stdin_sock + 1;
+ else
+#endif
+ width=s+1;
for (;;)
{
int read_from_terminal;
@@ -1182,9 +1089,15 @@ static int sv_body(char *hostname, int s, unsigned char *context)
if (!read_from_sslcon)
{
FD_ZERO(&readfds);
+#ifndef OPENSSL_SYS_WINDOWS
+#ifdef OPENSSL_SYS_VMS
+ FD_SET(stdin_sock,&readfds);
+#else
#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE)
FD_SET(fileno(stdin),&readfds);
#endif
+#endif
+#endif
FD_SET(s,&readfds);
/* Note: under VMS with SOCKETSHR the second parameter is
* currently of type (int *) whereas under other systems
@@ -1207,8 +1120,12 @@ static int sv_body(char *hostname, int s, unsigned char *context)
#else
i=select(width,(void *)&readfds,NULL,NULL,NULL);
if (i <= 0) continue;
- if (FD_ISSET(fileno(stdin),&readfds))
- read_from_terminal = 1;
+#ifdef OPENSSL_SYS_VMS
+ if (FD_ISSET(stdin_sock,&readfds))
+#else
+ if (FD_ISSET(fileno(stdin),&readfds))
+#endif
+ read_from_terminal = 1;
#endif
if (FD_ISSET(s,&readfds))
read_from_sslcon = 1;
@@ -1219,7 +1136,11 @@ static int sv_body(char *hostname, int s, unsigned char *context)
{
int j, lf_num;
- i=read(fileno(stdin), buf, bufsize/2);
+#ifdef OPENSSL_SYS_VMS
+ i=recv(stdin_sock, buf, bufsize/2, 0);
+#else
+ i=read(fileno(stdin), buf, bufsize/2);
+#endif
lf_num = 0;
/* both loops are skipped when i <= 0 */
for (j = 0; j < i; j++)
@@ -1238,7 +1159,11 @@ static int sv_body(char *hostname, int s, unsigned char *context)
assert(lf_num == 0);
}
else
- i=read(fileno(stdin),buf,bufsize);
+#ifdef OPENSSL_SYS_VMS
+ i=recv(stdin_sock,buf,bufsize, 0);
+#else
+ i=read(fileno(stdin),buf,bufsize);
+#endif
if (!s_quiet)
{
if ((i <= 0) || (buf[0] == 'Q'))
@@ -1392,6 +1317,9 @@ err:
}
if (ret >= 0)
BIO_printf(bio_s_out,"ACCEPT\n");
+#ifdef OPENSSL_SYS_VMS
+ TerminalSocket (TERM_SOCK_DELETE, &stdin_sock);
+#endif
return(ret);
}
@@ -1564,7 +1492,7 @@ static int www_body(char *hostname, int s, unsigned char *context)
if (s_debug)
{
con->debug=1;
- BIO_set_callback(SSL_get_rbio(con),bio_dump_callback);
+ BIO_set_callback(SSL_get_rbio(con),bio_dump_cb);
BIO_set_callback_arg(SSL_get_rbio(con),bio_s_out);
}
if (s_msg)
diff --git a/apps/s_socket.c b/apps/s_socket.c
index 45014fa14d..28c6b1e27a 100644
--- a/apps/s_socket.c
+++ b/apps/s_socket.c
@@ -172,6 +172,7 @@ static int ssl_sock_init(void)
#ifdef WATT32
extern int _watt_do_exit;
_watt_do_exit = 0;
+ dbug_init();
if (sock_init())
return (0);
#elif defined(OPENSSL_SYS_WINDOWS)
diff --git a/apps/smime.c b/apps/smime.c
index 57ac6d8a26..418e03cd66 100644
--- a/apps/smime.c
+++ b/apps/smime.c
@@ -3,7 +3,7 @@
* project.
*/
/* ====================================================================
- * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -64,13 +64,10 @@
#include <openssl/crypto.h>
#include <openssl/pem.h>
#include <openssl/err.h>
-#include <openssl/x509_vfy.h>
-#include <openssl/x509v3.h>
#undef PROG
#define PROG smime_main
static int save_certs(char *signerfile, STACK_OF(X509) *signers);
-static int smime_cb(int ok, X509_STORE_CTX *ctx);
#define SMIME_OP 0x10
#define SMIME_ENCRYPT (1 | SMIME_OP)
@@ -82,7 +79,7 @@ static int smime_cb(int ok, X509_STORE_CTX *ctx);
int MAIN(int, char **);
int MAIN(int argc, char **argv)
- {
+{
ENGINE *e = NULL;
int operation = 0;
int ret = 0;
@@ -99,7 +96,7 @@ int MAIN(int argc, char **argv)
STACK_OF(X509) *encerts = NULL, *other = NULL;
BIO *in = NULL, *out = NULL, *indata = NULL;
int badarg = 0;
- int flags = PKCS7_DETACHED;
+ int flags = PKCS7_DETACHED, store_flags = 0;
char *to = NULL, *from = NULL, *subject = NULL;
char *CAfile = NULL, *CApath = NULL;
char *passargin = NULL, *passin = NULL;
@@ -111,34 +108,24 @@ int MAIN(int argc, char **argv)
char *engine=NULL;
#endif
- X509_VERIFY_PARAM *vpm = NULL;
-
args = argv + 1;
ret = 1;
apps_startup();
if (bio_err == NULL)
- {
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT);
- }
if (!load_config(bio_err, NULL))
goto end;
- while (!badarg && *args && *args[0] == '-')
- {
- if (!strcmp (*args, "-encrypt"))
- operation = SMIME_ENCRYPT;
- else if (!strcmp (*args, "-decrypt"))
- operation = SMIME_DECRYPT;
- else if (!strcmp (*args, "-sign"))
- operation = SMIME_SIGN;
- else if (!strcmp (*args, "-verify"))
- operation = SMIME_VERIFY;
- else if (!strcmp (*args, "-pk7out"))
- operation = SMIME_PK7OUT;
+ while (!badarg && *args && *args[0] == '-') {
+ if (!strcmp (*args, "-encrypt")) operation = SMIME_ENCRYPT;
+ else if (!strcmp (*args, "-decrypt")) operation = SMIME_DECRYPT;
+ else if (!strcmp (*args, "-sign")) operation = SMIME_SIGN;
+ else if (!strcmp (*args, "-verify")) operation = SMIME_VERIFY;
+ else if (!strcmp (*args, "-pk7out")) operation = SMIME_PK7OUT;
#ifndef OPENSSL_NO_DES
else if (!strcmp (*args, "-des3"))
cipher = EVP_des_ede3_cbc();
@@ -185,225 +172,127 @@ int MAIN(int argc, char **argv)
flags |= PKCS7_NOOLDMIMETYPE;
else if (!strcmp (*args, "-crlfeol"))
flags |= PKCS7_CRLFEOL;
- else if (!strcmp(*args,"-rand"))
- {
- if (args[1])
- {
+ else if (!strcmp (*args, "-crl_check"))
+ store_flags |= X509_V_FLAG_CRL_CHECK;
+ else if (!strcmp (*args, "-crl_check_all"))
+ store_flags |= X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL;
+ else if (!strcmp(*args,"-rand")) {
+ if (args[1]) {
args++;
inrand = *args;
- }
- else
- badarg = 1;
+ } else badarg = 1;
need_rand = 1;
- }
#ifndef OPENSSL_NO_ENGINE
- else if (!strcmp(*args,"-engine"))
- {
- if (args[1])
- {
+ } else if (!strcmp(*args,"-engine")) {
+ if (args[1]) {
args++;
engine = *args;
- }
- else badarg = 1;
- }
+ } else badarg = 1;
#endif
- else if (!strcmp(*args,"-passin"))
- {
- if (args[1])
- {
+ } else if (!strcmp(*args,"-passin")) {
+ if (args[1]) {
args++;
passargin = *args;
- }
- else
- badarg = 1;
- }
- else if (!strcmp (*args, "-to"))
- {
- if (args[1])
- {
+ } else badarg = 1;
+ } else if (!strcmp (*args, "-to")) {
+ if (args[1]) {
args++;
to = *args;
- }
- else
- badarg = 1;
- }
- else if (!strcmp (*args, "-from"))
- {
- if (args[1])
- {
+ } else badarg = 1;
+ } else if (!strcmp (*args, "-from")) {
+ if (args[1]) {
args++;
from = *args;
- }
- else badarg = 1;
- }
- else if (!strcmp (*args, "-subject"))
- {
- if (args[1])
- {
+ } else badarg = 1;
+ } else if (!strcmp (*args, "-subject")) {
+ if (args[1]) {
args++;
subject = *args;
- }
- else
- badarg = 1;
- }
- else if (!strcmp (*args, "-signer"))
- {
- if (args[1])
- {
+ } else badarg = 1;
+ } else if (!strcmp (*args, "-signer")) {
+ if (args[1]) {
args++;
signerfile = *args;
- }
- else
- badarg = 1;
- }
- else if (!strcmp (*args, "-recip"))
- {
- if (args[1])
- {
+ } else badarg = 1;
+ } else if (!strcmp (*args, "-recip")) {
+ if (args[1]) {
args++;
recipfile = *args;
- }
- else badarg = 1;
- }
- else if (!strcmp (*args, "-inkey"))
- {
- if (args[1])
- {
+ } else badarg = 1;
+ } else if (!strcmp (*args, "-inkey")) {
+ if (args[1]) {
args++;
keyfile = *args;
- }
- else
- badarg = 1;
- }
- else if (!strcmp (*args, "-keyform"))
- {
- if (args[1])
- {
+ } else badarg = 1;
+ } else if (!strcmp (*args, "-keyform")) {
+ if (args[1]) {
args++;
keyform = str2fmt(*args);
- }
- else
- badarg = 1;
- }
- else if (!strcmp (*args, "-certfile"))
- {
- if (args[1])
- {
+ } else badarg = 1;
+ } else if (!strcmp (*args, "-certfile")) {
+ if (args[1]) {
args++;
certfile = *args;
- }
- else
- badarg = 1;
- }
- else if (!strcmp (*args, "-CAfile"))
- {
- if (args[1])
- {
+ } else badarg = 1;
+ } else if (!strcmp (*args, "-CAfile")) {
+ if (args[1]) {
args++;
CAfile = *args;
- }
- else
- badarg = 1;
- }
- else if (!strcmp (*args, "-CApath"))
- {
- if (args[1])
- {
+ } else badarg = 1;
+ } else if (!strcmp (*args, "-CApath")) {
+ if (args[1]) {
args++;
CApath = *args;
- }
- else
- badarg = 1;
- }
- else if (!strcmp (*args, "-in"))
- {
- if (args[1])
- {
+ } else badarg = 1;
+ } else if (!strcmp (*args, "-in")) {
+ if (args[1]) {
args++;
infile = *args;
- }
- else
- badarg = 1;
- }
- else if (!strcmp (*args, "-inform"))
- {
- if (args[1])
- {
+ } else badarg = 1;
+ } else if (!strcmp (*args, "-inform")) {
+ if (args[1]) {
args++;
informat = str2fmt(*args);
- }
- else
- badarg = 1;
- }
- else if (!strcmp (*args, "-outform"))
- {
- if (args[1])
- {
+ } else badarg = 1;
+ } else if (!strcmp (*args, "-outform")) {
+ if (args[1]) {
args++;
outformat = str2fmt(*args);
- }
- else
- badarg = 1;
- }
- else if (!strcmp (*args, "-out"))
- {
- if (args[1])
- {
+ } else badarg = 1;
+ } else if (!strcmp (*args, "-out")) {
+ if (args[1]) {
args++;
outfile = *args;
- }
- else
- badarg = 1;
- }
- else if (!strcmp (*args, "-content"))
- {
- if (args[1])
- {
+ } else badarg = 1;
+ } else if (!strcmp (*args, "-content")) {
+ if (args[1]) {
args++;
contfile = *args;
- }
- else
- badarg = 1;
- }
- else if (args_verify(&args, NULL, &badarg, bio_err, &vpm))
- continue;
- else
- badarg = 1;
+ } else badarg = 1;
+ } else badarg = 1;
args++;
- }
-
+ }
- if (operation == SMIME_SIGN)
- {
- if (!signerfile)
- {
+ if(operation == SMIME_SIGN) {
+ if(!signerfile) {
BIO_printf(bio_err, "No signer certificate specified\n");
badarg = 1;
- }
- need_rand = 1;
}
- else if (operation == SMIME_DECRYPT)
- {
- if (!recipfile)
- {
+ need_rand = 1;
+ } else if(operation == SMIME_DECRYPT) {
+ if(!recipfile) {
BIO_printf(bio_err, "No recipient certificate and key specified\n");
badarg = 1;
- }
}
- else if (operation == SMIME_ENCRYPT)
- {
- if (!*args)
- {
+ } else if(operation == SMIME_ENCRYPT) {
+ if(!*args) {
BIO_printf(bio_err, "No recipient(s) certificate(s) specified\n");
badarg = 1;
- }
- need_rand = 1;
}
- else if (!operation)
- badarg = 1;
+ need_rand = 1;
+ } else if(!operation) badarg = 1;
- if (badarg)
- {
+ if (badarg) {
BIO_printf (bio_err, "Usage smime [options] cert.pem ...\n");
BIO_printf (bio_err, "where options are\n");
BIO_printf (bio_err, "-encrypt encrypt message\n");
@@ -458,155 +347,121 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, " the random number generator\n");
BIO_printf (bio_err, "cert.pem recipient certificate(s) for encryption\n");
goto end;
- }
+ }
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
- if (!app_passwd(bio_err, passargin, NULL, &passin, NULL))
- {
+ if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
BIO_printf(bio_err, "Error getting password\n");
goto end;
- }
+ }
- if (need_rand)
- {
+ if (need_rand) {
app_RAND_load_file(NULL, bio_err, (inrand != NULL));
if (inrand != NULL)
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
app_RAND_load_files(inrand));
- }
+ }
ret = 2;
- if (operation != SMIME_SIGN)
- flags &= ~PKCS7_DETACHED;
+ if(operation != SMIME_SIGN) flags &= ~PKCS7_DETACHED;
- if (operation & SMIME_OP)
- {
- if (flags & PKCS7_BINARY)
- inmode = "rb";
- if (outformat == FORMAT_ASN1)
- outmode = "wb";
- }
- else
- {
- if (flags & PKCS7_BINARY)
- outmode = "wb";
- if (informat == FORMAT_ASN1)
- inmode = "rb";
- }
+ if(operation & SMIME_OP) {
+ if(flags & PKCS7_BINARY) inmode = "rb";
+ if(outformat == FORMAT_ASN1) outmode = "wb";
+ } else {
+ if(flags & PKCS7_BINARY) outmode = "wb";
+ if(informat == FORMAT_ASN1) inmode = "rb";
+ }
- if (operation == SMIME_ENCRYPT)
- {
- if (!cipher)
- {
+ if(operation == SMIME_ENCRYPT) {
+ if (!cipher) {
#ifndef OPENSSL_NO_RC2
cipher = EVP_rc2_40_cbc();
#else
BIO_printf(bio_err, "No cipher selected\n");
goto end;
#endif
- }
+ }
encerts = sk_X509_new_null();
- while (*args)
- {
- if (!(cert = load_cert(bio_err,*args,FORMAT_PEM,
- NULL, e, "recipient certificate file")))
- {
+ while (*args) {
+ if(!(cert = load_cert(bio_err,*args,FORMAT_PEM,
+ NULL, e, "recipient certificate file"))) {
#if 0 /* An appropriate message is already printed */
BIO_printf(bio_err, "Can't read recipient certificate file %s\n", *args);
#endif
goto end;
- }
+ }
sk_X509_push(encerts, cert);
cert = NULL;
args++;
- }
}
+ }
- if (signerfile && (operation == SMIME_SIGN))
- {
- if (!(signer = load_cert(bio_err,signerfile,FORMAT_PEM, NULL,
- e, "signer certificate")))
- {
+ if(signerfile && (operation == SMIME_SIGN)) {
+ if(!(signer = load_cert(bio_err,signerfile,FORMAT_PEM, NULL,
+ e, "signer certificate"))) {
#if 0 /* An appropri message has already been printed */
BIO_printf(bio_err, "Can't read signer certificate file %s\n", signerfile);
#endif
goto end;
- }
}
+ }
- if (certfile)
- {
- if (!(other = load_certs(bio_err,certfile,FORMAT_PEM, NULL,
- e, "certificate file")))
- {
+ if(certfile) {
+ if(!(other = load_certs(bio_err,certfile,FORMAT_PEM, NULL,
+ e, "certificate file"))) {
#if 0 /* An appropriate message has already been printed */
BIO_printf(bio_err, "Can't read certificate file %s\n", certfile);
#endif
ERR_print_errors(bio_err);
goto end;
- }
}
+ }
- if (recipfile && (operation == SMIME_DECRYPT))
- {
- if (!(recip = load_cert(bio_err,recipfile,FORMAT_PEM,NULL,
- e, "recipient certificate file")))
- {
+ if(recipfile && (operation == SMIME_DECRYPT)) {
+ if(!(recip = load_cert(bio_err,recipfile,FORMAT_PEM,NULL,
+ e, "recipient certificate file"))) {
#if 0 /* An appropriate message has alrady been printed */
BIO_printf(bio_err, "Can't read recipient certificate file %s\n", recipfile);
#endif
ERR_print_errors(bio_err);
goto end;
- }
}
+ }
- if (operation == SMIME_DECRYPT)
- {
- if (!keyfile)
- keyfile = recipfile;
- }
- else if (operation == SMIME_SIGN)
- {
- if (!keyfile)
- keyfile = signerfile;
- }
- else keyfile = NULL;
+ if(operation == SMIME_DECRYPT) {
+ if(!keyfile) keyfile = recipfile;
+ } else if(operation == SMIME_SIGN) {
+ if(!keyfile) keyfile = signerfile;
+ } else keyfile = NULL;
- if (keyfile)
- {
+ if(keyfile) {
key = load_key(bio_err, keyfile, keyform, 0, passin, e,
"signing key file");
- if (!key)
+ if (!key) {
goto end;
- }
+ }
+ }
- if (infile)
- {
- if (!(in = BIO_new_file(infile, inmode)))
- {
+ if (infile) {
+ if (!(in = BIO_new_file(infile, inmode))) {
BIO_printf (bio_err,
"Can't open input file %s\n", infile);
goto end;
- }
}
- else
- in = BIO_new_fp(stdin, BIO_NOCLOSE);
+ } else in = BIO_new_fp(stdin, BIO_NOCLOSE);
- if (outfile)
- {
- if (!(out = BIO_new_file(outfile, outmode)))
- {
+ if (outfile) {
+ if (!(out = BIO_new_file(outfile, outmode))) {
BIO_printf (bio_err,
"Can't open output file %s\n", outfile);
goto end;
- }
}
- else
- {
+ } else {
out = BIO_new_fp(stdout, BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
{
@@ -614,24 +469,19 @@ int MAIN(int argc, char **argv)
out = BIO_push(tmpbio, out);
}
#endif
- }
+ }
- if (operation == SMIME_VERIFY)
- {
- if (!(store = setup_verify(bio_err, CAfile, CApath)))
- goto end;
- X509_STORE_set_verify_cb_func(store, smime_cb);
- if (vpm)
- X509_STORE_set1_param(store, vpm);
- }
+ if(operation == SMIME_VERIFY) {
+ if(!(store = setup_verify(bio_err, CAfile, CApath))) goto end;
+ X509_STORE_set_flags(store, store_flags);
+ }
ret = 3;
- if (operation == SMIME_ENCRYPT)
+ if(operation == SMIME_ENCRYPT) {
p7 = PKCS7_encrypt(encerts, in, cipher, flags);
- else if (operation == SMIME_SIGN)
- {
+ } else if(operation == SMIME_SIGN) {
/* If detached data and SMIME output enable partial
* signing.
*/
@@ -639,108 +489,86 @@ int MAIN(int argc, char **argv)
flags |= PKCS7_STREAM;
p7 = PKCS7_sign(signer, key, other, in, flags);
/* Don't need to rewind for partial signing */
- if (!(flags & PKCS7_STREAM) && (BIO_reset(in) != 0))
- {
- BIO_printf(bio_err, "Can't rewind input file\n");
- goto end;
- }
+ if (!(flags & PKCS7_STREAM) && (BIO_reset(in) != 0)) {
+ BIO_printf(bio_err, "Can't rewind input file\n");
+ goto end;
}
- else
- {
- if (informat == FORMAT_SMIME)
+ } else {
+ if(informat == FORMAT_SMIME)
p7 = SMIME_read_PKCS7(in, &indata);
- else if (informat == FORMAT_PEM)
+ else if(informat == FORMAT_PEM)
p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL);
- else if (informat == FORMAT_ASN1)
+ else if(informat == FORMAT_ASN1)
p7 = d2i_PKCS7_bio(in, NULL);
- else
- {
+ else {
BIO_printf(bio_err, "Bad input format for PKCS#7 file\n");
goto end;
- }
+ }
- if (!p7)
- {
+ if(!p7) {
BIO_printf(bio_err, "Error reading S/MIME message\n");
goto end;
- }
- if (contfile)
- {
+ }
+ if(contfile) {
BIO_free(indata);
- if (!(indata = BIO_new_file(contfile, "rb")))
- {
+ if(!(indata = BIO_new_file(contfile, "rb"))) {
BIO_printf(bio_err, "Can't read content file %s\n", contfile);
goto end;
- }
}
}
+ }
- if (!p7)
- {
+ if(!p7) {
BIO_printf(bio_err, "Error creating PKCS#7 structure\n");
goto end;
- }
+ }
ret = 4;
- if (operation == SMIME_DECRYPT)
- {
- if (!PKCS7_decrypt(p7, key, recip, out, flags))
- {
+ if(operation == SMIME_DECRYPT) {
+ if(!PKCS7_decrypt(p7, key, recip, out, flags)) {
BIO_printf(bio_err, "Error decrypting PKCS#7 structure\n");
goto end;
- }
}
- else if (operation == SMIME_VERIFY)
- {
+ } else if(operation == SMIME_VERIFY) {
STACK_OF(X509) *signers;
- if (PKCS7_verify(p7, other, store, indata, out, flags))
+ if(PKCS7_verify(p7, other, store, indata, out, flags)) {
BIO_printf(bio_err, "Verification successful\n");
- else
- {
+ } else {
BIO_printf(bio_err, "Verification failure\n");
goto end;
- }
+ }
signers = PKCS7_get0_signers(p7, other, flags);
- if (!save_certs(signerfile, signers))
- {
+ if(!save_certs(signerfile, signers)) {
BIO_printf(bio_err, "Error writing signers to %s\n",
signerfile);
ret = 5;
goto end;
- }
- sk_X509_free(signers);
}
- else if (operation == SMIME_PK7OUT)
+ sk_X509_free(signers);
+ } else if(operation == SMIME_PK7OUT) {
PEM_write_bio_PKCS7(out, p7);
- else
- {
- if (to)
- BIO_printf(out, "To: %s\n", to);
- if (from)
- BIO_printf(out, "From: %s\n", from);
- if (subject)
- BIO_printf(out, "Subject: %s\n", subject);
- if (outformat == FORMAT_SMIME)
+ } else {
+ if(to) BIO_printf(out, "To: %s\n", to);
+ if(from) BIO_printf(out, "From: %s\n", from);
+ if(subject) BIO_printf(out, "Subject: %s\n", subject);
+ if(outformat == FORMAT_SMIME)
SMIME_write_PKCS7(out, p7, in, flags);
- else if (outformat == FORMAT_PEM)
+ else if(outformat == FORMAT_PEM)
PEM_write_bio_PKCS7(out,p7);
- else if (outformat == FORMAT_ASN1)
+ else if(outformat == FORMAT_ASN1)
i2d_PKCS7_bio(out,p7);
- else
- {
+ else {
BIO_printf(bio_err, "Bad output format for PKCS#7 file\n");
goto end;
- }
}
+ }
ret = 0;
end:
if (need_rand)
app_RAND_write_file(NULL, bio_err);
- if (ret) ERR_print_errors(bio_err);
+ if(ret) ERR_print_errors(bio_err);
sk_X509_pop_free(encerts, X509_free);
sk_X509_pop_free(other, X509_free);
- if (vpm)
- X509_VERIFY_PARAM_free(vpm);
X509_STORE_free(store);
X509_free(cert);
X509_free(recip);
@@ -750,39 +578,20 @@ end:
BIO_free(in);
BIO_free(indata);
BIO_free_all(out);
- if (passin) OPENSSL_free(passin);
+ if(passin) OPENSSL_free(passin);
return (ret);
}
static int save_certs(char *signerfile, STACK_OF(X509) *signers)
- {
+{
int i;
BIO *tmp;
- if (!signerfile)
- return 1;
+ if(!signerfile) return 1;
tmp = BIO_new_file(signerfile, "w");
- if (!tmp) return 0;
+ if(!tmp) return 0;
for(i = 0; i < sk_X509_num(signers); i++)
PEM_write_bio_X509(tmp, sk_X509_value(signers, i));
BIO_free(tmp);
return 1;
- }
+}
-
-/* Minimal callback just to output policy info (if any) */
-
-static int smime_cb(int ok, X509_STORE_CTX *ctx)
- {
- int error;
-
- error = X509_STORE_CTX_get_error(ctx);
-
- if ((error != X509_V_ERR_NO_EXPLICIT_POLICY)
- && ((error != X509_V_OK) || (ok != 2)))
- return ok;
-
- policies_print(NULL, ctx);
-
- return ok;
-
- }
diff --git a/apps/speed.c b/apps/speed.c
index 5697d3aef4..a3b0833b69 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -1576,7 +1576,6 @@ int MAIN(int argc, char **argv)
}
}
-#ifndef OPENSSL_NO_SHA256
if (doit[D_SHA256])
{
for (j=0; j<SIZE_NUM; j++)
@@ -1589,9 +1588,7 @@ int MAIN(int argc, char **argv)
print_result(D_SHA256,j,count,d);
}
}
-#endif
-#ifndef OPENSSL_NO_SHA512
if (doit[D_SHA512])
{
for (j=0; j<SIZE_NUM; j++)
@@ -1605,8 +1602,6 @@ int MAIN(int argc, char **argv)
}
}
#endif
-
-#endif
#ifndef OPENSSL_NO_RIPEMD
if (doit[D_RMD160])
{
diff --git a/apps/term_sock.c b/apps/term_sock.c
new file mode 100644
index 0000000000..4d6e080697
--- /dev/null
+++ b/apps/term_sock.c
@@ -0,0 +1,583 @@
+#include <openssl/e_os2.h>
+
+#ifdef OPENSSL_SYS_VMS
+
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <inet.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include <errno.h>
+#include <starlet.h>
+#include <iodef.h>
+#ifdef __alpha
+#include <iosbdef.h>
+#else
+typedef struct _iosb { /* Copied from IOSBDEF.H for Alpha */
+#pragma __nomember_alignment
+ __union {
+ __struct {
+ unsigned short int iosb$w_status; /* Final I/O status */
+ __union {
+ __struct { /* 16-bit byte count variant */
+ unsigned short int iosb$w_bcnt; /* 16-bit byte count */
+ __union {
+ unsigned int iosb$l_dev_depend; /* 32-bit device dependent info */
+ unsigned int iosb$l_pid; /* 32-bit pid */
+ } iosb$r_l;
+ } iosb$r_bcnt_16;
+ __struct { /* 32-bit byte count variant */
+ unsigned int iosb$l_bcnt; /* 32-bit byte count (unaligned) */
+ unsigned short int iosb$w_dev_depend_high; /* 16-bit device dependent info */
+ } iosb$r_bcnt_32;
+ } iosb$r_devdepend;
+ } iosb$r_io_64;
+ __struct {
+ __union {
+ unsigned int iosb$l_getxxi_status; /* Final GETxxI status */
+ unsigned int iosb$l_reg_status; /* Final $Registry status */
+ } iosb$r_l_status;
+ unsigned int iosb$l_reserved; /* Reserved field */
+ } iosb$r_get_64;
+ } iosb$r_io_get;
+ } IOSB;
+
+#if !defined(__VAXC)
+#define iosb$w_status iosb$r_io_get.iosb$r_io_64.iosb$w_status
+#define iosb$w_bcnt iosb$r_io_get.iosb$r_io_64.iosb$r_devdepend.iosb$r_bcnt_16.iosb$w_bcnt
+#define iosb$r_l iosb$r_io_get.iosb$r_io_64.iosb$r_devdepend.iosb$r_bcnt_16.iosb$r_l
+#define iosb$l_dev_depend iosb$r_l.iosb$l_dev_depend
+#define iosb$l_pid iosb$r_l.iosb$l_pid
+#define iosb$l_bcnt iosb$r_io_get.iosb$r_io_64.iosb$r_devdepend.iosb$r_bcnt_32.iosb$l_bcnt
+#define iosb$w_dev_depend_high iosb$r_io_get.iosb$r_io_64.iosb$r_devdepend.iosb$r_bcnt_32.iosb$w_dev_depend_high
+#define iosb$l_getxxi_status iosb$r_io_get.iosb$r_get_64.iosb$r_l_status.iosb$l_getxxi_status
+#define iosb$l_reg_status iosb$r_io_get.iosb$r_get_64.iosb$r_l_status.iosb$l_reg_status
+#endif /* #if !defined(__VAXC) */
+
+#endif /* End of IOSBDEF */
+
+#include <efndef.h>
+#include <stdlib.h>
+#include <ssdef.h>
+#include <time.h>
+#include <stdarg.h>
+#include <descrip.h>
+
+#include "term_sock.h"
+
+#ifdef __alpha
+static struct _iosb TerminalDeviceIosb;
+#else
+IOSB TerminalDeviceIosb;
+#endif
+
+static char TerminalDeviceBuff[255 + 2];
+static int TerminalSocketPair[2] = {0, 0};
+static unsigned short TerminalDeviceChan = 0;
+
+static int CreateSocketPair (int, int, int, int *);
+static void SocketPairTimeoutAst (int);
+static int TerminalDeviceAst (int);
+static void LogMessage (char *, ...);
+
+/*
+** Socket Pair Timeout Value (must be 0-59 seconds)
+*/
+#define SOCKET_PAIR_TIMEOUT_VALUE 20
+
+/*
+** Socket Pair Timeout Block which is passed to timeout AST
+*/
+typedef struct _SocketPairTimeoutBlock {
+ unsigned short SockChan1;
+ unsigned short SockChan2;
+ } SPTB;
+
+#ifdef TERM_SOCK_TEST
+
+/*----------------------------------------------------------------------------*/
+/* */
+/*----------------------------------------------------------------------------*/
+int main (int argc, char *argv[], char *envp[])
+{
+char TermBuff[80];
+int TermSock,
+ status,
+ len;
+
+LogMessage ("Enter 'q' or 'Q' to quit ...");
+while (strcasecmp (TermBuff, "Q"))
+ {
+ /*
+ ** Create the terminal socket
+ */
+ status = TerminalSocket (TERM_SOCK_CREATE, &TermSock);
+ if (status != TERM_SOCK_SUCCESS)
+ exit (1);
+
+ /*
+ ** Process the terminal input
+ */
+ LogMessage ("Waiting on terminal I/O ...\n");
+ len = recv (TermSock, TermBuff, sizeof (TermBuff), 0) ;
+ TermBuff[len] = '\0';
+ LogMessage ("Received terminal I/O [%s]", TermBuff);
+
+ /*
+ ** Delete the terminal socket
+ */
+ status = TerminalSocket (TERM_SOCK_DELETE, &TermSock);
+ if (status != TERM_SOCK_SUCCESS)
+ exit (1);
+ }
+
+return 1;
+
+}
+#endif
+
+/*----------------------------------------------------------------------------*/
+/* */
+/*----------------------------------------------------------------------------*/
+int TerminalSocket (int FunctionCode, int *ReturnSocket)
+{
+int status;
+$DESCRIPTOR (TerminalDeviceDesc, "SYS$COMMAND");
+
+/*
+** Process the requested function code
+*/
+switch (FunctionCode)
+ {
+ case TERM_SOCK_CREATE:
+ /*
+ ** Create a socket pair
+ */
+ status = CreateSocketPair (AF_INET, SOCK_STREAM, 0, TerminalSocketPair);
+ if (status == -1)
+ {
+ LogMessage ("TerminalSocket: CreateSocketPair () - %08X", status);
+ if (TerminalSocketPair[0])
+ close (TerminalSocketPair[0]);
+ if (TerminalSocketPair[1])
+ close (TerminalSocketPair[1]);
+ return (TERM_SOCK_FAILURE);
+ }
+
+ /*
+ ** Assign a channel to the terminal device
+ */
+ status = sys$assign (&TerminalDeviceDesc,
+ &TerminalDeviceChan,
+ 0, 0, 0);
+ if (! (status & 1))
+ {
+ LogMessage ("TerminalSocket: SYS$ASSIGN () - %08X", status);
+ close (TerminalSocketPair[0]);
+ close (TerminalSocketPair[1]);
+ return (TERM_SOCK_FAILURE);
+ }
+
+ /*
+ ** Queue an async IO to the terminal device
+ */
+ status = sys$qio (EFN$C_ENF,
+ TerminalDeviceChan,
+ IO$_READVBLK,
+ &TerminalDeviceIosb,
+ TerminalDeviceAst,
+ 0,
+ TerminalDeviceBuff,
+ sizeof (TerminalDeviceBuff) - 2,
+ 0, 0, 0, 0);
+ if (! (status & 1))
+ {
+ LogMessage ("TerminalSocket: SYS$QIO () - %08X", status);
+ close (TerminalSocketPair[0]);
+ close (TerminalSocketPair[1]);
+ return (TERM_SOCK_FAILURE);
+ }
+
+ /*
+ ** Return the input side of the socket pair
+ */
+ *ReturnSocket = TerminalSocketPair[1];
+ break;
+
+ case TERM_SOCK_DELETE:
+ /*
+ ** Cancel any pending IO on the terminal channel
+ */
+ status = sys$cancel (TerminalDeviceChan);
+ if (! (status & 1))
+ {
+ LogMessage ("TerminalSocket: SYS$CANCEL () - %08X", status);
+ close (TerminalSocketPair[0]);
+ close (TerminalSocketPair[1]);
+ return (TERM_SOCK_FAILURE);
+ }
+
+ /*
+ ** Deassign the terminal channel
+ */
+ status = sys$dassgn (TerminalDeviceChan);
+ if (! (status & 1))
+ {
+ LogMessage ("TerminalSocket: SYS$DASSGN () - %08X", status);
+ close (TerminalSocketPair[0]);
+ close (TerminalSocketPair[1]);
+ return (TERM_SOCK_FAILURE);
+ }
+
+ /*
+ ** Close the terminal socket pair
+ */
+ close (TerminalSocketPair[0]);
+ close (TerminalSocketPair[1]);
+
+ /*
+ ** Return the initialized socket
+ */
+ *ReturnSocket = 0;
+ break;
+
+ default:
+ /*
+ ** Invalid function code
+ */
+ LogMessage ("TerminalSocket: Invalid Function Code - %d", FunctionCode);
+ return (TERM_SOCK_FAILURE);
+ break;
+ }
+
+/*
+** Return success
+*/
+return (TERM_SOCK_SUCCESS);
+
+}
+
+/*----------------------------------------------------------------------------*/
+/* */
+/*----------------------------------------------------------------------------*/
+static int CreateSocketPair (
+ int SocketFamily,
+ int SocketType,
+ int SocketProtocol,
+ int *SocketPair)
+{
+struct dsc$descriptor AscTimeDesc = {0, DSC$K_DTYPE_T, DSC$K_CLASS_S, NULL};
+static const char* LocalHostAddr = {"127.0.0.1"};
+unsigned short TcpAcceptChan = 0,
+ TcpDeviceChan = 0;
+unsigned long BinTimeBuff[2];
+struct sockaddr_in sin;
+char AscTimeBuff[32];
+short LocalHostPort;
+int status;
+unsigned int slen;
+
+#ifdef __alpha
+struct _iosb iosb;
+#else
+IOSB iosb;
+#endif
+
+int SockDesc1 = 0,
+ SockDesc2 = 0;
+SPTB sptb;
+$DESCRIPTOR (TcpDeviceDesc, "TCPIP$DEVICE");
+
+/*
+** Create a socket
+*/
+SockDesc1 = socket (SocketFamily, SocketType, 0);
+if (SockDesc1 < 0)
+ {
+ LogMessage ("CreateSocketPair: socket () - %d", errno);
+ return (-1);
+ }
+
+/*
+** Initialize the socket information
+*/
+slen = sizeof (sin);
+memset ((char *) &sin, 0, slen);
+sin.sin_family = SocketFamily;
+sin.sin_addr.s_addr = inet_addr (LocalHostAddr);
+sin.sin_port = 0;
+
+/*
+** Bind the socket to the local IP
+*/
+status = bind (SockDesc1, (struct sockaddr *) &sin, slen);
+if (status < 0)
+ {
+ LogMessage ("CreateSocketPair: bind () - %d", errno);
+ close (SockDesc1);
+ return (-1);
+ }
+
+/*
+** Get the socket name so we can save the port number
+*/
+status = getsockname (SockDesc1, (struct sockaddr *) &sin, &slen);
+if (status < 0)
+ {
+ LogMessage ("CreateSocketPair: getsockname () - %d", errno);
+ close (SockDesc1);
+ return (-1);
+ }
+else
+ LocalHostPort = sin.sin_port;
+
+/*
+** Setup a listen for the socket
+*/
+listen (SockDesc1, 5);
+
+/*
+** Get the binary (64-bit) time of the specified timeout value
+*/
+sprintf (AscTimeBuff, "0 0:0:%02d.00", SOCKET_PAIR_TIMEOUT_VALUE);
+AscTimeDesc.dsc$w_length = strlen (AscTimeBuff);
+AscTimeDesc.dsc$a_pointer = AscTimeBuff;
+status = sys$bintim (&AscTimeDesc, BinTimeBuff);
+if (! (status & 1))
+ {
+ LogMessage ("CreateSocketPair: SYS$BINTIM () - %08X", status);
+ close (SockDesc1);
+ return (-1);
+ }
+
+/*
+** Assign another channel to the TCP/IP device for the accept.
+** This is the channel that ends up being connected to.
+*/
+status = sys$assign (&TcpDeviceDesc, &TcpDeviceChan, 0, 0, 0);
+if (! (status & 1))
+ {
+ LogMessage ("CreateSocketPair: SYS$ASSIGN () - %08X", status);
+ close (SockDesc1);
+ return (-1);
+ }
+
+/*
+** Get the channel of the first socket for the accept
+*/
+TcpAcceptChan = decc$get_sdc (SockDesc1);
+
+/*
+** Perform the accept using $QIO so we can do this asynchronously
+*/
+status = sys$qio (EFN$C_ENF,
+ TcpAcceptChan,
+ IO$_ACCESS | IO$M_ACCEPT,
+ &iosb,
+ 0, 0, 0, 0, 0,
+ &TcpDeviceChan,
+ 0, 0);
+if (! (status & 1))
+ {
+ LogMessage ("CreateSocketPair: SYS$QIO () - %08X", status);
+ close (SockDesc1);
+ sys$dassgn (TcpDeviceChan);
+ return (-1);
+ }
+
+/*
+** Create the second socket to do the connect
+*/
+SockDesc2 = socket (SocketFamily, SocketType, 0);
+if (SockDesc2 < 0)
+ {
+ LogMessage ("CreateSocketPair: socket () - %d", errno);
+ sys$cancel (TcpAcceptChan);
+ close (SockDesc1);
+ sys$dassgn (TcpDeviceChan);
+ return (-1) ;
+ }
+
+/*
+** Setup the Socket Pair Timeout Block
+*/
+sptb.SockChan1 = TcpAcceptChan;
+sptb.SockChan2 = decc$get_sdc (SockDesc2);
+
+/*
+** Before we block on the connect, set a timer that can cancel I/O on our two
+** sockets if it never connects.
+*/
+status = sys$setimr (EFN$C_ENF,
+ BinTimeBuff,
+ SocketPairTimeoutAst,
+ &sptb,
+ 0);
+if (! (status & 1))
+ {
+ LogMessage ("CreateSocketPair: SYS$SETIMR () - %08X", status);
+ sys$cancel (TcpAcceptChan);
+ close (SockDesc1);
+ close (SockDesc2);
+ sys$dassgn (TcpDeviceChan);
+ return (-1);
+ }
+
+/*
+** Now issue the connect
+*/
+memset ((char *) &sin, 0, sizeof (sin)) ;
+sin.sin_family = SocketFamily;
+sin.sin_addr.s_addr = inet_addr (LocalHostAddr) ;
+sin.sin_port = LocalHostPort ;
+
+status = connect (SockDesc2, (struct sockaddr *) &sin, sizeof (sin));
+if (status < 0 )
+ {
+ LogMessage ("CreateSocketPair: connect () - %d", errno);
+ sys$cantim (&sptb, 0);
+ sys$cancel (TcpAcceptChan);
+ close (SockDesc1);
+ close (SockDesc2);
+ sys$dassgn (TcpDeviceChan);
+ return (-1);
+ }
+
+/*
+** Wait for the asynch $QIO to finish. Note that if the I/O was aborted
+** (SS$_ABORT), then we probably canceled it from the AST routine - so log a
+** timeout.
+*/
+status = sys$synch (EFN$C_ENF, &iosb);
+if (! (iosb.iosb$w_status & 1))
+ {
+ if (iosb.iosb$w_status == SS$_ABORT)
+ LogMessage ("CreateSocketPair: SYS$QIO(iosb) timeout");
+ else
+ {
+ LogMessage ("CreateSocketPair: SYS$QIO(iosb) - %d", iosb.iosb$w_status);
+ sys$cantim (&sptb, 0);
+ }
+ close (SockDesc1);
+ close (SockDesc2);
+ sys$dassgn (TcpDeviceChan);
+ return (-1);
+ }
+
+/*
+** Here we're successfully connected, so cancel the timer, convert the I/O
+** channel to a socket fd, close the listener socket and return the connected
+** pair.
+*/
+sys$cantim (&sptb, 0);
+
+close (SockDesc1) ;
+SocketPair[0] = SockDesc2 ;
+SocketPair[1] = socket_fd (TcpDeviceChan);
+
+return (0) ;
+
+}
+
+/*----------------------------------------------------------------------------*/
+/* */
+/*----------------------------------------------------------------------------*/
+static void SocketPairTimeoutAst (int astparm)
+{
+SPTB *sptb = (SPTB *) astparm;
+
+sys$cancel (sptb->SockChan2); /* Cancel the connect() */
+sys$cancel (sptb->SockChan1); /* Cancel the accept() */
+
+return;
+
+}
+
+/*----------------------------------------------------------------------------*/
+/* */
+/*----------------------------------------------------------------------------*/
+static int TerminalDeviceAst (int astparm)
+{
+int status;
+
+/*
+** Terminate the terminal buffer
+*/
+TerminalDeviceBuff[TerminalDeviceIosb.iosb$w_bcnt] = '\0';
+strcat (TerminalDeviceBuff, "\n");
+
+/*
+** Send the data read from the terminal device throught the socket pair
+*/
+send (TerminalSocketPair[0], TerminalDeviceBuff, TerminalDeviceIosb.iosb$w_bcnt + 1, 0);
+
+/*
+** Queue another async IO to the terminal device
+*/
+status = sys$qio (EFN$C_ENF,
+ TerminalDeviceChan,
+ IO$_READVBLK,
+ &TerminalDeviceIosb,
+ TerminalDeviceAst,
+ 0,
+ TerminalDeviceBuff,
+ sizeof (TerminalDeviceBuff) - 1,
+ 0, 0, 0, 0);
+
+/*
+** Return status
+*/
+return status;
+
+}
+
+/*----------------------------------------------------------------------------*/
+/* */
+/*----------------------------------------------------------------------------*/
+static void LogMessage (char *msg, ...)
+{
+char *Month[] = {"Jan", "Feb", "Mar", "Apr", "May", "Jun",
+ "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"};
+static unsigned int pid = 0;
+va_list args;
+time_t CurTime;
+struct tm *LocTime;
+char MsgBuff[256];
+
+/*
+** Get the process pid
+*/
+if (pid == 0)
+ pid = getpid ();
+
+/*
+** Convert the current time into local time
+*/
+CurTime = time (NULL);
+LocTime = localtime (&CurTime);
+
+/*
+** Format the message buffer
+*/
+sprintf (MsgBuff, "%02d-%s-%04d %02d:%02d:%02d [%08X] %s\n",
+ LocTime->tm_mday, Month[LocTime->tm_mon], (LocTime->tm_year + 1900),
+ LocTime->tm_hour, LocTime->tm_min, LocTime->tm_sec, pid, msg);
+
+/*
+** Get any variable arguments and add them to the print of the message buffer
+*/
+va_start (args, msg);
+vfprintf (stderr, MsgBuff, args);
+va_end (args);
+
+/*
+** Flush standard error output
+*/
+fsync (fileno (stderr));
+
+return;
+
+}
+#endif
diff --git a/apps/term_sock.h b/apps/term_sock.h
new file mode 100644
index 0000000000..4b445a9649
--- /dev/null
+++ b/apps/term_sock.h
@@ -0,0 +1,21 @@
+#ifndef TERM_SOCK_H
+#define TERM_SOCK_H
+
+/*
+** Terminal Socket Function Codes
+*/
+#define TERM_SOCK_CREATE 1
+#define TERM_SOCK_DELETE 2
+
+/*
+** Terminal Socket Status Codes
+*/
+#define TERM_SOCK_FAILURE 0
+#define TERM_SOCK_SUCCESS 1
+
+/*
+** Terminal Socket Prototype
+*/
+int TerminalSocket (int FunctionCode, int *ReturnSocket);
+
+#endif
diff --git a/apps/verify.c b/apps/verify.c
index 9ff32cb068..6a93c018b8 100644
--- a/apps/verify.c
+++ b/apps/verify.c
@@ -79,14 +79,13 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
ENGINE *e = NULL;
- int i,ret=1, badarg = 0;
+ int i,ret=1;
int purpose = -1;
char *CApath=NULL,*CAfile=NULL;
char *untfile = NULL, *trustfile = NULL;
STACK_OF(X509) *untrusted = NULL, *trusted = NULL;
X509_STORE *cert_ctx=NULL;
X509_LOOKUP *lookup=NULL;
- X509_VERIFY_PARAM *vpm = NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
@@ -122,12 +121,18 @@ int MAIN(int argc, char **argv)
if (argc-- < 1) goto end;
CAfile= *(++argv);
}
- else if (args_verify(&argv, &argc, &badarg, bio_err,
- &vpm))
+ else if (strcmp(*argv,"-purpose") == 0)
{
- if (badarg)
+ X509_PURPOSE *xptmp;
+ if (argc-- < 1) goto end;
+ i = X509_PURPOSE_get_by_sname(*(++argv));
+ if(i < 0)
+ {
+ BIO_printf(bio_err, "unrecognized purpose\n");
goto end;
- continue;
+ }
+ xptmp = X509_PURPOSE_get0(i);
+ purpose = X509_PURPOSE_get_id(xptmp);
}
else if (strcmp(*argv,"-untrusted") == 0)
{
@@ -148,6 +153,14 @@ int MAIN(int argc, char **argv)
#endif
else if (strcmp(*argv,"-help") == 0)
goto end;
+ else if (strcmp(*argv,"-ignore_critical") == 0)
+ vflags |= X509_V_FLAG_IGNORE_CRITICAL;
+ else if (strcmp(*argv,"-issuer_checks") == 0)
+ vflags |= X509_V_FLAG_CB_ISSUER_CHECK;
+ else if (strcmp(*argv,"-crl_check") == 0)
+ vflags |= X509_V_FLAG_CRL_CHECK;
+ else if (strcmp(*argv,"-crl_check_all") == 0)
+ vflags |= X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL;
else if (strcmp(*argv,"-verbose") == 0)
v_verbose=1;
else if (argv[0][0] == '-')
@@ -165,9 +178,6 @@ int MAIN(int argc, char **argv)
e = setup_engine(bio_err, engine, 0);
#endif
- if (vpm)
- X509_STORE_set1_param(cert_ctx, vpm);
-
lookup=X509_STORE_add_lookup(cert_ctx,X509_LOOKUP_file());
if (lookup == NULL) abort();
if (CAfile) {
@@ -228,7 +238,6 @@ end:
X509_PURPOSE_get0_name(ptmp));
}
}
- if (vpm) X509_VERIFY_PARAM_free(vpm);
if (cert_ctx != NULL) X509_STORE_free(cert_ctx);
sk_X509_pop_free(untrusted, X509_free);
sk_X509_pop_free(trusted, X509_free);
@@ -330,13 +339,10 @@ static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx)
if (!ok)
{
- if (ctx->current_cert)
- {
- X509_NAME_oneline(
+ X509_NAME_oneline(
X509_get_subject_name(ctx->current_cert),buf,
sizeof buf);
- printf("%s\n",buf);
- }
+ printf("%s\n",buf);
printf("error %d at %d depth lookup:%s\n",ctx->error,
ctx->error_depth,
X509_verify_cert_error_string(ctx->error));
@@ -348,21 +354,13 @@ static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx)
if (ctx->error == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) ok=1;
/* Continue after extension errors too */
if (ctx->error == X509_V_ERR_INVALID_CA) ok=1;
- if (ctx->error == X509_V_ERR_INVALID_NON_CA) ok=1;
if (ctx->error == X509_V_ERR_PATH_LENGTH_EXCEEDED) ok=1;
if (ctx->error == X509_V_ERR_INVALID_PURPOSE) ok=1;
if (ctx->error == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) ok=1;
if (ctx->error == X509_V_ERR_CRL_HAS_EXPIRED) ok=1;
if (ctx->error == X509_V_ERR_CRL_NOT_YET_VALID) ok=1;
if (ctx->error == X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION) ok=1;
-
- if (ctx->error == X509_V_ERR_NO_EXPLICIT_POLICY)
- policies_print(NULL, ctx);
- return ok;
-
}
- if ((ctx->error == X509_V_OK) && (ok == 2))
- policies_print(NULL, ctx);
if (!v_verbose)
ERR_clear_error();
return(ok);
diff --git a/apps/x509.c b/apps/x509.c
index 294fc69573..d00511c78a 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -606,12 +606,9 @@ bad:
sno = ASN1_INTEGER_new();
if (!sno || !rand_serial(NULL, sno))
goto end;
- if (!X509_set_serialNumber(x, sno))
- goto end;
- ASN1_INTEGER_free(sno);
- sno = NULL;
}
- else if (!X509_set_serialNumber(x, sno))
+
+ if (!X509_set_serialNumber(x, sno))
goto end;
if (!X509_set_issuer_name(x,req->req_info->subject)) goto end;
@@ -999,9 +996,9 @@ bad:
if (checkend)
{
- time_t tcheck=time(NULL) + checkoffset;
+ time_t tnow=time(NULL);
- if (X509_cmp_time(X509_get_notAfter(x), &tcheck) < 0)
+ if (ASN1_UTCTIME_cmp_time_t(X509_get_notAfter(x), tnow+checkoffset) == -1)
{
BIO_printf(out,"Certificate will expire\n");
ret=1;
diff --git a/certs/ICE-CA.pem b/certs/ICE-CA.pem
new file mode 100644
index 0000000000..75652366c2
--- /dev/null
+++ b/certs/ICE-CA.pem
@@ -0,0 +1,59 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 1 (0x1)
+ Signature Algorithm: md5WithRSAEncryption
+ Issuer: O=European ICE-TEL project, OU=V3-Certification Authority
+ Validity
+ Not Before: Apr 2 17:35:53 1997 GMT
+ Not After : Apr 2 17:35:53 1998 GMT
+ Subject: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt
+ Subject Public Key Info:
+ Public Key Algorithm: rsa
+ RSA Public Key: (512 bit)
+ Modulus (512 bit):
+ 00:82:75:ba:f6:d1:60:b5:f9:15:b3:6a:dd:29:8f:
+ 8b:a4:6f:1a:88:e0:50:43:40:0b:79:41:d5:d3:16:
+ 44:7d:74:65:17:42:06:52:0b:e9:50:c8:10:cd:24:
+ e2:ae:8d:22:30:73:e6:b4:b7:93:1f:e5:6e:a2:ae:
+ 49:11:a5:c9:45
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Authority Key Identifier:
+ 0.........z.."p......e..
+ X509v3 Subject Key Identifier:
+ ..~r..:..B.44fu......3
+ X509v3 Key Usage: critical
+ ....
+ X509v3 Certificate Policies: critical
+ 0.0...*...
+ X509v3 Subject Alternative Name:
+ 0!..secude-support@darmstadt.gmd.de
+ X509v3 Issuer Alternative Name:
+ 0I..ice-tel-ca@darmstadt.gmd.de.*http://www.darmstadt.gmd.de/ice-tel/euroca
+ X509v3 Basic Constraints: critical
+ 0....
+ X509v3 CRL Distribution Points:
+ 0200...,.*http://www.darmstadt.gmd.de/ice-tel/euroca
+ Signature Algorithm: md5WithRSAEncryption
+ 17:a2:88:b7:99:5a:05:41:e4:13:34:67:e6:1f:3e:26:ec:4b:
+ 69:f9:3e:28:22:be:9d:1c:ab:41:6f:0c:00:85:fe:45:74:f6:
+ 98:f0:ce:9b:65:53:4a:50:42:c7:d4:92:bd:d7:a2:a8:3d:98:
+ 88:73:cd:60:28:79:a3:fc:48:7a
+-----BEGIN CERTIFICATE-----
+MIICzDCCAnagAwIBAgIBATANBgkqhkiG9w0BAQQFADBIMSEwHwYDVQQKExhFdXJv
+cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
+QXV0aG9yaXR5MB4XDTk3MDQwMjE3MzU1M1oXDTk4MDQwMjE3MzU1M1owXDEhMB8G
+A1UEChMYRXVyb3BlYW4gSUNFLVRFTCBwcm9qZWN0MSMwIQYDVQQLExpWMy1DZXJ0
+aWZpY2F0aW9uIEF1dGhvcml0eTESMBAGA1UEBxMJRGFybXN0YWR0MFkwCgYEVQgB
+AQICAgADSwAwSAJBAIJ1uvbRYLX5FbNq3SmPi6RvGojgUENAC3lB1dMWRH10ZRdC
+BlIL6VDIEM0k4q6NIjBz5rS3kx/lbqKuSRGlyUUCAwEAAaOCATgwggE0MB8GA1Ud
+IwQYMBaAFIr3yNUOx3ro1yJw4AuJ1bbsZbzPMB0GA1UdDgQWBBR+cvL4OoacQog0
+NGZ1w9T80aIRMzAOBgNVHQ8BAf8EBAMCAfYwFAYDVR0gAQH/BAowCDAGBgQqAwQF
+MCoGA1UdEQQjMCGBH3NlY3VkZS1zdXBwb3J0QGRhcm1zdGFkdC5nbWQuZGUwUgYD
+VR0SBEswSYEbaWNlLXRlbC1jYUBkYXJtc3RhZHQuZ21kLmRlhipodHRwOi8vd3d3
+LmRhcm1zdGFkdC5nbWQuZGUvaWNlLXRlbC9ldXJvY2EwDwYDVR0TAQH/BAUwAwEB
+/zA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vd3d3LmRhcm1zdGFkdC5nbWQuZGUv
+aWNlLXRlbC9ldXJvY2EwDQYJKoZIhvcNAQEEBQADQQAXooi3mVoFQeQTNGfmHz4m
+7Etp+T4oIr6dHKtBbwwAhf5FdPaY8M6bZVNKUELH1JK916KoPZiIc81gKHmj/Eh6
+-----END CERTIFICATE-----
diff --git a/certs/ICE-root.pem b/certs/ICE-root.pem
new file mode 100644
index 0000000000..fa991599c9
--- /dev/null
+++ b/certs/ICE-root.pem
@@ -0,0 +1,48 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 0 (0x0)
+ Signature Algorithm: md5WithRSAEncryption
+ Issuer: O=European ICE-TEL project, OU=V3-Certification Authority
+ Validity
+ Not Before: Apr 2 17:33:36 1997 GMT
+ Not After : Apr 2 17:33:36 1998 GMT
+ Subject: O=European ICE-TEL project, OU=V3-Certification Authority
+ Subject Public Key Info:
+ Public Key Algorithm: rsa
+ RSA Public Key: (512 bit)
+ Modulus (512 bit):
+ 00:80:3e:eb:ae:47:a9:fe:10:54:0b:81:8b:9c:2b:
+ 82:ab:3a:61:36:65:8b:f3:73:9f:ac:ac:7a:15:a7:
+ 13:8f:b4:c4:ba:a3:0f:bc:a5:58:8d:cc:b1:93:31:
+ 9e:81:9e:8c:19:61:86:fa:52:73:54:d1:97:76:22:
+ e7:c7:9f:41:cd
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ ........z.."p......e..
+ X509v3 Key Usage: critical
+ ....
+ X509v3 Subject Alternative Name:
+ 0I.*http://www.darmstadt.gmd.de/ice-tel/euroca..ice-tel-ca@darmstadt.gmd.de
+ X509v3 Basic Constraints: critical
+ 0....
+ Signature Algorithm: md5WithRSAEncryption
+ 76:69:61:db:b7:cf:8b:06:9e:d8:8c:96:53:d2:4d:a8:23:a6:
+ 03:44:e8:8f:24:a5:c0:84:a8:4b:77:d4:2d:2b:7d:37:91:67:
+ f2:2c:ce:02:31:4c:6b:cc:ce:f2:68:a6:11:11:ab:7d:88:b8:
+ 7e:22:9f:25:06:60:bd:79:30:3d
+-----BEGIN CERTIFICATE-----
+MIICFjCCAcCgAwIBAgIBADANBgkqhkiG9w0BAQQFADBIMSEwHwYDVQQKExhFdXJv
+cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
+QXV0aG9yaXR5MB4XDTk3MDQwMjE3MzMzNloXDTk4MDQwMjE3MzMzNlowSDEhMB8G
+A1UEChMYRXVyb3BlYW4gSUNFLVRFTCBwcm9qZWN0MSMwIQYDVQQLExpWMy1DZXJ0
+aWZpY2F0aW9uIEF1dGhvcml0eTBZMAoGBFUIAQECAgIAA0sAMEgCQQCAPuuuR6n+
+EFQLgYucK4KrOmE2ZYvzc5+srHoVpxOPtMS6ow+8pViNzLGTMZ6BnowZYYb6UnNU
+0Zd2IufHn0HNAgMBAAGjgZcwgZQwHQYDVR0OBBYEFIr3yNUOx3ro1yJw4AuJ1bbs
+ZbzPMA4GA1UdDwEB/wQEAwIB9jBSBgNVHREESzBJhipodHRwOi8vd3d3LmRhcm1z
+dGFkdC5nbWQuZGUvaWNlLXRlbC9ldXJvY2GBG2ljZS10ZWwtY2FAZGFybXN0YWR0
+LmdtZC5kZTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBBAUAA0EAdmlh27fP
+iwae2IyWU9JNqCOmA0TojySlwISoS3fULSt9N5Fn8izOAjFMa8zO8mimERGrfYi4
+fiKfJQZgvXkwPQ==
+-----END CERTIFICATE-----
diff --git a/certs/ICE-user.pem b/certs/ICE-user.pem
new file mode 100644
index 0000000000..28065fd37d
--- /dev/null
+++ b/certs/ICE-user.pem
@@ -0,0 +1,63 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 1 (0x1)
+ Signature Algorithm: md5WithRSAEncryption
+ Issuer: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt
+ Validity
+ Not Before: Apr 2 17:35:59 1997 GMT
+ Not After : Apr 2 17:35:59 1998 GMT
+ Subject: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt, CN=USER
+ Subject Public Key Info:
+ Public Key Algorithm: rsa
+ RSA Public Key: (512 bit)
+ Modulus (512 bit):
+ 00:a8:a8:53:63:49:1b:93:c3:c3:0b:6c:88:11:55:
+ de:7e:6a:e2:f9:52:a0:dc:69:25:c4:c8:bf:55:e1:
+ 31:a8:ce:e4:a9:29:85:99:8a:15:9a:de:f6:2f:e1:
+ b4:50:5f:5e:04:75:a6:f4:76:dc:3c:0e:39:dc:3a:
+ be:3e:a4:61:8b
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Authority Key Identifier:
+ 0...~r..:..B.44fu......3
+ X509v3 Subject Key Identifier:
+ ...... .*...1.*.......
+ X509v3 Key Usage: critical
+ ....
+ X509v3 Certificate Policies: critical
+ 0.0...*...0.......
+ X509v3 Subject Alternative Name:
+ 0:..user@darmstadt.gmd.de.!http://www.darmstadt.gmd.de/~user
+ X509v3 Issuer Alternative Name:
+ 0....gmdca@gmd.de..http://www.gmd.de..saturn.darmstadt.gmd.de.\1!0...U.
+..European ICE-TEL project1#0!..U....V3-Certification Authority1.0...U....Darmstadt..141.12.62.26
+ X509v3 Basic Constraints: critical
+ 0.
+ X509v3 CRL Distribution Points:
+ 0.0.......gmdca@gmd.de
+ Signature Algorithm: md5WithRSAEncryption
+ 69:0c:e1:b7:a7:f2:d8:fb:e8:69:c0:13:cd:37:ad:21:06:22:
+ 4d:e8:c6:db:f1:04:0b:b7:e0:b3:d6:0c:81:03:ce:c3:6a:3e:
+ c7:e7:24:24:a4:92:64:c2:83:83:06:42:53:0e:6f:09:1e:84:
+ 9a:f7:6f:63:9b:94:99:83:d6:a4
+-----BEGIN CERTIFICATE-----
+MIIDTzCCAvmgAwIBAgIBATANBgkqhkiG9w0BAQQFADBcMSEwHwYDVQQKExhFdXJv
+cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
+QXV0aG9yaXR5MRIwEAYDVQQHEwlEYXJtc3RhZHQwHhcNOTcwNDAyMTczNTU5WhcN
+OTgwNDAyMTczNTU5WjBrMSEwHwYDVQQKExhFdXJvcGVhbiBJQ0UtVEVMIHByb2pl
+Y3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24gQXV0aG9yaXR5MRIwEAYDVQQH
+EwlEYXJtc3RhZHQxDTALBgNVBAMTBFVTRVIwWTAKBgRVCAEBAgICAANLADBIAkEA
+qKhTY0kbk8PDC2yIEVXefmri+VKg3GklxMi/VeExqM7kqSmFmYoVmt72L+G0UF9e
+BHWm9HbcPA453Dq+PqRhiwIDAQABo4IBmDCCAZQwHwYDVR0jBBgwFoAUfnLy+DqG
+nEKINDRmdcPU/NGiETMwHQYDVR0OBBYEFJfc4B8gjSoRmLUx4Sq/ucIYiMrPMA4G
+A1UdDwEB/wQEAwIB8DAcBgNVHSABAf8EEjAQMAYGBCoDBAUwBgYECQgHBjBDBgNV
+HREEPDA6gRV1c2VyQGRhcm1zdGFkdC5nbWQuZGWGIWh0dHA6Ly93d3cuZGFybXN0
+YWR0LmdtZC5kZS9+dXNlcjCBsQYDVR0SBIGpMIGmgQxnbWRjYUBnbWQuZGWGEWh0
+dHA6Ly93d3cuZ21kLmRlghdzYXR1cm4uZGFybXN0YWR0LmdtZC5kZaRcMSEwHwYD
+VQQKExhFdXJvcGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRp
+ZmljYXRpb24gQXV0aG9yaXR5MRIwEAYDVQQHEwlEYXJtc3RhZHSHDDE0MS4xMi42
+Mi4yNjAMBgNVHRMBAf8EAjAAMB0GA1UdHwQWMBQwEqAQoA6BDGdtZGNhQGdtZC5k
+ZTANBgkqhkiG9w0BAQQFAANBAGkM4ben8tj76GnAE803rSEGIk3oxtvxBAu34LPW
+DIEDzsNqPsfnJCSkkmTCg4MGQlMObwkehJr3b2OblJmD1qQ=
+-----END CERTIFICATE-----
diff --git a/certs/ICE.crl b/certs/ICE.crl
new file mode 100644
index 0000000000..21939e8cc4
--- /dev/null
+++ b/certs/ICE.crl
@@ -0,0 +1,9 @@
+-----BEGIN X509 CRL-----
+MIIBNDCBnjANBgkqhkiG9w0BAQIFADBFMSEwHwYDVQQKExhFdXJvcGVhbiBJQ0Ut
+VEVMIFByb2plY3QxIDAeBgNVBAsTF0NlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05
+NzA2MDkxNDQyNDNaFw05NzA3MDkxNDQyNDNaMCgwEgIBChcNOTcwMzAzMTQ0MjU0
+WjASAgEJFw05NjEwMDIxMjI5MjdaMA0GCSqGSIb3DQEBAgUAA4GBAH4vgWo2Tej/
+i7kbiw4Imd30If91iosjClNpBFwvwUDBclPEeMuYimHbLOk4H8Nofc0fw11+U/IO
+KSNouUDcqG7B64oY7c4SXKn+i1MWOb5OJiWeodX3TehHjBlyWzoNMWCnYA8XqFP1
+mOKp8Jla1BibEZf14+/HqCi2hnZUiEXh
+-----END X509 CRL-----
diff --git a/certs/RegTP-4R.pem b/certs/RegTP-4R.pem
new file mode 100644
index 0000000000..6f2c6abccd
--- /dev/null
+++ b/certs/RegTP-4R.pem
@@ -0,0 +1,19 @@
+issuer= CN=4R-CA 1:PN+0.2.262.1.10.7.20=#130131,O=Regulierungsbeh\C3\88orde f\C3\88ur Telekommunikation und Post,C=DE
+notBefore=Jan 21 16:04:53 1999 GMT
+notAfter=Jan 21 16:04:53 2004 GMT
+subject= CN=4R-CA 1:PN+0.2.262.1.10.7.20=#130131,O=Regulierungsbeh\C3\88orde f\C3\88ur Telekommunikation und Post,C=DE
+-----BEGIN CERTIFICATE-----
+MIICZzCCAdOgAwIBAgIEOwVn1DAKBgYrJAMDAQIFADBvMQswCQYDVQQGEwJERTE9
+MDsGA1UEChQ0UmVndWxpZXJ1bmdzYmVoyG9yZGUgZsh1ciBUZWxla29tbXVuaWth
+dGlvbiB1bmQgUG9zdDEhMAwGBwKCBgEKBxQTATEwEQYDVQQDFAo0Ui1DQSAxOlBO
+MCIYDzE5OTkwMTIxMTYwNDUzWhgPMjAwNDAxMjExNjA0NTNaMG8xCzAJBgNVBAYT
+AkRFMT0wOwYDVQQKFDRSZWd1bGllcnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21t
+dW5pa2F0aW9uIHVuZCBQb3N0MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjRSLUNB
+IDE6UE4wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGAjzHbq2asUlqeWbXTQHso
+aVF6YIPVH3c/B2cbuy9HJ/lnE6x0asOzM2DGDqi47xkdAxPc0LZ0fxO87rkmz7xs
+jJObnVrMXpyUSDSp5Y0wqKJdsFdr6mGFOQZteIti8AJnr8xMkwnWVyuOlEXsFe1h
+5gxwQXrOcPinE6qu1t/3PmECBMAAAAGjEjAQMA4GA1UdDwEB/wQEAwIBBjAKBgYr
+JAMDAQIFAAOBgQA+RdocBmA2VV9E5aKPBcp01tdZAvvW9Tve3docArVKR/4/yvSX
+Z+wvzzk+uu4qBp49HN3nqPYMrzbTmjBFu4ce5fkZ7dHF0W1sSBL0rox5z36Aq2re
+JjfEOEmSnNe0+opuh4FSVOssXblXTE8lEQU0FhhItgDx2ADnWZibaxLG4w==
+-----END CERTIFICATE-----
diff --git a/certs/ca-cert.pem b/certs/ca-cert.pem
new file mode 100644
index 0000000000..bcba68aefa
--- /dev/null
+++ b/certs/ca-cert.pem
@@ -0,0 +1,33 @@
+-----BEGIN CERTIFICATE-----
+MIIC5TCCAk6gAwIBAgIBATANBgkqhkiG9w0BAQQFADBcMQswCQYDVQQGEwJBVTET
+MBEGA1UECBMKUXVlZW5zbGFuZDEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQx
+HDAaBgNVBAMTE1Rlc3QgUENBICgxMDI0IGJpdCkwHhcNOTkxMjAyMjEzODUxWhcN
+MDUwNzEwMjEzODUxWjBbMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFu
+ZDEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxGzAZBgNVBAMTElRlc3QgQ0Eg
+KDEwMjQgYml0KTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAo7ujy3XXpU/p
+yDJtOxkMJmGv3mdiVm7JrdoKLUgqjO2rBaeNuYMUiuI6oYU+tlD6agwRML0Pn2JF
+b90VdK/UXrmRr9djaEuH17EIKjte5RwOzndCndsjcCYyoeODMTyg7dqPIkDMmRNM
+5R5xBTabD+Aji0wzQupYxBLuW5PLj7ECAwEAAaOBtzCBtDAdBgNVHQ4EFgQU1WWA
+U42mkhi3ecgey1dsJjU61+UwgYQGA1UdIwR9MHuAFE0RaEcrj18q1dw+G6nJbsTW
+R213oWCkXjBcMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
+A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxHDAaBgNVBAMTE1Rlc3QgUENBICgxMDI0
+IGJpdCmCAQAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQBb39BRphHL
+6aRAQyymsvBvPSCiG9+kR0R1L23aTpNbhXp2BebyFjbEQYZc2kWGiKKcHkNECA35
+3d4LoqUlVey8DFyafOIJd9hxdZfg+rxlHMxnL7uCJRmx9+xB411Jtsol9/wg1uCK
+sleGpgB4j8cG2SVCz7V2MNZNK+d5QCnR7A==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
+gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
+2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
+AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
+hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
+J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
+HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
+21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
+nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
+MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
+pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
+KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
+XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
+-----END RSA PRIVATE KEY-----
diff --git a/certs/dsa-ca.pem b/certs/dsa-ca.pem
new file mode 100644
index 0000000000..9eb08f3ddd
--- /dev/null
+++ b/certs/dsa-ca.pem
@@ -0,0 +1,43 @@
+-----BEGIN DSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,C5B6C7CC9E1FE2C0
+
+svCXBcBRhMuU22UXOfiKZA+thmz6KYXpt1Yg5Rd+TYQcQ1MdvNy0B0tkP1SxzDq0
+Xh1eMeTML9/9/0rKakgNXXXbpi5RB8t6BmwRSyej89F7nn1mtR3qzoyPRpp15SDl
+Tn67C+2v+HDF3MFk88hiNCYkNbcmi7TWvChsl8N1r7wdZwtIox56yXdgxw6ZIpa/
+par0oUCzN7fiavPgCWz1kfPNSaBQSdxwH7TZi5tMHAr0J3C7a7QRnZfE09R59Uqr
+zslrq+ndIw1BZAxoY0SlBu+iFOVaBVlwToC4AsHkv7j7l8ITtr7f42YbBa44D9TO
+uOhONmkk/v3Fso4RaOEzdKZC+hnmmzvHs6TiTWm6yzJgSFwyOUK0eGmKEeVxpcH5
+rUOlHOwzen+FFtocZDZAfdFnb7QY7L/boQvyA5A+ZbRG4DUpmBQeQsSaICHM5Rxx
+1QaLF413VNPXTLPbW0ilSc2H8x2iZTIVKfd33oSO6NhXPtSYQgfecEF4BvNHY5c4
+HovjT4mckbK95bcBzoCHu43vuSQkmZzdYo/ydSZt6zoPavbBLueTpgSbdXiDi827
+MVqOsYxGCb+kez0FoDSTgw==
+-----END DSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE REQUEST-----
+MIICUjCCAhECAQAwUjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
+ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDELMAkGA1UEAxMCQ0Ew
+ggG0MIIBKQYFKw4DAgwwggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaW
+sxXgUy6P4FmCc5A+dTGZR3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5m
+rmuINvvsKNzC16W75Sw5JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHk
+cJVbUM1JAhUA9wcx7fpsBgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVo
+bzDjaeHls12YuyiGSPzemQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqR
+CZ228U2cVA9YBu5JdAfOVX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxB
+F5WS6wG1c6Vqftgy7Q4CuAOBhAACgYAapll6iqz9XrZFlk2GCVcB+KihxWnH7IuH
+vSLw9YUrJahcBHmbpvt494lF4gC5w3WPM+vXJofbusk4GoQEEsQNMDaah4m49uUq
+AylOVFJJJXuirVJ+o+0TtOFDITEAl+YZZariXOD7tdOSOl9RLMPC6+daHKS9e68u
+3enxhqnDGaAAMAkGBSsOAwIbBQADMAAwLQIVAJGVuFsG/0DBuSZ0jF7ypdU0/G0v
+AhQfeF5BoMMDbX/kidUVpQ6gadPlZA==
+-----END CERTIFICATE REQUEST-----
+-----BEGIN CERTIFICATE-----
+MIIBrjCCAWwCAQswCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
+U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
+CgYDVQQDEwNQQ0EwHhcNOTcwNjE1MDIxNDI5WhcNOTcwNzE1MDIxNDI5WjBSMQsw
+CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
+ZXQgV2lkZ2l0cyBQdHkgTHRkMQswCQYDVQQDEwJDQTCBkjAJBgUrDgMCDAUAA4GE
+AAKBgBqmWXqKrP1etkWWTYYJVwH4qKHFacfsi4e9IvD1hSslqFwEeZum+3j3iUXi
+ALnDdY8z69cmh9u6yTgahAQSxA0wNpqHibj25SoDKU5UUkkle6KtUn6j7RO04UMh
+MQCX5hllquJc4Pu105I6X1Esw8Lr51ocpL17ry7d6fGGqcMZMAkGBSsOAwIbBQAD
+MQAwLgIVAJ4wtQsANPxHo7Q4IQZYsL12SKdbAhUAjJ9n38zxT+iai2164xS+LIfa
+C1Q=
+-----END CERTIFICATE-----
+
diff --git a/certs/dsa-pca.pem b/certs/dsa-pca.pem
new file mode 100644
index 0000000000..e3641ad47e
--- /dev/null
+++ b/certs/dsa-pca.pem
@@ -0,0 +1,49 @@
+-----BEGIN DSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,F80EEEBEEA7386C4
+
+GZ9zgFcHOlnhPoiSbVi/yXc9mGoj44A6IveD4UlpSEUt6Xbse3Fr0KHIUyQ3oGnS
+mClKoAp/eOTb5Frhto85SzdsxYtac+X1v5XwdzAMy2KowHVk1N8A5jmE2OlkNPNt
+of132MNlo2cyIRYaa35PPYBGNCmUm7YcYS8O90YtkrQZZTf4+2C4kllhMcdkQwkr
+FWSWC8YOQ7w0LHb4cX1FejHHom9Nd/0PN3vn3UyySvfOqoR7nbXkrpHXmPIr0hxX
+RcF0aXcV/CzZ1/nfXWQf4o3+oD0T22SDoVcZY60IzI0oIc3pNCbDV3uKNmgekrFd
+qOUJ+QW8oWp7oefRx62iBfIeC8DZunohMXaWAQCU0sLQOR4yEdeUCnzCSywe0bG1
+diD0KYaEe+Yub1BQH4aLsBgDjardgpJRTQLq0DUvw0/QGO1irKTJzegEDNVBKrVn
+V4AHOKT1CUKqvGNRP1UnccUDTF6miOAtaj/qpzra7sSk7dkGBvIEeFoAg84kfh9h
+hVvF1YyzC9bwZepruoqoUwke/WdNIR5ymOVZ/4Liw0JdIOcq+atbdRX08niqIRkf
+dsZrUj4leo3zdefYUQ7w4N2Ns37yDFq7
+-----END DSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE REQUEST-----
+MIICVTCCAhMCAQAwUzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
+ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UEAxMDUENB
+MIIBtTCCASkGBSsOAwIMMIIBHgKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2G
+lrMV4FMuj+BZgnOQPnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7O
+Zq5riDb77Cjcwtelu+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR
+5HCVW1DNSQIVAPcHMe36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnl
+aG8w42nh5bNdmLsohkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6
+kQmdtvFNnFQPWAbuSXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15Als
+QReVkusBtXOlan7YMu0OArgDgYUAAoGBAKbtuR5AdW+ICjCFe2ixjUiJJzM2IKwe
+6NZEMXg39+HQ1UTPTmfLZLps+rZfolHDXuRKMXbGFdSF0nXYzotPCzi7GauwEJTZ
+yr27ZZjA1C6apGSQ9GzuwNvZ4rCXystVEagAS8OQ4H3D4dWS17Zg31ICb5o4E5r0
+z09o/Uz46u0VoAAwCQYFKw4DAhsFAAMxADAuAhUArRubTxsbIXy3AhtjQ943AbNB
+nSICFQCu+g1iW3jwF+gOcbroD4S/ZcvB3w==
+-----END CERTIFICATE REQUEST-----
+-----BEGIN CERTIFICATE-----
+MIIC0zCCApECAQAwCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
+U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
+CgYDVQQDEwNQQ0EwHhcNOTcwNjE0MjI1NDQ1WhcNOTcwNzE0MjI1NDQ1WjBTMQsw
+CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
+ZXQgV2lkZ2l0cyBQdHkgTHRkMQwwCgYDVQQDEwNQQ0EwggG1MIIBKQYFKw4DAgww
+ggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaWsxXgUy6P4FmCc5A+dTGZ
+R3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5mrmuINvvsKNzC16W75Sw5
+JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHkcJVbUM1JAhUA9wcx7fps
+BgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVobzDjaeHls12YuyiGSPze
+mQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqRCZ228U2cVA9YBu5JdAfO
+VX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxBF5WS6wG1c6Vqftgy7Q4C
+uAOBhQACgYEApu25HkB1b4gKMIV7aLGNSIknMzYgrB7o1kQxeDf34dDVRM9OZ8tk
+umz6tl+iUcNe5EoxdsYV1IXSddjOi08LOLsZq7AQlNnKvbtlmMDULpqkZJD0bO7A
+29nisJfKy1URqABLw5DgfcPh1ZLXtmDfUgJvmjgTmvTPT2j9TPjq7RUwCQYFKw4D
+AhsFAAMxADAuAhUAvtv6AkMolix1Jvy3UnVEIUqdCUICFQC+jq8P49mwrY9oJ24n
+5rKUjNBhSg==
+-----END CERTIFICATE-----
+
diff --git a/certs/factory.pem b/certs/factory.pem
new file mode 100644
index 0000000000..8e28b391b2
--- /dev/null
+++ b/certs/factory.pem
@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICTTCCAbagAwIBAgIBADANBgkqhkiG9w0BAQQFADBMMQswCQYDVQQGEwJHQjEM
+MAoGA1UEChMDVUNMMRgwFgYDVQQLEw9JQ0UtVEVMIFByb2plY3QxFTATBgNVBAMT
+DFRydXN0RmFjdG9yeTAeFw05NzA0MjIxNDM5MTRaFw05ODA0MjIxNDM5MTRaMEwx
+CzAJBgNVBAYTAkdCMQwwCgYDVQQKEwNVQ0wxGDAWBgNVBAsTD0lDRS1URUwgUHJv
+amVjdDEVMBMGA1UEAxMMVHJ1c3RGYWN0b3J5MIGcMAoGBFUIAQECAgQAA4GNADCB
+iQKBgQCEieR8NcXkUW1f0G6aC6u0i8q/98JqS6RxK5YmHIGKCkuTWAUjzLfUa4dt
+U9igGCjTuxaDqlzEim+t/02pmiBZT9HaX++35MjQPUWmsChcYU5WyzGErXi+rQaw
+zlwS73zM8qiPj/97lXYycWhgL0VaiDSPxRXEUdWoaGruom4mNQIDAQABo0IwQDAd
+BgNVHQ4EFgQUHal1LZr7oVg5z6lYzrhTgZRCmcUwDgYDVR0PAQH/BAQDAgH2MA8G
+A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAfaggfl6FZoioecjv0dq8
+/DXo/u11iMZvXn08gjX/zl2b4wtPbShOSY5FhkSm8GeySasz+/Nwb/uzfnIhokWi
+lfPZHtlCWtXbIy/TN51eJyq04ceDCQDWvLC2enVg9KB+GJ34b5c5VaPRzq8MBxsA
+S7ELuYGtmYgYm9NZOIr7yU0=
+-----END CERTIFICATE-----
diff --git a/certs/nortelCA.pem b/certs/nortelCA.pem
new file mode 100644
index 0000000000..207f34ab3a
--- /dev/null
+++ b/certs/nortelCA.pem
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICajCCAdMCBDGA0QUwDQYJKoZIhvcNAQEEBQAwfTELMAkGA1UEBhMCQ2ExDzAN
+BgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmlsaXR5IEFjY2VwdGVkMR8w
+HQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRwwGgYDVQQDExNFbnRydXN0
+IERlbW8gV2ViIENBMB4XDTk2MDQyNjEzMzUwMVoXDTA2MDQyNjEzMzUwMVowfTEL
+MAkGA1UEBhMCQ2ExDzANBgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmls
+aXR5IEFjY2VwdGVkMR8wHQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRww
+GgYDVQQDExNFbnRydXN0IERlbW8gV2ViIENBMIGdMA0GCSqGSIb3DQEBAQUAA4GL
+ADCBhwKBgQCaroS7O1DA0hm4IefNYU1cx/nqOmzEnk291d1XqznDeF4wEgakbkCc
+zTKxK791yNpXG5RmngqH7cygDRTHZJ6mfCRn0wGC+AI00F2vYTGqPGRQL1N3lZT0
+YDKFC0SQeMMjFIZ1aeQigroFQnHo0VB3zWIMpNkka8PY9lxHZAmWwQIBAzANBgkq
+hkiG9w0BAQQFAAOBgQBAx0UMVA1s54lMQyXjMX5kj99FJN5itb8bK1Rk+cegPQPF
+cWO9SEWyEjjBjIkjjzAwBkaEszFsNGxemxtXvwjIm1xEUMTVlPEWTs2qnDvAUA9W
+YqhWbhH0toGT36236QAsqCZ76rbTRVSSX2BHyJwJMG2tCRv7kRJ//NIgxj3H4w==
+-----END CERTIFICATE-----
+
diff --git a/certs/pca-cert.pem b/certs/pca-cert.pem
new file mode 100644
index 0000000000..9d754d460d
--- /dev/null
+++ b/certs/pca-cert.pem
@@ -0,0 +1,33 @@
+-----BEGIN CERTIFICATE-----
+MIIC5jCCAk+gAwIBAgIBADANBgkqhkiG9w0BAQQFADBcMQswCQYDVQQGEwJBVTET
+MBEGA1UECBMKUXVlZW5zbGFuZDEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQx
+HDAaBgNVBAMTE1Rlc3QgUENBICgxMDI0IGJpdCkwHhcNOTkxMjAyMjEzNTQ4WhcN
+MDUwNzExMjEzNTQ4WjBcMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFu
+ZDEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxHDAaBgNVBAMTE1Rlc3QgUENB
+ICgxMDI0IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJ2haT/f5Zwy
+V+MiuSDjSR62adBoSiBB7Usty44lXqsp9RICw+DCCxpsn/CfxPEDXLLd4olsWXc6
+JRcxGynbYmnzk+Z6aIPPJQhK3CTvaqGnWKZsA1m+WaUIUqJCuNTK4N+7hMAGaf6S
+S3e9HVgEQ4a34gXJ7VQFVIBNV1EnZRWHAgMBAAGjgbcwgbQwHQYDVR0OBBYEFE0R
+aEcrj18q1dw+G6nJbsTWR213MIGEBgNVHSMEfTB7gBRNEWhHK49fKtXcPhupyW7E
+1kdtd6FgpF4wXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
+BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAoMTAy
+NCBiaXQpggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAUa8B3pho
++Mvxeq9HsEzJxHIFQla05S5J/e/V+DQTYoKiRFchKPrDAdrzYSEvP3h4QJEtsNqQ
+JfOxg5M42uLFq7aPGWkF6ZZqZsYS+zA9IVT14g7gNA6Ne+5QtJqQtH9HA24st0T0
+Tga/lZ9M2ovImovaxSL/kRHbpCWcqWVxpOw=
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
+wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
+vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
+AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
+z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
+xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
+HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
+yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
+xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
+7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
+h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
+QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
+hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
+-----END RSA PRIVATE KEY-----
diff --git a/certs/rsa-cca.pem b/certs/rsa-cca.pem
new file mode 100644
index 0000000000..69f5c1c84c
--- /dev/null
+++ b/certs/rsa-cca.pem
@@ -0,0 +1,19 @@
+subject=/C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
+issuer= /C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
+notBefore=941104185834Z
+notAfter =991103185834Z
+-----BEGIN X509 CERTIFICATE-----
+
+MIICIzCCAZACBQJBAAAWMA0GCSqGSIb3DQEBAgUAMFwxCzAJBgNVBAYTAlVTMSAw
+HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVy
+Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDQxODU4MzRaFw05
+OTExMDMxODU4MzRaMFwxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0YSBT
+ZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVyY2lhbCBDZXJ0aWZpY2F0aW9u
+IEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCk+4Fie84QJ93o
+975sbsZwmdu41QUDaSiCnHJ/lj+O7Kwpkj+KFPhCdr69XQO5kNTQvAayUTNfxMK/
+touPmbZiImDd298ggrTKoi8tUO2UMt7gVY3UaOLgTNLNBRYulWZcYVI4HlGogqHE
+7yXpCuaLK44xZtn42f29O2nZ6wIDAQABMA0GCSqGSIb3DQEBAgUAA34AdrW2EP4j
+9/dZYkuwX5zBaLxJu7NJbyFHXSudVMQAKD+YufKKg5tgf+tQx6sFEC097TgCwaVI
+0v5loMC86qYjFmZsGySp8+x5NRhPJsjjr1BKx6cxa9B8GJ1Qv6km+iYrRpwUqbtb
+MJhCKLVLU7tDCZJAuqiqWqTGtotXTcU=
+-----END X509 CERTIFICATE-----
diff --git a/certs/timCA.pem b/certs/timCA.pem
new file mode 100644
index 0000000000..9c8d5bf9c6
--- /dev/null
+++ b/certs/timCA.pem
@@ -0,0 +1,16 @@
+Tims test GCI CA
+
+-----BEGIN CERTIFICATE-----
+MIIB8DCCAZoCAQAwDQYJKoZIhvcNAQEEBQAwgYIxCzAJBgNVBAYTAkFVMRMwEQYD
+VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
+cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2RldmVsb3BtZW50MRkwFwYDVQQDExBD
+cnlwdFNvZnQgRGV2IENBMB4XDTk3MDMyMjEzMzQwNFoXDTk4MDMyMjEzMzQwNFow
+gYIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhC
+cmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2Rl
+dmVsb3BtZW50MRkwFwYDVQQDExBDcnlwdFNvZnQgRGV2IENBMFwwDQYJKoZIhvcN
+AQEBBQADSwAwSAJBAOAOAqogG5QwAmLhzyO4CoRnx/wVy4NZP4dxJy83O1EnL0rw
+OdsamJKvPOLHgSXo3gDu9uVyvCf/QJmZAmC5ml8CAwEAATANBgkqhkiG9w0BAQQF
+AANBADRRS/GVdd7rAqRW6SdmgLJduOU2yq3avBu99kRqbp9A/dLu6r6jU+eP4oOA
+TfdbFZtAAD2Hx9jUtY3tfdrJOb8=
+-----END CERTIFICATE-----
+
diff --git a/certs/tjhCA.pem b/certs/tjhCA.pem
new file mode 100644
index 0000000000..67bee1b200
--- /dev/null
+++ b/certs/tjhCA.pem
@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICVjCCAgACAQAwDQYJKoZIhvcNAQEEBQAwgbUxCzAJBgNVBAYTAkFVMRMwEQYD
+VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
+cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsTI1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9O
+IEFVVEhPUklUSUVTMTQwMgYDVQQDEytaRVJPIFZBTFVFIENBIC0gREVNT05TVFJB
+VElPTiBQVVJQT1NFUyBPTkxZMB4XDTk3MDQwMzEzMjI1NFoXDTk4MDQwMzEzMjI1
+NFowgbUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH
+EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsT
+I1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9OIEFVVEhPUklUSUVTMTQwMgYDVQQDEyta
+RVJPIFZBTFVFIENBIC0gREVNT05TVFJBVElPTiBQVVJQT1NFUyBPTkxZMFwwDQYJ
+KoZIhvcNAQEBBQADSwAwSAJBAOZ7T7yqP/tyspcko3yPY1y0Cm2EmwNvzW4QgVXR
+Fjs3HmJ4xtSpXdo6mwcGezL3Abt/aQXaxv9PU8xt+Jr0OFUCAwEAATANBgkqhkiG
+9w0BAQQFAANBAOQpYmGgyCqCy1OljgJhCqQOu627oVlHzK1L+t9vBaMfn40AVUR4
+WzQVWO31KTgi5vTK1U+3h46fgUWqQ0h+6rU=
+-----END CERTIFICATE-----
diff --git a/certs/vsign2.pem b/certs/vsign2.pem
new file mode 100644
index 0000000000..d8bdd8c812
--- /dev/null
+++ b/certs/vsign2.pem
@@ -0,0 +1,18 @@
+subject=/C=US/O=VeriSign, Inc./OU=Class 2 Public Primary Certification Authority
+notBefore=Jan 29 00:00:00 1996 GMT
+notAfter=Jan 7 23:59:59 2004 GMT
+-----BEGIN CERTIFICATE-----
+MIICPTCCAaYCEQC6WslMBTuS1qe2307QU5INMA0GCSqGSIb3DQEBAgUAMF8xCzAJ
+BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xh
+c3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05
+NjAxMjkwMDAwMDBaFw0wNDAxMDcyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYD
+VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMiBQdWJsaWMgUHJp
+bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOB
+jQAwgYkCgYEAtlqLow1qI4OAa885h/QhEzMGTCWi7VUSl8WngLn6g8EgoPovFQ18
+oWBrfnks+gYPOq72G2+x0v8vKFJfg31LxHq3+GYfgFT8t8KOWUoUV0bRmpO+QZED
+uxWAk1zr58wIbD8+s0r8/0tsI9VQgiZEGY4jw3HqGSRHBJ51v8imAB8CAwEAATAN
+BgkqhkiG9w0BAQIFAAOBgQC2AB+TV6QHp0DOZUA/VV7t7/pUSaUw1iF8YYfug5ML
+v7Qz8pisnwa/TqjOFIFMywROWMPPX+5815pvy0GKt3+BuP+EYcYnQ2UdDOyxAArd
+G6S7x3ggKLKi3TaVLuFUT79guXdoEZkj6OpS6KoATmdOu5C1RZtG644W78QzWzM9
+1Q==
+-----END CERTIFICATE-----
diff --git a/certs/vsigntca.pem b/certs/vsigntca.pem
new file mode 100644
index 0000000000..05acf76e66
--- /dev/null
+++ b/certs/vsigntca.pem
@@ -0,0 +1,18 @@
+subject=/O=VeriSign, Inc/OU=www.verisign.com/repository/TestCPS Incorp. By Ref. Liab. LTD./OU=For VeriSign authorized testing only. No assurances (C)VS1997
+notBefore=Mar 4 00:00:00 1997 GMT
+notAfter=Mar 4 23:59:59 2025 GMT
+-----BEGIN CERTIFICATE-----
+MIICTTCCAfcCEEdoCqpuXxnoK27q7d58Qc4wDQYJKoZIhvcNAQEEBQAwgakxFjAU
+BgNVBAoTDVZlcmlTaWduLCBJbmMxRzBFBgNVBAsTPnd3dy52ZXJpc2lnbi5jb20v
+cmVwb3NpdG9yeS9UZXN0Q1BTIEluY29ycC4gQnkgUmVmLiBMaWFiLiBMVEQuMUYw
+RAYDVQQLEz1Gb3IgVmVyaVNpZ24gYXV0aG9yaXplZCB0ZXN0aW5nIG9ubHkuIE5v
+IGFzc3VyYW5jZXMgKEMpVlMxOTk3MB4XDTk3MDMwNDAwMDAwMFoXDTI1MDMwNDIz
+NTk1OVowgakxFjAUBgNVBAoTDVZlcmlTaWduLCBJbmMxRzBFBgNVBAsTPnd3dy52
+ZXJpc2lnbi5jb20vcmVwb3NpdG9yeS9UZXN0Q1BTIEluY29ycC4gQnkgUmVmLiBM
+aWFiLiBMVEQuMUYwRAYDVQQLEz1Gb3IgVmVyaVNpZ24gYXV0aG9yaXplZCB0ZXN0
+aW5nIG9ubHkuIE5vIGFzc3VyYW5jZXMgKEMpVlMxOTk3MFwwDQYJKoZIhvcNAQEB
+BQADSwAwSAJBAMak6xImJx44jMKcbkACy5/CyMA2fqXK4PlzTtCxRq5tFkDzne7s
+cI8oFK/J+gFZNE3bjidDxf07O3JOYG9RGx8CAwEAATANBgkqhkiG9w0BAQQFAANB
+ADT523tENOKrEheZFpsJx1UUjPrG7TwYc/C4NBHrZI4gZJcKVFIfNulftVS6UMYW
+ToLEMaUojc3DuNXHG21PDG8=
+-----END CERTIFICATE-----
diff --git a/config b/config
index a4a5bd0fbf..d69ffaf355 100755
--- a/config
+++ b/config
@@ -111,16 +111,12 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
echo "m68k-apple-aux3"; exit 0
;;
- AIX:[3-9]:4:*)
- echo "${MACHINE}-ibm-aix"; exit 0
- ;;
-
AIX:*:[5-9]:*)
- echo "${MACHINE}-ibm-aix"; exit 0
+ echo "${MACHINE}-ibm-aix5"; exit 0
;;
AIX:*)
- echo "${MACHINE}-ibm-aix3"; exit 0
+ echo "${MACHINE}-ibm-aix"; exit 0
;;
dgux:*)
@@ -491,81 +487,88 @@ case "$GUESSOS" in
OUT="irix-$CC"
;;
mips3-sgi-irix)
- #CPU=`(hinv -t cpu) 2>/dev/null | head -1 | sed 's/^CPU:[^R]*R\([0-9]*\).*/\1/'`
- #CPU=${CPU:-0}
- #if [ $CPU -ge 5000 ]; then
- # options="$options -mips4"
- #else
- # options="$options -mips3"
- #fi
+ CPU=`(hinv -t cpu) 2>/dev/null | head -1 | sed 's/^CPU:[^R]*R\([0-9]*\).*/\1/'`
+ CPU=${CPU:-0}
+ if [ $CPU -ge 5000 ]; then
+ options="$options -mips4"
+ else
+ options="$options -mips3"
+ fi
OUT="irix-mips3-$CC"
;;
mips4-sgi-irix64)
echo "WARNING! If you wish to build 64-bit library, then you have to"
echo " invoke './Configure irix64-mips4-$CC' *manually*."
- if [ "$TEST" = "false" -a -t 1 ]; then
+ if [ "$TEST" = "false" ]; then
echo " You have about 5 seconds to press Ctrl-C to abort."
- (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
+ (stty -icanon min 0 time 50; read waste) < /dev/tty
fi
- #CPU=`(hinv -t cpu) 2>/dev/null | head -1 | sed 's/^CPU:[^R]*R\([0-9]*\).*/\1/'`
- #CPU=${CPU:-0}
- #if [ $CPU -ge 5000 ]; then
- # options="$options -mips4"
- #else
- # options="$options -mips3"
- #fi
+ CPU=`(hinv -t cpu) 2>/dev/null | head -1 | sed 's/^CPU:[^R]*R\([0-9]*\).*/\1/'`
+ CPU=${CPU:-0}
+ if [ $CPU -ge 5000 ]; then
+ options="$options -mips4"
+ else
+ options="$options -mips3"
+ fi
OUT="irix-mips3-$CC"
;;
- ppc-apple-rhapsody) OUT="rhapsody-ppc-cc" ;;
- ppc-apple-darwin*) OUT="darwin-ppc-cc" ;;
- i386-apple-darwin*) OUT="darwin-i386-cc" ;;
alpha-*-linux2)
- ISA=`awk '/cpu model/{print$4;exit(0);}' /proc/cpuinfo`
+ ISA=`awk '/cpu model/{print$4}' /proc/cpuinfo`
case ${ISA:-generic} in
- *[678]) OUT="linux-alpha+bwx-$CC" ;;
+ *[67]) OUT="linux-alpha+bwx-$CC" ;;
*) OUT="linux-alpha-$CC" ;;
esac
if [ "$CC" = "gcc" ]; then
case ${ISA:-generic} in
EV5|EV45) options="$options -mcpu=ev5";;
EV56|PCA56) options="$options -mcpu=ev56";;
- *) options="$options -mcpu=ev6";;
+ EV6|EV67|PCA57) options="$options -mcpu=ev6";;
esac
fi
;;
- ppc64-*-linux2)
- echo "WARNING! If you wish to build 64-bit library, then you have to"
- echo " invoke './Configure linux-ppc64' *manually*."
- if [ "$TEST" = "false" -a -t 1 ]; then
- echo " You have about 5 seconds to press Ctrl-C to abort."
- (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
- fi
- OUT="linux-ppc"
+ mips-*-linux?)
+ cat >dummy.c <<EOF
+#include <stdio.h> /* for printf() prototype */
+ int main (argc, argv) int argc; char *argv[]; {
+#ifdef __MIPSEB__
+ printf ("linux-%s\n", argv[1]);
+#endif
+#ifdef __MIPSEL__
+ printf ("linux-%sel\n", argv[1]);
+#endif
+ return 0;
+}
+EOF
+ ${CC} -o dummy dummy.c && OUT=`./dummy ${MACHINE}`
+ rm dummy dummy.c
;;
+ ppc64-*-linux2) OUT="linux-ppc64" ;;
ppc-*-linux2) OUT="linux-ppc" ;;
+ m68k-*-linux*) OUT="linux-m68k" ;;
ia64-*-linux?) OUT="linux-ia64" ;;
+ ppc-apple-rhapsody) OUT="rhapsody-ppc-cc" ;;
+ ppc-apple-darwin*) OUT="darwin-ppc-cc" ;;
+ i386-apple-darwin*) OUT="darwin-i386-cc" ;;
sparc64-*-linux2)
echo "WARNING! If you *know* that your GNU C supports 64-bit/V9 ABI"
echo " and wish to build 64-bit library, then you have to"
echo " invoke './Configure linux64-sparcv9' *manually*."
- if [ "$TEST" = "false" -a -t 1 ]; then
+ if [ "$TEST" = "false" ]; then
echo " You have about 5 seconds to press Ctrl-C to abort."
- (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
+ (stty -icanon min 0 time 50; read waste) < /dev/tty
fi
OUT="linux-sparcv9" ;;
sparc-*-linux2)
- KARCH=`awk '/^type/{print$3;exit(0);}' /proc/cpuinfo`
+ KARCH=`awk '/^type/{print$3}' /proc/cpuinfo`
case ${KARCH:-sun4} in
sun4u*) OUT="linux-sparcv9" ;;
sun4m) OUT="linux-sparcv8" ;;
sun4d) OUT="linux-sparcv8" ;;
- *) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;;
+ *) OUT="linux-sparcv7" ;;
esac ;;
- parisc*-*-linux2)
- # 64-bit builds under parisc64 linux are not supported and
- # compiler is expected to generate 32-bit objects...
- CPUARCH=`awk '/cpu family/{print substr($5,1,3); exit(0);}' /proc/cpuinfo`
- CPUSCHEDULE=`awk '/^cpu.[ ]*: PA/{print substr($3,3); exit(0);}' /proc/cpuinfo`
+ parisc-*-linux2)
+ CPUARCH=`awk '/cpu family/{print substr($5,1,3)}' /proc/cpuinfo`
+ CPUSCHEDULE=`awk '/^cpu.[ ]: PA/{print substr($3,3)}' /proc/cpuinfo`
# ??TODO ?? Model transformations
# 0. CPU Architecture for the 1.1 processor has letter suffixes. We strip that off
@@ -578,29 +581,28 @@ case "$GUESSOS" in
# PA8500 -> 8000 (2.0)
# PA8600 -> 8000 (2.0)
- CPUSCHEDULE=`echo $CPUSCHEDULE|sed -e 's/7300LC/7100LC/' -e 's/8.00/8000/'`
+ CPUSCHEDULE=`echo $CPUSCHEDULE|sed -e 's/7300LC/7100LC/' -e 's/8?00/8000/'`
# Finish Model transformations
- options="$options -DB_ENDIAN -mschedule=$CPUSCHEDULE -march=$CPUARCH"
- OUT="linux-generic32" ;;
- arm*b-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;;
- arm*l-*-linux2) OUT="linux-generic32"; options="$options -DL_ENDIAN" ;;
- s390*-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN -DNO_ASM" ;;
+ options="$options -mschedule=$CPUSCHEDULE -march=$CPUARCH"
+ OUT="linux-parisc" ;;
+ arm*-*-linux2) OUT="linux-elf-arm" ;;
+ s390-*-linux2) OUT="linux-s390" ;;
+ s390x-*-linux?) OUT="linux-s390x" ;;
x86_64-*-linux?) OUT="linux-x86_64" ;;
- *86-*-linux2) OUT="linux-elf"
+ *-*-linux2) OUT="linux-elf"
if [ "$GCCVER" -gt 28 ]; then
if grep '^model.*Pentium' /proc/cpuinfo >/dev/null ; then
- options="$options -mcpu=pentium"
+ OUT="linux-pentium"
fi
if grep '^model.*Pentium Pro' /proc/cpuinfo >/dev/null ; then
- options="$options -mcpu=pentiumpro"
+ OUT="linux-ppro"
fi
if grep '^model.*K6' /proc/cpuinfo >/dev/null ; then
- options="$options -mcpu=k6"
+ OUT="linux-k6"
fi
fi ;;
*-*-linux1) OUT="linux-aout" ;;
- *-*-linux2) OUT="linux-generic32" ;;
sun4u*-*-solaris2)
OUT="solaris-sparcv9-$CC"
ISA64=`(isalist) 2>/dev/null | grep sparcv9`
@@ -608,9 +610,9 @@ case "$GUESSOS" in
if [ "$CC" = "cc" -a $CCVER -ge 50 ]; then
echo "WARNING! If you wish to build 64-bit library, then you have to"
echo " invoke './Configure solaris64-sparcv9-cc' *manually*."
- if [ "$TEST" = "false" -a -t 1 ]; then
+ if [ "$TEST" = "false" ]; then
echo " You have about 5 seconds to press Ctrl-C to abort."
- (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
+ (stty -icanon min 0 time 50; read waste) < /dev/tty
fi
elif [ "$CC" = "gcc" -a "$GCC_ARCH" = "-m64" ]; then
# $GCC_ARCH denotes default ABI chosen by compiler driver
@@ -620,17 +622,17 @@ case "$GUESSOS" in
OUT="solaris64-sparcv9-gcc"
echo "WARNING! If you wish to build 32-bit library, then you have to"
echo " invoke './Configure solaris-sparcv9-gcc' *manually*."
- if [ "$TEST" = "false" -a -t 1 ]; then
+ if [ "$TEST" = "false" ]; then
echo " You have about 5 seconds to press Ctrl-C to abort."
- (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
+ (stty -icanon min 0 time 50; read waste) < /dev/tty
fi
elif [ "$GCC_ARCH" = "-m32" ]; then
echo "NOTICE! If you *know* that your GNU C supports 64-bit/V9 ABI"
echo " and wish to build 64-bit library, then you have to"
echo " invoke './Configure solaris64-sparcv9-gcc' *manually*."
- if [ "$TEST" = "false" -a -t 1 ]; then
+ if [ "$TEST" = "false" ]; then
echo " You have about 5 seconds to press Ctrl-C to abort."
- (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
+ (stty -icanon min 0 time 50; read waste) < /dev/tty
fi
fi
fi
@@ -638,21 +640,31 @@ case "$GUESSOS" in
sun4m-*-solaris2) OUT="solaris-sparcv8-$CC" ;;
sun4d-*-solaris2) OUT="solaris-sparcv8-$CC" ;;
sun4*-*-solaris2) OUT="solaris-sparcv7-$CC" ;;
- *86*-*-solaris2) OUT="solaris-x86-$CC" ;;
- *-*-sunos4) OUT="sunos-$CC" ;;
-
- *86*-*-bsdi4) OUT="bsdi-elf-gcc" ;;
- alpha*-*-*bsd*) OUT="BSD-generic64; options="$options -DL_ENDIAN" ;;
- powerpc64-*-*bsd*) OUT="BSD-generic64; options="$options -DB_ENDIAN" ;;
- sparc64-*-*bsd*) OUT="BSD-sparc64" ;;
- ia64-*-*bsd*) OUT="BSD-ia64" ;;
- amd64-*-*bsd*) OUT="BSD-x86_64" ;;
- *86*-*-freebsd[3-9]*) OUT="BSD-x86-elf" ;;
- *86*-*-*bsd*) OUT="BSD-x86" ;;
- *-*-*bsd*) OUT="BSD-generic32" ;;
-
- *-*-osf) OUT="osf1-alpha-cc" ;;
- *-*-tru64) OUT="tru64-alpha-cc" ;;
+ *86*-*-solaris2) OUT="solaris-x86-$CC" ;;
+ *-*-sunos4) OUT="sunos-$CC" ;;
+ alpha*-*-freebsd*) OUT="FreeBSD-alpha" ;;
+ sparc64-*-freebsd*) OUT="FreeBSD-sparc64" ;;
+ ia64-*-freebsd*) OUT="FreeBSD-ia64" ;;
+ *-freebsd[3-9]*) OUT="FreeBSD-elf" ;;
+ *-freebsd[1-2]*) OUT="FreeBSD" ;;
+ *86*-*-netbsd) OUT="NetBSD-x86" ;;
+ sun3*-*-netbsd) OUT="NetBSD-m68" ;;
+ *-*-netbsd) OUT="NetBSD-sparc" ;;
+ alpha*-*-openbsd) OUT="OpenBSD-alpha" ;;
+ *86*-*-openbsd) OUT="OpenBSD-i386" ;;
+ m68k*-*-openbsd) OUT="OpenBSD-m68k" ;;
+ m88k*-*-openbsd) OUT="OpenBSD-m88k" ;;
+ mips*-*-openbsd) OUT="OpenBSD-mips" ;;
+ pmax*-*-openbsd) OUT="OpenBSD-mips" ;;
+ powerpc*-*-openbsd) OUT="OpenBSD-powerpc" ;;
+ sparc64*-*-openbsd) OUT="OpenBSD-sparc64" ;;
+ sparc*-*-openbsd) OUT="OpenBSD-sparc" ;;
+ vax*-*-openbsd) OUT="OpenBSD-vax" ;;
+ hppa*-*-openbsd) OUT="OpenBSD-hppa" ;;
+ *-*-openbsd) OUT="OpenBSD" ;;
+ *86*-*-bsdi4) OUT="bsdi-elf-gcc" ;;
+ *-*-osf) OUT="alphaold-cc" ;;
+ *-*-tru64) OUT="alpha-cc" ;;
*-*-OpenUNIX*)
if [ "$CC" = "gcc" ]; then
OUT="OpenUNIX-8-gcc"
@@ -689,9 +701,9 @@ case "$GUESSOS" in
echo "WARNING! 64-bit ABI is the default configured ABI on HP-UXi."
echo " If you wish to build 32-bit library, the you have to"
echo " invoke './Configure hpux-ia64-cc' *manually*."
- if [ "$TEST" = "false" -a -t 1 ]; then
+ if [ "$TEST" = "false" ]; then
echo " You have about 5 seconds to press Ctrl-C to abort."
- (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
+ (stty -icanon min 0 time 50; read waste) < /dev/tty
fi
OUT="hpux64-ia64-cc"
elif [ $CPU_VERSION -ge 532 ]; then # PA-RISC 2.x CPU
@@ -699,9 +711,9 @@ case "$GUESSOS" in
if [ $KERNEL_BITS -eq 64 -a "$CC" = "cc" ]; then
echo "WARNING! If you wish to build 64-bit library then you have to"
echo " invoke './Configure hpux64-parisc2-cc' *manually*."
- if [ "$TEST" = "false" -a -t 1 ]; then
+ if [ "$TEST" = "false" ]; then
echo " You have about 5 seconds to press Ctrl-C to abort."
- (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
+ (stty -icanon min 0 time 50; read waste) < /dev/tty
fi
fi
elif [ $CPU_VERSION -ge 528 ]; then # PA-RISC 1.1+ CPU
@@ -713,28 +725,37 @@ case "$GUESSOS" in
fi
options="$options -D_REENTRANT" ;;
*-hpux) OUT="hpux-parisc-$CC" ;;
- *-aix)
+ *-aix5)
KERNEL_BITS=`(getconf KERNEL_BITMODE) 2>/dev/null`
KERNEL_BITS=${KERNEL_BITS:-32}
- OBJECT_MODE=${OBJECT_MODE:-32}
+ if [ $KERNEL_BITS -eq 64 ]; then
+ # we default to 64-bit because PKI performance is >3x better...
+ OBJECT_MODE=${OBJECT_MODE:-$KERNEL_BITS}
+ else
+ OBJECT_MODE=32
+ fi
+ OUT="aix-cc"
+ if [ "$CC" = "cc" -a $OBJECT_MODE -eq 64 ]; then
+ OUT="aix64-cc"
+ echo "WARNING! If you wish to build 32-bit kit, then you have to"
+ echo " invoke './Configure aix-cc' *manually*."
+ if [ "$TEST" = "false" ]; then
+ echo " You have ~5 seconds to press Ctrl-C to abort."
+ (stty -icanon min 0 time 50; read waste) < /dev/tty
+ fi
+ elif [ "$CC" = "gcc" ]; then
+ OUT="aix-gcc"
+ fi
+ ;;
+ *-aix)
if [ "$CC" = "gcc" ]; then
OUT="aix-gcc"
- elif [ $OBJECT_MODE -eq 64 ]; then
- echo 'Your $OBJECT_MODE was found to be set to 64'
- OUT="aix64-cc"
else
- OUT="aix-cc"
- if [ $KERNEL_BITS -eq 64 ]; then
- echo "WARNING! If you wish to build 64-bit kit, then you have to"
- echo " invoke './Configure aix64-cc' *manually*."
- if [ "$TEST" = "false" -a -t 1 ]; then
- echo " You have ~5 seconds to press Ctrl-C to abort."
- (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
- fi
- fi
+ OUT="aix43-cc"
fi
;;
# these are all covered by the catchall below
+ # *-aix) OUT="aix-$CC" ;;
# *-dgux) OUT="dgux" ;;
mips-sony-newsos4) OUT="newsos4-gcc" ;;
*-*-cygwin_pre1.3) OUT="Cygwin-pre1.3" ;;
@@ -760,10 +781,9 @@ esac
# gcc < 2.8 does not support -mcpu=ultrasparc
if [ "$OUT" = solaris-sparcv9-gcc -a $GCCVER -lt 28 ]
then
- echo "WARNING! Falling down to 'solaris-sparcv8-gcc'."
- echo " Upgrade to gcc-2.8 or later."
+ echo "WARNING! Do consider upgrading to gcc-2.8 or later."
sleep 5
- OUT=solaris-sparcv8-gcc
+ OUT=solaris-sparcv9-gcc27
fi
if [ "$OUT" = "linux-sparcv9" -a $GCCVER -lt 28 ]
then
diff --git a/crypto/LPdir_unix.c b/crypto/LPdir_unix.c
index b004cd99e8..83686e8e78 100644
--- a/crypto/LPdir_unix.c
+++ b/crypto/LPdir_unix.c
@@ -1,4 +1,4 @@
-/* $LP: LPlib/source/LPdir_unix.c,v 1.11 2004/09/23 22:07:22 _cvs_levitte Exp $ */
+/* $LP: LPlib/source/LPdir_unix.c,v 1.6 2004/06/14 10:08:43 _cvs_levitte Exp $ */
/*
* Copyright (c) 2004, Richard Levitte <richard@levitte.org>
* All rights reserved.
@@ -11,23 +11,22 @@
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
*/
#include <stddef.h>
#include <stdlib.h>
-#include <limits.h>
#include <string.h>
#include <sys/types.h>
#include <dirent.h>
@@ -36,30 +35,10 @@
#include "LPdir.h"
#endif
-/* The POSIXly macro for the maximum number of characters in a file path
- is NAME_MAX. However, some operating systems use PATH_MAX instead.
- Therefore, it seems natural to first check for PATH_MAX and use that,
- and if it doesn't exist, use NAME_MAX. */
-#if defined(PATH_MAX)
-# define LP_ENTRY_SIZE PATH_MAX
-#elif defined(NAME_MAX)
-# define LP_ENTRY_SIZE NAME_MAX
-#endif
-
-/* Of course, there's the possibility that neither PATH_MAX nor NAME_MAX
- exist. It's also possible that NAME_MAX exists but is define to a
- very small value (HP-UX offers 14), so we need to check if we got a
- result, and if it meets a minimum standard, and create or change it
- if not. */
-#if !defined(LP_ENTRY_SIZE) || LP_ENTRY_SIZE<255
-# undef LP_ENTRY_SIZE
-# define LP_ENTRY_SIZE 255
-#endif
-
struct LP_dir_context_st
{
DIR *dir;
- char entry_name[LP_ENTRY_SIZE+1];
+ char entry_name[NAME_MAX+1];
};
const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
@@ -100,8 +79,7 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
return 0;
}
- strncpy((*ctx)->entry_name, direntry->d_name, sizeof((*ctx)->entry_name) - 1);
- (*ctx)->entry_name[sizeof((*ctx)->entry_name) - 1] = '\0';
+ strncpy((*ctx)->entry_name, direntry->d_name, sizeof((*ctx)->entry_name));
return (*ctx)->entry_name;
}
diff --git a/crypto/LPdir_vms.c b/crypto/LPdir_vms.c
index 85b427a623..3f883f90f3 100644
--- a/crypto/LPdir_vms.c
+++ b/crypto/LPdir_vms.c
@@ -1,4 +1,4 @@
-/* $LP: LPlib/source/LPdir_vms.c,v 1.20 2004/08/26 13:36:05 _cvs_levitte Exp $ */
+/* $LP: LPlib/source/LPdir_vms.c,v 1.19 2004/07/11 20:17:45 _cvs_levitte Exp $ */
/*
* Copyright (c) 2004, Richard Levitte <richard@levitte.org>
* All rights reserved.
@@ -11,18 +11,18 @@
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
*/
#include <stddef.h>
diff --git a/crypto/LPdir_win.c b/crypto/LPdir_win.c
index 09b475beed..fdd955fe38 100644
--- a/crypto/LPdir_win.c
+++ b/crypto/LPdir_win.c
@@ -1,4 +1,4 @@
-/* $LP: LPlib/source/LPdir_win.c,v 1.10 2004/08/26 13:36:05 _cvs_levitte Exp $ */
+/* $LP: LPlib/source/LPdir_win.c,v 1.1 2004/06/14 10:07:56 _cvs_levitte Exp $ */
/*
* Copyright (c) 2004, Richard Levitte <richard@levitte.org>
* All rights reserved.
@@ -11,40 +11,24 @@
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
*/
#include <windows.h>
-#include <tchar.h>
#ifndef LPDIR_H
#include "LPdir.h"
#endif
-/* We're most likely overcautious here, but let's reserve for
- broken WinCE headers and explicitly opt for UNICODE call.
- Keep in mind that our WinCE builds are compiled with -DUNICODE
- [as well as -D_UNICODE]. */
-#if defined(LP_SYS_WINCE) && !defined(FindFirstFile)
-# define FindFirstFile FindFirstFileW
-#endif
-#if defined(LP_SYS_WINCE) && !defined(FindFirstFile)
-# define FindNextFile FindNextFileW
-#endif
-
-#ifndef NAME_MAX
-#define NAME_MAX 255
-#endif
-
struct LP_dir_context_st
{
WIN32_FIND_DATA ctx;
@@ -69,37 +53,35 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
if (*ctx == NULL)
{
errno = ENOMEM;
+ free(*ctx);
return 0;
}
memset(*ctx, '\0', sizeof(LP_DIR_CTX));
- if (sizeof(TCHAR) != sizeof(char))
- {
- TCHAR *wdir = NULL;
- /* len_0 denotes string length *with* trailing 0 */
- size_t index = 0,len_0 = strlen(directory) + 1;
-
- wdir = (TCHAR *)malloc(len_0 * sizeof(TCHAR));
- if (wdir == NULL)
- {
- free(*ctx);
- *ctx = NULL;
- errno = ENOMEM;
- return 0;
- }
-
-#ifdef LP_MULTIBYTE_AVAILABLE
- if (!MultiByteToWideChar(CP_ACP, 0, directory, len_0, (WCHAR *)wdir, len_0))
+#ifdef LP_SYS_WINCE
+ {
+ WCHAR *wdir = NULL;
+ size_t index = 0;
+
+ wdir = (WCHAR *)malloc((strlen(directory) + 1) * 2);
+ if (wdir == NULL)
+ {
+ errno = ENOMEM;
+ free(*ctx);
+ free(wdir);
+ return 0;
+ }
+
+ for (index = 0; index < strlen(directory) + 1; index++)
+ wdir[index] = (short)directory[index];
+
+ (*ctx)->handle = FindFirstFile(wdir, &(*ctx)->ctx);
+
+ free(wdir);
+ }
+#else
+ (*ctx)->handle = FindFirstFile(directory, &(*ctx)->ctx);
#endif
- for (index = 0; index < len_0; index++)
- wdir[index] = (TCHAR)directory[index];
-
- (*ctx)->handle = FindFirstFile(wdir, &(*ctx)->ctx);
-
- free(wdir);
- }
- else
- (*ctx)->handle = FindFirstFile((TCHAR *)directory, &(*ctx)->ctx);
if ((*ctx)->handle == INVALID_HANDLE_VALUE)
{
@@ -111,33 +93,14 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
}
else
{
- if (FindNextFile((*ctx)->handle, &(*ctx)->ctx) == FALSE)
+ if (FindNextFile((*ctx)->handle, (*ctx)->ctx) == FALSE)
{
return 0;
}
}
- if (sizeof(TCHAR) != sizeof(char))
- {
- TCHAR *wdir = (*ctx)->ctx.cFileName;
- size_t index, len_0 = 0;
-
- while (wdir[len_0] && len_0 < (sizeof((*ctx)->entry_name) - 1)) len_0++;
- len_0++;
-
-#ifdef LP_MULTIBYTE_AVAILABLE
- if (!WideCharToMultiByte(CP_ACP, 0, (WCHAR *)wdir, len_0, (*ctx)->entry_name,
- sizeof((*ctx)->entry_name), NULL, 0))
-#endif
- for (index = 0; index < len_0; index++)
- (*ctx)->entry_name[index] = (char)wdir[index];
- }
- else
- strncpy((*ctx)->entry_name, (const char *)(*ctx)->ctx.cFileName,
- sizeof((*ctx)->entry_name)-1);
-
- (*ctx)->entry_name[sizeof((*ctx)->entry_name)-1] = '\0';
-
+ strncpy((*ctx)->entry_name, (*ctx)->ctx.cFileName,
+ sizeof((*ctx)->entry_name));
return (*ctx)->entry_name;
}
@@ -147,7 +110,6 @@ int LP_find_file_end(LP_DIR_CTX **ctx)
{
FindClose((*ctx)->handle);
free(*ctx);
- *ctx = NULL;
return 1;
}
errno = EINVAL;
diff --git a/crypto/LPdir_win32.c b/crypto/LPdir_win32.c
index e39872da52..59505898c1 100644
--- a/crypto/LPdir_win32.c
+++ b/crypto/LPdir_win32.c
@@ -1,4 +1,4 @@
-/* $LP: LPlib/source/LPdir_win32.c,v 1.3 2004/08/26 13:36:05 _cvs_levitte Exp $ */
+/* $LP: LPlib/source/LPdir_win32.c,v 1.1 2004/06/14 10:07:56 _cvs_levitte Exp $ */
/*
* Copyright (c) 2004, Richard Levitte <richard@levitte.org>
* All rights reserved.
@@ -11,20 +11,19 @@
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
*/
#define LP_SYS_WIN32
-#define LP_MULTIBYTE_AVAILABLE
#include "LPdir_win.c"
diff --git a/crypto/LPdir_wince.c b/crypto/LPdir_wince.c
index ab0e1e6f4f..f652178ec4 100644
--- a/crypto/LPdir_wince.c
+++ b/crypto/LPdir_wince.c
@@ -1,4 +1,4 @@
-/* $LP: LPlib/source/LPdir_wince.c,v 1.3 2004/08/26 13:36:05 _cvs_levitte Exp $ */
+/* $LP: LPlib/source/LPdir_wince.c,v 1.1 2004/06/14 10:07:56 _cvs_levitte Exp $ */
/*
* Copyright (c) 2004, Richard Levitte <richard@levitte.org>
* All rights reserved.
@@ -11,21 +11,19 @@
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
*/
#define LP_SYS_WINCE
-/* We might want to define LP_MULTIBYTE_AVAILABLE here. It's currently
- under investigation what the exact conditions would be */
#include "LPdir_win.c"
diff --git a/crypto/Makefile.ssl b/crypto/Makefile.ssl
index bb9df4a642..40b3b7c113 100644
--- a/crypto/Makefile.ssl
+++ b/crypto/Makefile.ssl
@@ -22,8 +22,7 @@ PEX_LIBS=
EX_LIBS=
CFLAGS= $(INCLUDE) $(CFLAG)
-ASFLAGS= $(INCLUDE) $(ASFLAG)
-AFLAGS=$(ASFLAGS)
+
LIBS=
@@ -40,7 +39,7 @@ GENERAL=Makefile README crypto-lib.com install.com
LIB= $(TOP)/libcrypto.a
SHARED_LIB= libcrypto$(SHLIB_EXT)
LIBSRC= cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c o_str.c o_dir.c
-LIBOBJ= cryptlib.o mem.o mem_clr.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o o_str.o o_dir.o $(CPUID_OBJ)
+LIBOBJ= cryptlib.o mem.o mem_clr.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o o_str.o o_dir.o
SRC= $(LIBSRC)
@@ -63,18 +62,6 @@ buildinf.h: ../Makefile.ssl
echo " #define DATE \"`LC_ALL=C LC_TIME=C date`\""; \
echo '#endif' ) >buildinf.h
-x86cpuid-elf.s: x86cpuid.pl perlasm/x86asm.pl
- $(PERL) x86cpuid.pl elf $(CFLAGS) $(PROCESSOR) > $@
-x86cpuid-cof.s: x86cpuid.pl perlasm/x86asm.pl
- $(PERL) x86cpuid.pl coff $(CFLAGS) $(PROCESSOR) > $@
-x86cpuid-out.s: x86cpuid.pl perlasm/x86asm.pl
- $(PERL) x86cpuid.pl a.out $(CFLAGS) $(PROCESSOR) > $@
-
-amd64cpuid.s: amd64cpuid.pl
- $(PERL) amd64cpuid.pl $@
-ia64cpuid.s: ia64cpuid.S
- $(CC) $(CFLAGS) -E ia64cpuid.S > $@
-
testapps:
if echo ${SDIRS} | fgrep ' des '; \
then cd des && $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' des; fi
@@ -85,7 +72,7 @@ subdirs:
@for i in $(SDIRS) ;\
do \
(cd $$i && echo "making all in crypto/$$i..." && \
- $(MAKE) -e INCLUDES='${INCLUDES}' all ) || exit 1; \
+ $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' all ) || exit 1; \
done;
files:
@@ -132,7 +119,7 @@ tests:
done;
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ;\
+ @for i in $(EXHEADER) ;\
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
@@ -161,7 +148,7 @@ depend:
done;
clean:
- rm -f buildinf.h *.s *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+ rm -f buildinf.h *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
@for i in $(SDIRS) ;\
do \
(cd $$i && echo "making clean in crypto/$$i..." && \
@@ -227,8 +214,8 @@ mem_dbg.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
mem_dbg.o: mem_dbg.c
o_dir.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
o_dir.o: LPdir_unix.c o_dir.c o_dir.h
-o_str.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
-o_str.o: o_str.c o_str.h
+o_str.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h o_str.c
+o_str.o: o_str.h
o_time.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h o_time.c
o_time.o: o_time.h
tmdiff.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
diff --git a/crypto/aes/Makefile.ssl b/crypto/aes/Makefile.ssl
index 10b99712d6..f353aeb697 100644
--- a/crypto/aes/Makefile.ssl
+++ b/crypto/aes/Makefile.ssl
@@ -17,11 +17,8 @@ MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
MAKEFILE= Makefile.ssl
AR= ar r
-AES_ASM_OBJ=aes_core.o aes_cbc.o
-
+# CFLAGS= -mpentiumpro $(INCLUDES) $(CFLAG) -O3 -fexpensive-optimizations -funroll-loops -fforce-addr
CFLAGS= $(INCLUDES) $(CFLAG)
-ASFLAGS= $(INCLUDES) $(ASFLAG)
-AFLAGS= $(ASFLAGS)
GENERAL=Makefile
#TEST=aestest.c
@@ -30,7 +27,7 @@ APPS=
LIB=$(TOP)/libcrypto.a
LIBSRC=aes_core.c aes_misc.c aes_ecb.c aes_cbc.c aes_cfb.c aes_ofb.c aes_ctr.c
-LIBOBJ=aes_misc.o aes_ecb.o aes_cfb.o aes_ofb.o aes_ctr.o $(AES_ASM_OBJ)
+LIBOBJ=aes_core.o aes_misc.o aes_ecb.o aes_cbc.o aes_cfb.o aes_ofb.o aes_ctr.o
SRC= $(LIBSRC)
@@ -51,16 +48,6 @@ lib: $(LIBOBJ)
$(LIBOBJ): $(LIBSRC)
-asm/aes-ia64.s: asm/aes-ia64.S
- $(CC) $(CFLAGS) -E asm/aes-ia64.S > $@
-
-asm/ax86-elf.s: asm/aes-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) aes-586.pl elf $(CFLAGS) $(PROCESSOR) > ../$@)
-asm/ax86-cof.s: asm/aes-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) aes-586.pl coff $(CFLAGS) $(PROCESSOR) > ../$@)
-ax86-out.s: asm/aes-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) aes-586.pl a.out $(CFLAGS) $(PROCESSOR) > ../$@)
-
files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
@@ -73,7 +60,7 @@ links:
install: installs
installs:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
@@ -95,15 +82,14 @@ dclean:
mv -f Makefile.new $(MAKEFILE)
clean:
- rm -f asm/*.[so] *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+ rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
# DO NOT DELETE THIS LINE -- make depend depends on it.
aes_cbc.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
aes_cbc.o: ../../include/openssl/opensslconf.h aes_cbc.c aes_locl.h
-aes_cfb.o: ../../e_os.h ../../include/openssl/aes.h
-aes_cfb.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-aes_cfb.o: aes_cfb.c aes_locl.h
+aes_cfb.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
+aes_cfb.o: ../../include/openssl/opensslconf.h aes_cfb.c aes_locl.h
aes_core.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
aes_core.o: ../../include/openssl/opensslconf.h aes_core.c aes_locl.h
aes_ctr.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
diff --git a/crypto/aes/aes.h b/crypto/aes/aes.h
index 9ffcc9ff2a..20c4dbc0f7 100644
--- a/crypto/aes/aes.h
+++ b/crypto/aes/aes.h
@@ -72,11 +72,7 @@ extern "C" {
/* This should be a hidden type, but EVP requires that the size be known */
struct aes_key_st {
-#ifdef AES_LONG
unsigned long rd_key[4 *(AES_MAXNR + 1)];
-#else
- unsigned int rd_key[4 *(AES_MAXNR + 1)];
-#endif
int rounds;
};
typedef struct aes_key_st AES_KEY;
diff --git a/crypto/aes/aes_cbc.c b/crypto/aes/aes_cbc.c
index d2ba6bcdb4..1222a21002 100644
--- a/crypto/aes/aes_cbc.c
+++ b/crypto/aes/aes_cbc.c
@@ -66,7 +66,6 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
unsigned long n;
unsigned long len = length;
unsigned char tmp[AES_BLOCK_SIZE];
- const unsigned char *iv = ivec;
assert(in && out && key && ivec);
assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc));
@@ -74,39 +73,22 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
if (AES_ENCRYPT == enc) {
while (len >= AES_BLOCK_SIZE) {
for(n=0; n < AES_BLOCK_SIZE; ++n)
- out[n] = in[n] ^ iv[n];
- AES_encrypt(out, out, key);
- iv = out;
+ tmp[n] = in[n] ^ ivec[n];
+ AES_encrypt(tmp, out, key);
+ memcpy(ivec, out, AES_BLOCK_SIZE);
len -= AES_BLOCK_SIZE;
in += AES_BLOCK_SIZE;
out += AES_BLOCK_SIZE;
}
if (len) {
for(n=0; n < len; ++n)
- out[n] = in[n] ^ iv[n];
+ tmp[n] = in[n] ^ ivec[n];
for(n=len; n < AES_BLOCK_SIZE; ++n)
- out[n] = iv[n];
- AES_encrypt(out, out, key);
- iv = out;
- }
- memcpy(ivec,iv,AES_BLOCK_SIZE);
- } else if (in != out) {
- while (len >= AES_BLOCK_SIZE) {
- AES_decrypt(in, out, key);
- for(n=0; n < AES_BLOCK_SIZE; ++n)
- out[n] ^= iv[n];
- iv = in;
- len -= AES_BLOCK_SIZE;
- in += AES_BLOCK_SIZE;
- out += AES_BLOCK_SIZE;
- }
- if (len) {
- AES_decrypt(in,tmp,key);
- for(n=0; n < len; ++n)
- out[n] = tmp[n] ^ iv[n];
- iv = in;
- }
- memcpy(ivec,iv,AES_BLOCK_SIZE);
+ tmp[n] = ivec[n];
+ AES_encrypt(tmp, tmp, key);
+ memcpy(out, tmp, AES_BLOCK_SIZE);
+ memcpy(ivec, tmp, AES_BLOCK_SIZE);
+ }
} else {
while (len >= AES_BLOCK_SIZE) {
memcpy(tmp, in, AES_BLOCK_SIZE);
@@ -120,12 +102,10 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
}
if (len) {
memcpy(tmp, in, AES_BLOCK_SIZE);
- AES_decrypt(tmp, out, key);
+ AES_decrypt(tmp, tmp, key);
for(n=0; n < len; ++n)
- out[n] ^= ivec[n];
- for(n=len; n < AES_BLOCK_SIZE; ++n)
- out[n] = tmp[n];
+ out[n] = tmp[n] ^ ivec[n];
memcpy(ivec, tmp, AES_BLOCK_SIZE);
- }
+ }
}
}
diff --git a/crypto/aes/aes_cfb.c b/crypto/aes/aes_cfb.c
index 49f0411010..2e0c41ec2b 100644
--- a/crypto/aes/aes_cfb.c
+++ b/crypto/aes/aes_cfb.c
@@ -114,7 +114,6 @@
#include <openssl/aes.h>
#include "aes_locl.h"
-#include "e_os.h"
/* The input and output encrypted as though 128bit cfb mode is being
* used. The extra state information to record how much of the
@@ -158,35 +157,61 @@ void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
/* This expects a single block of size nbits for both in and out. Note that
it corrupts any extra bits in the last byte of out */
+/* Untested, once it is working, it will be optimised */
void AES_cfbr_encrypt_block(const unsigned char *in,unsigned char *out,
const int nbits,const AES_KEY *key,
unsigned char *ivec,const int enc)
{
- int n,rem,num;
+ int n;
unsigned char ovec[AES_BLOCK_SIZE*2];
- if (nbits<=0 || nbits>128) return;
-
+ assert(in && out && key && ivec);
+ if(enc)
+ {
+ /* construct the new IV */
+ AES_encrypt(ivec,ovec,key);
+ /* encrypt the input */
+ for(n=0 ; n < (nbits+7)/8 ; ++n)
+ out[n]=in[n]^ovec[n];
/* fill in the first half of the new IV with the current IV */
memcpy(ovec,ivec,AES_BLOCK_SIZE);
- /* construct the new IV */
- AES_encrypt(ivec,ivec,key);
- num = (nbits+7)/8;
- if (enc) /* encrypt the input */
- for(n=0 ; n < num ; ++n)
- out[n] = (ovec[AES_BLOCK_SIZE+n] = in[n] ^ ivec[n]);
- else /* decrypt the input */
- for(n=0 ; n < num ; ++n)
- out[n] = (ovec[AES_BLOCK_SIZE+n] = in[n]) ^ ivec[n];
- /* shift ovec left... */
- rem = nbits%8;
- num = nbits/8;
- if(rem==0)
- memcpy(ivec,ovec+num,AES_BLOCK_SIZE);
- else
+ /* and put the ciphertext in the second half */
+ memcpy(ovec+AES_BLOCK_SIZE,out,(nbits+7)/8);
+ /* shift ovec left most of the bits... */
+ memmove(ovec,ovec+nbits/8,AES_BLOCK_SIZE+(nbits%8 ? 1 : 0));
+ /* now the remaining bits */
+ if(nbits%8 != 0)
for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
- ivec[n] = ovec[n+num]<<rem | ovec[n+num+1]>>(8-rem);
-
+ {
+ ovec[n]<<=nbits%8;
+ ovec[n]|=ovec[n+1]>>(8-nbits%8);
+ }
+ /* finally, move it back into place */
+ memcpy(ivec,ovec,AES_BLOCK_SIZE);
+ }
+ else
+ {
+ /* construct the new IV in the first half of ovec */
+ AES_encrypt(ivec,ovec,key);
+ /* decrypt the input */
+ for(n=0 ; n < (nbits+7)/8 ; ++n)
+ out[n]=in[n]^ovec[n];
+ /* fill in the first half of the new IV with the current IV */
+ memcpy(ovec,ivec,AES_BLOCK_SIZE);
+ /* append the ciphertext */
+ memcpy(ovec+AES_BLOCK_SIZE,in,(nbits+7)/8);
+ /* shift ovec left most of the bits... */
+ memmove(ovec,ovec+nbits/8,AES_BLOCK_SIZE+(nbits%8 ? 1 : 0));
+ /* now the remaining bits */
+ if(nbits%8 != 0)
+ for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
+ {
+ ovec[n]<<=nbits%8;
+ ovec[n]|=ovec[n+1]>>(8-nbits%8);
+ }
+ /* finally, move it back into place */
+ memcpy(ivec,ovec,AES_BLOCK_SIZE);
+ }
/* it is not necessary to cleanse ovec, since the IV is not secret */
}
diff --git a/crypto/aes/aes_core.c b/crypto/aes/aes_core.c
index 410ae2e8e8..2f41a825f8 100644
--- a/crypto/aes/aes_core.c
+++ b/crypto/aes/aes_core.c
@@ -53,13 +53,6 @@ Td3[x] = Si[x].[09, 0d, 0b, 0e];
Td4[x] = Si[x].[01, 01, 01, 01];
*/
-#ifdef AES_ASM
-extern const u32 AES_Te[5][256];
-#define Te0 AES_Te[0]
-#define Te1 AES_Te[1]
-#define Te2 AES_Te[2]
-#define Te3 AES_Te[3]
-#else
static const u32 Te0[256] = {
0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU,
0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U,
@@ -259,6 +252,7 @@ static const u32 Te2[256] = {
0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U,
};
static const u32 Te3[256] = {
+
0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U,
0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U,
0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U,
@@ -324,7 +318,6 @@ static const u32 Te3[256] = {
0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU,
0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU,
};
-#endif
static const u32 Te4[256] = {
0x63636363U, 0x7c7c7c7cU, 0x77777777U, 0x7b7b7b7bU,
0xf2f2f2f2U, 0x6b6b6b6bU, 0x6f6f6f6fU, 0xc5c5c5c5U,
@@ -391,14 +384,6 @@ static const u32 Te4[256] = {
0x41414141U, 0x99999999U, 0x2d2d2d2dU, 0x0f0f0f0fU,
0xb0b0b0b0U, 0x54545454U, 0xbbbbbbbbU, 0x16161616U,
};
-
-#ifdef AES_ASM
-extern const u32 AES_Td[5][256];
-#define Td0 AES_Td[0]
-#define Td1 AES_Td[1]
-#define Td2 AES_Td[2]
-#define Td3 AES_Td[3]
-#else
static const u32 Td0[256] = {
0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U,
0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U,
@@ -552,6 +537,7 @@ static const u32 Td2[256] = {
0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U,
0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U,
0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU,
+
0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U,
0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U,
0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U,
@@ -663,7 +649,6 @@ static const u32 Td3[256] = {
0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U,
0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U,
};
-#endif
static const u32 Td4[256] = {
0x52525252U, 0x09090909U, 0x6a6a6a6aU, 0xd5d5d5d5U,
0x30303030U, 0x36363636U, 0xa5a5a5a5U, 0x38383838U,
@@ -888,7 +873,6 @@ int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
return 0;
}
-#ifndef AES_ASM
/*
* Encrypt a single block
* in and out can overlap
@@ -1271,4 +1255,3 @@ void AES_decrypt(const unsigned char *in, unsigned char *out,
PUTU32(out + 12, s3);
}
-#endif /* AES_ASM */
diff --git a/crypto/aes/aes_ctr.c b/crypto/aes/aes_ctr.c
index f36982be1e..2487d83fb1 100644
--- a/crypto/aes/aes_ctr.c
+++ b/crypto/aes/aes_ctr.c
@@ -68,7 +68,7 @@ static void AES_ctr128_inc(unsigned char *counter) {
/* Grab bottom dword of counter and increment */
c = GETU32(counter + 12);
- c++; c &= 0xFFFFFFFF;
+ c++;
PUTU32(counter + 12, c);
/* if no overflow, we're done */
@@ -77,7 +77,7 @@ static void AES_ctr128_inc(unsigned char *counter) {
/* Grab 1st dword of counter and increment */
c = GETU32(counter + 8);
- c++; c &= 0xFFFFFFFF;
+ c++;
PUTU32(counter + 8, c);
/* if no overflow, we're done */
@@ -86,7 +86,7 @@ static void AES_ctr128_inc(unsigned char *counter) {
/* Grab 2nd dword of counter and increment */
c = GETU32(counter + 4);
- c++; c &= 0xFFFFFFFF;
+ c++;
PUTU32(counter + 4, c);
/* if no overflow, we're done */
@@ -95,7 +95,7 @@ static void AES_ctr128_inc(unsigned char *counter) {
/* Grab top dword of counter and increment */
c = GETU32(counter + 0);
- c++; c &= 0xFFFFFFFF;
+ c++;
PUTU32(counter + 0, c);
}
diff --git a/crypto/aes/aes_locl.h b/crypto/aes/aes_locl.h
index 183805a15a..f290946058 100644
--- a/crypto/aes/aes_locl.h
+++ b/crypto/aes/aes_locl.h
@@ -62,7 +62,7 @@
#include <stdlib.h>
#include <string.h>
-#if defined(_MSC_VER) && !defined(_M_IA64) && !defined(OPENSSL_SYS_WINCE)
+#if defined(_MSC_VER) && !defined(OPENSSL_SYS_WINCE)
# define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00)
# define GETU32(p) SWAP(*((u32 *)(p)))
# define PUTU32(ct, st) { *((u32 *)(ct)) = SWAP((st)); }
@@ -71,11 +71,7 @@
# define PUTU32(ct, st) { (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); (ct)[2] = (u8)((st) >> 8); (ct)[3] = (u8)(st); }
#endif
-#ifdef AES_LONG
typedef unsigned long u32;
-#else
-typedef unsigned int u32;
-#endif
typedef unsigned short u16;
typedef unsigned char u8;
diff --git a/crypto/aes/asm/aes-ia64.S b/crypto/aes/asm/aes-ia64.S
index 542cf335e9..b4252a9c26 100644
--- a/crypto/aes/asm/aes-ia64.S
+++ b/crypto/aes/asm/aes-ia64.S
@@ -1,9 +1,3 @@
-// ====================================================================
-// Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-// project. Rights for redistribution and usage in source and binary
-// forms are granted according to the OpenSSL license.
-// ====================================================================
-//
// What's wrong with compiler generated code? Compiler never uses
// variable 'shr' which is pairable with 'extr'/'dep' instructions.
// Then it uses 'zxt' which is an I-type, but can be replaced with
@@ -11,13 +5,11 @@
// much M-ports as there're I-ports on Itanium 2]. By sacrificing few
// registers for small constants (255, 24 and 16) to be used with
// 'shr' and 'and' instructions I can achieve better ILP, Intruction
-// Level Parallelism, and performance. This code outperforms GCC 3.3
-// generated code by over factor of 2 (two), GCC 3.4 - by 70% and
-// HP C - by 40%. Measured best-case scenario, i.e. aligned
-// big-endian input, ECB timing on Itanium 2 is (18 + 13*rounds)
-// ticks per block, or 9.25 CPU cycles per byte for 128 bit key.
+// Level Parallelism, and performance. This code outperforms gcc
+// generated code by almost factor of 2 (two). Improvement over HP C
+// is not that impressive, 20%...
-.ident "aes-ia64.S, version 1.1"
+.ident "aes-ia64.S, version 1.0"
.ident "IA-64 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
.explicit
.text
@@ -50,44 +42,126 @@ te0=r40; te1=r41; te2=r42; te3=r43;
# define ADDP add
#endif
-// This implies that AES_KEY comprises 32-bit key schedule elements
-// even on LP64 platforms.
#ifndef KSZ
-# define KSZ 4
-# define LDKEY ld4
+# define KSZ 8
+# define LDKEY ld8
#endif
-.proc _ia64_AES_encrypt#
-// Input: rk0-rk1
-// te0
-// te3 as AES_KEY->rounds!!!
-// s0-s3
-// maskff,twenty4,sixteen
-// Output: r16,r20,r24,r28 as s0-s3
-// Clobber: r16-r31,rk0-rk1,r32-r43
+// void AES_encrypt (const void *in,void *out,const AES_KEY *key);
+// measured timing om Itanium 2 is (48 + 14*rounds) cycles
+.global AES_encrypt#
+.proc AES_encrypt#
.align 32
-_ia64_AES_encrypt:
-{ .mmi; alloc r16=ar.pfs,12,0,0,8
- LDKEY t0=[rk0],2*KSZ
- mov pr.rot=1<<16 }
-{ .mmi; LDKEY t1=[rk1],2*KSZ
- add te1=1024,te0
- add te3=-3,te3 };;
-{ .mib; LDKEY t2=[rk0],2*KSZ
- mov ar.ec=3 }
+#if !defined(_HPUX_SOURCE)
+.skip 16
+#endif
+AES_encrypt:
+ .prologue
+ .fframe 0
+ .save ar.pfs,r2
+ .save ar.lc,r3
+{ .mii; alloc r2=ar.pfs,3,10,0,8
+ mov r3=ar.lc
+ mov prsave=pr };;
+
+ .body
+{ .mib; and r40=3,r32
+ mov pr.rot=7<<16
+ brp.exit.imp .Le_rounds_cexit,.Le_cexit_insn
+ };;
+#if defined(_HPUX_SOURCE) // HPUX is big-endian, cut 15 cycles...
+{ .mib; cmp.ne p6,p0=r40,r0
+ ADDP r41=4,r32 // 1st arg, borrow teN
+(p6) br.dpnt.many .Le_unaligned };;
+
+{ .mmi; ld4 r19=[r32],8
+ mov r44=r33 // save 2nd arg
+ mov twenty4=24 }
+{ .mmi; ld4 r23=[r41],8
+ addl te0=@ltoff(Te0#),gp
+ ADDP r35=KSZ*60,r34 };; // &AES_KEY->rounds, borrow s1
+{ .mmi; ld8 te0=[te0]
+ ld4 r35=[r35] // AES_KEY->rounds
+ ADDP rk0=0,r34 }//;; // 3rd arg
+{ .mmi; ld4 r27=[r32]
+ ld4 r31=[r41]
+ ADDP rk1=KSZ,r34 };;
+
+{ .mfi; LDKEY t0=[rk0],2*KSZ
+ mov sixteen=16 }
+{ .mfi; LDKEY t1=[rk1],2*KSZ
+ mov maskff=0xff };;
+{ .mfi; LDKEY t2=[rk0],2*KSZ
+ add te1=1024,te0 }
{ .mib; LDKEY t3=[rk1],2*KSZ
add te2=2048,te0
- brp.loop.imp .Le_top,.Le_end-16 };;
+ br.many .Le_common };;
+#endif
+.Le_unaligned:
+{ .mfi; ADDP r40=0,r32 // 1st arg, borrow teN
+ ADDP r41=1,r32 }
+{ .mfi; ADDP r42=2,r32
+ ADDP r43=3,r32 };;
+{ .mmi; ld1 r16=[r40],4
+ ld1 r17=[r41],4
+ mov r44=r33 }//;; // save 2nd arg
+{ .mmi; ld1 r18=[r42],4
+ ld1 r19=[r43],4
+ ADDP rk0=0,r34 };; // 3rd arg
+{ .mmi; ld1 r20=[r40],4
+ ld1 r21=[r41],4
+ ADDP rk1=KSZ,r34 }//;;
+{ .mmi; ld1 r22=[r42],4
+ ld1 r23=[r43],4
+ ADDP r35=KSZ*60,r34 };; // &AES_KEY->rounds, borrow s1
+{ .mmi; ld1 r24=[r40],4
+ ld1 r25=[r41],4
+ mov twenty4=24 }//;;
+{ .mmi; ld1 r26=[r42],4
+ ld1 r27=[r43],4
+ mov sixteen=16 };;
+{ .mmi; ld1 r28=[r40]
+ ld1 r29=[r41]
+ mov maskff=0xff }//;;
+{ .mmi; ld1 r30=[r42]
+ ld1 r31=[r43]
+ addl te0=@ltoff(Te0#),gp };; // that was close...
+
+{ .mii; ld8 te0=[te0]
+ dep r19=r16,r19,24,8 //;;
+ dep r23=r20,r23,24,8 }//;;
+{ .mii; ld4 r35=[r35] // AES_KEY->rounds
+ dep r27=r24,r27,24,8 //;;
+ dep r31=r28,r31,24,8 };;
+{ .mii; LDKEY t0=[rk0],2*KSZ
+ dep r19=r17,r19,16,8 //;;
+ dep r23=r21,r23,16,8 }//;;
+{ .mii; LDKEY t1=[rk1],2*KSZ
+ dep r27=r25,r27,16,8 //;;
+ dep r31=r29,r31,16,8 };;
+{ .mii; LDKEY t2=[rk0],2*KSZ
+ dep r19=r18,r19,8,8 //;;
+ dep r23=r22,r23,8,8 }//;;
+{ .mii; LDKEY t3=[rk1],2*KSZ
+ dep r27=r26,r27,8,8 //;;
+ dep r31=r30,r31,8,8 };;
+
+{ .mib; add te1=1024,te0
+ add te2=2048,te0 }
+.Le_common:
+{ .mib; add te3=3072,te0
+ add r35=-3,r35 };;
+
+{ .mii; mov ar.lc=r35 // borrowed s1
+ mov ar.ec=3 };;
-{ .mmi; xor s0=s0,t0
- xor s1=s1,t1
- mov ar.lc=te3 }
-{ .mmi; xor s2=s2,t2
- xor s3=s3,t3
- add te3=3072,te0 };;
+{ .mfi; xor s0=r19,t0
+ xor s1=r23,t1 }
+{ .mfi; xor s2=r27,t2
+ xor s3=r31,t3 };;
.align 32
-.Le_top:
+.Le_rounds:
{ .mmi; (p0) LDKEY t0=[rk0],2*KSZ // 0/0:rk[0]
(p0) and te33=s3,maskff // 0/0:s3&0xff
(p0) extr.u te22=s2,8,8 } // 0/0:s2>>8&0xff
@@ -136,187 +210,103 @@ _ia64_AES_encrypt:
(p0) and te13=te13,maskff} // 7/2:s3>>16&0xff
{ .mmi; (p0) ld4 te03=[te03] // 7/3:te0[s3>>24]
(p0) shladd te32=te32,2,te3 // 7/3:te3+s2
- (p0) xor t0=t0,te33 };; // 7/0:
+ (p16) cmp.eq p0,p18=r0,r0 };; // 7/clear (p18)
{ .mmi; (p0) ld4 te31=[te31] // 8/2:te3[s1]
(p0) shladd te13=te13,2,te1 // 8/2:te1+s3>>16
- (p0) xor t0=t0,te22 } // 8/0:
+ (p17) xor t0=t0,te33 } // 8/0:
{ .mmi; (p0) ld4 te32=[te32] // 8/3:te3[s2]
(p0) shladd te10=te10,2,te1 // 8/3:te1+s0>>16
- (p0) xor t1=t1,te30 };; // 8/1:
+ (p17) xor t1=t1,te30 };; // 8/1:
{ .mmi; (p0) ld4 te13=[te13] // 9/2:te1[s3>>16]
- (p0) xor t0=t0,te00 // 9/0:
- (p0) xor t1=t1,te23 } // 9/1:
-{ .mmi; (p0) ld4 te10=[te10] // 9/3:te1[s0>>16]
- (p0) xor t2=t2,te20 // 9/2:
- (p0) xor t3=t3,te21 };; // 9/3:
-{ .mmi; (p0) xor t0=t0,te11 // 10/0:done!
- (p0) xor t1=t1,te01 // 10/1:
- (p0) xor t2=t2,te02 } // 10/2:
-{ .mmi; (p0) xor t3=t3,te03 // 10/3:
- (p16) cmp.eq p0,p17=r0,r0 };; // 10/clear (p17)
-{ .mmi; (p0) xor t1=t1,te12 // 11/1:done!
- (p0) xor t2=t2,te31 // 11/2:
- (p0) xor t3=t3,te32 } // 11/3:
-{ .mmi; (p17) add te0=4096,te0 // 11/
- (p17) add te1=4096,te1 };; // 11/
-{ .mib; (p0) xor t2=t2,te13 // 12/2:done!
- (p0) xor t3=t3,te10 } // 12/3:done!
-{ .mib; (p17) add te2=4096,te2 // 12/
- (p17) add te3=4096,te3 // 12/
- br.ctop.sptk .Le_top };;
-.Le_end:
-{ .mib; mov r16=s0
- mov r20=s1 }
-{ .mib; mov r24=s2
- mov r28=s3
- br.ret.sptk b6 };;
-.endp _ia64_AES_encrypt#
+ (p17) xor t0=t0,te22 // 9/0:
+ (p18) add te0=4096,te0 } // 9/
+.Le_cexit_insn:
+{ .mmb; (p0) ld4 te10=[te10] // 9/3:te1[s0>>16]
+ (p17) xor t1=t1,te23 // 9/1:
+ br.cexit.spnt.few .Le_rounds_cexit
+ };;
+{ .mmi; (p18) xor s2=s2,te20 // 10/2:
+ (p18) xor s0=s0,te00 // 10/0:
+ (p19) add te1=3072,te1 } // 10/
+{ .mmi; (p18) xor s3=s3,te21 // 10/3:
+ (p18) xor s1=s1,te01 // 10/1:
+ (p19) add te2=2048,te2 };; // 10/
+{ .mfi; (p18) xor s0=s0,te11 // 11/0:done!
+ (p18) xor s2=s2,te02 } // 11/2:
+{ .mfi; (p18) xor s1=s1,te12 // 11/1:done!
+ (p18) xor s3=s3,te03 };; // 11/3:
+{ .mmi; (p18) xor s2=s2,te31 // 12/2:
+ (p18) xor s3=s3,te32 // 12/3:
+ (p19) add te3=1024,te3 };; // 12/
+{ .mib; (p18) xor s2=s2,te13 // 13/2:done!
+ (p18) xor s3=s3,te10 // 13/3:done!
+ br .Le_rounds };;
-// void AES_encrypt (const void *in,void *out,const AES_KEY *key);
-.global AES_encrypt#
-.proc AES_encrypt#
.align 32
-.skip 16
-AES_encrypt:
- .prologue
- .fframe 0
- .save ar.pfs,r2
- .save ar.lc,r3
-{ .mmi; alloc r2=ar.pfs,3,0,12,0
- addl out8=@ltoff(AES_Te#),gp
- mov r3=ar.lc }
-{ .mmi; and out0=3,in0
- ADDP in0=0,in0
- ADDP out11=KSZ*60,in2 };; // &AES_KEY->rounds
+.Le_rounds_cexit:
+{ .mfi; xor te00=te00,s0 // "s0"
+ xor te11=te11,s0 }
+{ .mfi; xor te22=te22,s0
+ xor te33=te33,s0 }
+{ .mib; xor te01=te01,s1 // "s1"
+ xor te12=te12,s1 }
+{ .mib; xor te23=te23,s1
+ xor te30=te30,s1 }
+{ .mfi; xor te02=te02,s2 // "s2"
+ xor te13=te13,s2 }
+{ .mfi; xor te20=te20,s2
+ xor te31=te31,s2 }
+{ .mib; xor te03=te03,s3 // "s3"
+ xor te10=te10,s3 }
+{ .mib; xor te21=te21,s3
+ xor te32=te32,s3 };;
- .body
-{ .mmi; ld8 out8=[out8] // Te0
- ld4 out11=[out11] // AES_KEY->rounds
- mov prsave=pr }
+{ .mii; ADDP r40=0,r44 // saved 2nd argument, snatch teN
+ extr.u te22=te22,8,8
+ shr.u te00=te00,twenty4 }//;;
+{ .mii; ADDP r41=1,r44
+ extr.u te11=te11,16,8
+ shr.u te01=te01,twenty4 }//;;
+{ .mii; ADDP r42=2,r44
+ extr.u te23=te23,8,8
+ shr.u te12=te12,sixteen }//;;
+{ .mii; ADDP r43=3,r44
+ extr.u te20=te20,8,8
+ shr.u te02=te02,twenty4 };;
+{ .mii; st1 [r43]=te33,4
+ extr.u te13=te13,16,8
+ shr.u te03=te03,twenty4 }//;;
+{ .mii; st1 [r42]=te22,4
+ extr.u te21=te21,8,8
+ shr.u te10=te10,sixteen }//;;
-#if defined(_HPUX_SOURCE) // HPUX is big-endian, cut 15+15 cycles...
-{ .mib; cmp.ne p6,p0=out0,r0
- add out0=4,in0
-(p6) br.dpnt.many .Le_i_unaligned };;
-
-{ .mmi; ld4 out1=[in0],8 // s0
- and out9=3,in1
- mov twenty4=24 }
-{ .mmi; ld4 out3=[out0],8 // s1
- ADDP rk0=0,in2
- mov sixteen=16 };;
-{ .mmi; ld4 out5=[in0] // s2
- cmp.ne p6,p0=out9,r0
- mov maskff=0xff }
-{ .mmb; ld4 out7=[out0] // s3
- ADDP rk1=KSZ,in2
- br.call.sptk.many b6=_ia64_AES_encrypt };;
-
-{ .mib; ADDP in0=4,in1
- ADDP in1=0,in1
-(p6) br.spnt .Le_o_unaligned };;
-
-{ .mii; mov ar.pfs=r2
- mov ar.lc=r3 }
-{ .mmi; st4 [in1]=r16,8 // s0
- st4 [in0]=r20,8 // s1
+{ .mmi; st1 [r41]=te11,4
+ st1 [r40]=te00,4 };;
+{ .mmi; st1 [r43]=te30,4
+ st1 [r42]=te23,4 }//;;
+{ .mmi; st1 [r41]=te12,4
+ st1 [r40]=te01,4 };;
+{ .mmi; st1 [r43]=te31,4
+ st1 [r42]=te20,4 }//;;
+{ .mmi; st1 [r41]=te13,4
+ st1 [r40]=te02,4
mov pr=prsave,0x1ffff };;
-{ .mmb; st4 [in1]=r24 // s2
- st4 [in0]=r28 // s3
- br.ret.sptk.many b0 };;
-#endif
-
-.align 32
-.Le_i_unaligned:
-{ .mmi; add out0=1,in0
- add out2=2,in0
- add out4=3,in0 };;
-{ .mmi; ld1 r16=[in0],4
- ld1 r17=[out0],4 }//;;
-{ .mmi; ld1 r18=[out2],4
- ld1 out1=[out4],4 };; // s0
-{ .mmi; ld1 r20=[in0],4
- ld1 r21=[out0],4 }//;;
-{ .mmi; ld1 r22=[out2],4
- ld1 out3=[out4],4 };; // s1
-{ .mmi; ld1 r24=[in0],4
- ld1 r25=[out0],4 }//;;
-{ .mmi; ld1 r26=[out2],4
- ld1 out5=[out4],4 };; // s2
-{ .mmi; ld1 r28=[in0]
- ld1 r29=[out0] }//;;
-{ .mmi; ld1 r30=[out2]
- ld1 out7=[out4] };; // s3
-
-{ .mii;
- dep out1=r16,out1,24,8 //;;
- dep out3=r20,out3,24,8 }//;;
-{ .mii; ADDP rk0=0,in2
- dep out5=r24,out5,24,8 //;;
- dep out7=r28,out7,24,8 };;
-{ .mii; ADDP rk1=KSZ,in2
- dep out1=r17,out1,16,8 //;;
- dep out3=r21,out3,16,8 }//;;
-{ .mii; mov twenty4=24
- dep out5=r25,out5,16,8 //;;
- dep out7=r29,out7,16,8 };;
-{ .mii; mov sixteen=16
- dep out1=r18,out1,8,8 //;;
- dep out3=r22,out3,8,8 }//;;
-{ .mii; mov maskff=0xff
- dep out5=r26,out5,8,8 //;;
- dep out7=r30,out7,8,8 };;
-
-{ .mib; br.call.sptk.many b6=_ia64_AES_encrypt };;
-
-.Le_o_unaligned:
-{ .mii; ADDP out0=0,in1
- extr.u r17=r16,8,8 // s0
- shr.u r19=r16,twenty4 }//;;
-{ .mii; ADDP out1=1,in1
- extr.u r18=r16,16,8
- shr.u r23=r20,twenty4 }//;; // s1
-{ .mii; ADDP out2=2,in1
- extr.u r21=r20,8,8
- shr.u r22=r20,sixteen }//;;
-{ .mii; ADDP out3=3,in1
- extr.u r25=r24,8,8 // s2
- shr.u r27=r24,twenty4 };;
-{ .mii; st1 [out3]=r16,4
- extr.u r26=r24,16,8
- shr.u r31=r28,twenty4 }//;; // s3
-{ .mii; st1 [out2]=r17,4
- extr.u r29=r28,8,8
- shr.u r30=r28,sixteen }//;;
-
-{ .mmi; st1 [out1]=r18,4
- st1 [out0]=r19,4 };;
-{ .mmi; st1 [out3]=r20,4
- st1 [out2]=r21,4 }//;;
-{ .mmi; st1 [out1]=r22,4
- st1 [out0]=r23,4 };;
-{ .mmi; st1 [out3]=r24,4
- st1 [out2]=r25,4
- mov pr=prsave,0x1ffff }//;;
-{ .mmi; st1 [out1]=r26,4
- st1 [out0]=r27,4
- mov ar.pfs=r2 };;
-{ .mmi; st1 [out3]=r28
- st1 [out2]=r29
+{ .mmi; st1 [r43]=te32
+ st1 [r42]=te21
mov ar.lc=r3 }//;;
-{ .mmb; st1 [out1]=r30
- st1 [out0]=r31
+{ .mmb; st1 [r41]=te10
+ st1 [r40]=te03
br.ret.sptk.many b0 };;
.endp AES_encrypt#
-// *AES_decrypt are autogenerated by the following script:
+// AES_decrypt is autogenerated by the following script:
#if 0
#!/usr/bin/env perl
-print "// *AES_decrypt are autogenerated by the following script:\n#if 0\n";
+print "// AES_decrypt is autogenerated by the following script:\n#if 0\n";
open(PROG,'<'.$0); while(<PROG>) { print; } close(PROG);
print "#endif\n";
while(<>) {
- $process=1 if (/\.proc\s+_ia64_AES_encrypt/);
+ $process=1 if (/\.global\s+AES_encrypt/);
next if (!$process);
#s/te00=s0/td00=s0/; s/te00/td00/g;
@@ -343,44 +333,126 @@ while(<>) {
s/AES_encrypt/AES_decrypt/g;
s/\.Le_/.Ld_/g;
- s/AES_Te#/AES_Td#/g;
+ s/Te0#/Td0#/g;
print;
exit if (/\.endp\s+AES_decrypt/);
}
#endif
-.proc _ia64_AES_decrypt#
-// Input: rk0-rk1
-// te0
-// te3 as AES_KEY->rounds!!!
-// s0-s3
-// maskff,twenty4,sixteen
-// Output: r16,r20,r24,r28 as s0-s3
-// Clobber: r16-r31,rk0-rk1,r32-r43
+.global AES_decrypt#
+.proc AES_decrypt#
.align 32
-_ia64_AES_decrypt:
-{ .mmi; alloc r16=ar.pfs,12,0,0,8
- LDKEY t0=[rk0],2*KSZ
- mov pr.rot=1<<16 }
-{ .mmi; LDKEY t1=[rk1],2*KSZ
- add te1=1024,te0
- add te3=-3,te3 };;
-{ .mib; LDKEY t2=[rk0],2*KSZ
- mov ar.ec=3 }
+#if !defined(_HPUX_SOURCE)
+.skip 16
+#endif
+AES_decrypt:
+ .prologue
+ .fframe 0
+ .save ar.pfs,r2
+ .save ar.lc,r3
+{ .mii; alloc r2=ar.pfs,3,10,0,8
+ mov r3=ar.lc
+ mov prsave=pr };;
+
+ .body
+{ .mib; and r40=3,r32
+ mov pr.rot=7<<16
+ brp.exit.imp .Ld_rounds_cexit,.Ld_cexit_insn
+ };;
+#if defined(_HPUX_SOURCE) // HPUX is big-endian, cut 15 cycles...
+{ .mib; cmp.ne p6,p0=r40,r0
+ ADDP r41=4,r32 // 1st arg, borrow teN
+(p6) br.dpnt.many .Ld_unaligned };;
+
+{ .mmi; ld4 r19=[r32],8
+ mov r44=r33 // save 2nd arg
+ mov twenty4=24 }
+{ .mmi; ld4 r23=[r41],8
+ addl te0=@ltoff(Td0#),gp
+ ADDP r35=KSZ*60,r34 };; // &AES_KEY->rounds, borrow s1
+{ .mmi; ld8 te0=[te0]
+ ld4 r35=[r35] // AES_KEY->rounds
+ ADDP rk0=0,r34 }//;; // 3rd arg
+{ .mmi; ld4 r27=[r32]
+ ld4 r31=[r41]
+ ADDP rk1=KSZ,r34 };;
+
+{ .mfi; LDKEY t0=[rk0],2*KSZ
+ mov sixteen=16 }
+{ .mfi; LDKEY t1=[rk1],2*KSZ
+ mov maskff=0xff };;
+{ .mfi; LDKEY t2=[rk0],2*KSZ
+ add te1=1024,te0 }
{ .mib; LDKEY t3=[rk1],2*KSZ
add te2=2048,te0
- brp.loop.imp .Ld_top,.Ld_end-16 };;
+ br.many .Ld_common };;
+#endif
+.Ld_unaligned:
+{ .mfi; ADDP r40=0,r32 // 1st arg, borrow teN
+ ADDP r41=1,r32 }
+{ .mfi; ADDP r42=2,r32
+ ADDP r43=3,r32 };;
+{ .mmi; ld1 r16=[r40],4
+ ld1 r17=[r41],4
+ mov r44=r33 }//;; // save 2nd arg
+{ .mmi; ld1 r18=[r42],4
+ ld1 r19=[r43],4
+ ADDP rk0=0,r34 };; // 3rd arg
+{ .mmi; ld1 r20=[r40],4
+ ld1 r21=[r41],4
+ ADDP rk1=KSZ,r34 }//;;
+{ .mmi; ld1 r22=[r42],4
+ ld1 r23=[r43],4
+ ADDP r35=KSZ*60,r34 };; // &AES_KEY->rounds, borrow s1
+{ .mmi; ld1 r24=[r40],4
+ ld1 r25=[r41],4
+ mov twenty4=24 }//;;
+{ .mmi; ld1 r26=[r42],4
+ ld1 r27=[r43],4
+ mov sixteen=16 };;
+{ .mmi; ld1 r28=[r40]
+ ld1 r29=[r41]
+ mov maskff=0xff }//;;
+{ .mmi; ld1 r30=[r42]
+ ld1 r31=[r43]
+ addl te0=@ltoff(Td0#),gp };; // that was close...
+
+{ .mii; ld8 te0=[te0]
+ dep r19=r16,r19,24,8 //;;
+ dep r23=r20,r23,24,8 }//;;
+{ .mii; ld4 r35=[r35] // AES_KEY->rounds
+ dep r27=r24,r27,24,8 //;;
+ dep r31=r28,r31,24,8 };;
+{ .mii; LDKEY t0=[rk0],2*KSZ
+ dep r19=r17,r19,16,8 //;;
+ dep r23=r21,r23,16,8 }//;;
+{ .mii; LDKEY t1=[rk1],2*KSZ
+ dep r27=r25,r27,16,8 //;;
+ dep r31=r29,r31,16,8 };;
+{ .mii; LDKEY t2=[rk0],2*KSZ
+ dep r19=r18,r19,8,8 //;;
+ dep r23=r22,r23,8,8 }//;;
+{ .mii; LDKEY t3=[rk1],2*KSZ
+ dep r27=r26,r27,8,8 //;;
+ dep r31=r30,r31,8,8 };;
+
+{ .mib; add te1=1024,te0
+ add te2=2048,te0 }
+.Ld_common:
+{ .mib; add te3=3072,te0
+ add r35=-3,r35 };;
-{ .mmi; xor s0=s0,t0
- xor s1=s1,t1
- mov ar.lc=te3 }
-{ .mmi; xor s2=s2,t2
- xor s3=s3,t3
- add te3=3072,te0 };;
+{ .mii; mov ar.lc=r35 // borrowed s1
+ mov ar.ec=3 };;
+
+{ .mfi; xor s0=r19,t0
+ xor s1=r23,t1 }
+{ .mfi; xor s2=r27,t2
+ xor s3=r31,t3 };;
.align 32
-.Ld_top:
+.Ld_rounds:
{ .mmi; (p0) LDKEY t0=[rk0],2*KSZ // 0/0:rk[0]
(p0) and te31=s1,maskff // 0/0:s3&0xff
(p0) extr.u te22=s2,8,8 } // 0/0:s2>>8&0xff
@@ -429,184 +501,99 @@ _ia64_AES_decrypt:
(p0) and te11=te11,maskff} // 7/2:s3>>16&0xff
{ .mmi; (p0) ld4 te03=[te03] // 7/3:te0[s3>>24]
(p0) shladd te30=te30,2,te3 // 7/3:te3+s2
- (p0) xor t0=t0,te31 };; // 7/0:
+ (p16) cmp.eq p0,p18=r0,r0 };; // 7/clear (p18)
{ .mmi; (p0) ld4 te33=[te33] // 8/2:te3[s1]
(p0) shladd te11=te11,2,te1 // 8/2:te1+s3>>16
- (p0) xor t0=t0,te22 } // 8/0:
+ (p17) xor t0=t0,te31 } // 8/0:
{ .mmi; (p0) ld4 te30=[te30] // 8/3:te3[s2]
(p0) shladd te12=te12,2,te1 // 8/3:te1+s0>>16
- (p0) xor t1=t1,te32 };; // 8/1:
+ (p17) xor t1=t1,te32 };; // 8/1:
{ .mmi; (p0) ld4 te11=[te11] // 9/2:te1[s3>>16]
- (p0) xor t0=t0,te00 // 9/0:
- (p0) xor t1=t1,te23 } // 9/1:
-{ .mmi; (p0) ld4 te12=[te12] // 9/3:te1[s0>>16]
- (p0) xor t2=t2,te20 // 9/2:
- (p0) xor t3=t3,te21 };; // 9/3:
-{ .mmi; (p0) xor t0=t0,te13 // 10/0:done!
- (p0) xor t1=t1,te01 // 10/1:
- (p0) xor t2=t2,te02 } // 10/2:
-{ .mmi; (p0) xor t3=t3,te03 // 10/3:
- (p16) cmp.eq p0,p17=r0,r0 };; // 10/clear (p17)
-{ .mmi; (p0) xor t1=t1,te10 // 11/1:done!
- (p0) xor t2=t2,te33 // 11/2:
- (p0) xor t3=t3,te30 } // 11/3:
-{ .mmi; (p17) add te0=4096,te0 // 11/
- (p17) add te1=4096,te1 };; // 11/
-{ .mib; (p0) xor t2=t2,te11 // 12/2:done!
- (p0) xor t3=t3,te12 } // 12/3:done!
-{ .mib; (p17) add te2=4096,te2 // 12/
- (p17) add te3=4096,te3 // 12/
- br.ctop.sptk .Ld_top };;
-.Ld_end:
-{ .mib; mov r16=s0
- mov r20=s1 }
-{ .mib; mov r24=s2
- mov r28=s3
- br.ret.sptk b6 };;
-.endp _ia64_AES_decrypt#
+ (p17) xor t0=t0,te22 // 9/0:
+ (p18) add te0=4096,te0 } // 9/
+.Ld_cexit_insn:
+{ .mmb; (p0) ld4 te12=[te12] // 9/3:te1[s0>>16]
+ (p17) xor t1=t1,te23 // 9/1:
+ br.cexit.spnt.few .Ld_rounds_cexit
+ };;
+{ .mmi; (p18) xor s2=s2,te20 // 10/2:
+ (p18) xor s0=s0,te00 // 10/0:
+ (p19) add te1=3072,te1 } // 10/
+{ .mmi; (p18) xor s3=s3,te21 // 10/3:
+ (p18) xor s1=s1,te01 // 10/1:
+ (p19) add te2=2048,te2 };; // 10/
+{ .mfi; (p18) xor s0=s0,te13 // 11/0:done!
+ (p18) xor s2=s2,te02 } // 11/2:
+{ .mfi; (p18) xor s1=s1,te10 // 11/1:done!
+ (p18) xor s3=s3,te03 };; // 11/3:
+{ .mmi; (p18) xor s2=s2,te33 // 12/2:
+ (p18) xor s3=s3,te30 // 12/3:
+ (p19) add te3=1024,te3 };; // 12/
+{ .mib; (p18) xor s2=s2,te11 // 13/2:done!
+ (p18) xor s3=s3,te12 // 13/3:done!
+ br .Ld_rounds };;
-// void AES_decrypt (const void *in,void *out,const AES_KEY *key);
-.global AES_decrypt#
-.proc AES_decrypt#
.align 32
-.skip 16
-AES_decrypt:
- .prologue
- .fframe 0
- .save ar.pfs,r2
- .save ar.lc,r3
-{ .mmi; alloc r2=ar.pfs,3,0,12,0
- addl out8=@ltoff(AES_Td#),gp
- mov r3=ar.lc }
-{ .mmi; and out0=3,in0
- ADDP in0=0,in0
- ADDP out11=KSZ*60,in2 };; // &AES_KEY->rounds
-
- .body
-{ .mmi; ld8 out8=[out8] // Te0
- ld4 out11=[out11] // AES_KEY->rounds
- mov prsave=pr }
-
-#if defined(_HPUX_SOURCE) // HPUX is big-endian, cut 15+15 cycles...
-{ .mib; cmp.ne p6,p0=out0,r0
- add out0=4,in0
-(p6) br.dpnt.many .Ld_i_unaligned };;
+.Ld_rounds_cexit:
+{ .mfi; xor te00=te00,s0 // "s0"
+ xor te13=te13,s0 }
+{ .mfi; xor te22=te22,s0
+ xor te31=te31,s0 }
+{ .mib; xor te01=te01,s1 // "s1"
+ xor te10=te10,s1 }
+{ .mib; xor te23=te23,s1
+ xor te32=te32,s1 }
+{ .mfi; xor te02=te02,s2 // "s2"
+ xor te11=te11,s2 }
+{ .mfi; xor te20=te20,s2
+ xor te33=te33,s2 }
+{ .mib; xor te03=te03,s3 // "s3"
+ xor te12=te12,s3 }
+{ .mib; xor te21=te21,s3
+ xor te30=te30,s3 };;
-{ .mmi; ld4 out1=[in0],8 // s0
- and out9=3,in1
- mov twenty4=24 }
-{ .mmi; ld4 out3=[out0],8 // s1
- ADDP rk0=0,in2
- mov sixteen=16 };;
-{ .mmi; ld4 out5=[in0] // s2
- cmp.ne p6,p0=out9,r0
- mov maskff=0xff }
-{ .mmb; ld4 out7=[out0] // s3
- ADDP rk1=KSZ,in2
- br.call.sptk.many b6=_ia64_AES_decrypt };;
+{ .mii; ADDP r40=0,r44 // saved 2nd argument, snatch teN
+ extr.u te22=te22,8,8
+ shr.u te00=te00,twenty4 }//;;
+{ .mii; ADDP r41=1,r44
+ extr.u te13=te13,16,8
+ shr.u te01=te01,twenty4 }//;;
+{ .mii; ADDP r42=2,r44
+ extr.u te23=te23,8,8
+ shr.u te10=te10,sixteen }//;;
+{ .mii; ADDP r43=3,r44
+ extr.u te20=te20,8,8
+ shr.u te02=te02,twenty4 };;
+{ .mii; st1 [r43]=te31,4
+ extr.u te11=te11,16,8
+ shr.u te03=te03,twenty4 }//;;
+{ .mii; st1 [r42]=te22,4
+ extr.u te21=te21,8,8
+ shr.u te12=te12,sixteen }//;;
-{ .mib; ADDP in0=4,in1
- ADDP in1=0,in1
-(p6) br.spnt .Ld_o_unaligned };;
-
-{ .mii; mov ar.pfs=r2
- mov ar.lc=r3 }
-{ .mmi; st4 [in1]=r16,8 // s0
- st4 [in0]=r20,8 // s1
+{ .mmi; st1 [r41]=te13,4
+ st1 [r40]=te00,4 };;
+{ .mmi; st1 [r43]=te32,4
+ st1 [r42]=te23,4 }//;;
+{ .mmi; st1 [r41]=te10,4
+ st1 [r40]=te01,4 };;
+{ .mmi; st1 [r43]=te33,4
+ st1 [r42]=te20,4 }//;;
+{ .mmi; st1 [r41]=te11,4
+ st1 [r40]=te02,4
mov pr=prsave,0x1ffff };;
-{ .mmb; st4 [in1]=r24 // s2
- st4 [in0]=r28 // s3
- br.ret.sptk.many b0 };;
-#endif
-
-.align 32
-.Ld_i_unaligned:
-{ .mmi; add out0=1,in0
- add out2=2,in0
- add out4=3,in0 };;
-{ .mmi; ld1 r16=[in0],4
- ld1 r17=[out0],4 }//;;
-{ .mmi; ld1 r18=[out2],4
- ld1 out1=[out4],4 };; // s0
-{ .mmi; ld1 r20=[in0],4
- ld1 r21=[out0],4 }//;;
-{ .mmi; ld1 r22=[out2],4
- ld1 out3=[out4],4 };; // s1
-{ .mmi; ld1 r24=[in0],4
- ld1 r25=[out0],4 }//;;
-{ .mmi; ld1 r26=[out2],4
- ld1 out5=[out4],4 };; // s2
-{ .mmi; ld1 r28=[in0]
- ld1 r29=[out0] }//;;
-{ .mmi; ld1 r30=[out2]
- ld1 out7=[out4] };; // s3
-
-{ .mii;
- dep out1=r16,out1,24,8 //;;
- dep out3=r20,out3,24,8 }//;;
-{ .mii; ADDP rk0=0,in2
- dep out5=r24,out5,24,8 //;;
- dep out7=r28,out7,24,8 };;
-{ .mii; ADDP rk1=KSZ,in2
- dep out1=r17,out1,16,8 //;;
- dep out3=r21,out3,16,8 }//;;
-{ .mii; mov twenty4=24
- dep out5=r25,out5,16,8 //;;
- dep out7=r29,out7,16,8 };;
-{ .mii; mov sixteen=16
- dep out1=r18,out1,8,8 //;;
- dep out3=r22,out3,8,8 }//;;
-{ .mii; mov maskff=0xff
- dep out5=r26,out5,8,8 //;;
- dep out7=r30,out7,8,8 };;
-
-{ .mib; br.call.sptk.many b6=_ia64_AES_decrypt };;
-
-.Ld_o_unaligned:
-{ .mii; ADDP out0=0,in1
- extr.u r17=r16,8,8 // s0
- shr.u r19=r16,twenty4 }//;;
-{ .mii; ADDP out1=1,in1
- extr.u r18=r16,16,8
- shr.u r23=r20,twenty4 }//;; // s1
-{ .mii; ADDP out2=2,in1
- extr.u r21=r20,8,8
- shr.u r22=r20,sixteen }//;;
-{ .mii; ADDP out3=3,in1
- extr.u r25=r24,8,8 // s2
- shr.u r27=r24,twenty4 };;
-{ .mii; st1 [out3]=r16,4
- extr.u r26=r24,16,8
- shr.u r31=r28,twenty4 }//;; // s3
-{ .mii; st1 [out2]=r17,4
- extr.u r29=r28,8,8
- shr.u r30=r28,sixteen }//;;
-
-{ .mmi; st1 [out1]=r18,4
- st1 [out0]=r19,4 };;
-{ .mmi; st1 [out3]=r20,4
- st1 [out2]=r21,4 }//;;
-{ .mmi; st1 [out1]=r22,4
- st1 [out0]=r23,4 };;
-{ .mmi; st1 [out3]=r24,4
- st1 [out2]=r25,4
- mov pr=prsave,0x1ffff }//;;
-{ .mmi; st1 [out1]=r26,4
- st1 [out0]=r27,4
- mov ar.pfs=r2 };;
-{ .mmi; st1 [out3]=r28
- st1 [out2]=r29
+{ .mmi; st1 [r43]=te30
+ st1 [r42]=te21
mov ar.lc=r3 }//;;
-{ .mmb; st1 [out1]=r30
- st1 [out0]=r31
+{ .mmb; st1 [r41]=te12
+ st1 [r40]=te03
br.ret.sptk.many b0 };;
.endp AES_decrypt#
// leave it in .text segment...
.align 64
-.global AES_Te#
-.type AES_Te#,@object
-AES_Te: data4 0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d
+.type Te0#,@object
+Te0: data4 0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d
data4 0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554
data4 0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d
data4 0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a
@@ -866,271 +853,75 @@ AES_Te: data4 0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d
data4 0x4141c382, 0x9999b029, 0x2d2d775a, 0x0f0f111e
data4 0xb0b0cb7b, 0x5454fca8, 0xbbbbd66d, 0x16163a2c
// Te4:
- data4 0x63000000, 0x7c000000, 0x77000000, 0x7b000000
- data4 0xf2000000, 0x6b000000, 0x6f000000, 0xc5000000
- data4 0x30000000, 0x01000000, 0x67000000, 0x2b000000
- data4 0xfe000000, 0xd7000000, 0xab000000, 0x76000000
- data4 0xca000000, 0x82000000, 0xc9000000, 0x7d000000
- data4 0xfa000000, 0x59000000, 0x47000000, 0xf0000000
- data4 0xad000000, 0xd4000000, 0xa2000000, 0xaf000000
- data4 0x9c000000, 0xa4000000, 0x72000000, 0xc0000000
- data4 0xb7000000, 0xfd000000, 0x93000000, 0x26000000
- data4 0x36000000, 0x3f000000, 0xf7000000, 0xcc000000
- data4 0x34000000, 0xa5000000, 0xe5000000, 0xf1000000
- data4 0x71000000, 0xd8000000, 0x31000000, 0x15000000
- data4 0x04000000, 0xc7000000, 0x23000000, 0xc3000000
- data4 0x18000000, 0x96000000, 0x05000000, 0x9a000000
- data4 0x07000000, 0x12000000, 0x80000000, 0xe2000000
- data4 0xeb000000, 0x27000000, 0xb2000000, 0x75000000
- data4 0x09000000, 0x83000000, 0x2c000000, 0x1a000000
- data4 0x1b000000, 0x6e000000, 0x5a000000, 0xa0000000
- data4 0x52000000, 0x3b000000, 0xd6000000, 0xb3000000
- data4 0x29000000, 0xe3000000, 0x2f000000, 0x84000000
- data4 0x53000000, 0xd1000000, 0x00000000, 0xed000000
- data4 0x20000000, 0xfc000000, 0xb1000000, 0x5b000000
- data4 0x6a000000, 0xcb000000, 0xbe000000, 0x39000000
- data4 0x4a000000, 0x4c000000, 0x58000000, 0xcf000000
- data4 0xd0000000, 0xef000000, 0xaa000000, 0xfb000000
- data4 0x43000000, 0x4d000000, 0x33000000, 0x85000000
- data4 0x45000000, 0xf9000000, 0x02000000, 0x7f000000
- data4 0x50000000, 0x3c000000, 0x9f000000, 0xa8000000
- data4 0x51000000, 0xa3000000, 0x40000000, 0x8f000000
- data4 0x92000000, 0x9d000000, 0x38000000, 0xf5000000
- data4 0xbc000000, 0xb6000000, 0xda000000, 0x21000000
- data4 0x10000000, 0xff000000, 0xf3000000, 0xd2000000
- data4 0xcd000000, 0x0c000000, 0x13000000, 0xec000000
- data4 0x5f000000, 0x97000000, 0x44000000, 0x17000000
- data4 0xc4000000, 0xa7000000, 0x7e000000, 0x3d000000
- data4 0x64000000, 0x5d000000, 0x19000000, 0x73000000
- data4 0x60000000, 0x81000000, 0x4f000000, 0xdc000000
- data4 0x22000000, 0x2a000000, 0x90000000, 0x88000000
- data4 0x46000000, 0xee000000, 0xb8000000, 0x14000000
- data4 0xde000000, 0x5e000000, 0x0b000000, 0xdb000000
- data4 0xe0000000, 0x32000000, 0x3a000000, 0x0a000000
- data4 0x49000000, 0x06000000, 0x24000000, 0x5c000000
- data4 0xc2000000, 0xd3000000, 0xac000000, 0x62000000
- data4 0x91000000, 0x95000000, 0xe4000000, 0x79000000
- data4 0xe7000000, 0xc8000000, 0x37000000, 0x6d000000
- data4 0x8d000000, 0xd5000000, 0x4e000000, 0xa9000000
- data4 0x6c000000, 0x56000000, 0xf4000000, 0xea000000
- data4 0x65000000, 0x7a000000, 0xae000000, 0x08000000
- data4 0xba000000, 0x78000000, 0x25000000, 0x2e000000
- data4 0x1c000000, 0xa6000000, 0xb4000000, 0xc6000000
- data4 0xe8000000, 0xdd000000, 0x74000000, 0x1f000000
- data4 0x4b000000, 0xbd000000, 0x8b000000, 0x8a000000
- data4 0x70000000, 0x3e000000, 0xb5000000, 0x66000000
- data4 0x48000000, 0x03000000, 0xf6000000, 0x0e000000
- data4 0x61000000, 0x35000000, 0x57000000, 0xb9000000
- data4 0x86000000, 0xc1000000, 0x1d000000, 0x9e000000
- data4 0xe1000000, 0xf8000000, 0x98000000, 0x11000000
- data4 0x69000000, 0xd9000000, 0x8e000000, 0x94000000
- data4 0x9b000000, 0x1e000000, 0x87000000, 0xe9000000
- data4 0xce000000, 0x55000000, 0x28000000, 0xdf000000
- data4 0x8c000000, 0xa1000000, 0x89000000, 0x0d000000
- data4 0xbf000000, 0xe6000000, 0x42000000, 0x68000000
- data4 0x41000000, 0x99000000, 0x2d000000, 0x0f000000
- data4 0xb0000000, 0x54000000, 0xbb000000, 0x16000000
-// Te5:
- data4 0x00630000, 0x007c0000, 0x00770000, 0x007b0000
- data4 0x00f20000, 0x006b0000, 0x006f0000, 0x00c50000
- data4 0x00300000, 0x00010000, 0x00670000, 0x002b0000
- data4 0x00fe0000, 0x00d70000, 0x00ab0000, 0x00760000
- data4 0x00ca0000, 0x00820000, 0x00c90000, 0x007d0000
- data4 0x00fa0000, 0x00590000, 0x00470000, 0x00f00000
- data4 0x00ad0000, 0x00d40000, 0x00a20000, 0x00af0000
- data4 0x009c0000, 0x00a40000, 0x00720000, 0x00c00000
- data4 0x00b70000, 0x00fd0000, 0x00930000, 0x00260000
- data4 0x00360000, 0x003f0000, 0x00f70000, 0x00cc0000
- data4 0x00340000, 0x00a50000, 0x00e50000, 0x00f10000
- data4 0x00710000, 0x00d80000, 0x00310000, 0x00150000
- data4 0x00040000, 0x00c70000, 0x00230000, 0x00c30000
- data4 0x00180000, 0x00960000, 0x00050000, 0x009a0000
- data4 0x00070000, 0x00120000, 0x00800000, 0x00e20000
- data4 0x00eb0000, 0x00270000, 0x00b20000, 0x00750000
- data4 0x00090000, 0x00830000, 0x002c0000, 0x001a0000
- data4 0x001b0000, 0x006e0000, 0x005a0000, 0x00a00000
- data4 0x00520000, 0x003b0000, 0x00d60000, 0x00b30000
- data4 0x00290000, 0x00e30000, 0x002f0000, 0x00840000
- data4 0x00530000, 0x00d10000, 0x00000000, 0x00ed0000
- data4 0x00200000, 0x00fc0000, 0x00b10000, 0x005b0000
- data4 0x006a0000, 0x00cb0000, 0x00be0000, 0x00390000
- data4 0x004a0000, 0x004c0000, 0x00580000, 0x00cf0000
- data4 0x00d00000, 0x00ef0000, 0x00aa0000, 0x00fb0000
- data4 0x00430000, 0x004d0000, 0x00330000, 0x00850000
- data4 0x00450000, 0x00f90000, 0x00020000, 0x007f0000
- data4 0x00500000, 0x003c0000, 0x009f0000, 0x00a80000
- data4 0x00510000, 0x00a30000, 0x00400000, 0x008f0000
- data4 0x00920000, 0x009d0000, 0x00380000, 0x00f50000
- data4 0x00bc0000, 0x00b60000, 0x00da0000, 0x00210000
- data4 0x00100000, 0x00ff0000, 0x00f30000, 0x00d20000
- data4 0x00cd0000, 0x000c0000, 0x00130000, 0x00ec0000
- data4 0x005f0000, 0x00970000, 0x00440000, 0x00170000
- data4 0x00c40000, 0x00a70000, 0x007e0000, 0x003d0000
- data4 0x00640000, 0x005d0000, 0x00190000, 0x00730000
- data4 0x00600000, 0x00810000, 0x004f0000, 0x00dc0000
- data4 0x00220000, 0x002a0000, 0x00900000, 0x00880000
- data4 0x00460000, 0x00ee0000, 0x00b80000, 0x00140000
- data4 0x00de0000, 0x005e0000, 0x000b0000, 0x00db0000
- data4 0x00e00000, 0x00320000, 0x003a0000, 0x000a0000
- data4 0x00490000, 0x00060000, 0x00240000, 0x005c0000
- data4 0x00c20000, 0x00d30000, 0x00ac0000, 0x00620000
- data4 0x00910000, 0x00950000, 0x00e40000, 0x00790000
- data4 0x00e70000, 0x00c80000, 0x00370000, 0x006d0000
- data4 0x008d0000, 0x00d50000, 0x004e0000, 0x00a90000
- data4 0x006c0000, 0x00560000, 0x00f40000, 0x00ea0000
- data4 0x00650000, 0x007a0000, 0x00ae0000, 0x00080000
- data4 0x00ba0000, 0x00780000, 0x00250000, 0x002e0000
- data4 0x001c0000, 0x00a60000, 0x00b40000, 0x00c60000
- data4 0x00e80000, 0x00dd0000, 0x00740000, 0x001f0000
- data4 0x004b0000, 0x00bd0000, 0x008b0000, 0x008a0000
- data4 0x00700000, 0x003e0000, 0x00b50000, 0x00660000
- data4 0x00480000, 0x00030000, 0x00f60000, 0x000e0000
- data4 0x00610000, 0x00350000, 0x00570000, 0x00b90000
- data4 0x00860000, 0x00c10000, 0x001d0000, 0x009e0000
- data4 0x00e10000, 0x00f80000, 0x00980000, 0x00110000
- data4 0x00690000, 0x00d90000, 0x008e0000, 0x00940000
- data4 0x009b0000, 0x001e0000, 0x00870000, 0x00e90000
- data4 0x00ce0000, 0x00550000, 0x00280000, 0x00df0000
- data4 0x008c0000, 0x00a10000, 0x00890000, 0x000d0000
- data4 0x00bf0000, 0x00e60000, 0x00420000, 0x00680000
- data4 0x00410000, 0x00990000, 0x002d0000, 0x000f0000
- data4 0x00b00000, 0x00540000, 0x00bb0000, 0x00160000
-// Te6:
- data4 0x00006300, 0x00007c00, 0x00007700, 0x00007b00
- data4 0x0000f200, 0x00006b00, 0x00006f00, 0x0000c500
- data4 0x00003000, 0x00000100, 0x00006700, 0x00002b00
- data4 0x0000fe00, 0x0000d700, 0x0000ab00, 0x00007600
- data4 0x0000ca00, 0x00008200, 0x0000c900, 0x00007d00
- data4 0x0000fa00, 0x00005900, 0x00004700, 0x0000f000
- data4 0x0000ad00, 0x0000d400, 0x0000a200, 0x0000af00
- data4 0x00009c00, 0x0000a400, 0x00007200, 0x0000c000
- data4 0x0000b700, 0x0000fd00, 0x00009300, 0x00002600
- data4 0x00003600, 0x00003f00, 0x0000f700, 0x0000cc00
- data4 0x00003400, 0x0000a500, 0x0000e500, 0x0000f100
- data4 0x00007100, 0x0000d800, 0x00003100, 0x00001500
- data4 0x00000400, 0x0000c700, 0x00002300, 0x0000c300
- data4 0x00001800, 0x00009600, 0x00000500, 0x00009a00
- data4 0x00000700, 0x00001200, 0x00008000, 0x0000e200
- data4 0x0000eb00, 0x00002700, 0x0000b200, 0x00007500
- data4 0x00000900, 0x00008300, 0x00002c00, 0x00001a00
- data4 0x00001b00, 0x00006e00, 0x00005a00, 0x0000a000
- data4 0x00005200, 0x00003b00, 0x0000d600, 0x0000b300
- data4 0x00002900, 0x0000e300, 0x00002f00, 0x00008400
- data4 0x00005300, 0x0000d100, 0x00000000, 0x0000ed00
- data4 0x00002000, 0x0000fc00, 0x0000b100, 0x00005b00
- data4 0x00006a00, 0x0000cb00, 0x0000be00, 0x00003900
- data4 0x00004a00, 0x00004c00, 0x00005800, 0x0000cf00
- data4 0x0000d000, 0x0000ef00, 0x0000aa00, 0x0000fb00
- data4 0x00004300, 0x00004d00, 0x00003300, 0x00008500
- data4 0x00004500, 0x0000f900, 0x00000200, 0x00007f00
- data4 0x00005000, 0x00003c00, 0x00009f00, 0x0000a800
- data4 0x00005100, 0x0000a300, 0x00004000, 0x00008f00
- data4 0x00009200, 0x00009d00, 0x00003800, 0x0000f500
- data4 0x0000bc00, 0x0000b600, 0x0000da00, 0x00002100
- data4 0x00001000, 0x0000ff00, 0x0000f300, 0x0000d200
- data4 0x0000cd00, 0x00000c00, 0x00001300, 0x0000ec00
- data4 0x00005f00, 0x00009700, 0x00004400, 0x00001700
- data4 0x0000c400, 0x0000a700, 0x00007e00, 0x00003d00
- data4 0x00006400, 0x00005d00, 0x00001900, 0x00007300
- data4 0x00006000, 0x00008100, 0x00004f00, 0x0000dc00
- data4 0x00002200, 0x00002a00, 0x00009000, 0x00008800
- data4 0x00004600, 0x0000ee00, 0x0000b800, 0x00001400
- data4 0x0000de00, 0x00005e00, 0x00000b00, 0x0000db00
- data4 0x0000e000, 0x00003200, 0x00003a00, 0x00000a00
- data4 0x00004900, 0x00000600, 0x00002400, 0x00005c00
- data4 0x0000c200, 0x0000d300, 0x0000ac00, 0x00006200
- data4 0x00009100, 0x00009500, 0x0000e400, 0x00007900
- data4 0x0000e700, 0x0000c800, 0x00003700, 0x00006d00
- data4 0x00008d00, 0x0000d500, 0x00004e00, 0x0000a900
- data4 0x00006c00, 0x00005600, 0x0000f400, 0x0000ea00
- data4 0x00006500, 0x00007a00, 0x0000ae00, 0x00000800
- data4 0x0000ba00, 0x00007800, 0x00002500, 0x00002e00
- data4 0x00001c00, 0x0000a600, 0x0000b400, 0x0000c600
- data4 0x0000e800, 0x0000dd00, 0x00007400, 0x00001f00
- data4 0x00004b00, 0x0000bd00, 0x00008b00, 0x00008a00
- data4 0x00007000, 0x00003e00, 0x0000b500, 0x00006600
- data4 0x00004800, 0x00000300, 0x0000f600, 0x00000e00
- data4 0x00006100, 0x00003500, 0x00005700, 0x0000b900
- data4 0x00008600, 0x0000c100, 0x00001d00, 0x00009e00
- data4 0x0000e100, 0x0000f800, 0x00009800, 0x00001100
- data4 0x00006900, 0x0000d900, 0x00008e00, 0x00009400
- data4 0x00009b00, 0x00001e00, 0x00008700, 0x0000e900
- data4 0x0000ce00, 0x00005500, 0x00002800, 0x0000df00
- data4 0x00008c00, 0x0000a100, 0x00008900, 0x00000d00
- data4 0x0000bf00, 0x0000e600, 0x00004200, 0x00006800
- data4 0x00004100, 0x00009900, 0x00002d00, 0x00000f00
- data4 0x0000b000, 0x00005400, 0x0000bb00, 0x00001600
-// Te7:
- data4 0x00000063, 0x0000007c, 0x00000077, 0x0000007b
- data4 0x000000f2, 0x0000006b, 0x0000006f, 0x000000c5
- data4 0x00000030, 0x00000001, 0x00000067, 0x0000002b
- data4 0x000000fe, 0x000000d7, 0x000000ab, 0x00000076
- data4 0x000000ca, 0x00000082, 0x000000c9, 0x0000007d
- data4 0x000000fa, 0x00000059, 0x00000047, 0x000000f0
- data4 0x000000ad, 0x000000d4, 0x000000a2, 0x000000af
- data4 0x0000009c, 0x000000a4, 0x00000072, 0x000000c0
- data4 0x000000b7, 0x000000fd, 0x00000093, 0x00000026
- data4 0x00000036, 0x0000003f, 0x000000f7, 0x000000cc
- data4 0x00000034, 0x000000a5, 0x000000e5, 0x000000f1
- data4 0x00000071, 0x000000d8, 0x00000031, 0x00000015
- data4 0x00000004, 0x000000c7, 0x00000023, 0x000000c3
- data4 0x00000018, 0x00000096, 0x00000005, 0x0000009a
- data4 0x00000007, 0x00000012, 0x00000080, 0x000000e2
- data4 0x000000eb, 0x00000027, 0x000000b2, 0x00000075
- data4 0x00000009, 0x00000083, 0x0000002c, 0x0000001a
- data4 0x0000001b, 0x0000006e, 0x0000005a, 0x000000a0
- data4 0x00000052, 0x0000003b, 0x000000d6, 0x000000b3
- data4 0x00000029, 0x000000e3, 0x0000002f, 0x00000084
- data4 0x00000053, 0x000000d1, 0x00000000, 0x000000ed
- data4 0x00000020, 0x000000fc, 0x000000b1, 0x0000005b
- data4 0x0000006a, 0x000000cb, 0x000000be, 0x00000039
- data4 0x0000004a, 0x0000004c, 0x00000058, 0x000000cf
- data4 0x000000d0, 0x000000ef, 0x000000aa, 0x000000fb
- data4 0x00000043, 0x0000004d, 0x00000033, 0x00000085
- data4 0x00000045, 0x000000f9, 0x00000002, 0x0000007f
- data4 0x00000050, 0x0000003c, 0x0000009f, 0x000000a8
- data4 0x00000051, 0x000000a3, 0x00000040, 0x0000008f
- data4 0x00000092, 0x0000009d, 0x00000038, 0x000000f5
- data4 0x000000bc, 0x000000b6, 0x000000da, 0x00000021
- data4 0x00000010, 0x000000ff, 0x000000f3, 0x000000d2
- data4 0x000000cd, 0x0000000c, 0x00000013, 0x000000ec
- data4 0x0000005f, 0x00000097, 0x00000044, 0x00000017
- data4 0x000000c4, 0x000000a7, 0x0000007e, 0x0000003d
- data4 0x00000064, 0x0000005d, 0x00000019, 0x00000073
- data4 0x00000060, 0x00000081, 0x0000004f, 0x000000dc
- data4 0x00000022, 0x0000002a, 0x00000090, 0x00000088
- data4 0x00000046, 0x000000ee, 0x000000b8, 0x00000014
- data4 0x000000de, 0x0000005e, 0x0000000b, 0x000000db
- data4 0x000000e0, 0x00000032, 0x0000003a, 0x0000000a
- data4 0x00000049, 0x00000006, 0x00000024, 0x0000005c
- data4 0x000000c2, 0x000000d3, 0x000000ac, 0x00000062
- data4 0x00000091, 0x00000095, 0x000000e4, 0x00000079
- data4 0x000000e7, 0x000000c8, 0x00000037, 0x0000006d
- data4 0x0000008d, 0x000000d5, 0x0000004e, 0x000000a9
- data4 0x0000006c, 0x00000056, 0x000000f4, 0x000000ea
- data4 0x00000065, 0x0000007a, 0x000000ae, 0x00000008
- data4 0x000000ba, 0x00000078, 0x00000025, 0x0000002e
- data4 0x0000001c, 0x000000a6, 0x000000b4, 0x000000c6
- data4 0x000000e8, 0x000000dd, 0x00000074, 0x0000001f
- data4 0x0000004b, 0x000000bd, 0x0000008b, 0x0000008a
- data4 0x00000070, 0x0000003e, 0x000000b5, 0x00000066
- data4 0x00000048, 0x00000003, 0x000000f6, 0x0000000e
- data4 0x00000061, 0x00000035, 0x00000057, 0x000000b9
- data4 0x00000086, 0x000000c1, 0x0000001d, 0x0000009e
- data4 0x000000e1, 0x000000f8, 0x00000098, 0x00000011
- data4 0x00000069, 0x000000d9, 0x0000008e, 0x00000094
- data4 0x0000009b, 0x0000001e, 0x00000087, 0x000000e9
- data4 0x000000ce, 0x00000055, 0x00000028, 0x000000df
- data4 0x0000008c, 0x000000a1, 0x00000089, 0x0000000d
- data4 0x000000bf, 0x000000e6, 0x00000042, 0x00000068
- data4 0x00000041, 0x00000099, 0x0000002d, 0x0000000f
- data4 0x000000b0, 0x00000054, 0x000000bb, 0x00000016
-.size AES_Te#,8*256*4 // HP-UX assembler fails to ".-AES_Te#"
+ data4 0x63636363, 0x7c7c7c7c, 0x77777777, 0x7b7b7b7b
+ data4 0xf2f2f2f2, 0x6b6b6b6b, 0x6f6f6f6f, 0xc5c5c5c5
+ data4 0x30303030, 0x01010101, 0x67676767, 0x2b2b2b2b
+ data4 0xfefefefe, 0xd7d7d7d7, 0xabababab, 0x76767676
+ data4 0xcacacaca, 0x82828282, 0xc9c9c9c9, 0x7d7d7d7d
+ data4 0xfafafafa, 0x59595959, 0x47474747, 0xf0f0f0f0
+ data4 0xadadadad, 0xd4d4d4d4, 0xa2a2a2a2, 0xafafafaf
+ data4 0x9c9c9c9c, 0xa4a4a4a4, 0x72727272, 0xc0c0c0c0
+ data4 0xb7b7b7b7, 0xfdfdfdfd, 0x93939393, 0x26262626
+ data4 0x36363636, 0x3f3f3f3f, 0xf7f7f7f7, 0xcccccccc
+ data4 0x34343434, 0xa5a5a5a5, 0xe5e5e5e5, 0xf1f1f1f1
+ data4 0x71717171, 0xd8d8d8d8, 0x31313131, 0x15151515
+ data4 0x04040404, 0xc7c7c7c7, 0x23232323, 0xc3c3c3c3
+ data4 0x18181818, 0x96969696, 0x05050505, 0x9a9a9a9a
+ data4 0x07070707, 0x12121212, 0x80808080, 0xe2e2e2e2
+ data4 0xebebebeb, 0x27272727, 0xb2b2b2b2, 0x75757575
+ data4 0x09090909, 0x83838383, 0x2c2c2c2c, 0x1a1a1a1a
+ data4 0x1b1b1b1b, 0x6e6e6e6e, 0x5a5a5a5a, 0xa0a0a0a0
+ data4 0x52525252, 0x3b3b3b3b, 0xd6d6d6d6, 0xb3b3b3b3
+ data4 0x29292929, 0xe3e3e3e3, 0x2f2f2f2f, 0x84848484
+ data4 0x53535353, 0xd1d1d1d1, 0x00000000, 0xedededed
+ data4 0x20202020, 0xfcfcfcfc, 0xb1b1b1b1, 0x5b5b5b5b
+ data4 0x6a6a6a6a, 0xcbcbcbcb, 0xbebebebe, 0x39393939
+ data4 0x4a4a4a4a, 0x4c4c4c4c, 0x58585858, 0xcfcfcfcf
+ data4 0xd0d0d0d0, 0xefefefef, 0xaaaaaaaa, 0xfbfbfbfb
+ data4 0x43434343, 0x4d4d4d4d, 0x33333333, 0x85858585
+ data4 0x45454545, 0xf9f9f9f9, 0x02020202, 0x7f7f7f7f
+ data4 0x50505050, 0x3c3c3c3c, 0x9f9f9f9f, 0xa8a8a8a8
+ data4 0x51515151, 0xa3a3a3a3, 0x40404040, 0x8f8f8f8f
+ data4 0x92929292, 0x9d9d9d9d, 0x38383838, 0xf5f5f5f5
+ data4 0xbcbcbcbc, 0xb6b6b6b6, 0xdadadada, 0x21212121
+ data4 0x10101010, 0xffffffff, 0xf3f3f3f3, 0xd2d2d2d2
+ data4 0xcdcdcdcd, 0x0c0c0c0c, 0x13131313, 0xecececec
+ data4 0x5f5f5f5f, 0x97979797, 0x44444444, 0x17171717
+ data4 0xc4c4c4c4, 0xa7a7a7a7, 0x7e7e7e7e, 0x3d3d3d3d
+ data4 0x64646464, 0x5d5d5d5d, 0x19191919, 0x73737373
+ data4 0x60606060, 0x81818181, 0x4f4f4f4f, 0xdcdcdcdc
+ data4 0x22222222, 0x2a2a2a2a, 0x90909090, 0x88888888
+ data4 0x46464646, 0xeeeeeeee, 0xb8b8b8b8, 0x14141414
+ data4 0xdededede, 0x5e5e5e5e, 0x0b0b0b0b, 0xdbdbdbdb
+ data4 0xe0e0e0e0, 0x32323232, 0x3a3a3a3a, 0x0a0a0a0a
+ data4 0x49494949, 0x06060606, 0x24242424, 0x5c5c5c5c
+ data4 0xc2c2c2c2, 0xd3d3d3d3, 0xacacacac, 0x62626262
+ data4 0x91919191, 0x95959595, 0xe4e4e4e4, 0x79797979
+ data4 0xe7e7e7e7, 0xc8c8c8c8, 0x37373737, 0x6d6d6d6d
+ data4 0x8d8d8d8d, 0xd5d5d5d5, 0x4e4e4e4e, 0xa9a9a9a9
+ data4 0x6c6c6c6c, 0x56565656, 0xf4f4f4f4, 0xeaeaeaea
+ data4 0x65656565, 0x7a7a7a7a, 0xaeaeaeae, 0x08080808
+ data4 0xbabababa, 0x78787878, 0x25252525, 0x2e2e2e2e
+ data4 0x1c1c1c1c, 0xa6a6a6a6, 0xb4b4b4b4, 0xc6c6c6c6
+ data4 0xe8e8e8e8, 0xdddddddd, 0x74747474, 0x1f1f1f1f
+ data4 0x4b4b4b4b, 0xbdbdbdbd, 0x8b8b8b8b, 0x8a8a8a8a
+ data4 0x70707070, 0x3e3e3e3e, 0xb5b5b5b5, 0x66666666
+ data4 0x48484848, 0x03030303, 0xf6f6f6f6, 0x0e0e0e0e
+ data4 0x61616161, 0x35353535, 0x57575757, 0xb9b9b9b9
+ data4 0x86868686, 0xc1c1c1c1, 0x1d1d1d1d, 0x9e9e9e9e
+ data4 0xe1e1e1e1, 0xf8f8f8f8, 0x98989898, 0x11111111
+ data4 0x69696969, 0xd9d9d9d9, 0x8e8e8e8e, 0x94949494
+ data4 0x9b9b9b9b, 0x1e1e1e1e, 0x87878787, 0xe9e9e9e9
+ data4 0xcececece, 0x55555555, 0x28282828, 0xdfdfdfdf
+ data4 0x8c8c8c8c, 0xa1a1a1a1, 0x89898989, 0x0d0d0d0d
+ data4 0xbfbfbfbf, 0xe6e6e6e6, 0x42424242, 0x68686868
+ data4 0x41414141, 0x99999999, 0x2d2d2d2d, 0x0f0f0f0f
+ data4 0xb0b0b0b0, 0x54545454, 0xbbbbbbbb, 0x16161616
+.size Te0#,5*256*4 // HP-UX assembler fails to ".-Te0#"
.align 64
-.global AES_Td#
-.type AES_Td#,@object
-AES_Td: data4 0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96
+.type Td0#,@object
+Td0: data4 0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96
data4 0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393
data4 0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25
data4 0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f
@@ -1390,263 +1181,68 @@ AES_Td: data4 0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96
data4 0xa8017139, 0x0cb3de08, 0xb4e49cd8, 0x56c19064
data4 0xcb84617b, 0x32b670d5, 0x6c5c7448, 0xb85742d0
// Td4:
- data4 0x52000000, 0x09000000, 0x6a000000, 0xd5000000
- data4 0x30000000, 0x36000000, 0xa5000000, 0x38000000
- data4 0xbf000000, 0x40000000, 0xa3000000, 0x9e000000
- data4 0x81000000, 0xf3000000, 0xd7000000, 0xfb000000
- data4 0x7c000000, 0xe3000000, 0x39000000, 0x82000000
- data4 0x9b000000, 0x2f000000, 0xff000000, 0x87000000
- data4 0x34000000, 0x8e000000, 0x43000000, 0x44000000
- data4 0xc4000000, 0xde000000, 0xe9000000, 0xcb000000
- data4 0x54000000, 0x7b000000, 0x94000000, 0x32000000
- data4 0xa6000000, 0xc2000000, 0x23000000, 0x3d000000
- data4 0xee000000, 0x4c000000, 0x95000000, 0x0b000000
- data4 0x42000000, 0xfa000000, 0xc3000000, 0x4e000000
- data4 0x08000000, 0x2e000000, 0xa1000000, 0x66000000
- data4 0x28000000, 0xd9000000, 0x24000000, 0xb2000000
- data4 0x76000000, 0x5b000000, 0xa2000000, 0x49000000
- data4 0x6d000000, 0x8b000000, 0xd1000000, 0x25000000
- data4 0x72000000, 0xf8000000, 0xf6000000, 0x64000000
- data4 0x86000000, 0x68000000, 0x98000000, 0x16000000
- data4 0xd4000000, 0xa4000000, 0x5c000000, 0xcc000000
- data4 0x5d000000, 0x65000000, 0xb6000000, 0x92000000
- data4 0x6c000000, 0x70000000, 0x48000000, 0x50000000
- data4 0xfd000000, 0xed000000, 0xb9000000, 0xda000000
- data4 0x5e000000, 0x15000000, 0x46000000, 0x57000000
- data4 0xa7000000, 0x8d000000, 0x9d000000, 0x84000000
- data4 0x90000000, 0xd8000000, 0xab000000, 0x00000000
- data4 0x8c000000, 0xbc000000, 0xd3000000, 0x0a000000
- data4 0xf7000000, 0xe4000000, 0x58000000, 0x05000000
- data4 0xb8000000, 0xb3000000, 0x45000000, 0x06000000
- data4 0xd0000000, 0x2c000000, 0x1e000000, 0x8f000000
- data4 0xca000000, 0x3f000000, 0x0f000000, 0x02000000
- data4 0xc1000000, 0xaf000000, 0xbd000000, 0x03000000
- data4 0x01000000, 0x13000000, 0x8a000000, 0x6b000000
- data4 0x3a000000, 0x91000000, 0x11000000, 0x41000000
- data4 0x4f000000, 0x67000000, 0xdc000000, 0xea000000
- data4 0x97000000, 0xf2000000, 0xcf000000, 0xce000000
- data4 0xf0000000, 0xb4000000, 0xe6000000, 0x73000000
- data4 0x96000000, 0xac000000, 0x74000000, 0x22000000
- data4 0xe7000000, 0xad000000, 0x35000000, 0x85000000
- data4 0xe2000000, 0xf9000000, 0x37000000, 0xe8000000
- data4 0x1c000000, 0x75000000, 0xdf000000, 0x6e000000
- data4 0x47000000, 0xf1000000, 0x1a000000, 0x71000000
- data4 0x1d000000, 0x29000000, 0xc5000000, 0x89000000
- data4 0x6f000000, 0xb7000000, 0x62000000, 0x0e000000
- data4 0xaa000000, 0x18000000, 0xbe000000, 0x1b000000
- data4 0xfc000000, 0x56000000, 0x3e000000, 0x4b000000
- data4 0xc6000000, 0xd2000000, 0x79000000, 0x20000000
- data4 0x9a000000, 0xdb000000, 0xc0000000, 0xfe000000
- data4 0x78000000, 0xcd000000, 0x5a000000, 0xf4000000
- data4 0x1f000000, 0xdd000000, 0xa8000000, 0x33000000
- data4 0x88000000, 0x07000000, 0xc7000000, 0x31000000
- data4 0xb1000000, 0x12000000, 0x10000000, 0x59000000
- data4 0x27000000, 0x80000000, 0xec000000, 0x5f000000
- data4 0x60000000, 0x51000000, 0x7f000000, 0xa9000000
- data4 0x19000000, 0xb5000000, 0x4a000000, 0x0d000000
- data4 0x2d000000, 0xe5000000, 0x7a000000, 0x9f000000
- data4 0x93000000, 0xc9000000, 0x9c000000, 0xef000000
- data4 0xa0000000, 0xe0000000, 0x3b000000, 0x4d000000
- data4 0xae000000, 0x2a000000, 0xf5000000, 0xb0000000
- data4 0xc8000000, 0xeb000000, 0xbb000000, 0x3c000000
- data4 0x83000000, 0x53000000, 0x99000000, 0x61000000
- data4 0x17000000, 0x2b000000, 0x04000000, 0x7e000000
- data4 0xba000000, 0x77000000, 0xd6000000, 0x26000000
- data4 0xe1000000, 0x69000000, 0x14000000, 0x63000000
- data4 0x55000000, 0x21000000, 0x0c000000, 0x7d000000
-// Td5:
- data4 0x00520000, 0x00090000, 0x006a0000, 0x00d50000
- data4 0x00300000, 0x00360000, 0x00a50000, 0x00380000
- data4 0x00bf0000, 0x00400000, 0x00a30000, 0x009e0000
- data4 0x00810000, 0x00f30000, 0x00d70000, 0x00fb0000
- data4 0x007c0000, 0x00e30000, 0x00390000, 0x00820000
- data4 0x009b0000, 0x002f0000, 0x00ff0000, 0x00870000
- data4 0x00340000, 0x008e0000, 0x00430000, 0x00440000
- data4 0x00c40000, 0x00de0000, 0x00e90000, 0x00cb0000
- data4 0x00540000, 0x007b0000, 0x00940000, 0x00320000
- data4 0x00a60000, 0x00c20000, 0x00230000, 0x003d0000
- data4 0x00ee0000, 0x004c0000, 0x00950000, 0x000b0000
- data4 0x00420000, 0x00fa0000, 0x00c30000, 0x004e0000
- data4 0x00080000, 0x002e0000, 0x00a10000, 0x00660000
- data4 0x00280000, 0x00d90000, 0x00240000, 0x00b20000
- data4 0x00760000, 0x005b0000, 0x00a20000, 0x00490000
- data4 0x006d0000, 0x008b0000, 0x00d10000, 0x00250000
- data4 0x00720000, 0x00f80000, 0x00f60000, 0x00640000
- data4 0x00860000, 0x00680000, 0x00980000, 0x00160000
- data4 0x00d40000, 0x00a40000, 0x005c0000, 0x00cc0000
- data4 0x005d0000, 0x00650000, 0x00b60000, 0x00920000
- data4 0x006c0000, 0x00700000, 0x00480000, 0x00500000
- data4 0x00fd0000, 0x00ed0000, 0x00b90000, 0x00da0000
- data4 0x005e0000, 0x00150000, 0x00460000, 0x00570000
- data4 0x00a70000, 0x008d0000, 0x009d0000, 0x00840000
- data4 0x00900000, 0x00d80000, 0x00ab0000, 0x00000000
- data4 0x008c0000, 0x00bc0000, 0x00d30000, 0x000a0000
- data4 0x00f70000, 0x00e40000, 0x00580000, 0x00050000
- data4 0x00b80000, 0x00b30000, 0x00450000, 0x00060000
- data4 0x00d00000, 0x002c0000, 0x001e0000, 0x008f0000
- data4 0x00ca0000, 0x003f0000, 0x000f0000, 0x00020000
- data4 0x00c10000, 0x00af0000, 0x00bd0000, 0x00030000
- data4 0x00010000, 0x00130000, 0x008a0000, 0x006b0000
- data4 0x003a0000, 0x00910000, 0x00110000, 0x00410000
- data4 0x004f0000, 0x00670000, 0x00dc0000, 0x00ea0000
- data4 0x00970000, 0x00f20000, 0x00cf0000, 0x00ce0000
- data4 0x00f00000, 0x00b40000, 0x00e60000, 0x00730000
- data4 0x00960000, 0x00ac0000, 0x00740000, 0x00220000
- data4 0x00e70000, 0x00ad0000, 0x00350000, 0x00850000
- data4 0x00e20000, 0x00f90000, 0x00370000, 0x00e80000
- data4 0x001c0000, 0x00750000, 0x00df0000, 0x006e0000
- data4 0x00470000, 0x00f10000, 0x001a0000, 0x00710000
- data4 0x001d0000, 0x00290000, 0x00c50000, 0x00890000
- data4 0x006f0000, 0x00b70000, 0x00620000, 0x000e0000
- data4 0x00aa0000, 0x00180000, 0x00be0000, 0x001b0000
- data4 0x00fc0000, 0x00560000, 0x003e0000, 0x004b0000
- data4 0x00c60000, 0x00d20000, 0x00790000, 0x00200000
- data4 0x009a0000, 0x00db0000, 0x00c00000, 0x00fe0000
- data4 0x00780000, 0x00cd0000, 0x005a0000, 0x00f40000
- data4 0x001f0000, 0x00dd0000, 0x00a80000, 0x00330000
- data4 0x00880000, 0x00070000, 0x00c70000, 0x00310000
- data4 0x00b10000, 0x00120000, 0x00100000, 0x00590000
- data4 0x00270000, 0x00800000, 0x00ec0000, 0x005f0000
- data4 0x00600000, 0x00510000, 0x007f0000, 0x00a90000
- data4 0x00190000, 0x00b50000, 0x004a0000, 0x000d0000
- data4 0x002d0000, 0x00e50000, 0x007a0000, 0x009f0000
- data4 0x00930000, 0x00c90000, 0x009c0000, 0x00ef0000
- data4 0x00a00000, 0x00e00000, 0x003b0000, 0x004d0000
- data4 0x00ae0000, 0x002a0000, 0x00f50000, 0x00b00000
- data4 0x00c80000, 0x00eb0000, 0x00bb0000, 0x003c0000
- data4 0x00830000, 0x00530000, 0x00990000, 0x00610000
- data4 0x00170000, 0x002b0000, 0x00040000, 0x007e0000
- data4 0x00ba0000, 0x00770000, 0x00d60000, 0x00260000
- data4 0x00e10000, 0x00690000, 0x00140000, 0x00630000
- data4 0x00550000, 0x00210000, 0x000c0000, 0x007d0000
-// Td6:
- data4 0x00005200, 0x00000900, 0x00006a00, 0x0000d500
- data4 0x00003000, 0x00003600, 0x0000a500, 0x00003800
- data4 0x0000bf00, 0x00004000, 0x0000a300, 0x00009e00
- data4 0x00008100, 0x0000f300, 0x0000d700, 0x0000fb00
- data4 0x00007c00, 0x0000e300, 0x00003900, 0x00008200
- data4 0x00009b00, 0x00002f00, 0x0000ff00, 0x00008700
- data4 0x00003400, 0x00008e00, 0x00004300, 0x00004400
- data4 0x0000c400, 0x0000de00, 0x0000e900, 0x0000cb00
- data4 0x00005400, 0x00007b00, 0x00009400, 0x00003200
- data4 0x0000a600, 0x0000c200, 0x00002300, 0x00003d00
- data4 0x0000ee00, 0x00004c00, 0x00009500, 0x00000b00
- data4 0x00004200, 0x0000fa00, 0x0000c300, 0x00004e00
- data4 0x00000800, 0x00002e00, 0x0000a100, 0x00006600
- data4 0x00002800, 0x0000d900, 0x00002400, 0x0000b200
- data4 0x00007600, 0x00005b00, 0x0000a200, 0x00004900
- data4 0x00006d00, 0x00008b00, 0x0000d100, 0x00002500
- data4 0x00007200, 0x0000f800, 0x0000f600, 0x00006400
- data4 0x00008600, 0x00006800, 0x00009800, 0x00001600
- data4 0x0000d400, 0x0000a400, 0x00005c00, 0x0000cc00
- data4 0x00005d00, 0x00006500, 0x0000b600, 0x00009200
- data4 0x00006c00, 0x00007000, 0x00004800, 0x00005000
- data4 0x0000fd00, 0x0000ed00, 0x0000b900, 0x0000da00
- data4 0x00005e00, 0x00001500, 0x00004600, 0x00005700
- data4 0x0000a700, 0x00008d00, 0x00009d00, 0x00008400
- data4 0x00009000, 0x0000d800, 0x0000ab00, 0x00000000
- data4 0x00008c00, 0x0000bc00, 0x0000d300, 0x00000a00
- data4 0x0000f700, 0x0000e400, 0x00005800, 0x00000500
- data4 0x0000b800, 0x0000b300, 0x00004500, 0x00000600
- data4 0x0000d000, 0x00002c00, 0x00001e00, 0x00008f00
- data4 0x0000ca00, 0x00003f00, 0x00000f00, 0x00000200
- data4 0x0000c100, 0x0000af00, 0x0000bd00, 0x00000300
- data4 0x00000100, 0x00001300, 0x00008a00, 0x00006b00
- data4 0x00003a00, 0x00009100, 0x00001100, 0x00004100
- data4 0x00004f00, 0x00006700, 0x0000dc00, 0x0000ea00
- data4 0x00009700, 0x0000f200, 0x0000cf00, 0x0000ce00
- data4 0x0000f000, 0x0000b400, 0x0000e600, 0x00007300
- data4 0x00009600, 0x0000ac00, 0x00007400, 0x00002200
- data4 0x0000e700, 0x0000ad00, 0x00003500, 0x00008500
- data4 0x0000e200, 0x0000f900, 0x00003700, 0x0000e800
- data4 0x00001c00, 0x00007500, 0x0000df00, 0x00006e00
- data4 0x00004700, 0x0000f100, 0x00001a00, 0x00007100
- data4 0x00001d00, 0x00002900, 0x0000c500, 0x00008900
- data4 0x00006f00, 0x0000b700, 0x00006200, 0x00000e00
- data4 0x0000aa00, 0x00001800, 0x0000be00, 0x00001b00
- data4 0x0000fc00, 0x00005600, 0x00003e00, 0x00004b00
- data4 0x0000c600, 0x0000d200, 0x00007900, 0x00002000
- data4 0x00009a00, 0x0000db00, 0x0000c000, 0x0000fe00
- data4 0x00007800, 0x0000cd00, 0x00005a00, 0x0000f400
- data4 0x00001f00, 0x0000dd00, 0x0000a800, 0x00003300
- data4 0x00008800, 0x00000700, 0x0000c700, 0x00003100
- data4 0x0000b100, 0x00001200, 0x00001000, 0x00005900
- data4 0x00002700, 0x00008000, 0x0000ec00, 0x00005f00
- data4 0x00006000, 0x00005100, 0x00007f00, 0x0000a900
- data4 0x00001900, 0x0000b500, 0x00004a00, 0x00000d00
- data4 0x00002d00, 0x0000e500, 0x00007a00, 0x00009f00
- data4 0x00009300, 0x0000c900, 0x00009c00, 0x0000ef00
- data4 0x0000a000, 0x0000e000, 0x00003b00, 0x00004d00
- data4 0x0000ae00, 0x00002a00, 0x0000f500, 0x0000b000
- data4 0x0000c800, 0x0000eb00, 0x0000bb00, 0x00003c00
- data4 0x00008300, 0x00005300, 0x00009900, 0x00006100
- data4 0x00001700, 0x00002b00, 0x00000400, 0x00007e00
- data4 0x0000ba00, 0x00007700, 0x0000d600, 0x00002600
- data4 0x0000e100, 0x00006900, 0x00001400, 0x00006300
- data4 0x00005500, 0x00002100, 0x00000c00, 0x00007d00
-// Td7:
- data4 0x00000052, 0x00000009, 0x0000006a, 0x000000d5
- data4 0x00000030, 0x00000036, 0x000000a5, 0x00000038
- data4 0x000000bf, 0x00000040, 0x000000a3, 0x0000009e
- data4 0x00000081, 0x000000f3, 0x000000d7, 0x000000fb
- data4 0x0000007c, 0x000000e3, 0x00000039, 0x00000082
- data4 0x0000009b, 0x0000002f, 0x000000ff, 0x00000087
- data4 0x00000034, 0x0000008e, 0x00000043, 0x00000044
- data4 0x000000c4, 0x000000de, 0x000000e9, 0x000000cb
- data4 0x00000054, 0x0000007b, 0x00000094, 0x00000032
- data4 0x000000a6, 0x000000c2, 0x00000023, 0x0000003d
- data4 0x000000ee, 0x0000004c, 0x00000095, 0x0000000b
- data4 0x00000042, 0x000000fa, 0x000000c3, 0x0000004e
- data4 0x00000008, 0x0000002e, 0x000000a1, 0x00000066
- data4 0x00000028, 0x000000d9, 0x00000024, 0x000000b2
- data4 0x00000076, 0x0000005b, 0x000000a2, 0x00000049
- data4 0x0000006d, 0x0000008b, 0x000000d1, 0x00000025
- data4 0x00000072, 0x000000f8, 0x000000f6, 0x00000064
- data4 0x00000086, 0x00000068, 0x00000098, 0x00000016
- data4 0x000000d4, 0x000000a4, 0x0000005c, 0x000000cc
- data4 0x0000005d, 0x00000065, 0x000000b6, 0x00000092
- data4 0x0000006c, 0x00000070, 0x00000048, 0x00000050
- data4 0x000000fd, 0x000000ed, 0x000000b9, 0x000000da
- data4 0x0000005e, 0x00000015, 0x00000046, 0x00000057
- data4 0x000000a7, 0x0000008d, 0x0000009d, 0x00000084
- data4 0x00000090, 0x000000d8, 0x000000ab, 0x00000000
- data4 0x0000008c, 0x000000bc, 0x000000d3, 0x0000000a
- data4 0x000000f7, 0x000000e4, 0x00000058, 0x00000005
- data4 0x000000b8, 0x000000b3, 0x00000045, 0x00000006
- data4 0x000000d0, 0x0000002c, 0x0000001e, 0x0000008f
- data4 0x000000ca, 0x0000003f, 0x0000000f, 0x00000002
- data4 0x000000c1, 0x000000af, 0x000000bd, 0x00000003
- data4 0x00000001, 0x00000013, 0x0000008a, 0x0000006b
- data4 0x0000003a, 0x00000091, 0x00000011, 0x00000041
- data4 0x0000004f, 0x00000067, 0x000000dc, 0x000000ea
- data4 0x00000097, 0x000000f2, 0x000000cf, 0x000000ce
- data4 0x000000f0, 0x000000b4, 0x000000e6, 0x00000073
- data4 0x00000096, 0x000000ac, 0x00000074, 0x00000022
- data4 0x000000e7, 0x000000ad, 0x00000035, 0x00000085
- data4 0x000000e2, 0x000000f9, 0x00000037, 0x000000e8
- data4 0x0000001c, 0x00000075, 0x000000df, 0x0000006e
- data4 0x00000047, 0x000000f1, 0x0000001a, 0x00000071
- data4 0x0000001d, 0x00000029, 0x000000c5, 0x00000089
- data4 0x0000006f, 0x000000b7, 0x00000062, 0x0000000e
- data4 0x000000aa, 0x00000018, 0x000000be, 0x0000001b
- data4 0x000000fc, 0x00000056, 0x0000003e, 0x0000004b
- data4 0x000000c6, 0x000000d2, 0x00000079, 0x00000020
- data4 0x0000009a, 0x000000db, 0x000000c0, 0x000000fe
- data4 0x00000078, 0x000000cd, 0x0000005a, 0x000000f4
- data4 0x0000001f, 0x000000dd, 0x000000a8, 0x00000033
- data4 0x00000088, 0x00000007, 0x000000c7, 0x00000031
- data4 0x000000b1, 0x00000012, 0x00000010, 0x00000059
- data4 0x00000027, 0x00000080, 0x000000ec, 0x0000005f
- data4 0x00000060, 0x00000051, 0x0000007f, 0x000000a9
- data4 0x00000019, 0x000000b5, 0x0000004a, 0x0000000d
- data4 0x0000002d, 0x000000e5, 0x0000007a, 0x0000009f
- data4 0x00000093, 0x000000c9, 0x0000009c, 0x000000ef
- data4 0x000000a0, 0x000000e0, 0x0000003b, 0x0000004d
- data4 0x000000ae, 0x0000002a, 0x000000f5, 0x000000b0
- data4 0x000000c8, 0x000000eb, 0x000000bb, 0x0000003c
- data4 0x00000083, 0x00000053, 0x00000099, 0x00000061
- data4 0x00000017, 0x0000002b, 0x00000004, 0x0000007e
- data4 0x000000ba, 0x00000077, 0x000000d6, 0x00000026
- data4 0x000000e1, 0x00000069, 0x00000014, 0x00000063
- data4 0x00000055, 0x00000021, 0x0000000c, 0x0000007d
-.size AES_Td#,8*256*4 // HP-UX assembler fails to ".-AES_Td#"
+ data4 0x52525252, 0x09090909, 0x6a6a6a6a, 0xd5d5d5d5
+ data4 0x30303030, 0x36363636, 0xa5a5a5a5, 0x38383838
+ data4 0xbfbfbfbf, 0x40404040, 0xa3a3a3a3, 0x9e9e9e9e
+ data4 0x81818181, 0xf3f3f3f3, 0xd7d7d7d7, 0xfbfbfbfb
+ data4 0x7c7c7c7c, 0xe3e3e3e3, 0x39393939, 0x82828282
+ data4 0x9b9b9b9b, 0x2f2f2f2f, 0xffffffff, 0x87878787
+ data4 0x34343434, 0x8e8e8e8e, 0x43434343, 0x44444444
+ data4 0xc4c4c4c4, 0xdededede, 0xe9e9e9e9, 0xcbcbcbcb
+ data4 0x54545454, 0x7b7b7b7b, 0x94949494, 0x32323232
+ data4 0xa6a6a6a6, 0xc2c2c2c2, 0x23232323, 0x3d3d3d3d
+ data4 0xeeeeeeee, 0x4c4c4c4c, 0x95959595, 0x0b0b0b0b
+ data4 0x42424242, 0xfafafafa, 0xc3c3c3c3, 0x4e4e4e4e
+ data4 0x08080808, 0x2e2e2e2e, 0xa1a1a1a1, 0x66666666
+ data4 0x28282828, 0xd9d9d9d9, 0x24242424, 0xb2b2b2b2
+ data4 0x76767676, 0x5b5b5b5b, 0xa2a2a2a2, 0x49494949
+ data4 0x6d6d6d6d, 0x8b8b8b8b, 0xd1d1d1d1, 0x25252525
+ data4 0x72727272, 0xf8f8f8f8, 0xf6f6f6f6, 0x64646464
+ data4 0x86868686, 0x68686868, 0x98989898, 0x16161616
+ data4 0xd4d4d4d4, 0xa4a4a4a4, 0x5c5c5c5c, 0xcccccccc
+ data4 0x5d5d5d5d, 0x65656565, 0xb6b6b6b6, 0x92929292
+ data4 0x6c6c6c6c, 0x70707070, 0x48484848, 0x50505050
+ data4 0xfdfdfdfd, 0xedededed, 0xb9b9b9b9, 0xdadadada
+ data4 0x5e5e5e5e, 0x15151515, 0x46464646, 0x57575757
+ data4 0xa7a7a7a7, 0x8d8d8d8d, 0x9d9d9d9d, 0x84848484
+ data4 0x90909090, 0xd8d8d8d8, 0xabababab, 0x00000000
+ data4 0x8c8c8c8c, 0xbcbcbcbc, 0xd3d3d3d3, 0x0a0a0a0a
+ data4 0xf7f7f7f7, 0xe4e4e4e4, 0x58585858, 0x05050505
+ data4 0xb8b8b8b8, 0xb3b3b3b3, 0x45454545, 0x06060606
+ data4 0xd0d0d0d0, 0x2c2c2c2c, 0x1e1e1e1e, 0x8f8f8f8f
+ data4 0xcacacaca, 0x3f3f3f3f, 0x0f0f0f0f, 0x02020202
+ data4 0xc1c1c1c1, 0xafafafaf, 0xbdbdbdbd, 0x03030303
+ data4 0x01010101, 0x13131313, 0x8a8a8a8a, 0x6b6b6b6b
+ data4 0x3a3a3a3a, 0x91919191, 0x11111111, 0x41414141
+ data4 0x4f4f4f4f, 0x67676767, 0xdcdcdcdc, 0xeaeaeaea
+ data4 0x97979797, 0xf2f2f2f2, 0xcfcfcfcf, 0xcececece
+ data4 0xf0f0f0f0, 0xb4b4b4b4, 0xe6e6e6e6, 0x73737373
+ data4 0x96969696, 0xacacacac, 0x74747474, 0x22222222
+ data4 0xe7e7e7e7, 0xadadadad, 0x35353535, 0x85858585
+ data4 0xe2e2e2e2, 0xf9f9f9f9, 0x37373737, 0xe8e8e8e8
+ data4 0x1c1c1c1c, 0x75757575, 0xdfdfdfdf, 0x6e6e6e6e
+ data4 0x47474747, 0xf1f1f1f1, 0x1a1a1a1a, 0x71717171
+ data4 0x1d1d1d1d, 0x29292929, 0xc5c5c5c5, 0x89898989
+ data4 0x6f6f6f6f, 0xb7b7b7b7, 0x62626262, 0x0e0e0e0e
+ data4 0xaaaaaaaa, 0x18181818, 0xbebebebe, 0x1b1b1b1b
+ data4 0xfcfcfcfc, 0x56565656, 0x3e3e3e3e, 0x4b4b4b4b
+ data4 0xc6c6c6c6, 0xd2d2d2d2, 0x79797979, 0x20202020
+ data4 0x9a9a9a9a, 0xdbdbdbdb, 0xc0c0c0c0, 0xfefefefe
+ data4 0x78787878, 0xcdcdcdcd, 0x5a5a5a5a, 0xf4f4f4f4
+ data4 0x1f1f1f1f, 0xdddddddd, 0xa8a8a8a8, 0x33333333
+ data4 0x88888888, 0x07070707, 0xc7c7c7c7, 0x31313131
+ data4 0xb1b1b1b1, 0x12121212, 0x10101010, 0x59595959
+ data4 0x27272727, 0x80808080, 0xecececec, 0x5f5f5f5f
+ data4 0x60606060, 0x51515151, 0x7f7f7f7f, 0xa9a9a9a9
+ data4 0x19191919, 0xb5b5b5b5, 0x4a4a4a4a, 0x0d0d0d0d
+ data4 0x2d2d2d2d, 0xe5e5e5e5, 0x7a7a7a7a, 0x9f9f9f9f
+ data4 0x93939393, 0xc9c9c9c9, 0x9c9c9c9c, 0xefefefef
+ data4 0xa0a0a0a0, 0xe0e0e0e0, 0x3b3b3b3b, 0x4d4d4d4d
+ data4 0xaeaeaeae, 0x2a2a2a2a, 0xf5f5f5f5, 0xb0b0b0b0
+ data4 0xc8c8c8c8, 0xebebebeb, 0xbbbbbbbb, 0x3c3c3c3c
+ data4 0x83838383, 0x53535353, 0x99999999, 0x61616161
+ data4 0x17171717, 0x2b2b2b2b, 0x04040404, 0x7e7e7e7e
+ data4 0xbabababa, 0x77777777, 0xd6d6d6d6, 0x26262626
+ data4 0xe1e1e1e1, 0x69696969, 0x14141414, 0x63636363
+ data4 0x55555555, 0x21212121, 0x0c0c0c0c, 0x7d7d7d7d
+.size Td0#,5*256*4 // HP-UX assembler fails to ".-Td0#"
diff --git a/crypto/asn1/Makefile.ssl b/crypto/asn1/Makefile.ssl
index 18cf975dca..90385686cc 100644
--- a/crypto/asn1/Makefile.ssl
+++ b/crypto/asn1/Makefile.ssl
@@ -83,7 +83,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/asn1/a_bitstr.c b/crypto/asn1/a_bitstr.c
index 6e92ff5a84..c1d3c28210 100644
--- a/crypto/asn1/a_bitstr.c
+++ b/crypto/asn1/a_bitstr.c
@@ -195,12 +195,8 @@ int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value)
c=(unsigned char *)OPENSSL_realloc_clean(a->data,
a->length,
w+1);
- if (c == NULL)
- {
- ASN1err(ASN1_F_ASN1_BIT_STRING_SET_BIT,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- if (w+1-a->length > 0) memset(c+a->length, 0, w+1-a->length);
+ if (c == NULL) return(0);
+ if (w+1-a->length > 0) memset(c+a->length, 0, w+1-a->length);
a->data=c;
a->length=w+1;
}
diff --git a/crypto/asn1/a_digest.c b/crypto/asn1/a_digest.c
index 7182e9fa5d..4931e222a0 100644
--- a/crypto/asn1/a_digest.c
+++ b/crypto/asn1/a_digest.c
@@ -65,7 +65,6 @@
# include <sys/types.h>
#endif
-#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/buffer.h>
#include <openssl/x509.h>
@@ -79,11 +78,7 @@ int ASN1_digest(int (*i2d)(), const EVP_MD *type, char *data,
unsigned char *str,*p;
i=i2d(data,NULL);
- if ((str=(unsigned char *)OPENSSL_malloc(i)) == NULL)
- {
- ASN1err(ASN1_F_ASN1_DIGEST,ERR_R_MALLOC_FAILURE);
- return(0);
- }
+ if ((str=(unsigned char *)OPENSSL_malloc(i)) == NULL) return(0);
p=str;
i2d(data,&p);
diff --git a/crypto/asn1/a_enum.c b/crypto/asn1/a_enum.c
index af9fb9b39e..49f9e994be 100644
--- a/crypto/asn1/a_enum.c
+++ b/crypto/asn1/a_enum.c
@@ -158,7 +158,7 @@ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai)
unsigned char *new_data=OPENSSL_realloc(ret->data, len+4);
if (!new_data)
{
- ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED,ERR_R_MALLOC_FAILURE);
+ ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
goto err;
}
ret->data=new_data;
diff --git a/crypto/asn1/a_gentm.c b/crypto/asn1/a_gentm.c
index def79062a5..ea8d7b96c8 100644
--- a/crypto/asn1/a_gentm.c
+++ b/crypto/asn1/a_gentm.c
@@ -192,9 +192,8 @@ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str)
{
if (s != NULL)
{
- if (!ASN1_STRING_set((ASN1_STRING *)s,
- (unsigned char *)str,t.length))
- return 0;
+ ASN1_STRING_set((ASN1_STRING *)s,
+ (unsigned char *)str,t.length);
s->type=V_ASN1_GENERALIZEDTIME;
}
return(1);
@@ -224,12 +223,7 @@ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
if ((p == NULL) || ((size_t)s->length < len))
{
p=OPENSSL_malloc(len);
- if (p == NULL)
- {
- ASN1err(ASN1_F_ASN1_GENERALIZEDTIME_SET,
- ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
+ if (p == NULL) return(NULL);
if (s->data != NULL)
OPENSSL_free(s->data);
s->data=(unsigned char *)p;
diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c
index 78a6cb0d29..c81fa00c4c 100644
--- a/crypto/asn1/a_int.c
+++ b/crypto/asn1/a_int.c
@@ -65,26 +65,7 @@ ASN1_INTEGER *ASN1_INTEGER_dup(ASN1_INTEGER *x)
{ return M_ASN1_INTEGER_dup(x);}
int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y)
- {
- int neg, ret;
- /* Compare signs */
- neg = x->type & V_ASN1_NEG;
- if (neg != (y->type & V_ASN1_NEG))
- {
- if (neg)
- return -1;
- else
- return 1;
- }
-
- ret = ASN1_STRING_cmp(x, y);
-
- if (neg)
- return -ret;
- else
- return ret;
- }
-
+{ return M_ASN1_INTEGER_cmp(x,y);}
/*
* This converts an ASN1 INTEGER into its content encoding.
diff --git a/crypto/asn1/a_set.c b/crypto/asn1/a_set.c
index 3c8d3d5629..f37408a311 100644
--- a/crypto/asn1/a_set.c
+++ b/crypto/asn1/a_set.c
@@ -118,13 +118,8 @@ int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag,
}
pStart = p; /* Catch the beg of Setblobs*/
- /* In this array we will store the SET blobs */
- rgSetBlob = (MYBLOB *)OPENSSL_malloc(sk_num(a) * sizeof(MYBLOB));
- if (rgSetBlob == NULL)
- {
- ASN1err(ASN1_F_I2D_ASN1_SET,ERR_R_MALLOC_FAILURE);
- return(0);
- }
+ if (!(rgSetBlob = (MYBLOB *)OPENSSL_malloc( sk_num(a) * sizeof(MYBLOB)))) return 0; /* In this array
+we will store the SET blobs */
for (i=0; i<sk_num(a); i++)
{
@@ -140,11 +135,7 @@ SetBlob
/* Now we have to sort the blobs. I am using a simple algo.
*Sort ptrs *Copy to temp-mem *Copy from temp-mem to user-mem*/
qsort( rgSetBlob, sk_num(a), sizeof(MYBLOB), SetBlobCmp);
- if (!(pTempMem = OPENSSL_malloc(totSize)))
- {
- ASN1err(ASN1_F_I2D_ASN1_SET,ERR_R_MALLOC_FAILURE);
- return(0);
- }
+ if (!(pTempMem = OPENSSL_malloc(totSize))) return 0;
/* Copy to temp mem */
p = pTempMem;
@@ -169,13 +160,7 @@ STACK *d2i_ASN1_SET(STACK **a, const unsigned char **pp, long length,
STACK *ret=NULL;
if ((a == NULL) || ((*a) == NULL))
- {
- if ((ret=sk_new_null()) == NULL)
- {
- ASN1err(ASN1_F_D2I_ASN1_SET,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- }
+ { if ((ret=sk_new_null()) == NULL) goto err; }
else
ret=(*a);
diff --git a/crypto/asn1/a_type.c b/crypto/asn1/a_type.c
index 2292d49b93..fe3fcd40b0 100644
--- a/crypto/asn1/a_type.c
+++ b/crypto/asn1/a_type.c
@@ -71,10 +71,7 @@ int ASN1_TYPE_get(ASN1_TYPE *a)
void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value)
{
if (a->value.ptr != NULL)
- {
- ASN1_TYPE **tmp_a = &a;
- ASN1_primitive_free((ASN1_VALUE **)tmp_a, NULL);
- }
+ ASN1_primitive_free((ASN1_VALUE **)&a, NULL);
a->type=type;
a->value.ptr=value;
}
diff --git a/crypto/asn1/a_utctm.c b/crypto/asn1/a_utctm.c
index d31c028193..fea6590322 100644
--- a/crypto/asn1/a_utctm.c
+++ b/crypto/asn1/a_utctm.c
@@ -173,9 +173,8 @@ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str)
{
if (s != NULL)
{
- if (!ASN1_STRING_set((ASN1_STRING *)s,
- (unsigned char *)str,t.length))
- return 0;
+ ASN1_STRING_set((ASN1_STRING *)s,
+ (unsigned char *)str,t.length);
s->type = V_ASN1_UTCTIME;
}
return(1);
@@ -204,11 +203,7 @@ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t)
if ((p == NULL) || ((size_t)s->length < len))
{
p=OPENSSL_malloc(len);
- if (p == NULL)
- {
- ASN1err(ASN1_F_ASN1_UTCTIME_SET,ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
+ if (p == NULL) return(NULL);
if (s->data != NULL)
OPENSSL_free(s->data);
s->data=(unsigned char *)p;
diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c
index b91678a9f6..da2a0a6d69 100644
--- a/crypto/asn1/a_verify.c
+++ b/crypto/asn1/a_verify.c
@@ -150,12 +150,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat
goto err;
}
- if (!EVP_VerifyInit_ex(&ctx,type, NULL))
- {
- ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB);
- ret=0;
- goto err;
- }
+ EVP_VerifyInit_ex(&ctx,type, NULL);
EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl);
OPENSSL_cleanse(buf_in,(unsigned int)inl);
diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h
index aad3dcb23d..f7bb935e07 100644
--- a/crypto/asn1/asn1.h
+++ b/crypto/asn1/asn1.h
@@ -152,10 +152,10 @@ extern "C" {
/* For use with ASN1_mbstring_copy() */
#define MBSTRING_FLAG 0x1000
-#define MBSTRING_UTF8 (MBSTRING_FLAG)
#define MBSTRING_ASC (MBSTRING_FLAG|1)
#define MBSTRING_BMP (MBSTRING_FLAG|2)
-#define MBSTRING_UNIV (MBSTRING_FLAG|4)
+#define MBSTRING_UNIV (MBSTRING_FLAG|3)
+#define MBSTRING_UTF8 (MBSTRING_FLAG|4)
struct X509_algor_st;
@@ -993,7 +993,6 @@ void ERR_load_ASN1_strings(void);
#define ASN1_F_A2I_ASN1_INTEGER 102
#define ASN1_F_A2I_ASN1_STRING 103
#define ASN1_F_APPEND_TAG 176
-#define ASN1_F_ASN1_BIT_STRING_SET_BIT 183
#define ASN1_F_ASN1_CB 177
#define ASN1_F_ASN1_CHECK_TLEN 104
#define ASN1_F_ASN1_COLLATE_PRIMITIVE 105
@@ -1001,12 +1000,10 @@ void ERR_load_ASN1_strings(void);
#define ASN1_F_ASN1_D2I_BIO 107
#define ASN1_F_ASN1_D2I_EX_PRIMITIVE 108
#define ASN1_F_ASN1_D2I_FP 109
-#define ASN1_F_ASN1_DIGEST 184
#define ASN1_F_ASN1_DO_ADB 110
#define ASN1_F_ASN1_DUP 111
#define ASN1_F_ASN1_ENUMERATED_SET 112
#define ASN1_F_ASN1_ENUMERATED_TO_BN 113
-#define ASN1_F_ASN1_GENERALIZEDTIME_SET 185
#define ASN1_F_ASN1_GENERATE_V3 178
#define ASN1_F_ASN1_GET_OBJECT 114
#define ASN1_F_ASN1_HEADER_NEW 115
@@ -1024,7 +1021,6 @@ void ERR_load_ASN1_strings(void);
#define ASN1_F_ASN1_SEQ_UNPACK 127
#define ASN1_F_ASN1_SIGN 128
#define ASN1_F_ASN1_STR2TYPE 179
-#define ASN1_F_ASN1_STRING_SET 186
#define ASN1_F_ASN1_STRING_TABLE_ADD 129
#define ASN1_F_ASN1_STRING_TYPE_NEW 130
#define ASN1_F_ASN1_TEMPLATE_D2I 131
@@ -1034,7 +1030,6 @@ void ERR_load_ASN1_strings(void);
#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134
#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135
#define ASN1_F_ASN1_UNPACK_STRING 136
-#define ASN1_F_ASN1_UTCTIME_SET 187
#define ASN1_F_ASN1_VERIFY 137
#define ASN1_F_BITSTR_CB 180
#define ASN1_F_BN_TO_ASN1_ENUMERATED 138
@@ -1059,7 +1054,6 @@ void ERR_load_ASN1_strings(void);
#define ASN1_F_D2I_X509_CINF 157
#define ASN1_F_D2I_X509_NAME 158
#define ASN1_F_D2I_X509_PKEY 159
-#define ASN1_F_I2D_ASN1_SET 188
#define ASN1_F_I2D_ASN1_TIME 160
#define ASN1_F_I2D_DSA_PUBKEY 161
#define ASN1_F_I2D_EC_PUBKEY 181
diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c
index daffbf2140..d83ed65cdb 100644
--- a/crypto/asn1/asn1_err.c
+++ b/crypto/asn1/asn1_err.c
@@ -1,6 +1,6 @@
/* crypto/asn1/asn1_err.c */
/* ====================================================================
- * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -71,7 +71,6 @@ static ERR_STRING_DATA ASN1_str_functs[]=
{ERR_PACK(0,ASN1_F_A2I_ASN1_INTEGER,0), "a2i_ASN1_INTEGER"},
{ERR_PACK(0,ASN1_F_A2I_ASN1_STRING,0), "a2i_ASN1_STRING"},
{ERR_PACK(0,ASN1_F_APPEND_TAG,0), "APPEND_TAG"},
-{ERR_PACK(0,ASN1_F_ASN1_BIT_STRING_SET_BIT,0), "ASN1_BIT_STRING_set_bit"},
{ERR_PACK(0,ASN1_F_ASN1_CB,0), "ASN1_CB"},
{ERR_PACK(0,ASN1_F_ASN1_CHECK_TLEN,0), "ASN1_CHECK_TLEN"},
{ERR_PACK(0,ASN1_F_ASN1_COLLATE_PRIMITIVE,0), "ASN1_COLLATE_PRIMITIVE"},
@@ -79,12 +78,10 @@ static ERR_STRING_DATA ASN1_str_functs[]=
{ERR_PACK(0,ASN1_F_ASN1_D2I_BIO,0), "ASN1_d2i_bio"},
{ERR_PACK(0,ASN1_F_ASN1_D2I_EX_PRIMITIVE,0), "ASN1_D2I_EX_PRIMITIVE"},
{ERR_PACK(0,ASN1_F_ASN1_D2I_FP,0), "ASN1_d2i_fp"},
-{ERR_PACK(0,ASN1_F_ASN1_DIGEST,0), "ASN1_digest"},
{ERR_PACK(0,ASN1_F_ASN1_DO_ADB,0), "ASN1_DO_ADB"},
{ERR_PACK(0,ASN1_F_ASN1_DUP,0), "ASN1_dup"},
{ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_SET,0), "ASN1_ENUMERATED_set"},
{ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_TO_BN,0), "ASN1_ENUMERATED_to_BN"},
-{ERR_PACK(0,ASN1_F_ASN1_GENERALIZEDTIME_SET,0), "ASN1_GENERALIZEDTIME_set"},
{ERR_PACK(0,ASN1_F_ASN1_GENERATE_V3,0), "ASN1_generate_v3"},
{ERR_PACK(0,ASN1_F_ASN1_GET_OBJECT,0), "ASN1_get_object"},
{ERR_PACK(0,ASN1_F_ASN1_HEADER_NEW,0), "ASN1_HEADER_new"},
@@ -102,7 +99,6 @@ static ERR_STRING_DATA ASN1_str_functs[]=
{ERR_PACK(0,ASN1_F_ASN1_SEQ_UNPACK,0), "ASN1_seq_unpack"},
{ERR_PACK(0,ASN1_F_ASN1_SIGN,0), "ASN1_sign"},
{ERR_PACK(0,ASN1_F_ASN1_STR2TYPE,0), "ASN1_STR2TYPE"},
-{ERR_PACK(0,ASN1_F_ASN1_STRING_SET,0), "ASN1_STRING_set"},
{ERR_PACK(0,ASN1_F_ASN1_STRING_TABLE_ADD,0), "ASN1_STRING_TABLE_add"},
{ERR_PACK(0,ASN1_F_ASN1_STRING_TYPE_NEW,0), "ASN1_STRING_type_new"},
{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_D2I,0), "ASN1_TEMPLATE_D2I"},
@@ -112,7 +108,6 @@ static ERR_STRING_DATA ASN1_str_functs[]=
{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,0), "ASN1_TYPE_get_int_octetstring"},
{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_OCTETSTRING,0), "ASN1_TYPE_get_octetstring"},
{ERR_PACK(0,ASN1_F_ASN1_UNPACK_STRING,0), "ASN1_unpack_string"},
-{ERR_PACK(0,ASN1_F_ASN1_UTCTIME_SET,0), "ASN1_UTCTIME_set"},
{ERR_PACK(0,ASN1_F_ASN1_VERIFY,0), "ASN1_verify"},
{ERR_PACK(0,ASN1_F_BITSTR_CB,0), "BITSTR_CB"},
{ERR_PACK(0,ASN1_F_BN_TO_ASN1_ENUMERATED,0), "BN_to_ASN1_ENUMERATED"},
@@ -137,7 +132,6 @@ static ERR_STRING_DATA ASN1_str_functs[]=
{ERR_PACK(0,ASN1_F_D2I_X509_CINF,0), "D2I_X509_CINF"},
{ERR_PACK(0,ASN1_F_D2I_X509_NAME,0), "D2I_X509_NAME"},
{ERR_PACK(0,ASN1_F_D2I_X509_PKEY,0), "d2i_X509_PKEY"},
-{ERR_PACK(0,ASN1_F_I2D_ASN1_SET,0), "i2d_ASN1_SET"},
{ERR_PACK(0,ASN1_F_I2D_ASN1_TIME,0), "I2D_ASN1_TIME"},
{ERR_PACK(0,ASN1_F_I2D_DSA_PUBKEY,0), "i2d_DSA_PUBKEY"},
{ERR_PACK(0,ASN1_F_I2D_EC_PUBKEY,0), "i2d_EC_PUBKEY"},
diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c
index bb94257cee..504e612a85 100644
--- a/crypto/asn1/asn1_lib.c
+++ b/crypto/asn1/asn1_lib.c
@@ -378,7 +378,6 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len)
if (str->data == NULL)
{
- ASN1err(ASN1_F_ASN1_STRING_SET,ERR_R_MALLOC_FAILURE);
str->data=c;
return(0);
}
diff --git a/crypto/asn1/evp_asn1.c b/crypto/asn1/evp_asn1.c
index f3d9804860..162b37bc38 100644
--- a/crypto/asn1/evp_asn1.c
+++ b/crypto/asn1/evp_asn1.c
@@ -115,11 +115,7 @@ int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, unsigned char *data,
if ((osp=ASN1_STRING_new()) == NULL) return(0);
/* Grow the 'string' */
- if (!ASN1_STRING_set(osp,NULL,size))
- {
- ASN1_STRING_free(osp);
- return(0);
- }
+ ASN1_STRING_set(osp,NULL,size);
M_ASN1_STRING_length_set(osp, size);
p=M_ASN1_STRING_data(osp);
diff --git a/crypto/asn1/p5_pbe.c b/crypto/asn1/p5_pbe.c
index ec788267e0..891150638e 100644
--- a/crypto/asn1/p5_pbe.c
+++ b/crypto/asn1/p5_pbe.c
@@ -76,55 +76,47 @@ IMPLEMENT_ASN1_FUNCTIONS(PBEPARAM)
X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt,
int saltlen)
{
- PBEPARAM *pbe=NULL;
+ PBEPARAM *pbe;
ASN1_OBJECT *al;
X509_ALGOR *algor;
- ASN1_TYPE *astype=NULL;
+ ASN1_TYPE *astype;
if (!(pbe = PBEPARAM_new ())) {
ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
- goto err;
+ return NULL;
}
if(iter <= 0) iter = PKCS5_DEFAULT_ITER;
- if (!ASN1_INTEGER_set(pbe->iter, iter)) {
- ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
- goto err;
- }
+ ASN1_INTEGER_set (pbe->iter, iter);
if (!saltlen) saltlen = PKCS5_SALT_LEN;
if (!(pbe->salt->data = OPENSSL_malloc (saltlen))) {
ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
- goto err;
+ return NULL;
}
pbe->salt->length = saltlen;
if (salt) memcpy (pbe->salt->data, salt, saltlen);
else if (RAND_pseudo_bytes (pbe->salt->data, saltlen) < 0)
- goto err;
+ return NULL;
if (!(astype = ASN1_TYPE_new())) {
ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
- goto err;
+ return NULL;
}
astype->type = V_ASN1_SEQUENCE;
if(!ASN1_pack_string(pbe, i2d_PBEPARAM, &astype->value.sequence)) {
ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
- goto err;
+ return NULL;
}
PBEPARAM_free (pbe);
- pbe = NULL;
al = OBJ_nid2obj(alg); /* never need to free al */
if (!(algor = X509_ALGOR_new())) {
ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
- goto err;
+ return NULL;
}
ASN1_OBJECT_free(algor->algorithm);
algor->algorithm = al;
algor->parameter = astype;
return (algor);
-err:
- if (pbe != NULL) PBEPARAM_free(pbe);
- if (astype != NULL) ASN1_TYPE_free(astype);
- return NULL;
}
diff --git a/crypto/asn1/t_bitst.c b/crypto/asn1/t_bitst.c
index 397332d9b8..8ee789f082 100644
--- a/crypto/asn1/t_bitst.c
+++ b/crypto/asn1/t_bitst.c
@@ -84,10 +84,7 @@ int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value,
int bitnum;
bitnum = ASN1_BIT_STRING_num_asc(name, tbl);
if(bitnum < 0) return 0;
- if(bs) {
- if(!ASN1_BIT_STRING_set_bit(bs, bitnum, value))
- return 0;
- }
+ if(bs) ASN1_BIT_STRING_set_bit(bs, bitnum, value);
return 1;
}
diff --git a/crypto/asn1/x_crl.c b/crypto/asn1/x_crl.c
index b99f8fc522..11fce96825 100644
--- a/crypto/asn1/x_crl.c
+++ b/crypto/asn1/x_crl.c
@@ -63,6 +63,8 @@
static int X509_REVOKED_cmp(const X509_REVOKED * const *a,
const X509_REVOKED * const *b);
+static int X509_REVOKED_seq_cmp(const X509_REVOKED * const *a,
+ const X509_REVOKED * const *b);
ASN1_SEQUENCE(X509_REVOKED) = {
ASN1_SIMPLE(X509_REVOKED,serialNumber, ASN1_INTEGER),
@@ -70,28 +72,43 @@ ASN1_SEQUENCE(X509_REVOKED) = {
ASN1_SEQUENCE_OF_OPT(X509_REVOKED,extensions, X509_EXTENSION)
} ASN1_SEQUENCE_END(X509_REVOKED)
-/* The X509_CRL_INFO structure needs a bit of customisation.
- * Since we cache the original encoding the signature wont be affected by
- * reordering of the revoked field.
+/* The X509_CRL_INFO structure needs a bit of customisation. This is actually
+ * mirroring the old behaviour: its purpose is to allow the use of
+ * sk_X509_REVOKED_find to lookup revoked certificates. Unfortunately
+ * this will zap the original order and the signature so we keep a copy
+ * of the original positions and reorder appropriately before encoding.
+ *
+ * Might want to see if there's a better way of doing this later...
*/
static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
{
X509_CRL_INFO *a = (X509_CRL_INFO *)*pval;
+ int i;
+ int (*old_cmp)(const X509_REVOKED * const *,
+ const X509_REVOKED * const *);
if(!a || !a->revoked) return 1;
switch(operation) {
- /* Just set cmp function here. We don't sort because that
- * would affect the output of X509_CRL_print().
- */
+
+ /* Save original order */
case ASN1_OP_D2I_POST:
+ for (i=0; i<sk_X509_REVOKED_num(a->revoked); i++)
+ sk_X509_REVOKED_value(a->revoked,i)->sequence=i;
sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_cmp);
break;
+
+ /* Restore original order */
+ case ASN1_OP_I2D_PRE:
+ old_cmp=sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_seq_cmp);
+ sk_X509_REVOKED_sort(a->revoked);
+ sk_X509_REVOKED_set_cmp_func(a->revoked,old_cmp);
+ break;
}
return 1;
}
-ASN1_SEQUENCE_enc(X509_CRL_INFO, enc, crl_inf_cb) = {
+ASN1_SEQUENCE_cb(X509_CRL_INFO, crl_inf_cb) = {
ASN1_OPT(X509_CRL_INFO, version, ASN1_INTEGER),
ASN1_SIMPLE(X509_CRL_INFO, sig_alg, X509_ALGOR),
ASN1_SIMPLE(X509_CRL_INFO, issuer, X509_NAME),
@@ -99,7 +116,7 @@ ASN1_SEQUENCE_enc(X509_CRL_INFO, enc, crl_inf_cb) = {
ASN1_OPT(X509_CRL_INFO, nextUpdate, ASN1_TIME),
ASN1_SEQUENCE_OF_OPT(X509_CRL_INFO, revoked, X509_REVOKED),
ASN1_EXP_SEQUENCE_OF_OPT(X509_CRL_INFO, extensions, X509_EXTENSION, 0)
-} ASN1_SEQUENCE_END_enc(X509_CRL_INFO, X509_CRL_INFO)
+} ASN1_SEQUENCE_END_cb(X509_CRL_INFO, X509_CRL_INFO)
ASN1_SEQUENCE_ref(X509_CRL, 0, CRYPTO_LOCK_X509_CRL) = {
ASN1_SIMPLE(X509_CRL, crl, X509_CRL_INFO),
@@ -120,6 +137,12 @@ static int X509_REVOKED_cmp(const X509_REVOKED * const *a,
(ASN1_STRING *)(*b)->serialNumber));
}
+static int X509_REVOKED_seq_cmp(const X509_REVOKED * const *a,
+ const X509_REVOKED * const *b)
+ {
+ return((*a)->sequence-(*b)->sequence);
+ }
+
int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev)
{
X509_CRL_INFO *inf;
@@ -130,7 +153,6 @@ int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev)
ASN1err(ASN1_F_X509_CRL_ADD0_REVOKED, ERR_R_MALLOC_FAILURE);
return 0;
}
- inf->enc.modified = 1;
return 1;
}
diff --git a/crypto/asn1/x_name.c b/crypto/asn1/x_name.c
index b4f12a6571..cc8c979ad5 100644
--- a/crypto/asn1/x_name.c
+++ b/crypto/asn1/x_name.c
@@ -160,22 +160,21 @@ static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long len
int tag, int aclass, char opt, ASN1_TLC *ctx)
{
const unsigned char *p = *in, *q;
- STACK *intname = NULL, **intname_pp = &intname;
+ STACK *intname = NULL;
int i, j, ret;
- X509_NAME *nm = NULL, **nm_pp = &nm;
+ X509_NAME *nm = NULL;
STACK_OF(X509_NAME_ENTRY) *entries;
X509_NAME_ENTRY *entry;
q = p;
/* Get internal representation of Name */
- ret = ASN1_item_ex_d2i((ASN1_VALUE **)intname_pp,
- &p, len, ASN1_ITEM_rptr(X509_NAME_INTERNAL),
- tag, aclass, opt, ctx);
+ ret = ASN1_item_ex_d2i((ASN1_VALUE **)&intname, &p, len, ASN1_ITEM_rptr(X509_NAME_INTERNAL),
+ tag, aclass, opt, ctx);
if(ret <= 0) return ret;
if(*val) x509_name_ex_free(val, NULL);
- if(!x509_name_ex_new((ASN1_VALUE **)nm_pp, NULL)) goto err;
+ if(!x509_name_ex_new((ASN1_VALUE **)&nm, NULL)) goto err;
/* We've decoded it: now cache encoding */
if(!BUF_MEM_grow(nm->bytes, p - q)) goto err;
memcpy(nm->bytes->data, q, p - q);
@@ -219,7 +218,7 @@ static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_IT
static int x509_name_encode(X509_NAME *a)
{
- STACK *intname = NULL, **intname_pp = &intname;
+ STACK *intname = NULL;
int len;
unsigned char *p;
STACK_OF(X509_NAME_ENTRY) *entries = NULL;
@@ -237,12 +236,10 @@ static int x509_name_encode(X509_NAME *a)
}
if(!sk_X509_NAME_ENTRY_push(entries, entry)) goto memerr;
}
- len = ASN1_item_ex_i2d((ASN1_VALUE **)intname_pp, NULL,
- ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
+ len = ASN1_item_ex_i2d((ASN1_VALUE **)&intname, NULL, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
if (!BUF_MEM_grow(a->bytes,len)) goto memerr;
p=(unsigned char *)a->bytes->data;
- ASN1_item_ex_i2d((ASN1_VALUE **)intname_pp,
- &p, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
+ ASN1_item_ex_i2d((ASN1_VALUE **)&intname, &p, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
sk_pop_free(intname, sk_internal_free);
a->modified = 0;
return len;
diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c
index 2a7f2cab15..10b87def32 100644
--- a/crypto/asn1/x_pubkey.c
+++ b/crypto/asn1/x_pubkey.c
@@ -83,7 +83,8 @@ IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY)
int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
{
- X509_PUBKEY *pk=NULL;
+ int ok=0;
+ X509_PUBKEY *pk;
X509_ALGOR *a;
ASN1_OBJECT *o;
unsigned char *s,*p = NULL;
@@ -106,11 +107,7 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
(a->parameter->type != V_ASN1_NULL))
{
ASN1_TYPE_free(a->parameter);
- if (!(a->parameter=ASN1_TYPE_new()))
- {
- X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
- goto err;
- }
+ a->parameter=ASN1_TYPE_new();
a->parameter->type=V_ASN1_NULL;
}
}
@@ -123,34 +120,14 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
dsa=pkey->pkey.dsa;
dsa->write_params=0;
ASN1_TYPE_free(a->parameter);
- if ((i=i2d_DSAparams(dsa,NULL)) <= 0)
- goto err;
- if (!(p=(unsigned char *)OPENSSL_malloc(i)))
- {
- X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
- goto err;
- }
+ i=i2d_DSAparams(dsa,NULL);
+ if ((p=(unsigned char *)OPENSSL_malloc(i)) == NULL) goto err;
pp=p;
i2d_DSAparams(dsa,&pp);
- if (!(a->parameter=ASN1_TYPE_new()))
- {
- OPENSSL_free(p);
- X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
- goto err;
- }
+ a->parameter=ASN1_TYPE_new();
a->parameter->type=V_ASN1_SEQUENCE;
- if (!(a->parameter->value.sequence=ASN1_STRING_new()))
- {
- OPENSSL_free(p);
- X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (!ASN1_STRING_set(a->parameter->value.sequence,p,i))
- {
- OPENSSL_free(p);
- X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
- goto err;
- }
+ a->parameter->value.sequence=ASN1_STRING_new();
+ ASN1_STRING_set(a->parameter->value.sequence,p,i);
OPENSSL_free(p);
}
#endif
@@ -222,12 +199,8 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
}
p=s;
i2d_PublicKey(pkey,&p);
- if (!M_ASN1_BIT_STRING_set(pk->public_key,s,i))
- {
- X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- /* Set number of unused bits to zero */
+ if (!M_ASN1_BIT_STRING_set(pk->public_key,s,i)) goto err;
+ /* Set number of unused bits to zero */
pk->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
pk->public_key->flags|=ASN1_STRING_FLAG_BITS_LEFT;
@@ -242,11 +215,12 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
X509_PUBKEY_free(*x);
*x=pk;
+ pk=NULL;
- return 1;
+ ok=1;
err:
if (pk != NULL) X509_PUBKEY_free(pk);
- return 0;
+ return(ok);
}
EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
diff --git a/crypto/bf/Makefile.ssl b/crypto/bf/Makefile.ssl
index 241381e9cc..be3ad77a05 100644
--- a/crypto/bf/Makefile.ssl
+++ b/crypto/bf/Makefile.ssl
@@ -23,7 +23,6 @@ BF_ENC= bf_enc.o
CFLAGS= $(INCLUDES) $(CFLAG)
ASFLAGS= $(INCLUDES) $(ASFLAG)
-AFLAGS= $(ASFLAGS)
GENERAL=Makefile
TEST=bftest.c
@@ -50,15 +49,20 @@ lib: $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
-# ELF
+# elf
asm/bx86-elf.s: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) bf-586.pl elf $(CFLAGS) $(PROCESSOR) > ../$@)
-# COFF
-asm/bx86-cof.s: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) bf-586.pl coff $(CFLAGS) $(PROCESSOR) > ../$@)
+ (cd asm; $(PERL) bf-586.pl elf $(CFLAGS) $(PROCESSOR) > bx86-elf.s)
+
# a.out
-bx86-out.s: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) bf-586.pl a.out $(CFLAGS) $(PROCESSOR) > ../$@)
+asm/bx86-out.o: asm/bx86unix.cpp
+ $(CPP) -DOUT asm/bx86unix.cpp | as -o asm/bx86-out.o
+
+# bsdi
+asm/bx86bsdi.o: asm/bx86unix.cpp
+ $(CPP) -DBSDI asm/bx86unix.cpp | sed 's/ :/:/' | as -o asm/bx86bsdi.o
+
+asm/bx86unix.cpp: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+ (cd asm; $(PERL) bf-586.pl cpp $(PROCESSOR) >bx86unix.cpp)
files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
@@ -72,7 +76,7 @@ links:
install: installs
installs:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
@@ -94,7 +98,7 @@ dclean:
mv -f Makefile.new $(MAKEFILE)
clean:
- rm -f asm/bx86unix.cpp asm/*.s asm/*.o *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+ rm -f asm/bx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/bio/Makefile.ssl b/crypto/bio/Makefile.ssl
index 85be2ed010..c42d488036 100644
--- a/crypto/bio/Makefile.ssl
+++ b/crypto/bio/Makefile.ssl
@@ -63,7 +63,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist; \
+ @for i in $(EXHEADER); \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/bio/b_dump.c b/crypto/bio/b_dump.c
index a07b79437f..76fee2db4f 100644
--- a/crypto/bio/b_dump.c
+++ b/crypto/bio/b_dump.c
@@ -68,25 +68,23 @@
#define DUMP_WIDTH 16
#define DUMP_WIDTH_LESS_INDENT(i) (DUMP_WIDTH-((i-(i>6?6:i)+3)/4))
-int BIO_dump_cb(int (*cb)(const void *data, size_t len, void *u),
- void *u, const char *s, int len)
+int BIO_dump(BIO *bio, const char *s, int len)
{
- return BIO_dump_indent_cb(cb, u, s, len, 0);
+ return BIO_dump_indent(bio, s, len, 0);
}
-int BIO_dump_indent_cb(int (*cb)(const void *data, size_t len, void *u),
- void *u, const char *s, int len, int indent)
+int BIO_dump_indent(BIO *bio, const char *s, int len, int indent)
{
int ret=0;
char buf[288+1],tmp[20],str[128+1];
int i,j,rows,trc;
unsigned char ch;
int dump_width;
-
+
trc=0;
-
+
#ifdef TRUNCATE
- for(; (len > 0) && ((s[len-1] == ' ') || (s[len-1] == '\0')); len--)
+ for(; (len > 0) && ((s[len-1] == ' ') || (s[len-1] == '\0')); len--)
trc++;
#endif
@@ -98,7 +96,7 @@ int BIO_dump_indent_cb(int (*cb)(const void *data, size_t len, void *u),
memset(str,' ',indent);
}
str[indent]='\0';
-
+
dump_width=DUMP_WIDTH_LESS_INDENT(indent);
rows=(len/dump_width);
if ((rows*dump_width)<len)
@@ -119,7 +117,7 @@ int BIO_dump_indent_cb(int (*cb)(const void *data, size_t len, void *u),
{
ch=((unsigned char)*(s+i*dump_width+j)) & 0xff;
BIO_snprintf(tmp,sizeof tmp,"%02x%c",ch,
- j==7?'-':' ');
+ j==7?'-':' ');
BUF_strlcat(buf,tmp,sizeof buf);
}
}
@@ -131,57 +129,28 @@ int BIO_dump_indent_cb(int (*cb)(const void *data, size_t len, void *u),
ch=((unsigned char)*(s+i*dump_width+j)) & 0xff;
#ifndef CHARSET_EBCDIC
BIO_snprintf(tmp,sizeof tmp,"%c",
- ((ch>=' ')&&(ch<='~'))?ch:'.');
+ ((ch>=' ')&&(ch<='~'))?ch:'.');
#else
BIO_snprintf(tmp,sizeof tmp,"%c",
- ((ch>=os_toascii[' '])&&(ch<=os_toascii['~']))
- ? os_toebcdic[ch]
- : '.');
+ ((ch>=os_toascii[' '])&&(ch<=os_toascii['~']))
+ ? os_toebcdic[ch]
+ : '.');
#endif
BUF_strlcat(buf,tmp,sizeof buf);
}
BUF_strlcat(buf,"\n",sizeof buf);
- /* if this is the last call then update the ddt_dump thing so
- * that we will move the selection point in the debug window
+ /* if this is the last call then update the ddt_dump thing so that
+ * we will move the selection point in the debug window
*/
- ret+=cb((void *)buf,strlen(buf),u);
+ ret+=BIO_write(bio,(char *)buf,strlen(buf));
}
#ifdef TRUNCATE
if (trc > 0)
{
BIO_snprintf(buf,sizeof buf,"%s%04x - <SPACES/NULS>\n",str,
- len+trc);
- ret+=cb((void *)buf,strlen(buf),u);
+ len+trc);
+ ret+=BIO_write(bio,(char *)buf,strlen(buf));
}
#endif
return(ret);
}
-
-#ifndef OPENSSL_NO_FP_API
-static int write_fp(const void *data, size_t len, void *fp)
- {
- return fwrite(data, len, 1, (FILE *)fp);
- }
-int BIO_dump_fp(FILE *fp, const char *s, int len)
- {
- return BIO_dump_cb(write_fp, fp, s, len);
- }
-int BIO_dump_indent_fp(FILE *fp, const char *s, int len, int indent)
- {
- return BIO_dump_indent_cb(write_fp, fp, s, len, indent);
- }
-#endif
-
-static int write_bio(const void *data, size_t len, void *bp)
- {
- return BIO_write((BIO *)bp, (const char *)data, len);
- }
-int BIO_dump(BIO *bp, const char *s, int len)
- {
- return BIO_dump_cb(write_bio, bp, s, len);
- }
-int BIO_dump_indent(BIO *bp, const char *s, int len, int indent)
- {
- return BIO_dump_indent_cb(write_bio, bp, s, len, indent);
- }
-
diff --git a/crypto/bio/b_sock.c b/crypto/bio/b_sock.c
index 268517fdc3..c964e40c54 100644
--- a/crypto/bio/b_sock.c
+++ b/crypto/bio/b_sock.c
@@ -87,6 +87,34 @@ static int wsa_init_done=0;
static unsigned long BIO_ghbn_hits=0L;
static unsigned long BIO_ghbn_miss=0L;
+/* The following types are required to work in a 64-bit environment on
+ OpenVMS for Alpha. In that environment, the pointer types char_pp
+ and char_p will be 32 bits wide. In all other environments (including
+ all other platforms), they will have whatever size is the appropriate
+ default there.
+ Additionally, let's define special variants of malloc and friends that
+ give the expected result visavi 32-bit pointers in an otherwise 64-bit
+ environment. These would normally be declared with the OpenVMSy string.h,
+ if we wouldn't compile with /STANDARD=ANSI. */
+#if !defined(OPENSSL_SYS_VMS) && __INITIAL_POINTER_SIZE == 64
+#pragma __required_pointer_size __save
+#pragma __required_pointer_size 32
+#endif
+typedef char ** char_pp;
+typedef char * char_p;
+#ifdef OPENSSL_SYS_VMS
+void *_malloc32(size_t);
+#define _free32 free
+void *_memset32(void *__s, int __c, size_t __n);
+#else
+#define _malloc32 OPENSSL_malloc
+#define _free32 OPENSSL_free
+#define _memset32 memset
+#endif
+#if !defined(OPENSSL_SYS_VMS) && __INITIAL_POINTER_SIZE == 64
+#pragma __required_pointer_size __restore
+#endif
+
#define GHBN_NUM 4
static struct ghbn_cache_st
{
@@ -286,18 +314,18 @@ static struct hostent *ghbn_dup(struct hostent *a)
for (i=0; a->h_aliases[i] != NULL; i++)
;
i++;
- ret->h_aliases = (char **)OPENSSL_malloc(i*sizeof(char *));
+ ret->h_aliases = (char_pp)_malloc32(i*sizeof(char_p)); /* changed for both 32-bit & 64-bit */
if (ret->h_aliases == NULL)
goto err;
- memset(ret->h_aliases, 0, i*sizeof(char *));
+ _memset32(ret->h_aliases, 0, i*sizeof(char_p)); /* changed for both 32-bit & 64-bit */
for (i=0; a->h_addr_list[i] != NULL; i++)
;
i++;
- ret->h_addr_list=(char **)OPENSSL_malloc(i*sizeof(char *));
+ ret->h_addr_list=(char_pp)_malloc32(i*sizeof(char_p)); /* changed for both 32-bit & 64-bit */
if (ret->h_addr_list == NULL)
goto err;
- memset(ret->h_addr_list, 0, i*sizeof(char *));
+ _memset32(ret->h_addr_list, 0, i*sizeof(char_p)); /* changed for both 32-bit & 64-bit */
j=strlen(a->h_name)+1;
if ((ret->h_name=OPENSSL_malloc(j)) == NULL) goto err;
@@ -305,14 +333,14 @@ static struct hostent *ghbn_dup(struct hostent *a)
for (i=0; a->h_aliases[i] != NULL; i++)
{
j=strlen(a->h_aliases[i])+1;
- if ((ret->h_aliases[i]=OPENSSL_malloc(j)) == NULL) goto err;
+ if ((ret->h_aliases[i]=(char_p)_malloc32(j)) == NULL) goto err; /* changed for both 32-bit & 64-bit */
memcpy(ret->h_aliases[i],a->h_aliases[i],j);
}
ret->h_length=a->h_length;
ret->h_addrtype=a->h_addrtype;
for (i=0; a->h_addr_list[i] != NULL; i++)
{
- if ((ret->h_addr_list[i]=OPENSSL_malloc(a->h_length)) == NULL)
+ if ((ret->h_addr_list[i]=(char_p)_malloc32(a->h_length)) == NULL) /* changed for both 32-bit & 64-bit */
goto err;
memcpy(ret->h_addr_list[i],a->h_addr_list[i],a->h_length);
}
@@ -337,14 +365,14 @@ static void ghbn_free(struct hostent *a)
if (a->h_aliases != NULL)
{
for (i=0; a->h_aliases[i] != NULL; i++)
- OPENSSL_free(a->h_aliases[i]);
- OPENSSL_free(a->h_aliases);
+ _free32(a->h_aliases[i]);
+ _free32(a->h_aliases);
}
if (a->h_addr_list != NULL)
{
for (i=0; a->h_addr_list[i] != NULL; i++)
- OPENSSL_free(a->h_addr_list[i]);
- OPENSSL_free(a->h_addr_list);
+ _free32(a->h_addr_list[i]);
+ _free32(a->h_addr_list);
}
if (a->h_name != NULL) OPENSSL_free(a->h_name);
OPENSSL_free(a);
@@ -523,7 +551,11 @@ void BIO_sock_cleanup(void)
#if !defined(OPENSSL_SYS_VMS) || __VMS_VER >= 70000000
+#ifdef OPENSSL_SYS_VMS
+int BIO_socket_ioctl(int fd, long type, VOID_L32p arg) /* changed for 64-bit API */
+#else
int BIO_socket_ioctl(int fd, long type, void *arg)
+#endif
{
int i;
diff --git a/crypto/bio/bio.h b/crypto/bio/bio.h
index 7068b18ffa..5c58164d4a 100644
--- a/crypto/bio/bio.h
+++ b/crypto/bio/bio.h
@@ -573,17 +573,24 @@ int BIO_sock_should_retry(int i);
int BIO_sock_non_fatal_error(int error);
int BIO_fd_should_retry(int i);
int BIO_fd_non_fatal_error(int error);
-int BIO_dump_cb(int (*cb)(const void *data, size_t len, void *u),
- void *u, const char *s, int len);
-int BIO_dump_indent_cb(int (*cb)(const void *data, size_t len, void *u),
- void *u, const char *s, int len, int indent);
int BIO_dump(BIO *b,const char *bytes,int len);
int BIO_dump_indent(BIO *b,const char *bytes,int len,int indent);
-#ifndef OPENSSL_NO_FP_API
-int BIO_dump_fp(FILE *fp, const char *s, int len);
-int BIO_dump_indent_fp(FILE *fp, const char *s, int len, int indent);
-#endif
+
struct hostent *BIO_gethostbyname(const char *name);
+
+#ifdef OPENSSL_SYS_VMS
+/* For 64-bit API */
+#if __INITIAL_POINTER_SIZE == 64
+#pragma __required_pointer_size __save
+#pragma __required_pointer_size 32
+#endif
+typedef void * VOID_L32p;
+#if __INITIAL_POINTER_SIZE == 64
+#pragma __required_pointer_size __restore
+#endif
+#endif
+/* OPENSSL_SYS_VMS */
+
/* We might want a thread-safe interface too:
* struct hostent *BIO_gethostbyname_r(const char *name,
* struct hostent *result, void *buffer, size_t buflen);
@@ -592,8 +599,13 @@ struct hostent *BIO_gethostbyname(const char *name);
* substructures; if the buffer does not suffice, NULL is returned
* and an appropriate error code is set).
*/
+
int BIO_sock_error(int sock);
+#ifdef OPENSSL_SYS_VMS
+int BIO_socket_ioctl(int fd, long type, VOID_L32p arg);
+#else
int BIO_socket_ioctl(int fd, long type, void *arg);
+#endif
int BIO_socket_nbio(int fd,int mode);
int BIO_get_port(const char *str, unsigned short *port_ptr);
int BIO_get_host_ip(const char *str, unsigned char *ip);
diff --git a/crypto/bio/bss_conn.c b/crypto/bio/bss_conn.c
index a608d81c7f..8dc77abc53 100644
--- a/crypto/bio/bss_conn.c
+++ b/crypto/bio/bss_conn.c
@@ -75,6 +75,9 @@
#undef FIONBIO
#endif
+#if(defined(OPENSSL_SYS_VMS))
+#include <iodef.h>
+#endif
typedef struct bio_connect_st
{
@@ -98,6 +101,15 @@ typedef struct bio_connect_st
int (*info_callback)(const BIO *bio,int state,int ret);
} BIO_CONNECT;
+#ifdef OPENSSL_SYS_VMS
+struct iosb /* i/o status block */
+ {
+ unsigned short status; /* i/o completion status */
+ unsigned short bytcnt; /* bytes transferred if read/write */
+ void *details; /* address of buffer or parameter */
+ };
+#endif
+
static int conn_write(BIO *h, const char *buf, int num);
static int conn_read(BIO *h, char *buf, int size);
static int conn_puts(BIO *h, const char *str);
@@ -404,33 +416,65 @@ static int conn_read(BIO *b, char *out, int outl)
int ret=0;
BIO_CONNECT *data;
+#ifdef OPENSSL_SYS_VMS
+ int sts;
+ struct iosb iosb;
+#endif
+
data=(BIO_CONNECT *)b->ptr;
if (data->state != BIO_CONN_S_OK)
{
ret=conn_state(b,data);
if (ret <= 0)
- return(ret);
+ return(ret);
}
if (out != NULL)
{
clear_socket_error();
+
+#if 1 /* would be '#ifndef OPENSSL_SYS_VMS' if the error handling from $QIO was done right */
ret=readsocket(b->num,out,outl);
+#else
+ sts = SYS$QIOW(
+ 0,
+ decc$get_sdc(b->num),
+ IO$_READVBLK,
+ iosb,
+ 0,
+ 0,
+ out,
+ outl,
+ 0,0,0,0);
+#endif
BIO_clear_retry_flags(b);
+
+#if 0 /* would be '#ifdef OPENSSL_SYS_VMS' if the error handling from $QIO was done right */
+ if (sts != 1 || iosb.status != 1) /* SYS$QIOW failed */
+ ret = -1; /* should be 0 for EOF! */
+ else
+ ret = outl;
+#endif
if (ret <= 0)
{
if (BIO_sock_should_retry(ret))
BIO_set_retry_read(b);
}
- }
+ }
+
return(ret);
}
static int conn_write(BIO *b, const char *in, int inl)
{
- int ret;
+ int ret = 0;
BIO_CONNECT *data;
+#ifdef OPENSSL_SYS_VMS
+ int sts;
+ struct iosb iosb;
+#endif
+
data=(BIO_CONNECT *)b->ptr;
if (data->state != BIO_CONN_S_OK)
{
@@ -439,13 +483,35 @@ static int conn_write(BIO *b, const char *in, int inl)
}
clear_socket_error();
+
+#if 1 /* would be '#ifndef OPENSSL_SYS_VMS' if the error handling from $QIO was done right */
ret=writesocket(b->num,in,inl);
- BIO_clear_retry_flags(b);
+#else
+ sts = SYS$QIOW(
+ 0,
+ decc$get_sdc(b->num),
+ IO$_WRITEVBLK,
+ iosb,
+ 0,
+ 0,
+ in,
+ inl,
+ 0,0,0,0);
+#endif
+ BIO_clear_retry_flags(b);
+
+#if 0 /* would be '#ifdef OPENSSL_SYS_VMS' if the error handling from $QIO was done right */
+ if (sts != 1 || iosb.status != 1) /* SYS$QIO failed */
+ ret = -1; /* should be 0 for EOF! */
+ else
+ ret = inl;
+#endif
if (ret <= 0)
{
if (BIO_sock_should_retry(ret))
BIO_set_retry_write(b);
}
+
return(ret);
}
diff --git a/crypto/bio/bss_file.c b/crypto/bio/bss_file.c
index 764b7f8372..667c2eb2f0 100644
--- a/crypto/bio/bss_file.c
+++ b/crypto/bio/bss_file.c
@@ -274,7 +274,7 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr)
ret=0;
break;
}
-#if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_WIN32_CYGWIN)
+#if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_OS2)
if (!(num & BIO_FP_TEXT))
strcat(p,"b");
else
diff --git a/crypto/bio/bss_log.c b/crypto/bio/bss_log.c
index 6360dbc820..5a5de26c9b 100644
--- a/crypto/bio/bss_log.c
+++ b/crypto/bio/bss_log.c
@@ -64,6 +64,7 @@
#include <stdio.h>
+#include <stdlib.h>
#include <errno.h>
#include "cryptlib.h"
@@ -329,13 +330,31 @@ static void xopenlog(BIO* bp, char* name, int level)
static void xsyslog(BIO *bp, int priority, const char *string)
{
struct dsc$descriptor_s opc_dsc;
- struct opcdef *opcdef_p;
- char buf[10240];
+
+
+/* For 64-bit API */
+#if __INITIAL_POINTER_SIZE == 64
+#pragma __required_pointer_size __save
+#pragma __required_pointer_size 32
+#endif
+ struct opcdef *opcdef_p;
+ typedef char * char_32p;
+ typedef struct opcdef * OPCDEF_TYPE_P;
+ void *_malloc32(size_t);
+#if __INITIAL_POINTER_SIZE == 64
+#pragma __required_pointer_size __restore
+#endif
+
+ char_32p buf;
+ const int bufsize = 10240;
+
unsigned int len;
struct dsc$descriptor_s buf_dsc;
$DESCRIPTOR(fao_cmd, "!AZ: !AZ");
char *priority_tag;
+ buf = (char_32p)_malloc32(bufsize);
+
switch (priority)
{
case LOG_EMERG: priority_tag = "Emergency"; break;
@@ -356,7 +375,7 @@ static void xsyslog(BIO *bp, int priority, const char *string)
lib$sys_fao(&fao_cmd, &len, &buf_dsc, priority_tag, string);
/* we know there's an 8 byte header. That's documented */
- opcdef_p = (struct opcdef *) OPENSSL_malloc(8 + len);
+ opcdef_p = (OPCDEF_TYPE_P) OPENSSL_malloc(8 + len);
opcdef_p->opc$b_ms_type = OPC$_RQ_RQST;
memcpy(opcdef_p->opc$z_ms_target_classes, &VMS_OPC_target, 3);
opcdef_p->opc$l_ms_rqstid = 0;
@@ -364,12 +383,13 @@ static void xsyslog(BIO *bp, int priority, const char *string)
opc_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
opc_dsc.dsc$b_class = DSC$K_CLASS_S;
- opc_dsc.dsc$a_pointer = (char *)opcdef_p;
+ opc_dsc.dsc$a_pointer = (char_32p)opcdef_p;
opc_dsc.dsc$w_length = len + 8;
sys$sndopr(opc_dsc, 0);
OPENSSL_free(opcdef_p);
+ free(buf);
}
static void xcloselog(BIO* bp)
diff --git a/crypto/bio/bss_sock.c b/crypto/bio/bss_sock.c
index 472dd75821..a21358bc88 100644
--- a/crypto/bio/bss_sock.c
+++ b/crypto/bio/bss_sock.c
@@ -57,11 +57,40 @@
*/
#include <stdio.h>
+#include <stdlib.h>
#include <errno.h>
#define USE_SOCKETS
#include "cryptlib.h"
#include <openssl/bio.h>
+/* The following types are required to work in a 64-bit environment on
+ OpenVMS for Alpha. In that environment, the pointer types char_pp
+ and char_p will be 32 bits wide. In all other environments (including
+ all other platforms), they will have whatever size is the appropriate
+ default there.
+ Additionally, let's define special variants of malloc and friends that
+ give the expected result visavi 32-bit pointers in an otherwise 64-bit
+ environment. These would normally be declared with the OpenVMSy string.h,
+ if we wouldn't compile with /STANDARD=ANSI. */
+#if !defined(OPENSSL_SYS_VMS) && __INITIAL_POINTER_SIZE == 64
+#pragma __required_pointer_size __save
+#pragma __required_pointer_size 32
+#endif
+typedef char * char_32p;
+#ifdef OPENSSL_SYS_VMS
+void *_malloc32(size_t);
+#define _free32 free
+void *_memset32(void *__s, int __c, size_t __n);
+#else
+#define _malloc32 OPENSSL_malloc
+#define _free32 OPENSSL_free
+#define _memset32 memset
+#endif
+#if !defined(OPENSSL_SYS_VMS) && __INITIAL_POINTER_SIZE == 64
+#pragma __required_pointer_size __restore
+#endif
+
+
#ifdef WATT32
#define sock_write SockWrite /* Watt-32 uses same names */
#define sock_read SockRead
@@ -133,10 +162,36 @@ static int sock_read(BIO *b, char *out, int outl)
{
int ret=0;
+#if defined(OPENSSL_SYS_VMS) && __INITIAL_POINTER_SIZE == 64
+#pragma __required_pointer_size __save
+#pragma __required_pointer_size 32
+
+ char_32p out32 = NULL;
+
+ if (out != NULL)
+ {
+ out32 = (char_32p)_malloc32(outl*sizeof(char_32p)); /* changed for 64-bit */
+ _memset32(out32, 0, outl*sizeof(char_32p)); /* changed for 64-bit */
+ memcpy(out32,out,outl); /* changed for 64-bit */
+ }
+
+#pragma __required_pointer_size __restore
+#endif
+
+#if defined(OPENSSL_SYS_VMS) && __INITIAL_POINTER_SIZE == 64
+ if (out32 != NULL)
+#else
if (out != NULL)
+#endif
{
clear_socket_error();
+#if defined(OPENSSL_SYS_VMS) && __INITIAL_POINTER_SIZE == 64
+ ret=readsocket(b->num,out32,outl);
+ memcpy(out,out32,outl);
+ _free32(out32);
+#else
ret=readsocket(b->num,out,outl);
+#endif
BIO_clear_retry_flags(b);
if (ret <= 0)
{
@@ -151,8 +206,28 @@ static int sock_write(BIO *b, const char *in, int inl)
{
int ret;
+#if defined(OPENSSL_SYS_VMS) && __INITIAL_POINTER_SIZE == 64
+#pragma __required_pointer_size __save
+#pragma __required_pointer_size 32
+
+ char_32p in32;
+
+ in32 = (char_32p)_malloc32(inl*sizeof(char_32p)); /* changed for 64-bit */
+ _memset32(in32, 0, inl*sizeof(char_32p)); /* changed for 64-bit */
+ memcpy(in32,in,inl); /* changed for 64-bit */
+
+#pragma __required_pointer_size __restore
+#endif
+
clear_socket_error();
+
+#if defined(OPENSSL_SYS_VMS) && __INITIAL_POINTER_SIZE == 64
+ ret=writesocket(b->num,in32,inl);
+ _free32(in32);
+#else
ret=writesocket(b->num,in,inl);
+#endif
+
BIO_clear_retry_flags(b);
if (ret <= 0)
{
diff --git a/crypto/bn/Makefile.ssl b/crypto/bn/Makefile.ssl
index 08cdd92c46..490d6d7dae 100644
--- a/crypto/bn/Makefile.ssl
+++ b/crypto/bn/Makefile.ssl
@@ -23,7 +23,6 @@ BN_ASM= bn_asm.o
CFLAGS= $(INCLUDES) $(CFLAG)
ASFLAGS= $(INCLUDES) $(ASFLAG)
-AFLAGS= $(ASFLAGS)
GENERAL=Makefile
TEST=bntest.c exptest.c
@@ -68,28 +67,58 @@ lib: $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
-# ELF
+# elf
asm/bn86-elf.s: asm/bn-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) bn-586.pl elf $(CFLAGS) > ../$@)
+ (cd asm; $(PERL) bn-586.pl elf $(CFLAGS) > bn86-elf.s)
+
asm/co86-elf.s: asm/co-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) co-586.pl elf $(CFLAGS) > ../$@)
-# COFF
-asm/bn86-cof.s: asm/bn-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) bn-586.pl coff $(CFLAGS) > ../$@)
-asm/co86-cof.s: asm/co-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) co-586.pl coff $(CFLAGS) > ../$@)
+ (cd asm; $(PERL) co-586.pl elf $(CFLAGS) > co86-elf.s)
+
# a.out
-bn86-out.s: asm/bn-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) bn-586.pl a.out $(CFLAGS) > ../$@)
-co86-out.s: asm/co-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) co-586.pl a.out $(CFLAGS) > ../$@)
+asm/bn86-out.o: asm/bn86unix.cpp
+ $(CPP) -DOUT asm/bn86unix.cpp | as -o asm/bn86-out.o
+
+asm/co86-out.o: asm/co86unix.cpp
+ $(CPP) -DOUT asm/co86unix.cpp | as -o asm/co86-out.o
+
+# bsdi
+asm/bn86bsdi.o: asm/bn86unix.cpp
+ $(CPP) -DBSDI asm/bn86unix.cpp | sed 's/ :/:/' | as -o asm/bn86bsdi.o
+
+asm/co86bsdi.o: asm/co86unix.cpp
+ $(CPP) -DBSDI asm/co86unix.cpp | sed 's/ :/:/' | as -o asm/co86bsdi.o
+
+asm/bn86unix.cpp: asm/bn-586.pl ../perlasm/x86asm.pl
+ (cd asm; $(PERL) bn-586.pl cpp >bn86unix.cpp )
+
+asm/co86unix.cpp: asm/co-586.pl ../perlasm/x86asm.pl
+ (cd asm; $(PERL) co-586.pl cpp >co86unix.cpp )
asm/sparcv8.o: asm/sparcv8.S
asm/sparcv8plus.o: asm/sparcv8plus.S
-asm/ia64.s: asm/ia64.S
- $(CC) $(CFLAGS) -E asm/ia64.S > $@
+# Old GNU assembler doesn't understand V9 instructions, so we
+# hire /usr/ccs/bin/as to do the job. Note that option is called
+# *-gcc27, but even gcc 2>=8 users may experience similar problem
+# if they didn't bother to upgrade GNU assembler. Such users should
+# not choose this option, but be adviced to *remove* GNU assembler
+# or upgrade it.
+asm/sparcv8plus-gcc27.o: asm/sparcv8plus.S
+ $(CC) $(ASFLAGS) -E asm/sparcv8plus.S | \
+ /usr/ccs/bin/as -xarch=v8plus - -o asm/sparcv8plus-gcc27.o
+
+
+asm/ia64.o: asm/ia64.S
+
+# Some compiler drivers (most notably HP-UX and Intel C++) don't
+# understand .S extension:-( I wish I could pipe output from cc -E,
+# but it's too compiler driver/ABI dependent to cover with a single
+# rule... <appro@fy.chalmers.se>
+asm/ia64-cpp.o: asm/ia64.S
+ $(CC) $(ASFLAGS) -E asm/ia64.S > /tmp/ia64.$$$$.s && \
+ $(CC) $(ASFLAGS) -c -o asm/ia64-cpp.o /tmp/ia64.$$$$.s; \
+ rm -f /tmp/ia64.$$$$.s
asm/x86_64-gcc.o: asm/x86_64-gcc.c
@@ -103,8 +132,8 @@ asm/pa-risc2.o: asm/pa-risc2.s
# ppc - AIX, Linux, MacOS X...
asm/linux_ppc32.s: asm/ppc.pl; $(PERL) $< $@
asm/linux_ppc64.s: asm/ppc.pl; $(PERL) $< $@
-asm/aix_ppc32.s: asm/ppc.pl; $(PERL) asm/ppc.pl $@
-asm/aix_ppc64.s: asm/ppc.pl; $(PERL) asm/ppc.pl $@
+asm/aix_ppc32.s: asm/ppc.pl; $(PERL) $< $@
+asm/aix_ppc64.s: asm/ppc.pl; $(PERL) $< $@
asm/osx_ppc32.s: asm/ppc.pl; $(PERL) $< $@
files:
@@ -117,7 +146,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
@@ -147,7 +176,7 @@ dclean:
mv -f Makefile.new $(MAKEFILE)
clean:
- rm -f asm/co86unix.cpp asm/bn86unix.cpp asm/*-elf.* asm/*-cof.* asm/*-out.* asm/ia64.s *.s *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff bn_asm.s
+ rm -f asm/co86unix.cpp asm/bn86unix.cpp asm/*-elf.* *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff bn_asm.s
# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/bn/asm/bn-586.pl b/crypto/bn/asm/bn-586.pl
index 26c2685a72..9a7c64c464 100644
--- a/crypto/bn/asm/bn-586.pl
+++ b/crypto/bn/asm/bn-586.pl
@@ -5,10 +5,7 @@ require "x86asm.pl";
&asm_init($ARGV[0],$0);
-$sse2=0;
-for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
-
-&external_label("OPENSSL_ia32cap_P") if ($sse2);
+$sse2=0; # SSE2 is temporarily disabled...
&bn_mul_add_words("bn_mul_add_words");
&bn_mul_words("bn_mul_words");
@@ -24,7 +21,7 @@ sub bn_mul_add_words
{
local($name)=@_;
- &function_begin($name,$sse2?"EXTRN\t_OPENSSL_ia32cap_P:DWORD":"");
+ &function_begin($name,"");
&comment("");
$Low="eax";
@@ -48,7 +45,7 @@ sub bn_mul_add_words
&jz(&label("maw_finish"));
if ($sse2) {
- &picmeup("eax","OPENSSL_ia32cap_P");
+ &picmeup("eax","OPENSSL_ia32cap");
&bt(&DWP(0,"eax"),26);
&jnc(&label("maw_loop"));
diff --git a/crypto/bn/bn_ctx.c b/crypto/bn/bn_ctx.c
index 5bd742a97c..12d8a8cbf8 100644
--- a/crypto/bn/bn_ctx.c
+++ b/crypto/bn/bn_ctx.c
@@ -70,7 +70,10 @@
*
* 1. Check a bunch of "(words+1)" type hacks in various bignum functions and
* check they can be safely removed.
+ * - BN_bin2bn() looks pretty nasty with the miscellaneous +1 and +2 adjustments.
+ * Needs a full rubber-gloving, me thinks.
* - Check +1 and other ugliness in BN_from_montgomery()
+ * - Aspects of BN_bn2dec() also look a bit arbitrary
*
* 2. Consider allowing a BN_new_ex() that, at least, lets you specify an
* appropriate 'block' size that will be honoured by bn_expand_internal() to
diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c
index 61416483cb..287392db0f 100644
--- a/crypto/bn/bn_mont.c
+++ b/crypto/bn/bn_mont.c
@@ -277,7 +277,7 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
BN_CTX_start(ctx);
if((Ri = BN_CTX_get(ctx)) == NULL) goto err;
R= &(mont->RR); /* grab RR as a temp */
- if (!BN_copy(&(mont->N),mod)) goto err; /* Set N */
+ BN_copy(&(mont->N),mod); /* Set N */
mont->N.neg = 0;
#ifdef MONT_WORD
diff --git a/crypto/bn/bn_print.c b/crypto/bn/bn_print.c
index 5fb8473f37..092322d2ff 100644
--- a/crypto/bn/bn_print.c
+++ b/crypto/bn/bn_print.c
@@ -102,19 +102,14 @@ err:
/* Must 'OPENSSL_free' the returned data */
char *BN_bn2dec(const BIGNUM *a)
{
- int i=0,num, ok = 0;
+ int i=0,num;
char *buf=NULL;
char *p;
BIGNUM *t=NULL;
BN_ULONG *bn_data=NULL,*lp;
- /* get an upper bound for the length of the decimal integer
- * num <= (BN_num_bits(a) + 1) * log(2)
- * <= 3 * BN_num_bits(a) * 0.1001 + log(2) + 1 (rounding error)
- * <= BN_num_bits(a)/10 + BN_num_bits/1000 + 1 + 1
- */
i=BN_num_bits(a)*3;
- num=(i/10+i/1000+1)+1;
+ num=(i/10+i/1000+3)+1;
bn_data=(BN_ULONG *)OPENSSL_malloc((num/BN_DEC_NUM+1)*sizeof(BN_ULONG));
buf=(char *)OPENSSL_malloc(num+3);
if ((buf == NULL) || (bn_data == NULL))
@@ -127,6 +122,7 @@ char *BN_bn2dec(const BIGNUM *a)
#define BUF_REMAIN (num+3 - (size_t)(p - buf))
p=buf;
lp=bn_data;
+ if (t->neg) *(p++)='-';
if (BN_is_zero(t))
{
*(p++)='0';
@@ -134,9 +130,6 @@ char *BN_bn2dec(const BIGNUM *a)
}
else
{
- if (BN_get_sign(t))
- *p++ = '-';
-
i=0;
while (!BN_is_zero(t))
{
@@ -156,16 +149,9 @@ char *BN_bn2dec(const BIGNUM *a)
while (*p) p++;
}
}
- ok = 1;
err:
if (bn_data != NULL) OPENSSL_free(bn_data);
if (t != NULL) BN_free(t);
- if (!ok && buf)
- {
- OPENSSL_free(buf);
- buf = NULL;
- }
-
return(buf);
}
diff --git a/crypto/bn/bntest.c b/crypto/bn/bntest.c
index 9169cc8813..d4cb92f847 100644
--- a/crypto/bn/bntest.c
+++ b/crypto/bn/bntest.c
@@ -468,22 +468,6 @@ int test_div(BIO *bp, BN_CTX *ctx)
return(1);
}
-static void print_word(BIO *bp,BN_ULONG w)
- {
-#ifdef SIXTY_FOUR_BIT
- if (sizeof(w) > sizeof(unsigned long))
- {
- unsigned long h=(unsigned long)(w>>32),
- l=(unsigned long)(w);
-
- if (h) BIO_printf(bp,"%lX%08lX",h,l);
- else BIO_printf(bp,"%lX",l);
- return;
- }
-#endif
- BIO_printf(bp,"%lX",w);
- }
-
int test_div_word(BIO *bp)
{
BIGNUM a,b;
@@ -510,7 +494,7 @@ int test_div_word(BIO *bp)
{
BN_print(bp,&a);
BIO_puts(bp," / ");
- print_word(bp,s);
+ BIO_printf(bp,"%lX",s);
BIO_puts(bp," - ");
}
BN_print(bp,&b);
@@ -520,10 +504,10 @@ int test_div_word(BIO *bp)
{
BN_print(bp,&a);
BIO_puts(bp," % ");
- print_word(bp,s);
+ BIO_printf(bp,"%lX",s);
BIO_puts(bp," - ");
}
- print_word(bp,r);
+ BIO_printf(bp,"%lX",r);
BIO_puts(bp,"\n");
}
BN_mul_word(&b,s);
diff --git a/crypto/buffer/Makefile.ssl b/crypto/buffer/Makefile.ssl
index 25facaeb05..58cacab2be 100644
--- a/crypto/buffer/Makefile.ssl
+++ b/crypto/buffer/Makefile.ssl
@@ -53,7 +53,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/cast/Makefile.ssl b/crypto/cast/Makefile.ssl
index 6a2aba2d78..98393a37ba 100644
--- a/crypto/cast/Makefile.ssl
+++ b/crypto/cast/Makefile.ssl
@@ -26,7 +26,6 @@ CAST_ENC=c_enc.o
CFLAGS= $(INCLUDES) $(CFLAG)
ASFLAGS= $(INCLUDES) $(ASFLAG)
-AFLAGS= $(ASFLAGS)
GENERAL=Makefile
TEST=casttest.c
@@ -53,15 +52,20 @@ lib: $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
-# ELF
+# elf
asm/cx86-elf.s: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) cast-586.pl elf $(CLAGS) $(PROCESSOR) > ../$@)
-# COFF
-asm/cx86-cof.s: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) cast-586.pl coff $(CLAGS) $(PROCESSOR) > ../$@)
+ (cd asm; $(PERL) cast-586.pl elf $(CLAGS) $(PROCESSOR) > cx86-elf.s)
+
# a.out
-cx86-out.s: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) cast-586.pl a.out $(CLAGS) $(PROCESSOR) > ../$@)
+asm/cx86-out.o: asm/cx86unix.cpp
+ $(CPP) -DOUT asm/cx86unix.cpp | as -o asm/cx86-out.o
+
+# bsdi
+asm/cx86bsdi.o: asm/cx86unix.cpp
+ $(CPP) -DBSDI asm/cx86unix.cpp | sed 's/ :/:/' | as -o asm/cx86bsdi.o
+
+asm/cx86unix.cpp: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+ (cd asm; $(PERL) cast-586.pl cpp $(PROCESSOR) >cx86unix.cpp)
files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
@@ -73,7 +77,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
@@ -95,7 +99,7 @@ dclean:
mv -f Makefile.new $(MAKEFILE)
clean:
- rm -f asm/cx86unix.cpp asm/*.s asm/*.o *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+ rm -f asm/cx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/comp/Makefile.ssl b/crypto/comp/Makefile.ssl
index c2950086ce..2e00c3f203 100644
--- a/crypto/comp/Makefile.ssl
+++ b/crypto/comp/Makefile.ssl
@@ -56,7 +56,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
@@ -91,8 +91,7 @@ c_rle.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
c_rle.o: ../../include/openssl/symhacks.h c_rle.c
c_zlib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
c_zlib.o: ../../include/openssl/comp.h ../../include/openssl/crypto.h
-c_zlib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-c_zlib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+c_zlib.o: ../../include/openssl/e_os2.h ../../include/openssl/obj_mac.h
c_zlib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
c_zlib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
c_zlib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
diff --git a/crypto/comp/c_zlib.c b/crypto/comp/c_zlib.c
index 171fa5b86b..7553a2d107 100644
--- a/crypto/comp/c_zlib.c
+++ b/crypto/comp/c_zlib.c
@@ -3,7 +3,6 @@
#include <string.h>
#include <openssl/objects.h>
#include <openssl/comp.h>
-#include <openssl/err.h>
COMP_METHOD *COMP_zlib(void );
@@ -358,17 +357,7 @@ COMP_METHOD *COMP_zlib(void)
if (!zlib_loaded)
{
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
- zlib_dso = DSO_load(NULL, "ZLIB1", NULL, 0);
- if (!zlib_dso)
- {
- zlib_dso = DSO_load(NULL, "ZLIB", NULL, 0);
- if (zlib_dso)
- {
- /* Clear the errors from the first failed
- DSO_load() */
- ERR_clear_error();
- }
- }
+ zlib_dso = DSO_load(NULL, "ZLIB", NULL, 0);
#else
zlib_dso = DSO_load(NULL, "z", NULL, 0);
#endif
diff --git a/crypto/conf/Makefile.ssl b/crypto/conf/Makefile.ssl
index e752678e49..36c36d5263 100644
--- a/crypto/conf/Makefile.ssl
+++ b/crypto/conf/Makefile.ssl
@@ -56,7 +56,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c
index ba2a8830b4..6966eddba6 100644
--- a/crypto/conf/conf_def.c
+++ b/crypto/conf/conf_def.c
@@ -582,7 +582,15 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from)
q='}';
else if (*s == '(')
q=')';
- else q=0;
+#ifdef OPENSSL_SYS_VMS
+ else
+ {
+ buf->data[to++]= *(from++);
+ continue;
+ }
+#else
+ else q=0;
+#endif
if (q) s++;
cp=section;
diff --git a/crypto/cryptlib.c b/crypto/cryptlib.c
index 3cfcb9e602..b180aebce9 100644
--- a/crypto/cryptlib.c
+++ b/crypto/cryptlib.c
@@ -539,56 +539,18 @@ const char *CRYPTO_get_lock_name(int type)
return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS));
}
-#if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \
- defined(__INTEL__) || \
- defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64)
-
-unsigned long OPENSSL_ia32cap_P=0;
-unsigned long *OPENSSL_ia32cap_loc(void) { return &OPENSSL_ia32cap_P; }
-
-#if defined(OPENSSL_CPUID_OBJ) && !defined(OPENSSL_NO_ASM) && !defined(I386_ONLY)
-#define OPENSSL_CPUID_SETUP
-void OPENSSL_cpuid_setup(void)
-{ static int trigger=0;
- unsigned long OPENSSL_ia32_cpuid(void);
- char *env;
-
- if (trigger) return;
-
- trigger=1;
- if ((env=getenv("OPENSSL_ia32cap")))
- OPENSSL_ia32cap_P = strtoul(env,NULL,0)|(1<<10);
- else
- OPENSSL_ia32cap_P = OPENSSL_ia32_cpuid()|(1<<10);
- /*
- * |(1<<10) sets a reserved bit to signal that variable
- * was initialized already... This is to avoid interference
- * with cpuid snippets in ELF .init segment.
- */
-}
-#endif
-
-#endif
-#if !defined(OPENSSL_CPUID_SETUP)
-void OPENSSL_cpuid_setup(void) {}
-#endif
-
-#if (defined(_WIN32) || defined(__CYGWIN__)) && defined(_DLL)
-#ifdef __CYGWIN__
-/* pick DLL_[PROCESS|THREAD]_[ATTACH|DETACH] definitions */
-#include <windows.h>
-#endif
+#ifdef _DLL
+#ifdef OPENSSL_SYS_WIN32
/* All we really need to do is remove the 'error' state when a thread
* detaches */
-BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason,
+BOOL WINAPI DLLEntryPoint(HINSTANCE hinstDLL, DWORD fdwReason,
LPVOID lpvReserved)
{
switch(fdwReason)
{
case DLL_PROCESS_ATTACH:
- OPENSSL_cpuid_setup();
break;
case DLL_THREAD_ATTACH:
break;
@@ -602,6 +564,8 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason,
}
#endif
+#endif
+
void OpenSSLDie(const char *file,int line,const char *assertion)
{
fprintf(stderr,
diff --git a/crypto/cryptlib.h b/crypto/cryptlib.h
index 8b0add7e20..0d6b9d59f0 100644
--- a/crypto/cryptlib.h
+++ b/crypto/cryptlib.h
@@ -93,9 +93,6 @@ extern "C" {
#define DECIMAL_SIZE(type) ((sizeof(type)*8+2)/3+1)
#define HEX_SIZE(type) (sizeof(type)*2)
-void OPENSSL_cpuid_setup(void);
-extern unsigned long OPENSSL_ia32cap_P;
-
#ifdef __cplusplus
}
#endif
diff --git a/crypto/crypto-lib.com b/crypto/crypto-lib.com
index 57d5ba94c2..14ce5d9a07 100644
--- a/crypto/crypto-lib.com
+++ b/crypto/crypto-lib.com
@@ -40,9 +40,12 @@ $! UCX for UCX
$! TCPIP for TCPIP (post UCX)
$! SOCKETSHR for SOCKETSHR+NETLIB
$!
-$! P5, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
+$! P5, if defined, sets the pointer size to build with. The values can be
+$! be "32" or "64". Any other value will default to "32"
$!
-$! P6, if defined, sets a choice of crypto methods to compile.
+$! P6, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
+$!
+$! P7, if defined, sets a choice of crypto methods to compile.
$! WARNING: this should only be done to recompile some part of an already
$! fully compiled library.
$!
@@ -114,6 +117,23 @@ $! End The Architecture Specific OBJ Directory Check.
$!
$ ENDIF
$!
+$! Define The LIS Directory.
+$!
+$ LIS_DIR := SYS$DISK:[-.'ARCH'.LIS.CRYPTO]
+$!
+$! Check To See If The Architecture Specific LIS Directory Exists.
+$!
+$ IF (F$PARSE(LIS_DIR).EQS."")
+$ THEN
+$!
+$! It Dosen't Exist, So Create It.
+$!
+$ CREATE/DIR 'LIS_DIR'
+$!
+$! End The Architecture Specific LIS Directory Check.
+$!
+$ ENDIF
+$!
$! Define The EXE Directory.
$!
$ EXE_DIR := SYS$DISK:[-.'ARCH'.EXE.CRYPTO]
@@ -133,11 +153,15 @@ $ ENDIF
$!
$! Define The Library Name.
$!
-$ LIB_NAME := 'EXE_DIR'LIBCRYPTO.OLB
+$ LIB_NAME := 'EXE_DIR'LIBCRYPTO'FILE_POINTER_SIZE'.OLB
$!
$! Define The CRYPTO-LIB We Are To Use.
$!
-$ CRYPTO_LIB := 'EXE_DIR'LIBCRYPTO.OLB
+$ CRYPTO_LIB := 'EXE_DIR'LIBCRYPTO'FILE_POINTER_SIZE'.OLB
+$!
+$! Define The RSAREF-LIB We Are To Use.
+$!
+$ RSAREF_LIB := SYS$DISK:[-.'ARCH'.EXE.RSAREF]LIBRSAGLUE'FILE_POINTER_SIZE'.OLB
$!
$! Check To See If We Already Have A "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" Library...
$!
@@ -206,7 +230,7 @@ $ LIB_ENGINE = "eng_err,eng_lib,eng_list,eng_init,eng_ctrl,"+ -
"eng_table,eng_pkey,eng_fat,eng_all,"+ -
"tb_rsa,tb_dsa,tb_ecdsa,tb_dh,tb_ecdh,tb_rand,tb_store,"+ -
"tb_cipher,tb_digest,"+ -
- "eng_openssl,eng_dyn,eng_cnf,eng_cryptodev,eng_padlock"
+ "eng_openssl,eng_dyn,eng_cnf,eng_cryptodev"
$ LIB_AES = "aes_core,aes_misc,aes_ecb,aes_cbc,aes_cfb,aes_ofb,aes_ctr"
$ LIB_BUFFER = "buffer,buf_err"
$ LIB_BIO = "bio_lib,bio_cb,bio_err,"+ -
@@ -250,12 +274,12 @@ $ LIB_X509 = "x509_def,x509_d2,x509_r2x,x509_cmp,"+ -
"x509_set,x509cset,x509rset,x509_err,"+ -
"x509name,x509_v3,x509_ext,x509_att,"+ -
"x509type,x509_lu,x_all,x509_txt,"+ -
- "x509_trs,by_file,by_dir,x509_vpm"
+ "x509_trs,by_file,by_dir"
$ LIB_X509V3 = "v3_bcons,v3_bitst,v3_conf,v3_extku,v3_ia5,v3_lib,"+ -
"v3_prn,v3_utl,v3err,v3_genn,v3_alt,v3_skey,v3_akey,v3_pku,"+ -
"v3_int,v3_enum,v3_sxnet,v3_cpols,v3_crld,v3_purp,v3_info,"+ -
- "v3_ocsp,v3_akeya,v3_pmaps,v3_pcons,v3_ncons,v3_pcia,v3_pci,"+ -
- "pcy_cache,pcy_node,pcy_data,pcy_map,pcy_tree,pcy_lib"
+ "v3_ocsp,v3_akeya,v3_pmaps,v3_pcons,v3_ncons,pcy_cache,pcy_node,"+ -
+ "pcy_data,pcy_map,pcy_tree,pcy_lib"
$ LIB_CONF = "conf_err,conf_lib,conf_api,conf_def,conf_mod,conf_mall,conf_sap"
$ LIB_TXT_DB = "txt_db"
$ LIB_PKCS7 = "pk7_asn1,pk7_lib,pkcs7err,pk7_doit,pk7_smime,pk7_attr,"+ -
@@ -275,7 +299,7 @@ $!
$! Setup exceptional compilations
$!
$ COMPILEWITH_CC3 = ",bss_rtcp,"
-$ COMPILEWITH_CC4 = ",a_utctm,bss_log,o_time,o_dir"
+$ COMPILEWITH_CC4 = ",a_utctm,bss_log,o_time,read_pwd,err,o_dir"
$ COMPILEWITH_CC5 = ",md2_dgst,md4_dgst,md5_dgst,mdc2dgst," + -
"sha_dgst,sha1dgst,rmd_dgst,bf_enc,"
$!
@@ -451,6 +475,10 @@ $ SOURCE_FILE = "SYS$DISK:[]" + FILE_NAME
$ ENDIF
$ SOURCE_FILE = SOURCE_FILE - "]["
$!
+$! Create The Listing File Name.
+$!
+$ LIST_FILE = LIS_DIR + F$PARSE(FILE_NAME,,,"NAME","SYNTAX_ONLY") + ".LIS"
+$!
$! Create The Object File Name.
$!
$ OBJECT_FILE = OBJ_DIR + F$PARSE(FILE_NAME,,,"NAME","SYNTAX_ONLY") + ".OBJ"
@@ -461,10 +489,10 @@ $!
$ IF (F$SEARCH(SOURCE_FILE).EQS."")
$ THEN
$!
-$! Tell The User That The File Doesn't Exist.
+$! Tell The User That The File Dosen't Exist.
$!
$ WRITE SYS$OUTPUT ""
-$ WRITE SYS$OUTPUT "The File ",SOURCE_FILE," Doesn't Exist."
+$ WRITE SYS$OUTPUT F$MESSAGE("%X10018290") + ". The File ",SOURCE_FILE," Dosen't Exist."
$ WRITE SYS$OUTPUT ""
$!
$! Exit The Build.
@@ -492,21 +520,21 @@ $ ON ERROR THEN GOTO NEXT_FILE
$ FILE_NAME0 = F$ELEMENT(0,".",FILE_NAME)
$ IF FILE_NAME - ".mar" .NES. FILE_NAME
$ THEN
-$ MACRO/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$ MACRO/OBJECT='OBJECT_FILE'/LIST='LIST_FILE' 'SOURCE_FILE'
$ ELSE
$ IF COMPILEWITH_CC3 - FILE_NAME0 .NES. COMPILEWITH_CC3
$ THEN
-$ CC3/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$ CC3/OBJECT='OBJECT_FILE'/LIST='LIST_FILE'/MACHINE_CODE 'SOURCE_FILE'
$ ELSE
$ IF COMPILEWITH_CC4 - FILE_NAME0 .NES. COMPILEWITH_CC4
$ THEN
-$ CC4/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$ CC4/OBJECT='OBJECT_FILE'/LIST='LIST_FILE'/MACHINE_CODE 'SOURCE_FILE'
$ ELSE
$ IF COMPILEWITH_CC5 - FILE_NAME0 .NES. COMPILEWITH_CC5
$ THEN
-$ CC5/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$ CC5/OBJECT='OBJECT_FILE'/LIST='LIST_FILE'/MACHINE_CODE 'SOURCE_FILE'
$ ELSE
-$ CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$ CC/OBJECT='OBJECT_FILE'/LIST='LIST_FILE'/MACHINE_CODE 'SOURCE_FILE'
$ ENDIF
$ ENDIF
$ ENDIF
@@ -761,8 +789,8 @@ $ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT "The Option ",P1," Is Invalid. The Valid Options Are:"
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT " ALL : Just Build Everything."
-$ WRITE SYS$OUTPUT " LIBRARY : To Compile Just The [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library."
-$ WRITE SYS$OUTPUT " APPS : To Compile Just The [.xxx.EXE.CRYPTO]*.EXE Programs."
+$ WRITE SYS$OUTPUT " LIBRARY : To Compile Just The [.xxx.EXE.SSL]LIBCRYPTO.OLB Library."
+$ WRITE SYS$OUTPUT " APPS : To Compile Just The [.xxx.EXE.SSL]*.EXE Programs."
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT " Where 'xxx' Stands For:"
$ WRITE SYS$OUTPUT ""
@@ -841,9 +869,9 @@ $! Written By: Richard Levitte
$! richard@levitte.org
$!
$!
-$! Check To See If We Have A Option For P5.
+$! Check To See If We Have A Option For P6.
$!
-$ IF (P5.EQS."")
+$ IF (P6.EQS."")
$ THEN
$!
$! Get The Version Of VMS We Are Using.
@@ -865,7 +893,7 @@ $! End The VMS Version Check.
$!
$ ENDIF
$!
-$! End The P5 Check.
+$! End The P6 Check.
$!
$ ENDIF
$!
@@ -973,6 +1001,64 @@ $ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX"
$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
$!
+$! On Alpha, pointers can be 32 or 64 bit wide. Libraries for both variants
+$! can be built, and will then have "32" in the name for the 32-bit variant.
+$! On VAX as well as the 64-bit variant on Alpha, the name carries no extra
+$! information about pointer size (i.e., 64 bits is default on Alpha and 32
+$! bits is default on VAX).
+$!
+$ IF (P5.NES."32" .AND. P5.NES."64")
+$ THEN
+$!
+$! Set The Default
+$!
+$ P5 = ""
+$!
+$! End of First Check Of P5
+$!
+$ ENDIF
+$!
+$! Check If P5 Isn't Set (Or Set Properly)
+$!
+$ IF (P5.EQS."" .OR. (P5.NES."32" .AND. ARCH.EQS."VAX"))
+$ THEN
+$!
+$! Check If We're On A VAX
+$!
+$ IF ARCH.EQS."VAX"
+$ THEN
+$!
+$! On VAX, We Force 32 Bit Pointers
+$!
+$ P5 = "32"
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$! On Alpha, We Use 64 Bit Pointers By Default
+$!
+$ P5 = "64"
+$!
+$! End Of Check For VAX
+$!
+$ ENDIF
+$!
+$! End Check Of P5
+$!
+$ ENDIF
+$!
+$! Set POINTER_SIZE
+$!
+$ POINTER_SIZE = P5
+$ QUAL_POINTER_SIZE = ""
+$ FILE_POINTER_SIZE = ""
+$ IF ARCH.EQS."AXP"
+$ THEN
+$ QUAL_POINTER_SIZE = "/POINTER_SIZE="+POINTER_SIZE
+$ IF POINTER_SIZE.EQS."32" THEN FILE_POINTER_SIZE = "32"
+$ ENDIF
+$!
$! Check To See If The User Entered A Valid Paramter.
$!
$ IF (P3.EQS."VAXC").OR.(P3.EQS."DECC").OR.(P3.EQS."GNUC")
@@ -997,7 +1083,7 @@ $ CC = "CC"
$ IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" -
THEN CC = "CC/DECC"
$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + -
- "/NOLIST/PREFIX=ALL" + -
+ "/PREFIX=ALL" + -
"/INCLUDE=(SYS$DISK:[],SYS$DISK:[-],SYS$DISK:[.ENGINE.VENDOR_DEFNS],SYS$DISK:[.EVP])" + -
CCEXTRAFLAGS
$!
@@ -1031,7 +1117,7 @@ $ WRITE SYS$OUTPUT "There is no VAX C on Alpha!"
$ EXIT
$ ENDIF
$ IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC"
-$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
+$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'" + -
"/INCLUDE=(SYS$DISK:[],SYS$DISK:[-],SYS$DISK:[.ENGINE.VENDOR_DEFNS])" + -
CCEXTRAFLAGS
$ CCDEFS = """VAXC""," + CCDEFS
@@ -1063,7 +1149,7 @@ $ WRITE SYS$OUTPUT "Using GNU 'C' Compiler."
$!
$! Use GNU C...
$!
-$ CC = "GCC/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
+$ CC = "GCC/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'" + -
"/INCLUDE=(SYS$DISK:[],SYS$DISK:[-],SYS$DISK:[.ENGINE.VENDOR_DEFNS])" + -
CCEXTRAFLAGS
$!
@@ -1095,6 +1181,7 @@ $ ELSE
$ CCDISABLEWARNINGS = ""
$ CC4DISABLEWARNINGS = ""
$ ENDIF
+$ CC = CC + QUAL_POINTER_SIZE
$ CC3 = CC + "/DEFINE=(" + CCDEFS + ISSEVEN + ")" + CCDISABLEWARNINGS
$ CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
$ IF ARCH .EQS. "VAX" .AND. COMPILER .EQS. "DECC" .AND. P2 .NES. "DEBUG"
@@ -1247,9 +1334,10 @@ $!
$! Check if the user wanted to compile just a subset of all the encryption
$! methods.
$!
-$ IF P6 .NES. ""
+$ IF P7 .NES. ""
$ THEN
-$ ENCRYPT_TYPES = P6
+$ ENCRYPT_TYPES = P7
+$! NYI: ENCRYPT_PROGRAMS = P7
$ ENDIF
$!
$! Time To RETURN...
diff --git a/crypto/crypto.h b/crypto/crypto.h
index a1bd005c3a..9edb24dc6d 100644
--- a/crypto/crypto.h
+++ b/crypto/crypto.h
@@ -541,9 +541,6 @@ void ERR_load_CRYPTO_strings(void);
/* Reason codes. */
#define CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK 100
-unsigned long *OPENSSL_ia32cap_loc(void);
-#define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc()))
-
#ifdef __cplusplus
}
#endif
diff --git a/crypto/des/.cvsignore b/crypto/des/.cvsignore
deleted file mode 100644
index 45c30cc686..0000000000
--- a/crypto/des/.cvsignore
+++ /dev/null
@@ -1,3 +0,0 @@
-lib
-Makefile.save
-des
diff --git a/crypto/des/Makefile.ssl b/crypto/des/Makefile.ssl
index a7e3cb586b..387a8b3f46 100644
--- a/crypto/des/Makefile.ssl
+++ b/crypto/des/Makefile.ssl
@@ -23,7 +23,6 @@ DES_ENC= des_enc.o fcrypt_b.o
CFLAGS= $(INCLUDES) $(CFLAG)
ASFLAGS= $(INCLUDES) $(ASFLAG)
-AFLAGS= $(ASFLAGS)
GENERAL=Makefile
TEST=destest.c
@@ -70,21 +69,32 @@ des: des.o cbc3_enc.o lib
asm/des_enc-sparc.S: asm/des_enc.m4
m4 -B 8192 asm/des_enc.m4 > asm/des_enc-sparc.S
-# ELF
+# elf
asm/dx86-elf.s: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) des-586.pl elf $(CFLAGS) > ../$@)
+ (cd asm; $(PERL) des-586.pl elf $(CFLAGS) > dx86-elf.s)
+
asm/yx86-elf.s: asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) crypt586.pl elf $(CFLAGS) > ../$@)
-# COFF
-asm/dx86-cof.s: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) des-586.pl coff $(CFLAGS) > ../$@)
-asm/yx86-cof.s: asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) crypt586.pl coff $(CFLAGS) > ../$@)
+ (cd asm; $(PERL) crypt586.pl elf $(CFLAGS) > yx86-elf.s)
+
# a.out
-dx86-out.s: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) des-586.pl a.out $(CFLAGS) > ../$@)
-yx86-out.s: asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) crypt586.pl a.out $(CFLAGS) > ../$@)
+asm/dx86-out.o: asm/dx86unix.cpp
+ $(CPP) -DOUT asm/dx86unix.cpp | as -o asm/dx86-out.o
+
+asm/yx86-out.o: asm/yx86unix.cpp
+ $(CPP) -DOUT asm/yx86unix.cpp | as -o asm/yx86-out.o
+
+# bsdi
+asm/dx86bsdi.o: asm/dx86unix.cpp
+ $(CPP) -DBSDI asm/dx86unix.cpp | sed 's/ :/:/' | as -o asm/dx86bsdi.o
+
+asm/yx86bsdi.o: asm/yx86unix.cpp
+ $(CPP) -DBSDI asm/yx86unix.cpp | sed 's/ :/:/' | as -o asm/yx86bsdi.o
+
+asm/dx86unix.cpp: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+ (cd asm; $(PERL) des-586.pl cpp >dx86unix.cpp)
+
+asm/yx86unix.cpp: asm/crypt586.pl ../perlasm/x86asm.pl
+ (cd asm; $(PERL) crypt586.pl cpp >yx86unix.cpp)
files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
@@ -98,7 +108,7 @@ links:
install: installs
installs:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
@@ -120,7 +130,7 @@ dclean:
mv -f Makefile.new $(MAKEFILE)
clean:
- rm -f asm/dx86unix.cpp asm/yx86unix.cpp asm/*.s asm/*.o *.s *.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff
+ rm -f asm/dx86unix.cpp asm/yx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff
# DO NOT DELETE THIS LINE -- make depend depends on it.
@@ -136,9 +146,8 @@ cbc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
cbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
cbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
cbc_enc.o: cbc_enc.c des_locl.h ncbc_enc.c
-cfb64ede.o: ../../e_os.h ../../include/openssl/des.h
-cfb64ede.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-cfb64ede.o: ../../include/openssl/opensslconf.h
+cfb64ede.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+cfb64ede.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
cfb64ede.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
cfb64ede.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
cfb64ede.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
diff --git a/crypto/des/cfb64ede.c b/crypto/des/cfb64ede.c
index de34ecceb9..453b078d30 100644
--- a/crypto/des/cfb64ede.c
+++ b/crypto/des/cfb64ede.c
@@ -57,7 +57,6 @@
*/
#include "des_locl.h"
-#include "e_os.h"
/* The input and output encrypted as though 64bit cfb mode is being
* used. The extra state information to record how much of the
diff --git a/crypto/des/des-lib.com b/crypto/des/des-lib.com
index fc2c35a1ce..34be66b808 100644
--- a/crypto/des/des-lib.com
+++ b/crypto/des/des-lib.com
@@ -37,7 +37,15 @@ $!
$! If you don't speficy a compiler, it will try to determine which
$! "C" compiler to try to use.
$!
-$! P4, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
+$! P4, if defined, sets the pointer size to build with. The values can be
+$! be "32" or "64". Any other value will default to "32"
+$!
+$! P5, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
+$!
+$!
+$ write sys$output " "
+$ write sys$output " Now running in DES-LIB.COM. "
+$ write sys$output " "
$!
$!
$! Make sure we know what architecture we run on.
@@ -89,6 +97,23 @@ $! End The Architecture Specific OBJ Directory Check.
$!
$ ENDIF
$!
+$! Define The LIS Directory Name.
+$!
+$ LIS_DIR := SYS$DISK:[--.'ARCH'.LIS.CRYPTO.DES]
+$!
+$! Check To See If The Architecture Specific LIS Directory Exists.
+$!
+$ IF (F$PARSE(LIS_DIR).EQS."")
+$ THEN
+$!
+$! It Dosen't Exist, So Create It.
+$!
+$ CREATE/DIR 'LIS_DIR'
+$!
+$! End The Architecture Specific LIS Directory Check.
+$!
+$ ENDIF
+$!
$! Define The EXE Directory Name.
$!
$ EXE_DIR :== SYS$DISK:[--.'ARCH'.EXE.CRYPTO.DES]
@@ -108,7 +133,7 @@ $ ENDIF
$!
$! Define The Library Name.
$!
-$ LIB_NAME := 'EXE_DIR'LIBDES.OLB
+$ LIB_NAME := 'EXE_DIR'LIBDES'FILE_POINTER_SIZE'.OLB
$!
$! Check To See What We Are To Do.
$!
@@ -167,6 +192,12 @@ $ LIB_DES = "set_key,ecb_enc,cbc_enc,"+ -
"des_enc,fcrypt_b,read2pwd,"+ -
"fcrypt,xcbc_enc,read_pwd,rpc_enc,cbc_cksm,supp"
$!
+$! Setup exceptional compilations
+$!
+$ COMPILEWITH_CC3 = ""
+$ COMPILEWITH_CC4 = ",read_pwd,"
+$ COMPILEWITH_CC5 = ""
+$!
$! Define A File Counter And Set It To "0".
$!
$ FILE_COUNTER = 0
@@ -197,6 +228,10 @@ $ WRITE SYS$OUTPUT " ",FILE_NAME,".C"
$!
$! Create The Object File Name.
$!
+$ LIST_FILE = LIS_DIR + FILE_NAME + "." + ARCH + "LIS"
+$!
+$! Create The Object File Name.
+$!
$ OBJECT_FILE = OBJ_DIR + FILE_NAME + "." + ARCH + "OBJ"
$ ON WARNING THEN GOTO NEXT_FILE
$!
@@ -222,7 +257,28 @@ $!
$! Compile The File.
$!
$ ON ERROR THEN GOTO NEXT_FILE
-$ CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$ FILE_NAME0 = F$ELEMENT(0,".",FILE_NAME)
+$ IF FILE_NAME - ".mar" .NES. FILE_NAME
+$ THEN
+$ MACRO/OBJECT='OBJECT_FILE'/LIST='LIST_FILE' 'SOURCE_FILE'
+$ ELSE
+$ IF COMPILEWITH_CC3 - FILE_NAME0 .NES. COMPILEWITH_CC3
+$ THEN
+$ CC3/OBJECT='OBJECT_FILE'/LIST='LIST_FILE'/MACHINE_CODE 'SOURCE_FILE'
+$ ELSE
+$ IF COMPILEWITH_CC4 - FILE_NAME0 .NES. COMPILEWITH_CC4
+$ THEN
+$ CC4/OBJECT='OBJECT_FILE'/LIST='LIST_FILE'/MACHINE_CODE 'SOURCE_FILE'
+$ ELSE
+$ IF COMPILEWITH_CC5 - FILE_NAME0 .NES. COMPILEWITH_CC5
+$ THEN
+$ CC5/OBJECT='OBJECT_FILE'/LIST='LIST_FILE'/MACHINE_CODE 'SOURCE_FILE'
+$ ELSE
+$ CC/OBJECT='OBJECT_FILE'/LIST='LIST_FILE'/MACHINE_CODE 'SOURCE_FILE'
+$ ENDIF
+$ ENDIF
+$ ENDIF
+$ ENDIF
$!
$! Add It To The Library.
$!
@@ -290,7 +346,9 @@ $!
$! Link The DESTEST Program.
$!
$ LINK/'DEBUGGER'/'TRACEBACK'/CONTIGUOUS/EXE='EXE_DIR'DESTEST.EXE -
- 'OBJ_DIR'DESTEST.OBJ,'LIB_NAME'/LIBRARY,'OPT_FILE'/OPTION
+ /MAP='LIS_DIR'DESTEST.MAP /FULL/CROSS -
+ 'OBJ_DIR'DESTEST.OBJ,'LIB_NAME'/LIBRARY, -
+ 'OPT_FILE'/OPTION, SYS$DISK:[--]SSL_IDENT.OPT/OPTION
$!
$! All Done, Time To Return.
$!
@@ -338,7 +396,9 @@ $!
$! Link The SPEED Program.
$!
$ LINK/'DEBUGGER'/'TRACEBACK'/CONTIGUOUS/EXE='EXE_DIR'SPEED.EXE -
- 'OBJ_DIR'SPEED.OBJ,'LIB_NAME'/LIBRARY,'OPT_FILE'/OPTION
+ /MAP='LIS_DIR'SPEED.MAP /FULL/CROSS -
+ 'OBJ_DIR'SPEED.OBJ,'LIB_NAME'/LIBRARY, -
+ 'OPT_FILE'/OPTION, SYS$DISK:[--]SSL_IDENT.OPT/OPTION
$!
$! All Done, Time To Return.
$!
@@ -386,7 +446,9 @@ $!
$! Link The RPW Program.
$!
$ LINK/'DEBUGGER'/'TRACEBACK'/CONTIGUOUS/EXE='EXE_DIR'RPW.EXE -
- 'OBJ_DIR'RPW.OBJ,'LIB_NAME'/LIBRARY,'OPT_FILE'/OPTION
+ /MAP='LIS_DIR'RPW.MAP /FULL/CROSS -
+ 'OBJ_DIR'RPW.OBJ,'LIB_NAME'/LIBRARY, -
+ 'OPT_FILE'/OPTION, SYS$DISK:[--]SSL_IDENT.OPT/OPTION
$!
$! All Done, Time To Return.
$!
@@ -435,8 +497,10 @@ $!
$! Link The DES Program.
$!
$ LINK/'DEBUGGER'/'TRACEBACK'/CONTIGUOUS/EXE='EXE_DIR'DES.EXE -
+ /MAP='LIS_DIR'DES.MAP /FULL/CROSS -
'OBJ_DIR'DES.OBJ,'OBJ_DIR'CBC3_ENC.OBJ,-
- 'LIB_NAME'/LIBRARY,'OPT_FILE'/OPTION
+ 'LIB_NAME'/LIBRARY, -
+ 'OPT_FILE'/OPTION, SYS$DISK:[--]SSL_IDENT.OPT/OPTION
$!
$! All Done, Time To Return.
$!
@@ -484,7 +548,9 @@ $!
$! Link The DES_OPTS Program.
$!
$ LINK/'DEBUGGER'/'TRACEBACK'/CONTIGUOUS/EXE='EXE_DIR'DES_OPTS.EXE -
- 'OBJ_DIR'DES_OPTS.OBJ,'LIB_NAME'/LIBRARY,'OPT_FILE'/OPTION
+ /MAP='LIS_DIR'DES_OPTS.MAP /FULL/CROSS -
+ 'OBJ_DIR'DES_OPTS.OBJ,'LIB_NAME'/LIBRARY, -
+ 'OPT_FILE'/OPTION, SYS$DISK:[--]SSL_IDENT.OPT/OPTION
$!
$! All Done, Time To Return.
$!
@@ -766,9 +832,9 @@ $! Written By: Richard Levitte
$! richard@levitte.org
$!
$!
-$! Check To See If We Have A Option For P4.
+$! Check To See If We Have A Option For P5.
$!
-$ IF (P4.EQS."")
+$ IF (P5.EQS."")
$ THEN
$!
$! Get The Version Of VMS We Are Using.
@@ -790,7 +856,7 @@ $! End The VMS Version Check.
$!
$ ENDIF
$!
-$! End The P4 Check.
+$! End The P5 Check.
$!
$ ENDIF
$!
@@ -850,10 +916,68 @@ $ CCDEFS = ""
$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = USER_CCDEFS
$ CCEXTRAFLAGS = ""
$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
-$ CCDISABLEWARNINGS = ""
+$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX"
$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
CCDISABLEWARNINGS = USER_CCDISABLEWARNINGS
$!
+$! On Alpha, pointers can be 32 or 64 bit wide. Libraries for both variants
+$! can be built, and will then have "32" in the name for the 32-bit variant.
+$! On VAX as well as the 64-bit variant on Alpha, the name carries no extra
+$! information about pointer size (i.e., 64 bits is default on Alpha and 32
+$! bits is default on VAX).
+$!
+$ IF (P4.NES."32" .AND. P4.NES."64")
+$ THEN
+$!
+$! Set The Default
+$!
+$ P4 = ""
+$!
+$! End of First Check Of P4
+$!
+$ ENDIF
+$!
+$! Check If P4 Isn't Set (Or Set Properly)
+$!
+$ IF (P4.EQS."" .OR. (P4.NES."32" .AND. ARCH.EQS."VAX"))
+$ THEN
+$!
+$! Check If We're On A VAX
+$!
+$ IF ARCH.EQS."VAX"
+$ THEN
+$!
+$! On VAX, We Force 32 Bit Pointers
+$!
+$ P4 = "32"
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$! On Alpha, We Use 64 Bit Pointers By Default
+$!
+$ P4 = "64"
+$!
+$! End Of Check For VAX
+$!
+$ ENDIF
+$!
+$! End Check Of P4
+$!
+$ ENDIF
+$!
+$! Set POINTER_SIZE
+$!
+$ POINTER_SIZE = P4
+$ QUAL_POINTER_SIZE = ""
+$ FILE_POINTER_SIZE = ""
+$ IF ARCH.EQS."AXP"
+$ THEN
+$ QUAL_POINTER_SIZE = "/POINTER_SIZE="+POINTER_SIZE
+$ IF POINTER_SIZE.EQS."32" THEN FILE_POINTER_SIZE = "32"
+$ ENDIF
+$!
$! Check To See If The User Entered A Valid Paramter.
$!
$ IF (P3.EQS."VAXC").OR.(P3.EQS."DECC").OR.(P3.EQS."GNUC")
@@ -878,7 +1002,7 @@ $ CC = "CC"
$ IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" -
THEN CC = "CC/DECC"
$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + -
- "/NOLIST/PREFIX=ALL" + CCEXTRAFLAGS
+ "/PREFIX=ALL" + CCEXTRAFLAGS
$!
$! Define The Linker Options File Name.
$!
@@ -910,7 +1034,7 @@ $ WRITE SYS$OUTPUT "There is no VAX C on Alpha!"
$ EXIT
$ ENDIF
$ IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC"
-$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST" + CCEXTRAFLAGS
+$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'" + CCEXTRAFLAGS
$ CCDEFS = """VAXC""," + CCDEFS
$!
$! Define <sys> As SYS$COMMON:[SYSLIB]
@@ -940,7 +1064,7 @@ $ WRITE SYS$OUTPUT "Using GNU 'C' Compiler."
$!
$! Use GNU C...
$!
-$ CC = "GCC/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + CCEXTRAFLAGS
+$ CC = "GCC/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'" + CCEXTRAFLAGS
$!
$! Define The Linker Options File Name.
$!
@@ -970,7 +1094,10 @@ $ ELSE
$ CCDISABLEWARNINGS = ""
$ CC4DISABLEWARNINGS = ""
$ ENDIF
-$ CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
+$ CC = CC + QUAL_POINTER_SIZE
+$ CC = CC + "/DEFINE=(" + CCDEFS + ")"
+$ CC4 = CC + CC4DISABLEWARNINGS
+$ CC = CC + CCDISABLEWARNINGS
$!
$! Show user the result
$!
diff --git a/crypto/dh/Makefile.ssl b/crypto/dh/Makefile.ssl
index fe5c3f4ae5..f5ca23cb22 100644
--- a/crypto/dh/Makefile.ssl
+++ b/crypto/dh/Makefile.ssl
@@ -53,7 +53,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/dsa/Makefile.ssl b/crypto/dsa/Makefile.ssl
index 0ce7445cb9..ba23345c82 100644
--- a/crypto/dsa/Makefile.ssl
+++ b/crypto/dsa/Makefile.ssl
@@ -55,7 +55,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c
index 74da6becd5..878dc67ad2 100644
--- a/crypto/dsa/dsa_gen.c
+++ b/crypto/dsa/dsa_gen.c
@@ -139,8 +139,7 @@ static int dsa_builtin_paramgen(DSA *ret, int bits,
p = BN_CTX_get(ctx);
test = BN_CTX_get(ctx);
- if (!BN_lshift(test,BN_value_one(),bits-1))
- goto err;
+ BN_lshift(test,BN_value_one(),bits-1);
for (;;)
{
@@ -210,7 +209,7 @@ static int dsa_builtin_paramgen(DSA *ret, int bits,
goto err;
/* step 7 */
- if (!BN_zero(W)) goto err;
+ BN_zero(W);
/* now 'buf' contains "SEED + offset - 1" */
for (k=0; k<=n; k++)
{
@@ -226,20 +225,20 @@ static int dsa_builtin_paramgen(DSA *ret, int bits,
/* step 8 */
if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,r0))
goto err;
- if (!BN_lshift(r0,r0,160*k)) goto err;
- if (!BN_add(W,W,r0)) goto err;
+ BN_lshift(r0,r0,160*k);
+ BN_add(W,W,r0);
}
/* more of step 8 */
- if (!BN_mask_bits(W,bits-1)) goto err;
- if (!BN_copy(X,W)) goto err;
- if (!BN_add(X,X,test)) goto err;
+ BN_mask_bits(W,bits-1);
+ BN_copy(X,W); /* this should be ok */
+ BN_add(X,X,test); /* this should be ok */
/* step 9 */
- if (!BN_lshift1(r0,q)) goto err;
- if (!BN_mod(c,X,r0,ctx)) goto err;
- if (!BN_sub(r0,c,BN_value_one())) goto err;
- if (!BN_sub(p,X,r0)) goto err;
+ BN_lshift1(r0,q);
+ BN_mod(c,X,r0,ctx);
+ BN_sub(r0,c,BN_value_one());
+ BN_sub(p,X,r0);
/* step 10 */
if (BN_cmp(p,test) >= 0)
@@ -267,18 +266,18 @@ end:
/* We now need to generate g */
/* Set r0=(p-1)/q */
- if (!BN_sub(test,p,BN_value_one())) goto err;
- if (!BN_div(r0,NULL,test,q,ctx)) goto err;
+ BN_sub(test,p,BN_value_one());
+ BN_div(r0,NULL,test,q,ctx);
- if (!BN_set_word(test,h)) goto err;
- if (!BN_MONT_CTX_set(mont,p,ctx)) goto err;
+ BN_set_word(test,h);
+ BN_MONT_CTX_set(mont,p,ctx);
for (;;)
{
/* g=test^r0%p */
- if (!BN_mod_exp_mont(g,test,r0,p,ctx,mont)) goto err;
+ BN_mod_exp_mont(g,test,r0,p,ctx,mont);
if (!BN_is_one(g)) break;
- if (!BN_add(test,test,BN_value_one())) goto err;
+ BN_add(test,test,BN_value_one());
h++;
}
@@ -295,11 +294,6 @@ err:
ret->p=BN_dup(p);
ret->q=BN_dup(q);
ret->g=BN_dup(g);
- if (ret->p == NULL || ret->q == NULL || ret->g == NULL)
- {
- ok=0;
- goto err;
- }
if ((m > 1) && (seed_in != NULL)) memcpy(seed_in,seed,20);
if (counter_ret != NULL) *counter_ret=counter;
if (h_ret != NULL) *h_ret=h;
diff --git a/crypto/dso/Makefile.ssl b/crypto/dso/Makefile.ssl
index 7478f4c532..26cee4b2d3 100644
--- a/crypto/dso/Makefile.ssl
+++ b/crypto/dso/Makefile.ssl
@@ -55,7 +55,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/dso/dso_vms.c b/crypto/dso/dso_vms.c
index 7ce9230201..85fb27a108 100644
--- a/crypto/dso/dso_vms.c
+++ b/crypto/dso/dso_vms.c
@@ -56,8 +56,14 @@
*
*/
+/* In newer versions of Compaq C, this macro is predefined when /STANDARD=ANSI89
+ is used. Unfortunately, the existence of that macro hides symbols like
+ _malloc32() and _malloc64(), so let's make sure we don't hide them. */
+#undef __HIDE_FORBIDDEN_NAMES
+
#include <stdio.h>
#include <string.h>
+#include <stdlib.h>
#include <errno.h>
#include "cryptlib.h"
#include <openssl/dso.h>
@@ -78,6 +84,16 @@ DSO_METHOD *DSO_METHOD_vms(void)
#else
#pragma message disable DOLLARID
+/* For 64-bit API */
+#if __INITIAL_POINTER_SIZE == 64
+#pragma __required_pointer_size __save
+#pragma __required_pointer_size 32
+#endif
+typedef char * char_32p;
+#if __INITIAL_POINTER_SIZE == 64
+#pragma __required_pointer_size __restore
+#endif
+
static int vms_load(DSO *dso);
static int vms_unload(DSO *dso);
static void *vms_bind_var(DSO *dso, const char *symname);
@@ -209,11 +225,11 @@ static int vms_load(DSO *dso)
p->filename_dsc.dsc$w_length = strlen(p->filename);
p->filename_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
p->filename_dsc.dsc$b_class = DSC$K_CLASS_S;
- p->filename_dsc.dsc$a_pointer = p->filename;
+ p->filename_dsc.dsc$a_pointer = (char_32p)p->filename; /* changed for 64-bit API*/
p->imagename_dsc.dsc$w_length = strlen(p->imagename);
p->imagename_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
p->imagename_dsc.dsc$b_class = DSC$K_CLASS_S;
- p->imagename_dsc.dsc$a_pointer = p->imagename;
+ p->imagename_dsc.dsc$a_pointer = (char_32p)p->imagename; /* changed for 64-bit API*/
if(!sk_push(dso->meth_data, (char *)p))
{
@@ -295,7 +311,7 @@ void vms_bind_sym(DSO *dso, const char *symname, void **sym)
symname_dsc.dsc$w_length = strlen(symname);
symname_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
symname_dsc.dsc$b_class = DSC$K_CLASS_S;
- symname_dsc.dsc$a_pointer = (char *)symname; /* The cast is needed */
+ symname_dsc.dsc$a_pointer = (char_32p)symname; /* The cast is needed */ /* changed for 64-bit API*/
if((dso == NULL) || (symname == NULL))
{
@@ -376,6 +392,7 @@ static char *vms_merger(DSO *dso, const char *filespec1, const char *filespec2)
{
int status;
int filespec1len, filespec2len;
+ char_32p filespec1copy, filespec2copy;
struct FAB fab;
#ifdef NAML$C_MAXRSS
struct NAML nam;
@@ -384,12 +401,17 @@ static char *vms_merger(DSO *dso, const char *filespec1, const char *filespec2)
struct NAM nam;
char esa[NAM$C_MAXRSS];
#endif
- char *merged;
+ char *merged = 0;
if (!filespec1) filespec1 = "";
if (!filespec2) filespec2 = "";
filespec1len = strlen(filespec1);
filespec2len = strlen(filespec2);
+ filespec1copy = _malloc32(filespec2len+1);
+ filespec2copy = _malloc32(filespec2len+1);
+ if (!filespec1copy || !filespec2copy) goto malloc_err;
+ memcpy(filespec1copy, filespec1, filespec1len+1);
+ memcpy(filespec2copy, filespec2, filespec2len+1);
fab = cc$rms_fab;
#ifdef NAML$C_MAXRSS
@@ -398,23 +420,23 @@ static char *vms_merger(DSO *dso, const char *filespec1, const char *filespec2)
nam = cc$rms_nam;
#endif
- fab.fab$l_fna = (char *)filespec1;
+ fab.fab$l_fna = filespec1copy;
fab.fab$b_fns = filespec1len;
- fab.fab$l_dna = (char *)filespec2;
+ fab.fab$l_dna = filespec2copy;
fab.fab$b_dns = filespec2len;
#ifdef NAML$C_MAXRSS
if (filespec1len > NAM$C_MAXRSS)
{
fab.fab$l_fna = 0;
fab.fab$b_fns = 0;
- nam.naml$l_long_filename = (char *)filespec1;
+ nam.naml$l_long_filename = filespec1copy;
nam.naml$l_long_filename_size = filespec1len;
}
if (filespec2len > NAM$C_MAXRSS)
{
fab.fab$l_dna = 0;
fab.fab$b_dns = 0;
- nam.naml$l_long_defname = (char *)filespec2;
+ nam.naml$l_long_defname = filespec2copy;
nam.naml$l_long_defname_size = filespec2len;
}
nam.naml$l_esa = esa;
@@ -458,7 +480,7 @@ static char *vms_merger(DSO *dso, const char *filespec1, const char *filespec2)
"defaults \"", filespec2, "\": ",
errstring);
}
- return(NULL);
+ goto end;
}
#ifdef NAML$C_MAXRSS
if (nam.naml$l_long_expand_size)
@@ -487,10 +509,14 @@ static char *vms_merger(DSO *dso, const char *filespec1, const char *filespec2)
nam.nam$b_esl);
merged[nam.nam$b_esl] = '\0';
#endif
- return(merged);
+ goto end;
malloc_err:
DSOerr(DSO_F_VMS_MERGER,
ERR_R_MALLOC_FAILURE);
+ end:
+ free(filespec2copy);
+ free(filespec1copy);
+ return(merged);
}
static char *vms_name_converter(DSO *dso, const char *filename)
diff --git a/crypto/ec/Makefile.ssl b/crypto/ec/Makefile.ssl
index f0bb149ae6..3e293c00be 100644
--- a/crypto/ec/Makefile.ssl
+++ b/crypto/ec/Makefile.ssl
@@ -58,7 +58,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/ec/ec2_smpl.c b/crypto/ec/ec2_smpl.c
index 34c3a953a5..d34e97d676 100644
--- a/crypto/ec/ec2_smpl.c
+++ b/crypto/ec/ec2_smpl.c
@@ -805,18 +805,13 @@ int ec_GF2m_simple_is_at_infinity(const EC_GROUP *group, const EC_POINT *point)
*/
int ec_GF2m_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx)
{
- int ret = -1;
BN_CTX *new_ctx = NULL;
- BIGNUM *lh, *y2;
- int (*field_mul)(const EC_GROUP *, BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);
- int (*field_sqr)(const EC_GROUP *, BIGNUM *, const BIGNUM *, BN_CTX *);
+ BIGNUM *rh, *lh, *tmp1;
+ int ret = -1;
if (EC_POINT_is_at_infinity(group, point))
return 1;
-
- field_mul = group->meth->field_mul;
- field_sqr = group->meth->field_sqr;
-
+
/* only support affine coordinates */
if (!point->Z_is_one) goto err;
@@ -828,23 +823,37 @@ int ec_GF2m_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_
}
BN_CTX_start(ctx);
- y2 = BN_CTX_get(ctx);
+ rh = BN_CTX_get(ctx);
lh = BN_CTX_get(ctx);
- if (lh == NULL) goto err;
+ tmp1 = BN_CTX_get(ctx);
+ if (tmp1 == NULL) goto err;
/* We have a curve defined by a Weierstrass equation
* y^2 + x*y = x^3 + a*x^2 + b.
- * <=> x^3 + a*x^2 + x*y + b + y^2 = 0
- * <=> ((x + a) * x + y ) * x + b + y^2 = 0
+ * To test this, we add up the right-hand side in 'rh'
+ * and the left-hand side in 'lh'.
*/
- if (!BN_GF2m_add(lh, &point->X, &group->a)) goto err;
- if (!field_mul(group, lh, lh, &point->X, ctx)) goto err;
- if (!BN_GF2m_add(lh, lh, &point->Y)) goto err;
- if (!field_mul(group, lh, lh, &point->X, ctx)) goto err;
- if (!BN_GF2m_add(lh, lh, &group->b)) goto err;
- if (!field_sqr(group, y2, &point->Y, ctx)) goto err;
- if (!BN_GF2m_add(lh, lh, y2)) goto err;
- ret = BN_is_zero(lh);
+
+ /* rh := X^3 */
+ if (!group->meth->field_sqr(group, tmp1, &point->X, ctx)) goto err;
+ if (!group->meth->field_mul(group, rh, tmp1, &point->X, ctx)) goto err;
+
+ /* rh := rh + a*X^2 */
+ if (!group->meth->field_mul(group, tmp1, tmp1, &group->a, ctx)) goto err;
+ if (!BN_GF2m_add(rh, rh, tmp1)) goto err;
+
+ /* rh := rh + b */
+ if (!BN_GF2m_add(rh, rh, &group->b)) goto err;
+
+ /* lh := Y^2 */
+ if (!group->meth->field_sqr(group, lh, &point->Y, ctx)) goto err;
+
+ /* lh := lh + x*y */
+ if (!group->meth->field_mul(group, tmp1, &point->X, &point->Y, ctx)) goto err;
+ if (!BN_GF2m_add(lh, lh, tmp1)) goto err;
+
+ ret = (0 == BN_GF2m_cmp(lh, rh));
+
err:
if (ctx) BN_CTX_end(ctx);
if (new_ctx) BN_CTX_free(new_ctx);
diff --git a/crypto/ec/ecp_smpl.c b/crypto/ec/ecp_smpl.c
index 1c0052c5ca..87ebf7b89e 100644
--- a/crypto/ec/ecp_smpl.c
+++ b/crypto/ec/ecp_smpl.c
@@ -1301,7 +1301,7 @@ int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_C
int (*field_sqr)(const EC_GROUP *, BIGNUM *, const BIGNUM *, BN_CTX *);
const BIGNUM *p;
BN_CTX *new_ctx = NULL;
- BIGNUM *rh, *tmp, *Z4, *Z6;
+ BIGNUM *rh, *tmp1, *tmp2, *Z4, *Z6;
int ret = -1;
if (EC_POINT_is_at_infinity(group, point))
@@ -1320,7 +1320,8 @@ int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_C
BN_CTX_start(ctx);
rh = BN_CTX_get(ctx);
- tmp = BN_CTX_get(ctx);
+ tmp1 = BN_CTX_get(ctx);
+ tmp2 = BN_CTX_get(ctx);
Z4 = BN_CTX_get(ctx);
Z6 = BN_CTX_get(ctx);
if (Z6 == NULL) goto err;
@@ -1334,49 +1335,59 @@ int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_C
* To test this, we add up the right-hand side in 'rh'.
*/
- /* rh := X^2 */
+ /* rh := X^3 */
if (!field_sqr(group, rh, &point->X, ctx)) goto err;
+ if (!field_mul(group, rh, rh, &point->X, ctx)) goto err;
if (!point->Z_is_one)
{
- if (!field_sqr(group, tmp, &point->Z, ctx)) goto err;
- if (!field_sqr(group, Z4, tmp, ctx)) goto err;
- if (!field_mul(group, Z6, Z4, tmp, ctx)) goto err;
+ if (!field_sqr(group, tmp1, &point->Z, ctx)) goto err;
+ if (!field_sqr(group, Z4, tmp1, ctx)) goto err;
+ if (!field_mul(group, Z6, Z4, tmp1, ctx)) goto err;
- /* rh := (rh + a*Z^4)*X */
+ /* rh := rh + a*X*Z^4 */
+ if (!field_mul(group, tmp1, &point->X, Z4, ctx)) goto err;
if (group->a_is_minus3)
{
- if (!BN_mod_lshift1_quick(tmp, Z4, p)) goto err;
- if (!BN_mod_add_quick(tmp, tmp, Z4, p)) goto err;
- if (!BN_mod_sub_quick(rh, rh, tmp, p)) goto err;
- if (!field_mul(group, rh, rh, &point->X, ctx)) goto err;
+ if (!BN_mod_lshift1_quick(tmp2, tmp1, p)) goto err;
+ if (!BN_mod_add_quick(tmp2, tmp2, tmp1, p)) goto err;
+ if (!BN_mod_sub_quick(rh, rh, tmp2, p)) goto err;
}
else
{
- if (!field_mul(group, tmp, Z4, &group->a, ctx)) goto err;
- if (!BN_mod_add_quick(rh, rh, tmp, p)) goto err;
- if (!field_mul(group, rh, rh, &point->X, ctx)) goto err;
+ if (!field_mul(group, tmp2, tmp1, &group->a, ctx)) goto err;
+ if (!BN_mod_add_quick(rh, rh, tmp2, p)) goto err;
}
/* rh := rh + b*Z^6 */
- if (!field_mul(group, tmp, &group->b, Z6, ctx)) goto err;
- if (!BN_mod_add_quick(rh, rh, tmp, p)) goto err;
+ if (!field_mul(group, tmp1, &group->b, Z6, ctx)) goto err;
+ if (!BN_mod_add_quick(rh, rh, tmp1, p)) goto err;
}
else
{
/* point->Z_is_one */
- /* rh := (rh + a)*X */
- if (!BN_mod_add_quick(rh, rh, &group->a, p)) goto err;
- if (!field_mul(group, rh, rh, &point->X, ctx)) goto err;
+ /* rh := rh + a*X */
+ if (group->a_is_minus3)
+ {
+ if (!BN_mod_lshift1_quick(tmp2, &point->X, p)) goto err;
+ if (!BN_mod_add_quick(tmp2, tmp2, &point->X, p)) goto err;
+ if (!BN_mod_sub_quick(rh, rh, tmp2, p)) goto err;
+ }
+ else
+ {
+ if (!field_mul(group, tmp2, &point->X, &group->a, ctx)) goto err;
+ if (!BN_mod_add_quick(rh, rh, tmp2, p)) goto err;
+ }
+
/* rh := rh + b */
if (!BN_mod_add_quick(rh, rh, &group->b, p)) goto err;
}
/* 'lh' := Y^2 */
- if (!field_sqr(group, tmp, &point->Y, ctx)) goto err;
+ if (!field_sqr(group, tmp1, &point->Y, ctx)) goto err;
- ret = (0 == BN_ucmp(tmp, rh));
+ ret = (0 == BN_cmp(tmp1, rh));
err:
BN_CTX_end(ctx);
diff --git a/crypto/ecdh/Makefile.ssl b/crypto/ecdh/Makefile.ssl
index 7e1dfefd85..ff46ca041d 100644
--- a/crypto/ecdh/Makefile.ssl
+++ b/crypto/ecdh/Makefile.ssl
@@ -54,7 +54,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/ecdh/ech_key.c b/crypto/ecdh/ech_key.c
index 7d1bb32ae0..923a7e9dd9 100644
--- a/crypto/ecdh/ech_key.c
+++ b/crypto/ecdh/ech_key.c
@@ -68,9 +68,7 @@
*/
#include "ecdh.h"
-#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
-#endif
int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *eckey,
void *(*KDF)(void *in, size_t inlen, void *out, size_t outlen))
diff --git a/crypto/ecdh/ech_lib.c b/crypto/ecdh/ech_lib.c
index f2abfed510..a0e4ef45f0 100644
--- a/crypto/ecdh/ech_lib.c
+++ b/crypto/ecdh/ech_lib.c
@@ -69,9 +69,7 @@
#include "ecdh.h"
#include <string.h>
-#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
-#endif
#include <openssl/err.h>
const char *ECDH_version="ECDH" OPENSSL_VERSION_PTEXT;
@@ -107,13 +105,11 @@ int ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth)
if (mtmp->finish)
mtmp->finish(eckey);
#endif
-#ifndef OPENSSL_NO_ENGINE
if (ecdh->engine)
{
ENGINE_finish(ecdh->engine);
ecdh->engine = NULL;
}
-#endif
ecdh->meth = meth;
#if 0
if (meth->init)
@@ -143,7 +139,6 @@ ECDH_DATA *ECDH_DATA_new_method(ENGINE *engine)
ret->meth = ECDH_get_default_method();
ret->engine = engine;
-#ifndef OPENSSL_NO_ENGINE
if (!ret->engine)
ret->engine = ENGINE_get_default_ECDH();
if (ret->engine)
@@ -157,7 +152,6 @@ ECDH_DATA *ECDH_DATA_new_method(ENGINE *engine)
return NULL;
}
}
-#endif
ret->flags = ret->meth->flags;
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ECDH, ret, &ret->ex_data);
@@ -178,10 +172,8 @@ void ECDH_DATA_free(ECDH_DATA *r)
if (r->meth->finish)
r->meth->finish(r);
#endif
-#ifndef OPENSSL_NO_ENGINE
if (r->engine)
ENGINE_finish(r->engine);
-#endif
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDH, r, &r->ex_data);
diff --git a/crypto/ecdsa/Makefile.ssl b/crypto/ecdsa/Makefile.ssl
index e096a0a90e..935ea7a44f 100644
--- a/crypto/ecdsa/Makefile.ssl
+++ b/crypto/ecdsa/Makefile.ssl
@@ -54,7 +54,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/ecdsa/ecdsatest.c b/crypto/ecdsa/ecdsatest.c
index 44321c5ac6..401b23c694 100644
--- a/crypto/ecdsa/ecdsatest.c
+++ b/crypto/ecdsa/ecdsatest.c
@@ -483,7 +483,7 @@ err:
BIO_printf(out, "\nECDSA test failed\n");
else
BIO_printf(out, "\nECDSA test passed\n");
- if (ret)
+ if (!ret)
ERR_print_errors(out);
CRYPTO_cleanup_all_ex_data();
ERR_remove_state(0);
diff --git a/crypto/ecdsa/ecs_lib.c b/crypto/ecdsa/ecs_lib.c
index e355a35698..d553ea1cd6 100644
--- a/crypto/ecdsa/ecs_lib.c
+++ b/crypto/ecdsa/ecs_lib.c
@@ -55,9 +55,7 @@
#include <string.h>
#include "ecdsa.h"
-#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
-#endif
#include <openssl/err.h>
#include <openssl/bn.h>
@@ -94,13 +92,11 @@ int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth)
if (mtmp->finish)
mtmp->finish(eckey);
#endif
-#ifndef OPENSSL_NO_ENGINE
if (ecdsa->engine)
{
ENGINE_finish(ecdsa->engine);
ecdsa->engine = NULL;
}
-#endif
ecdsa->meth = meth;
#if 0
if (meth->init)
@@ -133,7 +129,6 @@ ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *engine)
ret->meth = ECDSA_get_default_method();
ret->engine = engine;
-#ifndef OPENSSL_NO_ENGINE
if (!ret->engine)
ret->engine = ENGINE_get_default_ECDSA();
if (ret->engine)
@@ -147,7 +142,6 @@ ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *engine)
return NULL;
}
}
-#endif
ret->flags = ret->meth->flags;
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ECDSA, ret, &ret->ex_data);
@@ -173,10 +167,8 @@ void ECDSA_DATA_free(ECDSA_DATA *r)
if (r->meth->finish)
r->meth->finish(r);
#endif
-#ifndef OPENSSL_NO_ENGINE
if (r->engine)
ENGINE_finish(r->engine);
-#endif
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDSA, r, &r->ex_data);
diff --git a/crypto/ecdsa/ecs_sign.c b/crypto/ecdsa/ecs_sign.c
index 4667c8cfcc..215da1211a 100644
--- a/crypto/ecdsa/ecs_sign.c
+++ b/crypto/ecdsa/ecs_sign.c
@@ -54,9 +54,7 @@
*/
#include "ecdsa.h"
-#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
-#endif
ECDSA_SIG * ECDSA_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey)
{
diff --git a/crypto/ecdsa/ecs_vrf.c b/crypto/ecdsa/ecs_vrf.c
index 15a6ab49f9..269671bec8 100644
--- a/crypto/ecdsa/ecs_vrf.c
+++ b/crypto/ecdsa/ecs_vrf.c
@@ -54,9 +54,7 @@
*/
#include "ecdsa.h"
-#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
-#endif
/* returns
* 1: correct signature
diff --git a/crypto/engine/Makefile.ssl b/crypto/engine/Makefile.ssl
index f75297fd0c..ef42383295 100644
--- a/crypto/engine/Makefile.ssl
+++ b/crypto/engine/Makefile.ssl
@@ -27,12 +27,12 @@ LIBSRC= eng_err.c eng_lib.c eng_list.c eng_init.c eng_ctrl.c \
eng_table.c eng_pkey.c eng_fat.c eng_all.c \
tb_rsa.c tb_dsa.c tb_ecdsa.c tb_dh.c tb_ecdh.c tb_rand.c tb_store.c \
tb_cipher.c tb_digest.c \
- eng_openssl.c eng_cnf.c eng_dyn.c eng_cryptodev.c eng_padlock.c
+ eng_openssl.c eng_cnf.c eng_dyn.c eng_cryptodev.c
LIBOBJ= eng_err.o eng_lib.o eng_list.o eng_init.o eng_ctrl.o \
eng_table.o eng_pkey.o eng_fat.o eng_all.o \
tb_rsa.o tb_dsa.o tb_ecdsa.o tb_dh.o tb_ecdh.o tb_rand.o tb_store.o \
tb_cipher.o tb_digest.o \
- eng_openssl.o eng_cnf.o eng_dyn.o eng_cryptodev.o eng_padlock.o
+ eng_openssl.o eng_cnf.o eng_dyn.o eng_cryptodev.o
SRC= $(LIBSRC)
@@ -61,7 +61,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
@@ -187,16 +187,6 @@ eng_openssl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
eng_openssl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
eng_openssl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
eng_openssl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_openssl.c
-eng_padlock.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-eng_padlock.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-eng_padlock.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-eng_padlock.o: ../../include/openssl/engine.h ../../include/openssl/evp.h
-eng_padlock.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-eng_padlock.o: ../../include/openssl/opensslconf.h
-eng_padlock.o: ../../include/openssl/opensslv.h
-eng_padlock.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-eng_padlock.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-eng_padlock.o: ../../include/openssl/symhacks.h eng_padlock.c
eng_pkey.o: ../../e_os.h ../../include/openssl/bio.h
eng_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
eng_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
diff --git a/crypto/engine/eng_all.c b/crypto/engine/eng_all.c
index 93c54d0f6f..1f28b4078b 100644
--- a/crypto/engine/eng_all.c
+++ b/crypto/engine/eng_all.c
@@ -95,9 +95,6 @@ void ENGINE_load_builtin_engines(void)
#ifndef OPENSSL_NO_HW_UBSEC
ENGINE_load_ubsec();
#endif
-#ifndef OPENSSL_NO_HW_PADLOCK
- ENGINE_load_padlock();
-#endif
#endif
#if defined(__OpenBSD__) || defined(__FreeBSD__)
ENGINE_load_cryptodev();
diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h
index 14fefea474..86517b8ba5 100644
--- a/crypto/engine/engine.h
+++ b/crypto/engine/engine.h
@@ -347,7 +347,6 @@ void ENGINE_load_sureware(void);
void ENGINE_load_ubsec(void);
#endif
void ENGINE_load_cryptodev(void);
-void ENGINE_load_padlock(void);
void ENGINE_load_builtin_engines(void);
/* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation
diff --git a/crypto/err/Makefile.ssl b/crypto/err/Makefile.ssl
index 5630819423..8c183ef8b9 100644
--- a/crypto/err/Makefile.ssl
+++ b/crypto/err/Makefile.ssl
@@ -53,7 +53,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/err/err.c b/crypto/err/err.c
index e28ec56ffa..439b071ac9 100644
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@@ -122,6 +122,11 @@
static void err_load_strings(int lib, ERR_STRING_DATA *str);
static void ERR_STATE_free(ERR_STATE *s);
+
+#ifdef OPENSSL_SYS_VMS
+static void extract_progname (char *,char **);
+#endif
+
#ifndef OPENSSL_NO_ERR
static ERR_STRING_DATA ERR_str_libraries[]=
{
@@ -592,11 +597,19 @@ static void build_SYS_str_reasons()
(p)->err_data_flags[i]=0; \
} while(0)
+#ifdef OPENSSL_SYS_VMS
+#define err_clear_file(p,i) \
+ free((char *)p->err_file[i]);
+#else
+#define err_clear_file(p,i)
+#endif
+
#define err_clear(p,i) \
do { \
(p)->err_flags[i]=0; \
(p)->err_buffer[i]=0; \
err_clear_data(p,i); \
+ err_clear_file(p,i); \
(p)->err_file[i]=NULL; \
(p)->err_line[i]= -1; \
} while(0)
@@ -692,7 +705,11 @@ void ERR_put_error(int lib, int func, int reason, const char *file,
es->bottom=(es->bottom+1)%ERR_NUM_ERRORS;
es->err_flags[es->top]=0;
es->err_buffer[es->top]=ERR_PACK(lib,func,reason);
+#ifdef OPENSSL_SYS_VMS
+ extract_progname ((char *)file, (char **)&es->err_file[es->top]);
+#else
es->err_file[es->top]=file;
+#endif
es->err_line[es->top]=line;
err_clear_data(es,es->top);
}
@@ -1113,3 +1130,58 @@ int ERR_pop_to_mark(void)
es->err_flags[es->top]&=~ERR_FLAG_MARK;
return 1;
}
+
+#ifdef OPENSSL_SYS_VMS
+#pragma nostandard
+#include <stdlib.h>
+#include <rms.h>
+
+static void extract_progname(char *image_name, char **prog_name)
+ {
+#if __INITIAL_POINTER_SIZE == 64
+#pragma __required_pointer_size __save
+#pragma __required_pointer_size 32
+#endif
+ typedef char char_32;
+ char *tmp_image_name;
+#if __INITIAL_POINTER_SIZE == 64
+#pragma __required_pointer_size __restore
+#endif
+ char esa[NAM$C_MAXRSS],
+ rsa[NAM$C_MAXRSS];
+ struct FAB fab;
+ struct NAM nam;
+ int status;
+
+ fab = cc$rms_fab;
+ nam = cc$rms_nam;
+
+#if __INITIAL_POINTER_SIZE == 64
+ tmp_image_name = (char_32 *)_malloc32 (strlen (image_name) + 1);
+#else
+ tmp_image_name = (char *)malloc (strlen (image_name) + 1);
+#endif
+ strncpy (tmp_image_name, image_name, strlen (image_name));
+ fab.fab$l_fna = tmp_image_name;
+ fab.fab$b_fns = strlen (image_name);
+ fab.fab$l_nam = &nam;
+
+ nam.nam$l_esa = esa;
+ nam.nam$b_ess = sizeof (esa);
+ nam.nam$l_rsa = rsa;
+ nam.nam$b_rss = sizeof (rsa);
+ nam.nam$v_synchk = 1;
+
+ status = SYS$PARSE (&fab);
+ if (! (status & 1))
+ exit (status);
+
+ *prog_name = (char *)malloc (nam.nam$b_name + 1);
+ strncpy (*prog_name, nam.nam$l_name, nam.nam$b_name);
+ *(*prog_name + nam.nam$b_name) = '\0';
+
+ free (tmp_image_name);
+#pragma standard
+}
+
+#endif
diff --git a/crypto/evp/Makefile.ssl b/crypto/evp/Makefile.ssl
index 70788962a8..5d56822946 100644
--- a/crypto/evp/Makefile.ssl
+++ b/crypto/evp/Makefile.ssl
@@ -76,7 +76,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/evp/bio_md.c b/crypto/evp/bio_md.c
index 27ec62f4b5..c632dfb202 100644
--- a/crypto/evp/bio_md.c
+++ b/crypto/evp/bio_md.c
@@ -176,11 +176,10 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr)
{
case BIO_CTRL_RESET:
if (b->init)
- ret = EVP_DigestInit_ex(ctx,ctx->digest, NULL);
+ EVP_DigestInit_ex(ctx,ctx->digest, NULL);
else
ret=0;
- if (ret > 0)
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
break;
case BIO_C_GET_MD:
if (b->init)
@@ -208,9 +207,8 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr)
case BIO_C_SET_MD:
md=ptr;
- ret = EVP_DigestInit_ex(ctx,md, NULL);
- if (ret > 0)
- b->init=1;
+ EVP_DigestInit_ex(ctx,md, NULL);
+ b->init=1;
break;
case BIO_CTRL_DUP:
dbio=ptr;
diff --git a/crypto/evp/bio_ok.c b/crypto/evp/bio_ok.c
index 98bc1ab409..4e3f10141b 100644
--- a/crypto/evp/bio_ok.c
+++ b/crypto/evp/bio_ok.c
@@ -119,7 +119,6 @@
#include <stdio.h>
#include <errno.h>
-#include <assert.h>
#include "cryptlib.h"
#include <openssl/buffer.h>
#include <openssl/bio.h>
@@ -142,12 +141,22 @@ static void block_in(BIO* b);
#define IOBS (OK_BLOCK_SIZE+ OK_BLOCK_BLOCK+ 3*EVP_MAX_MD_SIZE)
#define WELLKNOWN "The quick brown fox jumped over the lazy dog's back."
+#ifndef L_ENDIAN
+#define swapem(x) \
+ ((unsigned long int)((((unsigned long int)(x) & 0x000000ffU) << 24) | \
+ (((unsigned long int)(x) & 0x0000ff00U) << 8) | \
+ (((unsigned long int)(x) & 0x00ff0000U) >> 8) | \
+ (((unsigned long int)(x) & 0xff000000U) >> 24)))
+#else
+#define swapem(x) (x)
+#endif
+
typedef struct ok_struct
{
- size_t buf_len;
- size_t buf_off;
- size_t buf_len_save;
- size_t buf_off_save;
+ int buf_len;
+ int buf_off;
+ int buf_len_save;
+ int buf_off_save;
int cont; /* <= 0 when finished */
int finished;
EVP_MD_CTX md;
@@ -286,8 +295,6 @@ static int ok_write(BIO *b, const char *in, int inl)
int ret=0,n,i;
BIO_OK_CTX *ctx;
- if (inl <= 0) return inl;
-
ctx=(BIO_OK_CTX *)b->ptr;
ret=inl;
@@ -323,7 +330,7 @@ static int ok_write(BIO *b, const char *in, int inl)
if ((in == NULL) || (inl <= 0)) return(0);
n= (inl+ ctx->buf_len > OK_BLOCK_SIZE+ OK_BLOCK_BLOCK) ?
- (int)(OK_BLOCK_SIZE+OK_BLOCK_BLOCK-ctx->buf_len) : inl;
+ OK_BLOCK_SIZE+ OK_BLOCK_BLOCK- ctx->buf_len : inl;
memcpy((unsigned char *)(&(ctx->buf[ctx->buf_len])),(unsigned char *)in,n);
ctx->buf_len+= n;
@@ -441,18 +448,16 @@ static long ok_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
return(ret);
}
-static void longswap(void *_ptr, size_t len)
-{ const union { long one; char little; } is_endian = {1};
-
- if (is_endian.little) {
- size_t i;
- unsigned char *p=_ptr,c;
+static void longswap(void *_ptr, int len)
+{
+#ifndef L_ENDIAN
+ int i;
+ char *ptr=_ptr;
- for(i= 0;i < len;i+= 4) {
- c=p[0],p[0]=p[3],p[3]=c;
- c=p[1],p[1]=p[2],p[2]=c;
- }
+ for(i= 0;i < len;i+= 4){
+ *((unsigned long *)&(ptr[i]))= swapem(*((unsigned long *)&(ptr[i])));
}
+#endif
}
static void sig_out(BIO* b)
@@ -491,7 +496,7 @@ static void sig_in(BIO* b)
ctx=b->ptr;
md=&ctx->md;
- if((int)(ctx->buf_len-ctx->buf_off) < 2*md->digest->md_size) return;
+ if(ctx->buf_len- ctx->buf_off < 2* md->digest->md_size) return;
EVP_DigestInit_ex(md, md->digest, NULL);
memcpy(md->md_data, &(ctx->buf[ctx->buf_off]), md->digest->md_size);
@@ -528,10 +533,9 @@ static void block_out(BIO* b)
md=&ctx->md;
tl= ctx->buf_len- OK_BLOCK_BLOCK;
- ctx->buf[0]=(unsigned char)(tl>>24);
- ctx->buf[1]=(unsigned char)(tl>>16);
- ctx->buf[2]=(unsigned char)(tl>>8);
- ctx->buf[3]=(unsigned char)(tl);
+ tl= swapem(tl);
+ memcpy(ctx->buf, &tl, OK_BLOCK_BLOCK);
+ tl= swapem(tl);
EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl);
EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL);
ctx->buf_len+= md->digest->md_size;
@@ -542,18 +546,14 @@ static void block_in(BIO* b)
{
BIO_OK_CTX *ctx;
EVP_MD_CTX *md;
- unsigned long tl= 0;
+ long tl= 0;
unsigned char tmp[EVP_MAX_MD_SIZE];
ctx=b->ptr;
md=&ctx->md;
- assert(sizeof(tl)>=OK_BLOCK_BLOCK); /* always true */
- tl =ctx->buf[0]; tl<<=8;
- tl|=ctx->buf[1]; tl<<=8;
- tl|=ctx->buf[2]; tl<<=8;
- tl|=ctx->buf[3];
-
+ memcpy(&tl, ctx->buf, OK_BLOCK_BLOCK);
+ tl= swapem(tl);
if (ctx->buf_len < tl+ OK_BLOCK_BLOCK+ md->digest->md_size) return;
EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl);
diff --git a/crypto/evp/c_all.c b/crypto/evp/c_all.c
index a5da52e62d..fa60a73ead 100644
--- a/crypto/evp/c_all.c
+++ b/crypto/evp/c_all.c
@@ -74,12 +74,6 @@ void OpenSSL_add_all_algorithms(void)
void OPENSSL_add_all_algorithms_noconf(void)
{
- /*
- * For the moment OPENSSL_cpuid_setup does something
- * only on IA-32, but we reserve the option for all
- * platforms...
- */
- OPENSSL_cpuid_setup();
OpenSSL_add_all_ciphers();
OpenSSL_add_all_digests();
#ifndef OPENSSL_NO_ENGINE
diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c
index e752c2073a..e81b810dea 100644
--- a/crypto/evp/evp_pkey.c
+++ b/crypto/evp/evp_pkey.c
@@ -341,11 +341,7 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken)
return NULL;
}
p8->broken = broken;
- if (!ASN1_INTEGER_set(p8->version, 0)) {
- EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
- PKCS8_PRIV_KEY_INFO_free (p8);
- return NULL;
- }
+ ASN1_INTEGER_set (p8->version, 0);
if (!(p8->pkeyalg->parameter = ASN1_TYPE_new ())) {
EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
PKCS8_PRIV_KEY_INFO_free (p8);
@@ -422,35 +418,29 @@ PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken)
#ifndef OPENSSL_NO_DSA
static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
{
- ASN1_STRING *params = NULL;
- ASN1_INTEGER *prkey = NULL;
- ASN1_TYPE *ttmp = NULL;
- STACK_OF(ASN1_TYPE) *ndsa = NULL;
- unsigned char *p = NULL, *q;
+ ASN1_STRING *params;
+ ASN1_INTEGER *prkey;
+ ASN1_TYPE *ttmp;
+ STACK_OF(ASN1_TYPE) *ndsa;
+ unsigned char *p, *q;
int len;
p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa);
len = i2d_DSAparams (pkey->pkey.dsa, NULL);
if (!(p = OPENSSL_malloc(len))) {
EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
- goto err;
+ PKCS8_PRIV_KEY_INFO_free (p8);
+ return 0;
}
q = p;
i2d_DSAparams (pkey->pkey.dsa, &q);
- if (!(params = ASN1_STRING_new())) {
- EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (!ASN1_STRING_set(params, p, len)) {
- EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
- goto err;
- }
+ params = ASN1_STRING_new();
+ ASN1_STRING_set(params, p, len);
OPENSSL_free(p);
- p = NULL;
/* Get private key into integer */
if (!(prkey = BN_to_ASN1_INTEGER (pkey->pkey.dsa->priv_key, NULL))) {
EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR);
- goto err;
+ return 0;
}
switch(p8->broken) {
@@ -461,13 +451,12 @@ static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
if (!ASN1_pack_string((char *)prkey, i2d_ASN1_INTEGER,
&p8->pkey->value.octet_string)) {
EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
- goto err;
+ M_ASN1_INTEGER_free (prkey);
+ return 0;
}
M_ASN1_INTEGER_free (prkey);
- prkey = NULL;
p8->pkeyalg->parameter->value.sequence = params;
- params = NULL;
p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
break;
@@ -475,51 +464,32 @@ static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
case PKCS8_NS_DB:
p8->pkeyalg->parameter->value.sequence = params;
- params = NULL;
p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
- if (!(ndsa = sk_ASN1_TYPE_new_null())) {
- EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (!(ttmp = ASN1_TYPE_new())) {
- EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (!(ttmp->value.integer =
- BN_to_ASN1_INTEGER(pkey->pkey.dsa->pub_key, NULL))) {
+ ndsa = sk_ASN1_TYPE_new_null();
+ ttmp = ASN1_TYPE_new();
+ if (!(ttmp->value.integer = BN_to_ASN1_INTEGER (pkey->pkey.dsa->pub_key, NULL))) {
EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR);
- goto err;
+ PKCS8_PRIV_KEY_INFO_free(p8);
+ return 0;
}
ttmp->type = V_ASN1_INTEGER;
- if (!sk_ASN1_TYPE_push(ndsa, ttmp)) {
- EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
- goto err;
- }
+ sk_ASN1_TYPE_push(ndsa, ttmp);
- if (!(ttmp = ASN1_TYPE_new())) {
- EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
- goto err;
- }
+ ttmp = ASN1_TYPE_new();
ttmp->value.integer = prkey;
- prkey = NULL;
ttmp->type = V_ASN1_INTEGER;
- if (!sk_ASN1_TYPE_push(ndsa, ttmp)) {
- EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- ttmp = NULL;
+ sk_ASN1_TYPE_push(ndsa, ttmp);
- if (!(p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())) {
- EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
- goto err;
- }
+ p8->pkey->value.octet_string = ASN1_OCTET_STRING_new();
if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE,
&p8->pkey->value.octet_string->data,
&p8->pkey->value.octet_string->length)) {
EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
- goto err;
+ sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
+ M_ASN1_INTEGER_free(prkey);
+ return 0;
}
sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
break;
@@ -527,58 +497,32 @@ static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
case PKCS8_EMBEDDED_PARAM:
p8->pkeyalg->parameter->type = V_ASN1_NULL;
- if (!(ndsa = sk_ASN1_TYPE_new_null())) {
- EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (!(ttmp = ASN1_TYPE_new())) {
- EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
- goto err;
- }
+ ndsa = sk_ASN1_TYPE_new_null();
+ ttmp = ASN1_TYPE_new();
ttmp->value.sequence = params;
- params = NULL;
ttmp->type = V_ASN1_SEQUENCE;
- if (!sk_ASN1_TYPE_push(ndsa, ttmp)) {
- EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
- goto err;
- }
+ sk_ASN1_TYPE_push(ndsa, ttmp);
- if (!(ttmp = ASN1_TYPE_new())) {
- EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
- goto err;
- }
+ ttmp = ASN1_TYPE_new();
ttmp->value.integer = prkey;
- prkey = NULL;
ttmp->type = V_ASN1_INTEGER;
- if (!sk_ASN1_TYPE_push(ndsa, ttmp)) {
- EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- ttmp = NULL;
+ sk_ASN1_TYPE_push(ndsa, ttmp);
- if (!(p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())) {
- EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
- goto err;
- }
+ p8->pkey->value.octet_string = ASN1_OCTET_STRING_new();
if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE,
&p8->pkey->value.octet_string->data,
&p8->pkey->value.octet_string->length)) {
EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
- goto err;
+ sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
+ M_ASN1_INTEGER_free (prkey);
+ return 0;
}
sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
break;
}
return 1;
-err:
- if (p != NULL) OPENSSL_free(p);
- if (params != NULL) ASN1_STRING_free(params);
- if (prkey != NULL) M_ASN1_INTEGER_free(prkey);
- if (ttmp != NULL) ASN1_TYPE_free(ttmp);
- if (ndsa != NULL) sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
- return 0;
}
#endif
diff --git a/crypto/hmac/Makefile.ssl b/crypto/hmac/Makefile.ssl
index 6b6d9c3ba9..f803110b2c 100644
--- a/crypto/hmac/Makefile.ssl
+++ b/crypto/hmac/Makefile.ssl
@@ -53,7 +53,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index 16d95e08d5..50765e227b 100644
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -89,7 +89,7 @@ void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
}
else
{
- OPENSSL_assert(len>=0 && len<=(int)sizeof(ctx->key));
+ OPENSSL_assert(len <= (int)sizeof(ctx->key));
memcpy(ctx->key,key,len);
ctx->key_length=len;
}
diff --git a/crypto/idea/Makefile.ssl b/crypto/idea/Makefile.ssl
index 4ceb095151..fa016ea399 100644
--- a/crypto/idea/Makefile.ssl
+++ b/crypto/idea/Makefile.ssl
@@ -53,7 +53,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/install.com b/crypto/install.com
index c98f5c581f..0ca4f845f7 100644
--- a/crypto/install.com
+++ b/crypto/install.com
@@ -4,6 +4,8 @@ $! Author: Richard Levitte <richard@levitte.org>
$! Time of creation: 22-MAY-1998 10:13
$!
$! P1 root of the directory tree
+$! P2 prefix for certain file (this is really for Compaq, who need to
+$! use the SSL$ prefix)
$!
$ IF P1 .EQS. ""
$ THEN
@@ -12,6 +14,13 @@ $ WRITE SYS$OUTPUT "Should be the directory where you want things installed.
$ EXIT
$ ENDIF
$
+$ IF P2 .NES. ""
+$ THEN
+$ FILE_PREFIX = P2
+$ ELSE
+$ FILE_PREFIX = ""
+$ ENDIF
+$
$ ROOT = F$PARSE(P1,"[]A.;0",,,"SYNTAX_ONLY,NO_CONCEAL") - "A.;0"
$ ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY")
$ ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") -
@@ -89,7 +98,14 @@ $ EXHEADER_UI := ui.h,ui_compat.h
$ EXHEADER_KRB5 := krb5_asn.h
$! EXHEADER_STORE := store.h,str_compat.h
$ EXHEADER_STORE := store.h
-$ LIBS := LIBCRYPTO
+$!
+$! We can combine the .OLBs and .EXEs under LIBS
+$! since the two pieces of LOOP_* code are smart
+$! enough to check for the existance of the file
+$! before trying to copy it.
+$!
+$ LIBS := LIBCRYPTO32,LIBCRYPTO64,LIBCRYPTO,-
+ LIBCRYPTO_SHR32,LIBCRYPTO_SHR64,LIBCRYPTO_SHR
$
$ VEXE_DIR := [-.VAX.EXE.CRYPTO]
$ AEXE_DIR := [-.AXP.EXE.CRYPTO]
@@ -124,8 +140,8 @@ $ ENDIF
$ ! Preparing for the time when we have shareable images
$ IF F$SEARCH(VEXE_DIR+E+".EXE") .NES. ""
$ THEN
-$ COPY 'VEXE_DIR''E'.EXE WRK_SSLVLIB:'E'.EXE/log
-$ SET FILE/PROT=W:RE WRK_SSLVLIB:'E'.EXE
+$ COPY 'VEXE_DIR''E'.EXE WRK_SSLVLIB:'FILE_PREFIX''E'.EXE/log
+$ SET FILE/PROT=W:RE WRK_SSLVLIB:'FILE_PREFIX''E'.EXE
$ ENDIF
$ IF F$SEARCH(AEXE_DIR+E+".OLB") .NES. ""
$ THEN
@@ -135,8 +151,8 @@ $ ENDIF
$ ! Preparing for the time when we have shareable images
$ IF F$SEARCH(AEXE_DIR+E+".EXE") .NES. ""
$ THEN
-$ COPY 'AEXE_DIR''E'.EXE WRK_SSLALIB:'E'.EXE/log
-$ SET FILE/PROT=W:RE WRK_SSLALIB:'E'.EXE
+$ COPY 'AEXE_DIR''E'.EXE WRK_SSLALIB:'FILE_PREFIX''E'.EXE/log
+$ SET FILE/PROT=W:RE WRK_SSLALIB:'FILE_PREFIX''E'.EXE
$ ENDIF
$ SET ON
$ GOTO LOOP_LIB
diff --git a/crypto/krb5/Makefile.ssl b/crypto/krb5/Makefile.ssl
index 98be630fb6..26b88e7cdd 100644
--- a/crypto/krb5/Makefile.ssl
+++ b/crypto/krb5/Makefile.ssl
@@ -54,7 +54,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/lhash/Makefile.ssl b/crypto/lhash/Makefile.ssl
index 426cdb25a2..d008c1866b 100644
--- a/crypto/lhash/Makefile.ssl
+++ b/crypto/lhash/Makefile.ssl
@@ -53,7 +53,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/md2/Makefile.ssl b/crypto/md2/Makefile.ssl
index 213ed2932c..367dc1275c 100644
--- a/crypto/md2/Makefile.ssl
+++ b/crypto/md2/Makefile.ssl
@@ -53,7 +53,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/md2/md2.h b/crypto/md2/md2.h
index 5b71855cb2..45bf4cc29c 100644
--- a/crypto/md2/md2.h
+++ b/crypto/md2/md2.h
@@ -73,7 +73,7 @@ extern "C" {
typedef struct MD2state_st
{
- unsigned int num;
+ int num;
unsigned char data[MD2_BLOCK];
MD2_INT cksm[MD2_BLOCK];
MD2_INT state[MD2_BLOCK];
diff --git a/crypto/md2/md2test.c b/crypto/md2/md2test.c
index 21b381c351..13cbec4ab0 100644
--- a/crypto/md2/md2test.c
+++ b/crypto/md2/md2test.c
@@ -110,7 +110,7 @@ int main(int argc, char *argv[])
i=1;
while (*P != NULL)
{
- EVP_Digest((unsigned char *)*P,strlen(*P),md,NULL,EVP_md2(), NULL);
+ EVP_Digest((unsigned char *)*P,(unsigned long)strlen(*P),md,NULL,EVP_md2(), NULL);
p=pt(md);
if (strcmp(p,*R) != 0)
{
diff --git a/crypto/md32_common.h b/crypto/md32_common.h
index 0cbcfaf8a2..5bdcf035aa 100644
--- a/crypto/md32_common.h
+++ b/crypto/md32_common.h
@@ -77,7 +77,7 @@
* ...
* HASH_LONG Nl,Nh;
* HASH_LONG data[HASH_LBLOCK];
- * unsigned int num;
+ * int num;
* ...
* } HASH_CTX;
* HASH_UPDATE
@@ -206,7 +206,7 @@
: "cc"); \
ret; \
})
-# elif defined(__powerpc) || defined(__ppc__) || defined(__powerpc64__)
+# elif defined(__powerpc) || defined(__ppc)
# define ROTATE(a,n) ({ register unsigned int ret; \
asm ( \
"rlwinm %0,%1,%2,0,31" \
@@ -398,7 +398,7 @@ int HASH_UPDATE (HASH_CTX *c, const void *data_, size_t len)
const unsigned char *data=data_;
register HASH_LONG * p;
register HASH_LONG l;
- size_t sw,sc,ew,ec;
+ unsigned int sw,sc,ew,ec;
if (len==0) return 1;
@@ -430,7 +430,7 @@ int HASH_UPDATE (HASH_CTX *c, const void *data_, size_t len)
}
else
{
- c->num+=(unsigned int)len;
+ c->num+=len;
if ((sc+len) < 4) /* ugly, add char's to a word */
{
l=p[sw]; HOST_p_c2l_p(data,l,sc,len); p[sw]=l;
diff --git a/crypto/md4/Makefile.ssl b/crypto/md4/Makefile.ssl
index d1eb9519f9..c13a037467 100644
--- a/crypto/md4/Makefile.ssl
+++ b/crypto/md4/Makefile.ssl
@@ -54,7 +54,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/md4/md4.h b/crypto/md4/md4.h
index b080cbdc21..9a5b6603fe 100644
--- a/crypto/md4/md4.h
+++ b/crypto/md4/md4.h
@@ -101,7 +101,7 @@ typedef struct MD4state_st
MD4_LONG A,B,C,D;
MD4_LONG Nl,Nh;
MD4_LONG data[MD4_LBLOCK];
- unsigned int num;
+ int num;
} MD4_CTX;
int MD4_Init(MD4_CTX *c);
diff --git a/crypto/md4/md4test.c b/crypto/md4/md4test.c
index 5da53382c9..21a77d96f7 100644
--- a/crypto/md4/md4test.c
+++ b/crypto/md4/md4test.c
@@ -106,7 +106,7 @@ int main(int argc, char *argv[])
i=1;
while (*P != NULL)
{
- EVP_Digest(&(P[0][0]),strlen((char *)*P),md,NULL,EVP_md4(), NULL);
+ EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_md4(), NULL);
p=pt(md);
if (strcmp(p,(char *)*R) != 0)
{
diff --git a/crypto/md5/Makefile.ssl b/crypto/md5/Makefile.ssl
index 032760d54a..456326c8b7 100644
--- a/crypto/md5/Makefile.ssl
+++ b/crypto/md5/Makefile.ssl
@@ -21,7 +21,6 @@ MD5_ASM_OBJ=
CFLAGS= $(INCLUDES) $(CFLAG)
ASFLAGS= $(INCLUDES) $(ASFLAG)
-AFLAGS= $(ASFLAGS)
GENERAL=Makefile
TEST=md5test.c
@@ -48,15 +47,20 @@ lib: $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
-# ELF
+# elf
asm/mx86-elf.s: asm/md5-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) md5-586.pl elf $(CFLAGS) > ../$@)
-# COFF
-asm/mx86-cof.s: asm/md5-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) md5-586.pl coff $(CFLAGS) > ../$@)
+ (cd asm; $(PERL) md5-586.pl elf $(CFLAGS) > mx86-elf.s)
+
# a.out
-mx86-out.s: asm/md5-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) md5-586.pl a.out $(CFLAGS) > ../$@)
+asm/mx86-out.o: asm/mx86unix.cpp
+ $(CPP) -DOUT asm/mx86unix.cpp | as -o asm/mx86-out.o
+
+# bsdi
+asm/mx86bsdi.o: asm/mx86unix.cpp
+ $(CPP) -DBSDI asm/mx86unix.cpp | sed 's/ :/:/' | as -o asm/mx86bsdi.o
+
+asm/mx86unix.cpp: asm/md5-586.pl ../perlasm/x86asm.pl
+ (cd asm; $(PERL) md5-586.pl cpp >mx86unix.cpp)
asm/md5-sparcv8plus.o: asm/md5-sparcv9.S
$(CC) $(ASFLAGS) -DMD5_BLOCK_DATA_ORDER -c \
@@ -86,7 +90,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
@@ -108,7 +112,7 @@ dclean:
mv -f Makefile.new $(MAKEFILE)
clean:
- rm -f asm/mx86unix.cpp asm/*.s asm/*.o *.s *.obj lib tags core .pure .nfs* *.old *.bak fluff
+ rm -f asm/mx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/md5/md5.h b/crypto/md5/md5.h
index 6d283fe9da..587d947b9a 100644
--- a/crypto/md5/md5.h
+++ b/crypto/md5/md5.h
@@ -101,7 +101,7 @@ typedef struct MD5state_st
MD5_LONG A,B,C,D;
MD5_LONG Nl,Nh;
MD5_LONG data[MD5_LBLOCK];
- unsigned int num;
+ int num;
} MD5_CTX;
int MD5_Init(MD5_CTX *c);
diff --git a/crypto/md5/md5test.c b/crypto/md5/md5test.c
index 0628053fa7..667b6be344 100644
--- a/crypto/md5/md5test.c
+++ b/crypto/md5/md5test.c
@@ -106,7 +106,7 @@ int main(int argc, char *argv[])
i=1;
while (*P != NULL)
{
- EVP_Digest(&(P[0][0]),strlen((char *)*P),md,NULL,EVP_md5(), NULL);
+ EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_md5(), NULL);
p=pt(md);
if (strcmp(p,(char *)*R) != 0)
{
diff --git a/crypto/mdc2/Makefile.ssl b/crypto/mdc2/Makefile.ssl
index 8ce78cac5c..2476d75e12 100644
--- a/crypto/mdc2/Makefile.ssl
+++ b/crypto/mdc2/Makefile.ssl
@@ -53,7 +53,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/mdc2/mdc2.h b/crypto/mdc2/mdc2.h
index 72778a5212..6490e5c7d3 100644
--- a/crypto/mdc2/mdc2.h
+++ b/crypto/mdc2/mdc2.h
@@ -74,7 +74,7 @@ extern "C" {
typedef struct mdc2_ctx_st
{
- unsigned int num;
+ int num;
unsigned char data[MDC2_BLOCK];
DES_cblock h,hh;
int pad_type; /* either 1 or 2, default 1 */
diff --git a/crypto/mdc2/mdc2dgst.c b/crypto/mdc2/mdc2dgst.c
index 4aa406edc3..aa9ba0ee6b 100644
--- a/crypto/mdc2/mdc2dgst.c
+++ b/crypto/mdc2/mdc2dgst.c
@@ -160,8 +160,7 @@ static void mdc2_body(MDC2_CTX *c, const unsigned char *in, size_t len)
int MDC2_Final(unsigned char *md, MDC2_CTX *c)
{
- unsigned int i;
- int j;
+ int i,j;
i=c->num;
j=c->pad_type;
diff --git a/crypto/mem.c b/crypto/mem.c
index 6635167228..1bb1b74450 100644
--- a/crypto/mem.c
+++ b/crypto/mem.c
@@ -70,32 +70,45 @@ static int allow_customize_debug = 1;/* exchanging memory-related functions at
* problems when malloc/free pairs
* don't match etc. */
-
+/* Because VMS defines two pointer sizes and mixes them, we need to provide
+ wrapper functions to avoid pointer size clashes */
+static void *ossl_malloc(size_t s)
+ {
+ return malloc(s);
+ }
+static void *ossl_realloc(void *p, size_t s)
+ {
+ return realloc(p, s);
+ }
+static void ossl_free(void *p)
+ {
+ free(p);
+ }
/* the following pointers may be changed as long as 'allow_customize' is set */
-static void *(*malloc_func)(size_t) = malloc;
+static void *(*malloc_func)(size_t) = ossl_malloc;
static void *default_malloc_ex(size_t num, const char *file, int line)
{ return malloc_func(num); }
static void *(*malloc_ex_func)(size_t, const char *file, int line)
= default_malloc_ex;
-static void *(*realloc_func)(void *, size_t)= realloc;
+static void *(*realloc_func)(void *, size_t)= ossl_realloc;
static void *default_realloc_ex(void *str, size_t num,
const char *file, int line)
{ return realloc_func(str,num); }
static void *(*realloc_ex_func)(void *, size_t, const char *file, int line)
= default_realloc_ex;
-static void (*free_func)(void *) = free;
+static void (*free_func)(void *) = ossl_free;
-static void *(*malloc_locked_func)(size_t) = malloc;
+static void *(*malloc_locked_func)(size_t) = ossl_malloc;
static void *default_malloc_locked_ex(size_t num, const char *file, int line)
{ return malloc_locked_func(num); }
static void *(*malloc_locked_ex_func)(size_t, const char *file, int line)
= default_malloc_locked_ex;
-static void (*free_locked_func)(void *) = free;
+static void (*free_locked_func)(void *) = ossl_free;
diff --git a/crypto/o_dir.c b/crypto/o_dir.c
index 42891ea459..ded369f23c 100644
--- a/crypto/o_dir.c
+++ b/crypto/o_dir.c
@@ -70,7 +70,7 @@
#include "o_dir.h"
#define LPDIR_H
-#if defined OPENSSL_SYS_UNIX || defined DJGPP
+#if defined OPENSSL_SYS_UNIX
#include "LPdir_unix.c"
#elif defined OPENSSL_SYS_VMS
#include "LPdir_vms.c"
diff --git a/crypto/o_str.c b/crypto/o_str.c
index da8860491d..7189d13352 100644
--- a/crypto/o_str.c
+++ b/crypto/o_str.c
@@ -57,12 +57,20 @@
*/
#include <ctype.h>
-#include <e_os.h>
+#include <openssl/e_os2.h>
+#ifdef OPENSSL_SYS_WINDOWS
+# include <string.h>
+#else
+# include <strings.h>
+#endif
#include "o_str.h"
+#undef strncasecmp
+#undef strcasecmp
+
int OPENSSL_strncasecmp(const char *str1, const char *str2, size_t n)
{
-#if defined(OPENSSL_IMPLEMENTS_strncasecmp)
+#if defined(OPENSSL_SYS_VMS)
while (*str1 && *str2 && n)
{
int res = toupper(*str1) - toupper(*str2);
@@ -78,17 +86,18 @@ int OPENSSL_strncasecmp(const char *str1, const char *str2, size_t n)
if (*str2)
return -1;
return 0;
+#elif defined(OPENSSL_SYS_WINDOWS)
+ return _strnicmp(str1, str2, n);
#else
- /* Recursion hazard warning! Whenever strncasecmp is #defined as
- * OPENSSL_strncasecmp, OPENSSL_IMPLEMENTS_strncasecmp must be
- * defined as well. */
return strncasecmp(str1, str2, n);
#endif
}
int OPENSSL_strcasecmp(const char *str1, const char *str2)
{
-#if defined(OPENSSL_IMPLEMENTS_strncasecmp)
+#if defined(OPENSSL_SYS_VMS)
return OPENSSL_strncasecmp(str1, str2, (size_t)-1);
+#elif defined(OPENSSL_SYS_WINDOWS)
+ return _stricmp(str1, str2);
#else
return strcasecmp(str1, str2);
#endif
diff --git a/crypto/o_time.c b/crypto/o_time.c
index e29091d650..785468131e 100644
--- a/crypto/o_time.c
+++ b/crypto/o_time.c
@@ -114,28 +114,16 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result)
return NULL;
logvalue[reslen] = '\0';
- t = *timer;
-
-/* The following is extracted from the DEC C header time.h */
-/*
-** Beginning in OpenVMS Version 7.0 mktime, time, ctime, strftime
-** have two implementations. One implementation is provided
-** for compatibility and deals with time in terms of local time,
-** the other __utc_* deals with time in terms of UTC.
-*/
-/* We use the same conditions as in said time.h to check if we should
- assume that t contains local time (and should therefore be adjusted)
- or UTC (and should therefore be left untouched). */
-#if __CRTL_VER < 70000000 || defined _VMS_V6_SOURCE
/* Get the numerical value of the equivalence string */
status = atoi(logvalue);
/* and use it to move time to GMT */
- t -= status;
-#endif
+ t = *timer - status;
/* then convert the result to the time structure */
-
+#ifndef OPENSSL_THREADS
+ ts=(struct tm *)localtime(&t);
+#else
/* Since there was no gmtime_r() to do this stuff for us,
we have to do it the hard way. */
{
@@ -210,6 +198,7 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result)
result->tm_isdst = 0; /* There's no way to know... */
ts = result;
+#endif
}
}
#endif
diff --git a/crypto/objects/.cvsignore b/crypto/objects/.cvsignore
deleted file mode 100644
index c6d03a9dbc..0000000000
--- a/crypto/objects/.cvsignore
+++ /dev/null
@@ -1,2 +0,0 @@
-lib
-Makefile.save
diff --git a/crypto/objects/Makefile.ssl b/crypto/objects/Makefile.ssl
index 00f9ee34d2..52e56fd232 100644
--- a/crypto/objects/Makefile.ssl
+++ b/crypto/objects/Makefile.ssl
@@ -61,7 +61,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
@@ -89,12 +89,11 @@ clean:
o_names.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
o_names.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-o_names.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-o_names.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-o_names.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-o_names.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-o_names.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-o_names.o: o_names.c
+o_names.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+o_names.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+o_names.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+o_names.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+o_names.o: ../../include/openssl/symhacks.h o_names.c
obj_dat.o: ../../e_os.h ../../include/openssl/asn1.h
obj_dat.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
obj_dat.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
diff --git a/crypto/objects/o_names.c b/crypto/objects/o_names.c
index 28c9370ca3..b4453b4a98 100644
--- a/crypto/objects/o_names.c
+++ b/crypto/objects/o_names.c
@@ -2,7 +2,6 @@
#include <stdlib.h>
#include <string.h>
-#include <openssl/err.h>
#include <openssl/lhash.h>
#include <openssl/objects.h>
#include <openssl/safestack.h>
@@ -81,11 +80,7 @@ int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *),
MemCheck_off();
name_funcs = OPENSSL_malloc(sizeof(NAME_FUNCS));
MemCheck_on();
- if (!name_funcs)
- {
- OBJerr(OBJ_F_OBJ_NAME_NEW_INDEX,ERR_R_MALLOC_FAILURE);
- return(0);
- }
+ if (!name_funcs) return(0);
name_funcs->hash_func = lh_strhash;
name_funcs->cmp_func = OPENSSL_strcmp;
name_funcs->free_func = 0; /* NULL is often declared to
diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c
index 15f813a489..dbff4e075f 100644
--- a/crypto/objects/obj_dat.c
+++ b/crypto/objects/obj_dat.c
@@ -236,13 +236,13 @@ int OBJ_add_object(const ASN1_OBJECT *obj)
if (added == NULL)
if (!init_added()) return(0);
if ((o=OBJ_dup(obj)) == NULL) goto err;
- if (!(ao[ADDED_NID]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)))) goto err2;
+ if (!(ao[ADDED_NID]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)))) goto err;
if ((o->length != 0) && (obj->data != NULL))
- if (!(ao[ADDED_DATA]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)))) goto err2;
+ ao[ADDED_DATA]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ));
if (o->sn != NULL)
- if (!(ao[ADDED_SNAME]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)))) goto err2;
+ ao[ADDED_SNAME]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ));
if (o->ln != NULL)
- if (!(ao[ADDED_LNAME]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)))) goto err2;
+ ao[ADDED_LNAME]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ));
for (i=ADDED_DATA; i<=ADDED_NID; i++)
{
@@ -260,8 +260,6 @@ int OBJ_add_object(const ASN1_OBJECT *obj)
ASN1_OBJECT_FLAG_DYNAMIC_DATA);
return(o->nid);
-err2:
- OBJerr(OBJ_F_OBJ_ADD_OBJECT,ERR_R_MALLOC_FAILURE);
err:
for (i=ADDED_DATA; i<=ADDED_NID; i++)
if (ao[i] != NULL) OPENSSL_free(ao[i]);
@@ -671,7 +669,7 @@ int OBJ_create(const char *oid, const char *sn, const char *ln)
if ((buf=(unsigned char *)OPENSSL_malloc(i)) == NULL)
{
- OBJerr(OBJ_F_OBJ_CREATE,ERR_R_MALLOC_FAILURE);
+ OBJerr(OBJ_F_OBJ_CREATE,OBJ_R_MALLOC_FAILURE);
return(0);
}
i=a2d_ASN1_OBJECT(buf,i,oid,-1);
diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h
index c2a707a984..ea9d9e8c9c 100644
--- a/crypto/objects/obj_dat.h
+++ b/crypto/objects/obj_dat.h
@@ -62,12 +62,12 @@
* [including the GNU Public Licence.]
*/
-#define NUM_NID 751
-#define NUM_SN 747
-#define NUM_LN 747
-#define NUM_OBJ 709
+#define NUM_NID 745
+#define NUM_SN 740
+#define NUM_LN 740
+#define NUM_OBJ 702
-static unsigned char lvalues[5002]={
+static unsigned char lvalues[4957]={
0x00, /* [ 0] OBJ_undef */
0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */
@@ -542,241 +542,234 @@ static unsigned char lvalues[5002]={
0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x36,/* [3813] OBJ_dITRedirect */
0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x37,/* [3823] OBJ_audio */
0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x38,/* [3833] OBJ_documentPublisher */
-0x55,0x04,0x2D, /* [3843] OBJ_x500UniqueIdentifier */
-0x2B,0x06,0x01,0x07,0x01, /* [3846] OBJ_mime_mhs */
-0x2B,0x06,0x01,0x07,0x01,0x01, /* [3851] OBJ_mime_mhs_headings */
-0x2B,0x06,0x01,0x07,0x01,0x02, /* [3857] OBJ_mime_mhs_bodies */
-0x2B,0x06,0x01,0x07,0x01,0x01,0x01, /* [3863] OBJ_id_hex_partial_message */
-0x2B,0x06,0x01,0x07,0x01,0x01,0x02, /* [3870] OBJ_id_hex_multipart_message */
-0x55,0x04,0x2C, /* [3877] OBJ_generationQualifier */
-0x55,0x04,0x41, /* [3880] OBJ_pseudonym */
-0x67,0x2A, /* [3883] OBJ_id_set */
-0x67,0x2A,0x00, /* [3885] OBJ_set_ctype */
-0x67,0x2A,0x01, /* [3888] OBJ_set_msgExt */
-0x67,0x2A,0x03, /* [3891] OBJ_set_attr */
-0x67,0x2A,0x05, /* [3894] OBJ_set_policy */
-0x67,0x2A,0x07, /* [3897] OBJ_set_certExt */
-0x67,0x2A,0x08, /* [3900] OBJ_set_brand */
-0x67,0x2A,0x00,0x00, /* [3903] OBJ_setct_PANData */
-0x67,0x2A,0x00,0x01, /* [3907] OBJ_setct_PANToken */
-0x67,0x2A,0x00,0x02, /* [3911] OBJ_setct_PANOnly */
-0x67,0x2A,0x00,0x03, /* [3915] OBJ_setct_OIData */
-0x67,0x2A,0x00,0x04, /* [3919] OBJ_setct_PI */
-0x67,0x2A,0x00,0x05, /* [3923] OBJ_setct_PIData */
-0x67,0x2A,0x00,0x06, /* [3927] OBJ_setct_PIDataUnsigned */
-0x67,0x2A,0x00,0x07, /* [3931] OBJ_setct_HODInput */
-0x67,0x2A,0x00,0x08, /* [3935] OBJ_setct_AuthResBaggage */
-0x67,0x2A,0x00,0x09, /* [3939] OBJ_setct_AuthRevReqBaggage */
-0x67,0x2A,0x00,0x0A, /* [3943] OBJ_setct_AuthRevResBaggage */
-0x67,0x2A,0x00,0x0B, /* [3947] OBJ_setct_CapTokenSeq */
-0x67,0x2A,0x00,0x0C, /* [3951] OBJ_setct_PInitResData */
-0x67,0x2A,0x00,0x0D, /* [3955] OBJ_setct_PI_TBS */
-0x67,0x2A,0x00,0x0E, /* [3959] OBJ_setct_PResData */
-0x67,0x2A,0x00,0x10, /* [3963] OBJ_setct_AuthReqTBS */
-0x67,0x2A,0x00,0x11, /* [3967] OBJ_setct_AuthResTBS */
-0x67,0x2A,0x00,0x12, /* [3971] OBJ_setct_AuthResTBSX */
-0x67,0x2A,0x00,0x13, /* [3975] OBJ_setct_AuthTokenTBS */
-0x67,0x2A,0x00,0x14, /* [3979] OBJ_setct_CapTokenData */
-0x67,0x2A,0x00,0x15, /* [3983] OBJ_setct_CapTokenTBS */
-0x67,0x2A,0x00,0x16, /* [3987] OBJ_setct_AcqCardCodeMsg */
-0x67,0x2A,0x00,0x17, /* [3991] OBJ_setct_AuthRevReqTBS */
-0x67,0x2A,0x00,0x18, /* [3995] OBJ_setct_AuthRevResData */
-0x67,0x2A,0x00,0x19, /* [3999] OBJ_setct_AuthRevResTBS */
-0x67,0x2A,0x00,0x1A, /* [4003] OBJ_setct_CapReqTBS */
-0x67,0x2A,0x00,0x1B, /* [4007] OBJ_setct_CapReqTBSX */
-0x67,0x2A,0x00,0x1C, /* [4011] OBJ_setct_CapResData */
-0x67,0x2A,0x00,0x1D, /* [4015] OBJ_setct_CapRevReqTBS */
-0x67,0x2A,0x00,0x1E, /* [4019] OBJ_setct_CapRevReqTBSX */
-0x67,0x2A,0x00,0x1F, /* [4023] OBJ_setct_CapRevResData */
-0x67,0x2A,0x00,0x20, /* [4027] OBJ_setct_CredReqTBS */
-0x67,0x2A,0x00,0x21, /* [4031] OBJ_setct_CredReqTBSX */
-0x67,0x2A,0x00,0x22, /* [4035] OBJ_setct_CredResData */
-0x67,0x2A,0x00,0x23, /* [4039] OBJ_setct_CredRevReqTBS */
-0x67,0x2A,0x00,0x24, /* [4043] OBJ_setct_CredRevReqTBSX */
-0x67,0x2A,0x00,0x25, /* [4047] OBJ_setct_CredRevResData */
-0x67,0x2A,0x00,0x26, /* [4051] OBJ_setct_PCertReqData */
-0x67,0x2A,0x00,0x27, /* [4055] OBJ_setct_PCertResTBS */
-0x67,0x2A,0x00,0x28, /* [4059] OBJ_setct_BatchAdminReqData */
-0x67,0x2A,0x00,0x29, /* [4063] OBJ_setct_BatchAdminResData */
-0x67,0x2A,0x00,0x2A, /* [4067] OBJ_setct_CardCInitResTBS */
-0x67,0x2A,0x00,0x2B, /* [4071] OBJ_setct_MeAqCInitResTBS */
-0x67,0x2A,0x00,0x2C, /* [4075] OBJ_setct_RegFormResTBS */
-0x67,0x2A,0x00,0x2D, /* [4079] OBJ_setct_CertReqData */
-0x67,0x2A,0x00,0x2E, /* [4083] OBJ_setct_CertReqTBS */
-0x67,0x2A,0x00,0x2F, /* [4087] OBJ_setct_CertResData */
-0x67,0x2A,0x00,0x30, /* [4091] OBJ_setct_CertInqReqTBS */
-0x67,0x2A,0x00,0x31, /* [4095] OBJ_setct_ErrorTBS */
-0x67,0x2A,0x00,0x32, /* [4099] OBJ_setct_PIDualSignedTBE */
-0x67,0x2A,0x00,0x33, /* [4103] OBJ_setct_PIUnsignedTBE */
-0x67,0x2A,0x00,0x34, /* [4107] OBJ_setct_AuthReqTBE */
-0x67,0x2A,0x00,0x35, /* [4111] OBJ_setct_AuthResTBE */
-0x67,0x2A,0x00,0x36, /* [4115] OBJ_setct_AuthResTBEX */
-0x67,0x2A,0x00,0x37, /* [4119] OBJ_setct_AuthTokenTBE */
-0x67,0x2A,0x00,0x38, /* [4123] OBJ_setct_CapTokenTBE */
-0x67,0x2A,0x00,0x39, /* [4127] OBJ_setct_CapTokenTBEX */
-0x67,0x2A,0x00,0x3A, /* [4131] OBJ_setct_AcqCardCodeMsgTBE */
-0x67,0x2A,0x00,0x3B, /* [4135] OBJ_setct_AuthRevReqTBE */
-0x67,0x2A,0x00,0x3C, /* [4139] OBJ_setct_AuthRevResTBE */
-0x67,0x2A,0x00,0x3D, /* [4143] OBJ_setct_AuthRevResTBEB */
-0x67,0x2A,0x00,0x3E, /* [4147] OBJ_setct_CapReqTBE */
-0x67,0x2A,0x00,0x3F, /* [4151] OBJ_setct_CapReqTBEX */
-0x67,0x2A,0x00,0x40, /* [4155] OBJ_setct_CapResTBE */
-0x67,0x2A,0x00,0x41, /* [4159] OBJ_setct_CapRevReqTBE */
-0x67,0x2A,0x00,0x42, /* [4163] OBJ_setct_CapRevReqTBEX */
-0x67,0x2A,0x00,0x43, /* [4167] OBJ_setct_CapRevResTBE */
-0x67,0x2A,0x00,0x44, /* [4171] OBJ_setct_CredReqTBE */
-0x67,0x2A,0x00,0x45, /* [4175] OBJ_setct_CredReqTBEX */
-0x67,0x2A,0x00,0x46, /* [4179] OBJ_setct_CredResTBE */
-0x67,0x2A,0x00,0x47, /* [4183] OBJ_setct_CredRevReqTBE */
-0x67,0x2A,0x00,0x48, /* [4187] OBJ_setct_CredRevReqTBEX */
-0x67,0x2A,0x00,0x49, /* [4191] OBJ_setct_CredRevResTBE */
-0x67,0x2A,0x00,0x4A, /* [4195] OBJ_setct_BatchAdminReqTBE */
-0x67,0x2A,0x00,0x4B, /* [4199] OBJ_setct_BatchAdminResTBE */
-0x67,0x2A,0x00,0x4C, /* [4203] OBJ_setct_RegFormReqTBE */
-0x67,0x2A,0x00,0x4D, /* [4207] OBJ_setct_CertReqTBE */
-0x67,0x2A,0x00,0x4E, /* [4211] OBJ_setct_CertReqTBEX */
-0x67,0x2A,0x00,0x4F, /* [4215] OBJ_setct_CertResTBE */
-0x67,0x2A,0x00,0x50, /* [4219] OBJ_setct_CRLNotificationTBS */
-0x67,0x2A,0x00,0x51, /* [4223] OBJ_setct_CRLNotificationResTBS */
-0x67,0x2A,0x00,0x52, /* [4227] OBJ_setct_BCIDistributionTBS */
-0x67,0x2A,0x01,0x01, /* [4231] OBJ_setext_genCrypt */
-0x67,0x2A,0x01,0x03, /* [4235] OBJ_setext_miAuth */
-0x67,0x2A,0x01,0x04, /* [4239] OBJ_setext_pinSecure */
-0x67,0x2A,0x01,0x05, /* [4243] OBJ_setext_pinAny */
-0x67,0x2A,0x01,0x07, /* [4247] OBJ_setext_track2 */
-0x67,0x2A,0x01,0x08, /* [4251] OBJ_setext_cv */
-0x67,0x2A,0x05,0x00, /* [4255] OBJ_set_policy_root */
-0x67,0x2A,0x07,0x00, /* [4259] OBJ_setCext_hashedRoot */
-0x67,0x2A,0x07,0x01, /* [4263] OBJ_setCext_certType */
-0x67,0x2A,0x07,0x02, /* [4267] OBJ_setCext_merchData */
-0x67,0x2A,0x07,0x03, /* [4271] OBJ_setCext_cCertRequired */
-0x67,0x2A,0x07,0x04, /* [4275] OBJ_setCext_tunneling */
-0x67,0x2A,0x07,0x05, /* [4279] OBJ_setCext_setExt */
-0x67,0x2A,0x07,0x06, /* [4283] OBJ_setCext_setQualf */
-0x67,0x2A,0x07,0x07, /* [4287] OBJ_setCext_PGWYcapabilities */
-0x67,0x2A,0x07,0x08, /* [4291] OBJ_setCext_TokenIdentifier */
-0x67,0x2A,0x07,0x09, /* [4295] OBJ_setCext_Track2Data */
-0x67,0x2A,0x07,0x0A, /* [4299] OBJ_setCext_TokenType */
-0x67,0x2A,0x07,0x0B, /* [4303] OBJ_setCext_IssuerCapabilities */
-0x67,0x2A,0x03,0x00, /* [4307] OBJ_setAttr_Cert */
-0x67,0x2A,0x03,0x01, /* [4311] OBJ_setAttr_PGWYcap */
-0x67,0x2A,0x03,0x02, /* [4315] OBJ_setAttr_TokenType */
-0x67,0x2A,0x03,0x03, /* [4319] OBJ_setAttr_IssCap */
-0x67,0x2A,0x03,0x00,0x00, /* [4323] OBJ_set_rootKeyThumb */
-0x67,0x2A,0x03,0x00,0x01, /* [4328] OBJ_set_addPolicy */
-0x67,0x2A,0x03,0x02,0x01, /* [4333] OBJ_setAttr_Token_EMV */
-0x67,0x2A,0x03,0x02,0x02, /* [4338] OBJ_setAttr_Token_B0Prime */
-0x67,0x2A,0x03,0x03,0x03, /* [4343] OBJ_setAttr_IssCap_CVM */
-0x67,0x2A,0x03,0x03,0x04, /* [4348] OBJ_setAttr_IssCap_T2 */
-0x67,0x2A,0x03,0x03,0x05, /* [4353] OBJ_setAttr_IssCap_Sig */
-0x67,0x2A,0x03,0x03,0x03,0x01, /* [4358] OBJ_setAttr_GenCryptgrm */
-0x67,0x2A,0x03,0x03,0x04,0x01, /* [4364] OBJ_setAttr_T2Enc */
-0x67,0x2A,0x03,0x03,0x04,0x02, /* [4370] OBJ_setAttr_T2cleartxt */
-0x67,0x2A,0x03,0x03,0x05,0x01, /* [4376] OBJ_setAttr_TokICCsig */
-0x67,0x2A,0x03,0x03,0x05,0x02, /* [4382] OBJ_setAttr_SecDevSig */
-0x67,0x2A,0x08,0x01, /* [4388] OBJ_set_brand_IATA_ATA */
-0x67,0x2A,0x08,0x1E, /* [4392] OBJ_set_brand_Diners */
-0x67,0x2A,0x08,0x22, /* [4396] OBJ_set_brand_AmericanExpress */
-0x67,0x2A,0x08,0x23, /* [4400] OBJ_set_brand_JCB */
-0x67,0x2A,0x08,0x04, /* [4404] OBJ_set_brand_Visa */
-0x67,0x2A,0x08,0x05, /* [4408] OBJ_set_brand_MasterCard */
-0x67,0x2A,0x08,0xAE,0x7B, /* [4412] OBJ_set_brand_Novus */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x0A, /* [4417] OBJ_des_cdmf */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x06,/* [4425] OBJ_rsaOAEPEncryptionSET */
-0x00, /* [4434] OBJ_itu_t */
-0x50, /* [4435] OBJ_joint_iso_itu_t */
-0x67, /* [4436] OBJ_international_organizations */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x02,/* [4437] OBJ_ms_smartcard_login */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x03,/* [4447] OBJ_ms_upn */
-0x55,0x04,0x09, /* [4457] OBJ_streetAddress */
-0x55,0x04,0x11, /* [4460] OBJ_postalCode */
-0x2B, /* [4463] OBJ_identified_organization */
-0x2B,0x81,0x04, /* [4464] OBJ_certicom_arc */
-0x67,0x2B, /* [4467] OBJ_wap */
-0x67,0x2B,0x0D, /* [4469] OBJ_wap_wsg */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03, /* [4472] OBJ_X9_62_id_characteristic_two_basis */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x01,/* [4480] OBJ_X9_62_onBasis */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x02,/* [4489] OBJ_X9_62_tpBasis */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x03,/* [4498] OBJ_X9_62_ppBasis */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x01, /* [4507] OBJ_X9_62_c2pnb163v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x02, /* [4515] OBJ_X9_62_c2pnb163v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x03, /* [4523] OBJ_X9_62_c2pnb163v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x04, /* [4531] OBJ_X9_62_c2pnb176v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x05, /* [4539] OBJ_X9_62_c2tnb191v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x06, /* [4547] OBJ_X9_62_c2tnb191v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x07, /* [4555] OBJ_X9_62_c2tnb191v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x08, /* [4563] OBJ_X9_62_c2onb191v4 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x09, /* [4571] OBJ_X9_62_c2onb191v5 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0A, /* [4579] OBJ_X9_62_c2pnb208w1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0B, /* [4587] OBJ_X9_62_c2tnb239v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0C, /* [4595] OBJ_X9_62_c2tnb239v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0D, /* [4603] OBJ_X9_62_c2tnb239v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0E, /* [4611] OBJ_X9_62_c2onb239v4 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0F, /* [4619] OBJ_X9_62_c2onb239v5 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x10, /* [4627] OBJ_X9_62_c2pnb272w1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x11, /* [4635] OBJ_X9_62_c2pnb304w1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x12, /* [4643] OBJ_X9_62_c2tnb359v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x13, /* [4651] OBJ_X9_62_c2pnb368w1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x14, /* [4659] OBJ_X9_62_c2tnb431r1 */
-0x2B,0x81,0x04,0x00,0x06, /* [4667] OBJ_secp112r1 */
-0x2B,0x81,0x04,0x00,0x07, /* [4672] OBJ_secp112r2 */
-0x2B,0x81,0x04,0x00,0x1C, /* [4677] OBJ_secp128r1 */
-0x2B,0x81,0x04,0x00,0x1D, /* [4682] OBJ_secp128r2 */
-0x2B,0x81,0x04,0x00,0x09, /* [4687] OBJ_secp160k1 */
-0x2B,0x81,0x04,0x00,0x08, /* [4692] OBJ_secp160r1 */
-0x2B,0x81,0x04,0x00,0x1E, /* [4697] OBJ_secp160r2 */
-0x2B,0x81,0x04,0x00,0x1F, /* [4702] OBJ_secp192k1 */
-0x2B,0x81,0x04,0x00,0x20, /* [4707] OBJ_secp224k1 */
-0x2B,0x81,0x04,0x00,0x21, /* [4712] OBJ_secp224r1 */
-0x2B,0x81,0x04,0x00,0x0A, /* [4717] OBJ_secp256k1 */
-0x2B,0x81,0x04,0x00,0x22, /* [4722] OBJ_secp384r1 */
-0x2B,0x81,0x04,0x00,0x23, /* [4727] OBJ_secp521r1 */
-0x2B,0x81,0x04,0x00,0x04, /* [4732] OBJ_sect113r1 */
-0x2B,0x81,0x04,0x00,0x05, /* [4737] OBJ_sect113r2 */
-0x2B,0x81,0x04,0x00,0x16, /* [4742] OBJ_sect131r1 */
-0x2B,0x81,0x04,0x00,0x17, /* [4747] OBJ_sect131r2 */
-0x2B,0x81,0x04,0x00,0x01, /* [4752] OBJ_sect163k1 */
-0x2B,0x81,0x04,0x00,0x02, /* [4757] OBJ_sect163r1 */
-0x2B,0x81,0x04,0x00,0x0F, /* [4762] OBJ_sect163r2 */
-0x2B,0x81,0x04,0x00,0x18, /* [4767] OBJ_sect193r1 */
-0x2B,0x81,0x04,0x00,0x19, /* [4772] OBJ_sect193r2 */
-0x2B,0x81,0x04,0x00,0x1A, /* [4777] OBJ_sect233k1 */
-0x2B,0x81,0x04,0x00,0x1B, /* [4782] OBJ_sect233r1 */
-0x2B,0x81,0x04,0x00,0x03, /* [4787] OBJ_sect239k1 */
-0x2B,0x81,0x04,0x00,0x10, /* [4792] OBJ_sect283k1 */
-0x2B,0x81,0x04,0x00,0x11, /* [4797] OBJ_sect283r1 */
-0x2B,0x81,0x04,0x00,0x24, /* [4802] OBJ_sect409k1 */
-0x2B,0x81,0x04,0x00,0x25, /* [4807] OBJ_sect409r1 */
-0x2B,0x81,0x04,0x00,0x26, /* [4812] OBJ_sect571k1 */
-0x2B,0x81,0x04,0x00,0x27, /* [4817] OBJ_sect571r1 */
-0x67,0x2B,0x0D,0x04,0x01, /* [4822] OBJ_wap_wsg_idm_ecid_wtls1 */
-0x67,0x2B,0x0D,0x04,0x03, /* [4827] OBJ_wap_wsg_idm_ecid_wtls3 */
-0x67,0x2B,0x0D,0x04,0x04, /* [4832] OBJ_wap_wsg_idm_ecid_wtls4 */
-0x67,0x2B,0x0D,0x04,0x05, /* [4837] OBJ_wap_wsg_idm_ecid_wtls5 */
-0x67,0x2B,0x0D,0x04,0x06, /* [4842] OBJ_wap_wsg_idm_ecid_wtls6 */
-0x67,0x2B,0x0D,0x04,0x07, /* [4847] OBJ_wap_wsg_idm_ecid_wtls7 */
-0x67,0x2B,0x0D,0x04,0x08, /* [4852] OBJ_wap_wsg_idm_ecid_wtls8 */
-0x67,0x2B,0x0D,0x04,0x09, /* [4857] OBJ_wap_wsg_idm_ecid_wtls9 */
-0x67,0x2B,0x0D,0x04,0x0A, /* [4862] OBJ_wap_wsg_idm_ecid_wtls10 */
-0x67,0x2B,0x0D,0x04,0x0B, /* [4867] OBJ_wap_wsg_idm_ecid_wtls11 */
-0x67,0x2B,0x0D,0x04,0x0C, /* [4872] OBJ_wap_wsg_idm_ecid_wtls12 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0B,/* [4877] OBJ_sha256WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0C,/* [4886] OBJ_sha384WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0D,/* [4895] OBJ_sha512WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0E,/* [4904] OBJ_sha224WithRSAEncryption */
-0x55,0x1D,0x1E, /* [4913] OBJ_name_constraints */
-0x55,0x1D,0x20,0x00, /* [4916] OBJ_any_policy */
-0x55,0x1D,0x21, /* [4920] OBJ_policy_mappings */
-0x55,0x1D,0x36, /* [4923] OBJ_inhibit_any_policy */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,/* [4926] OBJ_sha256 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,/* [4935] OBJ_sha384 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,/* [4944] OBJ_sha512 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x04,/* [4953] OBJ_sha224 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x15, /* [4962] OBJ_id_ppl */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0E, /* [4969] OBJ_proxyCertInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x00, /* [4977] OBJ_id_ppl_anyLanguage */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x01, /* [4985] OBJ_id_ppl_inheritAll */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x02, /* [4993] OBJ_Independent */
+0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03, /* [3843] OBJ_X9_62_id_characteristic_two_basis */
+0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x01,/* [3851] OBJ_X9_62_onBasis */
+0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x02,/* [3860] OBJ_X9_62_tpBasis */
+0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x03,/* [3869] OBJ_X9_62_ppBasis */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x01, /* [3878] OBJ_X9_62_c2pnb163v1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x02, /* [3886] OBJ_X9_62_c2pnb163v2 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x03, /* [3894] OBJ_X9_62_c2pnb163v3 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x04, /* [3902] OBJ_X9_62_c2pnb176v1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x05, /* [3910] OBJ_X9_62_c2tnb191v1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x06, /* [3918] OBJ_X9_62_c2tnb191v2 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x07, /* [3926] OBJ_X9_62_c2tnb191v3 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x08, /* [3934] OBJ_X9_62_c2onb191v4 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x09, /* [3942] OBJ_X9_62_c2onb191v5 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0A, /* [3950] OBJ_X9_62_c2pnb208w1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0B, /* [3958] OBJ_X9_62_c2tnb239v1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0C, /* [3966] OBJ_X9_62_c2tnb239v2 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0D, /* [3974] OBJ_X9_62_c2tnb239v3 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0E, /* [3982] OBJ_X9_62_c2onb239v4 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0F, /* [3990] OBJ_X9_62_c2onb239v5 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x10, /* [3998] OBJ_X9_62_c2pnb272w1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x11, /* [4006] OBJ_X9_62_c2pnb304w1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x12, /* [4014] OBJ_X9_62_c2tnb359v1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x13, /* [4022] OBJ_X9_62_c2pnb368w1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x14, /* [4030] OBJ_X9_62_c2tnb431r1 */
+0x2B, /* [4038] OBJ_identified_organization */
+0x2B,0x81,0x04, /* [4039] OBJ_certicom_arc */
+0x2B,0x81,0x04,0x00,0x06, /* [4042] OBJ_secp112r1 */
+0x2B,0x81,0x04,0x00,0x07, /* [4047] OBJ_secp112r2 */
+0x2B,0x81,0x04,0x00,0x1C, /* [4052] OBJ_secp128r1 */
+0x2B,0x81,0x04,0x00,0x1D, /* [4057] OBJ_secp128r2 */
+0x2B,0x81,0x04,0x00,0x09, /* [4062] OBJ_secp160k1 */
+0x2B,0x81,0x04,0x00,0x08, /* [4067] OBJ_secp160r1 */
+0x2B,0x81,0x04,0x00,0x1E, /* [4072] OBJ_secp160r2 */
+0x2B,0x81,0x04,0x00,0x1F, /* [4077] OBJ_secp192k1 */
+0x2B,0x81,0x04,0x00,0x20, /* [4082] OBJ_secp224k1 */
+0x2B,0x81,0x04,0x00,0x21, /* [4087] OBJ_secp224r1 */
+0x2B,0x81,0x04,0x00,0x0A, /* [4092] OBJ_secp256k1 */
+0x2B,0x81,0x04,0x00,0x22, /* [4097] OBJ_secp384r1 */
+0x2B,0x81,0x04,0x00,0x23, /* [4102] OBJ_secp521r1 */
+0x2B,0x81,0x04,0x00,0x04, /* [4107] OBJ_sect113r1 */
+0x2B,0x81,0x04,0x00,0x05, /* [4112] OBJ_sect113r2 */
+0x2B,0x81,0x04,0x00,0x16, /* [4117] OBJ_sect131r1 */
+0x2B,0x81,0x04,0x00,0x17, /* [4122] OBJ_sect131r2 */
+0x2B,0x81,0x04,0x00,0x01, /* [4127] OBJ_sect163k1 */
+0x2B,0x81,0x04,0x00,0x02, /* [4132] OBJ_sect163r1 */
+0x2B,0x81,0x04,0x00,0x0F, /* [4137] OBJ_sect163r2 */
+0x2B,0x81,0x04,0x00,0x18, /* [4142] OBJ_sect193r1 */
+0x2B,0x81,0x04,0x00,0x19, /* [4147] OBJ_sect193r2 */
+0x2B,0x81,0x04,0x00,0x1A, /* [4152] OBJ_sect233k1 */
+0x2B,0x81,0x04,0x00,0x1B, /* [4157] OBJ_sect233r1 */
+0x2B,0x81,0x04,0x00,0x03, /* [4162] OBJ_sect239k1 */
+0x2B,0x81,0x04,0x00,0x10, /* [4167] OBJ_sect283k1 */
+0x2B,0x81,0x04,0x00,0x11, /* [4172] OBJ_sect283r1 */
+0x2B,0x81,0x04,0x00,0x24, /* [4177] OBJ_sect409k1 */
+0x2B,0x81,0x04,0x00,0x25, /* [4182] OBJ_sect409r1 */
+0x2B,0x81,0x04,0x00,0x26, /* [4187] OBJ_sect571k1 */
+0x2B,0x81,0x04,0x00,0x27, /* [4192] OBJ_sect571r1 */
+0x67,0x2B, /* [4197] OBJ_wap */
+0x67,0x2B,0x0D, /* [4199] OBJ_wap_wsg */
+0x67,0x2B,0x0D,0x04,0x01, /* [4202] OBJ_wap_wsg_idm_ecid_wtls1 */
+0x67,0x2B,0x0D,0x04,0x06, /* [4207] OBJ_wap_wsg_idm_ecid_wtls6 */
+0x67,0x2B,0x0D,0x04,0x08, /* [4212] OBJ_wap_wsg_idm_ecid_wtls8 */
+0x67,0x2B,0x0D,0x04,0x09, /* [4217] OBJ_wap_wsg_idm_ecid_wtls9 */
+0x55,0x04,0x2D, /* [4222] OBJ_x500UniqueIdentifier */
+0x2B,0x06,0x01,0x07,0x01, /* [4225] OBJ_mime_mhs */
+0x2B,0x06,0x01,0x07,0x01,0x01, /* [4230] OBJ_mime_mhs_headings */
+0x2B,0x06,0x01,0x07,0x01,0x02, /* [4236] OBJ_mime_mhs_bodies */
+0x2B,0x06,0x01,0x07,0x01,0x01,0x01, /* [4242] OBJ_id_hex_partial_message */
+0x2B,0x06,0x01,0x07,0x01,0x01,0x02, /* [4249] OBJ_id_hex_multipart_message */
+0x55,0x04,0x2C, /* [4256] OBJ_generationQualifier */
+0x55,0x04,0x41, /* [4259] OBJ_pseudonym */
+0x67,0x2A, /* [4262] OBJ_id_set */
+0x67,0x2A,0x00, /* [4264] OBJ_set_ctype */
+0x67,0x2A,0x01, /* [4267] OBJ_set_msgExt */
+0x67,0x2A,0x03, /* [4270] OBJ_set_attr */
+0x67,0x2A,0x05, /* [4273] OBJ_set_policy */
+0x67,0x2A,0x07, /* [4276] OBJ_set_certExt */
+0x67,0x2A,0x08, /* [4279] OBJ_set_brand */
+0x67,0x2A,0x00,0x00, /* [4282] OBJ_setct_PANData */
+0x67,0x2A,0x00,0x01, /* [4286] OBJ_setct_PANToken */
+0x67,0x2A,0x00,0x02, /* [4290] OBJ_setct_PANOnly */
+0x67,0x2A,0x00,0x03, /* [4294] OBJ_setct_OIData */
+0x67,0x2A,0x00,0x04, /* [4298] OBJ_setct_PI */
+0x67,0x2A,0x00,0x05, /* [4302] OBJ_setct_PIData */
+0x67,0x2A,0x00,0x06, /* [4306] OBJ_setct_PIDataUnsigned */
+0x67,0x2A,0x00,0x07, /* [4310] OBJ_setct_HODInput */
+0x67,0x2A,0x00,0x08, /* [4314] OBJ_setct_AuthResBaggage */
+0x67,0x2A,0x00,0x09, /* [4318] OBJ_setct_AuthRevReqBaggage */
+0x67,0x2A,0x00,0x0A, /* [4322] OBJ_setct_AuthRevResBaggage */
+0x67,0x2A,0x00,0x0B, /* [4326] OBJ_setct_CapTokenSeq */
+0x67,0x2A,0x00,0x0C, /* [4330] OBJ_setct_PInitResData */
+0x67,0x2A,0x00,0x0D, /* [4334] OBJ_setct_PI_TBS */
+0x67,0x2A,0x00,0x0E, /* [4338] OBJ_setct_PResData */
+0x67,0x2A,0x00,0x10, /* [4342] OBJ_setct_AuthReqTBS */
+0x67,0x2A,0x00,0x11, /* [4346] OBJ_setct_AuthResTBS */
+0x67,0x2A,0x00,0x12, /* [4350] OBJ_setct_AuthResTBSX */
+0x67,0x2A,0x00,0x13, /* [4354] OBJ_setct_AuthTokenTBS */
+0x67,0x2A,0x00,0x14, /* [4358] OBJ_setct_CapTokenData */
+0x67,0x2A,0x00,0x15, /* [4362] OBJ_setct_CapTokenTBS */
+0x67,0x2A,0x00,0x16, /* [4366] OBJ_setct_AcqCardCodeMsg */
+0x67,0x2A,0x00,0x17, /* [4370] OBJ_setct_AuthRevReqTBS */
+0x67,0x2A,0x00,0x18, /* [4374] OBJ_setct_AuthRevResData */
+0x67,0x2A,0x00,0x19, /* [4378] OBJ_setct_AuthRevResTBS */
+0x67,0x2A,0x00,0x1A, /* [4382] OBJ_setct_CapReqTBS */
+0x67,0x2A,0x00,0x1B, /* [4386] OBJ_setct_CapReqTBSX */
+0x67,0x2A,0x00,0x1C, /* [4390] OBJ_setct_CapResData */
+0x67,0x2A,0x00,0x1D, /* [4394] OBJ_setct_CapRevReqTBS */
+0x67,0x2A,0x00,0x1E, /* [4398] OBJ_setct_CapRevReqTBSX */
+0x67,0x2A,0x00,0x1F, /* [4402] OBJ_setct_CapRevResData */
+0x67,0x2A,0x00,0x20, /* [4406] OBJ_setct_CredReqTBS */
+0x67,0x2A,0x00,0x21, /* [4410] OBJ_setct_CredReqTBSX */
+0x67,0x2A,0x00,0x22, /* [4414] OBJ_setct_CredResData */
+0x67,0x2A,0x00,0x23, /* [4418] OBJ_setct_CredRevReqTBS */
+0x67,0x2A,0x00,0x24, /* [4422] OBJ_setct_CredRevReqTBSX */
+0x67,0x2A,0x00,0x25, /* [4426] OBJ_setct_CredRevResData */
+0x67,0x2A,0x00,0x26, /* [4430] OBJ_setct_PCertReqData */
+0x67,0x2A,0x00,0x27, /* [4434] OBJ_setct_PCertResTBS */
+0x67,0x2A,0x00,0x28, /* [4438] OBJ_setct_BatchAdminReqData */
+0x67,0x2A,0x00,0x29, /* [4442] OBJ_setct_BatchAdminResData */
+0x67,0x2A,0x00,0x2A, /* [4446] OBJ_setct_CardCInitResTBS */
+0x67,0x2A,0x00,0x2B, /* [4450] OBJ_setct_MeAqCInitResTBS */
+0x67,0x2A,0x00,0x2C, /* [4454] OBJ_setct_RegFormResTBS */
+0x67,0x2A,0x00,0x2D, /* [4458] OBJ_setct_CertReqData */
+0x67,0x2A,0x00,0x2E, /* [4462] OBJ_setct_CertReqTBS */
+0x67,0x2A,0x00,0x2F, /* [4466] OBJ_setct_CertResData */
+0x67,0x2A,0x00,0x30, /* [4470] OBJ_setct_CertInqReqTBS */
+0x67,0x2A,0x00,0x31, /* [4474] OBJ_setct_ErrorTBS */
+0x67,0x2A,0x00,0x32, /* [4478] OBJ_setct_PIDualSignedTBE */
+0x67,0x2A,0x00,0x33, /* [4482] OBJ_setct_PIUnsignedTBE */
+0x67,0x2A,0x00,0x34, /* [4486] OBJ_setct_AuthReqTBE */
+0x67,0x2A,0x00,0x35, /* [4490] OBJ_setct_AuthResTBE */
+0x67,0x2A,0x00,0x36, /* [4494] OBJ_setct_AuthResTBEX */
+0x67,0x2A,0x00,0x37, /* [4498] OBJ_setct_AuthTokenTBE */
+0x67,0x2A,0x00,0x38, /* [4502] OBJ_setct_CapTokenTBE */
+0x67,0x2A,0x00,0x39, /* [4506] OBJ_setct_CapTokenTBEX */
+0x67,0x2A,0x00,0x3A, /* [4510] OBJ_setct_AcqCardCodeMsgTBE */
+0x67,0x2A,0x00,0x3B, /* [4514] OBJ_setct_AuthRevReqTBE */
+0x67,0x2A,0x00,0x3C, /* [4518] OBJ_setct_AuthRevResTBE */
+0x67,0x2A,0x00,0x3D, /* [4522] OBJ_setct_AuthRevResTBEB */
+0x67,0x2A,0x00,0x3E, /* [4526] OBJ_setct_CapReqTBE */
+0x67,0x2A,0x00,0x3F, /* [4530] OBJ_setct_CapReqTBEX */
+0x67,0x2A,0x00,0x40, /* [4534] OBJ_setct_CapResTBE */
+0x67,0x2A,0x00,0x41, /* [4538] OBJ_setct_CapRevReqTBE */
+0x67,0x2A,0x00,0x42, /* [4542] OBJ_setct_CapRevReqTBEX */
+0x67,0x2A,0x00,0x43, /* [4546] OBJ_setct_CapRevResTBE */
+0x67,0x2A,0x00,0x44, /* [4550] OBJ_setct_CredReqTBE */
+0x67,0x2A,0x00,0x45, /* [4554] OBJ_setct_CredReqTBEX */
+0x67,0x2A,0x00,0x46, /* [4558] OBJ_setct_CredResTBE */
+0x67,0x2A,0x00,0x47, /* [4562] OBJ_setct_CredRevReqTBE */
+0x67,0x2A,0x00,0x48, /* [4566] OBJ_setct_CredRevReqTBEX */
+0x67,0x2A,0x00,0x49, /* [4570] OBJ_setct_CredRevResTBE */
+0x67,0x2A,0x00,0x4A, /* [4574] OBJ_setct_BatchAdminReqTBE */
+0x67,0x2A,0x00,0x4B, /* [4578] OBJ_setct_BatchAdminResTBE */
+0x67,0x2A,0x00,0x4C, /* [4582] OBJ_setct_RegFormReqTBE */
+0x67,0x2A,0x00,0x4D, /* [4586] OBJ_setct_CertReqTBE */
+0x67,0x2A,0x00,0x4E, /* [4590] OBJ_setct_CertReqTBEX */
+0x67,0x2A,0x00,0x4F, /* [4594] OBJ_setct_CertResTBE */
+0x67,0x2A,0x00,0x50, /* [4598] OBJ_setct_CRLNotificationTBS */
+0x67,0x2A,0x00,0x51, /* [4602] OBJ_setct_CRLNotificationResTBS */
+0x67,0x2A,0x00,0x52, /* [4606] OBJ_setct_BCIDistributionTBS */
+0x67,0x2A,0x01,0x01, /* [4610] OBJ_setext_genCrypt */
+0x67,0x2A,0x01,0x03, /* [4614] OBJ_setext_miAuth */
+0x67,0x2A,0x01,0x04, /* [4618] OBJ_setext_pinSecure */
+0x67,0x2A,0x01,0x05, /* [4622] OBJ_setext_pinAny */
+0x67,0x2A,0x01,0x07, /* [4626] OBJ_setext_track2 */
+0x67,0x2A,0x01,0x08, /* [4630] OBJ_setext_cv */
+0x67,0x2A,0x05,0x00, /* [4634] OBJ_set_policy_root */
+0x67,0x2A,0x07,0x00, /* [4638] OBJ_setCext_hashedRoot */
+0x67,0x2A,0x07,0x01, /* [4642] OBJ_setCext_certType */
+0x67,0x2A,0x07,0x02, /* [4646] OBJ_setCext_merchData */
+0x67,0x2A,0x07,0x03, /* [4650] OBJ_setCext_cCertRequired */
+0x67,0x2A,0x07,0x04, /* [4654] OBJ_setCext_tunneling */
+0x67,0x2A,0x07,0x05, /* [4658] OBJ_setCext_setExt */
+0x67,0x2A,0x07,0x06, /* [4662] OBJ_setCext_setQualf */
+0x67,0x2A,0x07,0x07, /* [4666] OBJ_setCext_PGWYcapabilities */
+0x67,0x2A,0x07,0x08, /* [4670] OBJ_setCext_TokenIdentifier */
+0x67,0x2A,0x07,0x09, /* [4674] OBJ_setCext_Track2Data */
+0x67,0x2A,0x07,0x0A, /* [4678] OBJ_setCext_TokenType */
+0x67,0x2A,0x07,0x0B, /* [4682] OBJ_setCext_IssuerCapabilities */
+0x67,0x2A,0x03,0x00, /* [4686] OBJ_setAttr_Cert */
+0x67,0x2A,0x03,0x01, /* [4690] OBJ_setAttr_PGWYcap */
+0x67,0x2A,0x03,0x02, /* [4694] OBJ_setAttr_TokenType */
+0x67,0x2A,0x03,0x03, /* [4698] OBJ_setAttr_IssCap */
+0x67,0x2A,0x03,0x00,0x00, /* [4702] OBJ_set_rootKeyThumb */
+0x67,0x2A,0x03,0x00,0x01, /* [4707] OBJ_set_addPolicy */
+0x67,0x2A,0x03,0x02,0x01, /* [4712] OBJ_setAttr_Token_EMV */
+0x67,0x2A,0x03,0x02,0x02, /* [4717] OBJ_setAttr_Token_B0Prime */
+0x67,0x2A,0x03,0x03,0x03, /* [4722] OBJ_setAttr_IssCap_CVM */
+0x67,0x2A,0x03,0x03,0x04, /* [4727] OBJ_setAttr_IssCap_T2 */
+0x67,0x2A,0x03,0x03,0x05, /* [4732] OBJ_setAttr_IssCap_Sig */
+0x67,0x2A,0x03,0x03,0x03,0x01, /* [4737] OBJ_setAttr_GenCryptgrm */
+0x67,0x2A,0x03,0x03,0x04,0x01, /* [4743] OBJ_setAttr_T2Enc */
+0x67,0x2A,0x03,0x03,0x04,0x02, /* [4749] OBJ_setAttr_T2cleartxt */
+0x67,0x2A,0x03,0x03,0x05,0x01, /* [4755] OBJ_setAttr_TokICCsig */
+0x67,0x2A,0x03,0x03,0x05,0x02, /* [4761] OBJ_setAttr_SecDevSig */
+0x67,0x2A,0x08,0x01, /* [4767] OBJ_set_brand_IATA_ATA */
+0x67,0x2A,0x08,0x1E, /* [4771] OBJ_set_brand_Diners */
+0x67,0x2A,0x08,0x22, /* [4775] OBJ_set_brand_AmericanExpress */
+0x67,0x2A,0x08,0x23, /* [4779] OBJ_set_brand_JCB */
+0x67,0x2A,0x08,0x04, /* [4783] OBJ_set_brand_Visa */
+0x67,0x2A,0x08,0x05, /* [4787] OBJ_set_brand_MasterCard */
+0x67,0x2A,0x08,0xAE,0x7B, /* [4791] OBJ_set_brand_Novus */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x0A, /* [4796] OBJ_des_cdmf */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x06,/* [4804] OBJ_rsaOAEPEncryptionSET */
+0x67,0x2B,0x0D,0x04,0x03, /* [4813] OBJ_wap_wsg_idm_ecid_wtls3 */
+0x67,0x2B,0x0D,0x04,0x04, /* [4818] OBJ_wap_wsg_idm_ecid_wtls4 */
+0x67,0x2B,0x0D,0x04,0x05, /* [4823] OBJ_wap_wsg_idm_ecid_wtls5 */
+0x67,0x2B,0x0D,0x04,0x07, /* [4828] OBJ_wap_wsg_idm_ecid_wtls7 */
+0x67,0x2B,0x0D,0x04,0x0A, /* [4833] OBJ_wap_wsg_idm_ecid_wtls10 */
+0x67,0x2B,0x0D,0x04,0x0B, /* [4838] OBJ_wap_wsg_idm_ecid_wtls11 */
+0x67,0x2B,0x0D,0x04,0x0C, /* [4843] OBJ_wap_wsg_idm_ecid_wtls12 */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x02,/* [4848] OBJ_ms_smartcard_login */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x03,/* [4858] OBJ_ms_upn */
+0x55,0x1D,0x20,0x00, /* [4868] OBJ_any_policy */
+0x55,0x1D,0x21, /* [4872] OBJ_policy_mappings */
+0x55,0x1D,0x1E, /* [4875] OBJ_name_constraints */
+0x00, /* [4878] OBJ_itu_t */
+0x50, /* [4879] OBJ_joint_iso_itu_t */
+0x67, /* [4880] OBJ_international_organizations */
+0x55,0x1D,0x36, /* [4881] OBJ_inhibit_any_policy */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0B,/* [4884] OBJ_sha256WithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0C,/* [4893] OBJ_sha384WithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0D,/* [4902] OBJ_sha512WithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0E,/* [4911] OBJ_sha224WithRSAEncryption */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,/* [4920] OBJ_sha256 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,/* [4929] OBJ_sha384 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,/* [4938] OBJ_sha512 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x04,/* [4947] OBJ_sha224 */
};
static ASN1_OBJECT nid_objs[NUM_NID]={
@@ -1548,279 +1541,370 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
{"audio","audio",NID_audio,10,&(lvalues[3823]),0},
{"documentPublisher","documentPublisher",NID_documentPublisher,10,
&(lvalues[3833]),0},
+{"id-characteristic-two-basis","id-characteristic-two-basis",
+ NID_X9_62_id_characteristic_two_basis,8,&(lvalues[3843]),0},
+{"onBasis","onBasis",NID_X9_62_onBasis,9,&(lvalues[3851]),0},
+{"tpBasis","tpBasis",NID_X9_62_tpBasis,9,&(lvalues[3860]),0},
+{"ppBasis","ppBasis",NID_X9_62_ppBasis,9,&(lvalues[3869]),0},
+{"c2pnb163v1","c2pnb163v1",NID_X9_62_c2pnb163v1,8,&(lvalues[3878]),0},
+{"c2pnb163v2","c2pnb163v2",NID_X9_62_c2pnb163v2,8,&(lvalues[3886]),0},
+{"c2pnb163v3","c2pnb163v3",NID_X9_62_c2pnb163v3,8,&(lvalues[3894]),0},
+{"c2pnb176v1","c2pnb176v1",NID_X9_62_c2pnb176v1,8,&(lvalues[3902]),0},
+{"c2tnb191v1","c2tnb191v1",NID_X9_62_c2tnb191v1,8,&(lvalues[3910]),0},
+{"c2tnb191v2","c2tnb191v2",NID_X9_62_c2tnb191v2,8,&(lvalues[3918]),0},
+{"c2tnb191v3","c2tnb191v3",NID_X9_62_c2tnb191v3,8,&(lvalues[3926]),0},
+{"c2onb191v4","c2onb191v4",NID_X9_62_c2onb191v4,8,&(lvalues[3934]),0},
+{"c2onb191v5","c2onb191v5",NID_X9_62_c2onb191v5,8,&(lvalues[3942]),0},
+{"c2pnb208w1","c2pnb208w1",NID_X9_62_c2pnb208w1,8,&(lvalues[3950]),0},
+{"c2tnb239v1","c2tnb239v1",NID_X9_62_c2tnb239v1,8,&(lvalues[3958]),0},
+{"c2tnb239v2","c2tnb239v2",NID_X9_62_c2tnb239v2,8,&(lvalues[3966]),0},
+{"c2tnb239v3","c2tnb239v3",NID_X9_62_c2tnb239v3,8,&(lvalues[3974]),0},
+{"c2onb239v4","c2onb239v4",NID_X9_62_c2onb239v4,8,&(lvalues[3982]),0},
+{"c2onb239v5","c2onb239v5",NID_X9_62_c2onb239v5,8,&(lvalues[3990]),0},
+{"c2pnb272w1","c2pnb272w1",NID_X9_62_c2pnb272w1,8,&(lvalues[3998]),0},
+{"c2pnb304w1","c2pnb304w1",NID_X9_62_c2pnb304w1,8,&(lvalues[4006]),0},
+{"c2tnb359v1","c2tnb359v1",NID_X9_62_c2tnb359v1,8,&(lvalues[4014]),0},
+{"c2pnb368w1","c2pnb368w1",NID_X9_62_c2pnb368w1,8,&(lvalues[4022]),0},
+{"c2tnb431r1","c2tnb431r1",NID_X9_62_c2tnb431r1,8,&(lvalues[4030]),0},
+{"identified-organization","identified-organization",
+ NID_identified_organization,1,&(lvalues[4038]),0},
+{"certicom-arc","certicom-arc",NID_certicom_arc,3,&(lvalues[4039]),0},
+{"secp112r1","secp112r1",NID_secp112r1,5,&(lvalues[4042]),0},
+{"secp112r2","secp112r2",NID_secp112r2,5,&(lvalues[4047]),0},
+{"secp128r1","secp128r1",NID_secp128r1,5,&(lvalues[4052]),0},
+{"secp128r2","secp128r2",NID_secp128r2,5,&(lvalues[4057]),0},
+{"secp160k1","secp160k1",NID_secp160k1,5,&(lvalues[4062]),0},
+{"secp160r1","secp160r1",NID_secp160r1,5,&(lvalues[4067]),0},
+{"secp160r2","secp160r2",NID_secp160r2,5,&(lvalues[4072]),0},
+{"secp192k1","secp192k1",NID_secp192k1,5,&(lvalues[4077]),0},
+{NULL,NULL,NID_undef,0,NULL},
+{"secp224k1","secp224k1",NID_secp224k1,5,&(lvalues[4082]),0},
+{"secp224r1","secp224r1",NID_secp224r1,5,&(lvalues[4087]),0},
+{"secp256k1","secp256k1",NID_secp256k1,5,&(lvalues[4092]),0},
+{NULL,NULL,NID_undef,0,NULL},
+{"secp384r1","secp384r1",NID_secp384r1,5,&(lvalues[4097]),0},
+{"secp521r1","secp521r1",NID_secp521r1,5,&(lvalues[4102]),0},
+{"sect113r1","sect113r1",NID_sect113r1,5,&(lvalues[4107]),0},
+{"sect113r2","sect113r2",NID_sect113r2,5,&(lvalues[4112]),0},
+{"sect131r1","sect131r1",NID_sect131r1,5,&(lvalues[4117]),0},
+{"sect131r2","sect131r2",NID_sect131r2,5,&(lvalues[4122]),0},
+{"sect163k1","sect163k1",NID_sect163k1,5,&(lvalues[4127]),0},
+{"sect163r1","sect163r1",NID_sect163r1,5,&(lvalues[4132]),0},
+{"sect163r2","sect163r2",NID_sect163r2,5,&(lvalues[4137]),0},
+{"sect193r1","sect193r1",NID_sect193r1,5,&(lvalues[4142]),0},
+{"sect193r2","sect193r2",NID_sect193r2,5,&(lvalues[4147]),0},
+{"sect233k1","sect233k1",NID_sect233k1,5,&(lvalues[4152]),0},
+{"sect233r1","sect233r1",NID_sect233r1,5,&(lvalues[4157]),0},
+{"sect239k1","sect239k1",NID_sect239k1,5,&(lvalues[4162]),0},
+{"sect283k1","sect283k1",NID_sect283k1,5,&(lvalues[4167]),0},
+{"sect283r1","sect283r1",NID_sect283r1,5,&(lvalues[4172]),0},
+{"sect409k1","sect409k1",NID_sect409k1,5,&(lvalues[4177]),0},
+{"sect409r1","sect409r1",NID_sect409r1,5,&(lvalues[4182]),0},
+{"sect571k1","sect571k1",NID_sect571k1,5,&(lvalues[4187]),0},
+{"sect571r1","sect571r1",NID_sect571r1,5,&(lvalues[4192]),0},
+{"wap","wap",NID_wap,2,&(lvalues[4197]),0},
+{"wap-wsg","wap-wsg",NID_wap_wsg,3,&(lvalues[4199]),0},
+{"wap-wsg-idm-ecid-wtls1","wap-wsg-idm-ecid-wtls1",
+ NID_wap_wsg_idm_ecid_wtls1,5,&(lvalues[4202]),0},
+{"wap-wsg-idm-ecid-wtls6","wap-wsg-idm-ecid-wtls6",
+ NID_wap_wsg_idm_ecid_wtls6,5,&(lvalues[4207]),0},
+{"wap-wsg-idm-ecid-wtls8","wap-wsg-idm-ecid-wtls8",
+ NID_wap_wsg_idm_ecid_wtls8,5,&(lvalues[4212]),0},
+{"wap-wsg-idm-ecid-wtls9","wap-wsg-idm-ecid-wtls9",
+ NID_wap_wsg_idm_ecid_wtls9,5,&(lvalues[4217]),0},
{"x500UniqueIdentifier","x500UniqueIdentifier",
- NID_x500UniqueIdentifier,3,&(lvalues[3843]),0},
-{"mime-mhs","MIME MHS",NID_mime_mhs,5,&(lvalues[3846]),0},
+ NID_x500UniqueIdentifier,3,&(lvalues[4222]),0},
+{"mime-mhs","MIME MHS",NID_mime_mhs,5,&(lvalues[4225]),0},
{"mime-mhs-headings","mime-mhs-headings",NID_mime_mhs_headings,6,
- &(lvalues[3851]),0},
+ &(lvalues[4230]),0},
{"mime-mhs-bodies","mime-mhs-bodies",NID_mime_mhs_bodies,6,
- &(lvalues[3857]),0},
+ &(lvalues[4236]),0},
{"id-hex-partial-message","id-hex-partial-message",
- NID_id_hex_partial_message,7,&(lvalues[3863]),0},
+ NID_id_hex_partial_message,7,&(lvalues[4242]),0},
{"id-hex-multipart-message","id-hex-multipart-message",
- NID_id_hex_multipart_message,7,&(lvalues[3870]),0},
+ NID_id_hex_multipart_message,7,&(lvalues[4249]),0},
{"generationQualifier","generationQualifier",NID_generationQualifier,
- 3,&(lvalues[3877]),0},
-{"pseudonym","pseudonym",NID_pseudonym,3,&(lvalues[3880]),0},
-{NULL,NULL,NID_undef,0,NULL},
+ 3,&(lvalues[4256]),0},
+{"pseudonym","pseudonym",NID_pseudonym,3,&(lvalues[4259]),0},
{"id-set","Secure Electronic Transactions",NID_id_set,2,
- &(lvalues[3883]),0},
-{"set-ctype","content types",NID_set_ctype,3,&(lvalues[3885]),0},
-{"set-msgExt","message extensions",NID_set_msgExt,3,&(lvalues[3888]),0},
-{"set-attr","set-attr",NID_set_attr,3,&(lvalues[3891]),0},
-{"set-policy","set-policy",NID_set_policy,3,&(lvalues[3894]),0},
+ &(lvalues[4262]),0},
+{"set-ctype","content types",NID_set_ctype,3,&(lvalues[4264]),0},
+{"set-msgExt","message extensions",NID_set_msgExt,3,&(lvalues[4267]),0},
+{"set-attr","set-attr",NID_set_attr,3,&(lvalues[4270]),0},
+{"set-policy","set-policy",NID_set_policy,3,&(lvalues[4273]),0},
{"set-certExt","certificate extensions",NID_set_certExt,3,
- &(lvalues[3897]),0},
-{"set-brand","set-brand",NID_set_brand,3,&(lvalues[3900]),0},
-{"setct-PANData","setct-PANData",NID_setct_PANData,4,&(lvalues[3903]),0},
+ &(lvalues[4276]),0},
+{"set-brand","set-brand",NID_set_brand,3,&(lvalues[4279]),0},
+{"setct-PANData","setct-PANData",NID_setct_PANData,4,&(lvalues[4282]),0},
{"setct-PANToken","setct-PANToken",NID_setct_PANToken,4,
- &(lvalues[3907]),0},
-{"setct-PANOnly","setct-PANOnly",NID_setct_PANOnly,4,&(lvalues[3911]),0},
-{"setct-OIData","setct-OIData",NID_setct_OIData,4,&(lvalues[3915]),0},
-{"setct-PI","setct-PI",NID_setct_PI,4,&(lvalues[3919]),0},
-{"setct-PIData","setct-PIData",NID_setct_PIData,4,&(lvalues[3923]),0},
+ &(lvalues[4286]),0},
+{"setct-PANOnly","setct-PANOnly",NID_setct_PANOnly,4,&(lvalues[4290]),0},
+{"setct-OIData","setct-OIData",NID_setct_OIData,4,&(lvalues[4294]),0},
+{"setct-PI","setct-PI",NID_setct_PI,4,&(lvalues[4298]),0},
+{"setct-PIData","setct-PIData",NID_setct_PIData,4,&(lvalues[4302]),0},
{"setct-PIDataUnsigned","setct-PIDataUnsigned",
- NID_setct_PIDataUnsigned,4,&(lvalues[3927]),0},
+ NID_setct_PIDataUnsigned,4,&(lvalues[4306]),0},
{"setct-HODInput","setct-HODInput",NID_setct_HODInput,4,
- &(lvalues[3931]),0},
+ &(lvalues[4310]),0},
{"setct-AuthResBaggage","setct-AuthResBaggage",
- NID_setct_AuthResBaggage,4,&(lvalues[3935]),0},
+ NID_setct_AuthResBaggage,4,&(lvalues[4314]),0},
{"setct-AuthRevReqBaggage","setct-AuthRevReqBaggage",
- NID_setct_AuthRevReqBaggage,4,&(lvalues[3939]),0},
+ NID_setct_AuthRevReqBaggage,4,&(lvalues[4318]),0},
{"setct-AuthRevResBaggage","setct-AuthRevResBaggage",
- NID_setct_AuthRevResBaggage,4,&(lvalues[3943]),0},
+ NID_setct_AuthRevResBaggage,4,&(lvalues[4322]),0},
{"setct-CapTokenSeq","setct-CapTokenSeq",NID_setct_CapTokenSeq,4,
- &(lvalues[3947]),0},
+ &(lvalues[4326]),0},
{"setct-PInitResData","setct-PInitResData",NID_setct_PInitResData,4,
- &(lvalues[3951]),0},
-{"setct-PI-TBS","setct-PI-TBS",NID_setct_PI_TBS,4,&(lvalues[3955]),0},
+ &(lvalues[4330]),0},
+{"setct-PI-TBS","setct-PI-TBS",NID_setct_PI_TBS,4,&(lvalues[4334]),0},
{"setct-PResData","setct-PResData",NID_setct_PResData,4,
- &(lvalues[3959]),0},
+ &(lvalues[4338]),0},
{"setct-AuthReqTBS","setct-AuthReqTBS",NID_setct_AuthReqTBS,4,
- &(lvalues[3963]),0},
+ &(lvalues[4342]),0},
{"setct-AuthResTBS","setct-AuthResTBS",NID_setct_AuthResTBS,4,
- &(lvalues[3967]),0},
+ &(lvalues[4346]),0},
{"setct-AuthResTBSX","setct-AuthResTBSX",NID_setct_AuthResTBSX,4,
- &(lvalues[3971]),0},
+ &(lvalues[4350]),0},
{"setct-AuthTokenTBS","setct-AuthTokenTBS",NID_setct_AuthTokenTBS,4,
- &(lvalues[3975]),0},
+ &(lvalues[4354]),0},
{"setct-CapTokenData","setct-CapTokenData",NID_setct_CapTokenData,4,
- &(lvalues[3979]),0},
+ &(lvalues[4358]),0},
{"setct-CapTokenTBS","setct-CapTokenTBS",NID_setct_CapTokenTBS,4,
- &(lvalues[3983]),0},
+ &(lvalues[4362]),0},
{"setct-AcqCardCodeMsg","setct-AcqCardCodeMsg",
- NID_setct_AcqCardCodeMsg,4,&(lvalues[3987]),0},
+ NID_setct_AcqCardCodeMsg,4,&(lvalues[4366]),0},
{"setct-AuthRevReqTBS","setct-AuthRevReqTBS",NID_setct_AuthRevReqTBS,
- 4,&(lvalues[3991]),0},
+ 4,&(lvalues[4370]),0},
{"setct-AuthRevResData","setct-AuthRevResData",
- NID_setct_AuthRevResData,4,&(lvalues[3995]),0},
+ NID_setct_AuthRevResData,4,&(lvalues[4374]),0},
{"setct-AuthRevResTBS","setct-AuthRevResTBS",NID_setct_AuthRevResTBS,
- 4,&(lvalues[3999]),0},
+ 4,&(lvalues[4378]),0},
{"setct-CapReqTBS","setct-CapReqTBS",NID_setct_CapReqTBS,4,
- &(lvalues[4003]),0},
+ &(lvalues[4382]),0},
{"setct-CapReqTBSX","setct-CapReqTBSX",NID_setct_CapReqTBSX,4,
- &(lvalues[4007]),0},
+ &(lvalues[4386]),0},
{"setct-CapResData","setct-CapResData",NID_setct_CapResData,4,
- &(lvalues[4011]),0},
+ &(lvalues[4390]),0},
{"setct-CapRevReqTBS","setct-CapRevReqTBS",NID_setct_CapRevReqTBS,4,
- &(lvalues[4015]),0},
+ &(lvalues[4394]),0},
{"setct-CapRevReqTBSX","setct-CapRevReqTBSX",NID_setct_CapRevReqTBSX,
- 4,&(lvalues[4019]),0},
+ 4,&(lvalues[4398]),0},
{"setct-CapRevResData","setct-CapRevResData",NID_setct_CapRevResData,
- 4,&(lvalues[4023]),0},
+ 4,&(lvalues[4402]),0},
{"setct-CredReqTBS","setct-CredReqTBS",NID_setct_CredReqTBS,4,
- &(lvalues[4027]),0},
+ &(lvalues[4406]),0},
{"setct-CredReqTBSX","setct-CredReqTBSX",NID_setct_CredReqTBSX,4,
- &(lvalues[4031]),0},
+ &(lvalues[4410]),0},
{"setct-CredResData","setct-CredResData",NID_setct_CredResData,4,
- &(lvalues[4035]),0},
+ &(lvalues[4414]),0},
{"setct-CredRevReqTBS","setct-CredRevReqTBS",NID_setct_CredRevReqTBS,
- 4,&(lvalues[4039]),0},
+ 4,&(lvalues[4418]),0},
{"setct-CredRevReqTBSX","setct-CredRevReqTBSX",
- NID_setct_CredRevReqTBSX,4,&(lvalues[4043]),0},
+ NID_setct_CredRevReqTBSX,4,&(lvalues[4422]),0},
{"setct-CredRevResData","setct-CredRevResData",
- NID_setct_CredRevResData,4,&(lvalues[4047]),0},
+ NID_setct_CredRevResData,4,&(lvalues[4426]),0},
{"setct-PCertReqData","setct-PCertReqData",NID_setct_PCertReqData,4,
- &(lvalues[4051]),0},
+ &(lvalues[4430]),0},
{"setct-PCertResTBS","setct-PCertResTBS",NID_setct_PCertResTBS,4,
- &(lvalues[4055]),0},
+ &(lvalues[4434]),0},
{"setct-BatchAdminReqData","setct-BatchAdminReqData",
- NID_setct_BatchAdminReqData,4,&(lvalues[4059]),0},
+ NID_setct_BatchAdminReqData,4,&(lvalues[4438]),0},
{"setct-BatchAdminResData","setct-BatchAdminResData",
- NID_setct_BatchAdminResData,4,&(lvalues[4063]),0},
+ NID_setct_BatchAdminResData,4,&(lvalues[4442]),0},
{"setct-CardCInitResTBS","setct-CardCInitResTBS",
- NID_setct_CardCInitResTBS,4,&(lvalues[4067]),0},
+ NID_setct_CardCInitResTBS,4,&(lvalues[4446]),0},
{"setct-MeAqCInitResTBS","setct-MeAqCInitResTBS",
- NID_setct_MeAqCInitResTBS,4,&(lvalues[4071]),0},
+ NID_setct_MeAqCInitResTBS,4,&(lvalues[4450]),0},
{"setct-RegFormResTBS","setct-RegFormResTBS",NID_setct_RegFormResTBS,
- 4,&(lvalues[4075]),0},
+ 4,&(lvalues[4454]),0},
{"setct-CertReqData","setct-CertReqData",NID_setct_CertReqData,4,
- &(lvalues[4079]),0},
+ &(lvalues[4458]),0},
{"setct-CertReqTBS","setct-CertReqTBS",NID_setct_CertReqTBS,4,
- &(lvalues[4083]),0},
+ &(lvalues[4462]),0},
{"setct-CertResData","setct-CertResData",NID_setct_CertResData,4,
- &(lvalues[4087]),0},
+ &(lvalues[4466]),0},
{"setct-CertInqReqTBS","setct-CertInqReqTBS",NID_setct_CertInqReqTBS,
- 4,&(lvalues[4091]),0},
+ 4,&(lvalues[4470]),0},
{"setct-ErrorTBS","setct-ErrorTBS",NID_setct_ErrorTBS,4,
- &(lvalues[4095]),0},
+ &(lvalues[4474]),0},
{"setct-PIDualSignedTBE","setct-PIDualSignedTBE",
- NID_setct_PIDualSignedTBE,4,&(lvalues[4099]),0},
+ NID_setct_PIDualSignedTBE,4,&(lvalues[4478]),0},
{"setct-PIUnsignedTBE","setct-PIUnsignedTBE",NID_setct_PIUnsignedTBE,
- 4,&(lvalues[4103]),0},
+ 4,&(lvalues[4482]),0},
{"setct-AuthReqTBE","setct-AuthReqTBE",NID_setct_AuthReqTBE,4,
- &(lvalues[4107]),0},
+ &(lvalues[4486]),0},
{"setct-AuthResTBE","setct-AuthResTBE",NID_setct_AuthResTBE,4,
- &(lvalues[4111]),0},
+ &(lvalues[4490]),0},
{"setct-AuthResTBEX","setct-AuthResTBEX",NID_setct_AuthResTBEX,4,
- &(lvalues[4115]),0},
+ &(lvalues[4494]),0},
{"setct-AuthTokenTBE","setct-AuthTokenTBE",NID_setct_AuthTokenTBE,4,
- &(lvalues[4119]),0},
+ &(lvalues[4498]),0},
{"setct-CapTokenTBE","setct-CapTokenTBE",NID_setct_CapTokenTBE,4,
- &(lvalues[4123]),0},
+ &(lvalues[4502]),0},
{"setct-CapTokenTBEX","setct-CapTokenTBEX",NID_setct_CapTokenTBEX,4,
- &(lvalues[4127]),0},
+ &(lvalues[4506]),0},
{"setct-AcqCardCodeMsgTBE","setct-AcqCardCodeMsgTBE",
- NID_setct_AcqCardCodeMsgTBE,4,&(lvalues[4131]),0},
+ NID_setct_AcqCardCodeMsgTBE,4,&(lvalues[4510]),0},
{"setct-AuthRevReqTBE","setct-AuthRevReqTBE",NID_setct_AuthRevReqTBE,
- 4,&(lvalues[4135]),0},
+ 4,&(lvalues[4514]),0},
{"setct-AuthRevResTBE","setct-AuthRevResTBE",NID_setct_AuthRevResTBE,
- 4,&(lvalues[4139]),0},
+ 4,&(lvalues[4518]),0},
{"setct-AuthRevResTBEB","setct-AuthRevResTBEB",
- NID_setct_AuthRevResTBEB,4,&(lvalues[4143]),0},
+ NID_setct_AuthRevResTBEB,4,&(lvalues[4522]),0},
{"setct-CapReqTBE","setct-CapReqTBE",NID_setct_CapReqTBE,4,
- &(lvalues[4147]),0},
+ &(lvalues[4526]),0},
{"setct-CapReqTBEX","setct-CapReqTBEX",NID_setct_CapReqTBEX,4,
- &(lvalues[4151]),0},
+ &(lvalues[4530]),0},
{"setct-CapResTBE","setct-CapResTBE",NID_setct_CapResTBE,4,
- &(lvalues[4155]),0},
+ &(lvalues[4534]),0},
{"setct-CapRevReqTBE","setct-CapRevReqTBE",NID_setct_CapRevReqTBE,4,
- &(lvalues[4159]),0},
+ &(lvalues[4538]),0},
{"setct-CapRevReqTBEX","setct-CapRevReqTBEX",NID_setct_CapRevReqTBEX,
- 4,&(lvalues[4163]),0},
+ 4,&(lvalues[4542]),0},
{"setct-CapRevResTBE","setct-CapRevResTBE",NID_setct_CapRevResTBE,4,
- &(lvalues[4167]),0},
+ &(lvalues[4546]),0},
{"setct-CredReqTBE","setct-CredReqTBE",NID_setct_CredReqTBE,4,
- &(lvalues[4171]),0},
+ &(lvalues[4550]),0},
{"setct-CredReqTBEX","setct-CredReqTBEX",NID_setct_CredReqTBEX,4,
- &(lvalues[4175]),0},
+ &(lvalues[4554]),0},
{"setct-CredResTBE","setct-CredResTBE",NID_setct_CredResTBE,4,
- &(lvalues[4179]),0},
+ &(lvalues[4558]),0},
{"setct-CredRevReqTBE","setct-CredRevReqTBE",NID_setct_CredRevReqTBE,
- 4,&(lvalues[4183]),0},
+ 4,&(lvalues[4562]),0},
{"setct-CredRevReqTBEX","setct-CredRevReqTBEX",
- NID_setct_CredRevReqTBEX,4,&(lvalues[4187]),0},
+ NID_setct_CredRevReqTBEX,4,&(lvalues[4566]),0},
{"setct-CredRevResTBE","setct-CredRevResTBE",NID_setct_CredRevResTBE,
- 4,&(lvalues[4191]),0},
+ 4,&(lvalues[4570]),0},
{"setct-BatchAdminReqTBE","setct-BatchAdminReqTBE",
- NID_setct_BatchAdminReqTBE,4,&(lvalues[4195]),0},
+ NID_setct_BatchAdminReqTBE,4,&(lvalues[4574]),0},
{"setct-BatchAdminResTBE","setct-BatchAdminResTBE",
- NID_setct_BatchAdminResTBE,4,&(lvalues[4199]),0},
+ NID_setct_BatchAdminResTBE,4,&(lvalues[4578]),0},
{"setct-RegFormReqTBE","setct-RegFormReqTBE",NID_setct_RegFormReqTBE,
- 4,&(lvalues[4203]),0},
+ 4,&(lvalues[4582]),0},
{"setct-CertReqTBE","setct-CertReqTBE",NID_setct_CertReqTBE,4,
- &(lvalues[4207]),0},
+ &(lvalues[4586]),0},
{"setct-CertReqTBEX","setct-CertReqTBEX",NID_setct_CertReqTBEX,4,
- &(lvalues[4211]),0},
+ &(lvalues[4590]),0},
{"setct-CertResTBE","setct-CertResTBE",NID_setct_CertResTBE,4,
- &(lvalues[4215]),0},
+ &(lvalues[4594]),0},
{"setct-CRLNotificationTBS","setct-CRLNotificationTBS",
- NID_setct_CRLNotificationTBS,4,&(lvalues[4219]),0},
+ NID_setct_CRLNotificationTBS,4,&(lvalues[4598]),0},
{"setct-CRLNotificationResTBS","setct-CRLNotificationResTBS",
- NID_setct_CRLNotificationResTBS,4,&(lvalues[4223]),0},
+ NID_setct_CRLNotificationResTBS,4,&(lvalues[4602]),0},
{"setct-BCIDistributionTBS","setct-BCIDistributionTBS",
- NID_setct_BCIDistributionTBS,4,&(lvalues[4227]),0},
+ NID_setct_BCIDistributionTBS,4,&(lvalues[4606]),0},
{"setext-genCrypt","generic cryptogram",NID_setext_genCrypt,4,
- &(lvalues[4231]),0},
+ &(lvalues[4610]),0},
{"setext-miAuth","merchant initiated auth",NID_setext_miAuth,4,
- &(lvalues[4235]),0},
+ &(lvalues[4614]),0},
{"setext-pinSecure","setext-pinSecure",NID_setext_pinSecure,4,
- &(lvalues[4239]),0},
-{"setext-pinAny","setext-pinAny",NID_setext_pinAny,4,&(lvalues[4243]),0},
-{"setext-track2","setext-track2",NID_setext_track2,4,&(lvalues[4247]),0},
+ &(lvalues[4618]),0},
+{"setext-pinAny","setext-pinAny",NID_setext_pinAny,4,&(lvalues[4622]),0},
+{"setext-track2","setext-track2",NID_setext_track2,4,&(lvalues[4626]),0},
{"setext-cv","additional verification",NID_setext_cv,4,
- &(lvalues[4251]),0},
+ &(lvalues[4630]),0},
{"set-policy-root","set-policy-root",NID_set_policy_root,4,
- &(lvalues[4255]),0},
+ &(lvalues[4634]),0},
{"setCext-hashedRoot","setCext-hashedRoot",NID_setCext_hashedRoot,4,
- &(lvalues[4259]),0},
+ &(lvalues[4638]),0},
{"setCext-certType","setCext-certType",NID_setCext_certType,4,
- &(lvalues[4263]),0},
+ &(lvalues[4642]),0},
{"setCext-merchData","setCext-merchData",NID_setCext_merchData,4,
- &(lvalues[4267]),0},
+ &(lvalues[4646]),0},
{"setCext-cCertRequired","setCext-cCertRequired",
- NID_setCext_cCertRequired,4,&(lvalues[4271]),0},
+ NID_setCext_cCertRequired,4,&(lvalues[4650]),0},
{"setCext-tunneling","setCext-tunneling",NID_setCext_tunneling,4,
- &(lvalues[4275]),0},
+ &(lvalues[4654]),0},
{"setCext-setExt","setCext-setExt",NID_setCext_setExt,4,
- &(lvalues[4279]),0},
+ &(lvalues[4658]),0},
{"setCext-setQualf","setCext-setQualf",NID_setCext_setQualf,4,
- &(lvalues[4283]),0},
+ &(lvalues[4662]),0},
{"setCext-PGWYcapabilities","setCext-PGWYcapabilities",
- NID_setCext_PGWYcapabilities,4,&(lvalues[4287]),0},
+ NID_setCext_PGWYcapabilities,4,&(lvalues[4666]),0},
{"setCext-TokenIdentifier","setCext-TokenIdentifier",
- NID_setCext_TokenIdentifier,4,&(lvalues[4291]),0},
+ NID_setCext_TokenIdentifier,4,&(lvalues[4670]),0},
{"setCext-Track2Data","setCext-Track2Data",NID_setCext_Track2Data,4,
- &(lvalues[4295]),0},
+ &(lvalues[4674]),0},
{"setCext-TokenType","setCext-TokenType",NID_setCext_TokenType,4,
- &(lvalues[4299]),0},
+ &(lvalues[4678]),0},
{"setCext-IssuerCapabilities","setCext-IssuerCapabilities",
- NID_setCext_IssuerCapabilities,4,&(lvalues[4303]),0},
-{"setAttr-Cert","setAttr-Cert",NID_setAttr_Cert,4,&(lvalues[4307]),0},
+ NID_setCext_IssuerCapabilities,4,&(lvalues[4682]),0},
+{"setAttr-Cert","setAttr-Cert",NID_setAttr_Cert,4,&(lvalues[4686]),0},
{"setAttr-PGWYcap","payment gateway capabilities",NID_setAttr_PGWYcap,
- 4,&(lvalues[4311]),0},
+ 4,&(lvalues[4690]),0},
{"setAttr-TokenType","setAttr-TokenType",NID_setAttr_TokenType,4,
- &(lvalues[4315]),0},
+ &(lvalues[4694]),0},
{"setAttr-IssCap","issuer capabilities",NID_setAttr_IssCap,4,
- &(lvalues[4319]),0},
+ &(lvalues[4698]),0},
{"set-rootKeyThumb","set-rootKeyThumb",NID_set_rootKeyThumb,5,
- &(lvalues[4323]),0},
-{"set-addPolicy","set-addPolicy",NID_set_addPolicy,5,&(lvalues[4328]),0},
+ &(lvalues[4702]),0},
+{"set-addPolicy","set-addPolicy",NID_set_addPolicy,5,&(lvalues[4707]),0},
{"setAttr-Token-EMV","setAttr-Token-EMV",NID_setAttr_Token_EMV,5,
- &(lvalues[4333]),0},
+ &(lvalues[4712]),0},
{"setAttr-Token-B0Prime","setAttr-Token-B0Prime",
- NID_setAttr_Token_B0Prime,5,&(lvalues[4338]),0},
+ NID_setAttr_Token_B0Prime,5,&(lvalues[4717]),0},
{"setAttr-IssCap-CVM","setAttr-IssCap-CVM",NID_setAttr_IssCap_CVM,5,
- &(lvalues[4343]),0},
+ &(lvalues[4722]),0},
{"setAttr-IssCap-T2","setAttr-IssCap-T2",NID_setAttr_IssCap_T2,5,
- &(lvalues[4348]),0},
+ &(lvalues[4727]),0},
{"setAttr-IssCap-Sig","setAttr-IssCap-Sig",NID_setAttr_IssCap_Sig,5,
- &(lvalues[4353]),0},
+ &(lvalues[4732]),0},
{"setAttr-GenCryptgrm","generate cryptogram",NID_setAttr_GenCryptgrm,
- 6,&(lvalues[4358]),0},
+ 6,&(lvalues[4737]),0},
{"setAttr-T2Enc","encrypted track 2",NID_setAttr_T2Enc,6,
- &(lvalues[4364]),0},
+ &(lvalues[4743]),0},
{"setAttr-T2cleartxt","cleartext track 2",NID_setAttr_T2cleartxt,6,
- &(lvalues[4370]),0},
+ &(lvalues[4749]),0},
{"setAttr-TokICCsig","ICC or token signature",NID_setAttr_TokICCsig,6,
- &(lvalues[4376]),0},
+ &(lvalues[4755]),0},
{"setAttr-SecDevSig","secure device signature",NID_setAttr_SecDevSig,
- 6,&(lvalues[4382]),0},
+ 6,&(lvalues[4761]),0},
{"set-brand-IATA-ATA","set-brand-IATA-ATA",NID_set_brand_IATA_ATA,4,
- &(lvalues[4388]),0},
+ &(lvalues[4767]),0},
{"set-brand-Diners","set-brand-Diners",NID_set_brand_Diners,4,
- &(lvalues[4392]),0},
+ &(lvalues[4771]),0},
{"set-brand-AmericanExpress","set-brand-AmericanExpress",
- NID_set_brand_AmericanExpress,4,&(lvalues[4396]),0},
-{"set-brand-JCB","set-brand-JCB",NID_set_brand_JCB,4,&(lvalues[4400]),0},
+ NID_set_brand_AmericanExpress,4,&(lvalues[4775]),0},
+{"set-brand-JCB","set-brand-JCB",NID_set_brand_JCB,4,&(lvalues[4779]),0},
{"set-brand-Visa","set-brand-Visa",NID_set_brand_Visa,4,
- &(lvalues[4404]),0},
+ &(lvalues[4783]),0},
{"set-brand-MasterCard","set-brand-MasterCard",
- NID_set_brand_MasterCard,4,&(lvalues[4408]),0},
+ NID_set_brand_MasterCard,4,&(lvalues[4787]),0},
{"set-brand-Novus","set-brand-Novus",NID_set_brand_Novus,5,
- &(lvalues[4412]),0},
-{"DES-CDMF","des-cdmf",NID_des_cdmf,8,&(lvalues[4417]),0},
+ &(lvalues[4791]),0},
+{"DES-CDMF","des-cdmf",NID_des_cdmf,8,&(lvalues[4796]),0},
{"rsaOAEPEncryptionSET","rsaOAEPEncryptionSET",
- NID_rsaOAEPEncryptionSET,9,&(lvalues[4425]),0},
-{"ITU-T","itu-t",NID_itu_t,1,&(lvalues[4434]),0},
-{"JOINT-ISO-ITU-T","joint-iso-itu-t",NID_joint_iso_itu_t,1,
- &(lvalues[4435]),0},
-{"international-organizations","International Organizations",
- NID_international_organizations,1,&(lvalues[4436]),0},
+ NID_rsaOAEPEncryptionSET,9,&(lvalues[4804]),0},
+{"wap-wsg-idm-ecid-wtls3","wap-wsg-idm-ecid-wtls3",
+ NID_wap_wsg_idm_ecid_wtls3,5,&(lvalues[4813]),0},
+{"wap-wsg-idm-ecid-wtls4","wap-wsg-idm-ecid-wtls4",
+ NID_wap_wsg_idm_ecid_wtls4,5,&(lvalues[4818]),0},
+{"wap-wsg-idm-ecid-wtls5","wap-wsg-idm-ecid-wtls5",
+ NID_wap_wsg_idm_ecid_wtls5,5,&(lvalues[4823]),0},
+{"wap-wsg-idm-ecid-wtls7","wap-wsg-idm-ecid-wtls7",
+ NID_wap_wsg_idm_ecid_wtls7,5,&(lvalues[4828]),0},
+{"wap-wsg-idm-ecid-wtls10","wap-wsg-idm-ecid-wtls10",
+ NID_wap_wsg_idm_ecid_wtls10,5,&(lvalues[4833]),0},
+{"wap-wsg-idm-ecid-wtls11","wap-wsg-idm-ecid-wtls11",
+ NID_wap_wsg_idm_ecid_wtls11,5,&(lvalues[4838]),0},
+{"wap-wsg-idm-ecid-wtls12","wap-wsg-idm-ecid-wtls12",
+ NID_wap_wsg_idm_ecid_wtls12,5,&(lvalues[4843]),0},
{"msSmartcardLogin","Microsoft Smartcardlogin",NID_ms_smartcard_login,
- 10,&(lvalues[4437]),0},
+ 10,&(lvalues[4848]),0},
{"msUPN","Microsoft Universal Principal Name",NID_ms_upn,10,
- &(lvalues[4447]),0},
+ &(lvalues[4858]),0},
+{"anyPolicy","X509v3 Any Policy",NID_any_policy,4,&(lvalues[4868]),0},
+{"policyMappings","X509v3 Policy Mappings",NID_policy_mappings,3,
+ &(lvalues[4872]),0},
+{"nameConstraints","X509v3 Name Constraints",NID_name_constraints,3,
+ &(lvalues[4875]),0},
+{"ITU-T","itu-t",NID_itu_t,1,&(lvalues[4878]),0},
+{"JOINT-ISO-ITU-T","joint-iso-itu-t",NID_joint_iso_itu_t,1,
+ &(lvalues[4879]),0},
+{"international-organizations","International Organizations",
+ NID_international_organizations,1,&(lvalues[4880]),0},
+{"Oakley-EC2N-3","ipsec3",NID_ipsec3,0,NULL},
+{"Oakley-EC2N-4","ipsec4",NID_ipsec4,0,NULL},
{"AES-128-CFB1","aes-128-cfb1",NID_aes_128_cfb1,0,NULL},
{"AES-192-CFB1","aes-192-cfb1",NID_aes_192_cfb1,0,NULL},
{"AES-256-CFB1","aes-256-cfb1",NID_aes_256_cfb1,0,NULL},
@@ -1831,140 +1915,40 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
{"DES-CFB8","des-cfb8",NID_des_cfb8,0,NULL},
{"DES-EDE3-CFB1","des-ede3-cfb1",NID_des_ede3_cfb1,0,NULL},
{"DES-EDE3-CFB8","des-ede3-cfb8",NID_des_ede3_cfb8,0,NULL},
-{"streetAddress","streetAddress",NID_streetAddress,3,&(lvalues[4457]),0},
-{"postalCode","postalCode",NID_postalCode,3,&(lvalues[4460]),0},
-{"identified-organization","identified-organization",
- NID_identified_organization,1,&(lvalues[4463]),0},
-{"certicom-arc","certicom-arc",NID_certicom_arc,3,&(lvalues[4464]),0},
-{"wap","wap",NID_wap,2,&(lvalues[4467]),0},
-{"wap-wsg","wap-wsg",NID_wap_wsg,3,&(lvalues[4469]),0},
-{"id-characteristic-two-basis","id-characteristic-two-basis",
- NID_X9_62_id_characteristic_two_basis,8,&(lvalues[4472]),0},
-{"onBasis","onBasis",NID_X9_62_onBasis,9,&(lvalues[4480]),0},
-{"tpBasis","tpBasis",NID_X9_62_tpBasis,9,&(lvalues[4489]),0},
-{"ppBasis","ppBasis",NID_X9_62_ppBasis,9,&(lvalues[4498]),0},
-{"c2pnb163v1","c2pnb163v1",NID_X9_62_c2pnb163v1,8,&(lvalues[4507]),0},
-{"c2pnb163v2","c2pnb163v2",NID_X9_62_c2pnb163v2,8,&(lvalues[4515]),0},
-{"c2pnb163v3","c2pnb163v3",NID_X9_62_c2pnb163v3,8,&(lvalues[4523]),0},
-{"c2pnb176v1","c2pnb176v1",NID_X9_62_c2pnb176v1,8,&(lvalues[4531]),0},
-{"c2tnb191v1","c2tnb191v1",NID_X9_62_c2tnb191v1,8,&(lvalues[4539]),0},
-{"c2tnb191v2","c2tnb191v2",NID_X9_62_c2tnb191v2,8,&(lvalues[4547]),0},
-{"c2tnb191v3","c2tnb191v3",NID_X9_62_c2tnb191v3,8,&(lvalues[4555]),0},
-{"c2onb191v4","c2onb191v4",NID_X9_62_c2onb191v4,8,&(lvalues[4563]),0},
-{"c2onb191v5","c2onb191v5",NID_X9_62_c2onb191v5,8,&(lvalues[4571]),0},
-{"c2pnb208w1","c2pnb208w1",NID_X9_62_c2pnb208w1,8,&(lvalues[4579]),0},
-{"c2tnb239v1","c2tnb239v1",NID_X9_62_c2tnb239v1,8,&(lvalues[4587]),0},
-{"c2tnb239v2","c2tnb239v2",NID_X9_62_c2tnb239v2,8,&(lvalues[4595]),0},
-{"c2tnb239v3","c2tnb239v3",NID_X9_62_c2tnb239v3,8,&(lvalues[4603]),0},
-{"c2onb239v4","c2onb239v4",NID_X9_62_c2onb239v4,8,&(lvalues[4611]),0},
-{"c2onb239v5","c2onb239v5",NID_X9_62_c2onb239v5,8,&(lvalues[4619]),0},
-{"c2pnb272w1","c2pnb272w1",NID_X9_62_c2pnb272w1,8,&(lvalues[4627]),0},
-{"c2pnb304w1","c2pnb304w1",NID_X9_62_c2pnb304w1,8,&(lvalues[4635]),0},
-{"c2tnb359v1","c2tnb359v1",NID_X9_62_c2tnb359v1,8,&(lvalues[4643]),0},
-{"c2pnb368w1","c2pnb368w1",NID_X9_62_c2pnb368w1,8,&(lvalues[4651]),0},
-{"c2tnb431r1","c2tnb431r1",NID_X9_62_c2tnb431r1,8,&(lvalues[4659]),0},
-{"secp112r1","secp112r1",NID_secp112r1,5,&(lvalues[4667]),0},
-{"secp112r2","secp112r2",NID_secp112r2,5,&(lvalues[4672]),0},
-{"secp128r1","secp128r1",NID_secp128r1,5,&(lvalues[4677]),0},
-{"secp128r2","secp128r2",NID_secp128r2,5,&(lvalues[4682]),0},
-{"secp160k1","secp160k1",NID_secp160k1,5,&(lvalues[4687]),0},
-{"secp160r1","secp160r1",NID_secp160r1,5,&(lvalues[4692]),0},
-{"secp160r2","secp160r2",NID_secp160r2,5,&(lvalues[4697]),0},
-{"secp192k1","secp192k1",NID_secp192k1,5,&(lvalues[4702]),0},
-{"secp224k1","secp224k1",NID_secp224k1,5,&(lvalues[4707]),0},
-{"secp224r1","secp224r1",NID_secp224r1,5,&(lvalues[4712]),0},
-{"secp256k1","secp256k1",NID_secp256k1,5,&(lvalues[4717]),0},
-{"secp384r1","secp384r1",NID_secp384r1,5,&(lvalues[4722]),0},
-{"secp521r1","secp521r1",NID_secp521r1,5,&(lvalues[4727]),0},
-{"sect113r1","sect113r1",NID_sect113r1,5,&(lvalues[4732]),0},
-{"sect113r2","sect113r2",NID_sect113r2,5,&(lvalues[4737]),0},
-{"sect131r1","sect131r1",NID_sect131r1,5,&(lvalues[4742]),0},
-{"sect131r2","sect131r2",NID_sect131r2,5,&(lvalues[4747]),0},
-{"sect163k1","sect163k1",NID_sect163k1,5,&(lvalues[4752]),0},
-{"sect163r1","sect163r1",NID_sect163r1,5,&(lvalues[4757]),0},
-{"sect163r2","sect163r2",NID_sect163r2,5,&(lvalues[4762]),0},
-{"sect193r1","sect193r1",NID_sect193r1,5,&(lvalues[4767]),0},
-{"sect193r2","sect193r2",NID_sect193r2,5,&(lvalues[4772]),0},
-{"sect233k1","sect233k1",NID_sect233k1,5,&(lvalues[4777]),0},
-{"sect233r1","sect233r1",NID_sect233r1,5,&(lvalues[4782]),0},
-{"sect239k1","sect239k1",NID_sect239k1,5,&(lvalues[4787]),0},
-{"sect283k1","sect283k1",NID_sect283k1,5,&(lvalues[4792]),0},
-{"sect283r1","sect283r1",NID_sect283r1,5,&(lvalues[4797]),0},
-{"sect409k1","sect409k1",NID_sect409k1,5,&(lvalues[4802]),0},
-{"sect409r1","sect409r1",NID_sect409r1,5,&(lvalues[4807]),0},
-{"sect571k1","sect571k1",NID_sect571k1,5,&(lvalues[4812]),0},
-{"sect571r1","sect571r1",NID_sect571r1,5,&(lvalues[4817]),0},
-{"wap-wsg-idm-ecid-wtls1","wap-wsg-idm-ecid-wtls1",
- NID_wap_wsg_idm_ecid_wtls1,5,&(lvalues[4822]),0},
-{"wap-wsg-idm-ecid-wtls3","wap-wsg-idm-ecid-wtls3",
- NID_wap_wsg_idm_ecid_wtls3,5,&(lvalues[4827]),0},
-{"wap-wsg-idm-ecid-wtls4","wap-wsg-idm-ecid-wtls4",
- NID_wap_wsg_idm_ecid_wtls4,5,&(lvalues[4832]),0},
-{"wap-wsg-idm-ecid-wtls5","wap-wsg-idm-ecid-wtls5",
- NID_wap_wsg_idm_ecid_wtls5,5,&(lvalues[4837]),0},
-{"wap-wsg-idm-ecid-wtls6","wap-wsg-idm-ecid-wtls6",
- NID_wap_wsg_idm_ecid_wtls6,5,&(lvalues[4842]),0},
-{"wap-wsg-idm-ecid-wtls7","wap-wsg-idm-ecid-wtls7",
- NID_wap_wsg_idm_ecid_wtls7,5,&(lvalues[4847]),0},
-{"wap-wsg-idm-ecid-wtls8","wap-wsg-idm-ecid-wtls8",
- NID_wap_wsg_idm_ecid_wtls8,5,&(lvalues[4852]),0},
-{"wap-wsg-idm-ecid-wtls9","wap-wsg-idm-ecid-wtls9",
- NID_wap_wsg_idm_ecid_wtls9,5,&(lvalues[4857]),0},
-{"wap-wsg-idm-ecid-wtls10","wap-wsg-idm-ecid-wtls10",
- NID_wap_wsg_idm_ecid_wtls10,5,&(lvalues[4862]),0},
-{"wap-wsg-idm-ecid-wtls11","wap-wsg-idm-ecid-wtls11",
- NID_wap_wsg_idm_ecid_wtls11,5,&(lvalues[4867]),0},
-{"wap-wsg-idm-ecid-wtls12","wap-wsg-idm-ecid-wtls12",
- NID_wap_wsg_idm_ecid_wtls12,5,&(lvalues[4872]),0},
+{"inhibitAnyPolicy","X509v3 Inhibit Any Policy",
+ NID_inhibit_any_policy,3,&(lvalues[4881]),0},
{"RSA-SHA256","sha256WithRSAEncryption",NID_sha256WithRSAEncryption,9,
- &(lvalues[4877]),0},
+ &(lvalues[4884]),0},
{"RSA-SHA384","sha384WithRSAEncryption",NID_sha384WithRSAEncryption,9,
- &(lvalues[4886]),0},
+ &(lvalues[4893]),0},
{"RSA-SHA512","sha512WithRSAEncryption",NID_sha512WithRSAEncryption,9,
- &(lvalues[4895]),0},
+ &(lvalues[4902]),0},
{"RSA-SHA224","sha224WithRSAEncryption",NID_sha224WithRSAEncryption,9,
- &(lvalues[4904]),0},
-{"nameConstraints","X509v3 Name Constraints",NID_name_constraints,3,
- &(lvalues[4913]),0},
-{"anyPolicy","X509v3 Any Policy",NID_any_policy,4,&(lvalues[4916]),0},
-{"policyMappings","X509v3 Policy Mappings",NID_policy_mappings,3,
- &(lvalues[4920]),0},
-{"inhibitAnyPolicy","X509v3 Inhibit Any Policy",
- NID_inhibit_any_policy,3,&(lvalues[4923]),0},
-{"SHA256","sha256",NID_sha256,9,&(lvalues[4926]),0},
-{"SHA384","sha384",NID_sha384,9,&(lvalues[4935]),0},
-{"SHA512","sha512",NID_sha512,9,&(lvalues[4944]),0},
-{"SHA224","sha224",NID_sha224,9,&(lvalues[4953]),0},
-{"Oakley-EC2N-3","ipsec3",NID_ipsec3,0,NULL},
-{"Oakley-EC2N-4","ipsec4",NID_ipsec4,0,NULL},
-{"id-ppl","id-ppl",NID_id_ppl,7,&(lvalues[4962]),0},
-{"proxyCertInfo","Proxy Certificate Information",NID_proxyCertInfo,8,
- &(lvalues[4969]),0},
-{"id-ppl-anyLanguage","Any language",NID_id_ppl_anyLanguage,8,
- &(lvalues[4977]),0},
-{"id-ppl-inheritAll","Inherit all",NID_id_ppl_inheritAll,8,
- &(lvalues[4985]),0},
-{"id-ppl-independent","Independent",NID_Independent,8,&(lvalues[4993]),0},
+ &(lvalues[4911]),0},
+{"SHA256","sha256",NID_sha256,9,&(lvalues[4920]),0},
+{"SHA384","sha384",NID_sha384,9,&(lvalues[4929]),0},
+{"SHA512","sha512",NID_sha512,9,&(lvalues[4938]),0},
+{"SHA224","sha224",NID_sha224,9,&(lvalues[4947]),0},
};
static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[364]),/* "AD_DVCS" */
&(nid_objs[419]),/* "AES-128-CBC" */
&(nid_objs[421]),/* "AES-128-CFB" */
-&(nid_objs[650]),/* "AES-128-CFB1" */
-&(nid_objs[653]),/* "AES-128-CFB8" */
+&(nid_objs[726]),/* "AES-128-CFB1" */
+&(nid_objs[729]),/* "AES-128-CFB8" */
&(nid_objs[418]),/* "AES-128-ECB" */
&(nid_objs[420]),/* "AES-128-OFB" */
&(nid_objs[423]),/* "AES-192-CBC" */
&(nid_objs[425]),/* "AES-192-CFB" */
-&(nid_objs[651]),/* "AES-192-CFB1" */
-&(nid_objs[654]),/* "AES-192-CFB8" */
+&(nid_objs[727]),/* "AES-192-CFB1" */
+&(nid_objs[730]),/* "AES-192-CFB8" */
&(nid_objs[422]),/* "AES-192-ECB" */
&(nid_objs[424]),/* "AES-192-OFB" */
&(nid_objs[427]),/* "AES-256-CBC" */
&(nid_objs[429]),/* "AES-256-CFB" */
-&(nid_objs[652]),/* "AES-256-CFB1" */
-&(nid_objs[655]),/* "AES-256-CFB8" */
+&(nid_objs[728]),/* "AES-256-CFB1" */
+&(nid_objs[731]),/* "AES-256-CFB8" */
&(nid_objs[426]),/* "AES-256-ECB" */
&(nid_objs[428]),/* "AES-256-OFB" */
&(nid_objs[91]),/* "BF-CBC" */
@@ -1982,10 +1966,10 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[367]),/* "CrlID" */
&(nid_objs[391]),/* "DC" */
&(nid_objs[31]),/* "DES-CBC" */
-&(nid_objs[643]),/* "DES-CDMF" */
+&(nid_objs[707]),/* "DES-CDMF" */
&(nid_objs[30]),/* "DES-CFB" */
-&(nid_objs[656]),/* "DES-CFB1" */
-&(nid_objs[657]),/* "DES-CFB8" */
+&(nid_objs[732]),/* "DES-CFB1" */
+&(nid_objs[733]),/* "DES-CFB8" */
&(nid_objs[29]),/* "DES-ECB" */
&(nid_objs[32]),/* "DES-EDE" */
&(nid_objs[43]),/* "DES-EDE-CBC" */
@@ -1994,8 +1978,8 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[33]),/* "DES-EDE3" */
&(nid_objs[44]),/* "DES-EDE3-CBC" */
&(nid_objs[61]),/* "DES-EDE3-CFB" */
-&(nid_objs[658]),/* "DES-EDE3-CFB1" */
-&(nid_objs[659]),/* "DES-EDE3-CFB8" */
+&(nid_objs[734]),/* "DES-EDE3-CFB1" */
+&(nid_objs[735]),/* "DES-EDE3-CFB8" */
&(nid_objs[63]),/* "DES-EDE3-OFB" */
&(nid_objs[45]),/* "DES-OFB" */
&(nid_objs[80]),/* "DESX-CBC" */
@@ -2014,8 +1998,8 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[46]),/* "IDEA-OFB" */
&(nid_objs[181]),/* "ISO" */
&(nid_objs[183]),/* "ISO-US" */
-&(nid_objs[645]),/* "ITU-T" */
-&(nid_objs[646]),/* "JOINT-ISO-ITU-T" */
+&(nid_objs[721]),/* "ITU-T" */
+&(nid_objs[722]),/* "JOINT-ISO-ITU-T" */
&(nid_objs[15]),/* "L" */
&(nid_objs[ 3]),/* "MD2" */
&(nid_objs[257]),/* "MD4" */
@@ -2032,8 +2016,8 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[180]),/* "OCSPSigning" */
&(nid_objs[379]),/* "ORG" */
&(nid_objs[18]),/* "OU" */
-&(nid_objs[744]),/* "Oakley-EC2N-3" */
-&(nid_objs[745]),/* "Oakley-EC2N-4" */
+&(nid_objs[724]),/* "Oakley-EC2N-3" */
+&(nid_objs[725]),/* "Oakley-EC2N-4" */
&(nid_objs[ 9]),/* "PBE-MD2-DES" */
&(nid_objs[168]),/* "PBE-MD2-RC2-64" */
&(nid_objs[10]),/* "PBE-MD5-DES" */
@@ -2074,16 +2058,16 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[42]),/* "RSA-SHA" */
&(nid_objs[65]),/* "RSA-SHA1" */
&(nid_objs[115]),/* "RSA-SHA1-2" */
-&(nid_objs[735]),/* "RSA-SHA224" */
-&(nid_objs[732]),/* "RSA-SHA256" */
-&(nid_objs[733]),/* "RSA-SHA384" */
-&(nid_objs[734]),/* "RSA-SHA512" */
+&(nid_objs[740]),/* "RSA-SHA224" */
+&(nid_objs[737]),/* "RSA-SHA256" */
+&(nid_objs[738]),/* "RSA-SHA384" */
+&(nid_objs[739]),/* "RSA-SHA512" */
&(nid_objs[41]),/* "SHA" */
&(nid_objs[64]),/* "SHA1" */
-&(nid_objs[743]),/* "SHA224" */
-&(nid_objs[740]),/* "SHA256" */
-&(nid_objs[741]),/* "SHA384" */
-&(nid_objs[742]),/* "SHA512" */
+&(nid_objs[744]),/* "SHA224" */
+&(nid_objs[741]),/* "SHA256" */
+&(nid_objs[742]),/* "SHA384" */
+&(nid_objs[743]),/* "SHA512" */
&(nid_objs[188]),/* "SMIME" */
&(nid_objs[167]),/* "SMIME-CAPS" */
&(nid_objs[100]),/* "SN" */
@@ -2107,7 +2091,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[363]),/* "ad_timestamping" */
&(nid_objs[376]),/* "algorithm" */
&(nid_objs[405]),/* "ansi-X9-62" */
-&(nid_objs[737]),/* "anyPolicy" */
+&(nid_objs[718]),/* "anyPolicy" */
&(nid_objs[370]),/* "archiveCutoff" */
&(nid_objs[484]),/* "associatedDomain" */
&(nid_objs[485]),/* "associatedName" */
@@ -2118,31 +2102,31 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[365]),/* "basicOCSPResponse" */
&(nid_objs[285]),/* "biometricInfo" */
&(nid_objs[494]),/* "buildingName" */
-&(nid_objs[677]),/* "c2onb191v4" */
-&(nid_objs[678]),/* "c2onb191v5" */
-&(nid_objs[683]),/* "c2onb239v4" */
-&(nid_objs[684]),/* "c2onb239v5" */
-&(nid_objs[670]),/* "c2pnb163v1" */
-&(nid_objs[671]),/* "c2pnb163v2" */
-&(nid_objs[672]),/* "c2pnb163v3" */
-&(nid_objs[673]),/* "c2pnb176v1" */
-&(nid_objs[679]),/* "c2pnb208w1" */
-&(nid_objs[685]),/* "c2pnb272w1" */
-&(nid_objs[686]),/* "c2pnb304w1" */
-&(nid_objs[688]),/* "c2pnb368w1" */
-&(nid_objs[674]),/* "c2tnb191v1" */
-&(nid_objs[675]),/* "c2tnb191v2" */
-&(nid_objs[676]),/* "c2tnb191v3" */
-&(nid_objs[680]),/* "c2tnb239v1" */
-&(nid_objs[681]),/* "c2tnb239v2" */
-&(nid_objs[682]),/* "c2tnb239v3" */
-&(nid_objs[687]),/* "c2tnb359v1" */
-&(nid_objs[689]),/* "c2tnb431r1" */
+&(nid_objs[514]),/* "c2onb191v4" */
+&(nid_objs[515]),/* "c2onb191v5" */
+&(nid_objs[520]),/* "c2onb239v4" */
+&(nid_objs[521]),/* "c2onb239v5" */
+&(nid_objs[507]),/* "c2pnb163v1" */
+&(nid_objs[508]),/* "c2pnb163v2" */
+&(nid_objs[509]),/* "c2pnb163v3" */
+&(nid_objs[510]),/* "c2pnb176v1" */
+&(nid_objs[516]),/* "c2pnb208w1" */
+&(nid_objs[522]),/* "c2pnb272w1" */
+&(nid_objs[523]),/* "c2pnb304w1" */
+&(nid_objs[525]),/* "c2pnb368w1" */
+&(nid_objs[511]),/* "c2tnb191v1" */
+&(nid_objs[512]),/* "c2tnb191v2" */
+&(nid_objs[513]),/* "c2tnb191v3" */
+&(nid_objs[517]),/* "c2tnb239v1" */
+&(nid_objs[518]),/* "c2tnb239v2" */
+&(nid_objs[519]),/* "c2tnb239v3" */
+&(nid_objs[524]),/* "c2tnb359v1" */
+&(nid_objs[526]),/* "c2tnb431r1" */
&(nid_objs[483]),/* "cNAMERecord" */
&(nid_objs[179]),/* "caIssuers" */
&(nid_objs[443]),/* "caseIgnoreIA5StringSyntax" */
&(nid_objs[152]),/* "certBag" */
-&(nid_objs[663]),/* "certicom-arc" */
+&(nid_objs[528]),/* "certicom-arc" */
&(nid_objs[89]),/* "certificatePolicies" */
&(nid_objs[54]),/* "challengePassword" */
&(nid_objs[407]),/* "characteristic-two-field" */
@@ -2187,7 +2171,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[453]),/* "friendlyCountry" */
&(nid_objs[490]),/* "friendlyCountryName" */
&(nid_objs[156]),/* "friendlyName" */
-&(nid_objs[509]),/* "generationQualifier" */
+&(nid_objs[574]),/* "generationQualifier" */
&(nid_objs[163]),/* "hmacWithSHA1" */
&(nid_objs[432]),/* "holdInstructionCallIssuer" */
&(nid_objs[430]),/* "holdInstructionCode" */
@@ -2215,7 +2199,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[362]),/* "id-cct-PKIResponse" */
&(nid_objs[360]),/* "id-cct-crs" */
&(nid_objs[81]),/* "id-ce" */
-&(nid_objs[666]),/* "id-characteristic-two-basis" */
+&(nid_objs[503]),/* "id-characteristic-two-basis" */
&(nid_objs[263]),/* "id-cmc" */
&(nid_objs[334]),/* "id-cmc-addExtensions" */
&(nid_objs[346]),/* "id-cmc-confirmCertAcceptance" */
@@ -2238,8 +2222,8 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[327]),/* "id-cmc-statusInfo" */
&(nid_objs[331]),/* "id-cmc-transactionId" */
&(nid_objs[408]),/* "id-ecPublicKey" */
-&(nid_objs[508]),/* "id-hex-multipart-message" */
-&(nid_objs[507]),/* "id-hex-partial-message" */
+&(nid_objs[573]),/* "id-hex-multipart-message" */
+&(nid_objs[572]),/* "id-hex-partial-message" */
&(nid_objs[260]),/* "id-it" */
&(nid_objs[302]),/* "id-it-caKeyUpdateInfo" */
&(nid_objs[298]),/* "id-it-caProtEncCert" */
@@ -2284,10 +2268,6 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[271]),/* "id-pkix1-explicit-93" */
&(nid_objs[270]),/* "id-pkix1-implicit-88" */
&(nid_objs[272]),/* "id-pkix1-implicit-93" */
-&(nid_objs[746]),/* "id-ppl" */
-&(nid_objs[748]),/* "id-ppl-anyLanguage" */
-&(nid_objs[750]),/* "id-ppl-independent" */
-&(nid_objs[749]),/* "id-ppl-inheritAll" */
&(nid_objs[267]),/* "id-qcs" */
&(nid_objs[359]),/* "id-qcs-pkixQCSyntax-v1" */
&(nid_objs[259]),/* "id-qt" */
@@ -2303,7 +2283,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[314]),/* "id-regInfo" */
&(nid_objs[322]),/* "id-regInfo-certReq" */
&(nid_objs[321]),/* "id-regInfo-utf8Pairs" */
-&(nid_objs[512]),/* "id-set" */
+&(nid_objs[576]),/* "id-set" */
&(nid_objs[191]),/* "id-smime-aa" */
&(nid_objs[215]),/* "id-smime-aa-contentHint" */
&(nid_objs[218]),/* "id-smime-aa-contentIdentifier" */
@@ -2372,11 +2352,11 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[194]),/* "id-smime-spq" */
&(nid_objs[250]),/* "id-smime-spq-ets-sqt-unotice" */
&(nid_objs[249]),/* "id-smime-spq-ets-sqt-uri" */
-&(nid_objs[662]),/* "identified-organization" */
+&(nid_objs[527]),/* "identified-organization" */
&(nid_objs[461]),/* "info" */
-&(nid_objs[739]),/* "inhibitAnyPolicy" */
+&(nid_objs[736]),/* "inhibitAnyPolicy" */
&(nid_objs[101]),/* "initials" */
-&(nid_objs[647]),/* "international-organizations" */
+&(nid_objs[723]),/* "international-organizations" */
&(nid_objs[142]),/* "invalidityDate" */
&(nid_objs[294]),/* "ipsecEndSystem" */
&(nid_objs[295]),/* "ipsecTunnel" */
@@ -2395,9 +2375,9 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[182]),/* "member-body" */
&(nid_objs[51]),/* "messageDigest" */
&(nid_objs[383]),/* "mgmt" */
-&(nid_objs[504]),/* "mime-mhs" */
-&(nid_objs[506]),/* "mime-mhs-bodies" */
-&(nid_objs[505]),/* "mime-mhs-headings" */
+&(nid_objs[569]),/* "mime-mhs" */
+&(nid_objs[571]),/* "mime-mhs-bodies" */
+&(nid_objs[570]),/* "mime-mhs-headings" */
&(nid_objs[488]),/* "mobileTelephoneNumber" */
&(nid_objs[136]),/* "msCTLSign" */
&(nid_objs[135]),/* "msCodeCom" */
@@ -2405,11 +2385,11 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[138]),/* "msEFS" */
&(nid_objs[171]),/* "msExtReq" */
&(nid_objs[137]),/* "msSGC" */
-&(nid_objs[648]),/* "msSmartcardLogin" */
-&(nid_objs[649]),/* "msUPN" */
+&(nid_objs[716]),/* "msSmartcardLogin" */
+&(nid_objs[717]),/* "msUPN" */
&(nid_objs[481]),/* "nSRecord" */
&(nid_objs[173]),/* "name" */
-&(nid_objs[736]),/* "nameConstraints" */
+&(nid_objs[720]),/* "nameConstraints" */
&(nid_objs[369]),/* "noCheck" */
&(nid_objs[403]),/* "noRevAvail" */
&(nid_objs[72]),/* "nsBaseUrl" */
@@ -2424,7 +2404,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[73]),/* "nsRevocationUrl" */
&(nid_objs[139]),/* "nsSGC" */
&(nid_objs[77]),/* "nsSslServerName" */
-&(nid_objs[667]),/* "onBasis" */
+&(nid_objs[504]),/* "onBasis" */
&(nid_objs[491]),/* "organizationalStatus" */
&(nid_objs[475]),/* "otherMailbox" */
&(nid_objs[489]),/* "pagerTelephoneNumber" */
@@ -2457,9 +2437,8 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[151]),/* "pkcs8ShroudedKeyBag" */
&(nid_objs[47]),/* "pkcs9" */
&(nid_objs[401]),/* "policyConstraints" */
-&(nid_objs[738]),/* "policyMappings" */
-&(nid_objs[661]),/* "postalCode" */
-&(nid_objs[669]),/* "ppBasis" */
+&(nid_objs[719]),/* "policyMappings" */
+&(nid_objs[506]),/* "ppBasis" */
&(nid_objs[406]),/* "prime-field" */
&(nid_objs[409]),/* "prime192v1" */
&(nid_objs[410]),/* "prime192v2" */
@@ -2470,8 +2449,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[415]),/* "prime256v1" */
&(nid_objs[385]),/* "private" */
&(nid_objs[84]),/* "privateKeyUsagePeriod" */
-&(nid_objs[747]),/* "proxyCertInfo" */
-&(nid_objs[510]),/* "pseudonym" */
+&(nid_objs[575]),/* "pseudonym" */
&(nid_objs[435]),/* "pss" */
&(nid_objs[286]),/* "qcStatements" */
&(nid_objs[457]),/* "qualityLabelledData" */
@@ -2480,7 +2458,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[448]),/* "room" */
&(nid_objs[463]),/* "roomNumber" */
&(nid_objs[ 6]),/* "rsaEncryption" */
-&(nid_objs[644]),/* "rsaOAEPEncryptionSET" */
+&(nid_objs[708]),/* "rsaOAEPEncryptionSET" */
&(nid_objs[377]),/* "rsaSignature" */
&(nid_objs[ 1]),/* "rsadsi" */
&(nid_objs[482]),/* "sOARecord" */
@@ -2489,179 +2467,178 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[290]),/* "sbqp-ipAddrBlock" */
&(nid_objs[292]),/* "sbqp-routerIdentifier" */
&(nid_objs[159]),/* "sdsiCertificate" */
-&(nid_objs[690]),/* "secp112r1" */
-&(nid_objs[691]),/* "secp112r2" */
-&(nid_objs[692]),/* "secp128r1" */
-&(nid_objs[693]),/* "secp128r2" */
-&(nid_objs[694]),/* "secp160k1" */
-&(nid_objs[695]),/* "secp160r1" */
-&(nid_objs[696]),/* "secp160r2" */
-&(nid_objs[697]),/* "secp192k1" */
-&(nid_objs[698]),/* "secp224k1" */
-&(nid_objs[699]),/* "secp224r1" */
-&(nid_objs[700]),/* "secp256k1" */
-&(nid_objs[701]),/* "secp384r1" */
-&(nid_objs[702]),/* "secp521r1" */
+&(nid_objs[529]),/* "secp112r1" */
+&(nid_objs[530]),/* "secp112r2" */
+&(nid_objs[531]),/* "secp128r1" */
+&(nid_objs[532]),/* "secp128r2" */
+&(nid_objs[533]),/* "secp160k1" */
+&(nid_objs[534]),/* "secp160r1" */
+&(nid_objs[535]),/* "secp160r2" */
+&(nid_objs[536]),/* "secp192k1" */
+&(nid_objs[538]),/* "secp224k1" */
+&(nid_objs[539]),/* "secp224r1" */
+&(nid_objs[540]),/* "secp256k1" */
+&(nid_objs[542]),/* "secp384r1" */
+&(nid_objs[543]),/* "secp521r1" */
&(nid_objs[154]),/* "secretBag" */
&(nid_objs[474]),/* "secretary" */
-&(nid_objs[703]),/* "sect113r1" */
-&(nid_objs[704]),/* "sect113r2" */
-&(nid_objs[705]),/* "sect131r1" */
-&(nid_objs[706]),/* "sect131r2" */
-&(nid_objs[707]),/* "sect163k1" */
-&(nid_objs[708]),/* "sect163r1" */
-&(nid_objs[709]),/* "sect163r2" */
-&(nid_objs[710]),/* "sect193r1" */
-&(nid_objs[711]),/* "sect193r2" */
-&(nid_objs[712]),/* "sect233k1" */
-&(nid_objs[713]),/* "sect233r1" */
-&(nid_objs[714]),/* "sect239k1" */
-&(nid_objs[715]),/* "sect283k1" */
-&(nid_objs[716]),/* "sect283r1" */
-&(nid_objs[717]),/* "sect409k1" */
-&(nid_objs[718]),/* "sect409r1" */
-&(nid_objs[719]),/* "sect571k1" */
-&(nid_objs[720]),/* "sect571r1" */
+&(nid_objs[544]),/* "sect113r1" */
+&(nid_objs[545]),/* "sect113r2" */
+&(nid_objs[546]),/* "sect131r1" */
+&(nid_objs[547]),/* "sect131r2" */
+&(nid_objs[548]),/* "sect163k1" */
+&(nid_objs[549]),/* "sect163r1" */
+&(nid_objs[550]),/* "sect163r2" */
+&(nid_objs[551]),/* "sect193r1" */
+&(nid_objs[552]),/* "sect193r2" */
+&(nid_objs[553]),/* "sect233k1" */
+&(nid_objs[554]),/* "sect233r1" */
+&(nid_objs[555]),/* "sect239k1" */
+&(nid_objs[556]),/* "sect283k1" */
+&(nid_objs[557]),/* "sect283r1" */
+&(nid_objs[558]),/* "sect409k1" */
+&(nid_objs[559]),/* "sect409r1" */
+&(nid_objs[560]),/* "sect571k1" */
+&(nid_objs[561]),/* "sect571r1" */
&(nid_objs[386]),/* "security" */
&(nid_objs[394]),/* "selected-attribute-types" */
&(nid_objs[105]),/* "serialNumber" */
&(nid_objs[129]),/* "serverAuth" */
&(nid_objs[371]),/* "serviceLocator" */
-&(nid_objs[625]),/* "set-addPolicy" */
-&(nid_objs[515]),/* "set-attr" */
-&(nid_objs[518]),/* "set-brand" */
-&(nid_objs[638]),/* "set-brand-AmericanExpress" */
-&(nid_objs[637]),/* "set-brand-Diners" */
-&(nid_objs[636]),/* "set-brand-IATA-ATA" */
-&(nid_objs[639]),/* "set-brand-JCB" */
-&(nid_objs[641]),/* "set-brand-MasterCard" */
-&(nid_objs[642]),/* "set-brand-Novus" */
-&(nid_objs[640]),/* "set-brand-Visa" */
-&(nid_objs[517]),/* "set-certExt" */
-&(nid_objs[513]),/* "set-ctype" */
-&(nid_objs[514]),/* "set-msgExt" */
-&(nid_objs[516]),/* "set-policy" */
-&(nid_objs[607]),/* "set-policy-root" */
-&(nid_objs[624]),/* "set-rootKeyThumb" */
-&(nid_objs[620]),/* "setAttr-Cert" */
-&(nid_objs[631]),/* "setAttr-GenCryptgrm" */
-&(nid_objs[623]),/* "setAttr-IssCap" */
-&(nid_objs[628]),/* "setAttr-IssCap-CVM" */
-&(nid_objs[630]),/* "setAttr-IssCap-Sig" */
-&(nid_objs[629]),/* "setAttr-IssCap-T2" */
-&(nid_objs[621]),/* "setAttr-PGWYcap" */
-&(nid_objs[635]),/* "setAttr-SecDevSig" */
-&(nid_objs[632]),/* "setAttr-T2Enc" */
-&(nid_objs[633]),/* "setAttr-T2cleartxt" */
-&(nid_objs[634]),/* "setAttr-TokICCsig" */
-&(nid_objs[627]),/* "setAttr-Token-B0Prime" */
-&(nid_objs[626]),/* "setAttr-Token-EMV" */
-&(nid_objs[622]),/* "setAttr-TokenType" */
-&(nid_objs[619]),/* "setCext-IssuerCapabilities" */
-&(nid_objs[615]),/* "setCext-PGWYcapabilities" */
-&(nid_objs[616]),/* "setCext-TokenIdentifier" */
-&(nid_objs[618]),/* "setCext-TokenType" */
-&(nid_objs[617]),/* "setCext-Track2Data" */
-&(nid_objs[611]),/* "setCext-cCertRequired" */
-&(nid_objs[609]),/* "setCext-certType" */
-&(nid_objs[608]),/* "setCext-hashedRoot" */
-&(nid_objs[610]),/* "setCext-merchData" */
-&(nid_objs[613]),/* "setCext-setExt" */
-&(nid_objs[614]),/* "setCext-setQualf" */
-&(nid_objs[612]),/* "setCext-tunneling" */
-&(nid_objs[540]),/* "setct-AcqCardCodeMsg" */
-&(nid_objs[576]),/* "setct-AcqCardCodeMsgTBE" */
-&(nid_objs[570]),/* "setct-AuthReqTBE" */
-&(nid_objs[534]),/* "setct-AuthReqTBS" */
-&(nid_objs[527]),/* "setct-AuthResBaggage" */
-&(nid_objs[571]),/* "setct-AuthResTBE" */
-&(nid_objs[572]),/* "setct-AuthResTBEX" */
-&(nid_objs[535]),/* "setct-AuthResTBS" */
-&(nid_objs[536]),/* "setct-AuthResTBSX" */
-&(nid_objs[528]),/* "setct-AuthRevReqBaggage" */
-&(nid_objs[577]),/* "setct-AuthRevReqTBE" */
-&(nid_objs[541]),/* "setct-AuthRevReqTBS" */
-&(nid_objs[529]),/* "setct-AuthRevResBaggage" */
-&(nid_objs[542]),/* "setct-AuthRevResData" */
-&(nid_objs[578]),/* "setct-AuthRevResTBE" */
-&(nid_objs[579]),/* "setct-AuthRevResTBEB" */
-&(nid_objs[543]),/* "setct-AuthRevResTBS" */
-&(nid_objs[573]),/* "setct-AuthTokenTBE" */
-&(nid_objs[537]),/* "setct-AuthTokenTBS" */
-&(nid_objs[600]),/* "setct-BCIDistributionTBS" */
-&(nid_objs[558]),/* "setct-BatchAdminReqData" */
-&(nid_objs[592]),/* "setct-BatchAdminReqTBE" */
-&(nid_objs[559]),/* "setct-BatchAdminResData" */
-&(nid_objs[593]),/* "setct-BatchAdminResTBE" */
-&(nid_objs[599]),/* "setct-CRLNotificationResTBS" */
-&(nid_objs[598]),/* "setct-CRLNotificationTBS" */
-&(nid_objs[580]),/* "setct-CapReqTBE" */
-&(nid_objs[581]),/* "setct-CapReqTBEX" */
-&(nid_objs[544]),/* "setct-CapReqTBS" */
-&(nid_objs[545]),/* "setct-CapReqTBSX" */
-&(nid_objs[546]),/* "setct-CapResData" */
-&(nid_objs[582]),/* "setct-CapResTBE" */
-&(nid_objs[583]),/* "setct-CapRevReqTBE" */
-&(nid_objs[584]),/* "setct-CapRevReqTBEX" */
-&(nid_objs[547]),/* "setct-CapRevReqTBS" */
-&(nid_objs[548]),/* "setct-CapRevReqTBSX" */
-&(nid_objs[549]),/* "setct-CapRevResData" */
-&(nid_objs[585]),/* "setct-CapRevResTBE" */
-&(nid_objs[538]),/* "setct-CapTokenData" */
-&(nid_objs[530]),/* "setct-CapTokenSeq" */
-&(nid_objs[574]),/* "setct-CapTokenTBE" */
-&(nid_objs[575]),/* "setct-CapTokenTBEX" */
-&(nid_objs[539]),/* "setct-CapTokenTBS" */
-&(nid_objs[560]),/* "setct-CardCInitResTBS" */
-&(nid_objs[566]),/* "setct-CertInqReqTBS" */
-&(nid_objs[563]),/* "setct-CertReqData" */
-&(nid_objs[595]),/* "setct-CertReqTBE" */
-&(nid_objs[596]),/* "setct-CertReqTBEX" */
-&(nid_objs[564]),/* "setct-CertReqTBS" */
-&(nid_objs[565]),/* "setct-CertResData" */
-&(nid_objs[597]),/* "setct-CertResTBE" */
-&(nid_objs[586]),/* "setct-CredReqTBE" */
-&(nid_objs[587]),/* "setct-CredReqTBEX" */
-&(nid_objs[550]),/* "setct-CredReqTBS" */
-&(nid_objs[551]),/* "setct-CredReqTBSX" */
-&(nid_objs[552]),/* "setct-CredResData" */
-&(nid_objs[588]),/* "setct-CredResTBE" */
-&(nid_objs[589]),/* "setct-CredRevReqTBE" */
-&(nid_objs[590]),/* "setct-CredRevReqTBEX" */
-&(nid_objs[553]),/* "setct-CredRevReqTBS" */
-&(nid_objs[554]),/* "setct-CredRevReqTBSX" */
-&(nid_objs[555]),/* "setct-CredRevResData" */
-&(nid_objs[591]),/* "setct-CredRevResTBE" */
-&(nid_objs[567]),/* "setct-ErrorTBS" */
-&(nid_objs[526]),/* "setct-HODInput" */
-&(nid_objs[561]),/* "setct-MeAqCInitResTBS" */
-&(nid_objs[522]),/* "setct-OIData" */
-&(nid_objs[519]),/* "setct-PANData" */
-&(nid_objs[521]),/* "setct-PANOnly" */
-&(nid_objs[520]),/* "setct-PANToken" */
-&(nid_objs[556]),/* "setct-PCertReqData" */
-&(nid_objs[557]),/* "setct-PCertResTBS" */
-&(nid_objs[523]),/* "setct-PI" */
-&(nid_objs[532]),/* "setct-PI-TBS" */
-&(nid_objs[524]),/* "setct-PIData" */
-&(nid_objs[525]),/* "setct-PIDataUnsigned" */
-&(nid_objs[568]),/* "setct-PIDualSignedTBE" */
-&(nid_objs[569]),/* "setct-PIUnsignedTBE" */
-&(nid_objs[531]),/* "setct-PInitResData" */
-&(nid_objs[533]),/* "setct-PResData" */
-&(nid_objs[594]),/* "setct-RegFormReqTBE" */
-&(nid_objs[562]),/* "setct-RegFormResTBS" */
-&(nid_objs[606]),/* "setext-cv" */
-&(nid_objs[601]),/* "setext-genCrypt" */
-&(nid_objs[602]),/* "setext-miAuth" */
-&(nid_objs[604]),/* "setext-pinAny" */
-&(nid_objs[603]),/* "setext-pinSecure" */
-&(nid_objs[605]),/* "setext-track2" */
+&(nid_objs[689]),/* "set-addPolicy" */
+&(nid_objs[579]),/* "set-attr" */
+&(nid_objs[582]),/* "set-brand" */
+&(nid_objs[702]),/* "set-brand-AmericanExpress" */
+&(nid_objs[701]),/* "set-brand-Diners" */
+&(nid_objs[700]),/* "set-brand-IATA-ATA" */
+&(nid_objs[703]),/* "set-brand-JCB" */
+&(nid_objs[705]),/* "set-brand-MasterCard" */
+&(nid_objs[706]),/* "set-brand-Novus" */
+&(nid_objs[704]),/* "set-brand-Visa" */
+&(nid_objs[581]),/* "set-certExt" */
+&(nid_objs[577]),/* "set-ctype" */
+&(nid_objs[578]),/* "set-msgExt" */
+&(nid_objs[580]),/* "set-policy" */
+&(nid_objs[671]),/* "set-policy-root" */
+&(nid_objs[688]),/* "set-rootKeyThumb" */
+&(nid_objs[684]),/* "setAttr-Cert" */
+&(nid_objs[695]),/* "setAttr-GenCryptgrm" */
+&(nid_objs[687]),/* "setAttr-IssCap" */
+&(nid_objs[692]),/* "setAttr-IssCap-CVM" */
+&(nid_objs[694]),/* "setAttr-IssCap-Sig" */
+&(nid_objs[693]),/* "setAttr-IssCap-T2" */
+&(nid_objs[685]),/* "setAttr-PGWYcap" */
+&(nid_objs[699]),/* "setAttr-SecDevSig" */
+&(nid_objs[696]),/* "setAttr-T2Enc" */
+&(nid_objs[697]),/* "setAttr-T2cleartxt" */
+&(nid_objs[698]),/* "setAttr-TokICCsig" */
+&(nid_objs[691]),/* "setAttr-Token-B0Prime" */
+&(nid_objs[690]),/* "setAttr-Token-EMV" */
+&(nid_objs[686]),/* "setAttr-TokenType" */
+&(nid_objs[683]),/* "setCext-IssuerCapabilities" */
+&(nid_objs[679]),/* "setCext-PGWYcapabilities" */
+&(nid_objs[680]),/* "setCext-TokenIdentifier" */
+&(nid_objs[682]),/* "setCext-TokenType" */
+&(nid_objs[681]),/* "setCext-Track2Data" */
+&(nid_objs[675]),/* "setCext-cCertRequired" */
+&(nid_objs[673]),/* "setCext-certType" */
+&(nid_objs[672]),/* "setCext-hashedRoot" */
+&(nid_objs[674]),/* "setCext-merchData" */
+&(nid_objs[677]),/* "setCext-setExt" */
+&(nid_objs[678]),/* "setCext-setQualf" */
+&(nid_objs[676]),/* "setCext-tunneling" */
+&(nid_objs[604]),/* "setct-AcqCardCodeMsg" */
+&(nid_objs[640]),/* "setct-AcqCardCodeMsgTBE" */
+&(nid_objs[634]),/* "setct-AuthReqTBE" */
+&(nid_objs[598]),/* "setct-AuthReqTBS" */
+&(nid_objs[591]),/* "setct-AuthResBaggage" */
+&(nid_objs[635]),/* "setct-AuthResTBE" */
+&(nid_objs[636]),/* "setct-AuthResTBEX" */
+&(nid_objs[599]),/* "setct-AuthResTBS" */
+&(nid_objs[600]),/* "setct-AuthResTBSX" */
+&(nid_objs[592]),/* "setct-AuthRevReqBaggage" */
+&(nid_objs[641]),/* "setct-AuthRevReqTBE" */
+&(nid_objs[605]),/* "setct-AuthRevReqTBS" */
+&(nid_objs[593]),/* "setct-AuthRevResBaggage" */
+&(nid_objs[606]),/* "setct-AuthRevResData" */
+&(nid_objs[642]),/* "setct-AuthRevResTBE" */
+&(nid_objs[643]),/* "setct-AuthRevResTBEB" */
+&(nid_objs[607]),/* "setct-AuthRevResTBS" */
+&(nid_objs[637]),/* "setct-AuthTokenTBE" */
+&(nid_objs[601]),/* "setct-AuthTokenTBS" */
+&(nid_objs[664]),/* "setct-BCIDistributionTBS" */
+&(nid_objs[622]),/* "setct-BatchAdminReqData" */
+&(nid_objs[656]),/* "setct-BatchAdminReqTBE" */
+&(nid_objs[623]),/* "setct-BatchAdminResData" */
+&(nid_objs[657]),/* "setct-BatchAdminResTBE" */
+&(nid_objs[663]),/* "setct-CRLNotificationResTBS" */
+&(nid_objs[662]),/* "setct-CRLNotificationTBS" */
+&(nid_objs[644]),/* "setct-CapReqTBE" */
+&(nid_objs[645]),/* "setct-CapReqTBEX" */
+&(nid_objs[608]),/* "setct-CapReqTBS" */
+&(nid_objs[609]),/* "setct-CapReqTBSX" */
+&(nid_objs[610]),/* "setct-CapResData" */
+&(nid_objs[646]),/* "setct-CapResTBE" */
+&(nid_objs[647]),/* "setct-CapRevReqTBE" */
+&(nid_objs[648]),/* "setct-CapRevReqTBEX" */
+&(nid_objs[611]),/* "setct-CapRevReqTBS" */
+&(nid_objs[612]),/* "setct-CapRevReqTBSX" */
+&(nid_objs[613]),/* "setct-CapRevResData" */
+&(nid_objs[649]),/* "setct-CapRevResTBE" */
+&(nid_objs[602]),/* "setct-CapTokenData" */
+&(nid_objs[594]),/* "setct-CapTokenSeq" */
+&(nid_objs[638]),/* "setct-CapTokenTBE" */
+&(nid_objs[639]),/* "setct-CapTokenTBEX" */
+&(nid_objs[603]),/* "setct-CapTokenTBS" */
+&(nid_objs[624]),/* "setct-CardCInitResTBS" */
+&(nid_objs[630]),/* "setct-CertInqReqTBS" */
+&(nid_objs[627]),/* "setct-CertReqData" */
+&(nid_objs[659]),/* "setct-CertReqTBE" */
+&(nid_objs[660]),/* "setct-CertReqTBEX" */
+&(nid_objs[628]),/* "setct-CertReqTBS" */
+&(nid_objs[629]),/* "setct-CertResData" */
+&(nid_objs[661]),/* "setct-CertResTBE" */
+&(nid_objs[650]),/* "setct-CredReqTBE" */
+&(nid_objs[651]),/* "setct-CredReqTBEX" */
+&(nid_objs[614]),/* "setct-CredReqTBS" */
+&(nid_objs[615]),/* "setct-CredReqTBSX" */
+&(nid_objs[616]),/* "setct-CredResData" */
+&(nid_objs[652]),/* "setct-CredResTBE" */
+&(nid_objs[653]),/* "setct-CredRevReqTBE" */
+&(nid_objs[654]),/* "setct-CredRevReqTBEX" */
+&(nid_objs[617]),/* "setct-CredRevReqTBS" */
+&(nid_objs[618]),/* "setct-CredRevReqTBSX" */
+&(nid_objs[619]),/* "setct-CredRevResData" */
+&(nid_objs[655]),/* "setct-CredRevResTBE" */
+&(nid_objs[631]),/* "setct-ErrorTBS" */
+&(nid_objs[590]),/* "setct-HODInput" */
+&(nid_objs[625]),/* "setct-MeAqCInitResTBS" */
+&(nid_objs[586]),/* "setct-OIData" */
+&(nid_objs[583]),/* "setct-PANData" */
+&(nid_objs[585]),/* "setct-PANOnly" */
+&(nid_objs[584]),/* "setct-PANToken" */
+&(nid_objs[620]),/* "setct-PCertReqData" */
+&(nid_objs[621]),/* "setct-PCertResTBS" */
+&(nid_objs[587]),/* "setct-PI" */
+&(nid_objs[596]),/* "setct-PI-TBS" */
+&(nid_objs[588]),/* "setct-PIData" */
+&(nid_objs[589]),/* "setct-PIDataUnsigned" */
+&(nid_objs[632]),/* "setct-PIDualSignedTBE" */
+&(nid_objs[633]),/* "setct-PIUnsignedTBE" */
+&(nid_objs[595]),/* "setct-PInitResData" */
+&(nid_objs[597]),/* "setct-PResData" */
+&(nid_objs[658]),/* "setct-RegFormReqTBE" */
+&(nid_objs[626]),/* "setct-RegFormResTBS" */
+&(nid_objs[670]),/* "setext-cv" */
+&(nid_objs[665]),/* "setext-genCrypt" */
+&(nid_objs[666]),/* "setext-miAuth" */
+&(nid_objs[668]),/* "setext-pinAny" */
+&(nid_objs[667]),/* "setext-pinSecure" */
+&(nid_objs[669]),/* "setext-track2" */
&(nid_objs[52]),/* "signingTime" */
&(nid_objs[454]),/* "simpleSecurityObject" */
&(nid_objs[496]),/* "singleLevelQuality" */
&(nid_objs[387]),/* "snmpv2" */
-&(nid_objs[660]),/* "streetAddress" */
&(nid_objs[85]),/* "subjectAltName" */
&(nid_objs[398]),/* "subjectInfoAccess" */
&(nid_objs[82]),/* "subjectKeyIdentifier" */
@@ -2672,27 +2649,27 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[293]),/* "textNotice" */
&(nid_objs[133]),/* "timeStamping" */
&(nid_objs[106]),/* "title" */
-&(nid_objs[668]),/* "tpBasis" */
+&(nid_objs[505]),/* "tpBasis" */
&(nid_objs[375]),/* "trustRoot" */
&(nid_objs[436]),/* "ucl" */
&(nid_objs[55]),/* "unstructuredAddress" */
&(nid_objs[49]),/* "unstructuredName" */
&(nid_objs[465]),/* "userClass" */
&(nid_objs[373]),/* "valid" */
-&(nid_objs[664]),/* "wap" */
-&(nid_objs[665]),/* "wap-wsg" */
-&(nid_objs[721]),/* "wap-wsg-idm-ecid-wtls1" */
-&(nid_objs[729]),/* "wap-wsg-idm-ecid-wtls10" */
-&(nid_objs[730]),/* "wap-wsg-idm-ecid-wtls11" */
-&(nid_objs[731]),/* "wap-wsg-idm-ecid-wtls12" */
-&(nid_objs[722]),/* "wap-wsg-idm-ecid-wtls3" */
-&(nid_objs[723]),/* "wap-wsg-idm-ecid-wtls4" */
-&(nid_objs[724]),/* "wap-wsg-idm-ecid-wtls5" */
-&(nid_objs[725]),/* "wap-wsg-idm-ecid-wtls6" */
-&(nid_objs[726]),/* "wap-wsg-idm-ecid-wtls7" */
-&(nid_objs[727]),/* "wap-wsg-idm-ecid-wtls8" */
-&(nid_objs[728]),/* "wap-wsg-idm-ecid-wtls9" */
-&(nid_objs[503]),/* "x500UniqueIdentifier" */
+&(nid_objs[562]),/* "wap" */
+&(nid_objs[563]),/* "wap-wsg" */
+&(nid_objs[564]),/* "wap-wsg-idm-ecid-wtls1" */
+&(nid_objs[713]),/* "wap-wsg-idm-ecid-wtls10" */
+&(nid_objs[714]),/* "wap-wsg-idm-ecid-wtls11" */
+&(nid_objs[715]),/* "wap-wsg-idm-ecid-wtls12" */
+&(nid_objs[709]),/* "wap-wsg-idm-ecid-wtls3" */
+&(nid_objs[710]),/* "wap-wsg-idm-ecid-wtls4" */
+&(nid_objs[711]),/* "wap-wsg-idm-ecid-wtls5" */
+&(nid_objs[565]),/* "wap-wsg-idm-ecid-wtls6" */
+&(nid_objs[712]),/* "wap-wsg-idm-ecid-wtls7" */
+&(nid_objs[566]),/* "wap-wsg-idm-ecid-wtls8" */
+&(nid_objs[567]),/* "wap-wsg-idm-ecid-wtls9" */
+&(nid_objs[568]),/* "x500UniqueIdentifier" */
&(nid_objs[158]),/* "x509Certificate" */
&(nid_objs[160]),/* "x509Crl" */
};
@@ -2701,7 +2678,6 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[363]),/* "AD Time Stamping" */
&(nid_objs[405]),/* "ANSI X9.62" */
&(nid_objs[368]),/* "Acceptable OCSP Responses" */
-&(nid_objs[748]),/* "Any language" */
&(nid_objs[177]),/* "Authority Information Access" */
&(nid_objs[365]),/* "Basic OCSP Response" */
&(nid_objs[285]),/* "Biometric Info" */
@@ -2718,17 +2694,15 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[430]),/* "Hold Instruction Code" */
&(nid_objs[431]),/* "Hold Instruction None" */
&(nid_objs[433]),/* "Hold Instruction Reject" */
-&(nid_objs[634]),/* "ICC or token signature" */
+&(nid_objs[698]),/* "ICC or token signature" */
&(nid_objs[294]),/* "IPSec End System" */
&(nid_objs[295]),/* "IPSec Tunnel" */
&(nid_objs[296]),/* "IPSec User" */
&(nid_objs[182]),/* "ISO Member Body" */
&(nid_objs[183]),/* "ISO US Member Body" */
-&(nid_objs[750]),/* "Independent" */
-&(nid_objs[749]),/* "Inherit all" */
-&(nid_objs[647]),/* "International Organizations" */
+&(nid_objs[723]),/* "International Organizations" */
&(nid_objs[142]),/* "Invalidity Date" */
-&(nid_objs[504]),/* "MIME MHS" */
+&(nid_objs[569]),/* "MIME MHS" */
&(nid_objs[388]),/* "Mail" */
&(nid_objs[383]),/* "Management" */
&(nid_objs[417]),/* "Microsoft CSP Name" */
@@ -2737,9 +2711,9 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[171]),/* "Microsoft Extension Request" */
&(nid_objs[134]),/* "Microsoft Individual Code Signing" */
&(nid_objs[137]),/* "Microsoft Server Gated Crypto" */
-&(nid_objs[648]),/* "Microsoft Smartcardlogin" */
+&(nid_objs[716]),/* "Microsoft Smartcardlogin" */
&(nid_objs[136]),/* "Microsoft Trust List Signing" */
-&(nid_objs[649]),/* "Microsoft Universal Principal Name" */
+&(nid_objs[717]),/* "Microsoft Universal Principal Name" */
&(nid_objs[393]),/* "NULL" */
&(nid_objs[404]),/* "NULL" */
&(nid_objs[72]),/* "Netscape Base Url" */
@@ -2769,13 +2743,12 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[164]),/* "Policy Qualifier CPS" */
&(nid_objs[165]),/* "Policy Qualifier User Notice" */
&(nid_objs[385]),/* "Private" */
-&(nid_objs[747]),/* "Proxy Certificate Information" */
&(nid_objs[ 1]),/* "RSA Data Security, Inc." */
&(nid_objs[ 2]),/* "RSA Data Security, Inc. PKCS" */
&(nid_objs[188]),/* "S/MIME" */
&(nid_objs[167]),/* "S/MIME Capabilities" */
&(nid_objs[387]),/* "SNMPv2" */
-&(nid_objs[512]),/* "Secure Electronic Transactions" */
+&(nid_objs[576]),/* "Secure Electronic Transactions" */
&(nid_objs[386]),/* "Security" */
&(nid_objs[394]),/* "Selected Attribute Types" */
&(nid_objs[143]),/* "Strong Extranet ID" */
@@ -2786,7 +2759,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[375]),/* "Trust Root" */
&(nid_objs[12]),/* "X509" */
&(nid_objs[402]),/* "X509v3 AC Targeting" */
-&(nid_objs[737]),/* "X509v3 Any Policy" */
+&(nid_objs[718]),/* "X509v3 Any Policy" */
&(nid_objs[90]),/* "X509v3 Authority Key Identifier" */
&(nid_objs[87]),/* "X509v3 Basic Constraints" */
&(nid_objs[103]),/* "X509v3 CRL Distribution Points" */
@@ -2795,13 +2768,13 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[89]),/* "X509v3 Certificate Policies" */
&(nid_objs[140]),/* "X509v3 Delta CRL Indicator" */
&(nid_objs[126]),/* "X509v3 Extended Key Usage" */
-&(nid_objs[739]),/* "X509v3 Inhibit Any Policy" */
+&(nid_objs[736]),/* "X509v3 Inhibit Any Policy" */
&(nid_objs[86]),/* "X509v3 Issuer Alternative Name" */
&(nid_objs[83]),/* "X509v3 Key Usage" */
-&(nid_objs[736]),/* "X509v3 Name Constraints" */
+&(nid_objs[720]),/* "X509v3 Name Constraints" */
&(nid_objs[403]),/* "X509v3 No Revocation Available" */
&(nid_objs[401]),/* "X509v3 Policy Constraints" */
-&(nid_objs[738]),/* "X509v3 Policy Mappings" */
+&(nid_objs[719]),/* "X509v3 Policy Mappings" */
&(nid_objs[84]),/* "X509v3 Private Key Usage Period" */
&(nid_objs[85]),/* "X509v3 Subject Alternative Name" */
&(nid_objs[82]),/* "X509v3 Subject Key Identifier" */
@@ -2814,23 +2787,23 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[288]),/* "ac-targeting" */
&(nid_objs[446]),/* "account" */
&(nid_objs[364]),/* "ad dvcs" */
-&(nid_objs[606]),/* "additional verification" */
+&(nid_objs[670]),/* "additional verification" */
&(nid_objs[419]),/* "aes-128-cbc" */
&(nid_objs[421]),/* "aes-128-cfb" */
-&(nid_objs[650]),/* "aes-128-cfb1" */
-&(nid_objs[653]),/* "aes-128-cfb8" */
+&(nid_objs[726]),/* "aes-128-cfb1" */
+&(nid_objs[729]),/* "aes-128-cfb8" */
&(nid_objs[418]),/* "aes-128-ecb" */
&(nid_objs[420]),/* "aes-128-ofb" */
&(nid_objs[423]),/* "aes-192-cbc" */
&(nid_objs[425]),/* "aes-192-cfb" */
-&(nid_objs[651]),/* "aes-192-cfb1" */
-&(nid_objs[654]),/* "aes-192-cfb8" */
+&(nid_objs[727]),/* "aes-192-cfb1" */
+&(nid_objs[730]),/* "aes-192-cfb8" */
&(nid_objs[422]),/* "aes-192-ecb" */
&(nid_objs[424]),/* "aes-192-ofb" */
&(nid_objs[427]),/* "aes-256-cbc" */
&(nid_objs[429]),/* "aes-256-cfb" */
-&(nid_objs[652]),/* "aes-256-cfb1" */
-&(nid_objs[655]),/* "aes-256-cfb8" */
+&(nid_objs[728]),/* "aes-256-cfb1" */
+&(nid_objs[731]),/* "aes-256-cfb8" */
&(nid_objs[426]),/* "aes-256-ecb" */
&(nid_objs[428]),/* "aes-256-ofb" */
&(nid_objs[376]),/* "algorithm" */
@@ -2842,26 +2815,26 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[92]),/* "bf-ecb" */
&(nid_objs[94]),/* "bf-ofb" */
&(nid_objs[494]),/* "buildingName" */
-&(nid_objs[677]),/* "c2onb191v4" */
-&(nid_objs[678]),/* "c2onb191v5" */
-&(nid_objs[683]),/* "c2onb239v4" */
-&(nid_objs[684]),/* "c2onb239v5" */
-&(nid_objs[670]),/* "c2pnb163v1" */
-&(nid_objs[671]),/* "c2pnb163v2" */
-&(nid_objs[672]),/* "c2pnb163v3" */
-&(nid_objs[673]),/* "c2pnb176v1" */
-&(nid_objs[679]),/* "c2pnb208w1" */
-&(nid_objs[685]),/* "c2pnb272w1" */
-&(nid_objs[686]),/* "c2pnb304w1" */
-&(nid_objs[688]),/* "c2pnb368w1" */
-&(nid_objs[674]),/* "c2tnb191v1" */
-&(nid_objs[675]),/* "c2tnb191v2" */
-&(nid_objs[676]),/* "c2tnb191v3" */
-&(nid_objs[680]),/* "c2tnb239v1" */
-&(nid_objs[681]),/* "c2tnb239v2" */
-&(nid_objs[682]),/* "c2tnb239v3" */
-&(nid_objs[687]),/* "c2tnb359v1" */
-&(nid_objs[689]),/* "c2tnb431r1" */
+&(nid_objs[514]),/* "c2onb191v4" */
+&(nid_objs[515]),/* "c2onb191v5" */
+&(nid_objs[520]),/* "c2onb239v4" */
+&(nid_objs[521]),/* "c2onb239v5" */
+&(nid_objs[507]),/* "c2pnb163v1" */
+&(nid_objs[508]),/* "c2pnb163v2" */
+&(nid_objs[509]),/* "c2pnb163v3" */
+&(nid_objs[510]),/* "c2pnb176v1" */
+&(nid_objs[516]),/* "c2pnb208w1" */
+&(nid_objs[522]),/* "c2pnb272w1" */
+&(nid_objs[523]),/* "c2pnb304w1" */
+&(nid_objs[525]),/* "c2pnb368w1" */
+&(nid_objs[511]),/* "c2tnb191v1" */
+&(nid_objs[512]),/* "c2tnb191v2" */
+&(nid_objs[513]),/* "c2tnb191v3" */
+&(nid_objs[517]),/* "c2tnb239v1" */
+&(nid_objs[518]),/* "c2tnb239v2" */
+&(nid_objs[519]),/* "c2tnb239v3" */
+&(nid_objs[524]),/* "c2tnb359v1" */
+&(nid_objs[526]),/* "c2tnb431r1" */
&(nid_objs[483]),/* "cNAMERecord" */
&(nid_objs[443]),/* "caseIgnoreIA5StringSyntax" */
&(nid_objs[108]),/* "cast5-cbc" */
@@ -2869,14 +2842,14 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[109]),/* "cast5-ecb" */
&(nid_objs[111]),/* "cast5-ofb" */
&(nid_objs[152]),/* "certBag" */
-&(nid_objs[663]),/* "certicom-arc" */
-&(nid_objs[517]),/* "certificate extensions" */
+&(nid_objs[528]),/* "certicom-arc" */
+&(nid_objs[581]),/* "certificate extensions" */
&(nid_objs[54]),/* "challengePassword" */
&(nid_objs[407]),/* "characteristic-two-field" */
&(nid_objs[395]),/* "clearance" */
-&(nid_objs[633]),/* "cleartext track 2" */
+&(nid_objs[697]),/* "cleartext track 2" */
&(nid_objs[13]),/* "commonName" */
-&(nid_objs[513]),/* "content types" */
+&(nid_objs[577]),/* "content types" */
&(nid_objs[50]),/* "contentType" */
&(nid_objs[53]),/* "countersignature" */
&(nid_objs[14]),/* "countryName" */
@@ -2887,10 +2860,10 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[434]),/* "data" */
&(nid_objs[390]),/* "dcObject" */
&(nid_objs[31]),/* "des-cbc" */
-&(nid_objs[643]),/* "des-cdmf" */
+&(nid_objs[707]),/* "des-cdmf" */
&(nid_objs[30]),/* "des-cfb" */
-&(nid_objs[656]),/* "des-cfb1" */
-&(nid_objs[657]),/* "des-cfb8" */
+&(nid_objs[732]),/* "des-cfb1" */
+&(nid_objs[733]),/* "des-cfb8" */
&(nid_objs[29]),/* "des-ecb" */
&(nid_objs[32]),/* "des-ede" */
&(nid_objs[43]),/* "des-ede-cbc" */
@@ -2899,8 +2872,8 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[33]),/* "des-ede3" */
&(nid_objs[44]),/* "des-ede3-cbc" */
&(nid_objs[61]),/* "des-ede3-cfb" */
-&(nid_objs[658]),/* "des-ede3-cfb1" */
-&(nid_objs[659]),/* "des-ede3-cfb8" */
+&(nid_objs[734]),/* "des-ede3-cfb1" */
+&(nid_objs[735]),/* "des-ede3-cfb8" */
&(nid_objs[63]),/* "des-ede3-ofb" */
&(nid_objs[45]),/* "des-ofb" */
&(nid_objs[107]),/* "description" */
@@ -2928,15 +2901,15 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[297]),/* "dvcs" */
&(nid_objs[416]),/* "ecdsa-with-SHA1" */
&(nid_objs[48]),/* "emailAddress" */
-&(nid_objs[632]),/* "encrypted track 2" */
+&(nid_objs[696]),/* "encrypted track 2" */
&(nid_objs[56]),/* "extendedCertificateAttributes" */
&(nid_objs[462]),/* "favouriteDrink" */
&(nid_objs[453]),/* "friendlyCountry" */
&(nid_objs[490]),/* "friendlyCountryName" */
&(nid_objs[156]),/* "friendlyName" */
-&(nid_objs[631]),/* "generate cryptogram" */
-&(nid_objs[509]),/* "generationQualifier" */
-&(nid_objs[601]),/* "generic cryptogram" */
+&(nid_objs[695]),/* "generate cryptogram" */
+&(nid_objs[574]),/* "generationQualifier" */
+&(nid_objs[665]),/* "generic cryptogram" */
&(nid_objs[99]),/* "givenName" */
&(nid_objs[163]),/* "hmacWithSHA1" */
&(nid_objs[486]),/* "homePostalAddress" */
@@ -2962,7 +2935,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[362]),/* "id-cct-PKIResponse" */
&(nid_objs[360]),/* "id-cct-crs" */
&(nid_objs[81]),/* "id-ce" */
-&(nid_objs[666]),/* "id-characteristic-two-basis" */
+&(nid_objs[503]),/* "id-characteristic-two-basis" */
&(nid_objs[263]),/* "id-cmc" */
&(nid_objs[334]),/* "id-cmc-addExtensions" */
&(nid_objs[346]),/* "id-cmc-confirmCertAcceptance" */
@@ -2985,8 +2958,8 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[327]),/* "id-cmc-statusInfo" */
&(nid_objs[331]),/* "id-cmc-transactionId" */
&(nid_objs[408]),/* "id-ecPublicKey" */
-&(nid_objs[508]),/* "id-hex-multipart-message" */
-&(nid_objs[507]),/* "id-hex-partial-message" */
+&(nid_objs[573]),/* "id-hex-multipart-message" */
+&(nid_objs[572]),/* "id-hex-partial-message" */
&(nid_objs[260]),/* "id-it" */
&(nid_objs[302]),/* "id-it-caKeyUpdateInfo" */
&(nid_objs[298]),/* "id-it-caProtEncCert" */
@@ -3031,7 +3004,6 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[271]),/* "id-pkix1-explicit-93" */
&(nid_objs[270]),/* "id-pkix1-implicit-88" */
&(nid_objs[272]),/* "id-pkix1-implicit-93" */
-&(nid_objs[746]),/* "id-ppl" */
&(nid_objs[267]),/* "id-qcs" */
&(nid_objs[359]),/* "id-qcs-pkixQCSyntax-v1" */
&(nid_objs[259]),/* "id-qt" */
@@ -3117,16 +3089,16 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[35]),/* "idea-cfb" */
&(nid_objs[36]),/* "idea-ecb" */
&(nid_objs[46]),/* "idea-ofb" */
-&(nid_objs[662]),/* "identified-organization" */
+&(nid_objs[527]),/* "identified-organization" */
&(nid_objs[461]),/* "info" */
&(nid_objs[101]),/* "initials" */
-&(nid_objs[744]),/* "ipsec3" */
-&(nid_objs[745]),/* "ipsec4" */
+&(nid_objs[724]),/* "ipsec3" */
+&(nid_objs[725]),/* "ipsec4" */
&(nid_objs[181]),/* "iso" */
-&(nid_objs[623]),/* "issuer capabilities" */
-&(nid_objs[645]),/* "itu-t" */
+&(nid_objs[687]),/* "issuer capabilities" */
+&(nid_objs[721]),/* "itu-t" */
&(nid_objs[492]),/* "janetMailbox" */
-&(nid_objs[646]),/* "joint-iso-itu-t" */
+&(nid_objs[722]),/* "joint-iso-itu-t" */
&(nid_objs[150]),/* "keyBag" */
&(nid_objs[477]),/* "lastModifiedBy" */
&(nid_objs[476]),/* "lastModifiedTime" */
@@ -3145,15 +3117,15 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[ 8]),/* "md5WithRSAEncryption" */
&(nid_objs[95]),/* "mdc2" */
&(nid_objs[96]),/* "mdc2WithRSA" */
-&(nid_objs[602]),/* "merchant initiated auth" */
-&(nid_objs[514]),/* "message extensions" */
+&(nid_objs[666]),/* "merchant initiated auth" */
+&(nid_objs[578]),/* "message extensions" */
&(nid_objs[51]),/* "messageDigest" */
-&(nid_objs[506]),/* "mime-mhs-bodies" */
-&(nid_objs[505]),/* "mime-mhs-headings" */
+&(nid_objs[571]),/* "mime-mhs-bodies" */
+&(nid_objs[570]),/* "mime-mhs-headings" */
&(nid_objs[488]),/* "mobileTelephoneNumber" */
&(nid_objs[481]),/* "nSRecord" */
&(nid_objs[173]),/* "name" */
-&(nid_objs[667]),/* "onBasis" */
+&(nid_objs[504]),/* "onBasis" */
&(nid_objs[379]),/* "org" */
&(nid_objs[17]),/* "organizationName" */
&(nid_objs[491]),/* "organizationalStatus" */
@@ -3161,7 +3133,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[475]),/* "otherMailbox" */
&(nid_objs[489]),/* "pagerTelephoneNumber" */
&(nid_objs[374]),/* "path" */
-&(nid_objs[621]),/* "payment gateway capabilities" */
+&(nid_objs[685]),/* "payment gateway capabilities" */
&(nid_objs[ 9]),/* "pbeWithMD2AndDES-CBC" */
&(nid_objs[168]),/* "pbeWithMD2AndRC2-CBC" */
&(nid_objs[112]),/* "pbeWithMD5AndCast5CBC" */
@@ -3200,8 +3172,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[22]),/* "pkcs7-signedData" */
&(nid_objs[151]),/* "pkcs8ShroudedKeyBag" */
&(nid_objs[47]),/* "pkcs9" */
-&(nid_objs[661]),/* "postalCode" */
-&(nid_objs[669]),/* "ppBasis" */
+&(nid_objs[506]),/* "ppBasis" */
&(nid_objs[406]),/* "prime-field" */
&(nid_objs[409]),/* "prime192v1" */
&(nid_objs[410]),/* "prime192v2" */
@@ -3210,7 +3181,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[413]),/* "prime239v2" */
&(nid_objs[414]),/* "prime239v3" */
&(nid_objs[415]),/* "prime256v1" */
-&(nid_objs[510]),/* "pseudonym" */
+&(nid_objs[575]),/* "pseudonym" */
&(nid_objs[435]),/* "pss" */
&(nid_objs[286]),/* "qcStatements" */
&(nid_objs[457]),/* "qualityLabelledData" */
@@ -3235,7 +3206,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[463]),/* "roomNumber" */
&(nid_objs[19]),/* "rsa" */
&(nid_objs[ 6]),/* "rsaEncryption" */
-&(nid_objs[644]),/* "rsaOAEPEncryptionSET" */
+&(nid_objs[708]),/* "rsaOAEPEncryptionSET" */
&(nid_objs[377]),/* "rsaSignature" */
&(nid_objs[124]),/* "run length compression" */
&(nid_objs[482]),/* "sOARecord" */
@@ -3244,183 +3215,182 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[290]),/* "sbqp-ipAddrBlock" */
&(nid_objs[292]),/* "sbqp-routerIdentifier" */
&(nid_objs[159]),/* "sdsiCertificate" */
-&(nid_objs[690]),/* "secp112r1" */
-&(nid_objs[691]),/* "secp112r2" */
-&(nid_objs[692]),/* "secp128r1" */
-&(nid_objs[693]),/* "secp128r2" */
-&(nid_objs[694]),/* "secp160k1" */
-&(nid_objs[695]),/* "secp160r1" */
-&(nid_objs[696]),/* "secp160r2" */
-&(nid_objs[697]),/* "secp192k1" */
-&(nid_objs[698]),/* "secp224k1" */
-&(nid_objs[699]),/* "secp224r1" */
-&(nid_objs[700]),/* "secp256k1" */
-&(nid_objs[701]),/* "secp384r1" */
-&(nid_objs[702]),/* "secp521r1" */
+&(nid_objs[529]),/* "secp112r1" */
+&(nid_objs[530]),/* "secp112r2" */
+&(nid_objs[531]),/* "secp128r1" */
+&(nid_objs[532]),/* "secp128r2" */
+&(nid_objs[533]),/* "secp160k1" */
+&(nid_objs[534]),/* "secp160r1" */
+&(nid_objs[535]),/* "secp160r2" */
+&(nid_objs[536]),/* "secp192k1" */
+&(nid_objs[538]),/* "secp224k1" */
+&(nid_objs[539]),/* "secp224r1" */
+&(nid_objs[540]),/* "secp256k1" */
+&(nid_objs[542]),/* "secp384r1" */
+&(nid_objs[543]),/* "secp521r1" */
&(nid_objs[154]),/* "secretBag" */
&(nid_objs[474]),/* "secretary" */
-&(nid_objs[703]),/* "sect113r1" */
-&(nid_objs[704]),/* "sect113r2" */
-&(nid_objs[705]),/* "sect131r1" */
-&(nid_objs[706]),/* "sect131r2" */
-&(nid_objs[707]),/* "sect163k1" */
-&(nid_objs[708]),/* "sect163r1" */
-&(nid_objs[709]),/* "sect163r2" */
-&(nid_objs[710]),/* "sect193r1" */
-&(nid_objs[711]),/* "sect193r2" */
-&(nid_objs[712]),/* "sect233k1" */
-&(nid_objs[713]),/* "sect233r1" */
-&(nid_objs[714]),/* "sect239k1" */
-&(nid_objs[715]),/* "sect283k1" */
-&(nid_objs[716]),/* "sect283r1" */
-&(nid_objs[717]),/* "sect409k1" */
-&(nid_objs[718]),/* "sect409r1" */
-&(nid_objs[719]),/* "sect571k1" */
-&(nid_objs[720]),/* "sect571r1" */
-&(nid_objs[635]),/* "secure device signature" */
+&(nid_objs[544]),/* "sect113r1" */
+&(nid_objs[545]),/* "sect113r2" */
+&(nid_objs[546]),/* "sect131r1" */
+&(nid_objs[547]),/* "sect131r2" */
+&(nid_objs[548]),/* "sect163k1" */
+&(nid_objs[549]),/* "sect163r1" */
+&(nid_objs[550]),/* "sect163r2" */
+&(nid_objs[551]),/* "sect193r1" */
+&(nid_objs[552]),/* "sect193r2" */
+&(nid_objs[553]),/* "sect233k1" */
+&(nid_objs[554]),/* "sect233r1" */
+&(nid_objs[555]),/* "sect239k1" */
+&(nid_objs[556]),/* "sect283k1" */
+&(nid_objs[557]),/* "sect283r1" */
+&(nid_objs[558]),/* "sect409k1" */
+&(nid_objs[559]),/* "sect409r1" */
+&(nid_objs[560]),/* "sect571k1" */
+&(nid_objs[561]),/* "sect571r1" */
+&(nid_objs[699]),/* "secure device signature" */
&(nid_objs[105]),/* "serialNumber" */
-&(nid_objs[625]),/* "set-addPolicy" */
-&(nid_objs[515]),/* "set-attr" */
-&(nid_objs[518]),/* "set-brand" */
-&(nid_objs[638]),/* "set-brand-AmericanExpress" */
-&(nid_objs[637]),/* "set-brand-Diners" */
-&(nid_objs[636]),/* "set-brand-IATA-ATA" */
-&(nid_objs[639]),/* "set-brand-JCB" */
-&(nid_objs[641]),/* "set-brand-MasterCard" */
-&(nid_objs[642]),/* "set-brand-Novus" */
-&(nid_objs[640]),/* "set-brand-Visa" */
-&(nid_objs[516]),/* "set-policy" */
-&(nid_objs[607]),/* "set-policy-root" */
-&(nid_objs[624]),/* "set-rootKeyThumb" */
-&(nid_objs[620]),/* "setAttr-Cert" */
-&(nid_objs[628]),/* "setAttr-IssCap-CVM" */
-&(nid_objs[630]),/* "setAttr-IssCap-Sig" */
-&(nid_objs[629]),/* "setAttr-IssCap-T2" */
-&(nid_objs[627]),/* "setAttr-Token-B0Prime" */
-&(nid_objs[626]),/* "setAttr-Token-EMV" */
-&(nid_objs[622]),/* "setAttr-TokenType" */
-&(nid_objs[619]),/* "setCext-IssuerCapabilities" */
-&(nid_objs[615]),/* "setCext-PGWYcapabilities" */
-&(nid_objs[616]),/* "setCext-TokenIdentifier" */
-&(nid_objs[618]),/* "setCext-TokenType" */
-&(nid_objs[617]),/* "setCext-Track2Data" */
-&(nid_objs[611]),/* "setCext-cCertRequired" */
-&(nid_objs[609]),/* "setCext-certType" */
-&(nid_objs[608]),/* "setCext-hashedRoot" */
-&(nid_objs[610]),/* "setCext-merchData" */
-&(nid_objs[613]),/* "setCext-setExt" */
-&(nid_objs[614]),/* "setCext-setQualf" */
-&(nid_objs[612]),/* "setCext-tunneling" */
-&(nid_objs[540]),/* "setct-AcqCardCodeMsg" */
-&(nid_objs[576]),/* "setct-AcqCardCodeMsgTBE" */
-&(nid_objs[570]),/* "setct-AuthReqTBE" */
-&(nid_objs[534]),/* "setct-AuthReqTBS" */
-&(nid_objs[527]),/* "setct-AuthResBaggage" */
-&(nid_objs[571]),/* "setct-AuthResTBE" */
-&(nid_objs[572]),/* "setct-AuthResTBEX" */
-&(nid_objs[535]),/* "setct-AuthResTBS" */
-&(nid_objs[536]),/* "setct-AuthResTBSX" */
-&(nid_objs[528]),/* "setct-AuthRevReqBaggage" */
-&(nid_objs[577]),/* "setct-AuthRevReqTBE" */
-&(nid_objs[541]),/* "setct-AuthRevReqTBS" */
-&(nid_objs[529]),/* "setct-AuthRevResBaggage" */
-&(nid_objs[542]),/* "setct-AuthRevResData" */
-&(nid_objs[578]),/* "setct-AuthRevResTBE" */
-&(nid_objs[579]),/* "setct-AuthRevResTBEB" */
-&(nid_objs[543]),/* "setct-AuthRevResTBS" */
-&(nid_objs[573]),/* "setct-AuthTokenTBE" */
-&(nid_objs[537]),/* "setct-AuthTokenTBS" */
-&(nid_objs[600]),/* "setct-BCIDistributionTBS" */
-&(nid_objs[558]),/* "setct-BatchAdminReqData" */
-&(nid_objs[592]),/* "setct-BatchAdminReqTBE" */
-&(nid_objs[559]),/* "setct-BatchAdminResData" */
-&(nid_objs[593]),/* "setct-BatchAdminResTBE" */
-&(nid_objs[599]),/* "setct-CRLNotificationResTBS" */
-&(nid_objs[598]),/* "setct-CRLNotificationTBS" */
-&(nid_objs[580]),/* "setct-CapReqTBE" */
-&(nid_objs[581]),/* "setct-CapReqTBEX" */
-&(nid_objs[544]),/* "setct-CapReqTBS" */
-&(nid_objs[545]),/* "setct-CapReqTBSX" */
-&(nid_objs[546]),/* "setct-CapResData" */
-&(nid_objs[582]),/* "setct-CapResTBE" */
-&(nid_objs[583]),/* "setct-CapRevReqTBE" */
-&(nid_objs[584]),/* "setct-CapRevReqTBEX" */
-&(nid_objs[547]),/* "setct-CapRevReqTBS" */
-&(nid_objs[548]),/* "setct-CapRevReqTBSX" */
-&(nid_objs[549]),/* "setct-CapRevResData" */
-&(nid_objs[585]),/* "setct-CapRevResTBE" */
-&(nid_objs[538]),/* "setct-CapTokenData" */
-&(nid_objs[530]),/* "setct-CapTokenSeq" */
-&(nid_objs[574]),/* "setct-CapTokenTBE" */
-&(nid_objs[575]),/* "setct-CapTokenTBEX" */
-&(nid_objs[539]),/* "setct-CapTokenTBS" */
-&(nid_objs[560]),/* "setct-CardCInitResTBS" */
-&(nid_objs[566]),/* "setct-CertInqReqTBS" */
-&(nid_objs[563]),/* "setct-CertReqData" */
-&(nid_objs[595]),/* "setct-CertReqTBE" */
-&(nid_objs[596]),/* "setct-CertReqTBEX" */
-&(nid_objs[564]),/* "setct-CertReqTBS" */
-&(nid_objs[565]),/* "setct-CertResData" */
-&(nid_objs[597]),/* "setct-CertResTBE" */
-&(nid_objs[586]),/* "setct-CredReqTBE" */
-&(nid_objs[587]),/* "setct-CredReqTBEX" */
-&(nid_objs[550]),/* "setct-CredReqTBS" */
-&(nid_objs[551]),/* "setct-CredReqTBSX" */
-&(nid_objs[552]),/* "setct-CredResData" */
-&(nid_objs[588]),/* "setct-CredResTBE" */
-&(nid_objs[589]),/* "setct-CredRevReqTBE" */
-&(nid_objs[590]),/* "setct-CredRevReqTBEX" */
-&(nid_objs[553]),/* "setct-CredRevReqTBS" */
-&(nid_objs[554]),/* "setct-CredRevReqTBSX" */
-&(nid_objs[555]),/* "setct-CredRevResData" */
-&(nid_objs[591]),/* "setct-CredRevResTBE" */
-&(nid_objs[567]),/* "setct-ErrorTBS" */
-&(nid_objs[526]),/* "setct-HODInput" */
-&(nid_objs[561]),/* "setct-MeAqCInitResTBS" */
-&(nid_objs[522]),/* "setct-OIData" */
-&(nid_objs[519]),/* "setct-PANData" */
-&(nid_objs[521]),/* "setct-PANOnly" */
-&(nid_objs[520]),/* "setct-PANToken" */
-&(nid_objs[556]),/* "setct-PCertReqData" */
-&(nid_objs[557]),/* "setct-PCertResTBS" */
-&(nid_objs[523]),/* "setct-PI" */
-&(nid_objs[532]),/* "setct-PI-TBS" */
-&(nid_objs[524]),/* "setct-PIData" */
-&(nid_objs[525]),/* "setct-PIDataUnsigned" */
-&(nid_objs[568]),/* "setct-PIDualSignedTBE" */
-&(nid_objs[569]),/* "setct-PIUnsignedTBE" */
-&(nid_objs[531]),/* "setct-PInitResData" */
-&(nid_objs[533]),/* "setct-PResData" */
-&(nid_objs[594]),/* "setct-RegFormReqTBE" */
-&(nid_objs[562]),/* "setct-RegFormResTBS" */
-&(nid_objs[604]),/* "setext-pinAny" */
-&(nid_objs[603]),/* "setext-pinSecure" */
-&(nid_objs[605]),/* "setext-track2" */
+&(nid_objs[689]),/* "set-addPolicy" */
+&(nid_objs[579]),/* "set-attr" */
+&(nid_objs[582]),/* "set-brand" */
+&(nid_objs[702]),/* "set-brand-AmericanExpress" */
+&(nid_objs[701]),/* "set-brand-Diners" */
+&(nid_objs[700]),/* "set-brand-IATA-ATA" */
+&(nid_objs[703]),/* "set-brand-JCB" */
+&(nid_objs[705]),/* "set-brand-MasterCard" */
+&(nid_objs[706]),/* "set-brand-Novus" */
+&(nid_objs[704]),/* "set-brand-Visa" */
+&(nid_objs[580]),/* "set-policy" */
+&(nid_objs[671]),/* "set-policy-root" */
+&(nid_objs[688]),/* "set-rootKeyThumb" */
+&(nid_objs[684]),/* "setAttr-Cert" */
+&(nid_objs[692]),/* "setAttr-IssCap-CVM" */
+&(nid_objs[694]),/* "setAttr-IssCap-Sig" */
+&(nid_objs[693]),/* "setAttr-IssCap-T2" */
+&(nid_objs[691]),/* "setAttr-Token-B0Prime" */
+&(nid_objs[690]),/* "setAttr-Token-EMV" */
+&(nid_objs[686]),/* "setAttr-TokenType" */
+&(nid_objs[683]),/* "setCext-IssuerCapabilities" */
+&(nid_objs[679]),/* "setCext-PGWYcapabilities" */
+&(nid_objs[680]),/* "setCext-TokenIdentifier" */
+&(nid_objs[682]),/* "setCext-TokenType" */
+&(nid_objs[681]),/* "setCext-Track2Data" */
+&(nid_objs[675]),/* "setCext-cCertRequired" */
+&(nid_objs[673]),/* "setCext-certType" */
+&(nid_objs[672]),/* "setCext-hashedRoot" */
+&(nid_objs[674]),/* "setCext-merchData" */
+&(nid_objs[677]),/* "setCext-setExt" */
+&(nid_objs[678]),/* "setCext-setQualf" */
+&(nid_objs[676]),/* "setCext-tunneling" */
+&(nid_objs[604]),/* "setct-AcqCardCodeMsg" */
+&(nid_objs[640]),/* "setct-AcqCardCodeMsgTBE" */
+&(nid_objs[634]),/* "setct-AuthReqTBE" */
+&(nid_objs[598]),/* "setct-AuthReqTBS" */
+&(nid_objs[591]),/* "setct-AuthResBaggage" */
+&(nid_objs[635]),/* "setct-AuthResTBE" */
+&(nid_objs[636]),/* "setct-AuthResTBEX" */
+&(nid_objs[599]),/* "setct-AuthResTBS" */
+&(nid_objs[600]),/* "setct-AuthResTBSX" */
+&(nid_objs[592]),/* "setct-AuthRevReqBaggage" */
+&(nid_objs[641]),/* "setct-AuthRevReqTBE" */
+&(nid_objs[605]),/* "setct-AuthRevReqTBS" */
+&(nid_objs[593]),/* "setct-AuthRevResBaggage" */
+&(nid_objs[606]),/* "setct-AuthRevResData" */
+&(nid_objs[642]),/* "setct-AuthRevResTBE" */
+&(nid_objs[643]),/* "setct-AuthRevResTBEB" */
+&(nid_objs[607]),/* "setct-AuthRevResTBS" */
+&(nid_objs[637]),/* "setct-AuthTokenTBE" */
+&(nid_objs[601]),/* "setct-AuthTokenTBS" */
+&(nid_objs[664]),/* "setct-BCIDistributionTBS" */
+&(nid_objs[622]),/* "setct-BatchAdminReqData" */
+&(nid_objs[656]),/* "setct-BatchAdminReqTBE" */
+&(nid_objs[623]),/* "setct-BatchAdminResData" */
+&(nid_objs[657]),/* "setct-BatchAdminResTBE" */
+&(nid_objs[663]),/* "setct-CRLNotificationResTBS" */
+&(nid_objs[662]),/* "setct-CRLNotificationTBS" */
+&(nid_objs[644]),/* "setct-CapReqTBE" */
+&(nid_objs[645]),/* "setct-CapReqTBEX" */
+&(nid_objs[608]),/* "setct-CapReqTBS" */
+&(nid_objs[609]),/* "setct-CapReqTBSX" */
+&(nid_objs[610]),/* "setct-CapResData" */
+&(nid_objs[646]),/* "setct-CapResTBE" */
+&(nid_objs[647]),/* "setct-CapRevReqTBE" */
+&(nid_objs[648]),/* "setct-CapRevReqTBEX" */
+&(nid_objs[611]),/* "setct-CapRevReqTBS" */
+&(nid_objs[612]),/* "setct-CapRevReqTBSX" */
+&(nid_objs[613]),/* "setct-CapRevResData" */
+&(nid_objs[649]),/* "setct-CapRevResTBE" */
+&(nid_objs[602]),/* "setct-CapTokenData" */
+&(nid_objs[594]),/* "setct-CapTokenSeq" */
+&(nid_objs[638]),/* "setct-CapTokenTBE" */
+&(nid_objs[639]),/* "setct-CapTokenTBEX" */
+&(nid_objs[603]),/* "setct-CapTokenTBS" */
+&(nid_objs[624]),/* "setct-CardCInitResTBS" */
+&(nid_objs[630]),/* "setct-CertInqReqTBS" */
+&(nid_objs[627]),/* "setct-CertReqData" */
+&(nid_objs[659]),/* "setct-CertReqTBE" */
+&(nid_objs[660]),/* "setct-CertReqTBEX" */
+&(nid_objs[628]),/* "setct-CertReqTBS" */
+&(nid_objs[629]),/* "setct-CertResData" */
+&(nid_objs[661]),/* "setct-CertResTBE" */
+&(nid_objs[650]),/* "setct-CredReqTBE" */
+&(nid_objs[651]),/* "setct-CredReqTBEX" */
+&(nid_objs[614]),/* "setct-CredReqTBS" */
+&(nid_objs[615]),/* "setct-CredReqTBSX" */
+&(nid_objs[616]),/* "setct-CredResData" */
+&(nid_objs[652]),/* "setct-CredResTBE" */
+&(nid_objs[653]),/* "setct-CredRevReqTBE" */
+&(nid_objs[654]),/* "setct-CredRevReqTBEX" */
+&(nid_objs[617]),/* "setct-CredRevReqTBS" */
+&(nid_objs[618]),/* "setct-CredRevReqTBSX" */
+&(nid_objs[619]),/* "setct-CredRevResData" */
+&(nid_objs[655]),/* "setct-CredRevResTBE" */
+&(nid_objs[631]),/* "setct-ErrorTBS" */
+&(nid_objs[590]),/* "setct-HODInput" */
+&(nid_objs[625]),/* "setct-MeAqCInitResTBS" */
+&(nid_objs[586]),/* "setct-OIData" */
+&(nid_objs[583]),/* "setct-PANData" */
+&(nid_objs[585]),/* "setct-PANOnly" */
+&(nid_objs[584]),/* "setct-PANToken" */
+&(nid_objs[620]),/* "setct-PCertReqData" */
+&(nid_objs[621]),/* "setct-PCertResTBS" */
+&(nid_objs[587]),/* "setct-PI" */
+&(nid_objs[596]),/* "setct-PI-TBS" */
+&(nid_objs[588]),/* "setct-PIData" */
+&(nid_objs[589]),/* "setct-PIDataUnsigned" */
+&(nid_objs[632]),/* "setct-PIDualSignedTBE" */
+&(nid_objs[633]),/* "setct-PIUnsignedTBE" */
+&(nid_objs[595]),/* "setct-PInitResData" */
+&(nid_objs[597]),/* "setct-PResData" */
+&(nid_objs[658]),/* "setct-RegFormReqTBE" */
+&(nid_objs[626]),/* "setct-RegFormResTBS" */
+&(nid_objs[668]),/* "setext-pinAny" */
+&(nid_objs[667]),/* "setext-pinSecure" */
+&(nid_objs[669]),/* "setext-track2" */
&(nid_objs[41]),/* "sha" */
&(nid_objs[64]),/* "sha1" */
&(nid_objs[115]),/* "sha1WithRSA" */
&(nid_objs[65]),/* "sha1WithRSAEncryption" */
-&(nid_objs[743]),/* "sha224" */
-&(nid_objs[735]),/* "sha224WithRSAEncryption" */
-&(nid_objs[740]),/* "sha256" */
-&(nid_objs[732]),/* "sha256WithRSAEncryption" */
-&(nid_objs[741]),/* "sha384" */
-&(nid_objs[733]),/* "sha384WithRSAEncryption" */
-&(nid_objs[742]),/* "sha512" */
-&(nid_objs[734]),/* "sha512WithRSAEncryption" */
+&(nid_objs[744]),/* "sha224" */
+&(nid_objs[740]),/* "sha224WithRSAEncryption" */
+&(nid_objs[741]),/* "sha256" */
+&(nid_objs[737]),/* "sha256WithRSAEncryption" */
+&(nid_objs[742]),/* "sha384" */
+&(nid_objs[738]),/* "sha384WithRSAEncryption" */
+&(nid_objs[743]),/* "sha512" */
+&(nid_objs[739]),/* "sha512WithRSAEncryption" */
&(nid_objs[42]),/* "shaWithRSAEncryption" */
&(nid_objs[52]),/* "signingTime" */
&(nid_objs[454]),/* "simpleSecurityObject" */
&(nid_objs[496]),/* "singleLevelQuality" */
&(nid_objs[16]),/* "stateOrProvinceName" */
-&(nid_objs[660]),/* "streetAddress" */
&(nid_objs[498]),/* "subtreeMaximumQuality" */
&(nid_objs[497]),/* "subtreeMinimumQuality" */
&(nid_objs[100]),/* "surname" */
&(nid_objs[459]),/* "textEncodedORAddress" */
&(nid_objs[293]),/* "textNotice" */
&(nid_objs[106]),/* "title" */
-&(nid_objs[668]),/* "tpBasis" */
+&(nid_objs[505]),/* "tpBasis" */
&(nid_objs[436]),/* "ucl" */
&(nid_objs[ 0]),/* "undefined" */
&(nid_objs[55]),/* "unstructuredAddress" */
@@ -3428,20 +3398,20 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[465]),/* "userClass" */
&(nid_objs[458]),/* "userId" */
&(nid_objs[373]),/* "valid" */
-&(nid_objs[664]),/* "wap" */
-&(nid_objs[665]),/* "wap-wsg" */
-&(nid_objs[721]),/* "wap-wsg-idm-ecid-wtls1" */
-&(nid_objs[729]),/* "wap-wsg-idm-ecid-wtls10" */
-&(nid_objs[730]),/* "wap-wsg-idm-ecid-wtls11" */
-&(nid_objs[731]),/* "wap-wsg-idm-ecid-wtls12" */
-&(nid_objs[722]),/* "wap-wsg-idm-ecid-wtls3" */
-&(nid_objs[723]),/* "wap-wsg-idm-ecid-wtls4" */
-&(nid_objs[724]),/* "wap-wsg-idm-ecid-wtls5" */
-&(nid_objs[725]),/* "wap-wsg-idm-ecid-wtls6" */
-&(nid_objs[726]),/* "wap-wsg-idm-ecid-wtls7" */
-&(nid_objs[727]),/* "wap-wsg-idm-ecid-wtls8" */
-&(nid_objs[728]),/* "wap-wsg-idm-ecid-wtls9" */
-&(nid_objs[503]),/* "x500UniqueIdentifier" */
+&(nid_objs[562]),/* "wap" */
+&(nid_objs[563]),/* "wap-wsg" */
+&(nid_objs[564]),/* "wap-wsg-idm-ecid-wtls1" */
+&(nid_objs[713]),/* "wap-wsg-idm-ecid-wtls10" */
+&(nid_objs[714]),/* "wap-wsg-idm-ecid-wtls11" */
+&(nid_objs[715]),/* "wap-wsg-idm-ecid-wtls12" */
+&(nid_objs[709]),/* "wap-wsg-idm-ecid-wtls3" */
+&(nid_objs[710]),/* "wap-wsg-idm-ecid-wtls4" */
+&(nid_objs[711]),/* "wap-wsg-idm-ecid-wtls5" */
+&(nid_objs[565]),/* "wap-wsg-idm-ecid-wtls6" */
+&(nid_objs[712]),/* "wap-wsg-idm-ecid-wtls7" */
+&(nid_objs[566]),/* "wap-wsg-idm-ecid-wtls8" */
+&(nid_objs[567]),/* "wap-wsg-idm-ecid-wtls9" */
+&(nid_objs[568]),/* "x500UniqueIdentifier" */
&(nid_objs[158]),/* "x509Certificate" */
&(nid_objs[160]),/* "x509Crl" */
&(nid_objs[125]),/* "zlib compression" */
@@ -3451,25 +3421,25 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
&(nid_objs[ 0]),/* OBJ_undef 0 */
&(nid_objs[393]),/* OBJ_joint_iso_ccitt OBJ_joint_iso_itu_t */
&(nid_objs[404]),/* OBJ_ccitt OBJ_itu_t */
-&(nid_objs[645]),/* OBJ_itu_t 0 */
+&(nid_objs[721]),/* OBJ_itu_t 0 */
&(nid_objs[434]),/* OBJ_data 0 9 */
&(nid_objs[181]),/* OBJ_iso 1 */
&(nid_objs[182]),/* OBJ_member_body 1 2 */
&(nid_objs[379]),/* OBJ_org 1 3 */
-&(nid_objs[662]),/* OBJ_identified_organization 1 3 */
-&(nid_objs[646]),/* OBJ_joint_iso_itu_t 2 */
+&(nid_objs[527]),/* OBJ_identified_organization 1 3 */
+&(nid_objs[722]),/* OBJ_joint_iso_itu_t 2 */
&(nid_objs[11]),/* OBJ_X500 2 5 */
-&(nid_objs[647]),/* OBJ_international_organizations 2 23 */
+&(nid_objs[723]),/* OBJ_international_organizations 2 23 */
&(nid_objs[380]),/* OBJ_dod 1 3 6 */
&(nid_objs[12]),/* OBJ_X509 2 5 4 */
&(nid_objs[378]),/* OBJ_X500algorithms 2 5 8 */
&(nid_objs[81]),/* OBJ_id_ce 2 5 29 */
-&(nid_objs[512]),/* OBJ_id_set 2 23 42 */
-&(nid_objs[664]),/* OBJ_wap 2 23 43 */
+&(nid_objs[576]),/* OBJ_id_set 2 23 42 */
+&(nid_objs[562]),/* OBJ_wap 2 23 43 */
&(nid_objs[435]),/* OBJ_pss 0 9 2342 */
&(nid_objs[183]),/* OBJ_ISO_US 1 2 840 */
&(nid_objs[381]),/* OBJ_iana 1 3 6 1 */
-&(nid_objs[663]),/* OBJ_certicom_arc 1 3 132 */
+&(nid_objs[528]),/* OBJ_certicom_arc 1 3 132 */
&(nid_objs[394]),/* OBJ_selected_attribute_types 2 5 1 5 */
&(nid_objs[13]),/* OBJ_commonName 2 5 4 3 */
&(nid_objs[100]),/* OBJ_surname 2 5 4 4 */
@@ -3477,19 +3447,17 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
&(nid_objs[14]),/* OBJ_countryName 2 5 4 6 */
&(nid_objs[15]),/* OBJ_localityName 2 5 4 7 */
&(nid_objs[16]),/* OBJ_stateOrProvinceName 2 5 4 8 */
-&(nid_objs[660]),/* OBJ_streetAddress 2 5 4 9 */
&(nid_objs[17]),/* OBJ_organizationName 2 5 4 10 */
&(nid_objs[18]),/* OBJ_organizationalUnitName 2 5 4 11 */
&(nid_objs[106]),/* OBJ_title 2 5 4 12 */
&(nid_objs[107]),/* OBJ_description 2 5 4 13 */
-&(nid_objs[661]),/* OBJ_postalCode 2 5 4 17 */
&(nid_objs[173]),/* OBJ_name 2 5 4 41 */
&(nid_objs[99]),/* OBJ_givenName 2 5 4 42 */
&(nid_objs[101]),/* OBJ_initials 2 5 4 43 */
-&(nid_objs[509]),/* OBJ_generationQualifier 2 5 4 44 */
-&(nid_objs[503]),/* OBJ_x500UniqueIdentifier 2 5 4 45 */
+&(nid_objs[574]),/* OBJ_generationQualifier 2 5 4 44 */
+&(nid_objs[568]),/* OBJ_x500UniqueIdentifier 2 5 4 45 */
&(nid_objs[174]),/* OBJ_dnQualifier 2 5 4 46 */
-&(nid_objs[510]),/* OBJ_pseudonym 2 5 4 65 */
+&(nid_objs[575]),/* OBJ_pseudonym 2 5 4 65 */
&(nid_objs[400]),/* OBJ_role 2 5 4 72 */
&(nid_objs[82]),/* OBJ_subject_key_identifier 2 5 29 14 */
&(nid_objs[83]),/* OBJ_key_usage 2 5 29 15 */
@@ -3502,23 +3470,23 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
&(nid_objs[430]),/* OBJ_hold_instruction_code 2 5 29 23 */
&(nid_objs[142]),/* OBJ_invalidity_date 2 5 29 24 */
&(nid_objs[140]),/* OBJ_delta_crl 2 5 29 27 */
-&(nid_objs[736]),/* OBJ_name_constraints 2 5 29 30 */
+&(nid_objs[720]),/* OBJ_name_constraints 2 5 29 30 */
&(nid_objs[103]),/* OBJ_crl_distribution_points 2 5 29 31 */
&(nid_objs[89]),/* OBJ_certificate_policies 2 5 29 32 */
-&(nid_objs[738]),/* OBJ_policy_mappings 2 5 29 33 */
+&(nid_objs[719]),/* OBJ_policy_mappings 2 5 29 33 */
&(nid_objs[90]),/* OBJ_authority_key_identifier 2 5 29 35 */
&(nid_objs[401]),/* OBJ_policy_constraints 2 5 29 36 */
&(nid_objs[126]),/* OBJ_ext_key_usage 2 5 29 37 */
-&(nid_objs[739]),/* OBJ_inhibit_any_policy 2 5 29 54 */
+&(nid_objs[736]),/* OBJ_inhibit_any_policy 2 5 29 54 */
&(nid_objs[402]),/* OBJ_target_information 2 5 29 55 */
&(nid_objs[403]),/* OBJ_no_rev_avail 2 5 29 56 */
-&(nid_objs[513]),/* OBJ_set_ctype 2 23 42 0 */
-&(nid_objs[514]),/* OBJ_set_msgExt 2 23 42 1 */
-&(nid_objs[515]),/* OBJ_set_attr 2 23 42 3 */
-&(nid_objs[516]),/* OBJ_set_policy 2 23 42 5 */
-&(nid_objs[517]),/* OBJ_set_certExt 2 23 42 7 */
-&(nid_objs[518]),/* OBJ_set_brand 2 23 42 8 */
-&(nid_objs[665]),/* OBJ_wap_wsg 2 23 43 13 */
+&(nid_objs[577]),/* OBJ_set_ctype 2 23 42 0 */
+&(nid_objs[578]),/* OBJ_set_msgExt 2 23 42 1 */
+&(nid_objs[579]),/* OBJ_set_attr 2 23 42 3 */
+&(nid_objs[580]),/* OBJ_set_policy 2 23 42 5 */
+&(nid_objs[581]),/* OBJ_set_certExt 2 23 42 7 */
+&(nid_objs[582]),/* OBJ_set_brand 2 23 42 8 */
+&(nid_objs[563]),/* OBJ_wap_wsg 2 23 43 13 */
&(nid_objs[382]),/* OBJ_Directory 1 3 6 1 1 */
&(nid_objs[383]),/* OBJ_Management 1 3 6 1 2 */
&(nid_objs[384]),/* OBJ_Experimental 1 3 6 1 3 */
@@ -3531,122 +3499,122 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
&(nid_objs[19]),/* OBJ_rsa 2 5 8 1 1 */
&(nid_objs[96]),/* OBJ_mdc2WithRSA 2 5 8 3 100 */
&(nid_objs[95]),/* OBJ_mdc2 2 5 8 3 101 */
-&(nid_objs[737]),/* OBJ_any_policy 2 5 29 32 0 */
-&(nid_objs[519]),/* OBJ_setct_PANData 2 23 42 0 0 */
-&(nid_objs[520]),/* OBJ_setct_PANToken 2 23 42 0 1 */
-&(nid_objs[521]),/* OBJ_setct_PANOnly 2 23 42 0 2 */
-&(nid_objs[522]),/* OBJ_setct_OIData 2 23 42 0 3 */
-&(nid_objs[523]),/* OBJ_setct_PI 2 23 42 0 4 */
-&(nid_objs[524]),/* OBJ_setct_PIData 2 23 42 0 5 */
-&(nid_objs[525]),/* OBJ_setct_PIDataUnsigned 2 23 42 0 6 */
-&(nid_objs[526]),/* OBJ_setct_HODInput 2 23 42 0 7 */
-&(nid_objs[527]),/* OBJ_setct_AuthResBaggage 2 23 42 0 8 */
-&(nid_objs[528]),/* OBJ_setct_AuthRevReqBaggage 2 23 42 0 9 */
-&(nid_objs[529]),/* OBJ_setct_AuthRevResBaggage 2 23 42 0 10 */
-&(nid_objs[530]),/* OBJ_setct_CapTokenSeq 2 23 42 0 11 */
-&(nid_objs[531]),/* OBJ_setct_PInitResData 2 23 42 0 12 */
-&(nid_objs[532]),/* OBJ_setct_PI_TBS 2 23 42 0 13 */
-&(nid_objs[533]),/* OBJ_setct_PResData 2 23 42 0 14 */
-&(nid_objs[534]),/* OBJ_setct_AuthReqTBS 2 23 42 0 16 */
-&(nid_objs[535]),/* OBJ_setct_AuthResTBS 2 23 42 0 17 */
-&(nid_objs[536]),/* OBJ_setct_AuthResTBSX 2 23 42 0 18 */
-&(nid_objs[537]),/* OBJ_setct_AuthTokenTBS 2 23 42 0 19 */
-&(nid_objs[538]),/* OBJ_setct_CapTokenData 2 23 42 0 20 */
-&(nid_objs[539]),/* OBJ_setct_CapTokenTBS 2 23 42 0 21 */
-&(nid_objs[540]),/* OBJ_setct_AcqCardCodeMsg 2 23 42 0 22 */
-&(nid_objs[541]),/* OBJ_setct_AuthRevReqTBS 2 23 42 0 23 */
-&(nid_objs[542]),/* OBJ_setct_AuthRevResData 2 23 42 0 24 */
-&(nid_objs[543]),/* OBJ_setct_AuthRevResTBS 2 23 42 0 25 */
-&(nid_objs[544]),/* OBJ_setct_CapReqTBS 2 23 42 0 26 */
-&(nid_objs[545]),/* OBJ_setct_CapReqTBSX 2 23 42 0 27 */
-&(nid_objs[546]),/* OBJ_setct_CapResData 2 23 42 0 28 */
-&(nid_objs[547]),/* OBJ_setct_CapRevReqTBS 2 23 42 0 29 */
-&(nid_objs[548]),/* OBJ_setct_CapRevReqTBSX 2 23 42 0 30 */
-&(nid_objs[549]),/* OBJ_setct_CapRevResData 2 23 42 0 31 */
-&(nid_objs[550]),/* OBJ_setct_CredReqTBS 2 23 42 0 32 */
-&(nid_objs[551]),/* OBJ_setct_CredReqTBSX 2 23 42 0 33 */
-&(nid_objs[552]),/* OBJ_setct_CredResData 2 23 42 0 34 */
-&(nid_objs[553]),/* OBJ_setct_CredRevReqTBS 2 23 42 0 35 */
-&(nid_objs[554]),/* OBJ_setct_CredRevReqTBSX 2 23 42 0 36 */
-&(nid_objs[555]),/* OBJ_setct_CredRevResData 2 23 42 0 37 */
-&(nid_objs[556]),/* OBJ_setct_PCertReqData 2 23 42 0 38 */
-&(nid_objs[557]),/* OBJ_setct_PCertResTBS 2 23 42 0 39 */
-&(nid_objs[558]),/* OBJ_setct_BatchAdminReqData 2 23 42 0 40 */
-&(nid_objs[559]),/* OBJ_setct_BatchAdminResData 2 23 42 0 41 */
-&(nid_objs[560]),/* OBJ_setct_CardCInitResTBS 2 23 42 0 42 */
-&(nid_objs[561]),/* OBJ_setct_MeAqCInitResTBS 2 23 42 0 43 */
-&(nid_objs[562]),/* OBJ_setct_RegFormResTBS 2 23 42 0 44 */
-&(nid_objs[563]),/* OBJ_setct_CertReqData 2 23 42 0 45 */
-&(nid_objs[564]),/* OBJ_setct_CertReqTBS 2 23 42 0 46 */
-&(nid_objs[565]),/* OBJ_setct_CertResData 2 23 42 0 47 */
-&(nid_objs[566]),/* OBJ_setct_CertInqReqTBS 2 23 42 0 48 */
-&(nid_objs[567]),/* OBJ_setct_ErrorTBS 2 23 42 0 49 */
-&(nid_objs[568]),/* OBJ_setct_PIDualSignedTBE 2 23 42 0 50 */
-&(nid_objs[569]),/* OBJ_setct_PIUnsignedTBE 2 23 42 0 51 */
-&(nid_objs[570]),/* OBJ_setct_AuthReqTBE 2 23 42 0 52 */
-&(nid_objs[571]),/* OBJ_setct_AuthResTBE 2 23 42 0 53 */
-&(nid_objs[572]),/* OBJ_setct_AuthResTBEX 2 23 42 0 54 */
-&(nid_objs[573]),/* OBJ_setct_AuthTokenTBE 2 23 42 0 55 */
-&(nid_objs[574]),/* OBJ_setct_CapTokenTBE 2 23 42 0 56 */
-&(nid_objs[575]),/* OBJ_setct_CapTokenTBEX 2 23 42 0 57 */
-&(nid_objs[576]),/* OBJ_setct_AcqCardCodeMsgTBE 2 23 42 0 58 */
-&(nid_objs[577]),/* OBJ_setct_AuthRevReqTBE 2 23 42 0 59 */
-&(nid_objs[578]),/* OBJ_setct_AuthRevResTBE 2 23 42 0 60 */
-&(nid_objs[579]),/* OBJ_setct_AuthRevResTBEB 2 23 42 0 61 */
-&(nid_objs[580]),/* OBJ_setct_CapReqTBE 2 23 42 0 62 */
-&(nid_objs[581]),/* OBJ_setct_CapReqTBEX 2 23 42 0 63 */
-&(nid_objs[582]),/* OBJ_setct_CapResTBE 2 23 42 0 64 */
-&(nid_objs[583]),/* OBJ_setct_CapRevReqTBE 2 23 42 0 65 */
-&(nid_objs[584]),/* OBJ_setct_CapRevReqTBEX 2 23 42 0 66 */
-&(nid_objs[585]),/* OBJ_setct_CapRevResTBE 2 23 42 0 67 */
-&(nid_objs[586]),/* OBJ_setct_CredReqTBE 2 23 42 0 68 */
-&(nid_objs[587]),/* OBJ_setct_CredReqTBEX 2 23 42 0 69 */
-&(nid_objs[588]),/* OBJ_setct_CredResTBE 2 23 42 0 70 */
-&(nid_objs[589]),/* OBJ_setct_CredRevReqTBE 2 23 42 0 71 */
-&(nid_objs[590]),/* OBJ_setct_CredRevReqTBEX 2 23 42 0 72 */
-&(nid_objs[591]),/* OBJ_setct_CredRevResTBE 2 23 42 0 73 */
-&(nid_objs[592]),/* OBJ_setct_BatchAdminReqTBE 2 23 42 0 74 */
-&(nid_objs[593]),/* OBJ_setct_BatchAdminResTBE 2 23 42 0 75 */
-&(nid_objs[594]),/* OBJ_setct_RegFormReqTBE 2 23 42 0 76 */
-&(nid_objs[595]),/* OBJ_setct_CertReqTBE 2 23 42 0 77 */
-&(nid_objs[596]),/* OBJ_setct_CertReqTBEX 2 23 42 0 78 */
-&(nid_objs[597]),/* OBJ_setct_CertResTBE 2 23 42 0 79 */
-&(nid_objs[598]),/* OBJ_setct_CRLNotificationTBS 2 23 42 0 80 */
-&(nid_objs[599]),/* OBJ_setct_CRLNotificationResTBS 2 23 42 0 81 */
-&(nid_objs[600]),/* OBJ_setct_BCIDistributionTBS 2 23 42 0 82 */
-&(nid_objs[601]),/* OBJ_setext_genCrypt 2 23 42 1 1 */
-&(nid_objs[602]),/* OBJ_setext_miAuth 2 23 42 1 3 */
-&(nid_objs[603]),/* OBJ_setext_pinSecure 2 23 42 1 4 */
-&(nid_objs[604]),/* OBJ_setext_pinAny 2 23 42 1 5 */
-&(nid_objs[605]),/* OBJ_setext_track2 2 23 42 1 7 */
-&(nid_objs[606]),/* OBJ_setext_cv 2 23 42 1 8 */
-&(nid_objs[620]),/* OBJ_setAttr_Cert 2 23 42 3 0 */
-&(nid_objs[621]),/* OBJ_setAttr_PGWYcap 2 23 42 3 1 */
-&(nid_objs[622]),/* OBJ_setAttr_TokenType 2 23 42 3 2 */
-&(nid_objs[623]),/* OBJ_setAttr_IssCap 2 23 42 3 3 */
-&(nid_objs[607]),/* OBJ_set_policy_root 2 23 42 5 0 */
-&(nid_objs[608]),/* OBJ_setCext_hashedRoot 2 23 42 7 0 */
-&(nid_objs[609]),/* OBJ_setCext_certType 2 23 42 7 1 */
-&(nid_objs[610]),/* OBJ_setCext_merchData 2 23 42 7 2 */
-&(nid_objs[611]),/* OBJ_setCext_cCertRequired 2 23 42 7 3 */
-&(nid_objs[612]),/* OBJ_setCext_tunneling 2 23 42 7 4 */
-&(nid_objs[613]),/* OBJ_setCext_setExt 2 23 42 7 5 */
-&(nid_objs[614]),/* OBJ_setCext_setQualf 2 23 42 7 6 */
-&(nid_objs[615]),/* OBJ_setCext_PGWYcapabilities 2 23 42 7 7 */
-&(nid_objs[616]),/* OBJ_setCext_TokenIdentifier 2 23 42 7 8 */
-&(nid_objs[617]),/* OBJ_setCext_Track2Data 2 23 42 7 9 */
-&(nid_objs[618]),/* OBJ_setCext_TokenType 2 23 42 7 10 */
-&(nid_objs[619]),/* OBJ_setCext_IssuerCapabilities 2 23 42 7 11 */
-&(nid_objs[636]),/* OBJ_set_brand_IATA_ATA 2 23 42 8 1 */
-&(nid_objs[640]),/* OBJ_set_brand_Visa 2 23 42 8 4 */
-&(nid_objs[641]),/* OBJ_set_brand_MasterCard 2 23 42 8 5 */
-&(nid_objs[637]),/* OBJ_set_brand_Diners 2 23 42 8 30 */
-&(nid_objs[638]),/* OBJ_set_brand_AmericanExpress 2 23 42 8 34 */
-&(nid_objs[639]),/* OBJ_set_brand_JCB 2 23 42 8 35 */
+&(nid_objs[718]),/* OBJ_any_policy 2 5 29 32 0 */
+&(nid_objs[583]),/* OBJ_setct_PANData 2 23 42 0 0 */
+&(nid_objs[584]),/* OBJ_setct_PANToken 2 23 42 0 1 */
+&(nid_objs[585]),/* OBJ_setct_PANOnly 2 23 42 0 2 */
+&(nid_objs[586]),/* OBJ_setct_OIData 2 23 42 0 3 */
+&(nid_objs[587]),/* OBJ_setct_PI 2 23 42 0 4 */
+&(nid_objs[588]),/* OBJ_setct_PIData 2 23 42 0 5 */
+&(nid_objs[589]),/* OBJ_setct_PIDataUnsigned 2 23 42 0 6 */
+&(nid_objs[590]),/* OBJ_setct_HODInput 2 23 42 0 7 */
+&(nid_objs[591]),/* OBJ_setct_AuthResBaggage 2 23 42 0 8 */
+&(nid_objs[592]),/* OBJ_setct_AuthRevReqBaggage 2 23 42 0 9 */
+&(nid_objs[593]),/* OBJ_setct_AuthRevResBaggage 2 23 42 0 10 */
+&(nid_objs[594]),/* OBJ_setct_CapTokenSeq 2 23 42 0 11 */
+&(nid_objs[595]),/* OBJ_setct_PInitResData 2 23 42 0 12 */
+&(nid_objs[596]),/* OBJ_setct_PI_TBS 2 23 42 0 13 */
+&(nid_objs[597]),/* OBJ_setct_PResData 2 23 42 0 14 */
+&(nid_objs[598]),/* OBJ_setct_AuthReqTBS 2 23 42 0 16 */
+&(nid_objs[599]),/* OBJ_setct_AuthResTBS 2 23 42 0 17 */
+&(nid_objs[600]),/* OBJ_setct_AuthResTBSX 2 23 42 0 18 */
+&(nid_objs[601]),/* OBJ_setct_AuthTokenTBS 2 23 42 0 19 */
+&(nid_objs[602]),/* OBJ_setct_CapTokenData 2 23 42 0 20 */
+&(nid_objs[603]),/* OBJ_setct_CapTokenTBS 2 23 42 0 21 */
+&(nid_objs[604]),/* OBJ_setct_AcqCardCodeMsg 2 23 42 0 22 */
+&(nid_objs[605]),/* OBJ_setct_AuthRevReqTBS 2 23 42 0 23 */
+&(nid_objs[606]),/* OBJ_setct_AuthRevResData 2 23 42 0 24 */
+&(nid_objs[607]),/* OBJ_setct_AuthRevResTBS 2 23 42 0 25 */
+&(nid_objs[608]),/* OBJ_setct_CapReqTBS 2 23 42 0 26 */
+&(nid_objs[609]),/* OBJ_setct_CapReqTBSX 2 23 42 0 27 */
+&(nid_objs[610]),/* OBJ_setct_CapResData 2 23 42 0 28 */
+&(nid_objs[611]),/* OBJ_setct_CapRevReqTBS 2 23 42 0 29 */
+&(nid_objs[612]),/* OBJ_setct_CapRevReqTBSX 2 23 42 0 30 */
+&(nid_objs[613]),/* OBJ_setct_CapRevResData 2 23 42 0 31 */
+&(nid_objs[614]),/* OBJ_setct_CredReqTBS 2 23 42 0 32 */
+&(nid_objs[615]),/* OBJ_setct_CredReqTBSX 2 23 42 0 33 */
+&(nid_objs[616]),/* OBJ_setct_CredResData 2 23 42 0 34 */
+&(nid_objs[617]),/* OBJ_setct_CredRevReqTBS 2 23 42 0 35 */
+&(nid_objs[618]),/* OBJ_setct_CredRevReqTBSX 2 23 42 0 36 */
+&(nid_objs[619]),/* OBJ_setct_CredRevResData 2 23 42 0 37 */
+&(nid_objs[620]),/* OBJ_setct_PCertReqData 2 23 42 0 38 */
+&(nid_objs[621]),/* OBJ_setct_PCertResTBS 2 23 42 0 39 */
+&(nid_objs[622]),/* OBJ_setct_BatchAdminReqData 2 23 42 0 40 */
+&(nid_objs[623]),/* OBJ_setct_BatchAdminResData 2 23 42 0 41 */
+&(nid_objs[624]),/* OBJ_setct_CardCInitResTBS 2 23 42 0 42 */
+&(nid_objs[625]),/* OBJ_setct_MeAqCInitResTBS 2 23 42 0 43 */
+&(nid_objs[626]),/* OBJ_setct_RegFormResTBS 2 23 42 0 44 */
+&(nid_objs[627]),/* OBJ_setct_CertReqData 2 23 42 0 45 */
+&(nid_objs[628]),/* OBJ_setct_CertReqTBS 2 23 42 0 46 */
+&(nid_objs[629]),/* OBJ_setct_CertResData 2 23 42 0 47 */
+&(nid_objs[630]),/* OBJ_setct_CertInqReqTBS 2 23 42 0 48 */
+&(nid_objs[631]),/* OBJ_setct_ErrorTBS 2 23 42 0 49 */
+&(nid_objs[632]),/* OBJ_setct_PIDualSignedTBE 2 23 42 0 50 */
+&(nid_objs[633]),/* OBJ_setct_PIUnsignedTBE 2 23 42 0 51 */
+&(nid_objs[634]),/* OBJ_setct_AuthReqTBE 2 23 42 0 52 */
+&(nid_objs[635]),/* OBJ_setct_AuthResTBE 2 23 42 0 53 */
+&(nid_objs[636]),/* OBJ_setct_AuthResTBEX 2 23 42 0 54 */
+&(nid_objs[637]),/* OBJ_setct_AuthTokenTBE 2 23 42 0 55 */
+&(nid_objs[638]),/* OBJ_setct_CapTokenTBE 2 23 42 0 56 */
+&(nid_objs[639]),/* OBJ_setct_CapTokenTBEX 2 23 42 0 57 */
+&(nid_objs[640]),/* OBJ_setct_AcqCardCodeMsgTBE 2 23 42 0 58 */
+&(nid_objs[641]),/* OBJ_setct_AuthRevReqTBE 2 23 42 0 59 */
+&(nid_objs[642]),/* OBJ_setct_AuthRevResTBE 2 23 42 0 60 */
+&(nid_objs[643]),/* OBJ_setct_AuthRevResTBEB 2 23 42 0 61 */
+&(nid_objs[644]),/* OBJ_setct_CapReqTBE 2 23 42 0 62 */
+&(nid_objs[645]),/* OBJ_setct_CapReqTBEX 2 23 42 0 63 */
+&(nid_objs[646]),/* OBJ_setct_CapResTBE 2 23 42 0 64 */
+&(nid_objs[647]),/* OBJ_setct_CapRevReqTBE 2 23 42 0 65 */
+&(nid_objs[648]),/* OBJ_setct_CapRevReqTBEX 2 23 42 0 66 */
+&(nid_objs[649]),/* OBJ_setct_CapRevResTBE 2 23 42 0 67 */
+&(nid_objs[650]),/* OBJ_setct_CredReqTBE 2 23 42 0 68 */
+&(nid_objs[651]),/* OBJ_setct_CredReqTBEX 2 23 42 0 69 */
+&(nid_objs[652]),/* OBJ_setct_CredResTBE 2 23 42 0 70 */
+&(nid_objs[653]),/* OBJ_setct_CredRevReqTBE 2 23 42 0 71 */
+&(nid_objs[654]),/* OBJ_setct_CredRevReqTBEX 2 23 42 0 72 */
+&(nid_objs[655]),/* OBJ_setct_CredRevResTBE 2 23 42 0 73 */
+&(nid_objs[656]),/* OBJ_setct_BatchAdminReqTBE 2 23 42 0 74 */
+&(nid_objs[657]),/* OBJ_setct_BatchAdminResTBE 2 23 42 0 75 */
+&(nid_objs[658]),/* OBJ_setct_RegFormReqTBE 2 23 42 0 76 */
+&(nid_objs[659]),/* OBJ_setct_CertReqTBE 2 23 42 0 77 */
+&(nid_objs[660]),/* OBJ_setct_CertReqTBEX 2 23 42 0 78 */
+&(nid_objs[661]),/* OBJ_setct_CertResTBE 2 23 42 0 79 */
+&(nid_objs[662]),/* OBJ_setct_CRLNotificationTBS 2 23 42 0 80 */
+&(nid_objs[663]),/* OBJ_setct_CRLNotificationResTBS 2 23 42 0 81 */
+&(nid_objs[664]),/* OBJ_setct_BCIDistributionTBS 2 23 42 0 82 */
+&(nid_objs[665]),/* OBJ_setext_genCrypt 2 23 42 1 1 */
+&(nid_objs[666]),/* OBJ_setext_miAuth 2 23 42 1 3 */
+&(nid_objs[667]),/* OBJ_setext_pinSecure 2 23 42 1 4 */
+&(nid_objs[668]),/* OBJ_setext_pinAny 2 23 42 1 5 */
+&(nid_objs[669]),/* OBJ_setext_track2 2 23 42 1 7 */
+&(nid_objs[670]),/* OBJ_setext_cv 2 23 42 1 8 */
+&(nid_objs[684]),/* OBJ_setAttr_Cert 2 23 42 3 0 */
+&(nid_objs[685]),/* OBJ_setAttr_PGWYcap 2 23 42 3 1 */
+&(nid_objs[686]),/* OBJ_setAttr_TokenType 2 23 42 3 2 */
+&(nid_objs[687]),/* OBJ_setAttr_IssCap 2 23 42 3 3 */
+&(nid_objs[671]),/* OBJ_set_policy_root 2 23 42 5 0 */
+&(nid_objs[672]),/* OBJ_setCext_hashedRoot 2 23 42 7 0 */
+&(nid_objs[673]),/* OBJ_setCext_certType 2 23 42 7 1 */
+&(nid_objs[674]),/* OBJ_setCext_merchData 2 23 42 7 2 */
+&(nid_objs[675]),/* OBJ_setCext_cCertRequired 2 23 42 7 3 */
+&(nid_objs[676]),/* OBJ_setCext_tunneling 2 23 42 7 4 */
+&(nid_objs[677]),/* OBJ_setCext_setExt 2 23 42 7 5 */
+&(nid_objs[678]),/* OBJ_setCext_setQualf 2 23 42 7 6 */
+&(nid_objs[679]),/* OBJ_setCext_PGWYcapabilities 2 23 42 7 7 */
+&(nid_objs[680]),/* OBJ_setCext_TokenIdentifier 2 23 42 7 8 */
+&(nid_objs[681]),/* OBJ_setCext_Track2Data 2 23 42 7 9 */
+&(nid_objs[682]),/* OBJ_setCext_TokenType 2 23 42 7 10 */
+&(nid_objs[683]),/* OBJ_setCext_IssuerCapabilities 2 23 42 7 11 */
+&(nid_objs[700]),/* OBJ_set_brand_IATA_ATA 2 23 42 8 1 */
+&(nid_objs[704]),/* OBJ_set_brand_Visa 2 23 42 8 4 */
+&(nid_objs[705]),/* OBJ_set_brand_MasterCard 2 23 42 8 5 */
+&(nid_objs[701]),/* OBJ_set_brand_Diners 2 23 42 8 30 */
+&(nid_objs[702]),/* OBJ_set_brand_AmericanExpress 2 23 42 8 34 */
+&(nid_objs[703]),/* OBJ_set_brand_JCB 2 23 42 8 35 */
&(nid_objs[184]),/* OBJ_X9_57 1 2 840 10040 */
&(nid_objs[405]),/* OBJ_ansi_X9_62 1 2 840 10045 */
&(nid_objs[389]),/* OBJ_Enterprises 1 3 6 1 4 1 */
-&(nid_objs[504]),/* OBJ_mime_mhs 1 3 6 1 7 1 */
+&(nid_objs[569]),/* OBJ_mime_mhs 1 3 6 1 7 1 */
&(nid_objs[104]),/* OBJ_md5WithRSA 1 3 14 3 2 3 */
&(nid_objs[29]),/* OBJ_des_ecb 1 3 14 3 2 6 */
&(nid_objs[31]),/* OBJ_des_cbc 1 3 14 3 2 7 */
@@ -3663,69 +3631,69 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
&(nid_objs[115]),/* OBJ_sha1WithRSA 1 3 14 3 2 29 */
&(nid_objs[117]),/* OBJ_ripemd160 1 3 36 3 2 1 */
&(nid_objs[143]),/* OBJ_sxnet 1 3 101 1 4 1 */
-&(nid_objs[707]),/* OBJ_sect163k1 1 3 132 0 1 */
-&(nid_objs[708]),/* OBJ_sect163r1 1 3 132 0 2 */
-&(nid_objs[714]),/* OBJ_sect239k1 1 3 132 0 3 */
-&(nid_objs[703]),/* OBJ_sect113r1 1 3 132 0 4 */
-&(nid_objs[704]),/* OBJ_sect113r2 1 3 132 0 5 */
-&(nid_objs[690]),/* OBJ_secp112r1 1 3 132 0 6 */
-&(nid_objs[691]),/* OBJ_secp112r2 1 3 132 0 7 */
-&(nid_objs[695]),/* OBJ_secp160r1 1 3 132 0 8 */
-&(nid_objs[694]),/* OBJ_secp160k1 1 3 132 0 9 */
-&(nid_objs[700]),/* OBJ_secp256k1 1 3 132 0 10 */
-&(nid_objs[709]),/* OBJ_sect163r2 1 3 132 0 15 */
-&(nid_objs[715]),/* OBJ_sect283k1 1 3 132 0 16 */
-&(nid_objs[716]),/* OBJ_sect283r1 1 3 132 0 17 */
-&(nid_objs[705]),/* OBJ_sect131r1 1 3 132 0 22 */
-&(nid_objs[706]),/* OBJ_sect131r2 1 3 132 0 23 */
-&(nid_objs[710]),/* OBJ_sect193r1 1 3 132 0 24 */
-&(nid_objs[711]),/* OBJ_sect193r2 1 3 132 0 25 */
-&(nid_objs[712]),/* OBJ_sect233k1 1 3 132 0 26 */
-&(nid_objs[713]),/* OBJ_sect233r1 1 3 132 0 27 */
-&(nid_objs[692]),/* OBJ_secp128r1 1 3 132 0 28 */
-&(nid_objs[693]),/* OBJ_secp128r2 1 3 132 0 29 */
-&(nid_objs[696]),/* OBJ_secp160r2 1 3 132 0 30 */
-&(nid_objs[697]),/* OBJ_secp192k1 1 3 132 0 31 */
-&(nid_objs[698]),/* OBJ_secp224k1 1 3 132 0 32 */
-&(nid_objs[699]),/* OBJ_secp224r1 1 3 132 0 33 */
-&(nid_objs[701]),/* OBJ_secp384r1 1 3 132 0 34 */
-&(nid_objs[702]),/* OBJ_secp521r1 1 3 132 0 35 */
-&(nid_objs[717]),/* OBJ_sect409k1 1 3 132 0 36 */
-&(nid_objs[718]),/* OBJ_sect409r1 1 3 132 0 37 */
-&(nid_objs[719]),/* OBJ_sect571k1 1 3 132 0 38 */
-&(nid_objs[720]),/* OBJ_sect571r1 1 3 132 0 39 */
-&(nid_objs[624]),/* OBJ_set_rootKeyThumb 2 23 42 3 0 0 */
-&(nid_objs[625]),/* OBJ_set_addPolicy 2 23 42 3 0 1 */
-&(nid_objs[626]),/* OBJ_setAttr_Token_EMV 2 23 42 3 2 1 */
-&(nid_objs[627]),/* OBJ_setAttr_Token_B0Prime 2 23 42 3 2 2 */
-&(nid_objs[628]),/* OBJ_setAttr_IssCap_CVM 2 23 42 3 3 3 */
-&(nid_objs[629]),/* OBJ_setAttr_IssCap_T2 2 23 42 3 3 4 */
-&(nid_objs[630]),/* OBJ_setAttr_IssCap_Sig 2 23 42 3 3 5 */
-&(nid_objs[642]),/* OBJ_set_brand_Novus 2 23 42 8 6011 */
-&(nid_objs[721]),/* OBJ_wap_wsg_idm_ecid_wtls1 2 23 43 13 4 1 */
-&(nid_objs[722]),/* OBJ_wap_wsg_idm_ecid_wtls3 2 23 43 13 4 3 */
-&(nid_objs[723]),/* OBJ_wap_wsg_idm_ecid_wtls4 2 23 43 13 4 4 */
-&(nid_objs[724]),/* OBJ_wap_wsg_idm_ecid_wtls5 2 23 43 13 4 5 */
-&(nid_objs[725]),/* OBJ_wap_wsg_idm_ecid_wtls6 2 23 43 13 4 6 */
-&(nid_objs[726]),/* OBJ_wap_wsg_idm_ecid_wtls7 2 23 43 13 4 7 */
-&(nid_objs[727]),/* OBJ_wap_wsg_idm_ecid_wtls8 2 23 43 13 4 8 */
-&(nid_objs[728]),/* OBJ_wap_wsg_idm_ecid_wtls9 2 23 43 13 4 9 */
-&(nid_objs[729]),/* OBJ_wap_wsg_idm_ecid_wtls10 2 23 43 13 4 10 */
-&(nid_objs[730]),/* OBJ_wap_wsg_idm_ecid_wtls11 2 23 43 13 4 11 */
-&(nid_objs[731]),/* OBJ_wap_wsg_idm_ecid_wtls12 2 23 43 13 4 12 */
+&(nid_objs[548]),/* OBJ_sect163k1 1 3 132 0 1 */
+&(nid_objs[549]),/* OBJ_sect163r1 1 3 132 0 2 */
+&(nid_objs[555]),/* OBJ_sect239k1 1 3 132 0 3 */
+&(nid_objs[544]),/* OBJ_sect113r1 1 3 132 0 4 */
+&(nid_objs[545]),/* OBJ_sect113r2 1 3 132 0 5 */
+&(nid_objs[529]),/* OBJ_secp112r1 1 3 132 0 6 */
+&(nid_objs[530]),/* OBJ_secp112r2 1 3 132 0 7 */
+&(nid_objs[534]),/* OBJ_secp160r1 1 3 132 0 8 */
+&(nid_objs[533]),/* OBJ_secp160k1 1 3 132 0 9 */
+&(nid_objs[540]),/* OBJ_secp256k1 1 3 132 0 10 */
+&(nid_objs[550]),/* OBJ_sect163r2 1 3 132 0 15 */
+&(nid_objs[556]),/* OBJ_sect283k1 1 3 132 0 16 */
+&(nid_objs[557]),/* OBJ_sect283r1 1 3 132 0 17 */
+&(nid_objs[546]),/* OBJ_sect131r1 1 3 132 0 22 */
+&(nid_objs[547]),/* OBJ_sect131r2 1 3 132 0 23 */
+&(nid_objs[551]),/* OBJ_sect193r1 1 3 132 0 24 */
+&(nid_objs[552]),/* OBJ_sect193r2 1 3 132 0 25 */
+&(nid_objs[553]),/* OBJ_sect233k1 1 3 132 0 26 */
+&(nid_objs[554]),/* OBJ_sect233r1 1 3 132 0 27 */
+&(nid_objs[531]),/* OBJ_secp128r1 1 3 132 0 28 */
+&(nid_objs[532]),/* OBJ_secp128r2 1 3 132 0 29 */
+&(nid_objs[535]),/* OBJ_secp160r2 1 3 132 0 30 */
+&(nid_objs[536]),/* OBJ_secp192k1 1 3 132 0 31 */
+&(nid_objs[538]),/* OBJ_secp224k1 1 3 132 0 32 */
+&(nid_objs[539]),/* OBJ_secp224r1 1 3 132 0 33 */
+&(nid_objs[542]),/* OBJ_secp384r1 1 3 132 0 34 */
+&(nid_objs[543]),/* OBJ_secp521r1 1 3 132 0 35 */
+&(nid_objs[558]),/* OBJ_sect409k1 1 3 132 0 36 */
+&(nid_objs[559]),/* OBJ_sect409r1 1 3 132 0 37 */
+&(nid_objs[560]),/* OBJ_sect571k1 1 3 132 0 38 */
+&(nid_objs[561]),/* OBJ_sect571r1 1 3 132 0 39 */
+&(nid_objs[688]),/* OBJ_set_rootKeyThumb 2 23 42 3 0 0 */
+&(nid_objs[689]),/* OBJ_set_addPolicy 2 23 42 3 0 1 */
+&(nid_objs[690]),/* OBJ_setAttr_Token_EMV 2 23 42 3 2 1 */
+&(nid_objs[691]),/* OBJ_setAttr_Token_B0Prime 2 23 42 3 2 2 */
+&(nid_objs[692]),/* OBJ_setAttr_IssCap_CVM 2 23 42 3 3 3 */
+&(nid_objs[693]),/* OBJ_setAttr_IssCap_T2 2 23 42 3 3 4 */
+&(nid_objs[694]),/* OBJ_setAttr_IssCap_Sig 2 23 42 3 3 5 */
+&(nid_objs[706]),/* OBJ_set_brand_Novus 2 23 42 8 6011 */
+&(nid_objs[564]),/* OBJ_wap_wsg_idm_ecid_wtls1 2 23 43 13 4 1 */
+&(nid_objs[709]),/* OBJ_wap_wsg_idm_ecid_wtls3 2 23 43 13 4 3 */
+&(nid_objs[710]),/* OBJ_wap_wsg_idm_ecid_wtls4 2 23 43 13 4 4 */
+&(nid_objs[711]),/* OBJ_wap_wsg_idm_ecid_wtls5 2 23 43 13 4 5 */
+&(nid_objs[565]),/* OBJ_wap_wsg_idm_ecid_wtls6 2 23 43 13 4 6 */
+&(nid_objs[712]),/* OBJ_wap_wsg_idm_ecid_wtls7 2 23 43 13 4 7 */
+&(nid_objs[566]),/* OBJ_wap_wsg_idm_ecid_wtls8 2 23 43 13 4 8 */
+&(nid_objs[567]),/* OBJ_wap_wsg_idm_ecid_wtls9 2 23 43 13 4 9 */
+&(nid_objs[713]),/* OBJ_wap_wsg_idm_ecid_wtls10 2 23 43 13 4 10 */
+&(nid_objs[714]),/* OBJ_wap_wsg_idm_ecid_wtls11 2 23 43 13 4 11 */
+&(nid_objs[715]),/* OBJ_wap_wsg_idm_ecid_wtls12 2 23 43 13 4 12 */
&(nid_objs[124]),/* OBJ_rle_compression 1 1 1 1 666 1 */
&(nid_objs[125]),/* OBJ_zlib_compression 1 1 1 1 666 2 */
&(nid_objs[ 1]),/* OBJ_rsadsi 1 2 840 113549 */
&(nid_objs[185]),/* OBJ_X9cm 1 2 840 10040 4 */
&(nid_objs[127]),/* OBJ_id_pkix 1 3 6 1 5 5 7 */
-&(nid_objs[505]),/* OBJ_mime_mhs_headings 1 3 6 1 7 1 1 */
-&(nid_objs[506]),/* OBJ_mime_mhs_bodies 1 3 6 1 7 1 2 */
+&(nid_objs[570]),/* OBJ_mime_mhs_headings 1 3 6 1 7 1 1 */
+&(nid_objs[571]),/* OBJ_mime_mhs_bodies 1 3 6 1 7 1 2 */
&(nid_objs[119]),/* OBJ_ripemd160WithRSA 1 3 36 3 3 1 2 */
-&(nid_objs[631]),/* OBJ_setAttr_GenCryptgrm 2 23 42 3 3 3 1 */
-&(nid_objs[632]),/* OBJ_setAttr_T2Enc 2 23 42 3 3 4 1 */
-&(nid_objs[633]),/* OBJ_setAttr_T2cleartxt 2 23 42 3 3 4 2 */
-&(nid_objs[634]),/* OBJ_setAttr_TokICCsig 2 23 42 3 3 5 1 */
-&(nid_objs[635]),/* OBJ_setAttr_SecDevSig 2 23 42 3 3 5 2 */
+&(nid_objs[695]),/* OBJ_setAttr_GenCryptgrm 2 23 42 3 3 3 1 */
+&(nid_objs[696]),/* OBJ_setAttr_T2Enc 2 23 42 3 3 4 1 */
+&(nid_objs[697]),/* OBJ_setAttr_T2cleartxt 2 23 42 3 3 4 2 */
+&(nid_objs[698]),/* OBJ_setAttr_TokICCsig 2 23 42 3 3 5 1 */
+&(nid_objs[699]),/* OBJ_setAttr_SecDevSig 2 23 42 3 3 5 2 */
&(nid_objs[436]),/* OBJ_ucl 0 9 2342 19200300 */
&(nid_objs[ 2]),/* OBJ_pkcs 1 2 840 113549 1 */
&(nid_objs[431]),/* OBJ_hold_instruction_none 1 2 840 10040 2 1 */
@@ -3750,10 +3718,9 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
&(nid_objs[266]),/* OBJ_id_aca 1 3 6 1 5 5 7 10 */
&(nid_objs[267]),/* OBJ_id_qcs 1 3 6 1 5 5 7 11 */
&(nid_objs[268]),/* OBJ_id_cct 1 3 6 1 5 5 7 12 */
-&(nid_objs[746]),/* OBJ_id_ppl 1 3 6 1 5 5 7 21 */
&(nid_objs[176]),/* OBJ_id_ad 1 3 6 1 5 5 7 48 */
-&(nid_objs[507]),/* OBJ_id_hex_partial_message 1 3 6 1 7 1 1 1 */
-&(nid_objs[508]),/* OBJ_id_hex_multipart_message 1 3 6 1 7 1 1 2 */
+&(nid_objs[572]),/* OBJ_id_hex_partial_message 1 3 6 1 7 1 1 1 */
+&(nid_objs[573]),/* OBJ_id_hex_multipart_message 1 3 6 1 7 1 1 2 */
&(nid_objs[57]),/* OBJ_netscape 2 16 840 1 113730 */
&(nid_objs[437]),/* OBJ_pilot 0 9 2342 19200300 100 */
&(nid_objs[186]),/* OBJ_pkcs1 1 2 840 113549 1 1 */
@@ -3769,28 +3736,28 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
&(nid_objs[ 5]),/* OBJ_rc4 1 2 840 113549 3 4 */
&(nid_objs[44]),/* OBJ_des_ede3_cbc 1 2 840 113549 3 7 */
&(nid_objs[120]),/* OBJ_rc5_cbc 1 2 840 113549 3 8 */
-&(nid_objs[643]),/* OBJ_des_cdmf 1 2 840 113549 3 10 */
-&(nid_objs[666]),/* OBJ_X9_62_id_characteristic_two_basis 1 2 840 10045 1 2 3 */
-&(nid_objs[670]),/* OBJ_X9_62_c2pnb163v1 1 2 840 10045 3 0 1 */
-&(nid_objs[671]),/* OBJ_X9_62_c2pnb163v2 1 2 840 10045 3 0 2 */
-&(nid_objs[672]),/* OBJ_X9_62_c2pnb163v3 1 2 840 10045 3 0 3 */
-&(nid_objs[673]),/* OBJ_X9_62_c2pnb176v1 1 2 840 10045 3 0 4 */
-&(nid_objs[674]),/* OBJ_X9_62_c2tnb191v1 1 2 840 10045 3 0 5 */
-&(nid_objs[675]),/* OBJ_X9_62_c2tnb191v2 1 2 840 10045 3 0 6 */
-&(nid_objs[676]),/* OBJ_X9_62_c2tnb191v3 1 2 840 10045 3 0 7 */
-&(nid_objs[677]),/* OBJ_X9_62_c2onb191v4 1 2 840 10045 3 0 8 */
-&(nid_objs[678]),/* OBJ_X9_62_c2onb191v5 1 2 840 10045 3 0 9 */
-&(nid_objs[679]),/* OBJ_X9_62_c2pnb208w1 1 2 840 10045 3 0 10 */
-&(nid_objs[680]),/* OBJ_X9_62_c2tnb239v1 1 2 840 10045 3 0 11 */
-&(nid_objs[681]),/* OBJ_X9_62_c2tnb239v2 1 2 840 10045 3 0 12 */
-&(nid_objs[682]),/* OBJ_X9_62_c2tnb239v3 1 2 840 10045 3 0 13 */
-&(nid_objs[683]),/* OBJ_X9_62_c2onb239v4 1 2 840 10045 3 0 14 */
-&(nid_objs[684]),/* OBJ_X9_62_c2onb239v5 1 2 840 10045 3 0 15 */
-&(nid_objs[685]),/* OBJ_X9_62_c2pnb272w1 1 2 840 10045 3 0 16 */
-&(nid_objs[686]),/* OBJ_X9_62_c2pnb304w1 1 2 840 10045 3 0 17 */
-&(nid_objs[687]),/* OBJ_X9_62_c2tnb359v1 1 2 840 10045 3 0 18 */
-&(nid_objs[688]),/* OBJ_X9_62_c2pnb368w1 1 2 840 10045 3 0 19 */
-&(nid_objs[689]),/* OBJ_X9_62_c2tnb431r1 1 2 840 10045 3 0 20 */
+&(nid_objs[707]),/* OBJ_des_cdmf 1 2 840 113549 3 10 */
+&(nid_objs[503]),/* OBJ_X9_62_id_characteristic_two_basis 1 2 840 10045 1 2 3 */
+&(nid_objs[507]),/* OBJ_X9_62_c2pnb163v1 1 2 840 10045 3 0 1 */
+&(nid_objs[508]),/* OBJ_X9_62_c2pnb163v2 1 2 840 10045 3 0 2 */
+&(nid_objs[509]),/* OBJ_X9_62_c2pnb163v3 1 2 840 10045 3 0 3 */
+&(nid_objs[510]),/* OBJ_X9_62_c2pnb176v1 1 2 840 10045 3 0 4 */
+&(nid_objs[511]),/* OBJ_X9_62_c2tnb191v1 1 2 840 10045 3 0 5 */
+&(nid_objs[512]),/* OBJ_X9_62_c2tnb191v2 1 2 840 10045 3 0 6 */
+&(nid_objs[513]),/* OBJ_X9_62_c2tnb191v3 1 2 840 10045 3 0 7 */
+&(nid_objs[514]),/* OBJ_X9_62_c2onb191v4 1 2 840 10045 3 0 8 */
+&(nid_objs[515]),/* OBJ_X9_62_c2onb191v5 1 2 840 10045 3 0 9 */
+&(nid_objs[516]),/* OBJ_X9_62_c2pnb208w1 1 2 840 10045 3 0 10 */
+&(nid_objs[517]),/* OBJ_X9_62_c2tnb239v1 1 2 840 10045 3 0 11 */
+&(nid_objs[518]),/* OBJ_X9_62_c2tnb239v2 1 2 840 10045 3 0 12 */
+&(nid_objs[519]),/* OBJ_X9_62_c2tnb239v3 1 2 840 10045 3 0 13 */
+&(nid_objs[520]),/* OBJ_X9_62_c2onb239v4 1 2 840 10045 3 0 14 */
+&(nid_objs[521]),/* OBJ_X9_62_c2onb239v5 1 2 840 10045 3 0 15 */
+&(nid_objs[522]),/* OBJ_X9_62_c2pnb272w1 1 2 840 10045 3 0 16 */
+&(nid_objs[523]),/* OBJ_X9_62_c2pnb304w1 1 2 840 10045 3 0 17 */
+&(nid_objs[524]),/* OBJ_X9_62_c2tnb359v1 1 2 840 10045 3 0 18 */
+&(nid_objs[525]),/* OBJ_X9_62_c2pnb368w1 1 2 840 10045 3 0 19 */
+&(nid_objs[526]),/* OBJ_X9_62_c2tnb431r1 1 2 840 10045 3 0 20 */
&(nid_objs[409]),/* OBJ_X9_62_prime192v1 1 2 840 10045 3 1 1 */
&(nid_objs[410]),/* OBJ_X9_62_prime192v2 1 2 840 10045 3 1 2 */
&(nid_objs[411]),/* OBJ_X9_62_prime192v3 1 2 840 10045 3 1 3 */
@@ -3825,7 +3792,6 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
&(nid_objs[292]),/* OBJ_sbqp_routerIdentifier 1 3 6 1 5 5 7 1 9 */
&(nid_objs[397]),/* OBJ_ac_proxying 1 3 6 1 5 5 7 1 10 */
&(nid_objs[398]),/* OBJ_sinfo_access 1 3 6 1 5 5 7 1 11 */
-&(nid_objs[747]),/* OBJ_proxyCertInfo 1 3 6 1 5 5 7 1 14 */
&(nid_objs[164]),/* OBJ_id_qt_cps 1 3 6 1 5 5 7 2 1 */
&(nid_objs[165]),/* OBJ_id_qt_unotice 1 3 6 1 5 5 7 2 2 */
&(nid_objs[293]),/* OBJ_textNotice 1 3 6 1 5 5 7 2 3 */
@@ -3896,9 +3862,6 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
&(nid_objs[360]),/* OBJ_id_cct_crs 1 3 6 1 5 5 7 12 1 */
&(nid_objs[361]),/* OBJ_id_cct_PKIData 1 3 6 1 5 5 7 12 2 */
&(nid_objs[362]),/* OBJ_id_cct_PKIResponse 1 3 6 1 5 5 7 12 3 */
-&(nid_objs[748]),/* OBJ_id_ppl_anyLanguage 1 3 6 1 5 5 7 21 0 */
-&(nid_objs[749]),/* OBJ_id_ppl_inheritAll 1 3 6 1 5 5 7 21 1 */
-&(nid_objs[750]),/* OBJ_Independent 1 3 6 1 5 5 7 21 2 */
&(nid_objs[178]),/* OBJ_ad_OCSP 1 3 6 1 5 5 7 48 1 */
&(nid_objs[179]),/* OBJ_ad_ca_issuers 1 3 6 1 5 5 7 48 2 */
&(nid_objs[363]),/* OBJ_ad_timeStamping 1 3 6 1 5 5 7 48 3 */
@@ -3916,11 +3879,11 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
&(nid_objs[396]),/* OBJ_md4WithRSAEncryption 1 2 840 113549 1 1 3 */
&(nid_objs[ 8]),/* OBJ_md5WithRSAEncryption 1 2 840 113549 1 1 4 */
&(nid_objs[65]),/* OBJ_sha1WithRSAEncryption 1 2 840 113549 1 1 5 */
-&(nid_objs[644]),/* OBJ_rsaOAEPEncryptionSET 1 2 840 113549 1 1 6 */
-&(nid_objs[732]),/* OBJ_sha256WithRSAEncryption 1 2 840 113549 1 1 11 */
-&(nid_objs[733]),/* OBJ_sha384WithRSAEncryption 1 2 840 113549 1 1 12 */
-&(nid_objs[734]),/* OBJ_sha512WithRSAEncryption 1 2 840 113549 1 1 13 */
-&(nid_objs[735]),/* OBJ_sha224WithRSAEncryption 1 2 840 113549 1 1 14 */
+&(nid_objs[708]),/* OBJ_rsaOAEPEncryptionSET 1 2 840 113549 1 1 6 */
+&(nid_objs[737]),/* OBJ_sha256WithRSAEncryption 1 2 840 113549 1 1 11 */
+&(nid_objs[738]),/* OBJ_sha384WithRSAEncryption 1 2 840 113549 1 1 12 */
+&(nid_objs[739]),/* OBJ_sha512WithRSAEncryption 1 2 840 113549 1 1 13 */
+&(nid_objs[740]),/* OBJ_sha224WithRSAEncryption 1 2 840 113549 1 1 14 */
&(nid_objs[28]),/* OBJ_dhKeyAgreement 1 2 840 113549 1 3 1 */
&(nid_objs[ 9]),/* OBJ_pbeWithMD2AndDES_CBC 1 2 840 113549 1 5 1 */
&(nid_objs[10]),/* OBJ_pbeWithMD5AndDES_CBC 1 2 840 113549 1 5 3 */
@@ -3951,9 +3914,9 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
&(nid_objs[188]),/* OBJ_SMIME 1 2 840 113549 1 9 16 */
&(nid_objs[156]),/* OBJ_friendlyName 1 2 840 113549 1 9 20 */
&(nid_objs[157]),/* OBJ_localKeyID 1 2 840 113549 1 9 21 */
-&(nid_objs[667]),/* OBJ_X9_62_onBasis 1 2 840 10045 1 2 3 1 */
-&(nid_objs[668]),/* OBJ_X9_62_tpBasis 1 2 840 10045 1 2 3 2 */
-&(nid_objs[669]),/* OBJ_X9_62_ppBasis 1 2 840 10045 1 2 3 3 */
+&(nid_objs[504]),/* OBJ_X9_62_onBasis 1 2 840 10045 1 2 3 1 */
+&(nid_objs[505]),/* OBJ_X9_62_tpBasis 1 2 840 10045 1 2 3 2 */
+&(nid_objs[506]),/* OBJ_X9_62_ppBasis 1 2 840 10045 1 2 3 3 */
&(nid_objs[417]),/* OBJ_ms_csp_name 1 3 6 1 4 1 311 17 1 */
&(nid_objs[390]),/* OBJ_dcObject 1 3 6 1 4 1 1466 344 */
&(nid_objs[91]),/* OBJ_bf_cbc 1 3 6 1 4 1 3029 1 2 */
@@ -3988,10 +3951,10 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
&(nid_objs[427]),/* OBJ_aes_256_cbc 2 16 840 1 101 3 4 1 42 */
&(nid_objs[428]),/* OBJ_aes_256_ofb128 2 16 840 1 101 3 4 1 43 */
&(nid_objs[429]),/* OBJ_aes_256_cfb128 2 16 840 1 101 3 4 1 44 */
-&(nid_objs[740]),/* OBJ_sha256 2 16 840 1 101 3 4 2 1 */
-&(nid_objs[741]),/* OBJ_sha384 2 16 840 1 101 3 4 2 2 */
-&(nid_objs[742]),/* OBJ_sha512 2 16 840 1 101 3 4 2 3 */
-&(nid_objs[743]),/* OBJ_sha224 2 16 840 1 101 3 4 2 4 */
+&(nid_objs[741]),/* OBJ_sha256 2 16 840 1 101 3 4 2 1 */
+&(nid_objs[742]),/* OBJ_sha384 2 16 840 1 101 3 4 2 2 */
+&(nid_objs[743]),/* OBJ_sha512 2 16 840 1 101 3 4 2 3 */
+&(nid_objs[744]),/* OBJ_sha224 2 16 840 1 101 3 4 2 4 */
&(nid_objs[71]),/* OBJ_netscape_cert_type 2 16 840 1 113730 1 1 */
&(nid_objs[72]),/* OBJ_netscape_base_url 2 16 840 1 113730 1 2 */
&(nid_objs[73]),/* OBJ_netscape_revocation_url 2 16 840 1 113730 1 3 */
@@ -4087,8 +4050,8 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
&(nid_objs[136]),/* OBJ_ms_ctl_sign 1 3 6 1 4 1 311 10 3 1 */
&(nid_objs[137]),/* OBJ_ms_sgc 1 3 6 1 4 1 311 10 3 3 */
&(nid_objs[138]),/* OBJ_ms_efs 1 3 6 1 4 1 311 10 3 4 */
-&(nid_objs[648]),/* OBJ_ms_smartcard_login 1 3 6 1 4 1 311 20 2 2 */
-&(nid_objs[649]),/* OBJ_ms_upn 1 3 6 1 4 1 311 20 2 3 */
+&(nid_objs[716]),/* OBJ_ms_smartcard_login 1 3 6 1 4 1 311 20 2 2 */
+&(nid_objs[717]),/* OBJ_ms_upn 1 3 6 1 4 1 311 20 2 3 */
&(nid_objs[196]),/* OBJ_id_smime_mod_cms 1 2 840 113549 1 9 16 0 1 */
&(nid_objs[197]),/* OBJ_id_smime_mod_ess 1 2 840 113549 1 9 16 0 2 */
&(nid_objs[198]),/* OBJ_id_smime_mod_oid 1 2 840 113549 1 9 16 0 3 */
diff --git a/crypto/objects/obj_err.c b/crypto/objects/obj_err.c
index 2b5f43e3cc..80ab6855af 100644
--- a/crypto/objects/obj_err.c
+++ b/crypto/objects/obj_err.c
@@ -1,6 +1,6 @@
/* crypto/objects/obj_err.c */
/* ====================================================================
- * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -66,10 +66,8 @@
#ifndef OPENSSL_NO_ERR
static ERR_STRING_DATA OBJ_str_functs[]=
{
-{ERR_PACK(0,OBJ_F_OBJ_ADD_OBJECT,0), "OBJ_add_object"},
{ERR_PACK(0,OBJ_F_OBJ_CREATE,0), "OBJ_create"},
{ERR_PACK(0,OBJ_F_OBJ_DUP,0), "OBJ_dup"},
-{ERR_PACK(0,OBJ_F_OBJ_NAME_NEW_INDEX,0), "OBJ_NAME_new_index"},
{ERR_PACK(0,OBJ_F_OBJ_NID2LN,0), "OBJ_nid2ln"},
{ERR_PACK(0,OBJ_F_OBJ_NID2OBJ,0), "OBJ_nid2obj"},
{ERR_PACK(0,OBJ_F_OBJ_NID2SN,0), "OBJ_nid2sn"},
diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h
index 322577094a..66bdf65f2c 100644
--- a/crypto/objects/obj_mac.h
+++ b/crypto/objects/obj_mac.h
@@ -69,7 +69,7 @@
#define SN_itu_t "ITU-T"
#define LN_itu_t "itu-t"
-#define NID_itu_t 645
+#define NID_itu_t 721
#define OBJ_itu_t 0L
#define NID_ccitt 404
@@ -82,7 +82,7 @@
#define SN_joint_iso_itu_t "JOINT-ISO-ITU-T"
#define LN_joint_iso_itu_t "joint-iso-itu-t"
-#define NID_joint_iso_itu_t 646
+#define NID_joint_iso_itu_t 722
#define OBJ_joint_iso_itu_t 2L
#define NID_joint_iso_ccitt 393
@@ -94,24 +94,24 @@
#define OBJ_member_body OBJ_iso,2L
#define SN_identified_organization "identified-organization"
-#define NID_identified_organization 662
+#define NID_identified_organization 527
#define OBJ_identified_organization OBJ_iso,3L
#define SN_certicom_arc "certicom-arc"
-#define NID_certicom_arc 663
+#define NID_certicom_arc 528
#define OBJ_certicom_arc OBJ_identified_organization,132L
#define SN_international_organizations "international-organizations"
#define LN_international_organizations "International Organizations"
-#define NID_international_organizations 647
+#define NID_international_organizations 723
#define OBJ_international_organizations OBJ_joint_iso_itu_t,23L
#define SN_wap "wap"
-#define NID_wap 664
+#define NID_wap 562
#define OBJ_wap OBJ_international_organizations,43L
#define SN_wap_wsg "wap-wsg"
-#define NID_wap_wsg 665
+#define NID_wap_wsg 563
#define OBJ_wap_wsg OBJ_wap,13L
#define SN_selected_attribute_types "selected-attribute-types"
@@ -164,19 +164,19 @@
#define OBJ_X9_62_characteristic_two_field OBJ_X9_62_id_fieldType,2L
#define SN_X9_62_id_characteristic_two_basis "id-characteristic-two-basis"
-#define NID_X9_62_id_characteristic_two_basis 666
+#define NID_X9_62_id_characteristic_two_basis 503
#define OBJ_X9_62_id_characteristic_two_basis OBJ_X9_62_characteristic_two_field,3L
#define SN_X9_62_onBasis "onBasis"
-#define NID_X9_62_onBasis 667
+#define NID_X9_62_onBasis 504
#define OBJ_X9_62_onBasis OBJ_X9_62_id_characteristic_two_basis,1L
#define SN_X9_62_tpBasis "tpBasis"
-#define NID_X9_62_tpBasis 668
+#define NID_X9_62_tpBasis 505
#define OBJ_X9_62_tpBasis OBJ_X9_62_id_characteristic_two_basis,2L
#define SN_X9_62_ppBasis "ppBasis"
-#define NID_X9_62_ppBasis 669
+#define NID_X9_62_ppBasis 506
#define OBJ_X9_62_ppBasis OBJ_X9_62_id_characteristic_two_basis,3L
#define OBJ_X9_62_id_publicKeyType OBJ_ansi_X9_62,2L
@@ -190,83 +190,83 @@
#define OBJ_X9_62_c_TwoCurve OBJ_X9_62_ellipticCurve,0L
#define SN_X9_62_c2pnb163v1 "c2pnb163v1"
-#define NID_X9_62_c2pnb163v1 670
+#define NID_X9_62_c2pnb163v1 507
#define OBJ_X9_62_c2pnb163v1 OBJ_X9_62_c_TwoCurve,1L
#define SN_X9_62_c2pnb163v2 "c2pnb163v2"
-#define NID_X9_62_c2pnb163v2 671
+#define NID_X9_62_c2pnb163v2 508
#define OBJ_X9_62_c2pnb163v2 OBJ_X9_62_c_TwoCurve,2L
#define SN_X9_62_c2pnb163v3 "c2pnb163v3"
-#define NID_X9_62_c2pnb163v3 672
+#define NID_X9_62_c2pnb163v3 509
#define OBJ_X9_62_c2pnb163v3 OBJ_X9_62_c_TwoCurve,3L
#define SN_X9_62_c2pnb176v1 "c2pnb176v1"
-#define NID_X9_62_c2pnb176v1 673
+#define NID_X9_62_c2pnb176v1 510
#define OBJ_X9_62_c2pnb176v1 OBJ_X9_62_c_TwoCurve,4L
#define SN_X9_62_c2tnb191v1 "c2tnb191v1"
-#define NID_X9_62_c2tnb191v1 674
+#define NID_X9_62_c2tnb191v1 511
#define OBJ_X9_62_c2tnb191v1 OBJ_X9_62_c_TwoCurve,5L
#define SN_X9_62_c2tnb191v2 "c2tnb191v2"
-#define NID_X9_62_c2tnb191v2 675
+#define NID_X9_62_c2tnb191v2 512
#define OBJ_X9_62_c2tnb191v2 OBJ_X9_62_c_TwoCurve,6L
#define SN_X9_62_c2tnb191v3 "c2tnb191v3"
-#define NID_X9_62_c2tnb191v3 676
+#define NID_X9_62_c2tnb191v3 513
#define OBJ_X9_62_c2tnb191v3 OBJ_X9_62_c_TwoCurve,7L
#define SN_X9_62_c2onb191v4 "c2onb191v4"
-#define NID_X9_62_c2onb191v4 677
+#define NID_X9_62_c2onb191v4 514
#define OBJ_X9_62_c2onb191v4 OBJ_X9_62_c_TwoCurve,8L
#define SN_X9_62_c2onb191v5 "c2onb191v5"
-#define NID_X9_62_c2onb191v5 678
+#define NID_X9_62_c2onb191v5 515
#define OBJ_X9_62_c2onb191v5 OBJ_X9_62_c_TwoCurve,9L
#define SN_X9_62_c2pnb208w1 "c2pnb208w1"
-#define NID_X9_62_c2pnb208w1 679
+#define NID_X9_62_c2pnb208w1 516
#define OBJ_X9_62_c2pnb208w1 OBJ_X9_62_c_TwoCurve,10L
#define SN_X9_62_c2tnb239v1 "c2tnb239v1"
-#define NID_X9_62_c2tnb239v1 680
+#define NID_X9_62_c2tnb239v1 517
#define OBJ_X9_62_c2tnb239v1 OBJ_X9_62_c_TwoCurve,11L
#define SN_X9_62_c2tnb239v2 "c2tnb239v2"
-#define NID_X9_62_c2tnb239v2 681
+#define NID_X9_62_c2tnb239v2 518
#define OBJ_X9_62_c2tnb239v2 OBJ_X9_62_c_TwoCurve,12L
#define SN_X9_62_c2tnb239v3 "c2tnb239v3"
-#define NID_X9_62_c2tnb239v3 682
+#define NID_X9_62_c2tnb239v3 519
#define OBJ_X9_62_c2tnb239v3 OBJ_X9_62_c_TwoCurve,13L
#define SN_X9_62_c2onb239v4 "c2onb239v4"
-#define NID_X9_62_c2onb239v4 683
+#define NID_X9_62_c2onb239v4 520
#define OBJ_X9_62_c2onb239v4 OBJ_X9_62_c_TwoCurve,14L
#define SN_X9_62_c2onb239v5 "c2onb239v5"
-#define NID_X9_62_c2onb239v5 684
+#define NID_X9_62_c2onb239v5 521
#define OBJ_X9_62_c2onb239v5 OBJ_X9_62_c_TwoCurve,15L
#define SN_X9_62_c2pnb272w1 "c2pnb272w1"
-#define NID_X9_62_c2pnb272w1 685
+#define NID_X9_62_c2pnb272w1 522
#define OBJ_X9_62_c2pnb272w1 OBJ_X9_62_c_TwoCurve,16L
#define SN_X9_62_c2pnb304w1 "c2pnb304w1"
-#define NID_X9_62_c2pnb304w1 686
+#define NID_X9_62_c2pnb304w1 523
#define OBJ_X9_62_c2pnb304w1 OBJ_X9_62_c_TwoCurve,17L
#define SN_X9_62_c2tnb359v1 "c2tnb359v1"
-#define NID_X9_62_c2tnb359v1 687
+#define NID_X9_62_c2tnb359v1 524
#define OBJ_X9_62_c2tnb359v1 OBJ_X9_62_c_TwoCurve,18L
#define SN_X9_62_c2pnb368w1 "c2pnb368w1"
-#define NID_X9_62_c2pnb368w1 688
+#define NID_X9_62_c2pnb368w1 525
#define OBJ_X9_62_c2pnb368w1 OBJ_X9_62_c_TwoCurve,19L
#define SN_X9_62_c2tnb431r1 "c2tnb431r1"
-#define NID_X9_62_c2tnb431r1 689
+#define NID_X9_62_c2tnb431r1 526
#define OBJ_X9_62_c2tnb431r1 OBJ_X9_62_c_TwoCurve,20L
#define OBJ_X9_62_primeCurve OBJ_X9_62_ellipticCurve,1L
@@ -308,173 +308,173 @@
#define OBJ_secg_ellipticCurve OBJ_certicom_arc,0L
#define SN_secp112r1 "secp112r1"
-#define NID_secp112r1 690
+#define NID_secp112r1 529
#define OBJ_secp112r1 OBJ_secg_ellipticCurve,6L
#define SN_secp112r2 "secp112r2"
-#define NID_secp112r2 691
+#define NID_secp112r2 530
#define OBJ_secp112r2 OBJ_secg_ellipticCurve,7L
#define SN_secp128r1 "secp128r1"
-#define NID_secp128r1 692
+#define NID_secp128r1 531
#define OBJ_secp128r1 OBJ_secg_ellipticCurve,28L
#define SN_secp128r2 "secp128r2"
-#define NID_secp128r2 693
+#define NID_secp128r2 532
#define OBJ_secp128r2 OBJ_secg_ellipticCurve,29L
#define SN_secp160k1 "secp160k1"
-#define NID_secp160k1 694
+#define NID_secp160k1 533
#define OBJ_secp160k1 OBJ_secg_ellipticCurve,9L
#define SN_secp160r1 "secp160r1"
-#define NID_secp160r1 695
+#define NID_secp160r1 534
#define OBJ_secp160r1 OBJ_secg_ellipticCurve,8L
#define SN_secp160r2 "secp160r2"
-#define NID_secp160r2 696
+#define NID_secp160r2 535
#define OBJ_secp160r2 OBJ_secg_ellipticCurve,30L
#define SN_secp192k1 "secp192k1"
-#define NID_secp192k1 697
+#define NID_secp192k1 536
#define OBJ_secp192k1 OBJ_secg_ellipticCurve,31L
#define SN_secp224k1 "secp224k1"
-#define NID_secp224k1 698
+#define NID_secp224k1 538
#define OBJ_secp224k1 OBJ_secg_ellipticCurve,32L
#define SN_secp224r1 "secp224r1"
-#define NID_secp224r1 699
+#define NID_secp224r1 539
#define OBJ_secp224r1 OBJ_secg_ellipticCurve,33L
#define SN_secp256k1 "secp256k1"
-#define NID_secp256k1 700
+#define NID_secp256k1 540
#define OBJ_secp256k1 OBJ_secg_ellipticCurve,10L
#define SN_secp384r1 "secp384r1"
-#define NID_secp384r1 701
+#define NID_secp384r1 542
#define OBJ_secp384r1 OBJ_secg_ellipticCurve,34L
#define SN_secp521r1 "secp521r1"
-#define NID_secp521r1 702
+#define NID_secp521r1 543
#define OBJ_secp521r1 OBJ_secg_ellipticCurve,35L
#define SN_sect113r1 "sect113r1"
-#define NID_sect113r1 703
+#define NID_sect113r1 544
#define OBJ_sect113r1 OBJ_secg_ellipticCurve,4L
#define SN_sect113r2 "sect113r2"
-#define NID_sect113r2 704
+#define NID_sect113r2 545
#define OBJ_sect113r2 OBJ_secg_ellipticCurve,5L
#define SN_sect131r1 "sect131r1"
-#define NID_sect131r1 705
+#define NID_sect131r1 546
#define OBJ_sect131r1 OBJ_secg_ellipticCurve,22L
#define SN_sect131r2 "sect131r2"
-#define NID_sect131r2 706
+#define NID_sect131r2 547
#define OBJ_sect131r2 OBJ_secg_ellipticCurve,23L
#define SN_sect163k1 "sect163k1"
-#define NID_sect163k1 707
+#define NID_sect163k1 548
#define OBJ_sect163k1 OBJ_secg_ellipticCurve,1L
#define SN_sect163r1 "sect163r1"
-#define NID_sect163r1 708
+#define NID_sect163r1 549
#define OBJ_sect163r1 OBJ_secg_ellipticCurve,2L
#define SN_sect163r2 "sect163r2"
-#define NID_sect163r2 709
+#define NID_sect163r2 550
#define OBJ_sect163r2 OBJ_secg_ellipticCurve,15L
#define SN_sect193r1 "sect193r1"
-#define NID_sect193r1 710
+#define NID_sect193r1 551
#define OBJ_sect193r1 OBJ_secg_ellipticCurve,24L
#define SN_sect193r2 "sect193r2"
-#define NID_sect193r2 711
+#define NID_sect193r2 552
#define OBJ_sect193r2 OBJ_secg_ellipticCurve,25L
#define SN_sect233k1 "sect233k1"
-#define NID_sect233k1 712
+#define NID_sect233k1 553
#define OBJ_sect233k1 OBJ_secg_ellipticCurve,26L
#define SN_sect233r1 "sect233r1"
-#define NID_sect233r1 713
+#define NID_sect233r1 554
#define OBJ_sect233r1 OBJ_secg_ellipticCurve,27L
#define SN_sect239k1 "sect239k1"
-#define NID_sect239k1 714
+#define NID_sect239k1 555
#define OBJ_sect239k1 OBJ_secg_ellipticCurve,3L
#define SN_sect283k1 "sect283k1"
-#define NID_sect283k1 715
+#define NID_sect283k1 556
#define OBJ_sect283k1 OBJ_secg_ellipticCurve,16L
#define SN_sect283r1 "sect283r1"
-#define NID_sect283r1 716
+#define NID_sect283r1 557
#define OBJ_sect283r1 OBJ_secg_ellipticCurve,17L
#define SN_sect409k1 "sect409k1"
-#define NID_sect409k1 717
+#define NID_sect409k1 558
#define OBJ_sect409k1 OBJ_secg_ellipticCurve,36L
#define SN_sect409r1 "sect409r1"
-#define NID_sect409r1 718
+#define NID_sect409r1 559
#define OBJ_sect409r1 OBJ_secg_ellipticCurve,37L
#define SN_sect571k1 "sect571k1"
-#define NID_sect571k1 719
+#define NID_sect571k1 560
#define OBJ_sect571k1 OBJ_secg_ellipticCurve,38L
#define SN_sect571r1 "sect571r1"
-#define NID_sect571r1 720
+#define NID_sect571r1 561
#define OBJ_sect571r1 OBJ_secg_ellipticCurve,39L
#define OBJ_wap_wsg_idm_ecid OBJ_wap_wsg,4L
#define SN_wap_wsg_idm_ecid_wtls1 "wap-wsg-idm-ecid-wtls1"
-#define NID_wap_wsg_idm_ecid_wtls1 721
+#define NID_wap_wsg_idm_ecid_wtls1 564
#define OBJ_wap_wsg_idm_ecid_wtls1 OBJ_wap_wsg_idm_ecid,1L
#define SN_wap_wsg_idm_ecid_wtls3 "wap-wsg-idm-ecid-wtls3"
-#define NID_wap_wsg_idm_ecid_wtls3 722
+#define NID_wap_wsg_idm_ecid_wtls3 709
#define OBJ_wap_wsg_idm_ecid_wtls3 OBJ_wap_wsg_idm_ecid,3L
#define SN_wap_wsg_idm_ecid_wtls4 "wap-wsg-idm-ecid-wtls4"
-#define NID_wap_wsg_idm_ecid_wtls4 723
+#define NID_wap_wsg_idm_ecid_wtls4 710
#define OBJ_wap_wsg_idm_ecid_wtls4 OBJ_wap_wsg_idm_ecid,4L
#define SN_wap_wsg_idm_ecid_wtls5 "wap-wsg-idm-ecid-wtls5"
-#define NID_wap_wsg_idm_ecid_wtls5 724
+#define NID_wap_wsg_idm_ecid_wtls5 711
#define OBJ_wap_wsg_idm_ecid_wtls5 OBJ_wap_wsg_idm_ecid,5L
#define SN_wap_wsg_idm_ecid_wtls6 "wap-wsg-idm-ecid-wtls6"
-#define NID_wap_wsg_idm_ecid_wtls6 725
+#define NID_wap_wsg_idm_ecid_wtls6 565
#define OBJ_wap_wsg_idm_ecid_wtls6 OBJ_wap_wsg_idm_ecid,6L
#define SN_wap_wsg_idm_ecid_wtls7 "wap-wsg-idm-ecid-wtls7"
-#define NID_wap_wsg_idm_ecid_wtls7 726
+#define NID_wap_wsg_idm_ecid_wtls7 712
#define OBJ_wap_wsg_idm_ecid_wtls7 OBJ_wap_wsg_idm_ecid,7L
#define SN_wap_wsg_idm_ecid_wtls8 "wap-wsg-idm-ecid-wtls8"
-#define NID_wap_wsg_idm_ecid_wtls8 727
+#define NID_wap_wsg_idm_ecid_wtls8 566
#define OBJ_wap_wsg_idm_ecid_wtls8 OBJ_wap_wsg_idm_ecid,8L
#define SN_wap_wsg_idm_ecid_wtls9 "wap-wsg-idm-ecid-wtls9"
-#define NID_wap_wsg_idm_ecid_wtls9 728
+#define NID_wap_wsg_idm_ecid_wtls9 567
#define OBJ_wap_wsg_idm_ecid_wtls9 OBJ_wap_wsg_idm_ecid,9L
#define SN_wap_wsg_idm_ecid_wtls10 "wap-wsg-idm-ecid-wtls10"
-#define NID_wap_wsg_idm_ecid_wtls10 729
+#define NID_wap_wsg_idm_ecid_wtls10 713
#define OBJ_wap_wsg_idm_ecid_wtls10 OBJ_wap_wsg_idm_ecid,10L
#define SN_wap_wsg_idm_ecid_wtls11 "wap-wsg-idm-ecid-wtls11"
-#define NID_wap_wsg_idm_ecid_wtls11 730
+#define NID_wap_wsg_idm_ecid_wtls11 714
#define OBJ_wap_wsg_idm_ecid_wtls11 OBJ_wap_wsg_idm_ecid,11L
#define SN_wap_wsg_idm_ecid_wtls12 "wap-wsg-idm-ecid-wtls12"
-#define NID_wap_wsg_idm_ecid_wtls12 731
+#define NID_wap_wsg_idm_ecid_wtls12 715
#define OBJ_wap_wsg_idm_ecid_wtls12 OBJ_wap_wsg_idm_ecid,12L
#define SN_cast5_cbc "CAST5-CBC"
@@ -538,22 +538,22 @@
#define SN_sha256WithRSAEncryption "RSA-SHA256"
#define LN_sha256WithRSAEncryption "sha256WithRSAEncryption"
-#define NID_sha256WithRSAEncryption 732
+#define NID_sha256WithRSAEncryption 737
#define OBJ_sha256WithRSAEncryption OBJ_pkcs1,11L
#define SN_sha384WithRSAEncryption "RSA-SHA384"
#define LN_sha384WithRSAEncryption "sha384WithRSAEncryption"
-#define NID_sha384WithRSAEncryption 733
+#define NID_sha384WithRSAEncryption 738
#define OBJ_sha384WithRSAEncryption OBJ_pkcs1,12L
#define SN_sha512WithRSAEncryption "RSA-SHA512"
#define LN_sha512WithRSAEncryption "sha512WithRSAEncryption"
-#define NID_sha512WithRSAEncryption 734
+#define NID_sha512WithRSAEncryption 739
#define OBJ_sha512WithRSAEncryption OBJ_pkcs1,13L
#define SN_sha224WithRSAEncryption "RSA-SHA224"
#define LN_sha224WithRSAEncryption "sha224WithRSAEncryption"
-#define NID_sha224WithRSAEncryption 735
+#define NID_sha224WithRSAEncryption 740
#define OBJ_sha224WithRSAEncryption OBJ_pkcs1,14L
#define SN_pkcs3 "pkcs3"
@@ -1167,12 +1167,12 @@
#define SN_ms_smartcard_login "msSmartcardLogin"
#define LN_ms_smartcard_login "Microsoft Smartcardlogin"
-#define NID_ms_smartcard_login 648
+#define NID_ms_smartcard_login 716
#define OBJ_ms_smartcard_login 1L,3L,6L,1L,4L,1L,311L,20L,2L,2L
#define SN_ms_upn "msUPN"
#define LN_ms_upn "Microsoft Universal Principal Name"
-#define NID_ms_upn 649
+#define NID_ms_upn 717
#define OBJ_ms_upn 1L,3L,6L,1L,4L,1L,311L,20L,2L,3L
#define SN_idea_cbc "IDEA-CBC"
@@ -1265,10 +1265,6 @@
#define NID_id_cct 268
#define OBJ_id_cct OBJ_id_pkix,12L
-#define SN_id_ppl "id-ppl"
-#define NID_id_ppl 746
-#define OBJ_id_ppl OBJ_id_pkix,21L
-
#define SN_id_ad "id-ad"
#define NID_id_ad 176
#define OBJ_id_ad OBJ_id_pkix,48L
@@ -1384,11 +1380,6 @@
#define NID_sinfo_access 398
#define OBJ_sinfo_access OBJ_id_pe,11L
-#define SN_proxyCertInfo "proxyCertInfo"
-#define LN_proxyCertInfo "Proxy Certificate Information"
-#define NID_proxyCertInfo 747
-#define OBJ_proxyCertInfo OBJ_id_pe,14L
-
#define SN_id_qt_cps "id-qt-cps"
#define LN_id_qt_cps "Policy Qualifier CPS"
#define NID_id_qt_cps 164
@@ -1713,21 +1704,6 @@
#define NID_id_cct_PKIResponse 362
#define OBJ_id_cct_PKIResponse OBJ_id_cct,3L
-#define SN_id_ppl_anyLanguage "id-ppl-anyLanguage"
-#define LN_id_ppl_anyLanguage "Any language"
-#define NID_id_ppl_anyLanguage 748
-#define OBJ_id_ppl_anyLanguage OBJ_id_ppl,0L
-
-#define SN_id_ppl_inheritAll "id-ppl-inheritAll"
-#define LN_id_ppl_inheritAll "Inherit all"
-#define NID_id_ppl_inheritAll 749
-#define OBJ_id_ppl_inheritAll OBJ_id_ppl,1L
-
-#define SN_Independent "id-ppl-independent"
-#define LN_Independent "Independent"
-#define NID_Independent 750
-#define OBJ_Independent OBJ_id_ppl,2L
-
#define SN_ad_OCSP "OCSP"
#define LN_ad_OCSP "OCSP"
#define NID_ad_OCSP 178
@@ -1958,10 +1934,6 @@
#define NID_stateOrProvinceName 16
#define OBJ_stateOrProvinceName OBJ_X509,8L
-#define LN_streetAddress "streetAddress"
-#define NID_streetAddress 660
-#define OBJ_streetAddress OBJ_X509,9L
-
#define SN_organizationName "O"
#define LN_organizationName "organizationName"
#define NID_organizationName 17
@@ -1980,10 +1952,6 @@
#define NID_description 107
#define OBJ_description OBJ_X509,13L
-#define LN_postalCode "postalCode"
-#define NID_postalCode 661
-#define OBJ_postalCode OBJ_X509,17L
-
#define SN_name "name"
#define LN_name "name"
#define NID_name 173
@@ -1999,11 +1967,11 @@
#define OBJ_initials OBJ_X509,43L
#define LN_generationQualifier "generationQualifier"
-#define NID_generationQualifier 509
+#define NID_generationQualifier 574
#define OBJ_generationQualifier OBJ_X509,44L
#define LN_x500UniqueIdentifier "x500UniqueIdentifier"
-#define NID_x500UniqueIdentifier 503
+#define NID_x500UniqueIdentifier 568
#define OBJ_x500UniqueIdentifier OBJ_X509,45L
#define SN_dnQualifier "dnQualifier"
@@ -2012,7 +1980,7 @@
#define OBJ_dnQualifier OBJ_X509,46L
#define LN_pseudonym "pseudonym"
-#define NID_pseudonym 510
+#define NID_pseudonym 575
#define OBJ_pseudonym OBJ_X509,65L
#define SN_role "role"
@@ -2096,7 +2064,7 @@
#define SN_name_constraints "nameConstraints"
#define LN_name_constraints "X509v3 Name Constraints"
-#define NID_name_constraints 736
+#define NID_name_constraints 720
#define OBJ_name_constraints OBJ_id_ce,30L
#define SN_crl_distribution_points "crlDistributionPoints"
@@ -2111,12 +2079,12 @@
#define SN_any_policy "anyPolicy"
#define LN_any_policy "X509v3 Any Policy"
-#define NID_any_policy 737
+#define NID_any_policy 718
#define OBJ_any_policy OBJ_certificate_policies,0L
#define SN_policy_mappings "policyMappings"
#define LN_policy_mappings "X509v3 Policy Mappings"
-#define NID_policy_mappings 738
+#define NID_policy_mappings 719
#define OBJ_policy_mappings OBJ_id_ce,33L
#define SN_authority_key_identifier "authorityKeyIdentifier"
@@ -2136,7 +2104,7 @@
#define SN_inhibit_any_policy "inhibitAnyPolicy"
#define LN_inhibit_any_policy "X509v3 Inhibit Any Policy"
-#define NID_inhibit_any_policy 739
+#define NID_inhibit_any_policy 736
#define OBJ_inhibit_any_policy OBJ_id_ce,54L
#define SN_target_information "targetInformation"
@@ -2277,27 +2245,27 @@
#define SN_mime_mhs "mime-mhs"
#define LN_mime_mhs "MIME MHS"
-#define NID_mime_mhs 504
+#define NID_mime_mhs 569
#define OBJ_mime_mhs OBJ_Mail,1L
#define SN_mime_mhs_headings "mime-mhs-headings"
#define LN_mime_mhs_headings "mime-mhs-headings"
-#define NID_mime_mhs_headings 505
+#define NID_mime_mhs_headings 570
#define OBJ_mime_mhs_headings OBJ_mime_mhs,1L
#define SN_mime_mhs_bodies "mime-mhs-bodies"
#define LN_mime_mhs_bodies "mime-mhs-bodies"
-#define NID_mime_mhs_bodies 506
+#define NID_mime_mhs_bodies 571
#define OBJ_mime_mhs_bodies OBJ_mime_mhs,2L
#define SN_id_hex_partial_message "id-hex-partial-message"
#define LN_id_hex_partial_message "id-hex-partial-message"
-#define NID_id_hex_partial_message 507
+#define NID_id_hex_partial_message 572
#define OBJ_id_hex_partial_message OBJ_mime_mhs_headings,1L
#define SN_id_hex_multipart_message "id-hex-multipart-message"
#define LN_id_hex_multipart_message "id-hex-multipart-message"
-#define NID_id_hex_multipart_message 508
+#define NID_id_hex_multipart_message 573
#define OBJ_id_hex_multipart_message OBJ_mime_mhs_headings,2L
#define SN_rle_compression "RLE"
@@ -2378,64 +2346,64 @@
#define SN_aes_128_cfb1 "AES-128-CFB1"
#define LN_aes_128_cfb1 "aes-128-cfb1"
-#define NID_aes_128_cfb1 650
+#define NID_aes_128_cfb1 726
#define SN_aes_192_cfb1 "AES-192-CFB1"
#define LN_aes_192_cfb1 "aes-192-cfb1"
-#define NID_aes_192_cfb1 651
+#define NID_aes_192_cfb1 727
#define SN_aes_256_cfb1 "AES-256-CFB1"
#define LN_aes_256_cfb1 "aes-256-cfb1"
-#define NID_aes_256_cfb1 652
+#define NID_aes_256_cfb1 728
#define SN_aes_128_cfb8 "AES-128-CFB8"
#define LN_aes_128_cfb8 "aes-128-cfb8"
-#define NID_aes_128_cfb8 653
+#define NID_aes_128_cfb8 729
#define SN_aes_192_cfb8 "AES-192-CFB8"
#define LN_aes_192_cfb8 "aes-192-cfb8"
-#define NID_aes_192_cfb8 654
+#define NID_aes_192_cfb8 730
#define SN_aes_256_cfb8 "AES-256-CFB8"
#define LN_aes_256_cfb8 "aes-256-cfb8"
-#define NID_aes_256_cfb8 655
+#define NID_aes_256_cfb8 731
#define SN_des_cfb1 "DES-CFB1"
#define LN_des_cfb1 "des-cfb1"
-#define NID_des_cfb1 656
+#define NID_des_cfb1 732
#define SN_des_cfb8 "DES-CFB8"
#define LN_des_cfb8 "des-cfb8"
-#define NID_des_cfb8 657
+#define NID_des_cfb8 733
#define SN_des_ede3_cfb1 "DES-EDE3-CFB1"
#define LN_des_ede3_cfb1 "des-ede3-cfb1"
-#define NID_des_ede3_cfb1 658
+#define NID_des_ede3_cfb1 734
#define SN_des_ede3_cfb8 "DES-EDE3-CFB8"
#define LN_des_ede3_cfb8 "des-ede3-cfb8"
-#define NID_des_ede3_cfb8 659
+#define NID_des_ede3_cfb8 735
#define OBJ_nist_hashalgs OBJ_nistAlgorithms,2L
#define SN_sha256 "SHA256"
#define LN_sha256 "sha256"
-#define NID_sha256 740
+#define NID_sha256 741
#define OBJ_sha256 OBJ_nist_hashalgs,1L
#define SN_sha384 "SHA384"
#define LN_sha384 "sha384"
-#define NID_sha384 741
+#define NID_sha384 742
#define OBJ_sha384 OBJ_nist_hashalgs,2L
#define SN_sha512 "SHA512"
#define LN_sha512 "sha512"
-#define NID_sha512 742
+#define NID_sha512 743
#define OBJ_sha512 OBJ_nist_hashalgs,3L
#define SN_sha224 "SHA224"
#define LN_sha224 "sha224"
-#define NID_sha224 743
+#define NID_sha224 744
#define OBJ_sha224 OBJ_nist_hashalgs,4L
#define SN_hold_instruction_code "holdInstructionCode"
@@ -2750,556 +2718,556 @@
#define SN_id_set "id-set"
#define LN_id_set "Secure Electronic Transactions"
-#define NID_id_set 512
+#define NID_id_set 576
#define OBJ_id_set OBJ_international_organizations,42L
#define SN_set_ctype "set-ctype"
#define LN_set_ctype "content types"
-#define NID_set_ctype 513
+#define NID_set_ctype 577
#define OBJ_set_ctype OBJ_id_set,0L
#define SN_set_msgExt "set-msgExt"
#define LN_set_msgExt "message extensions"
-#define NID_set_msgExt 514
+#define NID_set_msgExt 578
#define OBJ_set_msgExt OBJ_id_set,1L
#define SN_set_attr "set-attr"
-#define NID_set_attr 515
+#define NID_set_attr 579
#define OBJ_set_attr OBJ_id_set,3L
#define SN_set_policy "set-policy"
-#define NID_set_policy 516
+#define NID_set_policy 580
#define OBJ_set_policy OBJ_id_set,5L
#define SN_set_certExt "set-certExt"
#define LN_set_certExt "certificate extensions"
-#define NID_set_certExt 517
+#define NID_set_certExt 581
#define OBJ_set_certExt OBJ_id_set,7L
#define SN_set_brand "set-brand"
-#define NID_set_brand 518
+#define NID_set_brand 582
#define OBJ_set_brand OBJ_id_set,8L
#define SN_setct_PANData "setct-PANData"
-#define NID_setct_PANData 519
+#define NID_setct_PANData 583
#define OBJ_setct_PANData OBJ_set_ctype,0L
#define SN_setct_PANToken "setct-PANToken"
-#define NID_setct_PANToken 520
+#define NID_setct_PANToken 584
#define OBJ_setct_PANToken OBJ_set_ctype,1L
#define SN_setct_PANOnly "setct-PANOnly"
-#define NID_setct_PANOnly 521
+#define NID_setct_PANOnly 585
#define OBJ_setct_PANOnly OBJ_set_ctype,2L
#define SN_setct_OIData "setct-OIData"
-#define NID_setct_OIData 522
+#define NID_setct_OIData 586
#define OBJ_setct_OIData OBJ_set_ctype,3L
#define SN_setct_PI "setct-PI"
-#define NID_setct_PI 523
+#define NID_setct_PI 587
#define OBJ_setct_PI OBJ_set_ctype,4L
#define SN_setct_PIData "setct-PIData"
-#define NID_setct_PIData 524
+#define NID_setct_PIData 588
#define OBJ_setct_PIData OBJ_set_ctype,5L
#define SN_setct_PIDataUnsigned "setct-PIDataUnsigned"
-#define NID_setct_PIDataUnsigned 525
+#define NID_setct_PIDataUnsigned 589
#define OBJ_setct_PIDataUnsigned OBJ_set_ctype,6L
#define SN_setct_HODInput "setct-HODInput"
-#define NID_setct_HODInput 526
+#define NID_setct_HODInput 590
#define OBJ_setct_HODInput OBJ_set_ctype,7L
#define SN_setct_AuthResBaggage "setct-AuthResBaggage"
-#define NID_setct_AuthResBaggage 527
+#define NID_setct_AuthResBaggage 591
#define OBJ_setct_AuthResBaggage OBJ_set_ctype,8L
#define SN_setct_AuthRevReqBaggage "setct-AuthRevReqBaggage"
-#define NID_setct_AuthRevReqBaggage 528
+#define NID_setct_AuthRevReqBaggage 592
#define OBJ_setct_AuthRevReqBaggage OBJ_set_ctype,9L
#define SN_setct_AuthRevResBaggage "setct-AuthRevResBaggage"
-#define NID_setct_AuthRevResBaggage 529
+#define NID_setct_AuthRevResBaggage 593
#define OBJ_setct_AuthRevResBaggage OBJ_set_ctype,10L
#define SN_setct_CapTokenSeq "setct-CapTokenSeq"
-#define NID_setct_CapTokenSeq 530
+#define NID_setct_CapTokenSeq 594
#define OBJ_setct_CapTokenSeq OBJ_set_ctype,11L
#define SN_setct_PInitResData "setct-PInitResData"
-#define NID_setct_PInitResData 531
+#define NID_setct_PInitResData 595
#define OBJ_setct_PInitResData OBJ_set_ctype,12L
#define SN_setct_PI_TBS "setct-PI-TBS"
-#define NID_setct_PI_TBS 532
+#define NID_setct_PI_TBS 596
#define OBJ_setct_PI_TBS OBJ_set_ctype,13L
#define SN_setct_PResData "setct-PResData"
-#define NID_setct_PResData 533
+#define NID_setct_PResData 597
#define OBJ_setct_PResData OBJ_set_ctype,14L
#define SN_setct_AuthReqTBS "setct-AuthReqTBS"
-#define NID_setct_AuthReqTBS 534
+#define NID_setct_AuthReqTBS 598
#define OBJ_setct_AuthReqTBS OBJ_set_ctype,16L
#define SN_setct_AuthResTBS "setct-AuthResTBS"
-#define NID_setct_AuthResTBS 535
+#define NID_setct_AuthResTBS 599
#define OBJ_setct_AuthResTBS OBJ_set_ctype,17L
#define SN_setct_AuthResTBSX "setct-AuthResTBSX"
-#define NID_setct_AuthResTBSX 536
+#define NID_setct_AuthResTBSX 600
#define OBJ_setct_AuthResTBSX OBJ_set_ctype,18L
#define SN_setct_AuthTokenTBS "setct-AuthTokenTBS"
-#define NID_setct_AuthTokenTBS 537
+#define NID_setct_AuthTokenTBS 601
#define OBJ_setct_AuthTokenTBS OBJ_set_ctype,19L
#define SN_setct_CapTokenData "setct-CapTokenData"
-#define NID_setct_CapTokenData 538
+#define NID_setct_CapTokenData 602
#define OBJ_setct_CapTokenData OBJ_set_ctype,20L
#define SN_setct_CapTokenTBS "setct-CapTokenTBS"
-#define NID_setct_CapTokenTBS 539
+#define NID_setct_CapTokenTBS 603
#define OBJ_setct_CapTokenTBS OBJ_set_ctype,21L
#define SN_setct_AcqCardCodeMsg "setct-AcqCardCodeMsg"
-#define NID_setct_AcqCardCodeMsg 540
+#define NID_setct_AcqCardCodeMsg 604
#define OBJ_setct_AcqCardCodeMsg OBJ_set_ctype,22L
#define SN_setct_AuthRevReqTBS "setct-AuthRevReqTBS"
-#define NID_setct_AuthRevReqTBS 541
+#define NID_setct_AuthRevReqTBS 605
#define OBJ_setct_AuthRevReqTBS OBJ_set_ctype,23L
#define SN_setct_AuthRevResData "setct-AuthRevResData"
-#define NID_setct_AuthRevResData 542
+#define NID_setct_AuthRevResData 606
#define OBJ_setct_AuthRevResData OBJ_set_ctype,24L
#define SN_setct_AuthRevResTBS "setct-AuthRevResTBS"
-#define NID_setct_AuthRevResTBS 543
+#define NID_setct_AuthRevResTBS 607
#define OBJ_setct_AuthRevResTBS OBJ_set_ctype,25L
#define SN_setct_CapReqTBS "setct-CapReqTBS"
-#define NID_setct_CapReqTBS 544
+#define NID_setct_CapReqTBS 608
#define OBJ_setct_CapReqTBS OBJ_set_ctype,26L
#define SN_setct_CapReqTBSX "setct-CapReqTBSX"
-#define NID_setct_CapReqTBSX 545
+#define NID_setct_CapReqTBSX 609
#define OBJ_setct_CapReqTBSX OBJ_set_ctype,27L
#define SN_setct_CapResData "setct-CapResData"
-#define NID_setct_CapResData 546
+#define NID_setct_CapResData 610
#define OBJ_setct_CapResData OBJ_set_ctype,28L
#define SN_setct_CapRevReqTBS "setct-CapRevReqTBS"
-#define NID_setct_CapRevReqTBS 547
+#define NID_setct_CapRevReqTBS 611
#define OBJ_setct_CapRevReqTBS OBJ_set_ctype,29L
#define SN_setct_CapRevReqTBSX "setct-CapRevReqTBSX"
-#define NID_setct_CapRevReqTBSX 548
+#define NID_setct_CapRevReqTBSX 612
#define OBJ_setct_CapRevReqTBSX OBJ_set_ctype,30L
#define SN_setct_CapRevResData "setct-CapRevResData"
-#define NID_setct_CapRevResData 549
+#define NID_setct_CapRevResData 613
#define OBJ_setct_CapRevResData OBJ_set_ctype,31L
#define SN_setct_CredReqTBS "setct-CredReqTBS"
-#define NID_setct_CredReqTBS 550
+#define NID_setct_CredReqTBS 614
#define OBJ_setct_CredReqTBS OBJ_set_ctype,32L
#define SN_setct_CredReqTBSX "setct-CredReqTBSX"
-#define NID_setct_CredReqTBSX 551
+#define NID_setct_CredReqTBSX 615
#define OBJ_setct_CredReqTBSX OBJ_set_ctype,33L
#define SN_setct_CredResData "setct-CredResData"
-#define NID_setct_CredResData 552
+#define NID_setct_CredResData 616
#define OBJ_setct_CredResData OBJ_set_ctype,34L
#define SN_setct_CredRevReqTBS "setct-CredRevReqTBS"
-#define NID_setct_CredRevReqTBS 553
+#define NID_setct_CredRevReqTBS 617
#define OBJ_setct_CredRevReqTBS OBJ_set_ctype,35L
#define SN_setct_CredRevReqTBSX "setct-CredRevReqTBSX"
-#define NID_setct_CredRevReqTBSX 554
+#define NID_setct_CredRevReqTBSX 618
#define OBJ_setct_CredRevReqTBSX OBJ_set_ctype,36L
#define SN_setct_CredRevResData "setct-CredRevResData"
-#define NID_setct_CredRevResData 555
+#define NID_setct_CredRevResData 619
#define OBJ_setct_CredRevResData OBJ_set_ctype,37L
#define SN_setct_PCertReqData "setct-PCertReqData"
-#define NID_setct_PCertReqData 556
+#define NID_setct_PCertReqData 620
#define OBJ_setct_PCertReqData OBJ_set_ctype,38L
#define SN_setct_PCertResTBS "setct-PCertResTBS"
-#define NID_setct_PCertResTBS 557
+#define NID_setct_PCertResTBS 621
#define OBJ_setct_PCertResTBS OBJ_set_ctype,39L
#define SN_setct_BatchAdminReqData "setct-BatchAdminReqData"
-#define NID_setct_BatchAdminReqData 558
+#define NID_setct_BatchAdminReqData 622
#define OBJ_setct_BatchAdminReqData OBJ_set_ctype,40L
#define SN_setct_BatchAdminResData "setct-BatchAdminResData"
-#define NID_setct_BatchAdminResData 559
+#define NID_setct_BatchAdminResData 623
#define OBJ_setct_BatchAdminResData OBJ_set_ctype,41L
#define SN_setct_CardCInitResTBS "setct-CardCInitResTBS"
-#define NID_setct_CardCInitResTBS 560
+#define NID_setct_CardCInitResTBS 624
#define OBJ_setct_CardCInitResTBS OBJ_set_ctype,42L
#define SN_setct_MeAqCInitResTBS "setct-MeAqCInitResTBS"
-#define NID_setct_MeAqCInitResTBS 561
+#define NID_setct_MeAqCInitResTBS 625
#define OBJ_setct_MeAqCInitResTBS OBJ_set_ctype,43L
#define SN_setct_RegFormResTBS "setct-RegFormResTBS"
-#define NID_setct_RegFormResTBS 562
+#define NID_setct_RegFormResTBS 626
#define OBJ_setct_RegFormResTBS OBJ_set_ctype,44L
#define SN_setct_CertReqData "setct-CertReqData"
-#define NID_setct_CertReqData 563
+#define NID_setct_CertReqData 627
#define OBJ_setct_CertReqData OBJ_set_ctype,45L
#define SN_setct_CertReqTBS "setct-CertReqTBS"
-#define NID_setct_CertReqTBS 564
+#define NID_setct_CertReqTBS 628
#define OBJ_setct_CertReqTBS OBJ_set_ctype,46L
#define SN_setct_CertResData "setct-CertResData"
-#define NID_setct_CertResData 565
+#define NID_setct_CertResData 629
#define OBJ_setct_CertResData OBJ_set_ctype,47L
#define SN_setct_CertInqReqTBS "setct-CertInqReqTBS"
-#define NID_setct_CertInqReqTBS 566
+#define NID_setct_CertInqReqTBS 630
#define OBJ_setct_CertInqReqTBS OBJ_set_ctype,48L
#define SN_setct_ErrorTBS "setct-ErrorTBS"
-#define NID_setct_ErrorTBS 567
+#define NID_setct_ErrorTBS 631
#define OBJ_setct_ErrorTBS OBJ_set_ctype,49L
#define SN_setct_PIDualSignedTBE "setct-PIDualSignedTBE"
-#define NID_setct_PIDualSignedTBE 568
+#define NID_setct_PIDualSignedTBE 632
#define OBJ_setct_PIDualSignedTBE OBJ_set_ctype,50L
#define SN_setct_PIUnsignedTBE "setct-PIUnsignedTBE"
-#define NID_setct_PIUnsignedTBE 569
+#define NID_setct_PIUnsignedTBE 633
#define OBJ_setct_PIUnsignedTBE OBJ_set_ctype,51L
#define SN_setct_AuthReqTBE "setct-AuthReqTBE"
-#define NID_setct_AuthReqTBE 570
+#define NID_setct_AuthReqTBE 634
#define OBJ_setct_AuthReqTBE OBJ_set_ctype,52L
#define SN_setct_AuthResTBE "setct-AuthResTBE"
-#define NID_setct_AuthResTBE 571
+#define NID_setct_AuthResTBE 635
#define OBJ_setct_AuthResTBE OBJ_set_ctype,53L
#define SN_setct_AuthResTBEX "setct-AuthResTBEX"
-#define NID_setct_AuthResTBEX 572
+#define NID_setct_AuthResTBEX 636
#define OBJ_setct_AuthResTBEX OBJ_set_ctype,54L
#define SN_setct_AuthTokenTBE "setct-AuthTokenTBE"
-#define NID_setct_AuthTokenTBE 573
+#define NID_setct_AuthTokenTBE 637
#define OBJ_setct_AuthTokenTBE OBJ_set_ctype,55L
#define SN_setct_CapTokenTBE "setct-CapTokenTBE"
-#define NID_setct_CapTokenTBE 574
+#define NID_setct_CapTokenTBE 638
#define OBJ_setct_CapTokenTBE OBJ_set_ctype,56L
#define SN_setct_CapTokenTBEX "setct-CapTokenTBEX"
-#define NID_setct_CapTokenTBEX 575
+#define NID_setct_CapTokenTBEX 639
#define OBJ_setct_CapTokenTBEX OBJ_set_ctype,57L
#define SN_setct_AcqCardCodeMsgTBE "setct-AcqCardCodeMsgTBE"
-#define NID_setct_AcqCardCodeMsgTBE 576
+#define NID_setct_AcqCardCodeMsgTBE 640
#define OBJ_setct_AcqCardCodeMsgTBE OBJ_set_ctype,58L
#define SN_setct_AuthRevReqTBE "setct-AuthRevReqTBE"
-#define NID_setct_AuthRevReqTBE 577
+#define NID_setct_AuthRevReqTBE 641
#define OBJ_setct_AuthRevReqTBE OBJ_set_ctype,59L
#define SN_setct_AuthRevResTBE "setct-AuthRevResTBE"
-#define NID_setct_AuthRevResTBE 578
+#define NID_setct_AuthRevResTBE 642
#define OBJ_setct_AuthRevResTBE OBJ_set_ctype,60L
#define SN_setct_AuthRevResTBEB "setct-AuthRevResTBEB"
-#define NID_setct_AuthRevResTBEB 579
+#define NID_setct_AuthRevResTBEB 643
#define OBJ_setct_AuthRevResTBEB OBJ_set_ctype,61L
#define SN_setct_CapReqTBE "setct-CapReqTBE"
-#define NID_setct_CapReqTBE 580
+#define NID_setct_CapReqTBE 644
#define OBJ_setct_CapReqTBE OBJ_set_ctype,62L
#define SN_setct_CapReqTBEX "setct-CapReqTBEX"
-#define NID_setct_CapReqTBEX 581
+#define NID_setct_CapReqTBEX 645
#define OBJ_setct_CapReqTBEX OBJ_set_ctype,63L
#define SN_setct_CapResTBE "setct-CapResTBE"
-#define NID_setct_CapResTBE 582
+#define NID_setct_CapResTBE 646
#define OBJ_setct_CapResTBE OBJ_set_ctype,64L
#define SN_setct_CapRevReqTBE "setct-CapRevReqTBE"
-#define NID_setct_CapRevReqTBE 583
+#define NID_setct_CapRevReqTBE 647
#define OBJ_setct_CapRevReqTBE OBJ_set_ctype,65L
#define SN_setct_CapRevReqTBEX "setct-CapRevReqTBEX"
-#define NID_setct_CapRevReqTBEX 584
+#define NID_setct_CapRevReqTBEX 648
#define OBJ_setct_CapRevReqTBEX OBJ_set_ctype,66L
#define SN_setct_CapRevResTBE "setct-CapRevResTBE"
-#define NID_setct_CapRevResTBE 585
+#define NID_setct_CapRevResTBE 649
#define OBJ_setct_CapRevResTBE OBJ_set_ctype,67L
#define SN_setct_CredReqTBE "setct-CredReqTBE"
-#define NID_setct_CredReqTBE 586
+#define NID_setct_CredReqTBE 650
#define OBJ_setct_CredReqTBE OBJ_set_ctype,68L
#define SN_setct_CredReqTBEX "setct-CredReqTBEX"
-#define NID_setct_CredReqTBEX 587
+#define NID_setct_CredReqTBEX 651
#define OBJ_setct_CredReqTBEX OBJ_set_ctype,69L
#define SN_setct_CredResTBE "setct-CredResTBE"
-#define NID_setct_CredResTBE 588
+#define NID_setct_CredResTBE 652
#define OBJ_setct_CredResTBE OBJ_set_ctype,70L
#define SN_setct_CredRevReqTBE "setct-CredRevReqTBE"
-#define NID_setct_CredRevReqTBE 589
+#define NID_setct_CredRevReqTBE 653
#define OBJ_setct_CredRevReqTBE OBJ_set_ctype,71L
#define SN_setct_CredRevReqTBEX "setct-CredRevReqTBEX"
-#define NID_setct_CredRevReqTBEX 590
+#define NID_setct_CredRevReqTBEX 654
#define OBJ_setct_CredRevReqTBEX OBJ_set_ctype,72L
#define SN_setct_CredRevResTBE "setct-CredRevResTBE"
-#define NID_setct_CredRevResTBE 591
+#define NID_setct_CredRevResTBE 655
#define OBJ_setct_CredRevResTBE OBJ_set_ctype,73L
#define SN_setct_BatchAdminReqTBE "setct-BatchAdminReqTBE"
-#define NID_setct_BatchAdminReqTBE 592
+#define NID_setct_BatchAdminReqTBE 656
#define OBJ_setct_BatchAdminReqTBE OBJ_set_ctype,74L
#define SN_setct_BatchAdminResTBE "setct-BatchAdminResTBE"
-#define NID_setct_BatchAdminResTBE 593
+#define NID_setct_BatchAdminResTBE 657
#define OBJ_setct_BatchAdminResTBE OBJ_set_ctype,75L
#define SN_setct_RegFormReqTBE "setct-RegFormReqTBE"
-#define NID_setct_RegFormReqTBE 594
+#define NID_setct_RegFormReqTBE 658
#define OBJ_setct_RegFormReqTBE OBJ_set_ctype,76L
#define SN_setct_CertReqTBE "setct-CertReqTBE"
-#define NID_setct_CertReqTBE 595
+#define NID_setct_CertReqTBE 659
#define OBJ_setct_CertReqTBE OBJ_set_ctype,77L
#define SN_setct_CertReqTBEX "setct-CertReqTBEX"
-#define NID_setct_CertReqTBEX 596
+#define NID_setct_CertReqTBEX 660
#define OBJ_setct_CertReqTBEX OBJ_set_ctype,78L
#define SN_setct_CertResTBE "setct-CertResTBE"
-#define NID_setct_CertResTBE 597
+#define NID_setct_CertResTBE 661
#define OBJ_setct_CertResTBE OBJ_set_ctype,79L
#define SN_setct_CRLNotificationTBS "setct-CRLNotificationTBS"
-#define NID_setct_CRLNotificationTBS 598
+#define NID_setct_CRLNotificationTBS 662
#define OBJ_setct_CRLNotificationTBS OBJ_set_ctype,80L
#define SN_setct_CRLNotificationResTBS "setct-CRLNotificationResTBS"
-#define NID_setct_CRLNotificationResTBS 599
+#define NID_setct_CRLNotificationResTBS 663
#define OBJ_setct_CRLNotificationResTBS OBJ_set_ctype,81L
#define SN_setct_BCIDistributionTBS "setct-BCIDistributionTBS"
-#define NID_setct_BCIDistributionTBS 600
+#define NID_setct_BCIDistributionTBS 664
#define OBJ_setct_BCIDistributionTBS OBJ_set_ctype,82L
#define SN_setext_genCrypt "setext-genCrypt"
#define LN_setext_genCrypt "generic cryptogram"
-#define NID_setext_genCrypt 601
+#define NID_setext_genCrypt 665
#define OBJ_setext_genCrypt OBJ_set_msgExt,1L
#define SN_setext_miAuth "setext-miAuth"
#define LN_setext_miAuth "merchant initiated auth"
-#define NID_setext_miAuth 602
+#define NID_setext_miAuth 666
#define OBJ_setext_miAuth OBJ_set_msgExt,3L
#define SN_setext_pinSecure "setext-pinSecure"
-#define NID_setext_pinSecure 603
+#define NID_setext_pinSecure 667
#define OBJ_setext_pinSecure OBJ_set_msgExt,4L
#define SN_setext_pinAny "setext-pinAny"
-#define NID_setext_pinAny 604
+#define NID_setext_pinAny 668
#define OBJ_setext_pinAny OBJ_set_msgExt,5L
#define SN_setext_track2 "setext-track2"
-#define NID_setext_track2 605
+#define NID_setext_track2 669
#define OBJ_setext_track2 OBJ_set_msgExt,7L
#define SN_setext_cv "setext-cv"
#define LN_setext_cv "additional verification"
-#define NID_setext_cv 606
+#define NID_setext_cv 670
#define OBJ_setext_cv OBJ_set_msgExt,8L
#define SN_set_policy_root "set-policy-root"
-#define NID_set_policy_root 607
+#define NID_set_policy_root 671
#define OBJ_set_policy_root OBJ_set_policy,0L
#define SN_setCext_hashedRoot "setCext-hashedRoot"
-#define NID_setCext_hashedRoot 608
+#define NID_setCext_hashedRoot 672
#define OBJ_setCext_hashedRoot OBJ_set_certExt,0L
#define SN_setCext_certType "setCext-certType"
-#define NID_setCext_certType 609
+#define NID_setCext_certType 673
#define OBJ_setCext_certType OBJ_set_certExt,1L
#define SN_setCext_merchData "setCext-merchData"
-#define NID_setCext_merchData 610
+#define NID_setCext_merchData 674
#define OBJ_setCext_merchData OBJ_set_certExt,2L
#define SN_setCext_cCertRequired "setCext-cCertRequired"
-#define NID_setCext_cCertRequired 611
+#define NID_setCext_cCertRequired 675
#define OBJ_setCext_cCertRequired OBJ_set_certExt,3L
#define SN_setCext_tunneling "setCext-tunneling"
-#define NID_setCext_tunneling 612
+#define NID_setCext_tunneling 676
#define OBJ_setCext_tunneling OBJ_set_certExt,4L
#define SN_setCext_setExt "setCext-setExt"
-#define NID_setCext_setExt 613
+#define NID_setCext_setExt 677
#define OBJ_setCext_setExt OBJ_set_certExt,5L
#define SN_setCext_setQualf "setCext-setQualf"
-#define NID_setCext_setQualf 614
+#define NID_setCext_setQualf 678
#define OBJ_setCext_setQualf OBJ_set_certExt,6L
#define SN_setCext_PGWYcapabilities "setCext-PGWYcapabilities"
-#define NID_setCext_PGWYcapabilities 615
+#define NID_setCext_PGWYcapabilities 679
#define OBJ_setCext_PGWYcapabilities OBJ_set_certExt,7L
#define SN_setCext_TokenIdentifier "setCext-TokenIdentifier"
-#define NID_setCext_TokenIdentifier 616
+#define NID_setCext_TokenIdentifier 680
#define OBJ_setCext_TokenIdentifier OBJ_set_certExt,8L
#define SN_setCext_Track2Data "setCext-Track2Data"
-#define NID_setCext_Track2Data 617
+#define NID_setCext_Track2Data 681
#define OBJ_setCext_Track2Data OBJ_set_certExt,9L
#define SN_setCext_TokenType "setCext-TokenType"
-#define NID_setCext_TokenType 618
+#define NID_setCext_TokenType 682
#define OBJ_setCext_TokenType OBJ_set_certExt,10L
#define SN_setCext_IssuerCapabilities "setCext-IssuerCapabilities"
-#define NID_setCext_IssuerCapabilities 619
+#define NID_setCext_IssuerCapabilities 683
#define OBJ_setCext_IssuerCapabilities OBJ_set_certExt,11L
#define SN_setAttr_Cert "setAttr-Cert"
-#define NID_setAttr_Cert 620
+#define NID_setAttr_Cert 684
#define OBJ_setAttr_Cert OBJ_set_attr,0L
#define SN_setAttr_PGWYcap "setAttr-PGWYcap"
#define LN_setAttr_PGWYcap "payment gateway capabilities"
-#define NID_setAttr_PGWYcap 621
+#define NID_setAttr_PGWYcap 685
#define OBJ_setAttr_PGWYcap OBJ_set_attr,1L
#define SN_setAttr_TokenType "setAttr-TokenType"
-#define NID_setAttr_TokenType 622
+#define NID_setAttr_TokenType 686
#define OBJ_setAttr_TokenType OBJ_set_attr,2L
#define SN_setAttr_IssCap "setAttr-IssCap"
#define LN_setAttr_IssCap "issuer capabilities"
-#define NID_setAttr_IssCap 623
+#define NID_setAttr_IssCap 687
#define OBJ_setAttr_IssCap OBJ_set_attr,3L
#define SN_set_rootKeyThumb "set-rootKeyThumb"
-#define NID_set_rootKeyThumb 624
+#define NID_set_rootKeyThumb 688
#define OBJ_set_rootKeyThumb OBJ_setAttr_Cert,0L
#define SN_set_addPolicy "set-addPolicy"
-#define NID_set_addPolicy 625
+#define NID_set_addPolicy 689
#define OBJ_set_addPolicy OBJ_setAttr_Cert,1L
#define SN_setAttr_Token_EMV "setAttr-Token-EMV"
-#define NID_setAttr_Token_EMV 626
+#define NID_setAttr_Token_EMV 690
#define OBJ_setAttr_Token_EMV OBJ_setAttr_TokenType,1L
#define SN_setAttr_Token_B0Prime "setAttr-Token-B0Prime"
-#define NID_setAttr_Token_B0Prime 627
+#define NID_setAttr_Token_B0Prime 691
#define OBJ_setAttr_Token_B0Prime OBJ_setAttr_TokenType,2L
#define SN_setAttr_IssCap_CVM "setAttr-IssCap-CVM"
-#define NID_setAttr_IssCap_CVM 628
+#define NID_setAttr_IssCap_CVM 692
#define OBJ_setAttr_IssCap_CVM OBJ_setAttr_IssCap,3L
#define SN_setAttr_IssCap_T2 "setAttr-IssCap-T2"
-#define NID_setAttr_IssCap_T2 629
+#define NID_setAttr_IssCap_T2 693
#define OBJ_setAttr_IssCap_T2 OBJ_setAttr_IssCap,4L
#define SN_setAttr_IssCap_Sig "setAttr-IssCap-Sig"
-#define NID_setAttr_IssCap_Sig 630
+#define NID_setAttr_IssCap_Sig 694
#define OBJ_setAttr_IssCap_Sig OBJ_setAttr_IssCap,5L
#define SN_setAttr_GenCryptgrm "setAttr-GenCryptgrm"
#define LN_setAttr_GenCryptgrm "generate cryptogram"
-#define NID_setAttr_GenCryptgrm 631
+#define NID_setAttr_GenCryptgrm 695
#define OBJ_setAttr_GenCryptgrm OBJ_setAttr_IssCap_CVM,1L
#define SN_setAttr_T2Enc "setAttr-T2Enc"
#define LN_setAttr_T2Enc "encrypted track 2"
-#define NID_setAttr_T2Enc 632
+#define NID_setAttr_T2Enc 696
#define OBJ_setAttr_T2Enc OBJ_setAttr_IssCap_T2,1L
#define SN_setAttr_T2cleartxt "setAttr-T2cleartxt"
#define LN_setAttr_T2cleartxt "cleartext track 2"
-#define NID_setAttr_T2cleartxt 633
+#define NID_setAttr_T2cleartxt 697
#define OBJ_setAttr_T2cleartxt OBJ_setAttr_IssCap_T2,2L
#define SN_setAttr_TokICCsig "setAttr-TokICCsig"
#define LN_setAttr_TokICCsig "ICC or token signature"
-#define NID_setAttr_TokICCsig 634
+#define NID_setAttr_TokICCsig 698
#define OBJ_setAttr_TokICCsig OBJ_setAttr_IssCap_Sig,1L
#define SN_setAttr_SecDevSig "setAttr-SecDevSig"
#define LN_setAttr_SecDevSig "secure device signature"
-#define NID_setAttr_SecDevSig 635
+#define NID_setAttr_SecDevSig 699
#define OBJ_setAttr_SecDevSig OBJ_setAttr_IssCap_Sig,2L
#define SN_set_brand_IATA_ATA "set-brand-IATA-ATA"
-#define NID_set_brand_IATA_ATA 636
+#define NID_set_brand_IATA_ATA 700
#define OBJ_set_brand_IATA_ATA OBJ_set_brand,1L
#define SN_set_brand_Diners "set-brand-Diners"
-#define NID_set_brand_Diners 637
+#define NID_set_brand_Diners 701
#define OBJ_set_brand_Diners OBJ_set_brand,30L
#define SN_set_brand_AmericanExpress "set-brand-AmericanExpress"
-#define NID_set_brand_AmericanExpress 638
+#define NID_set_brand_AmericanExpress 702
#define OBJ_set_brand_AmericanExpress OBJ_set_brand,34L
#define SN_set_brand_JCB "set-brand-JCB"
-#define NID_set_brand_JCB 639
+#define NID_set_brand_JCB 703
#define OBJ_set_brand_JCB OBJ_set_brand,35L
#define SN_set_brand_Visa "set-brand-Visa"
-#define NID_set_brand_Visa 640
+#define NID_set_brand_Visa 704
#define OBJ_set_brand_Visa OBJ_set_brand,4L
#define SN_set_brand_MasterCard "set-brand-MasterCard"
-#define NID_set_brand_MasterCard 641
+#define NID_set_brand_MasterCard 705
#define OBJ_set_brand_MasterCard OBJ_set_brand,5L
#define SN_set_brand_Novus "set-brand-Novus"
-#define NID_set_brand_Novus 642
+#define NID_set_brand_Novus 706
#define OBJ_set_brand_Novus OBJ_set_brand,6011L
#define SN_des_cdmf "DES-CDMF"
#define LN_des_cdmf "des-cdmf"
-#define NID_des_cdmf 643
+#define NID_des_cdmf 707
#define OBJ_des_cdmf OBJ_rsadsi,3L,10L
#define SN_rsaOAEPEncryptionSET "rsaOAEPEncryptionSET"
-#define NID_rsaOAEPEncryptionSET 644
+#define NID_rsaOAEPEncryptionSET 708
#define OBJ_rsaOAEPEncryptionSET OBJ_rsadsi,1L,1L,6L
#define SN_ipsec3 "Oakley-EC2N-3"
#define LN_ipsec3 "ipsec3"
-#define NID_ipsec3 744
+#define NID_ipsec3 724
#define SN_ipsec4 "Oakley-EC2N-4"
#define LN_ipsec4 "ipsec4"
-#define NID_ipsec4 745
+#define NID_ipsec4 725
diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num
index 180d20f1bc..8481502556 100644
--- a/crypto/objects/obj_mac.num
+++ b/crypto/objects/obj_mac.num
@@ -500,251 +500,245 @@ personalSignature 499
dITRedirect 500
audio 501
documentPublisher 502
-x500UniqueIdentifier 503
-mime_mhs 504
-mime_mhs_headings 505
-mime_mhs_bodies 506
-id_hex_partial_message 507
-id_hex_multipart_message 508
-generationQualifier 509
-pseudonym 510
-InternationalRA 511
-id_set 512
-set_ctype 513
-set_msgExt 514
-set_attr 515
-set_policy 516
-set_certExt 517
-set_brand 518
-setct_PANData 519
-setct_PANToken 520
-setct_PANOnly 521
-setct_OIData 522
-setct_PI 523
-setct_PIData 524
-setct_PIDataUnsigned 525
-setct_HODInput 526
-setct_AuthResBaggage 527
-setct_AuthRevReqBaggage 528
-setct_AuthRevResBaggage 529
-setct_CapTokenSeq 530
-setct_PInitResData 531
-setct_PI_TBS 532
-setct_PResData 533
-setct_AuthReqTBS 534
-setct_AuthResTBS 535
-setct_AuthResTBSX 536
-setct_AuthTokenTBS 537
-setct_CapTokenData 538
-setct_CapTokenTBS 539
-setct_AcqCardCodeMsg 540
-setct_AuthRevReqTBS 541
-setct_AuthRevResData 542
-setct_AuthRevResTBS 543
-setct_CapReqTBS 544
-setct_CapReqTBSX 545
-setct_CapResData 546
-setct_CapRevReqTBS 547
-setct_CapRevReqTBSX 548
-setct_CapRevResData 549
-setct_CredReqTBS 550
-setct_CredReqTBSX 551
-setct_CredResData 552
-setct_CredRevReqTBS 553
-setct_CredRevReqTBSX 554
-setct_CredRevResData 555
-setct_PCertReqData 556
-setct_PCertResTBS 557
-setct_BatchAdminReqData 558
-setct_BatchAdminResData 559
-setct_CardCInitResTBS 560
-setct_MeAqCInitResTBS 561
-setct_RegFormResTBS 562
-setct_CertReqData 563
-setct_CertReqTBS 564
-setct_CertResData 565
-setct_CertInqReqTBS 566
-setct_ErrorTBS 567
-setct_PIDualSignedTBE 568
-setct_PIUnsignedTBE 569
-setct_AuthReqTBE 570
-setct_AuthResTBE 571
-setct_AuthResTBEX 572
-setct_AuthTokenTBE 573
-setct_CapTokenTBE 574
-setct_CapTokenTBEX 575
-setct_AcqCardCodeMsgTBE 576
-setct_AuthRevReqTBE 577
-setct_AuthRevResTBE 578
-setct_AuthRevResTBEB 579
-setct_CapReqTBE 580
-setct_CapReqTBEX 581
-setct_CapResTBE 582
-setct_CapRevReqTBE 583
-setct_CapRevReqTBEX 584
-setct_CapRevResTBE 585
-setct_CredReqTBE 586
-setct_CredReqTBEX 587
-setct_CredResTBE 588
-setct_CredRevReqTBE 589
-setct_CredRevReqTBEX 590
-setct_CredRevResTBE 591
-setct_BatchAdminReqTBE 592
-setct_BatchAdminResTBE 593
-setct_RegFormReqTBE 594
-setct_CertReqTBE 595
-setct_CertReqTBEX 596
-setct_CertResTBE 597
-setct_CRLNotificationTBS 598
-setct_CRLNotificationResTBS 599
-setct_BCIDistributionTBS 600
-setext_genCrypt 601
-setext_miAuth 602
-setext_pinSecure 603
-setext_pinAny 604
-setext_track2 605
-setext_cv 606
-set_policy_root 607
-setCext_hashedRoot 608
-setCext_certType 609
-setCext_merchData 610
-setCext_cCertRequired 611
-setCext_tunneling 612
-setCext_setExt 613
-setCext_setQualf 614
-setCext_PGWYcapabilities 615
-setCext_TokenIdentifier 616
-setCext_Track2Data 617
-setCext_TokenType 618
-setCext_IssuerCapabilities 619
-setAttr_Cert 620
-setAttr_PGWYcap 621
-setAttr_TokenType 622
-setAttr_IssCap 623
-set_rootKeyThumb 624
-set_addPolicy 625
-setAttr_Token_EMV 626
-setAttr_Token_B0Prime 627
-setAttr_IssCap_CVM 628
-setAttr_IssCap_T2 629
-setAttr_IssCap_Sig 630
-setAttr_GenCryptgrm 631
-setAttr_T2Enc 632
-setAttr_T2cleartxt 633
-setAttr_TokICCsig 634
-setAttr_SecDevSig 635
-set_brand_IATA_ATA 636
-set_brand_Diners 637
-set_brand_AmericanExpress 638
-set_brand_JCB 639
-set_brand_Visa 640
-set_brand_MasterCard 641
-set_brand_Novus 642
-des_cdmf 643
-rsaOAEPEncryptionSET 644
-itu_t 645
-joint_iso_itu_t 646
-international_organizations 647
-ms_smartcard_login 648
-ms_upn 649
-aes_128_cfb1 650
-aes_192_cfb1 651
-aes_256_cfb1 652
-aes_128_cfb8 653
-aes_192_cfb8 654
-aes_256_cfb8 655
-des_cfb1 656
-des_cfb8 657
-des_ede3_cfb1 658
-des_ede3_cfb8 659
-streetAddress 660
-postalCode 661
-identified_organization 662
-certicom_arc 663
-wap 664
-wap_wsg 665
-X9_62_id_characteristic_two_basis 666
-X9_62_onBasis 667
-X9_62_tpBasis 668
-X9_62_ppBasis 669
-X9_62_c2pnb163v1 670
-X9_62_c2pnb163v2 671
-X9_62_c2pnb163v3 672
-X9_62_c2pnb176v1 673
-X9_62_c2tnb191v1 674
-X9_62_c2tnb191v2 675
-X9_62_c2tnb191v3 676
-X9_62_c2onb191v4 677
-X9_62_c2onb191v5 678
-X9_62_c2pnb208w1 679
-X9_62_c2tnb239v1 680
-X9_62_c2tnb239v2 681
-X9_62_c2tnb239v3 682
-X9_62_c2onb239v4 683
-X9_62_c2onb239v5 684
-X9_62_c2pnb272w1 685
-X9_62_c2pnb304w1 686
-X9_62_c2tnb359v1 687
-X9_62_c2pnb368w1 688
-X9_62_c2tnb431r1 689
-secp112r1 690
-secp112r2 691
-secp128r1 692
-secp128r2 693
-secp160k1 694
-secp160r1 695
-secp160r2 696
-secp192k1 697
-secp224k1 698
-secp224r1 699
-secp256k1 700
-secp384r1 701
-secp521r1 702
-sect113r1 703
-sect113r2 704
-sect131r1 705
-sect131r2 706
-sect163k1 707
-sect163r1 708
-sect163r2 709
-sect193r1 710
-sect193r2 711
-sect233k1 712
-sect233r1 713
-sect239k1 714
-sect283k1 715
-sect283r1 716
-sect409k1 717
-sect409r1 718
-sect571k1 719
-sect571r1 720
-wap_wsg_idm_ecid_wtls1 721
-wap_wsg_idm_ecid_wtls3 722
-wap_wsg_idm_ecid_wtls4 723
-wap_wsg_idm_ecid_wtls5 724
-wap_wsg_idm_ecid_wtls6 725
-wap_wsg_idm_ecid_wtls7 726
-wap_wsg_idm_ecid_wtls8 727
-wap_wsg_idm_ecid_wtls9 728
-wap_wsg_idm_ecid_wtls10 729
-wap_wsg_idm_ecid_wtls11 730
-wap_wsg_idm_ecid_wtls12 731
-sha256WithRSAEncryption 732
-sha384WithRSAEncryption 733
-sha512WithRSAEncryption 734
-sha224WithRSAEncryption 735
-name_constraints 736
-any_policy 737
-policy_mappings 738
-inhibit_any_policy 739
-sha256 740
-sha384 741
-sha512 742
-sha224 743
-ipsec3 744
-ipsec4 745
-id_ppl 746
-proxyCertInfo 747
-id_ppl_anyLanguage 748
-id_ppl_inheritAll 749
-Independent 750
+X9_62_id_characteristic_two_basis 503
+X9_62_onBasis 504
+X9_62_tpBasis 505
+X9_62_ppBasis 506
+X9_62_c2pnb163v1 507
+X9_62_c2pnb163v2 508
+X9_62_c2pnb163v3 509
+X9_62_c2pnb176v1 510
+X9_62_c2tnb191v1 511
+X9_62_c2tnb191v2 512
+X9_62_c2tnb191v3 513
+X9_62_c2onb191v4 514
+X9_62_c2onb191v5 515
+X9_62_c2pnb208w1 516
+X9_62_c2tnb239v1 517
+X9_62_c2tnb239v2 518
+X9_62_c2tnb239v3 519
+X9_62_c2onb239v4 520
+X9_62_c2onb239v5 521
+X9_62_c2pnb272w1 522
+X9_62_c2pnb304w1 523
+X9_62_c2tnb359v1 524
+X9_62_c2pnb368w1 525
+X9_62_c2tnb431r1 526
+identified_organization 527
+certicom_arc 528
+secp112r1 529
+secp112r2 530
+secp128r1 531
+secp128r2 532
+secp160k1 533
+secp160r1 534
+secp160r2 535
+secp192k1 536
+secp192r1 537
+secp224k1 538
+secp224r1 539
+secp256k1 540
+secp256r1 541
+secp384r1 542
+secp521r1 543
+sect113r1 544
+sect113r2 545
+sect131r1 546
+sect131r2 547
+sect163k1 548
+sect163r1 549
+sect163r2 550
+sect193r1 551
+sect193r2 552
+sect233k1 553
+sect233r1 554
+sect239k1 555
+sect283k1 556
+sect283r1 557
+sect409k1 558
+sect409r1 559
+sect571k1 560
+sect571r1 561
+wap 562
+wap_wsg 563
+wap_wsg_idm_ecid_wtls1 564
+wap_wsg_idm_ecid_wtls6 565
+wap_wsg_idm_ecid_wtls8 566
+wap_wsg_idm_ecid_wtls9 567
+x500UniqueIdentifier 568
+mime_mhs 569
+mime_mhs_headings 570
+mime_mhs_bodies 571
+id_hex_partial_message 572
+id_hex_multipart_message 573
+generationQualifier 574
+pseudonym 575
+id_set 576
+set_ctype 577
+set_msgExt 578
+set_attr 579
+set_policy 580
+set_certExt 581
+set_brand 582
+setct_PANData 583
+setct_PANToken 584
+setct_PANOnly 585
+setct_OIData 586
+setct_PI 587
+setct_PIData 588
+setct_PIDataUnsigned 589
+setct_HODInput 590
+setct_AuthResBaggage 591
+setct_AuthRevReqBaggage 592
+setct_AuthRevResBaggage 593
+setct_CapTokenSeq 594
+setct_PInitResData 595
+setct_PI_TBS 596
+setct_PResData 597
+setct_AuthReqTBS 598
+setct_AuthResTBS 599
+setct_AuthResTBSX 600
+setct_AuthTokenTBS 601
+setct_CapTokenData 602
+setct_CapTokenTBS 603
+setct_AcqCardCodeMsg 604
+setct_AuthRevReqTBS 605
+setct_AuthRevResData 606
+setct_AuthRevResTBS 607
+setct_CapReqTBS 608
+setct_CapReqTBSX 609
+setct_CapResData 610
+setct_CapRevReqTBS 611
+setct_CapRevReqTBSX 612
+setct_CapRevResData 613
+setct_CredReqTBS 614
+setct_CredReqTBSX 615
+setct_CredResData 616
+setct_CredRevReqTBS 617
+setct_CredRevReqTBSX 618
+setct_CredRevResData 619
+setct_PCertReqData 620
+setct_PCertResTBS 621
+setct_BatchAdminReqData 622
+setct_BatchAdminResData 623
+setct_CardCInitResTBS 624
+setct_MeAqCInitResTBS 625
+setct_RegFormResTBS 626
+setct_CertReqData 627
+setct_CertReqTBS 628
+setct_CertResData 629
+setct_CertInqReqTBS 630
+setct_ErrorTBS 631
+setct_PIDualSignedTBE 632
+setct_PIUnsignedTBE 633
+setct_AuthReqTBE 634
+setct_AuthResTBE 635
+setct_AuthResTBEX 636
+setct_AuthTokenTBE 637
+setct_CapTokenTBE 638
+setct_CapTokenTBEX 639
+setct_AcqCardCodeMsgTBE 640
+setct_AuthRevReqTBE 641
+setct_AuthRevResTBE 642
+setct_AuthRevResTBEB 643
+setct_CapReqTBE 644
+setct_CapReqTBEX 645
+setct_CapResTBE 646
+setct_CapRevReqTBE 647
+setct_CapRevReqTBEX 648
+setct_CapRevResTBE 649
+setct_CredReqTBE 650
+setct_CredReqTBEX 651
+setct_CredResTBE 652
+setct_CredRevReqTBE 653
+setct_CredRevReqTBEX 654
+setct_CredRevResTBE 655
+setct_BatchAdminReqTBE 656
+setct_BatchAdminResTBE 657
+setct_RegFormReqTBE 658
+setct_CertReqTBE 659
+setct_CertReqTBEX 660
+setct_CertResTBE 661
+setct_CRLNotificationTBS 662
+setct_CRLNotificationResTBS 663
+setct_BCIDistributionTBS 664
+setext_genCrypt 665
+setext_miAuth 666
+setext_pinSecure 667
+setext_pinAny 668
+setext_track2 669
+setext_cv 670
+set_policy_root 671
+setCext_hashedRoot 672
+setCext_certType 673
+setCext_merchData 674
+setCext_cCertRequired 675
+setCext_tunneling 676
+setCext_setExt 677
+setCext_setQualf 678
+setCext_PGWYcapabilities 679
+setCext_TokenIdentifier 680
+setCext_Track2Data 681
+setCext_TokenType 682
+setCext_IssuerCapabilities 683
+setAttr_Cert 684
+setAttr_PGWYcap 685
+setAttr_TokenType 686
+setAttr_IssCap 687
+set_rootKeyThumb 688
+set_addPolicy 689
+setAttr_Token_EMV 690
+setAttr_Token_B0Prime 691
+setAttr_IssCap_CVM 692
+setAttr_IssCap_T2 693
+setAttr_IssCap_Sig 694
+setAttr_GenCryptgrm 695
+setAttr_T2Enc 696
+setAttr_T2cleartxt 697
+setAttr_TokICCsig 698
+setAttr_SecDevSig 699
+set_brand_IATA_ATA 700
+set_brand_Diners 701
+set_brand_AmericanExpress 702
+set_brand_JCB 703
+set_brand_Visa 704
+set_brand_MasterCard 705
+set_brand_Novus 706
+des_cdmf 707
+rsaOAEPEncryptionSET 708
+wap_wsg_idm_ecid_wtls3 709
+wap_wsg_idm_ecid_wtls4 710
+wap_wsg_idm_ecid_wtls5 711
+wap_wsg_idm_ecid_wtls7 712
+wap_wsg_idm_ecid_wtls10 713
+wap_wsg_idm_ecid_wtls11 714
+wap_wsg_idm_ecid_wtls12 715
+ms_smartcard_login 716
+ms_upn 717
+any_policy 718
+policy_mappings 719
+name_constraints 720
+itu_t 721
+joint_iso_itu_t 722
+international_organizations 723
+ipsec3 724
+ipsec4 725
+aes_128_cfb1 726
+aes_192_cfb1 727
+aes_256_cfb1 728
+aes_128_cfb8 729
+aes_192_cfb8 730
+aes_256_cfb8 731
+des_cfb1 732
+des_cfb8 733
+des_ede3_cfb1 734
+des_ede3_cfb8 735
+inhibit_any_policy 736
+sha256WithRSAEncryption 737
+sha384WithRSAEncryption 738
+sha512WithRSAEncryption 739
+sha224WithRSAEncryption 740
+sha256 741
+sha384 742
+sha512 743
+sha224 744
diff --git a/crypto/objects/objects.h b/crypto/objects/objects.h
index 7242f76fb0..8b509516fc 100644
--- a/crypto/objects/objects.h
+++ b/crypto/objects/objects.h
@@ -1031,10 +1031,8 @@ void ERR_load_OBJ_strings(void);
/* Error codes for the OBJ functions. */
/* Function codes. */
-#define OBJ_F_OBJ_ADD_OBJECT 105
#define OBJ_F_OBJ_CREATE 100
#define OBJ_F_OBJ_DUP 101
-#define OBJ_F_OBJ_NAME_NEW_INDEX 106
#define OBJ_F_OBJ_NID2LN 102
#define OBJ_F_OBJ_NID2OBJ 103
#define OBJ_F_OBJ_NID2SN 104
diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt
index 46a405b3e6..613be3688c 100644
--- a/crypto/objects/objects.txt
+++ b/crypto/objects/objects.txt
@@ -405,7 +405,6 @@ id-pkix 9 : id-pda
id-pkix 10 : id-aca
id-pkix 11 : id-qcs
id-pkix 12 : id-cct
-id-pkix 21 : id-ppl
id-pkix 48 : id-ad
# PKIX Modules
@@ -440,7 +439,6 @@ id-pe 9 : sbqp-routerIdentifier
id-pe 10 : ac-proxying
!Cname sinfo-access
id-pe 11 : subjectInfoAccess : Subject Information Access
-id-pe 14 : proxyCertInfo : Proxy Certificate Information
# PKIX policyQualifiers for Internet policy qualifiers
id-qt 1 : id-qt-cps : Policy Qualifier CPS
@@ -556,11 +554,6 @@ id-cct 1 : id-cct-crs
id-cct 2 : id-cct-PKIData
id-cct 3 : id-cct-PKIResponse
-# Predefined Proxy Certificate policy languages
-id-ppl 0 : id-ppl-anyLanguage : Any language
-id-ppl 1 : id-ppl-inheritAll : Inherit all
-id-ppl 2 : id-ppl-independent : Independent
-
# access descriptors for authority info access extension
!Cname ad-OCSP
id-ad 1 : OCSP : OCSP
@@ -636,12 +629,10 @@ X509 5 : : serialNumber
X509 6 : C : countryName
X509 7 : L : localityName
X509 8 : ST : stateOrProvinceName
-X509 9 : : streetAddress
X509 10 : O : organizationName
X509 11 : OU : organizationalUnitName
X509 12 : : title
X509 13 : : description
-X509 17 : : postalCode
X509 41 : name : name
X509 42 : GN : givenName
X509 43 : : initials
diff --git a/crypto/ocsp/Makefile.ssl b/crypto/ocsp/Makefile.ssl
index c4f50af842..8a4fdc3e6b 100644
--- a/crypto/ocsp/Makefile.ssl
+++ b/crypto/ocsp/Makefile.ssl
@@ -56,7 +56,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/pem/Makefile.ssl b/crypto/pem/Makefile.ssl
index 02156ef659..ec77c5e26e 100644
--- a/crypto/pem/Makefile.ssl
+++ b/crypto/pem/Makefile.ssl
@@ -56,7 +56,7 @@ links: $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index 81c4aba235..7a383f3dff 100644
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -73,7 +73,7 @@ const char *PEM_version="PEM" OPENSSL_VERSION_PTEXT;
#define MIN_LENGTH 4
-static int load_iv(char **fromp,unsigned char *to, int num);
+static int load_iv(unsigned char **fromp,unsigned char *to, int num);
static int check_pem(const char *nm, const char *name);
int PEM_def_callback(char *buf, int num, int w, void *key)
@@ -303,7 +303,7 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
if ((dsize=i2d(x,NULL)) < 0)
{
- PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_ASN1_LIB);
+ PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE);
dsize=0;
goto err;
}
@@ -434,7 +434,6 @@ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
int o;
const EVP_CIPHER *enc=NULL;
char *p,c;
- char **header_pp = &header;
cipher->cipher=NULL;
if ((header == NULL) || (*header == '\0') || (*header == '\n'))
@@ -481,16 +480,15 @@ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_UNSUPPORTED_ENCRYPTION);
return(0);
}
- if (!load_iv(header_pp,&(cipher->iv[0]),enc->iv_len))
- return(0);
+ if (!load_iv((unsigned char **)&header,&(cipher->iv[0]),enc->iv_len)) return(0);
return(1);
}
-static int load_iv(char **fromp, unsigned char *to, int num)
+static int load_iv(unsigned char **fromp, unsigned char *to, int num)
{
int v,i;
- char *from;
+ unsigned char *from;
from= *fromp;
for (i=0; i<num; i++) to[i]=0;
diff --git a/crypto/perlasm/x86asm.pl b/crypto/perlasm/x86asm.pl
index cf2aee40ec..f9c7c37aca 100644
--- a/crypto/perlasm/x86asm.pl
+++ b/crypto/perlasm/x86asm.pl
@@ -18,13 +18,15 @@ sub main'asm_init
($type,$fn,$i386)=@_;
$filename=$fn;
- $elf=$cpp=$coff=$aout=$win32=$netware=$mwerks=0;
+ $elf=$cpp=$sol=$aout=$win32=$gaswin=$netware=0;
if ( ($type eq "elf"))
{ $elf=1; require "x86unix.pl"; }
elsif ( ($type eq "a.out"))
{ $aout=1; require "x86unix.pl"; }
- elsif ( ($type eq "coff" or $type eq "gaswin"))
- { $coff=1; require "x86unix.pl"; }
+ elsif ( ($type eq "gaswin"))
+ { $gaswin=1; $aout=1; require "x86unix.pl"; }
+ elsif ( ($type eq "sol"))
+ { $sol=1; require "x86unix.pl"; }
elsif ( ($type eq "cpp"))
{ $cpp=1; require "x86unix.pl"; }
elsif ( ($type eq "win32"))
@@ -32,16 +34,17 @@ sub main'asm_init
elsif ( ($type eq "win32n"))
{ $win32=1; require "x86nasm.pl"; }
elsif ( ($type eq "nw-nasm"))
- { $netware=1; require "x86nasm.pl"; }
+ { $netware=1; require "x86nasm_nw.pl"; }
elsif ( ($type eq "nw-mwasm"))
- { $netware=1; $mwerks=1; require "x86nasm.pl"; }
+ { $netware=1; require "x86mwasm_nw.pl"; }
else
{
print STDERR <<"EOF";
Pick one target type from
- elf - Linux, FreeBSD, Solaris x86, etc.
- a.out - OpenBSD, DJGPP, etc.
- coff - GAS/COFF such as Win32 targets
+ elf - linux, FreeBSD etc
+ a.out - old linux
+ sol - x86 solaris
+ cpp - format so x86unix.cpp can be used
win32 - Windows 95/Windows NT
win32n - Windows 95/Windows NT NASM format
nw-nasm - NetWare NASM format
@@ -58,7 +61,7 @@ EOF
&comment("Don't even think of reading this code");
&comment("It was automatically generated by $filename");
&comment("Which is a perl program used to generate the x86 assember for");
-&comment("any of ELF, a.out, COFF, Win32, ...");
+&comment("any of elf, a.out, BSDI, Win32, gaswin (for GNU as on Win32) or Solaris");
&comment("eric <eay\@cryptsoft.com>");
&comment("");
diff --git a/crypto/perlasm/x86ms.pl b/crypto/perlasm/x86ms.pl
index 35ba300d04..dd62348b6a 100644
--- a/crypto/perlasm/x86ms.pl
+++ b/crypto/perlasm/x86ms.pl
@@ -92,7 +92,7 @@ sub get_mem
$reg2=&conv($1);
$addr="_$2";
}
- elsif ($addr =~ /^[_a-z][_a-z0-9]*$/i)
+ elsif ($addr =~ /^[_a-zA-Z]/)
{
$addr="_$addr";
}
@@ -133,7 +133,6 @@ sub main'xorb { &out2("xor",@_); }
sub main'add { &out2("add",@_); }
sub main'adc { &out2("adc",@_); }
sub main'sub { &out2("sub",@_); }
-sub main'sbb { &out2("sbb",@_); }
sub main'rotl { &out2("rol",@_); }
sub main'rotr { &out2("ror",@_); }
sub main'exch { &out2("xchg",@_); }
@@ -161,8 +160,6 @@ sub main'jne { &out1("jne",@_); }
sub main'jno { &out1("jno",@_); }
sub main'push { &out1("push",@_); $stack+=4; }
sub main'pop { &out1("pop",@_); $stack-=4; }
-sub main'pushf { &out0("pushfd"); $stack+=4; }
-sub main'popf { &out0("popfd"); $stack-=4; }
sub main'bswap { &out1("bswap",@_); &using486(); }
sub main'not { &out1("not",@_); }
sub main'call { &out1("call",($_[0]=~/^\$L/?'':'_').$_[0]); }
@@ -171,11 +168,6 @@ sub main'nop { &out0("nop"); }
sub main'test { &out2("test",@_); }
sub main'bt { &out2("bt",@_); }
sub main'leave { &out0("leave"); }
-sub main'cpuid { &out0("DW\t0A20Fh"); }
-sub main'rdtsc { &out0("DW\t0310Fh"); }
-sub main'halt { &out0("hlt"); }
-sub main'movz { &out2("movzx",@_); }
-sub main'neg { &out1("neg",@_); }
# SSE2
sub main'emms { &out0("emms"); }
@@ -257,7 +249,7 @@ sub main'function_begin
push(@labels,$func);
local($tmp)=<<"EOF";
-_TEXT\$ SEGMENT PARA
+_TEXT SEGMENT
PUBLIC _$func
$extra
_$func PROC NEAR
@@ -275,7 +267,7 @@ sub main'function_begin_B
local($func,$extra)=@_;
local($tmp)=<<"EOF";
-_TEXT\$ SEGMENT PARA
+_TEXT SEGMENT
PUBLIC _$func
$extra
_$func PROC NEAR
@@ -295,7 +287,7 @@ sub main'function_end
pop ebp
ret
_$func ENDP
-_TEXT\$ ENDS
+_TEXT ENDS
EOF
push(@out,$tmp);
$stack=0;
@@ -308,7 +300,7 @@ sub main'function_end_B
local($tmp)=<<"EOF";
_$func ENDP
-_TEXT\$ ENDS
+_TEXT ENDS
EOF
push(@out,$tmp);
$stack=0;
@@ -333,7 +325,7 @@ sub main'file_end
{
# try to detect if SSE2 or MMX extensions were used...
if (grep {/xmm[0-7]\s*,/i} @out) {
- grep {s/\.[3-7]86/\.686\n\t\.XMM/} @out;
+ grep {s/\.[3-7]86/\.786\n\t\.XMM/} @out;
}
elsif (grep {/mm[0-7]\s*,/i} @out) {
grep {s/\.[3-7]86/\.686\n\t\.MMX/} @out;
@@ -369,12 +361,6 @@ sub main'comment
}
}
-sub main'public_label
- {
- $label{$_[0]}="_$_[0]" if (!defined($label{$_[0]}));
- push(@out,"PUBLIC\t$label{$_[0]}\n");
- }
-
sub main'label
{
if (!defined($label{$_[0]}))
@@ -392,18 +378,10 @@ sub main'set_label
$label{$_[0]}="\$${label}${_[0]}";
$label++;
}
- if ($_[1]!=0 && $_[1]>1)
- {
- main'align($_[1]);
- }
if((defined $_[2]) && ($_[2] == 1))
{
push(@out,"$label{$_[0]}::\n");
}
- elsif ($label{$_[0]} !~ /^\$/)
- {
- push(@out,"$label{$_[0]}\tLABEL PTR\n");
- }
else
{
push(@out,"$label{$_[0]}:\n");
@@ -435,18 +413,3 @@ sub main'picmeup
}
sub main'blindpop { &out1("pop",@_); }
-
-sub main'initseg
- {
- local($f)=@_;
- local($tmp)=<<___;
-OPTION DOTNAME
-.CRT\$XIU SEGMENT DWORD PUBLIC 'DATA'
-EXTRN _$f:NEAR
-DD _$f
-.CRT\$XIU ENDS
-___
- push(@out,$tmp);
- }
-
-1;
diff --git a/crypto/perlasm/x86nasm.pl b/crypto/perlasm/x86nasm.pl
index b897ed0fda..da2a1d471b 100644
--- a/crypto/perlasm/x86nasm.pl
+++ b/crypto/perlasm/x86nasm.pl
@@ -3,7 +3,6 @@
package x86nasm;
$label="L000";
-$under=($main'netware)?'':'_';
%lb=( 'eax', 'al',
'ebx', 'bl',
@@ -33,8 +32,7 @@ sub main'external_label
{
push(@labels,@_);
foreach (@_) {
- push(@out,".") if ($main'mwerks);
- push(@out, "extern\t${under}$_\n");
+ push(@out, "extern\t_$_\n");
}
}
@@ -62,17 +60,17 @@ sub main'DWP
sub main'QWP
{
- &get_mem("",@_);
+ &get_mem("QWORD",@_);
}
sub main'BC
{
- return (($main'mwerks)?"":"BYTE ")."@_";
+ return "BYTE @_";
}
sub main'DWC
{
- return (($main'mwerks)?"":"DWORD ")."@_";
+ return "DWORD @_";
}
sub main'stack_push
@@ -93,22 +91,16 @@ sub get_mem
{
my($size,$addr,$reg1,$reg2,$idx)=@_;
my($t,$post);
- my($ret)=$size;
- if ($ret ne "")
- {
- $ret .= " PTR" if ($main'mwerks);
- $ret .= " ";
- }
- $ret .= "[";
+ my($ret)="[";
$addr =~ s/^\s+//;
if ($addr =~ /^(.+)\+(.+)$/)
{
$reg2=&conv($1);
- $addr="$under$2";
+ $addr="_$2";
}
- elsif ($addr =~ /^[_a-z][_a-z0-9]*$/i)
+ elsif ($addr =~ /^[_a-zA-Z]/)
{
- $addr="$under$addr";
+ $addr="_$addr";
}
if ($addr =~ /^.+\-.+$/) { $addr="($addr)"; }
@@ -147,7 +139,6 @@ sub main'xorb { &out2("xor",@_); }
sub main'add { &out2("add",@_); }
sub main'adc { &out2("adc",@_); }
sub main'sub { &out2("sub",@_); }
-sub main'sbb { &out2("sbb",@_); }
sub main'rotl { &out2("rol",@_); }
sub main'rotr { &out2("ror",@_); }
sub main'exch { &out2("xchg",@_); }
@@ -161,39 +152,31 @@ sub main'jmp { &out1("jmp",@_); }
sub main'jmp_ptr { &out1p("jmp",@_); }
# This is a bit of a kludge: declare all branches as NEAR.
-$near=($main'mwerks)?'':'NEAR';
-sub main'je { &out1("je $near",@_); }
-sub main'jle { &out1("jle $near",@_); }
-sub main'jz { &out1("jz $near",@_); }
-sub main'jge { &out1("jge $near",@_); }
-sub main'jl { &out1("jl $near",@_); }
-sub main'ja { &out1("ja $near",@_); }
-sub main'jae { &out1("jae $near",@_); }
-sub main'jb { &out1("jb $near",@_); }
-sub main'jbe { &out1("jbe $near",@_); }
-sub main'jc { &out1("jc $near",@_); }
-sub main'jnc { &out1("jnc $near",@_); }
-sub main'jnz { &out1("jnz $near",@_); }
-sub main'jne { &out1("jne $near",@_); }
-sub main'jno { &out1("jno $near",@_); }
+sub main'je { &out1("je NEAR",@_); }
+sub main'jle { &out1("jle NEAR",@_); }
+sub main'jz { &out1("jz NEAR",@_); }
+sub main'jge { &out1("jge NEAR",@_); }
+sub main'jl { &out1("jl NEAR",@_); }
+sub main'ja { &out1("ja NEAR",@_); }
+sub main'jae { &out1("jae NEAR",@_); }
+sub main'jb { &out1("jb NEAR",@_); }
+sub main'jbe { &out1("jbe NEAR",@_); }
+sub main'jc { &out1("jc NEAR",@_); }
+sub main'jnc { &out1("jnc NEAR",@_); }
+sub main'jnz { &out1("jnz NEAR",@_); }
+sub main'jne { &out1("jne NEAR",@_); }
+sub main'jno { &out1("jno NEAR",@_); }
sub main'push { &out1("push",@_); $stack+=4; }
sub main'pop { &out1("pop",@_); $stack-=4; }
-sub main'pushf { &out0("pushfd"); $stack+=4; }
-sub main'popf { &out0("popfd"); $stack-=4; }
sub main'bswap { &out1("bswap",@_); &using486(); }
sub main'not { &out1("not",@_); }
-sub main'call { &out1("call",($_[0]=~/^\@L/?'':$under).$_[0]); }
+sub main'call { &out1("call",($_[0]=~/^\$L/?'':'_').$_[0]); }
sub main'ret { &out0("ret"); }
sub main'nop { &out0("nop"); }
sub main'test { &out2("test",@_); }
sub main'bt { &out2("bt",@_); }
sub main'leave { &out0("leave"); }
-sub main'cpuid { &out0("cpuid"); }
-sub main'rdtsc { &out0("rdtsc"); }
-sub main'halt { &out0("hlt"); }
-sub main'movz { &out2("movzx",@_); }
-sub main'neg { &out1("neg",@_); }
# SSE2
sub main'emms { &out0("emms"); }
@@ -217,11 +200,6 @@ sub out2
my($l,$t);
push(@out,"\t$name\t");
- if (!$main'mwerks and $name eq "lea")
- {
- $p1 =~ s/^[^\[]*\[/\[/;
- $p2 =~ s/^[^\[]*\[/\[/;
- }
$t=&conv($p1).",";
$l=length($t);
push(@out,$t);
@@ -261,8 +239,7 @@ sub using486
sub main'file
{
- push(@out,".") if ($main'mwerks);
- push(@out,"section\t.text\n");
+ push(@out, "segment .text use32\n");
}
sub main'function_begin
@@ -271,8 +248,8 @@ sub main'function_begin
push(@labels,$func);
my($tmp)=<<"EOF";
-global $under$func
-$under$func:
+global _$func
+_$func:
push ebp
push ebx
push esi
@@ -286,8 +263,8 @@ sub main'function_begin_B
{
my($func,$extra)=@_;
my($tmp)=<<"EOF";
-global $under$func
-$under$func:
+global _$func
+_$func:
EOF
push(@out,$tmp);
$stack=4;
@@ -361,17 +338,11 @@ sub main'comment
}
}
-sub main'public_label
- {
- $label{$_[0]}="${under}${_[0]}" if (!defined($label{$_[0]}));
- push(@out,"global\t$label{$_[0]}\n");
- }
-
sub main'label
{
if (!defined($label{$_[0]}))
{
- $label{$_[0]}="\@${label}${_[0]}";
+ $label{$_[0]}="\$${label}${_[0]}";
$label++;
}
return($label{$_[0]});
@@ -381,25 +352,20 @@ sub main'set_label
{
if (!defined($label{$_[0]}))
{
- $label{$_[0]}="\@${label}${_[0]}";
+ $label{$_[0]}="\$${label}${_[0]}";
$label++;
}
- if ($_[1]!=0 && $_[1]>1)
- {
- main'align($_[1]);
- }
push(@out,"$label{$_[0]}:\n");
}
sub main'data_word
{
- push(@out,(($main'mwerks)?".long\t":"DD\t").join(',',@_)."\n");
+ push(@out,"\tDD\t".join(',',@_)."\n");
}
sub main'align
{
- push(@out,".") if ($main'mwerks);
- push(@out,"align\t$_[0]\n");
+ push(@out,"\tALIGN\t$_[0]\n");
}
sub out1p
@@ -417,19 +383,3 @@ sub main'picmeup
}
sub main'blindpop { &out1("pop",@_); }
-
-sub main'initseg
- {
- local($f)=@_;
- if ($main'win32)
- {
- local($tmp)=<<___;
-segment .CRT\$XIU data
-extern $under$f
-DD $under$f
-___
- push(@out,$tmp);
- }
- }
-
-1;
diff --git a/crypto/perlasm/x86unix.pl b/crypto/perlasm/x86unix.pl
index 4381580be7..99e2865aa0 100644
--- a/crypto/perlasm/x86unix.pl
+++ b/crypto/perlasm/x86unix.pl
@@ -1,15 +1,14 @@
#!/usr/local/bin/perl
-package x86unix; # GAS actually...
+package x86unix;
$label="L000";
$const="";
$constl=0;
$align=($main'aout)?"4":"16";
-$under=($main'aout or $main'coff)?"_":"";
-$dot=($main'aout)?"":".";
-$com_start="#" if ($main'aout or $main'coff);
+$under=($main'aout)?"_":"";
+$com_start=($main'sol)?"/":"#";
sub main'asm_init_output { @out=(); }
sub main'asm_get_output { return(@out); }
@@ -161,13 +160,12 @@ sub main'shl { &out2("sall",@_); }
sub main'shr { &out2("shrl",@_); }
sub main'xor { &out2("xorl",@_); }
sub main'xorb { &out2("xorb",@_); }
-sub main'add { &out2($_[0]=~/%[a-d][lh]/?"addb":"addl",@_); }
+sub main'add { &out2("addl",@_); }
sub main'adc { &out2("adcl",@_); }
sub main'sub { &out2("subl",@_); }
-sub main'sbb { &out2("sbbl",@_); }
sub main'rotl { &out2("roll",@_); }
sub main'rotr { &out2("rorl",@_); }
-sub main'exch { &out2($_[0]=~/%[a-d][lh]/?"xchgb":"xchgl",@_); }
+sub main'exch { &out2("xchg",@_); }
sub main'cmp { &out2("cmpl",@_); }
sub main'lea { &out2("leal",@_); }
sub main'mul { &out1("mull",@_); }
@@ -189,27 +187,18 @@ sub main'jc { &out1("jc",@_); }
sub main'jnc { &out1("jnc",@_); }
sub main'jno { &out1("jno",@_); }
sub main'dec { &out1("decl",@_); }
-sub main'inc { &out1($_[0]=~/%[a-d][hl]/?"incb":"incl",@_); }
+sub main'inc { &out1("incl",@_); }
sub main'push { &out1("pushl",@_); $stack+=4; }
sub main'pop { &out1("popl",@_); $stack-=4; }
-sub main'pushf { &out0("pushfl"); $stack+=4; }
-sub main'popf { &out0("popfl"); $stack-=4; }
+sub main'pushf { &out0("pushf"); $stack+=4; }
+sub main'popf { &out0("popf"); $stack-=4; }
sub main'not { &out1("notl",@_); }
-sub main'call { my $pre=$under;
- foreach $i (%label)
- { if ($label{$i} eq $_[0]) { $pre=''; last; } }
- &out1("call",$pre.$_[0]);
- }
+sub main'call { &out1("call",($_[0]=~/^\.L/?'':$under).$_[0]); }
sub main'ret { &out0("ret"); }
sub main'nop { &out0("nop"); }
sub main'test { &out2("testl",@_); }
sub main'bt { &out2("btl",@_); }
sub main'leave { &out0("leave"); }
-sub main'cpuid { &out0(".byte\t0x0f,0xa2"); }
-sub main'rdtsc { &out0(".byte\t0x0f,0x31"); }
-sub main'halt { &out0("hlt"); }
-sub main'movz { &out2("movzbl",@_); }
-sub main'neg { &out1("negl",@_); }
# SSE2
sub main'emms { &out0("emms"); }
@@ -331,6 +320,8 @@ sub main'file
local($tmp)=<<"EOF";
.file "$file.s"
+ .version "01.01"
+gcc2_compiled.:
EOF
push(@out,$tmp);
}
@@ -344,17 +335,15 @@ sub main'function_begin
local($tmp)=<<"EOF";
.text
-.globl $func
+ .align $align
+.globl $func
EOF
push(@out,$tmp);
if ($main'cpp)
- { $tmp=push(@out,"TYPE($func,\@function)\n"); }
- elsif ($main'coff)
- { $tmp=push(@out,".def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); }
- elsif ($main'aout and !$main'pic)
- { }
- else { $tmp=push(@out,".type\t$func,\@function\n"); }
- push(@out,".align\t$align\n");
+ { $tmp=push(@out,"\tTYPE($func,\@function)\n"); }
+ elsif ($main'gaswin)
+ { $tmp=push(@out,"\t.def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); }
+ else { $tmp=push(@out,"\t.type\t$func,\@function\n"); }
push(@out,"$func:\n");
$tmp=<<"EOF";
pushl %ebp
@@ -376,17 +365,15 @@ sub main'function_begin_B
local($tmp)=<<"EOF";
.text
-.globl $func
+ .align $align
+.globl $func
EOF
push(@out,$tmp);
if ($main'cpp)
- { push(@out,"TYPE($func,\@function)\n"); }
- elsif ($main'coff)
- { $tmp=push(@out,".def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); }
- elsif ($main'aout and !$main'pic)
- { }
- else { push(@out,".type $func,\@function\n"); }
- push(@out,".align\t$align\n");
+ { push(@out,"\tTYPE($func,\@function)\n"); }
+ elsif ($main'gaswin)
+ { $tmp=push(@out,"\t.def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); }
+ else { push(@out,"\t.type $func,\@function\n"); }
push(@out,"$func:\n");
$stack=4;
}
@@ -403,15 +390,15 @@ sub main'function_end
popl %ebx
popl %ebp
ret
-${dot}L_${func}_end:
+.L_${func}_end:
EOF
push(@out,$tmp);
if ($main'cpp)
- { push(@out,"SIZE($func,${dot}L_${func}_end-$func)\n"); }
- elsif ($main'coff or $main'aout)
- { }
- else { push(@out,".size\t$func,${dot}L_${func}_end-$func\n"); }
+ { push(@out,"\tSIZE($func,.L_${func}_end-$func)\n"); }
+ elsif ($main'gaswin)
+ { $tmp=push(@out,"\t.align 4\n"); }
+ else { push(@out,"\t.size\t$func,.L_${func}_end-$func\n"); }
push(@out,".ident \"$func\"\n");
$stack=0;
%label=();
@@ -437,12 +424,12 @@ sub main'function_end_B
$func=$under.$func;
- push(@out,"${dot}L_${func}_end:\n");
+ push(@out,".L_${func}_end:\n");
if ($main'cpp)
- { push(@out,"SIZE($func,${dot}L_${func}_end-$func)\n"); }
- elsif ($main'coff or $main'aout)
- { }
- else { push(@out,".size\t$func,${dot}L_${func}_end-$func\n"); }
+ { push(@out,"\tSIZE($func,.L_${func}_end-$func)\n"); }
+ elsif ($main'gaswin)
+ { push(@out,"\t.align 4\n"); }
+ else { push(@out,"\t.size\t$func,.L_${func}_end-$func\n"); }
push(@out,".ident \"$func\"\n");
$stack=0;
%label=();
@@ -484,10 +471,9 @@ sub main'swtmp
sub main'comment
{
- if (!defined($com_start) or $main'elf)
- { # Regarding $main'elf above...
- # GNU and SVR4 as'es use different comment delimiters,
- push(@out,"\n"); # so we just skip ELF comments...
+ if ($main'elf) # GNU and SVR4 as'es use different comment delimiters,
+ { # so we just skip comments...
+ push(@out,"\n");
return;
}
foreach (@_)
@@ -499,17 +485,11 @@ sub main'comment
}
}
-sub main'public_label
- {
- $label{$_[0]}="${under}${_[0]}" if (!defined($label{$_[0]}));
- push(@out,".globl\t$label{$_[0]}\n");
- }
-
sub main'label
{
if (!defined($label{$_[0]}))
{
- $label{$_[0]}="${dot}${label}${_[0]}";
+ $label{$_[0]}=".${label}${_[0]}";
$label++;
}
return($label{$_[0]});
@@ -519,14 +499,10 @@ sub main'set_label
{
if (!defined($label{$_[0]}))
{
- $label{$_[0]}="${dot}${label}${_[0]}";
+ $label{$_[0]}=".${label}${_[0]}";
$label++;
}
- if ($_[1]!=0)
- {
- if ($_[1]>1) { main'align($_[1]); }
- else { push(@out,".align $align\n"); }
- }
+ push(@out,".align $align\n") if ($_[1] != 0);
push(@out,"$label{$_[0]}:\n");
}
@@ -536,21 +512,18 @@ sub main'file_end
if ($main'elf && grep {/%[x]*mm[0-7]/i} @out) {
local($tmp);
- push (@out,"\n.comm\t${under}OPENSSL_ia32cap_P,4,4\n");
+ push (@out,"\n.comm\t".$under."OPENSSL_ia32cap,8,4\n");
push (@out,".section\t.init\n");
# One can argue that it's wasteful to craft every
# SSE/MMX module with this snippet... Well, it's 72
# bytes long and for the moment we have two modules.
# Let's argue when we have 7 modules or so...
- #
- # $1<<10 sets a reserved bit to signal that variable
- # was initialized already...
- &main'picmeup("edx","OPENSSL_ia32cap_P");
+ &main'picmeup("edx","OPENSSL_ia32cap");
$tmp=<<___;
cmpl \$0,(%edx)
jne 1f
- movl \$1<<10,(%edx)
+ movl \$1,(%edx)
pushf
popl %eax
movl %eax,%ecx
@@ -560,18 +533,18 @@ sub main'file_end
pushf
popl %eax
xorl %ecx,%eax
- btl \$21,%eax
+ bt \$21,%eax
jnc 1f
pushl %edi
pushl %ebx
movl %edx,%edi
movl \$1,%eax
- .byte 0x0f,0xa2
- orl \$1<<10,%edx
+ cpuid
+ orl \$1,%edx
movl %edx,0(%edi)
+ movl %ecx,4(%edi)
popl %ebx
popl %edi
- .align $align
1:
___
push (@out,$tmp);
@@ -592,13 +565,7 @@ sub main'data_word
sub main'align
{
- my $val=$_[0],$p2,$i;
- if ($main'aout) {
- for ($p2=0;$val!=0;$val>>=1) { $p2++; }
- $val=$p2-1;
- $val.=",0x90";
- }
- push(@out,".align\t$val\n");
+ push(@out,".align $_[0]\n");
}
# debug output functions: puts, putx, printf
@@ -680,6 +647,7 @@ sub main'picmeup
{
local($tmp)=<<___;
#if (defined(ELF) || defined(SOL)) && defined(PIC)
+ .align 4
call 1f
1: popl $regs{$dst}
addl \$_GLOBAL_OFFSET_TABLE_+[.-1b],$regs{$dst}
@@ -692,12 +660,13 @@ ___
}
elsif ($main'pic && ($main'elf || $main'aout))
{
+ push(@out,"\t.align\t4\n");
&main'call(&main'label("PIC_me_up"));
&main'set_label("PIC_me_up");
&main'blindpop($dst);
- &main'add($dst,"\$${under}_GLOBAL_OFFSET_TABLE_+[.-".
+ &main'add($dst,"\$$under"."_GLOBAL_OFFSET_TABLE_+[.-".
&main'label("PIC_me_up") . "]");
- &main'mov($dst,&main'DWP($under.$sym."\@GOT",$dst));
+ &main'mov($dst,&main'DWP($sym."\@GOT",$dst));
}
else
{
@@ -706,39 +675,3 @@ ___
}
sub main'blindpop { &out1("popl",@_); }
-
-sub main'initseg
- {
- local($f)=@_;
- local($tmp);
- if ($main'elf)
- {
- $tmp=<<___;
-.section .init
- call $under$f
- .align $align
-___
- }
- elsif ($main'coff)
- {
- $tmp=<<___; # applies to both Cygwin and Mingw
-.section .ctors
-.long $under$f
-___
- }
- elsif ($main'aout)
- {
- local($ctor)="${under}_GLOBAL_\$I\$$f";
- $tmp=".text\n";
- $tmp.=".type $ctor,\@function\n" if ($main'pic);
- $tmp.=<<___; # OpenBSD way...
-.globl $ctor
-.align 2
-$ctor:
- jmp $under$f
-___
- }
- push(@out,$tmp) if ($tmp);
- }
-
-1;
diff --git a/crypto/pkcs12/Makefile.ssl b/crypto/pkcs12/Makefile.ssl
index 13860527ab..48004f2130 100644
--- a/crypto/pkcs12/Makefile.ssl
+++ b/crypto/pkcs12/Makefile.ssl
@@ -59,7 +59,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/pkcs12/p12_crpt.c b/crypto/pkcs12/p12_crpt.c
index d407be39ca..654d15c82b 100644
--- a/crypto/pkcs12/p12_crpt.c
+++ b/crypto/pkcs12/p12_crpt.c
@@ -88,7 +88,7 @@ int PKCS12_PBE_keyivgen (EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de)
{
PBEPARAM *pbe;
- int saltlen, iter, ret;
+ int saltlen, iter;
unsigned char *salt;
const unsigned char *pbuf;
unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
@@ -118,8 +118,8 @@ int PKCS12_PBE_keyivgen (EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
return 0;
}
PBEPARAM_free(pbe);
- ret = EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, en_de);
+ EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, en_de);
OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH);
OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH);
- return ret;
+ return 1;
}
diff --git a/crypto/pkcs12/p12_init.c b/crypto/pkcs12/p12_init.c
index 5276b12669..eb837a78cf 100644
--- a/crypto/pkcs12/p12_init.c
+++ b/crypto/pkcs12/p12_init.c
@@ -76,17 +76,15 @@ PKCS12 *PKCS12_init (int mode)
if (!(pkcs12->authsafes->d.data =
M_ASN1_OCTET_STRING_new())) {
PKCS12err(PKCS12_F_PKCS12_INIT,ERR_R_MALLOC_FAILURE);
- goto err;
+ return NULL;
}
break;
default:
- PKCS12err(PKCS12_F_PKCS12_INIT,
- PKCS12_R_UNSUPPORTED_PKCS12_MODE);
- goto err;
+ PKCS12err(PKCS12_F_PKCS12_INIT,PKCS12_R_UNSUPPORTED_PKCS12_MODE);
+ PKCS12_free(pkcs12);
+ return NULL;
+ break;
}
return pkcs12;
-err:
- if (pkcs12 != NULL) PKCS12_free(pkcs12);
- return NULL;
}
diff --git a/crypto/pkcs12/p12_kiss.c b/crypto/pkcs12/p12_kiss.c
index 2b31999e11..885087ad00 100644
--- a/crypto/pkcs12/p12_kiss.c
+++ b/crypto/pkcs12/p12_kiss.c
@@ -249,26 +249,14 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate )
return 1;
if (!(x509 = PKCS12_certbag2x509(bag))) return 0;
- if(ckid)
- {
- if (!X509_keyid_set1(x509, ckid->data, ckid->length))
- {
- X509_free(x509);
- return 0;
- }
- }
+ if(ckid) X509_keyid_set1(x509, ckid->data, ckid->length);
if(fname) {
- int len, r;
+ int len;
unsigned char *data;
len = ASN1_STRING_to_UTF8(&data, fname);
if(len > 0) {
- r = X509_alias_set1(x509, data, len);
+ X509_alias_set1(x509, data, len);
OPENSSL_free(data);
- if (!r)
- {
- X509_free(x509);
- return 0;
- }
}
}
diff --git a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c
index 4886b9b289..0fb67f74b8 100644
--- a/crypto/pkcs12/p12_mutl.c
+++ b/crypto/pkcs12/p12_mutl.c
@@ -148,10 +148,7 @@ int PKCS12_setup_mac (PKCS12 *p12, int iter, unsigned char *salt, int saltlen,
PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
return 0;
}
- if (!ASN1_INTEGER_set(p12->mac->iter, iter)) {
- PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
- return 0;
- }
+ ASN1_INTEGER_set(p12->mac->iter, iter);
}
if (!saltlen) saltlen = PKCS12_SALT_LEN;
p12->mac->salt->length = saltlen;
diff --git a/crypto/pkcs7/Makefile.ssl b/crypto/pkcs7/Makefile.ssl
index f8161ecb24..965286e7d5 100644
--- a/crypto/pkcs7/Makefile.ssl
+++ b/crypto/pkcs7/Makefile.ssl
@@ -74,7 +74,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/pkcs7/pk7_attr.c b/crypto/pkcs7/pk7_attr.c
index 735c8800e1..56ce000585 100644
--- a/crypto/pkcs7/pk7_attr.c
+++ b/crypto/pkcs7/pk7_attr.c
@@ -3,7 +3,7 @@
* project 2001.
*/
/* ====================================================================
- * Copyright (c) 2001-2004 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -94,19 +94,18 @@ int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si, STACK_OF(X509_ALGOR) *cap)
}
STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si)
- {
+{
ASN1_TYPE *cap;
const unsigned char *p;
cap = PKCS7_get_signed_attribute(si, NID_SMIMECapabilities);
- if (!cap || (cap->type != V_ASN1_SEQUENCE))
- return NULL;
+ if (!cap) return NULL;
p = cap->value.sequence->data;
return d2i_ASN1_SET_OF_X509_ALGOR(NULL, &p,
cap->value.sequence->length,
d2i_X509_ALGOR, X509_ALGOR_free,
V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
- }
+}
/* Basic smime-capabilities OID and optional integer arg */
int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg)
diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c
index 8d98a85210..25483bc156 100644
--- a/crypto/pkcs7/pk7_doit.c
+++ b/crypto/pkcs7/pk7_doit.c
@@ -263,13 +263,7 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
OPENSSL_free(tmp);
goto err;
}
- if (!M_ASN1_OCTET_STRING_set(ri->enc_key,tmp,jj))
- {
- PKCS7err(PKCS7_F_PKCS7_DATAINIT,
- ERR_R_MALLOC_FAILURE);
- OPENSSL_free(tmp);
- goto err;
- }
+ M_ASN1_OCTET_STRING_set(ri->enc_key,tmp,jj);
}
OPENSSL_free(tmp);
OPENSSL_cleanse(key, keylen);
@@ -565,20 +559,12 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
case NID_pkcs7_signedAndEnveloped:
/* XXXXXXXXXXXXXXXX */
si_sk=p7->d.signed_and_enveloped->signer_info;
- if (!(os=M_ASN1_OCTET_STRING_new()))
- {
- PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_MALLOC_FAILURE);
- goto err;
- }
+ os=M_ASN1_OCTET_STRING_new();
p7->d.signed_and_enveloped->enc_data->enc_data=os;
break;
case NID_pkcs7_enveloped:
/* XXXXXXXXXXXXXXXX */
- if (!(os=M_ASN1_OCTET_STRING_new()))
- {
- PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_MALLOC_FAILURE);
- goto err;
- }
+ os=M_ASN1_OCTET_STRING_new();
p7->d.enveloped->enc_data->enc_data=os;
break;
case NID_pkcs7_signed:
@@ -649,12 +635,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
if (!PKCS7_get_signed_attribute(si,
NID_pkcs9_signingTime))
{
- if (!(sign_time=X509_gmtime_adj(NULL,0)))
- {
- PKCS7err(PKCS7_F_PKCS7_DATASIGN,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
+ sign_time=X509_gmtime_adj(NULL,0);
PKCS7_add_signed_attribute(si,
NID_pkcs9_signingTime,
V_ASN1_UTCTIME,sign_time);
@@ -663,19 +644,8 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
/* Add digest */
md_tmp=EVP_MD_CTX_md(&ctx_tmp);
EVP_DigestFinal_ex(&ctx_tmp,md_data,&md_len);
- if (!(digest=M_ASN1_OCTET_STRING_new()))
- {
- PKCS7err(PKCS7_F_PKCS7_DATASIGN,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (!M_ASN1_OCTET_STRING_set(digest,md_data,
- md_len))
- {
- PKCS7err(PKCS7_F_PKCS7_DATASIGN,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
+ digest=M_ASN1_OCTET_STRING_new();
+ M_ASN1_OCTET_STRING_set(digest,md_data,md_len);
PKCS7_add_signed_attribute(si,
NID_pkcs9_messageDigest,
V_ASN1_OCTET_STRING,digest);
diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c
index a45a0f0640..70ee44be8f 100644
--- a/crypto/pkcs7/pk7_lib.c
+++ b/crypto/pkcs7/pk7_lib.c
@@ -168,12 +168,7 @@ int PKCS7_set_type(PKCS7 *p7, int type)
p7->type=obj;
if ((p7->d.sign=PKCS7_SIGNED_new()) == NULL)
goto err;
- if (!ASN1_INTEGER_set(p7->d.sign->version,1))
- {
- PKCS7_SIGNED_free(p7->d.sign);
- p7->d.sign=NULL;
- goto err;
- }
+ ASN1_INTEGER_set(p7->d.sign->version,1);
break;
case NID_pkcs7_data:
p7->type=obj;
@@ -185,9 +180,6 @@ int PKCS7_set_type(PKCS7 *p7, int type)
if ((p7->d.signed_and_enveloped=PKCS7_SIGN_ENVELOPE_new())
== NULL) goto err;
ASN1_INTEGER_set(p7->d.signed_and_enveloped->version,1);
- if (!ASN1_INTEGER_set(p7->d.signed_and_enveloped->version,1))
- goto err;
- break;
p7->d.signed_and_enveloped->enc_data->content_type
= OBJ_nid2obj(NID_pkcs7_data);
break;
@@ -195,8 +187,7 @@ int PKCS7_set_type(PKCS7 *p7, int type)
p7->type=obj;
if ((p7->d.enveloped=PKCS7_ENVELOPE_new())
== NULL) goto err;
- if (!ASN1_INTEGER_set(p7->d.enveloped->version,0))
- goto err;
+ ASN1_INTEGER_set(p7->d.enveloped->version,0);
p7->d.enveloped->enc_data->content_type
= OBJ_nid2obj(NID_pkcs7_data);
break;
@@ -204,8 +195,7 @@ int PKCS7_set_type(PKCS7 *p7, int type)
p7->type=obj;
if ((p7->d.encrypted=PKCS7_ENCRYPT_new())
== NULL) goto err;
- if (!ASN1_INTEGER_set(p7->d.encrypted->version,0))
- goto err;
+ ASN1_INTEGER_set(p7->d.encrypted->version,0);
p7->d.encrypted->enc_data->content_type
= OBJ_nid2obj(NID_pkcs7_data);
break;
@@ -214,8 +204,7 @@ int PKCS7_set_type(PKCS7 *p7, int type)
p7->type=obj;
if ((p7->d.digest=PKCS7_DIGEST_new())
== NULL) goto err;
- if (!ASN1_INTEGER_set(p7->d.digest->version,0))
- goto err;
+ ASN1_INTEGER_set(p7->d.digest->version,0);
break;
default:
PKCS7err(PKCS7_F_PKCS7_SET_TYPE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
@@ -349,18 +338,15 @@ int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
else
is_dsa = 0;
/* We now need to add another PKCS7_SIGNER_INFO entry */
- if (!ASN1_INTEGER_set(p7i->version,1))
- goto err;
- if (!X509_NAME_set(&p7i->issuer_and_serial->issuer,
- X509_get_issuer_name(x509)))
- goto err;
+ ASN1_INTEGER_set(p7i->version,1);
+ X509_NAME_set(&p7i->issuer_and_serial->issuer,
+ X509_get_issuer_name(x509));
/* because ASN1_INTEGER_set is used to set a 'long' we will do
* things the ugly way. */
M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial);
- if (!(p7i->issuer_and_serial->serial=
- M_ASN1_INTEGER_dup(X509_get_serialNumber(x509))))
- goto err;
+ p7i->issuer_and_serial->serial=
+ M_ASN1_INTEGER_dup(X509_get_serialNumber(x509));
/* lets keep the pkey around for a while */
CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
@@ -497,20 +483,16 @@ int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri)
int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509)
{
- if (!ASN1_INTEGER_set(p7i->version,0))
- return 0;
- if (!X509_NAME_set(&p7i->issuer_and_serial->issuer,
- X509_get_issuer_name(x509)))
- return 0;
+ ASN1_INTEGER_set(p7i->version,0);
+ X509_NAME_set(&p7i->issuer_and_serial->issuer,
+ X509_get_issuer_name(x509));
M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial);
- if (!(p7i->issuer_and_serial->serial=
- M_ASN1_INTEGER_dup(X509_get_serialNumber(x509))))
- return 0;
+ p7i->issuer_and_serial->serial=
+ M_ASN1_INTEGER_dup(X509_get_serialNumber(x509));
X509_ALGOR_free(p7i->key_enc_algor);
- if (!(p7i->key_enc_algor= X509_ALGOR_dup(x509->cert_info->key->algor)))
- return 0;
+ p7i->key_enc_algor= X509_ALGOR_dup(x509->cert_info->key->algor);
CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509);
p7i->cert=x509;
diff --git a/crypto/pkcs7/pk7_smime.c b/crypto/pkcs7/pk7_smime.c
index f22c07fb55..6aca0222da 100644
--- a/crypto/pkcs7/pk7_smime.c
+++ b/crypto/pkcs7/pk7_smime.c
@@ -157,7 +157,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
char buf[4096];
int i, j=0, k, ret = 0;
BIO *p7bio;
- BIO *tmpin, *tmpout;
+ BIO *tmpout;
if(!p7) {
PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_INVALID_NULL_POINTER);
@@ -232,30 +232,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
/* Check for revocation status here */
}
- /* Performance optimization: if the content is a memory BIO then
- * store its contents in a temporary read only memory BIO. This
- * avoids potentially large numbers of slow copies of data which will
- * occur when reading from a read write memory BIO when signatures
- * are calculated.
- */
-
- if (indata && (BIO_method_type(indata) == BIO_TYPE_MEM))
- {
- char *ptr;
- long len;
- len = BIO_get_mem_data(indata, &ptr);
- tmpin = BIO_new_mem_buf(ptr, len);
- if (tmpin == NULL)
- {
- PKCS7err(PKCS7_F_PKCS7_VERIFY,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- }
- else
- tmpin = indata;
-
-
- p7bio=PKCS7_dataInit(p7,tmpin);
+ p7bio=PKCS7_dataInit(p7,indata);
if(flags & PKCS7_TEXT) {
if(!(tmpout = BIO_new(BIO_s_mem()))) {
@@ -297,15 +274,9 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
ret = 1;
err:
-
- if (tmpin == indata)
- {
- if(indata) BIO_pop(p7bio);
- BIO_free_all(p7bio);
- }
- else
- BIO_free_all(tmpin);
+ if(indata) BIO_pop(p7bio);
+ BIO_free_all(p7bio);
sk_X509_free(signers);
return ret;
diff --git a/crypto/rand/Makefile.ssl b/crypto/rand/Makefile.ssl
index e5da96e865..ec043cf4fe 100644
--- a/crypto/rand/Makefile.ssl
+++ b/crypto/rand/Makefile.ssl
@@ -55,7 +55,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c
index 14837a7a7d..d2fdb35b56 100644
--- a/crypto/rand/rand_unix.c
+++ b/crypto/rand/rand_unix.c
@@ -121,7 +121,6 @@
#include <sys/types.h>
#include <sys/time.h>
#include <sys/times.h>
-#include <sys/stat.h>
#include <fcntl.h>
#include <unistd.h>
#include <time.h>
@@ -153,9 +152,9 @@ int RAND_poll(void)
int n = 0;
#endif
#ifdef DEVRANDOM
- static const char *randomfiles[] = { DEVRANDOM };
- struct stat randomstats[sizeof(randomfiles)/sizeof(randomfiles[0])];
- int fd,i;
+ static const char *randomfiles[] = { DEVRANDOM, NULL };
+ const char **randomfile = NULL;
+ int fd;
#endif
#ifdef DEVRANDOM_EGD
static const char *egdsockets[] = { DEVRANDOM_EGD, NULL };
@@ -163,42 +162,26 @@ int RAND_poll(void)
#endif
#ifdef DEVRANDOM
- memset(randomstats,0,sizeof(randomstats));
/* Use a random entropy pool device. Linux, FreeBSD and OpenBSD
* have this. Use /dev/urandom if you can as /dev/random may block
* if it runs out of random entries. */
- for (i=0; i<sizeof(randomfiles)/sizeof(randomfiles[0]) && n < ENTROPY_NEEDED; i++)
+ for (randomfile = randomfiles; *randomfile && n < ENTROPY_NEEDED; randomfile++)
{
- if ((fd = open(randomfiles[i], O_RDONLY
-#ifdef O_NONBLOCK
- |O_NONBLOCK
-#endif
-#ifdef O_BINARY
- |O_BINARY
-#endif
+ if ((fd = open(*randomfile, O_RDONLY|O_NONBLOCK
#ifdef O_NOCTTY /* If it happens to be a TTY (god forbid), do not make it
our controlling tty */
|O_NOCTTY
#endif
+#ifdef O_NOFOLLOW /* Fail if the file is a symbolic link */
+ |O_NOFOLLOW
+#endif
)) >= 0)
{
struct timeval t = { 0, 10*1000 }; /* Spend 10ms on
each file. */
- int r,j;
+ int r;
fd_set fset;
- struct stat *st=&randomstats[i];
-
- /* Avoid using same input... Used to be O_NOFOLLOW
- * above, but it's not universally appropriate... */
- if (fstat(fd,st) != 0) { close(fd); continue; }
- for (j=0;j<i;j++)
- {
- if (randomstats[j].st_ino==st->st_ino &&
- randomstats[j].st_dev==st->st_dev)
- break;
- }
- if (j<i) { close(fd); continue; }
do
{
diff --git a/crypto/rand/rand_vms.c b/crypto/rand/rand_vms.c
index 1267a3acae..00cf6bb29d 100644
--- a/crypto/rand/rand_vms.c
+++ b/crypto/rand/rand_vms.c
@@ -1,6 +1,8 @@
/* crypto/rand/rand_vms.c -*- mode:C; c-file-style: "eay" -*- */
/* Written by Richard Levitte <richard@levitte.org> for the OpenSSL
* project 2000.
+ * RAND_poll() written by Taka Shinagawa <takaaki.shinagawa@compaq.com>
+ * for the OpenSSL project.
*/
/* ====================================================================
* Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
@@ -56,13 +58,76 @@
*
*/
+#include <stdio.h>
+#include <stdlib.h>
+
#include <openssl/rand.h>
#include "rand_lcl.h"
#if defined(OPENSSL_SYS_VMS)
+#define __NEW_STARLET 1
+#define NUM_OF_ITEMS 11
+#include <efndef.h>
#include <descrip.h>
#include <jpidef.h>
+
+#ifdef __alpha
+#include <iledef.h>
+#include <iosbdef.h>
+#else
+typedef struct _ile3 { /* Copied from ILEDEF.H for Alpha */
+#pragma __nomember_alignment
+ unsigned short int ile3$w_length; /* Length of buffer in bytes */
+ unsigned short int ile3$w_code; /* Item code value */
+ void *ile3$ps_bufaddr; /* Buffer address */
+ unsigned short int *ile3$ps_retlen_addr; /* Address of word for returned length */
+ } ILE3;
+
+typedef struct _iosb { /* Copied from IOSBDEF.H for Alpha */
+#pragma __nomember_alignment
+ __union {
+ __struct {
+ unsigned short int iosb$w_status; /* Final I/O status */
+ __union {
+ __struct { /* 16-bit byte count variant */
+ unsigned short int iosb$w_bcnt; /* 16-bit byte count */
+ __union {
+ unsigned int iosb$l_dev_depend; /* 32-bit device dependent info */
+ unsigned int iosb$l_pid; /* 32-bit pid */
+ } iosb$r_l;
+ } iosb$r_bcnt_16;
+ __struct { /* 32-bit byte count variant */
+ unsigned int iosb$l_bcnt; /* 32-bit byte count (unaligned) */
+ unsigned short int iosb$w_dev_depend_high; /* 16-bit device dependent info */
+ } iosb$r_bcnt_32;
+ } iosb$r_devdepend;
+ } iosb$r_io_64;
+ __struct {
+ __union {
+ unsigned int iosb$l_getxxi_status; /* Final GETxxI status */
+ unsigned int iosb$l_reg_status; /* Final $Registry status */
+ } iosb$r_l_status;
+ unsigned int iosb$l_reserved; /* Reserved field */
+ } iosb$r_get_64;
+ } iosb$r_io_get;
+ } IOSB;
+
+#if !defined(__VAXC)
+#define iosb$w_status iosb$r_io_get.iosb$r_io_64.iosb$w_status
+#define iosb$w_bcnt iosb$r_io_get.iosb$r_io_64.iosb$r_devdepend.iosb$r_bcnt_16.iosb$w_bcnt
+#define iosb$r_l iosb$r_io_get.iosb$r_io_64.iosb$r_devdepend.iosb$r_bcnt_16.iosb$r_l
+#define iosb$l_dev_depend iosb$r_l.iosb$l_dev_depend
+#define iosb$l_pid iosb$r_l.iosb$l_pid
+#define iosb$l_bcnt iosb$r_io_get.iosb$r_io_64.iosb$r_devdepend.iosb$r_bcnt_32.iosb$l_bcnt
+#define iosb$w_dev_depend_high iosb$r_io_get.iosb$r_io_64.iosb$r_devdepend.iosb$r_bcnt_32.iosb$w_dev_depend_high
+#define iosb$l_getxxi_status iosb$r_io_get.iosb$r_get_64.iosb$r_l_status.iosb$l_getxxi_status
+#define iosb$l_reg_status iosb$r_io_get.iosb$r_get_64.iosb$r_l_status.iosb$l_reg_status
+#endif /* #if !defined(__VAXC) */
+
+#endif /* End of IOSBDEF */
+
+#include <syidef.h>
#include <ssdef.h>
#include <starlet.h>
#ifdef __DECC
@@ -76,43 +141,65 @@ static struct items_data_st
{ { 4, JPI$_BUFIO },
{ 4, JPI$_CPUTIM },
{ 4, JPI$_DIRIO },
+ { 4, JPI$_IMAGECOUNT },
+ { 8, JPI$_LAST_LOGIN_I },
{ 8, JPI$_LOGINTIM },
{ 4, JPI$_PAGEFLTS },
{ 4, JPI$_PID },
+ { 4, JPI$_PPGCNT },
{ 4, JPI$_WSSIZE },
+ { 4, JPI$_WSPEAK },
+ { 4, JPI$_FINALEXC },
{ 0, 0 }
};
int RAND_poll(void)
{
- long pid, iosb[2];
+ IOSB iosb;
+ unsigned int pid;
int status = 0;
- struct
- {
- short length, code;
- long *buffer;
- int *retlen;
- } item[32], *pitem;
- unsigned char data_buffer[256];
- short total_length = 0;
+#if __INITIAL_POINTER_SIZE == 64
+ ILEB_64 item[32], *pitem;
+#else
+ ILE3 item[32], *pitem;
+#endif
+ int data_buffer[256];
+ int total_length = 0;
struct items_data_st *pitems_data;
pitems_data = items_data;
pitem = item;
/* Setup */
- while (pitems_data->length
- && (total_length + pitems_data->length <= 256))
+ while (pitems_data->length)
{
- pitem->length = pitems_data->length;
- pitem->code = pitems_data->code;
- pitem->buffer = (long *)&data_buffer[total_length];
- pitem->retlen = 0;
- total_length += pitems_data->length;
+#if __INITIAL_POINTER_SIZE == 64
+
+ pitem->ileb_64$w_mbo = 1;
+ pitem->ileb_64$w_code = pitems_data->code;
+ pitem->ileb_64$l_mbmo = -1;
+ pitem->ileb_64$q_length = pitems_data->length;
+ pitem->ileb_64$pq_bufaddr = &data_buffer[total_length];
+ pitem->ileb_64$pq_retlen_addr = 0;
+
+ total_length += pitems_data->length/4;
+#else
+ pitem->ile3$w_length = (short)pitems_data->length;
+ pitem->ile3$w_code = (short)pitems_data->code;
+ pitem->ile3$ps_bufaddr = &data_buffer[total_length];
+ pitem->ile3$ps_retlen_addr = 0;
+
+ total_length += pitems_data->length/4;
+#endif
pitems_data++;
pitem++;
}
- pitem->length = pitem->code = 0;
+ /* Last item of the item list is null terminated */
+#if __INITIAL_POINTER_SIZE == 64
+ pitem->ileb_64$q_length = pitem->ileb_64$w_code = 0;
+#else
+ pitem->ile3$w_length = pitem->ile3$w_code = 0;
+#endif
/*
* Scan through all the processes in the system and add entropy with
@@ -120,17 +207,56 @@ int RAND_poll(void)
* However, view the information as only half trustable.
*/
pid = -1; /* search context */
- while ((status = sys$getjpiw(0, &pid, 0, item, iosb, 0, 0))
+ while ((status = sys$getjpiw(EFN$C_ENF, &pid, 0, item, &iosb, 0, 0))
!= SS$_NOMOREPROC)
{
if (status == SS$_NORMAL)
{
- RAND_add(data_buffer, total_length, total_length/2);
+ int i;
+ int tmp_length;
+
+ for(i = 0; i < total_length; i++)
+ {
+ unsigned int sys_time[2];
+
+#ifdef __NEW_STARLET
+ sys$gettim((struct _generic_64 *)sys_time);
+#else
+ sys$gettim(sys_time);
+#endif
+ srand(sys_time[0]*data_buffer[0]*data_buffer[1]+i);
+ if(i==(total_length-1)) /* for JPI$_FINALEXC */
+ {
+ long int *ptr = (long *)&data_buffer[i];
+ int j;
+
+ tmp_length = 0;
+
+ for(j=0; j<4; j++)
+ {
+ data_buffer[i+j] = ptr[j];
+ /* OK to use rand() just
+ to scramble the seed */
+ data_buffer[i+j] ^=
+ (sys_time[0] ^ rand());
+ tmp_length++;
+ }
+ }
+ else
+ {
+ /* OK to use rand() just
+ to scramble the seed */
+ data_buffer[i] ^=
+ (sys_time[0] ^ rand());
+ }
+ }
+ total_length += (tmp_length - 1);
+
+ /* size of seed is total_length*4 bytes (64bytes) */
+ RAND_add(data_buffer, total_length, total_length*2);
}
}
- sys$gettim(iosb);
- RAND_add((unsigned char *)iosb, sizeof(iosb), sizeof(iosb)/2);
- return 1;
+ return RAND_status();
}
#endif
diff --git a/crypto/rand/rand_win.c b/crypto/rand/rand_win.c
index aaea92c8fd..3584842224 100644
--- a/crypto/rand/rand_win.c
+++ b/crypto/rand/rand_win.c
@@ -125,7 +125,7 @@
* http://developer.intel.com/design/security/rng/redist_license.htm
*/
#define PROV_INTEL_SEC 22
-#define INTEL_DEF_PROV L"Intel Hardware Cryptographic Service Provider"
+#define INTEL_DEF_PROV TEXT("Intel Hardware Cryptographic Service Provider")
static void readtimer(void);
static void readscreen(void);
@@ -152,7 +152,7 @@ typedef struct tagCURSORINFO
#define CURSOR_SHOWING 0x00000001
#endif /* CURSOR_SHOWING */
-typedef BOOL (WINAPI *CRYPTACQUIRECONTEXTW)(HCRYPTPROV *, LPCWSTR, LPCWSTR,
+typedef BOOL (WINAPI *CRYPTACQUIRECONTEXT)(HCRYPTPROV *, LPCTSTR, LPCTSTR,
DWORD, DWORD);
typedef BOOL (WINAPI *CRYPTGENRANDOM)(HCRYPTPROV, DWORD, BYTE *);
typedef BOOL (WINAPI *CRYPTRELEASECONTEXT)(HCRYPTPROV, DWORD);
@@ -194,7 +194,7 @@ int RAND_poll(void)
HWND h;
HMODULE advapi, kernel, user, netapi;
- CRYPTACQUIRECONTEXTW acquire = 0;
+ CRYPTACQUIRECONTEXT acquire = 0;
CRYPTGENRANDOM gen = 0;
CRYPTRELEASECONTEXT release = 0;
#if 1 /* There was previously a problem with NETSTATGET. Currently, this
@@ -213,9 +213,6 @@ int RAND_poll(void)
GetVersionEx( &osverinfo ) ;
#if defined(OPENSSL_SYS_WINCE) && WCEPLATFORM!=MS_HPC_PRO
-#ifndef CryptAcquireContext
-#define CryptAcquireContext CryptAcquireContextW
-#endif
/* poll the CryptoAPI PRNG */
/* The CryptoAPI returns sizeof(buf) bytes of randomness */
if (CryptAcquireContext(&hProvider, 0, 0, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))
@@ -226,35 +223,21 @@ int RAND_poll(void)
}
#endif
-#ifndef OPENSSL_SYS_WINCE
- /*
- * None of below libraries are present on Windows CE, which is
- * why we #ifndef the whole section. This also excuses us from
- * handling the GetProcAddress issue. The trouble is that in
- * real Win32 API GetProcAddress is available in ANSI flavor
- * only. In WinCE on the other hand GetProcAddress is a macro
- * most commonly defined as GetProcAddressW, which accepts
- * Unicode argument. If we were to call GetProcAddress under
- * WinCE, I'd recommend to either redefine GetProcAddress as
- * GetProcAddressA (there seem to be one in common CE spec) or
- * implement own shim routine, which would accept ANSI argument
- * and expand it to Unicode.
- */
-
/* load functions dynamically - not available on all systems */
advapi = LoadLibrary(TEXT("ADVAPI32.DLL"));
kernel = LoadLibrary(TEXT("KERNEL32.DLL"));
user = LoadLibrary(TEXT("USER32.DLL"));
netapi = LoadLibrary(TEXT("NETAPI32.DLL"));
+#ifndef OPENSSL_SYS_WINCE
#if 1 /* There was previously a problem with NETSTATGET. Currently, this
* section is still experimental, but if all goes well, this conditional
* will be removed
*/
if (netapi)
{
- netstatget = (NETSTATGET) GetProcAddress(netapi,"NetStatisticsGet");
- netfree = (NETFREE) GetProcAddress(netapi,"NetApiBufferFree");
+ netstatget = (NETSTATGET) GetProcAddress(netapi,TEXT("NetStatisticsGet"));
+ netfree = (NETFREE) GetProcAddress(netapi,TEXT("NetApiBufferFree"));
}
if (netstatget && netfree)
@@ -281,7 +264,9 @@ int RAND_poll(void)
if (netapi)
FreeLibrary(netapi);
#endif /* 1 */
-
+#endif /* !OPENSSL_SYS_WINCE */
+
+#ifndef OPENSSL_SYS_WINCE
/* It appears like this can cause an exception deep within ADVAPI32.DLL
* at random times on Windows 2000. Reported by Jeffrey Altman.
* Only use it on NT.
@@ -336,20 +321,16 @@ int RAND_poll(void)
free(buf);
}
#endif
+#endif /* !OPENSSL_SYS_WINCE */
if (advapi)
{
- /*
- * If it's available, then it's available in both ANSI
- * and UNICODE flavors even in Win9x, documentation says.
- * We favor Unicode...
- */
- acquire = (CRYPTACQUIRECONTEXTW) GetProcAddress(advapi,
- "CryptAcquireContextW");
+ acquire = (CRYPTACQUIRECONTEXT) GetProcAddress(advapi,
+ TEXT("CryptAcquireContextA"));
gen = (CRYPTGENRANDOM) GetProcAddress(advapi,
- "CryptGenRandom");
+ TEXT("CryptGenRandom"));
release = (CRYPTRELEASECONTEXT) GetProcAddress(advapi,
- "CryptReleaseContext");
+ TEXT("CryptReleaseContext"));
}
if (acquire && gen && release)
@@ -386,15 +367,26 @@ int RAND_poll(void)
if (advapi)
FreeLibrary(advapi);
+ /* timer data */
+ readtimer();
+
+ /* memory usage statistics */
+ GlobalMemoryStatus(&m);
+ RAND_add(&m, sizeof(m), 1);
+
+ /* process ID */
+ w = GetCurrentProcessId();
+ RAND_add(&w, sizeof(w), 1);
+
if (user)
{
GETCURSORINFO cursor;
GETFOREGROUNDWINDOW win;
GETQUEUESTATUS queue;
- win = (GETFOREGROUNDWINDOW) GetProcAddress(user, "GetForegroundWindow");
- cursor = (GETCURSORINFO) GetProcAddress(user, "GetCursorInfo");
- queue = (GETQUEUESTATUS) GetProcAddress(user, "GetQueueStatus");
+ win = (GETFOREGROUNDWINDOW) GetProcAddress(user, TEXT("GetForegroundWindow"));
+ cursor = (GETCURSORINFO) GetProcAddress(user, TEXT("GetCursorInfo"));
+ queue = (GETQUEUESTATUS) GetProcAddress(user, TEXT("GetQueueStatus"));
if (win)
{
@@ -466,19 +458,19 @@ int RAND_poll(void)
MODULEENTRY32 m;
snap = (CREATETOOLHELP32SNAPSHOT)
- GetProcAddress(kernel, "CreateToolhelp32Snapshot");
+ GetProcAddress(kernel, TEXT("CreateToolhelp32Snapshot"));
close_snap = (CLOSETOOLHELP32SNAPSHOT)
- GetProcAddress(kernel, "CloseToolhelp32Snapshot");
- heap_first = (HEAP32FIRST) GetProcAddress(kernel, "Heap32First");
- heap_next = (HEAP32NEXT) GetProcAddress(kernel, "Heap32Next");
- heaplist_first = (HEAP32LIST) GetProcAddress(kernel, "Heap32ListFirst");
- heaplist_next = (HEAP32LIST) GetProcAddress(kernel, "Heap32ListNext");
- process_first = (PROCESS32) GetProcAddress(kernel, "Process32First");
- process_next = (PROCESS32) GetProcAddress(kernel, "Process32Next");
- thread_first = (THREAD32) GetProcAddress(kernel, "Thread32First");
- thread_next = (THREAD32) GetProcAddress(kernel, "Thread32Next");
- module_first = (MODULE32) GetProcAddress(kernel, "Module32First");
- module_next = (MODULE32) GetProcAddress(kernel, "Module32Next");
+ GetProcAddress(kernel, TEXT("CloseToolhelp32Snapshot"));
+ heap_first = (HEAP32FIRST) GetProcAddress(kernel, TEXT("Heap32First"));
+ heap_next = (HEAP32NEXT) GetProcAddress(kernel, TEXT("Heap32Next"));
+ heaplist_first = (HEAP32LIST) GetProcAddress(kernel, TEXT("Heap32ListFirst"));
+ heaplist_next = (HEAP32LIST) GetProcAddress(kernel, TEXT("Heap32ListNext"));
+ process_first = (PROCESS32) GetProcAddress(kernel, TEXT("Process32First"));
+ process_next = (PROCESS32) GetProcAddress(kernel, TEXT("Process32Next"));
+ thread_first = (THREAD32) GetProcAddress(kernel, TEXT("Thread32First"));
+ thread_next = (THREAD32) GetProcAddress(kernel, TEXT("Thread32Next"));
+ module_first = (MODULE32) GetProcAddress(kernel, TEXT("Module32First"));
+ module_next = (MODULE32) GetProcAddress(kernel, TEXT("Module32Next"));
if (snap && heap_first && heap_next && heaplist_first &&
heaplist_next && process_first && process_next &&
@@ -554,18 +546,6 @@ int RAND_poll(void)
FreeLibrary(kernel);
}
-#endif /* !OPENSSL_SYS_WINCE */
-
- /* timer data */
- readtimer();
-
- /* memory usage statistics */
- GlobalMemoryStatus(&m);
- RAND_add(&m, sizeof(m), 1);
-
- /* process ID */
- w = GetCurrentProcessId();
- RAND_add(&w, sizeof(w), 1);
#if 0
printf("Exiting RAND_poll\n");
@@ -627,7 +607,7 @@ static void readtimer(void)
DWORD w;
LARGE_INTEGER l;
static int have_perfc = 1;
-#if defined(_MSC_VER) && defined(_M_X86)
+#if defined(_MSC_VER) && !defined(OPENSSL_SYS_WINCE)
static int have_tsc = 1;
DWORD cyclecount;
diff --git a/crypto/rc2/Makefile.ssl b/crypto/rc2/Makefile.ssl
index 2a036d3037..98d5960d5d 100644
--- a/crypto/rc2/Makefile.ssl
+++ b/crypto/rc2/Makefile.ssl
@@ -53,7 +53,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/rc4/Makefile.ssl b/crypto/rc4/Makefile.ssl
index dd0652cfba..a965c02d94 100644
--- a/crypto/rc4/Makefile.ssl
+++ b/crypto/rc4/Makefile.ssl
@@ -26,7 +26,6 @@ RC4_ENC=rc4_enc.o
CFLAGS= $(INCLUDES) $(CFLAG)
ASFLAGS= $(INCLUDES) $(ASFLAG)
-AFLAGS= $(ASFLAGS)
GENERAL=Makefile
TEST=rc4test.c
@@ -53,20 +52,22 @@ lib: $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
-# ELF
+# elf
asm/rx86-elf.s: asm/rc4-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) rc4-586.pl elf $(CFLAGS) > ../$@)
-# COFF
-asm/rx86-cof.s: asm/rc4-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) rc4-586.pl coff $(CFLAGS) > ../$@)
+ (cd asm; $(PERL) rc4-586.pl elf $(CFLAGS) > rx86-elf.s)
+
# a.out
-rx86-out.s: asm/rc4-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) rc4-586.pl a.out $(CFLAGS) > ../$@)
+asm/rx86-out.o: asm/rx86unix.cpp
+ $(CPP) -DOUT asm/rx86unix.cpp | as -o asm/rx86-out.o
-asm/rc4-amd64.s: asm/rc4-amd64.pl; $(PERL) $< $@
+# bsdi
+asm/rx86bsdi.o: asm/rx86unix.cpp
+ $(CPP) -DBSDI asm/rx86unix.cpp | sed 's/ :/:/' | as -o asm/rx86bsdi.o
-asm/rc4-ia64.s: asm/rc4-ia64.S
- $(CC) $(CFLAGS) -E asm/rc4-ia64.S > $@
+asm/rx86unix.cpp: asm/rc4-586.pl ../perlasm/x86asm.pl
+ (cd asm; $(PERL) rc4-586.pl cpp >rx86unix.cpp)
+
+asm/rc4-amd64.s: asm/rc4-amd64.pl; $(PERL) $< $@
files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
@@ -78,7 +79,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
@@ -100,23 +101,12 @@ dclean:
mv -f Makefile.new $(MAKEFILE)
clean:
- rm -f asm/rx86unix.cpp asm/*.s asm/*.o *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+ rm -f asm/rx86unix.cpp asm/*-elf.* *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o
# DO NOT DELETE THIS LINE -- make depend depends on it.
-rc4_enc.o: ../../e_os.h ../../include/openssl/bio.h
-rc4_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rc4_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-rc4_enc.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-rc4_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rc4_enc.o: ../../include/openssl/rc4.h ../../include/openssl/safestack.h
-rc4_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rc4_enc.o: ../cryptlib.h rc4_enc.c rc4_locl.h
-rc4_skey.o: ../../e_os.h ../../include/openssl/bio.h
-rc4_skey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rc4_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-rc4_skey.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-rc4_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rc4_skey.o: ../../include/openssl/rc4.h ../../include/openssl/safestack.h
-rc4_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rc4_skey.o: ../cryptlib.h rc4_locl.h rc4_skey.c
+rc4_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc4.h
+rc4_enc.o: rc4_enc.c rc4_locl.h
+rc4_skey.o: ../../include/openssl/opensslconf.h
+rc4_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/rc4.h
+rc4_skey.o: rc4_locl.h rc4_skey.c
diff --git a/crypto/rc4/asm/rc4-586.pl b/crypto/rc4/asm/rc4-586.pl
index d6e98f0811..7ef889e5a1 100644
--- a/crypto/rc4/asm/rc4-586.pl
+++ b/crypto/rc4/asm/rc4-586.pl
@@ -1,37 +1,16 @@
#!/usr/local/bin/perl
-# At some point it became apparent that the original SSLeay RC4
-# assembler implementation performs suboptimaly on latest IA-32
-# microarchitectures. After re-tuning performance has changed as
-# following:
-#
-# Pentium +0%
-# Pentium III +17%
-# AMD +52%(*)
-# P4 +180%(**)
-#
-# (*) This number is actually a trade-off:-) It's possible to
-# achieve +72%, but at the cost of -48% off PIII performance.
-# In other words code performing further 13% faster on AMD
-# would perform almost 2 times slower on Intel PIII...
-# For reference! This code delivers ~80% of rc4-amd64.pl
-# performance on the same Opteron machine.
-# (**) This number requires compressed key schedule set up by
-# RC4_set_key and therefore doesn't apply to 0.9.7 [option for
-# compressed key schedule is implemented in 0.9.8 and later,
-# see commentary section in rc4_skey.c for further details].
-#
-# <appro@fy.chalmers.se>
+# define for pentium pro friendly version
push(@INC,"perlasm","../../perlasm");
require "x86asm.pl";
&asm_init($ARGV[0],"rc4-586.pl");
-$x="eax";
-$y="ebx";
-$tx="ecx";
-$ty="edx";
+$tx="eax";
+$ty="ebx";
+$x="ecx";
+$y="edx";
$in="esi";
$out="edi";
$d="ebp";
@@ -52,7 +31,7 @@ sub RC4_loop
{
&mov($ty, &swtmp(2));
&cmp($ty, $in);
- &jbe(&label("finished"));
+ &jle(&label("finished"));
&inc($in);
}
else
@@ -60,23 +39,27 @@ sub RC4_loop
&add($ty, 8);
&inc($in);
&cmp($ty, $in);
- &jb(&label("finished"));
+ &jl(&label("finished"));
&mov(&swtmp(2), $ty);
}
}
# Moved out
# &mov( $tx, &DWP(0,$d,$x,4)) if $p < 0;
- &add( &LB($y), &LB($tx));
+ &add( $y, $tx);
+ &and( $y, 0xff);
+ &inc( $x); # NEXT ROUND
&mov( $ty, &DWP(0,$d,$y,4));
# XXX
- &mov( &DWP(0,$d,$x,4),$ty);
+ &mov( &DWP(-4,$d,$x,4),$ty); # AGI
&add( $ty, $tx);
- &mov( &DWP(0,$d,$y,4),$tx);
+ &and( $x, 0xff); # NEXT ROUND
&and( $ty, 0xff);
- &inc( &LB($x)); # NEXT ROUND
- &mov( $tx, &DWP(0,$d,$x,4)) if $p < 1; # NEXT ROUND
- &mov( $ty, &DWP(0,$d,$ty,4));
+ &mov( &DWP(0,$d,$y,4),$tx);
+ &nop();
+ &mov( $ty, &DWP(0,$d,$ty,4));
+ &mov( $tx, &DWP(0,$d,$x,4)) if $p < 1; # NEXT ROUND
+ # XXX
if (!$char)
{
@@ -105,47 +88,35 @@ sub RC4
&function_begin_B($name,"");
- &mov($ty,&wparam(1)); # len
- &cmp($ty,0);
- &jne(&label("proceed"));
- &ret();
- &set_label("proceed");
-
&comment("");
&push("ebp");
&push("ebx");
- &push("esi");
- &xor( $x, $x); # avoid partial register stalls
- &push("edi");
- &xor( $y, $y); # avoid partial register stalls
&mov( $d, &wparam(0)); # key
- &mov( $in, &wparam(2));
+ &mov( $ty, &wparam(1)); # num
+ &push("esi");
+ &push("edi");
- &movb( &LB($x), &BP(0,$d,"",1));
- &movb( &LB($y), &BP(4,$d,"",1));
+ &mov( $x, &DWP(0,$d,"",1));
+ &mov( $y, &DWP(4,$d,"",1));
- &mov( $out, &wparam(3));
- &inc( &LB($x));
+ &mov( $in, &wparam(2));
+ &inc( $x);
&stack_push(3); # 3 temp variables
&add( $d, 8);
-
- # detect compressed schedule, see commentary section in rc4_skey.c...
- # in 0.9.7 context ~50 bytes below RC4_CHAR label remain redundant,
- # as compressed key schedule is set up in 0.9.8 and later.
- &cmp(&DWP(256,$d),-1);
- &je(&label("RC4_CHAR"));
+ &and( $x, 0xff);
&lea( $ty, &DWP(-8,$ty,$in));
# check for 0 length input
+ &mov( $out, &wparam(3));
&mov( &swtmp(2), $ty); # this is now address to exit at
&mov( $tx, &DWP(0,$d,$x,4));
&cmp( $ty, $in);
- &jb( &label("end")); # less than 8 bytes
+ &jl( &label("end")); # less than 8 bytes
&set_label("start");
@@ -177,7 +148,7 @@ sub RC4
&mov( &DWP(-4,$out,"",0), $tx);
&mov( $tx, &DWP(0,$d,$x,4));
&cmp($in, $ty);
- &jbe(&label("start"));
+ &jle(&label("start"));
&set_label("end");
@@ -191,37 +162,10 @@ sub RC4
&RC4_loop(5,0,1);
&RC4_loop(6,1,1);
- &jmp(&label("finished"));
-
- &align(16);
- # this is essentially Intel P4 specific codepath, see rc4_skey.c,
- # and is engaged in 0.9.8 and later context...
- &set_label("RC4_CHAR");
-
- &lea ($ty,&DWP(0,$in,$ty));
- &mov (&swtmp(2),$ty);
-
- # strangely enough unrolled loop performs over 20% slower...
- &set_label("RC4_CHAR_loop");
- &movz ($tx,&BP(0,$d,$x));
- &add (&LB($y),&LB($tx));
- &movz ($ty,&BP(0,$d,$y));
- &movb (&BP(0,$d,$y),&LB($tx));
- &movb (&BP(0,$d,$x),&LB($ty));
- &add (&LB($ty),&LB($tx));
- &movz ($ty,&BP(0,$d,$ty));
- &xorb (&LB($ty),&BP(0,$in));
- &movb (&BP(0,$out),&LB($ty));
- &inc (&LB($x));
- &inc ($in);
- &inc ($out);
- &cmp ($in,&swtmp(2));
- &jb (&label("RC4_CHAR_loop"));
-
&set_label("finished");
&dec( $x);
&stack_pop(3);
- &movb( &BP(-4,$d,"",0),&LB($y));
+ &mov( &DWP(-4,$d,"",0),$y);
&movb( &BP(-8,$d,"",0),&LB($x));
&function_end($name);
diff --git a/crypto/rc4/asm/rc4-amd64.pl b/crypto/rc4/asm/rc4-amd64.pl
index 9e0da8af99..767a4018fc 100755
--- a/crypto/rc4/asm/rc4-amd64.pl
+++ b/crypto/rc4/asm/rc4-amd64.pl
@@ -13,34 +13,18 @@
# Presumably it has everything to do with AMD cache architecture and
# RAW or whatever penalties. Once again! The module *requires* config
# line *without* RC4_CHAR! As for coding "secret," I bet on partial
-# register arithmetics. For example instead of 'inc %r8; and $255,%r8'
+# register arithmetics. For example instead 'inc %r8; and $255,%r8'
# I simply 'inc %r8b'. Even though optimization manual discourages
# to operate on partial registers, it turned out to be the best bet.
# At least for AMD... How IA32E would perform remains to be seen...
-# As was shown by Marc Bevand reordering of couple of load operations
-# results in even higher performance gain of 3.3x:-) At least on
-# Opteron... For reference, 1x in this case is RC4_CHAR C-code
-# compiled with gcc 3.3.2, which performs at ~54MBps per 1GHz clock.
-# Latter means that if you want to *estimate* what to expect from
-# *your* CPU, then multiply 54 by 3.3 and clock frequency in GHz.
-
-# Intel P4 EM64T core was found to run the AMD64 code really slow...
-# The only way to achieve comparable performance on P4 is to keep
-# RC4_CHAR. Kind of ironic, huh? As it's apparently impossible to
-# compose blended code, which would perform even within 30% marginal
-# on either AMD and Intel platforms, I implement both cases. See
-# rc4_skey.c for further details... This applies to 0.9.8 and later.
-# In 0.9.7 context RC4_CHAR codepath is never engaged and ~70 bytes
-# of code remain redundant.
-
$output=shift;
-$win64a=1 if ($output =~ /win64a.[s|asm]/);
+$win64=1 if ($output =~ /win64.[s|asm]/);
open STDOUT,">$output" || die "can't open $output: $!";
-if (defined($win64a)) {
+if (defined($win64)) {
$dat="%rcx"; # arg1
$len="%rdx"; # arg2
$inp="%rsi"; # r8, arg3 moves here
@@ -59,9 +43,8 @@ $TY="%r9";
sub PTR() {
my $ret=shift;
- if (defined($win64a)) {
- $ret =~ s/\[([\S]+)\+([\S]+)\]/[$2+$1]/g; # [%rN+%rM*4]->[%rM*4+%rN]
- $ret =~ s/:([^\[]+)\[([^\]]+)\]/:[$2+$1]/g; # :off[ea]->:[ea+off]
+ if (defined($win64)) {
+ $ret =~ s/\[([\S]+)\+([\S]+)\]/[$2+$1]/g; # [%rN+%rM*4]->[%rM*4+%rN]
} else {
$ret =~ s/[\+\*]/,/g; # [%rN+%rM*4]->[%rN,%rM,4]
$ret =~ s/\[([^\]]+)\]/($1)/g; # [%rN]->(%rN)
@@ -69,7 +52,7 @@ sub PTR() {
$ret;
}
-$code=<<___ if (!defined($win64a));
+$code=<<___ if (!defined($win64));
.text
.globl RC4
@@ -77,151 +60,130 @@ $code=<<___ if (!defined($win64a));
.align 16
RC4: or $len,$len
jne .Lentry
- repret
+ .byte 0xF3,0xC3 # repz ret, 2-byte ret
.Lentry:
___
-$code=<<___ if (defined($win64a));
-_TEXT SEGMENT
+$code=<<___ if (defined($win64));
+TEXT SEGMENT
PUBLIC RC4
ALIGN 16
-RC4 PROC
+RC4 PROC NEAR
or $len,$len
jne .Lentry
- repret
+ DB F3h,C3h ; repz ret, 2-byte ret
.Lentry:
- push %rdi
- push %rsi
- sub \$40,%rsp
+ push %edi
+ push %esi
+ sub \$40,%esp
mov %r8,$inp
mov %r9,$out
___
$code.=<<___;
add \$8,$dat
- movl `&PTR("DWORD:-8[$dat]")`,$XX#d
- movl `&PTR("DWORD:-4[$dat]")`,$YY#d
- cmpl \$-1,`&PTR("DWORD:256[$dat]")`
- je .LRC4_CHAR
+ movl `&PTR("DWORD-8[$dat]")`,$XX#d
+ movl `&PTR("DWORD-4[$dat]")`,$YY#d
test \$-8,$len
jz .Lloop1
.align 16
.Lloop8:
+ movq `&PTR("QWORD[$inp]")`,%rax
+
inc $XX#b
- movl `&PTR("DWORD:[$dat+$XX*4]")`,$TX#d
+ movl `&PTR("DWORD[$dat+$XX*4]")`,$TX#d
add $TX#b,$YY#b
- movl `&PTR("DWORD:[$dat+$YY*4]")`,$TY#d
- movl $TX#d,`&PTR("DWORD:[$dat+$YY*4]")`
- movl $TY#d,`&PTR("DWORD:[$dat+$XX*4]")`
- add $TX#b,$TY#b
+ movl `&PTR("DWORD[$dat+$YY*4]")`,$TY#d
+ movl $TX#d,`&PTR("DWORD[$dat+$YY*4]")`
+ movl $TY#d,`&PTR("DWORD[$dat+$XX*4]")`
+ add $TY#b,$TX#b
inc $XX#b
- movl `&PTR("DWORD:[$dat+$XX*4]")`,$TX#d
- movb `&PTR("BYTE:[$dat+$TY*4]")`,%al
+ movl `&PTR("DWORD[$dat+$TX*4]")`,$TY#d
+ xor $TY,%rax
___
for ($i=1;$i<=6;$i++) {
$code.=<<___;
+ movl `&PTR("DWORD[$dat+$XX*4]")`,$TX#d
add $TX#b,$YY#b
- ror \$8,%rax
- movl `&PTR("DWORD:[$dat+$YY*4]")`,$TY#d
- movl $TX#d,`&PTR("DWORD:[$dat+$YY*4]")`
- movl $TY#d,`&PTR("DWORD:[$dat+$XX*4]")`
- add $TX#b,$TY#b
+ movl `&PTR("DWORD[$dat+$YY*4]")`,$TY#d
+ movl $TX#d,`&PTR("DWORD[$dat+$YY*4]")`
+ movl $TY#d,`&PTR("DWORD[$dat+$XX*4]")`
+ add $TY#b,$TX#b
+ movl `&PTR("DWORD[$dat+$TX*4]")`,$TY#d
+ shl \$`8*$i`,$TY
inc $XX#b
- movl `&PTR("DWORD:[$dat+$XX*4]")`,$TX#d
- movb `&PTR("BYTE:[$dat+$TY*4]")`,%al
+ xor $TY,%rax
___
}
$code.=<<___;
+ movl `&PTR("DWORD[$dat+$XX*4]")`,$TX#d
add $TX#b,$YY#b
- ror \$8,%rax
- movl `&PTR("DWORD:[$dat+$YY*4]")`,$TY#d
- movl $TX#d,`&PTR("DWORD:[$dat+$YY*4]")`
- movl $TY#d,`&PTR("DWORD:[$dat+$XX*4]")`
+ movl `&PTR("DWORD[$dat+$YY*4]")`,$TY#d
+ movl $TX#d,`&PTR("DWORD[$dat+$YY*4]")`
+ movl $TY#d,`&PTR("DWORD[$dat+$XX*4]")`
sub \$8,$len
add $TY#b,$TX#b
- movb `&PTR("BYTE:[$dat+$TX*4]")`,%al
- ror \$8,%rax
- add \$8,$inp
add \$8,$out
+ movl `&PTR("DWORD[$dat+$TX*4]")`,$TY#d
+ shl \$56,$TY
+ add \$8,$inp
+ xor $TY,%rax
- xor `&PTR("QWORD:-8[$inp]")`,%rax
- mov %rax,`&PTR("QWORD:-8[$out]")`
+ mov %rax,`&PTR("QWORD-8[$out]")`
test \$-8,$len
jnz .Lloop8
cmp \$0,$len
jne .Lloop1
.Lexit:
- movl $XX#d,`&PTR("DWORD:-8[$dat]")`
- movl $YY#d,`&PTR("DWORD:-4[$dat]")`
+ movl $XX#d,`&PTR("DWORD-8[$dat]")`
+ movl $YY#d,`&PTR("DWORD-4[$dat]")`
+___
+$code.=<<___ if (defined($win64));
+ add \$40,%esp
+ pop %esi
+ pop %edi
+ DB F3h,C3h ; retz ret, 2-byte ret
___
-$code.=<<___ if (defined($win64a));
- add \$40,%rsp
- pop %rsi
- pop %rdi
+$code.=<<___ if (!defined($win64));
+ .byte 0xF3,0xC3 # repz ret, 2-byte ret
___
$code.=<<___;
- repret
.align 16
.Lloop1:
- movzb `&PTR("BYTE:[$inp]")`,%eax
+ movzb `&PTR("BYTE[$inp]")`,%rax
inc $XX#b
- movl `&PTR("DWORD:[$dat+$XX*4]")`,$TX#d
+ nop
+ movl `&PTR("DWORD[$dat+$XX*4]")`,$TX#d
add $TX#b,$YY#b
- movl `&PTR("DWORD:[$dat+$YY*4]")`,$TY#d
- movl $TX#d,`&PTR("DWORD:[$dat+$YY*4]")`
- movl $TY#d,`&PTR("DWORD:[$dat+$XX*4]")`
+ movl `&PTR("DWORD[$dat+$YY*4]")`,$TY#d
+ movl $TX#d,`&PTR("DWORD[$dat+$YY*4]")`
+ movl $TY#d,`&PTR("DWORD[$dat+$XX*4]")`
add $TY#b,$TX#b
- movl `&PTR("DWORD:[$dat+$TX*4]")`,$TY#d
+ movl `&PTR("DWORD[$dat+$TX*4]")`,$TY#d
xor $TY,%rax
inc $inp
- movb %al,`&PTR("BYTE:[$out]")`
+ movb %al,`&PTR("BYTE[$out]")`
inc $out
dec $len
jnz .Lloop1
jmp .Lexit
-
-.align 16
-.LRC4_CHAR:
- inc $XX#b
- movzb `&PTR("BYTE:[$dat+$XX]")`,$TX#d
- add $TX#b,$YY#b
- movzb `&PTR("BYTE:[$dat+$YY]")`,$TY#d
- movb $TX#b,`&PTR("BYTE:[$dat+$YY]")`
- movb $TY#b,`&PTR("BYTE:[$dat+$XX]")`
- add $TX#b,$TY#b
- movzb `&PTR("BYTE:[$dat+$TY]")`,$TY#d
- xorb `&PTR("BYTE:[$inp]")`,$TY#b
- movb $TY#b,`&PTR("BYTE:[$out]")`
- inc $inp
- inc $out
- dec $len
- jnz .LRC4_CHAR
- jmp .Lexit
-___
-$code.=<<___ if (defined($win64a));
-RC4 ENDP
-_TEXT ENDS
-END
-___
-$code.=<<___ if (!defined($win64a));
-.size RC4,.-RC4
___
+if (defined($win64)) {
+ $code.="RC4 ENDP\n";
+} else {
+ $code.=".size RC4,.-RC4\n"
+}
$code =~ s/#([bwd])/$1/gm;
$code =~ s/\`([^\`]*)\`/eval $1/gem;
-if (defined($win64a)) {
+if (defined($win64)) {
$code =~ s/\.align/ALIGN/gm;
$code =~ s/[\$%]//gm;
$code =~ s/\.L/\$L/gm;
$code =~ s/([\w]+)([\s]+)([\S]+),([\S]+)/$1$2$4,$3/gm;
- $code =~ s/([QD]*WORD|BYTE):/$1 PTR/gm;
- $code =~ s/mov[bwlq]/mov/gm;
- $code =~ s/movzb/movzx/gm;
- $code =~ s/repret/DB\t0F3h,0C3h/gm;
- $code =~ s/cmpl/cmp/gm;
- $code =~ s/xorb/xor/gm;
+ $code =~ s/([QD]*WORD|BYTE)/$1 PTR /gm;
+ $code =~ s/(mov[z]*)[bwlq]/$1/gm;
} else {
- $code =~ s/([QD]*WORD|BYTE)://gm;
- $code =~ s/repret/.byte\t0xF3,0xC3/gm;
+ $code =~ s/[QD]*WORD|BYTE//gm;
}
print $code;
diff --git a/crypto/rc4/rc4.c b/crypto/rc4/rc4.c
index c900b26055..b39c070292 100644
--- a/crypto/rc4/rc4.c
+++ b/crypto/rc4/rc4.c
@@ -60,7 +60,6 @@
#include <stdlib.h>
#include <string.h>
#include <openssl/rc4.h>
-#include <openssl/evp.h>
char *usage[]={
"usage: rc4 args\n",
@@ -163,7 +162,7 @@ bad:
keystr=buf;
}
- EVP_Digest((unsigned char *)keystr,strlen(keystr),md,NULL,EVP_md5(),NULL);
+ EVP_Digest((unsigned char *)keystr,(unsigned long)strlen(keystr),md,NULL,EVP_md5());
OPENSSL_cleanse(keystr,strlen(keystr));
RC4_set_key(&key,MD5_DIGEST_LENGTH,md);
diff --git a/crypto/rc4/rc4.h b/crypto/rc4/rc4.h
index c24a5b1281..7aec04fe93 100644
--- a/crypto/rc4/rc4.h
+++ b/crypto/rc4/rc4.h
@@ -72,10 +72,6 @@ typedef struct rc4_key_st
{
RC4_INT x,y;
RC4_INT data[256];
-#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
- /* see crypto/rc4/asm/rc4-ia64.S for further details... */
- RC4_INT pad[512-256-2];
-#endif
} RC4_KEY;
diff --git a/crypto/rc4/rc4_enc.c b/crypto/rc4/rc4_enc.c
index 81a97ea3b7..a0f71d004a 100644
--- a/crypto/rc4/rc4_enc.c
+++ b/crypto/rc4/rc4_enc.c
@@ -77,10 +77,6 @@ void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
x=key->x;
y=key->y;
d=key->data;
-#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
- /* see crypto/rc4/asm/rc4-ia64.S for further details... */
- d=(RC4_INT *)(((size_t)(d+255))&~(sizeof(key->data)-1));
-#endif
#if defined(RC4_CHUNK)
/*
@@ -123,9 +119,13 @@ void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
d[x]=ty, \
(RC4_CHUNK)d[(tx+ty)&0xff]\
)
-
+#ifdef OPENSSL_SYS_VMS
+ if ( ( ((unsigned long long)indata & (sizeof(RC4_CHUNK)-1)) |
+ ((unsigned long long)outdata & (sizeof(RC4_CHUNK)-1)) ) == 0 )
+#else
if ( ( ((unsigned long)indata & (sizeof(RC4_CHUNK)-1)) |
((unsigned long)outdata & (sizeof(RC4_CHUNK)-1)) ) == 0 )
+#endif
{
RC4_CHUNK ichunk,otp;
const union { long one; char little; } is_endian = {1};
diff --git a/crypto/rc4/rc4_locl.h b/crypto/rc4/rc4_locl.h
index c712e1632e..3bb80b6ce9 100644
--- a/crypto/rc4/rc4_locl.h
+++ b/crypto/rc4/rc4_locl.h
@@ -1,5 +1,4 @@
#ifndef HEADER_RC4_LOCL_H
#define HEADER_RC4_LOCL_H
#include <openssl/opensslconf.h>
-#include <cryptlib.h>
#endif
diff --git a/crypto/rc4/rc4_skey.c b/crypto/rc4/rc4_skey.c
index 083b53dfb8..bb10c1ebe2 100644
--- a/crypto/rc4/rc4_skey.c
+++ b/crypto/rc4/rc4_skey.c
@@ -93,62 +93,25 @@ void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data)
unsigned int i;
d= &(key->data[0]);
-#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
- /* see crypto/rc4/asm/rc4-ia64.S for further details... */
- d=(RC4_INT *)(((size_t)(d+255))&~(sizeof(key->data)-1));
-#endif
+ for (i=0; i<256; i++)
+ d[i]=i;
key->x = 0;
key->y = 0;
id1=id2=0;
-#define SK_LOOP(d,n) { \
+#define SK_LOOP(n) { \
tmp=d[(n)]; \
id2 = (data[id1] + tmp + id2) & 0xff; \
if (++id1 == len) id1=0; \
d[(n)]=d[id2]; \
d[id2]=tmp; }
-#if defined(OPENSSL_CPUID_OBJ) && !defined(OPENSSL_NO_ASM)
-# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \
- defined(__INTEL__) || \
- defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64)
- if (sizeof(RC4_INT) > 1) {
- /*
- * Unlike all other x86 [and x86_64] implementations,
- * Intel P4 core [including EM64T] was found to perform
- * poorly with wider RC4_INT. Performance improvement
- * for IA-32 hand-coded assembler turned out to be 2.8x
- * if re-coded for RC4_CHAR! It's however inappropriate
- * to just switch to RC4_CHAR for x86[_64], as non-P4
- * implementations suffer from significant performance
- * losses then, e.g. PIII exhibits >2x deterioration,
- * and so does Opteron. In order to assure optimal
- * all-round performance, let us [try to] detect P4 at
- * run-time by checking upon HTT bit in CPU capability
- * vector and set up compressed key schedule, which is
- * recognized by correspondingly updated assembler
- * module...
- * <appro@fy.chalmers.se>
- */
- if (OPENSSL_ia32cap_P & (1<<28)) {
- unsigned char *cp=(unsigned char *)d;
-
- for (i=0;i<256;i++) cp[i]=i;
- for (i=0;i<256;i++) SK_LOOP(cp,i);
- /* mark schedule as compressed! */
- d[256/sizeof(RC4_INT)]=-1;
- return;
- }
- }
-# endif
-#endif
- for (i=0; i < 256; i++) d[i]=i;
for (i=0; i < 256; i+=4)
{
- SK_LOOP(d,i+0);
- SK_LOOP(d,i+1);
- SK_LOOP(d,i+2);
- SK_LOOP(d,i+3);
+ SK_LOOP(i+0);
+ SK_LOOP(i+1);
+ SK_LOOP(i+2);
+ SK_LOOP(i+3);
}
}
diff --git a/crypto/rc4/rc4test.c b/crypto/rc4/rc4test.c
index 49afa5c1db..18154025eb 100644
--- a/crypto/rc4/rc4test.c
+++ b/crypto/rc4/rc4test.c
@@ -70,7 +70,6 @@ int main(int argc, char *argv[])
}
#else
#include <openssl/rc4.h>
-#include <openssl/sha.h>
static unsigned char keys[7][30]={
{8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef},
@@ -118,7 +117,9 @@ int main(int argc, char *argv[])
int j;
unsigned char *p;
RC4_KEY key;
- unsigned char obuf[512];
+ unsigned char buf[512],obuf[512];
+
+ for (i=0; i<512; i++) buf[i]=0x01;
for (i=0; i<6; i++)
{
@@ -196,37 +197,6 @@ int main(int argc, char *argv[])
}
}
printf("done\n");
- printf("bulk test ");
- { unsigned char buf[513];
- SHA_CTX c;
- unsigned char md[SHA_DIGEST_LENGTH];
- static unsigned char expected[]={
- 0xa4,0x7b,0xcc,0x00,0x3d,0xd0,0xbd,0xe1,0xac,0x5f,
- 0x12,0x1e,0x45,0xbc,0xfb,0x1a,0xa1,0xf2,0x7f,0xc5 };
-
- RC4_set_key(&key,keys[0][0],&(keys[3][1]));
- memset(buf,'\0',sizeof(buf));
- SHA1_Init(&c);
- for (i=0;i<2571;i++) {
- RC4(&key,sizeof(buf),buf,buf);
- SHA1_Update(&c,buf,sizeof(buf));
- }
- SHA1_Final(md,&c);
-
- if (memcmp(md,expected,sizeof(md))) {
- printf("error in RC4 bulk test\n");
- printf("output:");
- for (j=0; j<sizeof(md); j++)
- printf(" %02x",md[j]);
- printf("\n");
- printf("expect:");
- for (j=0; j<sizeof(md); j++)
- printf(" %02x",expected[j]);
- printf("\n");
- err++;
- }
- else printf("ok\n");
- }
#ifdef OPENSSL_SYS_NETWARE
if (err) printf("ERROR: %d\n", err);
#endif
diff --git a/crypto/rc5/Makefile.ssl b/crypto/rc5/Makefile.ssl
index 305ead0ddf..70d01f3761 100644
--- a/crypto/rc5/Makefile.ssl
+++ b/crypto/rc5/Makefile.ssl
@@ -23,7 +23,6 @@ RC5_ENC= rc5_enc.o
CFLAGS= $(INCLUDES) $(CFLAG)
ASFLAGS= $(INCLUDES) $(ASFLAG)
-AFLAGS= $(ASFLAGS)
GENERAL=Makefile
TEST=rc5test.c
@@ -50,15 +49,20 @@ lib: $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
-# ELF
+# elf
asm/r586-elf.s: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) rc5-586.pl elf $(CFLAGS) > ../$@)
-# COFF
-asm/r586-cof.s: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) rc5-586.pl coff $(CFLAGS) > ../$@)
+ (cd asm; $(PERL) rc5-586.pl elf $(CFLAGS) > r586-elf.s)
+
# a.out
-r586-out.s: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) rc5-586.pl a.out $(CFLAGS) > ../$@)
+asm/r586-out.o: asm/r586unix.cpp
+ $(CPP) -DOUT asm/r586unix.cpp | as -o asm/r586-out.o
+
+# bsdi
+asm/r586bsdi.o: asm/r586unix.cpp
+ $(CPP) -DBSDI asm/r586unix.cpp | sed 's/ :/:/' | as -o asm/r586bsdi.o
+
+asm/r586unix.cpp: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+ (cd asm; $(PERL) rc5-586.pl cpp >r586unix.cpp)
files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
@@ -70,7 +74,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
@@ -92,7 +96,7 @@ dclean:
mv -f Makefile.new $(MAKEFILE)
clean:
- rm -f asm/r586unix.cpp asm/*.s asm/*.o *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+ rm -f asm/r586unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/ripemd/Makefile.ssl b/crypto/ripemd/Makefile.ssl
index f47ce22353..c25ee637c9 100644
--- a/crypto/ripemd/Makefile.ssl
+++ b/crypto/ripemd/Makefile.ssl
@@ -21,7 +21,6 @@ RIP_ASM_OBJ=
CFLAGS= $(INCLUDES) $(CFLAG)
ASFLAGS= $(INCLUDES) $(ASFLAG)
-AFLAGS= $(ASFLAGS)
GENERAL=Makefile
TEST=rmdtest.c
@@ -48,15 +47,20 @@ lib: $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
-# ELF
+# elf
asm/rm86-elf.s: asm/rmd-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) rmd-586.pl elf $(CFLAGS) > ../$@)
-# COFF
-asm/rm86-cof.s: asm/rmd-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) rmd-586.pl coff $(CFLAGS) > ../$@)
+ (cd asm; $(PERL) rmd-586.pl elf $(CFLAGS) > rm86-elf.s)
+
# a.out
-rm86-out.s: asm/rmd-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) rmd-586.pl a.out $(CFLAGS) > ../$@)
+asm/rm86-out.o: asm/rm86unix.cpp
+ $(CPP) -DOUT asm/rm86unix.cpp | as -o asm/rm86-out.o
+
+# bsdi
+asm/rm86bsdi.o: asm/rm86unix.cpp
+ $(CPP) -DBSDI asm/rm86unix.cpp | sed 's/ :/:/' | as -o asm/rm86bsdi.o
+
+asm/rm86unix.cpp: asm/rmd-586.pl ../perlasm/x86asm.pl
+ (cd asm; $(PERL) rmd-586.pl cpp >rm86unix.cpp)
files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
@@ -68,7 +72,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
@@ -90,7 +94,7 @@ dclean:
mv -f Makefile.new $(MAKEFILE)
clean:
- rm -f asm/rm86unix.cpp asm/*.s asm/*.o *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+ rm -f asm/rm86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/ripemd/ripemd.h b/crypto/ripemd/ripemd.h
index 06bd67183b..a664e742af 100644
--- a/crypto/ripemd/ripemd.h
+++ b/crypto/ripemd/ripemd.h
@@ -87,7 +87,7 @@ typedef struct RIPEMD160state_st
RIPEMD160_LONG A,B,C,D,E;
RIPEMD160_LONG Nl,Nh;
RIPEMD160_LONG data[RIPEMD160_LBLOCK];
- unsigned int num;
+ int num;
} RIPEMD160_CTX;
int RIPEMD160_Init(RIPEMD160_CTX *c);
diff --git a/crypto/ripemd/rmdtest.c b/crypto/ripemd/rmdtest.c
index cbfdf2ae6f..d4c709e646 100644
--- a/crypto/ripemd/rmdtest.c
+++ b/crypto/ripemd/rmdtest.c
@@ -115,7 +115,7 @@ int main(int argc, char *argv[])
#ifdef CHARSET_EBCDIC
ebcdic2ascii((char *)*P, (char *)*P, strlen((char *)*P));
#endif
- EVP_Digest(&(P[0][0]),strlen((char *)*P),md,NULL,EVP_ripemd160(), NULL);
+ EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_ripemd160(), NULL);
p=pt(md);
if (strcmp(p,(char *)*R) != 0)
{
diff --git a/crypto/rsa/Makefile.ssl b/crypto/rsa/Makefile.ssl
index 3619331644..a55617c786 100644
--- a/crypto/rsa/Makefile.ssl
+++ b/crypto/rsa/Makefile.ssl
@@ -57,7 +57,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c
index 8e3a5821d6..839a3eeb8f 100644
--- a/crypto/rsa/rsa_gen.c
+++ b/crypto/rsa/rsa_gen.c
@@ -165,6 +165,22 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
if (!BN_sub(r1,rsa->p,BN_value_one())) goto err; /* p-1 */
if (!BN_sub(r2,rsa->q,BN_value_one())) goto err; /* q-1 */
if (!BN_mul(r0,r1,r2,ctx)) goto err; /* (p-1)(q-1) */
+
+/* should not be needed, since gcd(p-1,e) == 1 and gcd(q-1,e) == 1 */
+/* for (;;)
+ {
+ if (!BN_gcd(r3,r0,rsa->e,ctx)) goto err;
+ if (BN_is_one(r3)) break;
+
+ if (1)
+ {
+ if (!BN_add_word(rsa->e,2L)) goto err;
+ continue;
+ }
+ RSAerr(RSA_F_RSA_GENERATE_KEY,RSA_R_BAD_E_VALUE);
+ goto err;
+ }
+*/
if (!BN_mod_inverse(rsa->d,rsa->e,r0,ctx)) goto err; /* d */
/* calculate d mod (p-1) */
diff --git a/crypto/rsa/rsa_saos.c b/crypto/rsa/rsa_saos.c
index f98e0a80a6..1e9339367f 100644
--- a/crypto/rsa/rsa_saos.c
+++ b/crypto/rsa/rsa_saos.c
@@ -140,11 +140,8 @@ int RSA_verify_ASN1_OCTET_STRING(int dtype,
ret=1;
err:
if (sig != NULL) M_ASN1_OCTET_STRING_free(sig);
- if (s != NULL)
- {
- OPENSSL_cleanse(s,(unsigned int)siglen);
- OPENSSL_free(s);
- }
+ OPENSSL_cleanse(s,(unsigned int)siglen);
+ OPENSSL_free(s);
return(ret);
}
diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c
index 9e7dfd1927..e50c839279 100644
--- a/crypto/rsa/rsa_sign.c
+++ b/crypto/rsa/rsa_sign.c
@@ -169,7 +169,7 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len,
}
if((dtype == NID_md5_sha1) && (m_len != SSL_SIG_LENGTH) ) {
RSAerr(RSA_F_RSA_VERIFY,RSA_R_INVALID_MESSAGE_LENGTH);
- goto err;
+ return(0);
}
i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
@@ -222,11 +222,8 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len,
}
err:
if (sig != NULL) X509_SIG_free(sig);
- if (s != NULL)
- {
- OPENSSL_cleanse(s,(unsigned int)siglen);
- OPENSSL_free(s);
- }
+ OPENSSL_cleanse(s,(unsigned int)siglen);
+ OPENSSL_free(s);
return(ret);
}
diff --git a/crypto/sha/Makefile.ssl b/crypto/sha/Makefile.ssl
index 16a4351b01..21bbf96e9f 100644
--- a/crypto/sha/Makefile.ssl
+++ b/crypto/sha/Makefile.ssl
@@ -21,7 +21,6 @@ SHA1_ASM_OBJ=
CFLAGS= $(INCLUDES) $(CFLAG)
ASFLAGS= $(INCLUDES) $(ASFLAG)
-AFLAGS= $(ASFLAGS)
GENERAL=Makefile
TEST=shatest.c sha1test.c sha256t.c sha512t.c
@@ -48,28 +47,22 @@ lib: $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
-# ELF
+# elf
asm/sx86-elf.s: asm/sha1-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) sha1-586.pl elf $(CFLAGS) $(PROCESSOR) > ../$@)
-asm/s512sse2-elf.s: asm/sha512-sse2.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) sha512-sse2.pl elf $(CFLAGS) $(PROCESSOR) > ../$@)
-# COFF
-asm/sx86-cof.s: asm/sha1-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) sha1-586.pl coff $(CFLAGS) $(PROCESSOR) > ../$@)
-asm/s512sse2-cof.s: asm/sha512-sse2.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) sha512-sse2.pl coff $(CFLAGS) $(PROCESSOR) > ../$@)
+ (cd asm; $(PERL) sha1-586.pl elf $(CFLAGS) $(PROCESSOR) > sx86-elf.s)
+asm/sse2-elf.s: asm/sha512-sse2.pl ../perlasm/x86asm.pl
+ (cd asm; $(PERL) sha512-sse2.pl elf $(CFLAGS) $(PROCESSOR) > sse2-elf.s)
+
# a.out
-sx86-out.s: asm/sha1-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) sha1-586.pl a.out $(CFLAGS) $(PROCESSOR) > ../$@)
-s512sse2-out.s: asm/sha512-sse2.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) sha512-sse2.pl a.out $(CFLAGS) $(PROCESSOR) > ../$@)
-
-asm/sha1-ia64.s: asm/sha1-ia64.pl
- (cd asm; $(PERL) sha1-ia64.pl $(CFLAGS) ) > $@
-asm/sha256-ia64.s: asm/sha512-ia64.pl
- (cd asm; $(PERL) sha512-ia64.pl ../$@ $(CFLAGS))
-asm/sha512-ia64.s: asm/sha512-ia64.pl
- (cd asm; $(PERL) sha512-ia64.pl ../$@ $(CFLAGS))
+asm/sx86-out.o: asm/sx86unix.cpp
+ $(CPP) -DOUT asm/sx86unix.cpp | as -o asm/sx86-out.o
+
+# bsdi
+asm/sx86bsdi.o: asm/sx86unix.cpp
+ $(CPP) -DBSDI asm/sx86unix.cpp | sed 's/ :/:/' | as -o asm/sx86bsdi.o
+
+asm/sx86unix.cpp: asm/sha1-586.pl ../perlasm/x86asm.pl
+ (cd asm; $(PERL) sha1-586.pl cpp $(PROCESSOR) >sx86unix.cpp)
files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
@@ -81,7 +74,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
@@ -103,7 +96,7 @@ dclean:
mv -f Makefile.new $(MAKEFILE)
clean:
- rm -f asm/sx86unix.cpp asm/*.s asm/*.o *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+ rm -f asm/sx86unix.cpp asm/*-elf.* *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o
# DO NOT DELETE THIS LINE -- make depend depends on it.
@@ -121,14 +114,11 @@ sha256.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
sha256.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
sha256.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
sha256.o: ../../include/openssl/symhacks.h ../md32_common.h sha256.c
-sha512.o: ../../e_os.h ../../include/openssl/bio.h
-sha512.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-sha512.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-sha512.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-sha512.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-sha512.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-sha512.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-sha512.o: ../cryptlib.h sha512.c
+sha512.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+sha512.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+sha512.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+sha512.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+sha512.o: ../../include/openssl/symhacks.h sha512.c
sha_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
sha_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h
sha_dgst.o: ../md32_common.h sha_dgst.c sha_locl.h
diff --git a/crypto/sha/asm/sha1-586.pl b/crypto/sha/asm/sha1-586.pl
index 4f8521f1e2..e00f709553 100644
--- a/crypto/sha/asm/sha1-586.pl
+++ b/crypto/sha/asm/sha1-586.pl
@@ -9,7 +9,7 @@
#
# compared with original compared with Intel cc
# assembler impl. generated code
-# Pentium -16% +48%
+# Pentium -25% +37%
# PIII/AMD +8% +16%
# P4 +85%(!) +45%
#
@@ -104,21 +104,19 @@ sub BODY_00_15
&comment("00_15 $n");
- &mov($f,$c); # f to hold F_00_19(b,c,d)
- if ($n==0) { &mov($tmp1,$a); }
- else { &mov($a,$tmp1); }
+ &mov($tmp1,$a);
+ &mov($f,$c); # f to hold F_00_19(b,c,d)
&rotl($tmp1,5); # tmp1=ROTATE(a,5)
&xor($f,$d);
&and($f,$b);
- &add($tmp1,$e); # tmp1+=e;
- &mov($e,&swtmp($n)); # e becomes volatile and
+ &rotr($b,2); # b=ROTATE(b,30)
+ &add($tmp1,$e); # tmp1+=e;
+ &mov($e,&swtmp($n)); # e becomes volatile and
# is loaded with xi
- &xor($f,$d); # f holds F_00_19(b,c,d)
- &rotr($b,2); # b=ROTATE(b,30)
+ &xor($f,$d); # f holds F_00_19(b,c,d)
&lea($tmp1,&DWP($K,$tmp1,$e,1));# tmp1+=K_00_19+xi
-
- if ($n==15) { &add($f,$tmp1); } # f+=tmp1
- else { &add($tmp1,$f); }
+
+ &add($f,$tmp1); # f+=tmp1
}
sub BODY_16_19
@@ -134,15 +132,15 @@ sub BODY_16_19
&xor($tmp1,$d);
&xor($f,&swtmp($n2));
&and($tmp1,$b); # tmp1 holds F_00_19(b,c,d)
- &rotr($b,2); # b=ROTATE(b,30)
- &xor($f,&swtmp($n3)); # f holds xa^xb^xc^xd
- &rotl($f,1); # f=ROATE(f,1)
- &xor($tmp1,$d); # tmp1=F_00_19(b,c,d)
+ &xor($f,&swtmp($n3)); # f holds xa^xb^xc^xd
+ &rotr($b,2); # b=ROTATE(b,30)
+ &xor($tmp1,$d); # tmp1=F_00_19(b,c,d)
+ &rotl($f,1); # f=ROATE(f,1)
&mov(&swtmp($n0),$f); # xi=f
&lea($f,&DWP($K,$f,$e,1)); # f+=K_00_19+e
&mov($e,$a); # e becomes volatile
- &rotl($e,5); # e=ROTATE(a,5)
- &add($f,$tmp1); # f+=F_00_19(b,c,d)
+ &add($f,$tmp1); # f+=F_00_19(b,c,d)
+ &rotl($e,5); # e=ROTATE(a,5)
&add($f,$e); # f+=ROTATE(a,5)
}
@@ -153,20 +151,20 @@ sub BODY_20_39
&comment("20_39 $n");
local($n0,$n1,$n2,$n3,$np)=&Na($n);
- &mov($tmp1,$b); # tmp1 to hold F_20_39(b,c,d)
- &mov($f,&swtmp($n0)); # f to hold Xupdate(xi,xa,xb,xc,xd)
- &rotr($b,2); # b=ROTATE(b,30)
- &xor($f,&swtmp($n1));
- &xor($tmp1,$c);
- &xor($f,&swtmp($n2));
- &xor($tmp1,$d); # tmp1 holds F_20_39(b,c,d)
- &xor($f,&swtmp($n3)); # f holds xa^xb^xc^xd
+ &mov($f,&swtmp($n0)); # f to hold Xupdate(xi,xa,xb,xc,xd)
+ &mov($tmp1,$b); # tmp1 to hold F_20_39(b,c,d)
+ &xor($f,&swtmp($n1));
+ &rotr($b,2); # b=ROTATE(b,30)
+ &xor($f,&swtmp($n2));
+ &xor($tmp1,$c);
+ &xor($f,&swtmp($n3)); # f holds xa^xb^xc^xd
+ &xor($tmp1,$d); # tmp1 holds F_20_39(b,c,d)
&rotl($f,1); # f=ROTATE(f,1)
- &add($tmp1,$e);
&mov(&swtmp($n0),$f); # xi=f
+ &lea($f,&DWP($K,$f,$e,1)); # f+=K_20_39+e
&mov($e,$a); # e becomes volatile
&rotl($e,5); # e=ROTATE(a,5)
- &lea($f,&DWP($K,$f,$tmp1,1)); # f+=K_20_39+e
+ &add($f,$tmp1); # f+=F_20_39(b,c,d)
&add($f,$e); # f+=ROTATE(a,5)
}
@@ -178,17 +176,14 @@ sub BODY_40_59
local($n0,$n1,$n2,$n3,$np)=&Na($n);
&mov($f,&swtmp($n0)); # f to hold Xupdate(xi,xa,xb,xc,xd)
- &mov($tmp1,&swtmp($n1));
- &xor($f,$tmp1);
- &mov($tmp1,&swtmp($n2));
- &xor($f,$tmp1);
- &mov($tmp1,&swtmp($n3));
- &xor($f,$tmp1); # f holds xa^xb^xc^xd
&mov($tmp1,$b); # tmp1 to hold F_40_59(b,c,d)
- &rotl($f,1); # f=ROTATE(f,1)
+ &xor($f,&swtmp($n1));
&or($tmp1,$c);
- &mov(&swtmp($n0),$f); # xi=f
+ &xor($f,&swtmp($n2));
&and($tmp1,$d);
+ &xor($f,&swtmp($n3)); # f holds xa^xb^xc^xd
+ &rotl($f,1); # f=ROTATE(f,1)
+ &mov(&swtmp($n0),$f); # xi=f
&lea($f,&DWP($K,$f,$e,1)); # f+=K_40_59+e
&mov($e,$b); # e becomes volatile and is used
# to calculate F_40_59(b,c,d)
@@ -197,8 +192,8 @@ sub BODY_40_59
&or($tmp1,$e); # tmp1 holds F_40_59(b,c,d)
&mov($e,$a);
&rotl($e,5); # e=ROTATE(a,5)
- &add($f,$tmp1); # f+=tmp1;
- &add($f,$e); # f+=ROTATE(a,5)
+ &add($tmp1,$e); # tmp1+=ROTATE(a,5)
+ &add($f,$tmp1); # f+=tmp1;
}
sub BODY_60_79
@@ -410,7 +405,7 @@ sub sha1_block_data
&mov(&DWP(16,$tmp1,"",0),$E);
&cmp("esi","eax");
&mov(&DWP( 4,$tmp1,"",0),$B);
- &jb(&label("start"));
+ &jl(&label("start"));
&stack_pop(18+9);
&pop("edi");
diff --git a/crypto/sha/asm/sha512-ia64.pl b/crypto/sha/asm/sha512-ia64.pl
index 0aea02399a..d47e2b2856 100755
--- a/crypto/sha/asm/sha512-ia64.pl
+++ b/crypto/sha/asm/sha512-ia64.pl
@@ -98,7 +98,7 @@ open STDOUT,">$output" || die "can't open $output: $!";
if ($^O eq "hpux") {
$ADDP="addp4";
for (@ARGV) { $ADDP="add" if (/[\+DD|\-mlp]64/); }
-} else { $ADDP="add"; }
+}
for (@ARGV) { $big_endian=1 if (/\-DB_ENDIAN/);
$big_endian=0 if (/\-DL_ENDIAN/); }
if (!defined($big_endian))
diff --git a/crypto/sha/sha.h b/crypto/sha/sha.h
index a900ad3e95..f25512e5e6 100644
--- a/crypto/sha/sha.h
+++ b/crypto/sha/sha.h
@@ -101,7 +101,7 @@ typedef struct SHAstate_st
SHA_LONG h0,h1,h2,h3,h4;
SHA_LONG Nl,Nh;
SHA_LONG data[SHA_LBLOCK];
- unsigned int num;
+ int num;
} SHA_CTX;
#ifndef OPENSSL_NO_SHA0
@@ -159,9 +159,6 @@ void SHA256_Transform(SHA256_CTX *c, const unsigned char *data);
#if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
#define SHA_LONG64 unsigned __int64
#define U64(C) C##UI64
-#elif defined(__arch64__)
-#define SHA_LONG64 unsigned long
-#define U64(C) C##UL
#else
#define SHA_LONG64 unsigned long long
#define U64(C) C##ULL
diff --git a/crypto/sha/sha1test.c b/crypto/sha/sha1test.c
index b0650c7254..cddd598f22 100644
--- a/crypto/sha/sha1test.c
+++ b/crypto/sha/sha1test.c
@@ -123,7 +123,7 @@ int main(int argc, char *argv[])
i=1;
while (*P != NULL)
{
- EVP_Digest(*P,strlen((char *)*P),md,NULL,EVP_sha1(), NULL);
+ EVP_Digest(*P,(unsigned long)strlen((char *)*P),md,NULL,EVP_sha1(), NULL);
p=pt(md);
if (strcmp(p,(char *)*R) != 0)
{
diff --git a/crypto/sha/sha256.c b/crypto/sha/sha256.c
index 5f3845f55c..2f4078f444 100644
--- a/crypto/sha/sha256.c
+++ b/crypto/sha/sha256.c
@@ -4,8 +4,6 @@
* according to the OpenSSL license [found in ../../LICENSE].
* ====================================================================
*/
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256)
-
#include <stdlib.h>
#include <string.h>
@@ -119,9 +117,6 @@ void sha256_block_data_order (SHA256_CTX *ctx, const void *in, size_t num);
#include "md32_common.h"
-#ifdef SHA256_ASM
-void sha256_block (SHA256_CTX *ctx, const void *in, size_t num, int host);
-#else
static const SHA_LONG K256[64] = {
0x428a2f98UL,0x71374491UL,0xb5c0fbcfUL,0xe9b5dba5UL,
0x3956c25bUL,0x59f111f1UL,0x923f82a4UL,0xab1c5ed5UL,
@@ -179,8 +174,6 @@ static void sha256_block (SHA256_CTX *ctx, const void *in, size_t num, int host)
h = g; g = f; f = e; e = d + T1;
d = c; c = b; b = a; a = T1 + T2;
}
-
- data += SHA256_CBLOCK;
}
else
{
@@ -211,6 +204,7 @@ static void sha256_block (SHA256_CTX *ctx, const void *in, size_t num, int host)
ctx->h[0] += a; ctx->h[1] += b; ctx->h[2] += c; ctx->h[3] += d;
ctx->h[4] += e; ctx->h[5] += f; ctx->h[6] += g; ctx->h[7] += h;
+ data += SHA256_CBLOCK;
}
}
@@ -259,8 +253,6 @@ static void sha256_block (SHA256_CTX *ctx, const void *in, size_t num, int host)
T1 = X[13] = W[13]; ROUND_00_15(13,d,e,f,g,h,a,b,c);
T1 = X[14] = W[14]; ROUND_00_15(14,c,d,e,f,g,h,a,b);
T1 = X[15] = W[15]; ROUND_00_15(15,b,c,d,e,f,g,h,a);
-
- data += SHA256_CBLOCK;
}
else
{
@@ -299,11 +291,11 @@ static void sha256_block (SHA256_CTX *ctx, const void *in, size_t num, int host)
ctx->h[0] += a; ctx->h[1] += b; ctx->h[2] += c; ctx->h[3] += d;
ctx->h[4] += e; ctx->h[5] += f; ctx->h[6] += g; ctx->h[7] += h;
+ data += SHA256_CBLOCK;
}
}
#endif
-#endif /* SHA256_ASM */
/*
* Idea is to trade couple of cycles for some space. On IA-32 we save
@@ -315,5 +307,3 @@ void HASH_BLOCK_HOST_ORDER (SHA256_CTX *ctx, const void *in, size_t num)
void HASH_BLOCK_DATA_ORDER (SHA256_CTX *ctx, const void *in, size_t num)
{ sha256_block (ctx,in,num,0); }
-
-#endif /* OPENSSL_NO_SHA256 */
diff --git a/crypto/sha/sha256t.c b/crypto/sha/sha256t.c
index 5c26ec86ef..e211c9c24f 100644
--- a/crypto/sha/sha256t.c
+++ b/crypto/sha/sha256t.c
@@ -8,7 +8,6 @@
#include <stdlib.h>
#include <openssl/sha.h>
-#include <openssl/evp.h>
unsigned char app_b1[SHA256_DIGEST_LENGTH] = {
0xba,0x78,0x16,0xbf,0x8f,0x01,0xcf,0xea,
@@ -49,11 +48,11 @@ unsigned char addenum_3[SHA224_DIGEST_LENGTH] = {
int main ()
{ unsigned char md[SHA256_DIGEST_LENGTH];
int i;
- EVP_MD_CTX evp;
+ SHA256_CTX ctx;
fprintf(stdout,"Testing SHA-256 ");
- EVP_Digest ("abc",3,md,NULL,EVP_sha256(),NULL);
+ SHA256((unsigned char *)"abc",3,md);
if (memcmp(md,app_b1,sizeof(app_b1)))
{ fflush(stdout);
fprintf(stderr,"\nTEST 1 of 3 failed.\n");
@@ -62,8 +61,8 @@ int main ()
else
fprintf(stdout,"."); fflush(stdout);
- EVP_Digest ("abcdbcde""cdefdefg""efghfghi""ghijhijk"
- "ijkljklm""klmnlmno""mnopnopq",56,md,NULL,EVP_sha256(),NULL);
+ SHA256((unsigned char *)"abcdbcde""cdefdefg""efghfghi""ghijhijk"
+ "ijkljklm""klmnlmno""mnopnopq",56,md);
if (memcmp(md,app_b2,sizeof(app_b2)))
{ fflush(stdout);
fprintf(stderr,"\nTEST 2 of 3 failed.\n");
@@ -72,17 +71,12 @@ int main ()
else
fprintf(stdout,"."); fflush(stdout);
- EVP_MD_CTX_init (&evp);
- EVP_DigestInit_ex (&evp,EVP_sha256(),NULL);
- for (i=0;i<1000000;i+=160)
- EVP_DigestUpdate (&evp, "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
- "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
- "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
- "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
- "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa",
- (1000000-i)<160?1000000-i:160);
- EVP_DigestFinal_ex (&evp,md,NULL);
- EVP_MD_CTX_cleanup (&evp);
+ SHA256_Init(&ctx);
+ for (i=0;i<1000000;i+=64)
+ SHA256_Update(&ctx, "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
+ "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa",
+ (1000000-i)<64?1000000-i:64);
+ SHA256_Final(md,&ctx);
if (memcmp(md,app_b3,sizeof(app_b3)))
{ fflush(stdout);
@@ -96,7 +90,7 @@ int main ()
fprintf(stdout,"Testing SHA-224 ");
- EVP_Digest ("abc",3,md,NULL,EVP_sha224(),NULL);
+ SHA224((unsigned char *)"abc",3,md);
if (memcmp(md,addenum_1,sizeof(addenum_1)))
{ fflush(stdout);
fprintf(stderr,"\nTEST 1 of 3 failed.\n");
@@ -105,8 +99,8 @@ int main ()
else
fprintf(stdout,"."); fflush(stdout);
- EVP_Digest ("abcdbcde""cdefdefg""efghfghi""ghijhijk"
- "ijkljklm""klmnlmno""mnopnopq",56,md,NULL,EVP_sha224(),NULL);
+ SHA224((unsigned char *)"abcdbcde""cdefdefg""efghfghi""ghijhijk"
+ "ijkljklm""klmnlmno""mnopnopq",56,md);
if (memcmp(md,addenum_2,sizeof(addenum_2)))
{ fflush(stdout);
fprintf(stderr,"\nTEST 2 of 3 failed.\n");
@@ -115,14 +109,12 @@ int main ()
else
fprintf(stdout,"."); fflush(stdout);
- EVP_MD_CTX_init (&evp);
- EVP_DigestInit_ex (&evp,EVP_sha224(),NULL);
+ SHA224_Init(&ctx);
for (i=0;i<1000000;i+=64)
- EVP_DigestUpdate (&evp, "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
- "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa",
- (1000000-i)<64?1000000-i:64);
- EVP_DigestFinal_ex (&evp,md,NULL);
- EVP_MD_CTX_cleanup (&evp);
+ SHA256_Update(&ctx, "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
+ "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa",
+ (1000000-i)<64?1000000-i:64);
+ SHA256_Final(md,&ctx);
if (memcmp(md,addenum_3,sizeof(addenum_3)))
{ fflush(stdout);
diff --git a/crypto/sha/sha512.c b/crypto/sha/sha512.c
index c84bd5addf..dc1047d59e 100644
--- a/crypto/sha/sha512.c
+++ b/crypto/sha/sha512.c
@@ -4,7 +4,6 @@
* according to the OpenSSL license [found in ../../LICENSE].
* ====================================================================
*/
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA512)
/*
* IMPLEMENTATION NOTES.
*
@@ -48,8 +47,6 @@
#include <openssl/sha.h>
#include <openssl/opensslv.h>
-#include "cryptlib.h"
-
const char *SHA512_version="SHA-512" OPENSSL_VERSION_PTEXT;
#if defined(_M_IX86) || defined(_M_AMD64) || defined(__i386) || defined(__x86_64)
@@ -86,10 +83,7 @@ int SHA512_Init (SHA512_CTX *c)
return 1;
}
-#ifndef SHA512_ASM
-static
-#endif
-void sha512_block (SHA512_CTX *ctx, const void *in, size_t num);
+static void sha512_block (SHA512_CTX *ctx, const void *in, size_t num);
int SHA512_Final (unsigned char *md, SHA512_CTX *c)
{
@@ -107,22 +101,22 @@ int SHA512_Final (unsigned char *md, SHA512_CTX *c)
c->u.d[SHA_LBLOCK-2] = c->Nh;
c->u.d[SHA_LBLOCK-1] = c->Nl;
#else
- p[sizeof(c->u)-1] = (unsigned char)(c->Nl);
- p[sizeof(c->u)-2] = (unsigned char)(c->Nl>>8);
- p[sizeof(c->u)-3] = (unsigned char)(c->Nl>>16);
- p[sizeof(c->u)-4] = (unsigned char)(c->Nl>>24);
- p[sizeof(c->u)-5] = (unsigned char)(c->Nl>>32);
- p[sizeof(c->u)-6] = (unsigned char)(c->Nl>>40);
- p[sizeof(c->u)-7] = (unsigned char)(c->Nl>>48);
- p[sizeof(c->u)-8] = (unsigned char)(c->Nl>>56);
- p[sizeof(c->u)-9] = (unsigned char)(c->Nh);
- p[sizeof(c->u)-10] = (unsigned char)(c->Nh>>8);
- p[sizeof(c->u)-11] = (unsigned char)(c->Nh>>16);
- p[sizeof(c->u)-12] = (unsigned char)(c->Nh>>24);
- p[sizeof(c->u)-13] = (unsigned char)(c->Nh>>32);
- p[sizeof(c->u)-14] = (unsigned char)(c->Nh>>40);
- p[sizeof(c->u)-15] = (unsigned char)(c->Nh>>48);
- p[sizeof(c->u)-16] = (unsigned char)(c->Nh>>56);
+ p[sizeof(c->u)-1] = (c->Nl)&0xFF;
+ p[sizeof(c->u)-2] = (c->Nl>>8)&0xFF;
+ p[sizeof(c->u)-3] = (c->Nl>>16)&0xFF;
+ p[sizeof(c->u)-4] = (c->Nl>>24)&0xFF;
+ p[sizeof(c->u)-5] = (c->Nl>>32)&0xFF;
+ p[sizeof(c->u)-6] = (c->Nl>>40)&0xFF;
+ p[sizeof(c->u)-7] = (c->Nl>>48)&0xFF;
+ p[sizeof(c->u)-8] = (c->Nl>>56)&0xFF;
+ p[sizeof(c->u)-9] = (c->Nh)&0xFF;
+ p[sizeof(c->u)-10] = (c->Nh>>8)&0xFF;
+ p[sizeof(c->u)-11] = (c->Nh>>16)&0xFF;
+ p[sizeof(c->u)-12] = (c->Nh>>24)&0xFF;
+ p[sizeof(c->u)-13] = (c->Nh>>32)&0xFF;
+ p[sizeof(c->u)-14] = (c->Nh>>40)&0xFF;
+ p[sizeof(c->u)-15] = (c->Nh>>48)&0xFF;
+ p[sizeof(c->u)-16] = (c->Nh>>56)&0xFF;
#endif
sha512_block (c,p,1);
@@ -137,14 +131,10 @@ int SHA512_Final (unsigned char *md, SHA512_CTX *c)
{
SHA_LONG64 t = c->h[n];
- *(md++) = (unsigned char)(t>>56);
- *(md++) = (unsigned char)(t>>48);
- *(md++) = (unsigned char)(t>>40);
- *(md++) = (unsigned char)(t>>32);
- *(md++) = (unsigned char)(t>>24);
- *(md++) = (unsigned char)(t>>16);
- *(md++) = (unsigned char)(t>>8);
- *(md++) = (unsigned char)(t);
+ *(md++) = (t>>56)&0xFF; *(md++) = (t>>48)&0xFF;
+ *(md++) = (t>>40)&0xFF; *(md++) = (t>>32)&0xFF;
+ *(md++) = (t>>24)&0xFF; *(md++) = (t>>16)&0xFF;
+ *(md++) = (t>>8)&0xFF; *(md++) = (t)&0xFF;
}
break;
case SHA512_DIGEST_LENGTH:
@@ -152,14 +142,10 @@ int SHA512_Final (unsigned char *md, SHA512_CTX *c)
{
SHA_LONG64 t = c->h[n];
- *(md++) = (unsigned char)(t>>56);
- *(md++) = (unsigned char)(t>>48);
- *(md++) = (unsigned char)(t>>40);
- *(md++) = (unsigned char)(t>>32);
- *(md++) = (unsigned char)(t>>24);
- *(md++) = (unsigned char)(t>>16);
- *(md++) = (unsigned char)(t>>8);
- *(md++) = (unsigned char)(t);
+ *(md++) = (t>>56)&0xFF; *(md++) = (t>>48)&0xFF;
+ *(md++) = (t>>40)&0xFF; *(md++) = (t>>32)&0xFF;
+ *(md++) = (t>>24)&0xFF; *(md++) = (t>>16)&0xFF;
+ *(md++) = (t>>8)&0xFF; *(md++) = (t)&0xFF;
}
break;
/* ... as well as make sure md_len is not abused. */
@@ -255,7 +241,6 @@ unsigned char *SHA512(const unsigned char *d, size_t n, unsigned char *md)
return(md);
}
-#ifndef SHA512_ASM
static const SHA_LONG64 K512[80] = {
U64(0x428a2f98d728ae22),U64(0x7137449123ef65cd),
U64(0xb5c0fbcfec4d3b2f),U64(0xe9b5dba58189dbbc),
@@ -347,10 +332,11 @@ static const SHA_LONG64 K512[80] = {
#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z)))
#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
-#if defined(OPENSSL_IA32_SSE2) && !defined(OPENSSL_NO_ASM) && !defined(I386_ONLY)
+#if defined(OPENSSL_IA32_SSE2) && !defined(OPENSSL_NO_ASM)
#define GO_FOR_SSE2(ctx,in,num) do { \
- void sha512_block_sse2(void *,const void *,size_t); \
- if (!(OPENSSL_ia32cap_P & (1<<26))) break; \
+ extern int OPENSSL_ia32cap; \
+ void sha512_block_sse2(void *,const void *,size_t); \
+ if (!(OPENSSL_ia32cap & (1<<26))) break; \
sha512_block_sse2(ctx->h,in,num); return; \
} while (0)
#endif
@@ -490,7 +476,3 @@ static void sha512_block (SHA512_CTX *ctx, const void *in, size_t num)
}
#endif
-
-#endif /* SHA512_ASM */
-
-#endif /* OPENSSL_NO_SHA512 */
diff --git a/crypto/sha/sha512t.c b/crypto/sha/sha512t.c
index 7385469bee..bb93070e11 100644
--- a/crypto/sha/sha512t.c
+++ b/crypto/sha/sha512t.c
@@ -8,8 +8,6 @@
#include <stdlib.h>
#include <openssl/sha.h>
-#include <openssl/evp.h>
-#include <openssl/crypto.h>
unsigned char app_c1[SHA512_DIGEST_LENGTH] = {
0xdd,0xaf,0x35,0xa1,0x93,0x61,0x7a,0xba,
@@ -68,21 +66,20 @@ unsigned char app_d3[SHA384_DIGEST_LENGTH] = {
int main ()
{ unsigned char md[SHA512_DIGEST_LENGTH];
int i;
- EVP_MD_CTX evp;
+ SHA512_CTX ctx;
#ifdef OPENSSL_IA32_SSE2
- /* Alternative to this is to call OpenSSL_add_all_algorithms...
- * The below code is retained exclusively for debugging purposes. */
- { char *env;
+ { extern int OPENSSL_ia32cap;
+ char *env;
- if ((env=getenv("OPENSSL_ia32cap")))
- OPENSSL_ia32cap = strtoul (env,NULL,0);
+ if (env=getenv("OPENSSL_ia32cap"))
+ OPENSSL_ia32cap = strtol (env,NULL,0);
}
#endif
fprintf(stdout,"Testing SHA-512 ");
- EVP_Digest ("abc",3,md,NULL,EVP_sha512(),NULL);
+ SHA512((unsigned char *)"abc",3,md);
if (memcmp(md,app_c1,sizeof(app_c1)))
{ fflush(stdout);
fprintf(stderr,"\nTEST 1 of 3 failed.\n");
@@ -91,10 +88,10 @@ int main ()
else
fprintf(stdout,"."); fflush(stdout);
- EVP_Digest ("abcdefgh""bcdefghi""cdefghij""defghijk"
- "efghijkl""fghijklm""ghijklmn""hijklmno"
- "ijklmnop""jklmnopq""klmnopqr""lmnopqrs"
- "mnopqrst""nopqrstu",112,md,NULL,EVP_sha512(),NULL);
+ SHA512((unsigned char *)"abcdefgh""bcdefghi""cdefghij""defghijk"
+ "efghijkl""fghijklm""ghijklmn""hijklmno"
+ "ijklmnop""jklmnopq""klmnopqr""lmnopqrs"
+ "mnopqrst""nopqrstu",112,md);
if (memcmp(md,app_c2,sizeof(app_c2)))
{ fflush(stdout);
fprintf(stderr,"\nTEST 2 of 3 failed.\n");
@@ -103,21 +100,19 @@ int main ()
else
fprintf(stdout,"."); fflush(stdout);
- EVP_MD_CTX_init (&evp);
- EVP_DigestInit_ex (&evp,EVP_sha512(),NULL);
+ SHA512_Init(&ctx);
for (i=0;i<1000000;i+=288)
- EVP_DigestUpdate (&evp, "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
- "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
- "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
- "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
- "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
- "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
- "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
- "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
- "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa",
- (1000000-i)<288?1000000-i:288);
- EVP_DigestFinal_ex (&evp,md,NULL);
- EVP_MD_CTX_cleanup (&evp);
+ SHA512_Update(&ctx, "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
+ "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
+ "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
+ "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
+ "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
+ "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
+ "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
+ "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
+ "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa",
+ (1000000-i)<288?1000000-i:288);
+ SHA512_Final(md,&ctx);
if (memcmp(md,app_c3,sizeof(app_c3)))
{ fflush(stdout);
@@ -131,7 +126,7 @@ int main ()
fprintf(stdout,"Testing SHA-384 ");
- EVP_Digest ("abc",3,md,NULL,EVP_sha384(),NULL);
+ SHA384((unsigned char *)"abc",3,md);
if (memcmp(md,app_d1,sizeof(app_d1)))
{ fflush(stdout);
fprintf(stderr,"\nTEST 1 of 3 failed.\n");
@@ -140,10 +135,10 @@ int main ()
else
fprintf(stdout,"."); fflush(stdout);
- EVP_Digest ("abcdefgh""bcdefghi""cdefghij""defghijk"
- "efghijkl""fghijklm""ghijklmn""hijklmno"
- "ijklmnop""jklmnopq""klmnopqr""lmnopqrs"
- "mnopqrst""nopqrstu",112,md,NULL,EVP_sha384(),NULL);
+ SHA384((unsigned char *)"abcdefgh""bcdefghi""cdefghij""defghijk"
+ "efghijkl""fghijklm""ghijklmn""hijklmno"
+ "ijklmnop""jklmnopq""klmnopqr""lmnopqrs"
+ "mnopqrst""nopqrstu",112,md);
if (memcmp(md,app_d2,sizeof(app_d2)))
{ fflush(stdout);
fprintf(stderr,"\nTEST 2 of 3 failed.\n");
@@ -152,14 +147,12 @@ int main ()
else
fprintf(stdout,"."); fflush(stdout);
- EVP_MD_CTX_init (&evp);
- EVP_DigestInit_ex (&evp,EVP_sha384(),NULL);
+ SHA384_Init(&ctx);
for (i=0;i<1000000;i+=64)
- EVP_DigestUpdate (&evp, "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
- "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa",
- (1000000-i)<64?1000000-i:64);
- EVP_DigestFinal_ex (&evp,md,NULL);
- EVP_MD_CTX_cleanup (&evp);
+ SHA512_Update(&ctx, "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
+ "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa",
+ (1000000-i)<64?1000000-i:64);
+ SHA384_Final(md,&ctx);
if (memcmp(md,app_d3,sizeof(app_d3)))
{ fflush(stdout);
diff --git a/crypto/sha/sha_locl.h b/crypto/sha/sha_locl.h
index d1f64c5fd0..210f22f7a6 100644
--- a/crypto/sha/sha_locl.h
+++ b/crypto/sha/sha_locl.h
@@ -121,11 +121,6 @@
# define sha1_block_data_order sha1_block_asm_data_order
# define DONT_IMPLEMENT_BLOCK_DATA_ORDER
# define HASH_BLOCK_DATA_ORDER_ALIGNED sha1_block_asm_data_order
-# elif defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
-# define sha1_block_host_order sha1_block_asm_host_order
-# define DONT_IMPLEMENT_BLOCK_HOST_ORDER
-# define sha1_block_data_order sha1_block_asm_data_order
-# define DONT_IMPLEMENT_BLOCK_DATA_ORDER
# endif
# endif
void sha1_block_host_order (SHA_CTX *c, const void *p,size_t num);
diff --git a/crypto/sha/shatest.c b/crypto/sha/shatest.c
index d007cf13ed..ddb388b670 100644
--- a/crypto/sha/shatest.c
+++ b/crypto/sha/shatest.c
@@ -123,7 +123,7 @@ int main(int argc, char *argv[])
i=1;
while (*P != NULL)
{
- EVP_Digest(*P,strlen((char *)*P),md,NULL,EVP_sha(), NULL);
+ EVP_Digest(*P,(unsigned long)strlen((char *)*P),md,NULL,EVP_sha(), NULL);
p=pt(md);
if (strcmp(p,(char *)*R) != 0)
{
diff --git a/crypto/stack/Makefile.ssl b/crypto/stack/Makefile.ssl
index abf384a39d..092f52ec0b 100644
--- a/crypto/stack/Makefile.ssl
+++ b/crypto/stack/Makefile.ssl
@@ -53,7 +53,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/stack/safestack.h b/crypto/stack/safestack.h
index 6d6739eae1..e52a859eb3 100644
--- a/crypto/stack/safestack.h
+++ b/crypto/stack/safestack.h
@@ -113,8 +113,6 @@ STACK_OF(type) \
((type * (*)(STACK_OF(type) *))sk_pop)(st)
#define SKM_sk_sort(type, st) \
((void (*)(STACK_OF(type) *))sk_sort)(st)
-#define SKM_sk_is_sorted(type, st) \
- ((int (*)(const STACK_OF(type) *))sk_is_sorted)(st)
#define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
((STACK_OF(type) * (*) (STACK_OF(type) **,const unsigned char **, long , \
@@ -190,8 +188,6 @@ STACK_OF(type) \
((type *)sk_pop(st))
#define SKM_sk_sort(type, st) \
sk_sort(st)
-#define SKM_sk_is_sorted(type, st) \
- sk_is_sorted(st)
#define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
d2i_ASN1_SET(st,pp,length, (char *(*)())d2i_func, (void (*)(void *))free_func, ex_tag,ex_class)
@@ -229,7 +225,6 @@ STACK_OF(type) \
#define sk_ACCESS_DESCRIPTION_shift(st) SKM_sk_shift(ACCESS_DESCRIPTION, (st))
#define sk_ACCESS_DESCRIPTION_pop(st) SKM_sk_pop(ACCESS_DESCRIPTION, (st))
#define sk_ACCESS_DESCRIPTION_sort(st) SKM_sk_sort(ACCESS_DESCRIPTION, (st))
-#define sk_ACCESS_DESCRIPTION_is_sorted(st) SKM_sk_is_sorted(ACCESS_DESCRIPTION, (st))
#define sk_ASN1_GENERALSTRING_new(st) SKM_sk_new(ASN1_GENERALSTRING, (st))
#define sk_ASN1_GENERALSTRING_new_null() SKM_sk_new_null(ASN1_GENERALSTRING)
@@ -251,7 +246,6 @@ STACK_OF(type) \
#define sk_ASN1_GENERALSTRING_shift(st) SKM_sk_shift(ASN1_GENERALSTRING, (st))
#define sk_ASN1_GENERALSTRING_pop(st) SKM_sk_pop(ASN1_GENERALSTRING, (st))
#define sk_ASN1_GENERALSTRING_sort(st) SKM_sk_sort(ASN1_GENERALSTRING, (st))
-#define sk_ASN1_GENERALSTRING_is_sorted(st) SKM_sk_is_sorted(ASN1_GENERALSTRING, (st))
#define sk_ASN1_INTEGER_new(st) SKM_sk_new(ASN1_INTEGER, (st))
#define sk_ASN1_INTEGER_new_null() SKM_sk_new_null(ASN1_INTEGER)
@@ -273,7 +267,6 @@ STACK_OF(type) \
#define sk_ASN1_INTEGER_shift(st) SKM_sk_shift(ASN1_INTEGER, (st))
#define sk_ASN1_INTEGER_pop(st) SKM_sk_pop(ASN1_INTEGER, (st))
#define sk_ASN1_INTEGER_sort(st) SKM_sk_sort(ASN1_INTEGER, (st))
-#define sk_ASN1_INTEGER_is_sorted(st) SKM_sk_is_sorted(ASN1_INTEGER, (st))
#define sk_ASN1_OBJECT_new(st) SKM_sk_new(ASN1_OBJECT, (st))
#define sk_ASN1_OBJECT_new_null() SKM_sk_new_null(ASN1_OBJECT)
@@ -295,7 +288,6 @@ STACK_OF(type) \
#define sk_ASN1_OBJECT_shift(st) SKM_sk_shift(ASN1_OBJECT, (st))
#define sk_ASN1_OBJECT_pop(st) SKM_sk_pop(ASN1_OBJECT, (st))
#define sk_ASN1_OBJECT_sort(st) SKM_sk_sort(ASN1_OBJECT, (st))
-#define sk_ASN1_OBJECT_is_sorted(st) SKM_sk_is_sorted(ASN1_OBJECT, (st))
#define sk_ASN1_STRING_TABLE_new(st) SKM_sk_new(ASN1_STRING_TABLE, (st))
#define sk_ASN1_STRING_TABLE_new_null() SKM_sk_new_null(ASN1_STRING_TABLE)
@@ -317,7 +309,6 @@ STACK_OF(type) \
#define sk_ASN1_STRING_TABLE_shift(st) SKM_sk_shift(ASN1_STRING_TABLE, (st))
#define sk_ASN1_STRING_TABLE_pop(st) SKM_sk_pop(ASN1_STRING_TABLE, (st))
#define sk_ASN1_STRING_TABLE_sort(st) SKM_sk_sort(ASN1_STRING_TABLE, (st))
-#define sk_ASN1_STRING_TABLE_is_sorted(st) SKM_sk_is_sorted(ASN1_STRING_TABLE, (st))
#define sk_ASN1_TYPE_new(st) SKM_sk_new(ASN1_TYPE, (st))
#define sk_ASN1_TYPE_new_null() SKM_sk_new_null(ASN1_TYPE)
@@ -339,7 +330,6 @@ STACK_OF(type) \
#define sk_ASN1_TYPE_shift(st) SKM_sk_shift(ASN1_TYPE, (st))
#define sk_ASN1_TYPE_pop(st) SKM_sk_pop(ASN1_TYPE, (st))
#define sk_ASN1_TYPE_sort(st) SKM_sk_sort(ASN1_TYPE, (st))
-#define sk_ASN1_TYPE_is_sorted(st) SKM_sk_is_sorted(ASN1_TYPE, (st))
#define sk_ASN1_VALUE_new(st) SKM_sk_new(ASN1_VALUE, (st))
#define sk_ASN1_VALUE_new_null() SKM_sk_new_null(ASN1_VALUE)
@@ -361,7 +351,6 @@ STACK_OF(type) \
#define sk_ASN1_VALUE_shift(st) SKM_sk_shift(ASN1_VALUE, (st))
#define sk_ASN1_VALUE_pop(st) SKM_sk_pop(ASN1_VALUE, (st))
#define sk_ASN1_VALUE_sort(st) SKM_sk_sort(ASN1_VALUE, (st))
-#define sk_ASN1_VALUE_is_sorted(st) SKM_sk_is_sorted(ASN1_VALUE, (st))
#define sk_BIO_new(st) SKM_sk_new(BIO, (st))
#define sk_BIO_new_null() SKM_sk_new_null(BIO)
@@ -383,7 +372,6 @@ STACK_OF(type) \
#define sk_BIO_shift(st) SKM_sk_shift(BIO, (st))
#define sk_BIO_pop(st) SKM_sk_pop(BIO, (st))
#define sk_BIO_sort(st) SKM_sk_sort(BIO, (st))
-#define sk_BIO_is_sorted(st) SKM_sk_is_sorted(BIO, (st))
#define sk_CONF_IMODULE_new(st) SKM_sk_new(CONF_IMODULE, (st))
#define sk_CONF_IMODULE_new_null() SKM_sk_new_null(CONF_IMODULE)
@@ -405,7 +393,6 @@ STACK_OF(type) \
#define sk_CONF_IMODULE_shift(st) SKM_sk_shift(CONF_IMODULE, (st))
#define sk_CONF_IMODULE_pop(st) SKM_sk_pop(CONF_IMODULE, (st))
#define sk_CONF_IMODULE_sort(st) SKM_sk_sort(CONF_IMODULE, (st))
-#define sk_CONF_IMODULE_is_sorted(st) SKM_sk_is_sorted(CONF_IMODULE, (st))
#define sk_CONF_MODULE_new(st) SKM_sk_new(CONF_MODULE, (st))
#define sk_CONF_MODULE_new_null() SKM_sk_new_null(CONF_MODULE)
@@ -427,7 +414,6 @@ STACK_OF(type) \
#define sk_CONF_MODULE_shift(st) SKM_sk_shift(CONF_MODULE, (st))
#define sk_CONF_MODULE_pop(st) SKM_sk_pop(CONF_MODULE, (st))
#define sk_CONF_MODULE_sort(st) SKM_sk_sort(CONF_MODULE, (st))
-#define sk_CONF_MODULE_is_sorted(st) SKM_sk_is_sorted(CONF_MODULE, (st))
#define sk_CONF_VALUE_new(st) SKM_sk_new(CONF_VALUE, (st))
#define sk_CONF_VALUE_new_null() SKM_sk_new_null(CONF_VALUE)
@@ -449,7 +435,6 @@ STACK_OF(type) \
#define sk_CONF_VALUE_shift(st) SKM_sk_shift(CONF_VALUE, (st))
#define sk_CONF_VALUE_pop(st) SKM_sk_pop(CONF_VALUE, (st))
#define sk_CONF_VALUE_sort(st) SKM_sk_sort(CONF_VALUE, (st))
-#define sk_CONF_VALUE_is_sorted(st) SKM_sk_is_sorted(CONF_VALUE, (st))
#define sk_CRYPTO_EX_DATA_FUNCS_new(st) SKM_sk_new(CRYPTO_EX_DATA_FUNCS, (st))
#define sk_CRYPTO_EX_DATA_FUNCS_new_null() SKM_sk_new_null(CRYPTO_EX_DATA_FUNCS)
@@ -471,7 +456,6 @@ STACK_OF(type) \
#define sk_CRYPTO_EX_DATA_FUNCS_shift(st) SKM_sk_shift(CRYPTO_EX_DATA_FUNCS, (st))
#define sk_CRYPTO_EX_DATA_FUNCS_pop(st) SKM_sk_pop(CRYPTO_EX_DATA_FUNCS, (st))
#define sk_CRYPTO_EX_DATA_FUNCS_sort(st) SKM_sk_sort(CRYPTO_EX_DATA_FUNCS, (st))
-#define sk_CRYPTO_EX_DATA_FUNCS_is_sorted(st) SKM_sk_is_sorted(CRYPTO_EX_DATA_FUNCS, (st))
#define sk_CRYPTO_dynlock_new(st) SKM_sk_new(CRYPTO_dynlock, (st))
#define sk_CRYPTO_dynlock_new_null() SKM_sk_new_null(CRYPTO_dynlock)
@@ -493,7 +477,6 @@ STACK_OF(type) \
#define sk_CRYPTO_dynlock_shift(st) SKM_sk_shift(CRYPTO_dynlock, (st))
#define sk_CRYPTO_dynlock_pop(st) SKM_sk_pop(CRYPTO_dynlock, (st))
#define sk_CRYPTO_dynlock_sort(st) SKM_sk_sort(CRYPTO_dynlock, (st))
-#define sk_CRYPTO_dynlock_is_sorted(st) SKM_sk_is_sorted(CRYPTO_dynlock, (st))
#define sk_DIST_POINT_new(st) SKM_sk_new(DIST_POINT, (st))
#define sk_DIST_POINT_new_null() SKM_sk_new_null(DIST_POINT)
@@ -515,7 +498,6 @@ STACK_OF(type) \
#define sk_DIST_POINT_shift(st) SKM_sk_shift(DIST_POINT, (st))
#define sk_DIST_POINT_pop(st) SKM_sk_pop(DIST_POINT, (st))
#define sk_DIST_POINT_sort(st) SKM_sk_sort(DIST_POINT, (st))
-#define sk_DIST_POINT_is_sorted(st) SKM_sk_is_sorted(DIST_POINT, (st))
#define sk_ENGINE_new(st) SKM_sk_new(ENGINE, (st))
#define sk_ENGINE_new_null() SKM_sk_new_null(ENGINE)
@@ -537,7 +519,6 @@ STACK_OF(type) \
#define sk_ENGINE_shift(st) SKM_sk_shift(ENGINE, (st))
#define sk_ENGINE_pop(st) SKM_sk_pop(ENGINE, (st))
#define sk_ENGINE_sort(st) SKM_sk_sort(ENGINE, (st))
-#define sk_ENGINE_is_sorted(st) SKM_sk_is_sorted(ENGINE, (st))
#define sk_ENGINE_CLEANUP_ITEM_new(st) SKM_sk_new(ENGINE_CLEANUP_ITEM, (st))
#define sk_ENGINE_CLEANUP_ITEM_new_null() SKM_sk_new_null(ENGINE_CLEANUP_ITEM)
@@ -559,7 +540,6 @@ STACK_OF(type) \
#define sk_ENGINE_CLEANUP_ITEM_shift(st) SKM_sk_shift(ENGINE_CLEANUP_ITEM, (st))
#define sk_ENGINE_CLEANUP_ITEM_pop(st) SKM_sk_pop(ENGINE_CLEANUP_ITEM, (st))
#define sk_ENGINE_CLEANUP_ITEM_sort(st) SKM_sk_sort(ENGINE_CLEANUP_ITEM, (st))
-#define sk_ENGINE_CLEANUP_ITEM_is_sorted(st) SKM_sk_is_sorted(ENGINE_CLEANUP_ITEM, (st))
#define sk_GENERAL_NAME_new(st) SKM_sk_new(GENERAL_NAME, (st))
#define sk_GENERAL_NAME_new_null() SKM_sk_new_null(GENERAL_NAME)
@@ -581,7 +561,6 @@ STACK_OF(type) \
#define sk_GENERAL_NAME_shift(st) SKM_sk_shift(GENERAL_NAME, (st))
#define sk_GENERAL_NAME_pop(st) SKM_sk_pop(GENERAL_NAME, (st))
#define sk_GENERAL_NAME_sort(st) SKM_sk_sort(GENERAL_NAME, (st))
-#define sk_GENERAL_NAME_is_sorted(st) SKM_sk_is_sorted(GENERAL_NAME, (st))
#define sk_GENERAL_SUBTREE_new(st) SKM_sk_new(GENERAL_SUBTREE, (st))
#define sk_GENERAL_SUBTREE_new_null() SKM_sk_new_null(GENERAL_SUBTREE)
@@ -603,7 +582,6 @@ STACK_OF(type) \
#define sk_GENERAL_SUBTREE_shift(st) SKM_sk_shift(GENERAL_SUBTREE, (st))
#define sk_GENERAL_SUBTREE_pop(st) SKM_sk_pop(GENERAL_SUBTREE, (st))
#define sk_GENERAL_SUBTREE_sort(st) SKM_sk_sort(GENERAL_SUBTREE, (st))
-#define sk_GENERAL_SUBTREE_is_sorted(st) SKM_sk_is_sorted(GENERAL_SUBTREE, (st))
#define sk_KRB5_APREQBODY_new(st) SKM_sk_new(KRB5_APREQBODY, (st))
#define sk_KRB5_APREQBODY_new_null() SKM_sk_new_null(KRB5_APREQBODY)
@@ -625,7 +603,6 @@ STACK_OF(type) \
#define sk_KRB5_APREQBODY_shift(st) SKM_sk_shift(KRB5_APREQBODY, (st))
#define sk_KRB5_APREQBODY_pop(st) SKM_sk_pop(KRB5_APREQBODY, (st))
#define sk_KRB5_APREQBODY_sort(st) SKM_sk_sort(KRB5_APREQBODY, (st))
-#define sk_KRB5_APREQBODY_is_sorted(st) SKM_sk_is_sorted(KRB5_APREQBODY, (st))
#define sk_KRB5_AUTHDATA_new(st) SKM_sk_new(KRB5_AUTHDATA, (st))
#define sk_KRB5_AUTHDATA_new_null() SKM_sk_new_null(KRB5_AUTHDATA)
@@ -647,7 +624,6 @@ STACK_OF(type) \
#define sk_KRB5_AUTHDATA_shift(st) SKM_sk_shift(KRB5_AUTHDATA, (st))
#define sk_KRB5_AUTHDATA_pop(st) SKM_sk_pop(KRB5_AUTHDATA, (st))
#define sk_KRB5_AUTHDATA_sort(st) SKM_sk_sort(KRB5_AUTHDATA, (st))
-#define sk_KRB5_AUTHDATA_is_sorted(st) SKM_sk_is_sorted(KRB5_AUTHDATA, (st))
#define sk_KRB5_AUTHENTBODY_new(st) SKM_sk_new(KRB5_AUTHENTBODY, (st))
#define sk_KRB5_AUTHENTBODY_new_null() SKM_sk_new_null(KRB5_AUTHENTBODY)
@@ -669,7 +645,6 @@ STACK_OF(type) \
#define sk_KRB5_AUTHENTBODY_shift(st) SKM_sk_shift(KRB5_AUTHENTBODY, (st))
#define sk_KRB5_AUTHENTBODY_pop(st) SKM_sk_pop(KRB5_AUTHENTBODY, (st))
#define sk_KRB5_AUTHENTBODY_sort(st) SKM_sk_sort(KRB5_AUTHENTBODY, (st))
-#define sk_KRB5_AUTHENTBODY_is_sorted(st) SKM_sk_is_sorted(KRB5_AUTHENTBODY, (st))
#define sk_KRB5_CHECKSUM_new(st) SKM_sk_new(KRB5_CHECKSUM, (st))
#define sk_KRB5_CHECKSUM_new_null() SKM_sk_new_null(KRB5_CHECKSUM)
@@ -691,7 +666,6 @@ STACK_OF(type) \
#define sk_KRB5_CHECKSUM_shift(st) SKM_sk_shift(KRB5_CHECKSUM, (st))
#define sk_KRB5_CHECKSUM_pop(st) SKM_sk_pop(KRB5_CHECKSUM, (st))
#define sk_KRB5_CHECKSUM_sort(st) SKM_sk_sort(KRB5_CHECKSUM, (st))
-#define sk_KRB5_CHECKSUM_is_sorted(st) SKM_sk_is_sorted(KRB5_CHECKSUM, (st))
#define sk_KRB5_ENCDATA_new(st) SKM_sk_new(KRB5_ENCDATA, (st))
#define sk_KRB5_ENCDATA_new_null() SKM_sk_new_null(KRB5_ENCDATA)
@@ -713,7 +687,6 @@ STACK_OF(type) \
#define sk_KRB5_ENCDATA_shift(st) SKM_sk_shift(KRB5_ENCDATA, (st))
#define sk_KRB5_ENCDATA_pop(st) SKM_sk_pop(KRB5_ENCDATA, (st))
#define sk_KRB5_ENCDATA_sort(st) SKM_sk_sort(KRB5_ENCDATA, (st))
-#define sk_KRB5_ENCDATA_is_sorted(st) SKM_sk_is_sorted(KRB5_ENCDATA, (st))
#define sk_KRB5_ENCKEY_new(st) SKM_sk_new(KRB5_ENCKEY, (st))
#define sk_KRB5_ENCKEY_new_null() SKM_sk_new_null(KRB5_ENCKEY)
@@ -735,7 +708,6 @@ STACK_OF(type) \
#define sk_KRB5_ENCKEY_shift(st) SKM_sk_shift(KRB5_ENCKEY, (st))
#define sk_KRB5_ENCKEY_pop(st) SKM_sk_pop(KRB5_ENCKEY, (st))
#define sk_KRB5_ENCKEY_sort(st) SKM_sk_sort(KRB5_ENCKEY, (st))
-#define sk_KRB5_ENCKEY_is_sorted(st) SKM_sk_is_sorted(KRB5_ENCKEY, (st))
#define sk_KRB5_PRINCNAME_new(st) SKM_sk_new(KRB5_PRINCNAME, (st))
#define sk_KRB5_PRINCNAME_new_null() SKM_sk_new_null(KRB5_PRINCNAME)
@@ -757,7 +729,6 @@ STACK_OF(type) \
#define sk_KRB5_PRINCNAME_shift(st) SKM_sk_shift(KRB5_PRINCNAME, (st))
#define sk_KRB5_PRINCNAME_pop(st) SKM_sk_pop(KRB5_PRINCNAME, (st))
#define sk_KRB5_PRINCNAME_sort(st) SKM_sk_sort(KRB5_PRINCNAME, (st))
-#define sk_KRB5_PRINCNAME_is_sorted(st) SKM_sk_is_sorted(KRB5_PRINCNAME, (st))
#define sk_KRB5_TKTBODY_new(st) SKM_sk_new(KRB5_TKTBODY, (st))
#define sk_KRB5_TKTBODY_new_null() SKM_sk_new_null(KRB5_TKTBODY)
@@ -779,7 +750,6 @@ STACK_OF(type) \
#define sk_KRB5_TKTBODY_shift(st) SKM_sk_shift(KRB5_TKTBODY, (st))
#define sk_KRB5_TKTBODY_pop(st) SKM_sk_pop(KRB5_TKTBODY, (st))
#define sk_KRB5_TKTBODY_sort(st) SKM_sk_sort(KRB5_TKTBODY, (st))
-#define sk_KRB5_TKTBODY_is_sorted(st) SKM_sk_is_sorted(KRB5_TKTBODY, (st))
#define sk_MIME_HEADER_new(st) SKM_sk_new(MIME_HEADER, (st))
#define sk_MIME_HEADER_new_null() SKM_sk_new_null(MIME_HEADER)
@@ -801,7 +771,6 @@ STACK_OF(type) \
#define sk_MIME_HEADER_shift(st) SKM_sk_shift(MIME_HEADER, (st))
#define sk_MIME_HEADER_pop(st) SKM_sk_pop(MIME_HEADER, (st))
#define sk_MIME_HEADER_sort(st) SKM_sk_sort(MIME_HEADER, (st))
-#define sk_MIME_HEADER_is_sorted(st) SKM_sk_is_sorted(MIME_HEADER, (st))
#define sk_MIME_PARAM_new(st) SKM_sk_new(MIME_PARAM, (st))
#define sk_MIME_PARAM_new_null() SKM_sk_new_null(MIME_PARAM)
@@ -823,7 +792,6 @@ STACK_OF(type) \
#define sk_MIME_PARAM_shift(st) SKM_sk_shift(MIME_PARAM, (st))
#define sk_MIME_PARAM_pop(st) SKM_sk_pop(MIME_PARAM, (st))
#define sk_MIME_PARAM_sort(st) SKM_sk_sort(MIME_PARAM, (st))
-#define sk_MIME_PARAM_is_sorted(st) SKM_sk_is_sorted(MIME_PARAM, (st))
#define sk_NAME_FUNCS_new(st) SKM_sk_new(NAME_FUNCS, (st))
#define sk_NAME_FUNCS_new_null() SKM_sk_new_null(NAME_FUNCS)
@@ -845,7 +813,6 @@ STACK_OF(type) \
#define sk_NAME_FUNCS_shift(st) SKM_sk_shift(NAME_FUNCS, (st))
#define sk_NAME_FUNCS_pop(st) SKM_sk_pop(NAME_FUNCS, (st))
#define sk_NAME_FUNCS_sort(st) SKM_sk_sort(NAME_FUNCS, (st))
-#define sk_NAME_FUNCS_is_sorted(st) SKM_sk_is_sorted(NAME_FUNCS, (st))
#define sk_OCSP_CERTID_new(st) SKM_sk_new(OCSP_CERTID, (st))
#define sk_OCSP_CERTID_new_null() SKM_sk_new_null(OCSP_CERTID)
@@ -867,7 +834,6 @@ STACK_OF(type) \
#define sk_OCSP_CERTID_shift(st) SKM_sk_shift(OCSP_CERTID, (st))
#define sk_OCSP_CERTID_pop(st) SKM_sk_pop(OCSP_CERTID, (st))
#define sk_OCSP_CERTID_sort(st) SKM_sk_sort(OCSP_CERTID, (st))
-#define sk_OCSP_CERTID_is_sorted(st) SKM_sk_is_sorted(OCSP_CERTID, (st))
#define sk_OCSP_ONEREQ_new(st) SKM_sk_new(OCSP_ONEREQ, (st))
#define sk_OCSP_ONEREQ_new_null() SKM_sk_new_null(OCSP_ONEREQ)
@@ -889,7 +855,6 @@ STACK_OF(type) \
#define sk_OCSP_ONEREQ_shift(st) SKM_sk_shift(OCSP_ONEREQ, (st))
#define sk_OCSP_ONEREQ_pop(st) SKM_sk_pop(OCSP_ONEREQ, (st))
#define sk_OCSP_ONEREQ_sort(st) SKM_sk_sort(OCSP_ONEREQ, (st))
-#define sk_OCSP_ONEREQ_is_sorted(st) SKM_sk_is_sorted(OCSP_ONEREQ, (st))
#define sk_OCSP_SINGLERESP_new(st) SKM_sk_new(OCSP_SINGLERESP, (st))
#define sk_OCSP_SINGLERESP_new_null() SKM_sk_new_null(OCSP_SINGLERESP)
@@ -911,7 +876,6 @@ STACK_OF(type) \
#define sk_OCSP_SINGLERESP_shift(st) SKM_sk_shift(OCSP_SINGLERESP, (st))
#define sk_OCSP_SINGLERESP_pop(st) SKM_sk_pop(OCSP_SINGLERESP, (st))
#define sk_OCSP_SINGLERESP_sort(st) SKM_sk_sort(OCSP_SINGLERESP, (st))
-#define sk_OCSP_SINGLERESP_is_sorted(st) SKM_sk_is_sorted(OCSP_SINGLERESP, (st))
#define sk_PKCS12_SAFEBAG_new(st) SKM_sk_new(PKCS12_SAFEBAG, (st))
#define sk_PKCS12_SAFEBAG_new_null() SKM_sk_new_null(PKCS12_SAFEBAG)
@@ -933,7 +897,6 @@ STACK_OF(type) \
#define sk_PKCS12_SAFEBAG_shift(st) SKM_sk_shift(PKCS12_SAFEBAG, (st))
#define sk_PKCS12_SAFEBAG_pop(st) SKM_sk_pop(PKCS12_SAFEBAG, (st))
#define sk_PKCS12_SAFEBAG_sort(st) SKM_sk_sort(PKCS12_SAFEBAG, (st))
-#define sk_PKCS12_SAFEBAG_is_sorted(st) SKM_sk_is_sorted(PKCS12_SAFEBAG, (st))
#define sk_PKCS7_new(st) SKM_sk_new(PKCS7, (st))
#define sk_PKCS7_new_null() SKM_sk_new_null(PKCS7)
@@ -955,7 +918,6 @@ STACK_OF(type) \
#define sk_PKCS7_shift(st) SKM_sk_shift(PKCS7, (st))
#define sk_PKCS7_pop(st) SKM_sk_pop(PKCS7, (st))
#define sk_PKCS7_sort(st) SKM_sk_sort(PKCS7, (st))
-#define sk_PKCS7_is_sorted(st) SKM_sk_is_sorted(PKCS7, (st))
#define sk_PKCS7_RECIP_INFO_new(st) SKM_sk_new(PKCS7_RECIP_INFO, (st))
#define sk_PKCS7_RECIP_INFO_new_null() SKM_sk_new_null(PKCS7_RECIP_INFO)
@@ -977,7 +939,6 @@ STACK_OF(type) \
#define sk_PKCS7_RECIP_INFO_shift(st) SKM_sk_shift(PKCS7_RECIP_INFO, (st))
#define sk_PKCS7_RECIP_INFO_pop(st) SKM_sk_pop(PKCS7_RECIP_INFO, (st))
#define sk_PKCS7_RECIP_INFO_sort(st) SKM_sk_sort(PKCS7_RECIP_INFO, (st))
-#define sk_PKCS7_RECIP_INFO_is_sorted(st) SKM_sk_is_sorted(PKCS7_RECIP_INFO, (st))
#define sk_PKCS7_SIGNER_INFO_new(st) SKM_sk_new(PKCS7_SIGNER_INFO, (st))
#define sk_PKCS7_SIGNER_INFO_new_null() SKM_sk_new_null(PKCS7_SIGNER_INFO)
@@ -999,7 +960,6 @@ STACK_OF(type) \
#define sk_PKCS7_SIGNER_INFO_shift(st) SKM_sk_shift(PKCS7_SIGNER_INFO, (st))
#define sk_PKCS7_SIGNER_INFO_pop(st) SKM_sk_pop(PKCS7_SIGNER_INFO, (st))
#define sk_PKCS7_SIGNER_INFO_sort(st) SKM_sk_sort(PKCS7_SIGNER_INFO, (st))
-#define sk_PKCS7_SIGNER_INFO_is_sorted(st) SKM_sk_is_sorted(PKCS7_SIGNER_INFO, (st))
#define sk_POLICYINFO_new(st) SKM_sk_new(POLICYINFO, (st))
#define sk_POLICYINFO_new_null() SKM_sk_new_null(POLICYINFO)
@@ -1021,7 +981,6 @@ STACK_OF(type) \
#define sk_POLICYINFO_shift(st) SKM_sk_shift(POLICYINFO, (st))
#define sk_POLICYINFO_pop(st) SKM_sk_pop(POLICYINFO, (st))
#define sk_POLICYINFO_sort(st) SKM_sk_sort(POLICYINFO, (st))
-#define sk_POLICYINFO_is_sorted(st) SKM_sk_is_sorted(POLICYINFO, (st))
#define sk_POLICYQUALINFO_new(st) SKM_sk_new(POLICYQUALINFO, (st))
#define sk_POLICYQUALINFO_new_null() SKM_sk_new_null(POLICYQUALINFO)
@@ -1043,7 +1002,6 @@ STACK_OF(type) \
#define sk_POLICYQUALINFO_shift(st) SKM_sk_shift(POLICYQUALINFO, (st))
#define sk_POLICYQUALINFO_pop(st) SKM_sk_pop(POLICYQUALINFO, (st))
#define sk_POLICYQUALINFO_sort(st) SKM_sk_sort(POLICYQUALINFO, (st))
-#define sk_POLICYQUALINFO_is_sorted(st) SKM_sk_is_sorted(POLICYQUALINFO, (st))
#define sk_POLICY_MAPPING_new(st) SKM_sk_new(POLICY_MAPPING, (st))
#define sk_POLICY_MAPPING_new_null() SKM_sk_new_null(POLICY_MAPPING)
@@ -1065,7 +1023,6 @@ STACK_OF(type) \
#define sk_POLICY_MAPPING_shift(st) SKM_sk_shift(POLICY_MAPPING, (st))
#define sk_POLICY_MAPPING_pop(st) SKM_sk_pop(POLICY_MAPPING, (st))
#define sk_POLICY_MAPPING_sort(st) SKM_sk_sort(POLICY_MAPPING, (st))
-#define sk_POLICY_MAPPING_is_sorted(st) SKM_sk_is_sorted(POLICY_MAPPING, (st))
#define sk_SSL_CIPHER_new(st) SKM_sk_new(SSL_CIPHER, (st))
#define sk_SSL_CIPHER_new_null() SKM_sk_new_null(SSL_CIPHER)
@@ -1087,7 +1044,6 @@ STACK_OF(type) \
#define sk_SSL_CIPHER_shift(st) SKM_sk_shift(SSL_CIPHER, (st))
#define sk_SSL_CIPHER_pop(st) SKM_sk_pop(SSL_CIPHER, (st))
#define sk_SSL_CIPHER_sort(st) SKM_sk_sort(SSL_CIPHER, (st))
-#define sk_SSL_CIPHER_is_sorted(st) SKM_sk_is_sorted(SSL_CIPHER, (st))
#define sk_SSL_COMP_new(st) SKM_sk_new(SSL_COMP, (st))
#define sk_SSL_COMP_new_null() SKM_sk_new_null(SSL_COMP)
@@ -1109,7 +1065,6 @@ STACK_OF(type) \
#define sk_SSL_COMP_shift(st) SKM_sk_shift(SSL_COMP, (st))
#define sk_SSL_COMP_pop(st) SKM_sk_pop(SSL_COMP, (st))
#define sk_SSL_COMP_sort(st) SKM_sk_sort(SSL_COMP, (st))
-#define sk_SSL_COMP_is_sorted(st) SKM_sk_is_sorted(SSL_COMP, (st))
#define sk_STORE_OBJECT_new(st) SKM_sk_new(STORE_OBJECT, (st))
#define sk_STORE_OBJECT_new_null() SKM_sk_new_null(STORE_OBJECT)
@@ -1131,7 +1086,6 @@ STACK_OF(type) \
#define sk_STORE_OBJECT_shift(st) SKM_sk_shift(STORE_OBJECT, (st))
#define sk_STORE_OBJECT_pop(st) SKM_sk_pop(STORE_OBJECT, (st))
#define sk_STORE_OBJECT_sort(st) SKM_sk_sort(STORE_OBJECT, (st))
-#define sk_STORE_OBJECT_is_sorted(st) SKM_sk_is_sorted(STORE_OBJECT, (st))
#define sk_SXNETID_new(st) SKM_sk_new(SXNETID, (st))
#define sk_SXNETID_new_null() SKM_sk_new_null(SXNETID)
@@ -1153,7 +1107,6 @@ STACK_OF(type) \
#define sk_SXNETID_shift(st) SKM_sk_shift(SXNETID, (st))
#define sk_SXNETID_pop(st) SKM_sk_pop(SXNETID, (st))
#define sk_SXNETID_sort(st) SKM_sk_sort(SXNETID, (st))
-#define sk_SXNETID_is_sorted(st) SKM_sk_is_sorted(SXNETID, (st))
#define sk_UI_STRING_new(st) SKM_sk_new(UI_STRING, (st))
#define sk_UI_STRING_new_null() SKM_sk_new_null(UI_STRING)
@@ -1175,7 +1128,6 @@ STACK_OF(type) \
#define sk_UI_STRING_shift(st) SKM_sk_shift(UI_STRING, (st))
#define sk_UI_STRING_pop(st) SKM_sk_pop(UI_STRING, (st))
#define sk_UI_STRING_sort(st) SKM_sk_sort(UI_STRING, (st))
-#define sk_UI_STRING_is_sorted(st) SKM_sk_is_sorted(UI_STRING, (st))
#define sk_X509_new(st) SKM_sk_new(X509, (st))
#define sk_X509_new_null() SKM_sk_new_null(X509)
@@ -1197,7 +1149,6 @@ STACK_OF(type) \
#define sk_X509_shift(st) SKM_sk_shift(X509, (st))
#define sk_X509_pop(st) SKM_sk_pop(X509, (st))
#define sk_X509_sort(st) SKM_sk_sort(X509, (st))
-#define sk_X509_is_sorted(st) SKM_sk_is_sorted(X509, (st))
#define sk_X509V3_EXT_METHOD_new(st) SKM_sk_new(X509V3_EXT_METHOD, (st))
#define sk_X509V3_EXT_METHOD_new_null() SKM_sk_new_null(X509V3_EXT_METHOD)
@@ -1219,7 +1170,6 @@ STACK_OF(type) \
#define sk_X509V3_EXT_METHOD_shift(st) SKM_sk_shift(X509V3_EXT_METHOD, (st))
#define sk_X509V3_EXT_METHOD_pop(st) SKM_sk_pop(X509V3_EXT_METHOD, (st))
#define sk_X509V3_EXT_METHOD_sort(st) SKM_sk_sort(X509V3_EXT_METHOD, (st))
-#define sk_X509V3_EXT_METHOD_is_sorted(st) SKM_sk_is_sorted(X509V3_EXT_METHOD, (st))
#define sk_X509_ALGOR_new(st) SKM_sk_new(X509_ALGOR, (st))
#define sk_X509_ALGOR_new_null() SKM_sk_new_null(X509_ALGOR)
@@ -1241,7 +1191,6 @@ STACK_OF(type) \
#define sk_X509_ALGOR_shift(st) SKM_sk_shift(X509_ALGOR, (st))
#define sk_X509_ALGOR_pop(st) SKM_sk_pop(X509_ALGOR, (st))
#define sk_X509_ALGOR_sort(st) SKM_sk_sort(X509_ALGOR, (st))
-#define sk_X509_ALGOR_is_sorted(st) SKM_sk_is_sorted(X509_ALGOR, (st))
#define sk_X509_ATTRIBUTE_new(st) SKM_sk_new(X509_ATTRIBUTE, (st))
#define sk_X509_ATTRIBUTE_new_null() SKM_sk_new_null(X509_ATTRIBUTE)
@@ -1263,7 +1212,6 @@ STACK_OF(type) \
#define sk_X509_ATTRIBUTE_shift(st) SKM_sk_shift(X509_ATTRIBUTE, (st))
#define sk_X509_ATTRIBUTE_pop(st) SKM_sk_pop(X509_ATTRIBUTE, (st))
#define sk_X509_ATTRIBUTE_sort(st) SKM_sk_sort(X509_ATTRIBUTE, (st))
-#define sk_X509_ATTRIBUTE_is_sorted(st) SKM_sk_is_sorted(X509_ATTRIBUTE, (st))
#define sk_X509_CRL_new(st) SKM_sk_new(X509_CRL, (st))
#define sk_X509_CRL_new_null() SKM_sk_new_null(X509_CRL)
@@ -1285,7 +1233,6 @@ STACK_OF(type) \
#define sk_X509_CRL_shift(st) SKM_sk_shift(X509_CRL, (st))
#define sk_X509_CRL_pop(st) SKM_sk_pop(X509_CRL, (st))
#define sk_X509_CRL_sort(st) SKM_sk_sort(X509_CRL, (st))
-#define sk_X509_CRL_is_sorted(st) SKM_sk_is_sorted(X509_CRL, (st))
#define sk_X509_EXTENSION_new(st) SKM_sk_new(X509_EXTENSION, (st))
#define sk_X509_EXTENSION_new_null() SKM_sk_new_null(X509_EXTENSION)
@@ -1307,7 +1254,6 @@ STACK_OF(type) \
#define sk_X509_EXTENSION_shift(st) SKM_sk_shift(X509_EXTENSION, (st))
#define sk_X509_EXTENSION_pop(st) SKM_sk_pop(X509_EXTENSION, (st))
#define sk_X509_EXTENSION_sort(st) SKM_sk_sort(X509_EXTENSION, (st))
-#define sk_X509_EXTENSION_is_sorted(st) SKM_sk_is_sorted(X509_EXTENSION, (st))
#define sk_X509_INFO_new(st) SKM_sk_new(X509_INFO, (st))
#define sk_X509_INFO_new_null() SKM_sk_new_null(X509_INFO)
@@ -1329,7 +1275,6 @@ STACK_OF(type) \
#define sk_X509_INFO_shift(st) SKM_sk_shift(X509_INFO, (st))
#define sk_X509_INFO_pop(st) SKM_sk_pop(X509_INFO, (st))
#define sk_X509_INFO_sort(st) SKM_sk_sort(X509_INFO, (st))
-#define sk_X509_INFO_is_sorted(st) SKM_sk_is_sorted(X509_INFO, (st))
#define sk_X509_LOOKUP_new(st) SKM_sk_new(X509_LOOKUP, (st))
#define sk_X509_LOOKUP_new_null() SKM_sk_new_null(X509_LOOKUP)
@@ -1351,7 +1296,6 @@ STACK_OF(type) \
#define sk_X509_LOOKUP_shift(st) SKM_sk_shift(X509_LOOKUP, (st))
#define sk_X509_LOOKUP_pop(st) SKM_sk_pop(X509_LOOKUP, (st))
#define sk_X509_LOOKUP_sort(st) SKM_sk_sort(X509_LOOKUP, (st))
-#define sk_X509_LOOKUP_is_sorted(st) SKM_sk_is_sorted(X509_LOOKUP, (st))
#define sk_X509_NAME_new(st) SKM_sk_new(X509_NAME, (st))
#define sk_X509_NAME_new_null() SKM_sk_new_null(X509_NAME)
@@ -1373,7 +1317,6 @@ STACK_OF(type) \
#define sk_X509_NAME_shift(st) SKM_sk_shift(X509_NAME, (st))
#define sk_X509_NAME_pop(st) SKM_sk_pop(X509_NAME, (st))
#define sk_X509_NAME_sort(st) SKM_sk_sort(X509_NAME, (st))
-#define sk_X509_NAME_is_sorted(st) SKM_sk_is_sorted(X509_NAME, (st))
#define sk_X509_NAME_ENTRY_new(st) SKM_sk_new(X509_NAME_ENTRY, (st))
#define sk_X509_NAME_ENTRY_new_null() SKM_sk_new_null(X509_NAME_ENTRY)
@@ -1395,7 +1338,6 @@ STACK_OF(type) \
#define sk_X509_NAME_ENTRY_shift(st) SKM_sk_shift(X509_NAME_ENTRY, (st))
#define sk_X509_NAME_ENTRY_pop(st) SKM_sk_pop(X509_NAME_ENTRY, (st))
#define sk_X509_NAME_ENTRY_sort(st) SKM_sk_sort(X509_NAME_ENTRY, (st))
-#define sk_X509_NAME_ENTRY_is_sorted(st) SKM_sk_is_sorted(X509_NAME_ENTRY, (st))
#define sk_X509_OBJECT_new(st) SKM_sk_new(X509_OBJECT, (st))
#define sk_X509_OBJECT_new_null() SKM_sk_new_null(X509_OBJECT)
@@ -1417,7 +1359,6 @@ STACK_OF(type) \
#define sk_X509_OBJECT_shift(st) SKM_sk_shift(X509_OBJECT, (st))
#define sk_X509_OBJECT_pop(st) SKM_sk_pop(X509_OBJECT, (st))
#define sk_X509_OBJECT_sort(st) SKM_sk_sort(X509_OBJECT, (st))
-#define sk_X509_OBJECT_is_sorted(st) SKM_sk_is_sorted(X509_OBJECT, (st))
#define sk_X509_POLICY_DATA_new(st) SKM_sk_new(X509_POLICY_DATA, (st))
#define sk_X509_POLICY_DATA_new_null() SKM_sk_new_null(X509_POLICY_DATA)
@@ -1439,7 +1380,6 @@ STACK_OF(type) \
#define sk_X509_POLICY_DATA_shift(st) SKM_sk_shift(X509_POLICY_DATA, (st))
#define sk_X509_POLICY_DATA_pop(st) SKM_sk_pop(X509_POLICY_DATA, (st))
#define sk_X509_POLICY_DATA_sort(st) SKM_sk_sort(X509_POLICY_DATA, (st))
-#define sk_X509_POLICY_DATA_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_DATA, (st))
#define sk_X509_POLICY_NODE_new(st) SKM_sk_new(X509_POLICY_NODE, (st))
#define sk_X509_POLICY_NODE_new_null() SKM_sk_new_null(X509_POLICY_NODE)
@@ -1461,7 +1401,6 @@ STACK_OF(type) \
#define sk_X509_POLICY_NODE_shift(st) SKM_sk_shift(X509_POLICY_NODE, (st))
#define sk_X509_POLICY_NODE_pop(st) SKM_sk_pop(X509_POLICY_NODE, (st))
#define sk_X509_POLICY_NODE_sort(st) SKM_sk_sort(X509_POLICY_NODE, (st))
-#define sk_X509_POLICY_NODE_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_NODE, (st))
#define sk_X509_POLICY_REF_new(st) SKM_sk_new(X509_POLICY_REF, (st))
#define sk_X509_POLICY_REF_new_null() SKM_sk_new_null(X509_POLICY_REF)
@@ -1483,7 +1422,6 @@ STACK_OF(type) \
#define sk_X509_POLICY_REF_shift(st) SKM_sk_shift(X509_POLICY_REF, (st))
#define sk_X509_POLICY_REF_pop(st) SKM_sk_pop(X509_POLICY_REF, (st))
#define sk_X509_POLICY_REF_sort(st) SKM_sk_sort(X509_POLICY_REF, (st))
-#define sk_X509_POLICY_REF_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_REF, (st))
#define sk_X509_PURPOSE_new(st) SKM_sk_new(X509_PURPOSE, (st))
#define sk_X509_PURPOSE_new_null() SKM_sk_new_null(X509_PURPOSE)
@@ -1505,7 +1443,6 @@ STACK_OF(type) \
#define sk_X509_PURPOSE_shift(st) SKM_sk_shift(X509_PURPOSE, (st))
#define sk_X509_PURPOSE_pop(st) SKM_sk_pop(X509_PURPOSE, (st))
#define sk_X509_PURPOSE_sort(st) SKM_sk_sort(X509_PURPOSE, (st))
-#define sk_X509_PURPOSE_is_sorted(st) SKM_sk_is_sorted(X509_PURPOSE, (st))
#define sk_X509_REVOKED_new(st) SKM_sk_new(X509_REVOKED, (st))
#define sk_X509_REVOKED_new_null() SKM_sk_new_null(X509_REVOKED)
@@ -1527,7 +1464,6 @@ STACK_OF(type) \
#define sk_X509_REVOKED_shift(st) SKM_sk_shift(X509_REVOKED, (st))
#define sk_X509_REVOKED_pop(st) SKM_sk_pop(X509_REVOKED, (st))
#define sk_X509_REVOKED_sort(st) SKM_sk_sort(X509_REVOKED, (st))
-#define sk_X509_REVOKED_is_sorted(st) SKM_sk_is_sorted(X509_REVOKED, (st))
#define sk_X509_TRUST_new(st) SKM_sk_new(X509_TRUST, (st))
#define sk_X509_TRUST_new_null() SKM_sk_new_null(X509_TRUST)
@@ -1549,29 +1485,6 @@ STACK_OF(type) \
#define sk_X509_TRUST_shift(st) SKM_sk_shift(X509_TRUST, (st))
#define sk_X509_TRUST_pop(st) SKM_sk_pop(X509_TRUST, (st))
#define sk_X509_TRUST_sort(st) SKM_sk_sort(X509_TRUST, (st))
-#define sk_X509_TRUST_is_sorted(st) SKM_sk_is_sorted(X509_TRUST, (st))
-
-#define sk_X509_VERIFY_PARAM_new(st) SKM_sk_new(X509_VERIFY_PARAM, (st))
-#define sk_X509_VERIFY_PARAM_new_null() SKM_sk_new_null(X509_VERIFY_PARAM)
-#define sk_X509_VERIFY_PARAM_free(st) SKM_sk_free(X509_VERIFY_PARAM, (st))
-#define sk_X509_VERIFY_PARAM_num(st) SKM_sk_num(X509_VERIFY_PARAM, (st))
-#define sk_X509_VERIFY_PARAM_value(st, i) SKM_sk_value(X509_VERIFY_PARAM, (st), (i))
-#define sk_X509_VERIFY_PARAM_set(st, i, val) SKM_sk_set(X509_VERIFY_PARAM, (st), (i), (val))
-#define sk_X509_VERIFY_PARAM_zero(st) SKM_sk_zero(X509_VERIFY_PARAM, (st))
-#define sk_X509_VERIFY_PARAM_push(st, val) SKM_sk_push(X509_VERIFY_PARAM, (st), (val))
-#define sk_X509_VERIFY_PARAM_unshift(st, val) SKM_sk_unshift(X509_VERIFY_PARAM, (st), (val))
-#define sk_X509_VERIFY_PARAM_find(st, val) SKM_sk_find(X509_VERIFY_PARAM, (st), (val))
-#define sk_X509_VERIFY_PARAM_find_ex(st, val) SKM_sk_find_ex(X509_VERIFY_PARAM, (st), (val))
-#define sk_X509_VERIFY_PARAM_delete(st, i) SKM_sk_delete(X509_VERIFY_PARAM, (st), (i))
-#define sk_X509_VERIFY_PARAM_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_VERIFY_PARAM, (st), (ptr))
-#define sk_X509_VERIFY_PARAM_insert(st, val, i) SKM_sk_insert(X509_VERIFY_PARAM, (st), (val), (i))
-#define sk_X509_VERIFY_PARAM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_VERIFY_PARAM, (st), (cmp))
-#define sk_X509_VERIFY_PARAM_dup(st) SKM_sk_dup(X509_VERIFY_PARAM, st)
-#define sk_X509_VERIFY_PARAM_pop_free(st, free_func) SKM_sk_pop_free(X509_VERIFY_PARAM, (st), (free_func))
-#define sk_X509_VERIFY_PARAM_shift(st) SKM_sk_shift(X509_VERIFY_PARAM, (st))
-#define sk_X509_VERIFY_PARAM_pop(st) SKM_sk_pop(X509_VERIFY_PARAM, (st))
-#define sk_X509_VERIFY_PARAM_sort(st) SKM_sk_sort(X509_VERIFY_PARAM, (st))
-#define sk_X509_VERIFY_PARAM_is_sorted(st) SKM_sk_is_sorted(X509_VERIFY_PARAM, (st))
#define d2i_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
SKM_ASN1_SET_OF_d2i(ACCESS_DESCRIPTION, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
diff --git a/crypto/stack/stack.c b/crypto/stack/stack.c
index 5967a2c735..9cc0a82962 100644
--- a/crypto/stack/stack.c
+++ b/crypto/stack/stack.c
@@ -332,10 +332,3 @@ void sk_sort(STACK *st)
st->sorted=1;
}
}
-
-int sk_is_sorted(const STACK *st)
- {
- if (!st)
- return 1;
- return st->sorted;
- }
diff --git a/crypto/stack/stack.h b/crypto/stack/stack.h
index 5cbb116a8b..0058d50f12 100644
--- a/crypto/stack/stack.h
+++ b/crypto/stack/stack.h
@@ -100,7 +100,6 @@ int (*sk_set_cmp_func(STACK *sk, int (*c)(const char * const *,
(const char * const *, const char * const *);
STACK *sk_dup(STACK *st);
void sk_sort(STACK *st);
-int sk_is_sorted(const STACK *st);
#ifdef __cplusplus
}
diff --git a/crypto/store/Makefile.ssl b/crypto/store/Makefile.ssl
index 29900878c2..3650e193e6 100644
--- a/crypto/store/Makefile.ssl
+++ b/crypto/store/Makefile.ssl
@@ -55,7 +55,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/symhacks.h b/crypto/symhacks.h
index 7e3602d2ea..40237178d9 100644
--- a/crypto/symhacks.h
+++ b/crypto/symhacks.h
@@ -131,8 +131,6 @@
#define X509_policy_tree_get0_user_policies X509_pcy_tree_get0_usr_policies
#undef X509_policy_node_get0_qualifiers
#define X509_policy_node_get0_qualifiers X509_pcy_node_get0_qualifiers
-#undef X509_STORE_CTX_get_explicit_policy
-#define X509_STORE_CTX_get_explicit_policy X509_STORE_CTX_get_expl_policy
/* Hack some long CRYPTO names */
#undef CRYPTO_set_dynlock_destroy_callback
diff --git a/crypto/threads/pthreads-vms.com b/crypto/threads/pthreads-vms.com
index 63f5b8cc2e..26f84bc563 100644
--- a/crypto/threads/pthreads-vms.com
+++ b/crypto/threads/pthreads-vms.com
@@ -1,9 +1,15 @@
$! To compile mttest on VMS.
$!
$! WARNING: only tested with DEC C so far.
-$
+$!
+$!
+$!
$ arch := vax
$ if f$getsyi("CPU") .ge. 128 then arch := axp
$ define/user openssl [--.include.openssl]
$ cc/def=PTHREADS mttest.c
-$ link mttest,[--.'arch'.exe.ssl]libssl/lib,[--.'arch'.exe.crypto]libcrypto/lib
+$ link /MAP/FULL/CROSS mttest, -
+ [--.'arch'.exe.ssl]libssl/lib, -
+ [--.'arch'.exe.crypto]libcrypto/lib, -
+ SYS$DISK:[--]SSL_IDENT.OPT/OPTION
+
diff --git a/crypto/txt_db/Makefile.ssl b/crypto/txt_db/Makefile.ssl
index 57b5dea702..3e2aea103b 100644
--- a/crypto/txt_db/Makefile.ssl
+++ b/crypto/txt_db/Makefile.ssl
@@ -53,7 +53,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/ui/Makefile.ssl b/crypto/ui/Makefile.ssl
index 9906d721b3..4cd90eb761 100644
--- a/crypto/ui/Makefile.ssl
+++ b/crypto/ui/Makefile.ssl
@@ -57,7 +57,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/ui/ui_openssl.c b/crypto/ui/ui_openssl.c
index 7c80f5feb2..0fce31092e 100644
--- a/crypto/ui/ui_openssl.c
+++ b/crypto/ui/ui_openssl.c
@@ -278,7 +278,14 @@ struct IOSB {
#ifdef SIGACTION
static struct sigaction savsig[NX509_SIG];
#else
+#if defined(OPENSSL_SYS_VMS) && __INITIAL_POINTER_SIZE == 64
+#pragma __required_pointer_size __save
+#pragma __required_pointer_size 32
+#endif
static void (*savsig[NX509_SIG])(int );
+#if defined(OPENSSL_SYS_VMS) && __INITIAL_POINTER_SIZE == 64
+#pragma __required_pointer_size __restore
+#endif
#endif
#ifdef OPENSSL_SYS_VMS
diff --git a/crypto/x509/Makefile.ssl b/crypto/x509/Makefile.ssl
index e9293a8484..031b0a1230 100644
--- a/crypto/x509/Makefile.ssl
+++ b/crypto/x509/Makefile.ssl
@@ -28,13 +28,13 @@ LIBSRC= x509_def.c x509_d2.c x509_r2x.c x509_cmp.c \
x509_set.c x509cset.c x509rset.c x509_err.c \
x509name.c x509_v3.c x509_ext.c x509_att.c \
x509type.c x509_lu.c x_all.c x509_txt.c \
- x509_trs.c by_file.c by_dir.c x509_vpm.c
+ x509_trs.c by_file.c by_dir.c
LIBOBJ= x509_def.o x509_d2.o x509_r2x.o x509_cmp.o \
x509_obj.o x509_req.o x509spki.o x509_vfy.o \
x509_set.o x509cset.o x509rset.o x509_err.o \
x509name.o x509_v3.o x509_ext.o x509_att.o \
x509type.o x509_lu.o x_all.o x509_txt.o \
- x509_trs.o by_file.o by_dir.o x509_vpm.o
+ x509_trs.o by_file.o by_dir.o
SRC= $(LIBSRC)
@@ -63,7 +63,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
@@ -317,20 +317,6 @@ x509_vfy.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
x509_vfy.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
x509_vfy.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
x509_vfy.o: ../cryptlib.h x509_vfy.c
-x509_vpm.o: ../../e_os.h ../../include/openssl/asn1.h
-x509_vpm.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-x509_vpm.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-x509_vpm.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-x509_vpm.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-x509_vpm.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_vpm.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x509_vpm.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x509_vpm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_vpm.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x509_vpm.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_vpm.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509_vpm.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-x509_vpm.o: ../cryptlib.h x509_vpm.c
x509cset.o: ../../e_os.h ../../include/openssl/asn1.h
x509cset.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
x509cset.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c
index a5e0d4aefa..b4b04183d0 100644
--- a/crypto/x509/by_file.c
+++ b/crypto/x509/by_file.c
@@ -150,7 +150,7 @@ int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type)
x=PEM_read_bio_X509_AUX(in,NULL,NULL,NULL);
if (x == NULL)
{
- if ((ERR_GET_REASON(ERR_peek_last_error()) ==
+ if ((ERR_GET_REASON(ERR_peek_error()) ==
PEM_R_NO_START_LINE) && (count > 0))
{
ERR_clear_error();
@@ -217,7 +217,7 @@ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type)
x=PEM_read_bio_X509_CRL(in,NULL,NULL,NULL);
if (x == NULL)
{
- if ((ERR_GET_REASON(ERR_peek_last_error()) ==
+ if ((ERR_GET_REASON(ERR_peek_error()) ==
PEM_R_NO_START_LINE) && (count > 0))
{
ERR_clear_error();
diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h
index 46673fddd1..edf1cd4939 100644
--- a/crypto/x509/x509.h
+++ b/crypto/x509/x509.h
@@ -280,7 +280,6 @@ struct x509_st
CRYPTO_EX_DATA ex_data;
/* These contain copies of various extension values */
long ex_pathlen;
- long ex_pcpathlen;
unsigned long ex_flags;
unsigned long ex_kusage;
unsigned long ex_xkusage;
@@ -436,7 +435,6 @@ typedef struct X509_crl_info_st
ASN1_TIME *nextUpdate;
STACK_OF(X509_REVOKED) *revoked;
STACK_OF(X509_EXTENSION) /* [0] */ *extensions;
- ASN1_ENCODING enc;
} X509_CRL_INFO;
struct X509_crl_st
diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
index 0d6bc653b2..5dfdcd41cb 100644
--- a/crypto/x509/x509_cmp.c
+++ b/crypto/x509/x509_cmp.c
@@ -254,49 +254,33 @@ static int nocase_spacenorm_cmp(const ASN1_STRING *a, const ASN1_STRING *b)
return 0;
}
-static int asn1_string_memcmp(ASN1_STRING *a, ASN1_STRING *b)
- {
- int j;
- j = a->length - b->length;
- if (j)
- return j;
- return memcmp(a->data, b->data, a->length);
- }
-
-#define STR_TYPE_CMP (B_ASN1_PRINTABLESTRING|B_ASN1_T61STRING|B_ASN1_UTF8STRING)
-
int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b)
{
int i,j;
X509_NAME_ENTRY *na,*nb;
- unsigned long nabit, nbbit;
-
- j = sk_X509_NAME_ENTRY_num(a->entries)
- - sk_X509_NAME_ENTRY_num(b->entries);
- if (j)
- return j;
+ if (sk_X509_NAME_ENTRY_num(a->entries)
+ != sk_X509_NAME_ENTRY_num(b->entries))
+ return sk_X509_NAME_ENTRY_num(a->entries)
+ -sk_X509_NAME_ENTRY_num(b->entries);
for (i=sk_X509_NAME_ENTRY_num(a->entries)-1; i>=0; i--)
{
na=sk_X509_NAME_ENTRY_value(a->entries,i);
nb=sk_X509_NAME_ENTRY_value(b->entries,i);
j=na->value->type-nb->value->type;
- if (j)
- {
- nabit = ASN1_tag2bit(na->value->type);
- nbbit = ASN1_tag2bit(nb->value->type);
- if (!(nabit & STR_TYPE_CMP) ||
- !(nbbit & STR_TYPE_CMP))
- return j;
- j = asn1_string_memcmp(na->value, nb->value);
- }
- else if (na->value->type == V_ASN1_PRINTABLESTRING)
+ if (j) return(j);
+ if (na->value->type == V_ASN1_PRINTABLESTRING)
j=nocase_spacenorm_cmp(na->value, nb->value);
else if (na->value->type == V_ASN1_IA5STRING
&& OBJ_obj2nid(na->object) == NID_pkcs9_emailAddress)
j=nocase_cmp(na->value, nb->value);
else
- j = asn1_string_memcmp(na->value, nb->value);
+ {
+ j=na->value->length-nb->value->length;
+ if (j) return(j);
+ j=memcmp(na->value->data,nb->value->data,
+ na->value->length);
+ }
if (j) return(j);
j=na->set-nb->set;
if (j) return(j);
diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c
index 8c7f22b0d9..b780dae5e2 100644
--- a/crypto/x509/x509_lu.c
+++ b/crypto/x509/x509_lu.c
@@ -187,8 +187,10 @@ X509_STORE *X509_STORE_new(void)
ret->verify=0;
ret->verify_cb=0;
- if ((ret->param = X509_VERIFY_PARAM_new()) == NULL)
- return NULL;
+ ret->purpose = 0;
+ ret->trust = 0;
+
+ ret->flags = 0;
ret->get_issuer = 0;
ret->check_issued = 0;
@@ -200,6 +202,7 @@ X509_STORE *X509_STORE_new(void)
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data);
ret->references=1;
+ ret->depth=0;
return ret;
}
@@ -241,8 +244,6 @@ void X509_STORE_free(X509_STORE *vfy)
sk_X509_OBJECT_pop_free(vfy->objs, cleanup);
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE, vfy, &vfy->ex_data);
- if (vfy->param)
- X509_VERIFY_PARAM_free(vfy->param);
OPENSSL_free(vfy);
}
@@ -537,30 +538,19 @@ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
return 0;
}
-int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags)
+void X509_STORE_set_flags(X509_STORE *ctx, long flags)
{
- return X509_VERIFY_PARAM_set_flags(ctx->param, flags);
- }
-
-int X509_STORE_set_depth(X509_STORE *ctx, int depth)
- {
- X509_VERIFY_PARAM_set_depth(ctx->param, depth);
- return 1;
+ ctx->flags |= flags;
}
int X509_STORE_set_purpose(X509_STORE *ctx, int purpose)
{
- return X509_VERIFY_PARAM_set_purpose(ctx->param, purpose);
+ return X509_PURPOSE_set(&ctx->purpose, purpose);
}
int X509_STORE_set_trust(X509_STORE *ctx, int trust)
{
- return X509_VERIFY_PARAM_set_trust(ctx->param, trust);
- }
-
-int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *param)
- {
- return X509_VERIFY_PARAM_set1(ctx->param, param);
+ return X509_TRUST_set(&ctx->trust, trust);
}
IMPLEMENT_STACK_OF(X509_LOOKUP)
diff --git a/crypto/x509/x509_r2x.c b/crypto/x509/x509_r2x.c
index fb8a78dabe..db051033d9 100644
--- a/crypto/x509/x509_r2x.c
+++ b/crypto/x509/x509_r2x.c
@@ -92,10 +92,8 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey)
X509_set_subject_name(ret,X509_NAME_dup(xn));
X509_set_issuer_name(ret,X509_NAME_dup(xn));
- if (X509_gmtime_adj(xi->validity->notBefore,0) == NULL)
- goto err;
- if (X509_gmtime_adj(xi->validity->notAfter,(long)60*60*24*days) == NULL)
- goto err;
+ X509_gmtime_adj(xi->validity->notBefore,0);
+ X509_gmtime_adj(xi->validity->notAfter,(long)60*60*24*days);
X509_set_pubkey(ret,X509_REQ_get_pubkey(r));
diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c
index ab13bcfc06..f70c6ab075 100644
--- a/crypto/x509/x509_req.c
+++ b/crypto/x509/x509_req.c
@@ -158,7 +158,7 @@ int X509_REQ_check_private_key(X509_REQ *x, EVP_PKEY *k)
* used and there may be more: so the list is configurable.
*/
-static int ext_nid_list[] = { NID_ext_req, NID_ms_ext_req, NID_undef};
+static int ext_nid_list[] = { NID_ms_ext_req, NID_ext_req, NID_undef};
static int *ext_nids = ext_nid_list;
@@ -183,27 +183,27 @@ void X509_REQ_set_extension_nids(int *nids)
}
STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req)
- {
+{
X509_ATTRIBUTE *attr;
+ STACK_OF(X509_ATTRIBUTE) *sk;
ASN1_TYPE *ext = NULL;
- int idx, *pnid;
+ int i;
const unsigned char *p;
- if ((req == NULL) || (req->req_info == NULL) || !ext_nids)
+ if ((req == NULL) || (req->req_info == NULL))
return(NULL);
- for (pnid = ext_nids; *pnid != NID_undef; pnid++)
- {
- idx = X509_REQ_get_attr_by_NID(req, *pnid, -1);
- if (idx == -1)
- continue;
- attr = X509_REQ_get_attr(req, idx);
- if(attr->single) ext = attr->value.single;
- else if(sk_ASN1_TYPE_num(attr->value.set))
- ext = sk_ASN1_TYPE_value(attr->value.set, 0);
- break;
+ sk=req->req_info->attributes;
+ if (!sk) return NULL;
+ for(i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
+ attr = sk_X509_ATTRIBUTE_value(sk, i);
+ if(X509_REQ_extension_nid(OBJ_obj2nid(attr->object))) {
+ if(attr->single) ext = attr->value.single;
+ else if(sk_ASN1_TYPE_num(attr->value.set))
+ ext = sk_ASN1_TYPE_value(attr->value.set, 0);
+ break;
}
- if(!ext || (ext->type != V_ASN1_SEQUENCE))
- return NULL;
+ }
+ if(!ext || (ext->type != V_ASN1_SEQUENCE)) return NULL;
p = ext->value.sequence->data;
return d2i_ASN1_SET_OF_X509_EXTENSION(NULL, &p,
ext->value.sequence->length,
diff --git a/crypto/x509/x509_txt.c b/crypto/x509/x509_txt.c
index 247e7e178a..e31ebc6741 100644
--- a/crypto/x509/x509_txt.c
+++ b/crypto/x509/x509_txt.c
@@ -122,12 +122,8 @@ const char *X509_verify_cert_error_string(long n)
return("certificate revoked");
case X509_V_ERR_INVALID_CA:
return ("invalid CA certificate");
- case X509_V_ERR_INVALID_NON_CA:
- return ("invalid non-CA certificate (has CA markings)");
case X509_V_ERR_PATH_LENGTH_EXCEEDED:
return ("path length constraint exceeded");
- case X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED:
- return("proxy path length constraint exceeded");
case X509_V_ERR_INVALID_PURPOSE:
return ("unsupported certificate purpose");
case X509_V_ERR_CERT_UNTRUSTED:
@@ -144,22 +140,19 @@ const char *X509_verify_cert_error_string(long n)
return("authority and issuer serial number mismatch");
case X509_V_ERR_KEYUSAGE_NO_CERTSIGN:
return("key usage does not include certificate signing");
+
case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER:
return("unable to get CRL issuer certificate");
+
case X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION:
return("unhandled critical extension");
+
case X509_V_ERR_KEYUSAGE_NO_CRL_SIGN:
return("key usage does not include CRL signing");
- case X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE:
- return("key usage does not include digital signature");
+
case X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION:
return("unhandled critical CRL extension");
- case X509_V_ERR_INVALID_EXTENSION:
- return("invalid or inconsistent certificate extension");
- case X509_V_ERR_INVALID_POLICY_EXTENSION:
- return("invalid or inconsistent certificate policy extension");
- case X509_V_ERR_NO_EXPLICIT_POLICY:
- return("no explicit policy");
+
default:
BIO_snprintf(buf,sizeof buf,"error number %ld",n);
return(buf);
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index ffc07cce6f..3e82f95486 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -73,11 +73,10 @@
static int null_callback(int ok,X509_STORE_CTX *e);
static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x);
-static int check_chain_extensions(X509_STORE_CTX *ctx);
+static int check_chain_purpose(X509_STORE_CTX *ctx);
static int check_trust(X509_STORE_CTX *ctx);
static int check_revocation(X509_STORE_CTX *ctx);
static int check_cert(X509_STORE_CTX *ctx);
-static int check_policy(X509_STORE_CTX *ctx);
static int internal_verify(X509_STORE_CTX *ctx);
const char *X509_version="X.509" OPENSSL_VERSION_PTEXT;
@@ -98,12 +97,11 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
{
X509 *x,*xtmp,*chain_ss=NULL;
X509_NAME *xn;
- int bad_chain = 0;
- X509_VERIFY_PARAM *param = ctx->param;
int depth,i,ok=0;
int num;
int (*cb)();
STACK_OF(X509) *sktmp=NULL;
+
if (ctx->cert == NULL)
{
X509err(X509_F_X509_VERIFY_CERT,X509_R_NO_CERT_SET_FOR_US_TO_VERIFY);
@@ -136,7 +134,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
num=sk_X509_num(ctx->chain);
x=sk_X509_value(ctx->chain,num-1);
- depth=param->depth;
+ depth=ctx->depth;
for (;;)
@@ -203,7 +201,6 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
ctx->current_cert=x;
ctx->error_depth=i-1;
if (ok == 1) X509_free(xtmp);
- bad_chain = 1;
ok=cb(0,ctx);
if (!ok) goto end;
}
@@ -279,19 +276,18 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
}
ctx->error_depth=num-1;
- bad_chain = 1;
ok=cb(0,ctx);
if (!ok) goto end;
}
/* We have the chain complete: now we need to check its purpose */
- ok = check_chain_extensions(ctx);
+ if (ctx->purpose > 0) ok = check_chain_purpose(ctx);
if (!ok) goto end;
/* The chain extensions are OK: check trust */
- if (param->trust > 0) ok = check_trust(ctx);
+ if (ctx->trust > 0) ok = check_trust(ctx);
if (!ok) goto end;
@@ -305,17 +301,11 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
ok = ctx->check_revocation(ctx);
if(!ok) goto end;
- /* At this point, we have a chain and need to verify it */
+ /* At this point, we have a chain and just need to verify it */
if (ctx->verify != NULL)
ok=ctx->verify(ctx);
else
ok=internal_verify(ctx);
- if(!ok) goto end;
-
- /* If we get this far evaluate policies */
- if (!bad_chain && (ctx->param->flags & X509_V_FLAG_POLICY_CHECK))
- ok = ctx->check_policy(ctx);
- if(!ok) goto end;
if (0)
{
end:
@@ -352,7 +342,7 @@ static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer)
if (ret == X509_V_OK)
return 1;
/* If we haven't asked for issuer errors don't set ctx */
- if (!(ctx->param->flags & X509_V_FLAG_CB_ISSUER_CHECK))
+ if (!(ctx->flags & X509_V_FLAG_CB_ISSUER_CHECK))
return 0;
ctx->error = ret;
@@ -381,32 +371,21 @@ static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
* with the supplied purpose
*/
-static int check_chain_extensions(X509_STORE_CTX *ctx)
+static int check_chain_purpose(X509_STORE_CTX *ctx)
{
#ifdef OPENSSL_NO_CHAIN_VERIFY
return 1;
#else
- int i, ok=0, must_be_ca;
+ int i, ok=0;
X509 *x;
int (*cb)();
- int proxy_path_length = 0;
cb=ctx->verify_cb;
-
- /* must_be_ca can have 1 of 3 values:
- -1: we accept both CA and non-CA certificates, to allow direct
- use of self-signed certificates (which are marked as CA).
- 0: we only accept non-CA certificates. This is currently not
- used, but the possibility is present for future extensions.
- 1: we only accept CA certificates. This is currently used for
- all certificates in the chain except the leaf certificate.
- */
- must_be_ca = -1;
/* Check all untrusted certificates */
for (i = 0; i < ctx->last_untrusted; i++)
{
int ret;
x = sk_X509_value(ctx->chain, i);
- if (!(ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL)
+ if (!(ctx->flags & X509_V_FLAG_IGNORE_CRITICAL)
&& (x->ex_flags & EXFLAG_CRITICAL))
{
ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION;
@@ -415,65 +394,23 @@ static int check_chain_extensions(X509_STORE_CTX *ctx)
ok=cb(0,ctx);
if (!ok) goto end;
}
- ret = X509_check_ca(x);
- switch(must_be_ca)
+ ret = X509_check_purpose(x, ctx->purpose, i);
+ if ((ret == 0)
+ || ((ctx->flags & X509_V_FLAG_X509_STRICT)
+ && (ret != 1)))
{
- case -1:
- if ((ctx->param->flags & X509_V_FLAG_X509_STRICT)
- && (ret != 1) && (ret != 0))
- {
- ret = 0;
+ if (i)
ctx->error = X509_V_ERR_INVALID_CA;
- }
else
- ret = 1;
- break;
- case 0:
- if (ret != 0)
- {
- ret = 0;
- ctx->error = X509_V_ERR_INVALID_NON_CA;
- }
- else
- ret = 1;
- break;
- default:
- if ((ret == 0)
- || ((ctx->param->flags & X509_V_FLAG_X509_STRICT)
- && (ret != 1)))
- {
- ret = 0;
- ctx->error = X509_V_ERR_INVALID_CA;
- }
- else
- ret = 1;
- break;
- }
- if (ret == 0)
- {
+ ctx->error = X509_V_ERR_INVALID_PURPOSE;
ctx->error_depth = i;
ctx->current_cert = x;
ok=cb(0,ctx);
if (!ok) goto end;
}
- if (ctx->param->purpose > 0)
- {
- ret = X509_check_purpose(x, ctx->param->purpose,
- must_be_ca > 0);
- if ((ret == 0)
- || ((ctx->param->flags & X509_V_FLAG_X509_STRICT)
- && (ret != 1)))
- {
- ctx->error = X509_V_ERR_INVALID_PURPOSE;
- ctx->error_depth = i;
- ctx->current_cert = x;
- ok=cb(0,ctx);
- if (!ok) goto end;
- }
- }
/* Check pathlen */
if ((i > 1) && (x->ex_pathlen != -1)
- && (i > (x->ex_pathlen + proxy_path_length + 1)))
+ && (i > (x->ex_pathlen + 1)))
{
ctx->error = X509_V_ERR_PATH_LENGTH_EXCEEDED;
ctx->error_depth = i;
@@ -481,26 +418,6 @@ static int check_chain_extensions(X509_STORE_CTX *ctx)
ok=cb(0,ctx);
if (!ok) goto end;
}
- /* If this certificate is a proxy certificate, the next
- certificate must be another proxy certificate or a EE
- certificate. If not, the next certificate must be a
- CA certificate. */
- if (x->ex_flags & EXFLAG_PROXY)
- {
- if (x->ex_pcpathlen != -1 && i > x->ex_pcpathlen)
- {
- ctx->error =
- X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED;
- ctx->error_depth = i;
- ctx->current_cert = x;
- ok=cb(0,ctx);
- if (!ok) goto end;
- }
- proxy_path_length++;
- must_be_ca = 0;
- }
- else
- must_be_ca = 1;
}
ok = 1;
end:
@@ -520,7 +437,7 @@ static int check_trust(X509_STORE_CTX *ctx)
/* For now just check the last certificate in the chain */
i = sk_X509_num(ctx->chain) - 1;
x = sk_X509_value(ctx->chain, i);
- ok = X509_check_trust(x, ctx->param->trust, 0);
+ ok = X509_check_trust(x, ctx->trust, 0);
if (ok == X509_TRUST_TRUSTED)
return 1;
ctx->error_depth = i;
@@ -537,9 +454,9 @@ static int check_trust(X509_STORE_CTX *ctx)
static int check_revocation(X509_STORE_CTX *ctx)
{
int i, last, ok;
- if (!(ctx->param->flags & X509_V_FLAG_CRL_CHECK))
+ if (!(ctx->flags & X509_V_FLAG_CRL_CHECK))
return 1;
- if (ctx->param->flags & X509_V_FLAG_CRL_CHECK_ALL)
+ if (ctx->flags & X509_V_FLAG_CRL_CHECK_ALL)
last = sk_X509_num(ctx->chain) - 1;
else
last = 0;
@@ -589,8 +506,8 @@ static int check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify)
time_t *ptime;
int i;
ctx->current_crl = crl;
- if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)
- ptime = &ctx->param->check_time;
+ if (ctx->flags & X509_V_FLAG_USE_CHECK_TIME)
+ ptime = &ctx->check_time;
else
ptime = NULL;
@@ -779,15 +696,6 @@ static int cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x)
X509_EXTENSION *ext;
/* Look for serial number of certificate in CRL */
rtmp.serialNumber = X509_get_serialNumber(x);
- /* Sort revoked into serial number order if not already sorted.
- * Do this under a lock to avoid race condition.
- */
- if (!sk_X509_REVOKED_is_sorted(crl->crl->revoked))
- {
- CRYPTO_w_lock(CRYPTO_LOCK_X509_CRL);
- sk_X509_REVOKED_sort(crl->crl->revoked);
- CRYPTO_w_unlock(CRYPTO_LOCK_X509_CRL);
- }
idx = sk_X509_REVOKED_find(crl->crl->revoked, &rtmp);
/* If found assume revoked: want something cleverer than
* this to handle entry extensions in V2 CRLs.
@@ -799,7 +707,7 @@ static int cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x)
if (!ok) return 0;
}
- if (ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL)
+ if (ctx->flags & X509_V_FLAG_IGNORE_CRITICAL)
return 1;
/* See if we have any critical CRL extensions: since we
@@ -826,60 +734,13 @@ static int cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x)
return 1;
}
-static int check_policy(X509_STORE_CTX *ctx)
- {
- int ret;
- ret = X509_policy_check(&ctx->tree, &ctx->explicit_policy, ctx->chain,
- ctx->param->policies, ctx->param->flags);
- if (ret == 0)
- {
- X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- /* Invalid or inconsistent extensions */
- if (ret == -1)
- {
- /* Locate certificates with bad extensions and notify
- * callback.
- */
- X509 *x;
- int i;
- for (i = 1; i < sk_X509_num(ctx->chain); i++)
- {
- x = sk_X509_value(ctx->chain, i);
- if (!(x->ex_flags & EXFLAG_INVALID_POLICY))
- continue;
- ctx->current_cert = x;
- ctx->error = X509_V_ERR_INVALID_POLICY_EXTENSION;
- ret = ctx->verify_cb(0, ctx);
- }
- return 1;
- }
- if (ret == -2)
- {
- ctx->current_cert = NULL;
- ctx->error = X509_V_ERR_NO_EXPLICIT_POLICY;
- return ctx->verify_cb(0, ctx);
- }
-
- if (ctx->param->flags & X509_V_FLAG_NOTIFY_POLICY)
- {
- ctx->current_cert = NULL;
- ctx->error = X509_V_OK;
- if (!ctx->verify_cb(2, ctx))
- return 0;
- }
-
- return 1;
- }
-
static int check_cert_time(X509_STORE_CTX *ctx, X509 *x)
{
time_t *ptime;
int i;
- if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)
- ptime = &ctx->param->check_time;
+ if (ctx->flags & X509_V_FLAG_USE_CHECK_TIME)
+ ptime = &ctx->check_time;
else
ptime = NULL;
@@ -994,7 +855,6 @@ static int internal_verify(X509_STORE_CTX *ctx)
goto end;
/* The last error (if any) is still in the error value */
- ctx->current_issuer=xi;
ctx->current_cert=xs;
ok=(*cb)(1,ctx);
if (!ok) goto end;
@@ -1074,8 +934,7 @@ int X509_cmp_time(ASN1_TIME *ctm, time_t *cmp_time)
atm.length=sizeof(buff2);
atm.data=(unsigned char *)buff2;
- if (X509_time_adj(&atm,-offset*60, cmp_time) == NULL)
- return 0;
+ X509_time_adj(&atm,-offset*60, cmp_time);
if (ctm->type == V_ASN1_UTCTIME)
{
@@ -1292,8 +1151,8 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
}
}
- if (purpose && !ctx->param->purpose) ctx->param->purpose = purpose;
- if (trust && !ctx->param->trust) ctx->param->trust = trust;
+ if (purpose && !ctx->purpose) ctx->purpose = purpose;
+ if (trust && !ctx->trust) ctx->trust = trust;
return 1;
}
@@ -1319,30 +1178,20 @@ void X509_STORE_CTX_free(X509_STORE_CTX *ctx)
int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
STACK_OF(X509) *chain)
{
- int ret = 1;
ctx->ctx=store;
ctx->current_method=0;
ctx->cert=x509;
ctx->untrusted=chain;
- ctx->crls = NULL;
ctx->last_untrusted=0;
+ ctx->check_time=0;
ctx->other_ctx=NULL;
ctx->valid=0;
ctx->chain=NULL;
+ ctx->depth=9;
ctx->error=0;
- ctx->explicit_policy=0;
ctx->error_depth=0;
ctx->current_cert=NULL;
ctx->current_issuer=NULL;
- ctx->tree = NULL;
-
- ctx->param = X509_VERIFY_PARAM_new();
-
- if (!ctx->param)
- {
- X509err(X509_F_X509_STORE_CTX_INIT,ERR_R_MALLOC_FAILURE);
- return 0;
- }
/* Inherit callbacks and flags from X509_STORE if not set
* use defaults.
@@ -1350,26 +1199,18 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
if (store)
- ret = X509_VERIFY_PARAM_inherit(ctx->param, store->param);
- else
- ctx->param->flags |= X509_VP_FLAG_DEFAULT|X509_VP_FLAG_ONCE;
-
- if (store)
{
- ctx->verify_cb = store->verify_cb;
+ ctx->purpose=store->purpose;
+ ctx->trust=store->trust;
+ ctx->flags = store->flags;
ctx->cleanup = store->cleanup;
}
else
- ctx->cleanup = 0;
-
- if (ret)
- ret = X509_VERIFY_PARAM_inherit(ctx->param,
- X509_VERIFY_PARAM_lookup("default"));
-
- if (ret == 0)
{
- X509err(X509_F_X509_STORE_CTX_INIT,ERR_R_MALLOC_FAILURE);
- return 0;
+ ctx->purpose = 0;
+ ctx->trust = 0;
+ ctx->flags = 0;
+ ctx->cleanup = 0;
}
if (store && store->check_issued)
@@ -1412,8 +1253,6 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
else
ctx->cert_crl = cert_crl;
- ctx->check_policy = check_policy;
-
/* This memset() can't make any sense anyway, so it's removed. As
* X509_STORE_CTX_cleanup does a proper "free" on the ex_data, we put a
@@ -1442,9 +1281,6 @@ void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx)
{
if (ctx->cleanup) ctx->cleanup(ctx);
- X509_VERIFY_PARAM_free(ctx->param);
- if (ctx->tree)
- X509_policy_tree_free(ctx->tree);
if (ctx->chain != NULL)
{
sk_X509_pop_free(ctx->chain,X509_free);
@@ -1454,19 +1290,15 @@ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx)
memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA));
}
-void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth)
- {
- X509_VERIFY_PARAM_set_depth(ctx->param, depth);
- }
-
-void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags)
+void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, long flags)
{
- X509_VERIFY_PARAM_set_flags(ctx->param, flags);
+ ctx->flags |= flags;
}
-void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags, time_t t)
+void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, long flags, time_t t)
{
- X509_VERIFY_PARAM_set_time(ctx->param, t);
+ ctx->check_time = t;
+ ctx->flags |= X509_V_FLAG_USE_CHECK_TIME;
}
void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
@@ -1475,37 +1307,6 @@ void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
ctx->verify_cb=verify_cb;
}
-X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx)
- {
- return ctx->tree;
- }
-
-int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx)
- {
- return ctx->explicit_policy;
- }
-
-int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name)
- {
- const X509_VERIFY_PARAM *param;
- param = X509_VERIFY_PARAM_lookup(name);
- if (!param)
- return 0;
- return X509_VERIFY_PARAM_inherit(ctx->param, param);
- }
-
-X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx)
- {
- return ctx->param;
- }
-
-void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param)
- {
- if (ctx->param)
- X509_VERIFY_PARAM_free(ctx->param);
- ctx->param = param;
- }
-
IMPLEMENT_STACK_OF(X509)
IMPLEMENT_ASN1_SET_OF(X509)
diff --git a/crypto/x509/x509_vfy.h b/crypto/x509/x509_vfy.h
index 33ace72671..5a5741df08 100644
--- a/crypto/x509/x509_vfy.h
+++ b/crypto/x509/x509_vfy.h
@@ -156,25 +156,6 @@ typedef struct x509_lookup_method_st
X509_OBJECT *ret);
} X509_LOOKUP_METHOD;
-/* This structure hold all parameters associated with a verify operation
- * by including an X509_VERIFY_PARAM structure in related structures the
- * parameters used can be customized
- */
-
-typedef struct X509_VERIFY_PARAM_st
- {
- char *name;
- time_t check_time; /* Time to use */
- unsigned long inh_flags; /* Inheritance flags */
- unsigned long flags; /* Various verify flags */
- int purpose; /* purpose to check untrusted certificates */
- int trust; /* trust setting to check */
- int depth; /* Verify depth */
- STACK_OF(ASN1_OBJECT) *policies; /* Permissible policies */
- } X509_VERIFY_PARAM;
-
-DECLARE_STACK_OF(X509_VERIFY_PARAM)
-
/* This is used to hold everything. It is used for all certificate
* validation. Once we have a certificate chain, the 'verify'
* function is then called to actually check the cert chain. */
@@ -187,8 +168,13 @@ struct x509_store_st
/* These are external lookup methods */
STACK_OF(X509_LOOKUP) *get_cert_methods;
- X509_VERIFY_PARAM *param;
+ /* The following fields are not used by X509_STORE but are
+ * inherited by X509_STORE_CTX when it is initialised.
+ */
+ unsigned long flags; /* Various verify flags */
+ int purpose;
+ int trust;
/* Callbacks for various operations */
int (*verify)(X509_STORE_CTX *ctx); /* called to verify a certificate */
int (*verify_cb)(int ok,X509_STORE_CTX *ctx); /* error callback */
@@ -202,9 +188,10 @@ struct x509_store_st
CRYPTO_EX_DATA ex_data;
int references;
+ int depth; /* how deep to look (still unused -- X509_STORE_CTX's depth is used) */
} /* X509_STORE */;
-int X509_STORE_set_depth(X509_STORE *store, int depth);
+#define X509_STORE_set_depth(ctx,d) ((ctx)->depth=(d))
#define X509_STORE_set_verify_cb_func(ctx,func) ((ctx)->verify_cb=(func))
#define X509_STORE_set_verify_func(ctx,func) ((ctx)->verify=(func))
@@ -231,9 +218,11 @@ struct x509_store_ctx_st /* X509_STORE_CTX */
/* The following are set by the caller */
X509 *cert; /* The cert to check */
STACK_OF(X509) *untrusted; /* chain of X509s - untrusted - passed in */
- STACK_OF(X509_CRL) *crls; /* set of CRLs passed in */
-
- X509_VERIFY_PARAM *param;
+ STACK_OF(X509_CRL) *crls; /* CRLs */
+ int purpose; /* purpose to check untrusted certificates */
+ int trust; /* trust setting to check */
+ time_t check_time; /* time to make verify at */
+ unsigned long flags; /* Various verify flags */
void *other_ctx; /* Other info for use with get_issuer() */
/* Callbacks for various operations */
@@ -245,16 +234,13 @@ struct x509_store_ctx_st /* X509_STORE_CTX */
int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */
int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */
int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */
- int (*check_policy)(X509_STORE_CTX *ctx);
int (*cleanup)(X509_STORE_CTX *ctx);
/* The following is built up */
+ int depth; /* how far to go looking up certs */
int valid; /* if 0, rebuild chain */
int last_untrusted; /* index of last untrusted cert */
STACK_OF(X509) *chain; /* chain of X509s - built up and trusted */
- X509_POLICY_TREE *tree; /* Valid policy tree */
-
- int explicit_policy; /* Require explicit policy value */
/* When something goes wrong, this is why */
int error_depth;
@@ -266,7 +252,7 @@ struct x509_store_ctx_st /* X509_STORE_CTX */
CRYPTO_EX_DATA ex_data;
} /* X509_STORE_CTX */;
-void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
+#define X509_STORE_CTX_set_depth(ctx,d) ((ctx)->depth=(d))
#define X509_STORE_CTX_set_app_data(ctx,data) \
X509_STORE_CTX_set_ex_data(ctx,0,data)
@@ -322,14 +308,6 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
#define X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION 34
#define X509_V_ERR_KEYUSAGE_NO_CRL_SIGN 35
#define X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION 36
-#define X509_V_ERR_INVALID_NON_CA 37
-#define X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED 38
-#define X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE 39
-
-#define X509_V_ERR_INVALID_EXTENSION 40
-#define X509_V_ERR_INVALID_POLICY_EXTENSION 41
-#define X509_V_ERR_NO_EXPLICIT_POLICY 42
-
/* The application is not happy */
#define X509_V_ERR_APPLICATION_VERIFICATION 50
@@ -352,24 +330,10 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
#define X509_V_FLAG_POLICY_CHECK 0x40
/* Policy variable require-explicit-policy */
#define X509_V_FLAG_EXPLICIT_POLICY 0x80
-/* Policy variable inhibit-any-policy */
-#define X509_V_FLAG_INHIBIT_ANY 0x100
/* Policy variable inhibit-policy-mapping */
+#define X509_V_FLAG_INHIBIT_ANY 0x100
+/* Policy variable inhibit-any-policy */
#define X509_V_FLAG_INHIBIT_MAP 0x200
-/* Notify callback that policy is OK */
-#define X509_V_FLAG_NOTIFY_POLICY 0x800
-
-#define X509_VP_FLAG_DEFAULT 0x1
-#define X509_VP_FLAG_OVERWRITE 0x2
-#define X509_VP_FLAG_RESET_FLAGS 0x4
-#define X509_VP_FLAG_LOCKED 0x8
-#define X509_VP_FLAG_ONCE 0x10
-
-/* Internal use: mask of policy related options */
-#define X509_V_FLAG_POLICY_MASK (X509_V_FLAG_POLICY_CHECK \
- | X509_V_FLAG_EXPLICIT_POLICY \
- | X509_V_FLAG_INHIBIT_ANY \
- | X509_V_FLAG_INHIBIT_MAP)
int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
X509_NAME *name);
@@ -380,10 +344,9 @@ void X509_OBJECT_free_contents(X509_OBJECT *a);
X509_STORE *X509_STORE_new(void );
void X509_STORE_free(X509_STORE *v);
-int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
+void X509_STORE_set_flags(X509_STORE *ctx, long flags);
int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
int X509_STORE_set_trust(X509_STORE *ctx, int trust);
-int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm);
X509_STORE_CTX *X509_STORE_CTX_new(void);
@@ -452,42 +415,10 @@ int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose);
int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust);
int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
int purpose, int trust);
-void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags);
-void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags,
- time_t t);
+void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, long flags);
+void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, long flags, time_t t);
void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
int (*verify_cb)(int, X509_STORE_CTX *));
-
-X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx);
-int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx);
-
-X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
-void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
-int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
-
-/* X509_VERIFY_PARAM functions */
-
-X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void);
-void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param);
-int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *to,
- const X509_VERIFY_PARAM *from);
-int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to,
- const X509_VERIFY_PARAM *from);
-int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name);
-int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags);
-int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
-int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
-void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
-void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
-int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
- ASN1_OBJECT *policy);
-int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
- STACK_OF(ASN1_OBJECT) *policies);
-int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
-
-int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param);
-const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name);
-void X509_VERIFY_PARAM_table_cleanup(void);
int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy,
STACK_OF(X509) *certs,
diff --git a/crypto/x509/x509cset.c b/crypto/x509/x509cset.c
index 9d1646d5c8..6cac440ea9 100644
--- a/crypto/x509/x509cset.c
+++ b/crypto/x509/x509cset.c
@@ -129,7 +129,6 @@ int X509_CRL_sort(X509_CRL *c)
r=sk_X509_REVOKED_value(c->crl->revoked,i);
r->sequence=i;
}
- c->crl->enc.modified = 1;
return 1;
}
diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c
index 4701959b1e..eb33e0f6e6 100644
--- a/crypto/x509/x_all.c
+++ b/crypto/x509/x_all.c
@@ -105,7 +105,6 @@ int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md)
int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md)
{
- x->crl->enc.modified = 1;
return(ASN1_item_sign(ASN1_ITEM_rptr(X509_CRL_INFO),x->crl->sig_alg,
x->sig_alg, x->signature, x->crl,pkey,md));
}
diff --git a/crypto/x509v3/Makefile.ssl b/crypto/x509v3/Makefile.ssl
index f91301188c..eb7c2a2a75 100644
--- a/crypto/x509v3/Makefile.ssl
+++ b/crypto/x509v3/Makefile.ssl
@@ -26,13 +26,13 @@ LIB=$(TOP)/libcrypto.a
LIBSRC= v3_bcons.c v3_bitst.c v3_conf.c v3_extku.c v3_ia5.c v3_lib.c \
v3_prn.c v3_utl.c v3err.c v3_genn.c v3_alt.c v3_skey.c v3_akey.c v3_pku.c \
v3_int.c v3_enum.c v3_sxnet.c v3_cpols.c v3_crld.c v3_purp.c v3_info.c \
-v3_ocsp.c v3_akeya.c v3_pmaps.c v3_pcons.c v3_ncons.c v3_pcia.c v3_pci.c \
-pcy_cache.c pcy_node.c pcy_data.c pcy_map.c pcy_tree.c pcy_lib.c
+v3_ocsp.c v3_akeya.c v3_pmaps.c v3_pcons.c v3_ncons.c pcy_cache.c pcy_node.c \
+pcy_data.c pcy_map.c pcy_tree.c pcy_lib.c
LIBOBJ= v3_bcons.o v3_bitst.o v3_conf.o v3_extku.o v3_ia5.o v3_lib.o \
v3_prn.o v3_utl.o v3err.o v3_genn.o v3_alt.o v3_skey.o v3_akey.o v3_pku.o \
v3_int.o v3_enum.o v3_sxnet.o v3_cpols.o v3_crld.o v3_purp.o v3_info.o \
-v3_ocsp.o v3_akeya.o v3_pmaps.o v3_pcons.o v3_ncons.o v3_pcia.o v3_pci.o \
-pcy_cache.o pcy_node.o pcy_data.o pcy_map.o pcy_tree.o pcy_lib.o
+v3_ocsp.o v3_akeya.o v3_pmaps.o v3_pcons.o v3_ncons.o pcy_cache.o pcy_node.o \
+pcy_data.o pcy_map.o pcy_tree.o pcy_lib.o
SRC= $(LIBSRC)
@@ -61,7 +61,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
@@ -410,32 +410,6 @@ v3_ocsp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
v3_ocsp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
v3_ocsp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
v3_ocsp.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_ocsp.c
-v3_pci.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3_pci.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-v3_pci.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-v3_pci.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-v3_pci.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_pci.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-v3_pci.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_pci.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_pci.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_pci.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_pci.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_pci.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_pci.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_pci.c
-v3_pcia.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-v3_pcia.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-v3_pcia.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_pcia.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-v3_pcia.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-v3_pcia.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-v3_pcia.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_pcia.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_pcia.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_pcia.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_pcia.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_pcia.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_pcia.o: ../../include/openssl/x509v3.h v3_pcia.c
v3_pcons.o: ../../e_os.h ../../include/openssl/asn1.h
v3_pcons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
v3_pcons.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
diff --git a/crypto/x509v3/ext_dat.h b/crypto/x509v3/ext_dat.h
index 3ee4bffe39..7be8565189 100644
--- a/crypto/x509v3/ext_dat.h
+++ b/crypto/x509v3/ext_dat.h
@@ -64,7 +64,7 @@ extern X509V3_EXT_METHOD v3_crl_num, v3_crl_reason, v3_crl_invdate;
extern X509V3_EXT_METHOD v3_delta_crl, v3_cpols, v3_crld;
extern X509V3_EXT_METHOD v3_ocsp_nonce, v3_ocsp_accresp, v3_ocsp_acutoff;
extern X509V3_EXT_METHOD v3_ocsp_crlid, v3_ocsp_nocheck, v3_ocsp_serviceloc;
-extern X509V3_EXT_METHOD v3_crl_hold, v3_pci;
+extern X509V3_EXT_METHOD v3_crl_hold;
extern X509V3_EXT_METHOD v3_policy_mappings, v3_policy_constraints;
extern X509V3_EXT_METHOD v3_name_constraints, v3_inhibit_anyp;
@@ -112,7 +112,6 @@ static X509V3_EXT_METHOD *standard_exts[] = {
#ifndef OPENSSL_NO_OCSP
&v3_crl_hold,
#endif
-&v3_pci,
&v3_policy_mappings,
&v3_name_constraints,
&v3_inhibit_anyp
diff --git a/crypto/x509v3/v3_bitst.c b/crypto/x509v3/v3_bitst.c
index 170c8d280b..42d5f8beff 100644
--- a/crypto/x509v3/v3_bitst.c
+++ b/crypto/x509v3/v3_bitst.c
@@ -118,12 +118,7 @@ ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
for(bnam = method->usr_data; bnam->lname; bnam++) {
if(!strcmp(bnam->sname, val->name) ||
!strcmp(bnam->lname, val->name) ) {
- if(!ASN1_BIT_STRING_set_bit(bs, bnam->bitnum, 1)) {
- X509V3err(X509V3_F_V2I_ASN1_BIT_STRING,
- ERR_R_MALLOC_FAILURE);
- M_ASN1_BIT_STRING_free(bs);
- return NULL;
- }
+ ASN1_BIT_STRING_set_bit(bs, bnam->bitnum, 1);
break;
}
}
diff --git a/crypto/x509v3/v3_ia5.c b/crypto/x509v3/v3_ia5.c
index 9683afa47c..f9414456de 100644
--- a/crypto/x509v3/v3_ia5.c
+++ b/crypto/x509v3/v3_ia5.c
@@ -82,10 +82,7 @@ static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
{
char *tmp;
if(!ia5 || !ia5->length) return NULL;
- if(!(tmp = OPENSSL_malloc(ia5->length + 1))) {
- X509V3err(X509V3_F_I2S_ASN1_IA5STRING,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
+ if (!(tmp = OPENSSL_malloc(ia5->length + 1))) return NULL;
memcpy(tmp, ia5->data, ia5->length);
tmp[ia5->length] = 0;
return tmp;
diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c
index 9f992c9087..67596862ab 100644
--- a/crypto/x509v3/v3_purp.c
+++ b/crypto/x509v3/v3_purp.c
@@ -63,6 +63,7 @@
static void x509v3_cache_extensions(X509 *x);
+static int ca_check(const X509 *x);
static int check_ssl_ca(const X509 *x);
static int check_purpose_ssl_client(const X509_PURPOSE *xp, const X509 *x, int ca);
static int check_purpose_ssl_server(const X509_PURPOSE *xp, const X509 *x, int ca);
@@ -285,8 +286,7 @@ int X509_supported_extension(X509_EXTENSION *ex)
NID_key_usage, /* 83 */
NID_subject_alt_name, /* 85 */
NID_basic_constraints, /* 87 */
- NID_ext_key_usage, /* 126 */
- NID_proxyCertInfo /* 661 */
+ NID_ext_key_usage /* 126 */
};
int ex_nid;
@@ -307,7 +307,6 @@ int X509_supported_extension(X509_EXTENSION *ex)
static void x509v3_cache_extensions(X509 *x)
{
BASIC_CONSTRAINTS *bs;
- PROXY_CERT_INFO_EXTENSION *pci;
ASN1_BIT_STRING *usage;
ASN1_BIT_STRING *ns;
EXTENDED_KEY_USAGE *extusage;
@@ -336,18 +335,6 @@ static void x509v3_cache_extensions(X509 *x)
BASIC_CONSTRAINTS_free(bs);
x->ex_flags |= EXFLAG_BCONS;
}
- /* Handle proxy certificates */
- if((pci=X509_get_ext_d2i(x, NID_proxyCertInfo, NULL, NULL))) {
- if (x->ex_flags & EXFLAG_CA) {
- x->ex_flags |= EXFLAG_INVALID;
- }
- if (pci->pcPathLengthConstraint) {
- x->ex_pcpathlen =
- ASN1_INTEGER_get(pci->pcPathLengthConstraint);
- } else x->ex_pcpathlen = -1;
- PROXY_CERT_INFO_EXTENSION_free(pci);
- x->ex_flags |= EXFLAG_PROXY;
- }
/* Handle key usage */
if((usage=X509_get_ext_d2i(x, NID_key_usage, NULL, NULL))) {
if(usage->length > 0) {
@@ -439,7 +426,7 @@ static void x509v3_cache_extensions(X509 *x)
#define ns_reject(x, usage) \
(((x)->ex_flags & EXFLAG_NSCERT) && !((x)->ex_nscert & (usage)))
-static int check_ca(const X509 *x)
+static int ca_check(const X509 *x)
{
/* keyUsage if present should allow cert signing */
if(ku_reject(x, KU_KEY_CERT_SIGN)) return 0;
@@ -448,37 +435,25 @@ static int check_ca(const X509 *x)
/* If basicConstraints says not a CA then say so */
else return 0;
} else {
- /* we support V1 roots for... uh, I don't really know why. */
if((x->ex_flags & V1_ROOT) == V1_ROOT) return 3;
/* If key usage present it must have certSign so tolerate it */
else if (x->ex_flags & EXFLAG_KUSAGE) return 4;
- /* Older certificates could have Netscape-specific CA types */
- else if (x->ex_flags & EXFLAG_NSCERT
- && x->ex_nscert & NS_ANY_CA) return 5;
- /* can this still be regarded a CA certificate? I doubt it */
- return 0;
+ else return 2;
}
}
-int X509_check_ca(X509 *x)
-{
- if(!(x->ex_flags & EXFLAG_SET)) {
- CRYPTO_w_lock(CRYPTO_LOCK_X509);
- x509v3_cache_extensions(x);
- CRYPTO_w_unlock(CRYPTO_LOCK_X509);
- }
-
- return check_ca(x);
-}
-
/* Check SSL CA: common checks for SSL client and server */
static int check_ssl_ca(const X509 *x)
{
int ca_ret;
- ca_ret = check_ca(x);
+ ca_ret = ca_check(x);
if(!ca_ret) return 0;
/* check nsCertType if present */
- if(ca_ret != 5 || x->ex_nscert & NS_SSL_CA) return ca_ret;
+ if(x->ex_flags & EXFLAG_NSCERT) {
+ if(x->ex_nscert & NS_SSL_CA) return ca_ret;
+ return 0;
+ }
+ if(ca_ret != 2) return ca_ret;
else return 0;
}
@@ -523,10 +498,14 @@ static int purpose_smime(const X509 *x, int ca)
if(xku_reject(x,XKU_SMIME)) return 0;
if(ca) {
int ca_ret;
- ca_ret = check_ca(x);
+ ca_ret = ca_check(x);
if(!ca_ret) return 0;
/* check nsCertType if present */
- if(ca_ret != 5 || x->ex_nscert & NS_SMIME_CA) return ca_ret;
+ if(x->ex_flags & EXFLAG_NSCERT) {
+ if(x->ex_nscert & NS_SMIME_CA) return ca_ret;
+ return 0;
+ }
+ if(ca_ret != 2) return ca_ret;
else return 0;
}
if(x->ex_flags & EXFLAG_NSCERT) {
@@ -560,7 +539,7 @@ static int check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x, int ca)
{
if(ca) {
int ca_ret;
- if((ca_ret = check_ca(x)) != 2) return ca_ret;
+ if((ca_ret = ca_check(x)) != 2) return ca_ret;
else return 0;
}
if(ku_reject(x, KU_CRL_SIGN)) return 0;
@@ -573,9 +552,17 @@ static int check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x, int ca)
static int ocsp_helper(const X509_PURPOSE *xp, const X509 *x, int ca)
{
- /* Must be a valid CA. Should we really support the "I don't know"
- value (2)? */
- if(ca) return check_ca(x);
+ /* Must be a valid CA */
+ if(ca) {
+ int ca_ret;
+ ca_ret = ca_check(x);
+ if(ca_ret != 2) return ca_ret;
+ if(x->ex_flags & EXFLAG_NSCERT) {
+ if(x->ex_nscert & NS_ANY_CA) return ca_ret;
+ return 0;
+ }
+ return 0;
+ }
/* leaf certificate is checked in OCSP_verify() */
return 1;
}
@@ -637,13 +624,7 @@ int X509_check_issued(X509 *issuer, X509 *subject)
return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH;
}
}
- if(subject->ex_flags & EXFLAG_PROXY)
- {
- if(ku_reject(issuer, KU_DIGITAL_SIGNATURE))
- return X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE;
- }
- else if(ku_reject(issuer, KU_KEY_CERT_SIGN))
- return X509_V_ERR_KEYUSAGE_NO_CERTSIGN;
+ if(ku_reject(issuer, KU_KEY_CERT_SIGN)) return X509_V_ERR_KEYUSAGE_NO_CERTSIGN;
return X509_V_OK;
}
diff --git a/crypto/x509v3/v3err.c b/crypto/x509v3/v3err.c
index e93f50da14..648ed3562c 100644
--- a/crypto/x509v3/v3err.c
+++ b/crypto/x509v3/v3err.c
@@ -1,6 +1,6 @@
/* crypto/x509v3/v3err.c */
/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -74,14 +74,12 @@ static ERR_STRING_DATA X509V3_str_functs[]=
{ERR_PACK(0,X509V3_F_DO_I2V_NAME_CONSTRAINTS,0), "DO_I2V_NAME_CONSTRAINTS"},
{ERR_PACK(0,X509V3_F_HEX_TO_STRING,0), "hex_to_string"},
{ERR_PACK(0,X509V3_F_I2S_ASN1_ENUMERATED,0), "i2s_ASN1_ENUMERATED"},
-{ERR_PACK(0,X509V3_F_I2S_ASN1_IA5STRING,0), "I2S_ASN1_IA5STRING"},
{ERR_PACK(0,X509V3_F_I2S_ASN1_INTEGER,0), "i2s_ASN1_INTEGER"},
{ERR_PACK(0,X509V3_F_I2V_AUTHORITY_INFO_ACCESS,0), "I2V_AUTHORITY_INFO_ACCESS"},
{ERR_PACK(0,X509V3_F_NOTICE_SECTION,0), "NOTICE_SECTION"},
{ERR_PACK(0,X509V3_F_NREF_NOS,0), "NREF_NOS"},
{ERR_PACK(0,X509V3_F_POLICY_SECTION,0), "POLICY_SECTION"},
{ERR_PACK(0,X509V3_F_R2I_CERTPOL,0), "R2I_CERTPOL"},
-{ERR_PACK(0,X509V3_F_R2I_PCI,0), "R2I_PCI"},
{ERR_PACK(0,X509V3_F_S2I_ASN1_IA5STRING,0), "S2I_ASN1_IA5STRING"},
{ERR_PACK(0,X509V3_F_S2I_ASN1_INTEGER,0), "s2i_ASN1_INTEGER"},
{ERR_PACK(0,X509V3_F_S2I_ASN1_OCTET_STRING,0), "s2i_ASN1_OCTET_STRING"},
@@ -94,7 +92,7 @@ static ERR_STRING_DATA X509V3_str_functs[]=
{ERR_PACK(0,X509V3_F_SXNET_GET_ID_ASC,0), "SXNET_get_id_asc"},
{ERR_PACK(0,X509V3_F_SXNET_GET_ID_ULONG,0), "SXNET_get_id_ulong"},
{ERR_PACK(0,X509V3_F_V2I_ACCESS_DESCRIPTION,0), "V2I_ACCESS_DESCRIPTION"},
-{ERR_PACK(0,X509V3_F_V2I_ASN1_BIT_STRING,0), "v2i_ASN1_BIT_STRING"},
+{ERR_PACK(0,X509V3_F_V2I_ASN1_BIT_STRING,0), "V2I_ASN1_BIT_STRING"},
{ERR_PACK(0,X509V3_F_V2I_AUTHORITY_KEYID,0), "V2I_AUTHORITY_KEYID"},
{ERR_PACK(0,X509V3_F_V2I_BASIC_CONSTRAINTS,0), "V2I_BASIC_CONSTRAINTS"},
{ERR_PACK(0,X509V3_F_V2I_CRLD,0), "V2I_CRLD"},
@@ -139,7 +137,6 @@ static ERR_STRING_DATA X509V3_str_reasons[]=
{X509V3_R_EXTENSION_VALUE_ERROR ,"extension value error"},
{X509V3_R_ILLEGAL_EMPTY_EXTENSION ,"illegal empty extension"},
{X509V3_R_ILLEGAL_HEX_DIGIT ,"illegal hex digit"},
-{X509V3_R_INCORRECT_POLICY_SYNTAX_TAG ,"incorrect policy syntax tag"},
{X509V3_R_INVALID_BOOLEAN_STRING ,"invalid boolean string"},
{X509V3_R_INVALID_EXTENSION_STRING ,"invalid extension string"},
{X509V3_R_INVALID_NAME ,"invalid name"},
@@ -151,7 +148,6 @@ static ERR_STRING_DATA X509V3_str_reasons[]=
{X509V3_R_INVALID_OBJECT_IDENTIFIER ,"invalid object identifier"},
{X509V3_R_INVALID_OPTION ,"invalid option"},
{X509V3_R_INVALID_POLICY_IDENTIFIER ,"invalid policy identifier"},
-{X509V3_R_INVALID_PROXY_POLICY_SETTING ,"invalid proxy policy setting"},
{X509V3_R_INVALID_PURPOSE ,"invalid purpose"},
{X509V3_R_INVALID_SECTION ,"invalid section"},
{X509V3_R_INVALID_SYNTAX ,"invalid syntax"},
@@ -162,17 +158,11 @@ static ERR_STRING_DATA X509V3_str_reasons[]=
{X509V3_R_NO_ISSUER_CERTIFICATE ,"no issuer certificate"},
{X509V3_R_NO_ISSUER_DETAILS ,"no issuer details"},
{X509V3_R_NO_POLICY_IDENTIFIER ,"no policy identifier"},
-{X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED,"no proxy cert policy language defined"},
{X509V3_R_NO_PUBLIC_KEY ,"no public key"},
{X509V3_R_NO_SUBJECT_DETAILS ,"no subject details"},
{X509V3_R_ODD_NUMBER_OF_DIGITS ,"odd number of digits"},
{X509V3_R_OPERATION_NOT_DEFINED ,"operation not defined"},
{X509V3_R_OTHERNAME_ERROR ,"othername error"},
-{X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED,"policy language alreadty defined"},
-{X509V3_R_POLICY_PATH_LENGTH ,"policy path length"},
-{X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED,"policy path length alreadty defined"},
-{X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED,"policy syntax not currently supported"},
-{X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY,"policy when proxy language requires no policy"},
{X509V3_R_SECTION_NOT_FOUND ,"section not found"},
{X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS ,"unable to get issuer details"},
{X509V3_R_UNABLE_TO_GET_ISSUER_KEYID ,"unable to get issuer keyid"},
diff --git a/crypto/x509v3/x509v3.h b/crypto/x509v3/x509v3.h
index 1f801eb25a..677a930f77 100644
--- a/crypto/x509v3/x509v3.h
+++ b/crypto/x509v3/x509v3.h
@@ -313,23 +313,6 @@ typedef struct POLICY_CONSTRAINTS_st {
ASN1_INTEGER *inhibitPolicyMapping;
} POLICY_CONSTRAINTS;
-/* Proxy certificate structures, see RFC 3820 */
-typedef struct PROXY_POLICY_st
- {
- ASN1_OBJECT *policyLanguage;
- ASN1_OCTET_STRING *policy;
- } PROXY_POLICY;
-
-typedef struct PROXY_CERT_INFO_EXTENSION_st
- {
- ASN1_INTEGER *pcPathLengthConstraint;
- PROXY_POLICY *proxyPolicy;
- } PROXY_CERT_INFO_EXTENSION;
-
-DECLARE_ASN1_FUNCTIONS(PROXY_POLICY)
-DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
-
-
#define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \
",name:", val->name, ",value:", val->value);
@@ -368,7 +351,6 @@ DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
#define EXFLAG_INVALID 0x80
#define EXFLAG_SET 0x100
#define EXFLAG_CRITICAL 0x200
-#define EXFLAG_PROXY 0x400
#define EXFLAG_INVALID_POLICY 0x400
@@ -596,7 +578,6 @@ int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
int X509V3_extensions_print(BIO *out, char *title, STACK_OF(X509_EXTENSION) *exts, unsigned long flag, int indent);
-int X509_check_ca(X509 *x);
int X509_check_purpose(X509 *x, int id, int ca);
int X509_supported_extension(X509_EXTENSION *ex);
int X509_PURPOSE_set(int *p, int purpose);
@@ -642,14 +623,12 @@ void ERR_load_X509V3_strings(void);
#define X509V3_F_DO_I2V_NAME_CONSTRAINTS 148
#define X509V3_F_HEX_TO_STRING 111
#define X509V3_F_I2S_ASN1_ENUMERATED 121
-#define X509V3_F_I2S_ASN1_IA5STRING 149
#define X509V3_F_I2S_ASN1_INTEGER 120
#define X509V3_F_I2V_AUTHORITY_INFO_ACCESS 138
#define X509V3_F_NOTICE_SECTION 132
#define X509V3_F_NREF_NOS 133
#define X509V3_F_POLICY_SECTION 131
#define X509V3_F_R2I_CERTPOL 130
-#define X509V3_F_R2I_PCI 149
#define X509V3_F_S2I_ASN1_IA5STRING 100
#define X509V3_F_S2I_ASN1_INTEGER 108
#define X509V3_F_S2I_ASN1_OCTET_STRING 112
@@ -704,7 +683,6 @@ void ERR_load_X509V3_strings(void);
#define X509V3_R_EXTENSION_VALUE_ERROR 116
#define X509V3_R_ILLEGAL_EMPTY_EXTENSION 151
#define X509V3_R_ILLEGAL_HEX_DIGIT 113
-#define X509V3_R_INCORRECT_POLICY_SYNTAX_TAG 152
#define X509V3_R_INVALID_BOOLEAN_STRING 104
#define X509V3_R_INVALID_EXTENSION_STRING 105
#define X509V3_R_INVALID_NAME 106
@@ -716,7 +694,6 @@ void ERR_load_X509V3_strings(void);
#define X509V3_R_INVALID_OBJECT_IDENTIFIER 110
#define X509V3_R_INVALID_OPTION 138
#define X509V3_R_INVALID_POLICY_IDENTIFIER 134
-#define X509V3_R_INVALID_PROXY_POLICY_SETTING 153
#define X509V3_R_INVALID_PURPOSE 146
#define X509V3_R_INVALID_SECTION 135
#define X509V3_R_INVALID_SYNTAX 143
@@ -727,17 +704,11 @@ void ERR_load_X509V3_strings(void);
#define X509V3_R_NO_ISSUER_CERTIFICATE 121
#define X509V3_R_NO_ISSUER_DETAILS 127
#define X509V3_R_NO_POLICY_IDENTIFIER 139
-#define X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED 154
#define X509V3_R_NO_PUBLIC_KEY 114
#define X509V3_R_NO_SUBJECT_DETAILS 125
#define X509V3_R_ODD_NUMBER_OF_DIGITS 112
#define X509V3_R_OPERATION_NOT_DEFINED 148
#define X509V3_R_OTHERNAME_ERROR 147
-#define X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED 155
-#define X509V3_R_POLICY_PATH_LENGTH 156
-#define X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED 157
-#define X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED 158
-#define X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY 159
#define X509V3_R_SECTION_NOT_FOUND 150
#define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS 122
#define X509V3_R_UNABLE_TO_GET_ISSUER_KEYID 123
diff --git a/demos/engines/rsaref/rsaref.c b/demos/engines/rsaref/rsaref.c
index f97974fc49..872811b8f7 100644
--- a/demos/engines/rsaref/rsaref.c
+++ b/demos/engines/rsaref/rsaref.c
@@ -426,7 +426,7 @@ static int rsaref_private_encrypt(int len, const unsigned char *from, unsigned c
}
if (!RSAref_Private_eay2ref(rsa,&RSAkey))
goto err;
- if ((i=RSAPrivateEncrypt(to,(unsigned int *)&outlen,(unsigned char *)from,len,&RSAkey)) != 0)
+ if ((i=RSAPrivateEncrypt(to,(unsigned int)&outlen,(unsigned char *)from,len,&RSAkey)) != 0)
{
RSAREFerr(RSAREF_F_RSAREF_PRIVATE_ENCRYPT,i);
outlen= -1;
@@ -444,7 +444,7 @@ static int rsaref_public_decrypt(int len, const unsigned char *from, unsigned ch
if (!RSAref_Public_eay2ref(rsa,&RSAkey))
goto err;
- if ((i=RSAPublicDecrypt(to,(unsigned int *)&outlen,(unsigned char *)from,len,&RSAkey)) != 0)
+ if ((i=RSAPublicDecrypt(to,(unsigned int)&outlen,(unsigned char *)from,len,&RSAkey)) != 0)
{
RSAREFerr(RSAREF_F_RSAREF_PUBLIC_DECRYPT,i);
outlen= -1;
@@ -481,7 +481,7 @@ static int rsaref_public_encrypt(int len, const unsigned char *from, unsigned ch
if (!RSAref_Public_eay2ref(rsa,&RSAkey))
goto err;
- if ((i=RSAPublicEncrypt(to,(unsigned int *)&outlen,(unsigned char *)from,len,&RSAkey,&rnd)) != 0)
+ if ((i=RSAPublicEncrypt(to,(unsigned int)&outlen,(unsigned char *)from,len,&RSAkey,&rnd)) != 0)
{
RSAREFerr(RSAREF_F_RSAREF_PUBLIC_ENCRYPT,i);
outlen= -1;
diff --git a/demos/install.com b/demos/install.com
new file mode 100644
index 0000000000..02e8738f57
--- /dev/null
+++ b/demos/install.com
@@ -0,0 +1,50 @@
+$! INSTALL.COM -- Installs the files in a given directory tree
+$!
+$! Author: Richard Levitte <richard@levitte.org>
+$! Time of creation: 23-MAY-1998 19:22
+$!
+$! P1 root of the directory tree
+$!
+$ IF P1 .EQS. ""
+$ THEN
+$ WRITE SYS$OUTPUT "First argument missing."
+$ WRITE SYS$OUTPUT "Should be the directory where you want things installed."
+$ EXIT
+$ ENDIF
+$
+$ ROOT = F$PARSE(P1,"[]A.;0",,,"SYNTAX_ONLY,NO_CONCEAL") - "A.;0"
+$ ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY")
+$ ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") -
+ - "[000000." - "][" - "[" - "]"
+$ ROOT = ROOT_DEV + "[" + ROOT_DIR
+$
+$ DEFINE/NOLOG WRK_SSLROOT 'ROOT'.] /TRANS=CONC
+$
+$ IF F$PARSE("WRK_SSLROOT:[000000]") .EQS. "" THEN -
+ CREATE/DIR/LOG WRK_SSLROOT:[000000]
+$!
+$ EXAMPLE_DIR := [.VMS_EXAMPLES]
+$ EXAMPLE_FILES := SSL$BIO_CLI.C,SSL$BIO_SERV.C,SSL$CLI_SESS_RENEGO.C, -
+ SSL$CLI_SESS_RENEGO_CLI_VER.C,SSL$CLI_SESS_REUSE.C, -
+ SSL$CLI_SESS_REUSE_CLI_VER.C,SSL$CLI_VERIFY_CLIENT.C, -
+ SSL$SERV_SESS_RENEGO.C,SSL$SERV_SESS_RENEGO_CLI_VER.C, -
+ SSL$SERV_SESS_REUSE.C,SSL$SERV_SESS_REUSE_CLI_VER.C, -
+ SSL$SERV_VERIFY_CLIENT.C,SSL$SIMPLE_CLI.C,SSL$SIMPLE_SERV.C, -
+ SSL$EXAMPLES_SETUP.COM
+$!
+$ I = 0
+$ LOOP:
+$ EF = F$EDIT(F$ELEMENT(I, ",", EXAMPLE_FILES),"TRIM")
+$ I = I + 1
+$ IF eF .EQS. "," THEN GOTO LOOP_END
+$ SET NOON
+$ IF F$SEARCH(EXAMPLE_DIR+EF) .NES. ""
+$ THEN
+$ COPY 'EXAMPLE_DIR''EF' WRK_SSLROOT:[000000]*.*/log
+$ SET FILE/PROT=W:RE WRK_SSLROOT:[000000]'EF'
+$ ENDIF
+$ SET ON
+$ GOTO LOOP
+$ LOOP_END:
+$!
+$ EXIT
diff --git a/demos/vms_examples/ssl$bio_cli.c b/demos/vms_examples/ssl$bio_cli.c
new file mode 100644
index 0000000000..97491043ae
--- /dev/null
+++ b/demos/vms_examples/ssl$bio_cli.c
@@ -0,0 +1,298 @@
+/*
+ * ++
+ * FACILITY:
+ *
+ * Simplest SSL Client + "Socket BIO"
+ *
+ * ABSTRACT:
+ *
+ * This is an example of a SSL client with minimum functionality.
+ * This client uses Socket BIO.
+ * The socket APIs are used to handle TCP/IP operations.
+ *
+ * This SSL client verifies the server's certificate against the CA
+ * certificate loaded in the client.
+ *
+ * This SSL client does not load its own certificate and key because
+ * the SSL server does not request & verify the client certificate.
+ *
+ * ENVIRONMENT:
+ *
+ * OpenVMS Alpha V7.2-2
+ * TCP/IP Services V5.0A or higher
+ *
+ * AUTHOR:
+ *
+ * Taka Shinagawa, OpenVMS Security Group
+ *
+ * CREATION DATE:
+ *
+ * 1-Jan-2002
+ *
+ * --
+ */
+
+
+/* Assumptions, Build, Configuration, and Execution Instructions */
+
+/*
+ * ASSUMPTIONS:
+ *
+ * The following are assumed to be true for the
+ * execution of this program to succeed:
+ *
+ * - SSL is installed and started on this system.
+ *
+ * - this server program, and its accompanying client
+ * program are run on the same system, but in different
+ * processes.
+ *
+ * - the certificate and keys referenced by this program
+ * reside in the same directory as this program. There
+ * is a command procedure, SSL$EXAMPLES_SETUP.COM, to
+ * help set up the certificates and keys.
+ *
+ *
+ * BUILD INSTRUCTIONS:
+ *
+ * To build this example program use commands of the form,
+ *
+ * For a 32-bit application using only SSL APIs needs to run the following commands for SSL_APP.C .
+ * -----------------------------------------------------------------
+ * $CC/POINTER_SIZE=32/PREFIX_LIBRARY_ENTRIES=ALL_ENTRIES SSL_APP.C
+ * $LINK SSL_APP.OBJ, VMS_DECC_OPTIONS.OPT/OPT
+ * -----------------------------------------------------------------
+ * VMS_DECC_OPTIONS.OPT should include the following lines.
+ * -------------------------------------------------
+ * SYS$LIBRARY:OPENSSL$LIBCRYPTO_SHR32.EXE/SHARE
+ * SYS$LIBRARY:OPENSSL$LIBSSL_SHR32.EXE/SHARE
+ * -------------------------------------------------
+ *
+ * Creating a 64-bit application of SSL_APP.C should run the following commands.
+ * -----------------------------------------------------------------
+ * $CC/POINTER_SIZE=64/PREFIX_LIBRARY_ENTRIES=ALL_ENTRIES SSL_APP.C
+ * $LINK SSL_APP.OBJ, VMS_DECC_OPTIONS.OPT/OPT
+ * -----------------------------------------------------------------
+ * VMS_DECC_OPTIONS.OPT should include the following lines.
+ * -------------------------------------------------
+ * SYS$LIBRARY:OPENSSL$LIBCRYPTO_SHR.EXE/SHARE
+ * SYS$LIBRARY:OPENSSL$LIBSSL_SHR.EXE/SHARE
+ * -------------------------------------------------
+ *
+ *
+ * CONFIGURATION INSTRUCTIONS:
+ *
+ *
+ * RUN INSTRUCTIONS:
+ *
+ * To run this example program:
+ *
+ * 1) Start the server program on this system,
+ *
+ * $ run server
+ *
+ * 2) Start the client program on this same system,
+ *
+ * $ run client
+ *
+ */
+
+
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+#include <netdb.h>
+#include <unistd.h>
+
+#ifdef __VMS
+#include <socket.h>
+#include <inet.h>
+#include <in.h>
+#else
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#endif
+
+#include <openssl/crypto.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
+#define RETURN_NULL(x) if ((x)==NULL) exit (1)
+#define RETURN_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
+#define RETURN_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(1); }
+
+static int verify_callback(int ok, X509_STORE_CTX *ctx);
+
+#define RSA_CLIENT_CERT "client.crt"
+#define RSA_CLIENT_KEY "client.key"
+
+#define RSA_CLIENT_CA_CERT "client_ca.crt"
+#define RSA_CLIENT_CA_PATH "sys$common:[syshlp.examples.ssl]"
+
+#define ON 1
+#define OFF 0
+
+void main()
+{
+ int err;
+ int verify_client = OFF; /* To verify a client certificate, set ON */
+
+ int sock;
+ struct sockaddr_in server_addr;
+ char *str;
+ char buf [4096];
+ char hello[80];
+
+ SSL_CTX *ctx;
+ SSL *ssl;
+ SSL_METHOD *meth;
+ X509 *server_cert;
+ BIO *sbio = NULL;
+
+ EVP_PKEY *pkey;
+
+ short int s_port = 5555;
+ const char *s_ipaddr = "127.0.0.1";
+
+ /*----------------------------------------------------------*/
+ printf ("Message to be sent to the SSL server: ");
+ fgets (hello, 80, stdin);
+
+ /* Load encryption & hashing algorithms for the SSL program */
+ SSL_library_init();
+
+ /* Load the error strings for SSL & CRYPTO APIs */
+ SSL_load_error_strings();
+
+ /* Create a SSL_METHOD structure (choose a SSL/TLS protocol version) */
+ meth = SSLv3_method();
+
+ /* Create a SSL_CTX structure */
+ ctx = SSL_CTX_new(meth);
+ RETURN_NULL(ctx);
+
+ /*-------------------------------------------------------------------------*/
+ if(verify_client == ON)
+ {
+ /* Load the client certificate into the SSL_CTX structure */
+ if (SSL_CTX_use_certificate_file(ctx, RSA_CLIENT_CERT, SSL_FILETYPE_PEM) <= 0) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Load the private-key corresponding to the client certificate */
+ if (SSL_CTX_use_PrivateKey_file(ctx, RSA_CLIENT_KEY, SSL_FILETYPE_PEM) <= 0) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Check if the client certificate and private-key matches */
+ if (!SSL_CTX_check_private_key(ctx)) {
+ fprintf(stderr,"Private key does not match the certificate public key\n");
+ exit(1);
+ }
+ }
+
+ /* Load the RSA CA certificate into the SSL_CTX structure */
+ if (!SSL_CTX_load_verify_locations(ctx, RSA_CLIENT_CA_CERT, NULL)) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Set to require peer (server) certificate verification */
+ SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER,NULL);
+ SSL_CTX_set_verify_depth(ctx,1);
+
+ /* ----------------------------------------------------------------- */
+ /* Set up a TCP socket */
+
+ sock = socket (PF_INET, SOCK_STREAM, IPPROTO_TCP);
+ RETURN_ERR(sock, "socket");
+
+ memset (&server_addr, '\0', sizeof(server_addr));
+ server_addr.sin_family = AF_INET;
+ server_addr.sin_port = htons(s_port); /* Server Port number */
+ server_addr.sin_addr.s_addr = inet_addr(s_ipaddr); /* Server IP */
+
+ /* Establish a TCP/IP connection to the SSL client */
+ err = connect(sock, (struct sockaddr*) &server_addr, sizeof(server_addr));
+ RETURN_ERR(err, "connect");
+
+ /* ----------------------------------------------- */
+ /* A SSL structure is created */
+ ssl = SSL_new (ctx);
+ RETURN_NULL(ssl);
+
+ if(1){ /* Use a socket BIO between the socket and SSL structure */
+ /* Create a socket BIO */
+ sbio = BIO_new_socket(sock, BIO_NOCLOSE);
+
+ /* Assign the socket BIO to the SSL structure*/
+ SSL_set_bio(ssl, sbio, sbio);
+ }
+ else{
+ /* Assign the socket into the SSL structure (SSL and socket without BIO) */
+ SSL_set_fd(ssl, sock);
+ }
+
+ /* Perform SSL Handshake on the SSL client */
+ err = SSL_connect(ssl);
+ RETURN_SSL(err);
+
+ /* Informational output (optional) */
+ printf ("SSL connection using %s\n", SSL_get_cipher (ssl));
+
+
+ /* Get the server's certificate (optional) */
+ server_cert = SSL_get_peer_certificate (ssl);
+
+ if (server_cert != NULL)
+ {
+ printf ("Server certificate:\n");
+
+ str = X509_NAME_oneline(X509_get_subject_name(server_cert),0,0);
+ RETURN_NULL(str);
+ printf ("\t subject: %s\n", str);
+ free (str);
+
+ str = X509_NAME_oneline(X509_get_issuer_name(server_cert),0,0);
+ RETURN_NULL(str);
+ printf ("\t issuer: %s\n", str);
+ free(str);
+
+ X509_free (server_cert);
+ }
+ else
+ printf("The SSL server does not have certificate.\n");
+
+
+ /*--------------- DATA EXCHANGE - send message and receive reply. ---------------*/
+
+ /* Send data to the SSL server */
+ err = SSL_write(ssl, hello, strlen(hello));
+ RETURN_SSL(err);
+
+ /* Receive data from the SSL client */
+ err = SSL_read(ssl, buf, sizeof(buf)-1);
+ RETURN_SSL(err);
+ buf[err] = '\0';
+ printf ("Received %d chars:'%s'\n", err, buf);
+
+ /*--------------- SSL closure ---------------*/
+ /* Shutdown the client side of the SSL connection */
+ err = SSL_shutdown(ssl);
+ RETURN_SSL(err);
+
+ /* Terminate communication on a socket */
+ err = close(sock);
+ RETURN_ERR(err, "close");
+
+ /* Free the SSL structure */
+ SSL_free(ssl);
+
+ /* Free the SSL_CTX structure */
+ SSL_CTX_free(ctx);
+}
+
diff --git a/demos/vms_examples/ssl$bio_serv.c b/demos/vms_examples/ssl$bio_serv.c
new file mode 100644
index 0000000000..df2f7477f5
--- /dev/null
+++ b/demos/vms_examples/ssl$bio_serv.c
@@ -0,0 +1,311 @@
+/*
+ * ++
+ * FACILITY:
+ *
+ * Simplest SSL Server + "Socket BIO"
+ *
+ * ABSTRACT:
+ *
+ * This is an example of a SSL server with minimum functionality.
+ * This server uses Socket BIO.
+ * The socket APIs are used to handle TCP/IP operations. This SSL
+ * server loads its own certificate and key, but it does not verify
+ * the certificate of the SSL client.
+ *
+ * ENVIRONMENT:
+ *
+ * OpenVMS Alpha V7.2-2
+ * TCP/IP Services V5.0A or higher
+ *
+ * AUTHOR:
+ *
+ * Taka Shinagawa, OpenVMS Security Group
+ *
+ * CREATION DATE:
+ *
+ * 1-Jan-2002
+ *
+ * --
+ */
+
+
+/* Assumptions, Build, Configuration, and Execution Instructions */
+
+/*
+ * ASSUMPTIONS:
+ *
+ * The following are assumed to be true for the
+ * execution of this program to succeed:
+ *
+ * - SSL is installed and started on this system.
+ *
+ * - this server program, and its accompanying client
+ * program are run on the same system, but in different
+ * processes.
+ *
+ * - the certificate and keys referenced by this program
+ * reside in the same directory as this program. There
+ * is a command procedure, SSL$EXAMPLES_SETUP.COM, to
+ * help set up the certificates and keys.
+ *
+ *
+ * BUILD INSTRUCTIONS:
+ *
+ * To build this example program use commands of the form,
+ *
+ * For a 32-bit application using only SSL APIs needs to run the following commands for SSL_APP.C .
+ * -----------------------------------------------------------------
+ * $CC/POINTER_SIZE=32/PREFIX_LIBRARY_ENTRIES=ALL_ENTRIES SSL_APP.C
+ * $LINK SSL_APP.OBJ, VMS_DECC_OPTIONS.OPT/OPT
+ * -----------------------------------------------------------------
+ * VMS_DECC_OPTIONS.OPT should include the following lines.
+ * -------------------------------------------------
+ * SYS$LIBRARY:OPENSSL$LIBCRYPTO_SHR32.EXE/SHARE
+ * SYS$LIBRARY:OPENSSL$LIBSSL_SHR32.EXE/SHARE
+ * -------------------------------------------------
+ *
+ * Creating a 64-bit application of SSL_APP.C should run the following commands.
+ * -----------------------------------------------------------------
+ * $CC/POINTER_SIZE=64/PREFIX_LIBRARY_ENTRIES=ALL_ENTRIES SSL_APP.C
+ * $LINK SSL_APP.OBJ, VMS_DECC_OPTIONS.OPT/OPT
+ * -----------------------------------------------------------------
+ * VMS_DECC_OPTIONS.OPT should include the following lines.
+ * -------------------------------------------------
+ * SYS$LIBRARY:OPENSSL$LIBCRYPTO_SHR.EXE/SHARE
+ * SYS$LIBRARY:OPENSSL$LIBSSL_SHR.EXE/SHARE
+ * -------------------------------------------------
+ *
+ *
+ * CONFIGURATION INSTRUCTIONS:
+ *
+ *
+ * RUN INSTRUCTIONS:
+ *
+ * To run this example program:
+ *
+ * 1) Start the server program,
+ *
+ * $ run server
+ *
+ * 2) Start the client program on this same system,
+ *
+ * $ run client
+ *
+ */
+
+
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <netdb.h>
+#include <unistd.h>
+
+#ifdef __VMS
+#include <types.h>
+#include <socket.h>
+#include <in.h>
+#include <inet.h>
+#else
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#endif
+
+#include <openssl/crypto.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
+#define RSA_SERVER_CERT "server.crt"
+#define RSA_SERVER_KEY "server.key"
+
+#define RSA_SERVER_CA_CERT "server_ca.crt"
+#define RSA_SERVER_CA_PATH "sys$common:[syshlp.examples.ssl]"
+
+#define ON 1
+#define OFF 0
+
+#define RETURN_NULL(x) if ((x)==NULL) exit(1)
+#define RETURN_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
+#define RETURN_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(1); }
+
+void main ()
+{
+ int err;
+ int verify_client = OFF; /* To verify a client certificate, set ON */
+
+ int listen_sock;
+ int sock;
+ struct sockaddr_in sa_serv;
+ struct sockaddr_in sa_cli;
+ size_t client_len;
+ char *str;
+ char buf[4096];
+
+ SSL_CTX *ctx;
+ SSL *ssl;
+ SSL_METHOD *meth;
+ X509 *client_cert = NULL;
+ BIO *sbio = NULL;
+
+ short int s_port = 5555;
+
+ /*-----------------------------------------------------------------------------------------*/
+ /* Load encryption & hashing algorithms for the SSL program */
+ SSL_library_init();
+
+ /* Load the error strings for SSL & CRYPTO APIs */
+ SSL_load_error_strings();
+
+ /* Create a SSL_METHOD structure (choose a SSL/TLS protocol version) */
+ meth = SSLv3_method();
+
+ /* Create a SSL_CTX structure */
+ ctx = SSL_CTX_new(meth);
+ if (!ctx) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Load the server certificate into the SSL_CTX structure */
+ if (SSL_CTX_use_certificate_file(ctx, RSA_SERVER_CERT, SSL_FILETYPE_PEM) <= 0) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Load the private-key corresponding to the server certificate */
+ if (SSL_CTX_use_PrivateKey_file(ctx, RSA_SERVER_KEY, SSL_FILETYPE_PEM) <= 0) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Check if the server certificate and private-key matches */
+ if (!SSL_CTX_check_private_key(ctx)) {
+ fprintf(stderr,"Private key does not match the certificate public key\n");
+ exit(1);
+ }
+
+ if(verify_client == ON)
+ {
+ /* Load the RSA CA certificate into the SSL_CTX structure */
+ if (!SSL_CTX_load_verify_locations(ctx, RSA_SERVER_CA_CERT, NULL)) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Set to require peer (client) certificate verification */
+ SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER,NULL);
+
+ /* Set the verification depth to 1 */
+ SSL_CTX_set_verify_depth(ctx,1);
+ }
+
+ /* ----------------------------------------------- */
+ /* Set up a TCP socket */
+
+ listen_sock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
+ RETURN_ERR(listen_sock, "socket");
+
+ memset (&sa_serv, '\0', sizeof(sa_serv));
+ sa_serv.sin_family = AF_INET;
+ sa_serv.sin_addr.s_addr = INADDR_ANY;
+ sa_serv.sin_port = htons (s_port); /* Server Port number */
+
+ err = bind(listen_sock, (struct sockaddr*)&sa_serv,sizeof(sa_serv));
+ RETURN_ERR(err, "bind");
+
+ /* Wait for an incoming TCP connection. */
+ err = listen(listen_sock, 5);
+ RETURN_ERR(err, "listen");
+
+ client_len = sizeof(sa_cli);
+
+ /* Socket for a TCP/IP connection is created */
+ sock = accept(listen_sock, (struct sockaddr*)&sa_cli, &client_len);
+ RETURN_ERR(sock, "accept");
+ close (listen_sock);
+
+ printf ("Connection from %lx, port %x\n", sa_cli.sin_addr.s_addr, sa_cli.sin_port);
+
+ /* ----------------------------------------------- */
+ /* TCP connection is ready. */
+
+ /* A SSL structure is created */
+ ssl = SSL_new(ctx);
+ RETURN_NULL(ssl);
+
+ if(1){ /* Use a socket BIO between the socket and SSL structure */
+ /* Create a socket BIO */
+ sbio = BIO_new_socket(sock, BIO_NOCLOSE);
+
+ /* Assign the socket BIO to the SSL structure*/
+ SSL_set_bio(ssl, sbio, sbio);
+
+ }
+ else{
+ /* Assign the socket into the SSL structure (SSL and socket without BIO) */
+ SSL_set_fd(ssl, sock);
+ }
+
+ /* Perform SSL Handshake on the SSL server */
+ err = SSL_accept(ssl);
+ RETURN_SSL(err);
+
+ /* Informational output (optional) */
+ printf("SSL connection using %s\n", SSL_get_cipher (ssl));
+
+ if (verify_client == ON)
+ {
+ /* Get the client's certificate (optional) */
+ client_cert = SSL_get_peer_certificate(ssl);
+
+ if (client_cert != NULL)
+ {
+ printf ("Client certificate:\n");
+
+ str = X509_NAME_oneline(X509_get_subject_name(client_cert), 0, 0);
+ RETURN_NULL(str);
+ printf ("\t subject: %s\n", str);
+ free (str);
+
+ str = X509_NAME_oneline(X509_get_issuer_name(client_cert), 0, 0);
+ RETURN_NULL(str);
+ printf ("\t issuer: %s\n", str);
+ free (str);
+
+ X509_free(client_cert);
+ }
+ else
+ printf("The SSL client does not have certificate.\n");
+ }
+
+ /*--------------- DATA EXCHANGE - Receive message and send reply. ---------------*/
+
+ /* Receive data from the SSL client */
+ err = SSL_read(ssl, buf, sizeof(buf) - 1);
+ RETURN_SSL(err);
+ buf[err] = '\0';
+ printf ("Received %d chars:'%s'\n", err, buf);
+
+ /* Send data to the SSL client */
+ err = SSL_write(ssl, "This message is from the SSL server", strlen("This message is from the SSL server"));
+ RETURN_SSL(err);
+
+ /*--------------- SSL closure ---------------*/
+ /* Shutdown this side (server) of the connection. */
+ err = SSL_shutdown(ssl);
+ RETURN_SSL(err);
+
+ /* Terminate communication on a socket */
+ err = close(sock);
+ RETURN_ERR(err, "close");
+
+ /* Free the SSL structure */
+ SSL_free(ssl);
+
+ /* Free the SSL_CTX structure */
+ SSL_CTX_free(ctx);
+}
+
diff --git a/demos/vms_examples/ssl$cli_sess_renego.c b/demos/vms_examples/ssl$cli_sess_renego.c
new file mode 100644
index 0000000000..816032f292
--- /dev/null
+++ b/demos/vms_examples/ssl$cli_sess_renego.c
@@ -0,0 +1,361 @@
+/*
+ * ++
+ * FACILITY:
+ *
+ * Simplest SSL Client + "Socket BIO" + "SSL Renegotiation"
+ *
+ * ABSTRACT:
+ *
+ * This is an example of a SSL client with minimum functionality.
+ * This client uses Socket BIO.
+ * The socket APIs are used to handle TCP/IP operations.
+ *
+ * This SSL client verifies the server's certificate against the CA
+ * certificate loaded in the client.
+ *
+ * This SSL client does not load its own certificate and key because
+ * the SSL server does not request & verify the client certificate.
+ *
+ * This SSL client also demonstrates how to implement SSL Session Renegotiation
+ * in the client.
+ *
+ * ENVIRONMENT:
+ *
+ * OpenVMS Alpha V7.2-2
+ * TCP/IP Services V5.0A or higher
+ *
+ * AUTHOR:
+ *
+ * Taka Shinagawa, OpenVMS Security Group
+ *
+ * CREATION DATE:
+ *
+ * 1-Jan-2002
+ *
+ * --
+ */
+
+/* Assumptions, Build, Configuration, and Execution Instructions */
+
+/*
+ * ASSUMPTIONS:
+ *
+ * The following are assumed to be true for the
+ * execution of this program to succeed:
+ *
+ * - SSL is installed and started on this system.
+ *
+ * - this server program, and its accompanying client
+ * program are run on the same system, but in different
+ * processes.
+ *
+ * - the certificate and keys referenced by this program
+ * reside in the same directory as this program. There
+ * is a command procedure, SSL$EXAMPLES_SETUP.COM, to
+ * help set up the certificates and keys.
+ *
+ *
+ * BUILD INSTRUCTIONS:
+ *
+ * To build this example program use commands of the form,
+ *
+ * For a 32-bit application using only SSL APIs needs to run the following commands for SSL_APP.C .
+ * -----------------------------------------------------------------
+ * $CC/POINTER_SIZE=32/PREFIX_LIBRARY_ENTRIES=ALL_ENTRIES SSL_APP.C
+ * $LINK SSL_APP.OBJ, VMS_DECC_OPTIONS.OPT/OPT
+ * -----------------------------------------------------------------
+ * VMS_DECC_OPTIONS.OPT should include the following lines.
+ * -------------------------------------------------
+ * SYS$LIBRARY:OPENSSL$LIBCRYPTO_SHR32.EXE/SHARE
+ * SYS$LIBRARY:OPENSSL$LIBSSL_SHR32.EXE/SHARE
+ * -------------------------------------------------
+ *
+ * Creating a 64-bit application of SSL_APP.C should run the following commands.
+ * -----------------------------------------------------------------
+ * $CC/POINTER_SIZE=64/PREFIX_LIBRARY_ENTRIES=ALL_ENTRIES SSL_APP.C
+ * $LINK SSL_APP.OBJ, VMS_DECC_OPTIONS.OPT/OPT
+ * -----------------------------------------------------------------
+ * VMS_DECC_OPTIONS.OPT should include the following lines.
+ * -------------------------------------------------
+ * SYS$LIBRARY:OPENSSL$LIBCRYPTO_SHR.EXE/SHARE
+ * SYS$LIBRARY:OPENSSL$LIBSSL_SHR.EXE/SHARE
+ * -------------------------------------------------
+ *
+ *
+ * CONFIGURATION INSTRUCTIONS:
+ *
+ *
+ * RUN INSTRUCTIONS:
+ *
+ * To run this example program:
+ *
+ * 1) Start the server program on this system,
+ *
+ * $ run server
+ *
+ * 2) Start the client program on this same system,
+ *
+ * $ run client
+ *
+ */
+
+
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+#include <netdb.h>
+#include <unistd.h>
+
+#ifdef __VMS
+#include <socket.h>
+#include <inet.h>
+#include <in.h>
+#else
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#endif
+
+#include <openssl/crypto.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
+#define RETURN_NULL(x) if ((x)==NULL) exit (1)
+#define RETURN_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
+#define RETURN_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(1); }
+
+static int verify_callback(int ok, X509_STORE_CTX *ctx);
+
+#define RSA_CLIENT_CERT "client.crt"
+#define RSA_CLIENT_KEY "client.key"
+
+#define RSA_CLIENT_CA_CERT "client_ca.crt"
+#define RSA_CLIENT_CA_PATH "sys$common:[syshlp.examples.ssl]"
+
+#define ON 1
+#define OFF 0
+
+void main()
+{
+ int err;
+ int verify_client = ON; /* To verify a client certificate, set ON */
+
+ int sock;
+ struct sockaddr_in server_addr;
+ char *str;
+ char buf [4096];
+ char hello[80];
+
+ SSL_CTX *ctx;
+ SSL *ssl;
+ SSL_METHOD *meth;
+ X509 *server_cert;
+ BIO *sbio = NULL;
+ SSL_SESSION *sess = NULL;
+
+ EVP_PKEY *pkey;
+
+ short int s_port = 5555;
+ const char *s_ipaddr = "127.0.0.1";
+
+ /*----------------------------------------------------------*/
+ printf ("Message to be sent to the SSL server: ");
+ fgets (hello, 80, stdin);
+
+ /* Load encryption & hashing algorithms for the SSL program */
+ SSL_library_init();
+
+ /* Load the error strings for SSL & CRYPTO APIs */
+ SSL_load_error_strings();
+
+ /* Create a SSL_METHOD structure (choose a SSL/TLS protocol version) */
+ meth = TLSv1_method();
+
+ /* Create a SSL_CTX structure */
+ ctx = SSL_CTX_new(meth);
+ RETURN_NULL(ctx);
+
+ /*-------------------------------------------------------------------------*/
+ if(verify_client == ON)
+ {
+ /* Load the client certificate into the SSL_CTX structure */
+ if (SSL_CTX_use_certificate_file(ctx, RSA_CLIENT_CERT, SSL_FILETYPE_PEM) <= 0) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Load the private-key corresponding to the client certificate */
+ if (SSL_CTX_use_PrivateKey_file(ctx, RSA_CLIENT_KEY, SSL_FILETYPE_PEM) <= 0) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Check if the client certificate and private-key matches */
+ if (!SSL_CTX_check_private_key(ctx)) {
+ fprintf(stderr,"Private key does not match the certificate public key\n");
+ exit(1);
+ }
+ }
+
+ /* Load the RSA CA certificate into the SSL_CTX structure */
+ if (!SSL_CTX_load_verify_locations(ctx, RSA_CLIENT_CA_CERT, NULL)) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Set to require peer (server) certificate verification */
+ SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER,NULL);
+ SSL_CTX_set_verify_depth(ctx,1);
+
+ /* ----------------------------------------------------------------- */
+ /* Set up a TCP socket */
+
+ sock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
+ RETURN_ERR(sock, "socket");
+
+ memset(&server_addr, '\0', sizeof(server_addr));
+ server_addr.sin_family = AF_INET;
+ server_addr.sin_port = htons(s_port); /* Server Port number */
+ server_addr.sin_addr.s_addr = inet_addr(s_ipaddr); /* Server IP */
+
+ /* Establish a TCP/IP connection to the SSL client */
+ err = connect(sock, (struct sockaddr*) &server_addr, sizeof(server_addr));
+ RETURN_ERR(err, "connect");
+
+ /* ----------------------------------------------- */
+ /* A SSL structure is created */
+ ssl = SSL_new (ctx);
+ RETURN_NULL(ssl);
+
+ if(1){ /* Use a socket BIO between the socket and SSL structure */
+ /* Create a socket BIO */
+ sbio = BIO_new_socket(sock, BIO_NOCLOSE);
+
+ /* Assign the socket BIO to the SSL structure*/
+ SSL_set_bio(ssl, sbio, sbio);
+ }
+ else{
+ /* Assign the socket into the SSL structure (SSL and socket without BIO) */
+ SSL_set_fd(ssl, sock);
+ }
+
+ /* Perform SSL Handshake on the SSL client */
+ err = SSL_connect(ssl);
+ RETURN_SSL(err);
+
+ /* Informational output (optional) */
+ printf ("SSL connection using %s\n", SSL_get_cipher (ssl));
+
+
+ /* Get the server's certificate (optional) */
+ server_cert = SSL_get_peer_certificate (ssl);
+
+ if (server_cert != NULL)
+ {
+ printf ("Server certificate:\n");
+
+ str = X509_NAME_oneline(X509_get_subject_name(server_cert),0,0);
+ RETURN_NULL(str);
+ printf ("\t subject: %s\n", str);
+ free (str);
+
+ str = X509_NAME_oneline(X509_get_issuer_name(server_cert),0,0);
+ RETURN_NULL(str);
+ printf ("\t issuer: %s\n", str);
+ free(str);
+
+ X509_free (server_cert);
+ }
+ else
+ printf("The SSL server does not have certificate.\n");
+
+
+ /*--------------- DATA EXCHANGE - send message and receive reply. ---------------*/
+
+ /* Send data to the SSL server */
+ err = SSL_write(ssl, hello, strlen(hello));
+ RETURN_SSL(err);
+
+ /* Receive data from the SSL client */
+ err = SSL_read(ssl, buf, sizeof(buf)-1);
+ RETURN_SSL(err);
+ buf[err] = '\0';
+ printf ("Received %d chars:'%s'\n", err, buf);
+
+ sess = SSL_get_session(ssl);
+ printf("Before Renegotiation: SSL_SESSION_hash(sess) >> %d\n", SSL_SESSION_hash(sess));
+
+ /*--------------- SSL Renegotiation initiated by server ---------------*/
+ printf("\n>> Starting Renegotiation 1 (initiated by the server) \n");
+
+ /* Receive Handshake message from Server for SSL Renegotiation */
+ err = SSL_read(ssl, buf, sizeof(buf)-1);
+ switch(SSL_get_error(ssl,err)){
+ case SSL_ERROR_WANT_READ:
+ printf(">> SSL Renegotiation succeeded\n");
+ break;
+ default:
+ printf(">> SSL Renegotiation failed\n");
+ exit(1);
+ }
+
+ sess = SSL_get_session(ssl);
+ printf("After Renegotiation: SSL_SESSION_hash(sess) >> %d\n", SSL_SESSION_hash(sess));
+
+ /* Send a message to Server */
+ err = SSL_write(ssl, "Message from Client after Rehandshake", strlen("Message from Client after Rehandshake"));
+ RETURN_SSL(err);
+
+ /* Receive a message from Server */
+ err = SSL_read(ssl, buf, sizeof(buf)-1);
+ RETURN_SSL(err);
+
+ buf[err] = '\0';
+ printf("Received %d chars:'%s'\n", err, buf);
+
+ /*--------------- SSL Renegotiation initiated by client ---------------*/
+ printf("\n>> Starting Renegotiation 2 (initiated by the client)\n");
+
+ if(SSL_renegotiate(ssl)<=0){
+ printf("SSL_renegotiate() failed.\n");
+ exit(1);
+ }
+
+ if(SSL_do_handshake(ssl)<=0){
+ printf("SSL_do_handshake() failed.\n");
+ exit(1);
+ }
+
+ printf(">> SSL Renegotiation succeeded\n");
+
+ sess = SSL_get_session(ssl);
+ printf("After Renegotiation: SSL_SESSION_hash(sess) >> %d\n", SSL_SESSION_hash(sess));
+
+ /* Send a message to Server */
+ err = SSL_write(ssl, "Message from Client after Rehandshake", strlen("Message from Client after Rehandshake"));
+ RETURN_SSL(err);
+
+ /* Receive a message from Server */
+ err = SSL_read(ssl, buf, sizeof(buf)-1);
+ RETURN_SSL(err);
+
+ buf[err] = '\0';
+ printf("Received %d chars:'%s'\n", err, buf);
+
+ /*--------------- SSL closure ---------------*/
+ /* Shutdown this side of the SSL connection */
+ err = SSL_shutdown(ssl);
+ RETURN_SSL(err);
+
+ /* Terminate communication on a socket */
+ err = close(sock);
+ RETURN_ERR(err, "close");
+
+ /* Free the SSL structure */
+ SSL_free(ssl);
+
+ /* Free the SSL_CTX structure */
+ SSL_CTX_free(ctx);
+}
+
diff --git a/demos/vms_examples/ssl$cli_sess_renego_cli_ver.c b/demos/vms_examples/ssl$cli_sess_renego_cli_ver.c
new file mode 100644
index 0000000000..44aba7be11
--- /dev/null
+++ b/demos/vms_examples/ssl$cli_sess_renego_cli_ver.c
@@ -0,0 +1,360 @@
+/*
+ * ++
+ * FACILITY:
+ *
+ * Simplest SSL Server + "Socket BIO" + "client certificate verification" + "SSL Renegotiation"
+ *
+ * ABSTRACT:
+ *
+ * This is an example of a SSL client with minimum functionality.
+ * This client uses Socket BIO.
+ * The socket APIs are used to handle TCP/IP operations.
+ *
+ * This SSL client verifies the server's certificate against the CA
+ * certificate loaded in the client.
+ *
+ * This SSL client loads its own certificate and key for the
+ * client certificate verification on the SSL server.
+ *
+ * This SSL client also demonstrates how to implement SSL Session Renegotiation
+ * in the client.
+ *
+ * ENVIRONMENT:
+ *
+ * OpenVMS Alpha V7.2-2
+ * TCP/IP Services V5.0A or higher
+ *
+ * AUTHOR:
+ *
+ * Taka Shinagawa, OpenVMS Security Group
+ *
+ * CREATION DATE:
+ *
+ * 1-Jan-2002
+ *
+ * --
+ */
+
+/* Assumptions, Build, Configuration, and Execution Instructions */
+
+/*
+ * ASSUMPTIONS:
+ *
+ * The following are assumed to be true for the
+ * execution of this program to succeed:
+ *
+ * - SSL is installed and started on this system.
+ *
+ * - this server program, and its accompanying client
+ * program are run on the same system, but in different
+ * processes.
+ *
+ * - the certificate and keys referenced by this program
+ * reside in the same directory as this program. There
+ * is a command procedure, SSL$EXAMPLES_SETUP.COM, to
+ * help set up the certificates and keys.
+ *
+ * BUILD INSTRUCTIONS:
+ *
+ * To build this example program use commands of the form,
+ *
+ * For a 32-bit application using only SSL APIs needs to run the following commands for SSL_APP.C .
+ * -----------------------------------------------------------------
+ * $CC/POINTER_SIZE=32/PREFIX_LIBRARY_ENTRIES=ALL_ENTRIES SSL_APP.C
+ * $LINK SSL_APP.OBJ, VMS_DECC_OPTIONS.OPT/OPT
+ * -----------------------------------------------------------------
+ * VMS_DECC_OPTIONS.OPT should include the following lines.
+ * -------------------------------------------------
+ * SYS$LIBRARY:OPENSSL$LIBCRYPTO_SHR32.EXE/SHARE
+ * SYS$LIBRARY:OPENSSL$LIBSSL_SHR32.EXE/SHARE
+ * -------------------------------------------------
+ *
+ * Creating a 64-bit application of SSL_APP.C should run the following commands.
+ * -----------------------------------------------------------------
+ * $CC/POINTER_SIZE=64/PREFIX_LIBRARY_ENTRIES=ALL_ENTRIES SSL_APP.C
+ * $LINK SSL_APP.OBJ, VMS_DECC_OPTIONS.OPT/OPT
+ * -----------------------------------------------------------------
+ * VMS_DECC_OPTIONS.OPT should include the following lines.
+ * -------------------------------------------------
+ * SYS$LIBRARY:OPENSSL$LIBCRYPTO_SHR.EXE/SHARE
+ * SYS$LIBRARY:OPENSSL$LIBSSL_SHR.EXE/SHARE
+ * -------------------------------------------------
+ *
+ *
+ * CONFIGURATION INSTRUCTIONS:
+ *
+ *
+ * RUN INSTRUCTIONS:
+ *
+ * To run this example program:
+ *
+ * 1) Start the server program on this system,
+ *
+ * $ run server
+ *
+ * 2) Start the client program on this same system,
+ *
+ * $ run client
+ *
+ */
+
+
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+#include <netdb.h>
+#include <unistd.h>
+
+#ifdef __VMS
+#include <socket.h>
+#include <inet.h>
+#include <in.h>
+#else
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#endif
+
+#include <openssl/crypto.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
+#define RETURN_NULL(x) if ((x)==NULL) exit (1)
+#define RETURN_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
+#define RETURN_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(1); }
+
+static int verify_callback(int ok, X509_STORE_CTX *ctx);
+
+#define RSA_CLIENT_CERT "client.crt"
+#define RSA_CLIENT_KEY "client.key"
+
+#define RSA_CLIENT_CA_CERT "client_ca.crt"
+#define RSA_CLIENT_CA_PATH "sys$common:[syshlp.examples.ssl"
+
+#define ON 1
+#define OFF 0
+
+void main()
+{
+ int err;
+ int verify_client = ON; /* To verify a client certificate, set ON */
+
+ int sock;
+ struct sockaddr_in server_addr;
+ char *str;
+ char buf [4096];
+ char hello[80];
+
+ SSL_CTX *ctx;
+ SSL *ssl;
+ SSL_METHOD *meth;
+ X509 *server_cert;
+ BIO *sbio = NULL;
+ SSL_SESSION *sess = NULL;
+
+ EVP_PKEY *pkey;
+
+ short int s_port = 5555;
+ const char *s_ipaddr = "127.0.0.1";
+
+ /*----------------------------------------------------------*/
+ printf ("Message to be sent to the SSL server: ");
+ fgets (hello, 80, stdin);
+
+ /* Load encryption & hashing algorithms for the SSL program */
+ SSL_library_init();
+
+ /* Load the error strings for SSL & CRYPTO APIs */
+ SSL_load_error_strings();
+
+ /* Create a SSL_METHOD structure (choose a SSL/TLS protocol version) */
+ meth = TLSv1_method();
+
+ /* Create a SSL_CTX structure */
+ ctx = SSL_CTX_new(meth);
+ RETURN_NULL(ctx);
+
+ /*-------------------------------------------------------------------------*/
+ if(verify_client == ON)
+ {
+ /* Load the client certificate into the SSL_CTX structure */
+ if (SSL_CTX_use_certificate_file(ctx, RSA_CLIENT_CERT, SSL_FILETYPE_PEM) <= 0) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Load the private-key corresponding to the client certificate */
+ if (SSL_CTX_use_PrivateKey_file(ctx, RSA_CLIENT_KEY, SSL_FILETYPE_PEM) <= 0) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Check if the client certificate and private-key matches */
+ if (!SSL_CTX_check_private_key(ctx)) {
+ fprintf(stderr,"Private key does not match the certificate public key\n");
+ exit(1);
+ }
+ }
+
+ /* Load the RSA CA certificate into the SSL_CTX structure */
+ if (!SSL_CTX_load_verify_locations(ctx, RSA_CLIENT_CA_CERT, NULL)) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Set to require peer (server) certificate verification */
+ SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER,NULL);
+ SSL_CTX_set_verify_depth(ctx,1);
+
+ /* ----------------------------------------------------------------- */
+ /* Set up a TCP socket */
+
+ sock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
+ RETURN_ERR(sock, "socket");
+
+ memset(&server_addr, '\0', sizeof(server_addr));
+ server_addr.sin_family = AF_INET;
+ server_addr.sin_port = htons(s_port); /* Server Port number */
+ server_addr.sin_addr.s_addr = inet_addr(s_ipaddr); /* Server IP */
+
+ /* Establish a TCP/IP connection to the SSL client */
+ err = connect(sock, (struct sockaddr*) &server_addr, sizeof(server_addr));
+ RETURN_ERR(err, "connect");
+
+ /* ----------------------------------------------- */
+ /* A SSL structure is created */
+ ssl = SSL_new (ctx);
+ RETURN_NULL(ssl);
+
+ if(1){ /* Use a socket BIO between the socket and SSL structure */
+ /* Create a socket BIO */
+ sbio = BIO_new_socket(sock, BIO_NOCLOSE);
+
+ /* Assign the socket BIO to the SSL structure*/
+ SSL_set_bio(ssl, sbio, sbio);
+ }
+ else{
+ /* Assign the socket into the SSL structure (SSL and socket without BIO) */
+ SSL_set_fd(ssl, sock);
+ }
+
+ /* Perform SSL Handshake on the SSL client */
+ err = SSL_connect(ssl);
+ RETURN_SSL(err);
+
+ /* Informational output (optional) */
+ printf ("SSL connection using %s\n", SSL_get_cipher (ssl));
+
+
+ /* Get the server's certificate (optional) */
+ server_cert = SSL_get_peer_certificate (ssl);
+
+ if (server_cert != NULL)
+ {
+ printf ("Server certificate:\n");
+
+ str = X509_NAME_oneline(X509_get_subject_name(server_cert),0,0);
+ RETURN_NULL(str);
+ printf ("\t subject: %s\n", str);
+ free (str);
+
+ str = X509_NAME_oneline(X509_get_issuer_name(server_cert),0,0);
+ RETURN_NULL(str);
+ printf ("\t issuer: %s\n", str);
+ free(str);
+
+ X509_free (server_cert);
+ }
+ else
+ printf("The SSL server does not have certificate.\n");
+
+
+ /*--------------- DATA EXCHANGE - send message and receive reply. ---------------*/
+
+ /* Send data to the SSL server */
+ err = SSL_write(ssl, hello, strlen(hello));
+ RETURN_SSL(err);
+
+ /* Receive data from the SSL client */
+ err = SSL_read(ssl, buf, sizeof(buf)-1);
+ RETURN_SSL(err);
+ buf[err] = '\0';
+ printf ("Received %d chars:'%s'\n", err, buf);
+
+ sess = SSL_get_session(ssl);
+ printf("Before Renegotiation: SSL_SESSION_hash(sess) >> %d\n", SSL_SESSION_hash(sess));
+
+ /*--------------- SSL Renegotiation initiated by server ---------------*/
+ printf("\n>> Starting Renegotiation 1 (initiated by the server) \n");
+
+ /* Receive Handshake message from Server for SSL Renegotiation */
+ err = SSL_read(ssl, buf, sizeof(buf)-1);
+ switch(SSL_get_error(ssl,err)){
+ case SSL_ERROR_WANT_READ:
+ printf(">> SSL Renegotiation succeeded\n");
+ break;
+ default:
+ printf(">> SSL Renegotiation failed\n");
+ exit(1);
+ }
+
+ sess = SSL_get_session(ssl);
+ printf("After Renegotiation: SSL_SESSION_hash(sess) >> %d\n", SSL_SESSION_hash(sess));
+
+ /* Send a message to Server */
+ err = SSL_write(ssl, "Message from Client after Rehandshake", strlen("Message from Client after Rehandshake"));
+ RETURN_SSL(err);
+
+ /* Receive a message from Server */
+ err = SSL_read(ssl, buf, sizeof(buf)-1);
+ RETURN_SSL(err);
+
+ buf[err] = '\0';
+ printf("Received %d chars:'%s'\n", err, buf);
+
+ /*--------------- SSL Renegotiation initiated by client ---------------*/
+ printf("\n>> Starting Renegotiation 2 (initiated by the client)\n");
+
+ if(SSL_renegotiate(ssl)<=0){
+ printf("SSL_renegotiate() failed.\n");
+ exit(1);
+ }
+
+ if(SSL_do_handshake(ssl)<=0){
+ printf("SSL_do_handshake() failed.\n");
+ exit(1);
+ }
+
+ printf(">> SSL Renegotiation succeeded\n");
+
+ sess = SSL_get_session(ssl);
+ printf("After Renegotiation: SSL_SESSION_hash(sess) >> %d\n", SSL_SESSION_hash(sess));
+
+ /* Send a message to Server */
+ err = SSL_write(ssl, "Message from Client after Rehandshake", strlen("Message from Client after Rehandshake"));
+ RETURN_SSL(err);
+
+ /* Receive a message from Server */
+ err = SSL_read(ssl, buf, sizeof(buf)-1);
+ RETURN_SSL(err);
+
+ buf[err] = '\0';
+ printf("Received %d chars:'%s'\n", err, buf);
+
+ /*--------------- SSL closure ---------------*/
+ /* Shutdown this side of the SSL connection */
+ err = SSL_shutdown(ssl);
+ RETURN_SSL(err);
+
+ /* Terminate communication on a socket */
+ err = close(sock);
+ RETURN_ERR(err, "close");
+
+ /* Free the SSL structure */
+ SSL_free(ssl);
+
+ /* Free the SSL_CTX structure */
+ SSL_CTX_free(ctx);
+}
+
diff --git a/demos/vms_examples/ssl$cli_sess_reuse.c b/demos/vms_examples/ssl$cli_sess_reuse.c
new file mode 100644
index 0000000000..982508da53
--- /dev/null
+++ b/demos/vms_examples/ssl$cli_sess_reuse.c
@@ -0,0 +1,319 @@
+/*
+ * ++
+ * FACILITY:
+ *
+ * Simplest SSL Client + "Socket BIO" + "Session Reuse (Resumption)"
+ *
+ * ABSTRACT:
+ *
+ * This is an example of a SSL client with minimum functionality.
+ * This client uses Socket BIO.
+ * The socket APIs are used to handle TCP/IP operations.
+ *
+ * This SSL client verifies the server's certificate against the CA
+ * certificate loaded in the client.
+ *
+ * This SSL client does not load its own certificate and key because
+ * the SSL server does not request & verify the client certificate.
+ *
+ * This SSL client also demonstrates how to implement SSL Session Reuse (Resumption)
+ * in the client.
+ *
+ * ENVIRONMENT:
+ *
+ * OpenVMS Alpha V7.2-2
+ * TCP/IP Services V5.0A or higher
+ *
+ * AUTHOR:
+ *
+ * Taka Shinagawa, OpenVMS Security Group
+ *
+ * CREATION DATE:
+ *
+ * 1-Jan-2002
+ *
+ * --
+ */
+
+/* Assumptions, Build, Configuration, and Run Instructions */
+
+/*
+ * ASSUMPTIONS:
+ *
+ * The following are assumed to be true for the
+ * execution of this program to succeed:
+ *
+ * - SSL is installed and started on this system.
+ *
+ * - this server program, and its accompanying client
+ * program are run on the same system, but in different
+ * processes.
+ *
+ * - the certificate and keys referenced by this program
+ * reside in the same directory as this program. There
+ * is a command procedure, SSL$EXAMPLES_SETUP.COM, to
+ * help set up the certificates and keys.
+ *
+ * BUILD INSTRUCTIONS:
+ *
+ * To build this example program use commands of the form,
+ *
+ * For a 32-bit application using only SSL APIs needs to run the following commands for SSL_APP.C .
+ * -----------------------------------------------------------------
+ * $CC/POINTER_SIZE=32/PREFIX_LIBRARY_ENTRIES=ALL_ENTRIES SSL_APP.C
+ * $LINK SSL_APP.OBJ, VMS_DECC_OPTIONS.OPT/OPT
+ * -----------------------------------------------------------------
+ * VMS_DECC_OPTIONS.OPT should include the following lines.
+ * -------------------------------------------------
+ * SYS$LIBRARY:OPENSSL$LIBCRYPTO_SHR32.EXE/SHARE
+ * SYS$LIBRARY:OPENSSL$LIBSSL_SHR32.EXE/SHARE
+ * -------------------------------------------------
+ *
+ * Creating a 64-bit application of SSL_APP.C should run the following commands.
+ * -----------------------------------------------------------------
+ * $CC/POINTER_SIZE=64/PREFIX_LIBRARY_ENTRIES=ALL_ENTRIES SSL_APP.C
+ * $LINK SSL_APP.OBJ, VMS_DECC_OPTIONS.OPT/OPT
+ * -----------------------------------------------------------------
+ * VMS_DECC_OPTIONS.OPT should include the following lines.
+ * -------------------------------------------------
+ * SYS$LIBRARY:OPENSSL$LIBCRYPTO_SHR.EXE/SHARE
+ * SYS$LIBRARY:OPENSSL$LIBSSL_SHR.EXE/SHARE
+ * -------------------------------------------------
+ *
+ *
+ * CONFIGURATION INSTRUCTIONS:
+ *
+ *
+ * RUN INSTRUCTIONS:
+ *
+ * To run this example program:
+ *
+ * 1) Start the server program on this system,
+ *
+ * $ run server
+ *
+ * 2) Start the client program on this same system,
+ *
+ * $ run client
+ *
+ */
+
+
+
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+#include <netdb.h>
+#include <unistd.h>
+
+#ifdef __VMS
+#include <socket.h>
+#include <inet.h>
+#include <in.h>
+#else
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#endif
+
+#include <openssl/crypto.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
+#define RETURN_NULL(x) if ((x)==NULL) exit (1)
+#define RETURN_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
+#define RETURN_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(1); }
+
+static int verify_callback(int ok, X509_STORE_CTX *ctx);
+
+#define RSA_CLIENT_CERT "client.crt"
+#define RSA_CLIENT_KEY "client.key"
+
+#define RSA_CLIENT_CA_CERT "client_ca.crt"
+#define RSA_CLIENT_CA_PATH "sys$common:[syshlp.examples.ssl]"
+
+#define ON 1
+#define OFF 0
+
+void main()
+{
+ int err, i;
+ int verify_client = OFF; /* To verify a client certificate, set ON */
+
+ int sock;
+ struct sockaddr_in server_addr;
+ char *str;
+ char buf [4096];
+ char hello[80];
+
+ SSL_CTX *ctx;
+ SSL *ssl;
+ SSL_METHOD *meth;
+ X509 *server_cert;
+ BIO *sbio = NULL;
+ SSL_SESSION *sess;
+
+ EVP_PKEY *pkey;
+
+ short int s_port = 5555;
+ const char *s_ipaddr = "127.0.0.1";
+
+ /*----------------------------------------------------------*/
+ printf ("Message to be sent to the SSL server: ");
+ fgets (hello, 80, stdin);
+
+ /* Load encryption & hashing algorithms for the SSL program */
+ SSL_library_init();
+
+ /* Load the error strings for SSL & CRYPTO APIs */
+ SSL_load_error_strings();
+
+ /* Create a SSL_METHOD structure (choose a SSL/TLS protocol version) */
+ meth = SSLv3_method();
+
+ /* Create a SSL_CTX structure */
+ ctx = SSL_CTX_new(meth);
+ RETURN_NULL(ctx);
+
+ /*-------------------------------------------------------------------------*/
+ if(verify_client == ON)
+ {
+ /* Load the client certificate into the SSL_CTX structure */
+ if (SSL_CTX_use_certificate_file(ctx, RSA_CLIENT_CERT, SSL_FILETYPE_PEM) <= 0) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Load the private-key corresponding to the client certificate */
+ if (SSL_CTX_use_PrivateKey_file(ctx, RSA_CLIENT_KEY, SSL_FILETYPE_PEM) <= 0) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Check if the client certificate and private-key matches */
+ if (!SSL_CTX_check_private_key(ctx)) {
+ fprintf(stderr,"Private key does not match the certificate public key\n");
+ exit(1);
+ }
+ }
+
+ /* Load the RSA CA certificate into the SSL_CTX structure */
+ if (!SSL_CTX_load_verify_locations(ctx, RSA_CLIENT_CA_CERT, NULL)) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Set to require peer (server) certificate verification */
+ SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER,NULL);
+ SSL_CTX_set_verify_depth(ctx,1);
+
+ for(i=0; i<2; i++)
+ {
+ /* ----------------------------------------------------------------- */
+ /* Set up a TCP socket */
+
+ sock = socket (PF_INET, SOCK_STREAM, IPPROTO_TCP);
+ RETURN_ERR(sock, "socket");
+
+ memset (&server_addr, '\0', sizeof(server_addr));
+ server_addr.sin_family = AF_INET;
+ server_addr.sin_port = htons(s_port); /* Server Port number */
+ server_addr.sin_addr.s_addr = inet_addr(s_ipaddr); /* Server IP */
+
+ /* Establish a TCP/IP connection to the SSL client */
+ err = connect(sock, (struct sockaddr*) &server_addr, sizeof(server_addr));
+ RETURN_ERR(err, "connect");
+
+ /* ----------------------------------------------- */
+ /* A SSL structure is created */
+ ssl = SSL_new (ctx);
+ RETURN_NULL(ssl);
+
+ if(1){ /* Use a socket BIO between the socket and SSL structure */
+ /* Create a socket BIO */
+ sbio = BIO_new_socket(sock, BIO_NOCLOSE);
+
+ /* Assign the socket BIO to the SSL structure*/
+ SSL_set_bio(ssl, sbio, sbio);
+ }
+ else{
+ /* Assign the socket into the SSL structure (SSL and socket without BIO) */
+ SSL_set_fd(ssl, sock);
+ }
+
+ if(i==1)
+ SSL_set_session(ssl,sess);
+
+ /* Perform SSL Handshake on the SSL client */
+ err = SSL_connect(ssl);
+ RETURN_SSL(err);
+
+ /* Informational output (optional) */
+ printf ("SSL connection using %s\n", SSL_get_cipher (ssl));
+
+
+ /* Get the server's certificate (optional) */
+ server_cert = SSL_get_peer_certificate (ssl);
+
+ if (server_cert != NULL)
+ {
+ printf ("Server certificate:\n");
+
+ str = X509_NAME_oneline(X509_get_subject_name(server_cert),0,0);
+ RETURN_NULL(str);
+ printf ("\t subject: %s\n", str);
+ free (str);
+
+ str = X509_NAME_oneline(X509_get_issuer_name(server_cert),0,0);
+ RETURN_NULL(str);
+ printf ("\t issuer: %s\n", str);
+ free(str);
+
+ X509_free (server_cert);
+ }
+ else
+ printf("The SSL server does not have certificate.\n");
+
+
+ /*--------------- DATA EXCHANGE - send message and receive reply. ---------------*/
+
+ /* Send data to the SSL server */
+ err = SSL_write(ssl, hello, strlen(hello));
+ RETURN_SSL(err);
+
+ /* Receive data from the SSL client */
+ err = SSL_read(ssl, buf, sizeof(buf)-1);
+ RETURN_SSL(err);
+ buf[err] = '\0';
+ printf ("Received %d chars:'%s'\n", err, buf);
+
+ /*---------- Save the SSL session (for SSL session resumption) ----------*/
+ if(i==0){
+ sess = SSL_get1_session(ssl);
+ RETURN_NULL(sess);
+ }
+
+ /*--------------- SSL closure ---------------*/
+ /* Shutdown this side of the SSL conection */
+ err = SSL_shutdown(ssl);
+ RETURN_SSL(err);
+
+ /* Terminate communication on a socket */
+ err = close(sock);
+ RETURN_ERR(err, "close");
+
+ BIO_free(sbio);
+ }
+
+ printf("SSL_session_reused()>>%d\n",SSL_session_reused(ssl));
+
+ SSL_SESSION_free(sess);
+
+ /* Free the SSL structure */
+ SSL_free(ssl);
+
+ /* Free the SSL_CTX structure */
+ SSL_CTX_free(ctx);
+}
+
diff --git a/demos/vms_examples/ssl$cli_sess_reuse_cli_ver.c b/demos/vms_examples/ssl$cli_sess_reuse_cli_ver.c
new file mode 100644
index 0000000000..f235867959
--- /dev/null
+++ b/demos/vms_examples/ssl$cli_sess_reuse_cli_ver.c
@@ -0,0 +1,322 @@
+/*
+ * ++
+ * FACILITY:
+ *
+ * Simplest SSL Server + "Socket BIO" + "client certificate verification" + "Session Reuse (Resumption)"
+ *
+ * ABSTRACT:
+ *
+ * This is an example of a SSL client with minimum functionality.
+ * This client uses Socket BIO.
+ * The socket APIs are used to handle TCP/IP operations.
+ *
+ * This SSL client verifies the server's certificate against the CA
+ * certificate loaded in the client.
+ *
+ * This SSL client loads its own certificate and key for the
+ * client certificate verification on the SSL server.
+ *
+ * This SSL client also demonstrates how to implement SSL Session Reuse (Resumption)
+ * in the client.
+ *
+ * ENVIRONMENT:
+ *
+ * OpenVMS Alpha V7.2-2
+ * TCP/IP Services V5.0A or higher
+ *
+ * AUTHOR:
+ *
+ * Taka Shinagawa, OpenVMS Security Group
+ *
+ * CREATION DATE:
+ *
+ * 1-Jan-2002
+ *
+ * --
+ */
+
+/* Assumptions, Build, Configuration, and Execution Instructions */
+
+/*
+ * ASSUMPTIONS:
+ *
+ * The following are assumed to be true for the
+ * execution of this program to succeed:
+ *
+ * - SSL is installed and started on this system.
+ *
+ * - this server program, and its accompanying client
+ * program are run on the same system, but in different
+ * processes.
+ *
+ * - the certificate and keys referenced by this program
+ * reside in the same directory as this program. There
+ * is a command procedure, SSL$EXAMPLES_SETUP.COM, to
+ * help set up the certificates and keys.
+ *
+ * BUILD INSTRUCTIONS:
+ *
+ * To build this example program use commands of the form,
+ *
+ * For a 32-bit application using only SSL APIs needs to run the following commands for SSL_APP.C .
+ * -----------------------------------------------------------------
+ * $CC/POINTER_SIZE=32/PREFIX_LIBRARY_ENTRIES=ALL_ENTRIES SSL_APP.C
+ * $LINK SSL_APP.OBJ, VMS_DECC_OPTIONS.OPT/OPT
+ * -----------------------------------------------------------------
+ * VMS_DECC_OPTIONS.OPT should include the following lines.
+ * -------------------------------------------------
+ * SYS$LIBRARY:OPENSSL$LIBCRYPTO_SHR32.EXE/SHARE
+ * SYS$LIBRARY:OPENSSL$LIBSSL_SHR32.EXE/SHARE
+ * -------------------------------------------------
+ *
+ * Creating a 64-bit application of SSL_APP.C should run the following commands.
+ * -----------------------------------------------------------------
+ * $CC/POINTER_SIZE=64/PREFIX_LIBRARY_ENTRIES=ALL_ENTRIES SSL_APP.C
+ * $LINK SSL_APP.OBJ, VMS_DECC_OPTIONS.OPT/OPT
+ * -----------------------------------------------------------------
+ * VMS_DECC_OPTIONS.OPT should include the following lines.
+ * -------------------------------------------------
+ * SYS$LIBRARY:OPENSSL$LIBCRYPTO_SHR.EXE/SHARE
+ * SYS$LIBRARY:OPENSSL$LIBSSL_SHR.EXE/SHARE
+ * -------------------------------------------------
+ *
+ *
+ * CONFIGURATION INSTRUCTIONS:
+ *
+ *
+ * RUN INSTRUCTIONS:
+ *
+ * To run this example program:
+ *
+ * 1) Start the server program on this system,
+ *
+ * $ run server
+ *
+ * 2) Start the client program on this same system,
+ *
+ * $ run client
+ *
+ */
+
+
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+#include <netdb.h>
+#include <unistd.h>
+
+#ifdef __VMS
+#include <socket.h>
+#include <inet.h>
+#include <in.h>
+#else
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#endif
+
+#include <openssl/crypto.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
+#define RETURN_NULL(x) if ((x)==NULL) exit (1)
+#define RETURN_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
+#define RETURN_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(1); }
+
+static int verify_callback(int ok, X509_STORE_CTX *ctx);
+
+#define RSA_CLIENT_CERT "client.crt"
+#define RSA_CLIENT_KEY "client.key"
+
+#define RSA_CLIENT_CA_CERT "client_ca.crt"
+#define RSA_CLIENT_CA_PATH "sys$common:[syshlp.examples.ssl]"
+
+#define ON 1
+#define OFF 0
+
+void main()
+{
+ int err, i;
+ int verify_client = ON; /* To verify a client certificate, set ON */
+
+ int sock;
+ struct sockaddr_in server_addr;
+ char *str;
+ char buf [4096];
+ char hello[80];
+
+ SSL_CTX *ctx;
+ SSL *ssl;
+ SSL_METHOD *meth;
+ X509 *server_cert;
+ BIO *sbio = NULL;
+ SSL_SESSION *sess;
+
+ EVP_PKEY *pkey;
+
+ short int s_port = 5555;
+ const char *s_ipaddr = "127.0.0.1";
+
+ /*----------------------------------------------------------*/
+ printf ("Message to be sent to the SSL server: ");
+ fgets (hello, 80, stdin);
+
+ /* Load encryption & hashing algorithms for the SSL program */
+ SSL_library_init();
+
+ /* Load the error strings for SSL & CRYPTO APIs */
+ SSL_load_error_strings();
+
+ /* Create a SSL_METHOD structure (choose a SSL/TLS protocol version) */
+ meth = SSLv3_method();
+
+ /* Create a SSL_CTX structure */
+ ctx = SSL_CTX_new(meth);
+ RETURN_NULL(ctx);
+
+ /*-------------------------------------------------------------------------*/
+ if(verify_client == ON)
+ {
+ /* Load the client certificate into the SSL_CTX structure */
+ if (SSL_CTX_use_certificate_file(ctx, RSA_CLIENT_CERT, SSL_FILETYPE_PEM) <= 0) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Load the private-key corresponding to the client certificate */
+ if (SSL_CTX_use_PrivateKey_file(ctx, RSA_CLIENT_KEY, SSL_FILETYPE_PEM) <= 0) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Check if the client certificate and private-key matches */
+ if (!SSL_CTX_check_private_key(ctx)) {
+ fprintf(stderr,"Private key does not match the certificate public key\n");
+ exit(1);
+ }
+ }
+
+ /* Load the RSA CA certificate into the SSL_CTX structure */
+ if (!SSL_CTX_load_verify_locations(ctx, RSA_CLIENT_CA_CERT, NULL)) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Set to require peer (server) certificate verification */
+ SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER,NULL);
+ SSL_CTX_set_verify_depth(ctx,1);
+
+ for(i=0; i<2; i++)
+ {
+ /* ----------------------------------------------------------------- */
+ /* Set up a TCP socket */
+
+ sock = socket (PF_INET, SOCK_STREAM, IPPROTO_TCP);
+ RETURN_ERR(sock, "socket");
+
+ memset (&server_addr, '\0', sizeof(server_addr));
+ server_addr.sin_family = AF_INET;
+ server_addr.sin_port = htons(s_port); /* Server Port number */
+ server_addr.sin_addr.s_addr = inet_addr(s_ipaddr); /* Server IP */
+
+ /* Establish a TCP/IP connection to the SSL client */
+ err = connect(sock, (struct sockaddr*) &server_addr, sizeof(server_addr));
+ RETURN_ERR(err, "connect");
+
+ /* ----------------------------------------------- */
+ /* A SSL structure is created */
+ ssl = SSL_new (ctx);
+ RETURN_NULL(ssl);
+
+ if(1){ /* Use a socket BIO between the socket and SSL structure */
+ /* Create a socket BIO */
+ sbio = BIO_new_socket(sock, BIO_NOCLOSE);
+
+ /* Assign the socket BIO to the SSL structure*/
+ SSL_set_bio(ssl, sbio, sbio);
+ }
+ else{
+ /* Assign the socket into the SSL structure (SSL and socket without BIO) */
+ SSL_set_fd(ssl, sock);
+ }
+
+ if(i==1)
+ SSL_set_session(ssl,sess);
+
+ /* Perform SSL Handshake on the SSL client */
+ err = SSL_connect(ssl);
+ RETURN_SSL(err);
+
+ /* Informational output (optional) */
+ printf ("SSL connection using %s\n", SSL_get_cipher (ssl));
+
+
+ /* Get the server's certificate (optional) */
+ server_cert = SSL_get_peer_certificate (ssl);
+
+ if (server_cert != NULL)
+ {
+ printf ("Server certificate:\n");
+
+ str = X509_NAME_oneline(X509_get_subject_name(server_cert),0,0);
+ RETURN_NULL(str);
+ printf ("\t subject: %s\n", str);
+ free (str);
+
+ str = X509_NAME_oneline(X509_get_issuer_name(server_cert),0,0);
+ RETURN_NULL(str);
+ printf ("\t issuer: %s\n", str);
+ free(str);
+
+ X509_free (server_cert);
+ }
+ else
+ printf("The SSL server does not have certificate.\n");
+
+
+ /*--------------- DATA EXCHANGE - send message and receive reply. ---------------*/
+
+ /* Send data to the SSL server */
+ err = SSL_write(ssl, hello, strlen(hello));
+ RETURN_SSL(err);
+
+ /* Receive data from the SSL client */
+ err = SSL_read(ssl, buf, sizeof(buf)-1);
+ RETURN_SSL(err);
+ buf[err] = '\0';
+ printf ("Received %d chars:'%s'\n", err, buf);
+
+ /*---------- Save the SSL session (for SSL session resumption) ----------*/
+ if(i==0){
+ sess = SSL_get1_session(ssl);
+ RETURN_NULL(sess);
+ }
+
+ /*--------------- SSL closure ---------------*/
+ /* Shutdown this side of the SSL connection */
+ err = SSL_shutdown(ssl);
+ RETURN_SSL(err);
+
+ /* Terminate communication on a socket */
+ err = close(sock);
+ RETURN_ERR(err, "close");
+
+ BIO_free(sbio);
+ }
+
+ printf("SSL_session_reused()>>%d\n",SSL_session_reused(ssl));
+
+ SSL_SESSION_free(sess);
+
+ /* Terminate communication on a socket */
+/* err = close(sock);
+ RETURN_ERR(err, "close");
+*/
+ /* Free the SSL structure */
+ SSL_free(ssl);
+
+ /* Free the SSL_CTX structure */
+ SSL_CTX_free(ctx);
+}
+
diff --git a/demos/vms_examples/ssl$cli_verify_client.c b/demos/vms_examples/ssl$cli_verify_client.c
new file mode 100644
index 0000000000..f87a0cbf44
--- /dev/null
+++ b/demos/vms_examples/ssl$cli_verify_client.c
@@ -0,0 +1,296 @@
+/*
+ * ++
+ * FACILITY:
+ *
+ * Simplest SSL Client + "Socket BIO" + "client certificate verification"
+ *
+ * ABSTRACT:
+ *
+ * This is an example of a SSL client with minimum functionality (using Socket BIO).
+ * The socket APIs are used to handle TCP/IP operations.
+ *
+ * This SSL client verifies the server's certificate against the CA
+ * certificate loaded in the client.
+ *
+ * This SSL client loads its own certificate and key for the
+ * client certificate verification on the SSL server.
+ *
+ * ENVIRONMENT:
+ *
+ * OpenVMS Alpha V7.2-2
+ * TCP/IP Services V5.0A or higher
+ *
+ * AUTHOR:
+ *
+ * Taka Shinagawa, OpenVMS Security Group
+ *
+ * CREATION DATE:
+ *
+ * 1-Jan-2002
+ *
+ * --
+ */
+
+
+/* Assumptions, Build, Configuration, and Execution Instructions */
+
+/*
+ * ASSUMPTIONS:
+ *
+ * The following are assumed to be true for the
+ * execution of this program to succeed:
+ *
+ * - SSL is installed and started on this system.
+ *
+ * - this server program, and its accompanying client
+ * program are run on the same system, but in different
+ * processes.
+ *
+ * - the certificate and keys referenced by this program
+ * reside in the same directory as this program. There
+ * is a command procedure, SSL$EXAMPLES_SETUP.COM, to
+ * help set up the certificates and keys.
+ *
+ * BUILD INSTRUCTIONS:
+ *
+ * To build this example program use commands of the form,
+ *
+ * For a 32-bit application using only SSL APIs needs to run the following commands for SSL_APP.C .
+ * -----------------------------------------------------------------
+ * $CC/POINTER_SIZE=32/PREFIX_LIBRARY_ENTRIES=ALL_ENTRIES SSL_APP.C
+ * $LINK SSL_APP.OBJ, VMS_DECC_OPTIONS.OPT/OPT
+ * -----------------------------------------------------------------
+ * VMS_DECC_OPTIONS.OPT should include the following lines.
+ * -------------------------------------------------
+ * SYS$LIBRARY:OPENSSL$LIBCRYPTO_SHR32.EXE/SHARE
+ * SYS$LIBRARY:OPENSSL$LIBSSL_SHR32.EXE/SHARE
+ * -------------------------------------------------
+ *
+ * Creating a 64-bit application of SSL_APP.C should run the following commands.
+ * -----------------------------------------------------------------
+ * $CC/POINTER_SIZE=64/PREFIX_LIBRARY_ENTRIES=ALL_ENTRIES SSL_APP.C
+ * $LINK SSL_APP.OBJ, VMS_DECC_OPTIONS.OPT/OPT
+ * -----------------------------------------------------------------
+ * VMS_DECC_OPTIONS.OPT should include the following lines.
+ * -------------------------------------------------
+ * SYS$LIBRARY:OPENSSL$LIBCRYPTO_SHR.EXE/SHARE
+ * SYS$LIBRARY:OPENSSL$LIBSSL_SHR.EXE/SHARE
+ * -------------------------------------------------
+ *
+ *
+ * CONFIGURATION INSTRUCTIONS:
+ *
+ *
+ * RUN INSTRUCTIONS:
+ *
+ * To run this example program:
+ *
+ * 1) Start the server program,
+ *
+ * $ run server
+ *
+ * 2) Start the client program on this same system,
+ *
+ * $ run client
+ *
+ */
+
+
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+#include <netdb.h>
+#include <unistd.h>
+
+#ifdef __VMS
+#include <socket.h>
+#include <inet.h>
+#include <in.h>
+#else
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#endif
+
+#include <openssl/crypto.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
+#define RETURN_NULL(x) if ((x)==NULL) exit (1)
+#define RETURN_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
+#define RETURN_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(1); }
+
+static int verify_callback(int ok, X509_STORE_CTX *ctx);
+
+#define RSA_CLIENT_CERT "client.crt"
+#define RSA_CLIENT_KEY "client.key"
+
+#define RSA_CLIENT_CA_CERT "client_ca.crt"
+#define RSA_CLIENT_CA_PATH "sys$common:[syshlp.examples.ssl]"
+
+#define ON 1
+#define OFF 0
+
+void main()
+{
+ int err;
+ int verify_client = ON; /* To verify a client certificate, set ON */
+
+ int sock;
+ struct sockaddr_in server_addr;
+ char *str;
+ char buf [4096];
+ char hello[80];
+
+ SSL_CTX *ctx;
+ SSL *ssl;
+ SSL_METHOD *meth;
+ X509 *server_cert;
+ BIO *sbio = NULL;
+
+ EVP_PKEY *pkey;
+
+ short int s_port = 5555;
+ const char *s_ipaddr = "127.0.0.1";
+
+ /*----------------------------------------------------------*/
+ printf ("Message to be sent to the SSL server: ");
+ fgets (hello, 80, stdin);
+
+ /* Load encryption & hashing algorithms for the SSL program */
+ SSL_library_init();
+
+ /* Load the error strings for SSL & CRYPTO APIs */
+ SSL_load_error_strings();
+
+ /* Create a SSL_METHOD structure (choose a SSL/TLS protocol version) */
+ meth = SSLv3_method();
+
+ /* Create a SSL_CTX structure */
+ ctx = SSL_CTX_new(meth);
+ RETURN_NULL(ctx);
+
+ /*-------------------------------------------------------------------------*/
+ if(verify_client == ON)
+ {
+ /* Load the client certificate into the SSL_CTX structure */
+ if (SSL_CTX_use_certificate_file(ctx, RSA_CLIENT_CERT, SSL_FILETYPE_PEM) <= 0) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Load the private-key corresponding to the client certificate */
+ if (SSL_CTX_use_PrivateKey_file(ctx, RSA_CLIENT_KEY, SSL_FILETYPE_PEM) <= 0) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Check if the client certificate and private-key matches */
+ if (!SSL_CTX_check_private_key(ctx)) {
+ fprintf(stderr,"Private key does not match the certificate public key\n");
+ exit(1);
+ }
+ }
+
+ /* Load the RSA CA certificate into the SSL_CTX structure */
+ if (!SSL_CTX_load_verify_locations(ctx, RSA_CLIENT_CA_CERT, NULL)) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Set to require peer (server) certificate verification */
+ SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER,NULL);
+ SSL_CTX_set_verify_depth(ctx,1);
+
+ /* ----------------------------------------------------------------- */
+ /* Set up a TCP socket */
+
+ sock = socket (PF_INET, SOCK_STREAM, IPPROTO_TCP);
+ RETURN_ERR(sock, "socket");
+
+ memset (&server_addr, '\0', sizeof(server_addr));
+ server_addr.sin_family = AF_INET;
+ server_addr.sin_port = htons(s_port); /* Server Port number */
+ server_addr.sin_addr.s_addr = inet_addr(s_ipaddr); /* Server IP */
+
+ /* Establish a TCP/IP connection to the SSL client */
+ err = connect(sock, (struct sockaddr*) &server_addr, sizeof(server_addr));
+ RETURN_ERR(err, "connect");
+
+ /* ----------------------------------------------- */
+ /* A SSL structure is created */
+ ssl = SSL_new (ctx);
+ RETURN_NULL(ssl);
+
+ if(1){ /* Use a socket BIO between the socket and SSL structure */
+ /* Create a socket BIO */
+ sbio = BIO_new_socket(sock, BIO_NOCLOSE);
+
+ /* Assign the socket BIO to the SSL structure*/
+ SSL_set_bio(ssl, sbio, sbio);
+ }
+ else{
+ /* Assign the socket into the SSL structure (SSL and socket without BIO) */
+ SSL_set_fd(ssl, sock);
+ }
+
+ /* Perform SSL Handshake on the SSL client */
+ err = SSL_connect(ssl);
+ RETURN_SSL(err);
+
+ /* Informational output (optional) */
+ printf ("SSL connection using %s\n", SSL_get_cipher (ssl));
+
+
+ /* Get the server's certificate (optional) */
+ server_cert = SSL_get_peer_certificate (ssl);
+
+ if (server_cert != NULL)
+ {
+ printf ("Server certificate:\n");
+
+ str = X509_NAME_oneline(X509_get_subject_name(server_cert),0,0);
+ RETURN_NULL(str);
+ printf ("\t subject: %s\n", str);
+ free (str);
+
+ str = X509_NAME_oneline(X509_get_issuer_name(server_cert),0,0);
+ RETURN_NULL(str);
+ printf ("\t issuer: %s\n", str);
+ free(str);
+
+ X509_free (server_cert);
+ }
+ else
+ printf("The SSL server does not have certificate.\n");
+
+
+ /*--------------- DATA EXCHANGE - send message and receive reply. ---------------*/
+
+ /* Send data to the SSL server */
+ err = SSL_write(ssl, hello, strlen(hello));
+ RETURN_SSL(err);
+
+ /* Receive data from the SSL client */
+ err = SSL_read(ssl, buf, sizeof(buf)-1);
+ RETURN_SSL(err);
+ buf[err] = '\0';
+ printf ("Received %d chars:'%s'\n", err, buf);
+
+ /*--------------- SSL closure ---------------*/
+ /* Shutdown this side of the SSL connection */
+ err = SSL_shutdown(ssl);
+ RETURN_SSL(err);
+
+ /* Terminate communication on a socket */
+ err = close(sock);
+ RETURN_ERR(err, "close");
+
+ /* Free the SSL structure */
+ SSL_free(ssl);
+
+ /* Free the SSL_CTX structure */
+ SSL_CTX_free(ctx);
+}
+
diff --git a/demos/vms_examples/ssl$examples_setup.com b/demos/vms_examples/ssl$examples_setup.com
new file mode 100644
index 0000000000..c5ccf4c7a3
--- /dev/null
+++ b/demos/vms_examples/ssl$examples_setup.com
@@ -0,0 +1,174 @@
+$!
+$! SSL$EXAMPLES_SETUP.COM --
+$!
+$! This command procedure is actually a template that will show
+$! the commands necessary to create certificates and keys for the example
+$! programs.
+$!
+$! Also included in this file are the necessary options to enter into the
+$! SSL$CERT_TOOL.COM to create the necessary certificates and keys to the
+$! example programs. The SSL$CERT_TOOL.COM is found in SSL$COM. See the
+$! documenation for more information about the SSL$CERT_TOOL.COM.
+$!
+$! 1. Create CA certificate - option 5 in SSL$CERT_TOOL.COM.
+$! This will create a key in one file and a certificate in
+$! another file.
+$!
+$! 2. Make 2 copies of CA certificate created in step #1.
+$! One should be called server_ca.crt and the other called
+$! client_ca.crt as these are the filenames defined in the
+$! example programs. You will have to exit the SSL$CERT_TOOL.COM
+$! procedure to do this operation.
+$!
+$! 3. Create a server certificate signing request - option 3 in SSL$CERT_TOOL.COM.
+$! The Common Name should be the TCP/IP hostname of the server system.
+$!
+$! 4. Sign server certificate signing request - option 6 in SSL$CERT_TOOL.COM
+$! Use the CA certificate, server_ca.crt, created in step #1 to sign the request
+$! created in step #3. This will create a key file, which should be named
+$! server.key, and a certificate file, which should be named server.crt.
+$! These are the names as they are defined in example programs.
+$!
+$! 5. Create a client certificate signing request - option 3 in SSL$CERT_TOOL.COM.
+$!
+$! 6. Sign client certificate signing request - option 6 in SSL$CERT_TOOL.COM
+$! Use the CA certificate, client_ca.crt, created in step #1 to sign the request
+$! created in step #5. This will create a key file, which should be named
+$! client.key, and a certificate file, which should be named client.crt.
+$! These are the names as they are defined in example programs.
+$!
+$! 7. These certificates and keys should reside in the same directory as
+$! the example programs.
+$!
+$!
+$!
+$!
+$! The commands have been changed to use generic data as
+$! input. To use these commands, one will have to substitute
+$! the generic data with data specific to their site.
+$! For example, yourcountry could be change to US. It is
+$! assumed that the SSL startup file, SYS$STARTUP:SSL$STARTUP.COM,
+$! and the SSL$COM:SSL$UTILS.COM procedures have been executed.
+$!
+$! Set up some random data.
+$!
+$! $ show system/full/output=randfile.
+$!
+$!
+$! Check to make sure the SERIAL and INDEX files exist.
+$! If they don't, create them.
+$!
+$! $ if f$search ("SSL$PRIVATE:SERIAL.TXT") .eqs. ""
+$! $ then
+$! $ CREATE SSL$PRIVATE:SERIAL.TXT
+$! 01
+$! $ endif
+$!
+$! $ if f$search ("SSL$PRIVATE:INDEX.TXT") .eqs. ""
+$! $ then
+$! $ CREATE SSL$PRIVATE:INDEX.TXT
+$! $ endif
+$!
+$! Create the CA certificate.
+$!
+$! $ define/user sys$command sys$input
+$! $ openssl req -config ssl$root:[000000]openssl-vms.cnf -new -x509 -days 1825 -keyout ca.key -out ca.crt
+$! yourpassword
+$! yourpassword
+$! yourcountry
+$! yourstate
+$! yourcity
+$! yourcompany
+$! yourdepartment
+$! your Certificate Authority certificate
+$! firstname.lastname@yourcompany.com
+$! $!
+$! $!
+$! $! Create the server certificate request.
+$! $!
+$! $! Note : There is no way to use the value of a
+$! $! symbol when you are using the value of
+$! $! symbol as input, as we do below. To get
+$! $! around, we create a .COM on the fly and
+$! $! execute the created .COm file to create
+$! $! the server certificate. What a pain!
+$! $!
+$! $ hostname = f$trnlnm("tcpip$inet_host")
+$! $ domain = f$trnlnm("tcpip$inet_domain")
+$! $ server_name = hostname + "." + domain"
+$! $!
+$! $ open/write s_com create_s_cert.com
+$! $!
+$! $ write s_com "$!"
+$! $ write s_com "$ define/user sys$command sys$input
+$! $ write s_com "$ openssl req -new -nodes -config ssl$root:[000000]openssl-vms.cnf -keyout server.key -out server.csr"
+$! $ write s_com "yourcountry"
+$! $ write s_com "yourstate"
+$! $ write s_com "yourcity"
+$! $ write s_com "yourcompany"
+$! $ write s_com "yourdepartment"
+$! $ write s_com "''server_name'"
+$! $ write s_com "firstname.lastname@yourcompany.com"
+$! $ write s_com ""
+$! $ write s_com ""
+$! $!
+$! $ close s_com
+$! $ @create_s_cert
+$! $ delete create_s_cert.com;
+$! $!
+$! $!
+$! $! Now, sign the server certificate ...
+$! $!
+$! $ define/user sys$command sys$input
+$! $ openssl ca -config ssl$root:[000000]openssl-vms.cnf -cert ca.crt -keyfile ca.key -out server.crt -infiles server.csr
+$! yourpassword
+$! Y
+$! Y
+$! $!
+$! $!
+$! $! Create the client certificate request.
+$! $!
+$! $ define/user sys$command sys$input
+$! $ openssl req -new -nodes -config ssl$root:[000000]openssl-vms.cnf -keyout client.key -out client.csr
+$! yourcountry
+$! yourstate
+$! yourcity
+$! yourcompany
+$! yourdepartment
+$! yourname
+$! firstname.lastname@yourcompany.com
+$!
+$!
+$! $!
+$! $!
+$! $! Now, sign the client certificate ...
+$! $!
+$! $ define/user sys$command sys$input
+$! $ openssl ca -config ssl$root:[000000]openssl-vms.cnf -cert ca.crt -keyfile ca.key -out client.crt -infiles client.csr
+$! yourpassword
+$! Y
+$! Y
+$! $!
+$! $! Let's view the CA certificate.
+$! $!
+$! $ openssl x509 -noout -text -in ca.crt
+$! $!
+$! $!
+$! $! Let's view the Server Certificate Request.
+$! $!
+$! $ openssl req -noout -text -in server.csr
+$! $!
+$! $! Let's view the Server Certificate.
+$! $!
+$! $ openssl x509 -noout -text -in server.crt
+$! $!
+$! $! Let's view the Client Certificate Request.
+$! $!
+$! $ openssl req -noout -text -in client.csr
+$! $!
+$! $! Let's view the Client Certificate.
+$! $!
+$! $ openssl x509 -noout -text -in client.crt
+$! $!
+$! $!
+$! $exit
diff --git a/demos/vms_examples/ssl$serv_sess_renego.c b/demos/vms_examples/ssl$serv_sess_renego.c
new file mode 100644
index 0000000000..f1fc9b882d
--- /dev/null
+++ b/demos/vms_examples/ssl$serv_sess_renego.c
@@ -0,0 +1,379 @@
+/*
+ * ++
+ * FACILITY:
+ *
+ * Simplest SSL Server + "Socket BIO" + "SSL Renegotiation"
+ *
+ * ABSTRACT:
+ *
+ * This is an example of a SSL server with minimum functionality.
+ * This server uses Socket BIO.
+ * The socket APIs are used to handle TCP/IP operations. This SSL
+ * server loads its own certificate and key, but it does not verify
+ * the certificate of the SSL client.
+ *
+ * This SSL server also demonstrates how to implement SSL Renegotiation
+ * in the server.
+ *
+ * ENVIRONMENT:
+ *
+ * OpenVMS Alpha V7.2-2
+ * TCP/IP Services V5.0A or higher
+ *
+ * AUTHOR:
+ *
+ * Taka Shinagawa, OpenVMS Security Group
+ *
+ * CREATION DATE:
+ *
+ * 1-Jan-2002
+ *
+ * --
+ */
+
+/* Assumptions, Build, Configuration, and Execution Instructions */
+
+/*
+ * ASSUMPTIONS:
+ *
+ * The following are assumed to be true for the
+ * execution of this program to succeed:
+ *
+ * - SSL is installed and started on this system.
+ *
+ * - this server program, and its accompanying client
+ * program are run on the same system, but in different
+ * processes.
+ *
+ * - the certificate and keys referenced by this program
+ * reside in the same directory as this program. There
+ * is a command procedure, SSL$EXAMPLES_SETUP.COM, to
+ * help set up the certificates and keys.
+ *
+ * BUILD INSTRUCTIONS:
+ *
+ * To build this example program use commands of the form,
+ *
+ * For a 32-bit application using only SSL APIs needs to run the following commands for SSL_APP.C .
+ * -----------------------------------------------------------------
+ * $CC/POINTER_SIZE=32/PREFIX_LIBRARY_ENTRIES=ALL_ENTRIES SSL_APP.C
+ * $LINK SSL_APP.OBJ, VMS_DECC_OPTIONS.OPT/OPT
+ * -----------------------------------------------------------------
+ * VMS_DECC_OPTIONS.OPT should include the following lines.
+ * -------------------------------------------------
+ * SYS$LIBRARY:OPENSSL$LIBCRYPTO_SHR32.EXE/SHARE
+ * SYS$LIBRARY:OPENSSL$LIBSSL_SHR32.EXE/SHARE
+ * -------------------------------------------------
+ *
+ * Creating a 64-bit application of SSL_APP.C should run the following commands.
+ * -----------------------------------------------------------------
+ * $CC/POINTER_SIZE=64/PREFIX_LIBRARY_ENTRIES=ALL_ENTRIES SSL_APP.C
+ * $LINK SSL_APP.OBJ, VMS_DECC_OPTIONS.OPT/OPT
+ * -----------------------------------------------------------------
+ * VMS_DECC_OPTIONS.OPT should include the following lines.
+ * -------------------------------------------------
+ * SYS$LIBRARY:OPENSSL$LIBCRYPTO_SHR.EXE/SHARE
+ * SYS$LIBRARY:OPENSSL$LIBSSL_SHR.EXE/SHARE
+ * -------------------------------------------------
+ *
+ *
+ * CONFIGURATION INSTRUCTIONS:
+ *
+ *
+ * RUN INSTRUCTIONS:
+ *
+ * To run this example program:
+ *
+ * 1) Start the server program,
+ *
+ * $ run server
+ *
+ * 2) Start the client program on this same system,
+ *
+ * $ run client
+ *
+ */
+
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <netdb.h>
+#include <unistd.h>
+
+#ifdef __VMS
+#include <types.h>
+#include <socket.h>
+#include <in.h>
+#include <inet.h>
+#else
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#endif
+
+#include <openssl/crypto.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
+#define RSA_SERVER_CERT "server.crt"
+#define RSA_SERVER_KEY "server.key"
+
+#define RSA_SERVER_CA_CERT "server_ca.crt"
+#define RSA_SERVER_CA_PATH "sys$common:[syshlp.examples.ssl]"
+
+#define ON 1
+#define OFF 0
+
+#define RETURN_NULL(x) if ((x)==NULL) exit(1)
+#define RETURN_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
+#define RETURN_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(1); }
+
+void main ()
+{
+ int err;
+ int verify_client = OFF; /* To verify a client certificate, set ON */
+
+ int listen_sock;
+ int sock;
+ struct sockaddr_in sa_serv;
+ struct sockaddr_in sa_cli;
+ size_t client_len;
+ char *str;
+ char buf[4096];
+
+ SSL_CTX *ctx;
+ SSL *ssl;
+ SSL_METHOD *meth;
+ X509 *client_cert = NULL;
+ BIO *sbio = NULL;
+ SSL_SESSION *sess = NULL;
+
+ short int s_port = 5555;
+
+ /*-----------------------------------------------------------------------------------------*/
+ /* Load encryption & hashing algorithms for the SSL program */
+ SSL_library_init();
+
+ /* Load the error strings for SSL & CRYPTO APIs */
+ SSL_load_error_strings();
+
+ /* Create a SSL_METHOD structure (choose a SSL/TLS protocol version) */
+ meth = TLSv1_method();
+
+ /* Create a SSL_CTX structure */
+ ctx = SSL_CTX_new(meth);
+ if (!ctx) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Load the server certificate into the SSL_CTX structure */
+ if (SSL_CTX_use_certificate_file(ctx, RSA_SERVER_CERT, SSL_FILETYPE_PEM) <= 0) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Load the private-key corresponding to the server certificate */
+ if (SSL_CTX_use_PrivateKey_file(ctx, RSA_SERVER_KEY, SSL_FILETYPE_PEM) <= 0) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Check if the server certificate and private-key matches */
+ if (!SSL_CTX_check_private_key(ctx)) {
+ fprintf(stderr,"Private key does not match the certificate public key\n");
+ exit(1);
+ }
+
+ if(verify_client == ON)
+ {
+ /* Load the RSA CA certificate into the SSL_CTX structure */
+ if (!SSL_CTX_load_verify_locations(ctx, RSA_SERVER_CA_CERT, NULL)) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Set to require peer (client) certificate verification */
+ SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER,NULL);
+
+ /* Set the verification depth to 1 */
+ SSL_CTX_set_verify_depth(ctx,1);
+ }
+
+ /* ----------------------------------------------- */
+ /* Set up a TCP socket */
+
+ listen_sock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
+ RETURN_ERR(listen_sock, "socket");
+
+ memset (&sa_serv, '\0', sizeof(sa_serv));
+ sa_serv.sin_family = AF_INET;
+ sa_serv.sin_addr.s_addr = INADDR_ANY;
+ sa_serv.sin_port = htons (s_port); /* Server Port number */
+
+ err = bind(listen_sock, (struct sockaddr*)&sa_serv,sizeof(sa_serv));
+ RETURN_ERR(err, "bind");
+
+ /* Wait for an incoming TCP connection. */
+ err = listen(listen_sock, 5);
+ RETURN_ERR(err, "listen");
+
+ client_len = sizeof(sa_cli);
+
+ /* Socket for a TCP/IP connection is created */
+ sock = accept(listen_sock, (struct sockaddr*)&sa_cli, &client_len);
+ RETURN_ERR(sock, "accept");
+ close (listen_sock);
+
+ printf ("Connection from %lx, port %x\n", sa_cli.sin_addr.s_addr, sa_cli.sin_port);
+
+ /* ----------------------------------------------- */
+ /* TCP connection is ready. */
+
+ /* A SSL structure is created */
+ ssl = SSL_new(ctx);
+ RETURN_NULL(ssl);
+
+ if(1){ /* Use a socket BIO between the socket and SSL structure */
+ /* Create a socket BIO */
+ sbio = BIO_new_socket(sock, BIO_NOCLOSE);
+
+ /* Assign the socket BIO to the SSL structure*/
+ SSL_set_bio(ssl, sbio, sbio);
+
+ }
+ else{
+ /* Assign the socket into the SSL structure (SSL and socket without BIO) */
+ SSL_set_fd(ssl, sock);
+ }
+
+ /* Perform SSL Handshake on the SSL server */
+ err = SSL_accept(ssl);
+ RETURN_SSL(err);
+
+ /* Informational output (optional) */
+ printf("SSL connection using %s\n", SSL_get_cipher (ssl));
+
+ /* Session established with the first SSL handshake */
+ sess = SSL_get_session(ssl);
+ printf("Session 1: SSL_SESSION_hash(sess) >> %d\n", SSL_SESSION_hash(sess));
+
+ /* Get the client's certificate (optional) */
+ client_cert = SSL_get_peer_certificate(ssl);
+
+ if (client_cert != NULL)
+ {
+ printf ("Client certificate:\n");
+
+ str = X509_NAME_oneline(X509_get_subject_name(client_cert), 0, 0);
+ RETURN_NULL(str);
+ printf ("\t subject: %s\n", str);
+ free (str);
+
+ str = X509_NAME_oneline(X509_get_issuer_name(client_cert), 0, 0);
+ RETURN_NULL(str);
+ printf ("\t issuer: %s\n", str);
+ free (str);
+
+ X509_free(client_cert);
+ }
+ else
+ printf("The SSL client does not have certificate.\n");
+
+
+ /*--------------- DATA EXCHANGE - Receive message and send reply. ---------------*/
+
+ /* Receive data from the SSL client */
+ err = SSL_read(ssl, buf, sizeof(buf) - 1);
+ RETURN_SSL(err);
+ buf[err] = '\0';
+ printf ("Got %d chars:'%s'\n", err, buf);
+
+ /* Send data to the SSL client */
+ err = SSL_write(ssl, "This message is from the SSL server\n", strlen("This message is from the SSL server"));
+ RETURN_SSL(err);
+
+ /*--------------- Renegotiation 1 (initiated by the SSL server) ---------------*/
+ printf(">> Starting Renegotiation 1 (initiated by the server) \n");
+
+ if(SSL_renegotiate(ssl)<=0){
+ printf("SSL_renegotiate() failed.\n");
+ exit(1);
+ }
+
+ if(SSL_do_handshake(ssl)<=0){
+ printf("SSL_do_handshake() failed.\n");
+ exit(1);
+ }
+
+ ssl->state = SSL_ST_ACCEPT;
+
+ if(SSL_do_handshake(ssl)<=0){
+ printf("SSL_do_handshake() failed.\n");
+ exit(1);
+ }
+
+ printf(">> SSL Renegotiation succeeded\n");
+
+ /* Session established with the first SSL renegotiation */
+ sess = SSL_get_session(ssl);
+ printf("Session 2 (with 1st SSL renegotiation): SSL_SESSION_hash(sess) >> %d\n", SSL_SESSION_hash(sess));
+
+ /*----------------------------------------------------------------*/
+ /* Receive a message from Client over the new SSL session */
+ err = SSL_read(ssl, buf, sizeof(buf) - 1);
+ RETURN_SSL(err);
+ buf[err] = '\0';
+ printf ("Got %d chars:'%s'\n", err, buf);
+
+ /* Send a message to Client over the new SSL session */
+ err = SSL_write(ssl, "From the server after SSL Renegotiation.", strlen("From the server after SSL Renegotiation."));
+ RETURN_SSL(err);
+
+ /*--------------- Renegotiation 2 (initiated by the SSL client) ---------------*/
+
+ printf("\n>> Starting Renegotiation 2 (initiated by the client)\n");
+
+ err = SSL_read(ssl, buf, sizeof(buf) - 1);
+ switch(SSL_get_error(ssl,err)){
+ case SSL_ERROR_WANT_READ:
+ printf(">> SSL Renegotiation succeeded\n");
+ break;
+ default:
+ printf("error\n");
+ exit(1);
+ }
+
+ /* Session established with the second SSL renegotiation */
+ sess = SSL_get_session(ssl);
+ printf("Session 3 (with 2nd SSL renegotiation): SSL_SESSION_hash(sess) >> %d\n", SSL_SESSION_hash(sess));
+
+ /* Receive a message from Client over the new SSL session */
+ err = SSL_read(ssl, buf, sizeof(buf) - 1);
+ RETURN_SSL(err);
+ buf[err] = '\0';
+ printf ("Got %d chars:'%s'\n", err, buf);
+
+ /* Send a message to Client over the new SSL session */
+ err = SSL_write(ssl, "From the server after SSL Renegotiation.", strlen("From the server after SSL Renegotiation."));
+ RETURN_SSL(err);
+
+ /*--------------- SSL closure ---------------*/
+ /* Shutdown this side of the SSL connection */
+ err = SSL_shutdown(ssl);
+ RETURN_SSL(err);
+
+ /* Terminate communication on a socket */
+ err = close(sock);
+ RETURN_ERR(err, "close");
+
+ /* Free the SSL structure */
+ SSL_free(ssl);
+
+ /* Free the SSL_CTX structure */
+ SSL_CTX_free(ctx);
+}
+
diff --git a/demos/vms_examples/ssl$serv_sess_renego_cli_ver.c b/demos/vms_examples/ssl$serv_sess_renego_cli_ver.c
new file mode 100644
index 0000000000..a83263957f
--- /dev/null
+++ b/demos/vms_examples/ssl$serv_sess_renego_cli_ver.c
@@ -0,0 +1,379 @@
+/*
+ * ++
+ * FACILITY:
+ *
+ * Simplest SSL Server + "Socket BIO" + "client certificate verification" + "SSL Renegotiation"
+ *
+ * ABSTRACT:
+ *
+ * This is an example of a SSL server with minimum functionality.
+ * This server uses Socket BIO.
+ * The socket APIs are used to handle TCP/IP operations. This SSL
+ * server loads its own certificate and key,
+ * and it requests & verifies the certificate of the SSL client.
+ *
+ * This SSL server also demonstrates how to implement SSL Renegotiation
+ * in the server.
+ *
+ * ENVIRONMENT:
+ *
+ * OpenVMS Alpha V7.2-2
+ * TCP/IP Services V5.0A or higher
+ *
+ * AUTHOR:
+ *
+ * Taka Shinagawa, OpenVMS Security Group
+ *
+ * CREATION DATE:
+ *
+ * 1-Jan-2002
+ *
+ * --
+ */
+
+/* Assumptions, Build, Configuration, and Execution Instructions */
+
+/*
+ * ASSUMPTIONS:
+ *
+ * The following are assumed to be true for the
+ * execution of this program to succeed:
+ *
+ * - SSL is installed and started on this system.
+ *
+ * - this server program, and its accompanying client
+ * program are run on the same system, but in different
+ * processes.
+ *
+ * - the certificate and keys referenced by this program
+ * reside in the same directory as this program. There
+ * is a command procedure, SSL$EXAMPLES_SETUP.COM, to
+ * help set up the certificates and keys.
+ *
+ * BUILD INSTRUCTIONS:
+ *
+ * To build this example program use commands of the form,
+ *
+ * For a 32-bit application using only SSL APIs needs to run the following commands for SSL_APP.C .
+ * -----------------------------------------------------------------
+ * $CC/POINTER_SIZE=32/PREFIX_LIBRARY_ENTRIES=ALL_ENTRIES SSL_APP.C
+ * $LINK SSL_APP.OBJ, VMS_DECC_OPTIONS.OPT/OPT
+ * -----------------------------------------------------------------
+ * VMS_DECC_OPTIONS.OPT should include the following lines.
+ * -------------------------------------------------
+ * SYS$LIBRARY:OPENSSL$LIBCRYPTO_SHR32.EXE/SHARE
+ * SYS$LIBRARY:OPENSSL$LIBSSL_SHR32.EXE/SHARE
+ * -------------------------------------------------
+ *
+ * Creating a 64-bit application of SSL_APP.C should run the following commands.
+ * -----------------------------------------------------------------
+ * $CC/POINTER_SIZE=64/PREFIX_LIBRARY_ENTRIES=ALL_ENTRIES SSL_APP.C
+ * $LINK SSL_APP.OBJ, VMS_DECC_OPTIONS.OPT/OPT
+ * -----------------------------------------------------------------
+ * VMS_DECC_OPTIONS.OPT should include the following lines.
+ * -------------------------------------------------
+ * SYS$LIBRARY:OPENSSL$LIBCRYPTO_SHR.EXE/SHARE
+ * SYS$LIBRARY:OPENSSL$LIBSSL_SHR.EXE/SHARE
+ * -------------------------------------------------
+ *
+ *
+ * CONFIGURATION INSTRUCTIONS:
+ *
+ *
+ * RUN INSTRUCTIONS:
+ *
+ * To run this example program:
+ *
+ * 1) Start the server program,
+ *
+ * $ run server
+ *
+ * 2) Start the client program on this same system,
+ *
+ * $ run client
+ *
+ */
+
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <netdb.h>
+#include <unistd.h>
+
+#ifdef __VMS
+#include <types.h>
+#include <socket.h>
+#include <in.h>
+#include <inet.h>
+#else
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#endif
+
+#include <openssl/crypto.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
+#define RSA_SERVER_CERT "server.crt"
+#define RSA_SERVER_KEY "server.key"
+
+#define RSA_SERVER_CA_CERT "server_ca.crt"
+#define RSA_SERVER_CA_PATH "sys$common:[syshlp.examples.ssl]"
+
+#define ON 1
+#define OFF 0
+
+#define RETURN_NULL(x) if ((x)==NULL) exit(1)
+#define RETURN_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
+#define RETURN_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(1); }
+
+void main ()
+{
+ int err;
+ int verify_client = ON; /* To verify a client certificate, set ON */
+
+ int listen_sock;
+ int sock;
+ struct sockaddr_in sa_serv;
+ struct sockaddr_in sa_cli;
+ size_t client_len;
+ char *str;
+ char buf[4096];
+
+ SSL_CTX *ctx;
+ SSL *ssl;
+ SSL_METHOD *meth;
+ X509 *client_cert = NULL;
+ BIO *sbio = NULL;
+ SSL_SESSION *sess = NULL;
+
+ short int s_port = 5555;
+
+ /*-----------------------------------------------------------------------------------------*/
+ /* Load encryption & hashing algorithms for the SSL program */
+ SSL_library_init();
+
+ /* Load the error strings for SSL & CRYPTO APIs */
+ SSL_load_error_strings();
+
+ /* Create a SSL_METHOD structure (choose a SSL/TLS protocol version) */
+ meth = TLSv1_method();
+
+ /* Create a SSL_CTX structure */
+ ctx = SSL_CTX_new(meth);
+ if (!ctx) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Load the server certificate into the SSL_CTX structure */
+ if (SSL_CTX_use_certificate_file(ctx, RSA_SERVER_CERT, SSL_FILETYPE_PEM) <= 0) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Load the private-key corresponding to the server certificate */
+ if (SSL_CTX_use_PrivateKey_file(ctx, RSA_SERVER_KEY, SSL_FILETYPE_PEM) <= 0) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Check if the server certificate and private-key matches */
+ if (!SSL_CTX_check_private_key(ctx)) {
+ fprintf(stderr,"Private key does not match the certificate public key\n");
+ exit(1);
+ }
+
+ if(verify_client == ON)
+ {
+ /* Load the RSA CA certificate into the SSL_CTX structure */
+ if (!SSL_CTX_load_verify_locations(ctx, RSA_SERVER_CA_CERT, NULL)) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Set to require peer (client) certificate verification */
+ SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER,NULL);
+
+ /* Set the verification depth to 1 */
+ SSL_CTX_set_verify_depth(ctx,1);
+ }
+
+ /* ----------------------------------------------- */
+ /* Set up a TCP socket */
+
+ listen_sock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
+ RETURN_ERR(listen_sock, "socket");
+
+ memset (&sa_serv, '\0', sizeof(sa_serv));
+ sa_serv.sin_family = AF_INET;
+ sa_serv.sin_addr.s_addr = INADDR_ANY;
+ sa_serv.sin_port = htons (s_port); /* Server Port number */
+
+ err = bind(listen_sock, (struct sockaddr*)&sa_serv,sizeof(sa_serv));
+ RETURN_ERR(err, "bind");
+
+ /* Wait for an incoming TCP connection. */
+ err = listen(listen_sock, 5);
+ RETURN_ERR(err, "listen");
+
+ client_len = sizeof(sa_cli);
+
+ /* Socket for a TCP/IP connection is created */
+ sock = accept(listen_sock, (struct sockaddr*)&sa_cli, &client_len);
+ RETURN_ERR(sock, "accept");
+ close (listen_sock);
+
+ printf ("Connection from %lx, port %x\n", sa_cli.sin_addr.s_addr, sa_cli.sin_port);
+
+ /* ----------------------------------------------- */
+ /* TCP connection is ready. */
+
+ /* A SSL structure is created */
+ ssl = SSL_new(ctx);
+ RETURN_NULL(ssl);
+
+ if(1){ /* Use a socket BIO between the socket and SSL structure */
+ /* Create a socket BIO */
+ sbio = BIO_new_socket(sock, BIO_NOCLOSE);
+
+ /* Assign the socket BIO to the SSL structure*/
+ SSL_set_bio(ssl, sbio, sbio);
+
+ }
+ else{
+ /* Assign the socket into the SSL structure (SSL and socket without BIO) */
+ SSL_set_fd(ssl, sock);
+ }
+
+ /* Perform SSL Handshake on the SSL server */
+ err = SSL_accept(ssl);
+ RETURN_SSL(err);
+
+ /* Informational output (optional) */
+ printf("SSL connection using %s\n", SSL_get_cipher (ssl));
+
+ /* Session established with the first SSL handshake */
+ sess = SSL_get_session(ssl);
+ printf("Session 1: SSL_SESSION_hash(sess) >> %d\n", SSL_SESSION_hash(sess));
+
+ /* Get the client's certificate (optional) */
+ client_cert = SSL_get_peer_certificate(ssl);
+
+ if (client_cert != NULL)
+ {
+ printf ("Client certificate:\n");
+
+ str = X509_NAME_oneline(X509_get_subject_name(client_cert), 0, 0);
+ RETURN_NULL(str);
+ printf ("\t subject: %s\n", str);
+ free (str);
+
+ str = X509_NAME_oneline(X509_get_issuer_name(client_cert), 0, 0);
+ RETURN_NULL(str);
+ printf ("\t issuer: %s\n", str);
+ free (str);
+
+ X509_free(client_cert);
+ }
+ else
+ printf("The SSL client does not have certificate.\n");
+
+
+ /*--------------- DATA EXCHANGE - Receive message and send reply. ---------------*/
+
+ /* Receive data from the SSL client */
+ err = SSL_read(ssl, buf, sizeof(buf) - 1);
+ RETURN_SSL(err);
+ buf[err] = '\0';
+ printf ("Received %d chars:'%s'\n", err, buf);
+
+ /* Send data to the SSL client */
+ err = SSL_write(ssl, "This message is from the SSL server\n", strlen("This message is from the SSL server"));
+ RETURN_SSL(err);
+
+ /*--------------- Renegotiation 1 (initiated by the SSL server) ---------------*/
+ printf(">> Starting Renegotiation 1 (initiated by the server) \n");
+
+ if(SSL_renegotiate(ssl)<=0){
+ printf("SSL_renegotiate() failed.\n");
+ exit(1);
+ }
+
+ if(SSL_do_handshake(ssl)<=0){
+ printf("SSL_do_handshake() failed.\n");
+ exit(1);
+ }
+
+ ssl->state = SSL_ST_ACCEPT;
+
+ if(SSL_do_handshake(ssl)<=0){
+ printf("SSL_do_handshake() failed.\n");
+ exit(1);
+ }
+
+ printf(">> SSL Renegotiation succeeded\n");
+
+ /* Session established with the first SSL renegotiation */
+ sess = SSL_get_session(ssl);
+ printf("Session 2 (with 1st SSL renegotiation): SSL_SESSION_hash(sess) >> %d\n", SSL_SESSION_hash(sess));
+
+ /*----------------------------------------------------------------*/
+ /* Receive a message from Client over the new SSL session */
+ err = SSL_read(ssl, buf, sizeof(buf) - 1);
+ RETURN_SSL(err);
+ buf[err] = '\0';
+ printf ("Received %d chars:'%s'\n", err, buf);
+
+ /* Send a message to Client over the new SSL session */
+ err = SSL_write(ssl, "From the server after SSL Renegotiation.", strlen("From the server after SSL Renegotiation."));
+ RETURN_SSL(err);
+
+ /*--------------- Renegotiation 2 (initiated by the SSL client) ---------------*/
+
+ printf("\n>> Starting Renegotiation 2 (initiated by the client)\n");
+
+ err = SSL_read(ssl, buf, sizeof(buf) - 1);
+ switch(SSL_get_error(ssl,err)){
+ case SSL_ERROR_WANT_READ:
+ printf(">> SSL Renegotiation succeeded\n");
+ break;
+ default:
+ printf("error\n");
+ exit(1);
+ }
+
+ /* Session established with the second SSL renegotiation */
+ sess = SSL_get_session(ssl);
+ printf("Session 3 (with 2nd SSL renegotiation): SSL_SESSION_hash(sess) >> %d\n", SSL_SESSION_hash(sess));
+
+ /* Receive a message from Client over the new SSL session */
+ err = SSL_read(ssl, buf, sizeof(buf) - 1);
+ RETURN_SSL(err);
+ buf[err] = '\0';
+ printf ("Received %d chars:'%s'\n", err, buf);
+
+ /* Send a message to Client over the new SSL session */
+ err = SSL_write(ssl, "From the server after SSL Renegotiation.", strlen("From the server after SSL Renegotiation."));
+ RETURN_SSL(err);
+
+ /*--------------- SSL closure ---------------*/
+ /* Shutdown this side of the connection */
+ err = SSL_shutdown(ssl);
+ RETURN_SSL(err);
+
+ /* Terminate communication on a socket */
+ err = close(sock);
+ RETURN_ERR(err, "close");
+
+ /* Free the SSL structure */
+ SSL_free(ssl);
+
+ /* Free the SSL_CTX structure */
+ SSL_CTX_free(ctx);
+}
+
diff --git a/demos/vms_examples/ssl$serv_sess_reuse.c b/demos/vms_examples/ssl$serv_sess_reuse.c
new file mode 100644
index 0000000000..e2e6a181e5
--- /dev/null
+++ b/demos/vms_examples/ssl$serv_sess_reuse.c
@@ -0,0 +1,316 @@
+/*
+ * ++
+ * FACILITY:
+ *
+ * Simplest SSL Server + "Socket BIO" + "Session Reuse (Resumption)"
+ *
+ * ABSTRACT:
+ *
+ * This is an example of a SSL server with minimum functionality.
+ * This server uses Socket BIO.
+ * The socket APIs are used to handle TCP/IP operations. This SSL
+ * server loads its own certificate and key, but it does not verify
+ * the certificate of the SSL client.
+ *
+ * This SSL server also demonstrates how to implement SSL Session Reuse (Resumption)
+ * in the server.
+ *
+ * ENVIRONMENT:
+ *
+ * OpenVMS Alpha V7.2-2
+ * TCP/IP Services V5.0A or higher
+ *
+ * AUTHOR:
+ *
+ * Taka Shinagawa, OpenVMS Security Group
+ *
+ * CREATION DATE:
+ *
+ * 1-Jan-2002
+ *
+ * --
+ */
+
+/* Assumptions, Build, Configuration, and Execution Instructions */
+
+/*
+ * ASSUMPTIONS:
+ *
+ * The following are assumed to be true for the
+ * execution of this program to succeed:
+ *
+ * - SSL is installed and started on this system.
+ *
+ * - this server program, and its accompanying client
+ * program are run on the same system, but in different
+ * processes.
+ *
+ * - the certificate and keys referenced by this program
+ * reside in the same directory as this program. There
+ * is a command procedure, SSL$EXAMPLES_SETUP.COM, to
+ * help set up the certificates and keys.
+ *
+ * BUILD INSTRUCTIONS:
+ *
+ * To build this example program use commands of the form,
+ *
+ * For a 32-bit application using only SSL APIs needs to run the following commands for SSL_APP.C .
+ * -----------------------------------------------------------------
+ * $CC/POINTER_SIZE=32/PREFIX_LIBRARY_ENTRIES=ALL_ENTRIES SSL_APP.C
+ * $LINK SSL_APP.OBJ, VMS_DECC_OPTIONS.OPT/OPT
+ * -----------------------------------------------------------------
+ * VMS_DECC_OPTIONS.OPT should include the following lines.
+ * -------------------------------------------------
+ * SYS$LIBRARY:OPENSSL$LIBCRYPTO_SHR32.EXE/SHARE
+ * SYS$LIBRARY:OPENSSL$LIBSSL_SHR32.EXE/SHARE
+ * -------------------------------------------------
+ *
+ * Creating a 64-bit application of SSL_APP.C should run the following commands.
+ * -----------------------------------------------------------------
+ * $CC/POINTER_SIZE=64/PREFIX_LIBRARY_ENTRIES=ALL_ENTRIES SSL_APP.C
+ * $LINK SSL_APP.OBJ, VMS_DECC_OPTIONS.OPT/OPT
+ * -----------------------------------------------------------------
+ * VMS_DECC_OPTIONS.OPT should include the following lines.
+ * -------------------------------------------------
+ * SYS$LIBRARY:OPENSSL$LIBCRYPTO_SHR.EXE/SHARE
+ * SYS$LIBRARY:OPENSSL$LIBSSL_SHR.EXE/SHARE
+ * -------------------------------------------------
+ *
+ *
+ * CONFIGURATION INSTRUCTIONS:
+ *
+ *
+ * RUN INSTRUCTIONS:
+ *
+ * To run this example program:
+ *
+ * 1) Start the server program,
+ *
+ * $ run server
+ *
+ * 2) Start the client program on this same system,
+ *
+ * $ run client
+ *
+ */
+
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <netdb.h>
+#include <unistd.h>
+
+#ifdef __VMS
+#include <types.h>
+#include <socket.h>
+#include <in.h>
+#include <inet.h>
+#else
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#endif
+
+#include <openssl/crypto.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
+#define RSA_SERVER_CERT "server.crt"
+#define RSA_SERVER_KEY "server.key"
+
+#define RSA_SERVER_CA_CERT "server_ca.crt"
+#define RSA_SERVER_CA_PATH "sys$common:[syshlp.examples.ssl]"
+
+#define ON 1
+#define OFF 0
+
+#define RETURN_NULL(x) if ((x)==NULL) exit(1)
+#define RETURN_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
+#define RETURN_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(1); }
+
+void main ()
+{
+ int err, i;
+ int verify_client = OFF; /* To verify a client certificate, set ON */
+
+ int listen_sock;
+ int sock;
+ int on = 1;
+ struct sockaddr_in sa_serv;
+ struct sockaddr_in sa_cli;
+ size_t client_len;
+ char *str;
+ char buf[4096];
+
+ SSL_CTX *ctx;
+ SSL *ssl;
+ SSL_METHOD *meth;
+ X509 *client_cert = NULL;
+ BIO *sbio = NULL;
+
+ short int s_port = 5555;
+
+ /*-----------------------------------------------------------------------------------------*/
+ /* Load encryption & hashing algorithms for the SSL program */
+ SSL_library_init();
+
+ /* Load the error strings for SSL & CRYPTO APIs */
+ SSL_load_error_strings();
+
+ /* Create a SSL_METHOD structure (choose a SSL/TLS protocol version) */
+ meth = SSLv3_method();
+
+ /* Create a SSL_CTX structure */
+ ctx = SSL_CTX_new(meth);
+ if (!ctx) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Load the server certificate into the SSL_CTX structure */
+ if (SSL_CTX_use_certificate_file(ctx, RSA_SERVER_CERT, SSL_FILETYPE_PEM) <= 0) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Load the private-key corresponding to the server certificate */
+ if (SSL_CTX_use_PrivateKey_file(ctx, RSA_SERVER_KEY, SSL_FILETYPE_PEM) <= 0) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Check if the server certificate and private-key matches */
+ if (!SSL_CTX_check_private_key(ctx)) {
+ fprintf(stderr,"Private key does not match the certificate public key\n");
+ exit(1);
+ }
+
+ if(verify_client == ON)
+ {
+ /* Load the RSA CA certificate into the SSL_CTX structure */
+ if (!SSL_CTX_load_verify_locations(ctx, RSA_SERVER_CA_CERT, NULL)) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Set to require peer (client) certificate verification */
+ SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER,NULL);
+
+ /* Set the verification depth to 1 */
+ SSL_CTX_set_verify_depth(ctx,1);
+ }
+
+ /* Set up a TCP socket */
+ listen_sock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
+ RETURN_ERR(listen_sock, "socket");
+
+ err = setsockopt (listen_sock, SOL_SOCKET, SO_REUSEADDR, (void *)&on, sizeof(on));
+ RETURN_ERR(err, "setsockopt");
+
+ memset (&sa_serv, '\0', sizeof(sa_serv));
+ sa_serv.sin_family = AF_INET;
+ sa_serv.sin_addr.s_addr = INADDR_ANY;
+ sa_serv.sin_port = htons (s_port); /* Server Port number */
+
+ err = bind(listen_sock, (struct sockaddr*)&sa_serv,sizeof(sa_serv));
+ RETURN_ERR(err, "bind");
+
+ err = listen(listen_sock, 5);
+ RETURN_ERR(err, "listen");
+
+ client_len = sizeof(sa_cli);
+
+
+ for(i=0; i<2; i++)
+ {
+ /* Socket for a TCP/IP connection is created */
+ sock = accept(listen_sock, (struct sockaddr*)&sa_cli, &client_len);
+ RETURN_ERR(sock, "accept");
+
+ printf ("Connection from %lx, port %x\n", sa_cli.sin_addr.s_addr, sa_cli.sin_port);
+
+ /* ----------------------------------------------- */
+ /* TCP connection is ready. */
+
+ /* A SSL structure is created */
+ ssl = SSL_new(ctx);
+ RETURN_NULL(ssl);
+
+ if(1){ /* Use a socket BIO between the socket and SSL structure */
+ /* Create a socket BIO */
+ sbio = BIO_new_socket(sock, BIO_NOCLOSE);
+
+ /* Assign the socket BIO to the SSL structure*/
+ SSL_set_bio(ssl, sbio, sbio);
+
+ }
+ else{
+ /* Assign the socket into the SSL structure (SSL and socket without BIO) */
+ SSL_set_fd(ssl, sock);
+ }
+
+ /* Perform SSL Handshake on the SSL server */
+ err = SSL_accept(ssl);
+ RETURN_SSL(err);
+
+ /* Informational output (optional) */
+ printf("SSL connection using %s\n", SSL_get_cipher (ssl));
+
+ /* Get the client's certificate (optional) */
+ client_cert = SSL_get_peer_certificate(ssl);
+
+ if (client_cert != NULL)
+ {
+ printf ("Client certificate:\n");
+
+ str = X509_NAME_oneline(X509_get_subject_name(client_cert), 0, 0);
+ RETURN_NULL(str);
+ printf ("\t subject: %s\n", str);
+ free (str);
+
+ str = X509_NAME_oneline(X509_get_issuer_name(client_cert), 0, 0);
+ RETURN_NULL(str);
+ printf ("\t issuer: %s\n", str);
+ free (str);
+
+ X509_free(client_cert);
+ }
+ else
+ printf("The SSL client does not have certificate.\n");
+
+
+ /*--------------- DATA EXCHANGE - Receive message and send reply. ---------------*/
+
+ /* Receive data from the SSL client */
+ err = SSL_read(ssl, buf, sizeof(buf) - 1);
+ RETURN_SSL(err);
+ buf[err] = '\0';
+ printf ("Received %d chars:'%s'\n", err, buf);
+
+ /* Send data to the SSL client */
+ err = SSL_write(ssl, "This message is from the SSL server", strlen("This message is from the SSL server"));
+ RETURN_SSL(err);
+
+ /*--------------- SSL closure ---------------*/
+ /* Shutdown this side of the SSL connection */
+ err = SSL_shutdown(ssl);
+ RETURN_SSL(err);
+
+ /* Terminate communication on a socket */
+ err = close(sock);
+ RETURN_ERR(err, "close");
+ }
+
+ err = close(listen_sock);
+ RETURN_ERR(err, "close");
+
+ /* Free the SSL structure */
+ SSL_free(ssl);
+
+ /* Free the SSL_CTX structure */
+ SSL_CTX_free(ctx);
+}
+
diff --git a/demos/vms_examples/ssl$serv_sess_reuse_cli_ver.c b/demos/vms_examples/ssl$serv_sess_reuse_cli_ver.c
new file mode 100644
index 0000000000..69d30ff080
--- /dev/null
+++ b/demos/vms_examples/ssl$serv_sess_reuse_cli_ver.c
@@ -0,0 +1,329 @@
+/*
+ * ++
+ * FACILITY:
+ *
+ * Simplest SSL Server + "Socket BIO" + "client certificate verification" + "Session Reuse (Resumption)"
+ *
+ * ABSTRACT:
+ *
+ * This is an example of a SSL server with minimum functionality
+ * with the client certificate verification (using Socket BIO).
+ * The socket APIs are used to handle TCP/IP operations. This SSL
+ * server loads its own certificate and key, but it does not verify
+ * the certificate of the SSL client.
+ *
+ * This SSL server also demonstrates how to implement SSL Session Reuse (Resumption)
+ * in the server.
+ *
+ * ENVIRONMENT:
+ *
+ * OpenVMS Alpha V7.2-2
+ * TCP/IP Services V5.0A or higher
+ *
+ * AUTHOR:
+ *
+ * Taka Shinagawa, OpenVMS Security Group
+ *
+ * CREATION DATE:
+ *
+ * 1-Jan-2002
+ *
+ * --
+ */
+
+/* Assumptions, Build, Configuration, and Execution Instructions */
+
+/*
+ * ASSUMPTIONS:
+ *
+ * The following are assumed to be true for the
+ * execution of this program to succeed:
+ *
+ * - SSL is installed and started on this system.
+ *
+ * - this server program, and its accompanying client
+ * program are run on the same system, but in different
+ * processes.
+ *
+ * - the certificate and keys referenced by this program
+ * reside in the same directory as this program. There
+ * is a command procedure, SSL$EXAMPLES_SETUP.COM, to
+ * help set up the certificates and keys.
+ *
+ * BUILD INSTRUCTIONS:
+ *
+ * To build this example program use commands of the form,
+ *
+ * For a 32-bit application using only SSL APIs needs to run the following commands for SSL_APP.C .
+ * -----------------------------------------------------------------
+ * $CC/POINTER_SIZE=32/PREFIX_LIBRARY_ENTRIES=ALL_ENTRIES SSL_APP.C
+ * $LINK SSL_APP.OBJ, VMS_DECC_OPTIONS.OPT/OPT
+ * -----------------------------------------------------------------
+ * VMS_DECC_OPTIONS.OPT should include the following lines.
+ * -------------------------------------------------
+ * SYS$LIBRARY:OPENSSL$LIBCRYPTO_SHR32.EXE/SHARE
+ * SYS$LIBRARY:OPENSSL$LIBSSL_SHR32.EXE/SHARE
+ * -------------------------------------------------
+ *
+ * Creating a 64-bit application of SSL_APP.C should run the following commands.
+ * -----------------------------------------------------------------
+ * $CC/POINTER_SIZE=64/PREFIX_LIBRARY_ENTRIES=ALL_ENTRIES SSL_APP.C
+ * $LINK SSL_APP.OBJ, VMS_DECC_OPTIONS.OPT/OPT
+ * -----------------------------------------------------------------
+ * VMS_DECC_OPTIONS.OPT should include the following lines.
+ * -------------------------------------------------
+ * SYS$LIBRARY:OPENSSL$LIBCRYPTO_SHR.EXE/SHARE
+ * SYS$LIBRARY:OPENSSL$LIBSSL_SHR.EXE/SHARE
+ * -------------------------------------------------
+ *
+ *
+ * CONFIGURATION INSTRUCTIONS:
+ *
+ *
+ * RUN INSTRUCTIONS:
+ *
+ * To run this example program:
+ *
+ * 1) Start the server program,
+ *
+ * $ run server
+ *
+ * 2) Start the client program on this same system,
+ *
+ * $ run client
+ *
+ */
+
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <netdb.h>
+#include <unistd.h>
+
+#ifdef __VMS
+#include <types.h>
+#include <socket.h>
+#include <in.h>
+#include <inet.h>
+#else
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#endif
+
+#include <openssl/crypto.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
+#define RSA_SERVER_CERT "server.crt"
+#define RSA_SERVER_KEY "server.key"
+
+#define RSA_SERVER_CA_CERT "server_ca.crt"
+#define RSA_SERVER_CA_PATH "sys$common:[syshlp.examples.ssl]"
+
+#define ON 1
+#define OFF 0
+
+#define RETURN_NULL(x) if ((x)==NULL) exit(1)
+#define RETURN_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
+#define RETURN_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(1); }
+
+void main ()
+{
+ int err, i;
+ int verify_client = ON; /* To verify a client certificate, set ON */
+
+ int listen_sock;
+ int sock;
+ int on = ON;
+ struct sockaddr_in sa_serv;
+ struct sockaddr_in sa_cli;
+ size_t client_len;
+ char *str;
+ char buf[4096];
+
+ SSL_CTX *ctx;
+ SSL *ssl;
+ SSL_METHOD *meth;
+ X509 *client_cert = NULL;
+ BIO *sbio = NULL;
+
+ short int s_port = 5555;
+
+ int sid_ctx = 1;
+
+ /*-----------------------------------------------------------------------------------------*/
+ /* Load encryption & hashing algorithms for the SSL program */
+ SSL_library_init();
+
+ /* Load the error strings for SSL & CRYPTO APIs */
+ SSL_load_error_strings();
+
+ /* Create a SSL_METHOD structure (choose a SSL/TLS protocol version) */
+ meth = SSLv3_method();
+
+ /* Create a SSL_CTX structure */
+ ctx = SSL_CTX_new(meth);
+ if (!ctx) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Load the server certificate into the SSL_CTX structure */
+ if (SSL_CTX_use_certificate_file(ctx, RSA_SERVER_CERT, SSL_FILETYPE_PEM) <= 0) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Load the private-key corresponding to the server certificate */
+ if (SSL_CTX_use_PrivateKey_file(ctx, RSA_SERVER_KEY, SSL_FILETYPE_PEM) <= 0) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Check if the server certificate and private-key matches */
+ if (!SSL_CTX_check_private_key(ctx)) {
+ fprintf(stderr,"Private key does not match the certificate public key\n");
+ exit(1);
+ }
+
+ if(verify_client == ON)
+ {
+ /* Load the RSA CA certificate into the SSL_CTX structure */
+ if (!SSL_CTX_load_verify_locations(ctx, RSA_SERVER_CA_CERT, NULL)) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Set to require peer (client) certificate verification */
+ SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER,NULL);
+
+ /* Set the verification depth to 1 */
+ SSL_CTX_set_verify_depth(ctx,1);
+
+ /* For session resumption */
+ if(!SSL_CTX_set_session_id_context(ctx,(void*)&sid_ctx,sizeof(sid_ctx))){
+ printf("SSL_CTX_set_session_id_context() failed\n");
+ exit(1);
+ }
+ }
+
+ /* ----------------------------------------------- */
+ /* Set up a TCP socket */
+
+ listen_sock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
+ RETURN_ERR(listen_sock, "socket");
+
+ memset (&sa_serv, '\0', sizeof(sa_serv));
+ sa_serv.sin_family = AF_INET;
+ sa_serv.sin_addr.s_addr = INADDR_ANY;
+ sa_serv.sin_port = htons (s_port); /* Server Port number */
+
+ /* Set the socket options so that the socket can be reused */
+ err = setsockopt (listen_sock, SOL_SOCKET, SO_REUSEADDR, (void *)&on, sizeof(on));
+ RETURN_ERR(err, "setsockopt");
+
+ err = bind(listen_sock, (struct sockaddr*)&sa_serv,sizeof(sa_serv));
+ RETURN_ERR(err, "bind");
+
+ /* Wait for an incoming TCP connection. */
+ err = listen(listen_sock, 5);
+ RETURN_ERR(err, "listen");
+
+ client_len = sizeof(sa_cli);
+
+
+ for(i=0; i<2; i++)
+ {
+ /* Socket for a TCP/IP connection is created */
+ sock = accept(listen_sock, (struct sockaddr*)&sa_cli, &client_len);
+ RETURN_ERR(sock, "accept");
+
+ printf ("Connection from %lx, port %x\n", sa_cli.sin_addr.s_addr, sa_cli.sin_port);
+
+ /* ----------------------------------------------- */
+ /* TCP connection is ready. */
+
+ /* A SSL structure is created */
+ ssl = SSL_new(ctx);
+ RETURN_NULL(ssl);
+
+ if(1){ /* Use a socket BIO between the socket and SSL structure */
+ /* Create a socket BIO */
+ sbio = BIO_new_socket(sock, BIO_NOCLOSE);
+
+ /* Assign the socket BIO to the SSL structure*/
+ SSL_set_bio(ssl, sbio, sbio);
+
+ }
+ else{
+ /* Assign the socket into the SSL structure (SSL and socket without BIO) */
+ SSL_set_fd(ssl, sock);
+ }
+
+ /* Perform SSL Handshake on the SSL server */
+ err = SSL_accept(ssl);
+ RETURN_SSL(err);
+
+ /* Informational output (optional) */
+ printf("SSL connection using %s\n", SSL_get_cipher (ssl));
+
+ /* Get the client's certificate (optional) */
+ client_cert = SSL_get_peer_certificate(ssl);
+
+ if (client_cert != NULL)
+ {
+ printf ("Client certificate:\n");
+
+ str = X509_NAME_oneline(X509_get_subject_name(client_cert), 0, 0);
+ RETURN_NULL(str);
+ printf ("\t subject: %s\n", str);
+ free (str);
+
+ str = X509_NAME_oneline(X509_get_issuer_name(client_cert), 0, 0);
+ RETURN_NULL(str);
+ printf ("\t issuer: %s\n", str);
+ free (str);
+
+ X509_free(client_cert);
+ }
+ else
+ printf("The SSL client does not have certificate.\n");
+
+
+ /*--------------- DATA EXCHANGE - Receive message and send reply. ---------------*/
+
+ /* Receive data from the SSL client */
+ err = SSL_read(ssl, buf, sizeof(buf) - 1);
+ RETURN_SSL(err);
+ buf[err] = '\0';
+ printf ("Received %d chars:'%s'\n", err, buf);
+
+ /* Send data to the SSL client */
+ err = SSL_write(ssl, "This message is from the SSL server", strlen("This message is from the SSL server"));
+ RETURN_SSL(err);
+
+ /*--------------- SSL closure ---------------*/
+ /* Shutdown this side of the SSL connection */
+ err = SSL_shutdown(ssl);
+ RETURN_SSL(err);
+
+ /* Terminate communication on a socket */
+ err = close(sock);
+ RETURN_ERR(err, "close");
+
+ }
+
+ err = close(listen_sock);
+ RETURN_ERR(err, "close");
+
+ /* Free the SSL structure */
+ SSL_free(ssl);
+
+ /* Free the SSL_CTX structure */
+ SSL_CTX_free(ctx);
+}
+
diff --git a/demos/vms_examples/ssl$serv_verify_client.c b/demos/vms_examples/ssl$serv_verify_client.c
new file mode 100644
index 0000000000..3e1ccf6cc7
--- /dev/null
+++ b/demos/vms_examples/ssl$serv_verify_client.c
@@ -0,0 +1,307 @@
+/*
+ * ++
+ * FACILITY:
+ *
+ * Simplest SSL Server + "Socket BIO" + "client certificate verification"
+ *
+ * ABSTRACT:
+ *
+ * This is an example of a SSL server with minimum functionality
+ * with the client certificate verification (using Socket BIO).
+ * The socket APIs are used to handle TCP/IP operations. This SSL
+ * server loads its own certificate and key,
+ * and it requests & verifies the certificate of the SSL client.
+ *
+ * ENVIRONMENT:
+ *
+ * OpenVMS Alpha V7.2-2
+ * TCP/IP Services V5.0A or higher
+ *
+ * AUTHOR:
+ *
+ * Taka Shinagawa, OpenVMS Security Group
+ *
+ * CREATION DATE:
+ *
+ * 1-Jan-2002
+ *
+ * --
+ */
+
+
+/* Assumptions, Build, Configuration, and Execution Instructions */
+
+/*
+ * ASSUMPTIONS:
+ *
+ * The following are assumed to be true for the
+ * execution of this program to succeed:
+ *
+ * - SSL is installed and started on this system.
+ *
+ * - this server program, and its accompanying client
+ * program are run on the same system, but in different
+ * processes.
+ *
+ * - the certificate and keys referenced by this program
+ * reside in the same directory as this program. There
+ * is a command procedure, SSL$EXAMPLES_SETUP.COM, to
+ * help set up the certificates and keys.
+ *
+ * BUILD INSTRUCTIONS:
+ *
+ * To build this example program use commands of the form,
+ *
+ * For a 32-bit application using only SSL APIs needs to run the following commands for SSL_APP.C .
+ * -----------------------------------------------------------------
+ * $CC/POINTER_SIZE=32/PREFIX_LIBRARY_ENTRIES=ALL_ENTRIES SSL_APP.C
+ * $LINK SSL_APP.OBJ, VMS_DECC_OPTIONS.OPT/OPT
+ * -----------------------------------------------------------------
+ * VMS_DECC_OPTIONS.OPT should include the following lines.
+ * -------------------------------------------------
+ * SYS$LIBRARY:OPENSSL$LIBCRYPTO_SHR32.EXE/SHARE
+ * SYS$LIBRARY:OPENSSL$LIBSSL_SHR32.EXE/SHARE
+ * -------------------------------------------------
+ *
+ * Creating a 64-bit application of SSL_APP.C should run the following commands.
+ * -----------------------------------------------------------------
+ * $CC/POINTER_SIZE=64/PREFIX_LIBRARY_ENTRIES=ALL_ENTRIES SSL_APP.C
+ * $LINK SSL_APP.OBJ, VMS_DECC_OPTIONS.OPT/OPT
+ * -----------------------------------------------------------------
+ * VMS_DECC_OPTIONS.OPT should include the following lines.
+ * -------------------------------------------------
+ * SYS$LIBRARY:OPENSSL$LIBCRYPTO_SHR.EXE/SHARE
+ * SYS$LIBRARY:OPENSSL$LIBSSL_SHR.EXE/SHARE
+ * -------------------------------------------------
+ *
+ *
+ * CONFIGURATION INSTRUCTIONS:
+ *
+ *
+ * RUN INSTRUCTIONS:
+ *
+ * To run this example program:
+ *
+ * 1) Start the server program,
+ *
+ * $ run server
+ *
+ * 2) Start the client program on this same system,
+ *
+ * $ run client
+ *
+ */
+
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <netdb.h>
+#include <unistd.h>
+
+#ifdef __VMS
+#include <types.h>
+#include <socket.h>
+#include <in.h>
+#include <inet.h>
+#else
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#endif
+
+#include <openssl/crypto.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
+#define RSA_SERVER_CERT "server.crt"
+#define RSA_SERVER_KEY "server.key"
+
+#define RSA_SERVER_CA_CERT "server_ca.crt"
+#define RSA_SERVER_CA_PATH "sys$common:[syshlp.examples.ssl]"
+
+#define ON 1
+#define OFF 0
+
+#define RETURN_NULL(x) if ((x)==NULL) exit(1)
+#define RETURN_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
+#define RETURN_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(1); }
+
+void main ()
+{
+ int err;
+ int verify_client = ON; /* To verify a client certificate, set ON */
+
+ int listen_sock;
+ int sock;
+ struct sockaddr_in sa_serv;
+ struct sockaddr_in sa_cli;
+ size_t client_len;
+ char *str;
+ char buf[4096];
+
+ SSL_CTX *ctx;
+ SSL *ssl;
+ SSL_METHOD *meth;
+ X509 *client_cert = NULL;
+ BIO *sbio = NULL;
+
+ short int s_port = 5555;
+
+ /*-----------------------------------------------------------------------------------------*/
+ /* Load encryption & hashing algorithms for the SSL program */
+ SSL_library_init();
+
+ /* Load the error strings for SSL & CRYPTO APIs */
+ SSL_load_error_strings();
+
+ /* Create a SSL_METHOD structure (choose a SSL/TLS protocol version) */
+ meth = SSLv3_method();
+
+ /* Create a SSL_CTX structure */
+ ctx = SSL_CTX_new(meth);
+ if (!ctx) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Load the server certificate into the SSL_CTX structure */
+ if (SSL_CTX_use_certificate_file(ctx, RSA_SERVER_CERT, SSL_FILETYPE_PEM) <= 0) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Load the private-key corresponding to the server certificate */
+ if (SSL_CTX_use_PrivateKey_file(ctx, RSA_SERVER_KEY, SSL_FILETYPE_PEM) <= 0) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Check if the server certificate and private-key matches */
+ if (!SSL_CTX_check_private_key(ctx)) {
+ fprintf(stderr,"Private key does not match the certificate public key\n");
+ exit(1);
+ }
+
+ if(verify_client == ON)
+ {
+ /* Load the RSA CA certificate into the SSL_CTX structure */
+ if (!SSL_CTX_load_verify_locations(ctx, RSA_SERVER_CA_CERT, NULL)) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Set to require peer (client) certificate verification */
+ SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER,NULL);
+
+ /* Set the verification depth to 1 */
+ SSL_CTX_set_verify_depth(ctx,1);
+ }
+
+ /* ----------------------------------------------- */
+ /* Set up a TCP socket */
+
+ listen_sock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
+ RETURN_ERR(listen_sock, "socket");
+
+ memset (&sa_serv, '\0', sizeof(sa_serv));
+ sa_serv.sin_family = AF_INET;
+ sa_serv.sin_addr.s_addr = INADDR_ANY;
+ sa_serv.sin_port = htons (s_port); /* Server Port number */
+
+ err = bind(listen_sock, (struct sockaddr*)&sa_serv,sizeof(sa_serv));
+ RETURN_ERR(err, "bind");
+
+ /* Wait for an incoming TCP connection. */
+ err = listen(listen_sock, 5);
+ RETURN_ERR(err, "listen");
+
+ client_len = sizeof(sa_cli);
+
+ /* Socket for a TCP/IP connection is created */
+ sock = accept(listen_sock, (struct sockaddr*)&sa_cli, &client_len);
+ RETURN_ERR(sock, "accept");
+ close (listen_sock);
+
+ printf ("Connection from %lx, port %x\n", sa_cli.sin_addr.s_addr, sa_cli.sin_port);
+
+ /* ----------------------------------------------- */
+ /* TCP connection is ready. */
+
+ /* A SSL structure is created */
+ ssl = SSL_new(ctx);
+ RETURN_NULL(ssl);
+
+ if(1){ /* Use a socket BIO between the socket and SSL structure */
+ /* Create a socket BIO */
+ sbio = BIO_new_socket(sock, BIO_NOCLOSE);
+
+ /* Assign the socket BIO to the SSL structure*/
+ SSL_set_bio(ssl, sbio, sbio);
+
+ }
+ else{
+ /* Assign the socket into the SSL structure (SSL and socket without BIO) */
+ SSL_set_fd(ssl, sock);
+ }
+
+ /* Perform SSL Handshake on the SSL server */
+ err = SSL_accept(ssl);
+ RETURN_SSL(err);
+
+ /* Informational output (optional) */
+ printf("SSL connection using %s\n", SSL_get_cipher (ssl));
+
+ /* Get the client's certificate (optional) */
+ client_cert = SSL_get_peer_certificate(ssl);
+
+ if (client_cert != NULL)
+ {
+ printf ("Client certificate:\n");
+
+ str = X509_NAME_oneline(X509_get_subject_name(client_cert), 0, 0);
+ RETURN_NULL(str);
+ printf ("\t subject: %s\n", str);
+ free (str);
+
+ str = X509_NAME_oneline(X509_get_issuer_name(client_cert), 0, 0);
+ RETURN_NULL(str);
+ printf ("\t issuer: %s\n", str);
+ free (str);
+
+ X509_free(client_cert);
+ }
+ else
+ printf("The SSL client does not have certificate.\n");
+
+
+ /*--------------- DATA EXCHANGE - Receive message and send reply. ---------------*/
+
+ /* Receive data from the SSL client */
+ err = SSL_read(ssl, buf, sizeof(buf) - 1);
+ RETURN_SSL(err);
+ buf[err] = '\0';
+ printf ("Received %d chars:'%s'\n", err, buf);
+
+ /* Send data to the SSL client */
+ err = SSL_write(ssl, "This message is from the SSL server", strlen("This message is from the SSL server"));
+ RETURN_SSL(err);
+
+ /*--------------- SSL closure ---------------*/
+ /* Shutdown this side of the SSL connection */
+ err = SSL_shutdown(ssl);
+ RETURN_SSL(err);
+
+ /* Terminate communication on a socket */
+ err = close(sock);
+ RETURN_ERR(err, "close");
+
+ /* Free the SSL structure */
+ SSL_free(ssl);
+
+ /* Free the SSL_CTX structure */
+ SSL_CTX_free(ctx);
+}
+
diff --git a/demos/vms_examples/ssl$simple_cli.c b/demos/vms_examples/ssl$simple_cli.c
new file mode 100644
index 0000000000..78cd92b5bf
--- /dev/null
+++ b/demos/vms_examples/ssl$simple_cli.c
@@ -0,0 +1,290 @@
+/*
+ * ++
+ * FACILITY:
+ *
+ * Simplest SSL Client
+ *
+ * ABSTRACT:
+ *
+ * This is an example of an SSL client with minimum functionality.
+ * The socket APIs are used to handle TCP/IP operations.
+ *
+ * This SSL client verifies the server's certificate against the CA
+ * certificate loaded in the client.
+ *
+ * This SSL client does not load its own certificate and key because
+ * the SSL server does not request nor verify the client certificate.
+ *
+ *
+ * ENVIRONMENT:
+ *
+ * OpenVMS Alpha V7.2-2
+ * TCP/IP Services V5.0A or higher
+ *
+ * AUTHOR:
+ *
+ * Taka Shinagawa, OpenVMS Security Group
+ *
+ * CREATION DATE:
+ *
+ * 1-Jan-2002
+ *
+ * --
+ */
+
+
+/* Assumptions, Build, Configuration, and Execution Instructions */
+
+/*
+ * ASSUMPTIONS:
+ *
+ * The following are assumed to be true for the
+ * execution of this program to succeed:
+ *
+ * - SSL is installed and started on this system.
+ *
+ * - this server program, and its accompanying client
+ * program are run on the same system, but in different
+ * processes.
+ *
+ * - the certificate and keys referenced by this program
+ * reside in the same directory as this program. There
+ * is a command procedure, SSL$EXAMPLES_SETUP.COM, to
+ * help set up the certificates and keys.
+ *
+ *
+ * BUILD INSTRUCTIONS:
+ *
+ * To build this example program use commands of the form,
+ *
+ * For a 32-bit application using only SSL APIs needs to run the following commands for SSL_APP.C .
+ * -----------------------------------------------------------------
+ * $CC/POINTER_SIZE=32/PREFIX_LIBRARY_ENTRIES=ALL_ENTRIES SSL_APP.C
+ * $LINK SSL_APP.OBJ, VMS_DECC_OPTIONS.OPT/OPT
+ * -----------------------------------------------------------------
+ * VMS_DECC_OPTIONS.OPT should include the following lines.
+ * -------------------------------------------------
+ * SYS$LIBRARY:OPENSSL$LIBCRYPTO_SHR32.EXE/SHARE
+ * SYS$LIBRARY:OPENSSL$LIBSSL_SHR32.EXE/SHARE
+ * -------------------------------------------------
+ *
+ * Creating a 64-bit application of SSL_APP.C should run the following commands.
+ * -----------------------------------------------------------------
+ * $CC/POINTER_SIZE=64/PREFIX_LIBRARY_ENTRIES=ALL_ENTRIES SSL_APP.C
+ * $LINK SSL_APP.OBJ, VMS_DECC_OPTIONS.OPT/OPT
+ * -----------------------------------------------------------------
+ * VMS_DECC_OPTIONS.OPT should include the following lines.
+ * -------------------------------------------------
+ * SYS$LIBRARY:OPENSSL$LIBCRYPTO_SHR.EXE/SHARE
+ * SYS$LIBRARY:OPENSSL$LIBSSL_SHR.EXE/SHARE
+ * -------------------------------------------------
+ *
+ *
+ * CONFIGURATION INSTRUCTIONS:
+ *
+ *
+ * RUN INSTRUCTIONS:
+ *
+ * To run this example program:
+ *
+ * 1) Start the server program,
+ *
+ * $ run server on this system
+ *
+ * 2) Start the client program on this same system,
+ *
+ * $ run client
+ *
+ */
+
+
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+#include <netdb.h>
+#include <unistd.h>
+
+#ifdef __VMS
+#include <socket.h>
+#include <inet.h>
+#include <in.h>
+#else
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#endif
+
+#include <openssl/crypto.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
+#define RETURN_NULL(x) if ((x)==NULL) exit (1)
+#define RETURN_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
+#define RETURN_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(1); }
+
+static int verify_callback(int ok, X509_STORE_CTX *ctx);
+
+#define RSA_CLIENT_CERT "client.crt"
+#define RSA_CLIENT_KEY "client.key"
+
+#define RSA_CLIENT_CA_CERT "client_ca.crt"
+#define RSA_CLIENT_CA_PATH "sys$common:[syshlp.examples.ssl]"
+
+#define ON 1
+#define OFF 0
+
+void main()
+{
+ int err;
+ int verify_client = OFF; /* To verify a client certificate, set ON */
+
+ int sock;
+ struct sockaddr_in server_addr;
+ char *str;
+ char buf [4096];
+ char hello[80];
+
+ SSL_CTX *ctx;
+ SSL *ssl;
+ SSL_METHOD *meth;
+ X509 *server_cert;
+
+ EVP_PKEY *pkey;
+
+ short int s_port = 5555;
+ const char *s_ipaddr = "127.0.0.1";
+
+ /*----------------------------------------------------------*/
+ printf ("Message to be sent to the SSL server: ");
+ fgets (hello, 80, stdin);
+
+ /* Load encryption & hashing algorithms for the SSL program */
+ SSL_library_init();
+
+ /* Load the error strings for SSL & CRYPTO APIs */
+ SSL_load_error_strings();
+
+ /* Create an SSL_METHOD structure (choose an SSL/TLS protocol version) */
+ meth = SSLv3_method();
+
+ /* Create an SSL_CTX structure */
+ ctx = SSL_CTX_new(meth);
+ RETURN_NULL(ctx);
+
+ /*-------------------------------------------------------------------------*/
+ if(verify_client == ON)
+ {
+ /* Load the client certificate into the SSL_CTX structure */
+ if (SSL_CTX_use_certificate_file(ctx, RSA_CLIENT_CERT, SSL_FILETYPE_PEM) <= 0) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Load the private-key corresponding to the client certificate */
+ if (SSL_CTX_use_PrivateKey_file(ctx, RSA_CLIENT_KEY, SSL_FILETYPE_PEM) <= 0) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Check if the client certificate and private-key matches */
+ if (!SSL_CTX_check_private_key(ctx)) {
+ fprintf(stderr,"Private key does not match the certificate public key\n");
+ exit(1);
+ }
+ }
+
+ /* Load the RSA CA certificate into the SSL_CTX structure */
+ /* This will allow this client to verify the server's */
+ /* certificate. */
+ if (!SSL_CTX_load_verify_locations(ctx, RSA_CLIENT_CA_CERT, NULL)) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Set flag in context to require peer (server) certificate verification */
+ SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER,NULL);
+ SSL_CTX_set_verify_depth(ctx,1);
+
+ /* ----------------------------------------------------------------- */
+ /* Set up a TCP socket */
+
+ sock = socket (PF_INET, SOCK_STREAM, IPPROTO_TCP);
+ RETURN_ERR(sock, "socket");
+
+ memset (&server_addr, '\0', sizeof(server_addr));
+ server_addr.sin_family = AF_INET;
+ server_addr.sin_port = htons(s_port); /* Server Port number */
+ server_addr.sin_addr.s_addr = inet_addr(s_ipaddr); /* Server IP */
+
+ /* Establish a TCP/IP connection to the SSL client */
+ err = connect(sock, (struct sockaddr*) &server_addr, sizeof(server_addr));
+ RETURN_ERR(err, "connect");
+
+ /* ----------------------------------------------- */
+ /* An SSL structure is created */
+ ssl = SSL_new (ctx);
+ RETURN_NULL(ssl);
+
+ /* Assign the socket into the SSL structure (SSL and socket without BIO) */
+ SSL_set_fd(ssl, sock);
+
+ /* Perform SSL Handshake on the SSL client */
+ err = SSL_connect(ssl);
+ RETURN_SSL(err);
+
+ /* Informational output (optional) */
+ printf ("SSL connection using %s\n", SSL_get_cipher (ssl));
+
+
+ /* Get the server's certificate (optional) */
+ server_cert = SSL_get_peer_certificate (ssl);
+
+ if (server_cert != NULL)
+ {
+ printf ("Server certificate:\n");
+
+ str = X509_NAME_oneline(X509_get_subject_name(server_cert),0,0);
+ RETURN_NULL(str);
+ printf ("\t subject: %s\n", str);
+ free (str);
+
+ str = X509_NAME_oneline(X509_get_issuer_name(server_cert),0,0);
+ RETURN_NULL(str);
+ printf ("\t issuer: %s\n", str);
+ free(str);
+
+ X509_free (server_cert);
+ }
+ else
+ printf("The SSL server does not have certificate.\n");
+
+
+ /*--------------- DATA EXCHANGE - send message and receive reply. ---------------*/
+
+ /* Send data to the SSL server */
+ err = SSL_write(ssl, hello, strlen(hello));
+ RETURN_SSL(err);
+
+ /* Receive data from the SSL server */
+ err = SSL_read(ssl, buf, sizeof(buf)-1);
+ RETURN_SSL(err);
+ buf[err] = '\0';
+ printf ("Received %d chars:'%s'\n", err, buf);
+
+ /*--------------- SSL closure ---------------*/
+ /* Shutdown the client side of the SSL connection */
+ err = SSL_shutdown(ssl);
+ RETURN_SSL(err);
+
+ /* Terminate communication on a socket */
+ err = close(sock);
+ RETURN_ERR(err, "close");
+
+ /* Free the SSL structure */
+ SSL_free(ssl);
+
+ /* Free the SSL_CTX structure */
+ SSL_CTX_free(ctx);
+}
+
diff --git a/demos/vms_examples/ssl$simple_serv.c b/demos/vms_examples/ssl$simple_serv.c
new file mode 100644
index 0000000000..178cc2be26
--- /dev/null
+++ b/demos/vms_examples/ssl$simple_serv.c
@@ -0,0 +1,299 @@
+/*
+ * ++
+ * FACILITY:
+ *
+ * Simplest SSL Server
+ *
+ * ABSTRACT:
+ *
+ * This is an example of a SSL server with minimum functionality.
+ * The socket APIs are used to handle TCP/IP operations. This SSL
+ * server loads its own certificate and key, but it does not verify
+ * the certificate of the SSL client.
+ *
+ * ENVIRONMENT:
+ *
+ * OpenVMS Alpha V7.2-2 or higher
+ * TCP/IP Services V5.0A or higher
+ *
+ * AUTHOR:
+ *
+ * Taka Shinagawa, OpenVMS Security Group
+ *
+ * CREATION DATE:
+ *
+ * 1-Jan-2002
+ *
+ * --
+ */
+
+
+/* Assumptions, Build, Configuration, and Execution Instructions */
+
+/*
+ * ASSUMPTIONS:
+ *
+ * The following are assumed to be true for the
+ * execution of this program to succeed:
+ *
+ * - SSL is installed and started on this system.
+ *
+ * - this server program, and its accompanying client
+ * program are run on the same system, but in different
+ * processes.
+ *
+ * - the certificate and keys referenced by this program
+ * reside in the same directory as this program. There
+ * is a command procedure, SSL$EXAMPLES_SETUP.COM, to
+ * help set up the certificates and keys.
+ *
+ *
+ * BUILD INSTRUCTIONS:
+ *
+ * To build this example program use commands of the form,
+ *
+ * For a 32-bit application using only SSL APIs needs to run the following commands for SSL_APP.C .
+ * -----------------------------------------------------------------
+ * $CC/POINTER_SIZE=32/PREFIX_LIBRARY_ENTRIES=ALL_ENTRIES SSL_APP.C
+ * $LINK SSL_APP.OBJ, VMS_DECC_OPTIONS.OPT/OPT
+ * -----------------------------------------------------------------
+ * VMS_DECC_OPTIONS.OPT should include the following lines.
+ * -------------------------------------------------
+ * SYS$LIBRARY:OPENSSL$LIBCRYPTO_SHR32.EXE/SHARE
+ * SYS$LIBRARY:OPENSSL$LIBSSL_SHR32.EXE/SHARE
+ * -------------------------------------------------
+ *
+ * Creating a 64-bit application of SSL_APP.C should run the following commands.
+ * -----------------------------------------------------------------
+ * $CC/POINTER_SIZE=64/PREFIX_LIBRARY_ENTRIES=ALL_ENTRIES SSL_APP.C
+ * $LINK SSL_APP.OBJ, VMS_DECC_OPTIONS.OPT/OPT
+ * -----------------------------------------------------------------
+ * VMS_DECC_OPTIONS.OPT should include the following lines.
+ * -------------------------------------------------
+ * SYS$LIBRARY:OPENSSL$LIBCRYPTO_SHR.EXE/SHARE
+ * SYS$LIBRARY:OPENSSL$LIBSSL_SHR.EXE/SHARE
+ * -------------------------------------------------
+ *
+ *
+ * CONFIGURATION INSTRUCTIONS:
+ *
+ *
+ * RUN INSTRUCTIONS:
+ *
+ * To run this example program:
+ *
+ * 1) Start the server program,
+ *
+ * $ run server
+ *
+ * 2) Start the client program on this same system,
+ *
+ * $ run client
+ *
+ */
+
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <netdb.h>
+#include <unistd.h>
+
+#ifdef __VMS
+#include <types.h>
+#include <socket.h>
+#include <in.h>
+#include <inet.h>
+#else
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#endif
+
+#include <openssl/crypto.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
+#define RSA_SERVER_CERT "server.crt"
+#define RSA_SERVER_KEY "server.key"
+
+#define RSA_SERVER_CA_CERT "server_ca.crt"
+#define RSA_SERVER_CA_PATH "sys$common:[syshlp.examples.ssl]"
+
+#define ON 1
+#define OFF 0
+
+#define RETURN_NULL(x) if ((x)==NULL) exit(1)
+#define RETURN_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
+#define RETURN_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(1); }
+
+void main()
+{
+ int err;
+ int verify_client = OFF; /* To verify a client certificate, set ON */
+
+ int listen_sock;
+ int sock;
+ struct sockaddr_in sa_serv;
+ struct sockaddr_in sa_cli;
+ size_t client_len;
+ char *str;
+ char buf[4096];
+
+ SSL_CTX *ctx;
+ SSL *ssl;
+ SSL_METHOD *meth;
+ X509 *client_cert = NULL;
+
+ short int s_port = 5555;
+
+ /*-----------------------------------------------------------------------------------------*/
+ /* Load encryption & hashing algorithms for the SSL program */
+ SSL_library_init();
+
+ /* Load the error strings for SSL & CRYPTO APIs */
+ SSL_load_error_strings();
+
+ /* Create a SSL_METHOD structure (choose a SSL/TLS protocol version) */
+ meth = SSLv3_method();
+
+ /* Create a SSL_CTX structure */
+ ctx = SSL_CTX_new(meth);
+ if (!ctx) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Load the server certificate into the SSL_CTX structure */
+ if (SSL_CTX_use_certificate_file(ctx, RSA_SERVER_CERT, SSL_FILETYPE_PEM) <= 0) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Load the private-key corresponding to the server certificate */
+ if (SSL_CTX_use_PrivateKey_file(ctx, RSA_SERVER_KEY, SSL_FILETYPE_PEM) <= 0) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Check if the server certificate and private-key matches */
+ if (!SSL_CTX_check_private_key(ctx)) {
+ fprintf(stderr,"Private key does not match the certificate public key\n");
+ exit(1);
+ }
+
+ if(verify_client == ON)
+ {
+ /* Load the RSA CA certificate into the SSL_CTX structure */
+ if (!SSL_CTX_load_verify_locations(ctx, RSA_SERVER_CA_CERT, NULL)) {
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+ /* Set to require peer (client) certificate verification */
+ SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER,NULL);
+
+ /* Set the verification depth to 1 */
+ SSL_CTX_set_verify_depth(ctx,1);
+ }
+
+ /* ----------------------------------------------- */
+ /* Set up a TCP socket */
+
+ listen_sock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
+ RETURN_ERR(listen_sock, "socket");
+
+ memset (&sa_serv, '\0', sizeof(sa_serv));
+ sa_serv.sin_family = AF_INET;
+ sa_serv.sin_addr.s_addr = INADDR_ANY;
+ sa_serv.sin_port = htons (s_port); /* Server Port number */
+
+ err = bind(listen_sock, (struct sockaddr*)&sa_serv,sizeof(sa_serv));
+ RETURN_ERR(err, "bind");
+
+ /* Wait for an incoming TCP connection. */
+ err = listen(listen_sock, 5);
+ RETURN_ERR(err, "listen");
+
+ client_len = sizeof(sa_cli);
+
+ /* Socket for a TCP/IP connection is created */
+ sock = accept(listen_sock, (struct sockaddr*)&sa_cli, &client_len);
+ RETURN_ERR(sock, "accept");
+ close (listen_sock);
+
+ printf ("Connection from %lx, port %x\n", sa_cli.sin_addr.s_addr, sa_cli.sin_port);
+
+ /* ----------------------------------------------- */
+ /* TCP connection is ready. */
+
+ /* A SSL structure is created */
+ ssl = SSL_new(ctx);
+ RETURN_NULL(ssl);
+
+ /* Assign the socket into the SSL structure (SSL and socket without BIO) */
+ SSL_set_fd(ssl, sock);
+
+ /* Perform SSL Handshake on the SSL server */
+ err = SSL_accept(ssl);
+ RETURN_SSL(err);
+
+ /* Informational output (optional) */
+ printf("SSL connection using %s\n", SSL_get_cipher (ssl));
+
+ if (verify_client == ON)
+ {
+ /* Get the client's certificate (optional) */
+ client_cert = SSL_get_peer_certificate(ssl);
+
+ if (client_cert != NULL)
+ {
+ printf ("Client certificate:\n");
+
+ str = X509_NAME_oneline(X509_get_subject_name(client_cert), 0, 0);
+ RETURN_NULL(str);
+ printf ("\t subject: %s\n", str);
+ free (str);
+
+ str = X509_NAME_oneline(X509_get_issuer_name(client_cert), 0, 0);
+ RETURN_NULL(str);
+ printf ("\t issuer: %s\n", str);
+ free (str);
+
+ X509_free(client_cert);
+ }
+ else
+ printf("The SSL client does not have certificate.\n");
+ }
+
+
+ /*--------------- DATA EXCHANGE - Receive message and send reply. ---------------*/
+
+ /* Receive data from the SSL client */
+ err = SSL_read(ssl, buf, sizeof(buf) - 1);
+ RETURN_SSL(err);
+ buf[err] = '\0';
+ printf ("Received %d chars:'%s'\n", err, buf);
+
+ /* Send data to the SSL client */
+ err = SSL_write(ssl, "This message is from the SSL server", strlen("This message is from the SSL server"));
+ RETURN_SSL(err);
+
+ /*--------------- SSL closure ---------------*/
+ /* Shutdown this side (server) of the connection. */
+ err = SSL_shutdown(ssl);
+ RETURN_SSL(err);
+
+ /* Terminate communication on a socket */
+ err = close(sock);
+ RETURN_ERR(err, "close");
+
+ /* Free the SSL structure */
+ SSL_free(ssl);
+
+ /* Free the SSL_CTX structure */
+ SSL_CTX_free(ctx);
+}
+
diff --git a/doc/apps/asn1parse.pod b/doc/apps/asn1parse.pod
index 542d969066..e3462aabf1 100644
--- a/doc/apps/asn1parse.pod
+++ b/doc/apps/asn1parse.pod
@@ -165,7 +165,7 @@ Example config file:
=head1 BUGS
-There should be options to change the format of output lines. The output of some
+There should be options to change the format of input lines. The output of some
ASN.1 types is not well handled (if at all).
=cut
diff --git a/doc/apps/ca.pod b/doc/apps/ca.pod
index 5db7d9441c..d0a7703e61 100644
--- a/doc/apps/ca.pod
+++ b/doc/apps/ca.pod
@@ -585,7 +585,8 @@ if corrupted it can be difficult to fix. It is theoretically possible
to rebuild the index file from all the issued certificates and a current
CRL: however there is no option to do this.
-V2 CRL features like delta CRLs are not currently supported.
+V2 CRL features like delta CRL support and CRL numbers are not currently
+supported.
Although several requests can be input and handled at once it is only
possible to include one SPKAC or self signed certificate.
@@ -596,6 +597,12 @@ The use of an in memory text database can cause problems when large
numbers of certificates are present because, as the name implies
the database has to be kept in memory.
+It is not possible to certify two certificates with the same DN: this
+is a side effect of how the text database is indexed and it cannot easily
+be fixed without introducing other problems. Some S/MIME clients can use
+two certificates with the same DN for separate signing and encryption
+keys.
+
The B<ca> command really needs rewriting or the required functionality
exposed at either a command or interface level so a more friendly utility
(perl script or GUI) can handle things properly. The scripts B<CA.sh> and
diff --git a/doc/apps/config.pod b/doc/apps/config.pod
index ace34b62bd..2158cf4253 100644
--- a/doc/apps/config.pod
+++ b/doc/apps/config.pod
@@ -1,8 +1,6 @@
=pod
-=for comment openssl_manual_section:5
-
=head1 NAME
config - OpenSSL CONF library configuration files
diff --git a/doc/apps/dgst.pod b/doc/apps/dgst.pod
index b0d198724c..1648742bcf 100644
--- a/doc/apps/dgst.pod
+++ b/doc/apps/dgst.pod
@@ -14,7 +14,6 @@ B<openssl> B<dgst>
[B<-binary>]
[B<-out filename>]
[B<-sign filename>]
-[B<-passin arg>]
[B<-verify filename>]
[B<-prverify filename>]
[B<-signature filename>]
@@ -60,11 +59,6 @@ filename to output to, or standard output by default.
digitally sign the digest using the private key in "filename".
-=item B<-passin arg>
-
-the private key password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
=item B<-verify filename>
verify the signature using the the public key in "filename".
diff --git a/doc/apps/ecparam.pod b/doc/apps/ecparam.pod
index 1a12105da7..2523a9b103 100644
--- a/doc/apps/ecparam.pod
+++ b/doc/apps/ecparam.pod
@@ -142,27 +142,27 @@ B<ecparam> can only create EC parameters from known (named) curves.
To create EC parameters with the group 'prime192v1':
- openssl ecparam -out ec_param.pem -name prime192v1
+ openssl ec -out ec_param.pem -name prime192v1
To create EC parameters with explicit parameters:
- openssl ecparam -out ec_param.pem -name prime192v1 -param_enc explicit
+ openssl ec -out ec_param.pem -name prime192v1 -param_enc explicit
To validate given EC parameters:
- openssl ecparam -in ec_param.pem -check
+ openssl ec -in ec_param.pem -check
To create EC parameters and a private key:
- openssl ecparam -out ec_key.pem -name prime192v1 -genkey
+ openssl ec -out ec_key.pem -name prime192v1 -genkey
To change the point encoding to 'compressed':
- openssl ecparam -in ec_in.pem -out ec_out.pem -conv_form compressed
+ openssl ec -in ec_in.pem -out ec_out.pem -conv_form compressed
To print out the EC parameters to standard output:
- openssl ecparam -in ec_param.pem -noout -text
+ openssl ec -in ec_param.pem -noout -text
=head1 SEE ALSO
diff --git a/doc/apps/enc.pod b/doc/apps/enc.pod
index 18fe7c81c7..ddf081617f 100644
--- a/doc/apps/enc.pod
+++ b/doc/apps/enc.pod
@@ -86,7 +86,7 @@ versions of OpenSSL. Superseded by the B<-pass> argument.
=item B<-kfile filename>
read the password to derive the key from the first line of B<filename>.
-This is for compatibility with previous versions of OpenSSL. Superseded by
+This is for computability with previous versions of OpenSSL. Superseded by
the B<-pass> argument.
=item B<-S salt>
diff --git a/doc/apps/s_client.pod b/doc/apps/s_client.pod
index e1e1ba9865..8d19079973 100644
--- a/doc/apps/s_client.pod
+++ b/doc/apps/s_client.pod
@@ -11,10 +11,7 @@ B<openssl> B<s_client>
[B<-connect host:port>]
[B<-verify depth>]
[B<-cert filename>]
-[B<-certform DER|PEM>]
[B<-key filename>]
-[B<-keyform DER|PEM>]
-[B<-pass arg>]
[B<-CApath directory>]
[B<-CAfile filename>]
[B<-reconnect>]
@@ -60,24 +57,11 @@ then an attempt is made to connect to the local host on port 4433.
The certificate to use, if one is requested by the server. The default is
not to use a certificate.
-=item B<-certform format>
-
-The certificate format to use: DER or PEM. PEM is the default.
-
=item B<-key keyfile>
The private key to use. If not specified then the certificate file will
be used.
-=item B<-keyform format>
-
-The private format to use: DER or PEM. PEM is the default.
-
-=item B<-pass arg>
-
-the private key password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
=item B<-verify depth>
The verify depth to use. This specifies the maximum length of the
diff --git a/doc/apps/s_server.pod b/doc/apps/s_server.pod
index 7c1a9581d9..1d21921e47 100644
--- a/doc/apps/s_server.pod
+++ b/doc/apps/s_server.pod
@@ -13,15 +13,9 @@ B<openssl> B<s_server>
[B<-verify depth>]
[B<-Verify depth>]
[B<-cert filename>]
-[B<-certform DER|PEM>]
[B<-key keyfile>]
-[B<-keyform DER|PEM>]
-[B<-pass arg>]
[B<-dcert filename>]
-[B<-dcertform DER|PEM>]
[B<-dkey keyfile>]
-[B<-dkeyform DER|PEM>]
-[B<-dpass arg>]
[B<-dhparam filename>]
[B<-nbio>]
[B<-nbio_test>]
@@ -76,24 +70,11 @@ certificate and some require a certificate with a certain public key type:
for example the DSS cipher suites require a certificate containing a DSS
(DSA) key. If not specified then the filename "server.pem" will be used.
-=item B<-certform format>
-
-The certificate format to use: DER or PEM. PEM is the default.
-
=item B<-key keyfile>
The private key to use. If not specified then the certificate file will
be used.
-=item B<-keyform format>
-
-The private format to use: DER or PEM. PEM is the default.
-
-=item B<-pass arg>
-
-the private key password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
=item B<-dcert filename>, B<-dkey keyname>
specify an additional certificate and private key, these behave in the
@@ -105,10 +86,6 @@ and some a DSS (DSA) key. By using RSA and DSS certificates and keys
a server can support clients which only support RSA or DSS cipher suites
by using an appropriate certificate.
-=item B<-dcertform format>, B<-dkeyform format>, B<-dpass arg>
-
-addtional certificate and private key format and passphrase respectively.
-
=item B<-nocert>
if this option is set then no certificate is used. This restricts the
diff --git a/doc/crypto/ASN1_STRING_print_ex.pod b/doc/crypto/ASN1_STRING_print_ex.pod
index d662225b87..fbf9a1f141 100644
--- a/doc/crypto/ASN1_STRING_print_ex.pod
+++ b/doc/crypto/ASN1_STRING_print_ex.pod
@@ -30,8 +30,8 @@ with '.'.
ASN1_STRING_print() is a legacy function which should be avoided in new applications.
-Although there are a large number of options frequently B<ASN1_STRFLGS_RFC2253> is
-suitable, or on UTF8 terminals B<ASN1_STRFLGS_RFC2253 & ~ASN1_STRFLGS_ESC_MSB>.
+Although there are a large number of options frequently B<ASN1_STRFLAGS_RFC2253> is
+suitable, or on UTF8 terminals B<ASN1_STRFLAGS_RFC2253 & ~ASN1_STRFLAGS_ESC_MSB>.
The complete set of supported options for B<flags> is listed below.
@@ -72,7 +72,7 @@ octet.
If B<ASN1_STRFLGS_DUMP_ALL> is set then any type is dumped.
Normally non character string types (such as OCTET STRING) are assumed to be
-one byte per character, if B<ASN1_STRFLGS_DUMP_UNKNOWN> is set then they will
+one byte per character, if B<ASN1_STRFLAGS_DUMP_UNKNOWN> is set then they will
be dumped instead.
When a type is dumped normally just the content octets are printed, if
diff --git a/doc/crypto/ERR_error_string.pod b/doc/crypto/ERR_error_string.pod
index cdfa7fe1fe..e01beb817a 100644
--- a/doc/crypto/ERR_error_string.pod
+++ b/doc/crypto/ERR_error_string.pod
@@ -11,7 +11,7 @@ error message
#include <openssl/err.h>
char *ERR_error_string(unsigned long e, char *buf);
- void ERR_error_string_n(unsigned long e, char *buf, size_t len);
+ char *ERR_error_string_n(unsigned long e, char *buf, size_t len);
const char *ERR_lib_error_string(unsigned long e);
const char *ERR_func_error_string(unsigned long e);
diff --git a/doc/crypto/EVP_BytesToKey.pod b/doc/crypto/EVP_BytesToKey.pod
index d375c46e03..016381f3e9 100644
--- a/doc/crypto/EVP_BytesToKey.pod
+++ b/doc/crypto/EVP_BytesToKey.pod
@@ -60,7 +60,7 @@ EVP_BytesToKey() returns the size of the derived key in bytes.
=head1 SEE ALSO
L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>
+L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
=head1 HISTORY
diff --git a/doc/crypto/SSLeay_version.pod b/doc/crypto/SSLeay_version.pod
deleted file mode 100644
index 1500c2af91..0000000000
--- a/doc/crypto/SSLeay_version.pod
+++ /dev/null
@@ -1,74 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSLeay_version - retrieve version/build information about OpenSSL library
-
-=head1 SYNOPSIS
-
- #include <openssl/crypto.h>
-
- const char *SSLeay_version(int type);
-
-=head1 DESCRIPTION
-
-SSLeay_version() returns a pointer to a constant string describing the
-version of the OpenSSL library or giving information about the library
-build.
-
-The following B<type> values are supported:
-
-=over 4
-
-=item SSLEAY_VERSION
-
-The version of the OpenSSL library including the release date.
-
-=item SSLEAY_CFLAGS
-
-The compiler flags set for the compilation process in the form
-"compiler: ..." if available or "compiler: information not available"
-otherwise.
-
-=item SSLEAY_BUILT_ON
-
-The date of the build process in the form "built on: ..." if available
-or "built on: date not available" otherwise.
-
-=item SSLEAY_PLATFORM
-
-The "Configure" target of the library build in the form "platform: ..."
-if available or "platform: information not available" otherwise.
-
-=item SSLEAY_DIR
-
-The "OPENSSLDIR" setting of the library build in the form "OPENSSLDIR: "...""
-if available or "OPENSSLDIR: N/A" otherwise.
-
-=back
-
-=head1 RETURN VALUES
-
-The following return values can occur:
-
-=over 4
-
-=item "not available"
-
-An invalid value for B<type> was given.
-
-=item Pointer to constant string
-
-Textual description.
-
-=back
-
-=head1 SEE ALSO
-
-L<crypto(3)|crypto(3)>
-
-=head1 HISTORY
-
-B<SSLEAY_DIR> was added in OpenSSL 0.9.7.
-
-=cut
diff --git a/doc/crypto/X509_NAME_print_ex.pod b/doc/crypto/X509_NAME_print_ex.pod
index 919b908919..907c04f684 100644
--- a/doc/crypto/X509_NAME_print_ex.pod
+++ b/doc/crypto/X509_NAME_print_ex.pod
@@ -41,8 +41,8 @@ applications.
Although there are a large number of possible flags for most purposes
B<XN_FLAG_ONELINE>, B<XN_FLAG_MULTILINE> or B<XN_FLAG_RFC2253> will suffice.
As noted on the L<ASN1_STRING_print_ex(3)|ASN1_STRING_print_ex(3)> manual page
-for UTF8 terminals the B<ASN1_STRFLGS_ESC_MSB> should be unset: so for example
-B<XN_FLAG_ONELINE & ~ASN1_STRFLGS_ESC_MSB> would be used.
+for UTF8 terminals the B<ASN1_STRFLAGS_ESC_MSB> should be unset: so for example
+B<XN_FLAG_ONELINE & ~ASN1_STRFLAGS_ESC_MSB> would be used.
The complete set of the flags supported by X509_NAME_print_ex() is listed below.
diff --git a/doc/crypto/des_modes.pod b/doc/crypto/des_modes.pod
index 02664036fc..da75e8007d 100644
--- a/doc/crypto/des_modes.pod
+++ b/doc/crypto/des_modes.pod
@@ -1,7 +1,5 @@
=pod
-=for comment openssl_manual_section:7
-
=head1 NAME
Modes of DES - the variants of DES and other crypto algorithms of OpenSSL
diff --git a/doc/ssl/SSL_shutdown.pod b/doc/ssl/SSL_shutdown.pod
index 89911acbca..6b5012be7a 100644
--- a/doc/ssl/SSL_shutdown.pod
+++ b/doc/ssl/SSL_shutdown.pod
@@ -38,7 +38,7 @@ behaviour.
=over 4
=item When the application is the first party to send the "close notify"
-alert, SSL_shutdown() will only send the alert and then set the
+alert, SSL_shutdown() will only send the alert and the set the
SSL_SENT_SHUTDOWN flag (so that the session is considered good and will
be kept in cache). SSL_shutdown() will then return with 0. If a unidirectional
shutdown is enough (the underlying connection shall be closed anyway), this
diff --git a/e_os.h b/e_os.h
index 3ff9f3cd1c..79f76ca109 100644
--- a/e_os.h
+++ b/e_os.h
@@ -556,7 +556,6 @@ extern char *sys_errlist[]; extern int sys_nerr;
# include "o_str.h"
# define strcasecmp OPENSSL_strcasecmp
# define strncasecmp OPENSSL_strncasecmp
-# define OPENSSL_IMPLEMENTS_strncasecmp
#elif defined(OPENSSL_SYS_OS2) && defined(__EMX__)
# define strcasecmp stricmp
# define strncasecmp strnicmp
diff --git a/e_os2.h b/e_os2.h
index 60f9b5c9c7..04d00ec78d 100644
--- a/e_os2.h
+++ b/e_os2.h
@@ -267,10 +267,9 @@ extern "C" {
#define foobar OPENSSL_GLOBAL_REF(foobar)
*/
#ifdef OPENSSL_EXPORT_VAR_AS_FUNCTION
-# define OPENSSL_IMPLEMENT_GLOBAL(type,name) \
- extern type _hide_##name; \
- type *_shadow_##name(void) { return &_hide_##name; } \
- static type _hide_##name
+# define OPENSSL_IMPLEMENT_GLOBAL(type,name) static type _hide_##name; \
+ type *_shadow_##name(void) { return &_hide_##name; } \
+ static type _hide_##name
# define OPENSSL_DECLARE_GLOBAL(type,name) type *_shadow_##name(void)
# define OPENSSL_GLOBAL_REF(name) (*(_shadow_##name()))
#else
diff --git a/engines/makeengines.com b/engines/makeengines.com
index 2191a2242d..e5a3aaa1ce 100644
--- a/engines/makeengines.com
+++ b/engines/makeengines.com
@@ -23,16 +23,19 @@ $! UCX for UCX
$! SOCKETSHR for SOCKETSHR+NETLIB
$! TCPIP for TCPIP (post UCX)
$!
-$! P5 if defined, tells the compiler not to use special threads.
+$! P5, if defined, sets the pointer size to build with. The values can be
+$! be "32" or "64". Any other value will default to "32"
$!
-$! P6 if defined, denotes which engines to build. If not defined,
+$! P6 if defined, tells the compiler not to use special threads.
+$!
+$! P7 if defined, denotes which engines to build. If not defined,
$! all available engines are built.
$!
$!-----------------------------------------------------------------------------
$!
$! Set the names of the engines we want to build
$!
-$ ENGINES = "," + P6
+$ ENGINES = "," + P7
$ IF ENGINES .EQS. "," THEN -
ENGINES = ",4758_cca,aep,atalla,cswift,ncipher,nuron,sureware,ubsec"
$!
@@ -45,19 +48,6 @@ $!
$ ARCH := VAX
$ IF F$GETSYI("CPU") .GE. 128 THEN ARCH := AXP
$!
-$! Set the goal directories, and creat them if necessary
-$!
-$ OBJ_DIR := SYS$DISK:[-.'ARCH'.OBJ.ENGINES]
-$ EXE_DIR := SYS$DISK:[-.'ARCH'.EXE.ENGINES]
-$ IF F$PARSE(OBJ_DIR) .EQS. "" THEN CREATE/DIRECTORY 'OBJ_DIR'
-$ IF F$PARSE(EXE_DIR) .EQS. "" THEN CREATE/DIRECTORY 'EXE_DIR'
-$!
-$! Set the goal files, and create them if necessary
-$!
-$ CRYPTO_LIB :=SYS$DISK:[-.'ARCH'.EXE.CRYPTO]LIBCRYPTO.OLB
-$ CRYPTO_EXE :=SYS$DISK:[-.'ARCH'.EXE.CRYPTO]LIBCRYPTO.EXE
-$ IF F$SEARCH(CRYPTO_LIB) .EQS. "" THEN LIBRARY/CREATE/OBJECT 'CRYPTO_LIB'
-$!
$! OK, time to check options and initialise
$!
$ OPT_PHASE = P1
@@ -65,12 +55,26 @@ $ ACCEPT_PHASE = "ALL,ENGINES"
$ OPT_DEBUG = P2
$ OPT_COMPILER = P3
$ OPT_TCPIP_LIB = P4
-$ OPT_SPECIAL_THREADS = P5
+$ OPT_POINTER_SIZE = P5
+$ OPT_SPECIAL_THREADS = P6
$
$ GOSUB CHECK_OPTIONS
$ GOSUB INITIALISE
$ GOSUB CHECK_OPT_FILE
$!
+$! Set the goal directories, and creat them if necessary
+$!
+$ OBJ_DIR := SYS$DISK:[-.'ARCH'.OBJ.ENGINES]
+$ EXE_DIR := SYS$DISK:[-.'ARCH'.EXE.ENGINES]
+$ IF F$PARSE(OBJ_DIR) .EQS. "" THEN CREATE/DIRECTORY 'OBJ_DIR'
+$ IF F$PARSE(EXE_DIR) .EQS. "" THEN CREATE/DIRECTORY 'EXE_DIR'
+$!
+$! Set the goal files, and create them if necessary
+$!
+$ CRYPTO_LIB :=SYS$DISK:[-.'ARCH'.EXE.CRYPTO]LIBCRYPTO'FILE_POINTER_SIZE'.OLB
+$ CRYPTO_EXE :=SYS$DISK:[-.'ARCH'.EXE.CRYPTO]LIBCRYPTO'FILE_POINTER_SIZE'.EXE
+$ IF F$SEARCH(CRYPTO_LIB) .EQS. "" THEN LIBRARY/CREATE/OBJECT 'CRYPTO_LIB'
+$!
$! Define what goes into each engine
$!
$ ENGINE_ = ""
@@ -189,6 +193,7 @@ $! For shareable libraries, we need to do things a little differently
$! depending on if we link with a TCP/IP library or not.
$!
$ ENGINE_OPT := SYS$DISK:[]'ARCH'.OPT
+$ _save_ver = f$verify(1)
$ IF TCPIP_LIB .NES. ""
$ THEN
$ LINK/'DEBUGGER'/'TRACEBACK' /SHARE='EXE_DIR''ENGINE_NAME'.EXE -
@@ -201,6 +206,7 @@ $ LINK/'DEBUGGER'/'TRACEBACK' /SHARE='EXE_DIR''ENGINE_NAME'.EXE -
'CRYPTO_LIB'/LIBRARY, -
'ENGINE_OPT'/OPTION,'OPT_FILE'/OPTION
$ ENDIF
+$ _save_ver := 'f$verify(_save_ver)
$!
$! Clean up
$!
@@ -704,6 +710,65 @@ $! End The GNU C Check.
$!
$ ENDIF
$!
+$! On Alpha, pointers can be 32 or 64 bit wide. Libraries for both variants
+$! can be built, and will then have "32" in the name for the 32-bit variant.
+$! On VAX as well as the 64-bit variant on Alpha, the name carries no extra
+$! information about pointer size (i.e., 64 bits is default on Alpha and 32
+$! bits is default on VAX).
+$!
+$ IF (OPT_POINTER_SIZE.NES."32" .AND. OPT_POINTER_SIZE.NES."64")
+$ THEN
+$!
+$! Set The Default
+$!
+$ OPT_POINTER_SIZE = ""
+$!
+$! End of First Check Of OPT_POINTER_SIZE
+$!
+$ ENDIF
+$!
+$! Check If OPT_POINTER_SIZE Isn't Set (Or Set Properly)
+$!
+$ IF (OPT_POINTER_SIZE.EQS."" .OR. (OPT_POINTER_SIZE.NES."32" .AND. ARCH.EQS."VAX"))
+$ THEN
+$!
+$! Check If We're On A VAX
+$!
+$ IF ARCH.EQS."VAX"
+$ THEN
+$!
+$! On VAX, We Force 32 Bit Pointers
+$!
+$ OPT_POINTER_SIZE = "32"
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$! On Alpha, We Use 64 Bit Pointers By Default
+$!
+$ OPT_POINTER_SIZE = "64"
+$!
+$! End Of Check For VAX
+$!
+$ ENDIF
+$!
+$! End Check Of OPT_POINTER_SIZE
+$!
+$ ENDIF
+$!
+$! Set POINTER_SIZE
+$!
+$ POINTER_SIZE = OPT_POINTER_SIZE
+$ QUAL_POINTER_SIZE = ""
+$ FILE_POINTER_SIZE = ""
+$ IF ARCH.EQS."AXP"
+$ THEN
+$ QUAL_POINTER_SIZE = "/POINTER_SIZE="+POINTER_SIZE
+$ IF POINTER_SIZE.EQS."32" THEN FILE_POINTER_SIZE = "32"
+$ ENDIF
+$!
+$!
$! Set up default defines
$!
$ CCDEFS = """FLAT_INC=1""," + CCDEFS
@@ -719,6 +784,7 @@ $ ENDIF
$ ELSE
$ CCDISABLEWARNINGS = ""
$ ENDIF
+$ CC = CC + QUAL_POINTER_SIZE
$ CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
$!
$! Show user the result
diff --git a/engines/vendor_defns/hwcryptohook.h b/engines/vendor_defns/hwcryptohook.h
index 482f1f2d11..69464a74c6 100644
--- a/engines/vendor_defns/hwcryptohook.h
+++ b/engines/vendor_defns/hwcryptohook.h
@@ -65,7 +65,7 @@
* please contact nCipher.
*
*
- * $Id: hwcryptohook.h,v 1.1 2002/10/11 17:10:59 levitte Exp $
+ * $Id: hwcryptohook.h,v 1.1.2.1 2002/10/11 21:55:47 levitte Exp $
*/
#ifndef HWCRYPTOHOOK_H
diff --git a/install.com b/install.com
index 4e4fe80dfe..7c88603e46 100644
--- a/install.com
+++ b/install.com
@@ -4,6 +4,8 @@ $! Author: Richard Levitte <richard@levitte.org>
$! Time of creation: 22-MAY-1998 10:13
$!
$! P1 root of the directory tree
+$! P2 prefix for certain file (this is really for Compaq, who need to
+$! use the SSL$ prefix)
$!
$ IF P1 .EQS. ""
$ THEN
@@ -29,6 +31,7 @@ $ DEFINE/NOLOG WRK_SSLINCLUDE WRK_SSLROOT:[INCLUDE]
$ DEFINE/NOLOG WRK_SSLVEXE WRK_SSLROOT:[VAX_EXE]
$ DEFINE/NOLOG WRK_SSLAEXE WRK_SSLROOT:[ALPHA_EXE]
$ DEFINE/NOLOG WRK_SSLCERTS WRK_SSLROOT:[CERTS]
+$ DEFINE/NOLOG WRK_SSLCOM WRK_SSLROOT:[COM]
$ DEFINE/NOLOG WRK_SSLPRIVATE WRK_SSLROOT:[PRIVATE]
$
$ IF F$PARSE("WRK_SSLROOT:[000000]") .EQS. "" THEN -
@@ -47,12 +50,14 @@ $ IF F$PARSE("WRK_SSLINCLUDE:") .EQS. "" THEN -
CREATE/DIR/LOG WRK_SSLINCLUDE:
$ IF F$PARSE("WRK_SSLCERTS:") .EQS. "" THEN -
CREATE/DIR/LOG WRK_SSLCERTS:
+$ IF F$PARSE("WRK_SSLCOM:") .EQS. "" THEN -
+ CREATE/DIR/LOG WRK_SSLCOM:
$ IF F$PARSE("WRK_SSLPRIVATE:") .EQS. "" THEN -
CREATE/DIR/LOG WRK_SSLPRIVATE:
$ IF F$PARSE("WRK_SSLROOT:[VMS]") .EQS. "" THEN -
CREATE/DIR/LOG WRK_SSLROOT:[VMS]
$
-$ SDIRS := CRYPTO,SSL,APPS,VMS!,RSAREF,TEST,TOOLS
+$ SDIRS := CRYPTO,SSL,APPS,DEMOS,VMS!,TEST,TOOLS
$ EXHEADER := e_os2.h
$
$ COPY 'EXHEADER' WRK_SSLINCLUDE: /LOG
@@ -65,7 +70,7 @@ $ I = I + 1
$ IF D .EQS. "," THEN GOTO LOOP_SDIRS_END
$ WRITE SYS$OUTPUT "Installing ",D," files."
$ SET DEFAULT [.'D']
-$ @INSTALL 'ROOT']
+$ @INSTALL 'ROOT'] 'P2'
$ SET DEFAULT [-]
$ GOTO LOOP_SDIRS
$ LOOP_SDIRS_END:
@@ -78,6 +83,7 @@ $ DEASSIGN WRK_SSLINCLUDE
$ DEASSIGN WRK_SSLVEXE
$ DEASSIGN WRK_SSLAEXE
$ DEASSIGN WRK_SSLCERTS
+$ DEASSIGN WRK_SSLCOM
$ DEASSIGN WRK_SSLPRIVATE
$
$ WRITE SYS$OUTPUT ""
diff --git a/makevms.com b/makevms.com
index 860540001e..0f2f8a466b 100755
--- a/makevms.com
+++ b/makevms.com
@@ -29,6 +29,7 @@ $! SSL_TASK Just build the "[.xxx.EXE.SSL]SSL_TASK.EXE" program.
$! TEST Just build the "[.xxx.EXE.TEST]" test programs for OpenSSL.
$! APPS Just build the "[.xxx.EXE.APPS]" application programs for OpenSSL.
$! ENGINES Just build the "[.xxx.EXE.ENGINES]" application programs for OpenSSL.
+$! CERT_TOOL Just build the "[.xxx.EXE.CERT_TOOL]" application programs for OpenSSL.
$!
$!
$! P2 is ignored (it was used to denote if RSAref should be used or not,
@@ -39,11 +40,11 @@ $! information.
$!
$! Specify which compiler at P4 to try to compile under.
$!
-$! VAXC For VAX C.
-$! DECC For DEC C.
-$! GNUC For GNU C.
-$! LINK To only link the programs from existing object files.
-$! (not yet implemented)
+$! VAXC For VAX C.
+$! DECC For DEC C.
+$! GNUC For GNU C.
+$! LINK To only link the programs from existing object files.
+$! (not yet implemented)
$!
$! If you don't speficy a compiler, it will try to determine which
$! "C" compiler to use.
@@ -59,8 +60,14 @@ $! NONE to avoid specifying which TCP/IP implementation to
$! use at build time (this works with DEC C). This is
$! the default.
$!
-$! P6, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
+$! P6, if defined, sets the pointer size to build with. The values can be
+$! be "32" or "64". Any other value will default to "32"
$!
+$! P7, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
+$!
+$!
+$!
+$ EXIT_STATUS = 1
$!
$! Check if we're in a batch job, and make sure we get to
$! the directory this script is in
@@ -72,6 +79,19 @@ $ COMPATH=F$PARSE("A.;",COMNAME) - "A.;"
$ SET DEF 'COMPATH'
$ ENDIF
$!
+$!
+$! Telling the user a bit about the system
+$!
+$ arch_name = f$getsyi("arch_name")
+$ node_name = f$getsyi("nodename")
+$ version = f$getsyi("version")
+$ cpu = f$getsyi("cpu")
+$!
+$ write sys$output " "
+$ write sys$output " Building OpenSSL on ", node_name, " running ", version, " on a ", arch_name, "(CPU=", cpu, ")"
+$ write sys$output " "
+$!
+$!
$! Check Which Architecture We Are Using.
$!
$ IF (F$GETSYI("CPU").GE.128)
@@ -97,9 +117,10 @@ $! Check To Make Sure We Have Valid Command Line Parameters.
$!
$ GOSUB CHECK_OPTIONS
$!
+$!
$! Check To See What We Are To Do.
$!
-$ IF (BUILDCOMMAND.EQS."ALL")
+$ IF (BUILDCOMMAND.EQS."ALL".OR.BUILDCOMMAND.EQS."CONFIGALL")
$ THEN
$!
$! Start with building the OpenSSL configuration file.
@@ -114,6 +135,14 @@ $! Fix The Unix Softlinks.
$!
$ GOSUB SOFTLINKS
$!
+$! Determine the version number.
+$!
+$ GOSUB read_version_info
+$!
+$! Create the Ident options file.
+$!
+$ GOSUB CREATE_OPT_FILE
+$!
$ ENDIF
$!
$ IF (BUILDCOMMAND.EQS."ALL".OR.BUILDCOMMAND.EQS."BUILDALL")
@@ -143,19 +172,27 @@ $! Build The [.xxx.EXE.ENGINES] OpenSSL Shareable Engines.
$!
$ GOSUB ENGINES
$!
+$! Build The [.VMS.CERT_TOOL] OpenSSL Certificate Utility.
+$!
+$ GOSUB CERT_TOOL
+$!
$! Else...
$!
$ ELSE
+$ IF (BUILDCOMMAND.NES."CONFIGALL")
+$ THEN
$!
$! Build Just What The User Wants Us To Build.
$!
$ GOSUB 'BUILDCOMMAND'
$!
+$ ENDIF
+$!
$ ENDIF
$!
$! Time To EXIT.
$!
-$ EXIT
+$ GOTO CLEAN_UP_PATH
$!
$! Rebuild The "[.CRYPTO]OPENSSLCONF.H" file.
$!
@@ -245,7 +282,8 @@ $ THEN
$ TYPE [.CRYPTO]OPENSSLCONF.H.IN /OUTPUT=H_FILE:
$ ELSE
$ WRITE SYS$ERROR "Couldn't find a [.CRYPTO]OPENSSLCONF.H_IN. Exiting!"
-$ EXIT 0
+$ EXIT_STATUS = 0
+$ GOTO ERROR_PATH
$ ENDIF
$ ENDIF
$ ENDIF
@@ -349,7 +387,7 @@ $ TIME = F$TIME()
$!
$! Write The [.CRYPTO]BUILDINF.H File.
$!
-$ WRITE H_FILE "#define CFLAGS """" /* Not filled in for now */"
+$ WRITE H_FILE "#define CFLAGS ""''USER_CCFLAGS'"" /* Not filled in for now, but I'll take a crack at it. KSG */"
$ WRITE H_FILE "#define PLATFORM ""VMS"""
$ WRITE H_FILE "#define DATE ""''TIME'"" "
$!
@@ -519,11 +557,11 @@ $ SET DEFAULT SYS$DISK:[.CRYPTO]
$!
$! Build The [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library.
$!
-$ @CRYPTO-LIB LIBRARY 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" "''ISSEVEN'" "''BUILDPART'"
+$ @CRYPTO-LIB LIBRARY 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" "''POINTER_SIZE'" "''ISSEVEN'" "''BUILDPART'"
$!
$! Build The [.xxx.EXE.CRYPTO]*.EXE Test Applications.
$!
-$ @CRYPTO-LIB APPS 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" 'ISSEVEN' "''BUILDPART'"
+$ @CRYPTO-LIB APPS 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" "''POINTER_SIZE'" 'ISSEVEN' "''BUILDPART'"
$!
$! Go Back To The Main Directory.
$!
@@ -548,7 +586,7 @@ $ SET DEFAULT SYS$DISK:[.SSL]
$!
$! Build The [.xxx.EXE.SSL]LIBSSL.OLB Library.
$!
-$ @SSL-LIB LIBRARY 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" 'ISSEVEN'
+$ @SSL-LIB LIBRARY 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" "''POINTER_SIZE'" 'ISSEVEN'
$!
$! Go Back To The Main Directory.
$!
@@ -573,7 +611,7 @@ $ SET DEFAULT SYS$DISK:[.SSL]
$!
$! Build The [.xxx.EXE.SSL]SSL_TASK.EXE
$!
-$ @SSL-LIB SSL_TASK 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" 'ISSEVEN'
+$ @SSL-LIB SSL_TASK 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" "''POINTER_SIZE'" 'ISSEVEN'
$!
$! Go Back To The Main Directory.
$!
@@ -598,7 +636,7 @@ $ SET DEFAULT SYS$DISK:[.TEST]
$!
$! Build The Test Programs.
$!
-$ @MAKETESTS 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" 'ISSEVEN'
+$ @MAKETESTS 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" "''POINTER_SIZE'" 'ISSEVEN'
$!
$! Go Back To The Main Directory.
$!
@@ -623,7 +661,7 @@ $ SET DEFAULT SYS$DISK:[.APPS]
$!
$! Build The Application Programs.
$!
-$ @MAKEAPPS 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" 'ISSEVEN'
+$ @MAKEAPPS 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" "''POINTER_SIZE'" 'ISSEVEN'
$!
$! Go Back To The Main Directory.
$!
@@ -648,7 +686,7 @@ $ SET DEFAULT SYS$DISK:[.ENGINES]
$!
$! Build The Application Programs.
$!
-$ @MAKEENGINES ENGINES 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" 'ISSEVEN' "''BUILDPART'"
+$ @MAKEENGINES ENGINES 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" "''POINTER_SIZE'" 'ISSEVEN' "''BUILDPART'"
$!
$! Go Back To The Main Directory.
$!
@@ -658,6 +696,31 @@ $! That's All, Time To RETURN.
$!
$ RETURN
$!
+$! Build The OpenVMS Certicate Utility images.
+$!
+$ CERT_TOOL:
+$!
+$! Tell The User What We Are Doing.
+$!
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT "Building OpenSSL [.",ARCH,".EXE.CERT_TOOL] Certificate Utility."
+$!
+$! Go To The [.CERT_TOOL] Directory.
+$!
+$ SET DEFAULT SYS$DISK:[.VMS.CERT_TOOL]
+$!
+$! Build The Application Programs.
+$!
+$ @MAKE_CERT_TOOL 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" "''POINTER_SIZE'"
+$!
+$! Go Back To The Main Directory.
+$!
+$ SET DEFAULT [--]
+$!
+$! That's All, Time To RETURN.
+$!
+$ RETURN
+$!
$! Check The User's Options.
$!
$ CHECK_OPTIONS:
@@ -687,10 +750,12 @@ $ ELSE
$!
$! Else, Check To See If P1 Has A Valid Arguement.
$!
-$ IF (P1.EQS."CONFIG").OR.(P1.EQS."BUILDINF").OR.(P1.EQS."SOFTLINKS") -
+$ IF (P1.EQS."CONFIGALL")-
+ .OR.(P1.EQS."CONFIG").OR.(P1.EQS."BUILDINF").OR.(P1.EQS."SOFTLINKS") -
.OR.(P1.EQS."BUILDALL") -
.OR.(P1.EQS."CRYPTO").OR.(P1.EQS."SSL") -
- .OR.(P1.EQS."SSL_TASK").OR.(P1.EQS."TEST").OR.(P1.EQS."APPS")
+ .OR.(P1.EQS."SSL_TASK").OR.(P1.EQS."TEST").OR.(P1.EQS."APPS") -
+ .OR.(P1.EQS."CERT_TOOL")
$ THEN
$!
$! A Valid Arguement.
@@ -707,6 +772,7 @@ $ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT "The Option ",P1," Is Invalid. The Valid Options Are:"
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT " ALL : Just Build Everything."
+$ WRITE SYS$OUTPUT " CONFIGALL: Same as CONFIG, BUILDINF and SOTLINIKS."
$ WRITE SYS$OUTPUT " CONFIG : Just build the [.CRYPTO]OPENSSLCONF.H file."
$ WRITE SYS$OUTPUT " BUILDINF : Just build the [.CRYPTO]BUILDINF.H file."
$ WRITE SYS$OUTPUT " SOFTLINKS: Just Fix The Unix soft links."
@@ -718,6 +784,7 @@ $ WRITE SYS$OUTPUT " SSL : To Build Just The [.xxx.EXE.SSL]LIBSSL.O
$ WRITE SYS$OUTPUT " SSL_TASK : To Build Just The [.xxx.EXE.SSL]SSL_TASK.EXE Program."
$ WRITE SYS$OUTPUT " TEST : To Build Just The OpenSSL Test Programs."
$ WRITE SYS$OUTPUT " APPS : To Build Just The OpenSSL Application Programs."
+$ WRITE SYS$OUTPUT " CERT_TOOL: To Build Just The OpenSSL Certificate Tool (VMS-unique)."
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT " Where 'xxx' Stands For:"
$ WRITE SYS$OUTPUT ""
@@ -727,7 +794,7 @@ $ WRITE SYS$OUTPUT ""
$!
$! Time To EXIT.
$!
-$ EXIT
+$ GOTO CLEAN_UP_PATH
$!
$! End The Valid Argument Check.
$!
@@ -774,7 +841,7 @@ $ WRITE SYS$OUTPUT ""
$!
$! Time To EXIT.
$!
-$ EXIT
+$ GOTO CLEAN_UP_PATH
$!
$! End The Valid Arguement Check.
$!
@@ -931,7 +998,7 @@ $ WRITE SYS$OUTPUT ""
$!
$! Time To EXIT.
$!
-$ EXIT
+$ GOTO CLEAN_UP_PATH
$!
$! End The Valid Arguement Check.
$!
@@ -1059,7 +1126,7 @@ $ WRITE SYS$OUTPUT ""
$!
$! Time To EXIT.
$!
-$ EXIT
+$ GOTO CLEAN_UP_PATH
$ ELSE
$!
$! If TCPIP is not defined, then hardcode it to make
@@ -1081,15 +1148,67 @@ $! Done with TCP/IP libraries
$!
$ ENDIF
$!
+$! On Alpha, pointers can be 32 or 64 bit wide. Libraries for both variants
+$! can be built, and will then have "32" in the name for the 32-bit variant.
+$! On VAX as well as the 64-bit variant on Alpha, the name carries no extra
+$! information about pointer size (i.e., 64 bits is default on Alpha and 32
+$! bits is default on VAX).
+$!
+$ IF (P6.NES."32" .AND. P6.NES."64")
+$ THEN
+$!
+$! Set The Default
+$!
+$ P6 = ""
+$!
+$! End of First Check Of P6
+$!
+$ ENDIF
+$!
+$! Check If P6 Isn't Set (Or Set Properly)
+$!
+$ IF (P6.EQS."" .OR. (P6.NES."32" .AND. ARCH.EQS."VAX"))
+$ THEN
+$!
+$! Check If We're On A VAX
+$!
+$ IF ARCH.EQS."VAX"
+$ THEN
+$!
+$! On VAX, We Force 32 Bit Pointers
+$!
+$ P6 = "32"
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$! On Alpha, We Use 64 Bit Pointers By Default
+$!
+$ P6 = "64"
+$!
+$! End Of Check For VAX
+$!
+$ ENDIF
+$!
+$! End Check Of P6
+$!
+$ ENDIF
+$!
+$! Set POINTER_SIZE
+$!
+$ POINTER_SIZE = P6
+$!
+$!
$! Special Threads For OpenVMS v7.1 Or Later
$!
$! Written By: Richard Levitte
$! richard@levitte.org
$!
$!
-$! Check To See If We Have A Option For P6.
+$! Check To See If We Have A Option For P7.
$!
-$ IF (P6.EQS."")
+$ IF (P7.EQS."")
$ THEN
$!
$! Get The Version Of VMS We Are Using.
@@ -1111,10 +1230,63 @@ $! End The VMS Version Check.
$!
$ ENDIF
$!
-$! End The P6 Check.
+$! End The P7 Check.
$!
$ ENDIF
$!
$! Time To RETURN...
$!
$ RETURN
+$!
+$!
+$! Create the identification options file.
+$! This options file is used to identify the
+$! images with the appropriate version numbers,
+$! build ident, and symbol matching.
+$!
+$ CREATE_OPT_FILE:
+$ open/write opt_ident ssl_ident.opt
+$ write opt_ident "identification=""OpenSSL ",libverstr,"""
+$ write opt_ident "GSMATCH=",libvmatch,",",libver
+$ close opt_ident
+$ RETURN
+$!
+$!
+$! The version number reader
+$!
+$read_version_info:
+$ libver = ""
+$ open/read vf [.CRYPTO]OPENSSLV.H
+$ loop_rvi:
+$ read/err=endloop_rvi/end=endloop_rvi vf rvi_line
+$ if rvi_line - "SHLIB_VERSION_NUMBER """ .eqs. rvi_line then -
+ goto loop_rvi
+$ libverstr = f$element(1,"""",rvi_line)
+$ libvmajor = f$element(0,".",libverstr)
+$ libvminor = f$element(1,".",libverstr)
+$ libvedit = f$element(2,".",libverstr)
+$ libvpatch = f$cvui(0,8,f$extract(1,1,libvedit)+"@")-f$cvui(0,8,"@")
+$ libvedit = f$extract(0,1,libvedit)
+$ libver = f$string(f$int(libvmajor)*100)+","+-
+ f$string(f$int(libvminor)*100+f$int(libvedit)*10+f$int(libvpatch))
+$ if libvmajor .eqs. "0"
+$ then
+$ libvmatch = "EQUAL"
+$ else
+$ ! Starting with the 1.0 release, backward compatibility should be
+$ ! kept, so switch over to the following
+$ libvmatch = "LEQUAL"
+$ endif
+$ endloop_rvi:
+$ close vf
+$ return
+$!
+$!
+$ ERROR_PATH:
+$!
+$!
+$!
+$ CLEAN_UP_PATH:
+$!
+$ EXIT_PATH:
+$!
diff --git a/ms/test.bat b/ms/test.bat
index 7fb0442147..c3a1b0c28d 100755
--- a/ms/test.bat
+++ b/ms/test.bat
@@ -87,22 +87,20 @@ echo testss
call %test%\testss openssl
if errorlevel 1 goto done
-set SSL_TEST=ssltest -key keyU.ss -cert certU.ss -c_key keyU.ss -c_cert certU.ss -CAfile certCA.ss
-
echo test sslv2
ssltest -ssl2
if errorlevel 1 goto done
echo test sslv2 with server authentication
-%SSL_TEST% -ssl2 -server_auth
+ssltest -ssl2 -server_auth -CAfile cert.tmp
if errorlevel 1 goto done
echo test sslv2 with client authentication
-%SSL_TEST% -ssl2 -client_auth
+ssltest -ssl2 -client_auth -CAfile cert.tmp
if errorlevel 1 goto done
echo test sslv2 with both client and server authentication
-%SSL_TEST% -ssl2 -server_auth -client_auth
+ssltest -ssl2 -server_auth -client_auth -CAfile cert.tmp
if errorlevel 1 goto done
echo test sslv3
@@ -110,15 +108,15 @@ ssltest -ssl3
if errorlevel 1 goto done
echo test sslv3 with server authentication
-%SSL_TEST% -ssl3 -server_auth
+ssltest -ssl3 -server_auth -CAfile cert.tmp
if errorlevel 1 goto done
echo test sslv3 with client authentication
-%SSL_TEST% -ssl3 -client_auth
+ssltest -ssl3 -client_auth -CAfile cert.tmp
if errorlevel 1 goto done
echo test sslv3 with both client and server authentication
-%SSL_TEST% -ssl3 -server_auth -client_auth
+ssltest -ssl3 -server_auth -client_auth -CAfile cert.tmp
if errorlevel 1 goto done
echo test sslv2/sslv3
@@ -126,15 +124,15 @@ ssltest
if errorlevel 1 goto done
echo test sslv2/sslv3 with server authentication
-%SSL_TEST% -server_auth
+ssltest -server_auth -CAfile cert.tmp
if errorlevel 1 goto done
echo test sslv2/sslv3 with client authentication
-%SSL_TEST% -client_auth
+ssltest -client_auth -CAfile cert.tmp
if errorlevel 1 goto done
echo test sslv2/sslv3 with both client and server authentication
-%SSL_TEST% -server_auth -client_auth
+ssltest -server_auth -client_auth -CAfile cert.tmp
if errorlevel 1 goto done
echo test sslv2 via BIO pair
@@ -146,15 +144,15 @@ ssltest -bio_pair -dhe1024dsa -v
if errorlevel 1 goto done
echo test sslv2 with server authentication via BIO pair
-%SSL_TEST% -bio_pair -ssl2 -server_auth
+ssltest -bio_pair -ssl2 -server_auth -CAfile cert.tmp
if errorlevel 1 goto done
echo test sslv2 with client authentication via BIO pair
-%SSL_TEST% -bio_pair -ssl2 -client_auth
+ssltest -bio_pair -ssl2 -client_auth -CAfile cert.tmp
if errorlevel 1 goto done
echo test sslv2 with both client and server authentication via BIO pair
-%SSL_TEST% -bio_pair -ssl2 -server_auth -client_auth
+ssltest -bio_pair -ssl2 -server_auth -client_auth -CAfile cert.tmp
if errorlevel 1 goto done
echo test sslv3 via BIO pair
@@ -162,31 +160,31 @@ ssltest -bio_pair -ssl3
if errorlevel 1 goto done
echo test sslv3 with server authentication via BIO pair
-%SSL_TEST% -bio_pair -ssl3 -server_auth
+ssltest -bio_pair -ssl3 -server_auth -CAfile cert.tmp
if errorlevel 1 goto done
echo test sslv3 with client authentication via BIO pair
-%SSL_TEST% -bio_pair -ssl3 -client_auth
+ssltest -bio_pair -ssl3 -client_auth -CAfile cert.tmp
if errorlevel 1 goto done
echo test sslv3 with both client and server authentication via BIO pair
-%SSL_TEST% -bio_pair -ssl3 -server_auth -client_auth
+ssltest -bio_pair -ssl3 -server_auth -client_auth -CAfile cert.tmp
if errorlevel 1 goto done
echo test sslv2/sslv3 via BIO pair
-ssltest -bio_pair
+ssltest
if errorlevel 1 goto done
echo test sslv2/sslv3 with server authentication
-%SSL_TEST% -bio_pair -server_auth
+ssltest -bio_pair -server_auth -CAfile cert.tmp
if errorlevel 1 goto done
echo test sslv2/sslv3 with client authentication via BIO pair
-%SSL_TEST% -bio_pair -client_auth
+ssltest -bio_pair -client_auth -CAfile cert.tmp
if errorlevel 1 goto done
echo test sslv2/sslv3 with both client and server authentication via BIO pair
-%SSL_TEST% -bio_pair -server_auth -client_auth
+ssltest -bio_pair -server_auth -client_auth -CAfile cert.tmp
if errorlevel 1 goto done
del cert.tmp
diff --git a/ms/testss.bat b/ms/testss.bat
index b4aaf3c601..f7e58e2756 100755
--- a/ms/testss.bat
+++ b/ms/testss.bat
@@ -4,7 +4,7 @@ rem set ssleay=..\out\ssleay
set ssleay=%1
set reqcmd=%ssleay% req
-set x509cmd=%ssleay% x509 -sha1
+set x509cmd=%ssleay% x509
set verifycmd=%ssleay% verify
set CAkey=keyCA.ss
diff --git a/ssl/Makefile.ssl b/ssl/Makefile.ssl
index c0f7e347a9..d82699d18f 100644
--- a/ssl/Makefile.ssl
+++ b/ssl/Makefile.ssl
@@ -77,7 +77,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
install:
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ @for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/ssl/install.com b/ssl/install.com
index 7fc008f91a..fcc1899ec9 100644
--- a/ssl/install.com
+++ b/ssl/install.com
@@ -4,6 +4,8 @@ $! Author: Richard Levitte <richard@levitte.org>
$! Time of creation: 22-MAY-1998 10:13
$!
$! P1 root of the directory tree
+$! P2 prefix for certain file (this is really for Compaq, who need to
+$! use the SSL$ prefix)
$!
$ IF P1 .EQS. ""
$ THEN
@@ -12,6 +14,13 @@ $ WRITE SYS$OUTPUT "Should be the directory where you want things installed.
$ EXIT
$ ENDIF
$
+$ IF P2 .NES. ""
+$ THEN
+$ FILE_PREFIX = P2
+$ ELSE
+$ FILE_PREFIX = ""
+$ ENDIF
+$
$ ROOT = F$PARSE(P1,"[]A.;0",,,"SYNTAX_ONLY,NO_CONCEAL") - "A.;0"
$ ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY")
$ ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") -
@@ -40,7 +49,7 @@ $ IF F$PARSE("WRK_SSLAEXE:") .EQS. "" THEN -
$
$ EXHEADER := ssl.h,ssl2.h,ssl3.h,ssl23.h,tls1.h,kssl.h
$ E_EXE := ssl_task
-$ LIBS := LIBSSL
+$ LIBS := LIBSSL64,LIBSSL32,LIBSSL,LIBSSL_SHR64,LIBSSL_SHR32,LIBSSL_SHR
$
$ VEXE_DIR := [-.VAX.EXE.SSL]
$ AEXE_DIR := [-.AXP.EXE.SSL]
@@ -82,8 +91,8 @@ $ ENDIF
$ ! Preparing for the time when we have shareable images
$ IF F$SEARCH(VEXE_DIR+E+".EXE") .NES. ""
$ THEN
-$ COPY 'VEXE_DIR''E'.EXE WRK_SSLVLIB:'E'.EXE/log
-$ SET FILE/PROT=W:RE WRK_SSLVLIB:'E'.EXE
+$ COPY 'VEXE_DIR''E'.EXE WRK_SSLVLIB:'FILE_PREFIX''E'.EXE/log
+$ SET FILE/PROT=W:RE WRK_SSLVLIB:'FILE_PREFIX''E'.EXE
$ ENDIF
$ IF F$SEARCH(AEXE_DIR+E+".OLB") .NES. ""
$ THEN
@@ -93,8 +102,8 @@ $ ENDIF
$ ! Preparing for the time when we have shareable images
$ IF F$SEARCH(AEXE_DIR+E+".EXE") .NES. ""
$ THEN
-$ COPY 'AEXE_DIR''E'.EXE WRK_SSLALIB:'E'.EXE/log
-$ SET FILE/PROT=W:RE WRK_SSLALIB:'E'.EXE
+$ COPY 'AEXE_DIR''E'.EXE WRK_SSLVLIB:'FILE_PREFIX''E'.EXE/log
+$ SET FILE/PROT=W:RE WRK_SSLVLIB:'FILE_PREFIX''E'.EXE
$ ENDIF
$ SET ON
$ GOTO LOOP_LIB
diff --git a/ssl/ssl-lib.com b/ssl/ssl-lib.com
index 163ade9f7a..fc0e63c310 100644
--- a/ssl/ssl-lib.com
+++ b/ssl/ssl-lib.com
@@ -40,7 +40,10 @@ $! UCX for UCX
$! TCPIP for TCPIP (post UCX)
$! SOCKETSHR for SOCKETSHR+NETLIB
$!
-$! P5, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
+$! P5, if defined, sets the pointer size to build with. The values can be
+$! be "32" or "64". Any other value will default to "32"
+$!
+$! P6, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
$!
$!
$! Define A TCP/IP Library That We Will Need To Link To.
@@ -98,6 +101,23 @@ $! End The Architecture Specific OBJ Directory Check.
$!
$ ENDIF
$!
+$! Define The LIS Directory.
+$!
+$ LIS_DIR := SYS$DISK:[-.'ARCH'.LIS.SSL]
+$!
+$! Check To See If The Architecture Specific LIS Directory Exists.
+$!
+$ IF (F$PARSE(LIS_DIR).EQS."")
+$ THEN
+$!
+$! It Dosen't Exist, So Create It.
+$!
+$ CREATE/DIR 'LIS_DIR'
+$!
+$! End The Architecture Specific LIS Directory Check.
+$!
+$ ENDIF
+$!
$! Define The EXE Directory.
$!
$ EXE_DIR := SYS$DISK:[-.'ARCH'.EXE.SSL]
@@ -117,11 +137,13 @@ $ ENDIF
$!
$! Define The Library Name.
$!
-$ SSL_LIB := 'EXE_DIR'LIBSSL.OLB
+$ SSL_LIB := 'EXE_DIR'LIBSSL'FILE_POINTER_SIZE'.OLB
$!
$! Define The CRYPTO-LIB We Are To Use.
$!
-$ CRYPTO_LIB := SYS$DISK:[-.'ARCH'.EXE.CRYPTO]LIBCRYPTO.OLB
+$ CRYPTO_LIB := SYS$DISK:[-.'ARCH'.EXE.CRYPTO]LIBCRYPTO'FILE_POINTER_SIZE'.OLB
+$!
+$! Define The RSAREF-LIB We Are To Use.
$!
$! Check To See What We Are To Do.
$!
@@ -207,6 +229,10 @@ $! Create The Source File Name.
$!
$ SOURCE_FILE = "SYS$DISK:[]" + FILE_NAME + ".C"
$!
+$! Create The Listing File Name.
+$!
+$ LIST_FILE = LIS_DIR + FILE_NAME + ".LIS"
+$!
$! Create The Object File Name.
$!
$ OBJECT_FILE = OBJ_DIR + FILE_NAME + ".OBJ"
@@ -220,7 +246,7 @@ $!
$! Tell The User That The File Dosen't Exist.
$!
$ WRITE SYS$OUTPUT ""
-$ WRITE SYS$OUTPUT "The File ",SOURCE_FILE," Dosen't Exist."
+$ WRITE SYS$OUTPUT F$MESSAGE("%X10018290") + ". The File ",SOURCE_FILE," Dosen't Exist."
$ WRITE SYS$OUTPUT ""
$!
$! Exit The Build.
@@ -238,7 +264,7 @@ $!
$! Compile The File.
$!
$ ON ERROR THEN GOTO NEXT_FILE
-$ CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$ CC/OBJECT='OBJECT_FILE'/LIST='LIST_FILE'/MACHINE_CODE 'SOURCE_FILE'
$!
$! Add It To The Library.
$!
@@ -281,7 +307,7 @@ $!
$! Tell The User That The File Dosen't Exist.
$!
$ WRITE SYS$OUTPUT ""
-$ WRITE SYS$OUTPUT "The File SSL_TASK.C Dosen't Exist."
+$ WRITE SYS$OUTPUT F$MESSAGE("%X10018290") + ". The File SSL_TASK.C Dosen't Exist."
$ WRITE SYS$OUTPUT ""
$!
$! Exit The Build.
@@ -615,15 +641,73 @@ $! End The P2 Check.
$!
$ ENDIF
$!
+$! On Alpha, pointers can be 32 or 64 bit wide. Libraries for both variants
+$! can be built, and will then have "32" in the name for the 32-bit variant.
+$! On VAX as well as the 64-bit variant on Alpha, the name carries no extra
+$! information about pointer size (i.e., 64 bits is default on Alpha and 32
+$! bits is default on VAX).
+$!
+$ IF (P5.NES."32" .AND. P5.NES."64")
+$ THEN
+$!
+$! Set The Default
+$!
+$ P5 = ""
+$!
+$! End of First Check Of P5
+$!
+$ ENDIF
+$!
+$! Check If P5 Isn't Set (Or Set Properly)
+$!
+$ IF (P5.EQS."" .OR. (P5.NES."32" .AND. ARCH.EQS."VAX"))
+$ THEN
+$!
+$! Check If We're On A VAX
+$!
+$ IF ARCH.EQS."VAX"
+$ THEN
+$!
+$! On VAX, We Force 32 Bit Pointers
+$!
+$ P5 = "32"
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$! On Alpha, We Use 64 Bit Pointers By Default
+$!
+$ P5 = "64"
+$!
+$! End Of Check For VAX
+$!
+$ ENDIF
+$!
+$! End Check Of P5
+$!
+$ ENDIF
+$!
+$! Set POINTER_SIZE
+$!
+$ POINTER_SIZE = P5
+$ QUAL_POINTER_SIZE = ""
+$ FILE_POINTER_SIZE = ""
+$ IF ARCH.EQS."AXP"
+$ THEN
+$ QUAL_POINTER_SIZE = "/POINTER_SIZE="+POINTER_SIZE
+$ IF POINTER_SIZE.EQS."32" THEN FILE_POINTER_SIZE = "32"
+$ ENDIF
+$!
$! Special Threads For OpenVMS v7.1 Or Later
$!
$! Written By: Richard Levitte
$! richard@levitte.org
$!
$!
-$! Check To See If We Have A Option For P5.
+$! Check To See If We Have A Option For P6.
$!
-$ IF (P5.EQS."")
+$ IF (P6.EQS."")
$ THEN
$!
$! Get The Version Of VMS We Are Using.
@@ -645,7 +729,7 @@ $! End The VMS Version Check.
$!
$ ENDIF
$!
-$! End The P5 Check.
+$! End The P6 Check.
$!
$ ENDIF
$!
@@ -777,7 +861,7 @@ $ CC = "CC"
$ IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" -
THEN CC = "CC/DECC"
$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + -
- "/NOLIST/PREFIX=ALL" + -
+ "/PREFIX=ALL" + -
"/INCLUDE=(SYS$DISK:[-.CRYPTO],SYS$DISK:[-])" + CCEXTRAFLAGS
$!
$! Define The Linker Options File Name.
@@ -810,7 +894,7 @@ $ WRITE SYS$OUTPUT "There is no VAX C on Alpha!"
$ EXIT
$ ENDIF
$ IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC"
-$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
+$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'" + -
"/INCLUDE=(SYS$DISK:[-.CRYPTO],SYS$DISK:[-])" + CCEXTRAFLAGS
$ CCDEFS = CCDEFS + ",""VAXC"""
$!
@@ -842,7 +926,7 @@ $!
$! Use GNU C...
$!
$ IF F$TYPE(GCC) .EQS. "" THEN GCC := GCC
-$ CC = GCC+"/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
+$ CC = GCC+"/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'" + -
"/INCLUDE=(SYS$DISK:[-.CRYPTO],SYS$DISK:[-])" + CCEXTRAFLAGS
$!
$! Define The Linker Options File Name.
@@ -873,6 +957,7 @@ $ ELSE
$ CCDISABLEWARNINGS = ""
$ CC4DISABLEWARNINGS = ""
$ ENDIF
+$ CC = CC + QUAL_POINTER_SIZE
$ CC2 = CC + "/DEFINE=(" + CCDEFS + ",_POSIX_C_SOURCE)" + CCDISABLEWARNINGS
$ CC3 = CC + "/DEFINE=(" + CCDEFS + ISSEVEN + ")" + CCDISABLEWARNINGS
$ CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
diff --git a/ssl/ssl.h b/ssl/ssl.h
index 579b9ef1b2..8ff9ab3304 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -711,6 +711,7 @@ struct ssl_ctx_st
void *msg_callback_arg;
int verify_mode;
+ int verify_depth;
unsigned int sid_ctx_length;
unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
int (*default_verify_callback)(int ok,X509_STORE_CTX *ctx); /* called 'verify_callback' in the SSL */
@@ -718,12 +719,8 @@ struct ssl_ctx_st
/* Default generate session ID callback. */
GEN_SESSION_CB generate_session_id;
- X509_VERIFY_PARAM *param;
-
-#if 0
int purpose; /* Purpose setting */
int trust; /* Trust setting */
-#endif
int quiet_shutdown;
};
@@ -864,12 +861,8 @@ struct ssl_st
int hit; /* reusing a previous session */
- X509_VERIFY_PARAM *param;
-
-#if 0
int purpose; /* Purpose setting */
int trust; /* Trust setting */
-#endif
/* crypto */
STACK_OF(SSL_CIPHER) *cipher_list;
@@ -914,6 +907,7 @@ struct ssl_st
/* Used in SSL2 and SSL3 */
int verify_mode; /* 0 don't care about verify failure.
* 1 fail if verify fails */
+ int verify_depth;
int (*verify_callback)(int ok,X509_STORE_CTX *ctx); /* fail if callback returns 0 */
void (*info_callback)(const SSL *ssl,int type,int val); /* optional informational callback */
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index b515c064a8..4cab28a200 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -483,22 +483,20 @@ int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk)
SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN,ERR_R_X509_LIB);
return(0);
}
- if (s->param)
- X509_VERIFY_PARAM_inherit(X509_STORE_CTX_get0_param(&ctx),
- s->param);
-#if 0
if (SSL_get_verify_depth(s) >= 0)
X509_STORE_CTX_set_depth(&ctx, SSL_get_verify_depth(s));
-#endif
X509_STORE_CTX_set_ex_data(&ctx,SSL_get_ex_data_X509_STORE_CTX_idx(),s);
- /* We need to inherit the verify parameters. These can be determined by
+ /* We need to set the verify purpose. The purpose can be determined by
* the context: if its a server it will verify SSL client certificates
* or vice versa.
*/
+ if (s->server)
+ i = X509_PURPOSE_SSL_CLIENT;
+ else
+ i = X509_PURPOSE_SSL_SERVER;
- X509_STORE_CTX_set_default(&ctx,
- s->server ? "ssl_client" : "ssl_server");
+ X509_STORE_CTX_purpose_inherit(&ctx, i, s->purpose, s->trust);
if (s->verify_callback)
X509_STORE_CTX_set_verify_cb(&ctx, s->verify_callback);
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index da231de213..c31927706a 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -169,6 +169,7 @@ static int init_ciphers=1;
static void load_ciphers(void)
{
+ init_ciphers=0;
ssl_cipher_methods[SSL_ENC_DES_IDX]=
EVP_get_cipherbyname(SN_des_cbc);
ssl_cipher_methods[SSL_ENC_3DES_IDX]=
@@ -192,7 +193,6 @@ static void load_ciphers(void)
EVP_get_digestbyname(SN_md5);
ssl_digest_methods[SSL_MD_SHA1_IDX]=
EVP_get_digestbyname(SN_sha1);
- init_ciphers=0;
}
static int sk_comp_cmp(const SSL_COMP * const *a,
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index c3bf50987c..7da3dda900 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -276,23 +276,14 @@ SSL *SSL_new(SSL_CTX *ctx)
s->msg_callback=ctx->msg_callback;
s->msg_callback_arg=ctx->msg_callback_arg;
s->verify_mode=ctx->verify_mode;
-#if 0
s->verify_depth=ctx->verify_depth;
-#endif
s->sid_ctx_length=ctx->sid_ctx_length;
OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx);
memcpy(&s->sid_ctx,&ctx->sid_ctx,sizeof(s->sid_ctx));
s->verify_callback=ctx->default_verify_callback;
s->generate_session_id=ctx->generate_session_id;
-
- s->param = X509_VERIFY_PARAM_new();
- if (!s->param)
- goto err;
- X509_VERIFY_PARAM_inherit(s->param, ctx->param);
-#if 0
s->purpose = ctx->purpose;
s->trust = ctx->trust;
-#endif
s->quiet_shutdown=ctx->quiet_shutdown;
CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
@@ -406,22 +397,22 @@ int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
int SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
{
- return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
+ return X509_PURPOSE_set(&s->purpose, purpose);
}
int SSL_set_purpose(SSL *s, int purpose)
{
- return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
+ return X509_PURPOSE_set(&s->purpose, purpose);
}
int SSL_CTX_set_trust(SSL_CTX *s, int trust)
{
- return X509_VERIFY_PARAM_set_trust(s->param, trust);
+ return X509_TRUST_set(&s->trust, trust);
}
int SSL_set_trust(SSL *s, int trust)
{
- return X509_VERIFY_PARAM_set_trust(s->param, trust);
+ return X509_TRUST_set(&s->trust, trust);
}
void SSL_free(SSL *s)
@@ -444,9 +435,6 @@ void SSL_free(SSL *s)
}
#endif
- if (s->param)
- X509_VERIFY_PARAM_free(s->param);
-
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
if (s->bbio != NULL)
@@ -659,7 +647,7 @@ int SSL_get_verify_mode(SSL *s)
int SSL_get_verify_depth(SSL *s)
{
- return X509_VERIFY_PARAM_get_depth(s->param);
+ return(s->verify_depth);
}
int (*SSL_get_verify_callback(SSL *s))(int,X509_STORE_CTX *)
@@ -674,7 +662,7 @@ int SSL_CTX_get_verify_mode(SSL_CTX *ctx)
int SSL_CTX_get_verify_depth(SSL_CTX *ctx)
{
- return X509_VERIFY_PARAM_get_depth(ctx->param);
+ return(ctx->verify_depth);
}
int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))(int,X509_STORE_CTX *)
@@ -692,7 +680,7 @@ void SSL_set_verify(SSL *s,int mode,
void SSL_set_verify_depth(SSL *s,int depth)
{
- X509_VERIFY_PARAM_set_depth(s->param, depth);
+ s->verify_depth=depth;
}
void SSL_set_read_ahead(SSL *s,int yes)
@@ -1357,9 +1345,7 @@ SSL_CTX *SSL_CTX_new(SSL_METHOD *meth)
ret->msg_callback=0;
ret->msg_callback_arg=NULL;
ret->verify_mode=SSL_VERIFY_NONE;
-#if 0
ret->verify_depth=-1; /* Don't impose a limit (but x509_lu.c does) */
-#endif
ret->sid_ctx_length=0;
ret->default_verify_callback=NULL;
if ((ret->cert=ssl_cert_new()) == NULL)
@@ -1385,10 +1371,6 @@ SSL_CTX *SSL_CTX_new(SSL_METHOD *meth)
goto err2;
}
- ret->param = X509_VERIFY_PARAM_new();
- if (!ret->param)
- goto err;
-
if ((ret->rsa_md5=EVP_get_digestbyname("ssl2-md5")) == NULL)
{
SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES);
@@ -1445,9 +1427,6 @@ void SSL_CTX_free(SSL_CTX *a)
}
#endif
- if (a->param)
- X509_VERIFY_PARAM_free(a->param);
-
/*
* Free internal session cache. However: the remove_cb() may reference
* the ex_data of SSL_CTX, thus the ex_data store can only be removed
@@ -1510,7 +1489,7 @@ void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,int (*cb)(int, X509_STORE_CTX *))
void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth)
{
- X509_VERIFY_PARAM_set_depth(ctx->param, depth);
+ ctx->verify_depth=depth;
}
void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
@@ -1602,7 +1581,7 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
if (rsa_enc || rsa_sign)
{
mask|=SSL_aRSA;
- emask|=SSL_aRSA;
+ mask|=SSL_aRSA;
}
if (dsa_sign)
@@ -2138,8 +2117,8 @@ SSL *SSL_dup(SSL *s)
ret->rstate=s->rstate;
ret->init_num = 0; /* would have to copy ret->init_buf, ret->init_msg, ret->init_num, ret->init_off */
ret->hit=s->hit;
-
- X509_VERIFY_PARAM_inherit(ret->param, s->param);
+ ret->purpose=s->purpose;
+ ret->trust=s->trust;
/* dup the cipher_list and cipher_list_by_id stacks */
if (s->cipher_list != NULL)
diff --git a/ssl/ssltest.c b/ssl/ssltest.c
index e57a8e7540..f0b3c93ba5 100644
--- a/ssl/ssltest.c
+++ b/ssl/ssltest.c
@@ -128,15 +128,10 @@
#define USE_SOCKETS
#include "e_os.h"
-#define _XOPEN_SOURCE 1 /* Or isascii won't be declared properly on
- VMS (at least with DECompHP C). */
-#include <ctype.h>
-
#include <openssl/bio.h>
#include <openssl/crypto.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
-#include <openssl/x509v3.h>
#include <openssl/ssl.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
@@ -185,14 +180,8 @@ static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export,int keylength);
static void free_tmp_rsa(void);
#endif
static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg);
-#define APP_CALLBACK_STRING "Test Callback Argument"
-struct app_verify_arg
- {
- char *string;
- int app_verify;
- char *proxy_auth;
- char *proxy_cond;
- };
+#define APP_CALLBACK "Test Callback Argument"
+static char *app_verify_arg = APP_CALLBACK;
#ifndef OPENSSL_NO_DH
static DH *get_dh512(void);
@@ -223,8 +212,6 @@ static void sv_usage(void)
fprintf(stderr,"\n");
fprintf(stderr," -server_auth - check server certificate\n");
fprintf(stderr," -client_auth - do client authentication\n");
- fprintf(stderr," -proxy_auth <val> - set proxy policy rights\n");
- fprintf(stderr," -proxy_cond <val> - experssion to test proxy policy rights\n");
fprintf(stderr," -v - more output\n");
fprintf(stderr," -d - debug output\n");
fprintf(stderr," -reuse - use session-id reuse\n");
@@ -382,8 +369,7 @@ int main(int argc, char *argv[])
int tls1=0,ssl2=0,ssl3=0,ret=1;
int client_auth=0;
int server_auth=0,i;
- struct app_verify_arg app_verify_arg =
- { APP_CALLBACK_STRING, 0, NULL, NULL };
+ int app_verify=0;
char *server_cert=TEST_SERVER_CERT;
char *server_key=NULL;
char *client_cert=TEST_CLIENT_CERT;
@@ -444,16 +430,6 @@ int main(int argc, char *argv[])
server_auth=1;
else if (strcmp(*argv,"-client_auth") == 0)
client_auth=1;
- else if (strcmp(*argv,"-proxy_auth") == 0)
- {
- if (--argc < 1) goto bad;
- app_verify_arg.proxy_auth= *(++argv);
- }
- else if (strcmp(*argv,"-proxy_cond") == 0)
- {
- if (--argc < 1) goto bad;
- app_verify_arg.proxy_cond= *(++argv);
- }
else if (strcmp(*argv,"-v") == 0)
verbose=1;
else if (strcmp(*argv,"-d") == 0)
@@ -578,7 +554,7 @@ int main(int argc, char *argv[])
}
else if (strcmp(*argv,"-app_verify") == 0)
{
- app_verify_arg.app_verify = 1;
+ app_verify = 1;
}
else
{
@@ -789,14 +765,20 @@ bad:
SSL_CTX_set_verify(s_ctx,
SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
verify_callback);
- SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, &app_verify_arg);
+ if (app_verify)
+ {
+ SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, app_verify_arg);
+ }
}
if (server_auth)
{
BIO_printf(bio_err,"server authentication\n");
SSL_CTX_set_verify(c_ctx,SSL_VERIFY_PEER,
verify_callback);
- SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback, &app_verify_arg);
+ if (app_verify)
+ {
+ SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, app_verify_arg);
+ }
}
{
@@ -1578,22 +1560,6 @@ err:
return(ret);
}
-static int get_proxy_auth_ex_data_idx(void)
- {
- static volatile int idx = -1;
- if (idx < 0)
- {
- CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
- if (idx < 0)
- {
- idx = X509_STORE_CTX_get_ex_new_index(0,
- "SSLtest for verify callback", NULL,NULL,NULL);
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
- }
- return idx;
- }
-
static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
{
char *s,buf[256];
@@ -1603,8 +1569,7 @@ static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
if (s != NULL)
{
if (ok)
- fprintf(stderr,"depth=%d %s\n",
- ctx->error_depth,buf);
+ fprintf(stderr,"depth=%d %s\n",ctx->error_depth,buf);
else
fprintf(stderr,"depth=%d error=%d %s\n",
ctx->error_depth,ctx->error,buf);
@@ -1621,440 +1586,25 @@ static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
}
}
- if (ok == 1)
- {
- X509 *xs = ctx->current_cert;
-#if 0
- X509 *xi = ctx->current_issuer;
-#endif
-
- if (xs->ex_flags & EXFLAG_PROXY)
- {
- unsigned int *letters =
- X509_STORE_CTX_get_ex_data(ctx,
- get_proxy_auth_ex_data_idx());
-
- if (letters)
- {
- int found_any = 0;
- int i;
- PROXY_CERT_INFO_EXTENSION *pci =
- X509_get_ext_d2i(xs, NID_proxyCertInfo,
- NULL, NULL);
-
- switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage))
- {
- case NID_Independent:
- /* Completely meaningless in this
- program, as there's no way to
- grant explicit rights to a
- specific PrC. Basically, using
- id-ppl-Independent is the perfect
- way to grant no rights at all. */
- fprintf(stderr, " Independent proxy certificate");
- for (i = 0; i < 26; i++)
- letters[i] = 0;
- break;
- case NID_id_ppl_inheritAll:
- /* This is basically a NOP, we
- simply let the current rights
- stand as they are. */
- fprintf(stderr, " Proxy certificate inherits all");
- break;
- default:
- s = (char *)
- pci->proxyPolicy->policy->data;
- i = pci->proxyPolicy->policy->length;
-
- /* The algorithm works as follows:
- it is assumed that previous
- iterations or the initial granted
- rights has already set some elements
- of `letters'. What we need to do is
- to clear those that weren't granted
- by the current PrC as well. The
- easiest way to do this is to add 1
- to all the elements whose letters
- are given with the current policy.
- That way, all elements that are set
- by the current policy and were
- already set by earlier policies and
- through the original grant of rights
- will get the value 2 or higher.
- The last thing to do is to sweep
- through `letters' and keep the
- elements having the value 2 as set,
- and clear all the others. */
-
- fprintf(stderr, " Certificate proxy rights = %*.*s", i, i, s);
- while(i-- > 0)
- {
- char c = *s++;
- if (isascii(c) && isalpha(c))
- {
- if (islower(c))
- c = toupper(c);
- letters[c - 'A']++;
- }
- }
- for (i = 0; i < 26; i++)
- if (letters[i] < 2)
- letters[i] = 0;
- else
- letters[i] = 1;
- }
-
- found_any = 0;
- fprintf(stderr,
- ", resulting proxy rights = ");
- for(i = 0; i < 26; i++)
- if (letters[i])
- {
- fprintf(stderr, "%c", i + 'A');
- found_any = 1;
- }
- if (!found_any)
- fprintf(stderr, "none");
- fprintf(stderr, "\n");
-
- PROXY_CERT_INFO_EXTENSION_free(pci);
- }
- }
- }
-
return(ok);
}
-static void process_proxy_debug(int indent, const char *format, ...)
- {
- static const char indentation[] =
- ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
- ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; /* That's 80 > */
- char my_format[256];
- va_list args;
-
- BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s",
- indent, indent, indentation, format);
-
- va_start(args, format);
- vfprintf(stderr, my_format, args);
- va_end(args);
- }
-/* Priority levels:
- 0 [!]var, ()
- 1 & ^
- 2 |
-*/
-static int process_proxy_cond_adders(unsigned int letters[26],
- const char *cond, const char **cond_end, int *pos, int indent);
-static int process_proxy_cond_val(unsigned int letters[26],
- const char *cond, const char **cond_end, int *pos, int indent)
- {
- char c;
- int ok = 1;
- int negate = 0;
-
- while(isspace(*cond))
- {
- cond++; (*pos)++;
- }
- c = *cond;
-
- if (debug)
- process_proxy_debug(indent,
- "Start process_proxy_cond_val at position %d: %s\n",
- *pos, cond);
-
- while(c == '!')
- {
- negate = !negate;
- cond++; (*pos)++;
- while(isspace(*cond))
- {
- cond++; (*pos)++;
- }
- c = *cond;
- }
-
- if (c == '(')
- {
- cond++; (*pos)++;
- ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
- indent + 1);
- cond = *cond_end;
- if (ok < 0)
- goto end;
- while(isspace(*cond))
- {
- cond++; (*pos)++;
- }
- c = *cond;
- if (c != ')')
- {
- fprintf(stderr,
- "Weird condition character in position %d: "
- "%c\n", *pos, c);
- ok = -1;
- goto end;
- }
- cond++; (*pos)++;
- }
- else if (isascii(c) && isalpha(c))
- {
- if (islower(c))
- c = toupper(c);
- ok = letters[c - 'A'];
- cond++; (*pos)++;
- }
- else
- {
- fprintf(stderr,
- "Weird condition character in position %d: "
- "%c\n", *pos, c);
- ok = -1;
- goto end;
- }
- end:
- *cond_end = cond;
- if (ok >= 0 && negate)
- ok = !ok;
-
- if (debug)
- process_proxy_debug(indent,
- "End process_proxy_cond_val at position %d: %s, returning %d\n",
- *pos, cond, ok);
-
- return ok;
- }
-static int process_proxy_cond_multipliers(unsigned int letters[26],
- const char *cond, const char **cond_end, int *pos, int indent)
- {
- int ok;
- char c;
-
- if (debug)
- process_proxy_debug(indent,
- "Start process_proxy_cond_multipliers at position %d: %s\n",
- *pos, cond);
-
- ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
- cond = *cond_end;
- if (ok < 0)
- goto end;
-
- while(ok >= 0)
- {
- while(isspace(*cond))
- {
- cond++; (*pos)++;
- }
- c = *cond;
-
- switch(c)
- {
- case '&':
- case '^':
- {
- int save_ok = ok;
-
- cond++; (*pos)++;
- ok = process_proxy_cond_val(letters,
- cond, cond_end, pos, indent + 1);
- cond = *cond_end;
- if (ok < 0)
- break;
-
- switch(c)
- {
- case '&':
- ok &= save_ok;
- break;
- case '^':
- ok ^= save_ok;
- break;
- default:
- fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
- " STOPPING\n");
- EXIT(1);
- }
- }
- break;
- default:
- goto end;
- }
- }
- end:
- if (debug)
- process_proxy_debug(indent,
- "End process_proxy_cond_multipliers at position %d: %s, returning %d\n",
- *pos, cond, ok);
-
- *cond_end = cond;
- return ok;
- }
-static int process_proxy_cond_adders(unsigned int letters[26],
- const char *cond, const char **cond_end, int *pos, int indent)
- {
- int ok;
- char c;
-
- if (debug)
- process_proxy_debug(indent,
- "Start process_proxy_cond_adders at position %d: %s\n",
- *pos, cond);
-
- ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
- indent + 1);
- cond = *cond_end;
- if (ok < 0)
- goto end;
-
- while(ok >= 0)
- {
- while(isspace(*cond))
- {
- cond++; (*pos)++;
- }
- c = *cond;
-
- switch(c)
- {
- case '|':
- {
- int save_ok = ok;
-
- cond++; (*pos)++;
- ok = process_proxy_cond_multipliers(letters,
- cond, cond_end, pos, indent + 1);
- cond = *cond_end;
- if (ok < 0)
- break;
-
- switch(c)
- {
- case '|':
- ok |= save_ok;
- break;
- default:
- fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
- " STOPPING\n");
- EXIT(1);
- }
- }
- break;
- default:
- goto end;
- }
- }
- end:
- if (debug)
- process_proxy_debug(indent,
- "End process_proxy_cond_adders at position %d: %s, returning %d\n",
- *pos, cond, ok);
-
- *cond_end = cond;
- return ok;
- }
-
-static int process_proxy_cond(unsigned int letters[26],
- const char *cond, const char **cond_end)
- {
- int pos = 1;
- return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1);
- }
-
static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg)
{
+ char *s = NULL,buf[256];
int ok=1;
- struct app_verify_arg *cb_arg = arg;
- unsigned int letters[26]; /* only used with proxy_auth */
-
- if (cb_arg->app_verify)
- {
- char *s = NULL,buf[256];
- fprintf(stderr, "In app_verify_callback, allowing cert. ");
- fprintf(stderr, "Arg is: %s\n", cb_arg->string);
- fprintf(stderr, "Finished printing do we have a context? 0x%x a cert? 0x%x\n",
+ fprintf(stderr, "In app_verify_callback, allowing cert. ");
+ fprintf(stderr, "Arg is: %s\n", (char *)arg);
+ fprintf(stderr, "Finished printing do we have a context? 0x%x a cert? 0x%x\n",
(unsigned int)ctx, (unsigned int)ctx->cert);
- if (ctx->cert)
- s=X509_NAME_oneline(X509_get_subject_name(ctx->cert),buf,256);
- if (s != NULL)
- {
- fprintf(stderr,"cert depth=%d %s\n",ctx->error_depth,buf);
- }
- return(1);
- }
- if (cb_arg->proxy_auth)
+ if (ctx->cert)
+ s=X509_NAME_oneline(X509_get_subject_name(ctx->cert),buf,256);
+ if (s != NULL)
{
- int found_any = 0, i;
- char *sp;
-
- for(i = 0; i < 26; i++)
- letters[i] = 0;
- for(sp = cb_arg->proxy_auth; *sp; sp++)
- {
- char c = *sp;
- if (isascii(c) && isalpha(c))
- {
- if (islower(c))
- c = toupper(c);
- letters[c - 'A'] = 1;
- }
- }
-
- fprintf(stderr,
- " Initial proxy rights = ");
- for(i = 0; i < 26; i++)
- if (letters[i])
- {
- fprintf(stderr, "%c", i + 'A');
- found_any = 1;
- }
- if (!found_any)
- fprintf(stderr, "none");
- fprintf(stderr, "\n");
-
- X509_STORE_CTX_set_ex_data(ctx,
- get_proxy_auth_ex_data_idx(),letters);
+ fprintf(stderr,"cert depth=%d %s\n",ctx->error_depth,buf);
}
-#ifndef OPENSSL_NO_X509_VERIFY
-# ifdef OPENSSL_FIPS
- if(s->version == TLS1_VERSION)
- FIPS_allow_md5(1);
-# endif
- ok = X509_verify_cert(ctx);
-# ifdef OPENSSL_FIPS
- if(s->version == TLS1_VERSION)
- FIPS_allow_md5(0);
-# endif
-#endif
-
- if (cb_arg->proxy_auth)
- {
- if (ok)
- {
- const char *cond_end = NULL;
-
- ok = process_proxy_cond(letters,
- cb_arg->proxy_cond, &cond_end);
-
- if (ok < 0)
- EXIT(3);
- if (*cond_end)
- {
- fprintf(stderr, "Stopped processing condition before it's end.\n");
- ok = 0;
- }
- if (!ok)
- fprintf(stderr, "Proxy rights check with condition '%s' proved invalid\n",
- cb_arg->proxy_cond);
- else
- fprintf(stderr, "Proxy rights check with condition '%s' proved valid\n",
- cb_arg->proxy_cond);
- }
- }
return(ok);
}
diff --git a/test/CAss.cnf b/test/CAss.cnf
index 20f8f05e3d..0884fee361 100644
--- a/test/CAss.cnf
+++ b/test/CAss.cnf
@@ -71,6 +71,4 @@ emailAddress = optional
[ v3_ca ]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
-basicConstraints = CA:true,pathlen:1
-keyUsage = cRLSign, keyCertSign
-issuerAltName=issuer:copy
+basicConstraints = CA:true
diff --git a/test/Makefile.ssl b/test/Makefile.ssl
index 1e733b3a1a..b5c23a639f 100644
--- a/test/Makefile.ssl
+++ b/test/Makefile.ssl
@@ -131,6 +131,14 @@ tests: exe apps $(TESTS)
apps:
@(cd ..; $(MAKE) DIRS=apps all)
+SET_SO_PATHS=OSSL_LIBPATH="`cd ..; pwd`"; \
+ LD_LIBRARY_PATH="$$OSSL_LIBPATH:$$LD_LIBRARY_PATH"; \
+ DYLD_LIBRARY_PATH="$$OSSL_LIBPATH:$$DYLD_LIBRARY_PATH"; \
+ SHLIB_PATH="$$OSSL_LIBPATH:$$SHLIB_PATH"; \
+ LIBPATH="$$OSSL_LIBPATH:$$LIBPATH"; \
+ if [ "$(PLATFORM)" = "Cygwin" ]; then PATH="$${LIBPATH}:$$PATH"; fi; \
+ export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH
+
alltests: \
test_des test_idea test_sha test_md4 test_md5 test_hmac \
test_md2 test_mdc2 \
@@ -141,144 +149,138 @@ alltests: \
test_ss test_ca test_engine test_evp test_ssl
test_evp:
- ../util/shlib_wrap.sh ./$(EVPTEST) evptests.txt
+ $(SET_SO_PATHS); ./$(EVPTEST) evptests.txt
test_des:
- ../util/shlib_wrap.sh ./$(DESTEST)
+ $(SET_SO_PATHS); ./$(DESTEST)
test_idea:
- ../util/shlib_wrap.sh ./$(IDEATEST)
+ $(SET_SO_PATHS); ./$(IDEATEST)
test_sha:
- ../util/shlib_wrap.sh ./$(SHATEST)
- ../util/shlib_wrap.sh ./$(SHA1TEST)
- ../util/shlib_wrap.sh ./$(SHA256TEST)
- ../util/shlib_wrap.sh ./$(SHA512TEST)
+ $(SET_SO_PATHS); ./$(SHATEST)
+ $(SET_SO_PATHS); ./$(SHA1TEST)
+ $(SET_SO_PATHS); ./$(SHA256TEST)
+ $(SET_SO_PATHS); ./$(SHA512TEST)
test_mdc2:
- ../util/shlib_wrap.sh ./$(MDC2TEST)
+ $(SET_SO_PATHS); ./$(MDC2TEST)
test_md5:
- ../util/shlib_wrap.sh ./$(MD5TEST)
+ $(SET_SO_PATHS); ./$(MD5TEST)
test_md4:
- ../util/shlib_wrap.sh ./$(MD4TEST)
+ $(SET_SO_PATHS); ./$(MD4TEST)
test_hmac:
- ../util/shlib_wrap.sh ./$(HMACTEST)
+ $(SET_SO_PATHS); ./$(HMACTEST)
test_md2:
- ../util/shlib_wrap.sh ./$(MD2TEST)
+ $(SET_SO_PATHS); ./$(MD2TEST)
test_rmd:
- ../util/shlib_wrap.sh ./$(RMDTEST)
+ $(SET_SO_PATHS); ./$(RMDTEST)
test_bf:
- ../util/shlib_wrap.sh ./$(BFTEST)
+ $(SET_SO_PATHS); ./$(BFTEST)
test_cast:
- ../util/shlib_wrap.sh ./$(CASTTEST)
+ $(SET_SO_PATHS); ./$(CASTTEST)
test_rc2:
- ../util/shlib_wrap.sh ./$(RC2TEST)
+ $(SET_SO_PATHS); ./$(RC2TEST)
test_rc4:
- ../util/shlib_wrap.sh ./$(RC4TEST)
+ $(SET_SO_PATHS); ./$(RC4TEST)
test_rc5:
- ../util/shlib_wrap.sh ./$(RC5TEST)
+ $(SET_SO_PATHS); ./$(RC5TEST)
test_rand:
- ../util/shlib_wrap.sh ./$(RANDTEST)
+ $(SET_SO_PATHS); ./$(RANDTEST)
test_enc:
- @sh ./testenc
+ @$(SET_SO_PATHS); sh ./testenc
test_x509:
echo test normal x509v1 certificate
- sh ./tx509 2>/dev/null
+ $(SET_SO_PATHS); sh ./tx509 2>/dev/null
echo test first x509v3 certificate
- sh ./tx509 v3-cert1.pem 2>/dev/null
+ $(SET_SO_PATHS); sh ./tx509 v3-cert1.pem 2>/dev/null
echo test second x509v3 certificate
- sh ./tx509 v3-cert2.pem 2>/dev/null
+ $(SET_SO_PATHS); sh ./tx509 v3-cert2.pem 2>/dev/null
test_rsa:
- @sh ./trsa 2>/dev/null
- ../util/shlib_wrap.sh ./$(RSATEST)
+ @$(SET_SO_PATHS); sh ./trsa 2>/dev/null
+ $(SET_SO_PATHS); ./$(RSATEST)
test_crl:
- @sh ./tcrl 2>/dev/null
+ @$(SET_SO_PATHS); sh ./tcrl 2>/dev/null
test_sid:
- @sh ./tsid 2>/dev/null
+ @$(SET_SO_PATHS); sh ./tsid 2>/dev/null
test_req:
- @sh ./treq 2>/dev/null
- @sh ./treq testreq2.pem 2>/dev/null
+ @$(SET_SO_PATHS); sh ./treq 2>/dev/null
+ @$(SET_SO_PATHS); sh ./treq testreq2.pem 2>/dev/null
test_pkcs7:
- @sh ./tpkcs7 2>/dev/null
- @sh ./tpkcs7d 2>/dev/null
+ @$(SET_SO_PATHS); sh ./tpkcs7 2>/dev/null
+ @$(SET_SO_PATHS); sh ./tpkcs7d 2>/dev/null
test_bn:
@echo starting big number library test, could take a while...
- @../util/shlib_wrap.sh ./$(BNTEST) >tmp.bntest
+ @$(SET_SO_PATHS); ./$(BNTEST) >tmp.bntest
@echo quit >>tmp.bntest
@echo "running bc"
@<tmp.bntest sh -c "`sh ./bctest ignore`" | $(PERL) -e '$$i=0; while (<STDIN>) {if (/^test (.*)/) {print STDERR "\nverify $$1";} elsif (!/^0$$/) {die "\nFailed! bc: $$_";} else {print STDERR "."; $$i++;}} print STDERR "\n$$i tests passed\n"'
@echo 'test a^b%c implementations'
- ../util/shlib_wrap.sh ./$(EXPTEST)
+ $(SET_SO_PATHS); ./$(EXPTEST)
test_ec:
@echo 'test elliptic curves'
- ../util/shlib_wrap.sh ./$(ECTEST)
+ $(SET_SO_PATHS); ./$(ECTEST)
test_ecdsa:
@echo 'test ecdsa'
- ../util/shlib_wrap.sh ./$(ECDSATEST)
+ $(SET_SO_PATHS); ./$(ECDSATEST)
test_ecdh:
@echo 'test ecdh'
- ../util/shlib_wrap.sh ./$(ECDHTEST)
+ $(SET_SO_PATHS); ./$(ECDHTEST)
test_verify:
@echo "The following command should have some OK's and some failures"
@echo "There are definitly a few expired certificates"
- ../util/shlib_wrap.sh ../apps/openssl verify -CApath ../certs ../certs/*.pem
+ $(SET_SO_PATHS); ../apps/openssl verify -CApath ../certs ../certs/*.pem
test_dh:
@echo "Generate a set of DH parameters"
- ../util/shlib_wrap.sh ./$(DHTEST)
+ $(SET_SO_PATHS); ./$(DHTEST)
test_dsa:
@echo "Generate a set of DSA parameters"
- ../util/shlib_wrap.sh ./$(DSATEST)
- ../util/shlib_wrap.sh ./$(DSATEST) -app2_1
+ $(SET_SO_PATHS); ./$(DSATEST)
+ $(SET_SO_PATHS); ./$(DSATEST) -app2_1
test_gen:
@echo "Generate and verify a certificate request"
- @sh ./testgen
+ @$(SET_SO_PATHS); sh ./testgen
-test_ss keyU.ss certU.ss certCA.ss certP1.ss keyP1.ss certP2.ss keyP2.ss \
- intP1.ss intP2.ss: testss
+test_ss keyU.ss certU.ss certCA.ss: testss
@echo "Generate and certify a test certificate"
- @sh ./testss
- @cat certCA.ss certU.ss > intP1.ss
- @cat certCA.ss certU.ss certP1.ss > intP2.ss
+ @$(SET_SO_PATHS); sh ./testss
test_engine:
@echo "Manipulate the ENGINE structures"
- ../util/shlib_wrap.sh ./$(ENGINETEST)
+ $(SET_SO_PATHS); ./$(ENGINETEST)
-test_ssl: keyU.ss certU.ss certCA.ss certP1.ss keyP1.ss certP2.ss keyP2.ss \
- intP1.ss intP2.ss
+test_ssl: keyU.ss certU.ss certCA.ss
@echo "test SSL protocol"
- @sh ./testssl keyU.ss certU.ss certCA.ss
- @sh ./testsslproxy keyP1.ss certP1.ss intP1.ss
- @sh ./testsslproxy keyP2.ss certP2.ss intP2.ss
+ @$(SET_SO_PATHS); sh ./testssl keyU.ss certU.ss certCA.ss
test_ca:
- @if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then \
+ @$(SET_SO_PATHS); if ../apps/openssl no-rsa; then \
echo "skipping CA.sh test -- requires RSA"; \
else \
echo "Generate and certify a test certificate via the 'ca' program"; \
@@ -287,7 +289,7 @@ test_ca:
test_aes: #$(AESTEST)
# @echo "test Rijndael"
-# ../util/shlib_wrap.sh ./$(AESTEST)
+# $(SET_SO_PATHS); ./$(AESTEST)
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
@@ -318,8 +320,7 @@ $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(RSATEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(RSATEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(RSATEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -335,8 +336,7 @@ $(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(BNTEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(BNTEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(BNTEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -352,8 +352,7 @@ $(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(ECTEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(ECTEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(ECTEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -369,8 +368,7 @@ $(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(EXPTEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(EXPTEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(EXPTEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -386,8 +384,7 @@ $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(IDEATEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(IDEATEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(IDEATEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -403,8 +400,7 @@ $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(MD2TEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(MD2TEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(MD2TEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -420,8 +416,7 @@ $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(SHATEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(SHATEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(SHATEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -437,8 +432,7 @@ $(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(SHA1TEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(SHA1TEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(SHA1TEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -454,8 +448,7 @@ $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(SHA256TEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(SHA256TEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(SHA256TEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -471,8 +464,7 @@ $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(SHA512TEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(SHA512TEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(SHA512TEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -488,8 +480,7 @@ $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(RMDTEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(RMDTEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(RMDTEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -505,8 +496,7 @@ $(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(MDC2TEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(MDC2TEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(MDC2TEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -522,8 +512,7 @@ $(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(MD4TEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(MD4TEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(MD4TEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -539,8 +528,7 @@ $(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(MD5TEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(MD5TEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(MD5TEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -556,8 +544,7 @@ $(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(HMACTEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(HMACTEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(HMACTEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -573,8 +560,7 @@ $(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(RC2TEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(RC2TEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(RC2TEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -590,8 +576,7 @@ $(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(BFTEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(BFTEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(BFTEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -607,8 +592,7 @@ $(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(CASTTEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(CASTTEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(CASTTEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -624,8 +608,7 @@ $(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(RC4TEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(RC4TEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(RC4TEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -641,8 +624,7 @@ $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(RC5TEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(RC5TEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(RC5TEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -658,8 +640,7 @@ $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(DESTEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(DESTEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(DESTEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -675,8 +656,7 @@ $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(RANDTEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(RANDTEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(RANDTEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -692,8 +672,7 @@ $(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(DHTEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(DHTEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(DHTEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -709,8 +688,7 @@ $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(DSATEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(DSATEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(DSATEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -726,8 +704,7 @@ $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(METHTEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(METHTEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(METHTEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -743,8 +720,7 @@ $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
LIBRARIES="$(LIBSSL) $(LIBKRB5) $(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(SSLTEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(SSLTEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(SSLTEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -760,8 +736,7 @@ $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(ENGINETEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(ENGINETEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(ENGINETEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -777,8 +752,7 @@ $(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(EVPTEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(EVPTEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(EVPTEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -794,8 +768,7 @@ $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(ECDSATEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(ECDSATEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(ECDSATEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -811,8 +784,7 @@ $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=$(ECDHTEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=$(ECDHTEST)$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="$(ECDHTEST).o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
@@ -838,13 +810,11 @@ dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO)
LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(NEWMAKE) -f $(TOP)/Makefile.shared \
- APPNAME=dummytest$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
- LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
+ APPNAME=dummytest$(EXE_EXT) LDFLAGS="$(CFLAGS)" \
OBJECTS="dummytest.o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
LIBRPATH=$(INSTALLTOP)/lib \
link_app.$${shlib_target}
- @case "../*.dll" in *\**) ;; *) cp -p ../*.dll .;; esac
# DO NOT DELETE THIS LINE -- make depend depends on it.
@@ -990,8 +960,7 @@ randtest.o: ../include/openssl/rand.h randtest.c
rc2test.o: ../e_os.h ../include/openssl/e_os2.h
rc2test.o: ../include/openssl/opensslconf.h ../include/openssl/rc2.h rc2test.c
rc4test.o: ../e_os.h ../include/openssl/e_os2.h
-rc4test.o: ../include/openssl/opensslconf.h ../include/openssl/rc4.h
-rc4test.o: ../include/openssl/sha.h rc4test.c
+rc4test.o: ../include/openssl/opensslconf.h ../include/openssl/rc4.h rc4test.c
rc5test.o: ../e_os.h ../include/openssl/e_os2.h
rc5test.o: ../include/openssl/opensslconf.h ../include/openssl/rc5.h rc5test.c
rmdtest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
@@ -1025,21 +994,20 @@ shatest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
shatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h shatest.c
ssltest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
ssltest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ssltest.o: ../include/openssl/comp.h ../include/openssl/conf.h
-ssltest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-ssltest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-ssltest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-ssltest.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-ssltest.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssltest.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-ssltest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ssltest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ssltest.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ssltest.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssltest.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-ssltest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssltest.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssltest.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssltest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssltest.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-ssltest.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h ssltest.c
+ssltest.o: ../include/openssl/comp.h ../include/openssl/crypto.h
+ssltest.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+ssltest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+ssltest.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+ssltest.o: ../include/openssl/engine.h ../include/openssl/err.h
+ssltest.o: ../include/openssl/evp.h ../include/openssl/kssl.h
+ssltest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+ssltest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ssltest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssltest.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssltest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+ssltest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+ssltest.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+ssltest.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssltest.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssltest.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssltest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssltest.c
diff --git a/test/Uss.cnf b/test/Uss.cnf
index 0c0ebb5f67..c89692d519 100644
--- a/test/Uss.cnf
+++ b/test/Uss.cnf
@@ -26,11 +26,3 @@ organizationName_value = Dodgy Brothers
1.commonName = Common Name (eg, YOUR name)
1.commonName_value = Brother 2
-
-[ v3_ee ]
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-basicConstraints = CA:false
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-issuerAltName=issuer:copy
-
diff --git a/test/install.com b/test/install.com
new file mode 100644
index 0000000000..f38d0bf251
--- /dev/null
+++ b/test/install.com
@@ -0,0 +1,87 @@
+$! INSTALL.COM -- Installs the files in a given directory tree
+$!
+$! Author: Richard Levitte <richard@levitte.org>
+$! Time of creation: 22-MAY-1998 10:13
+$!
+$! P1 root of the directory tree
+$!
+$ IF P1 .EQS. ""
+$ THEN
+$ WRITE SYS$OUTPUT "First argument missing."
+$ WRITE SYS$OUTPUT "Should be the directory where you want things installed."
+$ EXIT
+$ ENDIF
+$
+$ ROOT = F$PARSE(P1,"[]A.;0",,,"SYNTAX_ONLY,NO_CONCEAL") - "A.;0"
+$ ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY")
+$ ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") -
+ - "[000000." - "][" - "[" - "]"
+$ ROOT = ROOT_DEV + "[" + ROOT_DIR
+$
+$ DEFINE/NOLOG WRK_SSLROOT 'ROOT'.] /TRANS=CONC
+$ DEFINE/NOLOG WRK_SSLTEST WRK_SSLROOT:[TEST]
+$ DEFINE/NOLOG WRK_SSLVTEST WRK_SSLROOT:[VAX_TEST]
+$ DEFINE/NOLOG WRK_SSLATEST WRK_SSLROOT:[ALPHA_TEST]
+$
+$ IF F$PARSE("WRK_SSLROOT:[000000]") .EQS. "" THEN -
+ CREATE/DIR/LOG WRK_SSLROOT:[000000]
+$ IF F$PARSE("WRK_SSLTEST:") .EQS. "" THEN -
+ CREATE/DIR/LOG WRK_SSLTEST:
+$ IF F$PARSE("WRK_SSLATEST:") .EQS. "" THEN -
+ CREATE/DIR/LOG WRK_SSLATEST:
+$ IF F$PARSE("WRK_SSLATEST:") .EQS. "" THEN -
+ CREATE/DIR/LOG WRK_SSLATEST:
+$
+$ COM_FILES := TCRL,TESTCA,TESTENC,TESTGEN,TESTS,TESTSS, -
+ TESTSSL,TESTS_SHARE,TPKCS7,TPKCS7D, -
+ TREQ,TRSA,TSID,TVERIFY,TX509, -
+ [-.VMS.COMPAQ]SSL$IVP
+
+$
+$ EXE_FILES := BFTEST,BNTEST,CASTTEST,DESTEST, -
+ DHTEST,DSATEST,EXPTEST,HMACTEST, -
+ IDEATEST,MD2TEST,MD4TEST,MD5TEST, -
+ MDC2TEST,RANDTEST,RC2TEST,RC4TEST, -
+ RC5TEST,RMDTEST,RSA_TEST,SHA1TEST, -
+ SHATEST,SSLTEST
+$
+$ I = 0
+$ LOOP_COM:
+$ CF = F$EDIT(F$ELEMENT(I, ",",COM_FILES ),"TRIM")
+$ I = I + 1
+$ IF CF .EQS. "," THEN GOTO LOOP_COM_END
+$ SET NOON
+$ IF F$SEARCH(CF+".COM") .NES. ""
+$ THEN
+$ COPY 'CF'.COM WRK_SSLTEST:'CF'.COM/log
+$ SET FILE/PROT=W:RE WRK_SSLTEST:'CF'.COM
+$ ENDIF
+$ SET ON
+$ GOTO LOOP_COM
+$ LOOP_COM_END:
+$
+$ VEXE_DIR := [-.VAX.EXE.TEST]
+$ AEXE_DIR := [-.AXP.EXE.TEST]
+$
+$ I = 0
+$ LOOP_EXE:
+$ E = F$EDIT(F$ELEMENT(I, ",", EXE_FILES),"TRIM")
+$ I = I + 1
+$ IF E .EQS. "," THEN GOTO LOOP_EXE_END
+$ SET NOON
+$ IF F$SEARCH(VEXE_DIR+E+".EXE") .NES. ""
+$ THEN
+$ COPY 'VEXE_DIR''E'.EXE WRK_SSLVTEST:'E'.EXE/log
+$ SET FILE/PROT=W:RE WRK_SSLVTEST:'E'.EXE
+$ ENDIF
+$ IF F$SEARCH(AEXE_DIR+E+".EXE") .NES. ""
+$ THEN
+$ COPY 'AEXE_DIR''E'.EXE WRK_SSLATEST:'E'.EXE/log
+$ SET FILE/PROT=W:RE WRK_SSLATEST:'E'.EXE
+$ ENDIF
+$ SET ON
+$ GOTO LOOP_EXE
+$ LOOP_EXE_END:
+$!
+$!
+$ EXIT
diff --git a/test/maketests.com b/test/maketests.com
index 6da2620d98..15482cdbb7 100644
--- a/test/maketests.com
+++ b/test/maketests.com
@@ -32,9 +32,13 @@ $! P3, if defined, sets a TCP/IP library to use, through one of the following
$! keywords:
$!
$! UCX for UCX
+$! TCPIP for TCPIP (post UCX)
$! SOCKETSHR for SOCKETSHR+NETLIB
$!
-$! P4, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
+$! P4, if defined, sets the pointer size to build with. The values can be
+$! be "32" or "64". Any other value will default to "32"
+$!
+$! P5, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
$!
$!
$! Define A TCP/IP Library That We Will Need To Link To.
@@ -77,11 +81,13 @@ $ WRITE SYS$OUTPUT "Compiling On A ",ARCH," Machine."
$!
$! Define The CRYPTO-LIB We Are To Use.
$!
-$ CRYPTO_LIB := SYS$DISK:[-.'ARCH'.EXE.CRYPTO]LIBCRYPTO.OLB
+$ CRYPTO_LIB := SYS$DISK:[-.'ARCH'.EXE.CRYPTO]LIBCRYPTO'FILE_POINTER_SIZE'.OLB
+$!
+$! Define The RSAREF-LIB We Are To Use.
$!
$! Define The SSL We Are To Use.
$!
-$ SSL_LIB := SYS$DISK:[-.'ARCH'.EXE.SSL]LIBSSL.OLB
+$ SSL_LIB := SYS$DISK:[-.'ARCH'.EXE.SSL]LIBSSL'FILE_POINTER_SIZE'.OLB
$!
$! Define The OBJ Directory.
$!
@@ -100,6 +106,23 @@ $! End The Architecture Specific OBJ Directory Check.
$!
$ ENDIF
$!
+$! Define The LIS Directory.
+$!
+$ LIS_DIR := SYS$DISK:[-.'ARCH'.LIS.TEST]
+$!
+$! Check To See If The Architecture Specific LIS Directory Exists.
+$!
+$ IF (F$PARSE(LIS_DIR).EQS."")
+$ THEN
+$!
+$! The LIS Directory Dosen't Exist, So Create It.
+$!
+$ CREATE/DIRECTORY 'LIS_DIR'
+$!
+$! End The Architecture Specific LIS Directory Check.
+$!
+$ ENDIF
+$!
$! Define The EXE Directory.
$!
$ EXE_DIR := SYS$DISK:[-.'ARCH'.EXE.TEST]
@@ -163,10 +186,18 @@ $! Create The Source File Name.
$!
$ SOURCE_FILE = "SYS$DISK:[]" + FILE_NAME + ".C"
$!
+$! Create The Listing File Name.
+$!
+$ LIST_FILE = LIS_DIR + FILE_NAME + ".LIS"
+$!
$! Create The Object File Name.
$!
$ OBJECT_FILE = OBJ_DIR + FILE_NAME + ".OBJ"
$!
+$! Create The MAP File Name.
+$!
+$ MAP_FILE = LIS_DIR + FILE_NAME + ".MAP"
+$!
$! Create The Executable File Name.
$!
$ EXE_FILE = EXE_DIR + FILE_NAME + ".EXE"
@@ -195,7 +226,7 @@ $!
$! Compile The File.
$!
$ ON ERROR THEN GOTO NEXT_FILE
-$ CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$ CC/OBJECT='OBJECT_FILE'/LIST='LIST_FILE'/MACHINE_CODE 'SOURCE_FILE'
$ ON WARNING THEN GOTO NEXT_FILE
$!
$! Check If What We Are About To Compile Works Without A TCP/IP Library.
@@ -221,9 +252,11 @@ $!
$! Don't Link With The RSAREF Routines And TCP/IP Library.
$!
$ LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' -
+ /MAP = 'MAP_FILE' /FULL/CROSS -
'OBJECT_FILE', -
'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY, -
- 'TCPIP_LIB','OPT_FILE'/OPTION
+ 'TCPIP_LIB','OPT_FILE'/OPTION, -
+ SYS$DISK:[-]SSL_IDENT.OPT/OPTION
$!
$! Else...
$!
@@ -232,9 +265,10 @@ $!
$! Don't Link With The RSAREF Routines And Link With A TCP/IP Library.
$!
$ LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' -
+ /MAP = 'MAP_FILE' /FULL/CROSS -
'OBJECT_FILE', -
'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY, -
- 'OPT_FILE'/OPTION
+ 'OPT_FILE'/OPTION, SYS$DISK:[-]SSL_IDENT.OPT/OPTION
$!
$! End The TCP/IP Library Check.
$!
@@ -592,6 +626,64 @@ $ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX"
$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
$!
+$! On Alpha, pointers can be 32 or 64 bit wide. Libraries for both variants
+$! can be built, and will then have "32" in the name for the 32-bit variant.
+$! On VAX as well as the 64-bit variant on Alpha, the name carries no extra
+$! information about pointer size (i.e., 64 bits is default on Alpha and 32
+$! bits is default on VAX).
+$!
+$ IF (P4.NES."32" .AND. P4.NES."64")
+$ THEN
+$!
+$! Set The Default
+$!
+$ P4 = ""
+$!
+$! End of First Check Of P4
+$!
+$ ENDIF
+$!
+$! Check If P4 Isn't Set (Or Set Properly)
+$!
+$ IF (P4.EQS."" .OR. (P4.NES."32" .AND. ARCH.EQS."VAX"))
+$ THEN
+$!
+$! Check If We're On A VAX
+$!
+$ IF ARCH.EQS."VAX"
+$ THEN
+$!
+$! On VAX, We Force 32 Bit Pointers
+$!
+$ P4 = "32"
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$! On Alpha, We Use 64 Bit Pointers By Default
+$!
+$ P4 = "64"
+$!
+$! End Of Check For VAX
+$!
+$ ENDIF
+$!
+$! End Check Of P4
+$!
+$ ENDIF
+$!
+$! Set POINTER_SIZE
+$!
+$ POINTER_SIZE = P4
+$ QUAL_POINTER_SIZE = ""
+$ FILE_POINTER_SIZE = ""
+$ IF ARCH.EQS."AXP"
+$ THEN
+$ QUAL_POINTER_SIZE = "/POINTER_SIZE="+POINTER_SIZE
+$ IF POINTER_SIZE.EQS."32" THEN FILE_POINTER_SIZE = "32"
+$ ENDIF
+$!
$! Check To See If The User Entered A Valid Paramter.
$!
$ IF (P2.EQS."VAXC").OR.(P2.EQS."DECC").OR.(P2.EQS."GNUC")
@@ -616,7 +708,7 @@ $ CC = "CC"
$ IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" -
THEN CC = "CC/DECC"
$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + -
- "/NOLIST/PREFIX=ALL" + -
+ "/PREFIX=ALL" + -
"/INCLUDE=(SYS$DISK:[-],SYS$DISK:[-.CRYPTO])" + CCEXTRAFLAGS
$!
$! Define The Linker Options File Name.
@@ -649,7 +741,7 @@ $ WRITE SYS$OUTPUT "There is no VAX C on Alpha!"
$ EXIT
$ ENDIF
$ IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC"
-$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
+$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'" + -
"/INCLUDE=(SYS$DISK:[-],SYS$DISK:[-.CRYPTO])" + CCEXTRAFLAGS
$ CCDEFS = CCDEFS + ",""VAXC"""
$!
@@ -680,7 +772,7 @@ $ WRITE SYS$OUTPUT "Using GNU 'C' Compiler."
$!
$! Use GNU C...
$!
-$ CC = "GCC/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
+$ CC = "GCC/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'" + -
"/INCLUDE=(SYS$DISK:[-],SYS$DISK:[-.CRYPTO])" + CCEXTRAFLAGS
$!
$! Define The Linker Options File Name.
@@ -711,6 +803,7 @@ $ ELSE
$ CCDISABLEWARNINGS = ""
$ CC4DISABLEWARNINGS = ""
$ ENDIF
+$ CC = CC + QUAL_POINTER_SIZE
$ CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
$!
$! Show user the result
@@ -846,9 +939,9 @@ $! Written By: Richard Levitte
$! richard@levitte.org
$!
$!
-$! Check To See If We Have A Option For P4.
+$! Check To See If We Have A Option For P5.
$!
-$ IF (P4.EQS."")
+$ IF (P5.EQS."")
$ THEN
$!
$! Get The Version Of VMS We Are Using.
@@ -870,7 +963,7 @@ $! End The VMS Version Check.
$!
$ ENDIF
$!
-$! End The P4 Check.
+$! End The P5 Check.
$!
$ ENDIF
$!
diff --git a/test/tcrl b/test/tcrl
index 055269eab8..f71ef7a863 100644
--- a/test/tcrl
+++ b/test/tcrl
@@ -1,6 +1,13 @@
#!/bin/sh
-cmd='../util/shlib_wrap.sh ../apps/openssl crl'
+if test "$OSTYPE" = msdosdjgpp; then
+ PATH=../apps\;$PATH
+else
+ PATH=../apps:$PATH
+fi
+export PATH
+
+cmd='../apps/openssl crl'
if [ "$1"x != "x" ]; then
t=$1
diff --git a/test/testca b/test/testca
index b109cfe271..8215ebb5d1 100644
--- a/test/testca
+++ b/test/testca
@@ -2,18 +2,15 @@
SH="/bin/sh"
if test "$OSTYPE" = msdosdjgpp; then
- PATH="../apps\;$PATH"
+ PATH=./apps\;../apps\;$PATH
else
- PATH="../apps:$PATH"
+ PATH=../apps:$PATH
fi
export SH PATH
SSLEAY_CONFIG="-config CAss.cnf"
export SSLEAY_CONFIG
-OPENSSL="`pwd`/../util/opensslwrap.sh"
-export OPENSSL
-
/bin/rm -fr demoCA
$SH ../apps/CA.sh -newca <<EOF
EOF
diff --git a/test/testenc b/test/testenc
index 23e3f5a376..0656c7f525 100644
--- a/test/testenc
+++ b/test/testenc
@@ -2,7 +2,7 @@
testsrc=Makefile.ssl
test=./p
-cmd="../util/shlib_wrap.sh ../apps/openssl"
+cmd=../apps/openssl
cat $testsrc >$test;
diff --git a/test/testgen b/test/testgen
index 524c0d134c..3798543e04 100644
--- a/test/testgen
+++ b/test/testgen
@@ -17,7 +17,7 @@ echo "generating certificate request"
echo "string to make the random number generator think it has entropy" >> ./.rnd
-if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
+if ../apps/openssl no-rsa; then
req_new='-newkey dsa:../apps/dsa512.pem'
else
req_new='-new'
@@ -29,13 +29,13 @@ echo "This could take some time."
rm -f testkey.pem testreq.pem
-../util/shlib_wrap.sh ../apps/openssl req -config test.cnf $req_new -out testreq.pem
+../apps/openssl req -config test.cnf $req_new -out testreq.pem
if [ $? != 0 ]; then
echo problems creating request
exit 1
fi
-../util/shlib_wrap.sh ../apps/openssl req -config test.cnf -verify -in testreq.pem -noout
+../apps/openssl req -config test.cnf -verify -in testreq.pem -noout
if [ $? != 0 ]; then
echo signature on req is wrong
exit 1
diff --git a/test/tests.com b/test/tests.com
index 056082e7fe..9263c8b843 100644
--- a/test/tests.com
+++ b/test/tests.com
@@ -7,9 +7,12 @@ $ __here = f$parse(f$parse("A.;",__proc) - "A.;","[]A.;") - "A.;"
$ __save_default = f$environment("default")
$ __arch := VAX
$ if f$getsyi("cpu") .ge. 128 then __arch := AXP
+$
+$ show time
+$
$ texe_dir := sys$disk:[-.'__arch'.exe.test]
$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
-$
+$!
$ set default '__here'
$ on control_y then goto exit
$ on error then goto exit
@@ -63,6 +66,9 @@ $ loop_tests:
$ tests_e = f$element(tests_i,",",tests)
$ tests_i = tests_i + 1
$ if tests_e .eqs. "," then goto exit
+$ write sys$output " "
+$ write sys$output " Executing ''tests_e' ... "
+$ write sys$output " "
$ gosub 'tests_e'
$ goto loop_tests
$
@@ -254,4 +260,5 @@ $
$
$ exit:
$ set default '__save_default'
+$ show time
$ exit
diff --git a/test/testss b/test/testss
index 1a426857d3..8d3557f356 100644
--- a/test/testss
+++ b/test/testss
@@ -1,9 +1,9 @@
#!/bin/sh
-digest='-sha1'
-reqcmd="../util/shlib_wrap.sh ../apps/openssl req"
-x509cmd="../util/shlib_wrap.sh ../apps/openssl x509 $digest"
-verifycmd="../util/shlib_wrap.sh ../apps/openssl verify"
+digest='-md5'
+reqcmd="../apps/openssl req"
+x509cmd="../apps/openssl x509 $digest"
+verifycmd="../apps/openssl verify"
dummycnf="../apps/openssl.cnf"
CAkey="keyCA.ss"
@@ -17,24 +17,12 @@ Ukey="keyU.ss"
Ureq="reqU.ss"
Ucert="certU.ss"
-P1conf="P1ss.cnf"
-P1key="keyP1.ss"
-P1req="reqP1.ss"
-P1cert="certP1.ss"
-P1intermediate="tmp_intP1.ss"
-
-P2conf="P2ss.cnf"
-P2key="keyP2.ss"
-P2req="reqP2.ss"
-P2cert="certP2.ss"
-P2intermediate="tmp_intP2.ss"
-
echo
echo "make a certificate request using 'req'"
echo "string to make the random number generator think it has entropy" >> ./.rnd
-if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
+if ../apps/openssl no-rsa; then
req_new='-newkey dsa:../apps/dsa512.pem'
else
req_new='-new'
@@ -47,7 +35,7 @@ if [ $? != 0 ]; then
fi
echo
echo "convert the certificate request into a self signed certificate using 'x509'"
-$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey -extfile $CAconf -extensions v3_ca >err.ss
+$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey >err.ss
if [ $? != 0 ]; then
echo "error using 'x509' to self sign a certificate request"
exit 1
@@ -80,18 +68,18 @@ if [ $? != 0 ]; then
fi
echo
-echo "make a user certificate request using 'req'"
+echo "make another certificate request using 'req'"
$reqcmd -config $Uconf -out $Ureq -keyout $Ukey $req_new >err.ss
if [ $? != 0 ]; then
- echo "error using 'req' to generate a user certificate request"
+ echo "error using 'req' to generate a certificate request"
exit 1
fi
echo
-echo "sign user certificate request with the just created CA via 'x509'"
-$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -extfile $Uconf -extensions v3_ee >err.ss
+echo "sign certificate request with the just created CA via 'x509'"
+$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey >err.ss
if [ $? != 0 ]; then
- echo "error using 'x509' to sign a user certificate request"
+ echo "error using 'x509' to sign a certificate request"
exit 1
fi
@@ -101,63 +89,11 @@ echo "Certificate details"
$x509cmd -subject -issuer -startdate -enddate -noout -in $Ucert
echo
-echo "make a proxy certificate request using 'req'"
-$reqcmd -config $P1conf -out $P1req -keyout $P1key $req_new >err.ss
-if [ $? != 0 ]; then
- echo "error using 'req' to generate a proxy certificate request"
- exit 1
-fi
-
-echo
-echo "sign proxy certificate request with the just created user certificate via 'x509'"
-$x509cmd -CAcreateserial -in $P1req -days 30 -req -out $P1cert -CA $Ucert -CAkey $Ukey -extfile $P1conf -extensions v3_proxy >err.ss
-if [ $? != 0 ]; then
- echo "error using 'x509' to sign a proxy certificate request"
- exit 1
-fi
-
-cat $Ucert > $P1intermediate
-$verifycmd -CAfile $CAcert -untrusted $P1intermediate $P1cert
-echo
-echo "Certificate details"
-$x509cmd -subject -issuer -startdate -enddate -noout -in $P1cert
-
-echo
-echo "make another proxy certificate request using 'req'"
-$reqcmd -config $P2conf -out $P2req -keyout $P2key $req_new >err.ss
-if [ $? != 0 ]; then
- echo "error using 'req' to generate another proxy certificate request"
- exit 1
-fi
-
-echo
-echo "sign second proxy certificate request with the first proxy certificate via 'x509'"
-$x509cmd -CAcreateserial -in $P2req -days 30 -req -out $P2cert -CA $P1cert -CAkey $P1key -extfile $P2conf -extensions v3_proxy >err.ss
-if [ $? != 0 ]; then
- echo "error using 'x509' to sign a second proxy certificate request"
- exit 1
-fi
-
-cat $Ucert $P1cert > $P2intermediate
-$verifycmd -CAfile $CAcert -untrusted $P2intermediate $P2cert
-echo
-echo "Certificate details"
-$x509cmd -subject -issuer -startdate -enddate -noout -in $P2cert
-
-echo
echo The generated CA certificate is $CAcert
echo The generated CA private key is $CAkey
echo The generated user certificate is $Ucert
echo The generated user private key is $Ukey
-echo The first generated proxy certificate is $P1cert
-echo The first generated proxy private key is $P1key
-
-echo The second generated proxy certificate is $P2cert
-echo The second generated proxy private key is $P2key
-
/bin/rm err.ss
-#/bin/rm $P1intermediate
-#/bin/rm $P2intermediate
exit 0
diff --git a/test/testssl b/test/testssl
index 8ac90ae5ee..ca8e718022 100644
--- a/test/testssl
+++ b/test/testssl
@@ -10,9 +10,9 @@ if [ "$2" = "" ]; then
else
cert="$2"
fi
-ssltest="../util/shlib_wrap.sh ./ssltest -key $key -cert $cert -c_key $key -c_cert $cert"
+ssltest="./ssltest -key $key -cert $cert -c_key $key -c_cert $cert"
-if ../util/shlib_wrap.sh ../apps/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then
+if ../apps/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then
dsa_cert=YES
else
dsa_cert=NO
@@ -121,24 +121,24 @@ $ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
#############################################################################
-if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
+if ../apps/openssl no-dh; then
echo skipping anonymous DH tests
else
echo test tls1 with 1024bit anonymous DH, multiple handshakes
$ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1
fi
-if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
+if ../apps/openssl no-rsa; then
echo skipping RSA tests
else
echo test tls1 with 1024bit RSA, no DHE, multiple handshakes
- ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time $extra || exit 1
+ ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time $extra || exit 1
- if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
+ if ../apps/openssl no-dh; then
echo skipping RSA+DHE tests
else
echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
- ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
+ ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
fi
fi
diff --git a/test/tpkcs7 b/test/tpkcs7
index 3e435ffbf9..cf3bd9fadb 100644
--- a/test/tpkcs7
+++ b/test/tpkcs7
@@ -1,6 +1,13 @@
#!/bin/sh
-cmd='../util/shlib_wrap.sh ../apps/openssl pkcs7'
+if test "$OSTYPE" = msdosdjgpp; then
+ PATH=../apps\;$PATH
+else
+ PATH=../apps:$PATH
+fi
+export PATH
+
+cmd='../apps/openssl pkcs7'
if [ "$1"x != "x" ]; then
t=$1
diff --git a/test/tpkcs7d b/test/tpkcs7d
index 64fc28e88f..18f9311b06 100644
--- a/test/tpkcs7d
+++ b/test/tpkcs7d
@@ -1,6 +1,13 @@
#!/bin/sh
-cmd='../util/shlib_wrap.sh ../apps/openssl pkcs7'
+if test "$OSTYPE" = msdosdjgpp; then
+ PATH=../apps\;$PATH
+else
+ PATH=../apps:$PATH
+fi
+export PATH
+
+cmd='../apps/openssl pkcs7'
if [ "$1"x != "x" ]; then
t=$1
diff --git a/test/treq b/test/treq
index 2f20e640cf..47a8273cde 100644
--- a/test/treq
+++ b/test/treq
@@ -1,6 +1,13 @@
#!/bin/sh
-cmd='../util/shlib_wrap.sh ../apps/openssl req -config ../apps/openssl.cnf'
+if test "$OSTYPE" = msdosdjgpp; then
+ PATH=../apps\;$PATH
+else
+ PATH=../apps:$PATH
+fi
+export PATH
+
+cmd='../apps/openssl req -config ../apps/openssl.cnf'
if [ "$1"x != "x" ]; then
t=$1
diff --git a/test/trsa b/test/trsa
index 249ac1ddcc..413e2ec0a0 100644
--- a/test/trsa
+++ b/test/trsa
@@ -1,11 +1,18 @@
#!/bin/sh
-if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
+if test "$OSTYPE" = msdosdjgpp; then
+ PATH=../apps\;$PATH
+else
+ PATH=../apps:$PATH
+fi
+export PATH
+
+if ../apps/openssl no-rsa; then
echo skipping rsa conversion test
exit 0
fi
-cmd='../util/shlib_wrap.sh ../apps/openssl rsa'
+cmd='../apps/openssl rsa'
if [ "$1"x != "x" ]; then
t=$1
diff --git a/test/tsid b/test/tsid
index 6adbd531ce..40a1dfa97c 100644
--- a/test/tsid
+++ b/test/tsid
@@ -1,6 +1,13 @@
#!/bin/sh
-cmd='../util/shlib_wrap.sh ../apps/openssl sess_id'
+if test "$OSTYPE" = msdosdjgpp; then
+ PATH=../apps\;$PATH
+else
+ PATH=../apps:$PATH
+fi
+export PATH
+
+cmd='../apps/openssl sess_id'
if [ "$1"x != "x" ]; then
t=$1
diff --git a/test/tx509 b/test/tx509
index 4a15b98d17..d380963abc 100644
--- a/test/tx509
+++ b/test/tx509
@@ -1,6 +1,13 @@
#!/bin/sh
-cmd='../util/shlib_wrap.sh ../apps/openssl x509'
+if test "$OSTYPE" = msdosdjgpp; then
+ PATH=../apps\;$PATH
+else
+ PATH=../apps:$PATH
+fi
+export PATH
+
+cmd='../apps/openssl x509'
if [ "$1"x != "x" ]; then
t=$1
diff --git a/util/cygwin.sh b/util/cygwin.sh
index 0cc3197870..930f766b4f 100755
--- a/util/cygwin.sh
+++ b/util/cygwin.sh
@@ -39,7 +39,7 @@ function base_install()
function doc_install()
{
- DOC_DIR=${INSTALL_PREFIX}/usr/share/doc/openssl
+ DOC_DIR=${INSTALL_PREFIX}/usr/doc/openssl
mkdir -p ${DOC_DIR}
cp CHANGES CHANGES.SSLeay INSTALL LICENSE NEWS README ${DOC_DIR}
@@ -49,7 +49,7 @@ function doc_install()
function create_cygwin_readme()
{
- README_DIR=${INSTALL_PREFIX}/usr/share/doc/Cygwin
+ README_DIR=${INSTALL_PREFIX}/usr/doc/Cygwin
README_FILE=${README_DIR}/openssl-${VERSION}.README
mkdir -p ${README_DIR}
@@ -112,8 +112,8 @@ cd ${INSTALL_PREFIX}
strip usr/bin/*.exe usr/bin/*.dll
# Runtime package
-find etc usr/bin usr/share/doc usr/ssl/certs usr/ssl/man/man[157] \
- usr/ssl/misc usr/ssl/openssl.cnf usr/ssl/private -empty -o \! -type d |
+find etc usr/bin usr/doc usr/ssl/certs usr/ssl/man/man[157] usr/ssl/misc \
+ usr/ssl/openssl.cnf usr/ssl/private -empty -o \! -type d |
tar cjfT openssl-${VERSION}-${SUBVERSION}.tar.bz2 -
# Development package
find usr/include usr/lib usr/ssl/man/man3 -empty -o \! -type d |
diff --git a/util/libeay.num b/util/libeay.num
index 30beee2fb3..2dc32dc7dd 100755
--- a/util/libeay.num
+++ b/util/libeay.num
@@ -2804,499 +2804,432 @@ OPENSSL_cleanse 3245 EXIST::FUNCTION:
BN_get0_nist_prime_384 3246 EXIST::FUNCTION:
ENGINE_setup_bsd_cryptodev 3246 EXIST:__FreeBSD__:FUNCTION:ENGINE
ERR_release_err_state_table 3247 EXIST::FUNCTION:LHASH
-EVP_aes_128_cfb8 3248 EXIST::FUNCTION:AES
-FIPS_corrupt_rsa 3249 NOEXIST::FUNCTION:
-FIPS_selftest_des 3250 NOEXIST::FUNCTION:
-EVP_aes_128_cfb1 3251 EXIST::FUNCTION:AES
-EVP_aes_192_cfb8 3252 EXIST::FUNCTION:AES
-FIPS_mode_set 3253 NOEXIST::FUNCTION:
-FIPS_selftest_dsa 3254 NOEXIST::FUNCTION:
-EVP_aes_256_cfb8 3255 EXIST::FUNCTION:AES
-FIPS_allow_md5 3256 NOEXIST::FUNCTION:
-DES_ede3_cfb_encrypt 3257 EXIST::FUNCTION:DES
-EVP_des_ede3_cfb8 3258 EXIST::FUNCTION:DES
-FIPS_rand_seeded 3259 NOEXIST::FUNCTION:
-AES_cfbr_encrypt_block 3260 EXIST::FUNCTION:AES
-AES_cfb8_encrypt 3261 EXIST::FUNCTION:AES
-FIPS_rand_seed 3262 NOEXIST::FUNCTION:
-FIPS_corrupt_des 3263 NOEXIST::FUNCTION:
-EVP_aes_192_cfb1 3264 EXIST::FUNCTION:AES
-FIPS_selftest_aes 3265 NOEXIST::FUNCTION:
-FIPS_set_prng_key 3266 NOEXIST::FUNCTION:
-EVP_des_cfb8 3267 EXIST::FUNCTION:DES
-FIPS_corrupt_dsa 3268 NOEXIST::FUNCTION:
-FIPS_test_mode 3269 NOEXIST::FUNCTION:
-FIPS_rand_method 3270 NOEXIST::FUNCTION:
-EVP_aes_256_cfb1 3271 EXIST::FUNCTION:AES
-ERR_load_FIPS_strings 3272 NOEXIST::FUNCTION:
-FIPS_corrupt_aes 3273 NOEXIST::FUNCTION:
-FIPS_selftest_sha1 3274 NOEXIST::FUNCTION:
-FIPS_selftest_rsa 3275 NOEXIST::FUNCTION:
-FIPS_corrupt_sha1 3276 NOEXIST::FUNCTION:
-EVP_des_cfb1 3277 EXIST::FUNCTION:DES
-FIPS_dsa_check 3278 NOEXIST::FUNCTION:
-AES_cfb1_encrypt 3279 EXIST::FUNCTION:AES
-EVP_des_ede3_cfb1 3280 EXIST::FUNCTION:DES
-FIPS_rand_check 3281 NOEXIST::FUNCTION:
-FIPS_md5_allowed 3282 NOEXIST::FUNCTION:
-FIPS_mode 3283 NOEXIST::FUNCTION:
-FIPS_selftest_failed 3284 NOEXIST::FUNCTION:
-sk_is_sorted 3285 EXIST::FUNCTION:
-X509_check_ca 3286 EXIST::FUNCTION:
-d2i_PROXY_CERT_INFO_EXTENSION 3287 EXIST::FUNCTION:
-PROXY_POLICY_it 3288 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PROXY_POLICY_it 3288 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-i2d_PROXY_POLICY 3289 EXIST::FUNCTION:
-i2d_PROXY_CERT_INFO_EXTENSION 3290 EXIST::FUNCTION:
-d2i_PROXY_POLICY 3291 EXIST::FUNCTION:
-PROXY_CERT_INFO_EXTENSION_new 3292 EXIST::FUNCTION:
-PROXY_CERT_INFO_EXTENSION_free 3293 EXIST::FUNCTION:
-PROXY_CERT_INFO_EXTENSION_it 3294 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PROXY_CERT_INFO_EXTENSION_it 3294 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-PROXY_POLICY_free 3295 EXIST::FUNCTION:
-PROXY_POLICY_new 3296 EXIST::FUNCTION:
-ERR_set_mark 3297 EXIST::FUNCTION:
-X509_STORE_CTX_set0_crls 3298 EXIST::FUNCTION:
-ENGINE_set_STORE 3299 EXIST::FUNCTION:ENGINE
-ENGINE_register_ECDSA 3300 EXIST::FUNCTION:ENGINE
-STORE_method_set_list_start_function 3301 EXIST:!VMS:FUNCTION:
-STORE_meth_set_list_start_fn 3301 EXIST:VMS:FUNCTION:
-NAME_CONSTRAINTS_free 3302 EXIST::FUNCTION:
-STORE_ATTR_INFO_set_number 3303 EXIST::FUNCTION:
-X509_STORE_CTX_set0_param 3304 EXIST::FUNCTION:
-POLICY_MAPPING_it 3305 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-POLICY_MAPPING_it 3305 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-STORE_parse_attrs_start 3306 EXIST::FUNCTION:
-POLICY_CONSTRAINTS_free 3307 EXIST::FUNCTION:
-BN_nist_mod_192 3308 EXIST::FUNCTION:
-EC_GROUP_get_trinomial_basis 3309 EXIST::FUNCTION:EC
-STORE_set_method 3310 EXIST::FUNCTION:
-EVP_aes_256_cfb128 3311 EXIST::FUNCTION:AES
-GENERAL_SUBTREE_free 3312 EXIST::FUNCTION:
-NAME_CONSTRAINTS_it 3313 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-NAME_CONSTRAINTS_it 3313 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ECDH_get_default_method 3314 EXIST::FUNCTION:ECDH
-PKCS12_add_safe 3315 EXIST::FUNCTION:
-STORE_method_get_update_store_function 3316 EXIST:!VMS:FUNCTION:
-STORE_meth_get_update_store_fn 3316 EXIST:VMS:FUNCTION:
-ENGINE_register_ECDH 3317 EXIST::FUNCTION:ENGINE
-EVP_sha384 3318 EXIST::FUNCTION:SHA,SHA512
-SHA512_Update 3319 EXIST::FUNCTION:SHA,SHA512
-i2d_ECPrivateKey 3320 EXIST::FUNCTION:EC
-BN_get0_nist_prime_192 3321 EXIST::FUNCTION:
-STORE_modify_certificate 3322 EXIST::FUNCTION:
-EC_POINT_set_affine_coordinates_GF2m 3323 EXIST:!VMS:FUNCTION:EC
-EC_POINT_set_affine_coords_GF2m 3323 EXIST:VMS:FUNCTION:EC
-BN_GF2m_mod_exp_arr 3324 EXIST::FUNCTION:
-STORE_ATTR_INFO_modify_number 3325 EXIST::FUNCTION:
-X509_keyid_get0 3326 EXIST::FUNCTION:
-EC_GROUP_new_by_nid 3327 EXIST::FUNCTION:EC
-ENGINE_load_gmp 3328 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
-BN_GF2m_mod_mul_arr 3329 EXIST::FUNCTION:
-STORE_list_public_key_endp 3330 EXIST::FUNCTION:
-o2i_ECPublicKey 3331 EXIST::FUNCTION:EC
-EC_KEY_copy 3332 EXIST::FUNCTION:EC
-BIO_dump_fp 3333 EXIST::FUNCTION:FP_API
-X509_policy_node_get0_parent 3334 EXIST::FUNCTION:
-EC_GROUP_check_discriminant 3335 EXIST::FUNCTION:EC
-i2o_ECPublicKey 3336 EXIST::FUNCTION:EC
-a2i_IPADDRESS 3337 EXIST::FUNCTION:
-STORE_method_set_initialise_function 3338 EXIST:!VMS:FUNCTION:
-STORE_meth_set_initialise_fn 3338 EXIST:VMS:FUNCTION:
-X509_STORE_CTX_set_depth 3339 EXIST::FUNCTION:
-X509_VERIFY_PARAM_inherit 3340 EXIST::FUNCTION:
-EC_POINT_point2bn 3341 EXIST::FUNCTION:EC
-STORE_ATTR_INFO_set_dn 3342 EXIST::FUNCTION:
-X509_policy_tree_get0_policies 3343 EXIST::FUNCTION:
-EC_GROUP_new_curve_GF2m 3344 EXIST::FUNCTION:EC
-STORE_destroy_method 3345 EXIST::FUNCTION:
-ENGINE_unregister_STORE 3346 EXIST::FUNCTION:ENGINE
-EVP_PKEY_get1_EC_KEY 3347 EXIST::FUNCTION:EC
-STORE_ATTR_INFO_get0_number 3348 EXIST::FUNCTION:
-ENGINE_get_default_ECDH 3349 EXIST::FUNCTION:ENGINE
-ASN1_OCTET_STRING_NDEF_it 3350 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_OCTET_STRING_NDEF_it 3350 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-STORE_delete_public_key 3351 EXIST::FUNCTION:
-STORE_get_public_key 3352 EXIST::FUNCTION:
-STORE_modify_arbitrary 3353 EXIST::FUNCTION:
-ENGINE_get_static_state 3354 EXIST::FUNCTION:ENGINE
-ECDSA_SIG_new 3355 EXIST::FUNCTION:ECDSA
-OPENSSL_DIR_end 3356 EXIST::FUNCTION:
-BN_GF2m_mod_sqr 3357 EXIST::FUNCTION:
-EC_POINT_bn2point 3358 EXIST::FUNCTION:EC
-X509_VERIFY_PARAM_set_depth 3359 EXIST::FUNCTION:
-STORE_get_method 3360 EXIST::FUNCTION:
-STORE_parse_attrs_end 3361 EXIST::FUNCTION:
-EC_GROUP_get_point_conversion_form 3362 EXIST:!VMS:FUNCTION:EC
-EC_GROUP_get_point_conv_form 3362 EXIST:VMS:FUNCTION:EC
-STORE_method_set_store_function 3363 EXIST::FUNCTION:
-STORE_ATTR_INFO_in 3364 EXIST::FUNCTION:
-PEM_read_bio_ECPKParameters 3365 EXIST::FUNCTION:EC
-EC_GROUP_get_pentanomial_basis 3366 EXIST::FUNCTION:EC
-X509_VERIFY_PARAM_set1_policies 3367 EXIST::FUNCTION:
-EVP_sha512 3368 EXIST::FUNCTION:SHA,SHA512
-X509_VERIFY_PARAM_set1_name 3369 EXIST::FUNCTION:
-X509_VERIFY_PARAM_set_purpose 3370 EXIST::FUNCTION:
-EC_GROUP_get_nid 3371 EXIST::FUNCTION:EC
-STORE_get_number 3372 EXIST::FUNCTION:
-ECDSA_sign_setup 3373 EXIST::FUNCTION:ECDSA
-BN_GF2m_mod_solve_quad_arr 3374 EXIST::FUNCTION:
-EC_KEY_up_ref 3375 EXIST::FUNCTION:EC
-POLICY_MAPPING_free 3376 EXIST::FUNCTION:
-BN_GF2m_mod_div 3377 EXIST::FUNCTION:
-X509_VERIFY_PARAM_set_flags 3378 EXIST::FUNCTION:
-EC_KEY_free 3379 EXIST::FUNCTION:EC
-STORE_method_set_list_next_function 3380 EXIST:!VMS:FUNCTION:
-STORE_meth_set_list_next_fn 3380 EXIST:VMS:FUNCTION:
-PEM_write_bio_ECPrivateKey 3381 EXIST::FUNCTION:EC
-d2i_EC_PUBKEY 3382 EXIST::FUNCTION:EC
-STORE_method_get_generate_function 3383 EXIST:!VMS:FUNCTION:
-STORE_meth_get_generate_fn 3383 EXIST:VMS:FUNCTION:
-STORE_method_set_list_end_function 3384 EXIST:!VMS:FUNCTION:
-STORE_meth_set_list_end_fn 3384 EXIST:VMS:FUNCTION:
-EC_GROUP_have_precompute_mult 3385 EXIST::FUNCTION:EC
-EC_KEY_print_fp 3386 EXIST::FUNCTION:EC,FP_API
-BN_GF2m_mod_arr 3387 EXIST::FUNCTION:
-PEM_write_bio_X509_CERT_PAIR 3388 EXIST::FUNCTION:
-EVP_PKEY_cmp 3389 EXIST::FUNCTION:
-X509_policy_level_node_count 3390 EXIST::FUNCTION:
-STORE_new_engine 3391 EXIST::FUNCTION:
-STORE_list_public_key_start 3392 EXIST::FUNCTION:
-X509_VERIFY_PARAM_new 3393 EXIST::FUNCTION:
-ECDH_get_ex_data 3394 EXIST::FUNCTION:ECDH
-ECDSA_do_sign 3395 EXIST::FUNCTION:ECDSA
-ENGINE_unregister_ECDH 3396 EXIST::FUNCTION:ENGINE
-ECDH_OpenSSL 3397 EXIST::FUNCTION:ECDH
-EC_POINT_dup 3398 EXIST::FUNCTION:EC
-GENERAL_SUBTREE_new 3399 EXIST::FUNCTION:
-STORE_list_crl_endp 3400 EXIST::FUNCTION:
-EC_get_builtin_curves 3401 EXIST::FUNCTION:EC
-EVP_aes_128_cfb128 3402 EXIST::FUNCTION:AES
-X509_policy_node_get0_qualifiers 3403 EXIST:!VMS:FUNCTION:
-X509_pcy_node_get0_qualifiers 3403 EXIST:VMS:FUNCTION:
-STORE_list_crl_end 3404 EXIST::FUNCTION:
-EVP_PKEY_set1_EC_KEY 3405 EXIST::FUNCTION:EC
-BN_GF2m_mod_sqrt_arr 3406 EXIST::FUNCTION:
-i2d_ECPrivateKey_bio 3407 EXIST::FUNCTION:BIO,EC
-ECPKParameters_print_fp 3408 EXIST::FUNCTION:EC,FP_API
-ECDSA_SIG_free 3409 EXIST::FUNCTION:ECDSA
-PEM_write_bio_ECPKParameters 3410 EXIST::FUNCTION:EC
-STORE_method_set_ctrl_function 3411 EXIST::FUNCTION:
-STORE_list_public_key_end 3412 EXIST::FUNCTION:
-EC_GROUP_set_nid 3413 EXIST::FUNCTION:EC
-STORE_get_arbitrary 3414 EXIST::FUNCTION:
-STORE_store_crl 3415 EXIST::FUNCTION:
-X509_policy_node_get0_policy 3416 EXIST::FUNCTION:
-PKCS12_add_safes 3417 EXIST::FUNCTION:
-X509_policy_tree_free 3418 EXIST::FUNCTION:
-BN_GF2m_poly2arr 3419 EXIST::FUNCTION:
-STORE_ctrl 3420 EXIST::FUNCTION:
-EVP_sha224 3421 EXIST::FUNCTION:SHA,SHA256
-STORE_ATTR_INFO_compare 3422 EXIST::FUNCTION:
-BN_get0_nist_prime_224 3423 EXIST::FUNCTION:
-i2d_ECParameters 3424 EXIST::FUNCTION:EC
-i2d_ECPKParameters 3425 EXIST::FUNCTION:EC
-BN_GENCB_call 3426 EXIST::FUNCTION:
-BN_ncopy 3427 EXIST::FUNCTION:
-d2i_ECPKParameters 3428 EXIST::FUNCTION:EC
-STORE_method_set_generate_function 3429 EXIST:!VMS:FUNCTION:
-STORE_meth_set_generate_fn 3429 EXIST:VMS:FUNCTION:
-ENGINE_set_ECDH 3430 EXIST::FUNCTION:ENGINE
-NAME_CONSTRAINTS_new 3431 EXIST::FUNCTION:
-SHA256_Init 3432 EXIST::FUNCTION:SHA,SHA256
-PEM_write_bio_EC_PUBKEY 3433 EXIST::FUNCTION:EC
-STORE_ATTR_INFO_set_cstr 3434 EXIST::FUNCTION:
-STORE_list_crl_next 3435 EXIST::FUNCTION:
-STORE_ATTR_INFO_in_range 3436 EXIST::FUNCTION:
-ECParameters_print 3437 EXIST::FUNCTION:BIO,EC
-STORE_method_set_delete_function 3438 EXIST:!VMS:FUNCTION:
-STORE_meth_set_delete_fn 3438 EXIST:VMS:FUNCTION:
-STORE_list_certificate_next 3439 EXIST::FUNCTION:
-ASN1_generate_nconf 3440 EXIST::FUNCTION:
-BUF_memdup 3441 EXIST::FUNCTION:
-BN_GF2m_mod_mul 3442 EXIST::FUNCTION:
-STORE_method_get_list_next_function 3443 EXIST:!VMS:FUNCTION:
-STORE_meth_get_list_next_fn 3443 EXIST:VMS:FUNCTION:
-STORE_ATTR_INFO_get0_dn 3444 EXIST::FUNCTION:
-STORE_list_private_key_next 3445 EXIST::FUNCTION:
-EC_GROUP_set_seed 3446 EXIST::FUNCTION:EC
-X509_VERIFY_PARAM_set_trust 3447 EXIST::FUNCTION:
-STORE_ATTR_INFO_free 3448 EXIST::FUNCTION:
-STORE_get_private_key 3449 EXIST::FUNCTION:
-STORE_ATTR_INFO_new 3450 EXIST::FUNCTION:
-EC_GROUP_get_curve_GF2m 3451 EXIST::FUNCTION:EC
-STORE_method_set_revoke_function 3452 EXIST:!VMS:FUNCTION:
-STORE_meth_set_revoke_fn 3452 EXIST:VMS:FUNCTION:
-STORE_store_number 3453 EXIST::FUNCTION:
-BN_is_prime_ex 3454 EXIST::FUNCTION:
-STORE_revoke_public_key 3455 EXIST::FUNCTION:
-X509_STORE_CTX_get0_param 3456 EXIST::FUNCTION:
-STORE_delete_arbitrary 3457 EXIST::FUNCTION:
-PEM_read_X509_CERT_PAIR 3458 EXIST:!WIN16:FUNCTION:
-X509_STORE_set_depth 3459 EXIST::FUNCTION:
-ECDSA_get_ex_data 3460 EXIST::FUNCTION:ECDSA
-SHA224 3461 EXIST::FUNCTION:SHA,SHA256
-BIO_dump_indent_fp 3462 EXIST::FUNCTION:FP_API
-BUF_strndup 3463 EXIST::FUNCTION:
-STORE_list_certificate_start 3464 EXIST::FUNCTION:
-BN_GF2m_mod 3465 EXIST::FUNCTION:
-X509_REQ_check_private_key 3466 EXIST::FUNCTION:
-EC_GROUP_get_seed_len 3467 EXIST::FUNCTION:EC
-ERR_load_STORE_strings 3468 EXIST::FUNCTION:
-PEM_read_bio_EC_PUBKEY 3469 EXIST::FUNCTION:EC
-STORE_list_private_key_end 3470 EXIST::FUNCTION:
-i2d_EC_PUBKEY 3471 EXIST::FUNCTION:EC
-ECDSA_get_default_method 3472 EXIST::FUNCTION:ECDSA
-ASN1_put_eoc 3473 EXIST::FUNCTION:
-X509_STORE_CTX_get_explicit_policy 3474 EXIST:!VMS:FUNCTION:
-X509_STORE_CTX_get_expl_policy 3474 EXIST:VMS:FUNCTION:
-ECDSA_DATA_free 3475 EXIST::FUNCTION:ECDSA
-X509_VERIFY_PARAM_table_cleanup 3476 EXIST::FUNCTION:
-STORE_modify_private_key 3477 EXIST::FUNCTION:
-X509_VERIFY_PARAM_free 3478 EXIST::FUNCTION:
-EC_METHOD_get_field_type 3479 EXIST::FUNCTION:EC
-EC_GFp_nist_method 3480 EXIST::FUNCTION:EC
-STORE_method_set_modify_function 3481 EXIST:!VMS:FUNCTION:
-STORE_meth_set_modify_fn 3481 EXIST:VMS:FUNCTION:
-STORE_parse_attrs_next 3482 EXIST::FUNCTION:
-ENGINE_load_padlock 3483 EXIST::FUNCTION:ENGINE
-X509_CERT_PAIR_it 3484 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_CERT_PAIR_it 3484 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-STORE_method_get_revoke_function 3485 EXIST:!VMS:FUNCTION:
-STORE_meth_get_revoke_fn 3485 EXIST:VMS:FUNCTION:
-STORE_method_set_get_function 3486 EXIST::FUNCTION:
-STORE_modify_number 3487 EXIST::FUNCTION:
-STORE_method_get_store_function 3488 EXIST::FUNCTION:
-STORE_store_private_key 3489 EXIST::FUNCTION:
-BN_GF2m_mod_sqr_arr 3490 EXIST::FUNCTION:
-STORE_Memory 3491 EXIST::FUNCTION:
-sk_find_ex 3492 EXIST::FUNCTION:
-EC_GROUP_set_curve_GF2m 3493 EXIST::FUNCTION:EC
-ENGINE_set_default_ECDSA 3494 EXIST::FUNCTION:ENGINE
-POLICY_CONSTRAINTS_new 3495 EXIST::FUNCTION:
-BN_GF2m_mod_sqrt 3496 EXIST::FUNCTION:
-ECDH_set_default_method 3497 EXIST::FUNCTION:ECDH
-EC_KEY_generate_key 3498 EXIST::FUNCTION:EC
-SHA384_Update 3499 EXIST::FUNCTION:SHA,SHA512
-BN_GF2m_arr2poly 3500 EXIST::FUNCTION:
-STORE_method_get_get_function 3501 EXIST::FUNCTION:
-STORE_method_set_cleanup_function 3502 EXIST:!VMS:FUNCTION:
-STORE_meth_set_cleanup_fn 3502 EXIST:VMS:FUNCTION:
-EC_GROUP_check 3503 EXIST::FUNCTION:EC
-d2i_ECPrivateKey_bio 3504 EXIST::FUNCTION:BIO,EC
-STORE_method_get_lock_store_function 3505 EXIST:!VMS:FUNCTION:
-STORE_meth_get_lock_store_fn 3505 EXIST:VMS:FUNCTION:
-X509_VERIFY_PARAM_get_depth 3506 EXIST::FUNCTION:
-EVP_aes_192_cfb128 3507 EXIST::FUNCTION:AES
-SHA224_Final 3508 EXIST::FUNCTION:SHA,SHA256
-STORE_method_set_update_store_function 3509 EXIST:!VMS:FUNCTION:
-STORE_meth_set_update_store_fn 3509 EXIST:VMS:FUNCTION:
-SHA224_Update 3510 EXIST::FUNCTION:SHA,SHA256
-d2i_ECPrivateKey 3511 EXIST::FUNCTION:EC
-ASN1_item_ndef_i2d 3512 EXIST::FUNCTION:
-STORE_delete_private_key 3513 EXIST::FUNCTION:
-ERR_pop_to_mark 3514 EXIST::FUNCTION:
-ENGINE_register_all_STORE 3515 EXIST::FUNCTION:ENGINE
-X509_policy_level_get0_node 3516 EXIST::FUNCTION:
-i2d_PKCS7_NDEF 3517 EXIST::FUNCTION:
-EC_GROUP_get_degree 3518 EXIST::FUNCTION:EC
-ASN1_generate_v3 3519 EXIST::FUNCTION:
-STORE_ATTR_INFO_modify_cstr 3520 EXIST::FUNCTION:
-X509_policy_tree_level_count 3521 EXIST::FUNCTION:
-BN_GF2m_add 3522 EXIST::FUNCTION:
-STORE_generate_crl 3523 EXIST::FUNCTION:
-STORE_store_public_key 3524 EXIST::FUNCTION:
-X509_CERT_PAIR_free 3525 EXIST::FUNCTION:
-STORE_revoke_private_key 3526 EXIST::FUNCTION:
-BN_nist_mod_224 3527 EXIST::FUNCTION:
-SHA512_Final 3528 EXIST::FUNCTION:SHA,SHA512
-STORE_ATTR_INFO_modify_dn 3529 EXIST::FUNCTION:
-STORE_method_get_initialise_function 3530 EXIST:!VMS:FUNCTION:
-STORE_meth_get_initialise_fn 3530 EXIST:VMS:FUNCTION:
-STORE_delete_number 3531 EXIST::FUNCTION:
-i2d_EC_PUBKEY_bio 3532 EXIST::FUNCTION:BIO,EC
-EC_GROUP_get_asn1_flag 3533 EXIST::FUNCTION:EC
-STORE_ATTR_INFO_in_ex 3534 EXIST::FUNCTION:
-STORE_list_crl_start 3535 EXIST::FUNCTION:
-ECDH_get_ex_new_index 3536 EXIST::FUNCTION:ECDH
-STORE_method_get_modify_function 3537 EXIST:!VMS:FUNCTION:
-STORE_meth_get_modify_fn 3537 EXIST:VMS:FUNCTION:
-v2i_ASN1_BIT_STRING 3538 EXIST::FUNCTION:
-STORE_store_certificate 3539 EXIST::FUNCTION:
-OBJ_bsearch_ex 3540 EXIST::FUNCTION:
-X509_STORE_CTX_set_default 3541 EXIST::FUNCTION:
-STORE_ATTR_INFO_set_sha1str 3542 EXIST::FUNCTION:
-BN_GF2m_mod_inv 3543 EXIST::FUNCTION:
-BN_GF2m_mod_exp 3544 EXIST::FUNCTION:
-STORE_modify_public_key 3545 EXIST::FUNCTION:
-STORE_method_get_list_start_function 3546 EXIST:!VMS:FUNCTION:
-STORE_meth_get_list_start_fn 3546 EXIST:VMS:FUNCTION:
-EC_GROUP_get0_seed 3547 EXIST::FUNCTION:EC
-ecdsa_check 3548 EXIST::FUNCTION:ECDSA
-STORE_store_arbitrary 3549 EXIST::FUNCTION:
-STORE_method_set_unlock_store_function 3550 EXIST:!VMS:FUNCTION:
-STORE_meth_set_unlock_store_fn 3550 EXIST:VMS:FUNCTION:
-BN_GF2m_mod_div_arr 3551 EXIST::FUNCTION:
-ENGINE_set_ECDSA 3552 EXIST::FUNCTION:ENGINE
-STORE_create_method 3553 EXIST::FUNCTION:
-ECPKParameters_print 3554 EXIST::FUNCTION:BIO,EC
-PEM_write_EC_PUBKEY 3555 EXIST:!WIN16:FUNCTION:EC
-X509_VERIFY_PARAM_set1 3556 EXIST::FUNCTION:
-ECDH_set_method 3557 EXIST::FUNCTION:ECDH
-v2i_GENERAL_NAME_ex 3558 EXIST::FUNCTION:
-ECDH_set_ex_data 3559 EXIST::FUNCTION:ECDH
-STORE_generate_key 3560 EXIST::FUNCTION:
-BN_nist_mod_521 3561 EXIST::FUNCTION:
-X509_policy_tree_get0_level 3562 EXIST::FUNCTION:
-EC_GROUP_set_point_conversion_form 3563 EXIST:!VMS:FUNCTION:EC
-EC_GROUP_set_point_conv_form 3563 EXIST:VMS:FUNCTION:EC
-PEM_read_EC_PUBKEY 3564 EXIST:!WIN16:FUNCTION:EC
-i2d_ECDSA_SIG 3565 EXIST::FUNCTION:ECDSA
-ECDSA_OpenSSL 3566 EXIST::FUNCTION:ECDSA
-STORE_delete_crl 3567 EXIST::FUNCTION:
-ASN1_const_check_infinite_end 3568 EXIST::FUNCTION:
-ECDSA_set_default_method 3569 EXIST::FUNCTION:ECDSA
-EC_POINT_set_compressed_coordinates_GF2m 3570 EXIST:!VMS:FUNCTION:EC
-EC_POINT_set_compr_coords_GF2m 3570 EXIST:VMS:FUNCTION:EC
-EC_GROUP_cmp 3571 EXIST::FUNCTION:EC
-STORE_revoke_certificate 3572 EXIST::FUNCTION:
-ECDH_DATA_new_method 3573 EXIST::FUNCTION:ECDH
-BN_get0_nist_prime_256 3574 EXIST::FUNCTION:
-STORE_method_get_delete_function 3575 EXIST:!VMS:FUNCTION:
-STORE_meth_get_delete_fn 3575 EXIST:VMS:FUNCTION:
-SHA224_Init 3576 EXIST::FUNCTION:SHA,SHA256
-PEM_read_ECPrivateKey 3577 EXIST:!WIN16:FUNCTION:EC
-SHA512_Init 3578 EXIST::FUNCTION:SHA,SHA512
-STORE_parse_attrs_endp 3579 EXIST::FUNCTION:
-ERR_load_ECDSA_strings 3580 EXIST::FUNCTION:ECDSA
-EC_GROUP_get_basis_type 3581 EXIST::FUNCTION:EC
-ECDH_DATA_new 3582 EXIST::FUNCTION:ECDH
-STORE_list_public_key_next 3583 EXIST::FUNCTION:
-i2v_ASN1_BIT_STRING 3584 EXIST::FUNCTION:
-STORE_OBJECT_free 3585 EXIST::FUNCTION:
-BN_nist_mod_384 3586 EXIST::FUNCTION:
-i2d_X509_CERT_PAIR 3587 EXIST::FUNCTION:
-PEM_write_ECPKParameters 3588 EXIST:!WIN16:FUNCTION:EC
-ECDH_compute_key 3589 EXIST::FUNCTION:ECDH
-STORE_ATTR_INFO_get0_sha1str 3590 EXIST::FUNCTION:
-ENGINE_register_all_ECDH 3591 EXIST::FUNCTION:ENGINE
-STORE_ATTR_INFO_get0_cstr 3592 EXIST::FUNCTION:
-POLICY_CONSTRAINTS_it 3593 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-POLICY_CONSTRAINTS_it 3593 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-STORE_get_ex_new_index 3594 EXIST::FUNCTION:
-X509_VERIFY_PARAM_add0_policy 3595 EXIST::FUNCTION:
-BN_GF2m_mod_solve_quad 3596 EXIST::FUNCTION:
-SHA256 3597 EXIST::FUNCTION:SHA,SHA256
-i2d_ECPrivateKey_fp 3598 EXIST::FUNCTION:EC,FP_API
-X509_policy_tree_get0_user_policies 3599 EXIST:!VMS:FUNCTION:
-X509_pcy_tree_get0_usr_policies 3599 EXIST:VMS:FUNCTION:
-OPENSSL_DIR_read 3600 EXIST::FUNCTION:
-ENGINE_register_all_ECDSA 3601 EXIST::FUNCTION:ENGINE
-X509_VERIFY_PARAM_lookup 3602 EXIST::FUNCTION:
-EC_POINT_get_affine_coordinates_GF2m 3603 EXIST:!VMS:FUNCTION:EC
-EC_POINT_get_affine_coords_GF2m 3603 EXIST:VMS:FUNCTION:EC
-EC_GROUP_dup 3604 EXIST::FUNCTION:EC
-ENGINE_get_default_ECDSA 3605 EXIST::FUNCTION:ENGINE
-EC_KEY_new 3606 EXIST::FUNCTION:EC
-SHA256_Transform 3607 EXIST::FUNCTION:SHA,SHA256
-ECDSA_verify 3608 EXIST::FUNCTION:ECDSA
-EC_POINT_point2hex 3609 EXIST::FUNCTION:EC
-ENGINE_get_STORE 3610 EXIST::FUNCTION:ENGINE
-SHA512 3611 EXIST::FUNCTION:SHA,SHA512
-STORE_get_certificate 3612 EXIST::FUNCTION:
-ECDSA_do_verify 3613 EXIST::FUNCTION:ECDSA
-d2i_ECPrivateKey_fp 3614 EXIST::FUNCTION:EC,FP_API
-STORE_delete_certificate 3615 EXIST::FUNCTION:
-SHA512_Transform 3616 EXIST::FUNCTION:SHA,SHA512
-X509_STORE_set1_param 3617 EXIST::FUNCTION:
-STORE_method_get_ctrl_function 3618 EXIST::FUNCTION:
-STORE_free 3619 EXIST::FUNCTION:
-PEM_write_ECPrivateKey 3620 EXIST:!WIN16:FUNCTION:EC
-STORE_method_get_unlock_store_function 3621 EXIST:!VMS:FUNCTION:
-STORE_meth_get_unlock_store_fn 3621 EXIST:VMS:FUNCTION:
-STORE_get_ex_data 3622 EXIST::FUNCTION:
-PEM_read_ECPKParameters 3623 EXIST:!WIN16:FUNCTION:EC
-X509_CERT_PAIR_new 3624 EXIST::FUNCTION:
-ENGINE_register_STORE 3625 EXIST::FUNCTION:ENGINE
-RSA_generate_key_ex 3626 EXIST::FUNCTION:RSA
-DSA_generate_parameters_ex 3627 EXIST::FUNCTION:DSA
-ECParameters_print_fp 3628 EXIST::FUNCTION:EC,FP_API
-X509V3_NAME_from_section 3629 EXIST::FUNCTION:
-STORE_modify_crl 3630 EXIST::FUNCTION:
-STORE_list_private_key_start 3631 EXIST::FUNCTION:
-POLICY_MAPPINGS_it 3632 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-POLICY_MAPPINGS_it 3632 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-GENERAL_SUBTREE_it 3633 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-GENERAL_SUBTREE_it 3633 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ECDH_DATA_free 3634 EXIST::FUNCTION:ECDH
-PEM_write_X509_CERT_PAIR 3635 EXIST:!WIN16:FUNCTION:
-BIO_dump_indent_cb 3636 EXIST::FUNCTION:
-d2i_X509_CERT_PAIR 3637 EXIST::FUNCTION:
-STORE_list_private_key_endp 3638 EXIST::FUNCTION:
-asn1_const_Finish 3639 EXIST::FUNCTION:
-i2d_EC_PUBKEY_fp 3640 EXIST::FUNCTION:EC,FP_API
-BN_nist_mod_256 3641 EXIST::FUNCTION:
-ECDSA_DATA_new 3642 EXIST::FUNCTION:ECDSA
-X509_VERIFY_PARAM_add0_table 3643 EXIST::FUNCTION:
-EVP_sha256 3644 EXIST::FUNCTION:SHA,SHA256
-ECDSA_size 3645 EXIST::FUNCTION:ECDSA
-d2i_EC_PUBKEY_bio 3646 EXIST::FUNCTION:BIO,EC
-BN_get0_nist_prime_521 3647 EXIST::FUNCTION:
-STORE_ATTR_INFO_modify_sha1str 3648 EXIST::FUNCTION:
-BN_generate_prime_ex 3649 EXIST::FUNCTION:
-SHA256_Final 3650 EXIST::FUNCTION:SHA,SHA256
-DH_generate_parameters_ex 3651 EXIST::FUNCTION:DH
-PEM_read_bio_ECPrivateKey 3652 EXIST::FUNCTION:EC
-STORE_method_get_cleanup_function 3653 EXIST:!VMS:FUNCTION:
-STORE_meth_get_cleanup_fn 3653 EXIST:VMS:FUNCTION:
-ENGINE_get_ECDH 3654 EXIST::FUNCTION:ENGINE
-d2i_ECDSA_SIG 3655 EXIST::FUNCTION:ECDSA
-BN_is_prime_fasttest_ex 3656 EXIST::FUNCTION:
-ECDSA_sign 3657 EXIST::FUNCTION:ECDSA
-X509_policy_check 3658 EXIST::FUNCTION:
-STORE_set_ex_data 3659 EXIST::FUNCTION:
-ENGINE_get_ECDSA 3660 EXIST::FUNCTION:ENGINE
-EVP_ecdsa 3661 EXIST::FUNCTION:SHA
-PKCS12_add_cert 3662 EXIST::FUNCTION:
-STORE_OBJECT_new 3663 EXIST::FUNCTION:
-ERR_load_ECDH_strings 3664 EXIST::FUNCTION:ECDH
-EC_KEY_dup 3665 EXIST::FUNCTION:EC
-EVP_CIPHER_CTX_rand_key 3666 EXIST::FUNCTION:
-ECDSA_set_method 3667 EXIST::FUNCTION:ECDSA
-a2i_IPADDRESS_NC 3668 EXIST::FUNCTION:
-d2i_ECParameters 3669 EXIST::FUNCTION:EC
-STORE_list_certificate_end 3670 EXIST::FUNCTION:
-STORE_get_crl 3671 EXIST::FUNCTION:
-X509_POLICY_NODE_print 3672 EXIST::FUNCTION:
-SHA384_Init 3673 EXIST::FUNCTION:SHA,SHA512
-EC_GF2m_simple_method 3674 EXIST::FUNCTION:EC
-ECDSA_set_ex_data 3675 EXIST::FUNCTION:ECDSA
-SHA384_Final 3676 EXIST::FUNCTION:SHA,SHA512
-PKCS7_set_digest 3677 EXIST::FUNCTION:
-EC_KEY_print 3678 EXIST::FUNCTION:BIO,EC
-STORE_method_set_lock_store_function 3679 EXIST:!VMS:FUNCTION:
-STORE_meth_set_lock_store_fn 3679 EXIST:VMS:FUNCTION:
-ECDSA_get_ex_new_index 3680 EXIST::FUNCTION:ECDSA
-SHA384 3681 EXIST::FUNCTION:SHA,SHA512
-POLICY_MAPPING_new 3682 EXIST::FUNCTION:
-STORE_list_certificate_endp 3683 EXIST::FUNCTION:
-X509_STORE_CTX_get0_policy_tree 3684 EXIST::FUNCTION:
-EC_GROUP_set_asn1_flag 3685 EXIST::FUNCTION:EC
-EC_KEY_check_key 3686 EXIST::FUNCTION:EC
-d2i_EC_PUBKEY_fp 3687 EXIST::FUNCTION:EC,FP_API
-PKCS7_set0_type_other 3688 EXIST::FUNCTION:
-ecdh_check 3689 EXIST::FUNCTION:ECDH
-ECDSA_DATA_new_method 3690 EXIST::FUNCTION:ECDSA
-PEM_read_bio_X509_CERT_PAIR 3691 EXIST::FUNCTION:
-STORE_method_get_list_end_function 3692 EXIST:!VMS:FUNCTION:
-STORE_meth_get_list_end_fn 3692 EXIST:VMS:FUNCTION:
-X509_VERIFY_PARAM_set_time 3693 EXIST::FUNCTION:
-ENGINE_set_default_ECDH 3694 EXIST::FUNCTION:ENGINE
-STORE_new_method 3695 EXIST::FUNCTION:
-PKCS12_add_key 3696 EXIST::FUNCTION:
-DSO_merge 3697 EXIST::FUNCTION:
-EC_POINT_hex2point 3698 EXIST::FUNCTION:EC
-BIO_dump_cb 3699 EXIST::FUNCTION:
-SHA256_Update 3700 EXIST::FUNCTION:SHA,SHA256
-BN_GF2m_mod_inv_arr 3701 EXIST::FUNCTION:
-ENGINE_unregister_ECDSA 3702 EXIST::FUNCTION:ENGINE
+ERR_set_mark 3248 EXIST::FUNCTION:
+ENGINE_set_STORE 3249 EXIST::FUNCTION:ENGINE
+ENGINE_register_ECDSA 3250 EXIST::FUNCTION:ENGINE
+STORE_method_set_list_start_function 3251 EXIST:!VMS:FUNCTION:
+STORE_meth_set_list_start_fn 3251 EXIST:VMS:FUNCTION:
+NAME_CONSTRAINTS_free 3252 EXIST::FUNCTION:
+STORE_ATTR_INFO_set_number 3253 EXIST::FUNCTION:
+POLICY_MAPPING_it 3254 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+POLICY_MAPPING_it 3254 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+STORE_parse_attrs_start 3255 EXIST::FUNCTION:
+POLICY_CONSTRAINTS_free 3256 EXIST::FUNCTION:
+BN_nist_mod_192 3257 EXIST::FUNCTION:
+EC_GROUP_get_trinomial_basis 3258 EXIST::FUNCTION:EC
+STORE_set_method 3259 EXIST::FUNCTION:
+GENERAL_SUBTREE_free 3260 EXIST::FUNCTION:
+NAME_CONSTRAINTS_it 3261 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+NAME_CONSTRAINTS_it 3261 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ECDH_get_default_method 3262 EXIST::FUNCTION:ECDH
+PKCS12_add_safe 3263 EXIST::FUNCTION:
+STORE_method_get_update_store_function 3264 EXIST:!VMS:FUNCTION:
+STORE_meth_get_update_store_fn 3264 EXIST:VMS:FUNCTION:
+ENGINE_register_ECDH 3265 EXIST::FUNCTION:ENGINE
+i2d_ECPrivateKey 3266 EXIST::FUNCTION:EC
+BN_get0_nist_prime_192 3267 EXIST::FUNCTION:
+STORE_modify_certificate 3268 EXIST::FUNCTION:
+EC_POINT_set_affine_coordinates_GF2m 3269 EXIST:!VMS:FUNCTION:EC
+EC_POINT_set_affine_coords_GF2m 3269 EXIST:VMS:FUNCTION:EC
+BN_GF2m_mod_exp_arr 3270 EXIST::FUNCTION:
+STORE_ATTR_INFO_modify_number 3271 EXIST::FUNCTION:
+X509_keyid_get0 3272 EXIST::FUNCTION:
+EC_GROUP_new_by_nid 3273 EXIST::FUNCTION:EC
+ENGINE_load_gmp 3274 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+BN_GF2m_mod_mul_arr 3275 EXIST::FUNCTION:
+STORE_list_public_key_endp 3276 EXIST::FUNCTION:
+o2i_ECPublicKey 3277 EXIST::FUNCTION:EC
+EC_KEY_copy 3278 EXIST::FUNCTION:EC
+EC_GROUP_check_discriminant 3279 EXIST::FUNCTION:EC
+i2o_ECPublicKey 3280 EXIST::FUNCTION:EC
+a2i_IPADDRESS 3281 EXIST::FUNCTION:
+STORE_method_set_initialise_function 3282 EXIST:!VMS:FUNCTION:
+STORE_meth_set_initialise_fn 3282 EXIST:VMS:FUNCTION:
+EC_POINT_point2bn 3283 EXIST::FUNCTION:EC
+STORE_ATTR_INFO_set_dn 3284 EXIST::FUNCTION:
+EC_GROUP_new_curve_GF2m 3285 EXIST::FUNCTION:EC
+STORE_destroy_method 3286 EXIST::FUNCTION:
+ENGINE_unregister_STORE 3287 EXIST::FUNCTION:ENGINE
+EVP_PKEY_get1_EC_KEY 3288 EXIST::FUNCTION:EC
+STORE_ATTR_INFO_get0_number 3289 EXIST::FUNCTION:
+ENGINE_get_default_ECDH 3290 EXIST::FUNCTION:ENGINE
+ASN1_OCTET_STRING_NDEF_it 3291 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_OCTET_STRING_NDEF_it 3291 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+STORE_delete_public_key 3292 EXIST::FUNCTION:
+STORE_get_public_key 3293 EXIST::FUNCTION:
+STORE_modify_arbitrary 3294 EXIST::FUNCTION:
+ENGINE_get_static_state 3295 EXIST::FUNCTION:ENGINE
+ECDSA_SIG_new 3296 EXIST::FUNCTION:ECDSA
+BN_GF2m_mod_sqr 3297 EXIST::FUNCTION:
+EC_POINT_bn2point 3298 EXIST::FUNCTION:EC
+STORE_get_method 3299 EXIST::FUNCTION:
+STORE_parse_attrs_end 3300 EXIST::FUNCTION:
+EC_GROUP_get_point_conversion_form 3301 EXIST:!VMS:FUNCTION:EC
+EC_GROUP_get_point_conv_form 3301 EXIST:VMS:FUNCTION:EC
+STORE_method_set_store_function 3302 EXIST::FUNCTION:
+STORE_ATTR_INFO_in 3303 EXIST::FUNCTION:
+PEM_read_bio_ECPKParameters 3304 EXIST::FUNCTION:EC
+EC_GROUP_get_pentanomial_basis 3305 EXIST::FUNCTION:EC
+EC_GROUP_get_nid 3306 EXIST::FUNCTION:EC
+STORE_get_number 3307 EXIST::FUNCTION:
+ECDSA_sign_setup 3308 EXIST::FUNCTION:ECDSA
+BN_GF2m_mod_solve_quad_arr 3309 EXIST::FUNCTION:
+EC_KEY_up_ref 3310 EXIST::FUNCTION:EC
+POLICY_MAPPING_free 3311 EXIST::FUNCTION:
+BN_GF2m_mod_div 3312 EXIST::FUNCTION:
+EC_KEY_free 3313 EXIST::FUNCTION:EC
+STORE_method_set_list_next_function 3314 EXIST:!VMS:FUNCTION:
+STORE_meth_set_list_next_fn 3314 EXIST:VMS:FUNCTION:
+PEM_write_bio_ECPrivateKey 3315 EXIST::FUNCTION:EC
+d2i_EC_PUBKEY 3316 EXIST::FUNCTION:EC
+STORE_method_get_generate_function 3317 EXIST:!VMS:FUNCTION:
+STORE_meth_get_generate_fn 3317 EXIST:VMS:FUNCTION:
+STORE_method_set_list_end_function 3318 EXIST:!VMS:FUNCTION:
+STORE_meth_set_list_end_fn 3318 EXIST:VMS:FUNCTION:
+EC_GROUP_have_precompute_mult 3319 EXIST::FUNCTION:EC
+EC_KEY_print_fp 3320 EXIST::FUNCTION:EC,FP_API
+BN_GF2m_mod_arr 3321 EXIST::FUNCTION:
+PEM_write_bio_X509_CERT_PAIR 3322 EXIST::FUNCTION:
+EVP_PKEY_cmp 3323 EXIST::FUNCTION:
+STORE_new_engine 3324 EXIST::FUNCTION:
+STORE_list_public_key_start 3325 EXIST::FUNCTION:
+ECDH_get_ex_data 3326 EXIST::FUNCTION:ECDH
+ECDSA_do_sign 3327 EXIST::FUNCTION:ECDSA
+ENGINE_unregister_ECDH 3328 EXIST::FUNCTION:ENGINE
+ECDH_OpenSSL 3329 EXIST::FUNCTION:ECDH
+EC_POINT_dup 3330 EXIST::FUNCTION:EC
+GENERAL_SUBTREE_new 3331 EXIST::FUNCTION:
+STORE_list_crl_endp 3332 EXIST::FUNCTION:
+EC_get_builtin_curves 3333 EXIST::FUNCTION:EC
+STORE_list_crl_end 3334 EXIST::FUNCTION:
+EVP_PKEY_set1_EC_KEY 3335 EXIST::FUNCTION:EC
+BN_GF2m_mod_sqrt_arr 3336 EXIST::FUNCTION:
+i2d_ECPrivateKey_bio 3337 EXIST::FUNCTION:BIO,EC
+ECPKParameters_print_fp 3338 EXIST::FUNCTION:EC,FP_API
+ECDSA_SIG_free 3339 EXIST::FUNCTION:ECDSA
+PEM_write_bio_ECPKParameters 3340 EXIST::FUNCTION:EC
+STORE_method_set_ctrl_function 3341 EXIST::FUNCTION:
+STORE_list_public_key_end 3342 EXIST::FUNCTION:
+EC_GROUP_set_nid 3343 EXIST::FUNCTION:EC
+STORE_get_arbitrary 3344 EXIST::FUNCTION:
+STORE_store_crl 3345 EXIST::FUNCTION:
+PKCS12_add_safes 3346 EXIST::FUNCTION:
+BN_GF2m_poly2arr 3347 EXIST::FUNCTION:
+STORE_ctrl 3348 EXIST::FUNCTION:
+STORE_ATTR_INFO_compare 3349 EXIST::FUNCTION:
+BN_get0_nist_prime_224 3350 EXIST::FUNCTION:
+i2d_ECParameters 3351 EXIST::FUNCTION:EC
+i2d_ECPKParameters 3352 EXIST::FUNCTION:EC
+BN_GENCB_call 3353 EXIST::FUNCTION:
+BN_ncopy 3354 EXIST::FUNCTION:
+d2i_ECPKParameters 3355 EXIST::FUNCTION:EC
+STORE_method_set_generate_function 3356 EXIST:!VMS:FUNCTION:
+STORE_meth_set_generate_fn 3356 EXIST:VMS:FUNCTION:
+ENGINE_set_ECDH 3357 EXIST::FUNCTION:ENGINE
+NAME_CONSTRAINTS_new 3358 EXIST::FUNCTION:
+PEM_write_bio_EC_PUBKEY 3359 EXIST::FUNCTION:EC
+STORE_ATTR_INFO_set_cstr 3360 EXIST::FUNCTION:
+STORE_list_crl_next 3361 EXIST::FUNCTION:
+STORE_ATTR_INFO_in_range 3362 EXIST::FUNCTION:
+ECParameters_print 3363 EXIST::FUNCTION:BIO,EC
+STORE_method_set_delete_function 3364 EXIST:!VMS:FUNCTION:
+STORE_meth_set_delete_fn 3364 EXIST:VMS:FUNCTION:
+STORE_list_certificate_next 3365 EXIST::FUNCTION:
+ASN1_generate_nconf 3366 EXIST::FUNCTION:
+BUF_memdup 3367 EXIST::FUNCTION:
+BN_GF2m_mod_mul 3368 EXIST::FUNCTION:
+STORE_method_get_list_next_function 3369 EXIST:!VMS:FUNCTION:
+STORE_meth_get_list_next_fn 3369 EXIST:VMS:FUNCTION:
+STORE_ATTR_INFO_get0_dn 3370 EXIST::FUNCTION:
+STORE_list_private_key_next 3371 EXIST::FUNCTION:
+EC_GROUP_set_seed 3372 EXIST::FUNCTION:EC
+STORE_ATTR_INFO_free 3373 EXIST::FUNCTION:
+STORE_get_private_key 3374 EXIST::FUNCTION:
+STORE_ATTR_INFO_new 3375 EXIST::FUNCTION:
+EC_GROUP_get_curve_GF2m 3376 EXIST::FUNCTION:EC
+STORE_method_set_revoke_function 3377 EXIST:!VMS:FUNCTION:
+STORE_meth_set_revoke_fn 3377 EXIST:VMS:FUNCTION:
+STORE_store_number 3378 EXIST::FUNCTION:
+BN_is_prime_ex 3379 EXIST::FUNCTION:
+STORE_revoke_public_key 3380 EXIST::FUNCTION:
+STORE_delete_arbitrary 3381 EXIST::FUNCTION:
+PEM_read_X509_CERT_PAIR 3382 EXIST:!WIN16:FUNCTION:
+ECDSA_get_ex_data 3383 EXIST::FUNCTION:ECDSA
+BUF_strndup 3384 EXIST::FUNCTION:
+STORE_list_certificate_start 3385 EXIST::FUNCTION:
+BN_GF2m_mod 3386 EXIST::FUNCTION:
+X509_REQ_check_private_key 3387 EXIST::FUNCTION:
+EC_GROUP_get_seed_len 3388 EXIST::FUNCTION:EC
+ERR_load_STORE_strings 3389 EXIST::FUNCTION:
+PEM_read_bio_EC_PUBKEY 3390 EXIST::FUNCTION:EC
+STORE_list_private_key_end 3391 EXIST::FUNCTION:
+i2d_EC_PUBKEY 3392 EXIST::FUNCTION:EC
+ECDSA_get_default_method 3393 EXIST::FUNCTION:ECDSA
+ASN1_put_eoc 3394 EXIST::FUNCTION:
+ECDSA_DATA_free 3395 EXIST::FUNCTION:ECDSA
+STORE_modify_private_key 3396 EXIST::FUNCTION:
+EC_METHOD_get_field_type 3397 EXIST::FUNCTION:EC
+EC_GFp_nist_method 3398 EXIST::FUNCTION:EC
+STORE_method_set_modify_function 3399 EXIST:!VMS:FUNCTION:
+STORE_meth_set_modify_fn 3399 EXIST:VMS:FUNCTION:
+STORE_parse_attrs_next 3400 EXIST::FUNCTION:
+X509_CERT_PAIR_it 3401 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_CERT_PAIR_it 3401 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+STORE_method_get_revoke_function 3402 EXIST:!VMS:FUNCTION:
+STORE_meth_get_revoke_fn 3402 EXIST:VMS:FUNCTION:
+STORE_method_set_get_function 3403 EXIST::FUNCTION:
+STORE_modify_number 3404 EXIST::FUNCTION:
+STORE_method_get_store_function 3405 EXIST::FUNCTION:
+STORE_store_private_key 3406 EXIST::FUNCTION:
+BN_GF2m_mod_sqr_arr 3407 EXIST::FUNCTION:
+STORE_Memory 3408 EXIST::FUNCTION:
+sk_find_ex 3409 EXIST::FUNCTION:
+EC_GROUP_set_curve_GF2m 3410 EXIST::FUNCTION:EC
+ENGINE_set_default_ECDSA 3411 EXIST::FUNCTION:ENGINE
+POLICY_CONSTRAINTS_new 3412 EXIST::FUNCTION:
+BN_GF2m_mod_sqrt 3413 EXIST::FUNCTION:
+ECDH_set_default_method 3414 EXIST::FUNCTION:ECDH
+EC_KEY_generate_key 3415 EXIST::FUNCTION:EC
+BN_GF2m_arr2poly 3416 EXIST::FUNCTION:
+STORE_method_get_get_function 3417 EXIST::FUNCTION:
+STORE_method_set_cleanup_function 3418 EXIST:!VMS:FUNCTION:
+STORE_meth_set_cleanup_fn 3418 EXIST:VMS:FUNCTION:
+EC_GROUP_check 3419 EXIST::FUNCTION:EC
+d2i_ECPrivateKey_bio 3420 EXIST::FUNCTION:BIO,EC
+STORE_method_get_lock_store_function 3421 EXIST:!VMS:FUNCTION:
+STORE_meth_get_lock_store_fn 3421 EXIST:VMS:FUNCTION:
+STORE_method_set_update_store_function 3422 EXIST:!VMS:FUNCTION:
+STORE_meth_set_update_store_fn 3422 EXIST:VMS:FUNCTION:
+d2i_ECPrivateKey 3423 EXIST::FUNCTION:EC
+ASN1_item_ndef_i2d 3424 EXIST::FUNCTION:
+STORE_delete_private_key 3425 EXIST::FUNCTION:
+ERR_pop_to_mark 3426 EXIST::FUNCTION:
+ENGINE_register_all_STORE 3427 EXIST::FUNCTION:ENGINE
+i2d_PKCS7_NDEF 3428 EXIST::FUNCTION:
+EC_GROUP_get_degree 3429 EXIST::FUNCTION:EC
+ASN1_generate_v3 3430 EXIST::FUNCTION:
+STORE_ATTR_INFO_modify_cstr 3431 EXIST::FUNCTION:
+BN_GF2m_add 3432 EXIST::FUNCTION:
+STORE_generate_crl 3433 EXIST::FUNCTION:
+STORE_store_public_key 3434 EXIST::FUNCTION:
+X509_CERT_PAIR_free 3435 EXIST::FUNCTION:
+STORE_revoke_private_key 3436 EXIST::FUNCTION:
+BN_nist_mod_224 3437 EXIST::FUNCTION:
+STORE_ATTR_INFO_modify_dn 3438 EXIST::FUNCTION:
+STORE_method_get_initialise_function 3439 EXIST:!VMS:FUNCTION:
+STORE_meth_get_initialise_fn 3439 EXIST:VMS:FUNCTION:
+STORE_delete_number 3440 EXIST::FUNCTION:
+i2d_EC_PUBKEY_bio 3441 EXIST::FUNCTION:BIO,EC
+EC_GROUP_get_asn1_flag 3442 EXIST::FUNCTION:EC
+STORE_ATTR_INFO_in_ex 3443 EXIST::FUNCTION:
+STORE_list_crl_start 3444 EXIST::FUNCTION:
+ECDH_get_ex_new_index 3445 EXIST::FUNCTION:ECDH
+STORE_method_get_modify_function 3446 EXIST:!VMS:FUNCTION:
+STORE_meth_get_modify_fn 3446 EXIST:VMS:FUNCTION:
+STORE_store_certificate 3447 EXIST::FUNCTION:
+OBJ_bsearch_ex 3448 EXIST::FUNCTION:
+STORE_ATTR_INFO_set_sha1str 3449 EXIST::FUNCTION:
+BN_GF2m_mod_inv 3450 EXIST::FUNCTION:
+BN_GF2m_mod_exp 3451 EXIST::FUNCTION:
+STORE_modify_public_key 3452 EXIST::FUNCTION:
+STORE_method_get_list_start_function 3453 EXIST:!VMS:FUNCTION:
+STORE_meth_get_list_start_fn 3453 EXIST:VMS:FUNCTION:
+EC_GROUP_get0_seed 3454 EXIST::FUNCTION:EC
+ecdsa_check 3455 EXIST::FUNCTION:ECDSA
+STORE_store_arbitrary 3456 EXIST::FUNCTION:
+STORE_method_set_unlock_store_function 3457 EXIST:!VMS:FUNCTION:
+STORE_meth_set_unlock_store_fn 3457 EXIST:VMS:FUNCTION:
+BN_GF2m_mod_div_arr 3458 EXIST::FUNCTION:
+ENGINE_set_ECDSA 3459 EXIST::FUNCTION:ENGINE
+STORE_create_method 3460 EXIST::FUNCTION:
+ECPKParameters_print 3461 EXIST::FUNCTION:BIO,EC
+PEM_write_EC_PUBKEY 3462 EXIST:!WIN16:FUNCTION:EC
+ECDH_set_method 3463 EXIST::FUNCTION:ECDH
+v2i_GENERAL_NAME_ex 3464 EXIST::FUNCTION:
+ECDH_set_ex_data 3465 EXIST::FUNCTION:ECDH
+STORE_generate_key 3466 EXIST::FUNCTION:
+BN_nist_mod_521 3467 EXIST::FUNCTION:
+EC_GROUP_set_point_conversion_form 3468 EXIST:!VMS:FUNCTION:EC
+EC_GROUP_set_point_conv_form 3468 EXIST:VMS:FUNCTION:EC
+PEM_read_EC_PUBKEY 3469 EXIST:!WIN16:FUNCTION:EC
+i2d_ECDSA_SIG 3470 EXIST::FUNCTION:ECDSA
+ECDSA_OpenSSL 3471 EXIST::FUNCTION:ECDSA
+STORE_delete_crl 3472 EXIST::FUNCTION:
+ECDSA_set_default_method 3473 EXIST::FUNCTION:ECDSA
+EC_POINT_set_compressed_coordinates_GF2m 3474 EXIST:!VMS:FUNCTION:EC
+EC_POINT_set_compr_coords_GF2m 3474 EXIST:VMS:FUNCTION:EC
+EC_GROUP_cmp 3475 EXIST::FUNCTION:EC
+STORE_revoke_certificate 3476 EXIST::FUNCTION:
+ECDH_DATA_new_method 3477 EXIST::FUNCTION:ECDH
+BN_get0_nist_prime_256 3478 EXIST::FUNCTION:
+STORE_method_get_delete_function 3479 EXIST:!VMS:FUNCTION:
+STORE_meth_get_delete_fn 3479 EXIST:VMS:FUNCTION:
+PEM_read_ECPrivateKey 3480 EXIST:!WIN16:FUNCTION:EC
+STORE_parse_attrs_endp 3481 EXIST::FUNCTION:
+ERR_load_ECDSA_strings 3482 EXIST::FUNCTION:ECDSA
+EC_GROUP_get_basis_type 3483 EXIST::FUNCTION:EC
+ECDH_DATA_new 3484 EXIST::FUNCTION:ECDH
+STORE_list_public_key_next 3485 EXIST::FUNCTION:
+STORE_OBJECT_free 3486 EXIST::FUNCTION:
+BN_nist_mod_384 3487 EXIST::FUNCTION:
+i2d_X509_CERT_PAIR 3488 EXIST::FUNCTION:
+PEM_write_ECPKParameters 3489 EXIST:!WIN16:FUNCTION:EC
+ECDH_compute_key 3490 EXIST::FUNCTION:ECDH
+STORE_ATTR_INFO_get0_sha1str 3491 EXIST::FUNCTION:
+ENGINE_register_all_ECDH 3492 EXIST::FUNCTION:ENGINE
+STORE_ATTR_INFO_get0_cstr 3493 EXIST::FUNCTION:
+POLICY_CONSTRAINTS_it 3494 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+POLICY_CONSTRAINTS_it 3494 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+STORE_get_ex_new_index 3495 EXIST::FUNCTION:
+BN_GF2m_mod_solve_quad 3496 EXIST::FUNCTION:
+i2d_ECPrivateKey_fp 3497 EXIST::FUNCTION:EC,FP_API
+ENGINE_register_all_ECDSA 3498 EXIST::FUNCTION:ENGINE
+EC_POINT_get_affine_coordinates_GF2m 3499 EXIST:!VMS:FUNCTION:EC
+EC_POINT_get_affine_coords_GF2m 3499 EXIST:VMS:FUNCTION:EC
+EC_GROUP_dup 3500 EXIST::FUNCTION:EC
+ENGINE_get_default_ECDSA 3501 EXIST::FUNCTION:ENGINE
+EC_KEY_new 3502 EXIST::FUNCTION:EC
+ECDSA_verify 3503 EXIST::FUNCTION:ECDSA
+EC_POINT_point2hex 3504 EXIST::FUNCTION:EC
+ENGINE_get_STORE 3505 EXIST::FUNCTION:ENGINE
+STORE_get_certificate 3506 EXIST::FUNCTION:
+ECDSA_do_verify 3507 EXIST::FUNCTION:ECDSA
+d2i_ECPrivateKey_fp 3508 EXIST::FUNCTION:EC,FP_API
+STORE_delete_certificate 3509 EXIST::FUNCTION:
+STORE_method_get_ctrl_function 3510 EXIST::FUNCTION:
+STORE_free 3511 EXIST::FUNCTION:
+PEM_write_ECPrivateKey 3512 EXIST:!WIN16:FUNCTION:EC
+STORE_method_get_unlock_store_function 3513 EXIST:!VMS:FUNCTION:
+STORE_meth_get_unlock_store_fn 3513 EXIST:VMS:FUNCTION:
+STORE_get_ex_data 3514 EXIST::FUNCTION:
+PEM_read_ECPKParameters 3515 EXIST:!WIN16:FUNCTION:EC
+X509_CERT_PAIR_new 3516 EXIST::FUNCTION:
+ENGINE_register_STORE 3517 EXIST::FUNCTION:ENGINE
+RSA_generate_key_ex 3518 EXIST::FUNCTION:RSA
+DSA_generate_parameters_ex 3519 EXIST::FUNCTION:DSA
+ECParameters_print_fp 3520 EXIST::FUNCTION:EC,FP_API
+X509V3_NAME_from_section 3521 EXIST::FUNCTION:
+STORE_modify_crl 3522 EXIST::FUNCTION:
+STORE_list_private_key_start 3523 EXIST::FUNCTION:
+POLICY_MAPPINGS_it 3524 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+POLICY_MAPPINGS_it 3524 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+GENERAL_SUBTREE_it 3525 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+GENERAL_SUBTREE_it 3525 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ECDH_DATA_free 3526 EXIST::FUNCTION:ECDH
+PEM_write_X509_CERT_PAIR 3527 EXIST:!WIN16:FUNCTION:
+d2i_X509_CERT_PAIR 3528 EXIST::FUNCTION:
+STORE_list_private_key_endp 3529 EXIST::FUNCTION:
+i2d_EC_PUBKEY_fp 3530 EXIST::FUNCTION:EC,FP_API
+BN_nist_mod_256 3531 EXIST::FUNCTION:
+ECDSA_DATA_new 3532 EXIST::FUNCTION:ECDSA
+ECDSA_size 3533 EXIST::FUNCTION:ECDSA
+d2i_EC_PUBKEY_bio 3534 EXIST::FUNCTION:BIO,EC
+BN_get0_nist_prime_521 3535 EXIST::FUNCTION:
+STORE_ATTR_INFO_modify_sha1str 3536 EXIST::FUNCTION:
+BN_generate_prime_ex 3537 EXIST::FUNCTION:
+DH_generate_parameters_ex 3538 EXIST::FUNCTION:DH
+PEM_read_bio_ECPrivateKey 3539 EXIST::FUNCTION:EC
+STORE_method_get_cleanup_function 3540 EXIST:!VMS:FUNCTION:
+STORE_meth_get_cleanup_fn 3540 EXIST:VMS:FUNCTION:
+ENGINE_get_ECDH 3541 EXIST::FUNCTION:ENGINE
+d2i_ECDSA_SIG 3542 EXIST::FUNCTION:ECDSA
+BN_is_prime_fasttest_ex 3543 EXIST::FUNCTION:
+ECDSA_sign 3544 EXIST::FUNCTION:ECDSA
+STORE_set_ex_data 3545 EXIST::FUNCTION:
+ENGINE_get_ECDSA 3546 EXIST::FUNCTION:ENGINE
+EVP_ecdsa 3547 EXIST::FUNCTION:SHA
+PKCS12_add_cert 3548 EXIST::FUNCTION:
+STORE_OBJECT_new 3549 EXIST::FUNCTION:
+ERR_load_ECDH_strings 3550 EXIST::FUNCTION:ECDH
+EC_KEY_dup 3551 EXIST::FUNCTION:EC
+ECDSA_set_method 3552 EXIST::FUNCTION:ECDSA
+a2i_IPADDRESS_NC 3553 EXIST::FUNCTION:
+d2i_ECParameters 3554 EXIST::FUNCTION:EC
+STORE_list_certificate_end 3555 EXIST::FUNCTION:
+STORE_get_crl 3556 EXIST::FUNCTION:
+EC_GF2m_simple_method 3557 EXIST::FUNCTION:EC
+ECDSA_set_ex_data 3558 EXIST::FUNCTION:ECDSA
+EC_KEY_print 3559 EXIST::FUNCTION:BIO,EC
+STORE_method_set_lock_store_function 3560 EXIST:!VMS:FUNCTION:
+STORE_meth_set_lock_store_fn 3560 EXIST:VMS:FUNCTION:
+ECDSA_get_ex_new_index 3561 EXIST::FUNCTION:ECDSA
+POLICY_MAPPING_new 3562 EXIST::FUNCTION:
+STORE_list_certificate_endp 3563 EXIST::FUNCTION:
+EC_GROUP_set_asn1_flag 3564 EXIST::FUNCTION:EC
+EC_KEY_check_key 3565 EXIST::FUNCTION:EC
+d2i_EC_PUBKEY_fp 3566 EXIST::FUNCTION:EC,FP_API
+ecdh_check 3567 EXIST::FUNCTION:ECDH
+ECDSA_DATA_new_method 3568 EXIST::FUNCTION:ECDSA
+PEM_read_bio_X509_CERT_PAIR 3569 EXIST::FUNCTION:
+STORE_method_get_list_end_function 3570 EXIST:!VMS:FUNCTION:
+STORE_meth_get_list_end_fn 3570 EXIST:VMS:FUNCTION:
+ENGINE_set_default_ECDH 3571 EXIST::FUNCTION:ENGINE
+STORE_new_method 3572 EXIST::FUNCTION:
+PKCS12_add_key 3573 EXIST::FUNCTION:
+DSO_merge 3574 EXIST::FUNCTION:
+EC_POINT_hex2point 3575 EXIST::FUNCTION:EC
+BN_GF2m_mod_inv_arr 3576 EXIST::FUNCTION:
+ENGINE_unregister_ECDSA 3577 EXIST::FUNCTION:ENGINE
+PKCS7_set_digest 3578 EXIST::FUNCTION:
+PKCS7_set0_type_other 3579 EXIST::FUNCTION:
+EVP_aes_128_cfb8 3580 EXIST::FUNCTION:AES
+EVP_aes_256_cfb128 3581 EXIST::FUNCTION:AES
+EVP_aes_128_cfb1 3582 EXIST::FUNCTION:AES
+EVP_aes_192_cfb8 3583 EXIST::FUNCTION:AES
+EVP_aes_256_cfb8 3584 EXIST::FUNCTION:AES
+DES_ede3_cfb_encrypt 3585 EXIST::FUNCTION:DES
+EVP_aes_128_cfb128 3586 EXIST::FUNCTION:AES
+EVP_des_ede3_cfb8 3587 EXIST::FUNCTION:DES
+EVP_aes_192_cfb128 3588 EXIST::FUNCTION:AES
+EVP_aes_192_cfb1 3589 EXIST::FUNCTION:AES
+EVP_des_cfb8 3590 EXIST::FUNCTION:DES
+EVP_aes_256_cfb1 3591 EXIST::FUNCTION:AES
+EVP_des_cfb1 3592 EXIST::FUNCTION:DES
+EVP_des_ede3_cfb1 3593 EXIST::FUNCTION:DES
+X509_policy_node_get0_parent 3594 EXIST::FUNCTION:
+X509_policy_tree_get0_policies 3595 EXIST::FUNCTION:
+X509_policy_level_node_count 3596 EXIST::FUNCTION:
+X509_policy_node_get0_qualifiers 3597 EXIST:!VMS:FUNCTION:
+X509_pcy_node_get0_qualifiers 3597 EXIST:VMS:FUNCTION:
+X509_policy_node_get0_policy 3598 EXIST::FUNCTION:
+X509_policy_tree_free 3599 EXIST::FUNCTION:
+AES_cfbr_encrypt_block 3600 EXIST::FUNCTION:AES
+AES_cfb8_encrypt 3601 EXIST::FUNCTION:AES
+X509_policy_level_get0_node 3602 EXIST::FUNCTION:
+X509_policy_tree_level_count 3603 EXIST::FUNCTION:
+X509_policy_tree_get0_level 3604 EXIST::FUNCTION:
+ASN1_const_check_infinite_end 3605 EXIST::FUNCTION:
+X509_policy_tree_get0_user_policies 3606 EXIST:!VMS:FUNCTION:
+X509_pcy_tree_get0_usr_policies 3606 EXIST:VMS:FUNCTION:
+X509_POLICY_NODE_print 3607 EXIST::FUNCTION:
+asn1_const_Finish 3608 EXIST::FUNCTION:
+X509_policy_check 3609 EXIST::FUNCTION:
+AES_cfb1_encrypt 3610 EXIST::FUNCTION:AES
+X509_STORE_CTX_set0_crls 3611 EXIST::FUNCTION:
+v2i_ASN1_BIT_STRING 3612 EXIST::FUNCTION:
+i2v_ASN1_BIT_STRING 3613 EXIST::FUNCTION:
+EVP_CIPHER_CTX_rand_key 3614 EXIST::FUNCTION:
+SHA512_Update 3615 EXIST::FUNCTION:SHA,SHA512
+SHA256_Init 3616 EXIST::FUNCTION:SHA,SHA256
+SHA224 3617 EXIST::FUNCTION:SHA,SHA256
+SHA384_Update 3618 EXIST::FUNCTION:SHA,SHA512
+SHA224_Final 3619 EXIST::FUNCTION:SHA,SHA256
+SHA224_Update 3620 EXIST::FUNCTION:SHA,SHA256
+SHA512_Final 3621 EXIST::FUNCTION:SHA,SHA512
+SHA224_Init 3622 EXIST::FUNCTION:SHA,SHA256
+SHA512_Init 3623 EXIST::FUNCTION:SHA,SHA512
+SHA256 3624 EXIST::FUNCTION:SHA,SHA256
+SHA256_Transform 3625 EXIST::FUNCTION:SHA,SHA256
+SHA512 3626 EXIST::FUNCTION:SHA,SHA512
+SHA512_Transform 3627 EXIST::FUNCTION:SHA,SHA512
+SHA256_Final 3628 EXIST::FUNCTION:SHA,SHA256
+SHA384_Init 3629 EXIST::FUNCTION:SHA,SHA512
+SHA384_Final 3630 EXIST::FUNCTION:SHA,SHA512
+SHA384 3631 EXIST::FUNCTION:SHA,SHA512
+SHA256_Update 3632 EXIST::FUNCTION:SHA,SHA256
+EVP_sha384 3633 EXIST::FUNCTION:SHA,SHA512
+EVP_sha512 3634 EXIST::FUNCTION:SHA,SHA512
+EVP_sha224 3635 EXIST::FUNCTION:SHA,SHA256
+EVP_sha256 3636 EXIST::FUNCTION:SHA,SHA256
+OPENSSL_DIR_end 3637 EXIST::FUNCTION:
+OPENSSL_DIR_read 3638 EXIST::FUNCTION:
diff --git a/util/mkdef.pl b/util/mkdef.pl
index 98cd12706c..204a056a48 100755
--- a/util/mkdef.pl
+++ b/util/mkdef.pl
@@ -479,7 +479,7 @@ sub do_defs
push(@tag,$1);
$tag{$1}=-1;
}
- } elsif (/^\#\s*ifdef\s+(\S*)/) {
+ } elsif (/^\#\s*ifdef\s+(.*)/) {
push(@tag,"-");
push(@tag,$1);
$tag{$1}=1;
diff --git a/util/mkerr.pl b/util/mkerr.pl
index 05d0340f6a..1b2915c767 100644
--- a/util/mkerr.pl
+++ b/util/mkerr.pl
@@ -262,7 +262,7 @@ foreach $lib (keys %csrc)
} else {
push @out,
"/* ====================================================================\n",
-" * Copyright (c) 2001-2005 The OpenSSL Project. All rights reserved.\n",
+" * Copyright (c) 2001-2003 The OpenSSL Project. All rights reserved.\n",
" *\n",
" * Redistribution and use in source and binary forms, with or without\n",
" * modification, are permitted provided that the following conditions\n",
@@ -404,7 +404,7 @@ EOF
print OUT <<"EOF";
/* $cfile */
/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
diff --git a/util/mklink.pl b/util/mklink.pl
index c8653cecc3..9386da7aa4 100755
--- a/util/mklink.pl
+++ b/util/mklink.pl
@@ -52,7 +52,6 @@ $symlink_exists=eval {symlink("",""); 1};
foreach $file (@files) {
my $err = "";
if ($symlink_exists) {
- unlink "$from/$file";
symlink("$to/$file", "$from/$file") or $err = " [$!]";
} else {
unlink "$from/$file";
diff --git a/util/mkstack.pl b/util/mkstack.pl
index 2a968f395f..be2cb4f1e7 100755
--- a/util/mkstack.pl
+++ b/util/mkstack.pl
@@ -85,7 +85,6 @@ while(<IN>) {
#define sk_${type_thing}_shift(st) SKM_sk_shift($type_thing, (st))
#define sk_${type_thing}_pop(st) SKM_sk_pop($type_thing, (st))
#define sk_${type_thing}_sort(st) SKM_sk_sort($type_thing, (st))
-#define sk_${type_thing}_is_sorted(st) SKM_sk_is_sorted($type_thing, (st))
EOF
}
foreach $type_thing (sort @asn1setlst) {
diff --git a/util/pl/VC-CE.pl b/util/pl/VC-CE.pl
index 547383720a..3267cd4893 100644
--- a/util/pl/VC-CE.pl
+++ b/util/pl/VC-CE.pl
@@ -22,7 +22,7 @@ $inc_def="inc32";
if ($debug)
{
- $cflags=" /MDd /W3 /WX /Zi /Yd /Od /nologo -DUNICODE -D_UNICODE -DOPENSSL_SYSNAME_WINCE -D_DEBUG -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -DDEBUG -DDSO_WIN32";
+ $cflags=" /MDd /W3 /WX /Zi /Yd /Od /nologo -DOPENSSL_SYSNAME_WINCE -D_DEBUG -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -DDEBUG -DDSO_WIN32";
$lflags.=" /debug";
$mlflags.=' /debug';
}