This commit was manufactured by cvs2svn to create branch 'BRANCH_engine'.

-----BEGIN DH PARAMETERS-----

MIIBCAKCAQEA9kJXtwh/CBdyorrWqULzBej5UxE5T7bxbrlLOCDaAadWoxTpj0BV

89AHxstDqZSt90xkhkn4DIO9ZekX1KHTUPj1WV/cdlJPPT2N286Z4VeSWc39uK50

T8X8dryDxUcwYc58yWb/Ffm7/ZFexwGq01uejaClcjrUGvC/RgBYK+X0iP1YTknb

zSC0neSRBzZrM2w4DUUdD3yIsxx8Wy2O9vPJI8BD8KVbGI2Ou1WMuF040zT9fBdX

Q6MdGGzeMyEstSr/POGxKUAYEY18hKcKctaGxAMZyAcpesqVDNmWn6vQClCbAkbT

CD1mpF1Bn5x8vYlLIhkmuquiXsNV6TILOwIBAg==

-----END DH PARAMETERS-----

These are the 2048 bit DH parameters from "Assigned Number for SKIP Protocols"

(http://www.skip-vpn.org/spec/numbers.html).

See there for how they were generated.

-----BEGIN DH PARAMETERS-----

MIICCAKCAgEA+hRyUsFN4VpJ1O8JLcCo/VWr19k3BCgJ4uk+d+KhehjdRqNDNyOQ

l/MOyQNQfWXPeGKmOmIig6Ev/nm6Nf9Z2B1h3R4hExf+zTiHnvVPeRBhjdQi81rt

Xeoh6TNrSBIKIHfUJWBh3va0TxxjQIs6IZOLeVNRLMqzeylWqMf49HsIXqbcokUS

Vt1BkvLdW48j8PPv5DsKRN3tloTxqDJGo9tKvj1Fuk74A+Xda1kNhB7KFlqMyN98

VETEJ6c7KpfOo30mnK30wqw3S8OtaIR/maYX72tGOno2ehFDkq3pnPtEbD2CScxc

alJC+EL7RPk5c/tgeTvCngvc1KZn92Y//EI7G9tPZtylj2b56sHtMftIoYJ9+ODM

sccD5Piz/rejE3Ome8EOOceUSCYAhXn8b3qvxVI1ddd1pED6FHRhFvLrZxFvBEM9

ERRMp5QqOaHJkM+Dxv8Cj6MqrCbfC4u+ZErxodzuusgDgvZiLF22uxMZbobFWyte

OvOzKGtwcTqO/1wV5gKkzu1ZVswVUQd5Gg8lJicwqRWyyNRczDDoG9jVDxmogKTH

AaqLulO7R8Ifa1SwF2DteSGVtgWEN8gDpN3RBmmPTDngyF2DHb5qmpnznwtFKdTL

KWbuHn491xNO25CQWMtem80uKw+pTnisBRF/454n1Jnhub144YRBoN8CAQI=

-----END DH PARAMETERS-----

These are the 4096 bit DH parameters from "Assigned Number for SKIP Protocols"

(http://www.skip-vpn.org/spec/numbers.html).

See there for how they were generated.

Note that g is not a generator, but this is not a problem since p is a safe prime.

-----BEGIN DH PARAMETERS-----

MEYCQQD1Kv884bEpQBgRjXyEpwpy1obEAxnIByl6ypUM2Zafq9AKUJsCRtMIPWak

XUGfnHy9iUsiGSa6q6Jew1XpKgVfAgEC

-----END DH PARAMETERS-----

These are the 512 bit DH parameters from "Assigned Number for SKIP Protocols"

(http://www.skip-vpn.org/spec/numbers.html).

See there for how they were generated.

Note that g is not a generator, but this is not a problem since p is a safe prime.

/* rsautl.c */

/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL

 * project 2000.

 */

/* ====================================================================

 * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.

 *

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions

 * are met:

 *

 * 1. Redistributions of source code must retain the above copyright

 *    notice, this list of conditions and the following disclaimer. 

 *

 * 2. Redistributions in binary form must reproduce the above copyright

 *    notice, this list of conditions and the following disclaimer in

 *    the documentation and/or other materials provided with the

 *    distribution.

 *

 * 3. All advertising materials mentioning features or use of this

 *    software must display the following acknowledgment:

 *    "This product includes software developed by the OpenSSL Project

 *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"

 *

 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to

 *    endorse or promote products derived from this software without

 *    prior written permission. For written permission, please contact

 *    licensing@OpenSSL.org.

 *

 * 5. Products derived from this software may not be called "OpenSSL"

 *    nor may "OpenSSL" appear in their names without prior written

 *    permission of the OpenSSL Project.

 *

 * 6. Redistributions of any form whatsoever must retain the following

 *    acknowledgment:

 *    "This product includes software developed by the OpenSSL Project

 *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"

 *

 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY

 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR

 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

 * OF THE POSSIBILITY OF SUCH DAMAGE.

 * ====================================================================

 *

 * This product includes cryptographic software written by Eric Young

 * (eay@cryptsoft.com).  This product includes software written by Tim

 * Hudson (tjh@cryptsoft.com).

 *

 */

#include "apps.h"

#include <openssl/err.h>

#include <openssl/pem.h>

#define RSA_SIGN 	1

#define RSA_VERIFY 	2

#define RSA_ENCRYPT 	3

#define RSA_DECRYPT 	4

#define KEY_PRIVKEY	1

#define KEY_PUBKEY	2

#define KEY_CERT	3

static void usage(void);

#undef PROG

#define PROG rsautl_main

int MAIN(int argc, char **);

int MAIN(int argc, char **argv)

{

	BIO *in = NULL, *out = NULL;

	char *infile = NULL, *outfile = NULL;

	char *keyfile = NULL;

	char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY;

	int keyform = FORMAT_PEM;

	char need_priv = 0, badarg = 0, rev = 0;

	char hexdump = 0, asn1parse = 0;

	X509 *x;

	EVP_PKEY *pkey = NULL;

	RSA *rsa = NULL;

	unsigned char *rsa_in = NULL, *rsa_out = NULL, pad;

	int rsa_inlen, rsa_outlen = 0;

	int keysize;

	int ret = 1;

	argc--;

	argv++;

	if(!bio_err) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);

	ERR_load_crypto_strings();

	OpenSSL_add_all_algorithms();

	pad = RSA_PKCS1_PADDING;

	while(argc >= 1)

	{

		if (!strcmp(*argv,"-in")) {

			if (--argc < 1) badarg = 1;

                        infile= *(++argv);

		} else if (!strcmp(*argv,"-out")) {

			if (--argc < 1) badarg = 1;

			outfile= *(++argv);

		} else if(!strcmp(*argv, "-inkey")) {

			if (--argc < 1) badarg = 1;

			keyfile = *(++argv);

		} else if(!strcmp(*argv, "-pubin")) {

			key_type = KEY_PUBKEY;

		} else if(!strcmp(*argv, "-certin")) {

			key_type = KEY_CERT;

		} 

		else if(!strcmp(*argv, "-asn1parse")) asn1parse = 1;

		else if(!strcmp(*argv, "-hexdump")) hexdump = 1;

		else if(!strcmp(*argv, "-raw")) pad = RSA_NO_PADDING;

		else if(!strcmp(*argv, "-oaep")) pad = RSA_PKCS1_OAEP_PADDING;

		else if(!strcmp(*argv, "-ssl")) pad = RSA_SSLV23_PADDING;

		else if(!strcmp(*argv, "-pkcs")) pad = RSA_PKCS1_PADDING;

		else if(!strcmp(*argv, "-sign")) {

			rsa_mode = RSA_SIGN;

			need_priv = 1;

		} else if(!strcmp(*argv, "-verify")) rsa_mode = RSA_VERIFY;

		else if(!strcmp(*argv, "-rev")) rev = 1;

		else if(!strcmp(*argv, "-encrypt")) rsa_mode = RSA_ENCRYPT;

		else if(!strcmp(*argv, "-decrypt")) {

			rsa_mode = RSA_DECRYPT;

			need_priv = 1;

		} else badarg = 1;

		if(badarg) {

			usage();

			goto end;

		}

		argc--;

		argv++;

	}

	if(need_priv && (key_type != KEY_PRIVKEY)) {

		BIO_printf(bio_err, "A private key is needed for this operation\n");

		goto end;

	}

/* FIXME: seed PRNG only if needed */

	app_RAND_load_file(NULL, bio_err, 0);

	switch(key_type) {

		case KEY_PRIVKEY:

		pkey = load_key(bio_err, keyfile, keyform, NULL);

		break;

		case KEY_PUBKEY:

		pkey = load_pubkey(bio_err, keyfile, keyform);

		break;

		case KEY_CERT:

		x = load_cert(bio_err, keyfile, keyform);

		if(x) {

			pkey = X509_get_pubkey(x);

			X509_free(x);

		}

		break;

	}

	if(!pkey) {

		BIO_printf(bio_err, "Error loading key\n");

		return 1;

	}

	rsa = EVP_PKEY_get1_RSA(pkey);

	EVP_PKEY_free(pkey);

	if(!rsa) {

		BIO_printf(bio_err, "Error getting RSA key\n");

		ERR_print_errors(bio_err);

		goto end;

	}

	if(infile) {

		if(!(in = BIO_new_file(infile, "rb"))) {

			BIO_printf(bio_err, "Error Reading Input File\n");

			ERR_print_errors(bio_err);	

			goto end;

		}

	} else in = BIO_new_fp(stdin, BIO_NOCLOSE);

	if(outfile) {

		if(!(out = BIO_new_file(outfile, "wb"))) {

			BIO_printf(bio_err, "Error Reading Output File\n");

			ERR_print_errors(bio_err);	

			goto end;

		}

	} else out = BIO_new_fp(stdout, BIO_NOCLOSE);

	keysize = RSA_size(rsa);

	rsa_in = OPENSSL_malloc(keysize * 2);

	rsa_out = OPENSSL_malloc(keysize);

	/* Read the input data */

	rsa_inlen = BIO_read(in, rsa_in, keysize * 2);

	if(rsa_inlen <= 0) {

		BIO_printf(bio_err, "Error reading input Data\n");

		exit(1);

	}

	if(rev) {

		int i;

		unsigned char ctmp;

		for(i = 0; i < rsa_inlen/2; i++) {

			ctmp = rsa_in[i];

			rsa_in[i] = rsa_in[rsa_inlen - 1 - i];

			rsa_in[rsa_inlen - 1 - i] = ctmp;

		}

	}

	switch(rsa_mode) {

		case RSA_VERIFY:

			rsa_outlen  = RSA_public_decrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);

		break;

		case RSA_SIGN:

			rsa_outlen  = RSA_private_encrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);

		break;

		case RSA_ENCRYPT:

			rsa_outlen  = RSA_public_encrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);

		break;

		case RSA_DECRYPT:

			rsa_outlen  = RSA_private_decrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);

		break;

	}

	if(rsa_outlen <= 0) {

		BIO_printf(bio_err, "RSA operation error\n");

		ERR_print_errors(bio_err);

		goto end;

	}

	ret = 0;

	if(asn1parse) {

		if(!ASN1_parse_dump(out, rsa_out, rsa_outlen, 1, -1)) {

			ERR_print_errors(bio_err);

		}

	} else if(hexdump) BIO_dump(out, (char *)rsa_out, rsa_outlen);

	else BIO_write(out, rsa_out, rsa_outlen);

	end:

	RSA_free(rsa);

	BIO_free(in);

	BIO_free(out);

	if(rsa_in) OPENSSL_free(rsa_in);

	if(rsa_out) OPENSSL_free(rsa_out);

	return ret;

}

static void usage()

{

	BIO_printf(bio_err, "Usage: rsautl [options]\n");

	BIO_printf(bio_err, "-in file        input file\n");

	BIO_printf(bio_err, "-out file       output file\n");

	BIO_printf(bio_err, "-inkey file     input key\n");

	BIO_printf(bio_err, "-pubin          input is an RSA public\n");

	BIO_printf(bio_err, "-certin         input is a certificate carrying an RSA public key\n");

	BIO_printf(bio_err, "-ssl            use SSL v2 padding\n");

	BIO_printf(bio_err, "-raw            use no padding\n");

	BIO_printf(bio_err, "-pkcs           use PKCS#1 v1.5 padding (default)\n");

	BIO_printf(bio_err, "-oaep           use PKCS#1 OAEP\n");

	BIO_printf(bio_err, "-sign           sign with private key\n");

	BIO_printf(bio_err, "-verify         verify with public key\n");

	BIO_printf(bio_err, "-encrypt        encrypt with public key\n");

	BIO_printf(bio_err, "-decrypt        decrypt with private key\n");

	BIO_printf(bio_err, "-hexdump        hex dump output\n");

}

/* crypto/evp/m_md4.c */

/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)

 * All rights reserved.

 *

 * This package is an SSL implementation written

 * by Eric Young (eay@cryptsoft.com).

 * The implementation was written so as to conform with Netscapes SSL.

 * 

 * This library is free for commercial and non-commercial use as long as

 * the following conditions are aheared to.  The following conditions

 * apply to all code found in this distribution, be it the RC4, RSA,

 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation

 * included with this distribution is covered by the same copyright terms

 * except that the holder is Tim Hudson (tjh@cryptsoft.com).

 * 

 * Copyright remains Eric Young's, and as such any Copyright notices in

 * the code are not to be removed.

 * If this package is used in a product, Eric Young should be given attribution

 * as the author of the parts of the library used.

 * This can be in the form of a textual message at program startup or

 * in documentation (online or textual) provided with the package.

 * 

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions

 * are met:

 * 1. Redistributions of source code must retain the copyright

 *    notice, this list of conditions and the following disclaimer.

 * 2. Redistributions in binary form must reproduce the above copyright

 *    notice, this list of conditions and the following disclaimer in the

 *    documentation and/or other materials provided with the distribution.

 * 3. All advertising materials mentioning features or use of this software

 *    must display the following acknowledgement:

 *    "This product includes cryptographic software written by

 *     Eric Young (eay@cryptsoft.com)"

 *    The word 'cryptographic' can be left out if the rouines from the library

 *    being used are not cryptographic related :-).

 * 4. If you include any Windows specific code (or a derivative thereof) from 

 *    the apps directory (application code) you must include an acknowledgement:

 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"

 * 

 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND

 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

 * SUCH DAMAGE.

 * 

 * The licence and distribution terms for any publically available version or

 * derivative of this code cannot be changed.  i.e. this code cannot simply be

 * copied and put under another distribution licence

 * [including the GNU Public Licence.]

 */

#ifndef NO_MD4

#include <stdio.h>

#include "cryptlib.h"

#include <openssl/evp.h>

#include <openssl/objects.h>

#include <openssl/x509.h>

static EVP_MD md4_md=

	{

	NID_md4,

	0,

	MD4_DIGEST_LENGTH,

	MD4_Init,

	MD4_Update,

	MD4_Final,

	EVP_PKEY_RSA_method,

	MD4_CBLOCK,

	sizeof(EVP_MD *)+sizeof(MD4_CTX),

	};

EVP_MD *EVP_md4(void)

	{

	return(&md4_md);

	}

#endif