From c800a070b59d5fdf7f079293010284bdd01bed41 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Wed, 18 May 2005 03:58:34 +0000 Subject: [PATCH 099/929] I just branched 0.9.8, so HEAD needs to be bumped to 0.9.9-dev. The 0.9.8 branch is called OpenSSL_0_9_8-stable. --- crypto/opensslv.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/crypto/opensslv.h b/crypto/opensslv.h index 1dd3280798..dc3a89ad4e 100644 --- a/crypto/opensslv.h +++ b/crypto/opensslv.h @@ -25,11 +25,11 @@ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -#define OPENSSL_VERSION_NUMBER 0x00908000L +#define OPENSSL_VERSION_NUMBER 0x00909000L #ifdef OPENSSL_FIPS -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-fips-dev XX xxx XXXX" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.9-fips-dev XX xxx XXXX" #else -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-dev XX xxx XXXX" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.9-dev XX xxx XXXX" #endif #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT -- GitLab From 28e4fe34e49f2233fa7784ca5b7ba42839892d99 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Wed, 18 May 2005 04:04:12 +0000 Subject: [PATCH 100/929] Version changes where needed. --- CHANGES | 4 ++++ README | 2 +- STATUS | 5 +++-- 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/CHANGES b/CHANGES index d02d20e161..9711d56436 100644 --- a/CHANGES +++ b/CHANGES @@ -2,6 +2,10 @@ OpenSSL CHANGES _______________ + Changes between 0.9.8 and 0.9.9 [xx XXX xxxx] + + *) + Changes between 0.9.7h and 0.9.8 [xx XXX xxxx] *) Add attribute functions to EVP_PKEY structure. Modify diff --git a/README b/README index 89a1478c7e..542b8c0421 100644 --- a/README +++ b/README @@ -1,5 +1,5 @@ - OpenSSL 0.9.8-dev XX xxx XXXX + OpenSSL 0.9.9-dev XX xxx XXXX Copyright (c) 1998-2005 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson diff --git a/STATUS b/STATUS index 0fff68da97..a0c9fa5810 100644 --- a/STATUS +++ b/STATUS @@ -1,10 +1,11 @@ OpenSSL STATUS Last modified at - ______________ $Date: 2005/04/25 21:42:14 $ + ______________ $Date: 2005/05/18 04:04:12 $ DEVELOPMENT STATE - o OpenSSL 0.9.8: Under development... + o OpenSSL 0.9.9: Under development... + o OpenSSL 0.9.8: In beta... o OpenSSL 0.9.7g: Released on April 11th, 2005 o OpenSSL 0.9.7f: Released on March 22nd, 2005 o OpenSSL 0.9.7e: Released on October 25th, 2004 -- GitLab From 4104a57107cb55bc7e99a832875f9fd93168eacc Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Wed, 18 May 2005 04:14:22 +0000 Subject: [PATCH 101/929] OpenSSL 0.9.8 has just entered beta status. Not quite releasing yet, since I need to write a NEWS entry. This means we're in feature freeze. HEAD is now 0.9.9-dev. --- STATUS | 5 +++-- crypto/opensslv.h | 6 +++--- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/STATUS b/STATUS index 0fff68da97..d3273dd9e2 100644 --- a/STATUS +++ b/STATUS @@ -1,10 +1,11 @@ OpenSSL STATUS Last modified at - ______________ $Date: 2005/04/25 21:42:14 $ + ______________ $Date: 2005/05/18 04:14:21 $ DEVELOPMENT STATE - o OpenSSL 0.9.8: Under development... + o OpenSSL 0.9.9: Under development... + o OpenSSL 0.9.8: In beta... o OpenSSL 0.9.7g: Released on April 11th, 2005 o OpenSSL 0.9.7f: Released on March 22nd, 2005 o OpenSSL 0.9.7e: Released on October 25th, 2004 diff --git a/crypto/opensslv.h b/crypto/opensslv.h index 1dd3280798..b18b0c8040 100644 --- a/crypto/opensslv.h +++ b/crypto/opensslv.h @@ -25,11 +25,11 @@ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -#define OPENSSL_VERSION_NUMBER 0x00908000L +#define OPENSSL_VERSION_NUMBER 0x00908001L #ifdef OPENSSL_FIPS -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-fips-dev XX xxx XXXX" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-fips-beta1-dev XX xxx XXXX" #else -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-dev XX xxx XXXX" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-beta1-dev XX xxx XXXX" #endif #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT -- GitLab From 51ff6bde38e51e5822233e59a703b27efd369410 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Wed, 18 May 2005 08:16:46 +0000 Subject: [PATCH 102/929] Engage Applink in mingw. Note that application-side module is not compiled into *our* aplpications. That's because mingw is always consistent with itself. Having library-side code linked into .dll makes it possible to deploy the .dll with user-code compiled with another compiler [which is pretty much the whole point behind Applink]. --- Configure | 3 ++- TABLE | 2 +- crypto/Makefile | 6 ++++++ crypto/bio/bss_file.c | 7 ++++++- crypto/cryptlib.h | 2 +- ms/uplink.pl | 2 +- util/pl/VC-32.pl | 9 ++------- 7 files changed, 19 insertions(+), 12 deletions(-) diff --git a/Configure b/Configure index 7234d01e1c..999ec20309 100755 --- a/Configure +++ b/Configure @@ -472,7 +472,7 @@ my %table=( "BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX EXPORT_VAR_AS_FN:${no_asm}:win32", # MinGW -"mingw", "gcc:-mno-cygwin -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall -D_WIN32_WINNT=0x333:::MINGW32:-lwsock32 -lgdi32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts} EXPORT_VAR_AS_FN:${x86_coff_asm}:win32:cygwin-shared:-D_WINDLL:-mno-cygwin -shared:.dll.a", +"mingw", "gcc:-mno-cygwin -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall -D_WIN32_WINNT=0x333:::MINGW32:-lwsock32 -lgdi32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts} EXPORT_VAR_AS_FN:${x86_coff_asm}:win32:cygwin-shared:-D_WINDLL -DOPENSSL_USE_APPLINK:-mno-cygwin -shared:.dll.a", # UWIN "UWIN", "cc:-DTERMIOS -DL_ENDIAN -O -Wall:::UWIN::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:win32", @@ -1133,6 +1133,7 @@ else $openssl_other_defines.="#define OPENSSL_NO_STATIC_ENGINE\n"; } +$cpuid_obj.=" uplink.o uplink-cof.o" if ($cflags =~ /\-DOPENSSL_USE_APPLINK/); # Compiler fix-ups if ($target =~ /icc$/) { diff --git a/TABLE b/TABLE index 70ccd7e73e..35b06f8d7a 100644 --- a/TABLE +++ b/TABLE @@ -2991,7 +2991,7 @@ $rmd160_obj = rm86-cof.o $rc5_obj = r586-cof.o $dso_scheme = win32 $shared_target= cygwin-shared -$shared_cflag = -D_WINDLL +$shared_cflag = -D_WINDLL -DOPENSSL_USE_APPLINK $shared_ldflag = -mno-cygwin -shared $shared_extension = .dll.a $ranlib = diff --git a/crypto/Makefile b/crypto/Makefile index 9f309e0256..c6c76c26ac 100644 --- a/crypto/Makefile +++ b/crypto/Makefile @@ -67,6 +67,12 @@ x86cpuid-cof.s: x86cpuid.pl perlasm/x86asm.pl x86cpuid-out.s: x86cpuid.pl perlasm/x86asm.pl $(PERL) x86cpuid.pl a.out $(CFLAGS) $(PROCESSOR) > $@ +uplink.o: ../ms/uplink.c + $(CC) $(CFLAGS) -c -o $@ ../ms/uplink.c + +uplink-cof.s: ../ms/uplink.pl + $(PERL) ../ms/uplink.pl coff > $@ + x86_64cpuid.s: x86_64cpuid.pl $(PERL) x86_64cpuid.pl $@ ia64cpuid.s: ia64cpuid.S diff --git a/crypto/bio/bss_file.c b/crypto/bio/bss_file.c index c97ac14651..dd17802f8f 100644 --- a/crypto/bio/bss_file.c +++ b/crypto/bio/bss_file.c @@ -236,12 +236,17 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr) b->shutdown=(int)num&BIO_CLOSE; b->ptr=ptr; b->init=1; -#if BIO_FLAGS_UPLINK!=0 && defined(_IOB_ENTRIES) +#if BIO_FLAGS_UPLINK!=0 +#if defined(__MINGW32__) && defined(__MSVCRT__) && !defined(_IOB_ENTRIES) +#define _IOB_ENTRIES 20 +#endif +#if defined(_IOB_ENTRIES) /* Safety net to catch purely internal BIO_set_fp calls */ if ((size_t)ptr >= (size_t)stdin && (size_t)ptr < (size_t)(stdin+_IOB_ENTRIES)) BIO_clear_flags(b,BIO_FLAGS_UPLINK); #endif +#endif #ifdef UP_fsetmode if (b->flags&BIO_FLAGS_UPLINK) UP_fsetmode(b->ptr,num&BIO_FP_TEXT?'t':'b'); diff --git a/crypto/cryptlib.h b/crypto/cryptlib.h index 9711f42e22..fc249c57f3 100644 --- a/crypto/cryptlib.h +++ b/crypto/cryptlib.h @@ -66,7 +66,7 @@ #ifdef OPENSSL_USE_APPLINK #define BIO_FLAGS_UPLINK 0x8000 -#include "uplink.h" +#include "ms/uplink.h" #endif #include diff --git a/ms/uplink.pl b/ms/uplink.pl index cd9d37f56f..5dacc4f1a1 100755 --- a/ms/uplink.pl +++ b/ms/uplink.pl @@ -44,7 +44,7 @@ print <<___; .align 4 .Lazy$i: pushl \$$i - pushl _OPENSSL_UplinkTable + pushl \$_OPENSSL_UplinkTable call _OPENSSL_Uplink addl \$8,%esp jmp *(_OPENSSL_UplinkTable+4*$i) diff --git a/util/pl/VC-32.pl b/util/pl/VC-32.pl index 6334317cd7..5888dcbfef 100644 --- a/util/pl/VC-32.pl +++ b/util/pl/VC-32.pl @@ -99,23 +99,18 @@ if ($shlib) # Engage Applink... # $app_ex_obj.=" \$(OBJ_D)\\applink.obj /implib:\$(TMP_D)\\junk.lib"; - $cflags.=" -DOPENSSL_USE_APPLINK"; + $cflags.=" -DOPENSSL_USE_APPLINK -I."; # I'm open for better suggestions than overriding $banner... $banner=<<'___'; @echo Building OpenSSL $(OBJ_D)\applink.obj: ms\applink.c $(CC) /Fo$(OBJ_D)\applink.obj $(APP_CFLAGS) -c ms\applink.c -$(OBJ_D)\uplink.obj: ms\uplink.c $(OBJ_D)\applink.c +$(OBJ_D)\uplink.obj: ms\uplink.c ms\applink.c $(CC) /Fo$(OBJ_D)\uplink.obj $(SHLIB_CFLAGS) -c ms\uplink.c -$(INCL_D)\uplink.h: ms\uplink.h - $(CP) ms\uplink.h $(INCL_D)\uplink.h $(INCO_D)\applink.c: ms\applink.c $(CP) ms\applink.c $(INCO_D)\applink.c -$(OBJ_D)\applink.c: ms\applink.c - $(CP) ms\applink.c $(OBJ_D)\applink.c -HEADER=$(HEADER) $(INCL_D)\uplink.h EXHEADER= $(EXHEADER) $(INCO_D)\applink.c LIBS_DEP=$(LIBS_DEP) $(OBJ_D)\applink.obj -- GitLab From 38a17571687d65d4ec10ef201125a8ddee681ec5 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Wed, 18 May 2005 08:17:29 +0000 Subject: [PATCH 103/929] Engage Applink in mingw. [from HEAD] --- Configure | 3 ++- TABLE | 2 +- crypto/Makefile | 6 ++++++ crypto/bio/bss_file.c | 7 ++++++- crypto/cryptlib.h | 2 +- ms/uplink.pl | 2 +- util/pl/VC-32.pl | 9 ++------- 7 files changed, 19 insertions(+), 12 deletions(-) diff --git a/Configure b/Configure index 7234d01e1c..999ec20309 100755 --- a/Configure +++ b/Configure @@ -472,7 +472,7 @@ my %table=( "BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX EXPORT_VAR_AS_FN:${no_asm}:win32", # MinGW -"mingw", "gcc:-mno-cygwin -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall -D_WIN32_WINNT=0x333:::MINGW32:-lwsock32 -lgdi32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts} EXPORT_VAR_AS_FN:${x86_coff_asm}:win32:cygwin-shared:-D_WINDLL:-mno-cygwin -shared:.dll.a", +"mingw", "gcc:-mno-cygwin -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall -D_WIN32_WINNT=0x333:::MINGW32:-lwsock32 -lgdi32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts} EXPORT_VAR_AS_FN:${x86_coff_asm}:win32:cygwin-shared:-D_WINDLL -DOPENSSL_USE_APPLINK:-mno-cygwin -shared:.dll.a", # UWIN "UWIN", "cc:-DTERMIOS -DL_ENDIAN -O -Wall:::UWIN::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:win32", @@ -1133,6 +1133,7 @@ else $openssl_other_defines.="#define OPENSSL_NO_STATIC_ENGINE\n"; } +$cpuid_obj.=" uplink.o uplink-cof.o" if ($cflags =~ /\-DOPENSSL_USE_APPLINK/); # Compiler fix-ups if ($target =~ /icc$/) { diff --git a/TABLE b/TABLE index 70ccd7e73e..35b06f8d7a 100644 --- a/TABLE +++ b/TABLE @@ -2991,7 +2991,7 @@ $rmd160_obj = rm86-cof.o $rc5_obj = r586-cof.o $dso_scheme = win32 $shared_target= cygwin-shared -$shared_cflag = -D_WINDLL +$shared_cflag = -D_WINDLL -DOPENSSL_USE_APPLINK $shared_ldflag = -mno-cygwin -shared $shared_extension = .dll.a $ranlib = diff --git a/crypto/Makefile b/crypto/Makefile index 9f309e0256..c6c76c26ac 100644 --- a/crypto/Makefile +++ b/crypto/Makefile @@ -67,6 +67,12 @@ x86cpuid-cof.s: x86cpuid.pl perlasm/x86asm.pl x86cpuid-out.s: x86cpuid.pl perlasm/x86asm.pl $(PERL) x86cpuid.pl a.out $(CFLAGS) $(PROCESSOR) > $@ +uplink.o: ../ms/uplink.c + $(CC) $(CFLAGS) -c -o $@ ../ms/uplink.c + +uplink-cof.s: ../ms/uplink.pl + $(PERL) ../ms/uplink.pl coff > $@ + x86_64cpuid.s: x86_64cpuid.pl $(PERL) x86_64cpuid.pl $@ ia64cpuid.s: ia64cpuid.S diff --git a/crypto/bio/bss_file.c b/crypto/bio/bss_file.c index c97ac14651..dd17802f8f 100644 --- a/crypto/bio/bss_file.c +++ b/crypto/bio/bss_file.c @@ -236,12 +236,17 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr) b->shutdown=(int)num&BIO_CLOSE; b->ptr=ptr; b->init=1; -#if BIO_FLAGS_UPLINK!=0 && defined(_IOB_ENTRIES) +#if BIO_FLAGS_UPLINK!=0 +#if defined(__MINGW32__) && defined(__MSVCRT__) && !defined(_IOB_ENTRIES) +#define _IOB_ENTRIES 20 +#endif +#if defined(_IOB_ENTRIES) /* Safety net to catch purely internal BIO_set_fp calls */ if ((size_t)ptr >= (size_t)stdin && (size_t)ptr < (size_t)(stdin+_IOB_ENTRIES)) BIO_clear_flags(b,BIO_FLAGS_UPLINK); #endif +#endif #ifdef UP_fsetmode if (b->flags&BIO_FLAGS_UPLINK) UP_fsetmode(b->ptr,num&BIO_FP_TEXT?'t':'b'); diff --git a/crypto/cryptlib.h b/crypto/cryptlib.h index 9711f42e22..fc249c57f3 100644 --- a/crypto/cryptlib.h +++ b/crypto/cryptlib.h @@ -66,7 +66,7 @@ #ifdef OPENSSL_USE_APPLINK #define BIO_FLAGS_UPLINK 0x8000 -#include "uplink.h" +#include "ms/uplink.h" #endif #include diff --git a/ms/uplink.pl b/ms/uplink.pl index cd9d37f56f..5dacc4f1a1 100755 --- a/ms/uplink.pl +++ b/ms/uplink.pl @@ -44,7 +44,7 @@ print <<___; .align 4 .Lazy$i: pushl \$$i - pushl _OPENSSL_UplinkTable + pushl \$_OPENSSL_UplinkTable call _OPENSSL_Uplink addl \$8,%esp jmp *(_OPENSSL_UplinkTable+4*$i) diff --git a/util/pl/VC-32.pl b/util/pl/VC-32.pl index 6334317cd7..5888dcbfef 100644 --- a/util/pl/VC-32.pl +++ b/util/pl/VC-32.pl @@ -99,23 +99,18 @@ if ($shlib) # Engage Applink... # $app_ex_obj.=" \$(OBJ_D)\\applink.obj /implib:\$(TMP_D)\\junk.lib"; - $cflags.=" -DOPENSSL_USE_APPLINK"; + $cflags.=" -DOPENSSL_USE_APPLINK -I."; # I'm open for better suggestions than overriding $banner... $banner=<<'___'; @echo Building OpenSSL $(OBJ_D)\applink.obj: ms\applink.c $(CC) /Fo$(OBJ_D)\applink.obj $(APP_CFLAGS) -c ms\applink.c -$(OBJ_D)\uplink.obj: ms\uplink.c $(OBJ_D)\applink.c +$(OBJ_D)\uplink.obj: ms\uplink.c ms\applink.c $(CC) /Fo$(OBJ_D)\uplink.obj $(SHLIB_CFLAGS) -c ms\uplink.c -$(INCL_D)\uplink.h: ms\uplink.h - $(CP) ms\uplink.h $(INCL_D)\uplink.h $(INCO_D)\applink.c: ms\applink.c $(CP) ms\applink.c $(INCO_D)\applink.c -$(OBJ_D)\applink.c: ms\applink.c - $(CP) ms\applink.c $(OBJ_D)\applink.c -HEADER=$(HEADER) $(INCL_D)\uplink.h EXHEADER= $(EXHEADER) $(INCO_D)\applink.c LIBS_DEP=$(LIBS_DEP) $(OBJ_D)\applink.obj -- GitLab From c50226594d73f02d594a5a469abd11e1c9849588 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Wed, 18 May 2005 08:42:08 +0000 Subject: [PATCH 104/929] Don't emit SSE2 instructions unless were asked to. PR: 1073 --- crypto/x86cpuid.pl | 26 +++++++++++++++----------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/crypto/x86cpuid.pl b/crypto/x86cpuid.pl index 9ad9435ffd..3d5d16bb64 100644 --- a/crypto/x86cpuid.pl +++ b/crypto/x86cpuid.pl @@ -5,6 +5,8 @@ require "x86asm.pl"; &asm_init($ARGV[0],"x86cpuid"); +for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); } + &function_begin("OPENSSL_ia32_cpuid"); &xor ("edx","edx"); &pushf (); @@ -115,17 +117,19 @@ require "x86asm.pl"; &mov ("ecx",&DWP(0,"ecx")); &bt (&DWP(0,"ecx"),1); &jnc (&label("no_x87")); - &bt (&DWP(0,"ecx"),26); - &jnc (&label("no_sse2")); - &pxor ("xmm0","xmm0"); - &pxor ("xmm1","xmm1"); - &pxor ("xmm2","xmm2"); - &pxor ("xmm3","xmm3"); - &pxor ("xmm4","xmm4"); - &pxor ("xmm5","xmm5"); - &pxor ("xmm6","xmm6"); - &pxor ("xmm7","xmm7"); -&set_label("no_sse2"); + if ($sse2) { + &bt (&DWP(0,"ecx"),26); + &jnc (&label("no_sse2")); + &pxor ("xmm0","xmm0"); + &pxor ("xmm1","xmm1"); + &pxor ("xmm2","xmm2"); + &pxor ("xmm3","xmm3"); + &pxor ("xmm4","xmm4"); + &pxor ("xmm5","xmm5"); + &pxor ("xmm6","xmm6"); + &pxor ("xmm7","xmm7"); + &set_label("no_sse2"); + } # just a bunch of fldz to zap the fp/mm bank... &data_word(0xeed9eed9,0xeed9eed9,0xeed9eed9,0xeed9eed9); &emms (); -- GitLab From ca3e683747e4d5dfc7aee56d2fbae78713031489 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Wed, 18 May 2005 08:45:21 +0000 Subject: [PATCH 105/929] Don't emit SSE2 instructions unless were asked to [from HEAD]. PR: 1073 --- crypto/x86cpuid.pl | 26 +++++++++++++++----------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/crypto/x86cpuid.pl b/crypto/x86cpuid.pl index 9ad9435ffd..3d5d16bb64 100644 --- a/crypto/x86cpuid.pl +++ b/crypto/x86cpuid.pl @@ -5,6 +5,8 @@ require "x86asm.pl"; &asm_init($ARGV[0],"x86cpuid"); +for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); } + &function_begin("OPENSSL_ia32_cpuid"); &xor ("edx","edx"); &pushf (); @@ -115,17 +117,19 @@ require "x86asm.pl"; &mov ("ecx",&DWP(0,"ecx")); &bt (&DWP(0,"ecx"),1); &jnc (&label("no_x87")); - &bt (&DWP(0,"ecx"),26); - &jnc (&label("no_sse2")); - &pxor ("xmm0","xmm0"); - &pxor ("xmm1","xmm1"); - &pxor ("xmm2","xmm2"); - &pxor ("xmm3","xmm3"); - &pxor ("xmm4","xmm4"); - &pxor ("xmm5","xmm5"); - &pxor ("xmm6","xmm6"); - &pxor ("xmm7","xmm7"); -&set_label("no_sse2"); + if ($sse2) { + &bt (&DWP(0,"ecx"),26); + &jnc (&label("no_sse2")); + &pxor ("xmm0","xmm0"); + &pxor ("xmm1","xmm1"); + &pxor ("xmm2","xmm2"); + &pxor ("xmm3","xmm3"); + &pxor ("xmm4","xmm4"); + &pxor ("xmm5","xmm5"); + &pxor ("xmm6","xmm6"); + &pxor ("xmm7","xmm7"); + &set_label("no_sse2"); + } # just a bunch of fldz to zap the fp/mm bank... &data_word(0xeed9eed9,0xeed9eed9,0xeed9eed9,0xeed9eed9); &emms (); -- GitLab From 788e67e227106454a2fb708b94b030883a8a10c2 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Wed, 18 May 2005 13:35:54 +0000 Subject: [PATCH 106/929] FAQ update to mention Applink. --- FAQ | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/FAQ b/FAQ index 06faf91a5e..30913a11b3 100644 --- a/FAQ +++ b/FAQ @@ -652,6 +652,17 @@ by: Note that debug and release libraries are NOT interchangeable. If you built OpenSSL with /MD your application must use /MD and cannot use /MDd. +As per 0.9.8 the above limitation is eliminated for .DLLs. OpenSSL +.DLLs compiled with some specific run-time option [we recommend the +default /MD] can be deployed with application compiled with different +option or even different compiler. But there is a catch! Instead of +re-compiling OpenSSL toolkit, as you would have to with prior versions, +you have to compile small C snippet with compiler and/or options of +your choice. The snippet gets installed as +/include/openssl/applink.c and should be either added to +your project or simply #include-d in one [and only one] of your source +files. Failure to do either manifests itself as fatal "no +OPENSSL_Applink" error. * How do I read or write a DER encoded buffer using the ASN1 functions? -- GitLab From 3dc2cc36e9dff2ebac0c0bafbc7fa63acd5df4bd Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Wed, 18 May 2005 13:37:20 +0000 Subject: [PATCH 107/929] FAQ update to mention Applink [from HEAD]. --- FAQ | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/FAQ b/FAQ index 06faf91a5e..30913a11b3 100644 --- a/FAQ +++ b/FAQ @@ -652,6 +652,17 @@ by: Note that debug and release libraries are NOT interchangeable. If you built OpenSSL with /MD your application must use /MD and cannot use /MDd. +As per 0.9.8 the above limitation is eliminated for .DLLs. OpenSSL +.DLLs compiled with some specific run-time option [we recommend the +default /MD] can be deployed with application compiled with different +option or even different compiler. But there is a catch! Instead of +re-compiling OpenSSL toolkit, as you would have to with prior versions, +you have to compile small C snippet with compiler and/or options of +your choice. The snippet gets installed as +/include/openssl/applink.c and should be either added to +your project or simply #include-d in one [and only one] of your source +files. Failure to do either manifests itself as fatal "no +OPENSSL_Applink" error. * How do I read or write a DER encoded buffer using the ASN1 functions? -- GitLab From 9f197f9da5489662cd0d1cbb2afd2b99d5548188 Mon Sep 17 00:00:00 2001 From: Nils Larsch Date: Wed, 18 May 2005 22:29:17 +0000 Subject: [PATCH 108/929] make the type parameter const when ID2_OF_const() is used --- crypto/asn1/asn1.h | 2 +- crypto/pem/pem.h | 30 ++++++++++++++++++++++-------- 2 files changed, 23 insertions(+), 9 deletions(-) diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h index f111e6fba8..dadcae8bd7 100644 --- a/crypto/asn1/asn1.h +++ b/crypto/asn1/asn1.h @@ -932,7 +932,7 @@ int ASN1_i2d_bio(i2d_of_void *i2d,BIO *out, unsigned char *x); #define ASN1_i2d_bio_of(type,i2d,out,x) \ ((int (*)(I2D_OF(type),BIO *,type *))openssl_fcast(ASN1_i2d_bio))(i2d,out,x) #define ASN1_i2d_bio_of_const(type,i2d,out,x) \ - ((int (*)(I2D_OF_const(type),BIO *,type *))openssl_fcast(ASN1_i2d_bio))(i2d,out,x) + ((int (*)(I2D_OF_const(type),BIO *,const type *))openssl_fcast(ASN1_i2d_bio))(i2d,out,x) int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x); int ASN1_UTCTIME_print(BIO *fp,ASN1_UTCTIME *a); int ASN1_GENERALIZEDTIME_print(BIO *fp,ASN1_GENERALIZEDTIME *a); diff --git a/crypto/pem/pem.h b/crypto/pem/pem.h index c65e07c4f5..7db6b423d0 100644 --- a/crypto/pem/pem.h +++ b/crypto/pem/pem.h @@ -230,9 +230,9 @@ return(((int (*)(I2D_OF(type),const char *,FILE *,type *, const EVP_CIPHER *,uns } #define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) \ -int PEM_write_##name(FILE *fp, type *x) \ +int PEM_write_##name(FILE *fp, const type *x) \ { \ -return(((int (*)(I2D_OF_const(type),const char *,FILE *,type *, const EVP_CIPHER *,unsigned char *,int, pem_password_cb *,void *))openssl_fcast(PEM_ASN1_write))(i2d_##asn1,str,fp,x,NULL,NULL,0,NULL,NULL)); \ +return(((int (*)(I2D_OF_const(type),const char *,FILE *, const type *, const EVP_CIPHER *,unsigned char *,int, pem_password_cb *,void *))openssl_fcast(PEM_ASN1_write))(i2d_##asn1,str,fp,x,NULL,NULL,0,NULL,NULL)); \ } #define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \ @@ -266,9 +266,9 @@ return(((int (*)(I2D_OF(type),const char *,BIO *,type *, const EVP_CIPHER *,unsi } #define IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \ -int PEM_write_bio_##name(BIO *bp, type *x) \ +int PEM_write_bio_##name(BIO *bp, const type *x) \ { \ -return(((int (*)(I2D_OF_const(type),const char *,BIO *,type *, const EVP_CIPHER *,unsigned char *,int, pem_password_cb *,void *))openssl_fcast(PEM_ASN1_write_bio))(i2d_##asn1,str,bp,x,NULL,NULL,0,NULL,NULL)); \ +return(((int (*)(I2D_OF_const(type),const char *,BIO *,const type *, const EVP_CIPHER *,unsigned char *,int, pem_password_cb *,void *))openssl_fcast(PEM_ASN1_write_bio))(i2d_##asn1,str,bp,x,NULL,NULL,0,NULL,NULL)); \ } #define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \ @@ -333,6 +333,9 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ #define DECLARE_PEM_write_fp(name, type) \ int PEM_write_##name(FILE *fp, type *x); +#define DECLARE_PEM_write_fp_const(name, type) \ + int PEM_write_##name(FILE *fp, const type *x); + #define DECLARE_PEM_write_cb_fp(name, type) \ int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ unsigned char *kstr, int klen, pem_password_cb *cb, void *u); @@ -346,6 +349,9 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ #define DECLARE_PEM_write_bio(name, type) \ int PEM_write_bio_##name(BIO *bp, type *x); +#define DECLARE_PEM_write_bio_const(name, type) \ + int PEM_write_bio_##name(BIO *bp, const type *x); + #define DECLARE_PEM_write_cb_bio(name, type) \ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ unsigned char *kstr, int klen, pem_password_cb *cb, void *u); @@ -362,6 +368,10 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ DECLARE_PEM_write_bio(name, type) \ DECLARE_PEM_write_fp(name, type) +#define DECLARE_PEM_write_const(name, type) \ + DECLARE_PEM_write_bio_const(name, type) \ + DECLARE_PEM_write_fp_const(name, type) + #define DECLARE_PEM_write_cb(name, type) \ DECLARE_PEM_write_cb_bio(name, type) \ DECLARE_PEM_write_cb_fp(name, type) @@ -374,6 +384,10 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ DECLARE_PEM_read(name, type) \ DECLARE_PEM_write(name, type) +#define DECLARE_PEM_rw_const(name, type) \ + DECLARE_PEM_read(name, type) \ + DECLARE_PEM_write_const(name, type) + #define DECLARE_PEM_rw_cb(name, type) \ DECLARE_PEM_read(name, type) \ DECLARE_PEM_write_cb(name, type) @@ -601,7 +615,7 @@ DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO) DECLARE_PEM_rw_cb(RSAPrivateKey, RSA) -DECLARE_PEM_rw(RSAPublicKey, RSA) +DECLARE_PEM_rw_const(RSAPublicKey, RSA) DECLARE_PEM_rw(RSA_PUBKEY, RSA) #endif @@ -612,19 +626,19 @@ DECLARE_PEM_rw_cb(DSAPrivateKey, DSA) DECLARE_PEM_rw(DSA_PUBKEY, DSA) -DECLARE_PEM_rw(DSAparams, DSA) +DECLARE_PEM_rw_const(DSAparams, DSA) #endif #ifndef OPENSSL_NO_EC -DECLARE_PEM_rw(ECPKParameters, EC_GROUP) +DECLARE_PEM_rw_const(ECPKParameters, EC_GROUP) DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY) DECLARE_PEM_rw(EC_PUBKEY, EC_KEY) #endif #ifndef OPENSSL_NO_DH -DECLARE_PEM_rw(DHparams, DH) +DECLARE_PEM_rw_const(DHparams, DH) #endif -- GitLab From 67ffa18cceb3fafcf1a19d8e607fc9c1e8213e9d Mon Sep 17 00:00:00 2001 From: Nils Larsch Date: Wed, 18 May 2005 22:30:38 +0000 Subject: [PATCH 109/929] make the type parameter const when ID2_OF_const() is used --- crypto/asn1/asn1.h | 2 +- crypto/pem/pem.h | 30 ++++++++++++++++++++++-------- 2 files changed, 23 insertions(+), 9 deletions(-) diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h index f111e6fba8..dadcae8bd7 100644 --- a/crypto/asn1/asn1.h +++ b/crypto/asn1/asn1.h @@ -932,7 +932,7 @@ int ASN1_i2d_bio(i2d_of_void *i2d,BIO *out, unsigned char *x); #define ASN1_i2d_bio_of(type,i2d,out,x) \ ((int (*)(I2D_OF(type),BIO *,type *))openssl_fcast(ASN1_i2d_bio))(i2d,out,x) #define ASN1_i2d_bio_of_const(type,i2d,out,x) \ - ((int (*)(I2D_OF_const(type),BIO *,type *))openssl_fcast(ASN1_i2d_bio))(i2d,out,x) + ((int (*)(I2D_OF_const(type),BIO *,const type *))openssl_fcast(ASN1_i2d_bio))(i2d,out,x) int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x); int ASN1_UTCTIME_print(BIO *fp,ASN1_UTCTIME *a); int ASN1_GENERALIZEDTIME_print(BIO *fp,ASN1_GENERALIZEDTIME *a); diff --git a/crypto/pem/pem.h b/crypto/pem/pem.h index c65e07c4f5..7db6b423d0 100644 --- a/crypto/pem/pem.h +++ b/crypto/pem/pem.h @@ -230,9 +230,9 @@ return(((int (*)(I2D_OF(type),const char *,FILE *,type *, const EVP_CIPHER *,uns } #define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) \ -int PEM_write_##name(FILE *fp, type *x) \ +int PEM_write_##name(FILE *fp, const type *x) \ { \ -return(((int (*)(I2D_OF_const(type),const char *,FILE *,type *, const EVP_CIPHER *,unsigned char *,int, pem_password_cb *,void *))openssl_fcast(PEM_ASN1_write))(i2d_##asn1,str,fp,x,NULL,NULL,0,NULL,NULL)); \ +return(((int (*)(I2D_OF_const(type),const char *,FILE *, const type *, const EVP_CIPHER *,unsigned char *,int, pem_password_cb *,void *))openssl_fcast(PEM_ASN1_write))(i2d_##asn1,str,fp,x,NULL,NULL,0,NULL,NULL)); \ } #define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \ @@ -266,9 +266,9 @@ return(((int (*)(I2D_OF(type),const char *,BIO *,type *, const EVP_CIPHER *,unsi } #define IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \ -int PEM_write_bio_##name(BIO *bp, type *x) \ +int PEM_write_bio_##name(BIO *bp, const type *x) \ { \ -return(((int (*)(I2D_OF_const(type),const char *,BIO *,type *, const EVP_CIPHER *,unsigned char *,int, pem_password_cb *,void *))openssl_fcast(PEM_ASN1_write_bio))(i2d_##asn1,str,bp,x,NULL,NULL,0,NULL,NULL)); \ +return(((int (*)(I2D_OF_const(type),const char *,BIO *,const type *, const EVP_CIPHER *,unsigned char *,int, pem_password_cb *,void *))openssl_fcast(PEM_ASN1_write_bio))(i2d_##asn1,str,bp,x,NULL,NULL,0,NULL,NULL)); \ } #define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \ @@ -333,6 +333,9 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ #define DECLARE_PEM_write_fp(name, type) \ int PEM_write_##name(FILE *fp, type *x); +#define DECLARE_PEM_write_fp_const(name, type) \ + int PEM_write_##name(FILE *fp, const type *x); + #define DECLARE_PEM_write_cb_fp(name, type) \ int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ unsigned char *kstr, int klen, pem_password_cb *cb, void *u); @@ -346,6 +349,9 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ #define DECLARE_PEM_write_bio(name, type) \ int PEM_write_bio_##name(BIO *bp, type *x); +#define DECLARE_PEM_write_bio_const(name, type) \ + int PEM_write_bio_##name(BIO *bp, const type *x); + #define DECLARE_PEM_write_cb_bio(name, type) \ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ unsigned char *kstr, int klen, pem_password_cb *cb, void *u); @@ -362,6 +368,10 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ DECLARE_PEM_write_bio(name, type) \ DECLARE_PEM_write_fp(name, type) +#define DECLARE_PEM_write_const(name, type) \ + DECLARE_PEM_write_bio_const(name, type) \ + DECLARE_PEM_write_fp_const(name, type) + #define DECLARE_PEM_write_cb(name, type) \ DECLARE_PEM_write_cb_bio(name, type) \ DECLARE_PEM_write_cb_fp(name, type) @@ -374,6 +384,10 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ DECLARE_PEM_read(name, type) \ DECLARE_PEM_write(name, type) +#define DECLARE_PEM_rw_const(name, type) \ + DECLARE_PEM_read(name, type) \ + DECLARE_PEM_write_const(name, type) + #define DECLARE_PEM_rw_cb(name, type) \ DECLARE_PEM_read(name, type) \ DECLARE_PEM_write_cb(name, type) @@ -601,7 +615,7 @@ DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO) DECLARE_PEM_rw_cb(RSAPrivateKey, RSA) -DECLARE_PEM_rw(RSAPublicKey, RSA) +DECLARE_PEM_rw_const(RSAPublicKey, RSA) DECLARE_PEM_rw(RSA_PUBKEY, RSA) #endif @@ -612,19 +626,19 @@ DECLARE_PEM_rw_cb(DSAPrivateKey, DSA) DECLARE_PEM_rw(DSA_PUBKEY, DSA) -DECLARE_PEM_rw(DSAparams, DSA) +DECLARE_PEM_rw_const(DSAparams, DSA) #endif #ifndef OPENSSL_NO_EC -DECLARE_PEM_rw(ECPKParameters, EC_GROUP) +DECLARE_PEM_rw_const(ECPKParameters, EC_GROUP) DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY) DECLARE_PEM_rw(EC_PUBKEY, EC_KEY) #endif #ifndef OPENSSL_NO_DH -DECLARE_PEM_rw(DHparams, DH) +DECLARE_PEM_rw_const(DHparams, DH) #endif -- GitLab From 3f516ce837aabadfe308fef9992cb4854231e3be Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Thu, 19 May 2005 01:48:46 +0000 Subject: [PATCH 110/929] SysV make [or least some of them] don't propogate command line macros to recursively called make. So let's pass down BUILDENV as value too... --- Makefile.org | 8 ++++---- crypto/Makefile | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Makefile.org b/Makefile.org index 5deb19a016..7fa4b52a96 100644 --- a/Makefile.org +++ b/Makefile.org @@ -150,12 +150,12 @@ BUILDENV= PLATFORM='${PLATFORM}' PROCESSOR='${PROCESSOR}' \ CC='${CC}' CFLAG='${CFLAG}' \ AS='${CC}' ASFLAG='${CFLAG} -c' \ AR='${AR}' PERL='${PERL}' RANLIB='${RANLIB}' \ - SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/lib' \ + SDIRS='${SDIRS}' LIBRPATH='${INSTALLTOP}/lib' \ INSTALLTOP='${INSTALLTOP}' OPENSSLDIR='${OPENSSLDIR}' \ - MAKEDEPEND='$$(TOP)/util/domd $$(TOP) -MD $(MAKEDEPPROG)'\ + MAKEDEPEND='$${TOP}/util/domd $${TOP} -MD ${MAKEDEPPROG}'\ DEPFLAG='-DOPENSSL_NO_DEPRECATED ${DEPFLAG}' \ MAKEDEPPROG='${MAKEDEPPROG}' \ - LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \ + LDFLAGS='${LDFLAGS}' SHARED_LDFLAGS='${SHARED_LDFLAGS}' \ KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' \ EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' \ SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' \ @@ -173,7 +173,7 @@ BUILDENV= PLATFORM='${PLATFORM}' PROCESSOR='${PROCESSOR}' \ BUILD_CMD=if echo " $(DIRS) " | grep " $$dir " >/dev/null 2>/dev/null; then \ if [ -d "$$dir" ]; then \ (cd $$dir && echo "making $$target in $$dir..." && \ - $(MAKE) $(BUILDENV) $$target ) || exit 1; \ + $(MAKE) $(BUILDENV) BUILDENV="$(BUILDENV)" $$target ) || exit 1; \ else \ $(MAKE) $$dir; \ fi; fi diff --git a/crypto/Makefile b/crypto/Makefile index c6c76c26ac..ee6e507dc7 100644 --- a/crypto/Makefile +++ b/crypto/Makefile @@ -88,7 +88,7 @@ subdirs: @for i in $(SDIRS) ;\ do \ (cd $$i && echo "making all in crypto/$$i..." && \ - $(MAKE) INCLUDES='${INCLUDES}' all ) || exit 1; \ + $(MAKE) $(BUILDENV) INCLUDES='${INCLUDES}' all ) || exit 1; \ done; files: -- GitLab From 0bc9920ad4862ec0eccc36017b8797efe044026d Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Thu, 19 May 2005 02:08:01 +0000 Subject: [PATCH 111/929] Stringify substitutions [some shells require it]. --- Makefile.shared | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/Makefile.shared b/Makefile.shared index 5afd419f9a..61976210c7 100644 --- a/Makefile.shared +++ b/Makefile.shared @@ -68,7 +68,7 @@ LIBDEPS= # The rest is private to this makefile. SET_X=: -#SET_X=set -x +SET_X=set -x top: echo "Trying to use this makefile interactively? Don't." @@ -89,21 +89,23 @@ CALC_VERSIONS= \ LINK_APP= \ ( $(SET_X); \ - LIBDEPS=$${LIBDEPS:-$(LIBDEPS)}; \ - LIBPATH=`for x in $$LIBDEPS; do if echo $$x | grep '^ *-L' > /dev/null 2>&1; then echo $$x | sed -e 's/^ *-L//'; fi; done | uniq`; \ + LIBDEPS="$${LIBDEPS:-$(LIBDEPS)}"; \ + LDCMD="$${LDCMD:-$(CC)}"; LDFLAGS="$${LDFLAGS:-$(CFLAGS)}"; \ + LIBPATH=`for x in $(LIBDEPS); do if echo $$x | grep '^ *-L' > /dev/null 2>&1; then echo $$x | sed -e 's/^ *-L//'; fi; done | uniq`; \ LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \ LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ - $${LDCMD:=$(CC)} $${LDFLAGS:=$(CFLAGS)} \ - -o $${APPNAME:=$(APPNAME)} $(OBJECTS) $$LIBDEPS ) + $${LDCMD} $${LDFLAGS} -o $${APPNAME:=$(APPNAME)} $(OBJECTS) $${LIBDEPS} ) LINK_SO= \ ( $(SET_X); \ - LIBDEPS=$${LIBDEPS:-$(LIBDEPS)}; \ + LIBDEPS="$${LIBDEPS:-$(LIBDEPS)}"; \ + SHAREDCMD="$${SHAREDCMD:-$(CC)}"; \ + SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \ nm -Pg $$SHOBJECTS | grep ' [BDT] ' | cut -f1 -d' ' > lib$(LIBNAME).exp; \ LIBPATH=`for x in $$LIBDEPS; do if echo $$x | grep '^ *-L' > /dev/null 2>&1; then echo $$x | sed -e 's/^ *-L//'; fi; done | uniq`; \ LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \ LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ - $${SHAREDCMD:=$(CC)} $${SHAREDFLAGS:=$(CFLAGS) $(SHARED_LDFLAGS)} \ + $${SHAREDCMD} $${SHAREDFLAGS} \ -o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \ $$ALLSYMSFLAGS $$SHOBJECTS $$NOALLSYMSFLAGS $$LIBDEPS \ ) && $(SYMLINK_SO); \ -- GitLab From 739b139cb2e1c58069d124c4637cec5530448075 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Thu, 19 May 2005 02:13:10 +0000 Subject: [PATCH 112/929] Propogate BUILDENV even in ./engines. --- Makefile.shared | 2 +- engines/Makefile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile.shared b/Makefile.shared index 61976210c7..827b01d8eb 100644 --- a/Makefile.shared +++ b/Makefile.shared @@ -68,7 +68,7 @@ LIBDEPS= # The rest is private to this makefile. SET_X=: -SET_X=set -x +#SET_X=set -x top: echo "Trying to use this makefile interactively? Don't." diff --git a/engines/Makefile b/engines/Makefile index d415a1c85b..483ed7237d 100644 --- a/engines/Makefile +++ b/engines/Makefile @@ -65,7 +65,7 @@ lib: $(LIBOBJ) @if [ -n "$(SHARED_LIBS)" ]; then \ set -e; \ for l in $(LIBNAMES); do \ - $(MAKE) -f ../Makefile.shared \ + $(MAKE) -f ../Makefile.shared $(BUILDENV) \ LIBNAME=$$l LIBEXTRAS=e_$$l.o \ LIBDEPS='-L.. -lcrypto $(EX_LIBS)' \ link_o.$(SHLIB_TARGET); \ -- GitLab From 97d37c1c1e02127b1478588f2170f3be1aec599b Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Thu, 19 May 2005 11:51:43 +0000 Subject: [PATCH 113/929] Recognize new macros. --- util/mkdef.pl | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/util/mkdef.pl b/util/mkdef.pl index fa5848ace6..c9417d3b90 100755 --- a/util/mkdef.pl +++ b/util/mkdef.pl @@ -741,7 +741,8 @@ sub do_defs } elsif (/^\s*DECLARE_PKCS12_STACK_OF\s*\(\s*(\w*)\s*\)/) { next; } elsif (/^DECLARE_PEM_rw\s*\(\s*(\w*)\s*,/ || - /^DECLARE_PEM_rw_cb\s*\(\s*(\w*)\s*,/ ) { + /^DECLARE_PEM_rw_cb\s*\(\s*(\w*)\s*,/ || + /^DECLARE_PEM_rw_const\s*\(\s*(\w*)\s*,/ ) { # Things not in Win16 $def .= "#INFO:" -- GitLab From f5634286a352fcf812a1289a406482494ef80977 Mon Sep 17 00:00:00 2001 From: Nils Larsch Date: Thu, 19 May 2005 11:59:35 +0000 Subject: [PATCH 114/929] fix "dereferencing type-punned pointer will break strict-aliasing rules" warning when using gcc 4.0 --- crypto/dso/dso_dlfcn.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/dso/dso_dlfcn.c b/crypto/dso/dso_dlfcn.c index 2b8f3ee4d8..1fd10104c5 100644 --- a/crypto/dso/dso_dlfcn.c +++ b/crypto/dso/dso_dlfcn.c @@ -237,7 +237,7 @@ static void *dlfcn_bind_var(DSO *dso, const char *symname) static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname) { void *ptr; - DSO_FUNC_TYPE sym; + DSO_FUNC_TYPE sym, *tsym = &sym; if((dso == NULL) || (symname == NULL)) { @@ -255,7 +255,7 @@ static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname) DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_NULL_HANDLE); return(NULL); } - *(void **)(&sym) = dlsym(ptr, symname); + *(void **)(tsym) = dlsym(ptr, symname); if(sym == NULL) { DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_SYM_FAILURE); -- GitLab From 3f4657d131fd301b6000d0de9929a2c8518a795b Mon Sep 17 00:00:00 2001 From: Nils Larsch Date: Thu, 19 May 2005 12:01:51 +0000 Subject: [PATCH 115/929] fix "dereferencing type-punned pointer will break strict-aliasing rules" warning when using gcc 4.0 --- crypto/dso/dso_dlfcn.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/dso/dso_dlfcn.c b/crypto/dso/dso_dlfcn.c index 2b8f3ee4d8..1fd10104c5 100644 --- a/crypto/dso/dso_dlfcn.c +++ b/crypto/dso/dso_dlfcn.c @@ -237,7 +237,7 @@ static void *dlfcn_bind_var(DSO *dso, const char *symname) static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname) { void *ptr; - DSO_FUNC_TYPE sym; + DSO_FUNC_TYPE sym, *tsym = &sym; if((dso == NULL) || (symname == NULL)) { @@ -255,7 +255,7 @@ static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname) DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_NULL_HANDLE); return(NULL); } - *(void **)(&sym) = dlsym(ptr, symname); + *(void **)(tsym) = dlsym(ptr, symname); if(sym == NULL) { DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_SYM_FAILURE); -- GitLab From e0ee5ea962a7b4d7ab4efcfd4a03f6039f94e244 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 19 May 2005 19:12:36 +0000 Subject: [PATCH 116/929] Added news items for OpenSSL 0.9.8. --- NEWS | 67 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 67 insertions(+) diff --git a/NEWS b/NEWS index 8e1ce65a5f..9cd1416507 100644 --- a/NEWS +++ b/NEWS @@ -5,6 +5,73 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.8: + + o Major work on the BIGNUM library for higher efficiency and to + make operations more streamlined and less contradictory. This + is the result of a major audit of the BIGNUM library. + o Addition of BIGNUM functions for fields GF(2^m) and NIST + curves, to support the Elliptic Crypto functions. + o Major work on Elliptic Crypto; ECDH and ECDSA added, including + the use through EVP, X509 and ENGINE. + o New ASN.1 mini-compiler that's usable through the OpenSSL + configuration file. + o Added support for ASN.1 indefinite length constructed encoding. + o New PKCS#12 'medium level' API to manipulate PKCS#12 files. + o Complete rework of shared library construction and linking + programs with shared or static libraries, through a separate + Makefile.shared. + o Changed ENGINE framework to load dynamic engine modules + automatically from specifically given directories. + o New structure and ASN.1 functions for CertificatePair. + o Changed the ZLIB compression method to be stateful. + o Changed the key-generation and primality testing "progress" + mechanism to take a structure that contains the ticker + function and an argument. + o New engine module: GMP (performs private key exponentiation). + o New engine module: VIA PadLOck ACE extension in VIA C3 + Nehemiah processors. + o Added support for IPv6 addresses in certificate extensions. + See RFC 1884, section 2.2. + o Added support for certificate policy mappings, policy + constraints and name constraints. + o Added support for multi-valued AVAs in the OpenSSL + configuration file. + o Added support for multiple certificates with the same subject + in the 'openssl ca' index file. + o Make it possible to create self-signed certificates using + 'openssl ca -selfsign'. + o Make it possible to generate a serial number file with + 'openssl ca -create_serial'. + o New binary search functions with extended functionality. + o New BUF functions. + o New STORE structure and library to provide an interface to all + sorts of data repositories. Supports storage of public and + private keys, certificates, CRLs, numbers and arbitrary blobs. + This library is unfortunately unfinished and unused withing + OpenSSL. + o New control functions for the error stack. + o Changed the PKCS#7 library to support one-pass S/MIME + processing. + o Added the possibility to compile without old deprecated + functionality with the OPENSSL_NO_DEPRECATED macro or the + 'no-deprecated' argument to the config and Configure scripts. + o Constification of all ASN.1 conversion functions, and other + affected functions. + o Improved platform support for PowerPC. + o New FIPS 180-2 algorithms (SHA-224, -256, -384 and -512). + o New X509_VERIFY_PARAM structure to support parametrisation + of X.509 path validation. + o Major overhaul of RC4 performance on Intel P4, IA-64 and + AMD64. + o Changed the Configure script to have some algorithms disabled + by default. Those can be explicitely enabled with the new + argument form 'enable-xxx'. + o Change the default digest in 'openssl' commands from MD5 to + SHA-1. + o Added support for DTLS. THIS IS STILL BEING WORKED ON! + o New BIGNUM blinding. + Major changes between OpenSSL 0.9.7f and OpenSSL 0.9.7g: o More compilation issues fixed. -- GitLab From 43133041c9d3b2fe9b6eb27d23cb065a3e36ee77 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 19 May 2005 19:31:53 +0000 Subject: [PATCH 117/929] 'make update' with a default configuration. --- apps/Makefile | 37 ++++++++++++++++++------------------- crypto/bio/Makefile | 6 +++--- crypto/objects/obj_dat.h | 4 ++-- test/Makefile | 14 ++++++++++---- 4 files changed, 33 insertions(+), 28 deletions(-) diff --git a/apps/Makefile b/apps/Makefile index a47793b5ab..06173b2355 100644 --- a/apps/Makefile +++ b/apps/Makefile @@ -621,25 +621,24 @@ rand.o: ../include/openssl/safestack.h ../include/openssl/sha.h rand.o: ../include/openssl/stack.h ../include/openssl/symhacks.h rand.o: ../include/openssl/txt_db.h ../include/openssl/x509.h rand.o: ../include/openssl/x509_vfy.h apps.h rand.c -req.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/asn1.h -req.o: ../include/openssl/bio.h ../include/openssl/bn.h -req.o: ../include/openssl/buffer.h ../include/openssl/conf.h -req.o: ../include/openssl/crypto.h ../include/openssl/dh.h -req.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h -req.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -req.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h -req.o: ../include/openssl/err.h ../include/openssl/evp.h -req.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -req.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -req.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -req.o: ../include/openssl/pem.h ../include/openssl/pem2.h -req.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -req.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -req.o: ../include/openssl/sha.h ../include/openssl/stack.h -req.o: ../include/openssl/store.h ../include/openssl/symhacks.h -req.o: ../include/openssl/txt_db.h ../include/openssl/ui.h -req.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -req.o: ../include/openssl/x509v3.h apps.h req.c +req.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h +req.o: ../include/openssl/bn.h ../include/openssl/buffer.h +req.o: ../include/openssl/conf.h ../include/openssl/crypto.h +req.o: ../include/openssl/dh.h ../include/openssl/dsa.h +req.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +req.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +req.o: ../include/openssl/engine.h ../include/openssl/err.h +req.o: ../include/openssl/evp.h ../include/openssl/lhash.h +req.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +req.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +req.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +req.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +req.o: ../include/openssl/rand.h ../include/openssl/rsa.h +req.o: ../include/openssl/safestack.h ../include/openssl/sha.h +req.o: ../include/openssl/stack.h ../include/openssl/store.h +req.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h +req.o: ../include/openssl/ui.h ../include/openssl/x509.h +req.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h req.c rsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h rsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h diff --git a/crypto/bio/Makefile b/crypto/bio/Makefile index 1522147036..fdbce02f86 100644 --- a/crypto/bio/Makefile +++ b/crypto/bio/Makefile @@ -92,7 +92,7 @@ b_dump.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h b_dump.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h b_dump.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h b_dump.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -b_dump.o: ../../include/openssl/symhacks.h ../cryptlib.h b_dump.c +b_dump.o: ../../include/openssl/symhacks.h ../cryptlib.h b_dump.c bio_lcl.h b_print.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h b_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h b_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h @@ -183,14 +183,14 @@ bss_fd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bss_fd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h bss_fd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h bss_fd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -bss_fd.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_fd.c +bss_fd.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_lcl.h bss_fd.c bss_file.o: ../../e_os.h ../../include/openssl/bio.h bss_file.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bss_file.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bss_file.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h bss_file.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h bss_file.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -bss_file.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_file.c +bss_file.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_lcl.h bss_file.c bss_log.o: ../../e_os.h ../../include/openssl/bio.h bss_log.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bss_log.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index 8ca04dd711..c2a707a984 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -2740,8 +2740,8 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[648]),/* "Microsoft Smartcardlogin" */ &(nid_objs[136]),/* "Microsoft Trust List Signing" */ &(nid_objs[649]),/* "Microsoft Universal Principal Name" */ -&(nid_objs[404]),/* "NULL" */ &(nid_objs[393]),/* "NULL" */ +&(nid_objs[404]),/* "NULL" */ &(nid_objs[72]),/* "Netscape Base Url" */ &(nid_objs[76]),/* "Netscape CA Policy Url" */ &(nid_objs[74]),/* "Netscape CA Revocation Url" */ @@ -3450,8 +3450,8 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[ 0]),/* OBJ_undef 0 */ &(nid_objs[393]),/* OBJ_joint_iso_ccitt OBJ_joint_iso_itu_t */ -&(nid_objs[645]),/* OBJ_itu_t 0 */ &(nid_objs[404]),/* OBJ_ccitt OBJ_itu_t */ +&(nid_objs[645]),/* OBJ_itu_t 0 */ &(nid_objs[434]),/* OBJ_data 0 9 */ &(nid_objs[181]),/* OBJ_iso 1 */ &(nid_objs[182]),/* OBJ_member_body 1 2 */ diff --git a/test/Makefile b/test/Makefile index b6575dda12..766a48bdfb 100644 --- a/test/Makefile +++ b/test/Makefile @@ -549,8 +549,11 @@ md5test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h md5test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h md5test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h md5test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h md5test.c -mdc2test.o: ../e_os.h ../include/openssl/e_os2.h -mdc2test.o: ../include/openssl/opensslconf.h mdc2test.c +mdc2test.o: ../include/openssl/buffer.h ../include/openssl/crypto.h +mdc2test.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h +mdc2test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +mdc2test.o: ../include/openssl/safestack.h ../include/openssl/stack.h +mdc2test.o: ../include/openssl/symhacks.h mdc2test.c randtest.o: ../e_os.h ../include/openssl/e_os2.h randtest.o: ../include/openssl/opensslconf.h ../include/openssl/ossl_typ.h randtest.o: ../include/openssl/rand.h randtest.c @@ -559,8 +562,11 @@ rc2test.o: ../include/openssl/opensslconf.h ../include/openssl/rc2.h rc2test.c rc4test.o: ../e_os.h ../include/openssl/e_os2.h rc4test.o: ../include/openssl/opensslconf.h ../include/openssl/rc4.h rc4test.o: ../include/openssl/sha.h rc4test.c -rc5test.o: ../e_os.h ../include/openssl/e_os2.h -rc5test.o: ../include/openssl/opensslconf.h rc5test.c +rc5test.o: ../include/openssl/buffer.h ../include/openssl/crypto.h +rc5test.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h +rc5test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +rc5test.o: ../include/openssl/safestack.h ../include/openssl/stack.h +rc5test.o: ../include/openssl/symhacks.h rc5test.c rmdtest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h rmdtest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h rmdtest.o: ../include/openssl/evp.h ../include/openssl/obj_mac.h -- GitLab From fa96ed06d2f6df5680e6c7cb80cb7f7194a22d69 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 19 May 2005 19:42:04 +0000 Subject: [PATCH 118/929] Update version information. --- README | 2 +- STATUS | 12 ++---------- crypto/opensslv.h | 6 +++--- 3 files changed, 6 insertions(+), 14 deletions(-) diff --git a/README b/README index 89a1478c7e..9fa5d88684 100644 --- a/README +++ b/README @@ -1,5 +1,5 @@ - OpenSSL 0.9.8-dev XX xxx XXXX + OpenSSL 0.9.8-beta1 19 May 2005 Copyright (c) 1998-2005 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson diff --git a/STATUS b/STATUS index d3273dd9e2..e7f08d0136 100644 --- a/STATUS +++ b/STATUS @@ -1,11 +1,11 @@ OpenSSL STATUS Last modified at - ______________ $Date: 2005/05/18 04:14:21 $ + ______________ $Date: 2005/05/19 19:42:03 $ DEVELOPMENT STATE o OpenSSL 0.9.9: Under development... - o OpenSSL 0.9.8: In beta... + o OpenSSL 0.9.8-beta1: Released on May 19th, 2005 o OpenSSL 0.9.7g: Released on April 11th, 2005 o OpenSSL 0.9.7f: Released on March 22nd, 2005 o OpenSSL 0.9.7e: Released on October 25th, 2004 @@ -56,16 +56,8 @@ Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. - o Geoff and Richard are currently working on: - ENGINE (the new code that gives hardware support among others). o Richard is currently working on: - UI (User Interface) - UTIL (a new set of library functions to support some higher level - functionality that is currently missing). - Shared library support for VMS. - Kerberos 5 authentication (Heimdal) Constification - Compression Attribute Certificate support Certificate Pair support Storage Engines (primarly an LDAP storage engine) diff --git a/crypto/opensslv.h b/crypto/opensslv.h index b18b0c8040..191d949cab 100644 --- a/crypto/opensslv.h +++ b/crypto/opensslv.h @@ -12,7 +12,7 @@ * 0.9.3-beta2 0x00903002 (same as ...beta2-dev) * 0.9.3 0x0090300f * 0.9.3a 0x0090301f - * 0.9.4 0x0090400f + * 0.9.4 0x0090400f * 1.2.3z 0x102031af * * For continuity reasons (because 0.9.5 is already out, and is coded @@ -27,9 +27,9 @@ */ #define OPENSSL_VERSION_NUMBER 0x00908001L #ifdef OPENSSL_FIPS -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-fips-beta1-dev XX xxx XXXX" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-fips-beta1 19 May 2005" #else -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-beta1-dev XX xxx XXXX" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-beta1 19 May 2005" #endif #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT -- GitLab From decc9ffc18a284498956bf73f879b705afc47292 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 19 May 2005 19:43:28 +0000 Subject: [PATCH 119/929] Update status information --- STATUS | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/STATUS b/STATUS index a0c9fa5810..5fd73ff32d 100644 --- a/STATUS +++ b/STATUS @@ -1,11 +1,11 @@ OpenSSL STATUS Last modified at - ______________ $Date: 2005/05/18 04:04:12 $ + ______________ $Date: 2005/05/19 19:43:28 $ DEVELOPMENT STATE o OpenSSL 0.9.9: Under development... - o OpenSSL 0.9.8: In beta... + o OpenSSL 0.9.8-beta1: Released on May 19th, 2005 o OpenSSL 0.9.7g: Released on April 11th, 2005 o OpenSSL 0.9.7f: Released on March 22nd, 2005 o OpenSSL 0.9.7e: Released on October 25th, 2004 @@ -56,16 +56,8 @@ Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. - o Geoff and Richard are currently working on: - ENGINE (the new code that gives hardware support among others). o Richard is currently working on: - UI (User Interface) - UTIL (a new set of library functions to support some higher level - functionality that is currently missing). - Shared library support for VMS. - Kerberos 5 authentication (Heimdal) Constification - Compression Attribute Certificate support Certificate Pair support Storage Engines (primarly an LDAP storage engine) -- GitLab From 032bb2a2c53aba207cf5d208ff3f2a0a3bd7b587 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 19 May 2005 19:45:53 +0000 Subject: [PATCH 120/929] Tagging of 0.9.8-beta1 is done, time to update the version numbers to the next beta (beta2). --- README | 2 +- crypto/opensslv.h | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/README b/README index 9fa5d88684..7785cb8915 100644 --- a/README +++ b/README @@ -1,5 +1,5 @@ - OpenSSL 0.9.8-beta1 19 May 2005 + OpenSSL 0.9.8-beta2-dev XX xxx XXXX Copyright (c) 1998-2005 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson diff --git a/crypto/opensslv.h b/crypto/opensslv.h index 191d949cab..199d5e088a 100644 --- a/crypto/opensslv.h +++ b/crypto/opensslv.h @@ -25,11 +25,11 @@ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -#define OPENSSL_VERSION_NUMBER 0x00908001L +#define OPENSSL_VERSION_NUMBER 0x00908002L #ifdef OPENSSL_FIPS -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-fips-beta1 19 May 2005" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-fips-beta2-dev XX xxx XXXX" #else -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-beta1 19 May 2005" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-beta2-dev XX xxx XXXX" #endif #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT -- GitLab From 851e31ff07376c41f2666e64b14df29be50cbc3d Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Thu, 19 May 2005 19:54:49 +0000 Subject: [PATCH 121/929] FAQ to mention no-sse2. --- FAQ | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/FAQ b/FAQ index 30913a11b3..f3eeccd056 100644 --- a/FAQ +++ b/FAQ @@ -46,6 +46,7 @@ OpenSSL - Frequently Asked Questions * Why does the OpenSSL test suite fail on MacOS X? * Why does the OpenSSL test suite fail in BN_sqr test [on a 64-bit platform]? * Why does OpenBSD-i386 build fail on des-586.s with "Unimplemented segment type"? +* Why does the OpenSSL test suite fail in sha512t on x86 CPU? [PROG] Questions about programming with OpenSSL @@ -598,6 +599,14 @@ Reportedly elder *BSD a.out platforms also suffer from this problem and remedy should be same. Provided binary is statically linked and should be working across wider range of *BSD branches, not just OpenBSD. +* Why does the OpenSSL test suite fail in sha512t on x86 CPU? + +If the test program in question fails withs SIGILL, Illegal Instruction +exception, then you more than likely to run SSE2-capable CPU, such as +Intel P4, under control of kernel which does not support SSE2 +instruction extentions. See accompanying INSTALL file and +OPENSSL_ia32cap(3) documentation page for further information. + [PROG] ======================================================================== * Is OpenSSL thread-safe? -- GitLab From cd74dda72a280bfd36de4d965b44b1bc78f434dd Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Thu, 19 May 2005 19:57:27 +0000 Subject: [PATCH 122/929] FAQ to mention no-sse2. --- FAQ | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/FAQ b/FAQ index 30913a11b3..f3eeccd056 100644 --- a/FAQ +++ b/FAQ @@ -46,6 +46,7 @@ OpenSSL - Frequently Asked Questions * Why does the OpenSSL test suite fail on MacOS X? * Why does the OpenSSL test suite fail in BN_sqr test [on a 64-bit platform]? * Why does OpenBSD-i386 build fail on des-586.s with "Unimplemented segment type"? +* Why does the OpenSSL test suite fail in sha512t on x86 CPU? [PROG] Questions about programming with OpenSSL @@ -598,6 +599,14 @@ Reportedly elder *BSD a.out platforms also suffer from this problem and remedy should be same. Provided binary is statically linked and should be working across wider range of *BSD branches, not just OpenBSD. +* Why does the OpenSSL test suite fail in sha512t on x86 CPU? + +If the test program in question fails withs SIGILL, Illegal Instruction +exception, then you more than likely to run SSE2-capable CPU, such as +Intel P4, under control of kernel which does not support SSE2 +instruction extentions. See accompanying INSTALL file and +OPENSSL_ia32cap(3) documentation page for further information. + [PROG] ======================================================================== * Is OpenSSL thread-safe? -- GitLab From 7b1e7706d8d69f09767e527116aa5ec0a8447a63 Mon Sep 17 00:00:00 2001 From: Nils Larsch Date: Thu, 19 May 2005 20:54:22 +0000 Subject: [PATCH 123/929] update ecdsa doc --- doc/crypto/ecdsa.pod | 66 +++++++++++++++----------------------------- 1 file changed, 22 insertions(+), 44 deletions(-) diff --git a/doc/crypto/ecdsa.pod b/doc/crypto/ecdsa.pod index ab3bef0712..49b10f2249 100644 --- a/doc/crypto/ecdsa.pod +++ b/doc/crypto/ecdsa.pod @@ -14,13 +14,11 @@ ecdsa - Elliptic Curve Digital Signature Algorithm ECDSA_SIG* d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len); - ECDSA_DATA* ECDSA_DATA_new(void); - ECDSA_DATA* ECDSA_DATA_new_method(ENGINE *eng); - void ECDSA_DATA_free(ECDSA_DATA *data); - ECDSA_DATA* ecdsa_check(EC_KEY *eckey); - ECDSA_SIG* ECDSA_do_sign(const unsigned char *dgst, int dgst_len, EC_KEY *eckey); + ECDSA_SIG* ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen, + const BIGNUM *kinv, const BIGNUM *rp, + EC_KEY *eckey); int ECDSA_do_verify(const unsigned char *dgst, int dgst_len, const ECDSA_SIG *sig, EC_KEY* eckey); int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, @@ -28,6 +26,10 @@ ecdsa - Elliptic Curve Digital Signature Algorithm int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen, unsigned char *sig, unsigned int *siglen, EC_KEY *eckey); + int ECDSA_sign_ex(int type, const unsigned char *dgst, + int dgstlen, unsigned char *sig, + unsigned int *siglen, const BIGNUM *kinv, + const BIGNUM *rp, EC_KEY *eckey); int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen, const unsigned char *sig, int siglen, EC_KEY *eckey); @@ -72,35 +74,6 @@ the decoded signature in a newly allocated B structure. B<*sig> points to the buffer containing the DER encoded signature of size B. -The B structure extends the B -structure with ECDSA specific data. - - struct - { - /* EC_KEY_METH_DATA part */ - int (*init)(EC_KEY *); - void (*finish)(EC_KEY *); - /* method (ECDSA) specific part */ - BIGNUM *kinv; /* signing pre-calc */ - BIGNUM *r; /* signing pre-calc */ - ... - } - ECDSA_DATA; - -B and B are used to store precomputed values (see -B). - -ECDSA_DATA_new() returns a newly allocated and initialized -B structure (or NULL on error). - -ECDSA_DATA_free() frees the B structure B. - -ecdsa_check() returns the pointer to the B -structure in Bmeth_data> (if Bmeth_data> -is not a pointer to a B structure then the old -data is freed and a new B structure is allocated -using B). - ECDSA_size() returns the maximum length of a DER encoded ECDSA signature created with the private EC key B. @@ -108,13 +81,15 @@ ECDSA_sign_setup() may be used to precompute parts of the signing operation. B is the private EC key and B is a pointer to B structure (or NULL). The precomputed values or returned in B and B and can be used in a -later call to B or B when placed in -Bkinv> and Br>. +later call to B or B. -ECDSA_sign() computes a digital signature of the B bytes -hash value B using the private EC key B and places -the DER encoding of the created signature in B. The length -of the created signature is returned in B. Note: B +ECDSA_sign() is wrapper function for ECDSA_sign_ex with B +and B set to NULL. + +ECDSA_sign_ex() computes a digital signature of the B bytes +hash value B using the private EC key B and the optional +pre-computed values B and B. The DER encoded signatures is +stored in B and it's length is returned in B. Note: B must point to B bytes of memory. The parameter B is ignored. @@ -123,10 +98,13 @@ B is a valid ECDSA signature of the hash value value B of size B using the public key B. The parameter B is ignored. -ECDSA_do_sign() computes a digital signature of the B -bytes hash value B using the private key B and -returns the signature in a newly allocated B structure -(or NULL on error). +ECDSA_do_sign() is wrapper function for ECDSA_do_sign_ex with B +and B set to NULL. + +ECDSA_do_sign_ex() computes a digital signature of the B +bytes hash value B using the private key B and the +optional pre-computed values B and B. The signature is +returned in a newly allocated B structure (or NULL on error). ECDSA_do_verify() verifies that the signature B is a valid ECDSA signature of the hash value B of size B -- GitLab From b67d9889151bc6f09c3fb5f671c4c676dab095a4 Mon Sep 17 00:00:00 2001 From: Nils Larsch Date: Thu, 19 May 2005 20:54:30 +0000 Subject: [PATCH 124/929] update ecdsa doc --- doc/crypto/ecdsa.pod | 66 +++++++++++++++----------------------------- 1 file changed, 22 insertions(+), 44 deletions(-) diff --git a/doc/crypto/ecdsa.pod b/doc/crypto/ecdsa.pod index ab3bef0712..49b10f2249 100644 --- a/doc/crypto/ecdsa.pod +++ b/doc/crypto/ecdsa.pod @@ -14,13 +14,11 @@ ecdsa - Elliptic Curve Digital Signature Algorithm ECDSA_SIG* d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len); - ECDSA_DATA* ECDSA_DATA_new(void); - ECDSA_DATA* ECDSA_DATA_new_method(ENGINE *eng); - void ECDSA_DATA_free(ECDSA_DATA *data); - ECDSA_DATA* ecdsa_check(EC_KEY *eckey); - ECDSA_SIG* ECDSA_do_sign(const unsigned char *dgst, int dgst_len, EC_KEY *eckey); + ECDSA_SIG* ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen, + const BIGNUM *kinv, const BIGNUM *rp, + EC_KEY *eckey); int ECDSA_do_verify(const unsigned char *dgst, int dgst_len, const ECDSA_SIG *sig, EC_KEY* eckey); int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, @@ -28,6 +26,10 @@ ecdsa - Elliptic Curve Digital Signature Algorithm int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen, unsigned char *sig, unsigned int *siglen, EC_KEY *eckey); + int ECDSA_sign_ex(int type, const unsigned char *dgst, + int dgstlen, unsigned char *sig, + unsigned int *siglen, const BIGNUM *kinv, + const BIGNUM *rp, EC_KEY *eckey); int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen, const unsigned char *sig, int siglen, EC_KEY *eckey); @@ -72,35 +74,6 @@ the decoded signature in a newly allocated B structure. B<*sig> points to the buffer containing the DER encoded signature of size B. -The B structure extends the B -structure with ECDSA specific data. - - struct - { - /* EC_KEY_METH_DATA part */ - int (*init)(EC_KEY *); - void (*finish)(EC_KEY *); - /* method (ECDSA) specific part */ - BIGNUM *kinv; /* signing pre-calc */ - BIGNUM *r; /* signing pre-calc */ - ... - } - ECDSA_DATA; - -B and B are used to store precomputed values (see -B). - -ECDSA_DATA_new() returns a newly allocated and initialized -B structure (or NULL on error). - -ECDSA_DATA_free() frees the B structure B. - -ecdsa_check() returns the pointer to the B -structure in Bmeth_data> (if Bmeth_data> -is not a pointer to a B structure then the old -data is freed and a new B structure is allocated -using B). - ECDSA_size() returns the maximum length of a DER encoded ECDSA signature created with the private EC key B. @@ -108,13 +81,15 @@ ECDSA_sign_setup() may be used to precompute parts of the signing operation. B is the private EC key and B is a pointer to B structure (or NULL). The precomputed values or returned in B and B and can be used in a -later call to B or B when placed in -Bkinv> and Br>. +later call to B or B. -ECDSA_sign() computes a digital signature of the B bytes -hash value B using the private EC key B and places -the DER encoding of the created signature in B. The length -of the created signature is returned in B. Note: B +ECDSA_sign() is wrapper function for ECDSA_sign_ex with B +and B set to NULL. + +ECDSA_sign_ex() computes a digital signature of the B bytes +hash value B using the private EC key B and the optional +pre-computed values B and B. The DER encoded signatures is +stored in B and it's length is returned in B. Note: B must point to B bytes of memory. The parameter B is ignored. @@ -123,10 +98,13 @@ B is a valid ECDSA signature of the hash value value B of size B using the public key B. The parameter B is ignored. -ECDSA_do_sign() computes a digital signature of the B -bytes hash value B using the private key B and -returns the signature in a newly allocated B structure -(or NULL on error). +ECDSA_do_sign() is wrapper function for ECDSA_do_sign_ex with B +and B set to NULL. + +ECDSA_do_sign_ex() computes a digital signature of the B +bytes hash value B using the private key B and the +optional pre-computed values B and B. The signature is +returned in a newly allocated B structure (or NULL on error). ECDSA_do_verify() verifies that the signature B is a valid ECDSA signature of the hash value B of size B -- GitLab From 7f246621b5b8802a12e3bf06ae6c0473d74daefb Mon Sep 17 00:00:00 2001 From: Nils Larsch Date: Thu, 19 May 2005 22:10:40 +0000 Subject: [PATCH 125/929] fix potential memory leak Submitted by: Goetz Babin-Ebell --- crypto/pkcs7/pk7_smime.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/crypto/pkcs7/pk7_smime.c b/crypto/pkcs7/pk7_smime.c index d37be48239..b6146d75c4 100644 --- a/crypto/pkcs7/pk7_smime.c +++ b/crypto/pkcs7/pk7_smime.c @@ -88,6 +88,7 @@ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, if (!(si = PKCS7_add_signature(p7,signcert,pkey,EVP_sha1()))) { PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR); + PKCS7_free(p7); return NULL; } @@ -105,6 +106,7 @@ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, { if(!(smcap = sk_X509_ALGOR_new_null())) { PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE); + PKCS7_free(p7); return NULL; } #ifndef OPENSSL_NO_DES @@ -130,6 +132,7 @@ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, if (!(p7bio = PKCS7_dataInit(p7, NULL))) { PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE); + PKCS7_free(p7); return NULL; } @@ -139,10 +142,12 @@ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, if (!PKCS7_dataFinal(p7,p7bio)) { PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_DATASIGN); + PKCS7_free(p7); + BIO_free_all(p7bio); return NULL; } - BIO_free_all(p7bio); + BIO_free_all(p7bio); return p7; } -- GitLab From f32e0035a30e1056ea99bdb2c5ad3730450cf86d Mon Sep 17 00:00:00 2001 From: Nils Larsch Date: Thu, 19 May 2005 22:11:22 +0000 Subject: [PATCH 126/929] fix potential memory leak Submitted by: Goetz Babin-Ebell --- crypto/pkcs7/pk7_smime.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/crypto/pkcs7/pk7_smime.c b/crypto/pkcs7/pk7_smime.c index d37be48239..b6146d75c4 100644 --- a/crypto/pkcs7/pk7_smime.c +++ b/crypto/pkcs7/pk7_smime.c @@ -88,6 +88,7 @@ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, if (!(si = PKCS7_add_signature(p7,signcert,pkey,EVP_sha1()))) { PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR); + PKCS7_free(p7); return NULL; } @@ -105,6 +106,7 @@ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, { if(!(smcap = sk_X509_ALGOR_new_null())) { PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE); + PKCS7_free(p7); return NULL; } #ifndef OPENSSL_NO_DES @@ -130,6 +132,7 @@ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, if (!(p7bio = PKCS7_dataInit(p7, NULL))) { PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE); + PKCS7_free(p7); return NULL; } @@ -139,10 +142,12 @@ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, if (!PKCS7_dataFinal(p7,p7bio)) { PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_DATASIGN); + PKCS7_free(p7); + BIO_free_all(p7bio); return NULL; } - BIO_free_all(p7bio); + BIO_free_all(p7bio); return p7; } -- GitLab From bbbd67108f6cb6224b0725095a69bfc391011411 Mon Sep 17 00:00:00 2001 From: Nils Larsch Date: Fri, 20 May 2005 22:55:10 +0000 Subject: [PATCH 127/929] fix typo, add prototype --- crypto/ec/ec_lib.c | 2 +- crypto/ecdh/ech_lib.c | 3 ++- crypto/ecdsa/ecs_lib.c | 3 ++- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c index 6d3a562690..3c6967ae15 100644 --- a/crypto/ec/ec_lib.c +++ b/crypto/ec/ec_lib.c @@ -622,7 +622,7 @@ void EC_EX_DATA_free_data(EC_EXTRA_DATA **ex_data, } /* this has 'package' visibility */ -void EC_EX_DATA_clear_free_extra_data(EC_EXTRA_DATA **ex_data, +void EC_EX_DATA_clear_free_data(EC_EXTRA_DATA **ex_data, void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)) { EC_EXTRA_DATA **p; diff --git a/crypto/ecdh/ech_lib.c b/crypto/ecdh/ech_lib.c index 85fbfc5cac..01e75e2a5c 100644 --- a/crypto/ecdh/ech_lib.c +++ b/crypto/ecdh/ech_lib.c @@ -78,6 +78,7 @@ const char *ECDH_version="ECDH" OPENSSL_VERSION_PTEXT; static const ECDH_METHOD *default_ECDH_method = NULL; +static void *ecdh_data_new(void); static void *ecdh_data_dup(void *); static void ecdh_data_free(void *); @@ -167,7 +168,7 @@ static ECDH_DATA *ECDH_DATA_new_method(ENGINE *engine) return(ret); } -void *ecdh_data_new(void) +static void *ecdh_data_new(void) { return (void *)ECDH_DATA_new_method(NULL); } diff --git a/crypto/ecdsa/ecs_lib.c b/crypto/ecdsa/ecs_lib.c index 8a6d4ad45d..ab96a6dc9c 100644 --- a/crypto/ecdsa/ecs_lib.c +++ b/crypto/ecdsa/ecs_lib.c @@ -65,6 +65,7 @@ const char *ECDSA_version="ECDSA" OPENSSL_VERSION_PTEXT; static const ECDSA_METHOD *default_ECDSA_method = NULL; +static void *ecdsa_data_new(void); static void *ecdsa_data_dup(void *); static void ecdsa_data_free(void *); @@ -147,7 +148,7 @@ static ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *engine) return(ret); } -void *ecdsa_data_new(void) +static void *ecdsa_data_new(void) { return (void *)ECDSA_DATA_new_method(NULL); } -- GitLab From aff2922f9a6fa1175e2ba340d1f470bb2443a85b Mon Sep 17 00:00:00 2001 From: Nils Larsch Date: Fri, 20 May 2005 23:01:31 +0000 Subject: [PATCH 128/929] fix typo, add prototype --- crypto/ec/ec_lib.c | 2 +- crypto/ecdh/ech_lib.c | 3 ++- crypto/ecdsa/ecs_lib.c | 3 ++- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c index 6d3a562690..3c6967ae15 100644 --- a/crypto/ec/ec_lib.c +++ b/crypto/ec/ec_lib.c @@ -622,7 +622,7 @@ void EC_EX_DATA_free_data(EC_EXTRA_DATA **ex_data, } /* this has 'package' visibility */ -void EC_EX_DATA_clear_free_extra_data(EC_EXTRA_DATA **ex_data, +void EC_EX_DATA_clear_free_data(EC_EXTRA_DATA **ex_data, void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)) { EC_EXTRA_DATA **p; diff --git a/crypto/ecdh/ech_lib.c b/crypto/ecdh/ech_lib.c index 85fbfc5cac..01e75e2a5c 100644 --- a/crypto/ecdh/ech_lib.c +++ b/crypto/ecdh/ech_lib.c @@ -78,6 +78,7 @@ const char *ECDH_version="ECDH" OPENSSL_VERSION_PTEXT; static const ECDH_METHOD *default_ECDH_method = NULL; +static void *ecdh_data_new(void); static void *ecdh_data_dup(void *); static void ecdh_data_free(void *); @@ -167,7 +168,7 @@ static ECDH_DATA *ECDH_DATA_new_method(ENGINE *engine) return(ret); } -void *ecdh_data_new(void) +static void *ecdh_data_new(void) { return (void *)ECDH_DATA_new_method(NULL); } diff --git a/crypto/ecdsa/ecs_lib.c b/crypto/ecdsa/ecs_lib.c index 8a6d4ad45d..ab96a6dc9c 100644 --- a/crypto/ecdsa/ecs_lib.c +++ b/crypto/ecdsa/ecs_lib.c @@ -65,6 +65,7 @@ const char *ECDSA_version="ECDSA" OPENSSL_VERSION_PTEXT; static const ECDSA_METHOD *default_ECDSA_method = NULL; +static void *ecdsa_data_new(void); static void *ecdsa_data_dup(void *); static void ecdsa_data_free(void *); @@ -147,7 +148,7 @@ static ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *engine) return(ret); } -void *ecdsa_data_new(void) +static void *ecdsa_data_new(void) { return (void *)ECDSA_DATA_new_method(NULL); } -- GitLab From e476f9421288aedee52a65ec813c7683ff0ccf5f Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Sat, 21 May 2005 13:19:27 +0000 Subject: [PATCH 129/929] Move _WIN32_WINNT definition from command line to e_os.h. The change is inspired by VC6 failure report. In addition abstain from taking screen snapshots when running in NT service context. --- crypto/cryptlib.c | 5 +++-- crypto/cryptlib.h | 1 + crypto/rand/rand_win.c | 3 ++- e_os.h | 17 +++++++++++++++++ util/pl/VC-32.pl | 2 +- 5 files changed, 24 insertions(+), 4 deletions(-) diff --git a/crypto/cryptlib.c b/crypto/cryptlib.c index 6f8b0ff4e5..e73d086eed 100644 --- a/crypto/cryptlib.c +++ b/crypto/cryptlib.c @@ -624,7 +624,7 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, #include #if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333 -static int IsService(void) +int OPENSSL_isservice(void) { HWINSTA h; DWORD len; WCHAR *name; @@ -722,7 +722,7 @@ void OPENSSL_showfatal (const char *fmta,...) #if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333 /* this -------------v--- guards NT-specific calls */ - if (GetVersion() < 0x80000000 && IsService()) + if (GetVersion() < 0x80000000 && OPENSSL_isservice()) { HANDLE h = RegisterEventSource(0,_T("OPENSSL")); const TCHAR *pmsg=buf; ReportEvent(h,EVENTLOG_ERROR_TYPE,0,0,0,1,0,&pmsg,0); @@ -754,6 +754,7 @@ void OPENSSL_showfatal (const char *fmta,...) vfprintf (stderr,fmta,ap); va_end (ap); } +int OPENSSL_isservice (void) { return 0; } #endif void OpenSSLDie(const char *file,int line,const char *assertion) diff --git a/crypto/cryptlib.h b/crypto/cryptlib.h index fc249c57f3..5ceaa964b5 100644 --- a/crypto/cryptlib.h +++ b/crypto/cryptlib.h @@ -103,6 +103,7 @@ extern unsigned long OPENSSL_ia32cap_P; void OPENSSL_showfatal(const char *,...); void *OPENSSL_stderr(void); extern int OPENSSL_NONPIC_relocated; +int OPENSSL_isservice(void); #ifdef __cplusplus } diff --git a/crypto/rand/rand_win.c b/crypto/rand/rand_win.c index 39523d3005..47bf758282 100644 --- a/crypto/rand/rand_win.c +++ b/crypto/rand/rand_win.c @@ -632,7 +632,8 @@ int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam) void RAND_screen(void) /* function available for backward compatibility */ { RAND_poll(); - readscreen(); + if (GetVersion() >= 0x80000000 || !OPENSSL_isservice()) + readscreen(); } diff --git a/e_os.h b/e_os.h index 3ff9f3cd1c..cf76632b1e 100644 --- a/e_os.h +++ b/e_os.h @@ -235,6 +235,23 @@ extern "C" { # define NO_DIRENT # ifdef WINDOWS +# ifndef _WIN32_WINNT + /* + * Defining _WIN32_WINNT here in e_os.h implies certain "discipline." + * Most notably we ought to check for availability of each specific + * routine with GetProcAddress() and/or quard NT-specific calls with + * GetVersion() < 0x80000000. One can argue that in latter "or" case + * we ought to /DELAYLOAD some .DLLs in order to protect ourselves + * against run-time link errors. This doesn't seem to be necessary, + * because it turned out that already Windows 95, first non-NT Win32 + * implementation, is equipped with at least NT 3.51 stubs, dummy + * routines with same name, but which do nothing. Meaning that it's + * apparently appropriate to guard generic NT calls with GetVersion + * alone, while NT 4.0 and above calls ought to be additionally + * checked upon with GetProcAddress. + */ +# define _WIN32_WINNT 0x0400 +# endif # include # include # include diff --git a/util/pl/VC-32.pl b/util/pl/VC-32.pl index 5888dcbfef..710c4cd129 100644 --- a/util/pl/VC-32.pl +++ b/util/pl/VC-32.pl @@ -11,7 +11,7 @@ $rm='del'; # C compiler stuff $cc='cl'; -$cflags=' /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -D_WIN32_WINNT=0x0333 -DL_ENDIAN -DDSO_WIN32'; +$cflags=' /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32'; $lflags="/nologo /subsystem:console /machine:I386 /opt:ref"; $mlflags=''; -- GitLab From 886ed3544b8d40512968e4683c9202e2c875e3cb Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Sat, 21 May 2005 13:19:46 +0000 Subject: [PATCH 130/929] Move _WIN32_WINNT definition from command line to e_os.h [from HEAD]. --- crypto/cryptlib.c | 5 +++-- crypto/cryptlib.h | 1 + crypto/rand/rand_win.c | 3 ++- e_os.h | 17 +++++++++++++++++ util/pl/VC-32.pl | 2 +- 5 files changed, 24 insertions(+), 4 deletions(-) diff --git a/crypto/cryptlib.c b/crypto/cryptlib.c index 6f8b0ff4e5..e73d086eed 100644 --- a/crypto/cryptlib.c +++ b/crypto/cryptlib.c @@ -624,7 +624,7 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, #include #if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333 -static int IsService(void) +int OPENSSL_isservice(void) { HWINSTA h; DWORD len; WCHAR *name; @@ -722,7 +722,7 @@ void OPENSSL_showfatal (const char *fmta,...) #if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333 /* this -------------v--- guards NT-specific calls */ - if (GetVersion() < 0x80000000 && IsService()) + if (GetVersion() < 0x80000000 && OPENSSL_isservice()) { HANDLE h = RegisterEventSource(0,_T("OPENSSL")); const TCHAR *pmsg=buf; ReportEvent(h,EVENTLOG_ERROR_TYPE,0,0,0,1,0,&pmsg,0); @@ -754,6 +754,7 @@ void OPENSSL_showfatal (const char *fmta,...) vfprintf (stderr,fmta,ap); va_end (ap); } +int OPENSSL_isservice (void) { return 0; } #endif void OpenSSLDie(const char *file,int line,const char *assertion) diff --git a/crypto/cryptlib.h b/crypto/cryptlib.h index fc249c57f3..5ceaa964b5 100644 --- a/crypto/cryptlib.h +++ b/crypto/cryptlib.h @@ -103,6 +103,7 @@ extern unsigned long OPENSSL_ia32cap_P; void OPENSSL_showfatal(const char *,...); void *OPENSSL_stderr(void); extern int OPENSSL_NONPIC_relocated; +int OPENSSL_isservice(void); #ifdef __cplusplus } diff --git a/crypto/rand/rand_win.c b/crypto/rand/rand_win.c index 39523d3005..47bf758282 100644 --- a/crypto/rand/rand_win.c +++ b/crypto/rand/rand_win.c @@ -632,7 +632,8 @@ int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam) void RAND_screen(void) /* function available for backward compatibility */ { RAND_poll(); - readscreen(); + if (GetVersion() >= 0x80000000 || !OPENSSL_isservice()) + readscreen(); } diff --git a/e_os.h b/e_os.h index 3ff9f3cd1c..cf76632b1e 100644 --- a/e_os.h +++ b/e_os.h @@ -235,6 +235,23 @@ extern "C" { # define NO_DIRENT # ifdef WINDOWS +# ifndef _WIN32_WINNT + /* + * Defining _WIN32_WINNT here in e_os.h implies certain "discipline." + * Most notably we ought to check for availability of each specific + * routine with GetProcAddress() and/or quard NT-specific calls with + * GetVersion() < 0x80000000. One can argue that in latter "or" case + * we ought to /DELAYLOAD some .DLLs in order to protect ourselves + * against run-time link errors. This doesn't seem to be necessary, + * because it turned out that already Windows 95, first non-NT Win32 + * implementation, is equipped with at least NT 3.51 stubs, dummy + * routines with same name, but which do nothing. Meaning that it's + * apparently appropriate to guard generic NT calls with GetVersion + * alone, while NT 4.0 and above calls ought to be additionally + * checked upon with GetProcAddress. + */ +# define _WIN32_WINNT 0x0400 +# endif # include # include # include diff --git a/util/pl/VC-32.pl b/util/pl/VC-32.pl index 5888dcbfef..710c4cd129 100644 --- a/util/pl/VC-32.pl +++ b/util/pl/VC-32.pl @@ -11,7 +11,7 @@ $rm='del'; # C compiler stuff $cc='cl'; -$cflags=' /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -D_WIN32_WINNT=0x0333 -DL_ENDIAN -DDSO_WIN32'; +$cflags=' /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32'; $lflags="/nologo /subsystem:console /machine:I386 /opt:ref"; $mlflags=''; -- GitLab From fe977f75129f4e1b4ad08fab837fa2d90893ed07 Mon Sep 17 00:00:00 2001 From: Ben Laurie Date: Sat, 21 May 2005 16:13:36 +0000 Subject: [PATCH 131/929] Propagate BUILDENV into subdirectories. --- crypto/Makefile | 26 +++++++++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) diff --git a/crypto/Makefile b/crypto/Makefile index c6c76c26ac..1322b72a39 100644 --- a/crypto/Makefile +++ b/crypto/Makefile @@ -52,6 +52,30 @@ top: all: shared +BUILDENV= PLATFORM='${PLATFORM}' PROCESSOR='${PROCESSOR}' \ + CC='${CC}' CFLAG='${CFLAG}' \ + AS='${CC}' ASFLAG='${CFLAG} -c' \ + AR='${AR}' PERL='${PERL}' RANLIB='${RANLIB}' \ + SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/lib' \ + INSTALLTOP='${INSTALLTOP}' OPENSSLDIR='${OPENSSLDIR}' \ + MAKEDEPEND='$$(TOP)/util/domd $$(TOP) -MD $(MAKEDEPPROG)'\ + DEPFLAG='-DOPENSSL_NO_DEPRECATED ${DEPFLAG}' \ + MAKEDEPPROG='${MAKEDEPPROG}' \ + LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \ + KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' \ + EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' \ + SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' \ + PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' \ + CPUID_OBJ='${CPUID_OBJ}' \ + BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' \ + AES_ASM_OBJ='${AES_ASM_OBJ}' \ + BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' \ + RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' \ + SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' \ + MD5_ASM_OBJ='${MD5_ASM_OBJ}' \ + RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' \ + THIS=$${THIS:-$@} + buildinf.h: ../Makefile ( echo "#ifndef MK1MF_BUILD"; \ echo ' /* auto-generated by crypto/Makefile for crypto/cversion.c */'; \ @@ -88,7 +112,7 @@ subdirs: @for i in $(SDIRS) ;\ do \ (cd $$i && echo "making all in crypto/$$i..." && \ - $(MAKE) INCLUDES='${INCLUDES}' all ) || exit 1; \ + $(MAKE) $(BUILDENV) INCLUDES='${INCLUDES}' all ) || exit 1; \ done; files: -- GitLab From 15da07d4363214ba54c8ed777e7116ba5d0d268f Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sat, 21 May 2005 16:37:41 +0000 Subject: [PATCH 132/929] Patches for Cygwin, provided by Corinna Vinschen --- Makefile.org | 10 +++++----- Makefile.shared | 11 ++++++----- engines/Makefile | 9 +++++++-- util/cygwin.sh | 18 +++++++++++++++--- 4 files changed, 33 insertions(+), 15 deletions(-) diff --git a/Makefile.org b/Makefile.org index 7fa4b52a96..89e074f5c9 100644 --- a/Makefile.org +++ b/Makefile.org @@ -276,7 +276,7 @@ Makefile: Makefile.org Configure config @false libclean: - rm -f *.map *.so *.so.* engines/*.so *.a */lib */*/lib + rm -f *.map *.so *.so.* *.dll engines/*.so engines/*.dll *.a engines/*.a */lib */*/lib clean: libclean rm -f shlib/*.o *.o core a.out fluff rehash.time testlog make.log cctest cctest.c @@ -476,13 +476,13 @@ install_sw: chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \ else \ - c=`echo $$i | sed 's/^lib/cyg/'`; \ + c=`echo $$i | sed 's/^lib\(.*\)\.dll\.a/cyg\1-$(SHLIB_VERSION_NUMBER).dll/'`; \ cp $$c $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \ chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c; \ - cp $$i.a $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a.new; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a.new; \ - mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a; \ + cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ + chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ + mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \ fi ); \ fi; \ done; \ diff --git a/Makefile.shared b/Makefile.shared index 827b01d8eb..6d68761937 100644 --- a/Makefile.shared +++ b/Makefile.shared @@ -231,7 +231,8 @@ link_o.cygwin: SHLIB=cyg$(LIBNAME); \ expr $(PLATFORM) : 'mingw' > /dev/null && SHLIB=$(LIBNAME)eay32; \ SHLIB_SUFFIX=.dll; \ - SHLIB_SOVER=-$(LIBVERSION); \ + LIBVERSION="$(LIBVERSION)"; \ + SHLIB_SOVER=${LIBVERSION:+"-$(LIBVERSION)"}; \ ALLSYMSFLAGS='-Wl,--whole-archive'; \ NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,--out-implib,lib$(LIBNAME).dll.a"; \ @@ -242,16 +243,16 @@ link_a.cygwin: SHLIB=cyg$(LIBNAME); \ expr $(PLATFORM) : 'mingw' > /dev/null && SHLIB=$(LIBNAME)eay32; \ SHLIB_SUFFIX=.dll; \ - SHLIB_SOVER=; \ + SHLIB_SOVER=-$(LIBVERSION); \ ALLSYMSFLAGS='-Wl,--whole-archive'; \ NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \ - base=; [ $(LIBNAME) = "crypto" ] && base=-Wl,--image-base,0x61200000; \ + base=; [ $(LIBNAME) = "crypto" ] && base=-Wl,--image-base,0x63000000; \ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared $$base -Wl,-Bsymbolic -Wl,--out-implib,lib$(LIBNAME).dll.a"; \ [ -f apps/$$SHLIB$$SHLIB_SUFFIX ] && rm apps/$$SHLIB$$SHLIB_SUFFIX; \ [ -f test/$$SHLIB$$SHLIB_SUFFIX ] && rm test/$$SHLIB$$SHLIB_SUFFIX; \ $(LINK_SO_A) || exit 1; \ - cp -p $$SHLIB$$SHLIB_SUFFIX apps/; \ - cp -p $$SHLIB$$SHLIB_SUFFIX test/ + cp -p $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX apps/; \ + cp -p $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX test/ link_app.cygwin: $(LINK_APP) diff --git a/engines/Makefile b/engines/Makefile index 483ed7237d..9ac5471ac6 100644 --- a/engines/Makefile +++ b/engines/Makefile @@ -82,14 +82,19 @@ files: links: # XXXXX This currently only works on systems that use .so as suffix -# for shared libraries. +# for shared libraries as well as for Cygwin which uses the +# dlfcn_name_converter and therefore stores the engines with .so suffix, too. install: @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @if [ -n "$(SHARED_LIBS)" ]; then \ set -e; \ for l in $(LIBNAMES); do \ ( echo installing $$l; \ - cp lib$$l.so $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.so.new; \ + if [ "$(PLATFORM)" != "Cygwin" ]; then \ + cp lib$$l.so $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.so.new; \ + else \ + cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.so.new; \ + fi; \ chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.so.new; \ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.so.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.so ); \ done; \ diff --git a/util/cygwin.sh b/util/cygwin.sh index 7f791d47f4..fabbf84225 100755 --- a/util/cygwin.sh +++ b/util/cygwin.sh @@ -47,6 +47,14 @@ function doc_install() create_cygwin_readme } +function certs_install() +{ + CERTS_DIR=${INSTALL_PREFIX}/usr/ssl/certs + + mkdir -p ${CERTS_DIR} + cp -rp certs/* ${CERTS_DIR} +} + function create_cygwin_readme() { README_DIR=${INSTALL_PREFIX}/usr/share/doc/Cygwin @@ -104,6 +112,8 @@ base_install doc_install +certs_install + create_cygwin_readme create_profile_files @@ -112,11 +122,13 @@ cd ${INSTALL_PREFIX} strip usr/bin/*.exe usr/bin/*.dll # Runtime package -find etc usr/bin usr/share/doc usr/ssl/certs usr/ssl/man/man[157] \ - usr/ssl/misc usr/ssl/openssl.cnf usr/ssl/private -empty -o \! -type d | +find etc usr/bin usr/lib/engines usr/share/doc usr/ssl/certs \ + usr/ssl/man/man[157] usr/ssl/misc usr/ssl/openssl.cnf usr/ssl/private \ + -empty -o \! -type d | tar cjfT openssl-${VERSION}-${SUBVERSION}.tar.bz2 - # Development package -find usr/include usr/lib usr/ssl/man/man3 -empty -o \! -type d | +find usr/include usr/lib/*.a usr/lib/pkgconfig usr/ssl/man/man3 \ + -empty -o \! -type d | tar cjfT openssl-devel-${VERSION}-${SUBVERSION}.tar.bz2 - ls -l openssl-${VERSION}-${SUBVERSION}.tar.bz2 -- GitLab From 447aa49007388f08528e03db7583574b7896c8a9 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sat, 21 May 2005 16:41:34 +0000 Subject: [PATCH 133/929] Patches for Cygwin, provided by Corinna Vinschen --- Makefile.org | 10 +++++----- Makefile.shared | 11 ++++++----- engines/Makefile | 9 +++++++-- util/cygwin.sh | 18 +++++++++++++++--- 4 files changed, 33 insertions(+), 15 deletions(-) diff --git a/Makefile.org b/Makefile.org index 5deb19a016..a67c3c1eed 100644 --- a/Makefile.org +++ b/Makefile.org @@ -276,7 +276,7 @@ Makefile: Makefile.org Configure config @false libclean: - rm -f *.map *.so *.so.* engines/*.so *.a */lib */*/lib + rm -f *.map *.so *.so.* *.dll engines/*.so engines/*.dll *.a engines/*.a */lib */*/lib clean: libclean rm -f shlib/*.o *.o core a.out fluff rehash.time testlog make.log cctest cctest.c @@ -476,13 +476,13 @@ install_sw: chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \ else \ - c=`echo $$i | sed 's/^lib/cyg/'`; \ + c=`echo $$i | sed 's/^lib\(.*\)\.dll\.a/cyg\1-$(SHLIB_VERSION_NUMBER).dll/'`; \ cp $$c $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \ chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c; \ - cp $$i.a $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a.new; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a.new; \ - mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a; \ + cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ + chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ + mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \ fi ); \ fi; \ done; \ diff --git a/Makefile.shared b/Makefile.shared index 5afd419f9a..6f0f5ce4a6 100644 --- a/Makefile.shared +++ b/Makefile.shared @@ -229,7 +229,8 @@ link_o.cygwin: SHLIB=cyg$(LIBNAME); \ expr $(PLATFORM) : 'mingw' > /dev/null && SHLIB=$(LIBNAME)eay32; \ SHLIB_SUFFIX=.dll; \ - SHLIB_SOVER=-$(LIBVERSION); \ + LIBVERSION="$(LIBVERSION)"; \ + SHLIB_SOVER=${LIBVERSION:+"-$(LIBVERSION)"}; \ ALLSYMSFLAGS='-Wl,--whole-archive'; \ NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,--out-implib,lib$(LIBNAME).dll.a"; \ @@ -240,16 +241,16 @@ link_a.cygwin: SHLIB=cyg$(LIBNAME); \ expr $(PLATFORM) : 'mingw' > /dev/null && SHLIB=$(LIBNAME)eay32; \ SHLIB_SUFFIX=.dll; \ - SHLIB_SOVER=; \ + SHLIB_SOVER=-$(LIBVERSION); \ ALLSYMSFLAGS='-Wl,--whole-archive'; \ NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \ - base=; [ $(LIBNAME) = "crypto" ] && base=-Wl,--image-base,0x61200000; \ + base=; [ $(LIBNAME) = "crypto" ] && base=-Wl,--image-base,0x63000000; \ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared $$base -Wl,-Bsymbolic -Wl,--out-implib,lib$(LIBNAME).dll.a"; \ [ -f apps/$$SHLIB$$SHLIB_SUFFIX ] && rm apps/$$SHLIB$$SHLIB_SUFFIX; \ [ -f test/$$SHLIB$$SHLIB_SUFFIX ] && rm test/$$SHLIB$$SHLIB_SUFFIX; \ $(LINK_SO_A) || exit 1; \ - cp -p $$SHLIB$$SHLIB_SUFFIX apps/; \ - cp -p $$SHLIB$$SHLIB_SUFFIX test/ + cp -p $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX apps/; \ + cp -p $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX test/ link_app.cygwin: $(LINK_APP) diff --git a/engines/Makefile b/engines/Makefile index d415a1c85b..bf19edfe0b 100644 --- a/engines/Makefile +++ b/engines/Makefile @@ -82,14 +82,19 @@ files: links: # XXXXX This currently only works on systems that use .so as suffix -# for shared libraries. +# for shared libraries as well as for Cygwin which uses the +# dlfcn_name_converter and therefore stores the engines with .so suffix, too. install: @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @if [ -n "$(SHARED_LIBS)" ]; then \ set -e; \ for l in $(LIBNAMES); do \ ( echo installing $$l; \ - cp lib$$l.so $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.so.new; \ + if [ "$(PLATFORM)" != "Cygwin" ]; then \ + cp lib$$l.so $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.so.new; \ + else \ + cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.so.new; \ + fi; \ chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.so.new; \ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.so.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.so ); \ done; \ diff --git a/util/cygwin.sh b/util/cygwin.sh index 7f791d47f4..fabbf84225 100755 --- a/util/cygwin.sh +++ b/util/cygwin.sh @@ -47,6 +47,14 @@ function doc_install() create_cygwin_readme } +function certs_install() +{ + CERTS_DIR=${INSTALL_PREFIX}/usr/ssl/certs + + mkdir -p ${CERTS_DIR} + cp -rp certs/* ${CERTS_DIR} +} + function create_cygwin_readme() { README_DIR=${INSTALL_PREFIX}/usr/share/doc/Cygwin @@ -104,6 +112,8 @@ base_install doc_install +certs_install + create_cygwin_readme create_profile_files @@ -112,11 +122,13 @@ cd ${INSTALL_PREFIX} strip usr/bin/*.exe usr/bin/*.dll # Runtime package -find etc usr/bin usr/share/doc usr/ssl/certs usr/ssl/man/man[157] \ - usr/ssl/misc usr/ssl/openssl.cnf usr/ssl/private -empty -o \! -type d | +find etc usr/bin usr/lib/engines usr/share/doc usr/ssl/certs \ + usr/ssl/man/man[157] usr/ssl/misc usr/ssl/openssl.cnf usr/ssl/private \ + -empty -o \! -type d | tar cjfT openssl-${VERSION}-${SUBVERSION}.tar.bz2 - # Development package -find usr/include usr/lib usr/ssl/man/man3 -empty -o \! -type d | +find usr/include usr/lib/*.a usr/lib/pkgconfig usr/ssl/man/man3 \ + -empty -o \! -type d | tar cjfT openssl-devel-${VERSION}-${SUBVERSION}.tar.bz2 - ls -l openssl-${VERSION}-${SUBVERSION}.tar.bz2 -- GitLab From e4c9b85e65b6d5f0394ae122e0534de9a8becad5 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Sat, 21 May 2005 16:50:27 +0000 Subject: [PATCH 134/929] Default to no-sse2 on selected platforms. --- config | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/config b/config index 02d7de0266..7d330e4a54 100755 --- a/config +++ b/config @@ -647,11 +647,14 @@ case "$GUESSOS" in OUT="solaris64-x86_64-$CC" else OUT="solaris-x86-$CC" + if [ `uname -r | sed -e 's/5\.//'` -lt 10 ]; then + options="$options no-sse2" + fi fi ;; *-*-sunos4) OUT="sunos-$CC" ;; - *86*-*-bsdi4) OUT="bsdi-elf-gcc" ;; + *86*-*-bsdi4) OUT="bsdi-elf-gcc"; options="$options no-sse2" ;; alpha*-*-*bsd*) OUT="BSD-generic64; options="$options -DL_ENDIAN" ;; powerpc64-*-*bsd*) OUT="BSD-generic64; options="$options -DB_ENDIAN" ;; sparc64-*-*bsd*) OUT="BSD-sparc64" ;; @@ -659,7 +662,7 @@ case "$GUESSOS" in amd64-*-*bsd*) OUT="BSD-x86_64" ;; *86*-*-*bsd*) case "`(file -L /usr/lib/libc.so.*) 2>/dev/null`" in *ELF*) OUT="BSD-x86-elf" ;; - *) OUT="BSD-x86" ;; + *) OUT="BSD-x86"; options="$options no-sse2" ;; esac ;; *-*-*bsd*) OUT="BSD-generic32" ;; -- GitLab From af6cafc6032c126fd6555dceee2eeb572d57cede Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Sat, 21 May 2005 16:52:30 +0000 Subject: [PATCH 135/929] Default to no-sse2 on selected platforms. --- config | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/config b/config index 02d7de0266..7d330e4a54 100755 --- a/config +++ b/config @@ -647,11 +647,14 @@ case "$GUESSOS" in OUT="solaris64-x86_64-$CC" else OUT="solaris-x86-$CC" + if [ `uname -r | sed -e 's/5\.//'` -lt 10 ]; then + options="$options no-sse2" + fi fi ;; *-*-sunos4) OUT="sunos-$CC" ;; - *86*-*-bsdi4) OUT="bsdi-elf-gcc" ;; + *86*-*-bsdi4) OUT="bsdi-elf-gcc"; options="$options no-sse2" ;; alpha*-*-*bsd*) OUT="BSD-generic64; options="$options -DL_ENDIAN" ;; powerpc64-*-*bsd*) OUT="BSD-generic64; options="$options -DB_ENDIAN" ;; sparc64-*-*bsd*) OUT="BSD-sparc64" ;; @@ -659,7 +662,7 @@ case "$GUESSOS" in amd64-*-*bsd*) OUT="BSD-x86_64" ;; *86*-*-*bsd*) case "`(file -L /usr/lib/libc.so.*) 2>/dev/null`" in *ELF*) OUT="BSD-x86-elf" ;; - *) OUT="BSD-x86" ;; + *) OUT="BSD-x86"; options="$options no-sse2" ;; esac ;; *-*-*bsd*) OUT="BSD-generic32" ;; -- GitLab From fe8bf9560dbe5998e8857869508d2fe4b4f5dbf6 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sat, 21 May 2005 17:39:43 +0000 Subject: [PATCH 136/929] When _XOPEN_SOURCE is defined, make sure it's defined to 500. Required in http://www.opengroup.org/onlinepubs/007908799/xsh/compilation.html. Notified by David Wolfe --- crypto/rand/randfile.c | 2 +- ssl/kssl.c | 2 +- ssl/ssltest.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c index dda020fb10..d69bdf8b8a 100644 --- a/crypto/rand/randfile.c +++ b/crypto/rand/randfile.c @@ -57,7 +57,7 @@ */ /* We need to define this to get macros like S_IFBLK and S_IFCHR */ -#define _XOPEN_SOURCE 1 +#define _XOPEN_SOURCE 500 #include #include diff --git a/ssl/kssl.c b/ssl/kssl.c index 49602bb878..b8192cdfc7 100644 --- a/ssl/kssl.c +++ b/ssl/kssl.c @@ -68,7 +68,7 @@ #include -#define _XOPEN_SOURCE /* glibc2 needs this to declare strptime() */ +#define _XOPEN_SOURCE 500 /* glibc2 needs this to declare strptime() */ #include #undef _XOPEN_SOURCE /* To avoid clashes with anything else... */ #include diff --git a/ssl/ssltest.c b/ssl/ssltest.c index f8e86c3ceb..e47af50a4b 100644 --- a/ssl/ssltest.c +++ b/ssl/ssltest.c @@ -128,7 +128,7 @@ #define USE_SOCKETS #include "e_os.h" -#define _XOPEN_SOURCE 1 /* Or isascii won't be declared properly on +#define _XOPEN_SOURCE 500 /* Or isascii won't be declared properly on VMS (at least with DECompHP C). */ #include -- GitLab From b9927cfa2dc51a561162ee091dbde47ef2062c72 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sat, 21 May 2005 17:39:53 +0000 Subject: [PATCH 137/929] When _XOPEN_SOURCE is defined, make sure it's defined to 500. Required in http://www.opengroup.org/onlinepubs/007908799/xsh/compilation.html. Notified by David Wolfe --- crypto/rand/randfile.c | 2 +- ssl/kssl.c | 2 +- ssl/ssltest.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c index dda020fb10..d69bdf8b8a 100644 --- a/crypto/rand/randfile.c +++ b/crypto/rand/randfile.c @@ -57,7 +57,7 @@ */ /* We need to define this to get macros like S_IFBLK and S_IFCHR */ -#define _XOPEN_SOURCE 1 +#define _XOPEN_SOURCE 500 #include #include diff --git a/ssl/kssl.c b/ssl/kssl.c index 49602bb878..b8192cdfc7 100644 --- a/ssl/kssl.c +++ b/ssl/kssl.c @@ -68,7 +68,7 @@ #include -#define _XOPEN_SOURCE /* glibc2 needs this to declare strptime() */ +#define _XOPEN_SOURCE 500 /* glibc2 needs this to declare strptime() */ #include #undef _XOPEN_SOURCE /* To avoid clashes with anything else... */ #include diff --git a/ssl/ssltest.c b/ssl/ssltest.c index f8e86c3ceb..e47af50a4b 100644 --- a/ssl/ssltest.c +++ b/ssl/ssltest.c @@ -128,7 +128,7 @@ #define USE_SOCKETS #include "e_os.h" -#define _XOPEN_SOURCE 1 /* Or isascii won't be declared properly on +#define _XOPEN_SOURCE 500 /* Or isascii won't be declared properly on VMS (at least with DECompHP C). */ #include -- GitLab From 82d3dda8a1c598f326779b27ea22cf073ee23aed Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Sat, 21 May 2005 17:49:10 +0000 Subject: [PATCH 138/929] Still SEGV trouble in .init segment under Solaris x86... --- crypto/perlasm/x86unix.pl | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/crypto/perlasm/x86unix.pl b/crypto/perlasm/x86unix.pl index 305a55bf62..18d4fbff45 100644 --- a/crypto/perlasm/x86unix.pl +++ b/crypto/perlasm/x86unix.pl @@ -537,7 +537,8 @@ sub main'file_end if ($main'elf && grep {/%[x]*mm[0-7]/i} @out) { local($tmp); - push (@out,"\n.comm\t${under}OPENSSL_ia32cap_P,4,4\n"); + push (@out,"\n.section\t.bss\n"); + push (@out,".comm\t${under}OPENSSL_ia32cap_P,4,4\n"); push (@out,".section\t.init\n"); # One can argue that it's wasteful to craft every @@ -572,6 +573,8 @@ sub main'file_end movl %edx,0(%edi) popl %ebx popl %edi + jmp 1f + .align $align 1: ___ push (@out,$tmp); @@ -716,6 +719,9 @@ sub main'initseg $tmp=<<___; .section .init call $under$f + jmp 1f +.align $align +1: ___ } elsif ($main'coff) -- GitLab From 225f4daf15427481d5a33fb330a46fd69e71bcf7 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Sat, 21 May 2005 17:51:12 +0000 Subject: [PATCH 139/929] Still SEGV trouble in .init segment under Solaris x86... --- crypto/perlasm/x86unix.pl | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/crypto/perlasm/x86unix.pl b/crypto/perlasm/x86unix.pl index 305a55bf62..18d4fbff45 100644 --- a/crypto/perlasm/x86unix.pl +++ b/crypto/perlasm/x86unix.pl @@ -537,7 +537,8 @@ sub main'file_end if ($main'elf && grep {/%[x]*mm[0-7]/i} @out) { local($tmp); - push (@out,"\n.comm\t${under}OPENSSL_ia32cap_P,4,4\n"); + push (@out,"\n.section\t.bss\n"); + push (@out,".comm\t${under}OPENSSL_ia32cap_P,4,4\n"); push (@out,".section\t.init\n"); # One can argue that it's wasteful to craft every @@ -572,6 +573,8 @@ sub main'file_end movl %edx,0(%edi) popl %ebx popl %edi + jmp 1f + .align $align 1: ___ push (@out,$tmp); @@ -716,6 +719,9 @@ sub main'initseg $tmp=<<___; .section .init call $under$f + jmp 1f +.align $align +1: ___ } elsif ($main'coff) -- GitLab From 31e4ad25baea6ba8efe3cf75e89d703b3f171255 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Sun, 22 May 2005 08:52:12 +0000 Subject: [PATCH 140/929] OPENSSL_NO_SHA512 to mask even SHA512_CTX declaration. This is done to make no-sha512 more effective on platforms, which don't support 64-bit integer type of *any* kind. --- apps/speed.c | 16 ++++++++++++++-- crypto/sha/sha.h | 2 +- crypto/sha/sha512t.c | 9 +++++++++ 3 files changed, 24 insertions(+), 3 deletions(-) diff --git a/apps/speed.c b/apps/speed.c index 50a110df04..4bec815257 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -496,9 +496,13 @@ int MAIN(int argc, char **argv) #endif #ifndef OPENSSL_NO_SHA unsigned char sha[SHA_DIGEST_LENGTH]; +#ifndef OPENSSL_NO_SHA256 unsigned char sha256[SHA256_DIGEST_LENGTH]; +#endif +#ifndef OPENSSL_NO_SHA512 unsigned char sha512[SHA512_DIGEST_LENGTH]; #endif +#endif #ifndef OPENSSL_NO_RIPEMD unsigned char rmd160[RIPEMD160_DIGEST_LENGTH]; #endif @@ -878,11 +882,15 @@ int MAIN(int argc, char **argv) doit[D_SHA256]=1, doit[D_SHA512]=1; else +#ifndef OPENSSL_NO_SHA256 if (strcmp(*argv,"sha256") == 0) doit[D_SHA256]=1; else +#endif +#ifndef OPENSSL_NO_SHA512 if (strcmp(*argv,"sha512") == 0) doit[D_SHA512]=1; else #endif +#endif #ifndef OPENSSL_NO_RIPEMD if (strcmp(*argv,"ripemd") == 0) doit[D_RMD160]=1; else @@ -1064,8 +1072,12 @@ int MAIN(int argc, char **argv) #endif #ifndef OPENSSL_NO_SHA1 BIO_printf(bio_err,"sha1 "); - BIO_printf(bio_err,"sha256 "); - BIO_printf(bio_err,"sha512 "); +#endif +#ifndef OPENSSL_NO_SHA256 + BIO_printf(bio_err,"sha256 "); +#endif +#ifndef OPENSSL_NO_SHA512 + BIO_printf(bio_err,"sha512 "); #endif #ifndef OPENSSL_NO_RIPEMD160 BIO_printf(bio_err,"rmd160"); diff --git a/crypto/sha/sha.h b/crypto/sha/sha.h index a900ad3e95..867c661522 100644 --- a/crypto/sha/sha.h +++ b/crypto/sha/sha.h @@ -148,6 +148,7 @@ void SHA256_Transform(SHA256_CTX *c, const unsigned char *data); #define SHA384_DIGEST_LENGTH 48 #define SHA512_DIGEST_LENGTH 64 +#ifndef OPENSSL_NO_SHA512 /* * Unlike 32-bit digest algorithms, SHA-512 *relies* on SHA_LONG64 * being exactly 64-bit wide. See Implementation Notes in sha512.c @@ -178,7 +179,6 @@ typedef struct SHA512state_st unsigned int num,md_len; } SHA512_CTX; -#ifndef OPENSSL_NO_SHA512 int SHA384_Init(SHA512_CTX *c); int SHA384_Update(SHA512_CTX *c, const void *data, size_t len); int SHA384_Final(unsigned char *md, SHA512_CTX *c); diff --git a/crypto/sha/sha512t.c b/crypto/sha/sha512t.c index 7385469bee..4b7b3ceaa3 100644 --- a/crypto/sha/sha512t.c +++ b/crypto/sha/sha512t.c @@ -11,6 +11,14 @@ #include #include +#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA512) +int main(int argc, char *argv[]) +{ + printf("No SHA512 support\n"); + return(0); +} +#else + unsigned char app_c1[SHA512_DIGEST_LENGTH] = { 0xdd,0xaf,0x35,0xa1,0x93,0x61,0x7a,0xba, 0xcc,0x41,0x73,0x49,0xae,0x20,0x41,0x31, @@ -173,3 +181,4 @@ int main () return 0; } +#endif -- GitLab From 4b235065943259fb6f110e2b07624fa7c5ae5bd0 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Sun, 22 May 2005 08:55:15 +0000 Subject: [PATCH 141/929] OPENSSL_NO_SHA512 to mask even SHA512_CTX declaration. This is done to make no-sha512 more effective on platforms, which don't support 64-bit integer type of *any* kind. --- apps/speed.c | 16 ++++++++++++++-- crypto/sha/sha.h | 2 +- crypto/sha/sha512t.c | 9 +++++++++ 3 files changed, 24 insertions(+), 3 deletions(-) diff --git a/apps/speed.c b/apps/speed.c index 50a110df04..4bec815257 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -496,9 +496,13 @@ int MAIN(int argc, char **argv) #endif #ifndef OPENSSL_NO_SHA unsigned char sha[SHA_DIGEST_LENGTH]; +#ifndef OPENSSL_NO_SHA256 unsigned char sha256[SHA256_DIGEST_LENGTH]; +#endif +#ifndef OPENSSL_NO_SHA512 unsigned char sha512[SHA512_DIGEST_LENGTH]; #endif +#endif #ifndef OPENSSL_NO_RIPEMD unsigned char rmd160[RIPEMD160_DIGEST_LENGTH]; #endif @@ -878,11 +882,15 @@ int MAIN(int argc, char **argv) doit[D_SHA256]=1, doit[D_SHA512]=1; else +#ifndef OPENSSL_NO_SHA256 if (strcmp(*argv,"sha256") == 0) doit[D_SHA256]=1; else +#endif +#ifndef OPENSSL_NO_SHA512 if (strcmp(*argv,"sha512") == 0) doit[D_SHA512]=1; else #endif +#endif #ifndef OPENSSL_NO_RIPEMD if (strcmp(*argv,"ripemd") == 0) doit[D_RMD160]=1; else @@ -1064,8 +1072,12 @@ int MAIN(int argc, char **argv) #endif #ifndef OPENSSL_NO_SHA1 BIO_printf(bio_err,"sha1 "); - BIO_printf(bio_err,"sha256 "); - BIO_printf(bio_err,"sha512 "); +#endif +#ifndef OPENSSL_NO_SHA256 + BIO_printf(bio_err,"sha256 "); +#endif +#ifndef OPENSSL_NO_SHA512 + BIO_printf(bio_err,"sha512 "); #endif #ifndef OPENSSL_NO_RIPEMD160 BIO_printf(bio_err,"rmd160"); diff --git a/crypto/sha/sha.h b/crypto/sha/sha.h index a900ad3e95..867c661522 100644 --- a/crypto/sha/sha.h +++ b/crypto/sha/sha.h @@ -148,6 +148,7 @@ void SHA256_Transform(SHA256_CTX *c, const unsigned char *data); #define SHA384_DIGEST_LENGTH 48 #define SHA512_DIGEST_LENGTH 64 +#ifndef OPENSSL_NO_SHA512 /* * Unlike 32-bit digest algorithms, SHA-512 *relies* on SHA_LONG64 * being exactly 64-bit wide. See Implementation Notes in sha512.c @@ -178,7 +179,6 @@ typedef struct SHA512state_st unsigned int num,md_len; } SHA512_CTX; -#ifndef OPENSSL_NO_SHA512 int SHA384_Init(SHA512_CTX *c); int SHA384_Update(SHA512_CTX *c, const void *data, size_t len); int SHA384_Final(unsigned char *md, SHA512_CTX *c); diff --git a/crypto/sha/sha512t.c b/crypto/sha/sha512t.c index 7385469bee..4b7b3ceaa3 100644 --- a/crypto/sha/sha512t.c +++ b/crypto/sha/sha512t.c @@ -11,6 +11,14 @@ #include #include +#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA512) +int main(int argc, char *argv[]) +{ + printf("No SHA512 support\n"); + return(0); +} +#else + unsigned char app_c1[SHA512_DIGEST_LENGTH] = { 0xdd,0xaf,0x35,0xa1,0x93,0x61,0x7a,0xba, 0xcc,0x41,0x73,0x49,0xae,0x20,0x41,0x31, @@ -173,3 +181,4 @@ int main () return 0; } +#endif -- GitLab From 4976983f304d52a05700c8875438bc640f249161 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Sun, 22 May 2005 09:13:30 +0000 Subject: [PATCH 142/929] Disseminate BUILDENV even further. --- apps/Makefile | 4 ++-- test/Makefile | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/apps/Makefile b/apps/Makefile index 06173b2355..d5ac5ca840 100644 --- a/apps/Makefile +++ b/apps/Makefile @@ -86,7 +86,7 @@ req: sreq.o $(A_OBJ) $(DLIBCRYPTO) shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \ shlib_target="$(SHLIB_TARGET)"; \ fi; \ - $(MAKE) -f $(TOP)/Makefile.shared \ + $(MAKE) -f $(TOP)/Makefile.shared $(BUILDENV) \ APPNAME=req OBJECTS="sreq.o $(A_OBJ) $(RAND_OBJ)" \ LIBDEPS="$(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)" \ link_app.$${shlib_target} @@ -158,7 +158,7 @@ $(EXE): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL) else \ LIBRARIES="$(LIBSSL) $(LIBKRB5) $(LIBCRYPTO)" ; \ fi; \ - $(MAKE) -f $(TOP)/Makefile.shared \ + $(MAKE) -f $(TOP)/Makefile.shared $(BUILDENV) \ APPNAME=$(EXE) OBJECTS="$(PROGRAM).o $(E_OBJ)" \ LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \ link_app.$${shlib_target} diff --git a/test/Makefile b/test/Makefile index 766a48bdfb..de3592cbd4 100644 --- a/test/Makefile +++ b/test/Makefile @@ -312,7 +312,7 @@ BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \ else \ LIBRARIES="$(LIBSSL) $(LIBCRYPTO)"; \ fi; \ - $(MAKE) -f $(TOP)/Makefile.shared \ + $(MAKE) -f $(TOP)/Makefile.shared $(BUILDENV) \ APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \ LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \ link_app.$${shlib_target} -- GitLab From 36b29660ce6d648d6b7b3a5cb331879064a75d92 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Sun, 22 May 2005 10:26:47 +0000 Subject: [PATCH 143/929] Be more consistent with OPENSSL_NO_SHA256. --- crypto/sha/sha256t.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/crypto/sha/sha256t.c b/crypto/sha/sha256t.c index 5c26ec86ef..68184b2582 100644 --- a/crypto/sha/sha256t.c +++ b/crypto/sha/sha256t.c @@ -10,6 +10,14 @@ #include #include +#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA256) +int main(int argc, char *argv[]) +{ + printf("No SHA256 support\n"); + return(0); +} +#else + unsigned char app_b1[SHA256_DIGEST_LENGTH] = { 0xba,0x78,0x16,0xbf,0x8f,0x01,0xcf,0xea, 0x41,0x41,0x40,0xde,0x5d,0xae,0x22,0x23, @@ -136,3 +144,4 @@ int main () return 0; } +#endif -- GitLab From 61391e231477aec5edaec43038db7cb8ae9361d3 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Sun, 22 May 2005 10:27:59 +0000 Subject: [PATCH 144/929] Be more consistent with OPENSSL_NO_SHA256. --- crypto/sha/sha256t.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/crypto/sha/sha256t.c b/crypto/sha/sha256t.c index 5c26ec86ef..68184b2582 100644 --- a/crypto/sha/sha256t.c +++ b/crypto/sha/sha256t.c @@ -10,6 +10,14 @@ #include #include +#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA256) +int main(int argc, char *argv[]) +{ + printf("No SHA256 support\n"); + return(0); +} +#else + unsigned char app_b1[SHA256_DIGEST_LENGTH] = { 0xba,0x78,0x16,0xbf,0x8f,0x01,0xcf,0xea, 0x41,0x41,0x40,0xde,0x5d,0xae,0x22,0x23, @@ -136,3 +144,4 @@ int main () return 0; } +#endif -- GitLab From 69762c75fa2247664fed0532295e09050b4bbc86 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Mon, 23 May 2005 00:32:55 +0000 Subject: [PATCH 145/929] Fix WIN32+KRB5 issues. --- ssl/d1_clnt.c | 1 + ssl/s3_srvr.c | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c index bcf5ebbd3e..0f840f439d 100644 --- a/ssl/d1_clnt.c +++ b/ssl/d1_clnt.c @@ -115,6 +115,7 @@ #include #include "ssl_locl.h" +#include "kssl_lcl.h" #include #include #include diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 4b1931a71f..29cb2170e6 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -1886,7 +1886,7 @@ int ssl3_get_client_key_exchange(SSL *s) n2s(p,i); enc_ticket.length = i; - if (n < enc_ticket.length + 6) + if (n < (int)enc_ticket.length + 6) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_DATA_LENGTH_TOO_LONG); @@ -1899,7 +1899,7 @@ int ssl3_get_client_key_exchange(SSL *s) n2s(p,i); authenticator.length = i; - if (n < enc_ticket.length + authenticator.length + 6) + if (n < (int)(enc_ticket.length + authenticator.length) + 6) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_DATA_LENGTH_TOO_LONG); -- GitLab From b172dec8641a7b1ce55434957828492a91f7bc33 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 24 May 2005 03:22:53 +0000 Subject: [PATCH 146/929] DEC C complains about bad subscript, but we know better, so let's shut it up. --- crypto/bn/bn_nist.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/crypto/bn/bn_nist.c b/crypto/bn/bn_nist.c index fa453a4459..b42ad01a43 100644 --- a/crypto/bn/bn_nist.c +++ b/crypto/bn/bn_nist.c @@ -282,6 +282,11 @@ int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, nist_cp_bn_0(buf, a_d + BN_NIST_192_TOP, top - BN_NIST_192_TOP, BN_NIST_192_TOP); +#if defined(OPENSSL_SYS_VMS) && defined(__DECC) +# pragma save +# pragma message disable BADSUBSCRIPT +#endif + nist_set_192(t_d, buf, 0, 3, 3); if (bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP)) ++carry; @@ -290,6 +295,10 @@ int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, if (bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP)) ++carry; +#if defined(OPENSSL_SYS_VMS) && defined(__DECC) +# pragma restore +#endif + nist_set_192(t_d, buf, 5, 5, 5) if (bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP)) ++carry; -- GitLab From 2f596aeef57d039f8af92c367733f708c682b003 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 24 May 2005 03:22:56 +0000 Subject: [PATCH 147/929] DEC C complains about bad subscript, but we know better, so let's shut it up. --- crypto/bn/bn_nist.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/crypto/bn/bn_nist.c b/crypto/bn/bn_nist.c index fa453a4459..b42ad01a43 100644 --- a/crypto/bn/bn_nist.c +++ b/crypto/bn/bn_nist.c @@ -282,6 +282,11 @@ int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, nist_cp_bn_0(buf, a_d + BN_NIST_192_TOP, top - BN_NIST_192_TOP, BN_NIST_192_TOP); +#if defined(OPENSSL_SYS_VMS) && defined(__DECC) +# pragma save +# pragma message disable BADSUBSCRIPT +#endif + nist_set_192(t_d, buf, 0, 3, 3); if (bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP)) ++carry; @@ -290,6 +295,10 @@ int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, if (bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP)) ++carry; +#if defined(OPENSSL_SYS_VMS) && defined(__DECC) +# pragma restore +#endif + nist_set_192(t_d, buf, 5, 5, 5) if (bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP)) ++carry; -- GitLab From b325518f4588728c38d53586b0cfcdd235db6e34 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 24 May 2005 03:27:15 +0000 Subject: [PATCH 148/929] Typo correction --- doc/apps/ca.pod | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/apps/ca.pod b/doc/apps/ca.pod index 5db7d9441c..42bae7f4a7 100644 --- a/doc/apps/ca.pod +++ b/doc/apps/ca.pod @@ -422,7 +422,7 @@ the same as B<-msie_hack> the same as B<-policy>. Mandatory. See the B section for more information. -=item B, B +=item B, B these options allow the format used to display the certificate details when asking the user to confirm signing. All the options supported by @@ -544,8 +544,8 @@ A sample configuration file with the relevant sections for B: policy = policy_any # default policy email_in_dn = no # Don't add the email into cert DN - nameopt = ca_default # Subject name display option - certopt = ca_default # Certificate display option + name_opt = ca_default # Subject name display option + cert_opt = ca_default # Certificate display option copy_extensions = none # Don't copy extensions from request [ policy_any ] -- GitLab From 607585fdaf3d56f18b2e5aabb93889360b8d0d2e Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 24 May 2005 03:27:57 +0000 Subject: [PATCH 149/929] Typo correction --- doc/apps/ca.pod | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/apps/ca.pod b/doc/apps/ca.pod index 5db7d9441c..42bae7f4a7 100644 --- a/doc/apps/ca.pod +++ b/doc/apps/ca.pod @@ -422,7 +422,7 @@ the same as B<-msie_hack> the same as B<-policy>. Mandatory. See the B section for more information. -=item B, B +=item B, B these options allow the format used to display the certificate details when asking the user to confirm signing. All the options supported by @@ -544,8 +544,8 @@ A sample configuration file with the relevant sections for B: policy = policy_any # default policy email_in_dn = no # Don't add the email into cert DN - nameopt = ca_default # Subject name display option - certopt = ca_default # Certificate display option + name_opt = ca_default # Subject name display option + cert_opt = ca_default # Certificate display option copy_extensions = none # Don't copy extensions from request [ policy_any ] -- GitLab From 85991994dfb111a8501b6e722b707348edd02b99 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 24 May 2005 03:39:08 +0000 Subject: [PATCH 150/929] It seems like mkdef.pl couldn't quite understand that #ifdef OPENSSL_NO_SHA512 was still active when it came down to the functions. mkdef.pl should really be corrected, but that'll be another day... --- crypto/sha/sha.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/crypto/sha/sha.h b/crypto/sha/sha.h index 867c661522..a83bd3cace 100644 --- a/crypto/sha/sha.h +++ b/crypto/sha/sha.h @@ -178,7 +178,9 @@ typedef struct SHA512state_st } u; unsigned int num,md_len; } SHA512_CTX; +#endif +#ifndef OPENSSL_NO_SHA512 int SHA384_Init(SHA512_CTX *c); int SHA384_Update(SHA512_CTX *c, const void *data, size_t len); int SHA384_Final(unsigned char *md, SHA512_CTX *c); -- GitLab From af4ac437ab4adc577da46c0003402e4852937575 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 24 May 2005 03:39:10 +0000 Subject: [PATCH 151/929] It seems like mkdef.pl couldn't quite understand that #ifdef OPENSSL_NO_SHA512 was still active when it came down to the functions. mkdef.pl should really be corrected, but that'll be another day... --- crypto/sha/sha.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/crypto/sha/sha.h b/crypto/sha/sha.h index 867c661522..a83bd3cace 100644 --- a/crypto/sha/sha.h +++ b/crypto/sha/sha.h @@ -178,7 +178,9 @@ typedef struct SHA512state_st } u; unsigned int num,md_len; } SHA512_CTX; +#endif +#ifndef OPENSSL_NO_SHA512 int SHA384_Init(SHA512_CTX *c); int SHA384_Update(SHA512_CTX *c, const void *data, size_t len); int SHA384_Final(unsigned char *md, SHA512_CTX *c); -- GitLab From dd890f07764e8a6f7d3c1cc91c5f36ed4d01ae1d Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 24 May 2005 03:39:37 +0000 Subject: [PATCH 152/929] make update --- ssl/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssl/Makefile b/ssl/Makefile index 49b7ca4807..c8b000eefe 100644 --- a/ssl/Makefile +++ b/ssl/Makefile @@ -160,7 +160,7 @@ d1_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h d1_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h d1_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h d1_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_clnt.c -d1_clnt.o: ssl_locl.h +d1_clnt.o: kssl_lcl.h ssl_locl.h d1_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h d1_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h d1_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -- GitLab From ce8945f35c4e5f38c6ed2d32ca55d26e79a12c61 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 24 May 2005 03:42:49 +0000 Subject: [PATCH 153/929] Time to release the next beta. The tag will be OpenSSL_0_9_8-beta2. --- README | 2 +- STATUS | 3 ++- crypto/opensslv.h | 4 ++-- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/README b/README index 7785cb8915..180ae46b07 100644 --- a/README +++ b/README @@ -1,5 +1,5 @@ - OpenSSL 0.9.8-beta2-dev XX xxx XXXX + OpenSSL 0.9.8-beta2 24 May 2005 Copyright (c) 1998-2005 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson diff --git a/STATUS b/STATUS index e7f08d0136..af29eed234 100644 --- a/STATUS +++ b/STATUS @@ -1,10 +1,11 @@ OpenSSL STATUS Last modified at - ______________ $Date: 2005/05/19 19:42:03 $ + ______________ $Date: 2005/05/24 03:42:48 $ DEVELOPMENT STATE o OpenSSL 0.9.9: Under development... + o OpenSSL 0.9.8-beta2: Released on May 24th, 2005 o OpenSSL 0.9.8-beta1: Released on May 19th, 2005 o OpenSSL 0.9.7g: Released on April 11th, 2005 o OpenSSL 0.9.7f: Released on March 22nd, 2005 diff --git a/crypto/opensslv.h b/crypto/opensslv.h index 199d5e088a..ecb0fa0979 100644 --- a/crypto/opensslv.h +++ b/crypto/opensslv.h @@ -27,9 +27,9 @@ */ #define OPENSSL_VERSION_NUMBER 0x00908002L #ifdef OPENSSL_FIPS -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-fips-beta2-dev XX xxx XXXX" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-fips-beta2 24 May 2005" #else -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-beta2-dev XX xxx XXXX" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-beta2 24 May 2005" #endif #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT -- GitLab From 83af7422a0ecbd8e176b2e3e620e8e5082d8ba3b Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 24 May 2005 03:50:30 +0000 Subject: [PATCH 154/929] Tagging is done, we continue on beta3, which is planned to be released on Sunday May 29th. --- README | 2 +- crypto/opensslv.h | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/README b/README index 180ae46b07..19e9d0cff8 100644 --- a/README +++ b/README @@ -1,5 +1,5 @@ - OpenSSL 0.9.8-beta2 24 May 2005 + OpenSSL 0.9.8-beta3-dev XX xxx XXXX Copyright (c) 1998-2005 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson diff --git a/crypto/opensslv.h b/crypto/opensslv.h index ecb0fa0979..021a6cb7c6 100644 --- a/crypto/opensslv.h +++ b/crypto/opensslv.h @@ -27,9 +27,9 @@ */ #define OPENSSL_VERSION_NUMBER 0x00908002L #ifdef OPENSSL_FIPS -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-fips-beta2 24 May 2005" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-fips-beta3 XX xxx XXXX" #else -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-beta2 24 May 2005" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-beta3 XX xxx XXXX" #endif #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT -- GitLab From 7d9e1321c7716d63501fe9d8ed6b0fecaa0168ec Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 24 May 2005 03:57:12 +0000 Subject: [PATCH 155/929] Forgot to change the version number itself. --- crypto/opensslv.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/opensslv.h b/crypto/opensslv.h index 021a6cb7c6..6208c19ee8 100644 --- a/crypto/opensslv.h +++ b/crypto/opensslv.h @@ -25,7 +25,7 @@ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -#define OPENSSL_VERSION_NUMBER 0x00908002L +#define OPENSSL_VERSION_NUMBER 0x00908003L #ifdef OPENSSL_FIPS #define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-fips-beta3 XX xxx XXXX" #else -- GitLab From 629ea39a884093e1337158d3650d855e87bc99d3 Mon Sep 17 00:00:00 2001 From: Geoff Thorpe Date: Wed, 25 May 2005 02:52:44 +0000 Subject: [PATCH 156/929] Handle differences between engine IDs and their dynamic library names (and source files, for that matter) by tolerating the alternatives. It would be preferable to also change the generated shared library names, but that will be taken up separately. --- engines/e_4758_cca.c | 5 ++++- engines/e_ncipher.c | 5 ++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/engines/e_4758_cca.c b/engines/e_4758_cca.c index 685a6804c5..d01a037835 100644 --- a/engines/e_4758_cca.c +++ b/engines/e_4758_cca.c @@ -202,6 +202,8 @@ static RAND_METHOD ibm_4758_cca_rand = static const char *engine_4758_cca_id = "4758cca"; static const char *engine_4758_cca_name = "IBM 4758 CCA hardware engine support"; +/* Compatibility hack, the dynamic library uses this form in the path */ +static const char *engine_4758_cca_id_alt = "4758_cca"; /* engine implementation */ /*-----------------------*/ @@ -958,7 +960,8 @@ static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, int idx, #ifndef OPENSSL_NO_DYNAMIC_ENGINE static int bind_fn(ENGINE *e, const char *id) { - if(id && (strcmp(id, engine_4758_cca_id) != 0)) + if(id && (strcmp(id, engine_4758_cca_id) != 0) && + (strcmp(id, engine_4758_cca_id_alt) != 0)) return 0; if(!bind_helper(e)) return 0; diff --git a/engines/e_ncipher.c b/engines/e_ncipher.c index b5f054bb86..11ae5aec82 100644 --- a/engines/e_ncipher.c +++ b/engines/e_ncipher.c @@ -224,6 +224,8 @@ static RAND_METHOD hwcrhk_rand = /* Constants used when creating the ENGINE */ static const char *engine_hwcrhk_id = "chil"; static const char *engine_hwcrhk_name = "nCipher hardware engine support"; +/* Compatibility hack, the dynamic library uses this form in the path */ +static const char *engine_hwcrhk_id_alt = "ncipher"; /* Internal stuff for HWCryptoHook */ @@ -1343,7 +1345,8 @@ static void hwcrhk_log_message(void *logstr, const char *message) #ifndef OPENSSL_NO_DYNAMIC_ENGINE static int bind_fn(ENGINE *e, const char *id) { - if(id && (strcmp(id, engine_hwcrhk_id) != 0)) + if(id && (strcmp(id, engine_hwcrhk_id) != 0) && + (strcmp(id, engine_hwcrhk_id_alt) != 0)) return 0; if(!bind_helper(e)) return 0; -- GitLab From 60192e96b80fd9ec0776c9db0497c066c97a7cf9 Mon Sep 17 00:00:00 2001 From: Geoff Thorpe Date: Wed, 25 May 2005 02:54:28 +0000 Subject: [PATCH 157/929] Handle differences between engine IDs and their dynamic library names (and source files, for that matter) by tolerating the alternatives. It would be preferable to also change the generated shared library names, but that will be taken up separately. --- engines/e_4758_cca.c | 5 ++++- engines/e_ncipher.c | 5 ++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/engines/e_4758_cca.c b/engines/e_4758_cca.c index 685a6804c5..d01a037835 100644 --- a/engines/e_4758_cca.c +++ b/engines/e_4758_cca.c @@ -202,6 +202,8 @@ static RAND_METHOD ibm_4758_cca_rand = static const char *engine_4758_cca_id = "4758cca"; static const char *engine_4758_cca_name = "IBM 4758 CCA hardware engine support"; +/* Compatibility hack, the dynamic library uses this form in the path */ +static const char *engine_4758_cca_id_alt = "4758_cca"; /* engine implementation */ /*-----------------------*/ @@ -958,7 +960,8 @@ static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, int idx, #ifndef OPENSSL_NO_DYNAMIC_ENGINE static int bind_fn(ENGINE *e, const char *id) { - if(id && (strcmp(id, engine_4758_cca_id) != 0)) + if(id && (strcmp(id, engine_4758_cca_id) != 0) && + (strcmp(id, engine_4758_cca_id_alt) != 0)) return 0; if(!bind_helper(e)) return 0; diff --git a/engines/e_ncipher.c b/engines/e_ncipher.c index b5f054bb86..11ae5aec82 100644 --- a/engines/e_ncipher.c +++ b/engines/e_ncipher.c @@ -224,6 +224,8 @@ static RAND_METHOD hwcrhk_rand = /* Constants used when creating the ENGINE */ static const char *engine_hwcrhk_id = "chil"; static const char *engine_hwcrhk_name = "nCipher hardware engine support"; +/* Compatibility hack, the dynamic library uses this form in the path */ +static const char *engine_hwcrhk_id_alt = "ncipher"; /* Internal stuff for HWCryptoHook */ @@ -1343,7 +1345,8 @@ static void hwcrhk_log_message(void *logstr, const char *message) #ifndef OPENSSL_NO_DYNAMIC_ENGINE static int bind_fn(ENGINE *e, const char *id) { - if(id && (strcmp(id, engine_hwcrhk_id) != 0)) + if(id && (strcmp(id, engine_hwcrhk_id) != 0) && + (strcmp(id, engine_hwcrhk_id_alt) != 0)) return 0; if(!bind_helper(e)) return 0; -- GitLab From e5cd536894a96fa6640c60a7690a9fb7f6459520 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Wed, 25 May 2005 21:37:18 +0000 Subject: [PATCH 158/929] Some assemblers are too rudimentary to understand dynamic labels. --- crypto/perlasm/x86unix.pl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/perlasm/x86unix.pl b/crypto/perlasm/x86unix.pl index 18d4fbff45..9bc5c0e893 100644 --- a/crypto/perlasm/x86unix.pl +++ b/crypto/perlasm/x86unix.pl @@ -719,9 +719,9 @@ sub main'initseg $tmp=<<___; .section .init call $under$f - jmp 1f + jmp .Linitalign .align $align -1: +.Linitalign: ___ } elsif ($main'coff) -- GitLab From a506b8c7dd6f2e8945679e70f38d3d18d3696812 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bodo=20M=C3=B6ller?= Date: Thu, 26 May 2005 04:30:48 +0000 Subject: [PATCH 159/929] check BN_copy() return value --- crypto/bn/bn_blind.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/crypto/bn/bn_blind.c b/crypto/bn/bn_blind.c index 40e742dbad..ca22d4f8bd 100644 --- a/crypto/bn/bn_blind.c +++ b/crypto/bn/bn_blind.c @@ -207,6 +207,8 @@ int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx) int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx) { + int ret = 1; + bn_check_top(n); if ((b->A == NULL) || (b->Ai == NULL)) @@ -216,9 +218,13 @@ int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx) } if (r != NULL) - BN_copy(r, b->Ai); + { + if (!BN_copy(r, b->Ai)) ret=0; + } - return BN_mod_mul(n,n,b->A,b->mod,ctx); + if (!BN_mod_mul(n,n,b->A,b->mod,ctx)) ret=0; + + return ret; } int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx) @@ -351,4 +357,3 @@ err: return ret; } - -- GitLab From c61f571ce02ab6ab8ffe0c33a03b4a32ae83516e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bodo=20M=C3=B6ller?= Date: Thu, 26 May 2005 04:30:49 +0000 Subject: [PATCH 160/929] check BN_copy() return value --- crypto/bn/bn_blind.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/crypto/bn/bn_blind.c b/crypto/bn/bn_blind.c index 40e742dbad..ca22d4f8bd 100644 --- a/crypto/bn/bn_blind.c +++ b/crypto/bn/bn_blind.c @@ -207,6 +207,8 @@ int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx) int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx) { + int ret = 1; + bn_check_top(n); if ((b->A == NULL) || (b->Ai == NULL)) @@ -216,9 +218,13 @@ int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx) } if (r != NULL) - BN_copy(r, b->Ai); + { + if (!BN_copy(r, b->Ai)) ret=0; + } - return BN_mod_mul(n,n,b->A,b->mod,ctx); + if (!BN_mod_mul(n,n,b->A,b->mod,ctx)) ret=0; + + return ret; } int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx) @@ -351,4 +357,3 @@ err: return ret; } - -- GitLab From 0ebfcc8f92736c900bae4066040b67f6e5db8edb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bodo=20M=C3=B6ller?= Date: Thu, 26 May 2005 04:40:52 +0000 Subject: [PATCH 161/929] make sure DSA signing exponentiations really are constant-time --- CHANGES | 7 +++++++ crypto/dsa/dsa_ossl.c | 30 +++++++++++++++++++++++++++--- 2 files changed, 34 insertions(+), 3 deletions(-) diff --git a/CHANGES b/CHANGES index 9711d56436..3b68628fb2 100644 --- a/CHANGES +++ b/CHANGES @@ -803,6 +803,13 @@ Changes between 0.9.7g and 0.9.7h [XX xxx XXXX] + *) For DSA signing, unless DSA_FLAG_NO_EXP_CONSTTIME is set, perform + the exponentiation using a fixed-length exponent. (Otherwise, + the information leaked through timing could expose the secret key + after many signatures; cf. Bleichenbacher's attack on DSA with + biased k.) + [Bodo Moeller] + *) Make a new fixed-window mod_exp implementation the default for RSA, DSA, and DH private-key operations so that the sequence of squares and multiplies and the memory access pattern are diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c index 2e5ede7826..3fd8a35613 100644 --- a/crypto/dsa/dsa_ossl.c +++ b/crypto/dsa/dsa_ossl.c @@ -202,7 +202,7 @@ err: static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) { BN_CTX *ctx; - BIGNUM k,*kinv=NULL,*r=NULL; + BIGNUM k,kq,*K,*kinv=NULL,*r=NULL; int ret=0; if (!dsa->p || !dsa->q || !dsa->g) @@ -212,6 +212,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) } BN_init(&k); + BN_init(&kq); if (ctx_in == NULL) { @@ -221,7 +222,6 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) ctx=ctx_in; if ((r=BN_new()) == NULL) goto err; - kinv=NULL; /* Get random k */ do @@ -241,7 +241,30 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) } /* Compute r = (g^k mod p) mod q */ - DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, &k, dsa->p, ctx, + + if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) + { + if (!BN_copy(&kq, &k)) goto err; + + /* We do not want timing information to leak the length of k, + * so we compute g^k using an equivalent exponent of fixed length. + * + * (This is a kludge that we need because the BN_mod_exp_mont() + * does not let us specify the desired timing behaviour.) */ + + if (!BN_add(&kq, &kq, dsa->q)) goto err; + if (BN_num_bits(&kq) <= BN_num_bits(dsa->q)) + { + if (!BN_add(&kq, &kq, dsa->q)) goto err; + } + + K = &kq; + } + else + { + K = &k; + } + DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx, dsa->method_mont_p); if (!BN_mod(r,r,dsa->q,ctx)) goto err; @@ -264,6 +287,7 @@ err: if (ctx_in == NULL) BN_CTX_free(ctx); if (kinv != NULL) BN_clear_free(kinv); BN_clear_free(&k); + BN_clear_free(&kq); return(ret); } -- GitLab From e4106a4e242c75287484834ebac48cbba1045e3f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bodo=20M=C3=B6ller?= Date: Thu, 26 May 2005 04:40:57 +0000 Subject: [PATCH 162/929] make sure DSA signing exponentiations really are constant-time --- CHANGES | 7 +++++++ crypto/dsa/dsa_ossl.c | 30 +++++++++++++++++++++++++++--- 2 files changed, 34 insertions(+), 3 deletions(-) diff --git a/CHANGES b/CHANGES index d02d20e161..5be91d613c 100644 --- a/CHANGES +++ b/CHANGES @@ -799,6 +799,13 @@ Changes between 0.9.7g and 0.9.7h [XX xxx XXXX] + *) For DSA signing, unless DSA_FLAG_NO_EXP_CONSTTIME is set, perform + the exponentiation using a fixed-length exponent. (Otherwise, + the information leaked through timing could expose the secret key + after many signatures; cf. Bleichenbacher's attack on DSA with + biased k.) + [Bodo Moeller] + *) Make a new fixed-window mod_exp implementation the default for RSA, DSA, and DH private-key operations so that the sequence of squares and multiplies and the memory access pattern are diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c index 2e5ede7826..3fd8a35613 100644 --- a/crypto/dsa/dsa_ossl.c +++ b/crypto/dsa/dsa_ossl.c @@ -202,7 +202,7 @@ err: static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) { BN_CTX *ctx; - BIGNUM k,*kinv=NULL,*r=NULL; + BIGNUM k,kq,*K,*kinv=NULL,*r=NULL; int ret=0; if (!dsa->p || !dsa->q || !dsa->g) @@ -212,6 +212,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) } BN_init(&k); + BN_init(&kq); if (ctx_in == NULL) { @@ -221,7 +222,6 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) ctx=ctx_in; if ((r=BN_new()) == NULL) goto err; - kinv=NULL; /* Get random k */ do @@ -241,7 +241,30 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) } /* Compute r = (g^k mod p) mod q */ - DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, &k, dsa->p, ctx, + + if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) + { + if (!BN_copy(&kq, &k)) goto err; + + /* We do not want timing information to leak the length of k, + * so we compute g^k using an equivalent exponent of fixed length. + * + * (This is a kludge that we need because the BN_mod_exp_mont() + * does not let us specify the desired timing behaviour.) */ + + if (!BN_add(&kq, &kq, dsa->q)) goto err; + if (BN_num_bits(&kq) <= BN_num_bits(dsa->q)) + { + if (!BN_add(&kq, &kq, dsa->q)) goto err; + } + + K = &kq; + } + else + { + K = &k; + } + DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx, dsa->method_mont_p); if (!BN_mod(r,r,dsa->q,ctx)) goto err; @@ -264,6 +287,7 @@ err: if (ctx_in == NULL) BN_CTX_free(ctx); if (kinv != NULL) BN_clear_free(kinv); BN_clear_free(&k); + BN_clear_free(&kq); return(ret); } -- GitLab From 3f791ca8188b71cba77e718d2d5c2ed7613d3b6a Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Fri, 27 May 2005 13:19:25 +0000 Subject: [PATCH 175/929] Assing check_{cert,crl}_time to 'ok' variable so it returns errors on expiry. --- crypto/x509/x509_vfy.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 637e2b6142..5711367232 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -776,7 +776,8 @@ static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl) } } - if (!check_crl_time(ctx, crl, 1)) + ok = check_crl_time(ctx, crl, 1); + if (!ok) goto err; ok = 1; @@ -1006,7 +1007,8 @@ static int internal_verify(X509_STORE_CTX *ctx) xs->valid = 1; - if (!check_cert_time(ctx, xs)) + ok = check_cert_time(ctx, xs); + if (!ok) goto end; /* The last error (if any) is still in the error value */ -- GitLab From a28a5d9c626c8b48d55f64ad77304578d1bd2a03 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bodo=20M=C3=B6ller?= Date: Fri, 27 May 2005 15:38:53 +0000 Subject: [PATCH 176/929] Use BN_with_flags() in a cleaner way. --- crypto/bn/bn.h | 2 ++ crypto/dh/dh_key.c | 1 + crypto/dsa/dsa_key.c | 1 + crypto/rsa/rsa_eay.c | 1 + 4 files changed, 5 insertions(+) diff --git a/crypto/bn/bn.h b/crypto/bn/bn.h index 6d52735207..9f4668a51d 100644 --- a/crypto/bn/bn.h +++ b/crypto/bn/bn.h @@ -253,6 +253,8 @@ extern "C" { #define BN_set_flags(b,n) ((b)->flags|=(n)) #define BN_get_flags(b,n) ((b)->flags&(n)) +/* get a clone of a BIGNUM with changed flags, for *temporary* use only + * (the two BIGNUMs cannot not be used in parallel!) */ #define BN_with_flags(dest,b,n) ((dest)->d=(b)->d, \ (dest)->top=(b)->top, \ (dest)->dmax=(b)->dmax, \ diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c index e384286c73..39eefe387e 100644 --- a/crypto/dh/dh_key.c +++ b/crypto/dh/dh_key.c @@ -148,6 +148,7 @@ static int generate_key(DH *dh) if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0) { + BN_init(&local_prk); prk = &local_prk; BN_with_flags(prk, priv_key, BN_FLG_EXP_CONSTTIME); } diff --git a/crypto/dsa/dsa_key.c b/crypto/dsa/dsa_key.c index 5ba885e1e2..0423f2e00c 100644 --- a/crypto/dsa/dsa_key.c +++ b/crypto/dsa/dsa_key.c @@ -105,6 +105,7 @@ static int dsa_builtin_keygen(DSA *dsa) if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) { + BN_init(&local_prk); prk = &local_prk; BN_with_flags(prk, priv_key, BN_FLG_EXP_CONSTTIME); } diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c index 175ab8a789..6954f36d5d 100644 --- a/crypto/rsa/rsa_eay.c +++ b/crypto/rsa/rsa_eay.c @@ -383,6 +383,7 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME)) { + BN_init(&local_d); d = &local_d; BN_with_flags(d, rsa->d, BN_FLG_EXP_CONSTTIME); } -- GitLab From cad811fc41928315e48614196a808fb27640bcd3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bodo=20M=C3=B6ller?= Date: Fri, 27 May 2005 15:39:24 +0000 Subject: [PATCH 177/929] Use BN_with_flags() in a cleaner way. --- crypto/bn/bn.h | 2 ++ crypto/dh/dh_key.c | 1 + crypto/dsa/dsa_key.c | 1 + crypto/rsa/rsa_eay.c | 1 + 4 files changed, 5 insertions(+) diff --git a/crypto/bn/bn.h b/crypto/bn/bn.h index 6d52735207..9f4668a51d 100644 --- a/crypto/bn/bn.h +++ b/crypto/bn/bn.h @@ -253,6 +253,8 @@ extern "C" { #define BN_set_flags(b,n) ((b)->flags|=(n)) #define BN_get_flags(b,n) ((b)->flags&(n)) +/* get a clone of a BIGNUM with changed flags, for *temporary* use only + * (the two BIGNUMs cannot not be used in parallel!) */ #define BN_with_flags(dest,b,n) ((dest)->d=(b)->d, \ (dest)->top=(b)->top, \ (dest)->dmax=(b)->dmax, \ diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c index e384286c73..39eefe387e 100644 --- a/crypto/dh/dh_key.c +++ b/crypto/dh/dh_key.c @@ -148,6 +148,7 @@ static int generate_key(DH *dh) if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0) { + BN_init(&local_prk); prk = &local_prk; BN_with_flags(prk, priv_key, BN_FLG_EXP_CONSTTIME); } diff --git a/crypto/dsa/dsa_key.c b/crypto/dsa/dsa_key.c index 5ba885e1e2..0423f2e00c 100644 --- a/crypto/dsa/dsa_key.c +++ b/crypto/dsa/dsa_key.c @@ -105,6 +105,7 @@ static int dsa_builtin_keygen(DSA *dsa) if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) { + BN_init(&local_prk); prk = &local_prk; BN_with_flags(prk, priv_key, BN_FLG_EXP_CONSTTIME); } diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c index 175ab8a789..6954f36d5d 100644 --- a/crypto/rsa/rsa_eay.c +++ b/crypto/rsa/rsa_eay.c @@ -383,6 +383,7 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME)) { + BN_init(&local_d); d = &local_d; BN_with_flags(d, rsa->d, BN_FLG_EXP_CONSTTIME); } -- GitLab From 499fca2db345a81a05b7d02dcefdc29f04507527 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Sat, 28 May 2005 20:44:02 +0000 Subject: [PATCH 178/929] Update from 0.9.7-stable. Also repatch and rebuild error codes. --- apps/rsautl.c | 1 + crypto/rsa/Makefile | 4 ++-- crypto/rsa/rsa.h | 39 ++++++++++++++++++++++++++++++--------- crypto/rsa/rsa_eay.c | 26 +++++++++++++++++++++++--- crypto/rsa/rsa_err.c | 13 +++++++++++++ crypto/rsa/rsa_oaep.c | 19 +++++++++++++------ 6 files changed, 82 insertions(+), 20 deletions(-) diff --git a/apps/rsautl.c b/apps/rsautl.c index 596199010a..a629ff50ac 100644 --- a/apps/rsautl.c +++ b/apps/rsautl.c @@ -148,6 +148,7 @@ int MAIN(int argc, char **argv) else if(!strcmp(*argv, "-oaep")) pad = RSA_PKCS1_OAEP_PADDING; else if(!strcmp(*argv, "-ssl")) pad = RSA_SSLV23_PADDING; else if(!strcmp(*argv, "-pkcs")) pad = RSA_PKCS1_PADDING; + else if(!strcmp(*argv, "-x931")) pad = RSA_X931_PADDING; else if(!strcmp(*argv, "-sign")) { rsa_mode = RSA_SIGN; need_priv = 1; diff --git a/crypto/rsa/Makefile b/crypto/rsa/Makefile index e406f2450e..6c05226522 100644 --- a/crypto/rsa/Makefile +++ b/crypto/rsa/Makefile @@ -19,10 +19,10 @@ APPS= LIB=$(TOP)/libcrypto.a LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \ rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \ - rsa_asn1.c rsa_depr.c + rsa_pss.c rsa_x931.c rsa_asn1.c rsa_depr.c LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \ rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \ - rsa_asn1.o rsa_depr.o + rsa_pss.o rsa_x931.o rsa_asn1.o rsa_depr.o SRC= $(LIBSRC) diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h index dcefebad21..2dd403b81b 100644 --- a/crypto/rsa/rsa.h +++ b/crypto/rsa/rsa.h @@ -196,6 +196,7 @@ struct rsa_st #define RSA_SSLV23_PADDING 2 #define RSA_NO_PADDING 3 #define RSA_PKCS1_OAEP_PADDING 4 +#define RSA_X931_PADDING 5 #define RSA_PKCS1_PADDING_SIZE 11 @@ -297,6 +298,8 @@ int RSA_padding_add_PKCS1_type_2(unsigned char *to,int tlen, const unsigned char *f,int fl); int RSA_padding_check_PKCS1_type_2(unsigned char *to,int tlen, const unsigned char *f,int fl,int rsa_len); +int PKCS1_MGF1(unsigned char *mask, long len, + const unsigned char *seed, long seedlen, const EVP_MD *dgst); int RSA_padding_add_PKCS1_OAEP(unsigned char *to,int tlen, const unsigned char *f,int fl, const unsigned char *p,int pl); @@ -311,6 +314,11 @@ int RSA_padding_add_none(unsigned char *to,int tlen, const unsigned char *f,int fl); int RSA_padding_check_none(unsigned char *to,int tlen, const unsigned char *f,int fl,int rsa_len); +int RSA_padding_add_X931(unsigned char *to,int tlen, + const unsigned char *f,int fl); +int RSA_padding_check_X931(unsigned char *to,int tlen, + const unsigned char *f,int fl,int rsa_len); +int RSA_X931_hash_id(int nid); int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); @@ -329,37 +337,43 @@ void ERR_load_RSA_strings(void); /* Error codes for the RSA functions. */ /* Function codes. */ -#define RSA_F_RSA_BUILTIN_KEYGEN 105 +#define RSA_F_MEMORY_LOCK 100 +#define RSA_F_RSA_BUILTIN_KEYGEN 129 #define RSA_F_RSA_CHECK_KEY 123 #define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101 #define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102 #define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103 #define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104 -#define RSA_F_RSA_MEMORY_LOCK 100 +#define RSA_F_RSA_GENERATE_KEY 105 +#define RSA_F_RSA_MEMORY_LOCK 130 #define RSA_F_RSA_NEW_METHOD 106 #define RSA_F_RSA_NULL 124 -#define RSA_F_RSA_NULL_MOD_EXP 126 -#define RSA_F_RSA_NULL_PRIVATE_DECRYPT 127 -#define RSA_F_RSA_NULL_PRIVATE_ENCRYPT 128 -#define RSA_F_RSA_NULL_PUBLIC_DECRYPT 129 -#define RSA_F_RSA_NULL_PUBLIC_ENCRYPT 130 +#define RSA_F_RSA_NULL_MOD_EXP 131 +#define RSA_F_RSA_NULL_PRIVATE_DECRYPT 132 +#define RSA_F_RSA_NULL_PRIVATE_ENCRYPT 133 +#define RSA_F_RSA_NULL_PUBLIC_DECRYPT 134 +#define RSA_F_RSA_NULL_PUBLIC_ENCRYPT 135 #define RSA_F_RSA_PADDING_ADD_NONE 107 #define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121 +#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 125 #define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108 #define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109 #define RSA_F_RSA_PADDING_ADD_SSLV23 110 +#define RSA_F_RSA_PADDING_ADD_X931 127 #define RSA_F_RSA_PADDING_CHECK_NONE 111 #define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP 122 #define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 112 #define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 113 #define RSA_F_RSA_PADDING_CHECK_SSLV23 114 +#define RSA_F_RSA_PADDING_CHECK_X931 128 #define RSA_F_RSA_PRINT 115 #define RSA_F_RSA_PRINT_FP 116 -#define RSA_F_RSA_SETUP_BLINDING 125 +#define RSA_F_RSA_SETUP_BLINDING 136 #define RSA_F_RSA_SIGN 117 #define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118 #define RSA_F_RSA_VERIFY 119 #define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120 +#define RSA_F_RSA_VERIFY_PKCS1_PSS 126 /* Reason codes. */ #define RSA_R_ALGORITHM_MISMATCH 100 @@ -379,13 +393,19 @@ void ERR_load_RSA_strings(void); #define RSA_R_DMP1_NOT_CONGRUENT_TO_D 124 #define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125 #define RSA_R_D_E_NOT_CONGRUENT_TO_1 123 +#define RSA_R_FIRST_OCTET_INVALID 133 +#define RSA_R_INVALID_HEADER 137 #define RSA_R_INVALID_MESSAGE_LENGTH 131 +#define RSA_R_INVALID_PADDING 138 +#define RSA_R_INVALID_TRAILER 139 #define RSA_R_IQMP_NOT_INVERSE_OF_Q 126 #define RSA_R_KEY_SIZE_TOO_SMALL 120 -#define RSA_R_NO_PUBLIC_EXPONENT 133 +#define RSA_R_LAST_OCTET_INVALID 134 +#define RSA_R_NO_PUBLIC_EXPONENT 140 #define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 #define RSA_R_N_DOES_NOT_EQUAL_P_Q 127 #define RSA_R_OAEP_DECODING_ERROR 121 +#define RSA_R_ONE_CHECK_FAILED 135 #define RSA_R_PADDING_CHECK_FAILED 114 #define RSA_R_P_NOT_PRIME 128 #define RSA_R_Q_NOT_PRIME 129 @@ -395,6 +415,7 @@ void ERR_load_RSA_strings(void); #define RSA_R_UNKNOWN_ALGORITHM_TYPE 117 #define RSA_R_UNKNOWN_PADDING_TYPE 118 #define RSA_R_WRONG_SIGNATURE_LENGTH 119 +#define RSA_R_ZERO_CHECK_FAILED 136 #ifdef __cplusplus } diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c index 6954f36d5d..620ac5544b 100644 --- a/crypto/rsa/rsa_eay.c +++ b/crypto/rsa/rsa_eay.c @@ -309,7 +309,7 @@ static int rsa_blinding_invert(BN_BLINDING *b, int local, BIGNUM *f, static int RSA_eay_private_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { - BIGNUM *f, *ret, *br; + BIGNUM *f, *ret, *br, *res; int i,j,k,num=0,r= -1; unsigned char *buf=NULL; BN_CTX *ctx=NULL; @@ -334,6 +334,9 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, case RSA_PKCS1_PADDING: i=RSA_padding_add_PKCS1_type_1(buf,num,from,flen); break; + case RSA_X931_PADDING: + i=RSA_padding_add_X931(buf,num,from,flen); + break; case RSA_NO_PADDING: i=RSA_padding_add_none(buf,num,from,flen); break; @@ -400,10 +403,21 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, if (!rsa_blinding_invert(blinding, local_blinding, ret, br, ctx)) goto err; + if (padding == RSA_X931_PADDING) + { + BN_sub(f, rsa->n, ret); + if (BN_cmp(ret, f)) + res = f; + else + res = ret; + } + else + res = ret; + /* put in leading 0 bytes if the number is less than the * length of the modulus */ - j=BN_num_bytes(ret); - i=BN_bn2bin(ret,&(to[num-j])); + j=BN_num_bytes(res); + i=BN_bn2bin(res,&(to[num-j])); for (k=0; k<(num-i); k++) to[k]=0; @@ -593,6 +607,9 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from, if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx, rsa->_method_mod_n)) goto err; + if ((padding == RSA_X931_PADDING) && ((ret->d[0] & 0xf) != 12)) + BN_sub(ret, rsa->n, ret); + p=buf; i=BN_bn2bin(ret,p); @@ -601,6 +618,9 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from, case RSA_PKCS1_PADDING: r=RSA_padding_check_PKCS1_type_1(to,num,buf,i,num); break; + case RSA_X931_PADDING: + r=RSA_padding_check_X931(to,num,buf,i,num); + break; case RSA_NO_PADDING: r=RSA_padding_check_none(to,num,buf,i,num); break; diff --git a/crypto/rsa/rsa_err.c b/crypto/rsa/rsa_err.c index b2ac6c22a9..48e8f39314 100644 --- a/crypto/rsa/rsa_err.c +++ b/crypto/rsa/rsa_err.c @@ -70,12 +70,14 @@ static ERR_STRING_DATA RSA_str_functs[]= { +{ERR_FUNC(RSA_F_MEMORY_LOCK), "MEMORY_LOCK"}, {ERR_FUNC(RSA_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"}, {ERR_FUNC(RSA_F_RSA_CHECK_KEY), "RSA_check_key"}, {ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_DECRYPT), "RSA_EAY_PRIVATE_DECRYPT"}, {ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_ENCRYPT), "RSA_EAY_PRIVATE_ENCRYPT"}, {ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"}, {ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"}, +{ERR_FUNC(RSA_F_RSA_GENERATE_KEY), "RSA_generate_key"}, {ERR_FUNC(RSA_F_RSA_MEMORY_LOCK), "RSA_memory_lock"}, {ERR_FUNC(RSA_F_RSA_NEW_METHOD), "RSA_new_method"}, {ERR_FUNC(RSA_F_RSA_NULL), "RSA_NULL"}, @@ -86,14 +88,17 @@ static ERR_STRING_DATA RSA_str_functs[]= {ERR_FUNC(RSA_F_RSA_NULL_PUBLIC_ENCRYPT), "RSA_NULL_PUBLIC_ENCRYPT"}, {ERR_FUNC(RSA_F_RSA_PADDING_ADD_NONE), "RSA_padding_add_none"}, {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP), "RSA_padding_add_PKCS1_OAEP"}, +{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS), "RSA_PADDING_ADD_PKCS1_PSS"}, {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1), "RSA_padding_add_PKCS1_type_1"}, {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2), "RSA_padding_add_PKCS1_type_2"}, {ERR_FUNC(RSA_F_RSA_PADDING_ADD_SSLV23), "RSA_padding_add_SSLv23"}, +{ERR_FUNC(RSA_F_RSA_PADDING_ADD_X931), "RSA_padding_add_X931"}, {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_NONE), "RSA_padding_check_none"}, {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP), "RSA_padding_check_PKCS1_OAEP"}, {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1), "RSA_padding_check_PKCS1_type_1"}, {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2), "RSA_padding_check_PKCS1_type_2"}, {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_SSLV23), "RSA_padding_check_SSLv23"}, +{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_X931), "RSA_padding_check_X931"}, {ERR_FUNC(RSA_F_RSA_PRINT), "RSA_print"}, {ERR_FUNC(RSA_F_RSA_PRINT_FP), "RSA_print_fp"}, {ERR_FUNC(RSA_F_RSA_SETUP_BLINDING), "RSA_setup_blinding"}, @@ -101,6 +106,7 @@ static ERR_STRING_DATA RSA_str_functs[]= {ERR_FUNC(RSA_F_RSA_SIGN_ASN1_OCTET_STRING), "RSA_sign_ASN1_OCTET_STRING"}, {ERR_FUNC(RSA_F_RSA_VERIFY), "RSA_verify"}, {ERR_FUNC(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING), "RSA_verify_ASN1_OCTET_STRING"}, +{ERR_FUNC(RSA_F_RSA_VERIFY_PKCS1_PSS), "RSA_VERIFY_PKCS1_PSS"}, {0,NULL} }; @@ -123,13 +129,19 @@ static ERR_STRING_DATA RSA_str_reasons[]= {ERR_REASON(RSA_R_DMP1_NOT_CONGRUENT_TO_D),"dmp1 not congruent to d"}, {ERR_REASON(RSA_R_DMQ1_NOT_CONGRUENT_TO_D),"dmq1 not congruent to d"}, {ERR_REASON(RSA_R_D_E_NOT_CONGRUENT_TO_1),"d e not congruent to 1"}, +{ERR_REASON(RSA_R_FIRST_OCTET_INVALID) ,"first octet invalid"}, +{ERR_REASON(RSA_R_INVALID_HEADER) ,"invalid header"}, {ERR_REASON(RSA_R_INVALID_MESSAGE_LENGTH),"invalid message length"}, +{ERR_REASON(RSA_R_INVALID_PADDING) ,"invalid padding"}, +{ERR_REASON(RSA_R_INVALID_TRAILER) ,"invalid trailer"}, {ERR_REASON(RSA_R_IQMP_NOT_INVERSE_OF_Q) ,"iqmp not inverse of q"}, {ERR_REASON(RSA_R_KEY_SIZE_TOO_SMALL) ,"key size too small"}, +{ERR_REASON(RSA_R_LAST_OCTET_INVALID) ,"last octet invalid"}, {ERR_REASON(RSA_R_NO_PUBLIC_EXPONENT) ,"no public exponent"}, {ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),"null before block missing"}, {ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q) ,"n does not equal p q"}, {ERR_REASON(RSA_R_OAEP_DECODING_ERROR) ,"oaep decoding error"}, +{ERR_REASON(RSA_R_ONE_CHECK_FAILED) ,"one check failed"}, {ERR_REASON(RSA_R_PADDING_CHECK_FAILED) ,"padding check failed"}, {ERR_REASON(RSA_R_P_NOT_PRIME) ,"p not prime"}, {ERR_REASON(RSA_R_Q_NOT_PRIME) ,"q not prime"}, @@ -139,6 +151,7 @@ static ERR_STRING_DATA RSA_str_reasons[]= {ERR_REASON(RSA_R_UNKNOWN_ALGORITHM_TYPE),"unknown algorithm type"}, {ERR_REASON(RSA_R_UNKNOWN_PADDING_TYPE) ,"unknown padding type"}, {ERR_REASON(RSA_R_WRONG_SIGNATURE_LENGTH),"wrong signature length"}, +{ERR_REASON(RSA_R_ZERO_CHECK_FAILED) ,"zero check failed"}, {0,NULL} }; diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c index 66d33e538a..45d6f6ef8a 100644 --- a/crypto/rsa/rsa_oaep.c +++ b/crypto/rsa/rsa_oaep.c @@ -170,28 +170,30 @@ decoding_err: return -1; } -int MGF1(unsigned char *mask, long len, - const unsigned char *seed, long seedlen) +int PKCS1_MGF1(unsigned char *mask, long len, + const unsigned char *seed, long seedlen, const EVP_MD *dgst) { long i, outlen = 0; unsigned char cnt[4]; EVP_MD_CTX c; - unsigned char md[SHA_DIGEST_LENGTH]; + unsigned char md[EVP_MAX_MD_SIZE]; + int mdlen; EVP_MD_CTX_init(&c); + mdlen = EVP_MD_size(dgst); for (i = 0; outlen < len; i++) { cnt[0] = (unsigned char)((i >> 24) & 255); cnt[1] = (unsigned char)((i >> 16) & 255); cnt[2] = (unsigned char)((i >> 8)) & 255; cnt[3] = (unsigned char)(i & 255); - EVP_DigestInit_ex(&c,EVP_sha1(), NULL); + EVP_DigestInit_ex(&c,dgst, NULL); EVP_DigestUpdate(&c, seed, seedlen); EVP_DigestUpdate(&c, cnt, 4); - if (outlen + SHA_DIGEST_LENGTH <= len) + if (outlen + mdlen <= len) { EVP_DigestFinal_ex(&c, mask + outlen, NULL); - outlen += SHA_DIGEST_LENGTH; + outlen += mdlen; } else { @@ -203,4 +205,9 @@ int MGF1(unsigned char *mask, long len, EVP_MD_CTX_cleanup(&c); return 0; } + +int MGF1(unsigned char *mask, long len, const unsigned char *seed, long seedlen) + { + return PKCS1_MGF1(mask, len, seed, seedlen, EVP_sha1()); + } #endif -- GitLab From 429168e7eecdb0b965db5ea445727a7e4cb37380 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Sat, 28 May 2005 20:44:37 +0000 Subject: [PATCH 179/929] Add pss/x931 files. --- crypto/rsa/rsa_pss.c | 220 ++++++++++++++++++++++++++++++++++++++++++ crypto/rsa/rsa_x931.c | 175 +++++++++++++++++++++++++++++++++ 2 files changed, 395 insertions(+) create mode 100644 crypto/rsa/rsa_pss.c create mode 100644 crypto/rsa/rsa_x931.c diff --git a/crypto/rsa/rsa_pss.c b/crypto/rsa/rsa_pss.c new file mode 100644 index 0000000000..a47035733d --- /dev/null +++ b/crypto/rsa/rsa_pss.c @@ -0,0 +1,220 @@ +/* rsa_pss.c */ +/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL + * project 2005. + */ +/* ==================================================================== + * Copyright (c) 2005 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +#include +#include "cryptlib.h" +#include +#include +#include +#include +#include + +const static unsigned char zeroes[] = {0,0,0,0,0,0,0,0}; + +int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash, + const EVP_MD *Hash, const unsigned char *EM, int sLen) + { + int i; + int ret = 0; + int hLen, maskedDBLen, emBits, emLen; + const unsigned char *H; + unsigned char *DB = NULL; + EVP_MD_CTX ctx; + unsigned char H_[EVP_MAX_MD_SIZE]; + emBits = BN_num_bits(rsa->n) - 1; + emLen = (emBits + 7) >> 3; + hLen = EVP_MD_size(Hash); + if (emLen < (hLen + sLen + 2)) + { + RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_DATA_TOO_LARGE); + goto err; + } + if (EM[emLen - 1] != 0xbc) + { + RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_LAST_OCTET_INVALID); + goto err; + } + if (EM[0] & (0xFF << (emBits & 0x7))) + { + RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_FIRST_OCTET_INVALID); + goto err; + } + maskedDBLen = emLen - hLen - 1; + H = EM + maskedDBLen; + DB = OPENSSL_malloc(maskedDBLen); + if (!DB) + { + RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, ERR_R_MALLOC_FAILURE); + goto err; + } + PKCS1_MGF1(DB, maskedDBLen, H, hLen, Hash); + for (i = 0; i < maskedDBLen; i++) + DB[i] ^= EM[i]; + DB[0] &= 0xFF >> (8 - (emBits & 0x7)); + for (i = 0; i < (emLen - hLen - sLen - 2); i++) + { + if (DB[i] != 0) + { + RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, + RSA_R_ZERO_CHECK_FAILED); + goto err; + } + } + if (DB[i] != 0x1) + { + RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_ONE_CHECK_FAILED); + goto err; + } + EVP_MD_CTX_init(&ctx); + EVP_DigestInit_ex(&ctx, Hash, NULL); + EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes); + EVP_DigestUpdate(&ctx, mHash, hLen); + if (sLen) + EVP_DigestUpdate(&ctx, DB + maskedDBLen - sLen, sLen); + EVP_DigestFinal(&ctx, H_, NULL); + EVP_MD_CTX_cleanup(&ctx); + if (memcmp(H_, H, hLen)) + { + RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_BAD_SIGNATURE); + ret = 0; + } + else + ret = 1; + + err: + if (DB) + OPENSSL_free(DB); + + return ret; + + } + +int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM, + const unsigned char *mHash, + const EVP_MD *Hash, int sLen) + { + int i; + int ret = 0; + int hLen, maskedDBLen, emBits, emLen; + unsigned char *H, *salt = NULL, *p; + EVP_MD_CTX ctx; + emBits = BN_num_bits(rsa->n) - 1; + emLen = (emBits + 7) >> 3; + hLen = EVP_MD_size(Hash); + if (sLen < 0) + sLen = 0; + if (emLen < (hLen + sLen + 2)) + { + RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS, + RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + goto err; + } + if (sLen > 0) + { + salt = OPENSSL_malloc(sLen); + if (!salt) + { + RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS, + ERR_R_MALLOC_FAILURE); + goto err; + } + if (!RAND_bytes(salt, sLen)) + goto err; + } + maskedDBLen = emLen - hLen - 1; + H = EM + maskedDBLen; + EVP_MD_CTX_init(&ctx); + EVP_DigestInit_ex(&ctx, Hash, NULL); + EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes); + EVP_DigestUpdate(&ctx, mHash, hLen); + if (sLen) + EVP_DigestUpdate(&ctx, salt, sLen); + EVP_DigestFinal(&ctx, H, NULL); + EVP_MD_CTX_cleanup(&ctx); + + /* Generate dbMask in place then perform XOR on it */ + PKCS1_MGF1(EM, maskedDBLen, H, hLen, Hash); + + p = EM; + + /* Initial PS XORs with all zeroes which is a NOP so just update + * pointer. Note from a test above this value is guaranteed to + * be non-negative. + */ + p += emLen - sLen - hLen - 2; + *p++ ^= 0x1; + if (sLen > 0) + { + for (i = 0; i < sLen; i++) + *p++ ^= salt[i]; + } + EM[0] &= 0xFF >> (8 - (emBits & 0x7)); + + /* H is already in place so just set final 0xbc */ + + EM[emLen - 1] = 0xbc; + + ret = 1; + + err: + if (salt) + OPENSSL_free(salt); + + return ret; + + } diff --git a/crypto/rsa/rsa_x931.c b/crypto/rsa/rsa_x931.c new file mode 100644 index 0000000000..ac3fde2a84 --- /dev/null +++ b/crypto/rsa/rsa_x931.c @@ -0,0 +1,175 @@ +/* rsa_x931.c */ +/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL + * project 2005. + */ +/* ==================================================================== + * Copyright (c) 2005 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +#include +#include "cryptlib.h" +#include +#include +#include +#include + +int RSA_padding_add_X931(unsigned char *to, int tlen, + const unsigned char *from, int flen) + { + int j; + unsigned char *p; + + /* Absolute minimum amount of padding is 1 header nibble, 1 padding + * nibble and 2 trailer bytes: but 1 hash if is already in 'from'. + */ + + j = tlen - flen - 2; + + if (j < 0) + { + RSAerr(RSA_F_RSA_PADDING_ADD_X931,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + return -1; + } + + p=(unsigned char *)to; + + /* If no padding start and end nibbles are in one byte */ + if (j == 0) + *p++ = 0x6A; + else + { + *p++ = 0x6B; + if (j > 1) + { + memset(p, 0xBB, j - 1); + p += j - 1; + } + *p++ = 0xBA; + } + memcpy(p,from,(unsigned int)flen); + p += flen; + *p = 0xCC; + return(1); + } + +int RSA_padding_check_X931(unsigned char *to, int tlen, + const unsigned char *from, int flen, int num) + { + int i,j; + const unsigned char *p; + + p=from; + if ((num != flen) || ((*p != 0x6A) && (*p != 0x6B))) + { + RSAerr(RSA_F_RSA_PADDING_CHECK_X931,RSA_R_INVALID_HEADER); + return -1; + } + + j=flen-3; + if (*p++ == 0x6B) + { + for (i = 0; i < j; i++) + { + unsigned char c = *p++; + if (c == 0xBA) + break; + if (c != 0xBB) + { + RSAerr(RSA_F_RSA_PADDING_CHECK_X931, + RSA_R_INVALID_PADDING); + return -1; + } + } + } + + j -= i; + + if (i == 0) + { + RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_PADDING); + return -1; + } + + if (p[j] != 0xCC) + { + RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_TRAILER); + return -1; + } + + memcpy(to,p,(unsigned int)j); + + return(j); + } + +/* Translate between X931 hash ids and NIDs */ + +int RSA_X931_hash_id(int nid) + { + switch (nid) + { + case NID_sha1: + return 0x33; + + case NID_sha256: + return 0x34; + + case NID_sha384: + return 0x36; + + case NID_sha512: + return 0x35; + + } + return -1; + } + -- GitLab From dea446d9953539e5ac79fddc1230bc2da441de9e Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Sat, 28 May 2005 20:49:09 +0000 Subject: [PATCH 180/929] Update from 0.9.7-stable branch. --- apps/rsautl.c | 1 + crypto/rsa/Makefile | 4 ++-- crypto/rsa/rsa.h | 39 ++++++++++++++++++++++++++++++--------- crypto/rsa/rsa_eay.c | 26 +++++++++++++++++++++++--- crypto/rsa/rsa_err.c | 13 +++++++++++++ crypto/rsa/rsa_oaep.c | 19 +++++++++++++------ 6 files changed, 82 insertions(+), 20 deletions(-) diff --git a/apps/rsautl.c b/apps/rsautl.c index 596199010a..a629ff50ac 100644 --- a/apps/rsautl.c +++ b/apps/rsautl.c @@ -148,6 +148,7 @@ int MAIN(int argc, char **argv) else if(!strcmp(*argv, "-oaep")) pad = RSA_PKCS1_OAEP_PADDING; else if(!strcmp(*argv, "-ssl")) pad = RSA_SSLV23_PADDING; else if(!strcmp(*argv, "-pkcs")) pad = RSA_PKCS1_PADDING; + else if(!strcmp(*argv, "-x931")) pad = RSA_X931_PADDING; else if(!strcmp(*argv, "-sign")) { rsa_mode = RSA_SIGN; need_priv = 1; diff --git a/crypto/rsa/Makefile b/crypto/rsa/Makefile index e406f2450e..6c05226522 100644 --- a/crypto/rsa/Makefile +++ b/crypto/rsa/Makefile @@ -19,10 +19,10 @@ APPS= LIB=$(TOP)/libcrypto.a LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \ rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \ - rsa_asn1.c rsa_depr.c + rsa_pss.c rsa_x931.c rsa_asn1.c rsa_depr.c LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \ rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \ - rsa_asn1.o rsa_depr.o + rsa_pss.o rsa_x931.o rsa_asn1.o rsa_depr.o SRC= $(LIBSRC) diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h index dcefebad21..2dd403b81b 100644 --- a/crypto/rsa/rsa.h +++ b/crypto/rsa/rsa.h @@ -196,6 +196,7 @@ struct rsa_st #define RSA_SSLV23_PADDING 2 #define RSA_NO_PADDING 3 #define RSA_PKCS1_OAEP_PADDING 4 +#define RSA_X931_PADDING 5 #define RSA_PKCS1_PADDING_SIZE 11 @@ -297,6 +298,8 @@ int RSA_padding_add_PKCS1_type_2(unsigned char *to,int tlen, const unsigned char *f,int fl); int RSA_padding_check_PKCS1_type_2(unsigned char *to,int tlen, const unsigned char *f,int fl,int rsa_len); +int PKCS1_MGF1(unsigned char *mask, long len, + const unsigned char *seed, long seedlen, const EVP_MD *dgst); int RSA_padding_add_PKCS1_OAEP(unsigned char *to,int tlen, const unsigned char *f,int fl, const unsigned char *p,int pl); @@ -311,6 +314,11 @@ int RSA_padding_add_none(unsigned char *to,int tlen, const unsigned char *f,int fl); int RSA_padding_check_none(unsigned char *to,int tlen, const unsigned char *f,int fl,int rsa_len); +int RSA_padding_add_X931(unsigned char *to,int tlen, + const unsigned char *f,int fl); +int RSA_padding_check_X931(unsigned char *to,int tlen, + const unsigned char *f,int fl,int rsa_len); +int RSA_X931_hash_id(int nid); int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); @@ -329,37 +337,43 @@ void ERR_load_RSA_strings(void); /* Error codes for the RSA functions. */ /* Function codes. */ -#define RSA_F_RSA_BUILTIN_KEYGEN 105 +#define RSA_F_MEMORY_LOCK 100 +#define RSA_F_RSA_BUILTIN_KEYGEN 129 #define RSA_F_RSA_CHECK_KEY 123 #define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101 #define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102 #define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103 #define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104 -#define RSA_F_RSA_MEMORY_LOCK 100 +#define RSA_F_RSA_GENERATE_KEY 105 +#define RSA_F_RSA_MEMORY_LOCK 130 #define RSA_F_RSA_NEW_METHOD 106 #define RSA_F_RSA_NULL 124 -#define RSA_F_RSA_NULL_MOD_EXP 126 -#define RSA_F_RSA_NULL_PRIVATE_DECRYPT 127 -#define RSA_F_RSA_NULL_PRIVATE_ENCRYPT 128 -#define RSA_F_RSA_NULL_PUBLIC_DECRYPT 129 -#define RSA_F_RSA_NULL_PUBLIC_ENCRYPT 130 +#define RSA_F_RSA_NULL_MOD_EXP 131 +#define RSA_F_RSA_NULL_PRIVATE_DECRYPT 132 +#define RSA_F_RSA_NULL_PRIVATE_ENCRYPT 133 +#define RSA_F_RSA_NULL_PUBLIC_DECRYPT 134 +#define RSA_F_RSA_NULL_PUBLIC_ENCRYPT 135 #define RSA_F_RSA_PADDING_ADD_NONE 107 #define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121 +#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 125 #define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108 #define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109 #define RSA_F_RSA_PADDING_ADD_SSLV23 110 +#define RSA_F_RSA_PADDING_ADD_X931 127 #define RSA_F_RSA_PADDING_CHECK_NONE 111 #define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP 122 #define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 112 #define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 113 #define RSA_F_RSA_PADDING_CHECK_SSLV23 114 +#define RSA_F_RSA_PADDING_CHECK_X931 128 #define RSA_F_RSA_PRINT 115 #define RSA_F_RSA_PRINT_FP 116 -#define RSA_F_RSA_SETUP_BLINDING 125 +#define RSA_F_RSA_SETUP_BLINDING 136 #define RSA_F_RSA_SIGN 117 #define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118 #define RSA_F_RSA_VERIFY 119 #define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120 +#define RSA_F_RSA_VERIFY_PKCS1_PSS 126 /* Reason codes. */ #define RSA_R_ALGORITHM_MISMATCH 100 @@ -379,13 +393,19 @@ void ERR_load_RSA_strings(void); #define RSA_R_DMP1_NOT_CONGRUENT_TO_D 124 #define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125 #define RSA_R_D_E_NOT_CONGRUENT_TO_1 123 +#define RSA_R_FIRST_OCTET_INVALID 133 +#define RSA_R_INVALID_HEADER 137 #define RSA_R_INVALID_MESSAGE_LENGTH 131 +#define RSA_R_INVALID_PADDING 138 +#define RSA_R_INVALID_TRAILER 139 #define RSA_R_IQMP_NOT_INVERSE_OF_Q 126 #define RSA_R_KEY_SIZE_TOO_SMALL 120 -#define RSA_R_NO_PUBLIC_EXPONENT 133 +#define RSA_R_LAST_OCTET_INVALID 134 +#define RSA_R_NO_PUBLIC_EXPONENT 140 #define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 #define RSA_R_N_DOES_NOT_EQUAL_P_Q 127 #define RSA_R_OAEP_DECODING_ERROR 121 +#define RSA_R_ONE_CHECK_FAILED 135 #define RSA_R_PADDING_CHECK_FAILED 114 #define RSA_R_P_NOT_PRIME 128 #define RSA_R_Q_NOT_PRIME 129 @@ -395,6 +415,7 @@ void ERR_load_RSA_strings(void); #define RSA_R_UNKNOWN_ALGORITHM_TYPE 117 #define RSA_R_UNKNOWN_PADDING_TYPE 118 #define RSA_R_WRONG_SIGNATURE_LENGTH 119 +#define RSA_R_ZERO_CHECK_FAILED 136 #ifdef __cplusplus } diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c index 6954f36d5d..620ac5544b 100644 --- a/crypto/rsa/rsa_eay.c +++ b/crypto/rsa/rsa_eay.c @@ -309,7 +309,7 @@ static int rsa_blinding_invert(BN_BLINDING *b, int local, BIGNUM *f, static int RSA_eay_private_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { - BIGNUM *f, *ret, *br; + BIGNUM *f, *ret, *br, *res; int i,j,k,num=0,r= -1; unsigned char *buf=NULL; BN_CTX *ctx=NULL; @@ -334,6 +334,9 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, case RSA_PKCS1_PADDING: i=RSA_padding_add_PKCS1_type_1(buf,num,from,flen); break; + case RSA_X931_PADDING: + i=RSA_padding_add_X931(buf,num,from,flen); + break; case RSA_NO_PADDING: i=RSA_padding_add_none(buf,num,from,flen); break; @@ -400,10 +403,21 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, if (!rsa_blinding_invert(blinding, local_blinding, ret, br, ctx)) goto err; + if (padding == RSA_X931_PADDING) + { + BN_sub(f, rsa->n, ret); + if (BN_cmp(ret, f)) + res = f; + else + res = ret; + } + else + res = ret; + /* put in leading 0 bytes if the number is less than the * length of the modulus */ - j=BN_num_bytes(ret); - i=BN_bn2bin(ret,&(to[num-j])); + j=BN_num_bytes(res); + i=BN_bn2bin(res,&(to[num-j])); for (k=0; k<(num-i); k++) to[k]=0; @@ -593,6 +607,9 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from, if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx, rsa->_method_mod_n)) goto err; + if ((padding == RSA_X931_PADDING) && ((ret->d[0] & 0xf) != 12)) + BN_sub(ret, rsa->n, ret); + p=buf; i=BN_bn2bin(ret,p); @@ -601,6 +618,9 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from, case RSA_PKCS1_PADDING: r=RSA_padding_check_PKCS1_type_1(to,num,buf,i,num); break; + case RSA_X931_PADDING: + r=RSA_padding_check_X931(to,num,buf,i,num); + break; case RSA_NO_PADDING: r=RSA_padding_check_none(to,num,buf,i,num); break; diff --git a/crypto/rsa/rsa_err.c b/crypto/rsa/rsa_err.c index b2ac6c22a9..48e8f39314 100644 --- a/crypto/rsa/rsa_err.c +++ b/crypto/rsa/rsa_err.c @@ -70,12 +70,14 @@ static ERR_STRING_DATA RSA_str_functs[]= { +{ERR_FUNC(RSA_F_MEMORY_LOCK), "MEMORY_LOCK"}, {ERR_FUNC(RSA_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"}, {ERR_FUNC(RSA_F_RSA_CHECK_KEY), "RSA_check_key"}, {ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_DECRYPT), "RSA_EAY_PRIVATE_DECRYPT"}, {ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_ENCRYPT), "RSA_EAY_PRIVATE_ENCRYPT"}, {ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"}, {ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"}, +{ERR_FUNC(RSA_F_RSA_GENERATE_KEY), "RSA_generate_key"}, {ERR_FUNC(RSA_F_RSA_MEMORY_LOCK), "RSA_memory_lock"}, {ERR_FUNC(RSA_F_RSA_NEW_METHOD), "RSA_new_method"}, {ERR_FUNC(RSA_F_RSA_NULL), "RSA_NULL"}, @@ -86,14 +88,17 @@ static ERR_STRING_DATA RSA_str_functs[]= {ERR_FUNC(RSA_F_RSA_NULL_PUBLIC_ENCRYPT), "RSA_NULL_PUBLIC_ENCRYPT"}, {ERR_FUNC(RSA_F_RSA_PADDING_ADD_NONE), "RSA_padding_add_none"}, {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP), "RSA_padding_add_PKCS1_OAEP"}, +{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS), "RSA_PADDING_ADD_PKCS1_PSS"}, {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1), "RSA_padding_add_PKCS1_type_1"}, {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2), "RSA_padding_add_PKCS1_type_2"}, {ERR_FUNC(RSA_F_RSA_PADDING_ADD_SSLV23), "RSA_padding_add_SSLv23"}, +{ERR_FUNC(RSA_F_RSA_PADDING_ADD_X931), "RSA_padding_add_X931"}, {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_NONE), "RSA_padding_check_none"}, {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP), "RSA_padding_check_PKCS1_OAEP"}, {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1), "RSA_padding_check_PKCS1_type_1"}, {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2), "RSA_padding_check_PKCS1_type_2"}, {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_SSLV23), "RSA_padding_check_SSLv23"}, +{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_X931), "RSA_padding_check_X931"}, {ERR_FUNC(RSA_F_RSA_PRINT), "RSA_print"}, {ERR_FUNC(RSA_F_RSA_PRINT_FP), "RSA_print_fp"}, {ERR_FUNC(RSA_F_RSA_SETUP_BLINDING), "RSA_setup_blinding"}, @@ -101,6 +106,7 @@ static ERR_STRING_DATA RSA_str_functs[]= {ERR_FUNC(RSA_F_RSA_SIGN_ASN1_OCTET_STRING), "RSA_sign_ASN1_OCTET_STRING"}, {ERR_FUNC(RSA_F_RSA_VERIFY), "RSA_verify"}, {ERR_FUNC(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING), "RSA_verify_ASN1_OCTET_STRING"}, +{ERR_FUNC(RSA_F_RSA_VERIFY_PKCS1_PSS), "RSA_VERIFY_PKCS1_PSS"}, {0,NULL} }; @@ -123,13 +129,19 @@ static ERR_STRING_DATA RSA_str_reasons[]= {ERR_REASON(RSA_R_DMP1_NOT_CONGRUENT_TO_D),"dmp1 not congruent to d"}, {ERR_REASON(RSA_R_DMQ1_NOT_CONGRUENT_TO_D),"dmq1 not congruent to d"}, {ERR_REASON(RSA_R_D_E_NOT_CONGRUENT_TO_1),"d e not congruent to 1"}, +{ERR_REASON(RSA_R_FIRST_OCTET_INVALID) ,"first octet invalid"}, +{ERR_REASON(RSA_R_INVALID_HEADER) ,"invalid header"}, {ERR_REASON(RSA_R_INVALID_MESSAGE_LENGTH),"invalid message length"}, +{ERR_REASON(RSA_R_INVALID_PADDING) ,"invalid padding"}, +{ERR_REASON(RSA_R_INVALID_TRAILER) ,"invalid trailer"}, {ERR_REASON(RSA_R_IQMP_NOT_INVERSE_OF_Q) ,"iqmp not inverse of q"}, {ERR_REASON(RSA_R_KEY_SIZE_TOO_SMALL) ,"key size too small"}, +{ERR_REASON(RSA_R_LAST_OCTET_INVALID) ,"last octet invalid"}, {ERR_REASON(RSA_R_NO_PUBLIC_EXPONENT) ,"no public exponent"}, {ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),"null before block missing"}, {ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q) ,"n does not equal p q"}, {ERR_REASON(RSA_R_OAEP_DECODING_ERROR) ,"oaep decoding error"}, +{ERR_REASON(RSA_R_ONE_CHECK_FAILED) ,"one check failed"}, {ERR_REASON(RSA_R_PADDING_CHECK_FAILED) ,"padding check failed"}, {ERR_REASON(RSA_R_P_NOT_PRIME) ,"p not prime"}, {ERR_REASON(RSA_R_Q_NOT_PRIME) ,"q not prime"}, @@ -139,6 +151,7 @@ static ERR_STRING_DATA RSA_str_reasons[]= {ERR_REASON(RSA_R_UNKNOWN_ALGORITHM_TYPE),"unknown algorithm type"}, {ERR_REASON(RSA_R_UNKNOWN_PADDING_TYPE) ,"unknown padding type"}, {ERR_REASON(RSA_R_WRONG_SIGNATURE_LENGTH),"wrong signature length"}, +{ERR_REASON(RSA_R_ZERO_CHECK_FAILED) ,"zero check failed"}, {0,NULL} }; diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c index 66d33e538a..45d6f6ef8a 100644 --- a/crypto/rsa/rsa_oaep.c +++ b/crypto/rsa/rsa_oaep.c @@ -170,28 +170,30 @@ decoding_err: return -1; } -int MGF1(unsigned char *mask, long len, - const unsigned char *seed, long seedlen) +int PKCS1_MGF1(unsigned char *mask, long len, + const unsigned char *seed, long seedlen, const EVP_MD *dgst) { long i, outlen = 0; unsigned char cnt[4]; EVP_MD_CTX c; - unsigned char md[SHA_DIGEST_LENGTH]; + unsigned char md[EVP_MAX_MD_SIZE]; + int mdlen; EVP_MD_CTX_init(&c); + mdlen = EVP_MD_size(dgst); for (i = 0; outlen < len; i++) { cnt[0] = (unsigned char)((i >> 24) & 255); cnt[1] = (unsigned char)((i >> 16) & 255); cnt[2] = (unsigned char)((i >> 8)) & 255; cnt[3] = (unsigned char)(i & 255); - EVP_DigestInit_ex(&c,EVP_sha1(), NULL); + EVP_DigestInit_ex(&c,dgst, NULL); EVP_DigestUpdate(&c, seed, seedlen); EVP_DigestUpdate(&c, cnt, 4); - if (outlen + SHA_DIGEST_LENGTH <= len) + if (outlen + mdlen <= len) { EVP_DigestFinal_ex(&c, mask + outlen, NULL); - outlen += SHA_DIGEST_LENGTH; + outlen += mdlen; } else { @@ -203,4 +205,9 @@ int MGF1(unsigned char *mask, long len, EVP_MD_CTX_cleanup(&c); return 0; } + +int MGF1(unsigned char *mask, long len, const unsigned char *seed, long seedlen) + { + return PKCS1_MGF1(mask, len, seed, seedlen, EVP_sha1()); + } #endif -- GitLab From b4d2858f95e12a8271839357996422141550460c Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Sat, 28 May 2005 20:50:11 +0000 Subject: [PATCH 181/929] Add PSS prototype to rsa.h --- crypto/rsa/rsa.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h index 2dd403b81b..1f6131b42a 100644 --- a/crypto/rsa/rsa.h +++ b/crypto/rsa/rsa.h @@ -320,6 +320,12 @@ int RSA_padding_check_X931(unsigned char *to,int tlen, const unsigned char *f,int fl,int rsa_len); int RSA_X931_hash_id(int nid); +int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash, + const EVP_MD *Hash, const unsigned char *EM, int sLen); +int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM, + const unsigned char *mHash, + const EVP_MD *Hash, int sLen); + int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); int RSA_set_ex_data(RSA *r,int idx,void *arg); -- GitLab From c9028b0ab5c1cb13542418887be3e64fcd99954b Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sun, 29 May 2005 11:26:56 +0000 Subject: [PATCH 182/929] Typo --- crypto/bn/bn_nist.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/bn/bn_nist.c b/crypto/bn/bn_nist.c index b42ad01a43..faf0e347e2 100644 --- a/crypto/bn/bn_nist.c +++ b/crypto/bn/bn_nist.c @@ -283,7 +283,7 @@ int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, nist_cp_bn_0(buf, a_d + BN_NIST_192_TOP, top - BN_NIST_192_TOP, BN_NIST_192_TOP); #if defined(OPENSSL_SYS_VMS) && defined(__DECC) -# pragma save +# pragma message save # pragma message disable BADSUBSCRIPT #endif @@ -296,7 +296,7 @@ int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, ++carry; #if defined(OPENSSL_SYS_VMS) && defined(__DECC) -# pragma restore +# pragma message restore #endif nist_set_192(t_d, buf, 5, 5, 5) -- GitLab From 9426364be904d3541e845c23c7b9f86cd4498380 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sun, 29 May 2005 12:11:50 +0000 Subject: [PATCH 183/929] Typo --- crypto/bn/bn_nist.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/bn/bn_nist.c b/crypto/bn/bn_nist.c index b42ad01a43..faf0e347e2 100644 --- a/crypto/bn/bn_nist.c +++ b/crypto/bn/bn_nist.c @@ -283,7 +283,7 @@ int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, nist_cp_bn_0(buf, a_d + BN_NIST_192_TOP, top - BN_NIST_192_TOP, BN_NIST_192_TOP); #if defined(OPENSSL_SYS_VMS) && defined(__DECC) -# pragma save +# pragma message save # pragma message disable BADSUBSCRIPT #endif @@ -296,7 +296,7 @@ int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, ++carry; #if defined(OPENSSL_SYS_VMS) && defined(__DECC) -# pragma restore +# pragma message restore #endif nist_set_192(t_d, buf, 5, 5, 5) -- GitLab From e96025755d50e3b72468dc9b346c336e25866aaf Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sun, 29 May 2005 12:13:20 +0000 Subject: [PATCH 184/929] We have some source with \r\n as line ends. DEC C informs about that, and I really can't be bothered... --- apps/makeapps.com | 2 +- crypto/crypto-lib.com | 2 +- ssl/ssl-lib.com | 2 +- test/maketests.com | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/apps/makeapps.com b/apps/makeapps.com index 91f5cec66c..ee957fa696 100644 --- a/apps/makeapps.com +++ b/apps/makeapps.com @@ -650,7 +650,7 @@ $ CCDEFS = "MONOLITH" $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS $ CCEXTRAFLAGS = "" $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS -$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX" +$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR" $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN - CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS $! diff --git a/crypto/crypto-lib.com b/crypto/crypto-lib.com index d73d642fb6..c51a2b0eab 100644 --- a/crypto/crypto-lib.com +++ b/crypto/crypto-lib.com @@ -970,7 +970,7 @@ $ CCDEFS = "TCPIP_TYPE_''P4',DSO_VMS" $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS $ CCEXTRAFLAGS = "" $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS -$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX" +$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR" $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN - CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS $! diff --git a/ssl/ssl-lib.com b/ssl/ssl-lib.com index 163ade9f7a..f0665c6b86 100644 --- a/ssl/ssl-lib.com +++ b/ssl/ssl-lib.com @@ -749,7 +749,7 @@ $ CCDEFS = "TCPIP_TYPE_''P4'" $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS $ CCEXTRAFLAGS = "" $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS -$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX" +$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR" $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN - CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS $! diff --git a/test/maketests.com b/test/maketests.com index 6da2620d98..14cbf06088 100644 --- a/test/maketests.com +++ b/test/maketests.com @@ -588,7 +588,7 @@ $ CCDEFS = "TCPIP_TYPE_''P3'" $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS $ CCEXTRAFLAGS = "" $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS -$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX" +$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR" $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN - CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS $! -- GitLab From 80b168a5a932c804d402486abd417494427d9b4c Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sun, 29 May 2005 12:13:51 +0000 Subject: [PATCH 185/929] We have some source with \r\n as line ends. DEC C informs about that, and I really can't be bothered... --- apps/makeapps.com | 2 +- crypto/crypto-lib.com | 2 +- ssl/ssl-lib.com | 2 +- test/maketests.com | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/apps/makeapps.com b/apps/makeapps.com index 91f5cec66c..ee957fa696 100644 --- a/apps/makeapps.com +++ b/apps/makeapps.com @@ -650,7 +650,7 @@ $ CCDEFS = "MONOLITH" $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS $ CCEXTRAFLAGS = "" $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS -$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX" +$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR" $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN - CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS $! diff --git a/crypto/crypto-lib.com b/crypto/crypto-lib.com index d73d642fb6..c51a2b0eab 100644 --- a/crypto/crypto-lib.com +++ b/crypto/crypto-lib.com @@ -970,7 +970,7 @@ $ CCDEFS = "TCPIP_TYPE_''P4',DSO_VMS" $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS $ CCEXTRAFLAGS = "" $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS -$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX" +$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR" $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN - CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS $! diff --git a/ssl/ssl-lib.com b/ssl/ssl-lib.com index 163ade9f7a..f0665c6b86 100644 --- a/ssl/ssl-lib.com +++ b/ssl/ssl-lib.com @@ -749,7 +749,7 @@ $ CCDEFS = "TCPIP_TYPE_''P4'" $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS $ CCEXTRAFLAGS = "" $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS -$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX" +$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR" $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN - CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS $! diff --git a/test/maketests.com b/test/maketests.com index 6da2620d98..14cbf06088 100644 --- a/test/maketests.com +++ b/test/maketests.com @@ -588,7 +588,7 @@ $ CCDEFS = "TCPIP_TYPE_''P3'" $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS $ CCEXTRAFLAGS = "" $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS -$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX" +$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR" $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN - CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS $! -- GitLab From a2c32e2d7fbd275d22b42532139ef237bc83aa06 Mon Sep 17 00:00:00 2001 From: Geoff Thorpe Date: Sun, 29 May 2005 19:14:21 +0000 Subject: [PATCH 186/929] Change the source and output paths for 'chil' and '4758cca' engines so that dynamic loading is consistent with respect to engine ids. --- CHANGES | 7 ++ engines/Makefile | 82 +++++++++---------- engines/e_4758_cca.ec | 1 - engines/{e_4758_cca.c => e_4758cca.c} | 2 +- engines/e_4758cca.ec | 1 + engines/{e_4758_cca_err.c => e_4758cca_err.c} | 4 +- engines/{e_4758_cca_err.h => e_4758cca_err.h} | 0 engines/{e_ncipher.c => e_chil.c} | 2 +- engines/e_chil.ec | 1 + engines/{e_ncipher_err.c => e_chil_err.c} | 4 +- engines/{e_ncipher_err.h => e_chil_err.h} | 0 engines/e_ncipher.ec | 1 - engines/makeengines.com | 6 +- 13 files changed, 59 insertions(+), 52 deletions(-) delete mode 100644 engines/e_4758_cca.ec rename engines/{e_4758_cca.c => e_4758cca.c} (99%) create mode 100644 engines/e_4758cca.ec rename engines/{e_4758_cca_err.c => e_4758cca_err.c} (99%) rename engines/{e_4758_cca_err.h => e_4758cca_err.h} (100%) rename engines/{e_ncipher.c => e_chil.c} (99%) create mode 100644 engines/e_chil.ec rename engines/{e_ncipher_err.c => e_chil_err.c} (99%) rename engines/{e_ncipher_err.h => e_chil_err.h} (100%) delete mode 100644 engines/e_ncipher.ec diff --git a/CHANGES b/CHANGES index 3b68628fb2..76406f27a1 100644 --- a/CHANGES +++ b/CHANGES @@ -8,6 +8,13 @@ Changes between 0.9.7h and 0.9.8 [xx XXX xxxx] + *) Correct naming of the 'chil' and '4758cca' ENGINEs. This + involves renaming the source and generated shared-libs for + both. The engines will accept the corrected or legacy ids + ('ncipher' and '4758_cca' respectively) when binding. NB, + this only applies when building 'shared'. + [Corinna Vinschen and Geoff Thorpe] + *) Add attribute functions to EVP_PKEY structure. Modify PKCS12_create() to recognize a CSP name attribute and use it. Make -CSP option work again in pkcs12 utility. diff --git a/engines/Makefile b/engines/Makefile index bf19edfe0b..bb338258de 100644 --- a/engines/Makefile +++ b/engines/Makefile @@ -20,23 +20,23 @@ TEST= APPS= LIB=$(TOP)/libcrypto.a -LIBNAMES= 4758_cca aep atalla cswift gmp ncipher nuron sureware ubsec +LIBNAMES= 4758cca aep atalla cswift gmp chil nuron sureware ubsec -LIBSRC= e_4758_cca.c \ +LIBSRC= e_4758cca.c \ e_aep.c \ e_atalla.c \ e_cswift.c \ e_gmp.c \ - e_ncipher.c \ + e_chil.c \ e_nuron.c \ e_sureware.c \ e_ubsec.c -LIBOBJ= e_4758_cca.o \ +LIBOBJ= e_4758cca.o \ e_aep.o \ e_atalla.o \ e_cswift.o \ e_gmp.o \ - e_ncipher.o \ + e_chil.o \ e_nuron.o \ e_sureware.o \ e_ubsec.o @@ -44,12 +44,12 @@ LIBOBJ= e_4758_cca.o \ SRC= $(LIBSRC) EXHEADER= -HEADER= e_4758_cca_err.c e_4758_cca_err.h \ +HEADER= e_4758cca_err.c e_4758cca_err.h \ e_aep_err.c e_aep_err.h \ e_atalla_err.c e_atalla_err.h \ e_cswift_err.c e_cswift_err.h \ e_gmp_err.c e_gmp_err.h \ - e_ncipher_err.c e_ncipher_err.h \ + e_chil_err.c e_chil_err.h \ e_nuron_err.c e_nuron_err.h \ e_sureware_err.c e_sureware_err.h \ e_ubsec_err.c e_ubsec_err.h @@ -130,22 +130,22 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -e_4758_cca.o: ../include/openssl/asn1.h ../include/openssl/bio.h -e_4758_cca.o: ../include/openssl/bn.h ../include/openssl/buffer.h -e_4758_cca.o: ../include/openssl/crypto.h ../include/openssl/dso.h -e_4758_cca.o: ../include/openssl/e_os2.h ../include/openssl/ec.h -e_4758_cca.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h -e_4758_cca.o: ../include/openssl/engine.h ../include/openssl/err.h -e_4758_cca.o: ../include/openssl/evp.h ../include/openssl/lhash.h -e_4758_cca.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -e_4758_cca.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -e_4758_cca.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h -e_4758_cca.o: ../include/openssl/rand.h ../include/openssl/rsa.h -e_4758_cca.o: ../include/openssl/safestack.h ../include/openssl/sha.h -e_4758_cca.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -e_4758_cca.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -e_4758_cca.o: e_4758_cca.c e_4758_cca_err.c e_4758_cca_err.h -e_4758_cca.o: vendor_defns/hw_4758_cca.h +e_4758cca.o: ../include/openssl/asn1.h ../include/openssl/bio.h +e_4758cca.o: ../include/openssl/bn.h ../include/openssl/buffer.h +e_4758cca.o: ../include/openssl/crypto.h ../include/openssl/dso.h +e_4758cca.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +e_4758cca.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +e_4758cca.o: ../include/openssl/engine.h ../include/openssl/err.h +e_4758cca.o: ../include/openssl/evp.h ../include/openssl/lhash.h +e_4758cca.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +e_4758cca.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +e_4758cca.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h +e_4758cca.o: ../include/openssl/rand.h ../include/openssl/rsa.h +e_4758cca.o: ../include/openssl/safestack.h ../include/openssl/sha.h +e_4758cca.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +e_4758cca.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +e_4758cca.o: e_4758cca.c e_4758cca_err.c e_4758cca_err.h +e_4758cca.o: vendor_defns/hw_4758_cca.h e_aep.o: ../include/openssl/asn1.h ../include/openssl/bio.h e_aep.o: ../include/openssl/bn.h ../include/openssl/buffer.h e_aep.o: ../include/openssl/crypto.h ../include/openssl/dh.h @@ -184,24 +184,24 @@ e_gmp.o: ../include/openssl/e_os2.h ../include/openssl/engine.h e_gmp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h e_gmp.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h e_gmp.o: ../include/openssl/stack.h ../include/openssl/symhacks.h e_gmp.c -e_ncipher.o: ../include/openssl/asn1.h ../include/openssl/bio.h -e_ncipher.o: ../include/openssl/bn.h ../include/openssl/buffer.h -e_ncipher.o: ../include/openssl/crypto.h ../include/openssl/dh.h -e_ncipher.o: ../include/openssl/dso.h ../include/openssl/e_os2.h -e_ncipher.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -e_ncipher.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h -e_ncipher.o: ../include/openssl/err.h ../include/openssl/evp.h -e_ncipher.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -e_ncipher.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -e_ncipher.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -e_ncipher.o: ../include/openssl/pem.h ../include/openssl/pem2.h -e_ncipher.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -e_ncipher.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -e_ncipher.o: ../include/openssl/sha.h ../include/openssl/stack.h -e_ncipher.o: ../include/openssl/symhacks.h ../include/openssl/ui.h -e_ncipher.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -e_ncipher.o: e_ncipher.c e_ncipher_err.c e_ncipher_err.h -e_ncipher.o: vendor_defns/hwcryptohook.h +e_chil.o: ../include/openssl/asn1.h ../include/openssl/bio.h +e_chil.o: ../include/openssl/bn.h ../include/openssl/buffer.h +e_chil.o: ../include/openssl/crypto.h ../include/openssl/dh.h +e_chil.o: ../include/openssl/dso.h ../include/openssl/e_os2.h +e_chil.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +e_chil.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +e_chil.o: ../include/openssl/err.h ../include/openssl/evp.h +e_chil.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +e_chil.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +e_chil.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +e_chil.o: ../include/openssl/pem.h ../include/openssl/pem2.h +e_chil.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +e_chil.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +e_chil.o: ../include/openssl/sha.h ../include/openssl/stack.h +e_chil.o: ../include/openssl/symhacks.h ../include/openssl/ui.h +e_chil.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +e_chil.o: e_chil.c e_chil_err.c e_chil_err.h +e_chil.o: vendor_defns/hwcryptohook.h e_nuron.o: ../include/openssl/asn1.h ../include/openssl/bio.h e_nuron.o: ../include/openssl/bn.h ../include/openssl/buffer.h e_nuron.o: ../include/openssl/crypto.h ../include/openssl/dh.h diff --git a/engines/e_4758_cca.ec b/engines/e_4758_cca.ec deleted file mode 100644 index 2919969466..0000000000 --- a/engines/e_4758_cca.ec +++ /dev/null @@ -1 +0,0 @@ -L CCA4758 e_4758_cca_err.h e_4758_cca_err.c diff --git a/engines/e_4758_cca.c b/engines/e_4758cca.c similarity index 99% rename from engines/e_4758_cca.c rename to engines/e_4758cca.c index d01a037835..e7f308e314 100644 --- a/engines/e_4758_cca.c +++ b/engines/e_4758cca.c @@ -73,7 +73,7 @@ #include "vendor_defns/hw_4758_cca.h" #endif -#include "e_4758_cca_err.c" +#include "e_4758cca_err.c" static int ibm_4758_cca_destroy(ENGINE *e); static int ibm_4758_cca_init(ENGINE *e); diff --git a/engines/e_4758cca.ec b/engines/e_4758cca.ec new file mode 100644 index 0000000000..f30ed02c05 --- /dev/null +++ b/engines/e_4758cca.ec @@ -0,0 +1 @@ +L CCA4758 e_4758cca_err.h e_4758cca_err.c diff --git a/engines/e_4758_cca_err.c b/engines/e_4758cca_err.c similarity index 99% rename from engines/e_4758_cca_err.c rename to engines/e_4758cca_err.c index 5d26450fe1..6ecdc6e627 100644 --- a/engines/e_4758_cca_err.c +++ b/engines/e_4758cca_err.c @@ -1,4 +1,4 @@ -/* e_4758_cca_err.c */ +/* e_4758cca_err.c */ /* ==================================================================== * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. * @@ -60,7 +60,7 @@ #include #include -#include "e_4758_cca_err.h" +#include "e_4758cca_err.h" /* BEGIN ERROR CODES */ #ifndef OPENSSL_NO_ERR diff --git a/engines/e_4758_cca_err.h b/engines/e_4758cca_err.h similarity index 100% rename from engines/e_4758_cca_err.h rename to engines/e_4758cca_err.h diff --git a/engines/e_ncipher.c b/engines/e_chil.c similarity index 99% rename from engines/e_ncipher.c rename to engines/e_chil.c index 11ae5aec82..14654a7833 100644 --- a/engines/e_ncipher.c +++ b/engines/e_chil.c @@ -87,7 +87,7 @@ #endif #define HWCRHK_LIB_NAME "hwcrhk engine" -#include "e_ncipher_err.c" +#include "e_chil_err.c" static int hwcrhk_destroy(ENGINE *e); static int hwcrhk_init(ENGINE *e); diff --git a/engines/e_chil.ec b/engines/e_chil.ec new file mode 100644 index 0000000000..b5a76e17df --- /dev/null +++ b/engines/e_chil.ec @@ -0,0 +1 @@ +L HWCRHK e_chil_err.h e_chil_err.c diff --git a/engines/e_ncipher_err.c b/engines/e_chil_err.c similarity index 99% rename from engines/e_ncipher_err.c rename to engines/e_chil_err.c index b219a88616..3fec95a272 100644 --- a/engines/e_ncipher_err.c +++ b/engines/e_chil_err.c @@ -1,4 +1,4 @@ -/* e_ncipher_err.c */ +/* e_chil_err.c */ /* ==================================================================== * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. * @@ -60,7 +60,7 @@ #include #include -#include "e_ncipher_err.h" +#include "e_chil_err.h" /* BEGIN ERROR CODES */ #ifndef OPENSSL_NO_ERR diff --git a/engines/e_ncipher_err.h b/engines/e_chil_err.h similarity index 100% rename from engines/e_ncipher_err.h rename to engines/e_chil_err.h diff --git a/engines/e_ncipher.ec b/engines/e_ncipher.ec deleted file mode 100644 index 561db41e52..0000000000 --- a/engines/e_ncipher.ec +++ /dev/null @@ -1 +0,0 @@ -L HWCRHK e_ncipher_err.h e_ncipher_err.c diff --git a/engines/makeengines.com b/engines/makeengines.com index 2191a2242d..4a7474e010 100644 --- a/engines/makeengines.com +++ b/engines/makeengines.com @@ -34,7 +34,7 @@ $! Set the names of the engines we want to build $! $ ENGINES = "," + P6 $ IF ENGINES .EQS. "," THEN - - ENGINES = ",4758_cca,aep,atalla,cswift,ncipher,nuron,sureware,ubsec" + ENGINES = ",4758cca,aep,atalla,cswift,chil,nuron,sureware,ubsec" $! $! Set the default TCP/IP library to link against if needed $! @@ -79,11 +79,11 @@ $ THEN $ ENGINE_ = "engine_vector.mar" $ EXTRA_OBJ := ,'OBJ_DIR'ENGINE_VECTOR.OBJ $ ENDIF -$ ENGINE_4758_CCA = "e_4758_cca" +$ ENGINE_4758CCA = "e_4758cca" $ ENGINE_aep = "e_aep" $ ENGINE_atalla = "e_atalla" $ ENGINE_cswift = "e_cswift" -$ ENGINE_ncipher = "e_ncipher" +$ ENGINE_chil = "e_chil" $ ENGINE_nuron = "e_nuron" $ ENGINE_sureware = "e_sureware" $ ENGINE_ubsec = "e_ubsec" -- GitLab From a4578a5413c44f1d532903c8bc0727f1fa11b073 Mon Sep 17 00:00:00 2001 From: Geoff Thorpe Date: Sun, 29 May 2005 19:16:26 +0000 Subject: [PATCH 187/929] Change the source and output paths for 'chil' and '4758cca' engines so that dynamic loading is consistent with respect to engine ids. --- CHANGES | 7 + engines/Makefile | 82 +-- engines/e_4758_cca.c | 975 --------------------------- engines/e_4758_cca.ec | 1 - engines/e_4758_cca_err.c | 153 ----- engines/e_4758_cca_err.h | 93 --- engines/e_ncipher.c | 1360 -------------------------------------- engines/e_ncipher.ec | 1 - engines/e_ncipher_err.c | 161 ----- engines/e_ncipher_err.h | 101 --- engines/makeengines.com | 6 +- 11 files changed, 51 insertions(+), 2889 deletions(-) delete mode 100644 engines/e_4758_cca.c delete mode 100644 engines/e_4758_cca.ec delete mode 100644 engines/e_4758_cca_err.c delete mode 100644 engines/e_4758_cca_err.h delete mode 100644 engines/e_ncipher.c delete mode 100644 engines/e_ncipher.ec delete mode 100644 engines/e_ncipher_err.c delete mode 100644 engines/e_ncipher_err.h diff --git a/CHANGES b/CHANGES index 5be91d613c..0103d0c544 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,13 @@ Changes between 0.9.7h and 0.9.8 [xx XXX xxxx] + *) Correct naming of the 'chil' and '4758cca' ENGINEs. This + involves renaming the source and generated shared-libs for + both. The engines will accept the corrected or legacy ids + ('ncipher' and '4758_cca' respectively) when binding. NB, + this only applies when building 'shared'. + [Corinna Vinschen and Geoff Thorpe] + *) Add attribute functions to EVP_PKEY structure. Modify PKCS12_create() to recognize a CSP name attribute and use it. Make -CSP option work again in pkcs12 utility. diff --git a/engines/Makefile b/engines/Makefile index 9ac5471ac6..aa68344728 100644 --- a/engines/Makefile +++ b/engines/Makefile @@ -20,23 +20,23 @@ TEST= APPS= LIB=$(TOP)/libcrypto.a -LIBNAMES= 4758_cca aep atalla cswift gmp ncipher nuron sureware ubsec +LIBNAMES= 4758cca aep atalla cswift gmp chil nuron sureware ubsec -LIBSRC= e_4758_cca.c \ +LIBSRC= e_4758cca.c \ e_aep.c \ e_atalla.c \ e_cswift.c \ e_gmp.c \ - e_ncipher.c \ + e_chil.c \ e_nuron.c \ e_sureware.c \ e_ubsec.c -LIBOBJ= e_4758_cca.o \ +LIBOBJ= e_4758cca.o \ e_aep.o \ e_atalla.o \ e_cswift.o \ e_gmp.o \ - e_ncipher.o \ + e_chil.o \ e_nuron.o \ e_sureware.o \ e_ubsec.o @@ -44,12 +44,12 @@ LIBOBJ= e_4758_cca.o \ SRC= $(LIBSRC) EXHEADER= -HEADER= e_4758_cca_err.c e_4758_cca_err.h \ +HEADER= e_4758cca_err.c e_4758cca_err.h \ e_aep_err.c e_aep_err.h \ e_atalla_err.c e_atalla_err.h \ e_cswift_err.c e_cswift_err.h \ e_gmp_err.c e_gmp_err.h \ - e_ncipher_err.c e_ncipher_err.h \ + e_chil_err.c e_chil_err.h \ e_nuron_err.c e_nuron_err.h \ e_sureware_err.c e_sureware_err.h \ e_ubsec_err.c e_ubsec_err.h @@ -130,22 +130,22 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -e_4758_cca.o: ../include/openssl/asn1.h ../include/openssl/bio.h -e_4758_cca.o: ../include/openssl/bn.h ../include/openssl/buffer.h -e_4758_cca.o: ../include/openssl/crypto.h ../include/openssl/dso.h -e_4758_cca.o: ../include/openssl/e_os2.h ../include/openssl/ec.h -e_4758_cca.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h -e_4758_cca.o: ../include/openssl/engine.h ../include/openssl/err.h -e_4758_cca.o: ../include/openssl/evp.h ../include/openssl/lhash.h -e_4758_cca.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -e_4758_cca.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -e_4758_cca.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h -e_4758_cca.o: ../include/openssl/rand.h ../include/openssl/rsa.h -e_4758_cca.o: ../include/openssl/safestack.h ../include/openssl/sha.h -e_4758_cca.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -e_4758_cca.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -e_4758_cca.o: e_4758_cca.c e_4758_cca_err.c e_4758_cca_err.h -e_4758_cca.o: vendor_defns/hw_4758_cca.h +e_4758cca.o: ../include/openssl/asn1.h ../include/openssl/bio.h +e_4758cca.o: ../include/openssl/bn.h ../include/openssl/buffer.h +e_4758cca.o: ../include/openssl/crypto.h ../include/openssl/dso.h +e_4758cca.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +e_4758cca.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +e_4758cca.o: ../include/openssl/engine.h ../include/openssl/err.h +e_4758cca.o: ../include/openssl/evp.h ../include/openssl/lhash.h +e_4758cca.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +e_4758cca.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +e_4758cca.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h +e_4758cca.o: ../include/openssl/rand.h ../include/openssl/rsa.h +e_4758cca.o: ../include/openssl/safestack.h ../include/openssl/sha.h +e_4758cca.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +e_4758cca.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +e_4758cca.o: e_4758cca.c e_4758cca_err.c e_4758cca_err.h +e_4758cca.o: vendor_defns/hw_4758_cca.h e_aep.o: ../include/openssl/asn1.h ../include/openssl/bio.h e_aep.o: ../include/openssl/bn.h ../include/openssl/buffer.h e_aep.o: ../include/openssl/crypto.h ../include/openssl/dh.h @@ -184,24 +184,24 @@ e_gmp.o: ../include/openssl/e_os2.h ../include/openssl/engine.h e_gmp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h e_gmp.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h e_gmp.o: ../include/openssl/stack.h ../include/openssl/symhacks.h e_gmp.c -e_ncipher.o: ../include/openssl/asn1.h ../include/openssl/bio.h -e_ncipher.o: ../include/openssl/bn.h ../include/openssl/buffer.h -e_ncipher.o: ../include/openssl/crypto.h ../include/openssl/dh.h -e_ncipher.o: ../include/openssl/dso.h ../include/openssl/e_os2.h -e_ncipher.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -e_ncipher.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h -e_ncipher.o: ../include/openssl/err.h ../include/openssl/evp.h -e_ncipher.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -e_ncipher.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -e_ncipher.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -e_ncipher.o: ../include/openssl/pem.h ../include/openssl/pem2.h -e_ncipher.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -e_ncipher.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -e_ncipher.o: ../include/openssl/sha.h ../include/openssl/stack.h -e_ncipher.o: ../include/openssl/symhacks.h ../include/openssl/ui.h -e_ncipher.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -e_ncipher.o: e_ncipher.c e_ncipher_err.c e_ncipher_err.h -e_ncipher.o: vendor_defns/hwcryptohook.h +e_chil.o: ../include/openssl/asn1.h ../include/openssl/bio.h +e_chil.o: ../include/openssl/bn.h ../include/openssl/buffer.h +e_chil.o: ../include/openssl/crypto.h ../include/openssl/dh.h +e_chil.o: ../include/openssl/dso.h ../include/openssl/e_os2.h +e_chil.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +e_chil.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +e_chil.o: ../include/openssl/err.h ../include/openssl/evp.h +e_chil.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +e_chil.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +e_chil.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +e_chil.o: ../include/openssl/pem.h ../include/openssl/pem2.h +e_chil.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +e_chil.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +e_chil.o: ../include/openssl/sha.h ../include/openssl/stack.h +e_chil.o: ../include/openssl/symhacks.h ../include/openssl/ui.h +e_chil.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +e_chil.o: e_chil.c e_chil_err.c e_chil_err.h +e_chil.o: vendor_defns/hwcryptohook.h e_nuron.o: ../include/openssl/asn1.h ../include/openssl/bio.h e_nuron.o: ../include/openssl/bn.h ../include/openssl/buffer.h e_nuron.o: ../include/openssl/crypto.h ../include/openssl/dh.h diff --git a/engines/e_4758_cca.c b/engines/e_4758_cca.c deleted file mode 100644 index d01a037835..0000000000 --- a/engines/e_4758_cca.c +++ /dev/null @@ -1,975 +0,0 @@ -/* Author: Maurice Gittens */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#ifndef OPENSSL_NO_HW -#ifndef OPENSSL_NO_HW_4758_CCA - -#ifdef FLAT_INC -#include "hw_4758_cca.h" -#else -#include "vendor_defns/hw_4758_cca.h" -#endif - -#include "e_4758_cca_err.c" - -static int ibm_4758_cca_destroy(ENGINE *e); -static int ibm_4758_cca_init(ENGINE *e); -static int ibm_4758_cca_finish(ENGINE *e); -static int ibm_4758_cca_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)); - -/* rsa functions */ -/*---------------*/ -#ifndef OPENSSL_NO_RSA -static int cca_rsa_pub_enc(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa,int padding); -static int cca_rsa_priv_dec(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa,int padding); -static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len, - unsigned char *sigret, unsigned int *siglen, const RSA *rsa); -static int cca_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len, - unsigned char *sigbuf, unsigned int siglen, const RSA *rsa); - -/* utility functions */ -/*-----------------------*/ -static EVP_PKEY *ibm_4758_load_privkey(ENGINE*, const char*, - UI_METHOD *ui_method, void *callback_data); -static EVP_PKEY *ibm_4758_load_pubkey(ENGINE*, const char*, - UI_METHOD *ui_method, void *callback_data); - -static int getModulusAndExponent(const unsigned char *token, long *exponentLength, - unsigned char *exponent, long *modulusLength, - long *modulusFieldLength, unsigned char *modulus); -#endif - -/* RAND number functions */ -/*-----------------------*/ -static int cca_get_random_bytes(unsigned char*, int ); -static int cca_random_status(void); - -static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, - int idx,long argl, void *argp); - -/* Function pointers for CCA verbs */ -/*---------------------------------*/ -#ifndef OPENSSL_NO_RSA -static F_KEYRECORDREAD keyRecordRead; -static F_DIGITALSIGNATUREGENERATE digitalSignatureGenerate; -static F_DIGITALSIGNATUREVERIFY digitalSignatureVerify; -static F_PUBLICKEYEXTRACT publicKeyExtract; -static F_PKAENCRYPT pkaEncrypt; -static F_PKADECRYPT pkaDecrypt; -#endif -static F_RANDOMNUMBERGENERATE randomNumberGenerate; - -/* static variables */ -/*------------------*/ -static const char *CCA4758_LIB_NAME = NULL; -static const char *get_CCA4758_LIB_NAME(void) - { - if(CCA4758_LIB_NAME) - return CCA4758_LIB_NAME; - return CCA_LIB_NAME; - } -static void free_CCA4758_LIB_NAME(void) - { - if(CCA4758_LIB_NAME) - OPENSSL_free((void*)CCA4758_LIB_NAME); - CCA4758_LIB_NAME = NULL; - } -static long set_CCA4758_LIB_NAME(const char *name) - { - free_CCA4758_LIB_NAME(); - return (((CCA4758_LIB_NAME = BUF_strdup(name)) != NULL) ? 1 : 0); - } -#ifndef OPENSSL_NO_RSA -static const char* n_keyRecordRead = CSNDKRR; -static const char* n_digitalSignatureGenerate = CSNDDSG; -static const char* n_digitalSignatureVerify = CSNDDSV; -static const char* n_publicKeyExtract = CSNDPKX; -static const char* n_pkaEncrypt = CSNDPKE; -static const char* n_pkaDecrypt = CSNDPKD; -#endif -static const char* n_randomNumberGenerate = CSNBRNG; - -static int hndidx = -1; -static DSO *dso = NULL; - -/* openssl engine initialization structures */ -/*------------------------------------------*/ - -#define CCA4758_CMD_SO_PATH ENGINE_CMD_BASE -static const ENGINE_CMD_DEFN cca4758_cmd_defns[] = { - {CCA4758_CMD_SO_PATH, - "SO_PATH", - "Specifies the path to the '4758cca' shared library", - ENGINE_CMD_FLAG_STRING}, - {0, NULL, NULL, 0} - }; - -#ifndef OPENSSL_NO_RSA -static RSA_METHOD ibm_4758_cca_rsa = - { - "IBM 4758 CCA RSA method", - cca_rsa_pub_enc, - NULL, - NULL, - cca_rsa_priv_dec, - NULL, /*rsa_mod_exp,*/ - NULL, /*mod_exp_mont,*/ - NULL, /* init */ - NULL, /* finish */ - RSA_FLAG_SIGN_VER, /* flags */ - NULL, /* app_data */ - cca_rsa_sign, /* rsa_sign */ - cca_rsa_verify, /* rsa_verify */ - NULL /* rsa_keygen */ - }; -#endif - -static RAND_METHOD ibm_4758_cca_rand = - { - /* "IBM 4758 RAND method", */ - NULL, /* seed */ - cca_get_random_bytes, /* get random bytes from the card */ - NULL, /* cleanup */ - NULL, /* add */ - cca_get_random_bytes, /* pseudo rand */ - cca_random_status, /* status */ - }; - -static const char *engine_4758_cca_id = "4758cca"; -static const char *engine_4758_cca_name = "IBM 4758 CCA hardware engine support"; -/* Compatibility hack, the dynamic library uses this form in the path */ -static const char *engine_4758_cca_id_alt = "4758_cca"; - -/* engine implementation */ -/*-----------------------*/ -static int bind_helper(ENGINE *e) - { - if(!ENGINE_set_id(e, engine_4758_cca_id) || - !ENGINE_set_name(e, engine_4758_cca_name) || -#ifndef OPENSSL_NO_RSA - !ENGINE_set_RSA(e, &ibm_4758_cca_rsa) || -#endif - !ENGINE_set_RAND(e, &ibm_4758_cca_rand) || - !ENGINE_set_destroy_function(e, ibm_4758_cca_destroy) || - !ENGINE_set_init_function(e, ibm_4758_cca_init) || - !ENGINE_set_finish_function(e, ibm_4758_cca_finish) || - !ENGINE_set_ctrl_function(e, ibm_4758_cca_ctrl) || - !ENGINE_set_load_privkey_function(e, ibm_4758_load_privkey) || - !ENGINE_set_load_pubkey_function(e, ibm_4758_load_pubkey) || - !ENGINE_set_cmd_defns(e, cca4758_cmd_defns)) - return 0; - /* Ensure the error handling is set up */ - ERR_load_CCA4758_strings(); - return 1; - } - -#ifdef OPENSSL_NO_DYNAMIC_ENGINE -static ENGINE *engine_4758_cca(void) - { - ENGINE *ret = ENGINE_new(); - if(!ret) - return NULL; - if(!bind_helper(ret)) - { - ENGINE_free(ret); - return NULL; - } - return ret; - } - -void ENGINE_load_4758cca(void) - { - ENGINE *e_4758 = engine_4758_cca(); - if (!e_4758) return; - ENGINE_add(e_4758); - ENGINE_free(e_4758); - ERR_clear_error(); - } -#endif - -static int ibm_4758_cca_destroy(ENGINE *e) - { - ERR_unload_CCA4758_strings(); - free_CCA4758_LIB_NAME(); - return 1; - } - -static int ibm_4758_cca_init(ENGINE *e) - { - if(dso) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_INIT,CCA4758_R_ALREADY_LOADED); - goto err; - } - - dso = DSO_load(NULL, get_CCA4758_LIB_NAME(), NULL, 0); - if(!dso) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_INIT,CCA4758_R_DSO_FAILURE); - goto err; - } - -#ifndef OPENSSL_NO_RSA - if(!(keyRecordRead = (F_KEYRECORDREAD) - DSO_bind_func(dso, n_keyRecordRead)) || - !(randomNumberGenerate = (F_RANDOMNUMBERGENERATE) - DSO_bind_func(dso, n_randomNumberGenerate)) || - !(digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE) - DSO_bind_func(dso, n_digitalSignatureGenerate)) || - !(digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY) - DSO_bind_func(dso, n_digitalSignatureVerify)) || - !(publicKeyExtract = (F_PUBLICKEYEXTRACT) - DSO_bind_func(dso, n_publicKeyExtract)) || - !(pkaEncrypt = (F_PKAENCRYPT) - DSO_bind_func(dso, n_pkaEncrypt)) || - !(pkaDecrypt = (F_PKADECRYPT) - DSO_bind_func(dso, n_pkaDecrypt))) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_INIT,CCA4758_R_DSO_FAILURE); - goto err; - } -#else - if(!(randomNumberGenerate = (F_RANDOMNUMBERGENERATE) - DSO_bind_func(dso, n_randomNumberGenerate))) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_INIT,CCA4758_R_DSO_FAILURE); - goto err; - } -#endif - - hndidx = RSA_get_ex_new_index(0, "IBM 4758 CCA RSA key handle", - NULL, NULL, cca_ex_free); - - return 1; -err: - if(dso) - DSO_free(dso); - dso = NULL; - - keyRecordRead = (F_KEYRECORDREAD)0; - randomNumberGenerate = (F_RANDOMNUMBERGENERATE)0; - digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE)0; - digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)0; - publicKeyExtract = (F_PUBLICKEYEXTRACT)0; - pkaEncrypt = (F_PKAENCRYPT)0; - pkaDecrypt = (F_PKADECRYPT)0; - return 0; - } - -static int ibm_4758_cca_finish(ENGINE *e) - { - free_CCA4758_LIB_NAME(); - if(!dso) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_FINISH, - CCA4758_R_NOT_LOADED); - return 0; - } - if(!DSO_free(dso)) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_FINISH, - CCA4758_R_UNIT_FAILURE); - return 0; - } - dso = NULL; - keyRecordRead = (F_KEYRECORDREAD)0; - randomNumberGenerate = (F_RANDOMNUMBERGENERATE)0; - digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE)0; - digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)0; - publicKeyExtract = (F_PUBLICKEYEXTRACT)0; - pkaEncrypt = (F_PKAENCRYPT)0; - pkaDecrypt = (F_PKADECRYPT)0; - return 1; - } - -static int ibm_4758_cca_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) - { - int initialised = ((dso == NULL) ? 0 : 1); - switch(cmd) - { - case CCA4758_CMD_SO_PATH: - if(p == NULL) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL, - ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - if(initialised) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL, - CCA4758_R_ALREADY_LOADED); - return 0; - } - return set_CCA4758_LIB_NAME((const char *)p); - default: - break; - } - CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL, - CCA4758_R_COMMAND_NOT_IMPLEMENTED); - return 0; - } - -#ifndef OPENSSL_NO_RSA - -#define MAX_CCA_PKA_TOKEN_SIZE 2500 - -static EVP_PKEY *ibm_4758_load_privkey(ENGINE* e, const char* key_id, - UI_METHOD *ui_method, void *callback_data) - { - RSA *rtmp = NULL; - EVP_PKEY *res = NULL; - unsigned char* keyToken = NULL; - unsigned char pubKeyToken[MAX_CCA_PKA_TOKEN_SIZE]; - long pubKeyTokenLength = MAX_CCA_PKA_TOKEN_SIZE; - long keyTokenLength = MAX_CCA_PKA_TOKEN_SIZE; - long returnCode; - long reasonCode; - long exitDataLength = 0; - long ruleArrayLength = 0; - unsigned char exitData[8]; - unsigned char ruleArray[8]; - unsigned char keyLabel[64]; - unsigned long keyLabelLength = strlen(key_id); - unsigned char modulus[256]; - long modulusFieldLength = sizeof(modulus); - long modulusLength = 0; - unsigned char exponent[256]; - long exponentLength = sizeof(exponent); - - if (keyLabelLength > sizeof(keyLabel)) - { - CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY, - CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL); - return NULL; - } - - memset(keyLabel,' ', sizeof(keyLabel)); - memcpy(keyLabel, key_id, keyLabelLength); - - keyToken = OPENSSL_malloc(MAX_CCA_PKA_TOKEN_SIZE + sizeof(long)); - if (!keyToken) - { - CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY, - ERR_R_MALLOC_FAILURE); - goto err; - } - - keyRecordRead(&returnCode, &reasonCode, &exitDataLength, - exitData, &ruleArrayLength, ruleArray, keyLabel, - &keyTokenLength, keyToken+sizeof(long)); - - if (returnCode) - { - CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY, - CCA4758_R_FAILED_LOADING_PRIVATE_KEY); - goto err; - } - - publicKeyExtract(&returnCode, &reasonCode, &exitDataLength, - exitData, &ruleArrayLength, ruleArray, &keyTokenLength, - keyToken+sizeof(long), &pubKeyTokenLength, pubKeyToken); - - if (returnCode) - { - CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY, - CCA4758_R_FAILED_LOADING_PRIVATE_KEY); - goto err; - } - - if (!getModulusAndExponent(pubKeyToken, &exponentLength, - exponent, &modulusLength, &modulusFieldLength, - modulus)) - { - CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY, - CCA4758_R_FAILED_LOADING_PRIVATE_KEY); - goto err; - } - - (*(long*)keyToken) = keyTokenLength; - rtmp = RSA_new_method(e); - RSA_set_ex_data(rtmp, hndidx, (char *)keyToken); - - rtmp->e = BN_bin2bn(exponent, exponentLength, NULL); - rtmp->n = BN_bin2bn(modulus, modulusFieldLength, NULL); - rtmp->flags |= RSA_FLAG_EXT_PKEY; - - res = EVP_PKEY_new(); - EVP_PKEY_assign_RSA(res, rtmp); - - return res; -err: - if (keyToken) - OPENSSL_free(keyToken); - if (res) - EVP_PKEY_free(res); - if (rtmp) - RSA_free(rtmp); - return NULL; - } - -static EVP_PKEY *ibm_4758_load_pubkey(ENGINE* e, const char* key_id, - UI_METHOD *ui_method, void *callback_data) - { - RSA *rtmp = NULL; - EVP_PKEY *res = NULL; - unsigned char* keyToken = NULL; - long keyTokenLength = MAX_CCA_PKA_TOKEN_SIZE; - long returnCode; - long reasonCode; - long exitDataLength = 0; - long ruleArrayLength = 0; - unsigned char exitData[8]; - unsigned char ruleArray[8]; - unsigned char keyLabel[64]; - unsigned long keyLabelLength = strlen(key_id); - unsigned char modulus[512]; - long modulusFieldLength = sizeof(modulus); - long modulusLength = 0; - unsigned char exponent[512]; - long exponentLength = sizeof(exponent); - - if (keyLabelLength > sizeof(keyLabel)) - { - CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY, - CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL); - return NULL; - } - - memset(keyLabel,' ', sizeof(keyLabel)); - memcpy(keyLabel, key_id, keyLabelLength); - - keyToken = OPENSSL_malloc(MAX_CCA_PKA_TOKEN_SIZE + sizeof(long)); - if (!keyToken) - { - CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY, - ERR_R_MALLOC_FAILURE); - goto err; - } - - keyRecordRead(&returnCode, &reasonCode, &exitDataLength, exitData, - &ruleArrayLength, ruleArray, keyLabel, &keyTokenLength, - keyToken+sizeof(long)); - - if (returnCode) - { - CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY, - ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!getModulusAndExponent(keyToken+sizeof(long), &exponentLength, - exponent, &modulusLength, &modulusFieldLength, modulus)) - { - CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY, - CCA4758_R_FAILED_LOADING_PUBLIC_KEY); - goto err; - } - - (*(long*)keyToken) = keyTokenLength; - rtmp = RSA_new_method(e); - RSA_set_ex_data(rtmp, hndidx, (char *)keyToken); - rtmp->e = BN_bin2bn(exponent, exponentLength, NULL); - rtmp->n = BN_bin2bn(modulus, modulusFieldLength, NULL); - rtmp->flags |= RSA_FLAG_EXT_PKEY; - res = EVP_PKEY_new(); - EVP_PKEY_assign_RSA(res, rtmp); - - return res; -err: - if (keyToken) - OPENSSL_free(keyToken); - if (res) - EVP_PKEY_free(res); - if (rtmp) - RSA_free(rtmp); - return NULL; - } - -static int cca_rsa_pub_enc(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa,int padding) - { - long returnCode; - long reasonCode; - long lflen = flen; - long exitDataLength = 0; - unsigned char exitData[8]; - long ruleArrayLength = 1; - unsigned char ruleArray[8] = "PKCS-1.2"; - long dataStructureLength = 0; - unsigned char dataStructure[8]; - long outputLength = RSA_size(rsa); - long keyTokenLength; - unsigned char* keyToken = (unsigned char*)RSA_get_ex_data(rsa, hndidx); - - keyTokenLength = *(long*)keyToken; - keyToken+=sizeof(long); - - pkaEncrypt(&returnCode, &reasonCode, &exitDataLength, exitData, - &ruleArrayLength, ruleArray, &lflen, (unsigned char*)from, - &dataStructureLength, dataStructure, &keyTokenLength, - keyToken, &outputLength, to); - - if (returnCode || reasonCode) - return -(returnCode << 16 | reasonCode); - return outputLength; - } - -static int cca_rsa_priv_dec(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa,int padding) - { - long returnCode; - long reasonCode; - long lflen = flen; - long exitDataLength = 0; - unsigned char exitData[8]; - long ruleArrayLength = 1; - unsigned char ruleArray[8] = "PKCS-1.2"; - long dataStructureLength = 0; - unsigned char dataStructure[8]; - long outputLength = RSA_size(rsa); - long keyTokenLength; - unsigned char* keyToken = (unsigned char*)RSA_get_ex_data(rsa, hndidx); - - keyTokenLength = *(long*)keyToken; - keyToken+=sizeof(long); - - pkaDecrypt(&returnCode, &reasonCode, &exitDataLength, exitData, - &ruleArrayLength, ruleArray, &lflen, (unsigned char*)from, - &dataStructureLength, dataStructure, &keyTokenLength, - keyToken, &outputLength, to); - - return (returnCode | reasonCode) ? 0 : 1; - } - -#define SSL_SIG_LEN 36 - -static int cca_rsa_verify(int type, const unsigned char *m, unsigned int m_len, - unsigned char *sigbuf, unsigned int siglen, const RSA *rsa) - { - long returnCode; - long reasonCode; - long lsiglen = siglen; - long exitDataLength = 0; - unsigned char exitData[8]; - long ruleArrayLength = 1; - unsigned char ruleArray[8] = "PKCS-1.1"; - long keyTokenLength; - unsigned char* keyToken = (unsigned char*)RSA_get_ex_data(rsa, hndidx); - long length = SSL_SIG_LEN; - long keyLength ; - unsigned char *hashBuffer = NULL; - X509_SIG sig; - ASN1_TYPE parameter; - X509_ALGOR algorithm; - ASN1_OCTET_STRING digest; - - keyTokenLength = *(long*)keyToken; - keyToken+=sizeof(long); - - if (type == NID_md5 || type == NID_sha1) - { - sig.algor = &algorithm; - algorithm.algorithm = OBJ_nid2obj(type); - - if (!algorithm.algorithm) - { - CCA4758err(CCA4758_F_CCA_RSA_VERIFY, - CCA4758_R_UNKNOWN_ALGORITHM_TYPE); - return 0; - } - - if (!algorithm.algorithm->length) - { - CCA4758err(CCA4758_F_CCA_RSA_VERIFY, - CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD); - return 0; - } - - parameter.type = V_ASN1_NULL; - parameter.value.ptr = NULL; - algorithm.parameter = ¶meter; - - sig.digest = &digest; - sig.digest->data = (unsigned char*)m; - sig.digest->length = m_len; - - length = i2d_X509_SIG(&sig, NULL); - } - - keyLength = RSA_size(rsa); - - if (length - RSA_PKCS1_PADDING > keyLength) - { - CCA4758err(CCA4758_F_CCA_RSA_VERIFY, - CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL); - return 0; - } - - switch (type) - { - case NID_md5_sha1 : - if (m_len != SSL_SIG_LEN) - { - CCA4758err(CCA4758_F_CCA_RSA_VERIFY, - CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL); - return 0; - } - - hashBuffer = (unsigned char *)m; - length = m_len; - break; - case NID_md5 : - { - unsigned char *ptr; - ptr = hashBuffer = OPENSSL_malloc( - (unsigned int)keyLength+1); - if (!hashBuffer) - { - CCA4758err(CCA4758_F_CCA_RSA_VERIFY, - ERR_R_MALLOC_FAILURE); - return 0; - } - - i2d_X509_SIG(&sig, &ptr); - } - break; - case NID_sha1 : - { - unsigned char *ptr; - ptr = hashBuffer = OPENSSL_malloc( - (unsigned int)keyLength+1); - if (!hashBuffer) - { - CCA4758err(CCA4758_F_CCA_RSA_VERIFY, - ERR_R_MALLOC_FAILURE); - return 0; - } - i2d_X509_SIG(&sig, &ptr); - } - break; - default: - return 0; - } - - digitalSignatureVerify(&returnCode, &reasonCode, &exitDataLength, - exitData, &ruleArrayLength, ruleArray, &keyTokenLength, - keyToken, &length, hashBuffer, &lsiglen, sigbuf); - - if (type == NID_sha1 || type == NID_md5) - { - OPENSSL_cleanse(hashBuffer, keyLength+1); - OPENSSL_free(hashBuffer); - } - - return ((returnCode || reasonCode) ? 0 : 1); - } - -#define SSL_SIG_LEN 36 - -static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len, - unsigned char *sigret, unsigned int *siglen, const RSA *rsa) - { - long returnCode; - long reasonCode; - long exitDataLength = 0; - unsigned char exitData[8]; - long ruleArrayLength = 1; - unsigned char ruleArray[8] = "PKCS-1.1"; - long outputLength=256; - long outputBitLength; - long keyTokenLength; - unsigned char *hashBuffer = NULL; - unsigned char* keyToken = (unsigned char*)RSA_get_ex_data(rsa, hndidx); - long length = SSL_SIG_LEN; - long keyLength ; - X509_SIG sig; - ASN1_TYPE parameter; - X509_ALGOR algorithm; - ASN1_OCTET_STRING digest; - - keyTokenLength = *(long*)keyToken; - keyToken+=sizeof(long); - - if (type == NID_md5 || type == NID_sha1) - { - sig.algor = &algorithm; - algorithm.algorithm = OBJ_nid2obj(type); - - if (!algorithm.algorithm) - { - CCA4758err(CCA4758_F_CCA_RSA_SIGN, - CCA4758_R_UNKNOWN_ALGORITHM_TYPE); - return 0; - } - - if (!algorithm.algorithm->length) - { - CCA4758err(CCA4758_F_CCA_RSA_SIGN, - CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD); - return 0; - } - - parameter.type = V_ASN1_NULL; - parameter.value.ptr = NULL; - algorithm.parameter = ¶meter; - - sig.digest = &digest; - sig.digest->data = (unsigned char*)m; - sig.digest->length = m_len; - - length = i2d_X509_SIG(&sig, NULL); - } - - keyLength = RSA_size(rsa); - - if (length - RSA_PKCS1_PADDING > keyLength) - { - CCA4758err(CCA4758_F_CCA_RSA_SIGN, - CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL); - return 0; - } - - switch (type) - { - case NID_md5_sha1 : - if (m_len != SSL_SIG_LEN) - { - CCA4758err(CCA4758_F_CCA_RSA_SIGN, - CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL); - return 0; - } - hashBuffer = (unsigned char*)m; - length = m_len; - break; - case NID_md5 : - { - unsigned char *ptr; - ptr = hashBuffer = OPENSSL_malloc( - (unsigned int)keyLength+1); - if (!hashBuffer) - { - CCA4758err(CCA4758_F_CCA_RSA_SIGN, - ERR_R_MALLOC_FAILURE); - return 0; - } - i2d_X509_SIG(&sig, &ptr); - } - break; - case NID_sha1 : - { - unsigned char *ptr; - ptr = hashBuffer = OPENSSL_malloc( - (unsigned int)keyLength+1); - if (!hashBuffer) - { - CCA4758err(CCA4758_F_CCA_RSA_SIGN, - ERR_R_MALLOC_FAILURE); - return 0; - } - i2d_X509_SIG(&sig, &ptr); - } - break; - default: - return 0; - } - - digitalSignatureGenerate(&returnCode, &reasonCode, &exitDataLength, - exitData, &ruleArrayLength, ruleArray, &keyTokenLength, - keyToken, &length, hashBuffer, &outputLength, &outputBitLength, - sigret); - - if (type == NID_sha1 || type == NID_md5) - { - OPENSSL_cleanse(hashBuffer, keyLength+1); - OPENSSL_free(hashBuffer); - } - - *siglen = outputLength; - - return ((returnCode || reasonCode) ? 0 : 1); - } - -static int getModulusAndExponent(const unsigned char*token, long *exponentLength, - unsigned char *exponent, long *modulusLength, long *modulusFieldLength, - unsigned char *modulus) - { - unsigned long len; - - if (*token++ != (char)0x1E) /* internal PKA token? */ - return 0; - - if (*token++) /* token version must be zero */ - return 0; - - len = *token++; - len = len << 8; - len |= (unsigned char)*token++; - - token += 4; /* skip reserved bytes */ - - if (*token++ == (char)0x04) - { - if (*token++) /* token version must be zero */ - return 0; - - len = *token++; - len = len << 8; - len |= (unsigned char)*token++; - - token+=2; /* skip reserved section */ - - len = *token++; - len = len << 8; - len |= (unsigned char)*token++; - - *exponentLength = len; - - len = *token++; - len = len << 8; - len |= (unsigned char)*token++; - - *modulusLength = len; - - len = *token++; - len = len << 8; - len |= (unsigned char)*token++; - - *modulusFieldLength = len; - - memcpy(exponent, token, *exponentLength); - token+= *exponentLength; - - memcpy(modulus, token, *modulusFieldLength); - return 1; - } - return 0; - } - -#endif /* OPENSSL_NO_RSA */ - -static int cca_random_status(void) - { - return 1; - } - -static int cca_get_random_bytes(unsigned char* buf, int num) - { - long ret_code; - long reason_code; - long exit_data_length; - unsigned char exit_data[4]; - unsigned char form[] = "RANDOM "; - unsigned char rand_buf[8]; - - while(num >= (int)sizeof(rand_buf)) - { - randomNumberGenerate(&ret_code, &reason_code, &exit_data_length, - exit_data, form, rand_buf); - if (ret_code) - return 0; - num -= sizeof(rand_buf); - memcpy(buf, rand_buf, sizeof(rand_buf)); - buf += sizeof(rand_buf); - } - - if (num) - { - randomNumberGenerate(&ret_code, &reason_code, NULL, NULL, - form, rand_buf); - if (ret_code) - return 0; - memcpy(buf, rand_buf, num); - } - - return 1; - } - -static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, int idx, - long argl, void *argp) - { - if (item) - OPENSSL_free(item); - } - -/* Goo to handle building as a dynamic engine */ -#ifndef OPENSSL_NO_DYNAMIC_ENGINE -static int bind_fn(ENGINE *e, const char *id) - { - if(id && (strcmp(id, engine_4758_cca_id) != 0) && - (strcmp(id, engine_4758_cca_id_alt) != 0)) - return 0; - if(!bind_helper(e)) - return 0; - return 1; - } -IMPLEMENT_DYNAMIC_CHECK_FN() -IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) -#endif /* OPENSSL_NO_DYNAMIC_ENGINE */ - -#endif /* !OPENSSL_NO_HW_4758_CCA */ -#endif /* !OPENSSL_NO_HW */ diff --git a/engines/e_4758_cca.ec b/engines/e_4758_cca.ec deleted file mode 100644 index 2919969466..0000000000 --- a/engines/e_4758_cca.ec +++ /dev/null @@ -1 +0,0 @@ -L CCA4758 e_4758_cca_err.h e_4758_cca_err.c diff --git a/engines/e_4758_cca_err.c b/engines/e_4758_cca_err.c deleted file mode 100644 index 5d26450fe1..0000000000 --- a/engines/e_4758_cca_err.c +++ /dev/null @@ -1,153 +0,0 @@ -/* e_4758_cca_err.c */ -/* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include "e_4758_cca_err.h" - -/* BEGIN ERROR CODES */ -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(0,func,0) -#define ERR_REASON(reason) ERR_PACK(0,0,reason) - -static ERR_STRING_DATA CCA4758_str_functs[]= - { -{ERR_FUNC(CCA4758_F_CCA_RSA_SIGN), "CCA_RSA_SIGN"}, -{ERR_FUNC(CCA4758_F_CCA_RSA_VERIFY), "CCA_RSA_VERIFY"}, -{ERR_FUNC(CCA4758_F_IBM_4758_CCA_CTRL), "IBM_4758_CCA_CTRL"}, -{ERR_FUNC(CCA4758_F_IBM_4758_CCA_FINISH), "IBM_4758_CCA_FINISH"}, -{ERR_FUNC(CCA4758_F_IBM_4758_CCA_INIT), "IBM_4758_CCA_INIT"}, -{ERR_FUNC(CCA4758_F_IBM_4758_LOAD_PRIVKEY), "IBM_4758_LOAD_PRIVKEY"}, -{ERR_FUNC(CCA4758_F_IBM_4758_LOAD_PUBKEY), "IBM_4758_LOAD_PUBKEY"}, -{0,NULL} - }; - -static ERR_STRING_DATA CCA4758_str_reasons[]= - { -{ERR_REASON(CCA4758_R_ALREADY_LOADED) ,"already loaded"}, -{ERR_REASON(CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD),"asn1 oid unknown for md"}, -{ERR_REASON(CCA4758_R_COMMAND_NOT_IMPLEMENTED),"command not implemented"}, -{ERR_REASON(CCA4758_R_DSO_FAILURE) ,"dso failure"}, -{ERR_REASON(CCA4758_R_FAILED_LOADING_PRIVATE_KEY),"failed loading private key"}, -{ERR_REASON(CCA4758_R_FAILED_LOADING_PUBLIC_KEY),"failed loading public key"}, -{ERR_REASON(CCA4758_R_NOT_LOADED) ,"not loaded"}, -{ERR_REASON(CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL),"size too large or too small"}, -{ERR_REASON(CCA4758_R_UNIT_FAILURE) ,"unit failure"}, -{ERR_REASON(CCA4758_R_UNKNOWN_ALGORITHM_TYPE),"unknown algorithm type"}, -{0,NULL} - }; - -#endif - -#ifdef CCA4758_LIB_NAME -static ERR_STRING_DATA CCA4758_lib_name[]= - { -{0 ,CCA4758_LIB_NAME}, -{0,NULL} - }; -#endif - - -static int CCA4758_lib_error_code=0; -static int CCA4758_error_init=1; - -static void ERR_load_CCA4758_strings(void) - { - if (CCA4758_lib_error_code == 0) - CCA4758_lib_error_code=ERR_get_next_error_library(); - - if (CCA4758_error_init) - { - CCA4758_error_init=0; -#ifndef OPENSSL_NO_ERR - ERR_load_strings(CCA4758_lib_error_code,CCA4758_str_functs); - ERR_load_strings(CCA4758_lib_error_code,CCA4758_str_reasons); -#endif - -#ifdef CCA4758_LIB_NAME - CCA4758_lib_name->error = ERR_PACK(CCA4758_lib_error_code,0,0); - ERR_load_strings(0,CCA4758_lib_name); -#endif - } - } - -static void ERR_unload_CCA4758_strings(void) - { - if (CCA4758_error_init == 0) - { -#ifndef OPENSSL_NO_ERR - ERR_unload_strings(CCA4758_lib_error_code,CCA4758_str_functs); - ERR_unload_strings(CCA4758_lib_error_code,CCA4758_str_reasons); -#endif - -#ifdef CCA4758_LIB_NAME - ERR_unload_strings(0,CCA4758_lib_name); -#endif - CCA4758_error_init=1; - } - } - -static void ERR_CCA4758_error(int function, int reason, char *file, int line) - { - if (CCA4758_lib_error_code == 0) - CCA4758_lib_error_code=ERR_get_next_error_library(); - ERR_PUT_error(CCA4758_lib_error_code,function,reason,file,line); - } diff --git a/engines/e_4758_cca_err.h b/engines/e_4758_cca_err.h deleted file mode 100644 index 3d4276be91..0000000000 --- a/engines/e_4758_cca_err.h +++ /dev/null @@ -1,93 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_CCA4758_ERR_H -#define HEADER_CCA4758_ERR_H - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -static void ERR_load_CCA4758_strings(void); -static void ERR_unload_CCA4758_strings(void); -static void ERR_CCA4758_error(int function, int reason, char *file, int line); -#define CCA4758err(f,r) ERR_CCA4758_error((f),(r),__FILE__,__LINE__) - -/* Error codes for the CCA4758 functions. */ - -/* Function codes. */ -#define CCA4758_F_CCA_RSA_SIGN 105 -#define CCA4758_F_CCA_RSA_VERIFY 106 -#define CCA4758_F_IBM_4758_CCA_CTRL 100 -#define CCA4758_F_IBM_4758_CCA_FINISH 101 -#define CCA4758_F_IBM_4758_CCA_INIT 102 -#define CCA4758_F_IBM_4758_LOAD_PRIVKEY 103 -#define CCA4758_F_IBM_4758_LOAD_PUBKEY 104 - -/* Reason codes. */ -#define CCA4758_R_ALREADY_LOADED 100 -#define CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD 101 -#define CCA4758_R_COMMAND_NOT_IMPLEMENTED 102 -#define CCA4758_R_DSO_FAILURE 103 -#define CCA4758_R_FAILED_LOADING_PRIVATE_KEY 104 -#define CCA4758_R_FAILED_LOADING_PUBLIC_KEY 105 -#define CCA4758_R_NOT_LOADED 106 -#define CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL 107 -#define CCA4758_R_UNIT_FAILURE 108 -#define CCA4758_R_UNKNOWN_ALGORITHM_TYPE 109 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/engines/e_ncipher.c b/engines/e_ncipher.c deleted file mode 100644 index 11ae5aec82..0000000000 --- a/engines/e_ncipher.c +++ /dev/null @@ -1,1360 +0,0 @@ -/* crypto/engine/hw_ncipher.c -*- mode: C; c-file-style: "eay" -*- */ -/* Written by Richard Levitte (richard@levitte.org), Geoff Thorpe - * (geoff@geoffthorpe.net) and Dr Stephen N Henson (shenson@bigfoot.com) - * for the OpenSSL project 2000. - */ -/* ==================================================================== - * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#ifndef OPENSSL_NO_HW -#ifndef OPENSSL_NO_HW_NCIPHER - -/* Attribution notice: nCipher have said several times that it's OK for - * us to implement a general interface to their boxes, and recently declared - * their HWCryptoHook to be public, and therefore available for us to use. - * Thanks, nCipher. - * - * The hwcryptohook.h included here is from May 2000. - * [Richard Levitte] - */ -#ifdef FLAT_INC -#include "hwcryptohook.h" -#else -#include "vendor_defns/hwcryptohook.h" -#endif - -#define HWCRHK_LIB_NAME "hwcrhk engine" -#include "e_ncipher_err.c" - -static int hwcrhk_destroy(ENGINE *e); -static int hwcrhk_init(ENGINE *e); -static int hwcrhk_finish(ENGINE *e); -static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)); - -/* Functions to handle mutexes */ -static int hwcrhk_mutex_init(HWCryptoHook_Mutex*, HWCryptoHook_CallerContext*); -static int hwcrhk_mutex_lock(HWCryptoHook_Mutex*); -static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex*); -static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex*); - -/* BIGNUM stuff */ -static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); - -#ifndef OPENSSL_NO_RSA -/* RSA stuff */ -static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa, BN_CTX *ctx); -#endif -/* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); - -#ifndef OPENSSL_NO_DH -/* DH stuff */ -/* This function is alised to mod_exp (with the DH and mont dropped). */ -static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r, - const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); -#endif - -/* RAND stuff */ -static int hwcrhk_rand_bytes(unsigned char *buf, int num); -static int hwcrhk_rand_status(void); - -/* KM stuff */ -static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id, - UI_METHOD *ui_method, void *callback_data); -static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id, - UI_METHOD *ui_method, void *callback_data); -static void hwcrhk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, - int ind,long argl, void *argp); - -/* Interaction stuff */ -static int hwcrhk_insert_card(const char *prompt_info, - const char *wrong_info, - HWCryptoHook_PassphraseContext *ppctx, - HWCryptoHook_CallerContext *cactx); -static int hwcrhk_get_pass(const char *prompt_info, - int *len_io, char *buf, - HWCryptoHook_PassphraseContext *ppctx, - HWCryptoHook_CallerContext *cactx); -static void hwcrhk_log_message(void *logstr, const char *message); - -/* The definitions for control commands specific to this engine */ -#define HWCRHK_CMD_SO_PATH ENGINE_CMD_BASE -#define HWCRHK_CMD_FORK_CHECK (ENGINE_CMD_BASE + 1) -#define HWCRHK_CMD_THREAD_LOCKING (ENGINE_CMD_BASE + 2) -#define HWCRHK_CMD_SET_USER_INTERFACE (ENGINE_CMD_BASE + 3) -#define HWCRHK_CMD_SET_CALLBACK_DATA (ENGINE_CMD_BASE + 4) -static const ENGINE_CMD_DEFN hwcrhk_cmd_defns[] = { - {HWCRHK_CMD_SO_PATH, - "SO_PATH", - "Specifies the path to the 'hwcrhk' shared library", - ENGINE_CMD_FLAG_STRING}, - {HWCRHK_CMD_FORK_CHECK, - "FORK_CHECK", - "Turns fork() checking on or off (boolean)", - ENGINE_CMD_FLAG_NUMERIC}, - {HWCRHK_CMD_THREAD_LOCKING, - "THREAD_LOCKING", - "Turns thread-safe locking on or off (boolean)", - ENGINE_CMD_FLAG_NUMERIC}, - {HWCRHK_CMD_SET_USER_INTERFACE, - "SET_USER_INTERFACE", - "Set the global user interface (internal)", - ENGINE_CMD_FLAG_INTERNAL}, - {HWCRHK_CMD_SET_CALLBACK_DATA, - "SET_CALLBACK_DATA", - "Set the global user interface extra data (internal)", - ENGINE_CMD_FLAG_INTERNAL}, - {0, NULL, NULL, 0} - }; - -#ifndef OPENSSL_NO_RSA -/* Our internal RSA_METHOD that we provide pointers to */ -static RSA_METHOD hwcrhk_rsa = - { - "nCipher RSA method", - NULL, - NULL, - NULL, - NULL, - hwcrhk_rsa_mod_exp, - hwcrhk_mod_exp_mont, - NULL, - NULL, - 0, - NULL, - NULL, - NULL, - NULL - }; -#endif - -#ifndef OPENSSL_NO_DH -/* Our internal DH_METHOD that we provide pointers to */ -static DH_METHOD hwcrhk_dh = - { - "nCipher DH method", - NULL, - NULL, - hwcrhk_mod_exp_dh, - NULL, - NULL, - 0, - NULL, - NULL - }; -#endif - -static RAND_METHOD hwcrhk_rand = - { - /* "nCipher RAND method", */ - NULL, - hwcrhk_rand_bytes, - NULL, - NULL, - hwcrhk_rand_bytes, - hwcrhk_rand_status, - }; - -/* Constants used when creating the ENGINE */ -static const char *engine_hwcrhk_id = "chil"; -static const char *engine_hwcrhk_name = "nCipher hardware engine support"; -/* Compatibility hack, the dynamic library uses this form in the path */ -static const char *engine_hwcrhk_id_alt = "ncipher"; - -/* Internal stuff for HWCryptoHook */ - -/* Some structures needed for proper use of thread locks */ -/* hwcryptohook.h has some typedefs that turn struct HWCryptoHook_MutexValue - into HWCryptoHook_Mutex */ -struct HWCryptoHook_MutexValue - { - int lockid; - }; - -/* hwcryptohook.h has some typedefs that turn - struct HWCryptoHook_PassphraseContextValue - into HWCryptoHook_PassphraseContext */ -struct HWCryptoHook_PassphraseContextValue - { - UI_METHOD *ui_method; - void *callback_data; - }; - -/* hwcryptohook.h has some typedefs that turn - struct HWCryptoHook_CallerContextValue - into HWCryptoHook_CallerContext */ -struct HWCryptoHook_CallerContextValue - { - pem_password_cb *password_callback; /* Deprecated! Only present for - backward compatibility! */ - UI_METHOD *ui_method; - void *callback_data; - }; - -/* The MPI structure in HWCryptoHook is pretty compatible with OpenSSL - BIGNUM's, so lets define a couple of conversion macros */ -#define BN2MPI(mp, bn) \ - {mp.size = bn->top * sizeof(BN_ULONG); mp.buf = (unsigned char *)bn->d;} -#define MPI2BN(bn, mp) \ - {mp.size = bn->dmax * sizeof(BN_ULONG); mp.buf = (unsigned char *)bn->d;} - -static BIO *logstream = NULL; -static int disable_mutex_callbacks = 0; - -/* One might wonder why these are needed, since one can pass down at least - a UI_METHOD and a pointer to callback data to the key-loading functions. - The thing is that the ModExp and RSAImmed functions can load keys as well, - if the data they get is in a special, nCipher-defined format (hint: if you - look at the private exponent of the RSA data as a string, you'll see this - string: "nCipher KM tool key id", followed by some bytes, followed a key - identity string, followed by more bytes. This happens when you use "embed" - keys instead of "hwcrhk" keys). Unfortunately, those functions do not take - any passphrase or caller context, and our functions can't really take any - callback data either. Still, the "insert_card" and "get_passphrase" - callbacks may be called down the line, and will need to know what user - interface callbacks to call, and having callback data from the application - may be a nice thing as well, so we need to keep track of that globally. */ -static HWCryptoHook_CallerContext password_context = { NULL, NULL, NULL }; - -/* Stuff to pass to the HWCryptoHook library */ -static HWCryptoHook_InitInfo hwcrhk_globals = { - HWCryptoHook_InitFlags_SimpleForkCheck, /* Flags */ - &logstream, /* logstream */ - sizeof(BN_ULONG), /* limbsize */ - 0, /* mslimb first: false for BNs */ - -1, /* msbyte first: use native */ - 0, /* Max mutexes, 0 = no small limit */ - 0, /* Max simultaneous, 0 = default */ - - /* The next few are mutex stuff: we write wrapper functions - around the OS mutex functions. We initialise them to 0 - here, and change that to actual function pointers in hwcrhk_init() - if dynamic locks are supported (that is, if the application - programmer has made sure of setting up callbacks bafore starting - this engine) *and* if disable_mutex_callbacks hasn't been set by - a call to ENGINE_ctrl(ENGINE_CTRL_CHIL_NO_LOCKING). */ - sizeof(HWCryptoHook_Mutex), - 0, - 0, - 0, - 0, - - /* The next few are condvar stuff: we write wrapper functions - round the OS functions. Currently not implemented and not - and absolute necessity even in threaded programs, therefore - 0'ed. Will hopefully be implemented some day, since it - enhances the efficiency of HWCryptoHook. */ - 0, /* sizeof(HWCryptoHook_CondVar), */ - 0, /* hwcrhk_cv_init, */ - 0, /* hwcrhk_cv_wait, */ - 0, /* hwcrhk_cv_signal, */ - 0, /* hwcrhk_cv_broadcast, */ - 0, /* hwcrhk_cv_destroy, */ - - hwcrhk_get_pass, /* pass phrase */ - hwcrhk_insert_card, /* insert a card */ - hwcrhk_log_message /* Log message */ -}; - - -/* Now, to our own code */ - -/* This internal function is used by ENGINE_ncipher() and possibly by the - * "dynamic" ENGINE support too */ -static int bind_helper(ENGINE *e) - { -#ifndef OPENSSL_NO_RSA - const RSA_METHOD *meth1; -#endif -#ifndef OPENSSL_NO_DH - const DH_METHOD *meth2; -#endif - if(!ENGINE_set_id(e, engine_hwcrhk_id) || - !ENGINE_set_name(e, engine_hwcrhk_name) || -#ifndef OPENSSL_NO_RSA - !ENGINE_set_RSA(e, &hwcrhk_rsa) || -#endif -#ifndef OPENSSL_NO_DH - !ENGINE_set_DH(e, &hwcrhk_dh) || -#endif - !ENGINE_set_RAND(e, &hwcrhk_rand) || - !ENGINE_set_destroy_function(e, hwcrhk_destroy) || - !ENGINE_set_init_function(e, hwcrhk_init) || - !ENGINE_set_finish_function(e, hwcrhk_finish) || - !ENGINE_set_ctrl_function(e, hwcrhk_ctrl) || - !ENGINE_set_load_privkey_function(e, hwcrhk_load_privkey) || - !ENGINE_set_load_pubkey_function(e, hwcrhk_load_pubkey) || - !ENGINE_set_cmd_defns(e, hwcrhk_cmd_defns)) - return 0; - -#ifndef OPENSSL_NO_RSA - /* We know that the "PKCS1_SSLeay()" functions hook properly - * to the cswift-specific mod_exp and mod_exp_crt so we use - * those functions. NB: We don't use ENGINE_openssl() or - * anything "more generic" because something like the RSAref - * code may not hook properly, and if you own one of these - * cards then you have the right to do RSA operations on it - * anyway! */ - meth1 = RSA_PKCS1_SSLeay(); - hwcrhk_rsa.rsa_pub_enc = meth1->rsa_pub_enc; - hwcrhk_rsa.rsa_pub_dec = meth1->rsa_pub_dec; - hwcrhk_rsa.rsa_priv_enc = meth1->rsa_priv_enc; - hwcrhk_rsa.rsa_priv_dec = meth1->rsa_priv_dec; -#endif - -#ifndef OPENSSL_NO_DH - /* Much the same for Diffie-Hellman */ - meth2 = DH_OpenSSL(); - hwcrhk_dh.generate_key = meth2->generate_key; - hwcrhk_dh.compute_key = meth2->compute_key; -#endif - - /* Ensure the hwcrhk error handling is set up */ - ERR_load_HWCRHK_strings(); - return 1; - } - -#ifdef OPENSSL_NO_DYNAMIC_ENGINE -static ENGINE *engine_ncipher(void) - { - ENGINE *ret = ENGINE_new(); - if(!ret) - return NULL; - if(!bind_helper(ret)) - { - ENGINE_free(ret); - return NULL; - } - return ret; - } - -void ENGINE_load_chil(void) - { - /* Copied from eng_[openssl|dyn].c */ - ENGINE *toadd = engine_ncipher(); - if(!toadd) return; - ENGINE_add(toadd); - ENGINE_free(toadd); - ERR_clear_error(); - } -#endif - -/* This is a process-global DSO handle used for loading and unloading - * the HWCryptoHook library. NB: This is only set (or unset) during an - * init() or finish() call (reference counts permitting) and they're - * operating with global locks, so this should be thread-safe - * implicitly. */ -static DSO *hwcrhk_dso = NULL; -static HWCryptoHook_ContextHandle hwcrhk_context = 0; -#ifndef OPENSSL_NO_RSA -static int hndidx_rsa = -1; /* Index for KM handle. Not really used yet. */ -#endif - -/* These are the function pointers that are (un)set when the library has - * successfully (un)loaded. */ -static HWCryptoHook_Init_t *p_hwcrhk_Init = NULL; -static HWCryptoHook_Finish_t *p_hwcrhk_Finish = NULL; -static HWCryptoHook_ModExp_t *p_hwcrhk_ModExp = NULL; -#ifndef OPENSSL_NO_RSA -static HWCryptoHook_RSA_t *p_hwcrhk_RSA = NULL; -#endif -static HWCryptoHook_RandomBytes_t *p_hwcrhk_RandomBytes = NULL; -#ifndef OPENSSL_NO_RSA -static HWCryptoHook_RSALoadKey_t *p_hwcrhk_RSALoadKey = NULL; -static HWCryptoHook_RSAGetPublicKey_t *p_hwcrhk_RSAGetPublicKey = NULL; -static HWCryptoHook_RSAUnloadKey_t *p_hwcrhk_RSAUnloadKey = NULL; -#endif -static HWCryptoHook_ModExpCRT_t *p_hwcrhk_ModExpCRT = NULL; - -/* Used in the DSO operations. */ -static const char *HWCRHK_LIBNAME = NULL; -static void free_HWCRHK_LIBNAME(void) - { - if(HWCRHK_LIBNAME) - OPENSSL_free((void*)HWCRHK_LIBNAME); - HWCRHK_LIBNAME = NULL; - } -static const char *get_HWCRHK_LIBNAME(void) - { - if(HWCRHK_LIBNAME) - return HWCRHK_LIBNAME; - return "nfhwcrhk"; - } -static long set_HWCRHK_LIBNAME(const char *name) - { - free_HWCRHK_LIBNAME(); - return (((HWCRHK_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0); - } -static const char *n_hwcrhk_Init = "HWCryptoHook_Init"; -static const char *n_hwcrhk_Finish = "HWCryptoHook_Finish"; -static const char *n_hwcrhk_ModExp = "HWCryptoHook_ModExp"; -#ifndef OPENSSL_NO_RSA -static const char *n_hwcrhk_RSA = "HWCryptoHook_RSA"; -#endif -static const char *n_hwcrhk_RandomBytes = "HWCryptoHook_RandomBytes"; -#ifndef OPENSSL_NO_RSA -static const char *n_hwcrhk_RSALoadKey = "HWCryptoHook_RSALoadKey"; -static const char *n_hwcrhk_RSAGetPublicKey = "HWCryptoHook_RSAGetPublicKey"; -static const char *n_hwcrhk_RSAUnloadKey = "HWCryptoHook_RSAUnloadKey"; -#endif -static const char *n_hwcrhk_ModExpCRT = "HWCryptoHook_ModExpCRT"; - -/* HWCryptoHook library functions and mechanics - these are used by the - * higher-level functions further down. NB: As and where there's no - * error checking, take a look lower down where these functions are - * called, the checking and error handling is probably down there. */ - -/* utility function to obtain a context */ -static int get_context(HWCryptoHook_ContextHandle *hac, - HWCryptoHook_CallerContext *cac) - { - char tempbuf[1024]; - HWCryptoHook_ErrMsgBuf rmsg; - - rmsg.buf = tempbuf; - rmsg.size = sizeof(tempbuf); - - *hac = p_hwcrhk_Init(&hwcrhk_globals, sizeof(hwcrhk_globals), &rmsg, - cac); - if (!*hac) - return 0; - return 1; - } - -/* similarly to release one. */ -static void release_context(HWCryptoHook_ContextHandle hac) - { - p_hwcrhk_Finish(hac); - } - -/* Destructor (complements the "ENGINE_ncipher()" constructor) */ -static int hwcrhk_destroy(ENGINE *e) - { - free_HWCRHK_LIBNAME(); - ERR_unload_HWCRHK_strings(); - return 1; - } - -/* (de)initialisation functions. */ -static int hwcrhk_init(ENGINE *e) - { - HWCryptoHook_Init_t *p1; - HWCryptoHook_Finish_t *p2; - HWCryptoHook_ModExp_t *p3; -#ifndef OPENSSL_NO_RSA - HWCryptoHook_RSA_t *p4; - HWCryptoHook_RSALoadKey_t *p5; - HWCryptoHook_RSAGetPublicKey_t *p6; - HWCryptoHook_RSAUnloadKey_t *p7; -#endif - HWCryptoHook_RandomBytes_t *p8; - HWCryptoHook_ModExpCRT_t *p9; - - if(hwcrhk_dso != NULL) - { - HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_ALREADY_LOADED); - goto err; - } - /* Attempt to load libnfhwcrhk.so/nfhwcrhk.dll/whatever. */ - hwcrhk_dso = DSO_load(NULL, get_HWCRHK_LIBNAME(), NULL, 0); - if(hwcrhk_dso == NULL) - { - HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_DSO_FAILURE); - goto err; - } - if(!(p1 = (HWCryptoHook_Init_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_Init)) || - !(p2 = (HWCryptoHook_Finish_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_Finish)) || - !(p3 = (HWCryptoHook_ModExp_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExp)) || -#ifndef OPENSSL_NO_RSA - !(p4 = (HWCryptoHook_RSA_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSA)) || - !(p5 = (HWCryptoHook_RSALoadKey_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSALoadKey)) || - !(p6 = (HWCryptoHook_RSAGetPublicKey_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAGetPublicKey)) || - !(p7 = (HWCryptoHook_RSAUnloadKey_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAUnloadKey)) || -#endif - !(p8 = (HWCryptoHook_RandomBytes_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_RandomBytes)) || - !(p9 = (HWCryptoHook_ModExpCRT_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExpCRT))) - { - HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_DSO_FAILURE); - goto err; - } - /* Copy the pointers */ - p_hwcrhk_Init = p1; - p_hwcrhk_Finish = p2; - p_hwcrhk_ModExp = p3; -#ifndef OPENSSL_NO_RSA - p_hwcrhk_RSA = p4; - p_hwcrhk_RSALoadKey = p5; - p_hwcrhk_RSAGetPublicKey = p6; - p_hwcrhk_RSAUnloadKey = p7; -#endif - p_hwcrhk_RandomBytes = p8; - p_hwcrhk_ModExpCRT = p9; - - /* Check if the application decided to support dynamic locks, - and if it does, use them. */ - if (disable_mutex_callbacks == 0) - { - if (CRYPTO_get_dynlock_create_callback() != NULL && - CRYPTO_get_dynlock_lock_callback() != NULL && - CRYPTO_get_dynlock_destroy_callback() != NULL) - { - hwcrhk_globals.mutex_init = hwcrhk_mutex_init; - hwcrhk_globals.mutex_acquire = hwcrhk_mutex_lock; - hwcrhk_globals.mutex_release = hwcrhk_mutex_unlock; - hwcrhk_globals.mutex_destroy = hwcrhk_mutex_destroy; - } - else if (CRYPTO_get_locking_callback() != NULL) - { - HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_LOCKING_MISSING); - ERR_add_error_data(1,"You HAVE to add dynamic locking callbacks via CRYPTO_set_dynlock_{create,lock,destroy}_callback()"); - goto err; - } - } - - /* Try and get a context - if not, we may have a DSO but no - * accelerator! */ - if(!get_context(&hwcrhk_context, &password_context)) - { - HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_UNIT_FAILURE); - goto err; - } - /* Everything's fine. */ -#ifndef OPENSSL_NO_RSA - if (hndidx_rsa == -1) - hndidx_rsa = RSA_get_ex_new_index(0, - "nFast HWCryptoHook RSA key handle", - NULL, NULL, hwcrhk_ex_free); -#endif - return 1; -err: - if(hwcrhk_dso) - DSO_free(hwcrhk_dso); - hwcrhk_dso = NULL; - p_hwcrhk_Init = NULL; - p_hwcrhk_Finish = NULL; - p_hwcrhk_ModExp = NULL; -#ifndef OPENSSL_NO_RSA - p_hwcrhk_RSA = NULL; - p_hwcrhk_RSALoadKey = NULL; - p_hwcrhk_RSAGetPublicKey = NULL; - p_hwcrhk_RSAUnloadKey = NULL; -#endif - p_hwcrhk_ModExpCRT = NULL; - p_hwcrhk_RandomBytes = NULL; - return 0; - } - -static int hwcrhk_finish(ENGINE *e) - { - int to_return = 1; - free_HWCRHK_LIBNAME(); - if(hwcrhk_dso == NULL) - { - HWCRHKerr(HWCRHK_F_HWCRHK_FINISH,HWCRHK_R_NOT_LOADED); - to_return = 0; - goto err; - } - release_context(hwcrhk_context); - if(!DSO_free(hwcrhk_dso)) - { - HWCRHKerr(HWCRHK_F_HWCRHK_FINISH,HWCRHK_R_DSO_FAILURE); - to_return = 0; - goto err; - } - err: - if (logstream) - BIO_free(logstream); - hwcrhk_dso = NULL; - p_hwcrhk_Init = NULL; - p_hwcrhk_Finish = NULL; - p_hwcrhk_ModExp = NULL; -#ifndef OPENSSL_NO_RSA - p_hwcrhk_RSA = NULL; - p_hwcrhk_RSALoadKey = NULL; - p_hwcrhk_RSAGetPublicKey = NULL; - p_hwcrhk_RSAUnloadKey = NULL; -#endif - p_hwcrhk_ModExpCRT = NULL; - p_hwcrhk_RandomBytes = NULL; - return to_return; - } - -static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) - { - int to_return = 1; - - switch(cmd) - { - case HWCRHK_CMD_SO_PATH: - if(hwcrhk_dso) - { - HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,HWCRHK_R_ALREADY_LOADED); - return 0; - } - if(p == NULL) - { - HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - return set_HWCRHK_LIBNAME((const char *)p); - case ENGINE_CTRL_SET_LOGSTREAM: - { - BIO *bio = (BIO *)p; - - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - if (logstream) - { - BIO_free(logstream); - logstream = NULL; - } - if (CRYPTO_add(&bio->references,1,CRYPTO_LOCK_BIO) > 1) - logstream = bio; - else - HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,HWCRHK_R_BIO_WAS_FREED); - } - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - break; - case ENGINE_CTRL_SET_PASSWORD_CALLBACK: - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - password_context.password_callback = (pem_password_cb *)f; - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - break; - case ENGINE_CTRL_SET_USER_INTERFACE: - case HWCRHK_CMD_SET_USER_INTERFACE: - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - password_context.ui_method = (UI_METHOD *)p; - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - break; - case ENGINE_CTRL_SET_CALLBACK_DATA: - case HWCRHK_CMD_SET_CALLBACK_DATA: - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - password_context.callback_data = p; - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - break; - /* this enables or disables the "SimpleForkCheck" flag used in the - * initialisation structure. */ - case ENGINE_CTRL_CHIL_SET_FORKCHECK: - case HWCRHK_CMD_FORK_CHECK: - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - if(i) - hwcrhk_globals.flags |= - HWCryptoHook_InitFlags_SimpleForkCheck; - else - hwcrhk_globals.flags &= - ~HWCryptoHook_InitFlags_SimpleForkCheck; - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - break; - /* This will prevent the initialisation function from "installing" - * the mutex-handling callbacks, even if they are available from - * within the library (or were provided to the library from the - * calling application). This is to remove any baggage for - * applications not using multithreading. */ - case ENGINE_CTRL_CHIL_NO_LOCKING: - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - disable_mutex_callbacks = 1; - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - break; - case HWCRHK_CMD_THREAD_LOCKING: - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - disable_mutex_callbacks = ((i == 0) ? 0 : 1); - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - break; - - /* The command isn't understood by this engine */ - default: - HWCRHKerr(HWCRHK_F_HWCRHK_CTRL, - HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED); - to_return = 0; - break; - } - - return to_return; - } - -static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id, - UI_METHOD *ui_method, void *callback_data) - { -#ifndef OPENSSL_NO_RSA - RSA *rtmp = NULL; -#endif - EVP_PKEY *res = NULL; -#ifndef OPENSSL_NO_RSA - HWCryptoHook_MPI e, n; - HWCryptoHook_RSAKeyHandle *hptr; -#endif -#if !defined(OPENSSL_NO_RSA) - char tempbuf[1024]; - HWCryptoHook_ErrMsgBuf rmsg; -#endif - HWCryptoHook_PassphraseContext ppctx; - -#if !defined(OPENSSL_NO_RSA) - rmsg.buf = tempbuf; - rmsg.size = sizeof(tempbuf); -#endif - - if(!hwcrhk_context) - { - HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, - HWCRHK_R_NOT_INITIALISED); - goto err; - } -#ifndef OPENSSL_NO_RSA - hptr = OPENSSL_malloc(sizeof(HWCryptoHook_RSAKeyHandle)); - if (!hptr) - { - HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, - ERR_R_MALLOC_FAILURE); - goto err; - } - ppctx.ui_method = ui_method; - ppctx.callback_data = callback_data; - if (p_hwcrhk_RSALoadKey(hwcrhk_context, key_id, hptr, - &rmsg, &ppctx)) - { - HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, - HWCRHK_R_CHIL_ERROR); - ERR_add_error_data(1,rmsg.buf); - goto err; - } - if (!*hptr) - { - HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, - HWCRHK_R_NO_KEY); - goto err; - } -#endif -#ifndef OPENSSL_NO_RSA - rtmp = RSA_new_method(eng); - RSA_set_ex_data(rtmp, hndidx_rsa, (char *)hptr); - rtmp->e = BN_new(); - rtmp->n = BN_new(); - rtmp->flags |= RSA_FLAG_EXT_PKEY; - MPI2BN(rtmp->e, e); - MPI2BN(rtmp->n, n); - if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg) - != HWCRYPTOHOOK_ERROR_MPISIZE) - { - HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,HWCRHK_R_CHIL_ERROR); - ERR_add_error_data(1,rmsg.buf); - goto err; - } - - bn_expand2(rtmp->e, e.size/sizeof(BN_ULONG)); - bn_expand2(rtmp->n, n.size/sizeof(BN_ULONG)); - MPI2BN(rtmp->e, e); - MPI2BN(rtmp->n, n); - - if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg)) - { - HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, - HWCRHK_R_CHIL_ERROR); - ERR_add_error_data(1,rmsg.buf); - goto err; - } - rtmp->e->top = e.size / sizeof(BN_ULONG); - bn_fix_top(rtmp->e); - rtmp->n->top = n.size / sizeof(BN_ULONG); - bn_fix_top(rtmp->n); - - res = EVP_PKEY_new(); - EVP_PKEY_assign_RSA(res, rtmp); -#endif - - if (!res) - HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, - HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED); - - return res; - err: - if (res) - EVP_PKEY_free(res); -#ifndef OPENSSL_NO_RSA - if (rtmp) - RSA_free(rtmp); -#endif - return NULL; - } - -static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id, - UI_METHOD *ui_method, void *callback_data) - { - EVP_PKEY *res = NULL; - -#ifndef OPENSSL_NO_RSA - res = hwcrhk_load_privkey(eng, key_id, - ui_method, callback_data); -#endif - - if (res) - switch(res->type) - { -#ifndef OPENSSL_NO_RSA - case EVP_PKEY_RSA: - { - RSA *rsa = NULL; - - CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY); - rsa = res->pkey.rsa; - res->pkey.rsa = RSA_new(); - res->pkey.rsa->n = rsa->n; - res->pkey.rsa->e = rsa->e; - rsa->n = NULL; - rsa->e = NULL; - CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY); - RSA_free(rsa); - } - break; -#endif - default: - HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY, - HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED); - goto err; - } - - return res; - err: - if (res) - EVP_PKEY_free(res); - return NULL; - } - -/* A little mod_exp */ -static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx) - { - char tempbuf[1024]; - HWCryptoHook_ErrMsgBuf rmsg; - /* Since HWCryptoHook_MPI is pretty compatible with BIGNUM's, - we use them directly, plus a little macro magic. We only - thing we need to make sure of is that enough space is allocated. */ - HWCryptoHook_MPI m_a, m_p, m_n, m_r; - int to_return, ret; - - to_return = 0; /* expect failure */ - rmsg.buf = tempbuf; - rmsg.size = sizeof(tempbuf); - - if(!hwcrhk_context) - { - HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP,HWCRHK_R_NOT_INITIALISED); - goto err; - } - /* Prepare the params */ - bn_expand2(r, m->top); /* Check for error !! */ - BN2MPI(m_a, a); - BN2MPI(m_p, p); - BN2MPI(m_n, m); - MPI2BN(r, m_r); - - /* Perform the operation */ - ret = p_hwcrhk_ModExp(hwcrhk_context, m_a, m_p, m_n, &m_r, &rmsg); - - /* Convert the response */ - r->top = m_r.size / sizeof(BN_ULONG); - bn_fix_top(r); - - if (ret < 0) - { - /* FIXME: When this error is returned, HWCryptoHook is - telling us that falling back to software computation - might be a good thing. */ - if(ret == HWCRYPTOHOOK_ERROR_FALLBACK) - { - HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP,HWCRHK_R_REQUEST_FALLBACK); - } - else - { - HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP,HWCRHK_R_REQUEST_FAILED); - } - ERR_add_error_data(1,rmsg.buf); - goto err; - } - - to_return = 1; -err: - return to_return; - } - -#ifndef OPENSSL_NO_RSA -static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) - { - char tempbuf[1024]; - HWCryptoHook_ErrMsgBuf rmsg; - HWCryptoHook_RSAKeyHandle *hptr; - int to_return = 0, ret; - - rmsg.buf = tempbuf; - rmsg.size = sizeof(tempbuf); - - if(!hwcrhk_context) - { - HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,HWCRHK_R_NOT_INITIALISED); - goto err; - } - - /* This provides support for nForce keys. Since that's opaque data - all we do is provide a handle to the proper key and let HWCryptoHook - take care of the rest. */ - if ((hptr = (HWCryptoHook_RSAKeyHandle *) RSA_get_ex_data(rsa, hndidx_rsa)) - != NULL) - { - HWCryptoHook_MPI m_a, m_r; - - if(!rsa->n) - { - HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, - HWCRHK_R_MISSING_KEY_COMPONENTS); - goto err; - } - - /* Prepare the params */ - bn_expand2(r, rsa->n->top); /* Check for error !! */ - BN2MPI(m_a, I); - MPI2BN(r, m_r); - - /* Perform the operation */ - ret = p_hwcrhk_RSA(m_a, *hptr, &m_r, &rmsg); - - /* Convert the response */ - r->top = m_r.size / sizeof(BN_ULONG); - bn_fix_top(r); - - if (ret < 0) - { - /* FIXME: When this error is returned, HWCryptoHook is - telling us that falling back to software computation - might be a good thing. */ - if(ret == HWCRYPTOHOOK_ERROR_FALLBACK) - { - HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, - HWCRHK_R_REQUEST_FALLBACK); - } - else - { - HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, - HWCRHK_R_REQUEST_FAILED); - } - ERR_add_error_data(1,rmsg.buf); - goto err; - } - } - else - { - HWCryptoHook_MPI m_a, m_p, m_q, m_dmp1, m_dmq1, m_iqmp, m_r; - - if(!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) - { - HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, - HWCRHK_R_MISSING_KEY_COMPONENTS); - goto err; - } - - /* Prepare the params */ - bn_expand2(r, rsa->n->top); /* Check for error !! */ - BN2MPI(m_a, I); - BN2MPI(m_p, rsa->p); - BN2MPI(m_q, rsa->q); - BN2MPI(m_dmp1, rsa->dmp1); - BN2MPI(m_dmq1, rsa->dmq1); - BN2MPI(m_iqmp, rsa->iqmp); - MPI2BN(r, m_r); - - /* Perform the operation */ - ret = p_hwcrhk_ModExpCRT(hwcrhk_context, m_a, m_p, m_q, - m_dmp1, m_dmq1, m_iqmp, &m_r, &rmsg); - - /* Convert the response */ - r->top = m_r.size / sizeof(BN_ULONG); - bn_fix_top(r); - - if (ret < 0) - { - /* FIXME: When this error is returned, HWCryptoHook is - telling us that falling back to software computation - might be a good thing. */ - if(ret == HWCRYPTOHOOK_ERROR_FALLBACK) - { - HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, - HWCRHK_R_REQUEST_FALLBACK); - } - else - { - HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, - HWCRHK_R_REQUEST_FAILED); - } - ERR_add_error_data(1,rmsg.buf); - goto err; - } - } - /* If we're here, we must be here with some semblance of success :-) */ - to_return = 1; -err: - return to_return; - } -#endif - -/* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) - { - return hwcrhk_mod_exp(r, a, p, m, ctx); - } - -#ifndef OPENSSL_NO_DH -/* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r, - const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) - { - return hwcrhk_mod_exp(r, a, p, m, ctx); - } -#endif - -/* Random bytes are good */ -static int hwcrhk_rand_bytes(unsigned char *buf, int num) - { - char tempbuf[1024]; - HWCryptoHook_ErrMsgBuf rmsg; - int to_return = 0; /* assume failure */ - int ret; - - rmsg.buf = tempbuf; - rmsg.size = sizeof(tempbuf); - - if(!hwcrhk_context) - { - HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES,HWCRHK_R_NOT_INITIALISED); - goto err; - } - - ret = p_hwcrhk_RandomBytes(hwcrhk_context, buf, num, &rmsg); - if (ret < 0) - { - /* FIXME: When this error is returned, HWCryptoHook is - telling us that falling back to software computation - might be a good thing. */ - if(ret == HWCRYPTOHOOK_ERROR_FALLBACK) - { - HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES, - HWCRHK_R_REQUEST_FALLBACK); - } - else - { - HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES, - HWCRHK_R_REQUEST_FAILED); - } - ERR_add_error_data(1,rmsg.buf); - goto err; - } - to_return = 1; - err: - return to_return; - } - -static int hwcrhk_rand_status(void) - { - return 1; - } - -/* This cleans up an RSA KM key, called when ex_data is freed */ - -static void hwcrhk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, - int ind,long argl, void *argp) -{ - char tempbuf[1024]; - HWCryptoHook_ErrMsgBuf rmsg; -#ifndef OPENSSL_NO_RSA - HWCryptoHook_RSAKeyHandle *hptr; -#endif -#if !defined(OPENSSL_NO_RSA) - int ret; -#endif - - rmsg.buf = tempbuf; - rmsg.size = sizeof(tempbuf); - -#ifndef OPENSSL_NO_RSA - hptr = (HWCryptoHook_RSAKeyHandle *) item; - if(hptr) - { - ret = p_hwcrhk_RSAUnloadKey(*hptr, NULL); - OPENSSL_free(hptr); - } -#endif -} - -/* Mutex calls: since the HWCryptoHook model closely follows the POSIX model - * these just wrap the POSIX functions and add some logging. - */ - -static int hwcrhk_mutex_init(HWCryptoHook_Mutex* mt, - HWCryptoHook_CallerContext *cactx) - { - mt->lockid = CRYPTO_get_new_dynlockid(); - if (mt->lockid == 0) - return 1; /* failure */ - return 0; /* success */ - } - -static int hwcrhk_mutex_lock(HWCryptoHook_Mutex *mt) - { - CRYPTO_w_lock(mt->lockid); - return 0; - } - -static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex * mt) - { - CRYPTO_w_unlock(mt->lockid); - } - -static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex *mt) - { - CRYPTO_destroy_dynlockid(mt->lockid); - } - -static int hwcrhk_get_pass(const char *prompt_info, - int *len_io, char *buf, - HWCryptoHook_PassphraseContext *ppctx, - HWCryptoHook_CallerContext *cactx) - { - pem_password_cb *callback = NULL; - void *callback_data = NULL; - UI_METHOD *ui_method = NULL; - - if (cactx) - { - if (cactx->ui_method) - ui_method = cactx->ui_method; - if (cactx->password_callback) - callback = cactx->password_callback; - if (cactx->callback_data) - callback_data = cactx->callback_data; - } - if (ppctx) - { - if (ppctx->ui_method) - { - ui_method = ppctx->ui_method; - callback = NULL; - } - if (ppctx->callback_data) - callback_data = ppctx->callback_data; - } - if (callback == NULL && ui_method == NULL) - { - HWCRHKerr(HWCRHK_F_HWCRHK_GET_PASS,HWCRHK_R_NO_CALLBACK); - return -1; - } - - if (ui_method) - { - UI *ui = UI_new_method(ui_method); - if (ui) - { - int ok; - char *prompt = UI_construct_prompt(ui, - "pass phrase", prompt_info); - - ok = UI_add_input_string(ui,prompt, - UI_INPUT_FLAG_DEFAULT_PWD, - buf,0,(*len_io) - 1); - UI_add_user_data(ui, callback_data); - UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0); - - if (ok >= 0) - do - { - ok=UI_process(ui); - } - while (ok < 0 && UI_ctrl(ui, UI_CTRL_IS_REDOABLE, 0, 0, 0)); - - if (ok >= 0) - *len_io = strlen(buf); - - UI_free(ui); - OPENSSL_free(prompt); - } - } - else - { - *len_io = callback(buf, *len_io, 0, callback_data); - } - if(!*len_io) - return -1; - return 0; - } - -static int hwcrhk_insert_card(const char *prompt_info, - const char *wrong_info, - HWCryptoHook_PassphraseContext *ppctx, - HWCryptoHook_CallerContext *cactx) - { - int ok = -1; - UI *ui; - void *callback_data = NULL; - UI_METHOD *ui_method = NULL; - - if (cactx) - { - if (cactx->ui_method) - ui_method = cactx->ui_method; - if (cactx->callback_data) - callback_data = cactx->callback_data; - } - if (ppctx) - { - if (ppctx->ui_method) - ui_method = ppctx->ui_method; - if (ppctx->callback_data) - callback_data = ppctx->callback_data; - } - if (ui_method == NULL) - { - HWCRHKerr(HWCRHK_F_HWCRHK_INSERT_CARD, - HWCRHK_R_NO_CALLBACK); - return -1; - } - - ui = UI_new_method(ui_method); - - if (ui) - { - char answer; - char buf[BUFSIZ]; - - if (wrong_info) - BIO_snprintf(buf, sizeof(buf)-1, - "Current card: \"%s\"\n", wrong_info); - ok = UI_dup_info_string(ui, buf); - if (ok >= 0 && prompt_info) - { - BIO_snprintf(buf, sizeof(buf)-1, - "Insert card \"%s\"", prompt_info); - ok = UI_dup_input_boolean(ui, buf, - "\n then hit or C to cancel\n", - "\r\n", "Cc", UI_INPUT_FLAG_ECHO, &answer); - } - UI_add_user_data(ui, callback_data); - - if (ok >= 0) - ok = UI_process(ui); - UI_free(ui); - - if (ok == -2 || (ok >= 0 && answer == 'C')) - ok = 1; - else if (ok < 0) - ok = -1; - else - ok = 0; - } - return ok; - } - -static void hwcrhk_log_message(void *logstr, const char *message) - { - BIO *lstream = NULL; - - CRYPTO_w_lock(CRYPTO_LOCK_BIO); - if (logstr) - lstream=*(BIO **)logstr; - if (lstream) - { - BIO_printf(lstream, "%s\n", message); - } - CRYPTO_w_unlock(CRYPTO_LOCK_BIO); - } - -/* This stuff is needed if this ENGINE is being compiled into a self-contained - * shared-library. */ -#ifndef OPENSSL_NO_DYNAMIC_ENGINE -static int bind_fn(ENGINE *e, const char *id) - { - if(id && (strcmp(id, engine_hwcrhk_id) != 0) && - (strcmp(id, engine_hwcrhk_id_alt) != 0)) - return 0; - if(!bind_helper(e)) - return 0; - return 1; - } -IMPLEMENT_DYNAMIC_CHECK_FN() -IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) -#endif /* OPENSSL_NO_DYNAMIC_ENGINE */ - -#endif /* !OPENSSL_NO_HW_NCIPHER */ -#endif /* !OPENSSL_NO_HW */ diff --git a/engines/e_ncipher.ec b/engines/e_ncipher.ec deleted file mode 100644 index 561db41e52..0000000000 --- a/engines/e_ncipher.ec +++ /dev/null @@ -1 +0,0 @@ -L HWCRHK e_ncipher_err.h e_ncipher_err.c diff --git a/engines/e_ncipher_err.c b/engines/e_ncipher_err.c deleted file mode 100644 index b219a88616..0000000000 --- a/engines/e_ncipher_err.c +++ /dev/null @@ -1,161 +0,0 @@ -/* e_ncipher_err.c */ -/* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include "e_ncipher_err.h" - -/* BEGIN ERROR CODES */ -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(0,func,0) -#define ERR_REASON(reason) ERR_PACK(0,0,reason) - -static ERR_STRING_DATA HWCRHK_str_functs[]= - { -{ERR_FUNC(HWCRHK_F_HWCRHK_CTRL), "HWCRHK_CTRL"}, -{ERR_FUNC(HWCRHK_F_HWCRHK_FINISH), "HWCRHK_FINISH"}, -{ERR_FUNC(HWCRHK_F_HWCRHK_GET_PASS), "HWCRHK_GET_PASS"}, -{ERR_FUNC(HWCRHK_F_HWCRHK_INIT), "HWCRHK_INIT"}, -{ERR_FUNC(HWCRHK_F_HWCRHK_INSERT_CARD), "HWCRHK_INSERT_CARD"}, -{ERR_FUNC(HWCRHK_F_HWCRHK_LOAD_PRIVKEY), "HWCRHK_LOAD_PRIVKEY"}, -{ERR_FUNC(HWCRHK_F_HWCRHK_LOAD_PUBKEY), "HWCRHK_LOAD_PUBKEY"}, -{ERR_FUNC(HWCRHK_F_HWCRHK_MOD_EXP), "HWCRHK_MOD_EXP"}, -{ERR_FUNC(HWCRHK_F_HWCRHK_RAND_BYTES), "HWCRHK_RAND_BYTES"}, -{ERR_FUNC(HWCRHK_F_HWCRHK_RSA_MOD_EXP), "HWCRHK_RSA_MOD_EXP"}, -{0,NULL} - }; - -static ERR_STRING_DATA HWCRHK_str_reasons[]= - { -{ERR_REASON(HWCRHK_R_ALREADY_LOADED) ,"already loaded"}, -{ERR_REASON(HWCRHK_R_BIO_WAS_FREED) ,"bio was freed"}, -{ERR_REASON(HWCRHK_R_CHIL_ERROR) ,"chil error"}, -{ERR_REASON(HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED),"ctrl command not implemented"}, -{ERR_REASON(HWCRHK_R_DSO_FAILURE) ,"dso failure"}, -{ERR_REASON(HWCRHK_R_LOCKING_MISSING) ,"locking missing"}, -{ERR_REASON(HWCRHK_R_MISSING_KEY_COMPONENTS),"missing key components"}, -{ERR_REASON(HWCRHK_R_NOT_INITIALISED) ,"not initialised"}, -{ERR_REASON(HWCRHK_R_NOT_LOADED) ,"not loaded"}, -{ERR_REASON(HWCRHK_R_NO_CALLBACK) ,"no callback"}, -{ERR_REASON(HWCRHK_R_NO_KEY) ,"no key"}, -{ERR_REASON(HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED),"private key algorithms disabled"}, -{ERR_REASON(HWCRHK_R_REQUEST_FAILED) ,"request failed"}, -{ERR_REASON(HWCRHK_R_REQUEST_FALLBACK) ,"request fallback"}, -{ERR_REASON(HWCRHK_R_UNIT_FAILURE) ,"unit failure"}, -{0,NULL} - }; - -#endif - -#ifdef HWCRHK_LIB_NAME -static ERR_STRING_DATA HWCRHK_lib_name[]= - { -{0 ,HWCRHK_LIB_NAME}, -{0,NULL} - }; -#endif - - -static int HWCRHK_lib_error_code=0; -static int HWCRHK_error_init=1; - -static void ERR_load_HWCRHK_strings(void) - { - if (HWCRHK_lib_error_code == 0) - HWCRHK_lib_error_code=ERR_get_next_error_library(); - - if (HWCRHK_error_init) - { - HWCRHK_error_init=0; -#ifndef OPENSSL_NO_ERR - ERR_load_strings(HWCRHK_lib_error_code,HWCRHK_str_functs); - ERR_load_strings(HWCRHK_lib_error_code,HWCRHK_str_reasons); -#endif - -#ifdef HWCRHK_LIB_NAME - HWCRHK_lib_name->error = ERR_PACK(HWCRHK_lib_error_code,0,0); - ERR_load_strings(0,HWCRHK_lib_name); -#endif - } - } - -static void ERR_unload_HWCRHK_strings(void) - { - if (HWCRHK_error_init == 0) - { -#ifndef OPENSSL_NO_ERR - ERR_unload_strings(HWCRHK_lib_error_code,HWCRHK_str_functs); - ERR_unload_strings(HWCRHK_lib_error_code,HWCRHK_str_reasons); -#endif - -#ifdef HWCRHK_LIB_NAME - ERR_unload_strings(0,HWCRHK_lib_name); -#endif - HWCRHK_error_init=1; - } - } - -static void ERR_HWCRHK_error(int function, int reason, char *file, int line) - { - if (HWCRHK_lib_error_code == 0) - HWCRHK_lib_error_code=ERR_get_next_error_library(); - ERR_PUT_error(HWCRHK_lib_error_code,function,reason,file,line); - } diff --git a/engines/e_ncipher_err.h b/engines/e_ncipher_err.h deleted file mode 100644 index 482086e3b5..0000000000 --- a/engines/e_ncipher_err.h +++ /dev/null @@ -1,101 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_HWCRHK_ERR_H -#define HEADER_HWCRHK_ERR_H - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -static void ERR_load_HWCRHK_strings(void); -static void ERR_unload_HWCRHK_strings(void); -static void ERR_HWCRHK_error(int function, int reason, char *file, int line); -#define HWCRHKerr(f,r) ERR_HWCRHK_error((f),(r),__FILE__,__LINE__) - -/* Error codes for the HWCRHK functions. */ - -/* Function codes. */ -#define HWCRHK_F_HWCRHK_CTRL 100 -#define HWCRHK_F_HWCRHK_FINISH 101 -#define HWCRHK_F_HWCRHK_GET_PASS 102 -#define HWCRHK_F_HWCRHK_INIT 103 -#define HWCRHK_F_HWCRHK_INSERT_CARD 104 -#define HWCRHK_F_HWCRHK_LOAD_PRIVKEY 105 -#define HWCRHK_F_HWCRHK_LOAD_PUBKEY 106 -#define HWCRHK_F_HWCRHK_MOD_EXP 107 -#define HWCRHK_F_HWCRHK_RAND_BYTES 108 -#define HWCRHK_F_HWCRHK_RSA_MOD_EXP 109 - -/* Reason codes. */ -#define HWCRHK_R_ALREADY_LOADED 100 -#define HWCRHK_R_BIO_WAS_FREED 101 -#define HWCRHK_R_CHIL_ERROR 102 -#define HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED 103 -#define HWCRHK_R_DSO_FAILURE 104 -#define HWCRHK_R_LOCKING_MISSING 114 -#define HWCRHK_R_MISSING_KEY_COMPONENTS 105 -#define HWCRHK_R_NOT_INITIALISED 106 -#define HWCRHK_R_NOT_LOADED 107 -#define HWCRHK_R_NO_CALLBACK 108 -#define HWCRHK_R_NO_KEY 109 -#define HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED 110 -#define HWCRHK_R_REQUEST_FAILED 111 -#define HWCRHK_R_REQUEST_FALLBACK 112 -#define HWCRHK_R_UNIT_FAILURE 113 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/engines/makeengines.com b/engines/makeengines.com index 2191a2242d..4a7474e010 100644 --- a/engines/makeengines.com +++ b/engines/makeengines.com @@ -34,7 +34,7 @@ $! Set the names of the engines we want to build $! $ ENGINES = "," + P6 $ IF ENGINES .EQS. "," THEN - - ENGINES = ",4758_cca,aep,atalla,cswift,ncipher,nuron,sureware,ubsec" + ENGINES = ",4758cca,aep,atalla,cswift,chil,nuron,sureware,ubsec" $! $! Set the default TCP/IP library to link against if needed $! @@ -79,11 +79,11 @@ $ THEN $ ENGINE_ = "engine_vector.mar" $ EXTRA_OBJ := ,'OBJ_DIR'ENGINE_VECTOR.OBJ $ ENDIF -$ ENGINE_4758_CCA = "e_4758_cca" +$ ENGINE_4758CCA = "e_4758cca" $ ENGINE_aep = "e_aep" $ ENGINE_atalla = "e_atalla" $ ENGINE_cswift = "e_cswift" -$ ENGINE_ncipher = "e_ncipher" +$ ENGINE_chil = "e_chil" $ ENGINE_nuron = "e_nuron" $ ENGINE_sureware = "e_sureware" $ ENGINE_ubsec = "e_ubsec" -- GitLab From c2d78c96236a089707f00aa63371087d53b8a3e8 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Mon, 30 May 2005 00:28:38 +0000 Subject: [PATCH 188/929] Copy ordinals from 0.9.7 and update. --- crypto/rsa/Makefile | 21 + util/libeay.num | 960 ++++++++++++++++++++++---------------------- 2 files changed, 504 insertions(+), 477 deletions(-) diff --git a/crypto/rsa/Makefile b/crypto/rsa/Makefile index 6c05226522..0729924cb9 100644 --- a/crypto/rsa/Makefile +++ b/crypto/rsa/Makefile @@ -179,6 +179,17 @@ rsa_pk1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h rsa_pk1.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h rsa_pk1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h rsa_pk1.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_pk1.c +rsa_pss.o: ../../e_os.h ../../include/openssl/asn1.h +rsa_pss.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +rsa_pss.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +rsa_pss.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +rsa_pss.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +rsa_pss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +rsa_pss.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +rsa_pss.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h +rsa_pss.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +rsa_pss.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +rsa_pss.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_pss.c rsa_saos.o: ../../e_os.h ../../include/openssl/asn1.h rsa_saos.o: ../../include/openssl/bio.h ../../include/openssl/bn.h rsa_saos.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h @@ -216,3 +227,13 @@ rsa_ssl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h rsa_ssl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h rsa_ssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h rsa_ssl.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_ssl.c +rsa_x931.o: ../../e_os.h ../../include/openssl/asn1.h +rsa_x931.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +rsa_x931.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +rsa_x931.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +rsa_x931.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +rsa_x931.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +rsa_x931.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +rsa_x931.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h +rsa_x931.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +rsa_x931.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_x931.c diff --git a/util/libeay.num b/util/libeay.num index 47881945aa..482c65d2df 100755 --- a/util/libeay.num +++ b/util/libeay.num @@ -2876,483 +2876,489 @@ EVP_sha256 3315 EXIST::FUNCTION:SHA,SHA256 FIPS_selftest_hmac 3316 NOEXIST::FUNCTION: FIPS_corrupt_rng 3317 NOEXIST::FUNCTION: BN_mod_exp_mont_consttime 3318 EXIST::FUNCTION: -EVP_PKEY_cmp 3319 EXIST::FUNCTION: -PEM_write_ECPKParameters 3320 EXIST:!WIN16:FUNCTION:EC -STORE_list_private_key_end 3321 EXIST::FUNCTION: -i2d_EC_PUBKEY_bio 3322 EXIST::FUNCTION:BIO,EC -BUF_memdup 3323 EXIST::FUNCTION: -NAME_CONSTRAINTS_it 3324 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -NAME_CONSTRAINTS_it 3324 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -EC_KEY_copy 3325 EXIST::FUNCTION:EC -STORE_ATTR_INFO_get0_cstr 3326 EXIST::FUNCTION: -STORE_list_crl_end 3327 EXIST::FUNCTION: -EC_KEY_set_asn1_flag 3328 EXIST::FUNCTION:EC -X509_VERIFY_PARAM_free 3329 EXIST::FUNCTION: -EC_POINT_set_compressed_coordinates_GF2m 3330 EXIST:!VMS:FUNCTION:EC -EC_POINT_set_compr_coords_GF2m 3330 EXIST:VMS:FUNCTION:EC -ASN1_generate_nconf 3331 EXIST::FUNCTION: -ECPKParameters_print 3332 EXIST::FUNCTION:BIO,EC -OBJ_bsearch_ex 3333 EXIST::FUNCTION: -EC_GROUP_get_curve_GF2m 3334 EXIST::FUNCTION:EC -STORE_method_set_store_function 3335 EXIST::FUNCTION: -d2i_ECPrivateKey_fp 3336 EXIST::FUNCTION:EC,FP_API -EC_KEY_up_ref 3337 EXIST::FUNCTION:EC -SHA384_Final 3338 EXIST::FUNCTION:SHA,SHA512 -EC_POINT_point2bn 3339 EXIST::FUNCTION:EC -STORE_modify_private_key 3340 EXIST::FUNCTION: -ENGINE_get_ECDSA 3341 EXIST::FUNCTION:ENGINE -ECDSA_verify 3342 EXIST::FUNCTION:ECDSA -STORE_list_certificate_next 3343 EXIST::FUNCTION: -BN_GF2m_mod_sqr_arr 3344 EXIST::FUNCTION: -STORE_OBJECT_free 3345 EXIST::FUNCTION: -STORE_delete_crl 3346 EXIST::FUNCTION: -X509_CERT_PAIR_it 3347 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -X509_CERT_PAIR_it 3347 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -X509_VERIFY_PARAM_set_purpose 3348 EXIST::FUNCTION: -EC_GROUP_get_asn1_flag 3349 EXIST::FUNCTION:EC -EC_POINT_set_affine_coordinates_GF2m 3350 EXIST:!VMS:FUNCTION:EC -EC_POINT_set_affine_coords_GF2m 3350 EXIST:VMS:FUNCTION:EC -X509_VERIFY_PARAM_set1_name 3351 EXIST::FUNCTION: -X509_VERIFY_PARAM_set_depth 3352 EXIST::FUNCTION: -OPENSSL_ia32cap_loc 3353 EXIST::FUNCTION: -X509_VERIFY_PARAM_set1 3354 EXIST::FUNCTION: -PEM_write_ECPrivateKey 3355 EXIST:!WIN16:FUNCTION:EC -EC_GROUP_cmp 3356 EXIST::FUNCTION:EC -STORE_ATTR_INFO_modify_sha1str 3357 EXIST::FUNCTION: -i2o_ECPublicKey 3358 EXIST::FUNCTION:EC -EVP_PKEY_get_attr_by_NID 3359 EXIST::FUNCTION: -ASN1_item_ndef_i2d 3360 EXIST::FUNCTION: -STORE_method_set_modify_function 3361 EXIST:!VMS:FUNCTION: -STORE_meth_set_modify_fn 3361 EXIST:VMS:FUNCTION: -POLICY_CONSTRAINTS_new 3362 EXIST::FUNCTION: -STORE_method_get_generate_function 3363 EXIST:!VMS:FUNCTION: -STORE_meth_get_generate_fn 3363 EXIST:VMS:FUNCTION: -STORE_list_public_key_endp 3364 EXIST::FUNCTION: -BN_BLINDING_convert_ex 3365 EXIST::FUNCTION: -STORE_get_ex_new_index 3366 EXIST::FUNCTION: -X509_policy_node_get0_qualifiers 3367 EXIST:!VMS:FUNCTION: -X509_pcy_node_get0_qualifiers 3367 EXIST:VMS:FUNCTION: -EC_GF2m_simple_method 3368 EXIST::FUNCTION:EC -STORE_method_get_get_function 3369 EXIST::FUNCTION: -EC_GROUP_get_curve_name 3370 EXIST::FUNCTION:EC -PEM_write_X509_CERT_PAIR 3371 EXIST:!WIN16:FUNCTION: -ENGINE_set_default_ECDH 3372 EXIST::FUNCTION:ENGINE -ERR_set_mark 3373 EXIST::FUNCTION: -sk_find_ex 3374 EXIST::FUNCTION: -PEM_read_bio_ECPrivateKey 3375 EXIST::FUNCTION:EC -BN_GF2m_mod_div_arr 3376 EXIST::FUNCTION: -i2d_X509_CERT_PAIR 3377 EXIST::FUNCTION: -BN_BLINDING_get_thread_id 3378 EXIST::FUNCTION: -EC_get_builtin_curves 3379 EXIST::FUNCTION:EC -NAME_CONSTRAINTS_new 3380 EXIST::FUNCTION: -EVP_PKEY_delete_attr 3381 EXIST::FUNCTION: -DSA_generate_parameters_ex 3382 EXIST::FUNCTION:DSA -X509_VERIFY_PARAM_set_time 3383 EXIST::FUNCTION: -STORE_delete_private_key 3384 EXIST::FUNCTION: -STORE_method_set_cleanup_function 3385 EXIST:!VMS:FUNCTION: -STORE_meth_set_cleanup_fn 3385 EXIST:VMS:FUNCTION: -PEM_read_bio_X509_CERT_PAIR 3386 EXIST::FUNCTION: -STORE_ATTR_INFO_get0_number 3387 EXIST::FUNCTION: -BN_generate_prime_ex 3388 EXIST::FUNCTION: -STORE_get_number 3389 EXIST::FUNCTION: -ECDH_compute_key 3390 EXIST::FUNCTION:ECDH -asn1_const_Finish 3391 EXIST::FUNCTION: -STORE_method_get_store_function 3392 EXIST::FUNCTION: -STORE_parse_attrs_endp 3393 EXIST::FUNCTION: -STORE_list_private_key_endp 3394 EXIST::FUNCTION: -BN_BLINDING_set_thread_id 3395 EXIST::FUNCTION: -STORE_destroy_method 3396 EXIST::FUNCTION: -BN_nist_mod_521 3397 EXIST::FUNCTION: -EC_KEY_precompute_mult 3398 EXIST::FUNCTION:EC -STORE_ATTR_INFO_free 3399 EXIST::FUNCTION: -STORE_store_crl 3400 EXIST::FUNCTION: -EVP_PKEY_add1_attr_by_OBJ 3401 EXIST::FUNCTION: -PKCS7_set_digest 3402 EXIST::FUNCTION: -ECDH_get_ex_data 3403 EXIST::FUNCTION:ECDH -d2i_ECPrivateKey_bio 3404 EXIST::FUNCTION:BIO,EC -BN_GF2m_mod_sqr 3405 EXIST::FUNCTION: -STORE_list_certificate_start 3406 EXIST::FUNCTION: -i2d_ECPrivateKey_bio 3407 EXIST::FUNCTION:BIO,EC -STORE_modify_crl 3408 EXIST::FUNCTION: -BN_GF2m_mod_div 3409 EXIST::FUNCTION: -STORE_new_method 3410 EXIST::FUNCTION: -ENGINE_register_STORE 3411 EXIST::FUNCTION:ENGINE -STORE_method_get_delete_function 3412 EXIST:!VMS:FUNCTION: -STORE_meth_get_delete_fn 3412 EXIST:VMS:FUNCTION: -STORE_list_crl_start 3413 EXIST::FUNCTION: -ECDH_set_default_method 3414 EXIST::FUNCTION:ECDH -STORE_method_get_cleanup_function 3415 EXIST:!VMS:FUNCTION: -STORE_meth_get_cleanup_fn 3415 EXIST:VMS:FUNCTION: -ECDSA_SIG_new 3416 EXIST::FUNCTION:ECDSA -OPENSSL_DIR_end 3417 EXIST::FUNCTION: -ECDSA_SIG_free 3418 EXIST::FUNCTION:ECDSA -BIO_dump_indent_fp 3419 EXIST::FUNCTION:FP_API -EC_GROUP_get_basis_type 3420 EXIST::FUNCTION:EC -pqueue_insert 3421 EXIST::FUNCTION: -EC_KEY_print 3422 EXIST::FUNCTION:BIO,EC -STORE_revoke_certificate 3423 EXIST::FUNCTION: -STORE_method_get_list_end_function 3424 EXIST:!VMS:FUNCTION: -STORE_meth_get_list_end_fn 3424 EXIST:VMS:FUNCTION: -EC_METHOD_get_field_type 3425 EXIST::FUNCTION:EC -PEM_write_EC_PUBKEY 3426 EXIST:!WIN16:FUNCTION:EC -EC_POINT_point2hex 3427 EXIST::FUNCTION:EC -STORE_store_number 3428 EXIST::FUNCTION: -DH_generate_parameters_ex 3429 EXIST::FUNCTION:DH -STORE_Memory 3430 EXIST::FUNCTION: -SHA224_Final 3431 EXIST::FUNCTION:SHA,SHA256 -EC_GROUP_get0_seed 3432 EXIST::FUNCTION:EC -EVP_ecdsa 3433 EXIST::FUNCTION:SHA +RSA_X931_hash_id 3319 EXIST::FUNCTION:RSA +RSA_padding_check_X931 3320 EXIST::FUNCTION:RSA +RSA_verify_PKCS1_PSS 3321 EXIST::FUNCTION:RSA +RSA_padding_add_X931 3322 EXIST::FUNCTION:RSA +RSA_padding_add_PKCS1_PSS 3323 EXIST::FUNCTION:RSA +PKCS1_MGF1 3324 EXIST::FUNCTION:RSA +BIO_new_dgram 3325 EXIST::FUNCTION: +BN_get0_nist_prime_384 3326 EXIST::FUNCTION: +ERR_set_mark 3327 EXIST::FUNCTION: +X509_STORE_CTX_set0_crls 3328 EXIST::FUNCTION: +ENGINE_set_STORE 3329 EXIST::FUNCTION:ENGINE +ENGINE_register_ECDSA 3330 EXIST::FUNCTION:ENGINE +STORE_method_set_list_start_function 3331 EXIST:!VMS:FUNCTION: +STORE_meth_set_list_start_fn 3331 EXIST:VMS:FUNCTION: +BN_BLINDING_invert_ex 3332 EXIST::FUNCTION: +NAME_CONSTRAINTS_free 3333 EXIST::FUNCTION: +STORE_ATTR_INFO_set_number 3334 EXIST::FUNCTION: +BN_BLINDING_get_thread_id 3335 EXIST::FUNCTION: +X509_STORE_CTX_set0_param 3336 EXIST::FUNCTION: +POLICY_MAPPING_it 3337 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +POLICY_MAPPING_it 3337 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +STORE_parse_attrs_start 3338 EXIST::FUNCTION: +POLICY_CONSTRAINTS_free 3339 EXIST::FUNCTION: +EVP_PKEY_add1_attr_by_NID 3340 EXIST::FUNCTION: +BN_nist_mod_192 3341 EXIST::FUNCTION: +EC_GROUP_get_trinomial_basis 3342 EXIST::FUNCTION:EC +STORE_set_method 3343 EXIST::FUNCTION: +GENERAL_SUBTREE_free 3344 EXIST::FUNCTION: +NAME_CONSTRAINTS_it 3345 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +NAME_CONSTRAINTS_it 3345 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ECDH_get_default_method 3346 EXIST::FUNCTION:ECDH +PKCS12_add_safe 3347 EXIST::FUNCTION: +EC_KEY_new_by_curve_name 3348 EXIST::FUNCTION:EC +STORE_method_get_update_store_function 3349 EXIST:!VMS:FUNCTION: +STORE_meth_get_update_store_fn 3349 EXIST:VMS:FUNCTION: +ENGINE_register_ECDH 3350 EXIST::FUNCTION:ENGINE +SHA512_Update 3351 EXIST::FUNCTION:SHA,SHA512 +i2d_ECPrivateKey 3352 EXIST::FUNCTION:EC +BN_get0_nist_prime_192 3353 EXIST::FUNCTION: +STORE_modify_certificate 3354 EXIST::FUNCTION: +EC_POINT_set_affine_coordinates_GF2m 3355 EXIST:!VMS:FUNCTION:EC +EC_POINT_set_affine_coords_GF2m 3355 EXIST:VMS:FUNCTION:EC +BN_GF2m_mod_exp_arr 3356 EXIST::FUNCTION: +STORE_ATTR_INFO_modify_number 3357 EXIST::FUNCTION: +X509_keyid_get0 3358 EXIST::FUNCTION: +ENGINE_load_gmp 3359 EXIST::FUNCTION:ENGINE,GMP,STATIC_ENGINE +pitem_new 3360 EXIST::FUNCTION: +BN_GF2m_mod_mul_arr 3361 EXIST::FUNCTION: +STORE_list_public_key_endp 3362 EXIST::FUNCTION: +o2i_ECPublicKey 3363 EXIST::FUNCTION:EC +EC_KEY_copy 3364 EXIST::FUNCTION:EC +BIO_dump_fp 3365 EXIST::FUNCTION:FP_API +X509_policy_node_get0_parent 3366 EXIST::FUNCTION: +EC_GROUP_check_discriminant 3367 EXIST::FUNCTION:EC +i2o_ECPublicKey 3368 EXIST::FUNCTION:EC +EC_KEY_precompute_mult 3369 EXIST::FUNCTION:EC +a2i_IPADDRESS 3370 EXIST::FUNCTION: +STORE_method_set_initialise_function 3371 EXIST:!VMS:FUNCTION: +STORE_meth_set_initialise_fn 3371 EXIST:VMS:FUNCTION: +X509_STORE_CTX_set_depth 3372 EXIST::FUNCTION: +X509_VERIFY_PARAM_inherit 3373 EXIST::FUNCTION: +EC_POINT_point2bn 3374 EXIST::FUNCTION:EC +STORE_ATTR_INFO_set_dn 3375 EXIST::FUNCTION: +X509_policy_tree_get0_policies 3376 EXIST::FUNCTION: +EC_GROUP_new_curve_GF2m 3377 EXIST::FUNCTION:EC +STORE_destroy_method 3378 EXIST::FUNCTION: +ENGINE_unregister_STORE 3379 EXIST::FUNCTION:ENGINE +EVP_PKEY_get1_EC_KEY 3380 EXIST::FUNCTION:EC +STORE_ATTR_INFO_get0_number 3381 EXIST::FUNCTION: +ENGINE_get_default_ECDH 3382 EXIST::FUNCTION:ENGINE +EC_KEY_get_conv_form 3383 EXIST::FUNCTION:EC +ASN1_OCTET_STRING_NDEF_it 3384 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_OCTET_STRING_NDEF_it 3384 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +STORE_delete_public_key 3385 EXIST::FUNCTION: +STORE_get_public_key 3386 EXIST::FUNCTION: +STORE_modify_arbitrary 3387 EXIST::FUNCTION: +ENGINE_get_static_state 3388 EXIST::FUNCTION:ENGINE +pqueue_iterator 3389 EXIST::FUNCTION: +ECDSA_SIG_new 3390 EXIST::FUNCTION:ECDSA +OPENSSL_DIR_end 3391 EXIST::FUNCTION: +BN_GF2m_mod_sqr 3392 EXIST::FUNCTION: +EC_POINT_bn2point 3393 EXIST::FUNCTION:EC +X509_VERIFY_PARAM_set_depth 3394 EXIST::FUNCTION: +EC_KEY_set_asn1_flag 3395 EXIST::FUNCTION:EC +STORE_get_method 3396 EXIST::FUNCTION: +EC_KEY_get_key_method_data 3397 EXIST::FUNCTION:EC +ECDSA_sign_ex 3398 EXIST::FUNCTION:ECDSA +STORE_parse_attrs_end 3399 EXIST::FUNCTION: +EC_GROUP_get_point_conversion_form 3400 EXIST:!VMS:FUNCTION:EC +EC_GROUP_get_point_conv_form 3400 EXIST:VMS:FUNCTION:EC +STORE_method_set_store_function 3401 EXIST::FUNCTION: +STORE_ATTR_INFO_in 3402 EXIST::FUNCTION: +PEM_read_bio_ECPKParameters 3403 EXIST::FUNCTION:EC +EC_GROUP_get_pentanomial_basis 3404 EXIST::FUNCTION:EC +EVP_PKEY_add1_attr_by_txt 3405 EXIST::FUNCTION: +BN_BLINDING_set_flags 3406 EXIST::FUNCTION: +X509_VERIFY_PARAM_set1_policies 3407 EXIST::FUNCTION: +X509_VERIFY_PARAM_set1_name 3408 EXIST::FUNCTION: +X509_VERIFY_PARAM_set_purpose 3409 EXIST::FUNCTION: +STORE_get_number 3410 EXIST::FUNCTION: +ECDSA_sign_setup 3411 EXIST::FUNCTION:ECDSA +BN_GF2m_mod_solve_quad_arr 3412 EXIST::FUNCTION: +EC_KEY_up_ref 3413 EXIST::FUNCTION:EC +POLICY_MAPPING_free 3414 EXIST::FUNCTION: +BN_GF2m_mod_div 3415 EXIST::FUNCTION: +X509_VERIFY_PARAM_set_flags 3416 EXIST::FUNCTION: +EC_KEY_free 3417 EXIST::FUNCTION:EC +STORE_method_set_list_next_function 3418 EXIST:!VMS:FUNCTION: +STORE_meth_set_list_next_fn 3418 EXIST:VMS:FUNCTION: +PEM_write_bio_ECPrivateKey 3419 EXIST::FUNCTION:EC +d2i_EC_PUBKEY 3420 EXIST::FUNCTION:EC +STORE_method_get_generate_function 3421 EXIST:!VMS:FUNCTION: +STORE_meth_get_generate_fn 3421 EXIST:VMS:FUNCTION: +STORE_method_set_list_end_function 3422 EXIST:!VMS:FUNCTION: +STORE_meth_set_list_end_fn 3422 EXIST:VMS:FUNCTION: +pqueue_print 3423 EXIST::FUNCTION: +EC_GROUP_have_precompute_mult 3424 EXIST::FUNCTION:EC +EC_KEY_print_fp 3425 EXIST::FUNCTION:EC,FP_API +BN_GF2m_mod_arr 3426 EXIST::FUNCTION: +PEM_write_bio_X509_CERT_PAIR 3427 EXIST::FUNCTION: +EVP_PKEY_cmp 3428 EXIST::FUNCTION: +X509_policy_level_node_count 3429 EXIST::FUNCTION: +STORE_new_engine 3430 EXIST::FUNCTION: +STORE_list_public_key_start 3431 EXIST::FUNCTION: +X509_VERIFY_PARAM_new 3432 EXIST::FUNCTION: +ECDH_get_ex_data 3433 EXIST::FUNCTION:ECDH EVP_PKEY_get_attr 3434 EXIST::FUNCTION: -X509_VERIFY_PARAM_lookup 3435 EXIST::FUNCTION: -ECDSA_get_ex_data 3436 EXIST::FUNCTION:ECDSA -STORE_get_certificate 3437 EXIST::FUNCTION: -BN_GF2m_mod 3438 EXIST::FUNCTION: -ENGINE_set_ECDH 3439 EXIST::FUNCTION:ENGINE -NAME_CONSTRAINTS_free 3440 EXIST::FUNCTION: -X509_policy_node_get0_parent 3441 EXIST::FUNCTION: -BN_GF2m_mod_exp_arr 3442 EXIST::FUNCTION: -ENGINE_unregister_ECDH 3443 EXIST::FUNCTION:ENGINE -BIO_new_dgram 3444 EXIST::FUNCTION: -EVP_PKEY_add1_attr_by_NID 3445 EXIST::FUNCTION: -EC_KEY_get_conv_form 3446 EXIST::FUNCTION:EC -v2i_GENERAL_NAME_ex 3447 EXIST::FUNCTION: -STORE_store_private_key 3448 EXIST::FUNCTION: -STORE_method_set_revoke_function 3449 EXIST:!VMS:FUNCTION: -STORE_meth_set_revoke_fn 3449 EXIST:VMS:FUNCTION: -EC_GROUP_get_seed_len 3450 EXIST::FUNCTION:EC -POLICY_MAPPINGS_it 3451 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -POLICY_MAPPINGS_it 3451 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -EC_KEY_check_key 3452 EXIST::FUNCTION:EC -X509_STORE_CTX_get_explicit_policy 3453 EXIST:!VMS:FUNCTION: -X509_STORE_CTX_get_expl_policy 3453 EXIST:VMS:FUNCTION: -STORE_ATTR_INFO_modify_number 3454 EXIST::FUNCTION: -STORE_modify_number 3455 EXIST::FUNCTION: -OPENSSL_DIR_read 3456 EXIST::FUNCTION: -STORE_new_engine 3457 EXIST::FUNCTION: -ASN1_const_check_infinite_end 3458 EXIST::FUNCTION: -STORE_ATTR_INFO_set_sha1str 3459 EXIST::FUNCTION: -i2d_PKCS7_NDEF 3460 EXIST::FUNCTION: -SHA512_Update 3461 EXIST::FUNCTION:SHA,SHA512 -PKCS12_add_safes 3462 EXIST::FUNCTION: -BN_get0_nist_prime_384 3463 EXIST::FUNCTION: -BN_is_prime_ex 3464 EXIST::FUNCTION: -BN_GENCB_call 3465 EXIST::FUNCTION: -EC_KEY_get0_public_key 3466 EXIST::FUNCTION:EC -ERR_pop_to_mark 3467 EXIST::FUNCTION: -EC_KEY_get_key_method_data 3468 EXIST::FUNCTION:EC -STORE_parse_attrs_next 3469 EXIST::FUNCTION: -v2i_ASN1_BIT_STRING 3470 EXIST::FUNCTION: -STORE_create_method 3471 EXIST::FUNCTION: -PKCS12_add_key 3472 EXIST::FUNCTION: -X509_VERIFY_PARAM_add0_policy 3473 EXIST::FUNCTION: -STORE_set_method 3474 EXIST::FUNCTION: -X509_VERIFY_PARAM_get_depth 3475 EXIST::FUNCTION: -STORE_list_public_key_start 3476 EXIST::FUNCTION: -BN_GF2m_mod_mul_arr 3477 EXIST::FUNCTION: -d2i_X509_CERT_PAIR 3478 EXIST::FUNCTION: -BN_nist_mod_192 3479 EXIST::FUNCTION: -i2d_ECPrivateKey_fp 3480 EXIST::FUNCTION:EC,FP_API -EC_GROUP_check_discriminant 3481 EXIST::FUNCTION:EC -ECPKParameters_print_fp 3482 EXIST::FUNCTION:EC,FP_API -POLICY_CONSTRAINTS_it 3483 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -POLICY_CONSTRAINTS_it 3483 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -o2i_ECPublicKey 3484 EXIST::FUNCTION:EC -STORE_method_set_get_function 3485 EXIST::FUNCTION: -X509_policy_node_get0_policy 3486 EXIST::FUNCTION: -ENGINE_set_default_ECDSA 3487 EXIST::FUNCTION:ENGINE -STORE_get_public_key 3488 EXIST::FUNCTION: -d2i_ECDSA_SIG 3489 EXIST::FUNCTION:ECDSA -SHA256_Init 3490 EXIST::FUNCTION:SHA,SHA256 -EC_GROUP_have_precompute_mult 3491 EXIST::FUNCTION:EC -EVP_PKEY_add1_attr 3492 EXIST::FUNCTION: -d2i_EC_PUBKEY_fp 3493 EXIST::FUNCTION:EC,FP_API -PEM_read_ECPrivateKey 3494 EXIST:!WIN16:FUNCTION:EC -BN_GF2m_mod_inv_arr 3495 EXIST::FUNCTION: -STORE_method_set_unlock_store_function 3496 EXIST:!VMS:FUNCTION: -STORE_meth_set_unlock_store_fn 3496 EXIST:VMS:FUNCTION: -STORE_list_crl_next 3497 EXIST::FUNCTION: -EC_POINT_dup 3498 EXIST::FUNCTION:EC -ENGINE_set_STORE 3499 EXIST::FUNCTION:ENGINE -STORE_method_get_list_next_function 3500 EXIST:!VMS:FUNCTION: -STORE_meth_get_list_next_fn 3500 EXIST:VMS:FUNCTION: -PKCS7_set0_type_other 3501 EXIST::FUNCTION: -STORE_ATTR_INFO_set_number 3502 EXIST::FUNCTION: -STORE_get_private_key 3503 EXIST::FUNCTION: -SHA384_Init 3504 EXIST::FUNCTION:SHA,SHA512 -SHA384_Update 3505 EXIST::FUNCTION:SHA,SHA512 -EC_GROUP_get_pentanomial_basis 3506 EXIST::FUNCTION:EC -EC_KEY_free 3507 EXIST::FUNCTION:EC -BN_GF2m_mod_mul 3508 EXIST::FUNCTION: -X509_CERT_PAIR_new 3509 EXIST::FUNCTION: -X509_policy_check 3510 EXIST::FUNCTION: -EC_KEY_insert_key_method_data 3511 EXIST::FUNCTION:EC -ENGINE_register_all_ECDSA 3512 EXIST::FUNCTION:ENGINE -ECDSA_set_ex_data 3513 EXIST::FUNCTION:ECDSA -SHA384 3514 EXIST::FUNCTION:SHA,SHA512 -BN_GF2m_mod_inv 3515 EXIST::FUNCTION: -PEM_write_bio_ECPKParameters 3516 EXIST::FUNCTION:EC -STORE_delete_public_key 3517 EXIST::FUNCTION: -X509_VERIFY_PARAM_set_flags 3518 EXIST::FUNCTION: -i2d_ECParameters 3519 EXIST::FUNCTION:EC -BN_GF2m_arr2poly 3520 EXIST::FUNCTION: -STORE_method_set_delete_function 3521 EXIST:!VMS:FUNCTION: -STORE_meth_set_delete_fn 3521 EXIST:VMS:FUNCTION: -EC_GROUP_new_by_curve_name 3522 EXIST::FUNCTION:EC -X509_policy_level_get0_node 3523 EXIST::FUNCTION: -d2i_ECPrivateKey 3524 EXIST::FUNCTION:EC -STORE_method_set_update_store_function 3525 EXIST:!VMS:FUNCTION: -STORE_meth_set_update_store_fn 3525 EXIST:VMS:FUNCTION: -ERR_load_ECDH_strings 3526 EXIST::FUNCTION:ECDH -STORE_ATTR_INFO_modify_dn 3527 EXIST::FUNCTION: -EC_GROUP_set_curve_GF2m 3528 EXIST::FUNCTION:EC -X509_STORE_CTX_get0_param 3529 EXIST::FUNCTION: -SHA224_Update 3530 EXIST::FUNCTION:SHA,SHA256 -SHA256_Update 3531 EXIST::FUNCTION:SHA,SHA256 -EC_KEY_set_group 3532 EXIST::FUNCTION:EC -PEM_write_bio_EC_PUBKEY 3533 EXIST::FUNCTION:EC -pqueue_free 3534 EXIST::FUNCTION: -POLICY_MAPPING_new 3535 EXIST::FUNCTION: -EC_KEY_new 3536 EXIST::FUNCTION:EC -STORE_list_public_key_next 3537 EXIST::FUNCTION: -X509_CERT_PAIR_free 3538 EXIST::FUNCTION: -BN_set_negative 3539 EXIST::FUNCTION: -BN_nist_mod_256 3540 EXIST::FUNCTION: -BN_get0_nist_prime_256 3541 EXIST::FUNCTION: -RSA_generate_key_ex 3542 EXIST::FUNCTION:RSA +ECDSA_do_sign 3435 EXIST::FUNCTION:ECDSA +ENGINE_unregister_ECDH 3436 EXIST::FUNCTION:ENGINE +ECDH_OpenSSL 3437 EXIST::FUNCTION:ECDH +EC_KEY_set_conv_form 3438 EXIST::FUNCTION:EC +EC_POINT_dup 3439 EXIST::FUNCTION:EC +GENERAL_SUBTREE_new 3440 EXIST::FUNCTION: +STORE_list_crl_endp 3441 EXIST::FUNCTION: +EC_get_builtin_curves 3442 EXIST::FUNCTION:EC +X509_policy_node_get0_qualifiers 3443 EXIST:!VMS:FUNCTION: +X509_pcy_node_get0_qualifiers 3443 EXIST:VMS:FUNCTION: +STORE_list_crl_end 3444 EXIST::FUNCTION: +EVP_PKEY_set1_EC_KEY 3445 EXIST::FUNCTION:EC +BN_GF2m_mod_sqrt_arr 3446 EXIST::FUNCTION: +i2d_ECPrivateKey_bio 3447 EXIST::FUNCTION:BIO,EC +ECPKParameters_print_fp 3448 EXIST::FUNCTION:EC,FP_API +pqueue_find 3449 EXIST::FUNCTION: +ECDSA_SIG_free 3450 EXIST::FUNCTION:ECDSA +PEM_write_bio_ECPKParameters 3451 EXIST::FUNCTION:EC +STORE_method_set_ctrl_function 3452 EXIST::FUNCTION: +STORE_list_public_key_end 3453 EXIST::FUNCTION: +EC_KEY_set_private_key 3454 EXIST::FUNCTION:EC +pqueue_peek 3455 EXIST::FUNCTION: +STORE_get_arbitrary 3456 EXIST::FUNCTION: +STORE_store_crl 3457 EXIST::FUNCTION: +X509_policy_node_get0_policy 3458 EXIST::FUNCTION: +PKCS12_add_safes 3459 EXIST::FUNCTION: +BN_BLINDING_convert_ex 3460 EXIST::FUNCTION: +X509_policy_tree_free 3461 EXIST::FUNCTION: +OPENSSL_ia32cap_loc 3462 EXIST::FUNCTION: +BN_GF2m_poly2arr 3463 EXIST::FUNCTION: +STORE_ctrl 3464 EXIST::FUNCTION: +STORE_ATTR_INFO_compare 3465 EXIST::FUNCTION: +BN_get0_nist_prime_224 3466 EXIST::FUNCTION: +i2d_ECParameters 3467 EXIST::FUNCTION:EC +i2d_ECPKParameters 3468 EXIST::FUNCTION:EC +BN_GENCB_call 3469 EXIST::FUNCTION: +d2i_ECPKParameters 3470 EXIST::FUNCTION:EC +STORE_method_set_generate_function 3471 EXIST:!VMS:FUNCTION: +STORE_meth_set_generate_fn 3471 EXIST:VMS:FUNCTION: +ENGINE_set_ECDH 3472 EXIST::FUNCTION:ENGINE +NAME_CONSTRAINTS_new 3473 EXIST::FUNCTION: +SHA256_Init 3474 EXIST::FUNCTION:SHA,SHA256 +EC_KEY_get0_public_key 3475 EXIST::FUNCTION:EC +PEM_write_bio_EC_PUBKEY 3476 EXIST::FUNCTION:EC +STORE_ATTR_INFO_set_cstr 3477 EXIST::FUNCTION: +STORE_list_crl_next 3478 EXIST::FUNCTION: +STORE_ATTR_INFO_in_range 3479 EXIST::FUNCTION: +ECParameters_print 3480 EXIST::FUNCTION:BIO,EC +STORE_method_set_delete_function 3481 EXIST:!VMS:FUNCTION: +STORE_meth_set_delete_fn 3481 EXIST:VMS:FUNCTION: +STORE_list_certificate_next 3482 EXIST::FUNCTION: +ASN1_generate_nconf 3483 EXIST::FUNCTION: +BUF_memdup 3484 EXIST::FUNCTION: +BN_GF2m_mod_mul 3485 EXIST::FUNCTION: +STORE_method_get_list_next_function 3486 EXIST:!VMS:FUNCTION: +STORE_meth_get_list_next_fn 3486 EXIST:VMS:FUNCTION: +STORE_ATTR_INFO_get0_dn 3487 EXIST::FUNCTION: +STORE_list_private_key_next 3488 EXIST::FUNCTION: +EC_GROUP_set_seed 3489 EXIST::FUNCTION:EC +X509_VERIFY_PARAM_set_trust 3490 EXIST::FUNCTION: +STORE_ATTR_INFO_free 3491 EXIST::FUNCTION: +STORE_get_private_key 3492 EXIST::FUNCTION: +EVP_PKEY_get_attr_count 3493 EXIST::FUNCTION: +STORE_ATTR_INFO_new 3494 EXIST::FUNCTION: +EC_GROUP_get_curve_GF2m 3495 EXIST::FUNCTION:EC +STORE_method_set_revoke_function 3496 EXIST:!VMS:FUNCTION: +STORE_meth_set_revoke_fn 3496 EXIST:VMS:FUNCTION: +STORE_store_number 3497 EXIST::FUNCTION: +BN_is_prime_ex 3498 EXIST::FUNCTION: +STORE_revoke_public_key 3499 EXIST::FUNCTION: +X509_STORE_CTX_get0_param 3500 EXIST::FUNCTION: +STORE_delete_arbitrary 3501 EXIST::FUNCTION: +PEM_read_X509_CERT_PAIR 3502 EXIST:!WIN16:FUNCTION: +X509_STORE_set_depth 3503 EXIST::FUNCTION: +ECDSA_get_ex_data 3504 EXIST::FUNCTION:ECDSA +SHA224 3505 EXIST::FUNCTION:SHA,SHA256 +BIO_dump_indent_fp 3506 EXIST::FUNCTION:FP_API +EC_KEY_set_group 3507 EXIST::FUNCTION:EC +BUF_strndup 3508 EXIST::FUNCTION: +STORE_list_certificate_start 3509 EXIST::FUNCTION: +BN_GF2m_mod 3510 EXIST::FUNCTION: +X509_REQ_check_private_key 3511 EXIST::FUNCTION: +EC_GROUP_get_seed_len 3512 EXIST::FUNCTION:EC +ERR_load_STORE_strings 3513 EXIST::FUNCTION: +PEM_read_bio_EC_PUBKEY 3514 EXIST::FUNCTION:EC +STORE_list_private_key_end 3515 EXIST::FUNCTION: +i2d_EC_PUBKEY 3516 EXIST::FUNCTION:EC +ECDSA_get_default_method 3517 EXIST::FUNCTION:ECDSA +ASN1_put_eoc 3518 EXIST::FUNCTION: +X509_STORE_CTX_get_explicit_policy 3519 EXIST:!VMS:FUNCTION: +X509_STORE_CTX_get_expl_policy 3519 EXIST:VMS:FUNCTION: +X509_VERIFY_PARAM_table_cleanup 3520 EXIST::FUNCTION: +STORE_modify_private_key 3521 EXIST::FUNCTION: +X509_VERIFY_PARAM_free 3522 EXIST::FUNCTION: +EC_METHOD_get_field_type 3523 EXIST::FUNCTION:EC +EC_GFp_nist_method 3524 EXIST::FUNCTION:EC +STORE_method_set_modify_function 3525 EXIST:!VMS:FUNCTION: +STORE_meth_set_modify_fn 3525 EXIST:VMS:FUNCTION: +STORE_parse_attrs_next 3526 EXIST::FUNCTION: +ENGINE_load_padlock 3527 EXIST::FUNCTION:ENGINE +EC_GROUP_set_curve_name 3528 EXIST::FUNCTION:EC +X509_CERT_PAIR_it 3529 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_CERT_PAIR_it 3529 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +STORE_method_get_revoke_function 3530 EXIST:!VMS:FUNCTION: +STORE_meth_get_revoke_fn 3530 EXIST:VMS:FUNCTION: +STORE_method_set_get_function 3531 EXIST::FUNCTION: +STORE_modify_number 3532 EXIST::FUNCTION: +STORE_method_get_store_function 3533 EXIST::FUNCTION: +STORE_store_private_key 3534 EXIST::FUNCTION: +BN_GF2m_mod_sqr_arr 3535 EXIST::FUNCTION: +RSA_setup_blinding 3536 EXIST::FUNCTION:RSA +BIO_s_datagram 3537 EXIST::FUNCTION:DGRAM +STORE_Memory 3538 EXIST::FUNCTION: +sk_find_ex 3539 EXIST::FUNCTION: +EC_GROUP_set_curve_GF2m 3540 EXIST::FUNCTION:EC +ENGINE_set_default_ECDSA 3541 EXIST::FUNCTION:ENGINE +POLICY_CONSTRAINTS_new 3542 EXIST::FUNCTION: BN_GF2m_mod_sqrt 3543 EXIST::FUNCTION: -ASN1_put_eoc 3544 EXIST::FUNCTION: -X509_policy_tree_get0_policies 3545 EXIST::FUNCTION: -X509_VERIFY_PARAM_set_trust 3546 EXIST::FUNCTION: -EC_GROUP_get_trinomial_basis 3547 EXIST::FUNCTION:EC -ECDSA_sign_setup 3548 EXIST::FUNCTION:ECDSA -X509_VERIFY_PARAM_table_cleanup 3549 EXIST::FUNCTION: -ENGINE_unregister_ECDSA 3550 EXIST::FUNCTION:ENGINE -STORE_generate_key 3551 EXIST::FUNCTION: -ENGINE_register_ECDH 3552 EXIST::FUNCTION:ENGINE -SHA512_Transform 3553 EXIST::FUNCTION:SHA,SHA512 -X509_STORE_CTX_set_depth 3554 EXIST::FUNCTION: -STORE_list_crl_endp 3555 EXIST::FUNCTION: -EVP_PKEY_get1_EC_KEY 3556 EXIST::FUNCTION:EC -STORE_get_ex_data 3557 EXIST::FUNCTION: -X509_VERIFY_PARAM_add0_table 3558 EXIST::FUNCTION: -BN_GF2m_mod_sqrt_arr 3559 EXIST::FUNCTION: -EVP_PKEY_add1_attr_by_txt 3560 EXIST::FUNCTION: -X509_STORE_CTX_set_default 3561 EXIST::FUNCTION: -i2d_EC_PUBKEY_fp 3562 EXIST::FUNCTION:EC,FP_API -BN_BLINDING_invert_ex 3563 EXIST::FUNCTION: -EC_POINT_hex2point 3564 EXIST::FUNCTION:EC -PEM_read_bio_ECPKParameters 3565 EXIST::FUNCTION:EC -PEM_write_bio_X509_CERT_PAIR 3566 EXIST::FUNCTION: -EC_KEY_new_by_curve_name 3567 EXIST::FUNCTION:EC -STORE_ATTR_INFO_in_range 3568 EXIST::FUNCTION: -STORE_method_get_initialise_function 3569 EXIST:!VMS:FUNCTION: -STORE_meth_get_initialise_fn 3569 EXIST:VMS:FUNCTION: -STORE_ATTR_INFO_get0_dn 3570 EXIST::FUNCTION: -STORE_set_ex_data 3571 EXIST::FUNCTION: -X509_REQ_check_private_key 3572 EXIST::FUNCTION: -STORE_ATTR_INFO_get0_sha1str 3573 EXIST::FUNCTION: -EC_GROUP_set_asn1_flag 3574 EXIST::FUNCTION:EC -ECDH_set_method 3575 EXIST::FUNCTION:ECDH -ECDSA_do_sign 3576 EXIST::FUNCTION:ECDSA -STORE_ATTR_INFO_new 3577 EXIST::FUNCTION: -STORE_method_get_lock_store_function 3578 EXIST:!VMS:FUNCTION: -STORE_meth_get_lock_store_fn 3578 EXIST:VMS:FUNCTION: -EC_KEY_set_public_key 3579 EXIST::FUNCTION:EC -BUF_strndup 3580 EXIST::FUNCTION: -STORE_ATTR_INFO_modify_cstr 3581 EXIST::FUNCTION: -POLICY_MAPPING_free 3582 EXIST::FUNCTION: -BN_get0_nist_prime_192 3583 EXIST::FUNCTION: -i2d_EC_PUBKEY 3584 EXIST::FUNCTION:EC -STORE_method_set_lock_store_function 3585 EXIST:!VMS:FUNCTION: -STORE_meth_set_lock_store_fn 3585 EXIST:VMS:FUNCTION: -PKCS12_add_safe 3586 EXIST::FUNCTION: -STORE_free 3587 EXIST::FUNCTION: -GENERAL_SUBTREE_it 3588 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -GENERAL_SUBTREE_it 3588 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -ECDSA_do_verify 3589 EXIST::FUNCTION:ECDSA -GENERAL_SUBTREE_free 3590 EXIST::FUNCTION: -EC_KEY_get0_private_key 3591 EXIST::FUNCTION:EC -ECDSA_get_ex_new_index 3592 EXIST::FUNCTION:ECDSA -SHA224 3593 EXIST::FUNCTION:SHA,SHA256 -STORE_delete_certificate 3594 EXIST::FUNCTION: -ECDSA_sign_ex 3595 EXIST::FUNCTION:ECDSA -BN_is_prime_fasttest_ex 3596 EXIST::FUNCTION: -EC_GROUP_set_curve_name 3597 EXIST::FUNCTION:EC -EVP_PKEY_set1_EC_KEY 3598 EXIST::FUNCTION:EC -STORE_store_arbitrary 3599 EXIST::FUNCTION: -EC_KEY_print_fp 3600 EXIST::FUNCTION:EC,FP_API -STORE_list_public_key_end 3601 EXIST::FUNCTION: -SHA256_Transform 3602 EXIST::FUNCTION:SHA,SHA256 -X509_policy_tree_level_count 3603 EXIST::FUNCTION: -SHA512_Init 3604 EXIST::FUNCTION:SHA,SHA512 -STORE_ATTR_INFO_in 3605 EXIST::FUNCTION: -ENGINE_get_default_ECDSA 3606 EXIST::FUNCTION:ENGINE -ENGINE_get_static_state 3607 EXIST::FUNCTION:ENGINE -ECParameters_print 3608 EXIST::FUNCTION:BIO,EC -STORE_get_arbitrary 3609 EXIST::FUNCTION: -BN_BLINDING_set_flags 3610 EXIST::FUNCTION: -BN_GF2m_mod_solve_quad 3611 EXIST::FUNCTION: -STORE_delete_number 3612 EXIST::FUNCTION: -STORE_method_get_revoke_function 3613 EXIST:!VMS:FUNCTION: -STORE_meth_get_revoke_fn 3613 EXIST:VMS:FUNCTION: -STORE_ATTR_INFO_set_cstr 3614 EXIST::FUNCTION: -BIO_dump_indent_cb 3615 EXIST::FUNCTION: -EC_KEY_dup 3616 EXIST::FUNCTION:EC -X509_keyid_get0 3617 EXIST::FUNCTION: -STORE_get_method 3618 EXIST::FUNCTION: -PKCS12_add_cert 3619 EXIST::FUNCTION: -X509_STORE_set1_param 3620 EXIST::FUNCTION: -BN_BLINDING_create_param 3621 EXIST::FUNCTION: -BN_BLINDING_get_flags 3622 EXIST::FUNCTION: -EVP_PKEY_get_attr_count 3623 EXIST::FUNCTION: -STORE_parse_attrs_start 3624 EXIST::FUNCTION: -STORE_method_set_list_next_function 3625 EXIST:!VMS:FUNCTION: -STORE_meth_set_list_next_fn 3625 EXIST:VMS:FUNCTION: -STORE_parse_attrs_end 3626 EXIST::FUNCTION: -EC_GROUP_get_point_conversion_form 3627 EXIST:!VMS:FUNCTION:EC -EC_GROUP_get_point_conv_form 3627 EXIST:VMS:FUNCTION:EC -EC_KEY_get0_group 3628 EXIST::FUNCTION:EC -SHA256 3629 EXIST::FUNCTION:SHA,SHA256 -EC_GROUP_set_seed 3630 EXIST::FUNCTION:EC -pqueue_pop 3631 EXIST::FUNCTION: -i2d_ECPKParameters 3632 EXIST::FUNCTION:EC -pitem_new 3633 EXIST::FUNCTION: -ENGINE_set_ECDSA 3634 EXIST::FUNCTION:ENGINE -X509_STORE_CTX_set0_param 3635 EXIST::FUNCTION: -X509_policy_tree_get0_user_policies 3636 EXIST:!VMS:FUNCTION: -X509_pcy_tree_get0_usr_policies 3636 EXIST:VMS:FUNCTION: -X509V3_NAME_from_section 3637 EXIST::FUNCTION: -pqueue_peek 3638 EXIST::FUNCTION: -STORE_method_set_initialise_function 3639 EXIST:!VMS:FUNCTION: -STORE_meth_set_initialise_fn 3639 EXIST:VMS:FUNCTION: -EC_POINT_bn2point 3640 EXIST::FUNCTION:EC -ENGINE_load_gmp 3641 EXIST::FUNCTION:ENGINE,GMP,STATIC_ENGINE -pitem_free 3642 EXIST::FUNCTION: -ASN1_OCTET_STRING_NDEF_it 3643 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASN1_OCTET_STRING_NDEF_it 3643 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -STORE_ctrl 3644 EXIST::FUNCTION: -STORE_method_get_list_start_function 3645 EXIST:!VMS:FUNCTION: -STORE_meth_get_list_start_fn 3645 EXIST:VMS:FUNCTION: -pqueue_iterator 3646 EXIST::FUNCTION: -STORE_list_private_key_start 3647 EXIST::FUNCTION: -BIO_dgram_non_fatal_error 3648 EXIST::FUNCTION: -pqueue_next 3649 EXIST::FUNCTION: -BN_get0_nist_prime_521 3650 EXIST::FUNCTION: -PEM_read_EC_PUBKEY 3651 EXIST:!WIN16:FUNCTION:EC -EC_POINT_get_affine_coordinates_GF2m 3652 EXIST:!VMS:FUNCTION:EC -EC_POINT_get_affine_coords_GF2m 3652 EXIST:VMS:FUNCTION:EC -X509_policy_level_node_count 3653 EXIST::FUNCTION: -SHA512 3654 EXIST::FUNCTION:SHA,SHA512 -STORE_ATTR_INFO_set_dn 3655 EXIST::FUNCTION: -ECDSA_set_default_method 3656 EXIST::FUNCTION:ECDSA -STORE_ATTR_INFO_in_ex 3657 EXIST::FUNCTION: -d2i_ECParameters 3658 EXIST::FUNCTION:EC -EC_GROUP_dup 3659 EXIST::FUNCTION:EC -STORE_generate_crl 3660 EXIST::FUNCTION: -STORE_OBJECT_new 3661 EXIST::FUNCTION: -POLICY_CONSTRAINTS_free 3662 EXIST::FUNCTION: -a2i_IPADDRESS_NC 3663 EXIST::FUNCTION: -STORE_delete_arbitrary 3664 EXIST::FUNCTION: -STORE_method_set_generate_function 3665 EXIST:!VMS:FUNCTION: -STORE_meth_set_generate_fn 3665 EXIST:VMS:FUNCTION: -EC_GROUP_check 3666 EXIST::FUNCTION:EC -ECDSA_get_default_method 3667 EXIST::FUNCTION:ECDSA -ECDSA_sign 3668 EXIST::FUNCTION:ECDSA -i2v_ASN1_BIT_STRING 3669 EXIST::FUNCTION: -STORE_modify_arbitrary 3670 EXIST::FUNCTION: -EVP_CIPHER_CTX_rand_key 3671 EXIST::FUNCTION: -BN_nist_mod_224 3672 EXIST::FUNCTION: -STORE_revoke_public_key 3673 EXIST::FUNCTION: -STORE_method_get_unlock_store_function 3674 EXIST:!VMS:FUNCTION: -STORE_meth_get_unlock_store_fn 3674 EXIST:VMS:FUNCTION: -d2i_EC_PUBKEY_bio 3675 EXIST::FUNCTION:BIO,EC -EC_GFp_nist_method 3676 EXIST::FUNCTION:EC -EC_GROUP_get_degree 3677 EXIST::FUNCTION:EC -pqueue_new 3678 EXIST::FUNCTION: -EC_GROUP_new_curve_GF2m 3679 EXIST::FUNCTION:EC -ENGINE_register_ECDSA 3680 EXIST::FUNCTION:ENGINE -STORE_list_certificate_endp 3681 EXIST::FUNCTION: -PEM_read_bio_EC_PUBKEY 3682 EXIST::FUNCTION:EC -ENGINE_unregister_STORE 3683 EXIST::FUNCTION:ENGINE -d2i_ECPKParameters 3684 EXIST::FUNCTION:EC -BN_GF2m_poly2arr 3685 EXIST::FUNCTION: -SHA512_Final 3686 EXIST::FUNCTION:SHA,SHA512 -EC_KEY_set_conv_form 3687 EXIST::FUNCTION:EC -BN_GF2m_mod_solve_quad_arr 3688 EXIST::FUNCTION: -PEM_write_bio_ECPrivateKey 3689 EXIST::FUNCTION:EC -X509_policy_tree_free 3690 EXIST::FUNCTION: -STORE_list_certificate_end 3691 EXIST::FUNCTION: -BIO_dump_cb 3692 EXIST::FUNCTION: -EVP_PKEY_get_attr_by_OBJ 3693 EXIST::FUNCTION: -STORE_method_set_ctrl_function 3694 EXIST::FUNCTION: -EC_GROUP_set_point_conversion_form 3695 EXIST:!VMS:FUNCTION:EC -EC_GROUP_set_point_conv_form 3695 EXIST:VMS:FUNCTION:EC -STORE_modify_certificate 3696 EXIST::FUNCTION: -STORE_ATTR_INFO_compare 3697 EXIST::FUNCTION: -STORE_store_public_key 3698 EXIST::FUNCTION: -ECDH_OpenSSL 3699 EXIST::FUNCTION:ECDH -STORE_modify_public_key 3700 EXIST::FUNCTION: +ECDH_set_default_method 3544 EXIST::FUNCTION:ECDH +EC_KEY_generate_key 3545 EXIST::FUNCTION:EC +SHA384_Update 3546 EXIST::FUNCTION:SHA,SHA512 +BN_GF2m_arr2poly 3547 EXIST::FUNCTION: +STORE_method_get_get_function 3548 EXIST::FUNCTION: +STORE_method_set_cleanup_function 3549 EXIST:!VMS:FUNCTION: +STORE_meth_set_cleanup_fn 3549 EXIST:VMS:FUNCTION: +EC_GROUP_check 3550 EXIST::FUNCTION:EC +d2i_ECPrivateKey_bio 3551 EXIST::FUNCTION:BIO,EC +EC_KEY_insert_key_method_data 3552 EXIST::FUNCTION:EC +STORE_method_get_lock_store_function 3553 EXIST:!VMS:FUNCTION: +STORE_meth_get_lock_store_fn 3553 EXIST:VMS:FUNCTION: +X509_VERIFY_PARAM_get_depth 3554 EXIST::FUNCTION: +SHA224_Final 3555 EXIST::FUNCTION:SHA,SHA256 +STORE_method_set_update_store_function 3556 EXIST:!VMS:FUNCTION: +STORE_meth_set_update_store_fn 3556 EXIST:VMS:FUNCTION: +SHA224_Update 3557 EXIST::FUNCTION:SHA,SHA256 +d2i_ECPrivateKey 3558 EXIST::FUNCTION:EC +ASN1_item_ndef_i2d 3559 EXIST::FUNCTION: +STORE_delete_private_key 3560 EXIST::FUNCTION: +ERR_pop_to_mark 3561 EXIST::FUNCTION: +ENGINE_register_all_STORE 3562 EXIST::FUNCTION:ENGINE +X509_policy_level_get0_node 3563 EXIST::FUNCTION: +i2d_PKCS7_NDEF 3564 EXIST::FUNCTION: +EC_GROUP_get_degree 3565 EXIST::FUNCTION:EC +ASN1_generate_v3 3566 EXIST::FUNCTION: +STORE_ATTR_INFO_modify_cstr 3567 EXIST::FUNCTION: +X509_policy_tree_level_count 3568 EXIST::FUNCTION: +BN_GF2m_add 3569 EXIST::FUNCTION: +EC_KEY_get0_group 3570 EXIST::FUNCTION:EC +STORE_generate_crl 3571 EXIST::FUNCTION: +STORE_store_public_key 3572 EXIST::FUNCTION: +X509_CERT_PAIR_free 3573 EXIST::FUNCTION: +STORE_revoke_private_key 3574 EXIST::FUNCTION: +BN_nist_mod_224 3575 EXIST::FUNCTION: +SHA512_Final 3576 EXIST::FUNCTION:SHA,SHA512 +STORE_ATTR_INFO_modify_dn 3577 EXIST::FUNCTION: +STORE_method_get_initialise_function 3578 EXIST:!VMS:FUNCTION: +STORE_meth_get_initialise_fn 3578 EXIST:VMS:FUNCTION: +STORE_delete_number 3579 EXIST::FUNCTION: +i2d_EC_PUBKEY_bio 3580 EXIST::FUNCTION:BIO,EC +BIO_dgram_non_fatal_error 3581 EXIST::FUNCTION: +EC_GROUP_get_asn1_flag 3582 EXIST::FUNCTION:EC +STORE_ATTR_INFO_in_ex 3583 EXIST::FUNCTION: +STORE_list_crl_start 3584 EXIST::FUNCTION: +ECDH_get_ex_new_index 3585 EXIST::FUNCTION:ECDH +STORE_method_get_modify_function 3586 EXIST:!VMS:FUNCTION: +STORE_meth_get_modify_fn 3586 EXIST:VMS:FUNCTION: +v2i_ASN1_BIT_STRING 3587 EXIST::FUNCTION: +STORE_store_certificate 3588 EXIST::FUNCTION: +OBJ_bsearch_ex 3589 EXIST::FUNCTION: +X509_STORE_CTX_set_default 3590 EXIST::FUNCTION: +STORE_ATTR_INFO_set_sha1str 3591 EXIST::FUNCTION: +BN_GF2m_mod_inv 3592 EXIST::FUNCTION: +BN_GF2m_mod_exp 3593 EXIST::FUNCTION: +STORE_modify_public_key 3594 EXIST::FUNCTION: +STORE_method_get_list_start_function 3595 EXIST:!VMS:FUNCTION: +STORE_meth_get_list_start_fn 3595 EXIST:VMS:FUNCTION: +EC_GROUP_get0_seed 3596 EXIST::FUNCTION:EC +STORE_store_arbitrary 3597 EXIST::FUNCTION: +STORE_method_set_unlock_store_function 3598 EXIST:!VMS:FUNCTION: +STORE_meth_set_unlock_store_fn 3598 EXIST:VMS:FUNCTION: +BN_GF2m_mod_div_arr 3599 EXIST::FUNCTION: +ENGINE_set_ECDSA 3600 EXIST::FUNCTION:ENGINE +STORE_create_method 3601 EXIST::FUNCTION: +ECPKParameters_print 3602 EXIST::FUNCTION:BIO,EC +EC_KEY_get0_private_key 3603 EXIST::FUNCTION:EC +PEM_write_EC_PUBKEY 3604 EXIST:!WIN16:FUNCTION:EC +X509_VERIFY_PARAM_set1 3605 EXIST::FUNCTION: +ECDH_set_method 3606 EXIST::FUNCTION:ECDH +v2i_GENERAL_NAME_ex 3607 EXIST::FUNCTION: +ECDH_set_ex_data 3608 EXIST::FUNCTION:ECDH +STORE_generate_key 3609 EXIST::FUNCTION: +BN_nist_mod_521 3610 EXIST::FUNCTION: +X509_policy_tree_get0_level 3611 EXIST::FUNCTION: +EC_GROUP_set_point_conversion_form 3612 EXIST:!VMS:FUNCTION:EC +EC_GROUP_set_point_conv_form 3612 EXIST:VMS:FUNCTION:EC +PEM_read_EC_PUBKEY 3613 EXIST:!WIN16:FUNCTION:EC +i2d_ECDSA_SIG 3614 EXIST::FUNCTION:ECDSA +ECDSA_OpenSSL 3615 EXIST::FUNCTION:ECDSA +STORE_delete_crl 3616 EXIST::FUNCTION: +EC_KEY_get_enc_flags 3617 EXIST::FUNCTION:EC +ASN1_const_check_infinite_end 3618 EXIST::FUNCTION: +EVP_PKEY_delete_attr 3619 EXIST::FUNCTION: +ECDSA_set_default_method 3620 EXIST::FUNCTION:ECDSA +EC_POINT_set_compressed_coordinates_GF2m 3621 EXIST:!VMS:FUNCTION:EC +EC_POINT_set_compr_coords_GF2m 3621 EXIST:VMS:FUNCTION:EC +EC_GROUP_cmp 3622 EXIST::FUNCTION:EC +STORE_revoke_certificate 3623 EXIST::FUNCTION: +BN_get0_nist_prime_256 3624 EXIST::FUNCTION: +STORE_method_get_delete_function 3625 EXIST:!VMS:FUNCTION: +STORE_meth_get_delete_fn 3625 EXIST:VMS:FUNCTION: +SHA224_Init 3626 EXIST::FUNCTION:SHA,SHA256 +PEM_read_ECPrivateKey 3627 EXIST:!WIN16:FUNCTION:EC +SHA512_Init 3628 EXIST::FUNCTION:SHA,SHA512 +STORE_parse_attrs_endp 3629 EXIST::FUNCTION: +BN_set_negative 3630 EXIST::FUNCTION: +ERR_load_ECDSA_strings 3631 EXIST::FUNCTION:ECDSA +EC_GROUP_get_basis_type 3632 EXIST::FUNCTION:EC +STORE_list_public_key_next 3633 EXIST::FUNCTION: +i2v_ASN1_BIT_STRING 3634 EXIST::FUNCTION: +STORE_OBJECT_free 3635 EXIST::FUNCTION: +BN_nist_mod_384 3636 EXIST::FUNCTION: +i2d_X509_CERT_PAIR 3637 EXIST::FUNCTION: +PEM_write_ECPKParameters 3638 EXIST:!WIN16:FUNCTION:EC +ECDH_compute_key 3639 EXIST::FUNCTION:ECDH +STORE_ATTR_INFO_get0_sha1str 3640 EXIST::FUNCTION: +ENGINE_register_all_ECDH 3641 EXIST::FUNCTION:ENGINE +pqueue_pop 3642 EXIST::FUNCTION: +STORE_ATTR_INFO_get0_cstr 3643 EXIST::FUNCTION: +POLICY_CONSTRAINTS_it 3644 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +POLICY_CONSTRAINTS_it 3644 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +STORE_get_ex_new_index 3645 EXIST::FUNCTION: +EVP_PKEY_get_attr_by_OBJ 3646 EXIST::FUNCTION: +X509_VERIFY_PARAM_add0_policy 3647 EXIST::FUNCTION: +BN_GF2m_mod_solve_quad 3648 EXIST::FUNCTION: +SHA256 3649 EXIST::FUNCTION:SHA,SHA256 +i2d_ECPrivateKey_fp 3650 EXIST::FUNCTION:EC,FP_API +X509_policy_tree_get0_user_policies 3651 EXIST:!VMS:FUNCTION: +X509_pcy_tree_get0_usr_policies 3651 EXIST:VMS:FUNCTION: +OPENSSL_DIR_read 3652 EXIST::FUNCTION: +ENGINE_register_all_ECDSA 3653 EXIST::FUNCTION:ENGINE +X509_VERIFY_PARAM_lookup 3654 EXIST::FUNCTION: +EC_POINT_get_affine_coordinates_GF2m 3655 EXIST:!VMS:FUNCTION:EC +EC_POINT_get_affine_coords_GF2m 3655 EXIST:VMS:FUNCTION:EC +EC_GROUP_dup 3656 EXIST::FUNCTION:EC +ENGINE_get_default_ECDSA 3657 EXIST::FUNCTION:ENGINE +EC_KEY_new 3658 EXIST::FUNCTION:EC +SHA256_Transform 3659 EXIST::FUNCTION:SHA,SHA256 +EC_KEY_set_enc_flags 3660 EXIST::FUNCTION:EC +ECDSA_verify 3661 EXIST::FUNCTION:ECDSA +EC_POINT_point2hex 3662 EXIST::FUNCTION:EC +ENGINE_get_STORE 3663 EXIST::FUNCTION:ENGINE +SHA512 3664 EXIST::FUNCTION:SHA,SHA512 +STORE_get_certificate 3665 EXIST::FUNCTION: +ECDSA_do_sign_ex 3666 EXIST::FUNCTION:ECDSA +ECDSA_do_verify 3667 EXIST::FUNCTION:ECDSA +d2i_ECPrivateKey_fp 3668 EXIST::FUNCTION:EC,FP_API +STORE_delete_certificate 3669 EXIST::FUNCTION: +SHA512_Transform 3670 EXIST::FUNCTION:SHA,SHA512 +X509_STORE_set1_param 3671 EXIST::FUNCTION: +STORE_method_get_ctrl_function 3672 EXIST::FUNCTION: +STORE_free 3673 EXIST::FUNCTION: +PEM_write_ECPrivateKey 3674 EXIST:!WIN16:FUNCTION:EC +STORE_method_get_unlock_store_function 3675 EXIST:!VMS:FUNCTION: +STORE_meth_get_unlock_store_fn 3675 EXIST:VMS:FUNCTION: +STORE_get_ex_data 3676 EXIST::FUNCTION: +EC_KEY_set_public_key 3677 EXIST::FUNCTION:EC +PEM_read_ECPKParameters 3678 EXIST:!WIN16:FUNCTION:EC +X509_CERT_PAIR_new 3679 EXIST::FUNCTION: +ENGINE_register_STORE 3680 EXIST::FUNCTION:ENGINE +RSA_generate_key_ex 3681 EXIST::FUNCTION:RSA +DSA_generate_parameters_ex 3682 EXIST::FUNCTION:DSA +ECParameters_print_fp 3683 EXIST::FUNCTION:EC,FP_API +X509V3_NAME_from_section 3684 EXIST::FUNCTION: +EVP_PKEY_add1_attr 3685 EXIST::FUNCTION: +STORE_modify_crl 3686 EXIST::FUNCTION: +STORE_list_private_key_start 3687 EXIST::FUNCTION: +POLICY_MAPPINGS_it 3688 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +POLICY_MAPPINGS_it 3688 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +GENERAL_SUBTREE_it 3689 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +GENERAL_SUBTREE_it 3689 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EC_GROUP_get_curve_name 3690 EXIST::FUNCTION:EC +PEM_write_X509_CERT_PAIR 3691 EXIST:!WIN16:FUNCTION: +BIO_dump_indent_cb 3692 EXIST::FUNCTION: +d2i_X509_CERT_PAIR 3693 EXIST::FUNCTION: +STORE_list_private_key_endp 3694 EXIST::FUNCTION: +asn1_const_Finish 3695 EXIST::FUNCTION: +i2d_EC_PUBKEY_fp 3696 EXIST::FUNCTION:EC,FP_API +BN_nist_mod_256 3697 EXIST::FUNCTION: +X509_VERIFY_PARAM_add0_table 3698 EXIST::FUNCTION: +pqueue_free 3699 EXIST::FUNCTION: +BN_BLINDING_create_param 3700 EXIST::FUNCTION: ECDSA_size 3701 EXIST::FUNCTION:ECDSA -ENGINE_get_STORE 3702 EXIST::FUNCTION:ENGINE -EC_KEY_get_enc_flags 3703 EXIST::FUNCTION:EC -STORE_get_crl 3704 EXIST::FUNCTION: -ECDH_get_default_method 3705 EXIST::FUNCTION:ECDH -ECDH_get_ex_new_index 3706 EXIST::FUNCTION:ECDH -PEM_read_X509_CERT_PAIR 3707 EXIST:!WIN16:FUNCTION: -ERR_load_ECDSA_strings 3708 EXIST::FUNCTION:ECDSA -BN_nist_mod_384 3709 EXIST::FUNCTION: -ENGINE_get_default_ECDH 3710 EXIST::FUNCTION:ENGINE -X509_VERIFY_PARAM_inherit 3711 EXIST::FUNCTION: -ENGINE_load_padlock 3712 EXIST::FUNCTION:ENGINE -BN_get0_nist_prime_224 3713 EXIST::FUNCTION: -X509_STORE_set_depth 3714 EXIST::FUNCTION: -a2i_IPADDRESS 3715 EXIST::FUNCTION: -ECDSA_OpenSSL 3716 EXIST::FUNCTION:ECDSA -STORE_list_private_key_next 3717 EXIST::FUNCTION: -STORE_store_certificate 3718 EXIST::FUNCTION: -STORE_method_set_list_start_function 3719 EXIST:!VMS:FUNCTION: -STORE_meth_set_list_start_fn 3719 EXIST:VMS:FUNCTION: -X509_STORE_CTX_get0_policy_tree 3720 EXIST::FUNCTION: -SHA224_Init 3721 EXIST::FUNCTION:SHA,SHA256 -pqueue_print 3722 EXIST::FUNCTION: -X509_VERIFY_PARAM_set1_policies 3723 EXIST::FUNCTION: -ASN1_generate_v3 3724 EXIST::FUNCTION: -pqueue_find 3725 EXIST::FUNCTION: -i2d_ECDSA_SIG 3726 EXIST::FUNCTION:ECDSA -STORE_method_get_ctrl_function 3727 EXIST::FUNCTION: -ECDH_set_ex_data 3728 EXIST::FUNCTION:ECDH -ECParameters_print_fp 3729 EXIST::FUNCTION:EC,FP_API -STORE_method_set_list_end_function 3730 EXIST:!VMS:FUNCTION: -STORE_meth_set_list_end_fn 3730 EXIST:VMS:FUNCTION: -ENGINE_register_all_STORE 3731 EXIST::FUNCTION:ENGINE -EC_KEY_set_private_key 3732 EXIST::FUNCTION:EC -ECDSA_do_sign_ex 3733 EXIST::FUNCTION:ECDSA -X509_policy_tree_get0_level 3734 EXIST::FUNCTION: -X509_POLICY_NODE_print 3735 EXIST::FUNCTION: -ENGINE_get_ECDH 3736 EXIST::FUNCTION:ENGINE -BIO_s_datagram 3737 EXIST::FUNCTION:DGRAM -PEM_read_ECPKParameters 3738 EXIST:!WIN16:FUNCTION:EC -ECDSA_set_method 3739 EXIST::FUNCTION:ECDSA -ERR_load_STORE_strings 3740 EXIST::FUNCTION: -STORE_method_get_modify_function 3741 EXIST:!VMS:FUNCTION: -STORE_meth_get_modify_fn 3741 EXIST:VMS:FUNCTION: -EC_KEY_set_enc_flags 3742 EXIST::FUNCTION:EC -d2i_EC_PUBKEY 3743 EXIST::FUNCTION:EC -SHA256_Final 3744 EXIST::FUNCTION:SHA,SHA256 -BN_GF2m_add 3745 EXIST::FUNCTION: -X509_STORE_CTX_set0_crls 3746 EXIST::FUNCTION: -GENERAL_SUBTREE_new 3747 EXIST::FUNCTION: -STORE_revoke_private_key 3748 EXIST::FUNCTION: -X509_VERIFY_PARAM_new 3749 EXIST::FUNCTION: -BIO_dump_fp 3750 EXIST::FUNCTION:FP_API -BN_GF2m_mod_arr 3751 EXIST::FUNCTION: -BN_GF2m_mod_exp 3752 EXIST::FUNCTION: -EC_KEY_generate_key 3753 EXIST::FUNCTION:EC -RSA_setup_blinding 3754 EXIST::FUNCTION:RSA -POLICY_MAPPING_it 3755 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -POLICY_MAPPING_it 3755 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -DSO_merge 3756 EXIST::FUNCTION: -STORE_method_get_update_store_function 3757 EXIST:!VMS:FUNCTION: -STORE_meth_get_update_store_fn 3757 EXIST:VMS:FUNCTION: -ENGINE_register_all_ECDH 3758 EXIST::FUNCTION:ENGINE -i2d_ECPrivateKey 3759 EXIST::FUNCTION:EC +d2i_EC_PUBKEY_bio 3702 EXIST::FUNCTION:BIO,EC +BN_get0_nist_prime_521 3703 EXIST::FUNCTION: +STORE_ATTR_INFO_modify_sha1str 3704 EXIST::FUNCTION: +BN_generate_prime_ex 3705 EXIST::FUNCTION: +EC_GROUP_new_by_curve_name 3706 EXIST::FUNCTION:EC +SHA256_Final 3707 EXIST::FUNCTION:SHA,SHA256 +DH_generate_parameters_ex 3708 EXIST::FUNCTION:DH +PEM_read_bio_ECPrivateKey 3709 EXIST::FUNCTION:EC +STORE_method_get_cleanup_function 3710 EXIST:!VMS:FUNCTION: +STORE_meth_get_cleanup_fn 3710 EXIST:VMS:FUNCTION: +ENGINE_get_ECDH 3711 EXIST::FUNCTION:ENGINE +d2i_ECDSA_SIG 3712 EXIST::FUNCTION:ECDSA +BN_is_prime_fasttest_ex 3713 EXIST::FUNCTION: +ECDSA_sign 3714 EXIST::FUNCTION:ECDSA +X509_policy_check 3715 EXIST::FUNCTION: +EVP_PKEY_get_attr_by_NID 3716 EXIST::FUNCTION: +STORE_set_ex_data 3717 EXIST::FUNCTION: +ENGINE_get_ECDSA 3718 EXIST::FUNCTION:ENGINE +EVP_ecdsa 3719 EXIST::FUNCTION:SHA +BN_BLINDING_get_flags 3720 EXIST::FUNCTION: +PKCS12_add_cert 3721 EXIST::FUNCTION: +STORE_OBJECT_new 3722 EXIST::FUNCTION: +ERR_load_ECDH_strings 3723 EXIST::FUNCTION:ECDH +EC_KEY_dup 3724 EXIST::FUNCTION:EC +EVP_CIPHER_CTX_rand_key 3725 EXIST::FUNCTION: +ECDSA_set_method 3726 EXIST::FUNCTION:ECDSA +a2i_IPADDRESS_NC 3727 EXIST::FUNCTION: +d2i_ECParameters 3728 EXIST::FUNCTION:EC +STORE_list_certificate_end 3729 EXIST::FUNCTION: +STORE_get_crl 3730 EXIST::FUNCTION: +X509_POLICY_NODE_print 3731 EXIST::FUNCTION: +SHA384_Init 3732 EXIST::FUNCTION:SHA,SHA512 +EC_GF2m_simple_method 3733 EXIST::FUNCTION:EC +ECDSA_set_ex_data 3734 EXIST::FUNCTION:ECDSA +SHA384_Final 3735 EXIST::FUNCTION:SHA,SHA512 +PKCS7_set_digest 3736 EXIST::FUNCTION: +EC_KEY_print 3737 EXIST::FUNCTION:BIO,EC +STORE_method_set_lock_store_function 3738 EXIST:!VMS:FUNCTION: +STORE_meth_set_lock_store_fn 3738 EXIST:VMS:FUNCTION: +ECDSA_get_ex_new_index 3739 EXIST::FUNCTION:ECDSA +SHA384 3740 EXIST::FUNCTION:SHA,SHA512 +POLICY_MAPPING_new 3741 EXIST::FUNCTION: +STORE_list_certificate_endp 3742 EXIST::FUNCTION: +X509_STORE_CTX_get0_policy_tree 3743 EXIST::FUNCTION: +EC_GROUP_set_asn1_flag 3744 EXIST::FUNCTION:EC +EC_KEY_check_key 3745 EXIST::FUNCTION:EC +d2i_EC_PUBKEY_fp 3746 EXIST::FUNCTION:EC,FP_API +PKCS7_set0_type_other 3747 EXIST::FUNCTION: +PEM_read_bio_X509_CERT_PAIR 3748 EXIST::FUNCTION: +pqueue_next 3749 EXIST::FUNCTION: +STORE_method_get_list_end_function 3750 EXIST:!VMS:FUNCTION: +STORE_meth_get_list_end_fn 3750 EXIST:VMS:FUNCTION: +EVP_PKEY_add1_attr_by_OBJ 3751 EXIST::FUNCTION: +X509_VERIFY_PARAM_set_time 3752 EXIST::FUNCTION: +pqueue_new 3753 EXIST::FUNCTION: +ENGINE_set_default_ECDH 3754 EXIST::FUNCTION:ENGINE +STORE_new_method 3755 EXIST::FUNCTION: +PKCS12_add_key 3756 EXIST::FUNCTION: +DSO_merge 3757 EXIST::FUNCTION: +EC_POINT_hex2point 3758 EXIST::FUNCTION:EC +BIO_dump_cb 3759 EXIST::FUNCTION: +SHA256_Update 3760 EXIST::FUNCTION:SHA,SHA256 +pqueue_insert 3761 EXIST::FUNCTION: +pitem_free 3762 EXIST::FUNCTION: +BN_GF2m_mod_inv_arr 3763 EXIST::FUNCTION: +ENGINE_unregister_ECDSA 3764 EXIST::FUNCTION:ENGINE +BN_BLINDING_set_thread_id 3765 EXIST::FUNCTION: -- GitLab From 55f3ef29eaaa3b5355a8b1545bb69640080a3c9b Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 30 May 2005 05:17:07 +0000 Subject: [PATCH 189/929] Change all relevant occurences of 'ncipher' to 'chil'. That's what nCipher always wanted... --- engines/e_chil.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/engines/e_chil.c b/engines/e_chil.c index 14654a7833..b5d0a62e7a 100644 --- a/engines/e_chil.c +++ b/engines/e_chil.c @@ -1,4 +1,4 @@ -/* crypto/engine/hw_ncipher.c -*- mode: C; c-file-style: "eay" -*- */ +/* crypto/engine/e_chil.c -*- mode: C; c-file-style: "eay" -*- */ /* Written by Richard Levitte (richard@levitte.org), Geoff Thorpe * (geoff@geoffthorpe.net) and Dr Stephen N Henson (shenson@bigfoot.com) * for the OpenSSL project 2000. @@ -70,7 +70,7 @@ #include #ifndef OPENSSL_NO_HW -#ifndef OPENSSL_NO_HW_NCIPHER +#ifndef OPENSSL_NO_HW_CHIL /* Attribution notice: nCipher have said several times that it's OK for * us to implement a general interface to their boxes, and recently declared @@ -86,7 +86,7 @@ #include "vendor_defns/hwcryptohook.h" #endif -#define HWCRHK_LIB_NAME "hwcrhk engine" +#define HWCRHK_LIB_NAME "CHIL engine" #include "e_chil_err.c" static int hwcrhk_destroy(ENGINE *e); @@ -177,7 +177,7 @@ static const ENGINE_CMD_DEFN hwcrhk_cmd_defns[] = { /* Our internal RSA_METHOD that we provide pointers to */ static RSA_METHOD hwcrhk_rsa = { - "nCipher RSA method", + "CHIL RSA method", NULL, NULL, NULL, @@ -198,7 +198,7 @@ static RSA_METHOD hwcrhk_rsa = /* Our internal DH_METHOD that we provide pointers to */ static DH_METHOD hwcrhk_dh = { - "nCipher DH method", + "CHIL DH method", NULL, NULL, hwcrhk_mod_exp_dh, @@ -212,7 +212,7 @@ static DH_METHOD hwcrhk_dh = static RAND_METHOD hwcrhk_rand = { - /* "nCipher RAND method", */ + /* "CHIL RAND method", */ NULL, hwcrhk_rand_bytes, NULL, @@ -223,7 +223,7 @@ static RAND_METHOD hwcrhk_rand = /* Constants used when creating the ENGINE */ static const char *engine_hwcrhk_id = "chil"; -static const char *engine_hwcrhk_name = "nCipher hardware engine support"; +static const char *engine_hwcrhk_name = "CHIL hardware engine support"; /* Compatibility hack, the dynamic library uses this form in the path */ static const char *engine_hwcrhk_id_alt = "ncipher"; @@ -325,7 +325,7 @@ static HWCryptoHook_InitInfo hwcrhk_globals = { /* Now, to our own code */ -/* This internal function is used by ENGINE_ncipher() and possibly by the +/* This internal function is used by ENGINE_chil() and possibly by the * "dynamic" ENGINE support too */ static int bind_helper(ENGINE *e) { @@ -381,7 +381,7 @@ static int bind_helper(ENGINE *e) } #ifdef OPENSSL_NO_DYNAMIC_ENGINE -static ENGINE *engine_ncipher(void) +static ENGINE *engine_chil(void) { ENGINE *ret = ENGINE_new(); if(!ret) @@ -397,7 +397,7 @@ static ENGINE *engine_ncipher(void) void ENGINE_load_chil(void) { /* Copied from eng_[openssl|dyn].c */ - ENGINE *toadd = engine_ncipher(); + ENGINE *toadd = engine_chil(); if(!toadd) return; ENGINE_add(toadd); ENGINE_free(toadd); @@ -493,7 +493,7 @@ static void release_context(HWCryptoHook_ContextHandle hac) p_hwcrhk_Finish(hac); } -/* Destructor (complements the "ENGINE_ncipher()" constructor) */ +/* Destructor (complements the "ENGINE_chil()" constructor) */ static int hwcrhk_destroy(ENGINE *e) { free_HWCRHK_LIBNAME(); @@ -1356,5 +1356,5 @@ IMPLEMENT_DYNAMIC_CHECK_FN() IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) #endif /* OPENSSL_NO_DYNAMIC_ENGINE */ -#endif /* !OPENSSL_NO_HW_NCIPHER */ +#endif /* !OPENSSL_NO_HW_CHIL */ #endif /* !OPENSSL_NO_HW */ -- GitLab From e8f665b495ab460341f9aeb7c7962b277d9adc2a Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 30 May 2005 22:26:23 +0000 Subject: [PATCH 190/929] Synchronise with Unixly build --- crypto/crypto-lib.com | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/crypto-lib.com b/crypto/crypto-lib.com index c51a2b0eab..c17ca19c66 100644 --- a/crypto/crypto-lib.com +++ b/crypto/crypto-lib.com @@ -194,7 +194,7 @@ $ LIB_EC = "ec_lib,ecp_smpl,ecp_mont,ecp_nist,ec_cvt,ec_mult,"+ - "ec2_smpl,ec2_mult" $ LIB_RSA = "rsa_eay,rsa_gen,rsa_lib,rsa_sign,rsa_saos,rsa_err,"+ - "rsa_pk1,rsa_ssl,rsa_none,rsa_oaep,rsa_chk,rsa_null,"+ - - "rsa_asn1,rsa_depr" + "rsa_pss,rsa_x931,rsa_asn1,rsa_depr" $ LIB_DSA = "dsa_gen,dsa_key,dsa_lib,dsa_asn1,dsa_vrf,dsa_sign,"+ - "dsa_err,dsa_ossl,dsa_depr" $ LIB_ECDSA = "ecs_lib,ecs_asn1,ecs_ossl,ecs_sign,ecs_vrf,ecs_err" -- GitLab From e2ac4732cd4f0efc3dff3261d19aed0ced2c4dde Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 30 May 2005 22:34:28 +0000 Subject: [PATCH 191/929] pqueue and dtls uses 64-bit values. Unfortunately, OpenSSL doesn't have a uniform representation for those over all architectures, so a little bit of hackery is needed. Contributed by nagendra modadugu --- crypto/pqueue/Makefile | 2 +- crypto/pqueue/pq_compat.h | 134 +++++++++++++++++++++++++++ crypto/pqueue/pqueue.c | 21 +++-- crypto/pqueue/pqueue.h | 8 +- ssl/d1_both.c | 22 ++++- ssl/d1_lib.c | 20 +++- ssl/d1_pkt.c | 186 +++++++++++++++++++++++++------------- ssl/dtls1.h | 7 +- ssl/s3_lib.c | 6 ++ ssl/ssl3.h | 3 +- 10 files changed, 322 insertions(+), 87 deletions(-) create mode 100644 crypto/pqueue/pq_compat.h diff --git a/crypto/pqueue/Makefile b/crypto/pqueue/Makefile index 9cdab2b00c..c76eab2b80 100644 --- a/crypto/pqueue/Makefile +++ b/crypto/pqueue/Makefile @@ -22,7 +22,7 @@ LIBOBJ=pqueue.o SRC= $(LIBSRC) -EXHEADER= pqueue.h +EXHEADER= pqueue.h pq_compat.h HEADER= $(EXHEADER) ALL= $(GENERAL) $(SRC) $(HEADER) diff --git a/crypto/pqueue/pq_compat.h b/crypto/pqueue/pq_compat.h new file mode 100644 index 0000000000..2157a549da --- /dev/null +++ b/crypto/pqueue/pq_compat.h @@ -0,0 +1,134 @@ +/* crypto/pqueue/pqueue_compat.h */ +/* + * DTLS implementation written by Nagendra Modadugu + * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. + */ +/* ==================================================================== + * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +#include "opensslconf.h" +#include + +/* + * The purpose of this header file is for supporting 64-bit integer + * manipulation on 32-bit (and lower) machines. Currently the only + * such environment is VMS. Other environments that do not natively + * support 64-bit integers can safely use the code developed for VMS. + * + * The only clients of this code are (1) pqueue for priority, and + * (2) DTLS, for sequence number manipulation. + */ + +#if defined(OPENSSL_SYS_VMS) || defined(VMS_TEST) + +#define PQ_64BIT BIGNUM +#define PQ_64BIT_CTX BN_CTX + +#define pq_64bit_init(x) BN_init(x) +#define pq_64bit_free(x) BN_free(x) + +#define pq_64bit_ctx_new(ctx) BN_CTX_new() +#define pq_64bit_ctx_free(x) BN_CTX_free(x) + +#define pq_64bit_assign(x, y) BN_copy(x, y) +#define pq_64bit_assign_word(x, y) BN_set_word(x, y) +#define pq_64bit_gt(x, y) BN_ucmp(x, y) >= 1 ? 1 : 0 +#define pq_64bit_eq(x, y) BN_ucmp(x, y) == 0 ? 1 : 0 +#define pq_64bit_add_word(x, w) BN_add_word(x, w) +#define pq_64bit_sub(r, x, y) BN_sub(r, x, y) +#define pq_64bit_sub_word(x, w) BN_sub_word(x, w) +#define pq_64bit_mod(r, x, n, ctx) BN_mod(r, x, n, ctx) + +#define pq_64bit_bin2num(bn, bytes, len) BN_bin2bn(bytes, len, bn) +#define pq_64bit_num2bin(bn, bytes) BN_bn2bin(bn, bytes) +#define pq_64bit_get_word(x) BN_get_word(x) +#define pq_64bit_is_bit_set(x, offset) BN_is_bit_set(x, offset) +#define pq_64bit_lshift(r, x, shift) BN_lshift(r, x, shift) +#define pq_64bit_set_bit(x, num) BN_set_bit(x, num) +#define pq_64bit_get_length(x) BN_num_bits((x)) + +#else + +#if defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG) +#define PQ_64BIT BN_ULONG +#elif defined(THIRTY_TWO_BIT) +#define PQ_64BIT BN_ULLONG +#endif + +#define PQ_64BIT_CTX void + +#define pq_64bit_init(x) +#define pq_64bit_free(x) +#define pq_64bit_ctx_new(ctx) (ctx) +#define pq_64bit_ctx_free(x) + +#define pq_64bit_assign(x, y) (*(x) = *(y)) +#define pq_64bit_assign_word(x, y) (*(x) = y) +#define pq_64bit_gt(x, y) (*(x) > *(y)) +#define pq_64bit_eq(x, y) (*(x) == *(y)) +#define pq_64bit_add_word(x, w) (*(x) = (*(x) + (w))) +#define pq_64bit_sub(r, x, y) (*(r) = (*(x) - *(y))) +#define pq_64bit_sub_word(x, w) (*(x) = (*(x) - (w))) +#define pq_64bit_mod(r, x, n, ctx) + +#define pq_64bit_bin2num(num, bytes, len) bytes_to_long_long(bytes, num) +#define pq_64bit_num2bin(num, bytes) long_long_to_bytes(num, bytes) +#define pq_64bit_get_word(x) *(x) +#define pq_64bit_lshift(r, x, shift) (*(r) = (*(x) << (shift))) +#define pq_64bit_set_bit(x, num) do { \ + PQ_64BIT mask = 1; \ + mask = mask << (num); \ + *(x) |= mask; \ + } while(0) +#endif /* OPENSSL_SYS_VMS */ diff --git a/crypto/pqueue/pqueue.c b/crypto/pqueue/pqueue.c index f4fa37fe64..6ec5c6756c 100644 --- a/crypto/pqueue/pqueue.c +++ b/crypto/pqueue/pqueue.c @@ -68,12 +68,14 @@ typedef struct _pqueue } pqueue_s; pitem * -pitem_new(BN_ULLONG priority, void *data) +pitem_new(PQ_64BIT priority, void *data) { pitem *item = (pitem *) OPENSSL_malloc(sizeof(pitem)); if (item == NULL) return NULL; - item->priority = priority; + pq_64bit_init(&(item->priority)); + pq_64bit_assign(&item->priority, &priority); + item->data = data; item->next = NULL; @@ -84,7 +86,8 @@ void pitem_free(pitem *item) { if (item == NULL) return; - + + pq_64bit_free(&(item->priority)); OPENSSL_free(item); } @@ -121,7 +124,7 @@ pqueue_insert(pqueue_s *pq, pitem *item) next != NULL; curr = next, next = next->next) { - if (item->priority < next->priority) + if (pq_64bit_gt(&(next->priority), &(item->priority))) { item->next = next; @@ -133,7 +136,7 @@ pqueue_insert(pqueue_s *pq, pitem *item) return item; } /* duplicates not allowed */ - if (item->priority == next->priority) + if (pq_64bit_eq(&(item->priority), &(next->priority))) return NULL; } @@ -161,7 +164,7 @@ pqueue_pop(pqueue_s *pq) } pitem * -pqueue_find(pqueue_s *pq, BN_ULLONG priority) +pqueue_find(pqueue_s *pq, PQ_64BIT priority) { pitem *next, *prev = NULL; pitem *found = NULL; @@ -172,7 +175,7 @@ pqueue_find(pqueue_s *pq, BN_ULLONG priority) for ( next = pq->items; next->next != NULL; prev = next, next = next->next) { - if ( next->priority == priority) + if ( pq_64bit_eq(&(next->priority), &priority)) { found = next; break; @@ -180,7 +183,7 @@ pqueue_find(pqueue_s *pq, BN_ULLONG priority) } /* check the one last node */ - if ( next->priority == priority) + if ( pq_64bit_eq(&(next->priority), &priority)) found = next; if ( ! found) @@ -196,6 +199,7 @@ pqueue_find(pqueue_s *pq, BN_ULLONG priority) return found; } +#if !(defined(OPENSSL_SYS_VMS) || defined(VMS_TEST)) void pqueue_print(pqueue_s *pq) { @@ -207,6 +211,7 @@ pqueue_print(pqueue_s *pq) item = item->next; } } +#endif pitem * pqueue_iterator(pqueue_s *pq) diff --git a/crypto/pqueue/pqueue.h b/crypto/pqueue/pqueue.h index 2ac31e21f0..02386d130e 100644 --- a/crypto/pqueue/pqueue.h +++ b/crypto/pqueue/pqueue.h @@ -64,18 +64,20 @@ #include #include +#include + typedef struct _pqueue *pqueue; typedef struct _pitem { - BN_ULLONG priority; + PQ_64BIT priority; void *data; struct _pitem *next; } pitem; typedef struct _pitem *piterator; -pitem *pitem_new(BN_ULLONG priority, void *data); +pitem *pitem_new(PQ_64BIT priority, void *data); void pitem_free(pitem *item); pqueue pqueue_new(void); @@ -84,7 +86,7 @@ void pqueue_free(pqueue pq); pitem *pqueue_insert(pqueue pq, pitem *item); pitem *pqueue_peek(pqueue pq); pitem *pqueue_pop(pqueue pq); -pitem *pqueue_find(pqueue pq, BN_ULLONG priority); +pitem *pqueue_find(pqueue pq, PQ_64BIT priority); pitem *pqueue_iterator(pqueue pq); pitem *pqueue_next(piterator *iter); diff --git a/ssl/d1_both.c b/ssl/d1_both.c index 6b8dd8080e..92661a9e3b 100644 --- a/ssl/d1_both.c +++ b/ssl/d1_both.c @@ -442,6 +442,7 @@ dtls1_buffer_handshake_fragment(SSL *s, struct hm_header_st* msg_hdr) { hm_fragment *frag = NULL; pitem *item = NULL; + PQ_64BIT seq64; frag = dtls1_hm_fragment_new(msg_hdr->frag_len); if ( frag == NULL) @@ -452,10 +453,15 @@ dtls1_buffer_handshake_fragment(SSL *s, struct hm_header_st* msg_hdr) memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr)); - item = pitem_new(msg_hdr->seq, frag); + pq_64bit_init(&seq64); + pq_64bit_assign_word(&seq64, msg_hdr->seq); + + item = pitem_new(seq64, frag); if ( item == NULL) goto err; + pq_64bit_free(&seq64); + pqueue_insert(s->d1->buffered_messages, item); return 1; @@ -1037,6 +1043,7 @@ dtls1_buffer_message(SSL *s, int is_ccs) { pitem *item; hm_fragment *frag; + PQ_64BIT seq64; /* this function is called immediately after a message has * been serialized */ @@ -1064,7 +1071,11 @@ dtls1_buffer_message(SSL *s, int is_ccs) frag->msg_header.frag_len = s->d1->w_msg_hdr.msg_len; frag->msg_header.is_ccs = is_ccs; - item = pitem_new(frag->msg_header.seq, frag); + pq_64bit_init(&seq64); + pq_64bit_assign_word(&seq64, frag->msg_header.seq); + + item = pitem_new(seq64, frag); + pq_64bit_free(&seq64); if ( item == NULL) { dtls1_hm_fragment_free(frag); @@ -1090,6 +1101,7 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off, pitem *item; hm_fragment *frag ; unsigned long header_length; + PQ_64BIT seq64; /* OPENSSL_assert(s->init_num == 0); @@ -1097,7 +1109,11 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off, */ /* XDTLS: the requested message ought to be found, otherwise error */ - item = pqueue_find(s->d1->sent_messages, seq); + pq_64bit_init(&seq64); + pq_64bit_assign_word(&seq64, seq); + + item = pqueue_find(s->d1->sent_messages, seq64); + pq_64bit_free(&seq64); if ( item == NULL) { fprintf(stderr, "retransmit: message %d non-existant\n", seq); diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c index d774521aaf..458ce544d1 100644 --- a/ssl/d1_lib.c +++ b/ssl/d1_lib.c @@ -132,10 +132,20 @@ int dtls1_new(SSL *s) memset(d1,0, sizeof *d1); /* d1->handshake_epoch=0; */ +#if defined(OPENSSL_SYS_VMS) || defined(VMS_TEST) + d1->bitmap.length=64; +#else d1->bitmap.length=sizeof(d1->bitmap.map) * 8; +#endif + pq_64bit_init(&(d1->bitmap.map)); + pq_64bit_init(&(d1->bitmap.max_seq_num)); + + pq_64bit_init(&(d1->next_bitmap.map)); + pq_64bit_init(&(d1->next_bitmap.max_seq_num)); + d1->unprocessed_rcds.q=pqueue_new(); - d1->processed_rcds.q=pqueue_new(); - d1->buffered_messages = pqueue_new(); + d1->processed_rcds.q=pqueue_new(); + d1->buffered_messages = pqueue_new(); d1->sent_messages=pqueue_new(); if ( s->server) @@ -198,6 +208,12 @@ void dtls1_free(SSL *s) } pqueue_free(s->d1->sent_messages); + pq_64bit_free(&(s->d1->bitmap.map)); + pq_64bit_free(&(s->d1->bitmap.max_seq_num)); + + pq_64bit_free(&(s->d1->next_bitmap.map)); + pq_64bit_free(&(s->d1->next_bitmap.max_seq_num)); + OPENSSL_free(s->d1); } diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c index 09f1626313..77e1031a31 100644 --- a/ssl/d1_pkt.c +++ b/ssl/d1_pkt.c @@ -124,7 +124,7 @@ static int have_handshake_fragment(SSL *s, int type, unsigned char *buf, int len, int peek); static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap, - BN_ULLONG *seq_num); + PQ_64BIT *seq_num); static void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap); static DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr, unsigned int *is_next_epoch); @@ -133,13 +133,13 @@ static int dtls1_record_needs_buffering(SSL *s, SSL3_RECORD *rr, unsigned short *priority, unsigned long *offset); #endif static int dtls1_buffer_record(SSL *s, record_pqueue *q, - BN_ULLONG priority); + PQ_64BIT priority); static int dtls1_process_record(SSL *s); -static BN_ULLONG bytes_to_long_long(unsigned char *bytes); -static void long_long_to_bytes(BN_ULLONG num, unsigned char *bytes); +#if !(defined(OPENSSL_SYS_VMS) || defined(VMS_TEST)) +static PQ_64BIT bytes_to_long_long(unsigned char *bytes, PQ_64BIT *num); +#endif static void dtls1_clear_timeouts(SSL *s); - /* copy buffered record into SSL structure */ static int dtls1_copy_record(SSL *s, pitem *item) @@ -161,7 +161,7 @@ dtls1_copy_record(SSL *s, pitem *item) static int -dtls1_buffer_record(SSL *s, record_pqueue *queue, BN_ULLONG priority) +dtls1_buffer_record(SSL *s, record_pqueue *queue, PQ_64BIT priority) { DTLS1_RECORD_DATA *rdata; pitem *item; @@ -275,9 +275,9 @@ static int dtls1_get_buffered_record(SSL *s) { pitem *item; - BN_ULLONG priority = - (((BN_ULLONG)s->d1->handshake_read_seq) << 32) | - ((BN_ULLONG)s->d1->r_msg_hdr.frag_off); + PQ_64BIT priority = + (((PQ_64BIT)s->d1->handshake_read_seq) << 32) | + ((PQ_64BIT)s->d1->r_msg_hdr.frag_off); if ( ! SSL_in_init(s)) /* if we're not (re)negotiating, nothing buffered */ @@ -482,7 +482,6 @@ int dtls1_get_record(SSL *s) unsigned char *p; short version; DTLS1_BITMAP *bitmap; - BN_ULLONG read_sequence; unsigned int is_next_epoch; rr= &(s->s3->rrec); @@ -522,9 +521,9 @@ again: /* sequence number is 64 bits, with top 2 bytes = epoch */ n2s(p,rr->epoch); - read_sequence = 0; - n2l6(p, read_sequence); - long_long_to_bytes(read_sequence, s->s3->read_sequence); + memcpy(&(s->s3->read_sequence[2]), p, 6); + p+=6; + n2s(p,rr->length); /* Lets check version */ @@ -1406,7 +1405,8 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len, /* else s2n(s->d1->handshake_epoch, pseq); */ - l2n6(bytes_to_long_long(s->s3->write_sequence), pseq); + memcpy(pseq, &(s->s3->write_sequence[2]), 6); + pseq+=6; s2n(wr->length,pseq); /* we should now have @@ -1419,7 +1419,7 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len, /* buffer the record, making it easy to handle retransmits */ if ( type == SSL3_RT_HANDSHAKE || type == SSL3_RT_CHANGE_CIPHER_SPEC) dtls1_buffer_record(s, wr->data, wr->length, - *((BN_ULLONG *)&(s->s3->write_sequence[0]))); + *((PQ_64BIT *)&(s->s3->write_sequence[0]))); #endif ssl3_record_sequence_update(&(s->s3->write_sequence[0])); @@ -1451,27 +1451,60 @@ err: static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap, - BN_ULLONG *seq_num) + PQ_64BIT *seq_num) { - BN_ULLONG mask = 0x0000000000000001L; - BN_ULLONG rcd_num; +#if !(defined(OPENSSL_SYS_VMS) || defined(VMS_TEST)) + PQ_64BIT mask = 0x0000000000000001L; +#endif + PQ_64BIT rcd_num, tmp; + + pq_64bit_init(&rcd_num); + pq_64bit_init(&tmp); + + /* this is the sequence number for the record just read */ + pq_64bit_bin2num(&rcd_num, s->s3->read_sequence, 8); - rcd_num = bytes_to_long_long(s->s3->read_sequence); - if (rcd_num >= bitmap->max_seq_num) + if (pq_64bit_gt(&rcd_num, &(bitmap->max_seq_num)) || + pq_64bit_eq(&rcd_num, &(bitmap->max_seq_num))) { - *seq_num = rcd_num; + pq_64bit_assign(seq_num, &rcd_num); + pq_64bit_free(&rcd_num); + pq_64bit_free(&tmp); return 1; /* this record is new */ } - - if (bitmap->max_seq_num - rcd_num > bitmap->length) + + pq_64bit_sub(&tmp, &(bitmap->max_seq_num), &rcd_num); + + if ( pq_64bit_get_word(&tmp) > bitmap->length) + { + pq_64bit_free(&rcd_num); + pq_64bit_free(&tmp); return 0; /* stale, outside the window */ + } +#if (defined(OPENSSL_SYS_VMS) || defined(VMS_TEST)) + { + int offset; + pq_64bit_sub(&tmp, &(bitmap->max_seq_num), &rcd_num); + pq_64bit_sub_word(&tmp, 1); + offset = pq_64bit_get_word(&tmp); + if ( pq_64bit_is_bit_set(&(bitmap->map), offset)) + { + pq_64bit_free(&rcd_num); + pq_64bit_free(&tmp); + return 0; + } + } +#else mask <<= (bitmap->max_seq_num - rcd_num - 1); if (bitmap->map & mask) return 0; /* record previously received */ +#endif - *seq_num = rcd_num; + pq_64bit_assign(seq_num, &rcd_num); + pq_64bit_free(&rcd_num); + pq_64bit_free(&tmp); return 1; } @@ -1479,23 +1512,49 @@ static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap, static void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap) { unsigned int shift; - BN_ULLONG mask = 0x0000000000000001L; - BN_ULLONG rcd_num; + PQ_64BIT rcd_num; + PQ_64BIT tmp; + PQ_64BIT_CTX *ctx; + + pq_64bit_init(&rcd_num); + pq_64bit_init(&tmp); - rcd_num = bytes_to_long_long(s->s3->read_sequence); + pq_64bit_bin2num(&rcd_num, s->s3->read_sequence, 8); - if (rcd_num >= bitmap->max_seq_num) + /* unfortunate code complexity due to 64-bit manipulation support + * on 32-bit machines */ + if ( pq_64bit_gt(&rcd_num, &(bitmap->max_seq_num)) || + pq_64bit_eq(&rcd_num, &(bitmap->max_seq_num))) { - shift = (unsigned int)(rcd_num - bitmap->max_seq_num) + 1; - bitmap->max_seq_num = rcd_num + 1; - bitmap->map <<= shift; - bitmap->map |= 0x0000000000000001L; + pq_64bit_sub(&tmp, &rcd_num, &(bitmap->max_seq_num)); + pq_64bit_add_word(&tmp, 1); + + shift = (unsigned int)pq_64bit_get_word(&tmp); + + pq_64bit_lshift(&(tmp), &(bitmap->map), shift); + pq_64bit_assign(&(bitmap->map), &tmp); + + pq_64bit_set_bit(&(bitmap->map), 0); + pq_64bit_add_word(&rcd_num, 1); + pq_64bit_assign(&(bitmap->max_seq_num), &rcd_num); + + pq_64bit_assign_word(&tmp, 1); + pq_64bit_lshift(&tmp, &tmp, bitmap->length); + ctx = pq_64bit_ctx_new(&ctx); + pq_64bit_mod(&(bitmap->map), &(bitmap->map), &tmp, ctx); + pq_64bit_ctx_free(ctx); } else { - mask <<= (bitmap->max_seq_num - rcd_num - 1); - bitmap->map |= mask; + pq_64bit_sub(&tmp, &(bitmap->max_seq_num), &rcd_num); + pq_64bit_sub_word(&tmp, 1); + shift = (unsigned int)pq_64bit_get_word(&tmp); + + pq_64bit_set_bit(&(bitmap->map), shift); } + + pq_64bit_free(&rcd_num); + pq_64bit_free(&tmp); } @@ -1656,8 +1715,17 @@ dtls1_reset_seq_numbers(SSL *s, int rw) { seq = s->s3->read_sequence; s->d1->r_epoch++; - memcpy(&(s->d1->bitmap), &(s->d1->next_bitmap), sizeof(DTLS1_BITMAP)); + + pq_64bit_assign(&(s->d1->bitmap.map), &(s->d1->next_bitmap.map)); + s->d1->bitmap.length = s->d1->next_bitmap.length; + pq_64bit_assign(&(s->d1->bitmap.max_seq_num), + &(s->d1->next_bitmap.max_seq_num)); + + pq_64bit_free(&(s->d1->next_bitmap.map)); + pq_64bit_free(&(s->d1->next_bitmap.max_seq_num)); memset(&(s->d1->next_bitmap), 0x00, sizeof(DTLS1_BITMAP)); + pq_64bit_init(&(s->d1->next_bitmap.map)); + pq_64bit_init(&(s->d1->next_bitmap.max_seq_num)); } else { @@ -1668,36 +1736,26 @@ dtls1_reset_seq_numbers(SSL *s, int rw) memset(seq, 0x00, seq_bytes); } +#if !(defined(OPENSSL_SYS_VMS) || defined(VMS_TEST)) +static PQ_64BIT +bytes_to_long_long(unsigned char *bytes, PQ_64BIT *num) + { + PQ_64BIT _num; + + _num = (((PQ_64BIT)bytes[0]) << 56) | + (((PQ_64BIT)bytes[1]) << 48) | + (((PQ_64BIT)bytes[2]) << 40) | + (((PQ_64BIT)bytes[3]) << 32) | + (((PQ_64BIT)bytes[4]) << 24) | + (((PQ_64BIT)bytes[5]) << 16) | + (((PQ_64BIT)bytes[6]) << 8) | + (((PQ_64BIT)bytes[7]) ); + + *num = _num ; + return _num; + } +#endif -static BN_ULLONG -bytes_to_long_long(unsigned char *bytes) - { - BN_ULLONG num; - - num = (((BN_ULLONG)bytes[0]) << 56) | - (((BN_ULLONG)bytes[1]) << 48) | - (((BN_ULLONG)bytes[2]) << 40) | - (((BN_ULLONG)bytes[3]) << 32) | - (((BN_ULLONG)bytes[4]) << 24) | - (((BN_ULLONG)bytes[5]) << 16) | - (((BN_ULLONG)bytes[6]) << 8) | - (((BN_ULLONG)bytes[7]) ); - - return num; - } - -static void -long_long_to_bytes(BN_ULLONG num, unsigned char *bytes) - { - bytes[0] = (unsigned char)((num >> 56)&0xff); - bytes[1] = (unsigned char)((num >> 48)&0xff); - bytes[2] = (unsigned char)((num >> 40)&0xff); - bytes[3] = (unsigned char)((num >> 32)&0xff); - bytes[4] = (unsigned char)((num >> 24)&0xff); - bytes[5] = (unsigned char)((num >> 16)&0xff); - bytes[6] = (unsigned char)((num >> 8)&0xff); - bytes[7] = (unsigned char)((num )&0xff); - } static void dtls1_clear_timeouts(SSL *s) diff --git a/ssl/dtls1.h b/ssl/dtls1.h index 5ec13720cd..b377cc5f6b 100644 --- a/ssl/dtls1.h +++ b/ssl/dtls1.h @@ -90,9 +90,9 @@ extern "C" { typedef struct dtls1_bitmap_st { - BN_ULLONG map; + PQ_64BIT map; unsigned long length; /* sizeof the bitmap in bits */ - BN_ULLONG max_seq_num; /* max record number seen so far */ + PQ_64BIT max_seq_num; /* max record number seen so far */ } DTLS1_BITMAP; struct hm_header_st @@ -162,9 +162,6 @@ typedef struct dtls1_state_st unsigned short handshake_read_seq; - /* only matters for handshake messages */ - BN_ULLONG next_expected_seq_num; - /* Received handshake records (processed and unprocessed) */ record_pqueue unprocessed_rcds; record_pqueue processed_rcds; diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 2b2d2bdade..4585ac3014 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -128,6 +128,7 @@ #include "kssl_lcl.h" #include #include +#include const char *ssl3_version_str="SSLv3" OPENSSL_VERSION_PTEXT; @@ -1441,6 +1442,8 @@ int ssl3_new(SSL *s) memset(s3,0,sizeof *s3); EVP_MD_CTX_init(&s3->finish_dgst1); EVP_MD_CTX_init(&s3->finish_dgst2); + pq_64bit_init(&(s3->rrec.seq_num)); + pq_64bit_init(&(s3->wrec.seq_num)); s->s3=s3; @@ -1475,6 +1478,9 @@ void ssl3_free(SSL *s) sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free); EVP_MD_CTX_cleanup(&s->s3->finish_dgst1); EVP_MD_CTX_cleanup(&s->s3->finish_dgst2); + pq_64bit_free(&(s->s3->rrec.seq_num)); + pq_64bit_free(&(s->s3->wrec.seq_num)); + OPENSSL_cleanse(s->s3,sizeof *s->s3); OPENSSL_free(s->s3); s->s3=NULL; diff --git a/ssl/ssl3.h b/ssl/ssl3.h index 162bc79e04..1e762f276e 100644 --- a/ssl/ssl3.h +++ b/ssl/ssl3.h @@ -123,6 +123,7 @@ #include #include #include +#include #ifdef __cplusplus extern "C" { @@ -295,7 +296,7 @@ typedef struct ssl3_record_st /*rw*/ unsigned char *input; /* where the decode bytes are */ /*r */ unsigned char *comp; /* only used with decompression - malloc()ed */ /*r */ unsigned long epoch; /* epoch number, needed by DTLS1 */ -/*r */ BN_ULLONG seq_num; /* sequence number, needed by DTLS1 */ +/*r */ PQ_64BIT seq_num; /* sequence number, needed by DTLS1 */ } SSL3_RECORD; typedef struct ssl3_buffer_st -- GitLab From 77b97ee0d764dd09252aaaa02ff68992ca18a74d Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 30 May 2005 22:37:41 +0000 Subject: [PATCH 192/929] DJGPP changes. Contributed by Doug Kaufman --- apps/s_client.c | 3 +++ apps/s_server.c | 6 ++++++ crypto/rand/rand_unix.c | 2 +- 3 files changed, 10 insertions(+), 1 deletion(-) diff --git a/apps/s_client.c b/apps/s_client.c index eaa9269610..b22f3196e6 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -263,6 +263,9 @@ int MAIN(int argc, char **argv) int starttls_proto = 0; int prexit = 0, vflags = 0; SSL_METHOD *meth=NULL; +#ifdef sock_type +#undef sock_type +#endif int sock_type=SOCK_STREAM; BIO *sbio; char *inrand=NULL; diff --git a/apps/s_server.c b/apps/s_server.c index 59b6305e97..afc27e15c9 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -262,6 +262,9 @@ static char *engine_id=NULL; static const char *session_id_prefix=NULL; static int enable_timeouts = 0; +#ifdef mtu +#undef mtu +#endif static long mtu; static int cert_chain = 0; @@ -534,6 +537,9 @@ int MAIN(int argc, char *argv[]) int no_tmp_rsa=0,no_dhe=0,no_ecdhe=0,nocert=0; int state=0; SSL_METHOD *meth=NULL; +#ifdef sock_type +#undef sock_type +#endif int sock_type=SOCK_STREAM; #ifndef OPENSSL_NO_ENGINE ENGINE *e=NULL; diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c index 14837a7a7d..bf9a0e993a 100644 --- a/crypto/rand/rand_unix.c +++ b/crypto/rand/rand_unix.c @@ -153,7 +153,7 @@ int RAND_poll(void) int n = 0; #endif #ifdef DEVRANDOM - static const char *randomfiles[] = { DEVRANDOM }; + static const char *randomfiles[] = { "DEVRANDOM" }; struct stat randomstats[sizeof(randomfiles)/sizeof(randomfiles[0])]; int fd,i; #endif -- GitLab From b257c152c69c7e27bf80cbeb5ab16fb3a72eb1c3 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 30 May 2005 22:51:05 +0000 Subject: [PATCH 193/929] A couple more things were added. --- NEWS | 2 ++ 1 file changed, 2 insertions(+) diff --git a/NEWS b/NEWS index 9cd1416507..18d5f00749 100644 --- a/NEWS +++ b/NEWS @@ -71,6 +71,8 @@ SHA-1. o Added support for DTLS. THIS IS STILL BEING WORKED ON! o New BIGNUM blinding. + o Added support for the RSA-PSS encryption scheme + o Added support for the RSA X.931 padding. Major changes between OpenSSL 0.9.7f and OpenSSL 0.9.7g: -- GitLab From 22d1acd5acddcab0db3667d52e58c594799d3250 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 30 May 2005 22:56:49 +0000 Subject: [PATCH 194/929] Time to release the next beta (a few days late, sorry about that). The tag will be OpenSSL_0_9_8-beta3 --- README | 2 +- STATUS | 3 ++- crypto/opensslv.h | 4 ++-- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/README b/README index 19e9d0cff8..82eddb2606 100644 --- a/README +++ b/README @@ -1,5 +1,5 @@ - OpenSSL 0.9.8-beta3-dev XX xxx XXXX + OpenSSL 0.9.8-beta3-dev 31 May 2005 Copyright (c) 1998-2005 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson diff --git a/STATUS b/STATUS index af29eed234..dcd6486d79 100644 --- a/STATUS +++ b/STATUS @@ -1,10 +1,11 @@ OpenSSL STATUS Last modified at - ______________ $Date: 2005/05/24 03:42:48 $ + ______________ $Date: 2005/05/30 22:56:49 $ DEVELOPMENT STATE o OpenSSL 0.9.9: Under development... + o OpenSSL 0.9.8-beta3: Released on May 31th, 2005 o OpenSSL 0.9.8-beta2: Released on May 24th, 2005 o OpenSSL 0.9.8-beta1: Released on May 19th, 2005 o OpenSSL 0.9.7g: Released on April 11th, 2005 diff --git a/crypto/opensslv.h b/crypto/opensslv.h index 6208c19ee8..55d9ef44c7 100644 --- a/crypto/opensslv.h +++ b/crypto/opensslv.h @@ -27,9 +27,9 @@ */ #define OPENSSL_VERSION_NUMBER 0x00908003L #ifdef OPENSSL_FIPS -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-fips-beta3 XX xxx XXXX" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-fips-beta3 31 May 2005" #else -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-beta3 XX xxx XXXX" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-beta3 31 May 2005" #endif #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT -- GitLab From 479d7934c00d5eb997e84eba9c460e46b06888ff Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 30 May 2005 22:59:22 +0000 Subject: [PATCH 195/929] Not quite right... --- README | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README b/README index 82eddb2606..cfd66fe538 100644 --- a/README +++ b/README @@ -1,5 +1,5 @@ - OpenSSL 0.9.8-beta3-dev 31 May 2005 + OpenSSL 0.9.8-beta3 31 May 2005 Copyright (c) 1998-2005 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson -- GitLab From adb040d4cb4117c377d12362877b43150cf645f6 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 30 May 2005 23:07:30 +0000 Subject: [PATCH 196/929] Tagging done, moving up to next beta in development. --- README | 2 +- crypto/opensslv.h | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/README b/README index cfd66fe538..5b7c919d7f 100644 --- a/README +++ b/README @@ -1,5 +1,5 @@ - OpenSSL 0.9.8-beta3 31 May 2005 + OpenSSL 0.9.8-beta4-dev XX xxx XXXX Copyright (c) 1998-2005 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson diff --git a/crypto/opensslv.h b/crypto/opensslv.h index 55d9ef44c7..5478a09333 100644 --- a/crypto/opensslv.h +++ b/crypto/opensslv.h @@ -25,11 +25,11 @@ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -#define OPENSSL_VERSION_NUMBER 0x00908003L +#define OPENSSL_VERSION_NUMBER 0x00908004L #ifdef OPENSSL_FIPS -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-fips-beta3 31 May 2005" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-fips-beta4-dev XX xxx XXXX" #else -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-beta3 31 May 2005" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-beta4-dev XX xxx XXXX" #endif #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT -- GitLab From 2728a1b4f32832571e6d29d4e92d62704f52a94a Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 30 May 2005 23:19:11 +0000 Subject: [PATCH 197/929] Forgottent needed changed. This file will be retagged. --- apps/Makefile | 242 ++++++++++++++++++++++++++------------------------ makevms.com | 3 +- 2 files changed, 128 insertions(+), 117 deletions(-) diff --git a/apps/Makefile b/apps/Makefile index d5ac5ca840..b6565cca20 100644 --- a/apps/Makefile +++ b/apps/Makefile @@ -236,17 +236,18 @@ ca.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h ca.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ca.o: ../include/openssl/x509v3.h apps.h ca.c ciphers.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -ciphers.o: ../include/openssl/buffer.h ../include/openssl/comp.h -ciphers.o: ../include/openssl/conf.h ../include/openssl/crypto.h -ciphers.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -ciphers.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -ciphers.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h -ciphers.o: ../include/openssl/err.h ../include/openssl/evp.h -ciphers.o: ../include/openssl/kssl.h ../include/openssl/lhash.h -ciphers.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -ciphers.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -ciphers.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h -ciphers.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +ciphers.o: ../include/openssl/bn.h ../include/openssl/buffer.h +ciphers.o: ../include/openssl/comp.h ../include/openssl/conf.h +ciphers.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h +ciphers.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +ciphers.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +ciphers.o: ../include/openssl/engine.h ../include/openssl/err.h +ciphers.o: ../include/openssl/evp.h ../include/openssl/kssl.h +ciphers.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +ciphers.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +ciphers.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +ciphers.o: ../include/openssl/pem.h ../include/openssl/pem2.h +ciphers.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h ciphers.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h ciphers.o: ../include/openssl/sha.h ../include/openssl/ssl.h ciphers.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -391,17 +392,18 @@ enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h enc.o: ../include/openssl/txt_db.h ../include/openssl/x509.h enc.o: ../include/openssl/x509_vfy.h apps.h enc.c engine.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -engine.o: ../include/openssl/buffer.h ../include/openssl/comp.h -engine.o: ../include/openssl/conf.h ../include/openssl/crypto.h -engine.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -engine.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -engine.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h -engine.o: ../include/openssl/err.h ../include/openssl/evp.h -engine.o: ../include/openssl/kssl.h ../include/openssl/lhash.h -engine.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -engine.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -engine.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h -engine.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +engine.o: ../include/openssl/bn.h ../include/openssl/buffer.h +engine.o: ../include/openssl/comp.h ../include/openssl/conf.h +engine.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h +engine.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +engine.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +engine.o: ../include/openssl/engine.h ../include/openssl/err.h +engine.o: ../include/openssl/evp.h ../include/openssl/kssl.h +engine.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +engine.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +engine.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +engine.o: ../include/openssl/pem.h ../include/openssl/pem2.h +engine.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h engine.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h engine.o: ../include/openssl/sha.h ../include/openssl/ssl.h engine.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -410,17 +412,18 @@ engine.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h engine.o: ../include/openssl/txt_db.h ../include/openssl/x509.h engine.o: ../include/openssl/x509_vfy.h apps.h engine.c errstr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -errstr.o: ../include/openssl/buffer.h ../include/openssl/comp.h -errstr.o: ../include/openssl/conf.h ../include/openssl/crypto.h -errstr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -errstr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -errstr.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h -errstr.o: ../include/openssl/err.h ../include/openssl/evp.h -errstr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h -errstr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -errstr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -errstr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h -errstr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +errstr.o: ../include/openssl/bn.h ../include/openssl/buffer.h +errstr.o: ../include/openssl/comp.h ../include/openssl/conf.h +errstr.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h +errstr.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +errstr.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +errstr.o: ../include/openssl/engine.h ../include/openssl/err.h +errstr.o: ../include/openssl/evp.h ../include/openssl/kssl.h +errstr.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +errstr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +errstr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +errstr.o: ../include/openssl/pem.h ../include/openssl/pem2.h +errstr.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h errstr.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h errstr.o: ../include/openssl/sha.h ../include/openssl/ssl.h errstr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -507,25 +510,27 @@ ocsp.o: ../include/openssl/objects.h ../include/openssl/ocsp.h ocsp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h ocsp.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h ocsp.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -ocsp.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h -ocsp.o: ../include/openssl/sha.h ../include/openssl/ssl.h -ocsp.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -ocsp.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -ocsp.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -ocsp.o: ../include/openssl/txt_db.h ../include/openssl/x509.h -ocsp.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h ocsp.c +ocsp.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h +ocsp.o: ../include/openssl/safestack.h ../include/openssl/sha.h +ocsp.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +ocsp.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +ocsp.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +ocsp.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h +ocsp.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +ocsp.o: ../include/openssl/x509v3.h apps.h ocsp.c openssl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -openssl.o: ../include/openssl/buffer.h ../include/openssl/comp.h -openssl.o: ../include/openssl/conf.h ../include/openssl/crypto.h -openssl.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -openssl.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -openssl.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h -openssl.o: ../include/openssl/err.h ../include/openssl/evp.h -openssl.o: ../include/openssl/kssl.h ../include/openssl/lhash.h -openssl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -openssl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -openssl.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h -openssl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +openssl.o: ../include/openssl/bn.h ../include/openssl/buffer.h +openssl.o: ../include/openssl/comp.h ../include/openssl/conf.h +openssl.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h +openssl.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +openssl.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +openssl.o: ../include/openssl/engine.h ../include/openssl/err.h +openssl.o: ../include/openssl/evp.h ../include/openssl/kssl.h +openssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +openssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +openssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +openssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h +openssl.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h openssl.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h openssl.o: ../include/openssl/sha.h ../include/openssl/ssl.h openssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -670,17 +675,18 @@ rsautl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h rsautl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h rsautl.o: ../include/openssl/x509_vfy.h apps.h rsautl.c s_cb.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s_cb.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s_cb.o: ../include/openssl/conf.h ../include/openssl/crypto.h -s_cb.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s_cb.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s_cb.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h -s_cb.o: ../include/openssl/err.h ../include/openssl/evp.h -s_cb.o: ../include/openssl/kssl.h ../include/openssl/lhash.h -s_cb.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -s_cb.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -s_cb.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h -s_cb.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s_cb.o: ../include/openssl/bn.h ../include/openssl/buffer.h +s_cb.o: ../include/openssl/comp.h ../include/openssl/conf.h +s_cb.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h +s_cb.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +s_cb.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +s_cb.o: ../include/openssl/engine.h ../include/openssl/err.h +s_cb.o: ../include/openssl/evp.h ../include/openssl/kssl.h +s_cb.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +s_cb.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +s_cb.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +s_cb.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s_cb.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h s_cb.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h s_cb.o: ../include/openssl/sha.h ../include/openssl/ssl.h s_cb.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -689,17 +695,18 @@ s_cb.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h s_cb.o: ../include/openssl/txt_db.h ../include/openssl/x509.h s_cb.o: ../include/openssl/x509_vfy.h apps.h s_apps.h s_cb.c s_client.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s_client.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s_client.o: ../include/openssl/conf.h ../include/openssl/crypto.h -s_client.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s_client.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s_client.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h -s_client.o: ../include/openssl/err.h ../include/openssl/evp.h -s_client.o: ../include/openssl/kssl.h ../include/openssl/lhash.h -s_client.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -s_client.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -s_client.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h -s_client.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s_client.o: ../include/openssl/bn.h ../include/openssl/buffer.h +s_client.o: ../include/openssl/comp.h ../include/openssl/conf.h +s_client.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h +s_client.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +s_client.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +s_client.o: ../include/openssl/engine.h ../include/openssl/err.h +s_client.o: ../include/openssl/evp.h ../include/openssl/kssl.h +s_client.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +s_client.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +s_client.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +s_client.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s_client.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h s_client.o: ../include/openssl/pqueue.h ../include/openssl/rand.h s_client.o: ../include/openssl/safestack.h ../include/openssl/sha.h s_client.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h @@ -721,28 +728,29 @@ s_server.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h s_server.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h s_server.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h s_server.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s_server.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h -s_server.o: ../include/openssl/rand.h ../include/openssl/rsa.h -s_server.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s_server.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s_server.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s_server.o: ../include/openssl/stack.h ../include/openssl/store.h -s_server.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s_server.o: ../include/openssl/txt_db.h ../include/openssl/ui.h -s_server.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -s_server.o: s_apps.h s_server.c timeouts.h +s_server.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h +s_server.o: ../include/openssl/pqueue.h ../include/openssl/rand.h +s_server.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +s_server.o: ../include/openssl/sha.h ../include/openssl/ssl.h +s_server.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +s_server.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s_server.o: ../include/openssl/store.h ../include/openssl/symhacks.h +s_server.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h +s_server.o: ../include/openssl/ui.h ../include/openssl/x509.h +s_server.o: ../include/openssl/x509_vfy.h apps.h s_apps.h s_server.c timeouts.h s_socket.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s_socket.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s_socket.o: ../include/openssl/conf.h ../include/openssl/crypto.h -s_socket.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s_socket.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s_socket.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h -s_socket.o: ../include/openssl/evp.h ../include/openssl/kssl.h -s_socket.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -s_socket.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s_socket.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -s_socket.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s_socket.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +s_socket.o: ../include/openssl/bn.h ../include/openssl/buffer.h +s_socket.o: ../include/openssl/comp.h ../include/openssl/conf.h +s_socket.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h +s_socket.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +s_socket.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +s_socket.o: ../include/openssl/engine.h ../include/openssl/evp.h +s_socket.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s_socket.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s_socket.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s_socket.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +s_socket.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s_socket.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h s_socket.o: ../include/openssl/safestack.h ../include/openssl/sha.h s_socket.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h s_socket.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h @@ -751,17 +759,18 @@ s_socket.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h s_socket.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h s_socket.o: s_apps.h s_socket.c s_time.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s_time.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s_time.o: ../include/openssl/conf.h ../include/openssl/crypto.h -s_time.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s_time.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s_time.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h -s_time.o: ../include/openssl/err.h ../include/openssl/evp.h -s_time.o: ../include/openssl/kssl.h ../include/openssl/lhash.h -s_time.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -s_time.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -s_time.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h -s_time.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s_time.o: ../include/openssl/bn.h ../include/openssl/buffer.h +s_time.o: ../include/openssl/comp.h ../include/openssl/conf.h +s_time.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h +s_time.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +s_time.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +s_time.o: ../include/openssl/engine.h ../include/openssl/err.h +s_time.o: ../include/openssl/evp.h ../include/openssl/kssl.h +s_time.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +s_time.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +s_time.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +s_time.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s_time.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h s_time.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h s_time.o: ../include/openssl/sha.h ../include/openssl/ssl.h s_time.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -770,17 +779,18 @@ s_time.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h s_time.o: ../include/openssl/txt_db.h ../include/openssl/x509.h s_time.o: ../include/openssl/x509_vfy.h apps.h s_apps.h s_time.c sess_id.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -sess_id.o: ../include/openssl/buffer.h ../include/openssl/comp.h -sess_id.o: ../include/openssl/conf.h ../include/openssl/crypto.h -sess_id.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -sess_id.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -sess_id.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h -sess_id.o: ../include/openssl/err.h ../include/openssl/evp.h -sess_id.o: ../include/openssl/kssl.h ../include/openssl/lhash.h -sess_id.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -sess_id.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -sess_id.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h -sess_id.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +sess_id.o: ../include/openssl/bn.h ../include/openssl/buffer.h +sess_id.o: ../include/openssl/comp.h ../include/openssl/conf.h +sess_id.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h +sess_id.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +sess_id.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +sess_id.o: ../include/openssl/engine.h ../include/openssl/err.h +sess_id.o: ../include/openssl/evp.h ../include/openssl/kssl.h +sess_id.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +sess_id.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +sess_id.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +sess_id.o: ../include/openssl/pem.h ../include/openssl/pem2.h +sess_id.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h sess_id.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h sess_id.o: ../include/openssl/sha.h ../include/openssl/ssl.h sess_id.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h diff --git a/makevms.com b/makevms.com index 0adb28811a..9f8322570e 100755 --- a/makevms.com +++ b/makevms.com @@ -428,7 +428,7 @@ $ SDIRS := ,- BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,AES,- BUFFER,BIO,STACK,LHASH,RAND,ERR,- EVP,ASN1,PEM,X509,X509V3,CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,KRB5,- - STORE + STORE,PQUEUE $ EXHEADER_ := crypto.h,tmdiff.h,opensslv.h,opensslconf.h,ebcdic.h,symhacks.h,- ossl_typ.h $ EXHEADER_OBJECTS := objects.h,obj_mac.h @@ -477,6 +477,7 @@ $ EXHEADER_UI := ui.h,ui_compat.h $ EXHEADER_KRB5 := krb5_asn.h $!EXHEADER_STORE := store.h,str_compat.h $ EXHEADER_STORE := store.h +$ EXHEADER_PQUEUE := pqueue.h,pq_compat.h $ $ I = 0 $ LOOP_SDIRS: -- GitLab From 3d37d5e24acc0eaddf3d42dcb18cd9abfbe7222e Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 30 May 2005 23:20:32 +0000 Subject: [PATCH 198/929] Forgottent make update. These files will be retagged. --- crypto/pqueue/Makefile | 5 +- engines/Makefile | 35 +- ssl/Makefile | 970 +++++++++++++++++++++-------------------- test/Makefile | 17 +- 4 files changed, 535 insertions(+), 492 deletions(-) diff --git a/crypto/pqueue/Makefile b/crypto/pqueue/Makefile index c76eab2b80..1dd0769fb9 100644 --- a/crypto/pqueue/Makefile +++ b/crypto/pqueue/Makefile @@ -79,5 +79,6 @@ pqueue.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h pqueue.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h pqueue.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h pqueue.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pqueue.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -pqueue.o: ../../include/openssl/symhacks.h ../cryptlib.h pqueue.c pqueue.h +pqueue.o: ../../include/openssl/pq_compat.h ../../include/openssl/safestack.h +pqueue.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pqueue.o: ../cryptlib.h pqueue.c pqueue.h diff --git a/engines/Makefile b/engines/Makefile index aa68344728..714c43fac5 100644 --- a/engines/Makefile +++ b/engines/Makefile @@ -168,6 +168,23 @@ e_atalla.o: ../include/openssl/ossl_typ.h ../include/openssl/rsa.h e_atalla.o: ../include/openssl/safestack.h ../include/openssl/stack.h e_atalla.o: ../include/openssl/symhacks.h e_atalla.c e_atalla_err.c e_atalla.o: e_atalla_err.h vendor_defns/atalla.h +e_chil.o: ../include/openssl/asn1.h ../include/openssl/bio.h +e_chil.o: ../include/openssl/bn.h ../include/openssl/buffer.h +e_chil.o: ../include/openssl/crypto.h ../include/openssl/dh.h +e_chil.o: ../include/openssl/dso.h ../include/openssl/e_os2.h +e_chil.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +e_chil.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +e_chil.o: ../include/openssl/err.h ../include/openssl/evp.h +e_chil.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +e_chil.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +e_chil.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +e_chil.o: ../include/openssl/pem.h ../include/openssl/pem2.h +e_chil.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +e_chil.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +e_chil.o: ../include/openssl/sha.h ../include/openssl/stack.h +e_chil.o: ../include/openssl/symhacks.h ../include/openssl/ui.h +e_chil.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h e_chil.c +e_chil.o: e_chil_err.c e_chil_err.h vendor_defns/hwcryptohook.h e_cswift.o: ../include/openssl/asn1.h ../include/openssl/bio.h e_cswift.o: ../include/openssl/bn.h ../include/openssl/buffer.h e_cswift.o: ../include/openssl/crypto.h ../include/openssl/dh.h @@ -184,24 +201,6 @@ e_gmp.o: ../include/openssl/e_os2.h ../include/openssl/engine.h e_gmp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h e_gmp.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h e_gmp.o: ../include/openssl/stack.h ../include/openssl/symhacks.h e_gmp.c -e_chil.o: ../include/openssl/asn1.h ../include/openssl/bio.h -e_chil.o: ../include/openssl/bn.h ../include/openssl/buffer.h -e_chil.o: ../include/openssl/crypto.h ../include/openssl/dh.h -e_chil.o: ../include/openssl/dso.h ../include/openssl/e_os2.h -e_chil.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -e_chil.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h -e_chil.o: ../include/openssl/err.h ../include/openssl/evp.h -e_chil.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -e_chil.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -e_chil.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -e_chil.o: ../include/openssl/pem.h ../include/openssl/pem2.h -e_chil.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -e_chil.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -e_chil.o: ../include/openssl/sha.h ../include/openssl/stack.h -e_chil.o: ../include/openssl/symhacks.h ../include/openssl/ui.h -e_chil.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -e_chil.o: e_chil.c e_chil_err.c e_chil_err.h -e_chil.o: vendor_defns/hwcryptohook.h e_nuron.o: ../include/openssl/asn1.h ../include/openssl/bio.h e_nuron.o: ../include/openssl/bn.h ../include/openssl/buffer.h e_nuron.o: ../include/openssl/crypto.h ../include/openssl/dh.h diff --git a/ssl/Makefile b/ssl/Makefile index c8b000eefe..90e2ff0430 100644 --- a/ssl/Makefile +++ b/ssl/Makefile @@ -106,16 +106,17 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. bio_ssl.o: ../include/openssl/asn1.h ../include/openssl/bio.h -bio_ssl.o: ../include/openssl/buffer.h ../include/openssl/comp.h -bio_ssl.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h -bio_ssl.o: ../include/openssl/e_os2.h ../include/openssl/ec.h -bio_ssl.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h -bio_ssl.o: ../include/openssl/err.h ../include/openssl/evp.h -bio_ssl.o: ../include/openssl/kssl.h ../include/openssl/lhash.h -bio_ssl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -bio_ssl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -bio_ssl.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h -bio_ssl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +bio_ssl.o: ../include/openssl/bn.h ../include/openssl/buffer.h +bio_ssl.o: ../include/openssl/comp.h ../include/openssl/crypto.h +bio_ssl.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h +bio_ssl.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +bio_ssl.o: ../include/openssl/ecdsa.h ../include/openssl/err.h +bio_ssl.o: ../include/openssl/evp.h ../include/openssl/kssl.h +bio_ssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +bio_ssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +bio_ssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +bio_ssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h +bio_ssl.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h bio_ssl.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h bio_ssl.o: ../include/openssl/sha.h ../include/openssl/ssl.h bio_ssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -123,17 +124,18 @@ bio_ssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h bio_ssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h bio_ssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h bio_ssl.c d1_both.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -d1_both.o: ../include/openssl/buffer.h ../include/openssl/comp.h -d1_both.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -d1_both.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -d1_both.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -d1_both.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -d1_both.o: ../include/openssl/evp.h ../include/openssl/kssl.h -d1_both.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -d1_both.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -d1_both.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -d1_both.o: ../include/openssl/pem.h ../include/openssl/pem2.h -d1_both.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +d1_both.o: ../include/openssl/bn.h ../include/openssl/buffer.h +d1_both.o: ../include/openssl/comp.h ../include/openssl/crypto.h +d1_both.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +d1_both.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +d1_both.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +d1_both.o: ../include/openssl/err.h ../include/openssl/evp.h +d1_both.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +d1_both.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +d1_both.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +d1_both.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +d1_both.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +d1_both.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h d1_both.o: ../include/openssl/rand.h ../include/openssl/rsa.h d1_both.o: ../include/openssl/safestack.h ../include/openssl/sha.h d1_both.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h @@ -142,17 +144,18 @@ d1_both.o: ../include/openssl/stack.h ../include/openssl/symhacks.h d1_both.o: ../include/openssl/tls1.h ../include/openssl/x509.h d1_both.o: ../include/openssl/x509_vfy.h d1_both.c ssl_locl.h d1_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -d1_clnt.o: ../include/openssl/buffer.h ../include/openssl/comp.h -d1_clnt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -d1_clnt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -d1_clnt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -d1_clnt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -d1_clnt.o: ../include/openssl/evp.h ../include/openssl/kssl.h -d1_clnt.o: ../include/openssl/lhash.h ../include/openssl/md5.h -d1_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -d1_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -d1_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h -d1_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +d1_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h +d1_clnt.o: ../include/openssl/comp.h ../include/openssl/crypto.h +d1_clnt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +d1_clnt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +d1_clnt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +d1_clnt.o: ../include/openssl/err.h ../include/openssl/evp.h +d1_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +d1_clnt.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h +d1_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +d1_clnt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +d1_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h +d1_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h d1_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h d1_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h d1_clnt.o: ../include/openssl/sha.h ../include/openssl/ssl.h @@ -162,18 +165,19 @@ d1_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h d1_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_clnt.c d1_clnt.o: kssl_lcl.h ssl_locl.h d1_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -d1_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h -d1_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -d1_enc.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -d1_enc.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -d1_enc.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -d1_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h -d1_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h -d1_enc.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h -d1_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -d1_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -d1_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h -d1_enc.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +d1_enc.o: ../include/openssl/bn.h ../include/openssl/buffer.h +d1_enc.o: ../include/openssl/comp.h ../include/openssl/crypto.h +d1_enc.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +d1_enc.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +d1_enc.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +d1_enc.o: ../include/openssl/err.h ../include/openssl/evp.h +d1_enc.o: ../include/openssl/hmac.h ../include/openssl/kssl.h +d1_enc.o: ../include/openssl/lhash.h ../include/openssl/md5.h +d1_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +d1_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +d1_enc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +d1_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +d1_enc.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h d1_enc.o: ../include/openssl/rand.h ../include/openssl/rsa.h d1_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h d1_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h @@ -182,17 +186,18 @@ d1_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h d1_enc.o: ../include/openssl/tls1.h ../include/openssl/x509.h d1_enc.o: ../include/openssl/x509_vfy.h d1_enc.c ssl_locl.h d1_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -d1_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h -d1_lib.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -d1_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -d1_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -d1_lib.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -d1_lib.o: ../include/openssl/evp.h ../include/openssl/kssl.h -d1_lib.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -d1_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -d1_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -d1_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h -d1_lib.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +d1_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h +d1_lib.o: ../include/openssl/comp.h ../include/openssl/crypto.h +d1_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +d1_lib.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +d1_lib.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +d1_lib.o: ../include/openssl/err.h ../include/openssl/evp.h +d1_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +d1_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +d1_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +d1_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +d1_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +d1_lib.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h d1_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h d1_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h d1_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -201,17 +206,18 @@ d1_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h d1_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_lib.c d1_lib.o: ssl_locl.h d1_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -d1_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h -d1_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -d1_meth.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -d1_meth.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -d1_meth.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -d1_meth.o: ../include/openssl/evp.h ../include/openssl/kssl.h -d1_meth.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -d1_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -d1_meth.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -d1_meth.o: ../include/openssl/pem.h ../include/openssl/pem2.h -d1_meth.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +d1_meth.o: ../include/openssl/bn.h ../include/openssl/buffer.h +d1_meth.o: ../include/openssl/comp.h ../include/openssl/crypto.h +d1_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +d1_meth.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +d1_meth.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +d1_meth.o: ../include/openssl/err.h ../include/openssl/evp.h +d1_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +d1_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +d1_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +d1_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +d1_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +d1_meth.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h d1_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h d1_meth.o: ../include/openssl/sha.h ../include/openssl/ssl.h d1_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -220,17 +226,18 @@ d1_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h d1_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_meth.c d1_meth.o: ssl_locl.h d1_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -d1_pkt.o: ../include/openssl/buffer.h ../include/openssl/comp.h -d1_pkt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -d1_pkt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -d1_pkt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -d1_pkt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -d1_pkt.o: ../include/openssl/evp.h ../include/openssl/kssl.h -d1_pkt.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -d1_pkt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -d1_pkt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -d1_pkt.o: ../include/openssl/pem.h ../include/openssl/pem2.h -d1_pkt.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +d1_pkt.o: ../include/openssl/bn.h ../include/openssl/buffer.h +d1_pkt.o: ../include/openssl/comp.h ../include/openssl/crypto.h +d1_pkt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +d1_pkt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +d1_pkt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +d1_pkt.o: ../include/openssl/err.h ../include/openssl/evp.h +d1_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +d1_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +d1_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +d1_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +d1_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +d1_pkt.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h d1_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h d1_pkt.o: ../include/openssl/sha.h ../include/openssl/ssl.h d1_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -239,17 +246,18 @@ d1_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h d1_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_pkt.c d1_pkt.o: ssl_locl.h d1_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -d1_srvr.o: ../include/openssl/buffer.h ../include/openssl/comp.h -d1_srvr.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -d1_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -d1_srvr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -d1_srvr.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -d1_srvr.o: ../include/openssl/evp.h ../include/openssl/kssl.h -d1_srvr.o: ../include/openssl/lhash.h ../include/openssl/md5.h -d1_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -d1_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -d1_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h -d1_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +d1_srvr.o: ../include/openssl/bn.h ../include/openssl/buffer.h +d1_srvr.o: ../include/openssl/comp.h ../include/openssl/crypto.h +d1_srvr.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +d1_srvr.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +d1_srvr.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +d1_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h +d1_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +d1_srvr.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h +d1_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +d1_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +d1_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h +d1_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h d1_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h d1_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h d1_srvr.o: ../include/openssl/sha.h ../include/openssl/ssl.h @@ -259,16 +267,17 @@ d1_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h d1_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_srvr.c d1_srvr.o: ssl_locl.h kssl.o: ../include/openssl/asn1.h ../include/openssl/bio.h -kssl.o: ../include/openssl/buffer.h ../include/openssl/comp.h -kssl.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h -kssl.o: ../include/openssl/e_os2.h ../include/openssl/ec.h -kssl.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h -kssl.o: ../include/openssl/evp.h ../include/openssl/krb5_asn.h -kssl.o: ../include/openssl/kssl.h ../include/openssl/lhash.h -kssl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -kssl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -kssl.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h -kssl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +kssl.o: ../include/openssl/bn.h ../include/openssl/buffer.h +kssl.o: ../include/openssl/comp.h ../include/openssl/crypto.h +kssl.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h +kssl.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +kssl.o: ../include/openssl/ecdsa.h ../include/openssl/evp.h +kssl.o: ../include/openssl/krb5_asn.h ../include/openssl/kssl.h +kssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +kssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +kssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +kssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h +kssl.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h kssl.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h kssl.o: ../include/openssl/sha.h ../include/openssl/ssl.h kssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -276,17 +285,18 @@ kssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h kssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h kssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl.c s23_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s23_clnt.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s23_clnt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -s23_clnt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s23_clnt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s23_clnt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -s23_clnt.o: ../include/openssl/evp.h ../include/openssl/kssl.h -s23_clnt.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -s23_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s23_clnt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -s23_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s23_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +s23_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h +s23_clnt.o: ../include/openssl/comp.h ../include/openssl/crypto.h +s23_clnt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +s23_clnt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +s23_clnt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +s23_clnt.o: ../include/openssl/err.h ../include/openssl/evp.h +s23_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s23_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s23_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s23_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +s23_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s23_clnt.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h s23_clnt.o: ../include/openssl/rand.h ../include/openssl/rsa.h s23_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h s23_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h @@ -295,17 +305,18 @@ s23_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h s23_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h s23_clnt.o: ../include/openssl/x509_vfy.h s23_clnt.c ssl_locl.h s23_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s23_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s23_lib.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -s23_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s23_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s23_lib.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -s23_lib.o: ../include/openssl/evp.h ../include/openssl/kssl.h -s23_lib.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -s23_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s23_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -s23_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s23_lib.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +s23_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h +s23_lib.o: ../include/openssl/comp.h ../include/openssl/crypto.h +s23_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +s23_lib.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +s23_lib.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +s23_lib.o: ../include/openssl/err.h ../include/openssl/evp.h +s23_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s23_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s23_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s23_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +s23_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s23_lib.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h s23_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h s23_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h s23_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -314,17 +325,18 @@ s23_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h s23_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_lib.c s23_lib.o: ssl_locl.h s23_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s23_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s23_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -s23_meth.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s23_meth.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s23_meth.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -s23_meth.o: ../include/openssl/evp.h ../include/openssl/kssl.h -s23_meth.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -s23_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s23_meth.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -s23_meth.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s23_meth.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +s23_meth.o: ../include/openssl/bn.h ../include/openssl/buffer.h +s23_meth.o: ../include/openssl/comp.h ../include/openssl/crypto.h +s23_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +s23_meth.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +s23_meth.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +s23_meth.o: ../include/openssl/err.h ../include/openssl/evp.h +s23_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s23_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s23_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s23_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +s23_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s23_meth.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h s23_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h s23_meth.o: ../include/openssl/sha.h ../include/openssl/ssl.h s23_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -333,17 +345,18 @@ s23_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h s23_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_meth.c s23_meth.o: ssl_locl.h s23_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s23_pkt.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s23_pkt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -s23_pkt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s23_pkt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s23_pkt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -s23_pkt.o: ../include/openssl/evp.h ../include/openssl/kssl.h -s23_pkt.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -s23_pkt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s23_pkt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -s23_pkt.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s23_pkt.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +s23_pkt.o: ../include/openssl/bn.h ../include/openssl/buffer.h +s23_pkt.o: ../include/openssl/comp.h ../include/openssl/crypto.h +s23_pkt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +s23_pkt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +s23_pkt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +s23_pkt.o: ../include/openssl/err.h ../include/openssl/evp.h +s23_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s23_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s23_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s23_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +s23_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s23_pkt.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h s23_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h s23_pkt.o: ../include/openssl/sha.h ../include/openssl/ssl.h s23_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -352,17 +365,18 @@ s23_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h s23_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_pkt.c s23_pkt.o: ssl_locl.h s23_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s23_srvr.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s23_srvr.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -s23_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s23_srvr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s23_srvr.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -s23_srvr.o: ../include/openssl/evp.h ../include/openssl/kssl.h -s23_srvr.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -s23_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s23_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -s23_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s23_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +s23_srvr.o: ../include/openssl/bn.h ../include/openssl/buffer.h +s23_srvr.o: ../include/openssl/comp.h ../include/openssl/crypto.h +s23_srvr.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +s23_srvr.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +s23_srvr.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +s23_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h +s23_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s23_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s23_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s23_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +s23_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s23_srvr.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h s23_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h s23_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h s23_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h @@ -371,17 +385,18 @@ s23_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h s23_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h s23_srvr.o: ../include/openssl/x509_vfy.h s23_srvr.c ssl_locl.h s2_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s2_clnt.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s2_clnt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -s2_clnt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s2_clnt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s2_clnt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -s2_clnt.o: ../include/openssl/evp.h ../include/openssl/kssl.h -s2_clnt.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -s2_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s2_clnt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -s2_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s2_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +s2_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h +s2_clnt.o: ../include/openssl/comp.h ../include/openssl/crypto.h +s2_clnt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +s2_clnt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +s2_clnt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +s2_clnt.o: ../include/openssl/err.h ../include/openssl/evp.h +s2_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s2_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s2_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s2_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +s2_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s2_clnt.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h s2_clnt.o: ../include/openssl/rand.h ../include/openssl/rsa.h s2_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h s2_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h @@ -390,17 +405,18 @@ s2_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h s2_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h s2_clnt.o: ../include/openssl/x509_vfy.h s2_clnt.c ssl_locl.h s2_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s2_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s2_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -s2_enc.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s2_enc.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s2_enc.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -s2_enc.o: ../include/openssl/evp.h ../include/openssl/kssl.h -s2_enc.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -s2_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s2_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -s2_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s2_enc.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +s2_enc.o: ../include/openssl/bn.h ../include/openssl/buffer.h +s2_enc.o: ../include/openssl/comp.h ../include/openssl/crypto.h +s2_enc.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +s2_enc.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +s2_enc.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +s2_enc.o: ../include/openssl/err.h ../include/openssl/evp.h +s2_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s2_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s2_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s2_enc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +s2_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s2_enc.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h s2_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h s2_enc.o: ../include/openssl/sha.h ../include/openssl/ssl.h s2_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -409,17 +425,18 @@ s2_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h s2_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_enc.c s2_enc.o: ssl_locl.h s2_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s2_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s2_lib.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -s2_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s2_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s2_lib.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -s2_lib.o: ../include/openssl/evp.h ../include/openssl/kssl.h -s2_lib.o: ../include/openssl/lhash.h ../include/openssl/md5.h -s2_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -s2_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -s2_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h -s2_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s2_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h +s2_lib.o: ../include/openssl/comp.h ../include/openssl/crypto.h +s2_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +s2_lib.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +s2_lib.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +s2_lib.o: ../include/openssl/err.h ../include/openssl/evp.h +s2_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s2_lib.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h +s2_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +s2_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +s2_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s2_lib.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h s2_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h s2_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h s2_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h @@ -428,17 +445,18 @@ s2_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h s2_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h s2_lib.o: ../include/openssl/x509_vfy.h s2_lib.c ssl_locl.h s2_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s2_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s2_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -s2_meth.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s2_meth.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s2_meth.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -s2_meth.o: ../include/openssl/evp.h ../include/openssl/kssl.h -s2_meth.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -s2_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s2_meth.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -s2_meth.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s2_meth.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +s2_meth.o: ../include/openssl/bn.h ../include/openssl/buffer.h +s2_meth.o: ../include/openssl/comp.h ../include/openssl/crypto.h +s2_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +s2_meth.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +s2_meth.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +s2_meth.o: ../include/openssl/err.h ../include/openssl/evp.h +s2_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s2_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s2_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s2_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +s2_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s2_meth.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h s2_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h s2_meth.o: ../include/openssl/sha.h ../include/openssl/ssl.h s2_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -447,17 +465,18 @@ s2_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h s2_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_meth.c s2_meth.o: ssl_locl.h s2_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s2_pkt.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s2_pkt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -s2_pkt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s2_pkt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s2_pkt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -s2_pkt.o: ../include/openssl/evp.h ../include/openssl/kssl.h -s2_pkt.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -s2_pkt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s2_pkt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -s2_pkt.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s2_pkt.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +s2_pkt.o: ../include/openssl/bn.h ../include/openssl/buffer.h +s2_pkt.o: ../include/openssl/comp.h ../include/openssl/crypto.h +s2_pkt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +s2_pkt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +s2_pkt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +s2_pkt.o: ../include/openssl/err.h ../include/openssl/evp.h +s2_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s2_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s2_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s2_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +s2_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s2_pkt.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h s2_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h s2_pkt.o: ../include/openssl/sha.h ../include/openssl/ssl.h s2_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -466,17 +485,18 @@ s2_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h s2_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_pkt.c s2_pkt.o: ssl_locl.h s2_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s2_srvr.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s2_srvr.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -s2_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s2_srvr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s2_srvr.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -s2_srvr.o: ../include/openssl/evp.h ../include/openssl/kssl.h -s2_srvr.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -s2_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s2_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -s2_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s2_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +s2_srvr.o: ../include/openssl/bn.h ../include/openssl/buffer.h +s2_srvr.o: ../include/openssl/comp.h ../include/openssl/crypto.h +s2_srvr.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +s2_srvr.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +s2_srvr.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +s2_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h +s2_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s2_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s2_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s2_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +s2_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s2_srvr.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h s2_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h s2_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h s2_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h @@ -485,17 +505,18 @@ s2_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h s2_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h s2_srvr.o: ../include/openssl/x509_vfy.h s2_srvr.c ssl_locl.h s3_both.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s3_both.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s3_both.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -s3_both.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s3_both.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s3_both.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -s3_both.o: ../include/openssl/evp.h ../include/openssl/kssl.h -s3_both.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -s3_both.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s3_both.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -s3_both.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s3_both.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +s3_both.o: ../include/openssl/bn.h ../include/openssl/buffer.h +s3_both.o: ../include/openssl/comp.h ../include/openssl/crypto.h +s3_both.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +s3_both.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +s3_both.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +s3_both.o: ../include/openssl/err.h ../include/openssl/evp.h +s3_both.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s3_both.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s3_both.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s3_both.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +s3_both.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s3_both.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h s3_both.o: ../include/openssl/rand.h ../include/openssl/rsa.h s3_both.o: ../include/openssl/safestack.h ../include/openssl/sha.h s3_both.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h @@ -516,26 +537,27 @@ s3_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h s3_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h s3_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h s3_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s3_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h -s3_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s3_clnt.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s3_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s3_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s3_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s3_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h -s3_clnt.o: s3_clnt.c ssl_locl.h +s3_clnt.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h +s3_clnt.o: ../include/openssl/rand.h ../include/openssl/rsa.h +s3_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s3_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s3_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s3_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s3_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s3_clnt.o: ../include/openssl/x509_vfy.h kssl_lcl.h s3_clnt.c ssl_locl.h s3_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s3_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s3_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -s3_enc.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s3_enc.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s3_enc.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -s3_enc.o: ../include/openssl/evp.h ../include/openssl/kssl.h -s3_enc.o: ../include/openssl/lhash.h ../include/openssl/md5.h -s3_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -s3_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -s3_enc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h -s3_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s3_enc.o: ../include/openssl/bn.h ../include/openssl/buffer.h +s3_enc.o: ../include/openssl/comp.h ../include/openssl/crypto.h +s3_enc.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +s3_enc.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +s3_enc.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +s3_enc.o: ../include/openssl/err.h ../include/openssl/evp.h +s3_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s3_enc.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h +s3_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +s3_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +s3_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s3_enc.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h s3_enc.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h s3_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h s3_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h @@ -544,18 +566,19 @@ s3_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h s3_enc.o: ../include/openssl/tls1.h ../include/openssl/x509.h s3_enc.o: ../include/openssl/x509_vfy.h s3_enc.c ssl_locl.h s3_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s3_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s3_lib.o: ../include/openssl/crypto.h ../include/openssl/dh.h -s3_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h -s3_lib.o: ../include/openssl/e_os2.h ../include/openssl/ec.h -s3_lib.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h -s3_lib.o: ../include/openssl/err.h ../include/openssl/evp.h -s3_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h -s3_lib.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h -s3_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s3_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -s3_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s3_lib.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +s3_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h +s3_lib.o: ../include/openssl/comp.h ../include/openssl/crypto.h +s3_lib.o: ../include/openssl/dh.h ../include/openssl/dsa.h +s3_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h +s3_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +s3_lib.o: ../include/openssl/ecdsa.h ../include/openssl/err.h +s3_lib.o: ../include/openssl/evp.h ../include/openssl/kssl.h +s3_lib.o: ../include/openssl/lhash.h ../include/openssl/md5.h +s3_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s3_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s3_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +s3_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s3_lib.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h s3_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h s3_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h s3_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -564,17 +587,18 @@ s3_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h s3_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h s3_lib.o: s3_lib.c ssl_locl.h s3_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s3_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s3_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -s3_meth.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s3_meth.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s3_meth.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -s3_meth.o: ../include/openssl/evp.h ../include/openssl/kssl.h -s3_meth.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -s3_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s3_meth.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -s3_meth.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s3_meth.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +s3_meth.o: ../include/openssl/bn.h ../include/openssl/buffer.h +s3_meth.o: ../include/openssl/comp.h ../include/openssl/crypto.h +s3_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +s3_meth.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +s3_meth.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +s3_meth.o: ../include/openssl/err.h ../include/openssl/evp.h +s3_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s3_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s3_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s3_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +s3_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s3_meth.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h s3_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h s3_meth.o: ../include/openssl/sha.h ../include/openssl/ssl.h s3_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -583,17 +607,18 @@ s3_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h s3_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s3_meth.c s3_meth.o: ssl_locl.h s3_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s3_pkt.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s3_pkt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -s3_pkt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s3_pkt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s3_pkt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -s3_pkt.o: ../include/openssl/evp.h ../include/openssl/kssl.h -s3_pkt.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -s3_pkt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s3_pkt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -s3_pkt.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s3_pkt.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +s3_pkt.o: ../include/openssl/bn.h ../include/openssl/buffer.h +s3_pkt.o: ../include/openssl/comp.h ../include/openssl/crypto.h +s3_pkt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +s3_pkt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +s3_pkt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +s3_pkt.o: ../include/openssl/err.h ../include/openssl/evp.h +s3_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s3_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s3_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s3_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +s3_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s3_pkt.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h s3_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h s3_pkt.o: ../include/openssl/sha.h ../include/openssl/ssl.h s3_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -614,26 +639,28 @@ s3_srvr.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h s3_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h s3_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h s3_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s3_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h -s3_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h -s3_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s3_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s3_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s3_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -s3_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s3_srvr.o: ../include/openssl/x509_vfy.h kssl_lcl.h s3_srvr.c ssl_locl.h +s3_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h +s3_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h +s3_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +s3_srvr.o: ../include/openssl/sha.h ../include/openssl/ssl.h +s3_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +s3_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s3_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +s3_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h +s3_srvr.o: s3_srvr.c ssl_locl.h ssl_algs.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -ssl_algs.o: ../include/openssl/buffer.h ../include/openssl/comp.h -ssl_algs.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -ssl_algs.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -ssl_algs.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -ssl_algs.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -ssl_algs.o: ../include/openssl/evp.h ../include/openssl/kssl.h -ssl_algs.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -ssl_algs.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -ssl_algs.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -ssl_algs.o: ../include/openssl/pem.h ../include/openssl/pem2.h -ssl_algs.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +ssl_algs.o: ../include/openssl/bn.h ../include/openssl/buffer.h +ssl_algs.o: ../include/openssl/comp.h ../include/openssl/crypto.h +ssl_algs.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +ssl_algs.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +ssl_algs.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +ssl_algs.o: ../include/openssl/err.h ../include/openssl/evp.h +ssl_algs.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +ssl_algs.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +ssl_algs.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +ssl_algs.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +ssl_algs.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +ssl_algs.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h ssl_algs.o: ../include/openssl/rsa.h ../include/openssl/safestack.h ssl_algs.o: ../include/openssl/sha.h ../include/openssl/ssl.h ssl_algs.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -642,17 +669,18 @@ ssl_algs.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h ssl_algs.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_algs.c ssl_algs.o: ssl_locl.h ssl_asn1.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/asn1_mac.h -ssl_asn1.o: ../include/openssl/bio.h ../include/openssl/buffer.h -ssl_asn1.o: ../include/openssl/comp.h ../include/openssl/crypto.h -ssl_asn1.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h -ssl_asn1.o: ../include/openssl/e_os2.h ../include/openssl/ec.h -ssl_asn1.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h -ssl_asn1.o: ../include/openssl/err.h ../include/openssl/evp.h -ssl_asn1.o: ../include/openssl/kssl.h ../include/openssl/lhash.h -ssl_asn1.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -ssl_asn1.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -ssl_asn1.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h -ssl_asn1.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +ssl_asn1.o: ../include/openssl/bio.h ../include/openssl/bn.h +ssl_asn1.o: ../include/openssl/buffer.h ../include/openssl/comp.h +ssl_asn1.o: ../include/openssl/crypto.h ../include/openssl/dsa.h +ssl_asn1.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h +ssl_asn1.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +ssl_asn1.o: ../include/openssl/ecdsa.h ../include/openssl/err.h +ssl_asn1.o: ../include/openssl/evp.h ../include/openssl/kssl.h +ssl_asn1.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +ssl_asn1.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +ssl_asn1.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +ssl_asn1.o: ../include/openssl/pem.h ../include/openssl/pem2.h +ssl_asn1.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h ssl_asn1.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h ssl_asn1.o: ../include/openssl/safestack.h ../include/openssl/sha.h ssl_asn1.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h @@ -673,26 +701,28 @@ ssl_cert.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h ssl_cert.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h ssl_cert.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h ssl_cert.o: ../include/openssl/pem.h ../include/openssl/pem2.h -ssl_cert.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h -ssl_cert.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -ssl_cert.o: ../include/openssl/sha.h ../include/openssl/ssl.h -ssl_cert.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -ssl_cert.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -ssl_cert.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -ssl_cert.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -ssl_cert.o: ../include/openssl/x509v3.h ssl_cert.c ssl_locl.h +ssl_cert.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h +ssl_cert.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h +ssl_cert.o: ../include/openssl/safestack.h ../include/openssl/sha.h +ssl_cert.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +ssl_cert.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +ssl_cert.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +ssl_cert.o: ../include/openssl/tls1.h ../include/openssl/x509.h +ssl_cert.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h +ssl_cert.o: ssl_cert.c ssl_locl.h ssl_ciph.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -ssl_ciph.o: ../include/openssl/buffer.h ../include/openssl/comp.h -ssl_ciph.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -ssl_ciph.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -ssl_ciph.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -ssl_ciph.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -ssl_ciph.o: ../include/openssl/evp.h ../include/openssl/kssl.h -ssl_ciph.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -ssl_ciph.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -ssl_ciph.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -ssl_ciph.o: ../include/openssl/pem.h ../include/openssl/pem2.h -ssl_ciph.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +ssl_ciph.o: ../include/openssl/bn.h ../include/openssl/buffer.h +ssl_ciph.o: ../include/openssl/comp.h ../include/openssl/crypto.h +ssl_ciph.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +ssl_ciph.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +ssl_ciph.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +ssl_ciph.o: ../include/openssl/err.h ../include/openssl/evp.h +ssl_ciph.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +ssl_ciph.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +ssl_ciph.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +ssl_ciph.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +ssl_ciph.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +ssl_ciph.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h ssl_ciph.o: ../include/openssl/rsa.h ../include/openssl/safestack.h ssl_ciph.o: ../include/openssl/sha.h ../include/openssl/ssl.h ssl_ciph.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -701,16 +731,17 @@ ssl_ciph.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h ssl_ciph.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_ciph.c ssl_ciph.o: ssl_locl.h ssl_err.o: ../include/openssl/asn1.h ../include/openssl/bio.h -ssl_err.o: ../include/openssl/buffer.h ../include/openssl/comp.h -ssl_err.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h -ssl_err.o: ../include/openssl/e_os2.h ../include/openssl/ec.h -ssl_err.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h -ssl_err.o: ../include/openssl/err.h ../include/openssl/evp.h -ssl_err.o: ../include/openssl/kssl.h ../include/openssl/lhash.h -ssl_err.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -ssl_err.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -ssl_err.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h -ssl_err.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +ssl_err.o: ../include/openssl/bn.h ../include/openssl/buffer.h +ssl_err.o: ../include/openssl/comp.h ../include/openssl/crypto.h +ssl_err.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h +ssl_err.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +ssl_err.o: ../include/openssl/ecdsa.h ../include/openssl/err.h +ssl_err.o: ../include/openssl/evp.h ../include/openssl/kssl.h +ssl_err.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +ssl_err.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +ssl_err.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +ssl_err.o: ../include/openssl/pem.h ../include/openssl/pem2.h +ssl_err.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h ssl_err.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h ssl_err.o: ../include/openssl/sha.h ../include/openssl/ssl.h ssl_err.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -718,16 +749,17 @@ ssl_err.o: ../include/openssl/ssl3.h ../include/openssl/stack.h ssl_err.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h ssl_err.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_err.c ssl_err2.o: ../include/openssl/asn1.h ../include/openssl/bio.h -ssl_err2.o: ../include/openssl/buffer.h ../include/openssl/comp.h -ssl_err2.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h -ssl_err2.o: ../include/openssl/e_os2.h ../include/openssl/ec.h -ssl_err2.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h -ssl_err2.o: ../include/openssl/err.h ../include/openssl/evp.h -ssl_err2.o: ../include/openssl/kssl.h ../include/openssl/lhash.h -ssl_err2.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -ssl_err2.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -ssl_err2.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h -ssl_err2.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +ssl_err2.o: ../include/openssl/bn.h ../include/openssl/buffer.h +ssl_err2.o: ../include/openssl/comp.h ../include/openssl/crypto.h +ssl_err2.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h +ssl_err2.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +ssl_err2.o: ../include/openssl/ecdsa.h ../include/openssl/err.h +ssl_err2.o: ../include/openssl/evp.h ../include/openssl/kssl.h +ssl_err2.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +ssl_err2.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +ssl_err2.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +ssl_err2.o: ../include/openssl/pem.h ../include/openssl/pem2.h +ssl_err2.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h ssl_err2.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h ssl_err2.o: ../include/openssl/sha.h ../include/openssl/ssl.h ssl_err2.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -735,18 +767,19 @@ ssl_err2.o: ../include/openssl/ssl3.h ../include/openssl/stack.h ssl_err2.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h ssl_err2.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_err2.c ssl_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -ssl_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h -ssl_lib.o: ../include/openssl/conf.h ../include/openssl/crypto.h -ssl_lib.o: ../include/openssl/dh.h ../include/openssl/dsa.h -ssl_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -ssl_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -ssl_lib.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -ssl_lib.o: ../include/openssl/evp.h ../include/openssl/kssl.h -ssl_lib.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -ssl_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -ssl_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -ssl_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h -ssl_lib.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +ssl_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h +ssl_lib.o: ../include/openssl/comp.h ../include/openssl/conf.h +ssl_lib.o: ../include/openssl/crypto.h ../include/openssl/dh.h +ssl_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +ssl_lib.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +ssl_lib.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +ssl_lib.o: ../include/openssl/err.h ../include/openssl/evp.h +ssl_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +ssl_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +ssl_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +ssl_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +ssl_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +ssl_lib.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h ssl_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h ssl_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h ssl_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -755,17 +788,18 @@ ssl_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h ssl_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_lib.o: ../include/openssl/x509v3.h kssl_lcl.h ssl_lib.c ssl_locl.h ssl_rsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -ssl_rsa.o: ../include/openssl/buffer.h ../include/openssl/comp.h -ssl_rsa.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -ssl_rsa.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -ssl_rsa.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -ssl_rsa.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -ssl_rsa.o: ../include/openssl/evp.h ../include/openssl/kssl.h -ssl_rsa.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -ssl_rsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -ssl_rsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -ssl_rsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h -ssl_rsa.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +ssl_rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h +ssl_rsa.o: ../include/openssl/comp.h ../include/openssl/crypto.h +ssl_rsa.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +ssl_rsa.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +ssl_rsa.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +ssl_rsa.o: ../include/openssl/err.h ../include/openssl/evp.h +ssl_rsa.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +ssl_rsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +ssl_rsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +ssl_rsa.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +ssl_rsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +ssl_rsa.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h ssl_rsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h ssl_rsa.o: ../include/openssl/sha.h ../include/openssl/ssl.h ssl_rsa.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -774,17 +808,18 @@ ssl_rsa.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h ssl_rsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h ssl_rsa.o: ssl_rsa.c ssl_sess.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -ssl_sess.o: ../include/openssl/buffer.h ../include/openssl/comp.h -ssl_sess.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -ssl_sess.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -ssl_sess.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -ssl_sess.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -ssl_sess.o: ../include/openssl/evp.h ../include/openssl/kssl.h -ssl_sess.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -ssl_sess.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -ssl_sess.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -ssl_sess.o: ../include/openssl/pem.h ../include/openssl/pem2.h -ssl_sess.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +ssl_sess.o: ../include/openssl/bn.h ../include/openssl/buffer.h +ssl_sess.o: ../include/openssl/comp.h ../include/openssl/crypto.h +ssl_sess.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +ssl_sess.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +ssl_sess.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +ssl_sess.o: ../include/openssl/err.h ../include/openssl/evp.h +ssl_sess.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +ssl_sess.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +ssl_sess.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +ssl_sess.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +ssl_sess.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +ssl_sess.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h ssl_sess.o: ../include/openssl/rand.h ../include/openssl/rsa.h ssl_sess.o: ../include/openssl/safestack.h ../include/openssl/sha.h ssl_sess.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h @@ -793,17 +828,18 @@ ssl_sess.o: ../include/openssl/stack.h ../include/openssl/symhacks.h ssl_sess.o: ../include/openssl/tls1.h ../include/openssl/x509.h ssl_sess.o: ../include/openssl/x509_vfy.h ssl_locl.h ssl_sess.c ssl_stat.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -ssl_stat.o: ../include/openssl/buffer.h ../include/openssl/comp.h -ssl_stat.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -ssl_stat.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -ssl_stat.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -ssl_stat.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -ssl_stat.o: ../include/openssl/evp.h ../include/openssl/kssl.h -ssl_stat.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -ssl_stat.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -ssl_stat.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -ssl_stat.o: ../include/openssl/pem.h ../include/openssl/pem2.h -ssl_stat.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +ssl_stat.o: ../include/openssl/bn.h ../include/openssl/buffer.h +ssl_stat.o: ../include/openssl/comp.h ../include/openssl/crypto.h +ssl_stat.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +ssl_stat.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +ssl_stat.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +ssl_stat.o: ../include/openssl/err.h ../include/openssl/evp.h +ssl_stat.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +ssl_stat.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +ssl_stat.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +ssl_stat.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +ssl_stat.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +ssl_stat.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h ssl_stat.o: ../include/openssl/rsa.h ../include/openssl/safestack.h ssl_stat.o: ../include/openssl/sha.h ../include/openssl/ssl.h ssl_stat.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -812,17 +848,18 @@ ssl_stat.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h ssl_stat.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h ssl_stat.o: ssl_stat.c ssl_txt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -ssl_txt.o: ../include/openssl/buffer.h ../include/openssl/comp.h -ssl_txt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -ssl_txt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -ssl_txt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -ssl_txt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -ssl_txt.o: ../include/openssl/evp.h ../include/openssl/kssl.h -ssl_txt.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -ssl_txt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -ssl_txt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -ssl_txt.o: ../include/openssl/pem.h ../include/openssl/pem2.h -ssl_txt.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +ssl_txt.o: ../include/openssl/bn.h ../include/openssl/buffer.h +ssl_txt.o: ../include/openssl/comp.h ../include/openssl/crypto.h +ssl_txt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +ssl_txt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +ssl_txt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +ssl_txt.o: ../include/openssl/err.h ../include/openssl/evp.h +ssl_txt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +ssl_txt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +ssl_txt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +ssl_txt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +ssl_txt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +ssl_txt.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h ssl_txt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h ssl_txt.o: ../include/openssl/sha.h ../include/openssl/ssl.h ssl_txt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -831,17 +868,18 @@ ssl_txt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h ssl_txt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h ssl_txt.o: ssl_txt.c t1_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -t1_clnt.o: ../include/openssl/buffer.h ../include/openssl/comp.h -t1_clnt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -t1_clnt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -t1_clnt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -t1_clnt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -t1_clnt.o: ../include/openssl/evp.h ../include/openssl/kssl.h -t1_clnt.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -t1_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -t1_clnt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -t1_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h -t1_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +t1_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h +t1_clnt.o: ../include/openssl/comp.h ../include/openssl/crypto.h +t1_clnt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +t1_clnt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +t1_clnt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +t1_clnt.o: ../include/openssl/err.h ../include/openssl/evp.h +t1_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +t1_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +t1_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +t1_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +t1_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +t1_clnt.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h t1_clnt.o: ../include/openssl/rand.h ../include/openssl/rsa.h t1_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h t1_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h @@ -850,18 +888,19 @@ t1_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h t1_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h t1_clnt.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_clnt.c t1_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -t1_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h -t1_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -t1_enc.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -t1_enc.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -t1_enc.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -t1_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h -t1_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h -t1_enc.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h -t1_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -t1_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -t1_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h -t1_enc.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +t1_enc.o: ../include/openssl/bn.h ../include/openssl/buffer.h +t1_enc.o: ../include/openssl/comp.h ../include/openssl/crypto.h +t1_enc.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +t1_enc.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +t1_enc.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +t1_enc.o: ../include/openssl/err.h ../include/openssl/evp.h +t1_enc.o: ../include/openssl/hmac.h ../include/openssl/kssl.h +t1_enc.o: ../include/openssl/lhash.h ../include/openssl/md5.h +t1_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +t1_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +t1_enc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +t1_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +t1_enc.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h t1_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h t1_enc.o: ../include/openssl/sha.h ../include/openssl/ssl.h t1_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -870,17 +909,18 @@ t1_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h t1_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h t1_enc.o: t1_enc.c t1_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -t1_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h -t1_lib.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -t1_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -t1_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -t1_lib.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -t1_lib.o: ../include/openssl/evp.h ../include/openssl/kssl.h -t1_lib.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -t1_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -t1_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -t1_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h -t1_lib.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +t1_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h +t1_lib.o: ../include/openssl/comp.h ../include/openssl/crypto.h +t1_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +t1_lib.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +t1_lib.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +t1_lib.o: ../include/openssl/err.h ../include/openssl/evp.h +t1_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +t1_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +t1_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +t1_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +t1_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +t1_lib.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h t1_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h t1_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h t1_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -889,17 +929,18 @@ t1_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h t1_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h t1_lib.o: t1_lib.c t1_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -t1_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h -t1_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -t1_meth.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -t1_meth.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -t1_meth.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -t1_meth.o: ../include/openssl/evp.h ../include/openssl/kssl.h -t1_meth.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -t1_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -t1_meth.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -t1_meth.o: ../include/openssl/pem.h ../include/openssl/pem2.h -t1_meth.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +t1_meth.o: ../include/openssl/bn.h ../include/openssl/buffer.h +t1_meth.o: ../include/openssl/comp.h ../include/openssl/crypto.h +t1_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +t1_meth.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +t1_meth.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +t1_meth.o: ../include/openssl/err.h ../include/openssl/evp.h +t1_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +t1_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +t1_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +t1_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +t1_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +t1_meth.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h t1_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h t1_meth.o: ../include/openssl/sha.h ../include/openssl/ssl.h t1_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h @@ -908,17 +949,18 @@ t1_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h t1_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h t1_meth.o: t1_meth.c t1_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -t1_srvr.o: ../include/openssl/buffer.h ../include/openssl/comp.h -t1_srvr.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -t1_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -t1_srvr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -t1_srvr.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -t1_srvr.o: ../include/openssl/evp.h ../include/openssl/kssl.h -t1_srvr.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -t1_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -t1_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -t1_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h -t1_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +t1_srvr.o: ../include/openssl/bn.h ../include/openssl/buffer.h +t1_srvr.o: ../include/openssl/comp.h ../include/openssl/crypto.h +t1_srvr.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +t1_srvr.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +t1_srvr.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +t1_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h +t1_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +t1_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +t1_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +t1_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +t1_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +t1_srvr.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h t1_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h t1_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h t1_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h diff --git a/test/Makefile b/test/Makefile index de3592cbd4..598609e6fc 100644 --- a/test/Makefile +++ b/test/Makefile @@ -609,11 +609,12 @@ ssltest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h ssltest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h ssltest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h ssltest.o: ../include/openssl/pem.h ../include/openssl/pem2.h -ssltest.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h -ssltest.o: ../include/openssl/rand.h ../include/openssl/rsa.h -ssltest.o: ../include/openssl/safestack.h ../include/openssl/sha.h -ssltest.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -ssltest.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -ssltest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -ssltest.o: ../include/openssl/tls1.h ../include/openssl/x509.h -ssltest.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h ssltest.c +ssltest.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h +ssltest.o: ../include/openssl/pqueue.h ../include/openssl/rand.h +ssltest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +ssltest.o: ../include/openssl/sha.h ../include/openssl/ssl.h +ssltest.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +ssltest.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +ssltest.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +ssltest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +ssltest.o: ../include/openssl/x509v3.h ssltest.c -- GitLab From e9429b43cebf4457d4c7eb65e7d6200c1bb4e298 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Tue, 31 May 2005 09:05:31 +0000 Subject: [PATCH 199/929] Default to no-sse2 no-sha512 on selected platforms. --- config | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/config b/config index 7d330e4a54..3b4b0f619f 100755 --- a/config +++ b/config @@ -675,9 +675,9 @@ case "$GUESSOS" in OUT="OpenUNIX-8" fi ;; - *-*-[Uu]nix[Ww]are7) OUT="unixware-7" ;; - *-*-[Uu]nix[Ww]are20*) OUT="unixware-2.0" ;; - *-*-[Uu]nix[Ww]are21*) OUT="unixware-2.1" ;; + *-*-[Uu]nix[Ww]are7) OUT="unixware-7; options="$options no-sse2" ;; + *-*-[Uu]nix[Ww]are20*) OUT="unixware-2.0"; options="$options no-sse2 no-sha512" ;; + *-*-[Uu]nix[Ww]are21*) OUT="unixware-2.1"; options="$options no-sse2 no-sha512" ;; *-*-vos) options="$options no-threads no-shared no-asm no-dso" EXE=".pm" -- GitLab From 804072f0145e160d21aef31cf240e70f80d9dc1c Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Tue, 31 May 2005 09:08:17 +0000 Subject: [PATCH 200/929] Zap sco3. Submitted by: Tim Rice --- Configure | 1 - TABLE | 27 --------------------------- 2 files changed, 28 deletions(-) diff --git a/Configure b/Configure index 999ec20309..fa6baff4ea 100755 --- a/Configure +++ b/Configure @@ -400,7 +400,6 @@ my %table=( "unixware-7-gcc","gcc:-DL_ENDIAN -DFILIO_H -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:gnu-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "OpenUNIX-8","cc:-O -DFILIO_H -Kalloca::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}:${x86_elf_asm}:dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "OpenUNIX-8-gcc","gcc:-O -DFILIO_H -fomit-frame-pointer::-pthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}:${x86_elf_asm}:dlfcn:svr5-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"sco3-gcc", "gcc:-O3 -fomit-frame-pointer -Dssize_t=int -DNO_SYS_UN_H::(unknown)::-lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::", # the SCO assembler doesn't seem to like our assembler files ... # SCO 5 - Ben Laurie says the -O breaks the SCO cc. "sco5-cc", "cc:-belf::(unknown)::-lsocket -lnsl:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:svr3-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "sco5-gcc", "gcc:-O3 -fomit-frame-pointer::(unknown)::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:svr3-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", diff --git a/TABLE b/TABLE index 35b06f8d7a..d275737486 100644 --- a/TABLE +++ b/TABLE @@ -3348,33 +3348,6 @@ $shared_extension = $ranlib = $arflags = -*** sco3-gcc -$cc = gcc -$cflags = -O3 -fomit-frame-pointer -Dssize_t=int -DNO_SYS_UN_H -$unistd = -$thread_cflag = (unknown) -$sys_id = -$lflags = -lsocket -$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT -$cpuid_obj = -$bn_obj = -$des_obj = -$aes_obj = -$bf_obj = -$md5_obj = -$sha1_obj = -$cast_obj = -$rc4_obj = -$rmd160_obj = -$rc5_obj = -$dso_scheme = -$shared_target= -$shared_cflag = -$shared_ldflag = -$shared_extension = -$ranlib = -$arflags = - *** sco5-cc $cc = cc $cflags = -belf -- GitLab From 053677d1243d72159c66a425224366574f74f1ab Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Tue, 31 May 2005 09:32:00 +0000 Subject: [PATCH 201/929] Improve ELF detection procedure on BSD targets. PR: 1079 --- config | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/config b/config index 3b4b0f619f..068d54b870 100755 --- a/config +++ b/config @@ -660,7 +660,9 @@ case "$GUESSOS" in sparc64-*-*bsd*) OUT="BSD-sparc64" ;; ia64-*-*bsd*) OUT="BSD-ia64" ;; amd64-*-*bsd*) OUT="BSD-x86_64" ;; - *86*-*-*bsd*) case "`(file -L /usr/lib/libc.so.*) 2>/dev/null`" in + *86*-*-*bsd*) # assume highest libc.so.* version is the one in effect + libc=`(ls /usr/lib/libc.so.* /lib/libc.so.* | tail -1) 2>/dev/null` + case "`(file $libc) 2>/dev/null`" in *ELF*) OUT="BSD-x86-elf" ;; *) OUT="BSD-x86"; options="$options no-sse2" ;; esac ;; -- GitLab From 198bcece58fc4c0a1670304c956a4f65ccbcc758 Mon Sep 17 00:00:00 2001 From: Nils Larsch Date: Tue, 31 May 2005 09:55:13 +0000 Subject: [PATCH 202/929] fix warning --- crypto/rsa/rsa_x931.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/rsa/rsa_x931.c b/crypto/rsa/rsa_x931.c index ac3fde2a84..7d77213d13 100644 --- a/crypto/rsa/rsa_x931.c +++ b/crypto/rsa/rsa_x931.c @@ -105,7 +105,7 @@ int RSA_padding_add_X931(unsigned char *to, int tlen, int RSA_padding_check_X931(unsigned char *to, int tlen, const unsigned char *from, int flen, int num) { - int i,j; + int i = 0,j; const unsigned char *p; p=from; -- GitLab From 0a47d82b9bea29c1ef9dd5ac42aadd9eeb30032f Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Tue, 31 May 2005 11:00:15 +0000 Subject: [PATCH 203/929] AMD64 OPENSSL_Uplink update. --- ms/uplink.pl | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/ms/uplink.pl b/ms/uplink.pl index 5dacc4f1a1..102400e880 100755 --- a/ms/uplink.pl +++ b/ms/uplink.pl @@ -168,23 +168,23 @@ _DATA SEGMENT PUBLIC OPENSSL_UplinkTable OPENSSL_UplinkTable DQ $N ___ -for ($i=1;$i<=$N;$i++) { print " DQ FLAT:\$lazy$i\n"; } +for ($i=1;$i<=$N;$i++) { print " DQ \$lazy$i\n"; } print <<___; _DATA ENDS -TEXT SEGMENT -EXTERN OPENSSL_Uplink:NEAR +_TEXT SEGMENT +EXTERN OPENSSL_Uplink:PROC ___ for ($i=1;$i<=$N;$i++) { print <<___; ALIGN 4 -\$lazy$i PROC NEAR +\$lazy$i PROC push r9 push r8 push rdx push rcx sub rsp,40 - mov rcx,OFFSET FLAT:OPENSSL_UplinkTable + lea rcx,OFFSET OPENSSL_UplinkTable mov rdx,$i call OPENSSL_Uplink add rsp,40 @@ -197,7 +197,7 @@ ALIGN 4 ___ } print <<___; -TEXT ENDS +_TEXT ENDS END ___ } -- GitLab From 000299a0e6abddb634236caa232ac4a766d3878c Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Tue, 31 May 2005 11:31:07 +0000 Subject: [PATCH 204/929] Fix typo in ./config. --- config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config b/config index 068d54b870..4a8c185bd5 100755 --- a/config +++ b/config @@ -677,7 +677,7 @@ case "$GUESSOS" in OUT="OpenUNIX-8" fi ;; - *-*-[Uu]nix[Ww]are7) OUT="unixware-7; options="$options no-sse2" ;; + *-*-[Uu]nix[Ww]are7) OUT="unixware-7"; options="$options no-sse2" ;; *-*-[Uu]nix[Ww]are20*) OUT="unixware-2.0"; options="$options no-sse2 no-sha512" ;; *-*-[Uu]nix[Ww]are21*) OUT="unixware-2.1"; options="$options no-sse2 no-sha512" ;; *-*-vos) -- GitLab From 39663d2c40ecaa92ffb77669473150266f9e2e96 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Tue, 31 May 2005 12:18:15 +0000 Subject: [PATCH 205/929] Missing sparcv8.o rule. PR: 1082 --- crypto/bn/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/bn/Makefile b/crypto/bn/Makefile index 83e9940dbb..f864a05f39 100644 --- a/crypto/bn/Makefile +++ b/crypto/bn/Makefile @@ -79,7 +79,7 @@ co86-out.s: asm/co-586.pl ../perlasm/x86asm.pl (cd asm; $(PERL) co-586.pl a.out $(CFLAGS) > ../$@) sparcv8.o: asm/sparcv8.S - + $(CC) $(CFLAGS) -c asm/sparcv8.S sparcv8plus.o: asm/sparcv8plus.S $(CC) $(CFLAGS) -c asm/sparcv8plus.S -- GitLab From 5ec52fee2c88447bfe03a5c3ba8e484086c05bdf Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Tue, 31 May 2005 12:39:14 +0000 Subject: [PATCH 212/929] Mention more GCC bugs in ./PROBLEMS. --- PROBLEMS | 28 +++++++++++++++++++++------- 1 file changed, 21 insertions(+), 7 deletions(-) diff --git a/PROBLEMS b/PROBLEMS index 8301624639..5e3ba06a2d 100644 --- a/PROBLEMS +++ b/PROBLEMS @@ -48,20 +48,34 @@ will interfere with each other and lead to test failure. The solution is simple for now: don't run parallell make when testing. -* Bugs in gcc 3.0 triggered +* Bugs in gcc triggered -According to a problem report, there are bugs in gcc 3.0 that are -triggered by some of the code in OpenSSL, more specifically in -PEM_get_EVP_CIPHER_INFO(). The triggering code is the following: +- According to a problem report, there are bugs in gcc 3.0 that are + triggered by some of the code in OpenSSL, more specifically in + PEM_get_EVP_CIPHER_INFO(). The triggering code is the following: header+=11; if (*header != '4') return(0); header++; if (*header != ',') return(0); header++; -What happens is that gcc might optimize a little too agressively, and -you end up with an extra incrementation when *header != '4'. + What happens is that gcc might optimize a little too agressively, and + you end up with an extra incrementation when *header != '4'. -We recommend that you upgrade gcc to as high a 3.x version as you can. + We recommend that you upgrade gcc to as high a 3.x version as you can. + +- According to multiple problem reports, some of our message digest + implementations trigger bug[s] in code optimizer in gcc 3.3 for sparc64 + and gcc 2.96 for ppc. Former fails to complete RIPEMD160 test, while + latter - SHA one. + + The recomendation is to upgrade your compiler. This naturally applies to + other similar cases. + +- There is a subtle Solaris x86-specific gcc run-time environment bug, which + "falls between" OpenSSL [0.9.8 and later], Solaris ld and GCC. The bug + manifests itself as Segmentation Fault upon early application start-up. + The problem can be worked around by patching the environment according to + http://www.openssl.org/~appro/values.c. * solaris64-sparcv9-cc SHA-1 performance with WorkShop 6 compiler. -- GitLab From d0c11e9d7261e01d3ac81ad952aed6711d18ffd8 Mon Sep 17 00:00:00 2001 From: Ben Laurie Date: Tue, 31 May 2005 13:13:18 +0000 Subject: [PATCH 213/929] Fix warnings. --- engines/e_4758cca.c | 2 ++ engines/e_chil.c | 3 +++ 2 files changed, 5 insertions(+) diff --git a/engines/e_4758cca.c b/engines/e_4758cca.c index e7f308e314..7d850a854b 100644 --- a/engines/e_4758cca.c +++ b/engines/e_4758cca.c @@ -202,8 +202,10 @@ static RAND_METHOD ibm_4758_cca_rand = static const char *engine_4758_cca_id = "4758cca"; static const char *engine_4758_cca_name = "IBM 4758 CCA hardware engine support"; +#ifndef OPENSSL_NO_DYNAMIC_ENGINE /* Compatibility hack, the dynamic library uses this form in the path */ static const char *engine_4758_cca_id_alt = "4758_cca"; +#endif /* engine implementation */ /*-----------------------*/ diff --git a/engines/e_chil.c b/engines/e_chil.c index b5d0a62e7a..2ef96f9ae6 100644 --- a/engines/e_chil.c +++ b/engines/e_chil.c @@ -224,8 +224,11 @@ static RAND_METHOD hwcrhk_rand = /* Constants used when creating the ENGINE */ static const char *engine_hwcrhk_id = "chil"; static const char *engine_hwcrhk_name = "CHIL hardware engine support"; + +#ifndef OPENSSL_NO_DYNAMIC_ENGINE /* Compatibility hack, the dynamic library uses this form in the path */ static const char *engine_hwcrhk_id_alt = "ncipher"; +#endif /* Internal stuff for HWCryptoHook */ -- GitLab From 7a37dd92ed65b8ffbef64269deff3aee15c7043b Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Tue, 31 May 2005 16:33:43 +0000 Subject: [PATCH 214/929] "Show" more respect to no-sha* config options. PR: 1086 --- crypto/sha/sha1dgst.c | 1 + crypto/sha/sha256.c | 2 +- crypto/sha/sha512.c | 2 +- crypto/sha/sha_dgst.c | 1 + 4 files changed, 4 insertions(+), 2 deletions(-) diff --git a/crypto/sha/sha1dgst.c b/crypto/sha/sha1dgst.c index 182f65982a..447ce53e17 100644 --- a/crypto/sha/sha1dgst.c +++ b/crypto/sha/sha1dgst.c @@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#include #if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_NO_SHA) #undef SHA_0 diff --git a/crypto/sha/sha256.c b/crypto/sha/sha256.c index 5f3845f55c..bbc20da0e9 100644 --- a/crypto/sha/sha256.c +++ b/crypto/sha/sha256.c @@ -4,12 +4,12 @@ * according to the OpenSSL license [found in ../../LICENSE]. * ==================================================================== */ +#include #if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256) #include #include -#include #include #include #include diff --git a/crypto/sha/sha512.c b/crypto/sha/sha512.c index c84bd5addf..f965cff692 100644 --- a/crypto/sha/sha512.c +++ b/crypto/sha/sha512.c @@ -4,6 +4,7 @@ * according to the OpenSSL license [found in ../../LICENSE]. * ==================================================================== */ +#include #if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA512) /* * IMPLEMENTATION NOTES. @@ -43,7 +44,6 @@ #include #include -#include #include #include #include diff --git a/crypto/sha/sha_dgst.c b/crypto/sha/sha_dgst.c index 5a4b3ab204..60465d0c3e 100644 --- a/crypto/sha/sha_dgst.c +++ b/crypto/sha/sha_dgst.c @@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#include #if !defined(OPENSSL_NO_SHA0) && !defined(OPENSSL_NO_SHA) #undef SHA_1 -- GitLab From 5467ddf0e1c49fecbc8558c7a16694dc24434be6 Mon Sep 17 00:00:00 2001 From: Nils Larsch Date: Tue, 31 May 2005 17:31:50 +0000 Subject: [PATCH 215/929] include opensslconf.h if OPENSSL_NO_* is used --- apps/ec.c | 1 + apps/ecparam.c | 2 ++ apps/pkcs12.c | 5 +++-- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/apps/ec.c b/apps/ec.c index a763daa653..9ddaddfe5e 100644 --- a/apps/ec.c +++ b/apps/ec.c @@ -56,6 +56,7 @@ * */ +#include #ifndef OPENSSL_NO_EC #include #include diff --git a/apps/ecparam.c b/apps/ecparam.c index 167fd1faaa..4e1fc837ed 100644 --- a/apps/ecparam.c +++ b/apps/ecparam.c @@ -68,6 +68,8 @@ * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. * */ + +#include #ifndef OPENSSL_NO_EC #include #include diff --git a/apps/pkcs12.c b/apps/pkcs12.c index d77358a239..c22c00fce1 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -1,6 +1,4 @@ /* pkcs12.c */ -#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1) - /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL * project. */ @@ -58,6 +56,9 @@ * */ +#include +#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1) + #include #include #include -- GitLab From e00b165e9b47f0ea8ffb1a69d56fab20c729455d Mon Sep 17 00:00:00 2001 From: Nils Larsch Date: Tue, 31 May 2005 17:56:17 +0000 Subject: [PATCH 216/929] let "make all test" work with "no-aes" PR: 1078 --- apps/speed.c | 2 ++ crypto/engine/eng_padlock.c | 19 ++++++++++++++++++- crypto/evp/evp_test.c | 22 ++++++++++++++++++++++ 3 files changed, 42 insertions(+), 1 deletion(-) diff --git a/apps/speed.c b/apps/speed.c index 4bec815257..8f2aac5ccb 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -527,6 +527,7 @@ int MAIN(int argc, char **argv) static const unsigned char key16[16]= {0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0, 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12}; +#ifndef OPENSSL_NO_AES static const unsigned char key24[24]= {0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0, 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12, @@ -536,6 +537,7 @@ int MAIN(int argc, char **argv) 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12, 0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34, 0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34,0x56}; +#endif #ifndef OPENSSL_NO_AES #define MAX_BLOCK_SIZE 128 #else diff --git a/crypto/engine/eng_padlock.c b/crypto/engine/eng_padlock.c index 6aad03ac81..cc9f9dc41e 100644 --- a/crypto/engine/eng_padlock.c +++ b/crypto/engine/eng_padlock.c @@ -66,11 +66,14 @@ #include #include +#include #include #include #include #include +#ifndef OPENSSL_NO_AES #include +#endif #include #ifndef OPENSSL_NO_HW @@ -134,7 +137,9 @@ static int padlock_init(ENGINE *e); static RAND_METHOD padlock_rand; /* Cipher Stuff */ +#ifndef OPENSSL_NO_AES static int padlock_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid); +#endif /* Engine names */ static const char *padlock_id = "padlock"; @@ -143,7 +148,9 @@ static char padlock_name[100]; /* Available features */ static int padlock_use_ace = 0; /* Advanced Cryptography Engine */ static int padlock_use_rng = 0; /* Random Number Generator */ +#ifndef OPENSSL_NO_AES static int padlock_aes_align_required = 1; +#endif /* ===== Engine "management" functions ===== */ @@ -169,8 +176,9 @@ padlock_bind_helper(ENGINE *e) !ENGINE_set_name(e, padlock_name) || !ENGINE_set_init_function(e, padlock_init) || - +#ifndef OPENSSL_NO_AES (padlock_use_ace && !ENGINE_set_ciphers (e, padlock_ciphers)) || +#endif (padlock_use_rng && !ENGINE_set_RAND (e, &padlock_rand))) { return 0; } @@ -228,6 +236,7 @@ IMPLEMENT_DYNAMIC_BIND_FN (padlock_bind_fn); /* ===== Here comes the "real" engine ===== */ +#ifndef OPENSSL_NO_AES /* Some AES-related constants */ #define AES_BLOCK_SIZE 16 #define AES_KEY_SIZE_128 16 @@ -264,6 +273,7 @@ struct padlock_cipher_data * so we accept the penatly... */ static volatile struct padlock_cipher_data *padlock_saved_context; +#endif /* * ======================================================= @@ -355,6 +365,7 @@ padlock_available(void) return padlock_use_ace + padlock_use_rng; } +#ifndef OPENSSL_NO_AES /* Our own htonl()/ntohl() */ static inline void padlock_bswapl(AES_KEY *ks) @@ -367,6 +378,7 @@ padlock_bswapl(AES_KEY *ks) key++; } } +#endif /* Force key reload from memory to the CPU microcode. Loading EFLAGS from the stack clears EFLAGS[30] @@ -377,6 +389,7 @@ padlock_reload_key(void) asm volatile ("pushfl; popfl"); } +#ifndef OPENSSL_NO_AES /* * This is heuristic key context tracing. At first one * believes that one should use atomic swap instructions, @@ -430,6 +443,7 @@ PADLOCK_XCRYPT_ASM(padlock_xcrypt_ecb, ".byte 0xf3,0x0f,0xa7,0xc8") /* rep xcryp PADLOCK_XCRYPT_ASM(padlock_xcrypt_cbc, ".byte 0xf3,0x0f,0xa7,0xd0") /* rep xcryptcbc */ PADLOCK_XCRYPT_ASM(padlock_xcrypt_cfb, ".byte 0xf3,0x0f,0xa7,0xe0") /* rep xcryptcfb */ PADLOCK_XCRYPT_ASM(padlock_xcrypt_ofb, ".byte 0xf3,0x0f,0xa7,0xe8") /* rep xcryptofb */ +#endif /* The RNG call itself */ static inline unsigned int @@ -600,6 +614,7 @@ padlock_bswapl(void *key) #endif /* ===== AES encryption/decryption ===== */ +#ifndef OPENSSL_NO_AES #if defined(NID_aes_128_cfb128) && ! defined (NID_aes_128_cfb) #define NID_aes_128_cfb NID_aes_128_cfb128 @@ -1030,6 +1045,8 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg, return 1; } +#endif /* OPENSSL_NO_AES */ + /* ===== Random Number Generator ===== */ /* * This code is not engaged. The reason is that it does not comply diff --git a/crypto/evp/evp_test.c b/crypto/evp/evp_test.c index 2dc8b8c158..3bf8e9ab27 100644 --- a/crypto/evp/evp_test.c +++ b/crypto/evp/evp_test.c @@ -52,6 +52,7 @@ #include "../e_os.h" +#include #include #ifndef OPENSSL_NO_ENGINE #include @@ -395,6 +396,27 @@ int main(int argc,char **argv) if(!test_cipher(cipher,key,kn,iv,in,plaintext,pn,ciphertext,cn,encdec) && !test_digest(cipher,plaintext,pn,ciphertext,cn)) { +#ifdef OPENSSL_NO_AES + if (strstr(cipher, "AES") == cipher) + { + fprintf(stdout, "Cipher disabled, skipping %s\n", cipher); + continue; + } +#endif +#ifdef OPENSSL_NO_DES + if (strstr(cipher, "DES") == cipher) + { + fprintf(stdout, "Cipher disabled, skipping %s\n", cipher); + continue; + } +#endif +#ifdef OPENSSL_NO_RC4 + if (strstr(cipher, "RC4") == cipher) + { + fprintf(stdout, "Cipher disabled, skipping %s\n", cipher); + continue; + } +#endif fprintf(stderr,"Can't find %s\n",cipher); EXIT(3); } -- GitLab From 335ed97263c1b590646ffab961ec8eddfec53074 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 31 May 2005 20:28:55 +0000 Subject: [PATCH 217/929] Synchronise more with the Unix build --- makevms.com | 2 +- ssl/install.com | 2 +- ssl/ssl-lib.com | 2 ++ 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/makevms.com b/makevms.com index 9f8322570e..3207f4171f 100755 --- a/makevms.com +++ b/makevms.com @@ -496,7 +496,7 @@ $ LOOP_SDIRS_END: $! $! Copy All The ".H" Files From The [.SSL] Directory. $! -$ EXHEADER := ssl.h,ssl2.h,ssl3.h,ssl23.h,tls1.h,kssl.h +$ EXHEADER := ssl.h,ssl2.h,ssl3.h,ssl23.h,tls1.h,dtls1.h,kssl.h $ COPY SYS$DISK:[.SSL]'EXHEADER' SYS$DISK:[.INCLUDE.OPENSSL] $! $! Purge all doubles diff --git a/ssl/install.com b/ssl/install.com index 7fc008f91a..fce8c66737 100644 --- a/ssl/install.com +++ b/ssl/install.com @@ -38,7 +38,7 @@ $ IF F$PARSE("WRK_SSLVEXE:") .EQS. "" THEN - $ IF F$PARSE("WRK_SSLAEXE:") .EQS. "" THEN - CREATE/DIR/LOG WRK_SSLAEXE: $ -$ EXHEADER := ssl.h,ssl2.h,ssl3.h,ssl23.h,tls1.h,kssl.h +$ EXHEADER := ssl.h,ssl2.h,ssl3.h,ssl23.h,tls1.h,dtls1.h,kssl.h $ E_EXE := ssl_task $ LIBS := LIBSSL $ diff --git a/ssl/ssl-lib.com b/ssl/ssl-lib.com index f0665c6b86..fcd7ff774c 100644 --- a/ssl/ssl-lib.com +++ b/ssl/ssl-lib.com @@ -174,6 +174,8 @@ $ LIB_SSL = "s2_meth,s2_srvr,s2_clnt,s2_lib,s2_enc,s2_pkt,"+ - "s3_meth,s3_srvr,s3_clnt,s3_lib,s3_enc,s3_pkt,s3_both,"+ - "s23_meth,s23_srvr,s23_clnt,s23_lib,s23_pkt,"+ - "t1_meth,t1_srvr,t1_clnt,t1_lib,t1_enc,"+ - + "d1_meth,d1_srvr,d1_clnt,d1_lib,d1_pkt,"+ - + "d1_both,d1_enc,"+ - "ssl_lib,ssl_err2,ssl_cert,ssl_sess,"+ - "ssl_ciph,ssl_stat,ssl_rsa,"+ - "ssl_asn1,ssl_txt,ssl_algs,"+ - -- GitLab From 431712293d5487e9f0c4b8fb788edc60cf31b35a Mon Sep 17 00:00:00 2001 From: Nils Larsch Date: Tue, 31 May 2005 20:38:31 +0000 Subject: [PATCH 218/929] fix assertion PR: 1072 --- crypto/bn/bn_asm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/bn/bn_asm.c b/crypto/bn/bn_asm.c index be8aa3ffc5..19978085b2 100644 --- a/crypto/bn/bn_asm.c +++ b/crypto/bn/bn_asm.c @@ -237,7 +237,7 @@ BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d) if (d == 0) return(BN_MASK2); i=BN_num_bits_word(d); - assert((i == BN_BITS2) || (h > (BN_ULONG)1<= d) h-=d; -- GitLab From 7ea61df414b425160405e8d4e1a856efbc43a791 Mon Sep 17 00:00:00 2001 From: Nils Larsch Date: Wed, 1 Jun 2005 08:31:22 +0000 Subject: [PATCH 219/929] clear error queue on success and return NULL if cert could be read PR: 1088 --- ssl/ssl_cert.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index 93d2b13791..0c9bd07378 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -635,14 +635,13 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file) BIO *in; X509 *x=NULL; X509_NAME *xn=NULL; - STACK_OF(X509_NAME) *ret,*sk; + STACK_OF(X509_NAME) *ret = NULL,*sk; - ret=sk_X509_NAME_new_null(); sk=sk_X509_NAME_new(xname_cmp); in=BIO_new(BIO_s_file_internal()); - if ((ret == NULL) || (sk == NULL) || (in == NULL)) + if ((sk == NULL) || (in == NULL)) { SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE,ERR_R_MALLOC_FAILURE); goto err; @@ -655,6 +654,15 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file) { if (PEM_read_bio_X509(in,&x,NULL,NULL) == NULL) break; + if (ret == NULL) + { + ret = sk_X509_NAME_new_null(); + if (ret == NULL) + { + SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE,ERR_R_MALLOC_FAILURE); + goto err; + } + } if ((xn=X509_get_subject_name(x)) == NULL) goto err; /* check for duplicates */ xn=X509_NAME_dup(xn); @@ -677,6 +685,8 @@ err: if (sk != NULL) sk_X509_NAME_free(sk); if (in != NULL) BIO_free(in); if (x != NULL) X509_free(x); + if (ret != NULL) + ERR_clear_error(); return(ret); } #endif -- GitLab From bc1e96e9424bb248fe5131575ccf23082854adcc Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Wed, 1 Jun 2005 16:24:20 +0000 Subject: [PATCH 220/929] Synchronise yet a little more with the Unixly build --- crypto/crypto-lib.com | 1 + 1 file changed, 1 insertion(+) diff --git a/crypto/crypto-lib.com b/crypto/crypto-lib.com index c17ca19c66..f8de4736bb 100644 --- a/crypto/crypto-lib.com +++ b/crypto/crypto-lib.com @@ -214,6 +214,7 @@ $ LIB_BIO = "bio_lib,bio_cb,bio_err,"+ - "bss_file,bss_sock,bss_conn,"+ - "bf_null,bf_buff,b_print,b_dump,"+ - "b_sock,bss_acpt,bf_nbio,bss_rtcp,bss_bio,bss_log,"+ - + "bss_dgram,"+ - "bf_lbuf" $ LIB_STACK = "stack" $ LIB_LHASH = "lhash,lh_stats" -- GitLab From 460e80bd1d57071683c703662133985198355167 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Wed, 1 Jun 2005 22:14:41 +0000 Subject: [PATCH 221/929] Update from 0.9.7-stable --- crypto/rsa/rsa_pss.c | 30 +++++++++++++++++++++--------- 1 file changed, 21 insertions(+), 9 deletions(-) diff --git a/crypto/rsa/rsa_pss.c b/crypto/rsa/rsa_pss.c index a47035733d..5dcdb54603 100644 --- a/crypto/rsa/rsa_pss.c +++ b/crypto/rsa/rsa_pss.c @@ -71,13 +71,13 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash, { int i; int ret = 0; - int hLen, maskedDBLen, emBits, emLen; + int hLen, maskedDBLen, MSBits, emLen; const unsigned char *H; unsigned char *DB = NULL; EVP_MD_CTX ctx; unsigned char H_[EVP_MAX_MD_SIZE]; - emBits = BN_num_bits(rsa->n) - 1; - emLen = (emBits + 7) >> 3; + MSBits = (BN_num_bits(rsa->n) - 1) & 0x7; + emLen = RSA_size(rsa); hLen = EVP_MD_size(Hash); if (emLen < (hLen + sLen + 2)) { @@ -89,11 +89,16 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash, RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_LAST_OCTET_INVALID); goto err; } - if (EM[0] & (0xFF << (emBits & 0x7))) + if (EM[0] & (0xFF << MSBits)) { RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_FIRST_OCTET_INVALID); goto err; } + if (!MSBits) + { + EM++; + emLen--; + } maskedDBLen = emLen - hLen - 1; H = EM + maskedDBLen; DB = OPENSSL_malloc(maskedDBLen); @@ -105,7 +110,8 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash, PKCS1_MGF1(DB, maskedDBLen, H, hLen, Hash); for (i = 0; i < maskedDBLen; i++) DB[i] ^= EM[i]; - DB[0] &= 0xFF >> (8 - (emBits & 0x7)); + if (MSBits) + DB[0] &= 0xFF >> (8 - MSBits); for (i = 0; i < (emLen - hLen - sLen - 2); i++) { if (DB[i] != 0) @@ -150,11 +156,11 @@ int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM, { int i; int ret = 0; - int hLen, maskedDBLen, emBits, emLen; + int hLen, maskedDBLen, MSBits, emLen; unsigned char *H, *salt = NULL, *p; EVP_MD_CTX ctx; - emBits = BN_num_bits(rsa->n) - 1; - emLen = (emBits + 7) >> 3; + MSBits = (BN_num_bits(rsa->n) - 1) & 0x7; + emLen = RSA_size(rsa); hLen = EVP_MD_size(Hash); if (sLen < 0) sLen = 0; @@ -164,6 +170,11 @@ int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); goto err; } + if (MSBits == 0) + { + *EM++ = 0; + emLen--; + } if (sLen > 0) { salt = OPENSSL_malloc(sLen); @@ -203,7 +214,8 @@ int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM, for (i = 0; i < sLen; i++) *p++ ^= salt[i]; } - EM[0] &= 0xFF >> (8 - (emBits & 0x7)); + if (MSBits) + EM[0] &= 0xFF >> (8 - MSBits); /* H is already in place so just set final 0xbc */ -- GitLab From b0fb889c29a70ba292186a3dfd10fd4a1434a4d5 Mon Sep 17 00:00:00 2001 From: Nils Larsch Date: Wed, 1 Jun 2005 22:35:07 +0000 Subject: [PATCH 222/929] check return value --- crypto/rsa/rsa_lib.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index 7f1f94ee50..533a711eda 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -402,6 +402,11 @@ BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx) ret = BN_BLINDING_create_param(NULL, e, rsa->n, ctx, rsa->meth->bn_mod_exp, rsa->_method_mod_n); + if (ret == NULL) + { + RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_BN_LIB); + goto err; + } BN_BLINDING_set_thread_id(ret, CRYPTO_thread_id()); err: BN_CTX_end(ctx); -- GitLab From d28b7799dd116a1d8ebf8a2eef0dbd0481fd81fb Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 2 Jun 2005 17:26:17 +0000 Subject: [PATCH 223/929] handshake_write_seq is an unsigned short, so treat it like one --- ssl/d1_srvr.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c index c4118bb26f..6d07dd4792 100644 --- a/ssl/d1_srvr.c +++ b/ssl/d1_srvr.c @@ -1075,7 +1075,7 @@ int dtls1_send_certificate_request(SSL *s) d=(unsigned char *)buf->data; *(d++)=SSL3_MT_CERTIFICATE_REQUEST; l2n3(n,d); - l2n(s->d1->handshake_write_seq,d); + s2n(s->d1->handshake_write_seq,d); s->d1->handshake_write_seq++; /* we should now have things packed up, so lets send -- GitLab From 3d5afc8b83632c712d9ee62f6c5421a7fe5ace58 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Thu, 2 Jun 2005 18:29:21 +0000 Subject: [PATCH 224/929] PSS update [from 0.9.7]. --- crypto/rsa/rsa.h | 4 +-- crypto/rsa/rsa_err.c | 4 +-- crypto/rsa/rsa_pss.c | 85 +++++++++++++++++++++++++++++--------------- 3 files changed, 61 insertions(+), 32 deletions(-) diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h index 1f6131b42a..a1ca34760c 100644 --- a/crypto/rsa/rsa.h +++ b/crypto/rsa/rsa.h @@ -411,7 +411,7 @@ void ERR_load_RSA_strings(void); #define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 #define RSA_R_N_DOES_NOT_EQUAL_P_Q 127 #define RSA_R_OAEP_DECODING_ERROR 121 -#define RSA_R_ONE_CHECK_FAILED 135 +#define RSA_R_SLEN_RECOVERY_FAILED 135 #define RSA_R_PADDING_CHECK_FAILED 114 #define RSA_R_P_NOT_PRIME 128 #define RSA_R_Q_NOT_PRIME 129 @@ -421,7 +421,7 @@ void ERR_load_RSA_strings(void); #define RSA_R_UNKNOWN_ALGORITHM_TYPE 117 #define RSA_R_UNKNOWN_PADDING_TYPE 118 #define RSA_R_WRONG_SIGNATURE_LENGTH 119 -#define RSA_R_ZERO_CHECK_FAILED 136 +#define RSA_R_SLEN_CHECK_FAILED 136 #ifdef __cplusplus } diff --git a/crypto/rsa/rsa_err.c b/crypto/rsa/rsa_err.c index 48e8f39314..cfb1e908aa 100644 --- a/crypto/rsa/rsa_err.c +++ b/crypto/rsa/rsa_err.c @@ -141,7 +141,7 @@ static ERR_STRING_DATA RSA_str_reasons[]= {ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),"null before block missing"}, {ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q) ,"n does not equal p q"}, {ERR_REASON(RSA_R_OAEP_DECODING_ERROR) ,"oaep decoding error"}, -{ERR_REASON(RSA_R_ONE_CHECK_FAILED) ,"one check failed"}, +{ERR_REASON(RSA_R_SLEN_RECOVERY_FAILED) ,"salt length recovery failed"}, {ERR_REASON(RSA_R_PADDING_CHECK_FAILED) ,"padding check failed"}, {ERR_REASON(RSA_R_P_NOT_PRIME) ,"p not prime"}, {ERR_REASON(RSA_R_Q_NOT_PRIME) ,"q not prime"}, @@ -151,7 +151,7 @@ static ERR_STRING_DATA RSA_str_reasons[]= {ERR_REASON(RSA_R_UNKNOWN_ALGORITHM_TYPE),"unknown algorithm type"}, {ERR_REASON(RSA_R_UNKNOWN_PADDING_TYPE) ,"unknown padding type"}, {ERR_REASON(RSA_R_WRONG_SIGNATURE_LENGTH),"wrong signature length"}, -{ERR_REASON(RSA_R_ZERO_CHECK_FAILED) ,"zero check failed"}, +{ERR_REASON(RSA_R_SLEN_CHECK_FAILED) ,"salt length check failed"}, {0,NULL} }; diff --git a/crypto/rsa/rsa_pss.c b/crypto/rsa/rsa_pss.c index 5dcdb54603..2815628f5f 100644 --- a/crypto/rsa/rsa_pss.c +++ b/crypto/rsa/rsa_pss.c @@ -76,29 +76,44 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash, unsigned char *DB = NULL; EVP_MD_CTX ctx; unsigned char H_[EVP_MAX_MD_SIZE]; - MSBits = (BN_num_bits(rsa->n) - 1) & 0x7; - emLen = RSA_size(rsa); + hLen = EVP_MD_size(Hash); - if (emLen < (hLen + sLen + 2)) - { - RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_DATA_TOO_LARGE); - goto err; - } - if (EM[emLen - 1] != 0xbc) + /* + * Negative sLen has special meanings: + * -1 sLen == hLen + * -2 salt length is autorecovered from signature + * -N reserved + */ + if (sLen == -1) sLen = hLen; + else if (sLen == -2) sLen = -2; + else if (sLen < -2) { - RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_LAST_OCTET_INVALID); + RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_SLEN_CHECK_FAILED); goto err; } + + MSBits = (BN_num_bits(rsa->n) - 1) & 0x7; + emLen = RSA_size(rsa); if (EM[0] & (0xFF << MSBits)) { RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_FIRST_OCTET_INVALID); goto err; } - if (!MSBits) + if (MSBits == 0) { EM++; emLen--; } + if (emLen < (hLen + sLen + 2)) /* sLen can be small negative */ + { + RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_DATA_TOO_LARGE); + goto err; + } + if (EM[emLen - 1] != 0xbc) + { + RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_LAST_OCTET_INVALID); + goto err; + } maskedDBLen = emLen - hLen - 1; H = EM + maskedDBLen; DB = OPENSSL_malloc(maskedDBLen); @@ -112,26 +127,23 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash, DB[i] ^= EM[i]; if (MSBits) DB[0] &= 0xFF >> (8 - MSBits); - for (i = 0; i < (emLen - hLen - sLen - 2); i++) + for (i = 0; DB[i] == 0 && i < (maskedDBLen-1); i++) ; + if (DB[i++] != 0x1) { - if (DB[i] != 0) - { - RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, - RSA_R_ZERO_CHECK_FAILED); - goto err; - } + RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_SLEN_RECOVERY_FAILED); + goto err; } - if (DB[i] != 0x1) + if (sLen >= 0 && (maskedDBLen - i) != sLen) { - RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_ONE_CHECK_FAILED); + RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_SLEN_CHECK_FAILED); goto err; } EVP_MD_CTX_init(&ctx); EVP_DigestInit_ex(&ctx, Hash, NULL); EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes); EVP_DigestUpdate(&ctx, mHash, hLen); - if (sLen) - EVP_DigestUpdate(&ctx, DB + maskedDBLen - sLen, sLen); + if (maskedDBLen - i) + EVP_DigestUpdate(&ctx, DB + i, maskedDBLen - i); EVP_DigestFinal(&ctx, H_, NULL); EVP_MD_CTX_cleanup(&ctx); if (memcmp(H_, H, hLen)) @@ -159,22 +171,39 @@ int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM, int hLen, maskedDBLen, MSBits, emLen; unsigned char *H, *salt = NULL, *p; EVP_MD_CTX ctx; - MSBits = (BN_num_bits(rsa->n) - 1) & 0x7; - emLen = RSA_size(rsa); + hLen = EVP_MD_size(Hash); - if (sLen < 0) - sLen = 0; - if (emLen < (hLen + sLen + 2)) + /* + * Negative sLen has special meanings: + * -1 sLen == hLen + * -2 salt length is maximized + * -N reserved + */ + if (sLen == -1) sLen = hLen; + else if (sLen == -2) sLen = -2; + else if (sLen < -2) { - RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS, - RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS, RSA_R_SLEN_CHECK_FAILED); goto err; } + + MSBits = (BN_num_bits(rsa->n) - 1) & 0x7; + emLen = RSA_size(rsa); if (MSBits == 0) { *EM++ = 0; emLen--; } + if (sLen == -2) + { + sLen = emLen - hLen - 2; + } + else if (emLen < (hLen + sLen + 2)) + { + RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS, + RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + goto err; + } if (sLen > 0) { salt = OPENSSL_malloc(sLen); -- GitLab From 1cd76233d1b0f7d66af4b757201e39189e02e715 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Thu, 2 Jun 2005 20:09:43 +0000 Subject: [PATCH 225/929] Update CHANGES. --- CHANGES | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGES b/CHANGES index 0103d0c544..6a2671b6d0 100644 --- a/CHANGES +++ b/CHANGES @@ -806,6 +806,10 @@ Changes between 0.9.7g and 0.9.7h [XX xxx XXXX] + *) Minimal support for X9.31 signatures and PSS padding modes. This is + mainly for FIPS compliant and not fully integrated at this stage. + [Steve Henson] + *) For DSA signing, unless DSA_FLAG_NO_EXP_CONSTTIME is set, perform the exponentiation using a fixed-length exponent. (Otherwise, the information leaked through timing could expose the secret key -- GitLab From ab95eac2869983bdd4088005e0f849f82612ce57 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Thu, 2 Jun 2005 20:30:46 +0000 Subject: [PATCH 226/929] Typo. --- CHANGES | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGES b/CHANGES index 6a2671b6d0..e8d45af0d1 100644 --- a/CHANGES +++ b/CHANGES @@ -807,7 +807,7 @@ Changes between 0.9.7g and 0.9.7h [XX xxx XXXX] *) Minimal support for X9.31 signatures and PSS padding modes. This is - mainly for FIPS compliant and not fully integrated at this stage. + mainly for FIPS compliance and not fully integrated at this stage. [Steve Henson] *) For DSA signing, unless DSA_FLAG_NO_EXP_CONSTTIME is set, perform -- GitLab From cc4997843e159cadbf85abe0b8fb8db20ad4b574 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Thu, 2 Jun 2005 23:17:38 +0000 Subject: [PATCH 227/929] Update from head. --- doc/crypto/OPENSSL_config.pod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/crypto/OPENSSL_config.pod b/doc/crypto/OPENSSL_config.pod index 16600620cc..e7bba2aaca 100644 --- a/doc/crypto/OPENSSL_config.pod +++ b/doc/crypto/OPENSSL_config.pod @@ -35,7 +35,7 @@ calls OPENSSL_add_all_algorithms() by compiling an application with the preprocessor symbol B #define'd. In this way configuration can be added without source changes. -The environment variable B can be set to specify the location +The environment variable B can be set to specify the location of the configuration file. Currently ASN1 OBJECTs and ENGINE configuration can be performed future -- GitLab From bc5354cbf0a2ede3156c09a407c42652bcb4c8ec Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sat, 4 Jun 2005 08:44:08 +0000 Subject: [PATCH 228/929] The macro THREADS was changed to OPENSSL_THREADS a long time ago. PR: 1096 --- doc/crypto/threads.pod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/crypto/threads.pod b/doc/crypto/threads.pod index afa45cd76c..c7fca5a531 100644 --- a/doc/crypto/threads.pod +++ b/doc/crypto/threads.pod @@ -130,7 +130,7 @@ You can find out if OpenSSL was configured with thread support: #define OPENSSL_THREAD_DEFINES #include - #if defined(THREADS) + #if defined(OPENSSL_THREADS) // thread support enabled #else // no thread support -- GitLab From 266958bce7089a8edb040fa1dde247b1d1498d0d Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Sun, 5 Jun 2005 18:07:47 +0000 Subject: [PATCH 229/929] PROBLEMS to mention workarounds for ULTRIX build problems. PR: 1092 --- PROBLEMS | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/PROBLEMS b/PROBLEMS index 5e3ba06a2d..a4c6e338ce 100644 --- a/PROBLEMS +++ b/PROBLEMS @@ -134,3 +134,37 @@ Any information helping to solve this issue would be deeply appreciated. NOTE: building non-shared doesn't come with this problem. + +* ULTRIX build fails with shell errors, such as "bad substitution" + and "test: argument expected" + +The problem is caused by ULTRIX /bin/sh supporting only original +Bourne shell syntax/semantics, and the trouble is that the vast +majority is so accustomed to more modern syntax, that very few +people [if any] would recognize the ancient syntax even as valid. +This inevitably results in non-trivial scripts breaking on ULTRIX, +and OpenSSL isn't an exclusion. Fortunately there is workaround, +hire /bin/ksh to do the job /bin/sh fails to do. + +1. Trick make(1) to use /bin/ksh by setting up following environ- + ment variables *prior* you execute ./Configure and make: + + PROG_ENV=POSIX + MAKESHELL=/bin/ksh + export PROG_ENV MAKESHELL + + or if your shell is csh-compatible: + + setenv PROG_ENV POSIX + setenv MAKESHELL /bin/ksh + +2. Trick /bin/sh to use alternative expression evaluator. Create + following 'test' script for example in /tmp: + + #!/bin/ksh + ${0##*/} "$@" + + Then 'chmod a+x /tmp/test; ln /tmp/test /tmp/[' and *prepend* + your $PATH with chosen location, e.g. PATH=/tmp:$PATH. Alter- + natively just replace system /bin/test and /bin/[ with the + above script. -- GitLab From e2414b41add4a9e49efbe3e6773be0addc93ec6c Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sun, 5 Jun 2005 21:46:57 +0000 Subject: [PATCH 230/929] Updated support for NetWare, submitted by Verdon Walker . PR: 1098 --- Configure | 6 +-- INSTALL.NW | 14 +++---- Netware/do_tests.pl | 95 +++++++++++++++++++++++++-------------------- e_os.h | 6 +-- util/pl/netware.pl | 4 +- 5 files changed, 65 insertions(+), 60 deletions(-) diff --git a/Configure b/Configure index fa6baff4ea..de69757c5b 100755 --- a/Configure +++ b/Configure @@ -483,10 +483,10 @@ my %table=( # NetWare from David Ward (dsward@novell.com) - requires MetroWerks NLM development tools # netware-clib => legacy CLib c-runtime support -"netware-clib", "mwccnlm:::::${x86_gcc_opts}:::", +"netware-clib", "mwccnlm::::::BN_LLONG ${x86_gcc_opts}::", # netware-libc => LibC/NKS support -"netware-libc", "mwccnlm:::::BN_LLONG ${x86_gcc_opts}:::", -"netware-libc-gcc", "i586-netware-gcc:-nostdinc -I/ndk/libc/include -I/ndk/libc/include/winsock -DL_ENDIAN -DNETWARE_LIBC -DOPENSSL_SYSNAME_NETWARE -DTERMIO -O2 -Wall::::${x86_gcc_opts}:::", +"netware-libc", "mwccnlm::::::BN_LLONG ${x86_gcc_opts}::", +"netware-libc-gcc", "i586-netware-gcc:-nostdinc -I/ndk/libc/include -I/ndk/libc/include/winsock -DL_ENDIAN -DNETWARE_LIBC -DOPENSSL_SYSNAME_NETWARE -DTERMIO -O2 -Wall:::::BN_LLONG ${x86_gcc_opts}::", # DJGPP "DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall -DDEVRANDOM=\"/dev/urandom\\x24\":::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:", diff --git a/INSTALL.NW b/INSTALL.NW index 6ee02939c0..3dae72a144 100644 --- a/INSTALL.NW +++ b/INSTALL.NW @@ -95,7 +95,12 @@ following tools may be required: Microsoft SDK. Note: The winsock2.h support headers may change with various versions of winsock2.h. Check the dependencies section on the NDK WinSock2 download page for the latest - information on dependencies. + information on dependencies. These components are unsupported by + Novell. They are provided as a courtesy, but it is strongly + suggested that all development be done using LIBC, not CLIB. + + As of June 2005, the WinSock2 components are available at: + http://forgeftp.novell.com//ws2comp/ NLM and NetWare libraries for C (including CLIB and XPlat): @@ -288,13 +293,6 @@ The do_tests.pl script generates a log file "\openssl\test_out\tests.log" which should be reviewed for errors. Any errors will be denoted by the word "ERROR" in the log. -NOTE: Currently (11/2002), the LibC test nlms report an error while loading - when launched from the perl script (do_tests.pl). The problems are - being addressed by the LibC development team and should be fixed in the - next release. Until the problems are corrected, the LibC test nlms - will have to be executed manually. - - DEVELOPING WITH THE OPENSSL SDK: -------------------------------- Now that everything is built and tested, you are ready to use the OpenSSL diff --git a/Netware/do_tests.pl b/Netware/do_tests.pl index f4e11272d3..0be0838a13 100644 --- a/Netware/do_tests.pl +++ b/Netware/do_tests.pl @@ -42,8 +42,8 @@ sub main() encryption_tests(); pem_tests(); verify_tests(); - ssl_tests(); ca_tests(); + ssl_tests(); close(OUT); @@ -67,10 +67,17 @@ sub algorithm_tests foreach $i (@tests) { - $outFile = "$output_path\\$i.out"; - system("$i > $outFile"); - log_desc("Test: $i\.nlm:"); - log_output("", $outFile ); + if (-e "$base_path\\$i.nlm") + { + $outFile = "$output_path\\$i.out"; + system("$i > $outFile"); + log_desc("Test: $i\.nlm:"); + log_output("", $outFile ); + } + else + { + log_desc("Test: $i\.nlm: file not found"); + } } } @@ -246,61 +253,63 @@ sub verify_tests sub ssl_tests { my $outFile = "$output_path\\ssl_tst.out"; + my($CAcert) = "$output_path\\certCA.ss"; + my($Ukey) = "$output_path\\keyU.ss"; + my($Ucert) = "$output_path\\certU.ss"; + my($ssltest)= "ssltest -key $Ukey -cert $Ucert -c_key $Ukey -c_cert $Ucert -CAfile $CAcert"; print( "\nRUNNING SSL TESTS:\n\n"); print( OUT "\n========================================================\n"); print( OUT "SSL TESTS:\n\n"); - make_tmp_cert_file(); - system("ssltest -ssl2 >$outFile"); log_desc("Testing sslv2:"); log_output("ssltest -ssl2", $outFile); - system("ssltest -ssl2 -server_auth -CAfile $tmp_cert >$outFile"); + system("$ssltest -ssl2 -server_auth >$outFile"); log_desc("Testing sslv2 with server authentication:"); - log_output("ssltest -ssl2 -server_auth -CAfile $tmp_cert", $outFile); + log_output("$ssltest -ssl2 -server_auth", $outFile); - system("ssltest -ssl2 -client_auth -CAfile $tmp_cert >$outFile"); + system("$ssltest -ssl2 -client_auth >$outFile"); log_desc("Testing sslv2 with client authentication:"); - log_output("ssltest -ssl2 -client_auth -CAfile $tmp_cert", $outFile); + log_output("$ssltest -ssl2 -client_auth", $outFile); - system("ssltest -ssl2 -server_auth -client_auth -CAfile $tmp_cert >$outFile"); + system("$ssltest -ssl2 -server_auth -client_auth >$outFile"); log_desc("Testing sslv2 with both client and server authentication:"); - log_output("ssltest -ssl2 -server_auth -client_auth -CAfile $tmp_cert", $outFile); + log_output("$ssltest -ssl2 -server_auth -client_auth", $outFile); system("ssltest -ssl3 >$outFile"); log_desc("Testing sslv3:"); log_output("ssltest -ssl3", $outFile); - system("ssltest -ssl3 -server_auth -CAfile $tmp_cert >$outFile"); + system("$ssltest -ssl3 -server_auth >$outFile"); log_desc("Testing sslv3 with server authentication:"); - log_output("ssltest -ssl3 -server_auth -CAfile $tmp_cert", $outFile); + log_output("$ssltest -ssl3 -server_auth", $outFile); - system("ssltest -ssl3 -client_auth -CAfile $tmp_cert >$outFile"); + system("$ssltest -ssl3 -client_auth >$outFile"); log_desc("Testing sslv3 with client authentication:"); - log_output("ssltest -ssl3 -client_auth -CAfile $tmp_cert", $outFile); + log_output("$ssltest -ssl3 -client_auth", $outFile); - system("ssltest -ssl3 -server_auth -client_auth -CAfile $tmp_cert >$outFile"); + system("$ssltest -ssl3 -server_auth -client_auth >$outFile"); log_desc("Testing sslv3 with both client and server authentication:"); - log_output("ssltest -ssl3 -server_auth -client_auth -CAfile $tmp_cert", $outFile); + log_output("$ssltest -ssl3 -server_auth -client_auth", $outFile); system("ssltest >$outFile"); log_desc("Testing sslv2/sslv3:"); log_output("ssltest", $outFile); - system("ssltest -server_auth -CAfile $tmp_cert >$outFile"); + system("$ssltest -server_auth >$outFile"); log_desc("Testing sslv2/sslv3 with server authentication:"); - log_output("ssltest -server_auth -CAfile $tmp_cert", $outFile); + log_output("$ssltest -server_auth", $outFile); - system("ssltest -client_auth -CAfile $tmp_cert >$outFile"); + system("$ssltest -client_auth >$outFile"); log_desc("Testing sslv2/sslv3 with client authentication:"); - log_output("ssltest -client_auth -CAfile $tmp_cert", $outFile); + log_output("$ssltest -client_auth ", $outFile); - system("ssltest -server_auth -client_auth -CAfile $tmp_cert >$outFile"); + system("$ssltest -server_auth -client_auth >$outFile"); log_desc("Testing sslv2/sslv3 with both client and server authentication:"); - log_output("ssltest -server_auth -client_auth -CAfile $tmp_cert", $outFile); + log_output("$ssltest -server_auth -client_auth", $outFile); system("ssltest -bio_pair -ssl2 >$outFile"); log_desc("Testing sslv2 via BIO pair:"); @@ -310,49 +319,49 @@ sub ssl_tests log_desc("Testing sslv2/sslv3 with 1024 bit DHE via BIO pair:"); log_output("ssltest -bio_pair -dhe1024dsa -v", $outFile); - system("ssltest -bio_pair -ssl2 -server_auth -CAfile $tmp_cert >$outFile"); + system("$ssltest -bio_pair -ssl2 -server_auth >$outFile"); log_desc("Testing sslv2 with server authentication via BIO pair:"); - log_output("ssltest -bio_pair -ssl2 -server_auth -CAfile $tmp_cert", $outFile); + log_output("$ssltest -bio_pair -ssl2 -server_auth", $outFile); - system("ssltest -bio_pair -ssl2 -client_auth -CAfile $tmp_cert >$outFile"); + system("$ssltest -bio_pair -ssl2 -client_auth >$outFile"); log_desc("Testing sslv2 with client authentication via BIO pair:"); - log_output("ssltest -bio_pair -ssl2 -client_auth -CAfile $tmp_cert", $outFile); + log_output("$ssltest -bio_pair -ssl2 -client_auth", $outFile); - system("ssltest -bio_pair -ssl2 -server_auth -client_auth -CAfile $tmp_cert >$outFile"); + system("$ssltest -bio_pair -ssl2 -server_auth -client_auth >$outFile"); log_desc("Testing sslv2 with both client and server authentication via BIO pair:"); - log_output("ssltest -bio_pair -ssl2 -server_auth -client_auth -CAfile $tmp_cert", $outFile); + log_output("$ssltest -bio_pair -ssl2 -server_auth -client_auth", $outFile); system("ssltest -bio_pair -ssl3 >$outFile"); log_desc("Testing sslv3 via BIO pair:"); log_output("ssltest -bio_pair -ssl3", $outFile); - system("ssltest -bio_pair -ssl3 -server_auth -CAfile $tmp_cert >$outFile"); + system("$ssltest -bio_pair -ssl3 -server_auth >$outFile"); log_desc("Testing sslv3 with server authentication via BIO pair:"); - log_output("ssltest -bio_pair -ssl3 -server_auth -CAfile $tmp_cert", $outFile); + log_output("$ssltest -bio_pair -ssl3 -server_auth", $outFile); - system("ssltest -bio_pair -ssl3 -client_auth -CAfile $tmp_cert >$outFile"); + system("$ssltest -bio_pair -ssl3 -client_auth >$outFile"); log_desc("Testing sslv3 with client authentication via BIO pair:"); - log_output("ssltest -bio_pair -ssl3 -client_auth -CAfile $tmp_cert", $outFile); + log_output("$ssltest -bio_pair -ssl3 -client_auth", $outFile); - system("ssltest -bio_pair -ssl3 -server_auth -client_auth -CAfile $tmp_cert >$outFile"); + system("$ssltest -bio_pair -ssl3 -server_auth -client_auth >$outFile"); log_desc("Testing sslv3 with both client and server authentication via BIO pair:"); - log_output("ssltest -bio_pair -ssl3 -server_auth -client_auth -CAfile $tmp_cert", $outFile); + log_output("$ssltest -bio_pair -ssl3 -server_auth -client_auth", $outFile); system("ssltest -bio_pair >$outFile"); log_desc("Testing sslv2/sslv3 via BIO pair:"); log_output("ssltest -bio_pair", $outFile); - system("ssltest -bio_pair -server_auth -CAfile $tmp_cert >$outFile"); + system("$ssltest -bio_pair -server_auth >$outFile"); log_desc("Testing sslv2/sslv3 with server authentication via BIO pair:"); - log_output("ssltest -bio_pair -server_auth -CAfile $tmp_cert", $outFile); + log_output("$ssltest -bio_pair -server_auth", $outFile); - system("ssltest -bio_pair -client_auth -CAfile $tmp_cert >$outFile"); + system("$ssltest -bio_pair -client_auth >$outFile"); log_desc("Testing sslv2/sslv3 with client authentication via BIO pair:"); - log_output("ssltest -bio_pair -client_auth -CAfile $tmp_cert", $outFile); + log_output("$ssltest -bio_pair -client_auth", $outFile); - system("ssltest -bio_pair -server_auth -client_auth -CAfile $tmp_cert >$outFile"); + system("$ssltest -bio_pair -server_auth -client_auth >$outFile"); log_desc("Testing sslv2/sslv3 with both client and server authentication via BIO pair:"); - log_output("ssltest -bio_pair -server_auth -client_auth -CAfile $tmp_cert", $outFile); + log_output("$ssltest -bio_pair -server_auth -client_auth", $outFile); } diff --git a/e_os.h b/e_os.h index cf76632b1e..54982cee00 100644 --- a/e_os.h +++ b/e_os.h @@ -438,11 +438,7 @@ extern HINSTANCE _hInstance; # elif defined(OPENSSL_SYS_NETWARE) /* NetWare uses the WinSock2 interfaces */ -# if defined(NETWARE_CLIB) -# include -# elif defined(NETWARE_LIBC) -# include -# endif +# include # define SSLeay_Write(a,b,c) send((a),(b),(c),0) # define SSLeay_Read(a,b,c) recv((a),(b),(c),0) # define SHUTDOWN(fd) { shutdown((fd),0); closesocket(fd); } diff --git a/util/pl/netware.pl b/util/pl/netware.pl index 233612a911..2258a39920 100644 --- a/util/pl/netware.pl +++ b/util/pl/netware.pl @@ -82,10 +82,12 @@ else # paths for each subdirectory a recursive include directive # is used ( -ir crypto ). # +# A similar issue exists for the engines and apps subdirectories. +# # Turned off the "possible" warnings ( -w nopossible ). Metrowerks # complained a lot about various stuff. May want to turn back # on for further development. -$cflags="-ir crypto -msgstyle gcc -align 4 -processor pentium \\ +$cflags="-ir crypto -ir engines -ir apps -msgstyle gcc -align 4 -processor pentium \\ -char unsigned -w on -w nolargeargs -w nopossible -w nounusedarg \\ -w noimplicitconv -relax_pointers -nosyspath -DL_ENDIAN \\ -DOPENSSL_SYSNAME_NETWARE -U_WIN32 -maxerrors 20 "; -- GitLab From 8a41bcc9346e85c63ab83cd684ea8933a7f1def5 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sun, 5 Jun 2005 21:55:09 +0000 Subject: [PATCH 231/929] Old typo... PR: 1097 --- crypto/x509/x509_vfy.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 637e2b6142..a4a142cd01 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -1079,7 +1079,7 @@ int X509_cmp_time(ASN1_TIME *ctm, time_t *cmp_time) offset=0; else { - if ((*str != '+') && (str[5] != '-')) + if ((*str != '+') && (*str != '-')) return 0; offset=((str[1]-'0')*10+(str[2]-'0'))*60; offset+=(str[3]-'0')*10+(str[4]-'0'); -- GitLab From 2e3d79aaec8bb046923f90ee0aafa2fea915cae9 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sun, 5 Jun 2005 22:01:32 +0000 Subject: [PATCH 232/929] Add support for the new Intel compiler, icc. Submitted by Keith Thompson PR: 1095 --- Configure | 1 + 1 file changed, 1 insertion(+) diff --git a/Configure b/Configure index de69757c5b..b74426c5c3 100755 --- a/Configure +++ b/Configure @@ -327,6 +327,7 @@ my %table=( "linux-ppc64", "gcc:-bpowerpc64-linux -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::linux_ppc64.o::::::::::dlfcn:linux-shared:-fPIC:-bpowerpc64-linux:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "linux-ia64", "gcc:-DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", #### SPARC Linux setups # Ray Miller has patiently -- GitLab From ff7f34e353e125b77a3793e163d4226bc82cc770 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sun, 5 Jun 2005 22:09:21 +0000 Subject: [PATCH 233/929] Correct typo ia64.o -> bn-ia64.o. PR: 1094 --- Configure | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Configure b/Configure index b74426c5c3..33644473ce 100755 --- a/Configure +++ b/Configure @@ -119,7 +119,7 @@ my $x86_coff_asm="x86cpuid-cof.o:bn86-cof.o co86-cof.o:dx86-cof.o yx86-cof.o:ax8 my $x86_out_asm="x86cpuid-out.o:bn86-out.o co86-out.o:dx86-out.o yx86-out.o:ax86-out.o:bx86-out.o:mx86-out.o:sx86-out.o s512sse2-out.o:cx86-out.o:rx86-out.o:rm86-out.o:r586-out.o"; my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o::::md5-x86_64.o:::rc4-x86_64.o::"; -my $ia64_asm=":ia64.o::aes_core.o aes_cbc.o aes-ia64.o:::sha1-ia64.o sha256-ia64.o sha512-ia64.o::rc4-ia64.o::"; +my $ia64_asm=":bn-ia64.o::aes_core.o aes_cbc.o aes-ia64.o:::sha1-ia64.o sha256-ia64.o sha512-ia64.o::rc4-ia64.o::"; my $no_asm="::::::::::"; @@ -287,7 +287,7 @@ my %table=( # with debugging of the following config. "hpux64-ia64-cc","cc:-Ae +DD64 +O3 +Olit=all -z -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:+Z:+DD64 -b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # GCC builds... -"hpux-ia64-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT::ia64.o::aes-ia64.o:::sha256-ia64.o sha512-ia64.o::rc4-ia64.o:::dlfcn:hpux-shared:-fpic:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux-ia64-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT::bn-ia64.o::aes-ia64.o:::sha256-ia64.o sha512-ia64.o::rc4-ia64.o:::dlfcn:hpux-shared:-fpic:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "hpux64-ia64-gcc","gcc:-mlp64 -O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:-fpic:-mlp64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # Legacy HPUX 9.X configs... -- GitLab From bc6d459a6e3cde6f3c1bdf768dfcada258487bc0 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sun, 5 Jun 2005 22:19:34 +0000 Subject: [PATCH 234/929] gcc 2.95.3 on Ultrix supports long long. PR: 1091 --- Configure | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Configure b/Configure index 33644473ce..0b286fa3a1 100755 --- a/Configure +++ b/Configure @@ -494,7 +494,7 @@ my %table=( # Ultrix from Bernhard Simon "ultrix-cc","cc:-std1 -O -Olimit 2500 -DL_ENDIAN::(unknown):::::::", -"ultrix-gcc","gcc:-O3 -DL_ENDIAN::(unknown):::::::", +"ultrix-gcc","gcc:-O3 -DL_ENDIAN::(unknown):::BN_LLONG::::", # K&R C is no longer supported; you need gcc on old Ultrix installations ##"ultrix","cc:-O2 -DNOPROTO -DNOCONST -DL_ENDIAN::(unknown):::::::", -- GitLab From 7a6bb1725563a608e0be043bae21cb49347f8cd1 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sun, 5 Jun 2005 22:43:08 +0000 Subject: [PATCH 235/929] Change pq_compat.h to trust the macros defined by bn.h a bit more, and thereby provide better generic support for environments that do not have 64-bit integers. Among others, this should solve PR 1086 --- crypto/pqueue/pq_compat.h | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/crypto/pqueue/pq_compat.h b/crypto/pqueue/pq_compat.h index 2157a549da..776760a35a 100644 --- a/crypto/pqueue/pq_compat.h +++ b/crypto/pqueue/pq_compat.h @@ -63,14 +63,16 @@ /* * The purpose of this header file is for supporting 64-bit integer * manipulation on 32-bit (and lower) machines. Currently the only - * such environment is VMS. Other environments that do not natively - * support 64-bit integers can safely use the code developed for VMS. + * such environment is VMS, Utrix and those with smaller default integer + * sizes than 32 bits. For all such environment, we fall back to using + * BIGNUM. We may need to fine tune the conditions for systems that + * are incorrectly configured. * * The only clients of this code are (1) pqueue for priority, and * (2) DTLS, for sequence number manipulation. */ -#if defined(OPENSSL_SYS_VMS) || defined(VMS_TEST) +#if (defined(THIRTY_TWO_BIT) && !defined(BN_LLONG)) || defined(SIXTEEN_BIT) || defined(EIGHT_BIT) #define PQ_64BIT BIGNUM #define PQ_64BIT_CTX BN_CTX -- GitLab From af3ca7b4a92e8ea6047070c01d7ae1c960395310 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sun, 5 Jun 2005 23:15:29 +0000 Subject: [PATCH 236/929] Remove the incorrect installation of '%{openssldir}/lib'. PR: 1074 --- openssl.spec | 1 - 1 file changed, 1 deletion(-) diff --git a/openssl.spec b/openssl.spec index 3979cb85a8..c9c687366e 100644 --- a/openssl.spec +++ b/openssl.spec @@ -121,7 +121,6 @@ rm -rf $RPM_BUILD_ROOT %config %attr(0644,root,root) %{openssldir}/openssl.cnf %dir %attr(0755,root,root) %{openssldir}/certs -%dir %attr(0755,root,root) %{openssldir}/lib %dir %attr(0755,root,root) %{openssldir}/misc %dir %attr(0750,root,root) %{openssldir}/private -- GitLab From 830a468a2395dfc902f0f489b9cdfc0ac5fe6be4 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sun, 5 Jun 2005 23:25:51 +0000 Subject: [PATCH 237/929] Document the change and update the release number. --- openssl.spec | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/openssl.spec b/openssl.spec index c9c687366e..38426e3b4f 100644 --- a/openssl.spec +++ b/openssl.spec @@ -2,7 +2,7 @@ %define libmin 9 %define librel 8 #%define librev a -Release: 1 +Release: 2 %define openssldir /var/ssl @@ -145,6 +145,8 @@ ldconfig ldconfig %changelog +* Sun Jun 6 2005 Richard Levitte +- Remove the incorrect installation of '%{openssldir}/lib'. * Wed May 7 2003 Richard Levitte - Add /usr/lib/pkgconfig/openssl.pc to the development section. * Thu Mar 22 2001 Richard Levitte -- GitLab From 0fb4d54068e75192008b6a9ff376f9466adca277 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 6 Jun 2005 00:32:30 +0000 Subject: [PATCH 238/929] Further change pq_compat.h to generate the flag macros PQ_64BIT_IS_INTEGER and PQ_64BIT_IS_BIGNUM with the values 0 (for false) and 1 (for true), depending on which is true. Use those flags everywhere else to provide the correct implementation for handling certain operations in q PQ_64BIT. --- crypto/pqueue/pq_compat.h | 6 ++++++ crypto/pqueue/pqueue.c | 2 +- ssl/d1_pkt.c | 8 ++++---- 3 files changed, 11 insertions(+), 5 deletions(-) diff --git a/crypto/pqueue/pq_compat.h b/crypto/pqueue/pq_compat.h index 776760a35a..653845353d 100644 --- a/crypto/pqueue/pq_compat.h +++ b/crypto/pqueue/pq_compat.h @@ -74,6 +74,9 @@ #if (defined(THIRTY_TWO_BIT) && !defined(BN_LLONG)) || defined(SIXTEEN_BIT) || defined(EIGHT_BIT) +#define PQ_64BIT_IS_INTEGER 0 +#define PQ_64BIT_IS_BIGNUM 1 + #define PQ_64BIT BIGNUM #define PQ_64BIT_CTX BN_CTX @@ -102,6 +105,9 @@ #else +#define PQ_64BIT_IS_INTEGER 1 +#define PQ_64BIT_IS_BIGNUM 0 + #if defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG) #define PQ_64BIT BN_ULONG #elif defined(THIRTY_TWO_BIT) diff --git a/crypto/pqueue/pqueue.c b/crypto/pqueue/pqueue.c index 6ec5c6756c..e3eb836d45 100644 --- a/crypto/pqueue/pqueue.c +++ b/crypto/pqueue/pqueue.c @@ -199,7 +199,7 @@ pqueue_find(pqueue_s *pq, PQ_64BIT priority) return found; } -#if !(defined(OPENSSL_SYS_VMS) || defined(VMS_TEST)) +#if PQ_64BIT_IS_INTEGER void pqueue_print(pqueue_s *pq) { diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c index 77e1031a31..892b889708 100644 --- a/ssl/d1_pkt.c +++ b/ssl/d1_pkt.c @@ -135,7 +135,7 @@ static int dtls1_record_needs_buffering(SSL *s, SSL3_RECORD *rr, static int dtls1_buffer_record(SSL *s, record_pqueue *q, PQ_64BIT priority); static int dtls1_process_record(SSL *s); -#if !(defined(OPENSSL_SYS_VMS) || defined(VMS_TEST)) +#if PQ_64BIT_IS_INTEGER static PQ_64BIT bytes_to_long_long(unsigned char *bytes, PQ_64BIT *num); #endif static void dtls1_clear_timeouts(SSL *s); @@ -1453,7 +1453,7 @@ err: static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap, PQ_64BIT *seq_num) { -#if !(defined(OPENSSL_SYS_VMS) || defined(VMS_TEST)) +#if PQ_64BIT_IS_INTEGER PQ_64BIT mask = 0x0000000000000001L; #endif PQ_64BIT rcd_num, tmp; @@ -1483,7 +1483,7 @@ static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap, return 0; /* stale, outside the window */ } -#if (defined(OPENSSL_SYS_VMS) || defined(VMS_TEST)) +#if PQ_64BIT_IS_BIGNUM { int offset; pq_64bit_sub(&tmp, &(bitmap->max_seq_num), &rcd_num); @@ -1736,7 +1736,7 @@ dtls1_reset_seq_numbers(SSL *s, int rw) memset(seq, 0x00, seq_bytes); } -#if !(defined(OPENSSL_SYS_VMS) || defined(VMS_TEST)) +#if PQ_64BIT_IS_INTEGER static PQ_64BIT bytes_to_long_long(unsigned char *bytes, PQ_64BIT *num) { -- GitLab From fcd12fc0f13ea2f578260aafe357460b90b5e9ff Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 6 Jun 2005 00:39:18 +0000 Subject: [PATCH 239/929] Time to release 0.9.8 beta 4. The tag will be OpenSSL_0_9_8-beta4 --- README | 2 +- STATUS | 4 +++- crypto/opensslv.h | 4 ++-- 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/README b/README index 5b7c919d7f..9d932331f2 100644 --- a/README +++ b/README @@ -1,5 +1,5 @@ - OpenSSL 0.9.8-beta4-dev XX xxx XXXX + OpenSSL 0.9.8-beta4 06 Jun 2005 Copyright (c) 1998-2005 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson diff --git a/STATUS b/STATUS index dcd6486d79..7c526d5c0f 100644 --- a/STATUS +++ b/STATUS @@ -1,10 +1,12 @@ OpenSSL STATUS Last modified at - ______________ $Date: 2005/05/30 22:56:49 $ + ______________ $Date: 2005/06/06 00:39:18 $ DEVELOPMENT STATE o OpenSSL 0.9.9: Under development... + o OpenSSL 0.9.8-beta4: Released on June 6th, 2005 + linux-elf (Debian [unstable]) SUCCESS o OpenSSL 0.9.8-beta3: Released on May 31th, 2005 o OpenSSL 0.9.8-beta2: Released on May 24th, 2005 o OpenSSL 0.9.8-beta1: Released on May 19th, 2005 diff --git a/crypto/opensslv.h b/crypto/opensslv.h index 5478a09333..362271f9b4 100644 --- a/crypto/opensslv.h +++ b/crypto/opensslv.h @@ -27,9 +27,9 @@ */ #define OPENSSL_VERSION_NUMBER 0x00908004L #ifdef OPENSSL_FIPS -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-fips-beta4-dev XX xxx XXXX" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-fips-beta4 06 Jun 2005" #else -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-beta4-dev XX xxx XXXX" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-beta4 06 Jun 2005" #endif #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT -- GitLab From 6687f129880b8af4d8e8f70f1152c3c395fb37e7 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 6 Jun 2005 00:44:49 +0000 Subject: [PATCH 240/929] Now that tagging is done, we can continue working. --- README | 2 +- crypto/opensslv.h | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/README b/README index 9d932331f2..5b7c919d7f 100644 --- a/README +++ b/README @@ -1,5 +1,5 @@ - OpenSSL 0.9.8-beta4 06 Jun 2005 + OpenSSL 0.9.8-beta4-dev XX xxx XXXX Copyright (c) 1998-2005 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson diff --git a/crypto/opensslv.h b/crypto/opensslv.h index 362271f9b4..172cfd96cd 100644 --- a/crypto/opensslv.h +++ b/crypto/opensslv.h @@ -25,11 +25,11 @@ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -#define OPENSSL_VERSION_NUMBER 0x00908004L +#define OPENSSL_VERSION_NUMBER 0x00908005L #ifdef OPENSSL_FIPS -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-fips-beta4 06 Jun 2005" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-fips-beta5-dev XX xxx XXXX" #else -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-beta4 06 Jun 2005" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-beta4-dev XX xxx XXXX" #endif #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT -- GitLab From eb6a81baccfaa00345e0d2703b9ab37795ddda81 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Mon, 6 Jun 2005 08:36:31 +0000 Subject: [PATCH 241/929] Change mention of Makefile.ssl to Makefile. --- PROBLEMS | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/PROBLEMS b/PROBLEMS index a4c6e338ce..e553af6a3b 100644 --- a/PROBLEMS +++ b/PROBLEMS @@ -12,8 +12,8 @@ along the whole library path before it bothers looking for .a libraries. This means that -L switches won't matter unless OpenSSL is built with shared library support. -The workaround may be to change the following lines in apps/Makefile.ssl and -test/Makefile.ssl: +The workaround may be to change the following lines in apps/Makefile and +test/Makefile: LIBCRYPTO=-L.. -lcrypto LIBSSL=-L.. -lssl -- GitLab From 49e96badcf7f81bc538cb7540d9097c204f20ad5 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 6 Jun 2005 08:38:23 +0000 Subject: [PATCH 242/929] Skipping all tests just because one algorithm is disabled seems a bit harsch. PR: 1089 --- util/selftest.pl | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/util/selftest.pl b/util/selftest.pl index e9d5aa8938..736eacb11e 100644 --- a/util/selftest.pl +++ b/util/selftest.pl @@ -130,15 +130,21 @@ if (system("make 2>&1 | tee make.log") > 255) { goto err; } -$_=$options; -s/no-asm//; -s/no-shared//; -s/no-krb5//; -if (/no-/) -{ - print OUT "Test skipped.\n"; - goto err; -} +# Not sure why this is here. The tests themselves can detect if their +# particular feature isn't included, and should therefore skip themselves. +# To skip *all* tests just because one algorithm isn't included is like +# shooting mosquito with an elephant gun... +# -- Richard Levitte, inspired by problem report 1089 +# +#$_=$options; +#s/no-asm//; +#s/no-shared//; +#s/no-krb5//; +#if (/no-/) +#{ +# print OUT "Test skipped.\n"; +# goto err; +#} print "Running make test...\n"; if (system("make test 2>&1 | tee maketest.log") > 255) -- GitLab From 7844ff735f3ca58da9198c0f97c482086cccd008 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 6 Jun 2005 08:52:32 +0000 Subject: [PATCH 243/929] Pass INSTALL_PREFIX in BUILDENV. PR: 1100 --- Makefile.org | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Makefile.org b/Makefile.org index 89e074f5c9..0a284c6545 100644 --- a/Makefile.org +++ b/Makefile.org @@ -150,9 +150,10 @@ BUILDENV= PLATFORM='${PLATFORM}' PROCESSOR='${PROCESSOR}' \ CC='${CC}' CFLAG='${CFLAG}' \ AS='${CC}' ASFLAG='${CFLAG} -c' \ AR='${AR}' PERL='${PERL}' RANLIB='${RANLIB}' \ - SDIRS='${SDIRS}' LIBRPATH='${INSTALLTOP}/lib' \ + SDIRS='${SDIRS}' LIBRPATH='${INSTALLTOP}/lib' \ + INSTALL_PREFIX='${INSTALL_PREFIX}' \ INSTALLTOP='${INSTALLTOP}' OPENSSLDIR='${OPENSSLDIR}' \ - MAKEDEPEND='$${TOP}/util/domd $${TOP} -MD ${MAKEDEPPROG}'\ + MAKEDEPEND='$${TOP}/util/domd $${TOP} -MD ${MAKEDEPPROG}' \ DEPFLAG='-DOPENSSL_NO_DEPRECATED ${DEPFLAG}' \ MAKEDEPPROG='${MAKEDEPPROG}' \ LDFLAGS='${LDFLAGS}' SHARED_LDFLAGS='${SHARED_LDFLAGS}' \ -- GitLab From bd4e9b0512fd2923e4b3c9ccf754f5974c1b765c Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Mon, 6 Jun 2005 09:33:45 +0000 Subject: [PATCH 244/929] FAQ to mention no-sha512 as option for compilers without support for 64-bit integer type [from HEAD]. --- FAQ | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/FAQ b/FAQ index f3eeccd056..96e816cf7a 100644 --- a/FAQ +++ b/FAQ @@ -47,6 +47,7 @@ OpenSSL - Frequently Asked Questions * Why does the OpenSSL test suite fail in BN_sqr test [on a 64-bit platform]? * Why does OpenBSD-i386 build fail on des-586.s with "Unimplemented segment type"? * Why does the OpenSSL test suite fail in sha512t on x86 CPU? +* Why does compiler fail to compile sha512.c? [PROG] Questions about programming with OpenSSL @@ -607,6 +608,15 @@ Intel P4, under control of kernel which does not support SSE2 instruction extentions. See accompanying INSTALL file and OPENSSL_ia32cap(3) documentation page for further information. +* Why does compiler fail to compile sha512.c? + +OpenSSL SHA-512 implementation depends on compiler support for 64-bit +integer type. Few elder compilers [ULTRIX cc, SCO compiler to mention a +couple] lack support for this and therefore are incapable of compiling +the module in question. The recommendation is to disable SHA-512 by +adding no-sha512 to ./config [or ./Configure] command line. Another +possible alternative might be to switch to GCC. + [PROG] ======================================================================== * Is OpenSSL thread-safe? -- GitLab From 727c9b80278005e16b448ab505bccf16e73784b3 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Mon, 6 Jun 2005 12:05:12 +0000 Subject: [PATCH 245/929] Allow BIO_s_file to open and sequentially access files larger than 2GB on affected platforms. PR: 973 --- crypto/bio/bss_file.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/crypto/bio/bss_file.c b/crypto/bio/bss_file.c index dd17802f8f..ccc741556e 100644 --- a/crypto/bio/bss_file.c +++ b/crypto/bio/bss_file.c @@ -65,6 +65,24 @@ #ifndef HEADER_BSS_FILE_C #define HEADER_BSS_FILE_C +#if defined(__linux) || defined(__sun) || defined(__hpux) +/* Following definition aliases fopen to fopen64 on above mentioned + * platforms. This makes it possible to open and sequentially access + * files larger than 2GB from 32-bit application. It does not allow to + * traverse them beyond 2GB with fseek/ftell, but on the other hand *no* + * 32-bit platform permits that, not with fseek/ftell. Not to mention + * that breaking 2GB limit for seeking would require surgery to *our* + * API. But sequential access suffices for practical cases when you + * can run into large files, such as fingerprinting, so we can let API + * alone. For reference, the list of 32-bit platforms which allow for + * sequential access of large files without extra "magic" comprise *BSD, + * Darwin, IRIX... + */ +#ifndef _FILE_OFFSET_BITS +#define _FILE_OFFSET_BITS 64 +#endif +#endif + #include #include #include "cryptlib.h" -- GitLab From 39d29195a7c6fe7394137ea543d19edd28465de9 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Mon, 6 Jun 2005 22:41:50 +0000 Subject: [PATCH 246/929] Update from head. --- crypto/rsa/rsa_x931.c | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/crypto/rsa/rsa_x931.c b/crypto/rsa/rsa_x931.c index 7d77213d13..e918654176 100644 --- a/crypto/rsa/rsa_x931.c +++ b/crypto/rsa/rsa_x931.c @@ -115,9 +115,9 @@ int RSA_padding_check_X931(unsigned char *to, int tlen, return -1; } - j=flen-3; if (*p++ == 0x6B) { + j=flen-3; for (i = 0; i < j; i++) { unsigned char c = *p++; @@ -130,15 +130,17 @@ int RSA_padding_check_X931(unsigned char *to, int tlen, return -1; } } - } - j -= i; + j -= i; + + if (i == 0) + { + RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_PADDING); + return -1; + } - if (i == 0) - { - RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_PADDING); - return -1; } + else j = flen - 2; if (p[j] != 0xCC) { -- GitLab From 4e2a0e58f238a5706d971ea1e467242bf94e3f2c Mon Sep 17 00:00:00 2001 From: Nils Larsch Date: Wed, 8 Jun 2005 21:13:52 +0000 Subject: [PATCH 247/929] ssl_create_cipher_list should return an error if no cipher could be collected (see SSL_CTX_set_cipher_list manpage). Fix handling of "cipher1+cipher2" expressions in ssl_cipher_process_rulestr PR: 836 + 1005 --- ssl/ssl_ciph.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index fa4ba89990..038412a92c 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -740,9 +740,11 @@ static int ssl_cipher_process_rulestr(const char *rule_str, if (!found) break; /* ignore this entry */ - algorithms |= ca_list[j]->algorithms; + algorithms |= (ca_list[j]->algorithms & ~mask) | + (ca_list[j]->algorithms & algorithms & mask); mask |= ca_list[j]->mask; - algo_strength |= ca_list[j]->algo_strength; + algo_strength |= (ca_list[j]->algo_strength & ~mask_strength) | + (ca_list[j]->algo_strength & algorithms & mask_strength); mask_strength |= ca_list[j]->mask_strength; if (!multi) break; @@ -910,6 +912,13 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, } } OPENSSL_free(co_list); /* Not needed any longer */ + /* if no ciphers where selected let's return NULL */ + if (sk_SSL_CIPHER_num(cipherstack) == 0) + { + SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH); + sk_SSL_CIPHER_free(cipherstack); + return NULL; + } /* * The following passage is a little bit odd. If pointer variables -- GitLab From 004f16f6c4c047bef413caff07e197d895a4f9f0 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Wed, 8 Jun 2005 21:59:54 +0000 Subject: [PATCH 248/929] Avoid endless loops. Really, we were using the same variable for two different conditions... --- test/tverify.com | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/test/tverify.com b/test/tverify.com index 2060184d1e..021d701d79 100644 --- a/test/tverify.com +++ b/test/tverify.com @@ -8,22 +8,22 @@ $ copy/concatenate [-.certs]*.pem certs.tmp $ $ old_f := $ loop_certs: -$ c := NO +$ verify := NO +$ more := YES $ certs := $ loop_certs2: $ f = f$search("[-.certs]*.pem") $ if f .nes. "" .and. f .nes. old_f $ then $ certs = certs + " [-.certs]" + f$parse(f,,,"NAME") + ".pem" -$ c := YES +$ verify := YES $ if f$length(certs) .lt. 180 then goto loop_certs2 +$ else +$ more := NO $ endif $ certs = certs - " " $ -$ if c -$ then -$ mcr 'exe_dir'openssl verify "-CAfile" certs.tmp 'certs' -$ goto loop_certs -$ endif +$ if verify then mcr 'exe_dir'openssl verify "-CAfile" certs.tmp 'certs' +$ if more then goto loop_certs $ $ delete certs.tmp;* -- GitLab From 898d3ecce079668a39f7497aee511e721b62efe4 Mon Sep 17 00:00:00 2001 From: Nils Larsch Date: Wed, 8 Jun 2005 22:20:24 +0000 Subject: [PATCH 249/929] use "=" instead of "|=", fix typo --- ssl/ssl_ciph.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index 038412a92c..b071a6309f 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -740,11 +740,11 @@ static int ssl_cipher_process_rulestr(const char *rule_str, if (!found) break; /* ignore this entry */ - algorithms |= (ca_list[j]->algorithms & ~mask) | - (ca_list[j]->algorithms & algorithms & mask); + algorithms = (ca_list[j]->algorithms & ~mask) | + (ca_list[j]->algorithms & algorithms & mask); mask |= ca_list[j]->mask; - algo_strength |= (ca_list[j]->algo_strength & ~mask_strength) | - (ca_list[j]->algo_strength & algorithms & mask_strength); + algo_strength = (ca_list[j]->algo_strength & ~mask_strength) | + (ca_list[j]->algo_strength & algo_strength & mask_strength); mask_strength |= ca_list[j]->mask_strength; if (!multi) break; -- GitLab From 428759b3d4c75a1009cfba88d6458015108f3f90 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Thu, 9 Jun 2005 20:50:44 +0000 Subject: [PATCH 250/929] Allow for dso load by explicit path on HP-UX. --- crypto/dso/dso_dl.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/crypto/dso/dso_dl.c b/crypto/dso/dso_dl.c index fd1c758260..417abb6ea9 100644 --- a/crypto/dso/dso_dl.c +++ b/crypto/dso/dso_dl.c @@ -128,7 +128,8 @@ static int dl_load(DSO *dso) DSOerr(DSO_F_DL_LOAD,DSO_R_NO_FILENAME); goto err; } - ptr = shl_load(filename, BIND_IMMEDIATE|DYNAMIC_PATH, 0L); + ptr = shl_load(filename, BIND_IMMEDIATE | + (dso->flags&DSO_FLAG_NO_NAME_TRANSLATION?0:DYNAMIC_PATH), 0L); if(ptr == NULL) { DSOerr(DSO_F_DL_LOAD,DSO_R_LOAD_FAILED); -- GitLab From cac0d4ee6fc8e47a87a521b54fea1411c005e9a5 Mon Sep 17 00:00:00 2001 From: Nils Larsch Date: Fri, 10 Jun 2005 19:51:16 +0000 Subject: [PATCH 251/929] - let SSL_CTX_set_cipher_list and SSL_set_cipher_list return an error if the cipher list is empty - fix last commit in ssl_create_cipher_list - clean up ssl_create_cipher_list --- ssl/ssl.h | 2 ++ ssl/ssl_ciph.c | 73 ++++++++++++++++---------------------------------- ssl/ssl_err.c | 2 ++ ssl/ssl_lib.c | 32 +++++++++++++++++----- 4 files changed, 53 insertions(+), 56 deletions(-) diff --git a/ssl/ssl.h b/ssl/ssl.h index ea9a89762a..ab4626b2e7 100644 --- a/ssl/ssl.h +++ b/ssl/ssl.h @@ -1655,6 +1655,7 @@ void ERR_load_SSL_strings(void); #define SSL_F_SSL_CTRL 232 #define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168 #define SSL_F_SSL_CTX_NEW 169 +#define SSL_F_SSL_CTX_SET_CIPHER_LIST 1026 #define SSL_F_SSL_CTX_SET_PURPOSE 226 #define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219 #define SSL_F_SSL_CTX_SET_SSL_VERSION 170 @@ -1685,6 +1686,7 @@ void ERR_load_SSL_strings(void); #define SSL_F_SSL_SESSION_PRINT_FP 190 #define SSL_F_SSL_SESS_CERT_NEW 225 #define SSL_F_SSL_SET_CERT 191 +#define SSL_F_SSL_SET_CIPHER_LIST 1027 #define SSL_F_SSL_SET_FD 192 #define SSL_F_SSL_SET_PKEY 193 #define SSL_F_SSL_SET_PURPOSE 227 diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index b071a6309f..9493e2d85b 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -740,11 +740,18 @@ static int ssl_cipher_process_rulestr(const char *rule_str, if (!found) break; /* ignore this entry */ - algorithms = (ca_list[j]->algorithms & ~mask) | - (ca_list[j]->algorithms & algorithms & mask); + /* New algorithms: + * 1 - any old restrictions apply outside new mask + * 2 - any new restrictions apply outside old mask + * 3 - enforce old & new where masks intersect + */ + algorithms = (algorithms & ~ca_list[j]->mask) | /* 1 */ + (ca_list[j]->algorithms & ~mask) | /* 2 */ + (algorithms & ca_list[j]->algorithms); /* 3 */ mask |= ca_list[j]->mask; - algo_strength = (ca_list[j]->algo_strength & ~mask_strength) | - (ca_list[j]->algo_strength & algo_strength & mask_strength); + algo_strength = (algo_strength & ~ca_list[j]->mask_strength) | + (ca_list[j]->algo_strength & ~mask_strength) | + (algo_strength & ca_list[j]->algo_strength); mask_strength |= ca_list[j]->mask_strength; if (!multi) break; @@ -798,7 +805,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, { int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases; unsigned long disabled_mask; - STACK_OF(SSL_CIPHER) *cipherstack; + STACK_OF(SSL_CIPHER) *cipherstack, *tmp_cipher_list; const char *rule_p; CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr; SSL_CIPHER **ca_list = NULL; @@ -806,7 +813,8 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, /* * Return with error if nothing to do. */ - if (rule_str == NULL) return(NULL); + if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL) + return NULL; if (init_ciphers) { @@ -912,54 +920,19 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, } } OPENSSL_free(co_list); /* Not needed any longer */ - /* if no ciphers where selected let's return NULL */ - if (sk_SSL_CIPHER_num(cipherstack) == 0) - { - SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH); - sk_SSL_CIPHER_free(cipherstack); - return NULL; - } - /* - * The following passage is a little bit odd. If pointer variables - * were supplied to hold STACK_OF(SSL_CIPHER) return information, - * the old memory pointed to is free()ed. Then, however, the - * cipher_list entry will be assigned just a copy of the returned - * cipher stack. For cipher_list_by_id a copy of the cipher stack - * will be created. See next comment... - */ - if (cipher_list != NULL) - { - if (*cipher_list != NULL) - sk_SSL_CIPHER_free(*cipher_list); - *cipher_list = cipherstack; - } - - if (cipher_list_by_id != NULL) - { - if (*cipher_list_by_id != NULL) - sk_SSL_CIPHER_free(*cipher_list_by_id); - *cipher_list_by_id = sk_SSL_CIPHER_dup(cipherstack); - } - - /* - * Now it is getting really strange. If something failed during - * the previous pointer assignment or if one of the pointers was - * not requested, the error condition is met. That might be - * discussable. The strange thing is however that in this case - * the memory "ret" pointed to is "free()ed" and hence the pointer - * cipher_list becomes wild. The memory reserved for - * cipher_list_by_id however is not "free()ed" and stays intact. - */ - if ( (cipher_list_by_id == NULL) || - (*cipher_list_by_id == NULL) || - (cipher_list == NULL) || - (*cipher_list == NULL)) + tmp_cipher_list = sk_SSL_CIPHER_dup(cipherstack); + if (tmp_cipher_list == NULL) { sk_SSL_CIPHER_free(cipherstack); - return(NULL); + return NULL; } - + if (*cipher_list != NULL) + sk_SSL_CIPHER_free(*cipher_list); + *cipher_list = cipherstack; + if (*cipher_list_by_id != NULL) + sk_SSL_CIPHER_free(*cipher_list_by_id); + *cipher_list_by_id = tmp_cipher_list; sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp); return(cipherstack); diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index 4f44920cdd..282f1a6755 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -183,6 +183,7 @@ static ERR_STRING_DATA SSL_str_functs[]= {ERR_FUNC(SSL_F_SSL_CTRL), "SSL_ctrl"}, {ERR_FUNC(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY), "SSL_CTX_check_private_key"}, {ERR_FUNC(SSL_F_SSL_CTX_NEW), "SSL_CTX_new"}, +{ERR_FUNC(SSL_F_SSL_CTX_SET_CIPHER_LIST), "SSL_CTX_set_cipher_list"}, {ERR_FUNC(SSL_F_SSL_CTX_SET_PURPOSE), "SSL_CTX_set_purpose"}, {ERR_FUNC(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT), "SSL_CTX_set_session_id_context"}, {ERR_FUNC(SSL_F_SSL_CTX_SET_SSL_VERSION), "SSL_CTX_set_ssl_version"}, @@ -213,6 +214,7 @@ static ERR_STRING_DATA SSL_str_functs[]= {ERR_FUNC(SSL_F_SSL_SESSION_PRINT_FP), "SSL_SESSION_print_fp"}, {ERR_FUNC(SSL_F_SSL_SESS_CERT_NEW), "SSL_SESS_CERT_NEW"}, {ERR_FUNC(SSL_F_SSL_SET_CERT), "SSL_SET_CERT"}, +{ERR_FUNC(SSL_F_SSL_SET_CIPHER_LIST), "SSL_set_cipher_list"}, {ERR_FUNC(SSL_F_SSL_SET_FD), "SSL_set_fd"}, {ERR_FUNC(SSL_F_SSL_SET_PKEY), "SSL_SET_PKEY"}, {ERR_FUNC(SSL_F_SSL_SET_PURPOSE), "SSL_set_purpose"}, diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index d716d97c54..25efa29a57 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1153,8 +1153,21 @@ int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str) sk=ssl_create_cipher_list(ctx->method,&ctx->cipher_list, &ctx->cipher_list_by_id,str); -/* XXXX */ - return((sk == NULL)?0:1); + /* ssl_create_cipher_list may return an empty stack if it + * was unable to find a cipher matching the given rule string + * (for example if the rule string specifies a cipher which + * has been disabled). This is not an error as far as + * ssl_create_cipher_list is concerned, and hence + * ctx->cipher_list and ctx->cipher_list_by_id has been + * updated. */ + if (sk == NULL) + return 0; + else if (sk_SSL_CIPHER_num(sk) == 0) + { + SSLerr(SSL_F_SSL_CTX_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH); + return 0; + } + return 1; } /** specify the ciphers to be used by the SSL */ @@ -1164,8 +1177,15 @@ int SSL_set_cipher_list(SSL *s,const char *str) sk=ssl_create_cipher_list(s->ctx->method,&s->cipher_list, &s->cipher_list_by_id,str); -/* XXXX */ - return((sk == NULL)?0:1); + /* see comment in SSL_CTX_set_cipher_list */ + if (sk == NULL) + return 0; + else if (sk_SSL_CIPHER_num(sk) == 0) + { + SSLerr(SSL_F_SSL_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH); + return 0; + } + return 1; } /* works well for SSLv2, not so good for SSLv3 */ @@ -1377,8 +1397,8 @@ SSL_CTX *SSL_CTX_new(SSL_METHOD *meth) ret->default_passwd_callback=0; ret->default_passwd_callback_userdata=NULL; ret->client_cert_cb=0; - ret->app_gen_cookie_cb=0; - ret->app_verify_cookie_cb=0; + ret->app_gen_cookie_cb=0; + ret->app_verify_cookie_cb=0; ret->sessions=lh_new(LHASH_HASH_FN(SSL_SESSION_hash), LHASH_COMP_FN(SSL_SESSION_cmp)); -- GitLab From 5e88347e1bac60977d0eef36758bb7511a8bd7c7 Mon Sep 17 00:00:00 2001 From: Nils Larsch Date: Sun, 12 Jun 2005 10:32:11 +0000 Subject: [PATCH 252/929] replace the deprecated "-m486" gcc option with "-march=i486" PR: 1049 --- Configure | 14 +++++++------- TABLE | 15 +++++++-------- 2 files changed, 14 insertions(+), 15 deletions(-) diff --git a/Configure b/Configure index 0b286fa3a1..a67a98ef1a 100755 --- a/Configure +++ b/Configure @@ -164,8 +164,8 @@ my %table=( "debug-geoff","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "debug-linux-pentium","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentium -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn", "debug-linux-ppro","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentiumpro -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn", -"debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT::-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -march=i486 -Wall::-D_REENTRANT::-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -march=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "dist", "cc:-O::(unknown)::::::", # Basic configs that should work on any (32 and less bit) box @@ -184,7 +184,7 @@ my %table=( # surrounds it with #APP #NO_APP comment pair which (at least Solaris # 7_x86) /usr/ccs/bin/as fails to assemble with "Illegal mnemonic" # error message. -"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DOPENSSL_NO_INLINE_ASM::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -march=i486 -Wall -DL_ENDIAN -DOPENSSL_NO_INLINE_ASM::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # -shared -static-libgcc might appear controversial, but modules taken # from static libgcc do not have relocations and linking them into our # shared objects doesn't have any negative side-effects. On the contrary, @@ -320,7 +320,7 @@ my %table=( #### IA-32 targets... "linux-ia32-icc", "icc:-DL_ENDIAN -DTERMIO -O2 -no_cpprt::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}", +"linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}", #### "linux-generic64","gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # -bpowerpc64-linux is transient option, -m64 should be the one to use... @@ -371,7 +371,7 @@ my %table=( "BSD-ia64", "gcc:-DL_ENDIAN -DTERMIOS -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "BSD-x86_64", "gcc:-DL_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"bsdi-elf-gcc", "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"bsdi-elf-gcc", "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall::(unknown)::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "nextstep", "cc:-O -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::", "nextstep3.3", "cc:-O3 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::", @@ -398,7 +398,7 @@ my %table=( "unixware-2.0","cc:-DFILIO_H -DNO_STRINGS_H::-Kthread::-lsocket -lnsl -lresolv -lx:${x86_gcc_des} ${x86_gcc_opts}:::", "unixware-2.1","cc:-O -DFILIO_H::-Kthread::-lsocket -lnsl -lresolv -lx:${x86_gcc_des} ${x86_gcc_opts}:::", "unixware-7","cc:-O -DFILIO_H -Kalloca::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}:${x86_elf_asm}:dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"unixware-7-gcc","gcc:-DL_ENDIAN -DFILIO_H -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:gnu-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"unixware-7-gcc","gcc:-DL_ENDIAN -DFILIO_H -O3 -fomit-frame-pointer -march=i486 -Wall::-D_REENTRANT::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:gnu-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "OpenUNIX-8","cc:-O -DFILIO_H -Kalloca::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}:${x86_elf_asm}:dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "OpenUNIX-8-gcc","gcc:-O -DFILIO_H -fomit-frame-pointer::-pthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}:${x86_elf_asm}:dlfcn:svr5-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # SCO 5 - Ben Laurie says the -O breaks the SCO cc. @@ -511,7 +511,7 @@ my %table=( "newsos4-gcc","gcc:-O -DB_ENDIAN::(unknown):NEWS4:-lmld -liberty:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::", ##### GNU Hurd -"hurd-x86", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC", +"hurd-x86", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -march=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC", ##### OS/2 EMX "OS2-EMX", "gcc::::::::", diff --git a/TABLE b/TABLE index d275737486..497efe1d81 100644 --- a/TABLE +++ b/TABLE @@ -1,4 +1,3 @@ -Output of `Configure TABLE': *** BC-32 $cc = bcc32 @@ -866,7 +865,7 @@ $arflags = *** bsdi-elf-gcc $cc = gcc -$cflags = -DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall +$cflags = -DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall $unistd = $thread_cflag = (unknown) $sys_id = @@ -1433,7 +1432,7 @@ $arflags = *** debug-linux-elf $cc = gcc -$cflags = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall +$cflags = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -march=i486 -Wall $unistd = $thread_cflag = -D_REENTRANT $sys_id = @@ -1460,7 +1459,7 @@ $arflags = *** debug-linux-elf-noefence $cc = gcc -$cflags = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall +$cflags = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -march=i486 -Wall $unistd = $thread_cflag = -D_REENTRANT $sys_id = @@ -2324,7 +2323,7 @@ $arflags = *** hurd-x86 $cc = gcc -$cflags = -DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall +$cflags = -DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -march=i486 -Wall $unistd = $thread_cflag = -D_REENTRANT $sys_id = @@ -2621,7 +2620,7 @@ $arflags = *** linux-aout $cc = gcc -$cflags = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall +$cflags = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -Wall $unistd = $thread_cflag = (unknown) $sys_id = @@ -3593,7 +3592,7 @@ $arflags = *** solaris-x86-gcc $cc = gcc -$cflags = -O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DOPENSSL_NO_INLINE_ASM +$cflags = -O3 -fomit-frame-pointer -march=i486 -Wall -DL_ENDIAN -DOPENSSL_NO_INLINE_ASM $unistd = $thread_cflag = -D_REENTRANT $sys_id = @@ -3944,7 +3943,7 @@ $arflags = *** unixware-7-gcc $cc = gcc -$cflags = -DL_ENDIAN -DFILIO_H -O3 -fomit-frame-pointer -m486 -Wall +$cflags = -DL_ENDIAN -DFILIO_H -O3 -fomit-frame-pointer -march=i486 -Wall $unistd = $thread_cflag = -D_REENTRANT $sys_id = -- GitLab From 24f6ab73a7f701e07bfd1c6bc1731b21eea5a966 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 13 Jun 2005 02:38:13 +0000 Subject: [PATCH 253/929] Show what the offending target was. PR: 1108 --- Configure | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Configure b/Configure index a67a98ef1a..22eb550ffa 100755 --- a/Configure +++ b/Configure @@ -761,7 +761,7 @@ PROCESS_ARGS: } else { - die "target already defined - $target\n" if ($target ne ""); + die "target already defined - $target (offending arg: $_)\n" if ($target ne ""); $target=$_; } -- GitLab From cbcbd07da2d9d73df4f73e0fa406ac8711ec3b59 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 13 Jun 2005 03:21:01 +0000 Subject: [PATCH 254/929] Netware patch submitted by Verdon Walker" in PR 1107. He says: This is a followup to the NetWare patch that was applied to beta3. It does the following: - Fixes a problem in the CLib build with undefined symbols. - Adds the ability to use BSD sockets as the default for the OpenSSL socket BIO. NetWare supports 2 flavors of sockets and our Apache developers need BSD sockets as a configurable option when building OpenSSL. This adds that for them. - Updates to the INSTALL.NW file to explain new options. I have tried very hard to make sure all the changes are in NetWare specific files or guarded carefully to make sure they only impact NetWare builds. I have tested the Windows build to make sure it does not break that since we have made changes to mk1mf.pl. We are still working the gcc cross compile for NetWare issue and hope to have a patch for that before beta 6 is released. --- Configure | 5 ++++- INSTALL.NW | 22 ++++++++++++++++------ Netware/build.bat | 17 +++++++++++------ apps/s_socket.c | 14 +++++++++----- crypto/bio/b_sock.c | 9 ++++++--- e_os.h | 20 ++++++++++++++++++-- util/mk1mf.pl | 11 +++++++---- util/pl/netware.pl | 20 ++++++++++++++++---- 8 files changed, 87 insertions(+), 31 deletions(-) diff --git a/Configure b/Configure index 22eb550ffa..934d36f3c9 100755 --- a/Configure +++ b/Configure @@ -486,7 +486,10 @@ my %table=( # netware-clib => legacy CLib c-runtime support "netware-clib", "mwccnlm::::::BN_LLONG ${x86_gcc_opts}::", # netware-libc => LibC/NKS support +# NetWare defaults socket bio to WinSock sockets. However, the LibC build can be +# configured to use BSD sockets instead. "netware-libc", "mwccnlm::::::BN_LLONG ${x86_gcc_opts}::", +"netware-libc-bsdsock", "mwccnlm::::::BN_LLONG ${x86_gcc_opts}::", "netware-libc-gcc", "i586-netware-gcc:-nostdinc -I/ndk/libc/include -I/ndk/libc/include/winsock -DL_ENDIAN -DNETWARE_LIBC -DOPENSSL_SYSNAME_NETWARE -DTERMIO -O2 -Wall:::::BN_LLONG ${x86_gcc_opts}::", # DJGPP @@ -530,7 +533,7 @@ my %table=( my @MK1MF_Builds=qw(VC-WIN64I VC-WIN64A VC-NT VC-CE VC-WIN32 - BC-32 OS2-EMX netware-clib netware-libc); + BC-32 OS2-EMX netware-clib netware-libc netware-libc-bsdsock); my $idx = 0; my $idx_cc = $idx++; diff --git a/INSTALL.NW b/INSTALL.NW index 3dae72a144..92715cbbf3 100644 --- a/INSTALL.NW +++ b/INSTALL.NW @@ -32,6 +32,10 @@ The necessary LibC functionality ships with NetWare 6. However, earlier NetWare 5.x versions will require updates in order to run the OpenSSL LibC build. +As of June 2005, the LibC build can be configured to use BSD sockets instead +of WinSock sockets. Call Configure (usually through netware\build.bat) using +a target of "netware-libc-bsdsock" instead of "netware-libc". + REQUIRED TOOLS: --------------- @@ -126,7 +130,8 @@ following tools may be required: NOTE: The LibC SDK includes the necessary WinSock2 support. It It is not necessary to download the WinSock2 Developer when building - for LibC. + for LibC. The LibC SDK also includes the appropriate BSD socket support + if configuring to use BSD sockets. BUILDING: @@ -177,8 +182,9 @@ the assembly code. Always run build.bat from the "openssl" directory. netware\build [target] [debug opts] [assembly opts] [configure opts] - target - "netware-clib" - CLib NetWare build - - "netware-libc" - LibC NetWare build + target - "netware-clib" - CLib NetWare build (WinSock Sockets) + - "netware-libc" - LibC NetWare build (WinSock Sockets) + - "netware-libc-bsdsock" - LibC NetWare build (BSD Sockets) debug opts - "debug" - build debug @@ -197,25 +203,29 @@ the assembly code. Always run build.bat from the "openssl" directory. LibC build, non-debug, using NASM assembly: netware\build.bat netware-libc nw-nasm + LibC build, BSD sockets, non-debug, without assembly: + netware\build.bat netware-libc-bsdsock no-asm + Running build.bat generates a make file to be processed by your make tool (gmake or nmake): - CLIB ex: gmake -f netware\nlm_clib.mak + CLIB ex: gmake -f netware\nlm_clib_dbg.mak LibC ex: gmake -f netware\nlm_libc.mak + LibC ex: gmake -f netware\nlm_libc_bsdsock.mak You can also run the build scripts manually if you do not want to use the build.bat file. Run the following scripts in the "\openssl" subdirectory (in the order listed below): - perl configure no-asm [other config opts] [netware-clib|netware-libc] + perl configure no-asm [other config opts] [netware-clib|netware-libc|netware-libc-bsdsock] configures no assembly build for specified netware environment (CLIB or LibC). perl util\mkfiles.pl >MINFO generates a listing of source files (used by mk1mf) - perl util\mk1mf.pl no-asm [other config opts] [netware-clib|netware-libc >netware\nlm.mak + perl util\mk1mf.pl no-asm [other config opts] [netware-clib|netware-libc|netware-libc-bsdsock >netware\nlm.mak generates the makefile for NetWare gmake -f netware\nlm.mak diff --git a/Netware/build.bat b/Netware/build.bat index ee73da4dff..50ee7d51d0 100644 --- a/Netware/build.bat +++ b/Netware/build.bat @@ -6,14 +6,15 @@ rem rem usage: rem build [target] [debug opts] [assembly opts] [configure opts] rem -rem target - "netware-clib" - CLib NetWare build -rem - "netware-libc" - LibC NKS NetWare build +rem target - "netware-clib" - CLib NetWare build (WinSock Sockets) +rem - "netware-libc" - LibC NKS NetWare build (WinSock Sockets) +rem - "netware-libc-bsdsock" - LibC NKS NetWare build (BSD Sockets) rem rem debug opts - "debug" - build debug rem rem assembly opts - "nw-mwasm" - use Metrowerks assembler -rem "nw-nasm" - use NASM assembler -rem "no-asm" - don't use assembly +rem - "nw-nasm" - use NASM assembler +rem - "no-asm" - don't use assembly rem rem configure opts- all unrecognized arguments are passed to the rem perl configure script @@ -76,6 +77,8 @@ if "%1" == "netware-clib" set BLD_TARGET=netware-clib if "%1" == "netware-clib" set ARG_PROCESSED=YES if "%1" == "netware-libc" set BLD_TARGET=netware-libc if "%1" == "netware-libc" set ARG_PROCESSED=YES +if "%1" == "netware-libc-bsdsock" set BLD_TARGET=netware-libc-bsdsock +if "%1" == "netware-libc-bsdsock" set ARG_PROCESSED=YES rem If we didn't recognize the argument, consider it an option for config if "%ARG_PROCESSED%" == "NO" set CONFIG_OPTS=%CONFIG_OPTS% %1 @@ -92,6 +95,7 @@ rem build the nlm make file name which includes target and debug info set NLM_MAKE= if "%BLD_TARGET%" == "netware-clib" set NLM_MAKE=netware\nlm_clib if "%BLD_TARGET%" == "netware-libc" set NLM_MAKE=netware\nlm_libc +if "%BLD_TARGET%" == "netware-libc-bsdsock" set NLM_MAKE=netware\nlm_libc_bsdsock if "%DEBUG%" == "" set NLM_MAKE=%NLM_MAKE%.mak if "%DEBUG%" == "debug" set NLM_MAKE=%NLM_MAKE%_dbg.mak @@ -184,8 +188,9 @@ echo . No build target specified!!! echo . echo . usage: build [target] [debug opts] [assembly opts] [configure opts] echo . -echo . target - "netware-clib" - CLib NetWare build -echo . - "netware-libc" - LibC NKS NetWare build +echo . target - "netware-clib" - CLib NetWare build (WinSock Sockets) +echo . - "netware-libc" - LibC NKS NetWare build (WinSock Sockets) +echo . - "netware-libc-bsdsock" - LibC NKS NetWare build (BSD Sockets) echo . echo . debug opts - "debug" - build debug echo . diff --git a/apps/s_socket.c b/apps/s_socket.c index c022585978..4a922e16a0 100644 --- a/apps/s_socket.c +++ b/apps/s_socket.c @@ -87,8 +87,12 @@ typedef unsigned int u_int; #ifndef OPENSSL_NO_SOCK +#if defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_BSDSOCK) +#include "netdb.h" +#endif + static struct hostent *GetHostByName(char *name); -#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_NETWARE) +#if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)) static void ssl_sock_cleanup(void); #endif static int ssl_sock_init(void); @@ -104,7 +108,7 @@ static int host_ip(char *str, unsigned char ip[4]); #define SOCKET_PROTOCOL IPPROTO_TCP #endif -#ifdef OPENSSL_SYS_NETWARE +#if defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK) static int wsa_init_done=0; #endif @@ -156,7 +160,7 @@ static void ssl_sock_cleanup(void) WSACleanup(); } } -#elif defined(OPENSSL_SYS_NETWARE) +#elif defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK) static void sock_cleanup(void) { if (wsa_init_done) @@ -199,7 +203,7 @@ static int ssl_sock_init(void) SetWindowLong(topWnd,GWL_WNDPROC,(LONG)lpTopHookProc); #endif /* OPENSSL_SYS_WIN16 */ } -#elif defined(OPENSSL_SYS_NETWARE) +#elif defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK) WORD wVerReq; WSADATA wsaData; int err; @@ -398,7 +402,7 @@ redoit: ret=accept(acc_sock,(struct sockaddr *)&from,(void *)&len); if (ret == INVALID_SOCKET) { -#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_NETWARE) +#if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)) i=WSAGetLastError(); BIO_printf(bio_err,"accept error %d\n",i); #else diff --git a/crypto/bio/b_sock.c b/crypto/bio/b_sock.c index 268517fdc3..4b3860b991 100644 --- a/crypto/bio/b_sock.c +++ b/crypto/bio/b_sock.c @@ -62,6 +62,9 @@ #define USE_SOCKETS #include "cryptlib.h" #include +#if defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_BSDSOCK) +#include "netdb.h" +#endif #ifndef OPENSSL_NO_SOCK @@ -79,7 +82,7 @@ #define MAX_LISTEN 32 #endif -#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_NETWARE) +#if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)) static int wsa_init_done=0; #endif @@ -474,7 +477,7 @@ int BIO_sock_init(void) return (-1); #endif -#if defined(OPENSSL_SYS_NETWARE) +#if defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK) WORD wVerReq; WSADATA wsaData; int err; @@ -512,7 +515,7 @@ void BIO_sock_cleanup(void) #endif WSACleanup(); } -#elif defined(OPENSSL_SYS_NETWARE) +#elif defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK) if (wsa_init_done) { wsa_init_done=0; diff --git a/e_os.h b/e_os.h index 54982cee00..06e1fe2979 100644 --- a/e_os.h +++ b/e_os.h @@ -182,10 +182,18 @@ extern "C" { #define readsocket(s,b,n) read((s),(b),(n)) #define writesocket(s,b,n) write((s),(char *)(b),(n)) #elif defined(OPENSSL_SYS_NETWARE) +#if defined(NETWARE_BSDSOCK) +#define get_last_socket_error() errno +#define clear_socket_error() errno=0 +#define closesocket(s) close(s) +#define readsocket(s,b,n) recv((s),(b),(n),0) +#define writesocket(s,b,n) send((s),(b),(n),0) +#else #define get_last_socket_error() WSAGetLastError() #define clear_socket_error() WSASetLastError(0) #define readsocket(s,b,n) recv((s),(b),(n),0) #define writesocket(s,b,n) send((s),(b),(n),0) +#endif #else #define get_last_socket_error() errno #define clear_socket_error() errno=0 @@ -436,9 +444,17 @@ extern HINSTANCE _hInstance; # define SHUTDOWN2(fd) MacSocket_close(fd) # elif defined(OPENSSL_SYS_NETWARE) - /* NetWare uses the WinSock2 interfaces + /* NetWare uses the WinSock2 interfaces by default, but can be configured for BSD */ -# include +# if defined(NETWARE_BSDSOCK) +# include +# include +# include +# include +# define INVALID_SOCKET (int)(~0) +# else +# include +# endif # define SSLeay_Write(a,b,c) send((a),(b),(c),0) # define SSLeay_Read(a,b,c) recv((a),(b),(c),0) # define SHUTDOWN(fd) { shutdown((fd),0); closesocket(fd); } diff --git a/util/mk1mf.pl b/util/mk1mf.pl index 5d16b5839e..fa0fbe3673 100755 --- a/util/mk1mf.pl +++ b/util/mk1mf.pl @@ -33,8 +33,9 @@ $infile="MINFO"; "ultrix-mips","DEC mips ultrix", "FreeBSD","FreeBSD distribution", "OS2-EMX", "EMX GCC OS/2", - "netware-clib", "CodeWarrior for NetWare - CLib", - "netware-libc", "CodeWarrior for NetWare - LibC", + "netware-clib", "CodeWarrior for NetWare - CLib - with WinSock Sockets", + "netware-libc", "CodeWarrior for NetWare - LibC - with WinSock Sockets", + "netware-libc-bsdsock", "CodeWarrior for NetWare - LibC - with BSD Sockets", "default","cc under unix", ); @@ -163,9 +164,11 @@ elsif ($platform eq "OS2-EMX") $wc=1; require 'OS2-EMX.pl'; } -elsif (($platform eq "netware-clib") || ($platform eq "netware-libc")) +elsif (($platform eq "netware-clib") || ($platform eq "netware-libc") || + ($platform eq "netware-libc-bsdsock")) { - $LIBC=1 if $platform eq "netware-libc"; + $LIBC=1 if $platform eq "netware-libc" || $platform eq "netware-libc-bsdsock"; + $BSDSOCK=1 if $platform eq "netware-libc-bsdsock"; require 'netware.pl'; } else diff --git a/util/pl/netware.pl b/util/pl/netware.pl index 2258a39920..c05789b22f 100644 --- a/util/pl/netware.pl +++ b/util/pl/netware.pl @@ -2,19 +2,25 @@ # # The import files and other misc imports needed to link +@misc_imports = ("GetProcessSwitchCount", "RunningProcess", + "GetSuperHighResolutionTimer"); if ($LIBC) { - @import_files = ("libc.imp", "ws2nlm.imp"); + @import_files = ("libc.imp"); @module_files = ("libc"); } else { # clib build - @import_files = ("clib.imp", "ws2nlm.imp"); + @import_files = ("clib.imp"); @module_files = ("clib"); + push(@misc_imports, "_rt_modu64%16", "_rt_divu64%16"); } -@misc_imports = ("GetProcessSwitchCount", "RunningProcess", - "GetSuperHighResolutionTimer" ); +if (!$BSDSOCK) +{ + push(@import_files, "ws2nlm.imp"); +} + # The "IMPORTS" environment variable must be set and point to the location # where import files (*.imp) can be found. @@ -122,6 +128,12 @@ else $lflags.=" -entry _Prelude -exit _Stop"; } +# If BSD Socket support is requested, set a define for the compiler +if ($BSDSOCK) +{ + $cflags.=" -DNETWARE_BSDSOCK"; +} + # linking stuff # for the output directories use the mk1mf.pl values with "_nw" appended -- GitLab From b135819d712776d2210aa206c530ae9ce2ee3962 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 13 Jun 2005 03:29:04 +0000 Subject: [PATCH 255/929] make update --- TABLE | 83 +++++++++++++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 69 insertions(+), 14 deletions(-) diff --git a/TABLE b/TABLE index 497efe1d81..70c18eed4d 100644 --- a/TABLE +++ b/TABLE @@ -1,3 +1,4 @@ +Output of `Configure TABLE': *** BC-32 $cc = bcc32 @@ -116,7 +117,7 @@ $sys_id = $lflags = $bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK $cpuid_obj = -$bn_obj = ia64.o +$bn_obj = bn-ia64.o $des_obj = $aes_obj = aes_core.o aes_cbc.o aes-ia64.o $bf_obj = @@ -2006,7 +2007,7 @@ $sys_id = $lflags = -ldl $bn_ops = SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT $cpuid_obj = -$bn_obj = ia64.o +$bn_obj = bn-ia64.o $des_obj = $aes_obj = aes_core.o aes_cbc.o aes-ia64.o $bf_obj = @@ -2033,7 +2034,7 @@ $sys_id = $lflags = -ldl $bn_ops = SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT $cpuid_obj = -$bn_obj = ia64.o +$bn_obj = bn-ia64.o $des_obj = $aes_obj = aes-ia64.o $bf_obj = @@ -2222,7 +2223,7 @@ $sys_id = $lflags = -ldl $bn_ops = SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT $cpuid_obj = -$bn_obj = ia64.o +$bn_obj = bn-ia64.o $des_obj = $aes_obj = aes_core.o aes_cbc.o aes-ia64.o $bf_obj = @@ -2249,7 +2250,7 @@ $sys_id = $lflags = -ldl $bn_ops = SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT $cpuid_obj = -$bn_obj = ia64.o +$bn_obj = bn-ia64.o $des_obj = $aes_obj = aes_core.o aes_cbc.o aes-ia64.o $bf_obj = @@ -2762,7 +2763,7 @@ $sys_id = $lflags = -ldl $bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK $cpuid_obj = -$bn_obj = ia64.o +$bn_obj = bn-ia64.o $des_obj = $aes_obj = aes_core.o aes_cbc.o aes-ia64.o $bf_obj = @@ -2789,7 +2790,34 @@ $sys_id = $lflags = -ldl $bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK $cpuid_obj = -$bn_obj = ia64.o +$bn_obj = bn-ia64.o +$des_obj = +$aes_obj = aes_core.o aes_cbc.o aes-ia64.o +$bf_obj = +$md5_obj = +$sha1_obj = sha1-ia64.o sha256-ia64.o sha512-ia64.o +$cast_obj = +$rc4_obj = rc4-ia64.o +$rmd160_obj = +$rc5_obj = +$dso_scheme = dlfcn +$shared_target= linux-shared +$shared_cflag = -fPIC +$shared_ldflag = +$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR) +$ranlib = +$arflags = + +*** linux-ia64-icc +$cc = icc +$cflags = -DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt +$unistd = +$thread_cflag = -D_REENTRANT +$sys_id = +$lflags = -ldl +$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK +$cpuid_obj = +$bn_obj = bn-ia64.o $des_obj = $aes_obj = aes_core.o aes_cbc.o aes-ia64.o $bf_obj = @@ -3029,8 +3057,8 @@ $cflags = $unistd = $thread_cflag = $sys_id = -$lflags = RC4_INDEX MD2_INT -$bn_ops = +$lflags = +$bn_ops = BN_LLONG RC4_INDEX MD2_INT $cpuid_obj = $bn_obj = $des_obj = @@ -3056,8 +3084,35 @@ $cflags = $unistd = $thread_cflag = $sys_id = -$lflags = BN_LLONG RC4_INDEX MD2_INT -$bn_ops = +$lflags = +$bn_ops = BN_LLONG RC4_INDEX MD2_INT +$cpuid_obj = +$bn_obj = +$des_obj = +$aes_obj = +$bf_obj = +$md5_obj = +$sha1_obj = +$cast_obj = +$rc4_obj = +$rmd160_obj = +$rc5_obj = +$dso_scheme = +$shared_target= +$shared_cflag = +$shared_ldflag = +$shared_extension = +$ranlib = +$arflags = + +*** netware-libc-bsdsock +$cc = mwccnlm +$cflags = +$unistd = +$thread_cflag = +$sys_id = +$lflags = +$bn_ops = BN_LLONG RC4_INDEX MD2_INT $cpuid_obj = $bn_obj = $des_obj = @@ -3083,8 +3138,8 @@ $cflags = -nostdinc -I/ndk/libc/include -I/ndk/libc/include/winsock -DL_EN $unistd = $thread_cflag = $sys_id = -$lflags = RC4_INDEX MD2_INT -$bn_ops = +$lflags = +$bn_ops = BN_LLONG RC4_INDEX MD2_INT $cpuid_obj = $bn_obj = $des_obj = @@ -3840,7 +3895,7 @@ $unistd = $thread_cflag = (unknown) $sys_id = $lflags = -$bn_ops = +$bn_ops = BN_LLONG $cpuid_obj = $bn_obj = $des_obj = -- GitLab From d9dbd24db5e4675700478904cfdd1a3320502329 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 13 Jun 2005 03:36:21 +0000 Subject: [PATCH 256/929] Time to release beta 5. The tag will be OpenSSL_0_9_8-beta5 --- README | 2 +- STATUS | 4 ++-- crypto/opensslv.h | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/README b/README index 5b7c919d7f..35d2969a03 100644 --- a/README +++ b/README @@ -1,5 +1,5 @@ - OpenSSL 0.9.8-beta4-dev XX xxx XXXX + OpenSSL 0.9.8-beta5 13 June 2005 Copyright (c) 1998-2005 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson diff --git a/STATUS b/STATUS index 7c526d5c0f..6f10fcf1f6 100644 --- a/STATUS +++ b/STATUS @@ -1,12 +1,12 @@ OpenSSL STATUS Last modified at - ______________ $Date: 2005/06/06 00:39:18 $ + ______________ $Date: 2005/06/13 03:36:21 $ DEVELOPMENT STATE o OpenSSL 0.9.9: Under development... + o OpenSSL 0.9.8-beta5: Released on June 13th, 2005 o OpenSSL 0.9.8-beta4: Released on June 6th, 2005 - linux-elf (Debian [unstable]) SUCCESS o OpenSSL 0.9.8-beta3: Released on May 31th, 2005 o OpenSSL 0.9.8-beta2: Released on May 24th, 2005 o OpenSSL 0.9.8-beta1: Released on May 19th, 2005 diff --git a/crypto/opensslv.h b/crypto/opensslv.h index 172cfd96cd..a9a444fae1 100644 --- a/crypto/opensslv.h +++ b/crypto/opensslv.h @@ -27,9 +27,9 @@ */ #define OPENSSL_VERSION_NUMBER 0x00908005L #ifdef OPENSSL_FIPS -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-fips-beta5-dev XX xxx XXXX" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-fips-beta5 13 Jun 2005" #else -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-beta4-dev XX xxx XXXX" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-beta5 13 Jun 2005" #endif #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT -- GitLab From c92339492449223461fe0aa627a1bcded72e7042 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 13 Jun 2005 03:48:22 +0000 Subject: [PATCH 257/929] Now that beta5 is tagged, lets continue with beta6. --- README | 2 +- crypto/opensslv.h | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/README b/README index 35d2969a03..582c8af152 100644 --- a/README +++ b/README @@ -1,5 +1,5 @@ - OpenSSL 0.9.8-beta5 13 June 2005 + OpenSSL 0.9.8-beta6 XX xxx XXXX Copyright (c) 1998-2005 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson diff --git a/crypto/opensslv.h b/crypto/opensslv.h index a9a444fae1..cc151b530c 100644 --- a/crypto/opensslv.h +++ b/crypto/opensslv.h @@ -25,11 +25,11 @@ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -#define OPENSSL_VERSION_NUMBER 0x00908005L +#define OPENSSL_VERSION_NUMBER 0x00908006L #ifdef OPENSSL_FIPS -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-fips-beta5 13 Jun 2005" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-fips-beta6 XX xxx XXXX" #else -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-beta5 13 Jun 2005" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-beta6 XX xxx XXXX" #endif #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT -- GitLab From f3b9c3451507e008dfe2669228fd2becb62e8b67 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 13 Jun 2005 04:17:24 +0000 Subject: [PATCH 258/929] 0.9.8-beta5 works on VMS/Alpha --- STATUS | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/STATUS b/STATUS index 6f10fcf1f6..657754170e 100644 --- a/STATUS +++ b/STATUS @@ -1,11 +1,12 @@ OpenSSL STATUS Last modified at - ______________ $Date: 2005/06/13 03:36:21 $ + ______________ $Date: 2005/06/13 04:17:24 $ DEVELOPMENT STATE o OpenSSL 0.9.9: Under development... o OpenSSL 0.9.8-beta5: Released on June 13th, 2005 + OpenVMS/Alpha 7.3-2 w. Compaq C 6.4-005 SUCCESS o OpenSSL 0.9.8-beta4: Released on June 6th, 2005 o OpenSSL 0.9.8-beta3: Released on May 31th, 2005 o OpenSSL 0.9.8-beta2: Released on May 24th, 2005 -- GitLab From 3d187ede47f59116c288b0b1bc4f3974b9928a1d Mon Sep 17 00:00:00 2001 From: Nils Larsch Date: Mon, 13 Jun 2005 08:36:38 +0000 Subject: [PATCH 259/929] update FAQ --- FAQ | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/FAQ b/FAQ index 96e816cf7a..86b6617f44 100644 --- a/FAQ +++ b/FAQ @@ -143,8 +143,8 @@ less Unix-centric, it might have been used much earlier. With version 0.9.6 OpenSSL was extended to interface to external crypto hardware. This was realized in a special release '0.9.6-engine'. With -version 0.9.7 (not yet released) the changes were merged into the main -development line, so that the special release is no longer necessary. +version 0.9.7 the changes were merged into the main development line, +so that the special release is no longer necessary. * How do I check the authenticity of the OpenSSL distribution? -- GitLab From 0b18d8b0c722916ae5383ce32169b1224497549d Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 13 Jun 2005 17:00:25 +0000 Subject: [PATCH 260/929] 0.9.8-beta5 works on Cygwin --- STATUS | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/STATUS b/STATUS index 657754170e..d0ce95ab0a 100644 --- a/STATUS +++ b/STATUS @@ -1,12 +1,13 @@ OpenSSL STATUS Last modified at - ______________ $Date: 2005/06/13 04:17:24 $ + ______________ $Date: 2005/06/13 17:00:25 $ DEVELOPMENT STATE o OpenSSL 0.9.9: Under development... o OpenSSL 0.9.8-beta5: Released on June 13th, 2005 OpenVMS/Alpha 7.3-2 w. Compaq C 6.4-005 SUCCESS + Cygwin (version not yet known) SUCCESS o OpenSSL 0.9.8-beta4: Released on June 6th, 2005 o OpenSSL 0.9.8-beta3: Released on May 31th, 2005 o OpenSSL 0.9.8-beta2: Released on May 24th, 2005 -- GitLab From 6b5a8f3a22667baf9ff8f8b918a8673321deea17 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 13 Jun 2005 17:03:17 +0000 Subject: [PATCH 261/929] 0.9.8-beta5 works on SuSE 9.3 --- STATUS | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/STATUS b/STATUS index d0ce95ab0a..fae2c1777b 100644 --- a/STATUS +++ b/STATUS @@ -1,6 +1,6 @@ OpenSSL STATUS Last modified at - ______________ $Date: 2005/06/13 17:00:25 $ + ______________ $Date: 2005/06/13 17:03:17 $ DEVELOPMENT STATE @@ -8,6 +8,7 @@ o OpenSSL 0.9.8-beta5: Released on June 13th, 2005 OpenVMS/Alpha 7.3-2 w. Compaq C 6.4-005 SUCCESS Cygwin (version not yet known) SUCCESS + linx-elf (SuSE 9.3) SUCCESS o OpenSSL 0.9.8-beta4: Released on June 6th, 2005 o OpenSSL 0.9.8-beta3: Released on May 31th, 2005 o OpenSSL 0.9.8-beta2: Released on May 24th, 2005 -- GitLab From 37b200389ad26a63d4cb71901a210f19ee01a809 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 13 Jun 2005 17:10:07 +0000 Subject: [PATCH 262/929] Data about which Cygwin versions 0.9.8-beta5 work on --- STATUS | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/STATUS b/STATUS index fae2c1777b..09360c29d6 100644 --- a/STATUS +++ b/STATUS @@ -1,13 +1,13 @@ OpenSSL STATUS Last modified at - ______________ $Date: 2005/06/13 17:03:17 $ + ______________ $Date: 2005/06/13 17:10:07 $ DEVELOPMENT STATE o OpenSSL 0.9.9: Under development... o OpenSSL 0.9.8-beta5: Released on June 13th, 2005 OpenVMS/Alpha 7.3-2 w. Compaq C 6.4-005 SUCCESS - Cygwin (version not yet known) SUCCESS + Cygwin (1.5.17 and current CVS) SUCCESS linx-elf (SuSE 9.3) SUCCESS o OpenSSL 0.9.8-beta4: Released on June 6th, 2005 o OpenSSL 0.9.8-beta3: Released on May 31th, 2005 -- GitLab From 1b1081a3ed041213aed9aad9f544571e8fa6fd7b Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 14 Jun 2005 05:42:56 +0000 Subject: [PATCH 263/929] 0.9.8-beta5 works on Gentoo/arml but not /armb, and works on Linux AMD64 --- STATUS | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/STATUS b/STATUS index 09360c29d6..3948a86488 100644 --- a/STATUS +++ b/STATUS @@ -1,6 +1,6 @@ OpenSSL STATUS Last modified at - ______________ $Date: 2005/06/13 17:10:07 $ + ______________ $Date: 2005/06/14 05:42:56 $ DEVELOPMENT STATE @@ -8,7 +8,13 @@ o OpenSSL 0.9.8-beta5: Released on June 13th, 2005 OpenVMS/Alpha 7.3-2 w. Compaq C 6.4-005 SUCCESS Cygwin (1.5.17 and current CVS) SUCCESS - linx-elf (SuSE 9.3) SUCCESS + linux-elf (SuSE 9.3) SUCCESS + linux-? (Gentoo/armel) SUCCESS + linux-? (Gentoo/armeb) FAILURE + (Tester comment: Gentoo/armeb failed the x509 certificate test + ('test_ss') due to lack of enough random data, but i'm pretty + sure that's a system issue and unrelated to openssl ;)) + linux-x86_64 (Linux AMD64) SUCCESS o OpenSSL 0.9.8-beta4: Released on June 6th, 2005 o OpenSSL 0.9.8-beta3: Released on May 31th, 2005 o OpenSSL 0.9.8-beta2: Released on May 24th, 2005 -- GitLab From ce2c19e357144e1248d5c4c9df6b775b874b5903 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Thu, 16 Jun 2005 02:05:57 +0000 Subject: [PATCH 264/929] Update from head. --- crypto/x509/x509_vfy.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index a4a142cd01..79dae3d3bf 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -776,7 +776,8 @@ static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl) } } - if (!check_crl_time(ctx, crl, 1)) + ok = check_crl_time(ctx, crl, 1); + if (!ok) goto err; ok = 1; @@ -1006,7 +1007,8 @@ static int internal_verify(X509_STORE_CTX *ctx) xs->valid = 1; - if (!check_cert_time(ctx, xs)) + ok = check_cert_time(ctx, xs); + if (!ok) goto end; /* The last error (if any) is still in the error value */ -- GitLab From ecf2875ebfd8d433a85702b6a618cc1c5ff8b463 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Thu, 16 Jun 2005 02:16:50 +0000 Subject: [PATCH 265/929] Don't strip extensions from header filenames in mk1mf.pl. --- util/mk1mf.pl | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/util/mk1mf.pl b/util/mk1mf.pl index fa0fbe3673..74bfc99ffe 100755 --- a/util/mk1mf.pl +++ b/util/mk1mf.pl @@ -272,10 +272,10 @@ for (;;) { $ex_libs .= " $val";} if ($key eq "TEST") - { $test.=&var_add($dir,$val); } + { $test.=&var_add($dir,$val, 0); } if (($key eq "PROGS") || ($key eq "E_OBJ")) - { $e_exe.=&var_add($dir,$val); } + { $e_exe.=&var_add($dir,$val, 0); } if ($key eq "LIB") { @@ -284,13 +284,13 @@ for (;;) } if ($key eq "EXHEADER") - { $exheader.=&var_add($dir,$val); } + { $exheader.=&var_add($dir,$val, 1); } if ($key eq "HEADER") - { $header.=&var_add($dir,$val); } + { $header.=&var_add($dir,$val, 1); } if ($key eq "LIBOBJ") - { $libobj=&var_add($dir,$val); } + { $libobj=&var_add($dir,$val, 0); } if (!($_=)) { $_="RELATIVE_DIRECTORY=FINISHED\n"; } @@ -527,11 +527,11 @@ foreach (split(/\s+/,$exheader)){ $h{$_}=1; } foreach (split(/\s+/,$header)) { $h.=$_." " unless $h{$_}; } chop($h); $header=$h; -$defs.=&do_defs("HEADER",$header,"\$(INCL_D)",".h"); -$rules.=&do_copy_rule("\$(INCL_D)",$header,".h"); +$defs.=&do_defs("HEADER",$header,"\$(INCL_D)",""); +$rules.=&do_copy_rule("\$(INCL_D)",$header,""); -$defs.=&do_defs("EXHEADER",$exheader,"\$(INCO_D)",".h"); -$rules.=&do_copy_rule("\$(INCO_D)",$exheader,".h"); +$defs.=&do_defs("EXHEADER",$exheader,"\$(INCO_D)",""); +$rules.=&do_copy_rule("\$(INCO_D)",$exheader,""); $defs.=&do_defs("T_OBJ",$test,"\$(OBJ_D)",$obj); $rules.=&do_compile_rule("\$(OBJ_D)",$test,"\$(APP_CFLAGS)"); @@ -649,7 +649,7 @@ print $rules; # directories sub var_add { - local($dir,$val)=@_; + local($dir,$val,$keepext)=@_; local(@a,$_,$ret); return("") if $no_engine && $dir =~ /\/engine/; @@ -678,7 +678,7 @@ sub var_add $val =~ s/^\s*(.*)\s*$/$1/; @a=split(/\s+/,$val); - grep(s/\.[och]$//,@a); + grep(s/\.[och]$//,@a) unless $keepext; @a=grep(!/^e_.*_3d$/,@a) if $no_des; @a=grep(!/^e_.*_d$/,@a) if $no_des; -- GitLab From c58a1f76f8f7b5d48f2eb427bfdb610a627cadc5 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 16 Jun 2005 22:19:14 +0000 Subject: [PATCH 266/929] Do not undefine _XOPEN_SOURCE. This is currently experimental, and will be firmed up as soon as it's been verified not to break anything. --- ssl/kssl.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ssl/kssl.c b/ssl/kssl.c index b8192cdfc7..26e3b2f3ea 100644 --- a/ssl/kssl.c +++ b/ssl/kssl.c @@ -70,7 +70,9 @@ #define _XOPEN_SOURCE 500 /* glibc2 needs this to declare strptime() */ #include +#if 0 /* experimental */ #undef _XOPEN_SOURCE /* To avoid clashes with anything else... */ +#endif #include #define KRB5_PRIVATE 1 -- GitLab From cbe77a6753ce782a8b85c272ea2951a19354740c Mon Sep 17 00:00:00 2001 From: Nils Larsch Date: Fri, 17 Jun 2005 20:43:05 +0000 Subject: [PATCH 267/929] update for the cswift engine: - fix the problem described in bug report 825 - fix a segfault when the engine fails to initialize - let the engine switch to software when keysize > 2048 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit PR: 825, 826 Submitted by: Frédéric Giudicelli --- engines/e_cswift.c | 204 +++++++++++++++++++++++++++++++++++---------- 1 file changed, 158 insertions(+), 46 deletions(-) diff --git a/engines/e_cswift.c b/engines/e_cswift.c index f86c0573a8..56a1967496 100644 --- a/engines/e_cswift.c +++ b/engines/e_cswift.c @@ -98,6 +98,7 @@ static int cswift_destroy(ENGINE *e); static int cswift_init(ENGINE *e); static int cswift_finish(ENGINE *e); static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)); +static int cswift_bn_32copy(SW_LARGENUMBER * out, const BIGNUM * in); /* BIGNUM stuff */ static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, @@ -415,7 +416,10 @@ static int cswift_init(ENGINE *e) return 1; err: if(cswift_dso) + { DSO_free(cswift_dso); + cswift_dso = NULL; + } p_CSwift_AcquireAccContext = NULL; p_CSwift_AttachKeyParam = NULL; p_CSwift_SimpleRequest = NULL; @@ -565,6 +569,29 @@ err: return to_return; } + +int cswift_bn_32copy(SW_LARGENUMBER * out, const BIGNUM * in) +{ + int mod; + int numbytes = BN_num_bytes(in); + + mod = 0; + while( ((out->nbytes = (numbytes+mod)) % 32) ) + { + mod++; + } + out->value = (unsigned char*)OPENSSL_malloc(out->nbytes); + if(!out->value) + { + return 0; + } + BN_bn2bin(in, &out->value[mod]); + if(mod) + memset(out->value, 0, mod); + + return 1; +} + /* Un petit mod_exp chinois */ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *q, const BIGNUM *dmp1, @@ -574,15 +601,16 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, SW_LARGENUMBER arg, res; SW_PARAM sw_param; SW_CONTEXT_HANDLE hac; - BIGNUM *rsa_p = NULL; - BIGNUM *rsa_q = NULL; - BIGNUM *rsa_dmp1 = NULL; - BIGNUM *rsa_dmq1 = NULL; - BIGNUM *rsa_iqmp = NULL; - BIGNUM *argument = NULL; BIGNUM *result = NULL; + BIGNUM *argument = NULL; int to_return = 0; /* expect failure */ int acquired = 0; + + sw_param.up.crt.p.value = NULL; + sw_param.up.crt.q.value = NULL; + sw_param.up.crt.dmp1.value = NULL; + sw_param.up.crt.dmq1.value = NULL; + sw_param.up.crt.iqmp.value = NULL; if(!get_context(&hac)) { @@ -590,44 +618,55 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, goto err; } acquired = 1; + /* Prepare the params */ - BN_CTX_start(ctx); - rsa_p = BN_CTX_get(ctx); - rsa_q = BN_CTX_get(ctx); - rsa_dmp1 = BN_CTX_get(ctx); - rsa_dmq1 = BN_CTX_get(ctx); - rsa_iqmp = BN_CTX_get(ctx); - argument = BN_CTX_get(ctx); - result = BN_CTX_get(ctx); - if(!result) + argument = BN_new(); + result = BN_new(); + if(!result || !argument) { CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_CTX_FULL); goto err; } - if(!bn_wexpand(rsa_p, p->top) || !bn_wexpand(rsa_q, q->top) || - !bn_wexpand(rsa_dmp1, dmp1->top) || - !bn_wexpand(rsa_dmq1, dmq1->top) || - !bn_wexpand(rsa_iqmp, iqmp->top) || - !bn_wexpand(argument, a->top) || + + + sw_param.type = SW_ALG_CRT; + /************************************************************************/ + /* 04/02/2003 */ + /* Modified by Frederic Giudicelli (deny-all.com) to overcome the */ + /* limitation of cswift with values not a multiple of 32 */ + /************************************************************************/ + if(!cswift_bn_32copy(&sw_param.up.crt.p, p)) + { + CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL); + goto err; + } + if(!cswift_bn_32copy(&sw_param.up.crt.q, q)) + { + CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL); + goto err; + } + if(!cswift_bn_32copy(&sw_param.up.crt.dmp1, dmp1)) + { + CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL); + goto err; + } + if(!cswift_bn_32copy(&sw_param.up.crt.dmq1, dmq1)) + { + CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL); + goto err; + } + if(!cswift_bn_32copy(&sw_param.up.crt.iqmp, iqmp)) + { + CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL); + goto err; + } + if( !bn_wexpand(argument, a->top) || !bn_wexpand(result, p->top + q->top)) { CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL); goto err; } - sw_param.type = SW_ALG_CRT; - sw_param.up.crt.p.nbytes = BN_bn2bin(p, (unsigned char *)rsa_p->d); - sw_param.up.crt.p.value = (unsigned char *)rsa_p->d; - sw_param.up.crt.q.nbytes = BN_bn2bin(q, (unsigned char *)rsa_q->d); - sw_param.up.crt.q.value = (unsigned char *)rsa_q->d; - sw_param.up.crt.dmp1.nbytes = BN_bn2bin(dmp1, - (unsigned char *)rsa_dmp1->d); - sw_param.up.crt.dmp1.value = (unsigned char *)rsa_dmp1->d; - sw_param.up.crt.dmq1.nbytes = BN_bn2bin(dmq1, - (unsigned char *)rsa_dmq1->d); - sw_param.up.crt.dmq1.value = (unsigned char *)rsa_dmq1->d; - sw_param.up.crt.iqmp.nbytes = BN_bn2bin(iqmp, - (unsigned char *)rsa_iqmp->d); - sw_param.up.crt.iqmp.value = (unsigned char *)rsa_iqmp->d; + /* Attach the key params */ sw_status = p_CSwift_AttachKeyParam(hac, &sw_param); switch(sw_status) @@ -666,9 +705,22 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_bin2bn((unsigned char *)result->d, res.nbytes, r); to_return = 1; err: + if(sw_param.up.crt.p.value) + OPENSSL_free(sw_param.up.crt.p.value); + if(sw_param.up.crt.q.value) + OPENSSL_free(sw_param.up.crt.q.value); + if(sw_param.up.crt.dmp1.value) + OPENSSL_free(sw_param.up.crt.dmp1.value); + if(sw_param.up.crt.dmq1.value) + OPENSSL_free(sw_param.up.crt.dmq1.value); + if(sw_param.up.crt.iqmp.value) + OPENSSL_free(sw_param.up.crt.iqmp.value); + if(result) + BN_free(result); + if(argument) + BN_free(argument); if(acquired) release_context(hac); - BN_CTX_end(ctx); return to_return; } @@ -676,6 +728,27 @@ err: static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) { int to_return = 0; + const RSA_METHOD * def_rsa_method; + + /* Try the limits of RSA (2048 bits) */ + if(BN_num_bytes(rsa->p) > 128 || + BN_num_bytes(rsa->q) > 128 || + BN_num_bytes(rsa->dmp1) > 128 || + BN_num_bytes(rsa->dmq1) > 128 || + BN_num_bytes(rsa->iqmp) > 128) + { +#ifdef RSA_NULL + def_rsa_method=RSA_null_method(); +#else +#if 0 + def_rsa_method=RSA_PKCS1_RSAref(); +#else + def_rsa_method=RSA_PKCS1_SSLeay(); +#endif +#endif + if(def_rsa_method) + return def_rsa_method->rsa_mod_exp(r0, I, rsa, ctx); + } if(!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) { @@ -693,6 +766,26 @@ err: static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { + const RSA_METHOD * def_rsa_method; + + /* Try the limits of RSA (2048 bits) */ + if(BN_num_bytes(r) > 256 || + BN_num_bytes(a) > 256 || + BN_num_bytes(m) > 256) + { +#ifdef RSA_NULL + def_rsa_method=RSA_null_method(); +#else +#if 0 + def_rsa_method=RSA_PKCS1_RSAref(); +#else + def_rsa_method=RSA_PKCS1_SSLeay(); +#endif +#endif + if(def_rsa_method) + return def_rsa_method->bn_mod_exp(r, a, p, m, ctx, m_ctx); + } + return cswift_mod_exp(r, a, p, m, ctx); } @@ -937,9 +1030,10 @@ static int cswift_rand_bytes(unsigned char *buf, int num) SW_CONTEXT_HANDLE hac; SW_STATUS swrc; SW_LARGENUMBER largenum; - size_t nbytes = 0; int acquired = 0; int to_return = 0; /* assume failure */ + unsigned char buf32[1024]; + if (!get_context(&hac)) { @@ -948,17 +1042,19 @@ static int cswift_rand_bytes(unsigned char *buf, int num) } acquired = 1; - while (nbytes < (size_t)num) + /************************************************************************/ + /* 04/02/2003 */ + /* Modified by Frederic Giudicelli (deny-all.com) to overcome the */ + /* limitation of cswift with values not a multiple of 32 */ + /************************************************************************/ + + while(num >= sizeof(buf32)) { + largenum.value = buf; + largenum.nbytes = sizeof(buf32); /* tell CryptoSwift how many bytes we want and where we want it. * Note: - CryptoSwift cannot do more than 4096 bytes at a time. * - CryptoSwift can only do multiple of 32-bits. */ - largenum.value = (SW_BYTE *) buf + nbytes; - if (4096 > num - nbytes) - largenum.nbytes = num - nbytes; - else - largenum.nbytes = 4096; - swrc = p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1); if (swrc != SW_OK) { @@ -968,14 +1064,30 @@ static int cswift_rand_bytes(unsigned char *buf, int num) ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf); goto err; } - - nbytes += largenum.nbytes; + buf += sizeof(buf32); + num -= sizeof(buf32); + } + if(num) + { + largenum.nbytes = sizeof(buf32); + largenum.value = buf32; + swrc = p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1); + if (swrc != SW_OK) + { + char tmpbuf[20]; + CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_REQUEST_FAILED); + sprintf(tmpbuf, "%ld", swrc); + ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf); + goto err; + } + memcpy(buf, largenum.value, num); } - to_return = 1; /* success */ + to_return = 1; /* success */ err: if (acquired) release_context(hac); + return to_return; } -- GitLab From 3000bdcc3aff9032eb9adad88ec289c624d8a256 Mon Sep 17 00:00:00 2001 From: Nils Larsch Date: Fri, 17 Jun 2005 21:27:28 +0000 Subject: [PATCH 268/929] clear dso pointer in case of an error PR: 816 --- engines/e_aep.c | 1 + engines/e_atalla.c | 1 + engines/e_ubsec.c | 1 + 3 files changed, 3 insertions(+) diff --git a/engines/e_aep.c b/engines/e_aep.c index f3e27fb01d..c175a186e9 100644 --- a/engines/e_aep.c +++ b/engines/e_aep.c @@ -479,6 +479,7 @@ static int aep_init(ENGINE *e) if(aep_dso) DSO_free(aep_dso); + aep_dso = NULL; p_AEP_OpenConnection = NULL; p_AEP_ModExp = NULL; diff --git a/engines/e_atalla.c b/engines/e_atalla.c index a5cf6aa885..8e11048d05 100644 --- a/engines/e_atalla.c +++ b/engines/e_atalla.c @@ -384,6 +384,7 @@ static int atalla_init(ENGINE *e) err: if(atalla_dso) DSO_free(atalla_dso); + atalla_dso = NULL; p_Atalla_GetHardwareConfig = NULL; p_Atalla_RSAPrivateKeyOpFn = NULL; p_Atalla_GetPerformanceStatistics = NULL; diff --git a/engines/e_ubsec.c b/engines/e_ubsec.c index 802de40be6..f0e4f736ad 100644 --- a/engines/e_ubsec.c +++ b/engines/e_ubsec.c @@ -463,6 +463,7 @@ static int ubsec_init(ENGINE *e) err: if(ubsec_dso) DSO_free(ubsec_dso); + ubsec_dso = NULL; p_UBSEC_ubsec_bytes_to_bits = NULL; p_UBSEC_ubsec_bits_to_bytes = NULL; p_UBSEC_ubsec_open = NULL; -- GitLab From 98b4995bad018650a788b5c360232d1aa6660f72 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sat, 18 Jun 2005 04:27:15 +0000 Subject: [PATCH 269/929] Have pod2man.pl accept '=for comment ...' before the '=head1 NAME' line. PR: 1113 --- util/pod2man.pl | 1 + 1 file changed, 1 insertion(+) diff --git a/util/pod2man.pl b/util/pod2man.pl index 657e4e264e..546d1ec186 100755 --- a/util/pod2man.pl +++ b/util/pod2man.pl @@ -425,6 +425,7 @@ if ($name ne 'something') { } next if /^=cut\b/; # DB_File and Net::Ping have =cut before NAME next if /^=pod\b/; # It is OK to have =pod before NAME + next if /^=for\s+comment\b/; # It is OK to have =for comment before NAME die "$0: Invalid man page - 1st pod line is not NAME in $ARGV[0]\n" unless $lax; } die "$0: Invalid man page - no documentation in $ARGV[0]\n" unless $lax; -- GitLab From 14557c8be4ab126174d6575191f0b3bb086eefb0 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sat, 18 Jun 2005 04:32:23 +0000 Subject: [PATCH 270/929] Only define ZLIB_SHARED if it hasn't already been defined (on the command line, for example). PR: 1112 --- crypto/comp/c_zlib.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/crypto/comp/c_zlib.c b/crypto/comp/c_zlib.c index 171fa5b86b..8263f7315d 100644 --- a/crypto/comp/c_zlib.c +++ b/crypto/comp/c_zlib.c @@ -73,7 +73,9 @@ static COMP_METHOD zlib_stateful_method={ # include # define Z_CALLCONV _stdcall -# define ZLIB_SHARED +# ifndef ZLIB_SHARED +# define ZLIB_SHARED +# endif #else # define Z_CALLCONV #endif /* !(OPENSSL_SYS_WINDOWS || OPENSSL_SYS_WIN32) */ -- GitLab From 7435d89edff30ca26ac890ec2ecd5daba9ab6630 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sat, 18 Jun 2005 04:42:34 +0000 Subject: [PATCH 271/929] Move the definition of DEVRANDOM for DJGPP from Configure to e_os.h. That should solve the issues with propagating it through the Makefiles. PR: 1110 --- Configure | 2 +- crypto/rand/rand_unix.c | 2 +- e_os.h | 1 + 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/Configure b/Configure index 934d36f3c9..e123093de5 100755 --- a/Configure +++ b/Configure @@ -493,7 +493,7 @@ my %table=( "netware-libc-gcc", "i586-netware-gcc:-nostdinc -I/ndk/libc/include -I/ndk/libc/include/winsock -DL_ENDIAN -DNETWARE_LIBC -DOPENSSL_SYSNAME_NETWARE -DTERMIO -O2 -Wall:::::BN_LLONG ${x86_gcc_opts}::", # DJGPP -"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall -DDEVRANDOM=\"/dev/urandom\\x24\":::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:", +"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:", # Ultrix from Bernhard Simon "ultrix-cc","cc:-std1 -O -Olimit 2500 -DL_ENDIAN::(unknown):::::::", diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c index bf9a0e993a..14837a7a7d 100644 --- a/crypto/rand/rand_unix.c +++ b/crypto/rand/rand_unix.c @@ -153,7 +153,7 @@ int RAND_poll(void) int n = 0; #endif #ifdef DEVRANDOM - static const char *randomfiles[] = { "DEVRANDOM" }; + static const char *randomfiles[] = { DEVRANDOM }; struct stat randomstats[sizeof(randomfiles)/sizeof(randomfiles[0])]; int fd,i; #endif diff --git a/e_os.h b/e_os.h index 06e1fe2979..4d5e9f92a6 100644 --- a/e_os.h +++ b/e_os.h @@ -227,6 +227,7 @@ extern "C" { # define _setmode setmode # define _O_TEXT O_TEXT # define _O_BINARY O_BINARY +# define DEVRANDOM "/dev/urandom\x24" # endif /* __DJGPP__ */ # ifndef S_IFDIR -- GitLab From c630a3e8d6d2ded0cf2b3c43f5b322a303f84c49 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sat, 18 Jun 2005 05:52:23 +0000 Subject: [PATCH 272/929] Add better documentation on how id_function() should be defined and what issues there are. PR: 1096 --- doc/crypto/threads.pod | 23 ++++++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/doc/crypto/threads.pod b/doc/crypto/threads.pod index c7fca5a531..3df4ecd776 100644 --- a/doc/crypto/threads.pod +++ b/doc/crypto/threads.pod @@ -65,9 +65,10 @@ B, and releases it otherwise. B and B are the file number of the function setting the lock. They can be useful for debugging. -id_function(void) is a function that returns a thread ID. It is not +id_function(void) is a function that returns a thread ID, for example +pthread_self() if it returns an integer (see NOTES below). It isn't needed on Windows nor on platforms where getpid() returns a different -ID for each thread (most notably Linux). +ID for each thread (see NOTES below). Additionally, OpenSSL supports dynamic locks, and sometimes, some parts of OpenSSL need it for better performance. To enable this, the following @@ -124,7 +125,7 @@ CRYPTO_get_new_dynlockid() returns the index to the newly created lock. The other functions return no values. -=head1 NOTE +=head1 NOTES You can find out if OpenSSL was configured with thread support: @@ -139,6 +140,22 @@ You can find out if OpenSSL was configured with thread support: Also, dynamic locks are currently not used internally by OpenSSL, but may do so in the future. +Defining id_function(void) has it's own issues. Generally speaking, +pthread_self() should be used, even on platforms where getpid() gives +different answers in each thread, since that may depend on the machine +the program is run on, not the machine where the program is being +compiled. For instance, Red Hat 8 Linux and earlier used +LinuxThreads, whose getpid() returns a different value for each +thread. Red Hat 9 Linux and later use NPTL, which is +Posix-conformant, and has a getpid() that returns the same value for +all threads in a process. A program compiled on Red Hat 8 and run on +Red Hat 9 will therefore see getpid() returning the same value for +all threads. + +There is still the issue of platforms where pthread_self() returns +something other than an integer. This is a bit unusual, and this +manual has no cookbook solution for that case. + =head1 EXAMPLES B shows examples of the callback functions on -- GitLab From 331a0a7b9bbf2d04f02fe8ab09c7136f727e7354 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sun, 19 Jun 2005 20:20:33 +0000 Subject: [PATCH 273/929] Undefine DECRANDOM before redefining it. PR: 1110 --- e_os.h | 1 + 1 file changed, 1 insertion(+) diff --git a/e_os.h b/e_os.h index 4d5e9f92a6..2f545403ee 100644 --- a/e_os.h +++ b/e_os.h @@ -227,6 +227,7 @@ extern "C" { # define _setmode setmode # define _O_TEXT O_TEXT # define _O_BINARY O_BINARY +# undef DEBRANDOM # define DEVRANDOM "/dev/urandom\x24" # endif /* __DJGPP__ */ -- GitLab From a4ae746656d658da4a697d9c10d996c761109f18 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sun, 19 Jun 2005 20:31:32 +0000 Subject: [PATCH 274/929] With DJGPP, it seems like the return code from grep, even when in the middle of a pipe, is noted. Counter that by forcing a true return code when the return code has no importance. PR: 1085 --- Makefile.org | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Makefile.org b/Makefile.org index 0a284c6545..4acc2a4f1a 100644 --- a/Makefile.org +++ b/Makefile.org @@ -522,8 +522,8 @@ install_docs: --release=$(VERSION) `basename $$i`") \ > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \ $(PERL) util/extract-names.pl < $$i | \ - grep -v $$filecase "^$$fn\$$" | \ - grep -v "[ ]" | \ + (grep -v $$filecase "^$$fn\$$"; true) | \ + (grep -v "[ ]"; true) | \ (cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \ while read n; do \ $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \ @@ -539,8 +539,8 @@ install_docs: --release=$(VERSION) `basename $$i`") \ > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \ $(PERL) util/extract-names.pl < $$i | \ - grep -v $$filecase "^$$fn\$$" | \ - grep -v "[ ]" | \ + (grep -v $$filecase "^$$fn\$$"; true) | \ + (grep -v "[ ]"; true) | \ (cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \ while read n; do \ $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \ -- GitLab From d8e64093367d1d42f980c6020a6ef5b5d54807f2 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 20 Jun 2005 04:29:56 +0000 Subject: [PATCH 275/929] Add crypto/bn/bn_prime.h to the collection of generated files. In the update target, place the dependency on depend last, so all necessary files are generated *before* the dependencies are figured out. PR: 1121 --- Makefile.org | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/Makefile.org b/Makefile.org index 4acc2a4f1a..88fa37625e 100644 --- a/Makefile.org +++ b/Makefile.org @@ -392,11 +392,15 @@ crypto/objects/obj_mac.h: crypto/objects/objects.pl crypto/objects/objects.txt c apps/openssl-vms.cnf: apps/openssl.cnf $(PERL) VMS/VMSify-conf.pl < apps/openssl.cnf > apps/openssl-vms.cnf +crypto/bn/bn_prime.h: crypto/bn/bn_prime.pl + $(PERL) crypto/bn/bn_prime.pl >crypto/bn/bn_prime.h + + TABLE: Configure (echo 'Output of `Configure TABLE'"':"; \ $(PERL) Configure TABLE) > TABLE -update: depend errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h apps/openssl-vms.cnf TABLE +update: errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h apps/openssl-vms.cnf crypto/bn/bn_prime.h TABLE depend # Build distribution tar-file. As the list of files returned by "find" is # pretty long, on several platforms a "too many arguments" error or similar -- GitLab From 8d56c8b51c0f45691604a37a4b151c7b7e6d9886 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Mon, 20 Jun 2005 14:50:26 +0000 Subject: [PATCH 276/929] Solaris x86_64 /usr/ccs/bin/as support. --- crypto/perlasm/x86_64-xlate.pl | 4 ++++ crypto/x86_64cpuid.pl | 42 +++++++++++++++++----------------- 2 files changed, 25 insertions(+), 21 deletions(-) diff --git a/crypto/perlasm/x86_64-xlate.pl b/crypto/perlasm/x86_64-xlate.pl index 88a45b1923..ef1a4ce656 100755 --- a/crypto/perlasm/x86_64-xlate.pl +++ b/crypto/perlasm/x86_64-xlate.pl @@ -168,6 +168,10 @@ my $current_function; # on pros side, this results in more compact code:-) $self->{index} =~ s/^[er](.?[0-9xp])[d]?$/r\1/; $self->{base} =~ s/^[er](.?[0-9xp])[d]?$/r\1/; + # Solaris /usr/ccs/bin/as can't handle multiplications + # in $self->{label} + $self->{label} =~ s/(?{label} =~ s/([0-9]+\s*[\*\/\%]\s*[0-9]+)/eval($1)/eg; if (defined($self->{index})) { sprintf "%s(%%%s,%%%s,%d)", diff --git a/crypto/x86_64cpuid.pl b/crypto/x86_64cpuid.pl index 777d557783..4d88ad191b 100644 --- a/crypto/x86_64cpuid.pl +++ b/crypto/x86_64cpuid.pl @@ -70,8 +70,8 @@ print<<___ if(!defined($win64a)); .align 16 OPENSSL_rdtsc: rdtsc - shl \$32,%rdx - or %rdx,%rax + shlq \$32,%rdx + orq %rdx,%rax ret .size OPENSSL_rdtsc,.-OPENSSL_rdtsc @@ -80,11 +80,11 @@ OPENSSL_rdtsc: .align 16 OPENSSL_atomic_add: movl (%rdi),%eax -.Lspin: lea (%rsi,%rax),%r8 -lock; cmpxchg %r8d,(%rdi) +.Lspin: leaq (%rsi,%rax),%r8 +lock; cmpxchgl %r8d,(%rdi) jne .Lspin - mov %r8d,%eax - cdqe + movl %r8d,%eax + .byte 0x48,0x98 ret .size OPENSSL_atomic_add,.-OPENSSL_atomic_add @@ -108,28 +108,28 @@ OPENSSL_wipe_cpu: pxor %xmm13,%xmm13 pxor %xmm14,%xmm14 pxor %xmm15,%xmm15 - xor %rcx,%rcx - xor %rdx,%rdx - xor %rsi,%rsi - xor %rdi,%rdi - xor %r8,%r8 - xor %r9,%r9 - xor %r10,%r10 - xor %r11,%r11 - lea 8(%rsp),%rax + xorq %rcx,%rcx + xorq %rdx,%rdx + xorq %rsi,%rsi + xorq %rdi,%rdi + xorq %r8,%r8 + xorq %r9,%r9 + xorq %r10,%r10 + xorq %r11,%r11 + leaq 8(%rsp),%rax ret .size OPENSSL_wipe_cpu,.-OPENSSL_wipe_cpu .globl OPENSSL_ia32_cpuid .align 16 OPENSSL_ia32_cpuid: - mov %rbx,%r8 - mov \$1,%eax + movq %rbx,%r8 + movl \$1,%eax cpuid - shl \$32,%rcx - mov %edx,%eax - mov %r8,%rbx - or %rcx,%rax + shlq \$32,%rcx + movl %edx,%eax + movq %r8,%rbx + orq %rcx,%rax ret .size OPENSSL_ia32_cpuid,.-OPENSSL_ia32_cpuid -- GitLab From fe0b3d98c237209b9b39060ed6d40c4f284e808b Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Mon, 20 Jun 2005 17:36:19 +0000 Subject: [PATCH 277/929] Refine ELF detection on BSD platforms. --- config | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/config b/config index 4a8c185bd5..89fa0b3e23 100755 --- a/config +++ b/config @@ -660,9 +660,14 @@ case "$GUESSOS" in sparc64-*-*bsd*) OUT="BSD-sparc64" ;; ia64-*-*bsd*) OUT="BSD-ia64" ;; amd64-*-*bsd*) OUT="BSD-x86_64" ;; - *86*-*-*bsd*) # assume highest libc.so.* version is the one in effect - libc=`(ls /usr/lib/libc.so.* /lib/libc.so.* | tail -1) 2>/dev/null` - case "`(file $libc) 2>/dev/null`" in + *86*-*-*bsd*) # mimic ld behaviour when it's looking for libc... + if [ -L /usr/lib/libc.so ]; then # [Free|Net]BSD + libc=/usr/lib/libc.so + else # OpenBSD + # ld searches for highest libc.so.* and so do we + libc=`(ls /usr/lib/libc.so.* | tail -1) 2>/dev/null` + fi + case "`(file -L $libc) 2>/dev/null`" in *ELF*) OUT="BSD-x86-elf" ;; *) OUT="BSD-x86"; options="$options no-sse2" ;; esac ;; -- GitLab From 0932892278d053382c3ff14d3f1f3638a6456f69 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 20 Jun 2005 20:49:05 +0000 Subject: [PATCH 278/929] Check for 'usage' and 'Usage'. Submitted by Tim Rice . His comment is: I noticed "make report" didn't show the cc version on most of my System V platforms. This patch corrects this. --- util/selftest.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/util/selftest.pl b/util/selftest.pl index 736eacb11e..4778c5ab01 100644 --- a/util/selftest.pl +++ b/util/selftest.pl @@ -49,7 +49,7 @@ if (open(IN,"&1`; -$cversion=`$cc -V 2>&1` if $cversion =~ "usage"; +$cversion=`$cc -V 2>&1` if $cversion =~ "[Uu]sage"; $cversion=`$cc -V |head -1` if $cversion =~ "Error"; $cversion=`$cc --version` if $cversion eq ""; $cversion =~ s/Reading specs.*\n//; -- GitLab From 2b975dfd5b5710abbba4182f9c214779505c529f Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 20 Jun 2005 22:11:28 +0000 Subject: [PATCH 279/929] Do no try to pretend we're at the end of anything unless we're at the end of a 4-character block. --- crypto/evp/encode.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/evp/encode.c b/crypto/evp/encode.c index 2d738f4b01..5921f0d710 100644 --- a/crypto/evp/encode.c +++ b/crypto/evp/encode.c @@ -313,7 +313,7 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, /* There will never be more than two '=' */ } - if ((v == B64_EOF) || (n >= 64)) + if ((v == B64_EOF && (n&3) == 0) || (n >= 64)) { /* This is needed to work correctly on 64 byte input * lines. We process the line and then need to -- GitLab From ca3dc3a0a0cc256a93b136f2680bc37572eda496 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 21 Jun 2005 04:41:31 +0000 Subject: [PATCH 280/929] DEVRANDOM, not DEBRANDOM... --- e_os.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/e_os.h b/e_os.h index 2f545403ee..0b2b1cca67 100644 --- a/e_os.h +++ b/e_os.h @@ -227,7 +227,7 @@ extern "C" { # define _setmode setmode # define _O_TEXT O_TEXT # define _O_BINARY O_BINARY -# undef DEBRANDOM +# undef DEVRANDOM # define DEVRANDOM "/dev/urandom\x24" # endif /* __DJGPP__ */ -- GitLab From 644c4af11e40efd924a9584d92644539374e5169 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 21 Jun 2005 05:28:47 +0000 Subject: [PATCH 281/929] make update --- TABLE | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/TABLE b/TABLE index 70c18eed4d..7f520d50a0 100644 --- a/TABLE +++ b/TABLE @@ -326,7 +326,7 @@ $arflags = *** DJGPP $cc = gcc -$cflags = -I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall -DDEVRANDOM="/dev/urandom\x24" +$cflags = -I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall $unistd = $thread_cflag = $sys_id = MSDOS -- GitLab From b2d27e376d762c75766070593629d3bb320a757a Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 21 Jun 2005 05:46:41 +0000 Subject: [PATCH 282/929] Some new news. --- NEWS | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/NEWS b/NEWS index 18d5f00749..8e193fcc46 100644 --- a/NEWS +++ b/NEWS @@ -69,10 +69,12 @@ argument form 'enable-xxx'. o Change the default digest in 'openssl' commands from MD5 to SHA-1. - o Added support for DTLS. THIS IS STILL BEING WORKED ON! + o Added support for DTLS. o New BIGNUM blinding. o Added support for the RSA-PSS encryption scheme o Added support for the RSA X.931 padding. + o Added support for BSD sockets on NetWare. + o Added support for files larger than 2GB. Major changes between OpenSSL 0.9.7f and OpenSSL 0.9.7g: -- GitLab From 09a7f2e734f20a69184cc7747b377358955fa7c0 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 21 Jun 2005 05:49:47 +0000 Subject: [PATCH 283/929] Prepare for a release of 0.9.8-beta6. This is supposed to be the final beta. The tag will be OpenSSL_0_9_8-beta6 --- README | 2 +- STATUS | 13 +++---------- crypto/opensslv.h | 4 ++-- 3 files changed, 6 insertions(+), 13 deletions(-) diff --git a/README b/README index 582c8af152..ffbd31ebcb 100644 --- a/README +++ b/README @@ -1,5 +1,5 @@ - OpenSSL 0.9.8-beta6 XX xxx XXXX + OpenSSL 0.9.8-beta6 21 Jun 2005 Copyright (c) 1998-2005 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson diff --git a/STATUS b/STATUS index 3948a86488..c2dfbe9eb9 100644 --- a/STATUS +++ b/STATUS @@ -1,20 +1,13 @@ OpenSSL STATUS Last modified at - ______________ $Date: 2005/06/14 05:42:56 $ + ______________ $Date: 2005/06/21 05:49:47 $ DEVELOPMENT STATE o OpenSSL 0.9.9: Under development... - o OpenSSL 0.9.8-beta5: Released on June 13th, 2005 + o OpenSSL 0.9.8-beta6: Released on June 21th, 2005 OpenVMS/Alpha 7.3-2 w. Compaq C 6.4-005 SUCCESS - Cygwin (1.5.17 and current CVS) SUCCESS - linux-elf (SuSE 9.3) SUCCESS - linux-? (Gentoo/armel) SUCCESS - linux-? (Gentoo/armeb) FAILURE - (Tester comment: Gentoo/armeb failed the x509 certificate test - ('test_ss') due to lack of enough random data, but i'm pretty - sure that's a system issue and unrelated to openssl ;)) - linux-x86_64 (Linux AMD64) SUCCESS + o OpenSSL 0.9.8-beta5: Released on June 13th, 2005 o OpenSSL 0.9.8-beta4: Released on June 6th, 2005 o OpenSSL 0.9.8-beta3: Released on May 31th, 2005 o OpenSSL 0.9.8-beta2: Released on May 24th, 2005 diff --git a/crypto/opensslv.h b/crypto/opensslv.h index cc151b530c..e703b8100f 100644 --- a/crypto/opensslv.h +++ b/crypto/opensslv.h @@ -27,9 +27,9 @@ */ #define OPENSSL_VERSION_NUMBER 0x00908006L #ifdef OPENSSL_FIPS -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-fips-beta6 XX xxx XXXX" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-fips-beta6 21 Jun 2005" #else -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-beta6 XX xxx XXXX" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-beta6 21 Jun 2005" #endif #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT -- GitLab From 8aa9c792767d516abf52510bd95fd4581f407f4b Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 21 Jun 2005 05:56:26 +0000 Subject: [PATCH 284/929] Tagging is done, we're moving on. --- README | 2 +- crypto/opensslv.h | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/README b/README index ffbd31ebcb..88052d3ec1 100644 --- a/README +++ b/README @@ -1,5 +1,5 @@ - OpenSSL 0.9.8-beta6 21 Jun 2005 + OpenSSL 0.9.8 XX xxx XXXX Copyright (c) 1998-2005 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson diff --git a/crypto/opensslv.h b/crypto/opensslv.h index e703b8100f..85c8de82f5 100644 --- a/crypto/opensslv.h +++ b/crypto/opensslv.h @@ -25,11 +25,11 @@ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -#define OPENSSL_VERSION_NUMBER 0x00908006L +#define OPENSSL_VERSION_NUMBER 0x00908007L #ifdef OPENSSL_FIPS -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-fips-beta6 21 Jun 2005" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-fips-beta7-dev XX xxx XXXX" #else -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-beta6 21 Jun 2005" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-beta7-dev XX xxx XXXX" #endif #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT -- GitLab From 1f93c96e63b5c3bf9dedd350068e2aa06b1bdce4 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Wed, 22 Jun 2005 13:25:38 +0000 Subject: [PATCH 285/929] Fix extension ordering. --- crypto/x509v3/ext_dat.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/crypto/x509v3/ext_dat.h b/crypto/x509v3/ext_dat.h index 3ee4bffe39..5e86de5c9e 100644 --- a/crypto/x509v3/ext_dat.h +++ b/crypto/x509v3/ext_dat.h @@ -112,10 +112,10 @@ static X509V3_EXT_METHOD *standard_exts[] = { #ifndef OPENSSL_NO_OCSP &v3_crl_hold, #endif -&v3_pci, -&v3_policy_mappings, &v3_name_constraints, -&v3_inhibit_anyp +&v3_policy_mappings, +&v3_inhibit_anyp, +&v3_pci }; /* Number of standard extensions */ -- GitLab From daef72316f7f733dd12c7bc063260b403eeea3fd Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Wed, 22 Jun 2005 17:26:24 +0000 Subject: [PATCH 286/929] Sync OID database with 0.9.7. --- crypto/objects/obj_dat.h | 894 ++++++++++++++++++------------------- crypto/objects/obj_mac.h | 178 ++++---- crypto/objects/obj_mac.num | 178 ++++---- 3 files changed, 625 insertions(+), 625 deletions(-) diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index c2a707a984..998ac99359 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -690,93 +690,93 @@ static unsigned char lvalues[5002]={ 0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x03,/* [4447] OBJ_ms_upn */ 0x55,0x04,0x09, /* [4457] OBJ_streetAddress */ 0x55,0x04,0x11, /* [4460] OBJ_postalCode */ -0x2B, /* [4463] OBJ_identified_organization */ -0x2B,0x81,0x04, /* [4464] OBJ_certicom_arc */ -0x67,0x2B, /* [4467] OBJ_wap */ -0x67,0x2B,0x0D, /* [4469] OBJ_wap_wsg */ -0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03, /* [4472] OBJ_X9_62_id_characteristic_two_basis */ -0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x01,/* [4480] OBJ_X9_62_onBasis */ -0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x02,/* [4489] OBJ_X9_62_tpBasis */ -0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x03,/* [4498] OBJ_X9_62_ppBasis */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x01, /* [4507] OBJ_X9_62_c2pnb163v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x02, /* [4515] OBJ_X9_62_c2pnb163v2 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x03, /* [4523] OBJ_X9_62_c2pnb163v3 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x04, /* [4531] OBJ_X9_62_c2pnb176v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x05, /* [4539] OBJ_X9_62_c2tnb191v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x06, /* [4547] OBJ_X9_62_c2tnb191v2 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x07, /* [4555] OBJ_X9_62_c2tnb191v3 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x08, /* [4563] OBJ_X9_62_c2onb191v4 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x09, /* [4571] OBJ_X9_62_c2onb191v5 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0A, /* [4579] OBJ_X9_62_c2pnb208w1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0B, /* [4587] OBJ_X9_62_c2tnb239v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0C, /* [4595] OBJ_X9_62_c2tnb239v2 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0D, /* [4603] OBJ_X9_62_c2tnb239v3 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0E, /* [4611] OBJ_X9_62_c2onb239v4 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0F, /* [4619] OBJ_X9_62_c2onb239v5 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x10, /* [4627] OBJ_X9_62_c2pnb272w1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x11, /* [4635] OBJ_X9_62_c2pnb304w1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x12, /* [4643] OBJ_X9_62_c2tnb359v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x13, /* [4651] OBJ_X9_62_c2pnb368w1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x14, /* [4659] OBJ_X9_62_c2tnb431r1 */ -0x2B,0x81,0x04,0x00,0x06, /* [4667] OBJ_secp112r1 */ -0x2B,0x81,0x04,0x00,0x07, /* [4672] OBJ_secp112r2 */ -0x2B,0x81,0x04,0x00,0x1C, /* [4677] OBJ_secp128r1 */ -0x2B,0x81,0x04,0x00,0x1D, /* [4682] OBJ_secp128r2 */ -0x2B,0x81,0x04,0x00,0x09, /* [4687] OBJ_secp160k1 */ -0x2B,0x81,0x04,0x00,0x08, /* [4692] OBJ_secp160r1 */ -0x2B,0x81,0x04,0x00,0x1E, /* [4697] OBJ_secp160r2 */ -0x2B,0x81,0x04,0x00,0x1F, /* [4702] OBJ_secp192k1 */ -0x2B,0x81,0x04,0x00,0x20, /* [4707] OBJ_secp224k1 */ -0x2B,0x81,0x04,0x00,0x21, /* [4712] OBJ_secp224r1 */ -0x2B,0x81,0x04,0x00,0x0A, /* [4717] OBJ_secp256k1 */ -0x2B,0x81,0x04,0x00,0x22, /* [4722] OBJ_secp384r1 */ -0x2B,0x81,0x04,0x00,0x23, /* [4727] OBJ_secp521r1 */ -0x2B,0x81,0x04,0x00,0x04, /* [4732] OBJ_sect113r1 */ -0x2B,0x81,0x04,0x00,0x05, /* [4737] OBJ_sect113r2 */ -0x2B,0x81,0x04,0x00,0x16, /* [4742] OBJ_sect131r1 */ -0x2B,0x81,0x04,0x00,0x17, /* [4747] OBJ_sect131r2 */ -0x2B,0x81,0x04,0x00,0x01, /* [4752] OBJ_sect163k1 */ -0x2B,0x81,0x04,0x00,0x02, /* [4757] OBJ_sect163r1 */ -0x2B,0x81,0x04,0x00,0x0F, /* [4762] OBJ_sect163r2 */ -0x2B,0x81,0x04,0x00,0x18, /* [4767] OBJ_sect193r1 */ -0x2B,0x81,0x04,0x00,0x19, /* [4772] OBJ_sect193r2 */ -0x2B,0x81,0x04,0x00,0x1A, /* [4777] OBJ_sect233k1 */ -0x2B,0x81,0x04,0x00,0x1B, /* [4782] OBJ_sect233r1 */ -0x2B,0x81,0x04,0x00,0x03, /* [4787] OBJ_sect239k1 */ -0x2B,0x81,0x04,0x00,0x10, /* [4792] OBJ_sect283k1 */ -0x2B,0x81,0x04,0x00,0x11, /* [4797] OBJ_sect283r1 */ -0x2B,0x81,0x04,0x00,0x24, /* [4802] OBJ_sect409k1 */ -0x2B,0x81,0x04,0x00,0x25, /* [4807] OBJ_sect409r1 */ -0x2B,0x81,0x04,0x00,0x26, /* [4812] OBJ_sect571k1 */ -0x2B,0x81,0x04,0x00,0x27, /* [4817] OBJ_sect571r1 */ -0x67,0x2B,0x0D,0x04,0x01, /* [4822] OBJ_wap_wsg_idm_ecid_wtls1 */ -0x67,0x2B,0x0D,0x04,0x03, /* [4827] OBJ_wap_wsg_idm_ecid_wtls3 */ -0x67,0x2B,0x0D,0x04,0x04, /* [4832] OBJ_wap_wsg_idm_ecid_wtls4 */ -0x67,0x2B,0x0D,0x04,0x05, /* [4837] OBJ_wap_wsg_idm_ecid_wtls5 */ -0x67,0x2B,0x0D,0x04,0x06, /* [4842] OBJ_wap_wsg_idm_ecid_wtls6 */ -0x67,0x2B,0x0D,0x04,0x07, /* [4847] OBJ_wap_wsg_idm_ecid_wtls7 */ -0x67,0x2B,0x0D,0x04,0x08, /* [4852] OBJ_wap_wsg_idm_ecid_wtls8 */ -0x67,0x2B,0x0D,0x04,0x09, /* [4857] OBJ_wap_wsg_idm_ecid_wtls9 */ -0x67,0x2B,0x0D,0x04,0x0A, /* [4862] OBJ_wap_wsg_idm_ecid_wtls10 */ -0x67,0x2B,0x0D,0x04,0x0B, /* [4867] OBJ_wap_wsg_idm_ecid_wtls11 */ -0x67,0x2B,0x0D,0x04,0x0C, /* [4872] OBJ_wap_wsg_idm_ecid_wtls12 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0B,/* [4877] OBJ_sha256WithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0C,/* [4886] OBJ_sha384WithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0D,/* [4895] OBJ_sha512WithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0E,/* [4904] OBJ_sha224WithRSAEncryption */ -0x55,0x1D,0x1E, /* [4913] OBJ_name_constraints */ -0x55,0x1D,0x20,0x00, /* [4916] OBJ_any_policy */ -0x55,0x1D,0x21, /* [4920] OBJ_policy_mappings */ -0x55,0x1D,0x36, /* [4923] OBJ_inhibit_any_policy */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,/* [4926] OBJ_sha256 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,/* [4935] OBJ_sha384 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,/* [4944] OBJ_sha512 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x04,/* [4953] OBJ_sha224 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x15, /* [4962] OBJ_id_ppl */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0E, /* [4969] OBJ_proxyCertInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x00, /* [4977] OBJ_id_ppl_anyLanguage */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x01, /* [4985] OBJ_id_ppl_inheritAll */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x02, /* [4993] OBJ_Independent */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x15, /* [4463] OBJ_id_ppl */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0E, /* [4470] OBJ_proxyCertInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x00, /* [4478] OBJ_id_ppl_anyLanguage */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x01, /* [4486] OBJ_id_ppl_inheritAll */ +0x55,0x1D,0x1E, /* [4494] OBJ_name_constraints */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x02, /* [4497] OBJ_Independent */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0B,/* [4505] OBJ_sha256WithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0C,/* [4514] OBJ_sha384WithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0D,/* [4523] OBJ_sha512WithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0E,/* [4532] OBJ_sha224WithRSAEncryption */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,/* [4541] OBJ_sha256 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,/* [4550] OBJ_sha384 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,/* [4559] OBJ_sha512 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x04,/* [4568] OBJ_sha224 */ +0x2B, /* [4577] OBJ_identified_organization */ +0x2B,0x81,0x04, /* [4578] OBJ_certicom_arc */ +0x67,0x2B, /* [4581] OBJ_wap */ +0x67,0x2B,0x0D, /* [4583] OBJ_wap_wsg */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03, /* [4586] OBJ_X9_62_id_characteristic_two_basis */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x01,/* [4594] OBJ_X9_62_onBasis */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x02,/* [4603] OBJ_X9_62_tpBasis */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x03,/* [4612] OBJ_X9_62_ppBasis */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x01, /* [4621] OBJ_X9_62_c2pnb163v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x02, /* [4629] OBJ_X9_62_c2pnb163v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x03, /* [4637] OBJ_X9_62_c2pnb163v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x04, /* [4645] OBJ_X9_62_c2pnb176v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x05, /* [4653] OBJ_X9_62_c2tnb191v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x06, /* [4661] OBJ_X9_62_c2tnb191v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x07, /* [4669] OBJ_X9_62_c2tnb191v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x08, /* [4677] OBJ_X9_62_c2onb191v4 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x09, /* [4685] OBJ_X9_62_c2onb191v5 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0A, /* [4693] OBJ_X9_62_c2pnb208w1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0B, /* [4701] OBJ_X9_62_c2tnb239v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0C, /* [4709] OBJ_X9_62_c2tnb239v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0D, /* [4717] OBJ_X9_62_c2tnb239v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0E, /* [4725] OBJ_X9_62_c2onb239v4 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0F, /* [4733] OBJ_X9_62_c2onb239v5 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x10, /* [4741] OBJ_X9_62_c2pnb272w1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x11, /* [4749] OBJ_X9_62_c2pnb304w1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x12, /* [4757] OBJ_X9_62_c2tnb359v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x13, /* [4765] OBJ_X9_62_c2pnb368w1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x14, /* [4773] OBJ_X9_62_c2tnb431r1 */ +0x2B,0x81,0x04,0x00,0x06, /* [4781] OBJ_secp112r1 */ +0x2B,0x81,0x04,0x00,0x07, /* [4786] OBJ_secp112r2 */ +0x2B,0x81,0x04,0x00,0x1C, /* [4791] OBJ_secp128r1 */ +0x2B,0x81,0x04,0x00,0x1D, /* [4796] OBJ_secp128r2 */ +0x2B,0x81,0x04,0x00,0x09, /* [4801] OBJ_secp160k1 */ +0x2B,0x81,0x04,0x00,0x08, /* [4806] OBJ_secp160r1 */ +0x2B,0x81,0x04,0x00,0x1E, /* [4811] OBJ_secp160r2 */ +0x2B,0x81,0x04,0x00,0x1F, /* [4816] OBJ_secp192k1 */ +0x2B,0x81,0x04,0x00,0x20, /* [4821] OBJ_secp224k1 */ +0x2B,0x81,0x04,0x00,0x21, /* [4826] OBJ_secp224r1 */ +0x2B,0x81,0x04,0x00,0x0A, /* [4831] OBJ_secp256k1 */ +0x2B,0x81,0x04,0x00,0x22, /* [4836] OBJ_secp384r1 */ +0x2B,0x81,0x04,0x00,0x23, /* [4841] OBJ_secp521r1 */ +0x2B,0x81,0x04,0x00,0x04, /* [4846] OBJ_sect113r1 */ +0x2B,0x81,0x04,0x00,0x05, /* [4851] OBJ_sect113r2 */ +0x2B,0x81,0x04,0x00,0x16, /* [4856] OBJ_sect131r1 */ +0x2B,0x81,0x04,0x00,0x17, /* [4861] OBJ_sect131r2 */ +0x2B,0x81,0x04,0x00,0x01, /* [4866] OBJ_sect163k1 */ +0x2B,0x81,0x04,0x00,0x02, /* [4871] OBJ_sect163r1 */ +0x2B,0x81,0x04,0x00,0x0F, /* [4876] OBJ_sect163r2 */ +0x2B,0x81,0x04,0x00,0x18, /* [4881] OBJ_sect193r1 */ +0x2B,0x81,0x04,0x00,0x19, /* [4886] OBJ_sect193r2 */ +0x2B,0x81,0x04,0x00,0x1A, /* [4891] OBJ_sect233k1 */ +0x2B,0x81,0x04,0x00,0x1B, /* [4896] OBJ_sect233r1 */ +0x2B,0x81,0x04,0x00,0x03, /* [4901] OBJ_sect239k1 */ +0x2B,0x81,0x04,0x00,0x10, /* [4906] OBJ_sect283k1 */ +0x2B,0x81,0x04,0x00,0x11, /* [4911] OBJ_sect283r1 */ +0x2B,0x81,0x04,0x00,0x24, /* [4916] OBJ_sect409k1 */ +0x2B,0x81,0x04,0x00,0x25, /* [4921] OBJ_sect409r1 */ +0x2B,0x81,0x04,0x00,0x26, /* [4926] OBJ_sect571k1 */ +0x2B,0x81,0x04,0x00,0x27, /* [4931] OBJ_sect571r1 */ +0x67,0x2B,0x0D,0x04,0x01, /* [4936] OBJ_wap_wsg_idm_ecid_wtls1 */ +0x67,0x2B,0x0D,0x04,0x03, /* [4941] OBJ_wap_wsg_idm_ecid_wtls3 */ +0x67,0x2B,0x0D,0x04,0x04, /* [4946] OBJ_wap_wsg_idm_ecid_wtls4 */ +0x67,0x2B,0x0D,0x04,0x05, /* [4951] OBJ_wap_wsg_idm_ecid_wtls5 */ +0x67,0x2B,0x0D,0x04,0x06, /* [4956] OBJ_wap_wsg_idm_ecid_wtls6 */ +0x67,0x2B,0x0D,0x04,0x07, /* [4961] OBJ_wap_wsg_idm_ecid_wtls7 */ +0x67,0x2B,0x0D,0x04,0x08, /* [4966] OBJ_wap_wsg_idm_ecid_wtls8 */ +0x67,0x2B,0x0D,0x04,0x09, /* [4971] OBJ_wap_wsg_idm_ecid_wtls9 */ +0x67,0x2B,0x0D,0x04,0x0A, /* [4976] OBJ_wap_wsg_idm_ecid_wtls10 */ +0x67,0x2B,0x0D,0x04,0x0B, /* [4981] OBJ_wap_wsg_idm_ecid_wtls11 */ +0x67,0x2B,0x0D,0x04,0x0C, /* [4986] OBJ_wap_wsg_idm_ecid_wtls12 */ +0x55,0x1D,0x20,0x00, /* [4991] OBJ_any_policy */ +0x55,0x1D,0x21, /* [4995] OBJ_policy_mappings */ +0x55,0x1D,0x36, /* [4998] OBJ_inhibit_any_policy */ }; static ASN1_OBJECT nid_objs[NUM_NID]={ @@ -1833,118 +1833,118 @@ static ASN1_OBJECT nid_objs[NUM_NID]={ {"DES-EDE3-CFB8","des-ede3-cfb8",NID_des_ede3_cfb8,0,NULL}, {"streetAddress","streetAddress",NID_streetAddress,3,&(lvalues[4457]),0}, {"postalCode","postalCode",NID_postalCode,3,&(lvalues[4460]),0}, +{"id-ppl","id-ppl",NID_id_ppl,7,&(lvalues[4463]),0}, +{"proxyCertInfo","Proxy Certificate Information",NID_proxyCertInfo,8, + &(lvalues[4470]),0}, +{"id-ppl-anyLanguage","Any language",NID_id_ppl_anyLanguage,8, + &(lvalues[4478]),0}, +{"id-ppl-inheritAll","Inherit all",NID_id_ppl_inheritAll,8, + &(lvalues[4486]),0}, +{"nameConstraints","X509v3 Name Constraints",NID_name_constraints,3, + &(lvalues[4494]),0}, +{"id-ppl-independent","Independent",NID_Independent,8,&(lvalues[4497]),0}, +{"RSA-SHA256","sha256WithRSAEncryption",NID_sha256WithRSAEncryption,9, + &(lvalues[4505]),0}, +{"RSA-SHA384","sha384WithRSAEncryption",NID_sha384WithRSAEncryption,9, + &(lvalues[4514]),0}, +{"RSA-SHA512","sha512WithRSAEncryption",NID_sha512WithRSAEncryption,9, + &(lvalues[4523]),0}, +{"RSA-SHA224","sha224WithRSAEncryption",NID_sha224WithRSAEncryption,9, + &(lvalues[4532]),0}, +{"SHA256","sha256",NID_sha256,9,&(lvalues[4541]),0}, +{"SHA384","sha384",NID_sha384,9,&(lvalues[4550]),0}, +{"SHA512","sha512",NID_sha512,9,&(lvalues[4559]),0}, +{"SHA224","sha224",NID_sha224,9,&(lvalues[4568]),0}, {"identified-organization","identified-organization", - NID_identified_organization,1,&(lvalues[4463]),0}, -{"certicom-arc","certicom-arc",NID_certicom_arc,3,&(lvalues[4464]),0}, -{"wap","wap",NID_wap,2,&(lvalues[4467]),0}, -{"wap-wsg","wap-wsg",NID_wap_wsg,3,&(lvalues[4469]),0}, + NID_identified_organization,1,&(lvalues[4577]),0}, +{"certicom-arc","certicom-arc",NID_certicom_arc,3,&(lvalues[4578]),0}, +{"wap","wap",NID_wap,2,&(lvalues[4581]),0}, +{"wap-wsg","wap-wsg",NID_wap_wsg,3,&(lvalues[4583]),0}, {"id-characteristic-two-basis","id-characteristic-two-basis", - NID_X9_62_id_characteristic_two_basis,8,&(lvalues[4472]),0}, -{"onBasis","onBasis",NID_X9_62_onBasis,9,&(lvalues[4480]),0}, -{"tpBasis","tpBasis",NID_X9_62_tpBasis,9,&(lvalues[4489]),0}, -{"ppBasis","ppBasis",NID_X9_62_ppBasis,9,&(lvalues[4498]),0}, -{"c2pnb163v1","c2pnb163v1",NID_X9_62_c2pnb163v1,8,&(lvalues[4507]),0}, -{"c2pnb163v2","c2pnb163v2",NID_X9_62_c2pnb163v2,8,&(lvalues[4515]),0}, -{"c2pnb163v3","c2pnb163v3",NID_X9_62_c2pnb163v3,8,&(lvalues[4523]),0}, -{"c2pnb176v1","c2pnb176v1",NID_X9_62_c2pnb176v1,8,&(lvalues[4531]),0}, -{"c2tnb191v1","c2tnb191v1",NID_X9_62_c2tnb191v1,8,&(lvalues[4539]),0}, -{"c2tnb191v2","c2tnb191v2",NID_X9_62_c2tnb191v2,8,&(lvalues[4547]),0}, -{"c2tnb191v3","c2tnb191v3",NID_X9_62_c2tnb191v3,8,&(lvalues[4555]),0}, -{"c2onb191v4","c2onb191v4",NID_X9_62_c2onb191v4,8,&(lvalues[4563]),0}, -{"c2onb191v5","c2onb191v5",NID_X9_62_c2onb191v5,8,&(lvalues[4571]),0}, -{"c2pnb208w1","c2pnb208w1",NID_X9_62_c2pnb208w1,8,&(lvalues[4579]),0}, -{"c2tnb239v1","c2tnb239v1",NID_X9_62_c2tnb239v1,8,&(lvalues[4587]),0}, -{"c2tnb239v2","c2tnb239v2",NID_X9_62_c2tnb239v2,8,&(lvalues[4595]),0}, -{"c2tnb239v3","c2tnb239v3",NID_X9_62_c2tnb239v3,8,&(lvalues[4603]),0}, -{"c2onb239v4","c2onb239v4",NID_X9_62_c2onb239v4,8,&(lvalues[4611]),0}, -{"c2onb239v5","c2onb239v5",NID_X9_62_c2onb239v5,8,&(lvalues[4619]),0}, -{"c2pnb272w1","c2pnb272w1",NID_X9_62_c2pnb272w1,8,&(lvalues[4627]),0}, -{"c2pnb304w1","c2pnb304w1",NID_X9_62_c2pnb304w1,8,&(lvalues[4635]),0}, -{"c2tnb359v1","c2tnb359v1",NID_X9_62_c2tnb359v1,8,&(lvalues[4643]),0}, -{"c2pnb368w1","c2pnb368w1",NID_X9_62_c2pnb368w1,8,&(lvalues[4651]),0}, -{"c2tnb431r1","c2tnb431r1",NID_X9_62_c2tnb431r1,8,&(lvalues[4659]),0}, -{"secp112r1","secp112r1",NID_secp112r1,5,&(lvalues[4667]),0}, -{"secp112r2","secp112r2",NID_secp112r2,5,&(lvalues[4672]),0}, -{"secp128r1","secp128r1",NID_secp128r1,5,&(lvalues[4677]),0}, -{"secp128r2","secp128r2",NID_secp128r2,5,&(lvalues[4682]),0}, -{"secp160k1","secp160k1",NID_secp160k1,5,&(lvalues[4687]),0}, -{"secp160r1","secp160r1",NID_secp160r1,5,&(lvalues[4692]),0}, -{"secp160r2","secp160r2",NID_secp160r2,5,&(lvalues[4697]),0}, -{"secp192k1","secp192k1",NID_secp192k1,5,&(lvalues[4702]),0}, -{"secp224k1","secp224k1",NID_secp224k1,5,&(lvalues[4707]),0}, -{"secp224r1","secp224r1",NID_secp224r1,5,&(lvalues[4712]),0}, -{"secp256k1","secp256k1",NID_secp256k1,5,&(lvalues[4717]),0}, -{"secp384r1","secp384r1",NID_secp384r1,5,&(lvalues[4722]),0}, -{"secp521r1","secp521r1",NID_secp521r1,5,&(lvalues[4727]),0}, -{"sect113r1","sect113r1",NID_sect113r1,5,&(lvalues[4732]),0}, -{"sect113r2","sect113r2",NID_sect113r2,5,&(lvalues[4737]),0}, -{"sect131r1","sect131r1",NID_sect131r1,5,&(lvalues[4742]),0}, -{"sect131r2","sect131r2",NID_sect131r2,5,&(lvalues[4747]),0}, -{"sect163k1","sect163k1",NID_sect163k1,5,&(lvalues[4752]),0}, -{"sect163r1","sect163r1",NID_sect163r1,5,&(lvalues[4757]),0}, -{"sect163r2","sect163r2",NID_sect163r2,5,&(lvalues[4762]),0}, -{"sect193r1","sect193r1",NID_sect193r1,5,&(lvalues[4767]),0}, -{"sect193r2","sect193r2",NID_sect193r2,5,&(lvalues[4772]),0}, -{"sect233k1","sect233k1",NID_sect233k1,5,&(lvalues[4777]),0}, -{"sect233r1","sect233r1",NID_sect233r1,5,&(lvalues[4782]),0}, -{"sect239k1","sect239k1",NID_sect239k1,5,&(lvalues[4787]),0}, -{"sect283k1","sect283k1",NID_sect283k1,5,&(lvalues[4792]),0}, -{"sect283r1","sect283r1",NID_sect283r1,5,&(lvalues[4797]),0}, -{"sect409k1","sect409k1",NID_sect409k1,5,&(lvalues[4802]),0}, -{"sect409r1","sect409r1",NID_sect409r1,5,&(lvalues[4807]),0}, -{"sect571k1","sect571k1",NID_sect571k1,5,&(lvalues[4812]),0}, -{"sect571r1","sect571r1",NID_sect571r1,5,&(lvalues[4817]),0}, + NID_X9_62_id_characteristic_two_basis,8,&(lvalues[4586]),0}, +{"onBasis","onBasis",NID_X9_62_onBasis,9,&(lvalues[4594]),0}, +{"tpBasis","tpBasis",NID_X9_62_tpBasis,9,&(lvalues[4603]),0}, +{"ppBasis","ppBasis",NID_X9_62_ppBasis,9,&(lvalues[4612]),0}, +{"c2pnb163v1","c2pnb163v1",NID_X9_62_c2pnb163v1,8,&(lvalues[4621]),0}, +{"c2pnb163v2","c2pnb163v2",NID_X9_62_c2pnb163v2,8,&(lvalues[4629]),0}, +{"c2pnb163v3","c2pnb163v3",NID_X9_62_c2pnb163v3,8,&(lvalues[4637]),0}, +{"c2pnb176v1","c2pnb176v1",NID_X9_62_c2pnb176v1,8,&(lvalues[4645]),0}, +{"c2tnb191v1","c2tnb191v1",NID_X9_62_c2tnb191v1,8,&(lvalues[4653]),0}, +{"c2tnb191v2","c2tnb191v2",NID_X9_62_c2tnb191v2,8,&(lvalues[4661]),0}, +{"c2tnb191v3","c2tnb191v3",NID_X9_62_c2tnb191v3,8,&(lvalues[4669]),0}, +{"c2onb191v4","c2onb191v4",NID_X9_62_c2onb191v4,8,&(lvalues[4677]),0}, +{"c2onb191v5","c2onb191v5",NID_X9_62_c2onb191v5,8,&(lvalues[4685]),0}, +{"c2pnb208w1","c2pnb208w1",NID_X9_62_c2pnb208w1,8,&(lvalues[4693]),0}, +{"c2tnb239v1","c2tnb239v1",NID_X9_62_c2tnb239v1,8,&(lvalues[4701]),0}, +{"c2tnb239v2","c2tnb239v2",NID_X9_62_c2tnb239v2,8,&(lvalues[4709]),0}, +{"c2tnb239v3","c2tnb239v3",NID_X9_62_c2tnb239v3,8,&(lvalues[4717]),0}, +{"c2onb239v4","c2onb239v4",NID_X9_62_c2onb239v4,8,&(lvalues[4725]),0}, +{"c2onb239v5","c2onb239v5",NID_X9_62_c2onb239v5,8,&(lvalues[4733]),0}, +{"c2pnb272w1","c2pnb272w1",NID_X9_62_c2pnb272w1,8,&(lvalues[4741]),0}, +{"c2pnb304w1","c2pnb304w1",NID_X9_62_c2pnb304w1,8,&(lvalues[4749]),0}, +{"c2tnb359v1","c2tnb359v1",NID_X9_62_c2tnb359v1,8,&(lvalues[4757]),0}, +{"c2pnb368w1","c2pnb368w1",NID_X9_62_c2pnb368w1,8,&(lvalues[4765]),0}, +{"c2tnb431r1","c2tnb431r1",NID_X9_62_c2tnb431r1,8,&(lvalues[4773]),0}, +{"secp112r1","secp112r1",NID_secp112r1,5,&(lvalues[4781]),0}, +{"secp112r2","secp112r2",NID_secp112r2,5,&(lvalues[4786]),0}, +{"secp128r1","secp128r1",NID_secp128r1,5,&(lvalues[4791]),0}, +{"secp128r2","secp128r2",NID_secp128r2,5,&(lvalues[4796]),0}, +{"secp160k1","secp160k1",NID_secp160k1,5,&(lvalues[4801]),0}, +{"secp160r1","secp160r1",NID_secp160r1,5,&(lvalues[4806]),0}, +{"secp160r2","secp160r2",NID_secp160r2,5,&(lvalues[4811]),0}, +{"secp192k1","secp192k1",NID_secp192k1,5,&(lvalues[4816]),0}, +{"secp224k1","secp224k1",NID_secp224k1,5,&(lvalues[4821]),0}, +{"secp224r1","secp224r1",NID_secp224r1,5,&(lvalues[4826]),0}, +{"secp256k1","secp256k1",NID_secp256k1,5,&(lvalues[4831]),0}, +{"secp384r1","secp384r1",NID_secp384r1,5,&(lvalues[4836]),0}, +{"secp521r1","secp521r1",NID_secp521r1,5,&(lvalues[4841]),0}, +{"sect113r1","sect113r1",NID_sect113r1,5,&(lvalues[4846]),0}, +{"sect113r2","sect113r2",NID_sect113r2,5,&(lvalues[4851]),0}, +{"sect131r1","sect131r1",NID_sect131r1,5,&(lvalues[4856]),0}, +{"sect131r2","sect131r2",NID_sect131r2,5,&(lvalues[4861]),0}, +{"sect163k1","sect163k1",NID_sect163k1,5,&(lvalues[4866]),0}, +{"sect163r1","sect163r1",NID_sect163r1,5,&(lvalues[4871]),0}, +{"sect163r2","sect163r2",NID_sect163r2,5,&(lvalues[4876]),0}, +{"sect193r1","sect193r1",NID_sect193r1,5,&(lvalues[4881]),0}, +{"sect193r2","sect193r2",NID_sect193r2,5,&(lvalues[4886]),0}, +{"sect233k1","sect233k1",NID_sect233k1,5,&(lvalues[4891]),0}, +{"sect233r1","sect233r1",NID_sect233r1,5,&(lvalues[4896]),0}, +{"sect239k1","sect239k1",NID_sect239k1,5,&(lvalues[4901]),0}, +{"sect283k1","sect283k1",NID_sect283k1,5,&(lvalues[4906]),0}, +{"sect283r1","sect283r1",NID_sect283r1,5,&(lvalues[4911]),0}, +{"sect409k1","sect409k1",NID_sect409k1,5,&(lvalues[4916]),0}, +{"sect409r1","sect409r1",NID_sect409r1,5,&(lvalues[4921]),0}, +{"sect571k1","sect571k1",NID_sect571k1,5,&(lvalues[4926]),0}, +{"sect571r1","sect571r1",NID_sect571r1,5,&(lvalues[4931]),0}, {"wap-wsg-idm-ecid-wtls1","wap-wsg-idm-ecid-wtls1", - NID_wap_wsg_idm_ecid_wtls1,5,&(lvalues[4822]),0}, + NID_wap_wsg_idm_ecid_wtls1,5,&(lvalues[4936]),0}, {"wap-wsg-idm-ecid-wtls3","wap-wsg-idm-ecid-wtls3", - NID_wap_wsg_idm_ecid_wtls3,5,&(lvalues[4827]),0}, + NID_wap_wsg_idm_ecid_wtls3,5,&(lvalues[4941]),0}, {"wap-wsg-idm-ecid-wtls4","wap-wsg-idm-ecid-wtls4", - NID_wap_wsg_idm_ecid_wtls4,5,&(lvalues[4832]),0}, + NID_wap_wsg_idm_ecid_wtls4,5,&(lvalues[4946]),0}, {"wap-wsg-idm-ecid-wtls5","wap-wsg-idm-ecid-wtls5", - NID_wap_wsg_idm_ecid_wtls5,5,&(lvalues[4837]),0}, + NID_wap_wsg_idm_ecid_wtls5,5,&(lvalues[4951]),0}, {"wap-wsg-idm-ecid-wtls6","wap-wsg-idm-ecid-wtls6", - NID_wap_wsg_idm_ecid_wtls6,5,&(lvalues[4842]),0}, + NID_wap_wsg_idm_ecid_wtls6,5,&(lvalues[4956]),0}, {"wap-wsg-idm-ecid-wtls7","wap-wsg-idm-ecid-wtls7", - NID_wap_wsg_idm_ecid_wtls7,5,&(lvalues[4847]),0}, + NID_wap_wsg_idm_ecid_wtls7,5,&(lvalues[4961]),0}, {"wap-wsg-idm-ecid-wtls8","wap-wsg-idm-ecid-wtls8", - NID_wap_wsg_idm_ecid_wtls8,5,&(lvalues[4852]),0}, + NID_wap_wsg_idm_ecid_wtls8,5,&(lvalues[4966]),0}, {"wap-wsg-idm-ecid-wtls9","wap-wsg-idm-ecid-wtls9", - NID_wap_wsg_idm_ecid_wtls9,5,&(lvalues[4857]),0}, + NID_wap_wsg_idm_ecid_wtls9,5,&(lvalues[4971]),0}, {"wap-wsg-idm-ecid-wtls10","wap-wsg-idm-ecid-wtls10", - NID_wap_wsg_idm_ecid_wtls10,5,&(lvalues[4862]),0}, + NID_wap_wsg_idm_ecid_wtls10,5,&(lvalues[4976]),0}, {"wap-wsg-idm-ecid-wtls11","wap-wsg-idm-ecid-wtls11", - NID_wap_wsg_idm_ecid_wtls11,5,&(lvalues[4867]),0}, + NID_wap_wsg_idm_ecid_wtls11,5,&(lvalues[4981]),0}, {"wap-wsg-idm-ecid-wtls12","wap-wsg-idm-ecid-wtls12", - NID_wap_wsg_idm_ecid_wtls12,5,&(lvalues[4872]),0}, -{"RSA-SHA256","sha256WithRSAEncryption",NID_sha256WithRSAEncryption,9, - &(lvalues[4877]),0}, -{"RSA-SHA384","sha384WithRSAEncryption",NID_sha384WithRSAEncryption,9, - &(lvalues[4886]),0}, -{"RSA-SHA512","sha512WithRSAEncryption",NID_sha512WithRSAEncryption,9, - &(lvalues[4895]),0}, -{"RSA-SHA224","sha224WithRSAEncryption",NID_sha224WithRSAEncryption,9, - &(lvalues[4904]),0}, -{"nameConstraints","X509v3 Name Constraints",NID_name_constraints,3, - &(lvalues[4913]),0}, -{"anyPolicy","X509v3 Any Policy",NID_any_policy,4,&(lvalues[4916]),0}, + NID_wap_wsg_idm_ecid_wtls12,5,&(lvalues[4986]),0}, +{"anyPolicy","X509v3 Any Policy",NID_any_policy,4,&(lvalues[4991]),0}, {"policyMappings","X509v3 Policy Mappings",NID_policy_mappings,3, - &(lvalues[4920]),0}, + &(lvalues[4995]),0}, {"inhibitAnyPolicy","X509v3 Inhibit Any Policy", - NID_inhibit_any_policy,3,&(lvalues[4923]),0}, -{"SHA256","sha256",NID_sha256,9,&(lvalues[4926]),0}, -{"SHA384","sha384",NID_sha384,9,&(lvalues[4935]),0}, -{"SHA512","sha512",NID_sha512,9,&(lvalues[4944]),0}, -{"SHA224","sha224",NID_sha224,9,&(lvalues[4953]),0}, + NID_inhibit_any_policy,3,&(lvalues[4998]),0}, {"Oakley-EC2N-3","ipsec3",NID_ipsec3,0,NULL}, {"Oakley-EC2N-4","ipsec4",NID_ipsec4,0,NULL}, -{"id-ppl","id-ppl",NID_id_ppl,7,&(lvalues[4962]),0}, -{"proxyCertInfo","Proxy Certificate Information",NID_proxyCertInfo,8, - &(lvalues[4969]),0}, -{"id-ppl-anyLanguage","Any language",NID_id_ppl_anyLanguage,8, - &(lvalues[4977]),0}, -{"id-ppl-inheritAll","Inherit all",NID_id_ppl_inheritAll,8, - &(lvalues[4985]),0}, -{"id-ppl-independent","Independent",NID_Independent,8,&(lvalues[4993]),0}, }; static ASN1_OBJECT *sn_objs[NUM_SN]={ @@ -2032,8 +2032,8 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[180]),/* "OCSPSigning" */ &(nid_objs[379]),/* "ORG" */ &(nid_objs[18]),/* "OU" */ -&(nid_objs[744]),/* "Oakley-EC2N-3" */ -&(nid_objs[745]),/* "Oakley-EC2N-4" */ +&(nid_objs[749]),/* "Oakley-EC2N-3" */ +&(nid_objs[750]),/* "Oakley-EC2N-4" */ &(nid_objs[ 9]),/* "PBE-MD2-DES" */ &(nid_objs[168]),/* "PBE-MD2-RC2-64" */ &(nid_objs[10]),/* "PBE-MD5-DES" */ @@ -2074,16 +2074,16 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[42]),/* "RSA-SHA" */ &(nid_objs[65]),/* "RSA-SHA1" */ &(nid_objs[115]),/* "RSA-SHA1-2" */ -&(nid_objs[735]),/* "RSA-SHA224" */ -&(nid_objs[732]),/* "RSA-SHA256" */ -&(nid_objs[733]),/* "RSA-SHA384" */ -&(nid_objs[734]),/* "RSA-SHA512" */ +&(nid_objs[671]),/* "RSA-SHA224" */ +&(nid_objs[668]),/* "RSA-SHA256" */ +&(nid_objs[669]),/* "RSA-SHA384" */ +&(nid_objs[670]),/* "RSA-SHA512" */ &(nid_objs[41]),/* "SHA" */ &(nid_objs[64]),/* "SHA1" */ -&(nid_objs[743]),/* "SHA224" */ -&(nid_objs[740]),/* "SHA256" */ -&(nid_objs[741]),/* "SHA384" */ -&(nid_objs[742]),/* "SHA512" */ +&(nid_objs[675]),/* "SHA224" */ +&(nid_objs[672]),/* "SHA256" */ +&(nid_objs[673]),/* "SHA384" */ +&(nid_objs[674]),/* "SHA512" */ &(nid_objs[188]),/* "SMIME" */ &(nid_objs[167]),/* "SMIME-CAPS" */ &(nid_objs[100]),/* "SN" */ @@ -2107,7 +2107,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[363]),/* "ad_timestamping" */ &(nid_objs[376]),/* "algorithm" */ &(nid_objs[405]),/* "ansi-X9-62" */ -&(nid_objs[737]),/* "anyPolicy" */ +&(nid_objs[746]),/* "anyPolicy" */ &(nid_objs[370]),/* "archiveCutoff" */ &(nid_objs[484]),/* "associatedDomain" */ &(nid_objs[485]),/* "associatedName" */ @@ -2118,31 +2118,31 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[365]),/* "basicOCSPResponse" */ &(nid_objs[285]),/* "biometricInfo" */ &(nid_objs[494]),/* "buildingName" */ -&(nid_objs[677]),/* "c2onb191v4" */ -&(nid_objs[678]),/* "c2onb191v5" */ -&(nid_objs[683]),/* "c2onb239v4" */ -&(nid_objs[684]),/* "c2onb239v5" */ -&(nid_objs[670]),/* "c2pnb163v1" */ -&(nid_objs[671]),/* "c2pnb163v2" */ -&(nid_objs[672]),/* "c2pnb163v3" */ -&(nid_objs[673]),/* "c2pnb176v1" */ -&(nid_objs[679]),/* "c2pnb208w1" */ -&(nid_objs[685]),/* "c2pnb272w1" */ -&(nid_objs[686]),/* "c2pnb304w1" */ -&(nid_objs[688]),/* "c2pnb368w1" */ -&(nid_objs[674]),/* "c2tnb191v1" */ -&(nid_objs[675]),/* "c2tnb191v2" */ -&(nid_objs[676]),/* "c2tnb191v3" */ -&(nid_objs[680]),/* "c2tnb239v1" */ -&(nid_objs[681]),/* "c2tnb239v2" */ -&(nid_objs[682]),/* "c2tnb239v3" */ -&(nid_objs[687]),/* "c2tnb359v1" */ -&(nid_objs[689]),/* "c2tnb431r1" */ +&(nid_objs[691]),/* "c2onb191v4" */ +&(nid_objs[692]),/* "c2onb191v5" */ +&(nid_objs[697]),/* "c2onb239v4" */ +&(nid_objs[698]),/* "c2onb239v5" */ +&(nid_objs[684]),/* "c2pnb163v1" */ +&(nid_objs[685]),/* "c2pnb163v2" */ +&(nid_objs[686]),/* "c2pnb163v3" */ +&(nid_objs[687]),/* "c2pnb176v1" */ +&(nid_objs[693]),/* "c2pnb208w1" */ +&(nid_objs[699]),/* "c2pnb272w1" */ +&(nid_objs[700]),/* "c2pnb304w1" */ +&(nid_objs[702]),/* "c2pnb368w1" */ +&(nid_objs[688]),/* "c2tnb191v1" */ +&(nid_objs[689]),/* "c2tnb191v2" */ +&(nid_objs[690]),/* "c2tnb191v3" */ +&(nid_objs[694]),/* "c2tnb239v1" */ +&(nid_objs[695]),/* "c2tnb239v2" */ +&(nid_objs[696]),/* "c2tnb239v3" */ +&(nid_objs[701]),/* "c2tnb359v1" */ +&(nid_objs[703]),/* "c2tnb431r1" */ &(nid_objs[483]),/* "cNAMERecord" */ &(nid_objs[179]),/* "caIssuers" */ &(nid_objs[443]),/* "caseIgnoreIA5StringSyntax" */ &(nid_objs[152]),/* "certBag" */ -&(nid_objs[663]),/* "certicom-arc" */ +&(nid_objs[677]),/* "certicom-arc" */ &(nid_objs[89]),/* "certificatePolicies" */ &(nid_objs[54]),/* "challengePassword" */ &(nid_objs[407]),/* "characteristic-two-field" */ @@ -2215,7 +2215,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[362]),/* "id-cct-PKIResponse" */ &(nid_objs[360]),/* "id-cct-crs" */ &(nid_objs[81]),/* "id-ce" */ -&(nid_objs[666]),/* "id-characteristic-two-basis" */ +&(nid_objs[680]),/* "id-characteristic-two-basis" */ &(nid_objs[263]),/* "id-cmc" */ &(nid_objs[334]),/* "id-cmc-addExtensions" */ &(nid_objs[346]),/* "id-cmc-confirmCertAcceptance" */ @@ -2284,10 +2284,10 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[271]),/* "id-pkix1-explicit-93" */ &(nid_objs[270]),/* "id-pkix1-implicit-88" */ &(nid_objs[272]),/* "id-pkix1-implicit-93" */ -&(nid_objs[746]),/* "id-ppl" */ -&(nid_objs[748]),/* "id-ppl-anyLanguage" */ -&(nid_objs[750]),/* "id-ppl-independent" */ -&(nid_objs[749]),/* "id-ppl-inheritAll" */ +&(nid_objs[662]),/* "id-ppl" */ +&(nid_objs[664]),/* "id-ppl-anyLanguage" */ +&(nid_objs[667]),/* "id-ppl-independent" */ +&(nid_objs[665]),/* "id-ppl-inheritAll" */ &(nid_objs[267]),/* "id-qcs" */ &(nid_objs[359]),/* "id-qcs-pkixQCSyntax-v1" */ &(nid_objs[259]),/* "id-qt" */ @@ -2372,9 +2372,9 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[194]),/* "id-smime-spq" */ &(nid_objs[250]),/* "id-smime-spq-ets-sqt-unotice" */ &(nid_objs[249]),/* "id-smime-spq-ets-sqt-uri" */ -&(nid_objs[662]),/* "identified-organization" */ +&(nid_objs[676]),/* "identified-organization" */ &(nid_objs[461]),/* "info" */ -&(nid_objs[739]),/* "inhibitAnyPolicy" */ +&(nid_objs[748]),/* "inhibitAnyPolicy" */ &(nid_objs[101]),/* "initials" */ &(nid_objs[647]),/* "international-organizations" */ &(nid_objs[142]),/* "invalidityDate" */ @@ -2409,7 +2409,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[649]),/* "msUPN" */ &(nid_objs[481]),/* "nSRecord" */ &(nid_objs[173]),/* "name" */ -&(nid_objs[736]),/* "nameConstraints" */ +&(nid_objs[666]),/* "nameConstraints" */ &(nid_objs[369]),/* "noCheck" */ &(nid_objs[403]),/* "noRevAvail" */ &(nid_objs[72]),/* "nsBaseUrl" */ @@ -2424,7 +2424,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[73]),/* "nsRevocationUrl" */ &(nid_objs[139]),/* "nsSGC" */ &(nid_objs[77]),/* "nsSslServerName" */ -&(nid_objs[667]),/* "onBasis" */ +&(nid_objs[681]),/* "onBasis" */ &(nid_objs[491]),/* "organizationalStatus" */ &(nid_objs[475]),/* "otherMailbox" */ &(nid_objs[489]),/* "pagerTelephoneNumber" */ @@ -2457,9 +2457,9 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[151]),/* "pkcs8ShroudedKeyBag" */ &(nid_objs[47]),/* "pkcs9" */ &(nid_objs[401]),/* "policyConstraints" */ -&(nid_objs[738]),/* "policyMappings" */ +&(nid_objs[747]),/* "policyMappings" */ &(nid_objs[661]),/* "postalCode" */ -&(nid_objs[669]),/* "ppBasis" */ +&(nid_objs[683]),/* "ppBasis" */ &(nid_objs[406]),/* "prime-field" */ &(nid_objs[409]),/* "prime192v1" */ &(nid_objs[410]),/* "prime192v2" */ @@ -2470,7 +2470,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[415]),/* "prime256v1" */ &(nid_objs[385]),/* "private" */ &(nid_objs[84]),/* "privateKeyUsagePeriod" */ -&(nid_objs[747]),/* "proxyCertInfo" */ +&(nid_objs[663]),/* "proxyCertInfo" */ &(nid_objs[510]),/* "pseudonym" */ &(nid_objs[435]),/* "pss" */ &(nid_objs[286]),/* "qcStatements" */ @@ -2489,39 +2489,39 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[290]),/* "sbqp-ipAddrBlock" */ &(nid_objs[292]),/* "sbqp-routerIdentifier" */ &(nid_objs[159]),/* "sdsiCertificate" */ -&(nid_objs[690]),/* "secp112r1" */ -&(nid_objs[691]),/* "secp112r2" */ -&(nid_objs[692]),/* "secp128r1" */ -&(nid_objs[693]),/* "secp128r2" */ -&(nid_objs[694]),/* "secp160k1" */ -&(nid_objs[695]),/* "secp160r1" */ -&(nid_objs[696]),/* "secp160r2" */ -&(nid_objs[697]),/* "secp192k1" */ -&(nid_objs[698]),/* "secp224k1" */ -&(nid_objs[699]),/* "secp224r1" */ -&(nid_objs[700]),/* "secp256k1" */ -&(nid_objs[701]),/* "secp384r1" */ -&(nid_objs[702]),/* "secp521r1" */ +&(nid_objs[704]),/* "secp112r1" */ +&(nid_objs[705]),/* "secp112r2" */ +&(nid_objs[706]),/* "secp128r1" */ +&(nid_objs[707]),/* "secp128r2" */ +&(nid_objs[708]),/* "secp160k1" */ +&(nid_objs[709]),/* "secp160r1" */ +&(nid_objs[710]),/* "secp160r2" */ +&(nid_objs[711]),/* "secp192k1" */ +&(nid_objs[712]),/* "secp224k1" */ +&(nid_objs[713]),/* "secp224r1" */ +&(nid_objs[714]),/* "secp256k1" */ +&(nid_objs[715]),/* "secp384r1" */ +&(nid_objs[716]),/* "secp521r1" */ &(nid_objs[154]),/* "secretBag" */ &(nid_objs[474]),/* "secretary" */ -&(nid_objs[703]),/* "sect113r1" */ -&(nid_objs[704]),/* "sect113r2" */ -&(nid_objs[705]),/* "sect131r1" */ -&(nid_objs[706]),/* "sect131r2" */ -&(nid_objs[707]),/* "sect163k1" */ -&(nid_objs[708]),/* "sect163r1" */ -&(nid_objs[709]),/* "sect163r2" */ -&(nid_objs[710]),/* "sect193r1" */ -&(nid_objs[711]),/* "sect193r2" */ -&(nid_objs[712]),/* "sect233k1" */ -&(nid_objs[713]),/* "sect233r1" */ -&(nid_objs[714]),/* "sect239k1" */ -&(nid_objs[715]),/* "sect283k1" */ -&(nid_objs[716]),/* "sect283r1" */ -&(nid_objs[717]),/* "sect409k1" */ -&(nid_objs[718]),/* "sect409r1" */ -&(nid_objs[719]),/* "sect571k1" */ -&(nid_objs[720]),/* "sect571r1" */ +&(nid_objs[717]),/* "sect113r1" */ +&(nid_objs[718]),/* "sect113r2" */ +&(nid_objs[719]),/* "sect131r1" */ +&(nid_objs[720]),/* "sect131r2" */ +&(nid_objs[721]),/* "sect163k1" */ +&(nid_objs[722]),/* "sect163r1" */ +&(nid_objs[723]),/* "sect163r2" */ +&(nid_objs[724]),/* "sect193r1" */ +&(nid_objs[725]),/* "sect193r2" */ +&(nid_objs[726]),/* "sect233k1" */ +&(nid_objs[727]),/* "sect233r1" */ +&(nid_objs[728]),/* "sect239k1" */ +&(nid_objs[729]),/* "sect283k1" */ +&(nid_objs[730]),/* "sect283r1" */ +&(nid_objs[731]),/* "sect409k1" */ +&(nid_objs[732]),/* "sect409r1" */ +&(nid_objs[733]),/* "sect571k1" */ +&(nid_objs[734]),/* "sect571r1" */ &(nid_objs[386]),/* "security" */ &(nid_objs[394]),/* "selected-attribute-types" */ &(nid_objs[105]),/* "serialNumber" */ @@ -2672,26 +2672,26 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[293]),/* "textNotice" */ &(nid_objs[133]),/* "timeStamping" */ &(nid_objs[106]),/* "title" */ -&(nid_objs[668]),/* "tpBasis" */ +&(nid_objs[682]),/* "tpBasis" */ &(nid_objs[375]),/* "trustRoot" */ &(nid_objs[436]),/* "ucl" */ &(nid_objs[55]),/* "unstructuredAddress" */ &(nid_objs[49]),/* "unstructuredName" */ &(nid_objs[465]),/* "userClass" */ &(nid_objs[373]),/* "valid" */ -&(nid_objs[664]),/* "wap" */ -&(nid_objs[665]),/* "wap-wsg" */ -&(nid_objs[721]),/* "wap-wsg-idm-ecid-wtls1" */ -&(nid_objs[729]),/* "wap-wsg-idm-ecid-wtls10" */ -&(nid_objs[730]),/* "wap-wsg-idm-ecid-wtls11" */ -&(nid_objs[731]),/* "wap-wsg-idm-ecid-wtls12" */ -&(nid_objs[722]),/* "wap-wsg-idm-ecid-wtls3" */ -&(nid_objs[723]),/* "wap-wsg-idm-ecid-wtls4" */ -&(nid_objs[724]),/* "wap-wsg-idm-ecid-wtls5" */ -&(nid_objs[725]),/* "wap-wsg-idm-ecid-wtls6" */ -&(nid_objs[726]),/* "wap-wsg-idm-ecid-wtls7" */ -&(nid_objs[727]),/* "wap-wsg-idm-ecid-wtls8" */ -&(nid_objs[728]),/* "wap-wsg-idm-ecid-wtls9" */ +&(nid_objs[678]),/* "wap" */ +&(nid_objs[679]),/* "wap-wsg" */ +&(nid_objs[735]),/* "wap-wsg-idm-ecid-wtls1" */ +&(nid_objs[743]),/* "wap-wsg-idm-ecid-wtls10" */ +&(nid_objs[744]),/* "wap-wsg-idm-ecid-wtls11" */ +&(nid_objs[745]),/* "wap-wsg-idm-ecid-wtls12" */ +&(nid_objs[736]),/* "wap-wsg-idm-ecid-wtls3" */ +&(nid_objs[737]),/* "wap-wsg-idm-ecid-wtls4" */ +&(nid_objs[738]),/* "wap-wsg-idm-ecid-wtls5" */ +&(nid_objs[739]),/* "wap-wsg-idm-ecid-wtls6" */ +&(nid_objs[740]),/* "wap-wsg-idm-ecid-wtls7" */ +&(nid_objs[741]),/* "wap-wsg-idm-ecid-wtls8" */ +&(nid_objs[742]),/* "wap-wsg-idm-ecid-wtls9" */ &(nid_objs[503]),/* "x500UniqueIdentifier" */ &(nid_objs[158]),/* "x509Certificate" */ &(nid_objs[160]),/* "x509Crl" */ @@ -2701,7 +2701,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[363]),/* "AD Time Stamping" */ &(nid_objs[405]),/* "ANSI X9.62" */ &(nid_objs[368]),/* "Acceptable OCSP Responses" */ -&(nid_objs[748]),/* "Any language" */ +&(nid_objs[664]),/* "Any language" */ &(nid_objs[177]),/* "Authority Information Access" */ &(nid_objs[365]),/* "Basic OCSP Response" */ &(nid_objs[285]),/* "Biometric Info" */ @@ -2724,8 +2724,8 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[296]),/* "IPSec User" */ &(nid_objs[182]),/* "ISO Member Body" */ &(nid_objs[183]),/* "ISO US Member Body" */ -&(nid_objs[750]),/* "Independent" */ -&(nid_objs[749]),/* "Inherit all" */ +&(nid_objs[667]),/* "Independent" */ +&(nid_objs[665]),/* "Inherit all" */ &(nid_objs[647]),/* "International Organizations" */ &(nid_objs[142]),/* "Invalidity Date" */ &(nid_objs[504]),/* "MIME MHS" */ @@ -2769,7 +2769,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[164]),/* "Policy Qualifier CPS" */ &(nid_objs[165]),/* "Policy Qualifier User Notice" */ &(nid_objs[385]),/* "Private" */ -&(nid_objs[747]),/* "Proxy Certificate Information" */ +&(nid_objs[663]),/* "Proxy Certificate Information" */ &(nid_objs[ 1]),/* "RSA Data Security, Inc." */ &(nid_objs[ 2]),/* "RSA Data Security, Inc. PKCS" */ &(nid_objs[188]),/* "S/MIME" */ @@ -2786,7 +2786,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[375]),/* "Trust Root" */ &(nid_objs[12]),/* "X509" */ &(nid_objs[402]),/* "X509v3 AC Targeting" */ -&(nid_objs[737]),/* "X509v3 Any Policy" */ +&(nid_objs[746]),/* "X509v3 Any Policy" */ &(nid_objs[90]),/* "X509v3 Authority Key Identifier" */ &(nid_objs[87]),/* "X509v3 Basic Constraints" */ &(nid_objs[103]),/* "X509v3 CRL Distribution Points" */ @@ -2795,13 +2795,13 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[89]),/* "X509v3 Certificate Policies" */ &(nid_objs[140]),/* "X509v3 Delta CRL Indicator" */ &(nid_objs[126]),/* "X509v3 Extended Key Usage" */ -&(nid_objs[739]),/* "X509v3 Inhibit Any Policy" */ +&(nid_objs[748]),/* "X509v3 Inhibit Any Policy" */ &(nid_objs[86]),/* "X509v3 Issuer Alternative Name" */ &(nid_objs[83]),/* "X509v3 Key Usage" */ -&(nid_objs[736]),/* "X509v3 Name Constraints" */ +&(nid_objs[666]),/* "X509v3 Name Constraints" */ &(nid_objs[403]),/* "X509v3 No Revocation Available" */ &(nid_objs[401]),/* "X509v3 Policy Constraints" */ -&(nid_objs[738]),/* "X509v3 Policy Mappings" */ +&(nid_objs[747]),/* "X509v3 Policy Mappings" */ &(nid_objs[84]),/* "X509v3 Private Key Usage Period" */ &(nid_objs[85]),/* "X509v3 Subject Alternative Name" */ &(nid_objs[82]),/* "X509v3 Subject Key Identifier" */ @@ -2842,26 +2842,26 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[92]),/* "bf-ecb" */ &(nid_objs[94]),/* "bf-ofb" */ &(nid_objs[494]),/* "buildingName" */ -&(nid_objs[677]),/* "c2onb191v4" */ -&(nid_objs[678]),/* "c2onb191v5" */ -&(nid_objs[683]),/* "c2onb239v4" */ -&(nid_objs[684]),/* "c2onb239v5" */ -&(nid_objs[670]),/* "c2pnb163v1" */ -&(nid_objs[671]),/* "c2pnb163v2" */ -&(nid_objs[672]),/* "c2pnb163v3" */ -&(nid_objs[673]),/* "c2pnb176v1" */ -&(nid_objs[679]),/* "c2pnb208w1" */ -&(nid_objs[685]),/* "c2pnb272w1" */ -&(nid_objs[686]),/* "c2pnb304w1" */ -&(nid_objs[688]),/* "c2pnb368w1" */ -&(nid_objs[674]),/* "c2tnb191v1" */ -&(nid_objs[675]),/* "c2tnb191v2" */ -&(nid_objs[676]),/* "c2tnb191v3" */ -&(nid_objs[680]),/* "c2tnb239v1" */ -&(nid_objs[681]),/* "c2tnb239v2" */ -&(nid_objs[682]),/* "c2tnb239v3" */ -&(nid_objs[687]),/* "c2tnb359v1" */ -&(nid_objs[689]),/* "c2tnb431r1" */ +&(nid_objs[691]),/* "c2onb191v4" */ +&(nid_objs[692]),/* "c2onb191v5" */ +&(nid_objs[697]),/* "c2onb239v4" */ +&(nid_objs[698]),/* "c2onb239v5" */ +&(nid_objs[684]),/* "c2pnb163v1" */ +&(nid_objs[685]),/* "c2pnb163v2" */ +&(nid_objs[686]),/* "c2pnb163v3" */ +&(nid_objs[687]),/* "c2pnb176v1" */ +&(nid_objs[693]),/* "c2pnb208w1" */ +&(nid_objs[699]),/* "c2pnb272w1" */ +&(nid_objs[700]),/* "c2pnb304w1" */ +&(nid_objs[702]),/* "c2pnb368w1" */ +&(nid_objs[688]),/* "c2tnb191v1" */ +&(nid_objs[689]),/* "c2tnb191v2" */ +&(nid_objs[690]),/* "c2tnb191v3" */ +&(nid_objs[694]),/* "c2tnb239v1" */ +&(nid_objs[695]),/* "c2tnb239v2" */ +&(nid_objs[696]),/* "c2tnb239v3" */ +&(nid_objs[701]),/* "c2tnb359v1" */ +&(nid_objs[703]),/* "c2tnb431r1" */ &(nid_objs[483]),/* "cNAMERecord" */ &(nid_objs[443]),/* "caseIgnoreIA5StringSyntax" */ &(nid_objs[108]),/* "cast5-cbc" */ @@ -2869,7 +2869,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[109]),/* "cast5-ecb" */ &(nid_objs[111]),/* "cast5-ofb" */ &(nid_objs[152]),/* "certBag" */ -&(nid_objs[663]),/* "certicom-arc" */ +&(nid_objs[677]),/* "certicom-arc" */ &(nid_objs[517]),/* "certificate extensions" */ &(nid_objs[54]),/* "challengePassword" */ &(nid_objs[407]),/* "characteristic-two-field" */ @@ -2962,7 +2962,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[362]),/* "id-cct-PKIResponse" */ &(nid_objs[360]),/* "id-cct-crs" */ &(nid_objs[81]),/* "id-ce" */ -&(nid_objs[666]),/* "id-characteristic-two-basis" */ +&(nid_objs[680]),/* "id-characteristic-two-basis" */ &(nid_objs[263]),/* "id-cmc" */ &(nid_objs[334]),/* "id-cmc-addExtensions" */ &(nid_objs[346]),/* "id-cmc-confirmCertAcceptance" */ @@ -3031,7 +3031,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[271]),/* "id-pkix1-explicit-93" */ &(nid_objs[270]),/* "id-pkix1-implicit-88" */ &(nid_objs[272]),/* "id-pkix1-implicit-93" */ -&(nid_objs[746]),/* "id-ppl" */ +&(nid_objs[662]),/* "id-ppl" */ &(nid_objs[267]),/* "id-qcs" */ &(nid_objs[359]),/* "id-qcs-pkixQCSyntax-v1" */ &(nid_objs[259]),/* "id-qt" */ @@ -3117,11 +3117,11 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[35]),/* "idea-cfb" */ &(nid_objs[36]),/* "idea-ecb" */ &(nid_objs[46]),/* "idea-ofb" */ -&(nid_objs[662]),/* "identified-organization" */ +&(nid_objs[676]),/* "identified-organization" */ &(nid_objs[461]),/* "info" */ &(nid_objs[101]),/* "initials" */ -&(nid_objs[744]),/* "ipsec3" */ -&(nid_objs[745]),/* "ipsec4" */ +&(nid_objs[749]),/* "ipsec3" */ +&(nid_objs[750]),/* "ipsec4" */ &(nid_objs[181]),/* "iso" */ &(nid_objs[623]),/* "issuer capabilities" */ &(nid_objs[645]),/* "itu-t" */ @@ -3153,7 +3153,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[488]),/* "mobileTelephoneNumber" */ &(nid_objs[481]),/* "nSRecord" */ &(nid_objs[173]),/* "name" */ -&(nid_objs[667]),/* "onBasis" */ +&(nid_objs[681]),/* "onBasis" */ &(nid_objs[379]),/* "org" */ &(nid_objs[17]),/* "organizationName" */ &(nid_objs[491]),/* "organizationalStatus" */ @@ -3201,7 +3201,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[151]),/* "pkcs8ShroudedKeyBag" */ &(nid_objs[47]),/* "pkcs9" */ &(nid_objs[661]),/* "postalCode" */ -&(nid_objs[669]),/* "ppBasis" */ +&(nid_objs[683]),/* "ppBasis" */ &(nid_objs[406]),/* "prime-field" */ &(nid_objs[409]),/* "prime192v1" */ &(nid_objs[410]),/* "prime192v2" */ @@ -3244,39 +3244,39 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[290]),/* "sbqp-ipAddrBlock" */ &(nid_objs[292]),/* "sbqp-routerIdentifier" */ &(nid_objs[159]),/* "sdsiCertificate" */ -&(nid_objs[690]),/* "secp112r1" */ -&(nid_objs[691]),/* "secp112r2" */ -&(nid_objs[692]),/* "secp128r1" */ -&(nid_objs[693]),/* "secp128r2" */ -&(nid_objs[694]),/* "secp160k1" */ -&(nid_objs[695]),/* "secp160r1" */ -&(nid_objs[696]),/* "secp160r2" */ -&(nid_objs[697]),/* "secp192k1" */ -&(nid_objs[698]),/* "secp224k1" */ -&(nid_objs[699]),/* "secp224r1" */ -&(nid_objs[700]),/* "secp256k1" */ -&(nid_objs[701]),/* "secp384r1" */ -&(nid_objs[702]),/* "secp521r1" */ +&(nid_objs[704]),/* "secp112r1" */ +&(nid_objs[705]),/* "secp112r2" */ +&(nid_objs[706]),/* "secp128r1" */ +&(nid_objs[707]),/* "secp128r2" */ +&(nid_objs[708]),/* "secp160k1" */ +&(nid_objs[709]),/* "secp160r1" */ +&(nid_objs[710]),/* "secp160r2" */ +&(nid_objs[711]),/* "secp192k1" */ +&(nid_objs[712]),/* "secp224k1" */ +&(nid_objs[713]),/* "secp224r1" */ +&(nid_objs[714]),/* "secp256k1" */ +&(nid_objs[715]),/* "secp384r1" */ +&(nid_objs[716]),/* "secp521r1" */ &(nid_objs[154]),/* "secretBag" */ &(nid_objs[474]),/* "secretary" */ -&(nid_objs[703]),/* "sect113r1" */ -&(nid_objs[704]),/* "sect113r2" */ -&(nid_objs[705]),/* "sect131r1" */ -&(nid_objs[706]),/* "sect131r2" */ -&(nid_objs[707]),/* "sect163k1" */ -&(nid_objs[708]),/* "sect163r1" */ -&(nid_objs[709]),/* "sect163r2" */ -&(nid_objs[710]),/* "sect193r1" */ -&(nid_objs[711]),/* "sect193r2" */ -&(nid_objs[712]),/* "sect233k1" */ -&(nid_objs[713]),/* "sect233r1" */ -&(nid_objs[714]),/* "sect239k1" */ -&(nid_objs[715]),/* "sect283k1" */ -&(nid_objs[716]),/* "sect283r1" */ -&(nid_objs[717]),/* "sect409k1" */ -&(nid_objs[718]),/* "sect409r1" */ -&(nid_objs[719]),/* "sect571k1" */ -&(nid_objs[720]),/* "sect571r1" */ +&(nid_objs[717]),/* "sect113r1" */ +&(nid_objs[718]),/* "sect113r2" */ +&(nid_objs[719]),/* "sect131r1" */ +&(nid_objs[720]),/* "sect131r2" */ +&(nid_objs[721]),/* "sect163k1" */ +&(nid_objs[722]),/* "sect163r1" */ +&(nid_objs[723]),/* "sect163r2" */ +&(nid_objs[724]),/* "sect193r1" */ +&(nid_objs[725]),/* "sect193r2" */ +&(nid_objs[726]),/* "sect233k1" */ +&(nid_objs[727]),/* "sect233r1" */ +&(nid_objs[728]),/* "sect239k1" */ +&(nid_objs[729]),/* "sect283k1" */ +&(nid_objs[730]),/* "sect283r1" */ +&(nid_objs[731]),/* "sect409k1" */ +&(nid_objs[732]),/* "sect409r1" */ +&(nid_objs[733]),/* "sect571k1" */ +&(nid_objs[734]),/* "sect571r1" */ &(nid_objs[635]),/* "secure device signature" */ &(nid_objs[105]),/* "serialNumber" */ &(nid_objs[625]),/* "set-addPolicy" */ @@ -3400,14 +3400,14 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[64]),/* "sha1" */ &(nid_objs[115]),/* "sha1WithRSA" */ &(nid_objs[65]),/* "sha1WithRSAEncryption" */ -&(nid_objs[743]),/* "sha224" */ -&(nid_objs[735]),/* "sha224WithRSAEncryption" */ -&(nid_objs[740]),/* "sha256" */ -&(nid_objs[732]),/* "sha256WithRSAEncryption" */ -&(nid_objs[741]),/* "sha384" */ -&(nid_objs[733]),/* "sha384WithRSAEncryption" */ -&(nid_objs[742]),/* "sha512" */ -&(nid_objs[734]),/* "sha512WithRSAEncryption" */ +&(nid_objs[675]),/* "sha224" */ +&(nid_objs[671]),/* "sha224WithRSAEncryption" */ +&(nid_objs[672]),/* "sha256" */ +&(nid_objs[668]),/* "sha256WithRSAEncryption" */ +&(nid_objs[673]),/* "sha384" */ +&(nid_objs[669]),/* "sha384WithRSAEncryption" */ +&(nid_objs[674]),/* "sha512" */ +&(nid_objs[670]),/* "sha512WithRSAEncryption" */ &(nid_objs[42]),/* "shaWithRSAEncryption" */ &(nid_objs[52]),/* "signingTime" */ &(nid_objs[454]),/* "simpleSecurityObject" */ @@ -3420,7 +3420,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[459]),/* "textEncodedORAddress" */ &(nid_objs[293]),/* "textNotice" */ &(nid_objs[106]),/* "title" */ -&(nid_objs[668]),/* "tpBasis" */ +&(nid_objs[682]),/* "tpBasis" */ &(nid_objs[436]),/* "ucl" */ &(nid_objs[ 0]),/* "undefined" */ &(nid_objs[55]),/* "unstructuredAddress" */ @@ -3428,19 +3428,19 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[465]),/* "userClass" */ &(nid_objs[458]),/* "userId" */ &(nid_objs[373]),/* "valid" */ -&(nid_objs[664]),/* "wap" */ -&(nid_objs[665]),/* "wap-wsg" */ -&(nid_objs[721]),/* "wap-wsg-idm-ecid-wtls1" */ -&(nid_objs[729]),/* "wap-wsg-idm-ecid-wtls10" */ -&(nid_objs[730]),/* "wap-wsg-idm-ecid-wtls11" */ -&(nid_objs[731]),/* "wap-wsg-idm-ecid-wtls12" */ -&(nid_objs[722]),/* "wap-wsg-idm-ecid-wtls3" */ -&(nid_objs[723]),/* "wap-wsg-idm-ecid-wtls4" */ -&(nid_objs[724]),/* "wap-wsg-idm-ecid-wtls5" */ -&(nid_objs[725]),/* "wap-wsg-idm-ecid-wtls6" */ -&(nid_objs[726]),/* "wap-wsg-idm-ecid-wtls7" */ -&(nid_objs[727]),/* "wap-wsg-idm-ecid-wtls8" */ -&(nid_objs[728]),/* "wap-wsg-idm-ecid-wtls9" */ +&(nid_objs[678]),/* "wap" */ +&(nid_objs[679]),/* "wap-wsg" */ +&(nid_objs[735]),/* "wap-wsg-idm-ecid-wtls1" */ +&(nid_objs[743]),/* "wap-wsg-idm-ecid-wtls10" */ +&(nid_objs[744]),/* "wap-wsg-idm-ecid-wtls11" */ +&(nid_objs[745]),/* "wap-wsg-idm-ecid-wtls12" */ +&(nid_objs[736]),/* "wap-wsg-idm-ecid-wtls3" */ +&(nid_objs[737]),/* "wap-wsg-idm-ecid-wtls4" */ +&(nid_objs[738]),/* "wap-wsg-idm-ecid-wtls5" */ +&(nid_objs[739]),/* "wap-wsg-idm-ecid-wtls6" */ +&(nid_objs[740]),/* "wap-wsg-idm-ecid-wtls7" */ +&(nid_objs[741]),/* "wap-wsg-idm-ecid-wtls8" */ +&(nid_objs[742]),/* "wap-wsg-idm-ecid-wtls9" */ &(nid_objs[503]),/* "x500UniqueIdentifier" */ &(nid_objs[158]),/* "x509Certificate" */ &(nid_objs[160]),/* "x509Crl" */ @@ -3456,7 +3456,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[181]),/* OBJ_iso 1 */ &(nid_objs[182]),/* OBJ_member_body 1 2 */ &(nid_objs[379]),/* OBJ_org 1 3 */ -&(nid_objs[662]),/* OBJ_identified_organization 1 3 */ +&(nid_objs[676]),/* OBJ_identified_organization 1 3 */ &(nid_objs[646]),/* OBJ_joint_iso_itu_t 2 */ &(nid_objs[11]),/* OBJ_X500 2 5 */ &(nid_objs[647]),/* OBJ_international_organizations 2 23 */ @@ -3465,11 +3465,11 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[378]),/* OBJ_X500algorithms 2 5 8 */ &(nid_objs[81]),/* OBJ_id_ce 2 5 29 */ &(nid_objs[512]),/* OBJ_id_set 2 23 42 */ -&(nid_objs[664]),/* OBJ_wap 2 23 43 */ +&(nid_objs[678]),/* OBJ_wap 2 23 43 */ &(nid_objs[435]),/* OBJ_pss 0 9 2342 */ &(nid_objs[183]),/* OBJ_ISO_US 1 2 840 */ &(nid_objs[381]),/* OBJ_iana 1 3 6 1 */ -&(nid_objs[663]),/* OBJ_certicom_arc 1 3 132 */ +&(nid_objs[677]),/* OBJ_certicom_arc 1 3 132 */ &(nid_objs[394]),/* OBJ_selected_attribute_types 2 5 1 5 */ &(nid_objs[13]),/* OBJ_commonName 2 5 4 3 */ &(nid_objs[100]),/* OBJ_surname 2 5 4 4 */ @@ -3502,14 +3502,14 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[430]),/* OBJ_hold_instruction_code 2 5 29 23 */ &(nid_objs[142]),/* OBJ_invalidity_date 2 5 29 24 */ &(nid_objs[140]),/* OBJ_delta_crl 2 5 29 27 */ -&(nid_objs[736]),/* OBJ_name_constraints 2 5 29 30 */ +&(nid_objs[666]),/* OBJ_name_constraints 2 5 29 30 */ &(nid_objs[103]),/* OBJ_crl_distribution_points 2 5 29 31 */ &(nid_objs[89]),/* OBJ_certificate_policies 2 5 29 32 */ -&(nid_objs[738]),/* OBJ_policy_mappings 2 5 29 33 */ +&(nid_objs[747]),/* OBJ_policy_mappings 2 5 29 33 */ &(nid_objs[90]),/* OBJ_authority_key_identifier 2 5 29 35 */ &(nid_objs[401]),/* OBJ_policy_constraints 2 5 29 36 */ &(nid_objs[126]),/* OBJ_ext_key_usage 2 5 29 37 */ -&(nid_objs[739]),/* OBJ_inhibit_any_policy 2 5 29 54 */ +&(nid_objs[748]),/* OBJ_inhibit_any_policy 2 5 29 54 */ &(nid_objs[402]),/* OBJ_target_information 2 5 29 55 */ &(nid_objs[403]),/* OBJ_no_rev_avail 2 5 29 56 */ &(nid_objs[513]),/* OBJ_set_ctype 2 23 42 0 */ @@ -3518,7 +3518,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[516]),/* OBJ_set_policy 2 23 42 5 */ &(nid_objs[517]),/* OBJ_set_certExt 2 23 42 7 */ &(nid_objs[518]),/* OBJ_set_brand 2 23 42 8 */ -&(nid_objs[665]),/* OBJ_wap_wsg 2 23 43 13 */ +&(nid_objs[679]),/* OBJ_wap_wsg 2 23 43 13 */ &(nid_objs[382]),/* OBJ_Directory 1 3 6 1 1 */ &(nid_objs[383]),/* OBJ_Management 1 3 6 1 2 */ &(nid_objs[384]),/* OBJ_Experimental 1 3 6 1 3 */ @@ -3531,7 +3531,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[19]),/* OBJ_rsa 2 5 8 1 1 */ &(nid_objs[96]),/* OBJ_mdc2WithRSA 2 5 8 3 100 */ &(nid_objs[95]),/* OBJ_mdc2 2 5 8 3 101 */ -&(nid_objs[737]),/* OBJ_any_policy 2 5 29 32 0 */ +&(nid_objs[746]),/* OBJ_any_policy 2 5 29 32 0 */ &(nid_objs[519]),/* OBJ_setct_PANData 2 23 42 0 0 */ &(nid_objs[520]),/* OBJ_setct_PANToken 2 23 42 0 1 */ &(nid_objs[521]),/* OBJ_setct_PANOnly 2 23 42 0 2 */ @@ -3663,37 +3663,37 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[115]),/* OBJ_sha1WithRSA 1 3 14 3 2 29 */ &(nid_objs[117]),/* OBJ_ripemd160 1 3 36 3 2 1 */ &(nid_objs[143]),/* OBJ_sxnet 1 3 101 1 4 1 */ -&(nid_objs[707]),/* OBJ_sect163k1 1 3 132 0 1 */ -&(nid_objs[708]),/* OBJ_sect163r1 1 3 132 0 2 */ -&(nid_objs[714]),/* OBJ_sect239k1 1 3 132 0 3 */ -&(nid_objs[703]),/* OBJ_sect113r1 1 3 132 0 4 */ -&(nid_objs[704]),/* OBJ_sect113r2 1 3 132 0 5 */ -&(nid_objs[690]),/* OBJ_secp112r1 1 3 132 0 6 */ -&(nid_objs[691]),/* OBJ_secp112r2 1 3 132 0 7 */ -&(nid_objs[695]),/* OBJ_secp160r1 1 3 132 0 8 */ -&(nid_objs[694]),/* OBJ_secp160k1 1 3 132 0 9 */ -&(nid_objs[700]),/* OBJ_secp256k1 1 3 132 0 10 */ -&(nid_objs[709]),/* OBJ_sect163r2 1 3 132 0 15 */ -&(nid_objs[715]),/* OBJ_sect283k1 1 3 132 0 16 */ -&(nid_objs[716]),/* OBJ_sect283r1 1 3 132 0 17 */ -&(nid_objs[705]),/* OBJ_sect131r1 1 3 132 0 22 */ -&(nid_objs[706]),/* OBJ_sect131r2 1 3 132 0 23 */ -&(nid_objs[710]),/* OBJ_sect193r1 1 3 132 0 24 */ -&(nid_objs[711]),/* OBJ_sect193r2 1 3 132 0 25 */ -&(nid_objs[712]),/* OBJ_sect233k1 1 3 132 0 26 */ -&(nid_objs[713]),/* OBJ_sect233r1 1 3 132 0 27 */ -&(nid_objs[692]),/* OBJ_secp128r1 1 3 132 0 28 */ -&(nid_objs[693]),/* OBJ_secp128r2 1 3 132 0 29 */ -&(nid_objs[696]),/* OBJ_secp160r2 1 3 132 0 30 */ -&(nid_objs[697]),/* OBJ_secp192k1 1 3 132 0 31 */ -&(nid_objs[698]),/* OBJ_secp224k1 1 3 132 0 32 */ -&(nid_objs[699]),/* OBJ_secp224r1 1 3 132 0 33 */ -&(nid_objs[701]),/* OBJ_secp384r1 1 3 132 0 34 */ -&(nid_objs[702]),/* OBJ_secp521r1 1 3 132 0 35 */ -&(nid_objs[717]),/* OBJ_sect409k1 1 3 132 0 36 */ -&(nid_objs[718]),/* OBJ_sect409r1 1 3 132 0 37 */ -&(nid_objs[719]),/* OBJ_sect571k1 1 3 132 0 38 */ -&(nid_objs[720]),/* OBJ_sect571r1 1 3 132 0 39 */ +&(nid_objs[721]),/* OBJ_sect163k1 1 3 132 0 1 */ +&(nid_objs[722]),/* OBJ_sect163r1 1 3 132 0 2 */ +&(nid_objs[728]),/* OBJ_sect239k1 1 3 132 0 3 */ +&(nid_objs[717]),/* OBJ_sect113r1 1 3 132 0 4 */ +&(nid_objs[718]),/* OBJ_sect113r2 1 3 132 0 5 */ +&(nid_objs[704]),/* OBJ_secp112r1 1 3 132 0 6 */ +&(nid_objs[705]),/* OBJ_secp112r2 1 3 132 0 7 */ +&(nid_objs[709]),/* OBJ_secp160r1 1 3 132 0 8 */ +&(nid_objs[708]),/* OBJ_secp160k1 1 3 132 0 9 */ +&(nid_objs[714]),/* OBJ_secp256k1 1 3 132 0 10 */ +&(nid_objs[723]),/* OBJ_sect163r2 1 3 132 0 15 */ +&(nid_objs[729]),/* OBJ_sect283k1 1 3 132 0 16 */ +&(nid_objs[730]),/* OBJ_sect283r1 1 3 132 0 17 */ +&(nid_objs[719]),/* OBJ_sect131r1 1 3 132 0 22 */ +&(nid_objs[720]),/* OBJ_sect131r2 1 3 132 0 23 */ +&(nid_objs[724]),/* OBJ_sect193r1 1 3 132 0 24 */ +&(nid_objs[725]),/* OBJ_sect193r2 1 3 132 0 25 */ +&(nid_objs[726]),/* OBJ_sect233k1 1 3 132 0 26 */ +&(nid_objs[727]),/* OBJ_sect233r1 1 3 132 0 27 */ +&(nid_objs[706]),/* OBJ_secp128r1 1 3 132 0 28 */ +&(nid_objs[707]),/* OBJ_secp128r2 1 3 132 0 29 */ +&(nid_objs[710]),/* OBJ_secp160r2 1 3 132 0 30 */ +&(nid_objs[711]),/* OBJ_secp192k1 1 3 132 0 31 */ +&(nid_objs[712]),/* OBJ_secp224k1 1 3 132 0 32 */ +&(nid_objs[713]),/* OBJ_secp224r1 1 3 132 0 33 */ +&(nid_objs[715]),/* OBJ_secp384r1 1 3 132 0 34 */ +&(nid_objs[716]),/* OBJ_secp521r1 1 3 132 0 35 */ +&(nid_objs[731]),/* OBJ_sect409k1 1 3 132 0 36 */ +&(nid_objs[732]),/* OBJ_sect409r1 1 3 132 0 37 */ +&(nid_objs[733]),/* OBJ_sect571k1 1 3 132 0 38 */ +&(nid_objs[734]),/* OBJ_sect571r1 1 3 132 0 39 */ &(nid_objs[624]),/* OBJ_set_rootKeyThumb 2 23 42 3 0 0 */ &(nid_objs[625]),/* OBJ_set_addPolicy 2 23 42 3 0 1 */ &(nid_objs[626]),/* OBJ_setAttr_Token_EMV 2 23 42 3 2 1 */ @@ -3702,17 +3702,17 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[629]),/* OBJ_setAttr_IssCap_T2 2 23 42 3 3 4 */ &(nid_objs[630]),/* OBJ_setAttr_IssCap_Sig 2 23 42 3 3 5 */ &(nid_objs[642]),/* OBJ_set_brand_Novus 2 23 42 8 6011 */ -&(nid_objs[721]),/* OBJ_wap_wsg_idm_ecid_wtls1 2 23 43 13 4 1 */ -&(nid_objs[722]),/* OBJ_wap_wsg_idm_ecid_wtls3 2 23 43 13 4 3 */ -&(nid_objs[723]),/* OBJ_wap_wsg_idm_ecid_wtls4 2 23 43 13 4 4 */ -&(nid_objs[724]),/* OBJ_wap_wsg_idm_ecid_wtls5 2 23 43 13 4 5 */ -&(nid_objs[725]),/* OBJ_wap_wsg_idm_ecid_wtls6 2 23 43 13 4 6 */ -&(nid_objs[726]),/* OBJ_wap_wsg_idm_ecid_wtls7 2 23 43 13 4 7 */ -&(nid_objs[727]),/* OBJ_wap_wsg_idm_ecid_wtls8 2 23 43 13 4 8 */ -&(nid_objs[728]),/* OBJ_wap_wsg_idm_ecid_wtls9 2 23 43 13 4 9 */ -&(nid_objs[729]),/* OBJ_wap_wsg_idm_ecid_wtls10 2 23 43 13 4 10 */ -&(nid_objs[730]),/* OBJ_wap_wsg_idm_ecid_wtls11 2 23 43 13 4 11 */ -&(nid_objs[731]),/* OBJ_wap_wsg_idm_ecid_wtls12 2 23 43 13 4 12 */ +&(nid_objs[735]),/* OBJ_wap_wsg_idm_ecid_wtls1 2 23 43 13 4 1 */ +&(nid_objs[736]),/* OBJ_wap_wsg_idm_ecid_wtls3 2 23 43 13 4 3 */ +&(nid_objs[737]),/* OBJ_wap_wsg_idm_ecid_wtls4 2 23 43 13 4 4 */ +&(nid_objs[738]),/* OBJ_wap_wsg_idm_ecid_wtls5 2 23 43 13 4 5 */ +&(nid_objs[739]),/* OBJ_wap_wsg_idm_ecid_wtls6 2 23 43 13 4 6 */ +&(nid_objs[740]),/* OBJ_wap_wsg_idm_ecid_wtls7 2 23 43 13 4 7 */ +&(nid_objs[741]),/* OBJ_wap_wsg_idm_ecid_wtls8 2 23 43 13 4 8 */ +&(nid_objs[742]),/* OBJ_wap_wsg_idm_ecid_wtls9 2 23 43 13 4 9 */ +&(nid_objs[743]),/* OBJ_wap_wsg_idm_ecid_wtls10 2 23 43 13 4 10 */ +&(nid_objs[744]),/* OBJ_wap_wsg_idm_ecid_wtls11 2 23 43 13 4 11 */ +&(nid_objs[745]),/* OBJ_wap_wsg_idm_ecid_wtls12 2 23 43 13 4 12 */ &(nid_objs[124]),/* OBJ_rle_compression 1 1 1 1 666 1 */ &(nid_objs[125]),/* OBJ_zlib_compression 1 1 1 1 666 2 */ &(nid_objs[ 1]),/* OBJ_rsadsi 1 2 840 113549 */ @@ -3750,7 +3750,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[266]),/* OBJ_id_aca 1 3 6 1 5 5 7 10 */ &(nid_objs[267]),/* OBJ_id_qcs 1 3 6 1 5 5 7 11 */ &(nid_objs[268]),/* OBJ_id_cct 1 3 6 1 5 5 7 12 */ -&(nid_objs[746]),/* OBJ_id_ppl 1 3 6 1 5 5 7 21 */ +&(nid_objs[662]),/* OBJ_id_ppl 1 3 6 1 5 5 7 21 */ &(nid_objs[176]),/* OBJ_id_ad 1 3 6 1 5 5 7 48 */ &(nid_objs[507]),/* OBJ_id_hex_partial_message 1 3 6 1 7 1 1 1 */ &(nid_objs[508]),/* OBJ_id_hex_multipart_message 1 3 6 1 7 1 1 2 */ @@ -3770,27 +3770,27 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[44]),/* OBJ_des_ede3_cbc 1 2 840 113549 3 7 */ &(nid_objs[120]),/* OBJ_rc5_cbc 1 2 840 113549 3 8 */ &(nid_objs[643]),/* OBJ_des_cdmf 1 2 840 113549 3 10 */ -&(nid_objs[666]),/* OBJ_X9_62_id_characteristic_two_basis 1 2 840 10045 1 2 3 */ -&(nid_objs[670]),/* OBJ_X9_62_c2pnb163v1 1 2 840 10045 3 0 1 */ -&(nid_objs[671]),/* OBJ_X9_62_c2pnb163v2 1 2 840 10045 3 0 2 */ -&(nid_objs[672]),/* OBJ_X9_62_c2pnb163v3 1 2 840 10045 3 0 3 */ -&(nid_objs[673]),/* OBJ_X9_62_c2pnb176v1 1 2 840 10045 3 0 4 */ -&(nid_objs[674]),/* OBJ_X9_62_c2tnb191v1 1 2 840 10045 3 0 5 */ -&(nid_objs[675]),/* OBJ_X9_62_c2tnb191v2 1 2 840 10045 3 0 6 */ -&(nid_objs[676]),/* OBJ_X9_62_c2tnb191v3 1 2 840 10045 3 0 7 */ -&(nid_objs[677]),/* OBJ_X9_62_c2onb191v4 1 2 840 10045 3 0 8 */ -&(nid_objs[678]),/* OBJ_X9_62_c2onb191v5 1 2 840 10045 3 0 9 */ -&(nid_objs[679]),/* OBJ_X9_62_c2pnb208w1 1 2 840 10045 3 0 10 */ -&(nid_objs[680]),/* OBJ_X9_62_c2tnb239v1 1 2 840 10045 3 0 11 */ -&(nid_objs[681]),/* OBJ_X9_62_c2tnb239v2 1 2 840 10045 3 0 12 */ -&(nid_objs[682]),/* OBJ_X9_62_c2tnb239v3 1 2 840 10045 3 0 13 */ -&(nid_objs[683]),/* OBJ_X9_62_c2onb239v4 1 2 840 10045 3 0 14 */ -&(nid_objs[684]),/* OBJ_X9_62_c2onb239v5 1 2 840 10045 3 0 15 */ -&(nid_objs[685]),/* OBJ_X9_62_c2pnb272w1 1 2 840 10045 3 0 16 */ -&(nid_objs[686]),/* OBJ_X9_62_c2pnb304w1 1 2 840 10045 3 0 17 */ -&(nid_objs[687]),/* OBJ_X9_62_c2tnb359v1 1 2 840 10045 3 0 18 */ -&(nid_objs[688]),/* OBJ_X9_62_c2pnb368w1 1 2 840 10045 3 0 19 */ -&(nid_objs[689]),/* OBJ_X9_62_c2tnb431r1 1 2 840 10045 3 0 20 */ +&(nid_objs[680]),/* OBJ_X9_62_id_characteristic_two_basis 1 2 840 10045 1 2 3 */ +&(nid_objs[684]),/* OBJ_X9_62_c2pnb163v1 1 2 840 10045 3 0 1 */ +&(nid_objs[685]),/* OBJ_X9_62_c2pnb163v2 1 2 840 10045 3 0 2 */ +&(nid_objs[686]),/* OBJ_X9_62_c2pnb163v3 1 2 840 10045 3 0 3 */ +&(nid_objs[687]),/* OBJ_X9_62_c2pnb176v1 1 2 840 10045 3 0 4 */ +&(nid_objs[688]),/* OBJ_X9_62_c2tnb191v1 1 2 840 10045 3 0 5 */ +&(nid_objs[689]),/* OBJ_X9_62_c2tnb191v2 1 2 840 10045 3 0 6 */ +&(nid_objs[690]),/* OBJ_X9_62_c2tnb191v3 1 2 840 10045 3 0 7 */ +&(nid_objs[691]),/* OBJ_X9_62_c2onb191v4 1 2 840 10045 3 0 8 */ +&(nid_objs[692]),/* OBJ_X9_62_c2onb191v5 1 2 840 10045 3 0 9 */ +&(nid_objs[693]),/* OBJ_X9_62_c2pnb208w1 1 2 840 10045 3 0 10 */ +&(nid_objs[694]),/* OBJ_X9_62_c2tnb239v1 1 2 840 10045 3 0 11 */ +&(nid_objs[695]),/* OBJ_X9_62_c2tnb239v2 1 2 840 10045 3 0 12 */ +&(nid_objs[696]),/* OBJ_X9_62_c2tnb239v3 1 2 840 10045 3 0 13 */ +&(nid_objs[697]),/* OBJ_X9_62_c2onb239v4 1 2 840 10045 3 0 14 */ +&(nid_objs[698]),/* OBJ_X9_62_c2onb239v5 1 2 840 10045 3 0 15 */ +&(nid_objs[699]),/* OBJ_X9_62_c2pnb272w1 1 2 840 10045 3 0 16 */ +&(nid_objs[700]),/* OBJ_X9_62_c2pnb304w1 1 2 840 10045 3 0 17 */ +&(nid_objs[701]),/* OBJ_X9_62_c2tnb359v1 1 2 840 10045 3 0 18 */ +&(nid_objs[702]),/* OBJ_X9_62_c2pnb368w1 1 2 840 10045 3 0 19 */ +&(nid_objs[703]),/* OBJ_X9_62_c2tnb431r1 1 2 840 10045 3 0 20 */ &(nid_objs[409]),/* OBJ_X9_62_prime192v1 1 2 840 10045 3 1 1 */ &(nid_objs[410]),/* OBJ_X9_62_prime192v2 1 2 840 10045 3 1 2 */ &(nid_objs[411]),/* OBJ_X9_62_prime192v3 1 2 840 10045 3 1 3 */ @@ -3825,7 +3825,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[292]),/* OBJ_sbqp_routerIdentifier 1 3 6 1 5 5 7 1 9 */ &(nid_objs[397]),/* OBJ_ac_proxying 1 3 6 1 5 5 7 1 10 */ &(nid_objs[398]),/* OBJ_sinfo_access 1 3 6 1 5 5 7 1 11 */ -&(nid_objs[747]),/* OBJ_proxyCertInfo 1 3 6 1 5 5 7 1 14 */ +&(nid_objs[663]),/* OBJ_proxyCertInfo 1 3 6 1 5 5 7 1 14 */ &(nid_objs[164]),/* OBJ_id_qt_cps 1 3 6 1 5 5 7 2 1 */ &(nid_objs[165]),/* OBJ_id_qt_unotice 1 3 6 1 5 5 7 2 2 */ &(nid_objs[293]),/* OBJ_textNotice 1 3 6 1 5 5 7 2 3 */ @@ -3896,9 +3896,9 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[360]),/* OBJ_id_cct_crs 1 3 6 1 5 5 7 12 1 */ &(nid_objs[361]),/* OBJ_id_cct_PKIData 1 3 6 1 5 5 7 12 2 */ &(nid_objs[362]),/* OBJ_id_cct_PKIResponse 1 3 6 1 5 5 7 12 3 */ -&(nid_objs[748]),/* OBJ_id_ppl_anyLanguage 1 3 6 1 5 5 7 21 0 */ -&(nid_objs[749]),/* OBJ_id_ppl_inheritAll 1 3 6 1 5 5 7 21 1 */ -&(nid_objs[750]),/* OBJ_Independent 1 3 6 1 5 5 7 21 2 */ +&(nid_objs[664]),/* OBJ_id_ppl_anyLanguage 1 3 6 1 5 5 7 21 0 */ +&(nid_objs[665]),/* OBJ_id_ppl_inheritAll 1 3 6 1 5 5 7 21 1 */ +&(nid_objs[667]),/* OBJ_Independent 1 3 6 1 5 5 7 21 2 */ &(nid_objs[178]),/* OBJ_ad_OCSP 1 3 6 1 5 5 7 48 1 */ &(nid_objs[179]),/* OBJ_ad_ca_issuers 1 3 6 1 5 5 7 48 2 */ &(nid_objs[363]),/* OBJ_ad_timeStamping 1 3 6 1 5 5 7 48 3 */ @@ -3917,10 +3917,10 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[ 8]),/* OBJ_md5WithRSAEncryption 1 2 840 113549 1 1 4 */ &(nid_objs[65]),/* OBJ_sha1WithRSAEncryption 1 2 840 113549 1 1 5 */ &(nid_objs[644]),/* OBJ_rsaOAEPEncryptionSET 1 2 840 113549 1 1 6 */ -&(nid_objs[732]),/* OBJ_sha256WithRSAEncryption 1 2 840 113549 1 1 11 */ -&(nid_objs[733]),/* OBJ_sha384WithRSAEncryption 1 2 840 113549 1 1 12 */ -&(nid_objs[734]),/* OBJ_sha512WithRSAEncryption 1 2 840 113549 1 1 13 */ -&(nid_objs[735]),/* OBJ_sha224WithRSAEncryption 1 2 840 113549 1 1 14 */ +&(nid_objs[668]),/* OBJ_sha256WithRSAEncryption 1 2 840 113549 1 1 11 */ +&(nid_objs[669]),/* OBJ_sha384WithRSAEncryption 1 2 840 113549 1 1 12 */ +&(nid_objs[670]),/* OBJ_sha512WithRSAEncryption 1 2 840 113549 1 1 13 */ +&(nid_objs[671]),/* OBJ_sha224WithRSAEncryption 1 2 840 113549 1 1 14 */ &(nid_objs[28]),/* OBJ_dhKeyAgreement 1 2 840 113549 1 3 1 */ &(nid_objs[ 9]),/* OBJ_pbeWithMD2AndDES_CBC 1 2 840 113549 1 5 1 */ &(nid_objs[10]),/* OBJ_pbeWithMD5AndDES_CBC 1 2 840 113549 1 5 3 */ @@ -3951,9 +3951,9 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[188]),/* OBJ_SMIME 1 2 840 113549 1 9 16 */ &(nid_objs[156]),/* OBJ_friendlyName 1 2 840 113549 1 9 20 */ &(nid_objs[157]),/* OBJ_localKeyID 1 2 840 113549 1 9 21 */ -&(nid_objs[667]),/* OBJ_X9_62_onBasis 1 2 840 10045 1 2 3 1 */ -&(nid_objs[668]),/* OBJ_X9_62_tpBasis 1 2 840 10045 1 2 3 2 */ -&(nid_objs[669]),/* OBJ_X9_62_ppBasis 1 2 840 10045 1 2 3 3 */ +&(nid_objs[681]),/* OBJ_X9_62_onBasis 1 2 840 10045 1 2 3 1 */ +&(nid_objs[682]),/* OBJ_X9_62_tpBasis 1 2 840 10045 1 2 3 2 */ +&(nid_objs[683]),/* OBJ_X9_62_ppBasis 1 2 840 10045 1 2 3 3 */ &(nid_objs[417]),/* OBJ_ms_csp_name 1 3 6 1 4 1 311 17 1 */ &(nid_objs[390]),/* OBJ_dcObject 1 3 6 1 4 1 1466 344 */ &(nid_objs[91]),/* OBJ_bf_cbc 1 3 6 1 4 1 3029 1 2 */ @@ -3988,10 +3988,10 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[427]),/* OBJ_aes_256_cbc 2 16 840 1 101 3 4 1 42 */ &(nid_objs[428]),/* OBJ_aes_256_ofb128 2 16 840 1 101 3 4 1 43 */ &(nid_objs[429]),/* OBJ_aes_256_cfb128 2 16 840 1 101 3 4 1 44 */ -&(nid_objs[740]),/* OBJ_sha256 2 16 840 1 101 3 4 2 1 */ -&(nid_objs[741]),/* OBJ_sha384 2 16 840 1 101 3 4 2 2 */ -&(nid_objs[742]),/* OBJ_sha512 2 16 840 1 101 3 4 2 3 */ -&(nid_objs[743]),/* OBJ_sha224 2 16 840 1 101 3 4 2 4 */ +&(nid_objs[672]),/* OBJ_sha256 2 16 840 1 101 3 4 2 1 */ +&(nid_objs[673]),/* OBJ_sha384 2 16 840 1 101 3 4 2 2 */ +&(nid_objs[674]),/* OBJ_sha512 2 16 840 1 101 3 4 2 3 */ +&(nid_objs[675]),/* OBJ_sha224 2 16 840 1 101 3 4 2 4 */ &(nid_objs[71]),/* OBJ_netscape_cert_type 2 16 840 1 113730 1 1 */ &(nid_objs[72]),/* OBJ_netscape_base_url 2 16 840 1 113730 1 2 */ &(nid_objs[73]),/* OBJ_netscape_revocation_url 2 16 840 1 113730 1 3 */ diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h index 322577094a..7cdd69429f 100644 --- a/crypto/objects/obj_mac.h +++ b/crypto/objects/obj_mac.h @@ -94,11 +94,11 @@ #define OBJ_member_body OBJ_iso,2L #define SN_identified_organization "identified-organization" -#define NID_identified_organization 662 +#define NID_identified_organization 676 #define OBJ_identified_organization OBJ_iso,3L #define SN_certicom_arc "certicom-arc" -#define NID_certicom_arc 663 +#define NID_certicom_arc 677 #define OBJ_certicom_arc OBJ_identified_organization,132L #define SN_international_organizations "international-organizations" @@ -107,11 +107,11 @@ #define OBJ_international_organizations OBJ_joint_iso_itu_t,23L #define SN_wap "wap" -#define NID_wap 664 +#define NID_wap 678 #define OBJ_wap OBJ_international_organizations,43L #define SN_wap_wsg "wap-wsg" -#define NID_wap_wsg 665 +#define NID_wap_wsg 679 #define OBJ_wap_wsg OBJ_wap,13L #define SN_selected_attribute_types "selected-attribute-types" @@ -164,19 +164,19 @@ #define OBJ_X9_62_characteristic_two_field OBJ_X9_62_id_fieldType,2L #define SN_X9_62_id_characteristic_two_basis "id-characteristic-two-basis" -#define NID_X9_62_id_characteristic_two_basis 666 +#define NID_X9_62_id_characteristic_two_basis 680 #define OBJ_X9_62_id_characteristic_two_basis OBJ_X9_62_characteristic_two_field,3L #define SN_X9_62_onBasis "onBasis" -#define NID_X9_62_onBasis 667 +#define NID_X9_62_onBasis 681 #define OBJ_X9_62_onBasis OBJ_X9_62_id_characteristic_two_basis,1L #define SN_X9_62_tpBasis "tpBasis" -#define NID_X9_62_tpBasis 668 +#define NID_X9_62_tpBasis 682 #define OBJ_X9_62_tpBasis OBJ_X9_62_id_characteristic_two_basis,2L #define SN_X9_62_ppBasis "ppBasis" -#define NID_X9_62_ppBasis 669 +#define NID_X9_62_ppBasis 683 #define OBJ_X9_62_ppBasis OBJ_X9_62_id_characteristic_two_basis,3L #define OBJ_X9_62_id_publicKeyType OBJ_ansi_X9_62,2L @@ -190,83 +190,83 @@ #define OBJ_X9_62_c_TwoCurve OBJ_X9_62_ellipticCurve,0L #define SN_X9_62_c2pnb163v1 "c2pnb163v1" -#define NID_X9_62_c2pnb163v1 670 +#define NID_X9_62_c2pnb163v1 684 #define OBJ_X9_62_c2pnb163v1 OBJ_X9_62_c_TwoCurve,1L #define SN_X9_62_c2pnb163v2 "c2pnb163v2" -#define NID_X9_62_c2pnb163v2 671 +#define NID_X9_62_c2pnb163v2 685 #define OBJ_X9_62_c2pnb163v2 OBJ_X9_62_c_TwoCurve,2L #define SN_X9_62_c2pnb163v3 "c2pnb163v3" -#define NID_X9_62_c2pnb163v3 672 +#define NID_X9_62_c2pnb163v3 686 #define OBJ_X9_62_c2pnb163v3 OBJ_X9_62_c_TwoCurve,3L #define SN_X9_62_c2pnb176v1 "c2pnb176v1" -#define NID_X9_62_c2pnb176v1 673 +#define NID_X9_62_c2pnb176v1 687 #define OBJ_X9_62_c2pnb176v1 OBJ_X9_62_c_TwoCurve,4L #define SN_X9_62_c2tnb191v1 "c2tnb191v1" -#define NID_X9_62_c2tnb191v1 674 +#define NID_X9_62_c2tnb191v1 688 #define OBJ_X9_62_c2tnb191v1 OBJ_X9_62_c_TwoCurve,5L #define SN_X9_62_c2tnb191v2 "c2tnb191v2" -#define NID_X9_62_c2tnb191v2 675 +#define NID_X9_62_c2tnb191v2 689 #define OBJ_X9_62_c2tnb191v2 OBJ_X9_62_c_TwoCurve,6L #define SN_X9_62_c2tnb191v3 "c2tnb191v3" -#define NID_X9_62_c2tnb191v3 676 +#define NID_X9_62_c2tnb191v3 690 #define OBJ_X9_62_c2tnb191v3 OBJ_X9_62_c_TwoCurve,7L #define SN_X9_62_c2onb191v4 "c2onb191v4" -#define NID_X9_62_c2onb191v4 677 +#define NID_X9_62_c2onb191v4 691 #define OBJ_X9_62_c2onb191v4 OBJ_X9_62_c_TwoCurve,8L #define SN_X9_62_c2onb191v5 "c2onb191v5" -#define NID_X9_62_c2onb191v5 678 +#define NID_X9_62_c2onb191v5 692 #define OBJ_X9_62_c2onb191v5 OBJ_X9_62_c_TwoCurve,9L #define SN_X9_62_c2pnb208w1 "c2pnb208w1" -#define NID_X9_62_c2pnb208w1 679 +#define NID_X9_62_c2pnb208w1 693 #define OBJ_X9_62_c2pnb208w1 OBJ_X9_62_c_TwoCurve,10L #define SN_X9_62_c2tnb239v1 "c2tnb239v1" -#define NID_X9_62_c2tnb239v1 680 +#define NID_X9_62_c2tnb239v1 694 #define OBJ_X9_62_c2tnb239v1 OBJ_X9_62_c_TwoCurve,11L #define SN_X9_62_c2tnb239v2 "c2tnb239v2" -#define NID_X9_62_c2tnb239v2 681 +#define NID_X9_62_c2tnb239v2 695 #define OBJ_X9_62_c2tnb239v2 OBJ_X9_62_c_TwoCurve,12L #define SN_X9_62_c2tnb239v3 "c2tnb239v3" -#define NID_X9_62_c2tnb239v3 682 +#define NID_X9_62_c2tnb239v3 696 #define OBJ_X9_62_c2tnb239v3 OBJ_X9_62_c_TwoCurve,13L #define SN_X9_62_c2onb239v4 "c2onb239v4" -#define NID_X9_62_c2onb239v4 683 +#define NID_X9_62_c2onb239v4 697 #define OBJ_X9_62_c2onb239v4 OBJ_X9_62_c_TwoCurve,14L #define SN_X9_62_c2onb239v5 "c2onb239v5" -#define NID_X9_62_c2onb239v5 684 +#define NID_X9_62_c2onb239v5 698 #define OBJ_X9_62_c2onb239v5 OBJ_X9_62_c_TwoCurve,15L #define SN_X9_62_c2pnb272w1 "c2pnb272w1" -#define NID_X9_62_c2pnb272w1 685 +#define NID_X9_62_c2pnb272w1 699 #define OBJ_X9_62_c2pnb272w1 OBJ_X9_62_c_TwoCurve,16L #define SN_X9_62_c2pnb304w1 "c2pnb304w1" -#define NID_X9_62_c2pnb304w1 686 +#define NID_X9_62_c2pnb304w1 700 #define OBJ_X9_62_c2pnb304w1 OBJ_X9_62_c_TwoCurve,17L #define SN_X9_62_c2tnb359v1 "c2tnb359v1" -#define NID_X9_62_c2tnb359v1 687 +#define NID_X9_62_c2tnb359v1 701 #define OBJ_X9_62_c2tnb359v1 OBJ_X9_62_c_TwoCurve,18L #define SN_X9_62_c2pnb368w1 "c2pnb368w1" -#define NID_X9_62_c2pnb368w1 688 +#define NID_X9_62_c2pnb368w1 702 #define OBJ_X9_62_c2pnb368w1 OBJ_X9_62_c_TwoCurve,19L #define SN_X9_62_c2tnb431r1 "c2tnb431r1" -#define NID_X9_62_c2tnb431r1 689 +#define NID_X9_62_c2tnb431r1 703 #define OBJ_X9_62_c2tnb431r1 OBJ_X9_62_c_TwoCurve,20L #define OBJ_X9_62_primeCurve OBJ_X9_62_ellipticCurve,1L @@ -308,173 +308,173 @@ #define OBJ_secg_ellipticCurve OBJ_certicom_arc,0L #define SN_secp112r1 "secp112r1" -#define NID_secp112r1 690 +#define NID_secp112r1 704 #define OBJ_secp112r1 OBJ_secg_ellipticCurve,6L #define SN_secp112r2 "secp112r2" -#define NID_secp112r2 691 +#define NID_secp112r2 705 #define OBJ_secp112r2 OBJ_secg_ellipticCurve,7L #define SN_secp128r1 "secp128r1" -#define NID_secp128r1 692 +#define NID_secp128r1 706 #define OBJ_secp128r1 OBJ_secg_ellipticCurve,28L #define SN_secp128r2 "secp128r2" -#define NID_secp128r2 693 +#define NID_secp128r2 707 #define OBJ_secp128r2 OBJ_secg_ellipticCurve,29L #define SN_secp160k1 "secp160k1" -#define NID_secp160k1 694 +#define NID_secp160k1 708 #define OBJ_secp160k1 OBJ_secg_ellipticCurve,9L #define SN_secp160r1 "secp160r1" -#define NID_secp160r1 695 +#define NID_secp160r1 709 #define OBJ_secp160r1 OBJ_secg_ellipticCurve,8L #define SN_secp160r2 "secp160r2" -#define NID_secp160r2 696 +#define NID_secp160r2 710 #define OBJ_secp160r2 OBJ_secg_ellipticCurve,30L #define SN_secp192k1 "secp192k1" -#define NID_secp192k1 697 +#define NID_secp192k1 711 #define OBJ_secp192k1 OBJ_secg_ellipticCurve,31L #define SN_secp224k1 "secp224k1" -#define NID_secp224k1 698 +#define NID_secp224k1 712 #define OBJ_secp224k1 OBJ_secg_ellipticCurve,32L #define SN_secp224r1 "secp224r1" -#define NID_secp224r1 699 +#define NID_secp224r1 713 #define OBJ_secp224r1 OBJ_secg_ellipticCurve,33L #define SN_secp256k1 "secp256k1" -#define NID_secp256k1 700 +#define NID_secp256k1 714 #define OBJ_secp256k1 OBJ_secg_ellipticCurve,10L #define SN_secp384r1 "secp384r1" -#define NID_secp384r1 701 +#define NID_secp384r1 715 #define OBJ_secp384r1 OBJ_secg_ellipticCurve,34L #define SN_secp521r1 "secp521r1" -#define NID_secp521r1 702 +#define NID_secp521r1 716 #define OBJ_secp521r1 OBJ_secg_ellipticCurve,35L #define SN_sect113r1 "sect113r1" -#define NID_sect113r1 703 +#define NID_sect113r1 717 #define OBJ_sect113r1 OBJ_secg_ellipticCurve,4L #define SN_sect113r2 "sect113r2" -#define NID_sect113r2 704 +#define NID_sect113r2 718 #define OBJ_sect113r2 OBJ_secg_ellipticCurve,5L #define SN_sect131r1 "sect131r1" -#define NID_sect131r1 705 +#define NID_sect131r1 719 #define OBJ_sect131r1 OBJ_secg_ellipticCurve,22L #define SN_sect131r2 "sect131r2" -#define NID_sect131r2 706 +#define NID_sect131r2 720 #define OBJ_sect131r2 OBJ_secg_ellipticCurve,23L #define SN_sect163k1 "sect163k1" -#define NID_sect163k1 707 +#define NID_sect163k1 721 #define OBJ_sect163k1 OBJ_secg_ellipticCurve,1L #define SN_sect163r1 "sect163r1" -#define NID_sect163r1 708 +#define NID_sect163r1 722 #define OBJ_sect163r1 OBJ_secg_ellipticCurve,2L #define SN_sect163r2 "sect163r2" -#define NID_sect163r2 709 +#define NID_sect163r2 723 #define OBJ_sect163r2 OBJ_secg_ellipticCurve,15L #define SN_sect193r1 "sect193r1" -#define NID_sect193r1 710 +#define NID_sect193r1 724 #define OBJ_sect193r1 OBJ_secg_ellipticCurve,24L #define SN_sect193r2 "sect193r2" -#define NID_sect193r2 711 +#define NID_sect193r2 725 #define OBJ_sect193r2 OBJ_secg_ellipticCurve,25L #define SN_sect233k1 "sect233k1" -#define NID_sect233k1 712 +#define NID_sect233k1 726 #define OBJ_sect233k1 OBJ_secg_ellipticCurve,26L #define SN_sect233r1 "sect233r1" -#define NID_sect233r1 713 +#define NID_sect233r1 727 #define OBJ_sect233r1 OBJ_secg_ellipticCurve,27L #define SN_sect239k1 "sect239k1" -#define NID_sect239k1 714 +#define NID_sect239k1 728 #define OBJ_sect239k1 OBJ_secg_ellipticCurve,3L #define SN_sect283k1 "sect283k1" -#define NID_sect283k1 715 +#define NID_sect283k1 729 #define OBJ_sect283k1 OBJ_secg_ellipticCurve,16L #define SN_sect283r1 "sect283r1" -#define NID_sect283r1 716 +#define NID_sect283r1 730 #define OBJ_sect283r1 OBJ_secg_ellipticCurve,17L #define SN_sect409k1 "sect409k1" -#define NID_sect409k1 717 +#define NID_sect409k1 731 #define OBJ_sect409k1 OBJ_secg_ellipticCurve,36L #define SN_sect409r1 "sect409r1" -#define NID_sect409r1 718 +#define NID_sect409r1 732 #define OBJ_sect409r1 OBJ_secg_ellipticCurve,37L #define SN_sect571k1 "sect571k1" -#define NID_sect571k1 719 +#define NID_sect571k1 733 #define OBJ_sect571k1 OBJ_secg_ellipticCurve,38L #define SN_sect571r1 "sect571r1" -#define NID_sect571r1 720 +#define NID_sect571r1 734 #define OBJ_sect571r1 OBJ_secg_ellipticCurve,39L #define OBJ_wap_wsg_idm_ecid OBJ_wap_wsg,4L #define SN_wap_wsg_idm_ecid_wtls1 "wap-wsg-idm-ecid-wtls1" -#define NID_wap_wsg_idm_ecid_wtls1 721 +#define NID_wap_wsg_idm_ecid_wtls1 735 #define OBJ_wap_wsg_idm_ecid_wtls1 OBJ_wap_wsg_idm_ecid,1L #define SN_wap_wsg_idm_ecid_wtls3 "wap-wsg-idm-ecid-wtls3" -#define NID_wap_wsg_idm_ecid_wtls3 722 +#define NID_wap_wsg_idm_ecid_wtls3 736 #define OBJ_wap_wsg_idm_ecid_wtls3 OBJ_wap_wsg_idm_ecid,3L #define SN_wap_wsg_idm_ecid_wtls4 "wap-wsg-idm-ecid-wtls4" -#define NID_wap_wsg_idm_ecid_wtls4 723 +#define NID_wap_wsg_idm_ecid_wtls4 737 #define OBJ_wap_wsg_idm_ecid_wtls4 OBJ_wap_wsg_idm_ecid,4L #define SN_wap_wsg_idm_ecid_wtls5 "wap-wsg-idm-ecid-wtls5" -#define NID_wap_wsg_idm_ecid_wtls5 724 +#define NID_wap_wsg_idm_ecid_wtls5 738 #define OBJ_wap_wsg_idm_ecid_wtls5 OBJ_wap_wsg_idm_ecid,5L #define SN_wap_wsg_idm_ecid_wtls6 "wap-wsg-idm-ecid-wtls6" -#define NID_wap_wsg_idm_ecid_wtls6 725 +#define NID_wap_wsg_idm_ecid_wtls6 739 #define OBJ_wap_wsg_idm_ecid_wtls6 OBJ_wap_wsg_idm_ecid,6L #define SN_wap_wsg_idm_ecid_wtls7 "wap-wsg-idm-ecid-wtls7" -#define NID_wap_wsg_idm_ecid_wtls7 726 +#define NID_wap_wsg_idm_ecid_wtls7 740 #define OBJ_wap_wsg_idm_ecid_wtls7 OBJ_wap_wsg_idm_ecid,7L #define SN_wap_wsg_idm_ecid_wtls8 "wap-wsg-idm-ecid-wtls8" -#define NID_wap_wsg_idm_ecid_wtls8 727 +#define NID_wap_wsg_idm_ecid_wtls8 741 #define OBJ_wap_wsg_idm_ecid_wtls8 OBJ_wap_wsg_idm_ecid,8L #define SN_wap_wsg_idm_ecid_wtls9 "wap-wsg-idm-ecid-wtls9" -#define NID_wap_wsg_idm_ecid_wtls9 728 +#define NID_wap_wsg_idm_ecid_wtls9 742 #define OBJ_wap_wsg_idm_ecid_wtls9 OBJ_wap_wsg_idm_ecid,9L #define SN_wap_wsg_idm_ecid_wtls10 "wap-wsg-idm-ecid-wtls10" -#define NID_wap_wsg_idm_ecid_wtls10 729 +#define NID_wap_wsg_idm_ecid_wtls10 743 #define OBJ_wap_wsg_idm_ecid_wtls10 OBJ_wap_wsg_idm_ecid,10L #define SN_wap_wsg_idm_ecid_wtls11 "wap-wsg-idm-ecid-wtls11" -#define NID_wap_wsg_idm_ecid_wtls11 730 +#define NID_wap_wsg_idm_ecid_wtls11 744 #define OBJ_wap_wsg_idm_ecid_wtls11 OBJ_wap_wsg_idm_ecid,11L #define SN_wap_wsg_idm_ecid_wtls12 "wap-wsg-idm-ecid-wtls12" -#define NID_wap_wsg_idm_ecid_wtls12 731 +#define NID_wap_wsg_idm_ecid_wtls12 745 #define OBJ_wap_wsg_idm_ecid_wtls12 OBJ_wap_wsg_idm_ecid,12L #define SN_cast5_cbc "CAST5-CBC" @@ -538,22 +538,22 @@ #define SN_sha256WithRSAEncryption "RSA-SHA256" #define LN_sha256WithRSAEncryption "sha256WithRSAEncryption" -#define NID_sha256WithRSAEncryption 732 +#define NID_sha256WithRSAEncryption 668 #define OBJ_sha256WithRSAEncryption OBJ_pkcs1,11L #define SN_sha384WithRSAEncryption "RSA-SHA384" #define LN_sha384WithRSAEncryption "sha384WithRSAEncryption" -#define NID_sha384WithRSAEncryption 733 +#define NID_sha384WithRSAEncryption 669 #define OBJ_sha384WithRSAEncryption OBJ_pkcs1,12L #define SN_sha512WithRSAEncryption "RSA-SHA512" #define LN_sha512WithRSAEncryption "sha512WithRSAEncryption" -#define NID_sha512WithRSAEncryption 734 +#define NID_sha512WithRSAEncryption 670 #define OBJ_sha512WithRSAEncryption OBJ_pkcs1,13L #define SN_sha224WithRSAEncryption "RSA-SHA224" #define LN_sha224WithRSAEncryption "sha224WithRSAEncryption" -#define NID_sha224WithRSAEncryption 735 +#define NID_sha224WithRSAEncryption 671 #define OBJ_sha224WithRSAEncryption OBJ_pkcs1,14L #define SN_pkcs3 "pkcs3" @@ -1266,7 +1266,7 @@ #define OBJ_id_cct OBJ_id_pkix,12L #define SN_id_ppl "id-ppl" -#define NID_id_ppl 746 +#define NID_id_ppl 662 #define OBJ_id_ppl OBJ_id_pkix,21L #define SN_id_ad "id-ad" @@ -1386,7 +1386,7 @@ #define SN_proxyCertInfo "proxyCertInfo" #define LN_proxyCertInfo "Proxy Certificate Information" -#define NID_proxyCertInfo 747 +#define NID_proxyCertInfo 663 #define OBJ_proxyCertInfo OBJ_id_pe,14L #define SN_id_qt_cps "id-qt-cps" @@ -1715,17 +1715,17 @@ #define SN_id_ppl_anyLanguage "id-ppl-anyLanguage" #define LN_id_ppl_anyLanguage "Any language" -#define NID_id_ppl_anyLanguage 748 +#define NID_id_ppl_anyLanguage 664 #define OBJ_id_ppl_anyLanguage OBJ_id_ppl,0L #define SN_id_ppl_inheritAll "id-ppl-inheritAll" #define LN_id_ppl_inheritAll "Inherit all" -#define NID_id_ppl_inheritAll 749 +#define NID_id_ppl_inheritAll 665 #define OBJ_id_ppl_inheritAll OBJ_id_ppl,1L #define SN_Independent "id-ppl-independent" #define LN_Independent "Independent" -#define NID_Independent 750 +#define NID_Independent 667 #define OBJ_Independent OBJ_id_ppl,2L #define SN_ad_OCSP "OCSP" @@ -2096,7 +2096,7 @@ #define SN_name_constraints "nameConstraints" #define LN_name_constraints "X509v3 Name Constraints" -#define NID_name_constraints 736 +#define NID_name_constraints 666 #define OBJ_name_constraints OBJ_id_ce,30L #define SN_crl_distribution_points "crlDistributionPoints" @@ -2111,12 +2111,12 @@ #define SN_any_policy "anyPolicy" #define LN_any_policy "X509v3 Any Policy" -#define NID_any_policy 737 +#define NID_any_policy 746 #define OBJ_any_policy OBJ_certificate_policies,0L #define SN_policy_mappings "policyMappings" #define LN_policy_mappings "X509v3 Policy Mappings" -#define NID_policy_mappings 738 +#define NID_policy_mappings 747 #define OBJ_policy_mappings OBJ_id_ce,33L #define SN_authority_key_identifier "authorityKeyIdentifier" @@ -2136,7 +2136,7 @@ #define SN_inhibit_any_policy "inhibitAnyPolicy" #define LN_inhibit_any_policy "X509v3 Inhibit Any Policy" -#define NID_inhibit_any_policy 739 +#define NID_inhibit_any_policy 748 #define OBJ_inhibit_any_policy OBJ_id_ce,54L #define SN_target_information "targetInformation" @@ -2420,22 +2420,22 @@ #define SN_sha256 "SHA256" #define LN_sha256 "sha256" -#define NID_sha256 740 +#define NID_sha256 672 #define OBJ_sha256 OBJ_nist_hashalgs,1L #define SN_sha384 "SHA384" #define LN_sha384 "sha384" -#define NID_sha384 741 +#define NID_sha384 673 #define OBJ_sha384 OBJ_nist_hashalgs,2L #define SN_sha512 "SHA512" #define LN_sha512 "sha512" -#define NID_sha512 742 +#define NID_sha512 674 #define OBJ_sha512 OBJ_nist_hashalgs,3L #define SN_sha224 "SHA224" #define LN_sha224 "sha224" -#define NID_sha224 743 +#define NID_sha224 675 #define OBJ_sha224 OBJ_nist_hashalgs,4L #define SN_hold_instruction_code "holdInstructionCode" @@ -3297,9 +3297,9 @@ #define SN_ipsec3 "Oakley-EC2N-3" #define LN_ipsec3 "ipsec3" -#define NID_ipsec3 744 +#define NID_ipsec3 749 #define SN_ipsec4 "Oakley-EC2N-4" #define LN_ipsec4 "ipsec4" -#define NID_ipsec4 745 +#define NID_ipsec4 750 diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num index 180d20f1bc..563c10c056 100644 --- a/crypto/objects/obj_mac.num +++ b/crypto/objects/obj_mac.num @@ -659,92 +659,92 @@ des_ede3_cfb1 658 des_ede3_cfb8 659 streetAddress 660 postalCode 661 -identified_organization 662 -certicom_arc 663 -wap 664 -wap_wsg 665 -X9_62_id_characteristic_two_basis 666 -X9_62_onBasis 667 -X9_62_tpBasis 668 -X9_62_ppBasis 669 -X9_62_c2pnb163v1 670 -X9_62_c2pnb163v2 671 -X9_62_c2pnb163v3 672 -X9_62_c2pnb176v1 673 -X9_62_c2tnb191v1 674 -X9_62_c2tnb191v2 675 -X9_62_c2tnb191v3 676 -X9_62_c2onb191v4 677 -X9_62_c2onb191v5 678 -X9_62_c2pnb208w1 679 -X9_62_c2tnb239v1 680 -X9_62_c2tnb239v2 681 -X9_62_c2tnb239v3 682 -X9_62_c2onb239v4 683 -X9_62_c2onb239v5 684 -X9_62_c2pnb272w1 685 -X9_62_c2pnb304w1 686 -X9_62_c2tnb359v1 687 -X9_62_c2pnb368w1 688 -X9_62_c2tnb431r1 689 -secp112r1 690 -secp112r2 691 -secp128r1 692 -secp128r2 693 -secp160k1 694 -secp160r1 695 -secp160r2 696 -secp192k1 697 -secp224k1 698 -secp224r1 699 -secp256k1 700 -secp384r1 701 -secp521r1 702 -sect113r1 703 -sect113r2 704 -sect131r1 705 -sect131r2 706 -sect163k1 707 -sect163r1 708 -sect163r2 709 -sect193r1 710 -sect193r2 711 -sect233k1 712 -sect233r1 713 -sect239k1 714 -sect283k1 715 -sect283r1 716 -sect409k1 717 -sect409r1 718 -sect571k1 719 -sect571r1 720 -wap_wsg_idm_ecid_wtls1 721 -wap_wsg_idm_ecid_wtls3 722 -wap_wsg_idm_ecid_wtls4 723 -wap_wsg_idm_ecid_wtls5 724 -wap_wsg_idm_ecid_wtls6 725 -wap_wsg_idm_ecid_wtls7 726 -wap_wsg_idm_ecid_wtls8 727 -wap_wsg_idm_ecid_wtls9 728 -wap_wsg_idm_ecid_wtls10 729 -wap_wsg_idm_ecid_wtls11 730 -wap_wsg_idm_ecid_wtls12 731 -sha256WithRSAEncryption 732 -sha384WithRSAEncryption 733 -sha512WithRSAEncryption 734 -sha224WithRSAEncryption 735 -name_constraints 736 -any_policy 737 -policy_mappings 738 -inhibit_any_policy 739 -sha256 740 -sha384 741 -sha512 742 -sha224 743 -ipsec3 744 -ipsec4 745 -id_ppl 746 -proxyCertInfo 747 -id_ppl_anyLanguage 748 -id_ppl_inheritAll 749 -Independent 750 +id_ppl 662 +proxyCertInfo 663 +id_ppl_anyLanguage 664 +id_ppl_inheritAll 665 +name_constraints 666 +Independent 667 +sha256WithRSAEncryption 668 +sha384WithRSAEncryption 669 +sha512WithRSAEncryption 670 +sha224WithRSAEncryption 671 +sha256 672 +sha384 673 +sha512 674 +sha224 675 +identified_organization 676 +certicom_arc 677 +wap 678 +wap_wsg 679 +X9_62_id_characteristic_two_basis 680 +X9_62_onBasis 681 +X9_62_tpBasis 682 +X9_62_ppBasis 683 +X9_62_c2pnb163v1 684 +X9_62_c2pnb163v2 685 +X9_62_c2pnb163v3 686 +X9_62_c2pnb176v1 687 +X9_62_c2tnb191v1 688 +X9_62_c2tnb191v2 689 +X9_62_c2tnb191v3 690 +X9_62_c2onb191v4 691 +X9_62_c2onb191v5 692 +X9_62_c2pnb208w1 693 +X9_62_c2tnb239v1 694 +X9_62_c2tnb239v2 695 +X9_62_c2tnb239v3 696 +X9_62_c2onb239v4 697 +X9_62_c2onb239v5 698 +X9_62_c2pnb272w1 699 +X9_62_c2pnb304w1 700 +X9_62_c2tnb359v1 701 +X9_62_c2pnb368w1 702 +X9_62_c2tnb431r1 703 +secp112r1 704 +secp112r2 705 +secp128r1 706 +secp128r2 707 +secp160k1 708 +secp160r1 709 +secp160r2 710 +secp192k1 711 +secp224k1 712 +secp224r1 713 +secp256k1 714 +secp384r1 715 +secp521r1 716 +sect113r1 717 +sect113r2 718 +sect131r1 719 +sect131r2 720 +sect163k1 721 +sect163r1 722 +sect163r2 723 +sect193r1 724 +sect193r2 725 +sect233k1 726 +sect233r1 727 +sect239k1 728 +sect283k1 729 +sect283r1 730 +sect409k1 731 +sect409r1 732 +sect571k1 733 +sect571r1 734 +wap_wsg_idm_ecid_wtls1 735 +wap_wsg_idm_ecid_wtls3 736 +wap_wsg_idm_ecid_wtls4 737 +wap_wsg_idm_ecid_wtls5 738 +wap_wsg_idm_ecid_wtls6 739 +wap_wsg_idm_ecid_wtls7 740 +wap_wsg_idm_ecid_wtls8 741 +wap_wsg_idm_ecid_wtls9 742 +wap_wsg_idm_ecid_wtls10 743 +wap_wsg_idm_ecid_wtls11 744 +wap_wsg_idm_ecid_wtls12 745 +any_policy 746 +policy_mappings 747 +inhibit_any_policy 748 +ipsec3 749 +ipsec4 750 -- GitLab From c4b13b02682afb695da9c277da27d4cccc856eee Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Wed, 22 Jun 2005 17:28:55 +0000 Subject: [PATCH 287/929] Reorder extensions to account for synced OID table. --- crypto/x509v3/ext_dat.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/x509v3/ext_dat.h b/crypto/x509v3/ext_dat.h index 5e86de5c9e..3596684687 100644 --- a/crypto/x509v3/ext_dat.h +++ b/crypto/x509v3/ext_dat.h @@ -112,10 +112,10 @@ static X509V3_EXT_METHOD *standard_exts[] = { #ifndef OPENSSL_NO_OCSP &v3_crl_hold, #endif +&v3_pci, &v3_name_constraints, &v3_policy_mappings, -&v3_inhibit_anyp, -&v3_pci +&v3_inhibit_anyp }; /* Number of standard extensions */ -- GitLab From 586df3bb7f9e591afa031101a35efa9d6ddd6d19 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Wed, 22 Jun 2005 18:54:05 +0000 Subject: [PATCH 288/929] Typo. --- doc/apps/x509v3_config.pod | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/apps/x509v3_config.pod b/doc/apps/x509v3_config.pod index 09954693a3..38c46e85c4 100644 --- a/doc/apps/x509v3_config.pod +++ b/doc/apps/x509v3_config.pod @@ -442,8 +442,8 @@ will only recognize the last value. This can be worked around by using the form: The X509v3 extension code was first added to OpenSSL 0.9.2. -Policy mappings, name constraints, inhibit any policy and name -constraints support was added in OpenSSL 0.9.8 +Policy mappings, inhibit any policy and name constraints support was added in +OpenSSL 0.9.8 The B and B option as well as the B option for arbitrary extensions was added in OpenSSL 0.9.8 -- GitLab From bf3900020fda9e380728250f49bce23bd9fbcd36 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Wed, 22 Jun 2005 23:50:07 +0000 Subject: [PATCH 289/929] no-asm didn't prevent make from compiling assembler modules [from HEAD]. --- Configure | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Configure b/Configure index e123093de5..768f18f2c6 100755 --- a/Configure +++ b/Configure @@ -885,8 +885,8 @@ foreach (sort (keys %disabled)) $openssl_other_defines .= "#define OPENSSL_NO_$ALGO\n"; print " OPENSSL_NO_$ALGO"; - if (/^err$/) - { $flags .= "-DOPENSSL_NO_ERR "; } + if (/^err$/) { $flags .= "-DOPENSSL_NO_ERR "; } + elsif (/^asm$/) { $no_asm = 1; } } else { -- GitLab From c938babf00a9faa4d1852d26d09cf4b4af782548 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 23 Jun 2005 06:31:08 +0000 Subject: [PATCH 290/929] A number of architectures noted so far. --- STATUS | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/STATUS b/STATUS index c2dfbe9eb9..74371bbfba 100644 --- a/STATUS +++ b/STATUS @@ -1,12 +1,27 @@ OpenSSL STATUS Last modified at - ______________ $Date: 2005/06/21 05:49:47 $ + ______________ $Date: 2005/06/23 06:31:08 $ DEVELOPMENT STATE o OpenSSL 0.9.9: Under development... o OpenSSL 0.9.8-beta6: Released on June 21th, 2005 - OpenVMS/Alpha 7.3-2 w. Compaq C 6.4-005 SUCCESS + OpenVMS/Alpha [7.3-2; Compaq C 6.4-005] SUCCESS + Windows 2000 [VC-WIN32; MSVC 6.0] SUCCESS + Cygwin 1.5.5-1 [Cygwin; gcc 3.3.1] SUCCESS + Red Hat Linux 9 [linux-elf; gcc 3.2.2] SUCCESS + FreeBSD 4.6 [BSD-x86-elf; gcc 2.95.3] SUCCESS + Solaris 2.6 [solaris-sparcv9-cc; + Sun Workshop 6 update 2 C 5.3] SUCCESS + Solaris 2.7 [solaris-sparcv9-cc; + Sun Workshop 6 update 2 C 5.3] SUCCESS + AIX 5.1 [aix-cc; C for AIX Compiler, version 6] SUCCESS + HP-UX 11.11 [hpux-parisc2-cc; HP C Compiler B.11.11.08] SUCCESS + Tru64 OSF1 V4.0E [tru64-alpha-cc; DEC C V5.8-009] SUCCESS + ? [linux-elf; gcc 3.4.2] SUCCESS + Solaris 8 [solaris-sparcv9-cc; Sun C 5.7 2005/01/07 32-bit] SUCCESS + Solaris 8 [solaris64-sparcv9-cc; Sun C 5.7 2005/01/07 64-bit] SUCCESS + Solaris 8 [solaris-sparcv9-gcc; gcc 2.95.3 32-bit] SUCCESS o OpenSSL 0.9.8-beta5: Released on June 13th, 2005 o OpenSSL 0.9.8-beta4: Released on June 6th, 2005 o OpenSSL 0.9.8-beta3: Released on May 31th, 2005 -- GitLab From e6531253e263615645054379c9ec977530a56003 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Thu, 23 Jun 2005 15:39:19 +0000 Subject: [PATCH 291/929] HP-UX specific update to Makefile.shared. --- Makefile.shared | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Makefile.shared b/Makefile.shared index 6d68761937..9e9b28e2c2 100644 --- a/Makefile.shared +++ b/Makefile.shared @@ -91,7 +91,7 @@ LINK_APP= \ ( $(SET_X); \ LIBDEPS="$${LIBDEPS:-$(LIBDEPS)}"; \ LDCMD="$${LDCMD:-$(CC)}"; LDFLAGS="$${LDFLAGS:-$(CFLAGS)}"; \ - LIBPATH=`for x in $(LIBDEPS); do if echo $$x | grep '^ *-L' > /dev/null 2>&1; then echo $$x | sed -e 's/^ *-L//'; fi; done | uniq`; \ + LIBPATH=`for x in $$LIBDEPS; do if echo $$x | grep '^ *-L' > /dev/null 2>&1; then echo $$x | sed -e 's/^ *-L//'; fi; done | uniq`; \ LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \ LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ $${LDCMD} $${LDFLAGS} -o $${APPNAME:=$(APPNAME)} $(OBJECTS) $${LIBDEPS} ) @@ -455,6 +455,7 @@ link_o.hpux: expr $(PLATFORM) : 'hpux64' > /dev/null && ALLSYMSFLAGS='-Wl,+forceload'; \ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -Wl,-B,symbolic,+vnocompatwarnings,-z,+s,+h,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"; \ fi; \ + rm -f $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX || :; \ $(LINK_SO_O) && chmod a=rx $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX link_a.hpux: @if ${DETECT_GNU_LD}; then $(DO_GNU_SO); else \ @@ -467,6 +468,7 @@ link_a.hpux: expr $(PLATFORM) : 'hpux64' > /dev/null && ALLSYMSFLAGS='-Wl,+forceload'; \ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -Wl,-B,symbolic,+vnocompatwarnings,-z,+s,+h,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"; \ fi; \ + rm -f $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX || :; \ $(LINK_SO_A) && chmod a=rx $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX link_app.hpux: @if ${DETECT_GNU_LD}; then $(DO_GNU_APP); else \ -- GitLab From f247dc75224a5253fbf11bf116fffbb76514ea90 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Thu, 23 Jun 2005 16:47:21 +0000 Subject: [PATCH 292/929] IRIX upadte from HEAD. --- Configure | 8 ++++---- crypto/bn/Makefile | 6 +++++- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/Configure b/Configure index 768f18f2c6..73328c0c0b 100755 --- a/Configure +++ b/Configure @@ -232,11 +232,11 @@ my %table=( #### IRIX 6.x configs # Only N32 and N64 ABIs are supported. If you need O32 ABI build, invoke # './Configure irix-cc -o32' manually. -"irix-mips3-gcc","gcc:-mabi=n32 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT::mips3.o::::::::::dlfcn:irix-shared::-mabi=n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT::mips3.o::::::::::dlfcn:irix-shared::-n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"irix-mips3-gcc","gcc:-mabi=n32 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT::bn-mips3.o::::::::::dlfcn:irix-shared::-mabi=n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT::bn-mips3.o::::::::::dlfcn:irix-shared::-n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # N64 ABI builds. -"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG::mips3.o::::::::::dlfcn:irix-shared::-mabi=64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG::mips3.o::::::::::dlfcn:irix-shared::-64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG::bn-mips3.o::::::::::dlfcn:irix-shared::-mabi=64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG::bn-mips3.o::::::::::dlfcn:irix-shared::-64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", #### Unified HP-UX ANSI C configs. # Special notes: diff --git a/crypto/bn/Makefile b/crypto/bn/Makefile index f864a05f39..6926c77799 100644 --- a/crypto/bn/Makefile +++ b/crypto/bn/Makefile @@ -83,7 +83,11 @@ sparcv8.o: asm/sparcv8.S sparcv8plus.o: asm/sparcv8plus.S $(CC) $(CFLAGS) -c asm/sparcv8plus.S -mips3.o: asm/mips3.s +bn-mips3.o: asm/mips3.s + @if [ "$(CC)" = "gcc" ]; then \ + ABI=`expr "$(CFLAGS)" : ".*-mabi=\([n3264]*\)"` && \ + as -$$ABI -O -o $@ asm/mips3.s; \ + else $(CC) $(CFLAGS) -o $@ asm/mips3.s; fi x86_64-gcc.o: asm/x86_64-gcc.c $(CC) $(CFLAGS) -c -o $@ asm/x86_64-gcc.c -- GitLab From 2a5b22d6f9bb0cca91933e841f510a9cc99c1a49 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Thu, 23 Jun 2005 20:38:19 +0000 Subject: [PATCH 293/929] Missed -c in IRIX rule. --- crypto/bn/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/bn/Makefile b/crypto/bn/Makefile index 6926c77799..4afb6a393c 100644 --- a/crypto/bn/Makefile +++ b/crypto/bn/Makefile @@ -87,7 +87,7 @@ bn-mips3.o: asm/mips3.s @if [ "$(CC)" = "gcc" ]; then \ ABI=`expr "$(CFLAGS)" : ".*-mabi=\([n3264]*\)"` && \ as -$$ABI -O -o $@ asm/mips3.s; \ - else $(CC) $(CFLAGS) -o $@ asm/mips3.s; fi + else $(CC) -c $(CFLAGS) -o $@ asm/mips3.s; fi x86_64-gcc.o: asm/x86_64-gcc.c $(CC) $(CFLAGS) -c -o $@ asm/x86_64-gcc.c -- GitLab From 57b2246d35b1229bedf722340bdb728be7668982 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Thu, 23 Jun 2005 20:47:54 +0000 Subject: [PATCH 294/929] Darwin specific update from HEAD. --- Configure | 2 +- Makefile.shared | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/Configure b/Configure index 73328c0c0b..56ebafb053 100755 --- a/Configure +++ b/Configure @@ -503,7 +503,7 @@ my %table=( ##### MacOS X (a.k.a. Rhapsody or Darwin) setup "rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX_RHAPSODY::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}::", -"darwin-ppc-cc","cc:-O3 -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::osx_ppc32.o:::::::::::darwin-shared:-fPIC -fno-common:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", +"darwin-ppc-cc","cc:-O3 -DB_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::osx_ppc32.o:::::::::::darwin-shared:-fPIC -fno-common:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", "darwin-i386-cc","cc:-O3 -fomit-frame-pointer -fno-common -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}::darwin-shared:-fPIC:-dunamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", "debug-darwin-ppc-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DB_ENDIAN -g -Wall -O::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::osx_ppc32.o:::::::::::darwin-shared:-fPIC:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", diff --git a/Makefile.shared b/Makefile.shared index 9e9b28e2c2..1b14dd1450 100644 --- a/Makefile.shared +++ b/Makefile.shared @@ -202,6 +202,7 @@ link_o.darwin: SHLIB_SUFFIX=.dylib; \ ALLSYMSFLAGS='-all_load'; \ NOALLSYMSFLAGS=''; \ + SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS)"; \ if [ -n "$(LIBVERSION)" ]; then \ SHAREDFLAGS="$$SHAREDFLAGS -current_version $(LIBVERSION)"; \ fi; \ @@ -215,6 +216,7 @@ link_a.darwin: SHLIB_SUFFIX=.dylib; \ ALLSYMSFLAGS='-all_load'; \ NOALLSYMSFLAGS=''; \ + SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS)"; \ if [ -n "$(LIBVERSION)" ]; then \ SHAREDFLAGS="$$SHAREDFLAGS -current_version $(LIBVERSION)"; \ fi; \ -- GitLab From 3fbd5f9fea5d1563a3e85659ae968903d4dfaec5 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 23 Jun 2005 20:55:35 +0000 Subject: [PATCH 295/929] Strip the engine shared libraries as well. Submitted by Corinna Vinschen --- util/cygwin.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/util/cygwin.sh b/util/cygwin.sh index fabbf84225..89d1dda95b 100755 --- a/util/cygwin.sh +++ b/util/cygwin.sh @@ -119,7 +119,9 @@ create_cygwin_readme create_profile_files cd ${INSTALL_PREFIX} -strip usr/bin/*.exe usr/bin/*.dll +chmod u+w usr/lib/engines/*.so +strip usr/bin/*.exe usr/bin/*.dll usr/lib/engines/*.so +chmod u-w usr/lib/engines/*.so # Runtime package find etc usr/bin usr/lib/engines usr/share/doc usr/ssl/certs \ -- GitLab From 40ba0257deed3d511062473539656b1e0f6a75d5 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 23 Jun 2005 21:14:10 +0000 Subject: [PATCH 296/929] Change dir_ctrl to check for the environment variable before using the default directory instead of the other way around. PR: 1131 --- crypto/x509/by_dir.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c index 6207340472..d56679177b 100644 --- a/crypto/x509/by_dir.c +++ b/crypto/x509/by_dir.c @@ -122,19 +122,19 @@ static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, { case X509_L_ADD_DIR: if (argl == X509_FILETYPE_DEFAULT) + dir=(char *)Getenv(X509_get_default_cert_dir_env()); + if (dir) + ret=add_cert_dir(ld,dir,X509_FILETYPE_PEM); + else { ret=add_cert_dir(ld,X509_get_default_cert_dir(), X509_FILETYPE_PEM); + } if (!ret) { X509err(X509_F_DIR_CTRL,X509_R_LOADING_CERT_DIR); } - else - { - dir=(char *)Getenv(X509_get_default_cert_dir_env()); - ret=add_cert_dir(ld,dir,X509_FILETYPE_PEM); - } - } + else ret=add_cert_dir(ld,argp,(int)argl); break; -- GitLab From 7e726e42f41d80b597428c0e6103ec5e09e38500 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 23 Jun 2005 21:20:31 +0000 Subject: [PATCH 297/929] Configure update for Stratus VOS. PR: 1129 --- Configure | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/Configure b/Configure index 56ebafb053..ac3a92d3f3 100755 --- a/Configure +++ b/Configure @@ -173,10 +173,8 @@ my %table=( "cc", "cc:-O::(unknown)::::::", ####VOS Configurations -"vos-gcc","gcc:-b hppa1.1-stratus-vos -O3 -Wall -Wuninitialized -D_POSIX_C_SOURCE=200112L -D_BSD::(unknown):VOS:-Wl,-map:BN_LLONG:${no_asm}:::::.so:", -"debug-vos-gcc","gcc:-b hppa1.1-stratus-vos -O0 -g -Wall -D_POSIX_C_SOURCE=200112L -D_BSD -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG::(unknown):VOS:-Wl,-map:BN_LLONG:${no_asm}:::::.so:", -"vos-vcc","vcc:-b i386-stratus-vos -O3 -D_POSIX_C_SOURCE=200112L -D_BSD::(unknown):VOS:-Wl,-map::${no_asm}:::::.so:", -"debug-vos-vcc","vcc:-b i386-stratus-vos -O0 -g -D_POSIX_C_SOURCE=200112L -D_BSD -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG::(unknown):VOS:-Wl,-map::${no_asm}:::::.so:", +"vos-gcc","gcc:-O3 -Wall -D_POSIX_C_SOURCE=200112L -D_BSD -DB_ENDIAN::(unknown):VOS:-Wl,-map:BN_LLONG:${no_asm}:::::.so:", +"debug-vos-gcc","gcc:-O0 -g -Wall -D_POSIX_C_SOURCE=200112L -D_BSD -DB_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG::(unknown):VOS:-Wl,-map:BN_LLONG:${no_asm}:::::.so:", #### Solaris x86 with GNU C setups # -DOPENSSL_NO_INLINE_ASM switches off inline assembler. We have to do it -- GitLab From 07f7b4b470dc342457ca7a51449e91d232a2f3b2 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 23 Jun 2005 21:27:13 +0000 Subject: [PATCH 298/929] Update for Stratus VOS. PR: 1130 --- crypto/md32_common.h | 8 +++++--- crypto/md4/md4_locl.h | 4 +++- crypto/md5/md5_locl.h | 8 ++++++-- crypto/ripemd/rmd_locl.h | 8 ++++++-- crypto/sha/sha_locl.h | 24 +++++++++++++----------- 5 files changed, 33 insertions(+), 19 deletions(-) diff --git a/crypto/md32_common.h b/crypto/md32_common.h index 0cbcfaf8a2..f1c48b54da 100644 --- a/crypto/md32_common.h +++ b/crypto/md32_common.h @@ -344,9 +344,11 @@ #elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) #if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__) - /* See comment in DATA_ORDER_IS_BIG_ENDIAN section. */ -# define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4, l) -# define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4, l) +# ifndef B_ENDIAN + /* See comment in DATA_ORDER_IS_BIG_ENDIAN section. */ +# define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4, l) +# define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4, l) +# endif #endif #ifndef HOST_c2l diff --git a/crypto/md4/md4_locl.h b/crypto/md4/md4_locl.h index 7e219b17ea..abc7b9bb84 100644 --- a/crypto/md4/md4_locl.h +++ b/crypto/md4/md4_locl.h @@ -69,6 +69,7 @@ void md4_block_host_order (MD4_CTX *c, const void *p,size_t num); void md4_block_data_order (MD4_CTX *c, const void *p,size_t num); #if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) +# if !defined(B_ENDIAN) /* * *_block_host_order is expected to handle aligned data while * *_block_data_order - unaligned. As algorithm and host (x86) @@ -90,7 +91,8 @@ void md4_block_data_order (MD4_CTX *c, const void *p,size_t num); * * */ -#define md4_block_data_order md4_block_host_order +# define md4_block_data_order md4_block_host_order +# endif #endif #define DATA_ORDER_IS_LITTLE_ENDIAN diff --git a/crypto/md5/md5_locl.h b/crypto/md5/md5_locl.h index 2f5b045f36..94f395f27a 100644 --- a/crypto/md5/md5_locl.h +++ b/crypto/md5/md5_locl.h @@ -67,7 +67,9 @@ #ifdef MD5_ASM # if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) || defined(__x86_64) || defined(__x86_64__) -# define md5_block_host_order md5_block_asm_host_order +# if !defined(B_ENDIAN) +# define md5_block_host_order md5_block_asm_host_order +# endif # elif defined(__sparc) && defined(OPENSSL_SYS_ULTRASPARC) void md5_block_asm_data_order_aligned (MD5_CTX *c, const MD5_LONG *p,size_t num); # define HASH_BLOCK_DATA_ORDER_ALIGNED md5_block_asm_data_order_aligned @@ -78,6 +80,7 @@ void md5_block_host_order (MD5_CTX *c, const void *p,size_t num); void md5_block_data_order (MD5_CTX *c, const void *p,size_t num); #if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) || defined(__x86_64) || defined(__x86_64__) +# if !defined(B_ENDIAN) /* * *_block_host_order is expected to handle aligned data while * *_block_data_order - unaligned. As algorithm and host (x86) @@ -99,7 +102,8 @@ void md5_block_data_order (MD5_CTX *c, const void *p,size_t num); * * */ -#define md5_block_data_order md5_block_host_order +# define md5_block_data_order md5_block_host_order +# endif #endif #define DATA_ORDER_IS_LITTLE_ENDIAN diff --git a/crypto/ripemd/rmd_locl.h b/crypto/ripemd/rmd_locl.h index 8eb0d288d6..b52d786165 100644 --- a/crypto/ripemd/rmd_locl.h +++ b/crypto/ripemd/rmd_locl.h @@ -72,7 +72,9 @@ */ #ifdef RMD160_ASM # if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) -# define ripemd160_block_host_order ripemd160_block_asm_host_order +# if !defined(B_ENDIAN) +# define ripemd160_block_host_order ripemd160_block_asm_host_order +# endif # endif #endif @@ -80,7 +82,9 @@ void ripemd160_block_host_order (RIPEMD160_CTX *c, const void *p,size_t num); void ripemd160_block_data_order (RIPEMD160_CTX *c, const void *p,size_t num); #if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) -#define ripemd160_block_data_order ripemd160_block_host_order +# if !defined(B_ENDIAN) +# define ripemd160_block_data_order ripemd160_block_host_order +# endif #endif #define DATA_ORDER_IS_LITTLE_ENDIAN diff --git a/crypto/sha/sha_locl.h b/crypto/sha/sha_locl.h index d1f64c5fd0..4ce2db946b 100644 --- a/crypto/sha/sha_locl.h +++ b/crypto/sha/sha_locl.h @@ -115,17 +115,19 @@ # endif # ifdef SHA1_ASM -# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) -# define sha1_block_host_order sha1_block_asm_host_order -# define DONT_IMPLEMENT_BLOCK_HOST_ORDER -# define sha1_block_data_order sha1_block_asm_data_order -# define DONT_IMPLEMENT_BLOCK_DATA_ORDER -# define HASH_BLOCK_DATA_ORDER_ALIGNED sha1_block_asm_data_order -# elif defined(__ia64) || defined(__ia64__) || defined(_M_IA64) -# define sha1_block_host_order sha1_block_asm_host_order -# define DONT_IMPLEMENT_BLOCK_HOST_ORDER -# define sha1_block_data_order sha1_block_asm_data_order -# define DONT_IMPLEMENT_BLOCK_DATA_ORDER +# if !defined(B_ENDIAN) +# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) +# define sha1_block_host_order sha1_block_asm_host_order +# define DONT_IMPLEMENT_BLOCK_HOST_ORDER +# define sha1_block_data_order sha1_block_asm_data_order +# define DONT_IMPLEMENT_BLOCK_DATA_ORDER +# define HASH_BLOCK_DATA_ORDER_ALIGNED sha1_block_asm_data_order +# elif defined(__ia64) || defined(__ia64__) || defined(_M_IA64) +# define sha1_block_host_order sha1_block_asm_host_order +# define DONT_IMPLEMENT_BLOCK_HOST_ORDER +# define sha1_block_data_order sha1_block_asm_data_order +# define DONT_IMPLEMENT_BLOCK_DATA_ORDER +# endif # endif # endif void sha1_block_host_order (SHA_CTX *c, const void *p,size_t num); -- GitLab From a50a2126cfd5badf0da891b8f3cd68d0d86d2d2f Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 23 Jun 2005 21:35:20 +0000 Subject: [PATCH 299/929] DCC doesn't like argument names in returned function pointers. PR: 1122 --- ssl/ssl_lib.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 25efa29a57..383ba33298 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -2396,7 +2396,9 @@ void SSL_set_info_callback(SSL *ssl, ssl->info_callback=cb; } -void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl,int type,int val) +/* One compiler (Diab DCC) doesn't like argument names in returned + function pointer. */ +void (*SSL_get_info_callback(const SSL *ssl))(const SSL * /*ssl*/,int /*type*/,int /*val*/) { return ssl->info_callback; } -- GitLab From 7006c4ac885df681746075ad98ba4776c1f640c4 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 23 Jun 2005 21:45:32 +0000 Subject: [PATCH 300/929] The NAME section of a man page is required to have a dash followed by a short description, at least according to pod2man. PR: 1127 --- doc/crypto/OPENSSL_Applink.pod | 2 +- doc/crypto/OPENSSL_ia32cap.pod | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/crypto/OPENSSL_Applink.pod b/doc/crypto/OPENSSL_Applink.pod index f15fb695eb..e54de12cc8 100644 --- a/doc/crypto/OPENSSL_Applink.pod +++ b/doc/crypto/OPENSSL_Applink.pod @@ -2,7 +2,7 @@ =head1 NAME -OPENSSL_Applink +OPENSSL_Applink - glue between OpenSSL BIO and Win32 compiler run-time =head1 SYNOPSIS diff --git a/doc/crypto/OPENSSL_ia32cap.pod b/doc/crypto/OPENSSL_ia32cap.pod index ec6b655c17..121a8ddee5 100644 --- a/doc/crypto/OPENSSL_ia32cap.pod +++ b/doc/crypto/OPENSSL_ia32cap.pod @@ -2,7 +2,7 @@ =head1 NAME -OPENSSL_ia32cap +OPENSSL_ia32cap - finding the IA-32 processor capabilities =head1 SYNOPSIS -- GitLab From 46e7a9797eb476186018fcdc81b49792a028dce0 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 23 Jun 2005 21:49:18 +0000 Subject: [PATCH 301/929] Initialise dir to avoid a compiler warning. --- crypto/x509/by_dir.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c index d56679177b..b4a21716f2 100644 --- a/crypto/x509/by_dir.c +++ b/crypto/x509/by_dir.c @@ -114,7 +114,7 @@ static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, { int ret=0; BY_DIR *ld; - char *dir; + char *dir = NULL; ld=(BY_DIR *)ctx->method_data; -- GitLab From 00ce9376c714143a7538f39dc709a86f8a98166e Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 23 Jun 2005 21:53:52 +0000 Subject: [PATCH 302/929] Do not defined des_crypt(), since it clashes with Solaris crypt.h. PR: 1125 --- crypto/des/des_old.h | 2 +- crypto/des/destest.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/des/des_old.h b/crypto/des/des_old.h index 8a238d1ce1..9f439926c3 100644 --- a/crypto/des/des_old.h +++ b/crypto/des/des_old.h @@ -171,9 +171,9 @@ typedef struct _ossl_old_des_ks_struct DES_enc_write((f),(b),(l),&(k),(iv)) #define des_fcrypt(b,s,r)\ DES_fcrypt((b),(s),(r)) +#if 0 #define des_crypt(b,s)\ DES_crypt((b),(s)) -#if 0 #if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(__OpenBSD__) #define crypt(b,s)\ DES_crypt((b),(s)) diff --git a/crypto/des/destest.c b/crypto/des/destest.c index 4584cf3004..64b92a34fe 100644 --- a/crypto/des/destest.c +++ b/crypto/des/destest.c @@ -84,7 +84,7 @@ int main(int argc, char *argv[]) #else #include -#define crypt(c,s) (des_crypt((c),(s))) +#define crypt(c,s) (DES_crypt((c),(s))) /* tisk tisk - the test keys don't all have odd parity :-( */ /* test data */ -- GitLab From ec33a7664128ee82d450795ab305b69ea0a58529 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 23 Jun 2005 21:57:37 +0000 Subject: [PATCH 303/929] Wrap the inclusion of openssl/engine.h with a protective check for the absence of OPENSSL_NO_ENGINE. PR: 1123 --- crypto/store/str_lib.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/crypto/store/str_lib.c b/crypto/store/str_lib.c index 9a66d6d609..c0ad763e9a 100644 --- a/crypto/store/str_lib.c +++ b/crypto/store/str_lib.c @@ -59,7 +59,9 @@ #include #include #include +#ifndef OPENSSL_NO_ENGINE #include +#endif #include #include #include "str_locl.h" -- GitLab From 8bdbf507721a0fa323e7518cba9f1871d1ad283c Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 23 Jun 2005 22:08:41 +0000 Subject: [PATCH 304/929] Wrap the inclusion of openssl/engine.h with a protective check for the absence of OPENSSL_NO_ENGINE. --- crypto/ecdsa/ecdsatest.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/crypto/ecdsa/ecdsatest.c b/crypto/ecdsa/ecdsatest.c index 70f2cc4e8e..a481575417 100644 --- a/crypto/ecdsa/ecdsatest.c +++ b/crypto/ecdsa/ecdsatest.c @@ -93,7 +93,9 @@ int main(int argc, char * argv[]) #include #include #include +#ifndef OPENSSL_NO_ENGINE #include +#endif #include #include -- GitLab From 7e3033aa9342c3b901739d878751ffff9b06d686 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Fri, 24 Jun 2005 05:13:18 +0000 Subject: [PATCH 305/929] Someone did some cutting and pasting and didn't quite finish the job :-). Notified by Steffen Pankratz --- doc/apps/enc.pod | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/doc/apps/enc.pod b/doc/apps/enc.pod index 18fe7c81c7..eb3894df1d 100644 --- a/doc/apps/enc.pod +++ b/doc/apps/enc.pod @@ -211,9 +211,9 @@ Blowfish and RC5 algorithms use a 128 bit key. rc2-cbc 128 bit RC2 in CBC mode rc2 Alias for rc2-cbc - rc2-cfb 128 bit RC2 in CBC mode - rc2-ecb 128 bit RC2 in CBC mode - rc2-ofb 128 bit RC2 in CBC mode + rc2-cfb 128 bit RC2 in CFB mode + rc2-ecb 128 bit RC2 in ECB mode + rc2-ofb 128 bit RC2 in OFB mode rc2-64-cbc 64 bit RC2 in CBC mode rc2-40-cbc 40 bit RC2 in CBC mode @@ -223,9 +223,9 @@ Blowfish and RC5 algorithms use a 128 bit key. rc5-cbc RC5 cipher in CBC mode rc5 Alias for rc5-cbc - rc5-cfb RC5 cipher in CBC mode - rc5-ecb RC5 cipher in CBC mode - rc5-ofb RC5 cipher in CBC mode + rc5-cfb RC5 cipher in CFB mode + rc5-ecb RC5 cipher in ECB mode + rc5-ofb RC5 cipher in OFB mode =head1 EXAMPLES -- GitLab From 44b3a3a5e60b05f0f711a47364975aad5007bb8a Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Fri, 24 Jun 2005 10:54:36 +0000 Subject: [PATCH 306/929] Add Argen root CAs. --- certs/argena.pem | 39 +++++++++++++++++++++++++++++++++++++++ certs/argeng.pem | 23 +++++++++++++++++++++++ 2 files changed, 62 insertions(+) create mode 100644 certs/argena.pem create mode 100644 certs/argeng.pem diff --git a/certs/argena.pem b/certs/argena.pem new file mode 100644 index 0000000000..db730e38dd --- /dev/null +++ b/certs/argena.pem @@ -0,0 +1,39 @@ +-----BEGIN CERTIFICATE----- +MIIG0zCCBbugAwIBAgIBADANBgkqhkiG9w0BAQUFADCBzDELMAkGA1UEBhMCQVQx +EDAOBgNVBAgTB0F1c3RyaWExDzANBgNVBAcTBlZpZW5uYTE6MDgGA1UEChMxQVJH +RSBEQVRFTiAtIEF1c3RyaWFuIFNvY2lldHkgZm9yIERhdGEgUHJvdGVjdGlvbjEl +MCMGA1UECxMcQS1DRVJUIENlcnRpZmljYXRpb24gU2VydmljZTEYMBYGA1UEAxMP +QS1DRVJUIEFEVkFOQ0VEMR0wGwYJKoZIhvcNAQkBFg5pbmZvQGEtY2VydC5hdDAe +Fw0wNDEwMjMxNDE0MTRaFw0xMTEwMjMxNDE0MTRaMIHMMQswCQYDVQQGEwJBVDEQ +MA4GA1UECBMHQXVzdHJpYTEPMA0GA1UEBxMGVmllbm5hMTowOAYDVQQKEzFBUkdF +IERBVEVOIC0gQXVzdHJpYW4gU29jaWV0eSBmb3IgRGF0YSBQcm90ZWN0aW9uMSUw +IwYDVQQLExxBLUNFUlQgQ2VydGlmaWNhdGlvbiBTZXJ2aWNlMRgwFgYDVQQDEw9B +LUNFUlQgQURWQU5DRUQxHTAbBgkqhkiG9w0BCQEWDmluZm9AYS1jZXJ0LmF0MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3euXIy+mnf6BYKbK+QH5k679 +tUFqeT8jlZxMew8eNiHuw9KoxWBzL6KksK+5uK7Gatw+sbAYntEGE80P+Jg1hADM +e+Fr5V0bc6QS3gkVtfUCW/RIvfMM39oxvmqJmOgPnJU7H6+nmLtsq61tv9kVJi/2 +4Y5wXW3odet72sF57EoG6s78w0BUVLNcMngS9bZZzmdG3/d6JbkGgoNF/8DcgCBJ +W/t0JrcIzyppXIOVtUzzOrrU86zuUgT3Rtkl5kjG7DEHpFb9H0fTOY1v8+gRoaO6 +2gA0PCiysgVZjwgVeYe3KAg11nznyleDv198uK3Dc1oXIGYjJx2FpKWUvAuAEwID +AQABo4ICvDCCArgwHQYDVR0OBBYEFDd/Pj6ZcWDKJNSRE3nQdCm0qCTYMIH5BgNV +HSMEgfEwge6AFDd/Pj6ZcWDKJNSRE3nQdCm0qCTYoYHSpIHPMIHMMQswCQYDVQQG +EwJBVDEQMA4GA1UECBMHQXVzdHJpYTEPMA0GA1UEBxMGVmllbm5hMTowOAYDVQQK +EzFBUkdFIERBVEVOIC0gQXVzdHJpYW4gU29jaWV0eSBmb3IgRGF0YSBQcm90ZWN0 +aW9uMSUwIwYDVQQLExxBLUNFUlQgQ2VydGlmaWNhdGlvbiBTZXJ2aWNlMRgwFgYD +VQQDEw9BLUNFUlQgQURWQU5DRUQxHTAbBgkqhkiG9w0BCQEWDmluZm9AYS1jZXJ0 +LmF0ggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgHmMEcGA1UdJQRAMD4G +CCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcD +CAYKKwYBBAGCNwoDBDARBglghkgBhvhCAQEEBAMCAP8wUQYDVR0gBEowSDBGBggq +KAAYAQEBAzA6MDgGCCsGAQUFBwIBFixodHRwOi8vd3d3LmEtY2VydC5hdC9jZXJ0 +aWZpY2F0ZS1wb2xpY3kuaHRtbDA7BglghkgBhvhCAQgELhYsaHR0cDovL3d3dy5h +LWNlcnQuYXQvY2VydGlmaWNhdGUtcG9saWN5Lmh0bWwwGQYDVR0RBBIwEIEOaW5m +b0BhLWNlcnQuYXQwLwYDVR0SBCgwJoEOaW5mb0BhLWNlcnQuYXSGFGh0dHA6Ly93 +d3cuYS1jZXJ0LmF0MEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHBzOi8vc2VjdXJlLmEt +Y2VydC5hdC9jZ2ktYmluL2EtY2VydC1hZHZhbmNlZC5jZ2kwDQYJKoZIhvcNAQEF +BQADggEBACX1IvgfdG2rvfv35O48vSEvcVaEdlN8USFBHWz3JRAozgzvaBtwHkjK +Zwt5l/BWOtjbvHfRjDt7ijlBEcxOOrNC1ffyMHwHrXpvff6YpQ5wnxmIYEQcURiG +HMqruEX0WkuDNgSKwefsgXs27eeBauHgNGVcTYH1rmHu/ZyLpLxOyJQ2PCzA1DzW +3rWkIX92ogJ7lTRdWrbxwUL1XGinxnnaQ74+/y0pI9JNEv7ic2tpkweRMpkedaLW +msC1+orfKTebsg69aMaCx7o6jNONRmR/7TVaPf8/k6g52cHZ9YWjQvup22b5rWxG +J5r5LZ4vCPmF4+T4lutjUYAa/lGuQTg= +-----END CERTIFICATE----- diff --git a/certs/argeng.pem b/certs/argeng.pem new file mode 100644 index 0000000000..621e30e208 --- /dev/null +++ b/certs/argeng.pem @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIIDwzCCAyygAwIBAgIBADANBgkqhkiG9w0BAQQFADCBmDELMAkGA1UEBhMCQVQx +EDAOBgNVBAgTB0F1c3RyaWExDzANBgNVBAcTBlZpZW5uYTFCMEAGA1UEChM5QXJn +ZSBEYXRlbiBPZXN0ZXJyZWljaGlzY2hlIEdlc2VsbHNjaGFmdCBmdWVyIERhdGVu +c2NodXR6MSIwIAYJKoZIhvcNAQkBFhNhLWNlcnRAYXJnZWRhdGVuLmF0MB4XDTAx +MDIxMjExMzAzMFoXDTA5MDIxMjExMzAzMFowgZgxCzAJBgNVBAYTAkFUMRAwDgYD +VQQIEwdBdXN0cmlhMQ8wDQYDVQQHEwZWaWVubmExQjBABgNVBAoTOUFyZ2UgRGF0 +ZW4gT2VzdGVycmVpY2hpc2NoZSBHZXNlbGxzY2hhZnQgZnVlciBEYXRlbnNjaHV0 +ejEiMCAGCSqGSIb3DQEJARYTYS1jZXJ0QGFyZ2VkYXRlbi5hdDCBnzANBgkqhkiG +9w0BAQEFAAOBjQAwgYkCgYEAwgsHqoNtmmrJ86+e1I4hOVBaL4kokqKN2IPOIL+1 +XwY8vfOOUfPEdhWpaC0ldt7VYrksgDiUccgH0FROANWK2GkfKMDzjjXHysR04uEb +Om7Kqjqn0nproOGkFG+QvBZgs+Ws+HXNFJA6V76fU4+JXq4452LSK4Lr5YcBquu3 +NJECAwEAAaOCARkwggEVMB0GA1UdDgQWBBQ0j59zH/G31zRjgK1y2P//tSAWZjCB +xQYDVR0jBIG9MIG6gBQ0j59zH/G31zRjgK1y2P//tSAWZqGBnqSBmzCBmDELMAkG +A1UEBhMCQVQxEDAOBgNVBAgTB0F1c3RyaWExDzANBgNVBAcTBlZpZW5uYTFCMEAG +A1UEChM5QXJnZSBEYXRlbiBPZXN0ZXJyZWljaGlzY2hlIEdlc2VsbHNjaGFmdCBm +dWVyIERhdGVuc2NodXR6MSIwIAYJKoZIhvcNAQkBFhNhLWNlcnRAYXJnZWRhdGVu +LmF0ggEAMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMBEGCWCGSAGG+EIBAQQE +AwICBDANBgkqhkiG9w0BAQQFAAOBgQBFuJYncqMYB6gXQS3eDOI90BEHfFTKy/dV +AV+K7QdAYikWmqgBheRdPKddJdccPy/Zl/p3ZT7GhDyC5f3wZjcuu8AJ27BNwbCA +x54dgxgCNcyPm79nY8MRtEdEpoRGdSsFKJemz6hpXM++MWFciyrRWIIA44XB0Gv3 +US0spjsDPQ== +-----END CERTIFICATE----- -- GitLab From ff0bfe64afba760a245c5ede2e4cf25592128b34 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Fri, 24 Jun 2005 16:34:46 +0000 Subject: [PATCH 307/929] Replace emms with finit in x86cpuid. --- crypto/x86cpuid.pl | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/crypto/x86cpuid.pl b/crypto/x86cpuid.pl index 3d5d16bb64..4a58651f0f 100644 --- a/crypto/x86cpuid.pl +++ b/crypto/x86cpuid.pl @@ -130,9 +130,8 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); } &pxor ("xmm7","xmm7"); &set_label("no_sse2"); } - # just a bunch of fldz to zap the fp/mm bank... - &data_word(0xeed9eed9,0xeed9eed9,0xeed9eed9,0xeed9eed9); - &emms (); + # just a bunch of fldz to zap the fp/mm bank followed by finit... + &data_word(0xeed9eed9,0xeed9eed9,0xeed9eed9,0xeed9eed9,0x90e3db9b); &set_label("no_x87"); &lea ("eax",&DWP(4,"esp")); &ret (); -- GitLab From 7f85197c10f0b0d48086bc0f2b1b4c26771c7232 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Fri, 24 Jun 2005 22:23:54 +0000 Subject: [PATCH 308/929] Further successes with the latest snapshot. --- STATUS | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/STATUS b/STATUS index 74371bbfba..3b01ac8a9b 100644 --- a/STATUS +++ b/STATUS @@ -1,10 +1,19 @@ OpenSSL STATUS Last modified at - ______________ $Date: 2005/06/23 06:31:08 $ + ______________ $Date: 2005/06/24 22:23:54 $ DEVELOPMENT STATE o OpenSSL 0.9.9: Under development... + o OpenSSL 0.9.8-beta7-dev (snapshot 20050624): + OpenVMS/Alpha [7.3-2; Compaq C 6.4-005] SUCCESS + DJGPP SUCCESS + Cygwin SUCCESS + Irix 6.5.19m [MIPSpro 7.4.2m] SUCCESS + Solaris 9 [Sun Studio 8] SUCCESS + MacOS X 10.4.1 SUCCESS + Stratus VOS/PA-RISC [gcc] SUCCESS + Stratus VOS/Intel IA32 [gcc] SUCCESS o OpenSSL 0.9.8-beta6: Released on June 21th, 2005 OpenVMS/Alpha [7.3-2; Compaq C 6.4-005] SUCCESS Windows 2000 [VC-WIN32; MSVC 6.0] SUCCESS -- GitLab From ef04c9aff8045459f53dc8d6da7b7d496519a654 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Sun, 26 Jun 2005 16:14:22 +0000 Subject: [PATCH 309/929] IA64 RC4 update from HEAD [see commentary in HEAD for details]. PR: 1114 --- crypto/rc4/Makefile | 6 +++- crypto/rc4/asm/rc4-ia64.S | 65 ++++++++++++++++++++------------------- crypto/rc4/rc4.h | 4 --- crypto/rc4/rc4_enc.c | 4 --- crypto/rc4/rc4_skey.c | 4 --- 5 files changed, 39 insertions(+), 44 deletions(-) diff --git a/crypto/rc4/Makefile b/crypto/rc4/Makefile index d680347c24..6d48fb840a 100644 --- a/crypto/rc4/Makefile +++ b/crypto/rc4/Makefile @@ -54,7 +54,11 @@ rx86-out.s: asm/rc4-586.pl ../perlasm/x86asm.pl rc4-x86_64.s: asm/rc4-x86_64.pl; $(PERL) asm/rc4-x86_64.pl $@ rc4-ia64.s: asm/rc4-ia64.S - $(CC) $(CFLAGS) -E asm/rc4-ia64.S > $@ + @case `awk '/^#define RC4_INT/{print$$NF}' $(TOP)/include/openssl/opensslconf.h` in \ + int) set -x; $(CC) $(CFLAGS) -DSZ=4 -E asm/rc4-ia64.S > $@ ;; \ + char) set -x; $(CC) $(CFLAGS) -DSZ=1 -E asm/rc4-ia64.S > $@ ;; \ + *) exit 1 ;; \ + esac files: $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO diff --git a/crypto/rc4/asm/rc4-ia64.S b/crypto/rc4/asm/rc4-ia64.S index b517d2e88f..a322d0c718 100644 --- a/crypto/rc4/asm/rc4-ia64.S +++ b/crypto/rc4/asm/rc4-ia64.S @@ -7,7 +7,7 @@ // disclaimed. // ==================================================================== -.ident "rc4-ia64.S, Version 1.1" +.ident "rc4-ia64.S, Version 2.0" .ident "IA-64 ISA artwork by Andy Polyakov " // What's wrong with compiler generated code? Because of the nature of @@ -27,17 +27,10 @@ // Legitimate "collisions" do occur within every 256^2 bytes window. // Fortunately there're enough free instruction slots to keep prior // reference to key[x+1], detect "collision" and compensate for it. -// All this without sacrificing a single clock cycle:-) -// Furthermore. In order to compress loop body to the minimum, I chose -// to deploy deposit instruction, which substitutes for the whole -// key->data+((x&255)<data[0]))). This unfortunately -// requires key->data to be aligned at sizeof(key->data) boundary. -// This is why you'll find "RC4_INT pad[512-256-2];" addenum to RC4_KEY -// and "d=(RC4_INT *)(((size_t)(d+255))&~(sizeof(key->data)-1));" in -// rc4_skey.c [and rc4_enc.c, where it's retained for debugging -// purposes]. Throughput is ~210MBps on 900MHz CPU, which is is >3x -// faster than gcc generated code and +30% - if compared to HP-UX C. -// Unrolling loop below should give >30% on top of that... +// All this without sacrificing a single clock cycle:-) Throughput is +// ~210MBps on 900MHz CPU, which is is >3x faster than gcc generated +// code and +30% - if compared to HP-UX C. Unrolling loop below should +// give >30% on top of that... .text .explicit @@ -48,7 +41,9 @@ # define ADDP add #endif +#ifndef SZ #define SZ 4 // this is set to sizeof(RC4_INT) +#endif // SZ==4 seems to be optimal. At least SZ==8 is not any faster, not for // assembler implementation, while SZ==1 code is ~30% slower. #if SZ==1 // RC4_INT is unsigned char @@ -101,45 +96,53 @@ RC4: ADDP out=0,in3 brp.loop.imp .Ltop,.Lexit-16 };; { .mmi; LDKEY yy=[key] // load key->y - add ksch=(255+1)*SZ,key // as ksch will be used with - // deposit instruction only, - // I don't have to &~255... + add ksch=SZ,key mov ar.lc=in1 } { .mmi; mov key_y[1]=r0 // guarantee inequality // in first iteration add xx=1,xx mov pr.rot=1<<16 };; { .mii; nop.m 0 - dep key_x[1]=xx,ksch,OFF,8 + dep key_x[1]=xx,r0,OFF,8 mov ar.ec=3 };; // note that epilogue counter // is off by 1. I compensate // for this at exit... .Ltop: -// The loop is scheduled for 3*(n+2) spin-rate on Itanium 2, which +// The loop is scheduled for 4*(n+2) spin-rate on Itanium 2, which // theoretically gives asymptotic performance of clock frequency -// divided by 3 bytes per seconds, or 500MBps on 1.5GHz CPU. Measured -// performance however is distinctly lower than 1/4:-( The culplrit -// seems to be *(out++)=dat, which inadvertently splits the bundle, -// even though there is M-port available... Unrolling is due... -// Unrolled loop should collect output with variable shift instruction -// in order to avoid starvation for integer shifter... It should be -// possible to get pretty close to theoretical peak... -{ .mmi; (p16) LDKEY tx[0]=[key_x[1]] // tx=key[xx] - (p17) LDKEY ty[0]=[key_y[1]] // ty=key[yy] - (p18) dep rnd[1]=rnd[1],ksch,OFF,8} // &key[(tx+ty)&255] +// divided by 4 bytes per seconds, or 400MBps on 1.6GHz CPU. This is +// for sizeof(RC4_INT)==4. For smaller RC4_INT STKEY inadvertently +// splits the last bundle and you end up with 5*n spin-rate:-( +// Originally the loop was scheduled for 3*n and relied on key +// schedule to be aligned at 256*sizeof(RC4_INT) boundary. But +// *(out++)=dat, which maps to st1, had same effect [inadvertent +// bundle split] and holded the loop back. Rescheduling for 4*n +// made it possible to eliminate dependence on specific alignment +// and allow OpenSSH keep "abusing" our API. Reaching for 3*n would +// require unrolling, sticking to variable shift instruction for +// collecting output [to avoid starvation for integer shifter] and +// copying of key schedule to controlled place in stack [so that +// deposit instruction can serve as substitute for whole +// key->data+((x&255)<data[0])))]... { .mmi; (p19) st1 [out]=dat[3],1 // *(out++)=dat (p16) add xx=1,xx // x++ - (p16) cmp.ne.unc p20,p21=key_x[1],key_y[1] };; + (p18) dep rnd[1]=rnd[1],r0,OFF,8 } // ((tx+ty)&255)<x; y=key->y; d=key->data; -#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64) - /* see crypto/rc4/asm/rc4-ia64.S for further details... */ - d=(RC4_INT *)(((size_t)(d+255))&~(sizeof(key->data)-1)); -#endif #if defined(RC4_CHUNK) /* diff --git a/crypto/rc4/rc4_skey.c b/crypto/rc4/rc4_skey.c index 083b53dfb8..781ff2d8b9 100644 --- a/crypto/rc4/rc4_skey.c +++ b/crypto/rc4/rc4_skey.c @@ -93,10 +93,6 @@ void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data) unsigned int i; d= &(key->data[0]); -#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64) - /* see crypto/rc4/asm/rc4-ia64.S for further details... */ - d=(RC4_INT *)(((size_t)(d+255))&~(sizeof(key->data)-1)); -#endif key->x = 0; key->y = 0; id1=id2=0; -- GitLab From 79b81d194bf4d48974956a51f3d00f8ef48182bd Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Sun, 26 Jun 2005 17:18:45 +0000 Subject: [PATCH 310/929] Configure/TABLE update from HEAD. --- Configure | 2 +- TABLE | 74 ++++++++----------------------------------------------- 2 files changed, 11 insertions(+), 65 deletions(-) diff --git a/Configure b/Configure index ac3a92d3f3..49c6f18470 100755 --- a/Configure +++ b/Configure @@ -182,7 +182,7 @@ my %table=( # surrounds it with #APP #NO_APP comment pair which (at least Solaris # 7_x86) /usr/ccs/bin/as fails to assemble with "Illegal mnemonic" # error message. -"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -march=i486 -Wall -DL_ENDIAN -DOPENSSL_NO_INLINE_ASM::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -march=pentium -Wall -DL_ENDIAN -DOPENSSL_NO_INLINE_ASM::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # -shared -static-libgcc might appear controversial, but modules taken # from static libgcc do not have relocations and linking them into our # shared objects doesn't have any negative side-effects. On the contrary, diff --git a/TABLE b/TABLE index 7f520d50a0..3182f448fc 100644 --- a/TABLE +++ b/TABLE @@ -1005,7 +1005,7 @@ $cflags = -O3 -DB_ENDIAN $unistd = $thread_cflag = -D_REENTRANT $sys_id = MACOSX -$lflags = +$lflags = -Wl,-search_paths_first $bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR $cpuid_obj = $bn_obj = osx_ppc32.o @@ -1757,7 +1757,7 @@ $arflags = *** debug-vos-gcc $cc = gcc -$cflags = -b hppa1.1-stratus-vos -O0 -g -Wall -D_POSIX_C_SOURCE=200112L -D_BSD -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG +$cflags = -O0 -g -Wall -D_POSIX_C_SOURCE=200112L -D_BSD -DB_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG $unistd = $thread_cflag = (unknown) $sys_id = VOS @@ -1782,33 +1782,6 @@ $shared_extension = .so $ranlib = $arflags = -*** debug-vos-vcc -$cc = vcc -$cflags = -b i386-stratus-vos -O0 -g -D_POSIX_C_SOURCE=200112L -D_BSD -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -$unistd = -$thread_cflag = (unknown) -$sys_id = VOS -$lflags = -Wl,-map -$bn_ops = -$cpuid_obj = -$bn_obj = -$des_obj = -$aes_obj = -$bf_obj = -$md5_obj = -$sha1_obj = -$cast_obj = -$rc4_obj = -$rmd160_obj = -$rc5_obj = -$dso_scheme = -$shared_target= -$shared_cflag = -$shared_ldflag = -$shared_extension = .so -$ranlib = -$arflags = - *** dgux-R3-gcc $cc = gcc $cflags = -O3 -fomit-frame-pointer @@ -2412,7 +2385,7 @@ $sys_id = $lflags = $bn_ops = DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT $cpuid_obj = -$bn_obj = mips3.o +$bn_obj = bn-mips3.o $des_obj = $aes_obj = $bf_obj = @@ -2432,14 +2405,14 @@ $arflags = *** irix-mips3-gcc $cc = gcc -$cflags = -mabi=n32 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W +$cflags = -mabi=n32 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W $unistd = $thread_cflag = -D_SGI_MP_SOURCE $sys_id = $lflags = $bn_ops = MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT $cpuid_obj = -$bn_obj = mips3.o +$bn_obj = bn-mips3.o $des_obj = $aes_obj = $bf_obj = @@ -2466,7 +2439,7 @@ $sys_id = $lflags = $bn_ops = RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG $cpuid_obj = -$bn_obj = mips3.o +$bn_obj = bn-mips3.o $des_obj = $aes_obj = $bf_obj = @@ -2486,14 +2459,14 @@ $arflags = *** irix64-mips4-gcc $cc = gcc -$cflags = -mabi=64 -mips4 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W +$cflags = -mabi=64 -mips4 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W $unistd = $thread_cflag = -D_SGI_MP_SOURCE $sys_id = $lflags = $bn_ops = RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG $cpuid_obj = -$bn_obj = mips3.o +$bn_obj = bn-mips3.o $des_obj = $aes_obj = $bf_obj = @@ -3647,7 +3620,7 @@ $arflags = *** solaris-x86-gcc $cc = gcc -$cflags = -O3 -fomit-frame-pointer -march=i486 -Wall -DL_ENDIAN -DOPENSSL_NO_INLINE_ASM +$cflags = -O3 -fomit-frame-pointer -march=pentium -Wall -DL_ENDIAN -DOPENSSL_NO_INLINE_ASM $unistd = $thread_cflag = -D_REENTRANT $sys_id = @@ -4025,7 +3998,7 @@ $arflags = *** vos-gcc $cc = gcc -$cflags = -b hppa1.1-stratus-vos -O3 -Wall -Wuninitialized -D_POSIX_C_SOURCE=200112L -D_BSD +$cflags = -O3 -Wall -D_POSIX_C_SOURCE=200112L -D_BSD -DB_ENDIAN $unistd = $thread_cflag = (unknown) $sys_id = VOS @@ -4050,33 +4023,6 @@ $shared_extension = .so $ranlib = $arflags = -*** vos-vcc -$cc = vcc -$cflags = -b i386-stratus-vos -O3 -D_POSIX_C_SOURCE=200112L -D_BSD -$unistd = -$thread_cflag = (unknown) -$sys_id = VOS -$lflags = -Wl,-map -$bn_ops = -$cpuid_obj = -$bn_obj = -$des_obj = -$aes_obj = -$bf_obj = -$md5_obj = -$sha1_obj = -$cast_obj = -$rc4_obj = -$rmd160_obj = -$rc5_obj = -$dso_scheme = -$shared_target= -$shared_cflag = -$shared_ldflag = -$shared_extension = .so -$ranlib = -$arflags = - *** vxworks-mipsle $cc = ccmips $cflags = -B$(WIND_BASE)/host/$(WIND_HOST_TYPE)/lib/gcc-lib/ -DL_ENDIAN -EL -Wl,-EL -mips2 -mno-branch-likely -G 0 -fno-builtin -msoft-float -DCPU=MIPS32 -DMIPSEL -DNO_STRINGS_H -I$(WIND_BASE)/target/h -- GitLab From 2a2fa04b7b241a154cc0efd354974edf3aff7403 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Sun, 26 Jun 2005 18:10:20 +0000 Subject: [PATCH 311/929] Unify some SCO targets [from HEAD]. --- Configure | 4 +--- TABLE | 56 +------------------------------------------------------ config | 14 ++++++-------- 3 files changed, 8 insertions(+), 66 deletions(-) diff --git a/Configure b/Configure index 49c6f18470..de5366b723 100755 --- a/Configure +++ b/Configure @@ -396,9 +396,7 @@ my %table=( "unixware-2.0","cc:-DFILIO_H -DNO_STRINGS_H::-Kthread::-lsocket -lnsl -lresolv -lx:${x86_gcc_des} ${x86_gcc_opts}:::", "unixware-2.1","cc:-O -DFILIO_H::-Kthread::-lsocket -lnsl -lresolv -lx:${x86_gcc_des} ${x86_gcc_opts}:::", "unixware-7","cc:-O -DFILIO_H -Kalloca::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}:${x86_elf_asm}:dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"unixware-7-gcc","gcc:-DL_ENDIAN -DFILIO_H -O3 -fomit-frame-pointer -march=i486 -Wall::-D_REENTRANT::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:gnu-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"OpenUNIX-8","cc:-O -DFILIO_H -Kalloca::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}:${x86_elf_asm}:dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"OpenUNIX-8-gcc","gcc:-O -DFILIO_H -fomit-frame-pointer::-pthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}:${x86_elf_asm}:dlfcn:svr5-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"unixware-7-gcc","gcc:-DL_ENDIAN -DFILIO_H -O3 -fomit-frame-pointer -march=pentium -Wall::-D_REENTRANT::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:gnu-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # SCO 5 - Ben Laurie says the -O breaks the SCO cc. "sco5-cc", "cc:-belf::(unknown)::-lsocket -lnsl:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:svr3-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "sco5-gcc", "gcc:-O3 -fomit-frame-pointer::(unknown)::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:svr3-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", diff --git a/TABLE b/TABLE index 3182f448fc..bf0a1542bf 100644 --- a/TABLE +++ b/TABLE @@ -432,60 +432,6 @@ $shared_extension = $ranlib = $arflags = -*** OpenUNIX-8 -$cc = cc -$cflags = -O -DFILIO_H -Kalloca -$unistd = -$thread_cflag = -Kthread -$sys_id = -$lflags = -lsocket -lnsl -$bn_ops = BN_LLONG MD2_CHAR RC4_INDEX DES_PTR DES_RISC1 DES_UNROLL -$cpuid_obj = x86cpuid-elf.o -$bn_obj = bn86-elf.o co86-elf.o -$des_obj = dx86-elf.o yx86-elf.o -$aes_obj = ax86-elf.o -$bf_obj = bx86-elf.o -$md5_obj = mx86-elf.o -$sha1_obj = sx86-elf.o s512sse2-elf.o -$cast_obj = cx86-elf.o -$rc4_obj = rx86-elf.o -$rmd160_obj = rm86-elf.o -$rc5_obj = r586-elf.o -$dso_scheme = dlfcn -$shared_target= svr5-shared -$shared_cflag = -Kpic -$shared_ldflag = -$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR) -$ranlib = -$arflags = - -*** OpenUNIX-8-gcc -$cc = gcc -$cflags = -O -DFILIO_H -fomit-frame-pointer -$unistd = -$thread_cflag = -pthread -$sys_id = -$lflags = -lsocket -lnsl -$bn_ops = BN_LLONG MD2_CHAR RC4_INDEX DES_PTR DES_RISC1 DES_UNROLL -$cpuid_obj = x86cpuid-elf.o -$bn_obj = bn86-elf.o co86-elf.o -$des_obj = dx86-elf.o yx86-elf.o -$aes_obj = ax86-elf.o -$bf_obj = bx86-elf.o -$md5_obj = mx86-elf.o -$sha1_obj = sx86-elf.o s512sse2-elf.o -$cast_obj = cx86-elf.o -$rc4_obj = rx86-elf.o -$rmd160_obj = rm86-elf.o -$rc5_obj = r586-elf.o -$dso_scheme = dlfcn -$shared_target= svr5-shared -$shared_cflag = -fPIC -$shared_ldflag = -$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR) -$ranlib = -$arflags = - *** ReliantUNIX $cc = cc $cflags = -KPIC -g -DTERMIOS -DB_ENDIAN @@ -3971,7 +3917,7 @@ $arflags = *** unixware-7-gcc $cc = gcc -$cflags = -DL_ENDIAN -DFILIO_H -O3 -fomit-frame-pointer -march=i486 -Wall +$cflags = -DL_ENDIAN -DFILIO_H -O3 -fomit-frame-pointer -march=pentium -Wall $unistd = $thread_cflag = -D_REENTRANT $sys_id = diff --git a/config b/config index 89fa0b3e23..7008a1a659 100755 --- a/config +++ b/config @@ -84,7 +84,7 @@ if [ "x$XREL" != "x" ]; then 4.2) echo "whatever-whatever-unixware1"; exit 0 ;; - 5) + 5*) case "x${VERSION}" in # We hardcode i586 in place of ${MACHINE} for the # following reason. The catch is that even though Pentium @@ -93,8 +93,7 @@ if [ "x$XREL" != "x" ]; then # with i386 is that it makes ./config pass 386 to # ./Configure, which in turn makes make generate # inefficient SHA-1 (for this moment) code. - x7*) echo "i586-sco-unixware7"; exit 0 ;; - x8*) echo "i586-unkn-OpenUNIX${VERSION}"; exit 0 ;; + x[678]*) echo "i586-sco-unixware7"; exit 0 ;; esac ;; esac @@ -654,7 +653,7 @@ case "$GUESSOS" in ;; *-*-sunos4) OUT="sunos-$CC" ;; - *86*-*-bsdi4) OUT="bsdi-elf-gcc"; options="$options no-sse2" ;; + *86*-*-bsdi4) OUT="BSD-x86-elf"; options="$options no-sse2 -ldl" ;; alpha*-*-*bsd*) OUT="BSD-generic64; options="$options -DL_ENDIAN" ;; powerpc64-*-*bsd*) OUT="BSD-generic64; options="$options -DB_ENDIAN" ;; sparc64-*-*bsd*) OUT="BSD-sparc64" ;; @@ -675,14 +674,13 @@ case "$GUESSOS" in *-*-osf) OUT="osf1-alpha-cc" ;; *-*-tru64) OUT="tru64-alpha-cc" ;; - *-*-OpenUNIX*) + *-*-[Uu]nix[Ww]are7) if [ "$CC" = "gcc" ]; then - OUT="OpenUNIX-8-gcc" + OUT="unixware-7-gcc" ; options="$options no-sse2" else - OUT="OpenUNIX-8" + OUT="unixware-7" ; options="$options no-sse2 -D__i386__" fi ;; - *-*-[Uu]nix[Ww]are7) OUT="unixware-7"; options="$options no-sse2" ;; *-*-[Uu]nix[Ww]are20*) OUT="unixware-2.0"; options="$options no-sse2 no-sha512" ;; *-*-[Uu]nix[Ww]are21*) OUT="unixware-2.1"; options="$options no-sse2 no-sha512" ;; *-*-vos) -- GitLab From 6b3b632767a8fba79fb0e7e4d81f84f4008cb847 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Mon, 27 Jun 2005 00:43:22 +0000 Subject: [PATCH 312/929] Sync libeay.num --- util/libeay.num | 965 ++++++++++++++++++++++++------------------------ 1 file changed, 485 insertions(+), 480 deletions(-) diff --git a/util/libeay.num b/util/libeay.num index 482c65d2df..e75a4a1b17 100755 --- a/util/libeay.num +++ b/util/libeay.num @@ -2882,483 +2882,488 @@ RSA_verify_PKCS1_PSS 3321 EXIST::FUNCTION:RSA RSA_padding_add_X931 3322 EXIST::FUNCTION:RSA RSA_padding_add_PKCS1_PSS 3323 EXIST::FUNCTION:RSA PKCS1_MGF1 3324 EXIST::FUNCTION:RSA -BIO_new_dgram 3325 EXIST::FUNCTION: -BN_get0_nist_prime_384 3326 EXIST::FUNCTION: -ERR_set_mark 3327 EXIST::FUNCTION: -X509_STORE_CTX_set0_crls 3328 EXIST::FUNCTION: -ENGINE_set_STORE 3329 EXIST::FUNCTION:ENGINE -ENGINE_register_ECDSA 3330 EXIST::FUNCTION:ENGINE -STORE_method_set_list_start_function 3331 EXIST:!VMS:FUNCTION: -STORE_meth_set_list_start_fn 3331 EXIST:VMS:FUNCTION: -BN_BLINDING_invert_ex 3332 EXIST::FUNCTION: -NAME_CONSTRAINTS_free 3333 EXIST::FUNCTION: -STORE_ATTR_INFO_set_number 3334 EXIST::FUNCTION: -BN_BLINDING_get_thread_id 3335 EXIST::FUNCTION: -X509_STORE_CTX_set0_param 3336 EXIST::FUNCTION: -POLICY_MAPPING_it 3337 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -POLICY_MAPPING_it 3337 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -STORE_parse_attrs_start 3338 EXIST::FUNCTION: -POLICY_CONSTRAINTS_free 3339 EXIST::FUNCTION: -EVP_PKEY_add1_attr_by_NID 3340 EXIST::FUNCTION: -BN_nist_mod_192 3341 EXIST::FUNCTION: -EC_GROUP_get_trinomial_basis 3342 EXIST::FUNCTION:EC -STORE_set_method 3343 EXIST::FUNCTION: -GENERAL_SUBTREE_free 3344 EXIST::FUNCTION: -NAME_CONSTRAINTS_it 3345 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -NAME_CONSTRAINTS_it 3345 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -ECDH_get_default_method 3346 EXIST::FUNCTION:ECDH -PKCS12_add_safe 3347 EXIST::FUNCTION: -EC_KEY_new_by_curve_name 3348 EXIST::FUNCTION:EC -STORE_method_get_update_store_function 3349 EXIST:!VMS:FUNCTION: -STORE_meth_get_update_store_fn 3349 EXIST:VMS:FUNCTION: -ENGINE_register_ECDH 3350 EXIST::FUNCTION:ENGINE -SHA512_Update 3351 EXIST::FUNCTION:SHA,SHA512 -i2d_ECPrivateKey 3352 EXIST::FUNCTION:EC -BN_get0_nist_prime_192 3353 EXIST::FUNCTION: -STORE_modify_certificate 3354 EXIST::FUNCTION: -EC_POINT_set_affine_coordinates_GF2m 3355 EXIST:!VMS:FUNCTION:EC -EC_POINT_set_affine_coords_GF2m 3355 EXIST:VMS:FUNCTION:EC -BN_GF2m_mod_exp_arr 3356 EXIST::FUNCTION: -STORE_ATTR_INFO_modify_number 3357 EXIST::FUNCTION: -X509_keyid_get0 3358 EXIST::FUNCTION: -ENGINE_load_gmp 3359 EXIST::FUNCTION:ENGINE,GMP,STATIC_ENGINE -pitem_new 3360 EXIST::FUNCTION: -BN_GF2m_mod_mul_arr 3361 EXIST::FUNCTION: -STORE_list_public_key_endp 3362 EXIST::FUNCTION: -o2i_ECPublicKey 3363 EXIST::FUNCTION:EC -EC_KEY_copy 3364 EXIST::FUNCTION:EC -BIO_dump_fp 3365 EXIST::FUNCTION:FP_API -X509_policy_node_get0_parent 3366 EXIST::FUNCTION: -EC_GROUP_check_discriminant 3367 EXIST::FUNCTION:EC -i2o_ECPublicKey 3368 EXIST::FUNCTION:EC -EC_KEY_precompute_mult 3369 EXIST::FUNCTION:EC -a2i_IPADDRESS 3370 EXIST::FUNCTION: -STORE_method_set_initialise_function 3371 EXIST:!VMS:FUNCTION: -STORE_meth_set_initialise_fn 3371 EXIST:VMS:FUNCTION: -X509_STORE_CTX_set_depth 3372 EXIST::FUNCTION: -X509_VERIFY_PARAM_inherit 3373 EXIST::FUNCTION: -EC_POINT_point2bn 3374 EXIST::FUNCTION:EC -STORE_ATTR_INFO_set_dn 3375 EXIST::FUNCTION: -X509_policy_tree_get0_policies 3376 EXIST::FUNCTION: -EC_GROUP_new_curve_GF2m 3377 EXIST::FUNCTION:EC -STORE_destroy_method 3378 EXIST::FUNCTION: -ENGINE_unregister_STORE 3379 EXIST::FUNCTION:ENGINE -EVP_PKEY_get1_EC_KEY 3380 EXIST::FUNCTION:EC -STORE_ATTR_INFO_get0_number 3381 EXIST::FUNCTION: -ENGINE_get_default_ECDH 3382 EXIST::FUNCTION:ENGINE -EC_KEY_get_conv_form 3383 EXIST::FUNCTION:EC -ASN1_OCTET_STRING_NDEF_it 3384 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASN1_OCTET_STRING_NDEF_it 3384 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -STORE_delete_public_key 3385 EXIST::FUNCTION: -STORE_get_public_key 3386 EXIST::FUNCTION: -STORE_modify_arbitrary 3387 EXIST::FUNCTION: -ENGINE_get_static_state 3388 EXIST::FUNCTION:ENGINE -pqueue_iterator 3389 EXIST::FUNCTION: -ECDSA_SIG_new 3390 EXIST::FUNCTION:ECDSA -OPENSSL_DIR_end 3391 EXIST::FUNCTION: -BN_GF2m_mod_sqr 3392 EXIST::FUNCTION: -EC_POINT_bn2point 3393 EXIST::FUNCTION:EC -X509_VERIFY_PARAM_set_depth 3394 EXIST::FUNCTION: -EC_KEY_set_asn1_flag 3395 EXIST::FUNCTION:EC -STORE_get_method 3396 EXIST::FUNCTION: -EC_KEY_get_key_method_data 3397 EXIST::FUNCTION:EC -ECDSA_sign_ex 3398 EXIST::FUNCTION:ECDSA -STORE_parse_attrs_end 3399 EXIST::FUNCTION: -EC_GROUP_get_point_conversion_form 3400 EXIST:!VMS:FUNCTION:EC -EC_GROUP_get_point_conv_form 3400 EXIST:VMS:FUNCTION:EC -STORE_method_set_store_function 3401 EXIST::FUNCTION: -STORE_ATTR_INFO_in 3402 EXIST::FUNCTION: -PEM_read_bio_ECPKParameters 3403 EXIST::FUNCTION:EC -EC_GROUP_get_pentanomial_basis 3404 EXIST::FUNCTION:EC -EVP_PKEY_add1_attr_by_txt 3405 EXIST::FUNCTION: -BN_BLINDING_set_flags 3406 EXIST::FUNCTION: -X509_VERIFY_PARAM_set1_policies 3407 EXIST::FUNCTION: -X509_VERIFY_PARAM_set1_name 3408 EXIST::FUNCTION: -X509_VERIFY_PARAM_set_purpose 3409 EXIST::FUNCTION: -STORE_get_number 3410 EXIST::FUNCTION: -ECDSA_sign_setup 3411 EXIST::FUNCTION:ECDSA -BN_GF2m_mod_solve_quad_arr 3412 EXIST::FUNCTION: -EC_KEY_up_ref 3413 EXIST::FUNCTION:EC -POLICY_MAPPING_free 3414 EXIST::FUNCTION: -BN_GF2m_mod_div 3415 EXIST::FUNCTION: -X509_VERIFY_PARAM_set_flags 3416 EXIST::FUNCTION: -EC_KEY_free 3417 EXIST::FUNCTION:EC -STORE_method_set_list_next_function 3418 EXIST:!VMS:FUNCTION: -STORE_meth_set_list_next_fn 3418 EXIST:VMS:FUNCTION: -PEM_write_bio_ECPrivateKey 3419 EXIST::FUNCTION:EC -d2i_EC_PUBKEY 3420 EXIST::FUNCTION:EC -STORE_method_get_generate_function 3421 EXIST:!VMS:FUNCTION: -STORE_meth_get_generate_fn 3421 EXIST:VMS:FUNCTION: -STORE_method_set_list_end_function 3422 EXIST:!VMS:FUNCTION: -STORE_meth_set_list_end_fn 3422 EXIST:VMS:FUNCTION: -pqueue_print 3423 EXIST::FUNCTION: -EC_GROUP_have_precompute_mult 3424 EXIST::FUNCTION:EC -EC_KEY_print_fp 3425 EXIST::FUNCTION:EC,FP_API -BN_GF2m_mod_arr 3426 EXIST::FUNCTION: -PEM_write_bio_X509_CERT_PAIR 3427 EXIST::FUNCTION: -EVP_PKEY_cmp 3428 EXIST::FUNCTION: -X509_policy_level_node_count 3429 EXIST::FUNCTION: -STORE_new_engine 3430 EXIST::FUNCTION: -STORE_list_public_key_start 3431 EXIST::FUNCTION: -X509_VERIFY_PARAM_new 3432 EXIST::FUNCTION: -ECDH_get_ex_data 3433 EXIST::FUNCTION:ECDH -EVP_PKEY_get_attr 3434 EXIST::FUNCTION: -ECDSA_do_sign 3435 EXIST::FUNCTION:ECDSA -ENGINE_unregister_ECDH 3436 EXIST::FUNCTION:ENGINE -ECDH_OpenSSL 3437 EXIST::FUNCTION:ECDH -EC_KEY_set_conv_form 3438 EXIST::FUNCTION:EC -EC_POINT_dup 3439 EXIST::FUNCTION:EC -GENERAL_SUBTREE_new 3440 EXIST::FUNCTION: -STORE_list_crl_endp 3441 EXIST::FUNCTION: -EC_get_builtin_curves 3442 EXIST::FUNCTION:EC -X509_policy_node_get0_qualifiers 3443 EXIST:!VMS:FUNCTION: -X509_pcy_node_get0_qualifiers 3443 EXIST:VMS:FUNCTION: -STORE_list_crl_end 3444 EXIST::FUNCTION: -EVP_PKEY_set1_EC_KEY 3445 EXIST::FUNCTION:EC -BN_GF2m_mod_sqrt_arr 3446 EXIST::FUNCTION: -i2d_ECPrivateKey_bio 3447 EXIST::FUNCTION:BIO,EC -ECPKParameters_print_fp 3448 EXIST::FUNCTION:EC,FP_API -pqueue_find 3449 EXIST::FUNCTION: -ECDSA_SIG_free 3450 EXIST::FUNCTION:ECDSA -PEM_write_bio_ECPKParameters 3451 EXIST::FUNCTION:EC -STORE_method_set_ctrl_function 3452 EXIST::FUNCTION: -STORE_list_public_key_end 3453 EXIST::FUNCTION: -EC_KEY_set_private_key 3454 EXIST::FUNCTION:EC -pqueue_peek 3455 EXIST::FUNCTION: -STORE_get_arbitrary 3456 EXIST::FUNCTION: -STORE_store_crl 3457 EXIST::FUNCTION: -X509_policy_node_get0_policy 3458 EXIST::FUNCTION: -PKCS12_add_safes 3459 EXIST::FUNCTION: -BN_BLINDING_convert_ex 3460 EXIST::FUNCTION: -X509_policy_tree_free 3461 EXIST::FUNCTION: -OPENSSL_ia32cap_loc 3462 EXIST::FUNCTION: -BN_GF2m_poly2arr 3463 EXIST::FUNCTION: -STORE_ctrl 3464 EXIST::FUNCTION: -STORE_ATTR_INFO_compare 3465 EXIST::FUNCTION: -BN_get0_nist_prime_224 3466 EXIST::FUNCTION: -i2d_ECParameters 3467 EXIST::FUNCTION:EC -i2d_ECPKParameters 3468 EXIST::FUNCTION:EC -BN_GENCB_call 3469 EXIST::FUNCTION: -d2i_ECPKParameters 3470 EXIST::FUNCTION:EC -STORE_method_set_generate_function 3471 EXIST:!VMS:FUNCTION: -STORE_meth_set_generate_fn 3471 EXIST:VMS:FUNCTION: -ENGINE_set_ECDH 3472 EXIST::FUNCTION:ENGINE -NAME_CONSTRAINTS_new 3473 EXIST::FUNCTION: -SHA256_Init 3474 EXIST::FUNCTION:SHA,SHA256 -EC_KEY_get0_public_key 3475 EXIST::FUNCTION:EC -PEM_write_bio_EC_PUBKEY 3476 EXIST::FUNCTION:EC -STORE_ATTR_INFO_set_cstr 3477 EXIST::FUNCTION: -STORE_list_crl_next 3478 EXIST::FUNCTION: -STORE_ATTR_INFO_in_range 3479 EXIST::FUNCTION: -ECParameters_print 3480 EXIST::FUNCTION:BIO,EC -STORE_method_set_delete_function 3481 EXIST:!VMS:FUNCTION: -STORE_meth_set_delete_fn 3481 EXIST:VMS:FUNCTION: -STORE_list_certificate_next 3482 EXIST::FUNCTION: -ASN1_generate_nconf 3483 EXIST::FUNCTION: -BUF_memdup 3484 EXIST::FUNCTION: -BN_GF2m_mod_mul 3485 EXIST::FUNCTION: -STORE_method_get_list_next_function 3486 EXIST:!VMS:FUNCTION: -STORE_meth_get_list_next_fn 3486 EXIST:VMS:FUNCTION: -STORE_ATTR_INFO_get0_dn 3487 EXIST::FUNCTION: -STORE_list_private_key_next 3488 EXIST::FUNCTION: -EC_GROUP_set_seed 3489 EXIST::FUNCTION:EC -X509_VERIFY_PARAM_set_trust 3490 EXIST::FUNCTION: -STORE_ATTR_INFO_free 3491 EXIST::FUNCTION: -STORE_get_private_key 3492 EXIST::FUNCTION: -EVP_PKEY_get_attr_count 3493 EXIST::FUNCTION: -STORE_ATTR_INFO_new 3494 EXIST::FUNCTION: -EC_GROUP_get_curve_GF2m 3495 EXIST::FUNCTION:EC -STORE_method_set_revoke_function 3496 EXIST:!VMS:FUNCTION: -STORE_meth_set_revoke_fn 3496 EXIST:VMS:FUNCTION: -STORE_store_number 3497 EXIST::FUNCTION: -BN_is_prime_ex 3498 EXIST::FUNCTION: -STORE_revoke_public_key 3499 EXIST::FUNCTION: -X509_STORE_CTX_get0_param 3500 EXIST::FUNCTION: -STORE_delete_arbitrary 3501 EXIST::FUNCTION: -PEM_read_X509_CERT_PAIR 3502 EXIST:!WIN16:FUNCTION: -X509_STORE_set_depth 3503 EXIST::FUNCTION: -ECDSA_get_ex_data 3504 EXIST::FUNCTION:ECDSA -SHA224 3505 EXIST::FUNCTION:SHA,SHA256 -BIO_dump_indent_fp 3506 EXIST::FUNCTION:FP_API -EC_KEY_set_group 3507 EXIST::FUNCTION:EC -BUF_strndup 3508 EXIST::FUNCTION: -STORE_list_certificate_start 3509 EXIST::FUNCTION: -BN_GF2m_mod 3510 EXIST::FUNCTION: -X509_REQ_check_private_key 3511 EXIST::FUNCTION: -EC_GROUP_get_seed_len 3512 EXIST::FUNCTION:EC -ERR_load_STORE_strings 3513 EXIST::FUNCTION: -PEM_read_bio_EC_PUBKEY 3514 EXIST::FUNCTION:EC -STORE_list_private_key_end 3515 EXIST::FUNCTION: -i2d_EC_PUBKEY 3516 EXIST::FUNCTION:EC -ECDSA_get_default_method 3517 EXIST::FUNCTION:ECDSA -ASN1_put_eoc 3518 EXIST::FUNCTION: -X509_STORE_CTX_get_explicit_policy 3519 EXIST:!VMS:FUNCTION: -X509_STORE_CTX_get_expl_policy 3519 EXIST:VMS:FUNCTION: -X509_VERIFY_PARAM_table_cleanup 3520 EXIST::FUNCTION: -STORE_modify_private_key 3521 EXIST::FUNCTION: -X509_VERIFY_PARAM_free 3522 EXIST::FUNCTION: -EC_METHOD_get_field_type 3523 EXIST::FUNCTION:EC -EC_GFp_nist_method 3524 EXIST::FUNCTION:EC -STORE_method_set_modify_function 3525 EXIST:!VMS:FUNCTION: -STORE_meth_set_modify_fn 3525 EXIST:VMS:FUNCTION: -STORE_parse_attrs_next 3526 EXIST::FUNCTION: -ENGINE_load_padlock 3527 EXIST::FUNCTION:ENGINE -EC_GROUP_set_curve_name 3528 EXIST::FUNCTION:EC -X509_CERT_PAIR_it 3529 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -X509_CERT_PAIR_it 3529 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -STORE_method_get_revoke_function 3530 EXIST:!VMS:FUNCTION: -STORE_meth_get_revoke_fn 3530 EXIST:VMS:FUNCTION: -STORE_method_set_get_function 3531 EXIST::FUNCTION: -STORE_modify_number 3532 EXIST::FUNCTION: -STORE_method_get_store_function 3533 EXIST::FUNCTION: -STORE_store_private_key 3534 EXIST::FUNCTION: -BN_GF2m_mod_sqr_arr 3535 EXIST::FUNCTION: -RSA_setup_blinding 3536 EXIST::FUNCTION:RSA -BIO_s_datagram 3537 EXIST::FUNCTION:DGRAM -STORE_Memory 3538 EXIST::FUNCTION: -sk_find_ex 3539 EXIST::FUNCTION: -EC_GROUP_set_curve_GF2m 3540 EXIST::FUNCTION:EC -ENGINE_set_default_ECDSA 3541 EXIST::FUNCTION:ENGINE -POLICY_CONSTRAINTS_new 3542 EXIST::FUNCTION: -BN_GF2m_mod_sqrt 3543 EXIST::FUNCTION: -ECDH_set_default_method 3544 EXIST::FUNCTION:ECDH -EC_KEY_generate_key 3545 EXIST::FUNCTION:EC -SHA384_Update 3546 EXIST::FUNCTION:SHA,SHA512 -BN_GF2m_arr2poly 3547 EXIST::FUNCTION: -STORE_method_get_get_function 3548 EXIST::FUNCTION: -STORE_method_set_cleanup_function 3549 EXIST:!VMS:FUNCTION: -STORE_meth_set_cleanup_fn 3549 EXIST:VMS:FUNCTION: -EC_GROUP_check 3550 EXIST::FUNCTION:EC -d2i_ECPrivateKey_bio 3551 EXIST::FUNCTION:BIO,EC -EC_KEY_insert_key_method_data 3552 EXIST::FUNCTION:EC -STORE_method_get_lock_store_function 3553 EXIST:!VMS:FUNCTION: -STORE_meth_get_lock_store_fn 3553 EXIST:VMS:FUNCTION: -X509_VERIFY_PARAM_get_depth 3554 EXIST::FUNCTION: -SHA224_Final 3555 EXIST::FUNCTION:SHA,SHA256 -STORE_method_set_update_store_function 3556 EXIST:!VMS:FUNCTION: -STORE_meth_set_update_store_fn 3556 EXIST:VMS:FUNCTION: -SHA224_Update 3557 EXIST::FUNCTION:SHA,SHA256 -d2i_ECPrivateKey 3558 EXIST::FUNCTION:EC -ASN1_item_ndef_i2d 3559 EXIST::FUNCTION: -STORE_delete_private_key 3560 EXIST::FUNCTION: -ERR_pop_to_mark 3561 EXIST::FUNCTION: -ENGINE_register_all_STORE 3562 EXIST::FUNCTION:ENGINE -X509_policy_level_get0_node 3563 EXIST::FUNCTION: -i2d_PKCS7_NDEF 3564 EXIST::FUNCTION: -EC_GROUP_get_degree 3565 EXIST::FUNCTION:EC -ASN1_generate_v3 3566 EXIST::FUNCTION: -STORE_ATTR_INFO_modify_cstr 3567 EXIST::FUNCTION: -X509_policy_tree_level_count 3568 EXIST::FUNCTION: -BN_GF2m_add 3569 EXIST::FUNCTION: -EC_KEY_get0_group 3570 EXIST::FUNCTION:EC -STORE_generate_crl 3571 EXIST::FUNCTION: -STORE_store_public_key 3572 EXIST::FUNCTION: -X509_CERT_PAIR_free 3573 EXIST::FUNCTION: -STORE_revoke_private_key 3574 EXIST::FUNCTION: -BN_nist_mod_224 3575 EXIST::FUNCTION: -SHA512_Final 3576 EXIST::FUNCTION:SHA,SHA512 -STORE_ATTR_INFO_modify_dn 3577 EXIST::FUNCTION: -STORE_method_get_initialise_function 3578 EXIST:!VMS:FUNCTION: -STORE_meth_get_initialise_fn 3578 EXIST:VMS:FUNCTION: -STORE_delete_number 3579 EXIST::FUNCTION: -i2d_EC_PUBKEY_bio 3580 EXIST::FUNCTION:BIO,EC -BIO_dgram_non_fatal_error 3581 EXIST::FUNCTION: -EC_GROUP_get_asn1_flag 3582 EXIST::FUNCTION:EC -STORE_ATTR_INFO_in_ex 3583 EXIST::FUNCTION: -STORE_list_crl_start 3584 EXIST::FUNCTION: -ECDH_get_ex_new_index 3585 EXIST::FUNCTION:ECDH -STORE_method_get_modify_function 3586 EXIST:!VMS:FUNCTION: -STORE_meth_get_modify_fn 3586 EXIST:VMS:FUNCTION: -v2i_ASN1_BIT_STRING 3587 EXIST::FUNCTION: -STORE_store_certificate 3588 EXIST::FUNCTION: -OBJ_bsearch_ex 3589 EXIST::FUNCTION: -X509_STORE_CTX_set_default 3590 EXIST::FUNCTION: -STORE_ATTR_INFO_set_sha1str 3591 EXIST::FUNCTION: -BN_GF2m_mod_inv 3592 EXIST::FUNCTION: -BN_GF2m_mod_exp 3593 EXIST::FUNCTION: -STORE_modify_public_key 3594 EXIST::FUNCTION: -STORE_method_get_list_start_function 3595 EXIST:!VMS:FUNCTION: -STORE_meth_get_list_start_fn 3595 EXIST:VMS:FUNCTION: -EC_GROUP_get0_seed 3596 EXIST::FUNCTION:EC -STORE_store_arbitrary 3597 EXIST::FUNCTION: -STORE_method_set_unlock_store_function 3598 EXIST:!VMS:FUNCTION: -STORE_meth_set_unlock_store_fn 3598 EXIST:VMS:FUNCTION: -BN_GF2m_mod_div_arr 3599 EXIST::FUNCTION: -ENGINE_set_ECDSA 3600 EXIST::FUNCTION:ENGINE -STORE_create_method 3601 EXIST::FUNCTION: -ECPKParameters_print 3602 EXIST::FUNCTION:BIO,EC -EC_KEY_get0_private_key 3603 EXIST::FUNCTION:EC -PEM_write_EC_PUBKEY 3604 EXIST:!WIN16:FUNCTION:EC -X509_VERIFY_PARAM_set1 3605 EXIST::FUNCTION: -ECDH_set_method 3606 EXIST::FUNCTION:ECDH -v2i_GENERAL_NAME_ex 3607 EXIST::FUNCTION: -ECDH_set_ex_data 3608 EXIST::FUNCTION:ECDH -STORE_generate_key 3609 EXIST::FUNCTION: -BN_nist_mod_521 3610 EXIST::FUNCTION: -X509_policy_tree_get0_level 3611 EXIST::FUNCTION: -EC_GROUP_set_point_conversion_form 3612 EXIST:!VMS:FUNCTION:EC -EC_GROUP_set_point_conv_form 3612 EXIST:VMS:FUNCTION:EC -PEM_read_EC_PUBKEY 3613 EXIST:!WIN16:FUNCTION:EC -i2d_ECDSA_SIG 3614 EXIST::FUNCTION:ECDSA -ECDSA_OpenSSL 3615 EXIST::FUNCTION:ECDSA -STORE_delete_crl 3616 EXIST::FUNCTION: -EC_KEY_get_enc_flags 3617 EXIST::FUNCTION:EC -ASN1_const_check_infinite_end 3618 EXIST::FUNCTION: -EVP_PKEY_delete_attr 3619 EXIST::FUNCTION: -ECDSA_set_default_method 3620 EXIST::FUNCTION:ECDSA -EC_POINT_set_compressed_coordinates_GF2m 3621 EXIST:!VMS:FUNCTION:EC -EC_POINT_set_compr_coords_GF2m 3621 EXIST:VMS:FUNCTION:EC -EC_GROUP_cmp 3622 EXIST::FUNCTION:EC -STORE_revoke_certificate 3623 EXIST::FUNCTION: -BN_get0_nist_prime_256 3624 EXIST::FUNCTION: -STORE_method_get_delete_function 3625 EXIST:!VMS:FUNCTION: -STORE_meth_get_delete_fn 3625 EXIST:VMS:FUNCTION: -SHA224_Init 3626 EXIST::FUNCTION:SHA,SHA256 -PEM_read_ECPrivateKey 3627 EXIST:!WIN16:FUNCTION:EC -SHA512_Init 3628 EXIST::FUNCTION:SHA,SHA512 -STORE_parse_attrs_endp 3629 EXIST::FUNCTION: -BN_set_negative 3630 EXIST::FUNCTION: -ERR_load_ECDSA_strings 3631 EXIST::FUNCTION:ECDSA -EC_GROUP_get_basis_type 3632 EXIST::FUNCTION:EC -STORE_list_public_key_next 3633 EXIST::FUNCTION: -i2v_ASN1_BIT_STRING 3634 EXIST::FUNCTION: -STORE_OBJECT_free 3635 EXIST::FUNCTION: -BN_nist_mod_384 3636 EXIST::FUNCTION: -i2d_X509_CERT_PAIR 3637 EXIST::FUNCTION: -PEM_write_ECPKParameters 3638 EXIST:!WIN16:FUNCTION:EC -ECDH_compute_key 3639 EXIST::FUNCTION:ECDH -STORE_ATTR_INFO_get0_sha1str 3640 EXIST::FUNCTION: -ENGINE_register_all_ECDH 3641 EXIST::FUNCTION:ENGINE -pqueue_pop 3642 EXIST::FUNCTION: -STORE_ATTR_INFO_get0_cstr 3643 EXIST::FUNCTION: -POLICY_CONSTRAINTS_it 3644 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -POLICY_CONSTRAINTS_it 3644 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -STORE_get_ex_new_index 3645 EXIST::FUNCTION: -EVP_PKEY_get_attr_by_OBJ 3646 EXIST::FUNCTION: -X509_VERIFY_PARAM_add0_policy 3647 EXIST::FUNCTION: -BN_GF2m_mod_solve_quad 3648 EXIST::FUNCTION: -SHA256 3649 EXIST::FUNCTION:SHA,SHA256 -i2d_ECPrivateKey_fp 3650 EXIST::FUNCTION:EC,FP_API -X509_policy_tree_get0_user_policies 3651 EXIST:!VMS:FUNCTION: -X509_pcy_tree_get0_usr_policies 3651 EXIST:VMS:FUNCTION: -OPENSSL_DIR_read 3652 EXIST::FUNCTION: -ENGINE_register_all_ECDSA 3653 EXIST::FUNCTION:ENGINE -X509_VERIFY_PARAM_lookup 3654 EXIST::FUNCTION: -EC_POINT_get_affine_coordinates_GF2m 3655 EXIST:!VMS:FUNCTION:EC -EC_POINT_get_affine_coords_GF2m 3655 EXIST:VMS:FUNCTION:EC -EC_GROUP_dup 3656 EXIST::FUNCTION:EC -ENGINE_get_default_ECDSA 3657 EXIST::FUNCTION:ENGINE -EC_KEY_new 3658 EXIST::FUNCTION:EC -SHA256_Transform 3659 EXIST::FUNCTION:SHA,SHA256 -EC_KEY_set_enc_flags 3660 EXIST::FUNCTION:EC -ECDSA_verify 3661 EXIST::FUNCTION:ECDSA -EC_POINT_point2hex 3662 EXIST::FUNCTION:EC -ENGINE_get_STORE 3663 EXIST::FUNCTION:ENGINE -SHA512 3664 EXIST::FUNCTION:SHA,SHA512 -STORE_get_certificate 3665 EXIST::FUNCTION: -ECDSA_do_sign_ex 3666 EXIST::FUNCTION:ECDSA -ECDSA_do_verify 3667 EXIST::FUNCTION:ECDSA -d2i_ECPrivateKey_fp 3668 EXIST::FUNCTION:EC,FP_API -STORE_delete_certificate 3669 EXIST::FUNCTION: -SHA512_Transform 3670 EXIST::FUNCTION:SHA,SHA512 -X509_STORE_set1_param 3671 EXIST::FUNCTION: -STORE_method_get_ctrl_function 3672 EXIST::FUNCTION: -STORE_free 3673 EXIST::FUNCTION: -PEM_write_ECPrivateKey 3674 EXIST:!WIN16:FUNCTION:EC -STORE_method_get_unlock_store_function 3675 EXIST:!VMS:FUNCTION: -STORE_meth_get_unlock_store_fn 3675 EXIST:VMS:FUNCTION: -STORE_get_ex_data 3676 EXIST::FUNCTION: -EC_KEY_set_public_key 3677 EXIST::FUNCTION:EC -PEM_read_ECPKParameters 3678 EXIST:!WIN16:FUNCTION:EC -X509_CERT_PAIR_new 3679 EXIST::FUNCTION: -ENGINE_register_STORE 3680 EXIST::FUNCTION:ENGINE -RSA_generate_key_ex 3681 EXIST::FUNCTION:RSA -DSA_generate_parameters_ex 3682 EXIST::FUNCTION:DSA -ECParameters_print_fp 3683 EXIST::FUNCTION:EC,FP_API -X509V3_NAME_from_section 3684 EXIST::FUNCTION: -EVP_PKEY_add1_attr 3685 EXIST::FUNCTION: -STORE_modify_crl 3686 EXIST::FUNCTION: -STORE_list_private_key_start 3687 EXIST::FUNCTION: -POLICY_MAPPINGS_it 3688 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -POLICY_MAPPINGS_it 3688 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -GENERAL_SUBTREE_it 3689 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -GENERAL_SUBTREE_it 3689 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -EC_GROUP_get_curve_name 3690 EXIST::FUNCTION:EC -PEM_write_X509_CERT_PAIR 3691 EXIST:!WIN16:FUNCTION: -BIO_dump_indent_cb 3692 EXIST::FUNCTION: -d2i_X509_CERT_PAIR 3693 EXIST::FUNCTION: -STORE_list_private_key_endp 3694 EXIST::FUNCTION: -asn1_const_Finish 3695 EXIST::FUNCTION: -i2d_EC_PUBKEY_fp 3696 EXIST::FUNCTION:EC,FP_API -BN_nist_mod_256 3697 EXIST::FUNCTION: -X509_VERIFY_PARAM_add0_table 3698 EXIST::FUNCTION: -pqueue_free 3699 EXIST::FUNCTION: -BN_BLINDING_create_param 3700 EXIST::FUNCTION: -ECDSA_size 3701 EXIST::FUNCTION:ECDSA -d2i_EC_PUBKEY_bio 3702 EXIST::FUNCTION:BIO,EC -BN_get0_nist_prime_521 3703 EXIST::FUNCTION: -STORE_ATTR_INFO_modify_sha1str 3704 EXIST::FUNCTION: -BN_generate_prime_ex 3705 EXIST::FUNCTION: -EC_GROUP_new_by_curve_name 3706 EXIST::FUNCTION:EC -SHA256_Final 3707 EXIST::FUNCTION:SHA,SHA256 -DH_generate_parameters_ex 3708 EXIST::FUNCTION:DH -PEM_read_bio_ECPrivateKey 3709 EXIST::FUNCTION:EC -STORE_method_get_cleanup_function 3710 EXIST:!VMS:FUNCTION: -STORE_meth_get_cleanup_fn 3710 EXIST:VMS:FUNCTION: -ENGINE_get_ECDH 3711 EXIST::FUNCTION:ENGINE -d2i_ECDSA_SIG 3712 EXIST::FUNCTION:ECDSA -BN_is_prime_fasttest_ex 3713 EXIST::FUNCTION: -ECDSA_sign 3714 EXIST::FUNCTION:ECDSA -X509_policy_check 3715 EXIST::FUNCTION: -EVP_PKEY_get_attr_by_NID 3716 EXIST::FUNCTION: -STORE_set_ex_data 3717 EXIST::FUNCTION: -ENGINE_get_ECDSA 3718 EXIST::FUNCTION:ENGINE -EVP_ecdsa 3719 EXIST::FUNCTION:SHA -BN_BLINDING_get_flags 3720 EXIST::FUNCTION: -PKCS12_add_cert 3721 EXIST::FUNCTION: -STORE_OBJECT_new 3722 EXIST::FUNCTION: -ERR_load_ECDH_strings 3723 EXIST::FUNCTION:ECDH -EC_KEY_dup 3724 EXIST::FUNCTION:EC -EVP_CIPHER_CTX_rand_key 3725 EXIST::FUNCTION: -ECDSA_set_method 3726 EXIST::FUNCTION:ECDSA -a2i_IPADDRESS_NC 3727 EXIST::FUNCTION: -d2i_ECParameters 3728 EXIST::FUNCTION:EC -STORE_list_certificate_end 3729 EXIST::FUNCTION: -STORE_get_crl 3730 EXIST::FUNCTION: -X509_POLICY_NODE_print 3731 EXIST::FUNCTION: -SHA384_Init 3732 EXIST::FUNCTION:SHA,SHA512 -EC_GF2m_simple_method 3733 EXIST::FUNCTION:EC -ECDSA_set_ex_data 3734 EXIST::FUNCTION:ECDSA -SHA384_Final 3735 EXIST::FUNCTION:SHA,SHA512 -PKCS7_set_digest 3736 EXIST::FUNCTION: -EC_KEY_print 3737 EXIST::FUNCTION:BIO,EC -STORE_method_set_lock_store_function 3738 EXIST:!VMS:FUNCTION: -STORE_meth_set_lock_store_fn 3738 EXIST:VMS:FUNCTION: -ECDSA_get_ex_new_index 3739 EXIST::FUNCTION:ECDSA -SHA384 3740 EXIST::FUNCTION:SHA,SHA512 -POLICY_MAPPING_new 3741 EXIST::FUNCTION: -STORE_list_certificate_endp 3742 EXIST::FUNCTION: -X509_STORE_CTX_get0_policy_tree 3743 EXIST::FUNCTION: -EC_GROUP_set_asn1_flag 3744 EXIST::FUNCTION:EC -EC_KEY_check_key 3745 EXIST::FUNCTION:EC -d2i_EC_PUBKEY_fp 3746 EXIST::FUNCTION:EC,FP_API -PKCS7_set0_type_other 3747 EXIST::FUNCTION: -PEM_read_bio_X509_CERT_PAIR 3748 EXIST::FUNCTION: -pqueue_next 3749 EXIST::FUNCTION: -STORE_method_get_list_end_function 3750 EXIST:!VMS:FUNCTION: -STORE_meth_get_list_end_fn 3750 EXIST:VMS:FUNCTION: -EVP_PKEY_add1_attr_by_OBJ 3751 EXIST::FUNCTION: -X509_VERIFY_PARAM_set_time 3752 EXIST::FUNCTION: -pqueue_new 3753 EXIST::FUNCTION: -ENGINE_set_default_ECDH 3754 EXIST::FUNCTION:ENGINE -STORE_new_method 3755 EXIST::FUNCTION: -PKCS12_add_key 3756 EXIST::FUNCTION: -DSO_merge 3757 EXIST::FUNCTION: -EC_POINT_hex2point 3758 EXIST::FUNCTION:EC -BIO_dump_cb 3759 EXIST::FUNCTION: -SHA256_Update 3760 EXIST::FUNCTION:SHA,SHA256 -pqueue_insert 3761 EXIST::FUNCTION: -pitem_free 3762 EXIST::FUNCTION: -BN_GF2m_mod_inv_arr 3763 EXIST::FUNCTION: -ENGINE_unregister_ECDSA 3764 EXIST::FUNCTION:ENGINE -BN_BLINDING_set_thread_id 3765 EXIST::FUNCTION: +BN_X931_generate_Xpq 3325 NOEXIST::FUNCTION: +RSA_X931_generate_key 3326 NOEXIST::FUNCTION: +BN_X931_derive_prime 3327 NOEXIST::FUNCTION: +BN_X931_generate_prime 3328 NOEXIST::FUNCTION: +RSA_X931_derive 3329 NOEXIST::FUNCTION: +BIO_new_dgram 3330 EXIST::FUNCTION: +BN_get0_nist_prime_384 3331 EXIST::FUNCTION: +ERR_set_mark 3332 EXIST::FUNCTION: +X509_STORE_CTX_set0_crls 3333 EXIST::FUNCTION: +ENGINE_set_STORE 3334 EXIST::FUNCTION:ENGINE +ENGINE_register_ECDSA 3335 EXIST::FUNCTION:ENGINE +STORE_method_set_list_start_function 3336 EXIST:!VMS:FUNCTION: +STORE_meth_set_list_start_fn 3336 EXIST:VMS:FUNCTION: +BN_BLINDING_invert_ex 3337 EXIST::FUNCTION: +NAME_CONSTRAINTS_free 3338 EXIST::FUNCTION: +STORE_ATTR_INFO_set_number 3339 EXIST::FUNCTION: +BN_BLINDING_get_thread_id 3340 EXIST::FUNCTION: +X509_STORE_CTX_set0_param 3341 EXIST::FUNCTION: +POLICY_MAPPING_it 3342 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +POLICY_MAPPING_it 3342 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +STORE_parse_attrs_start 3343 EXIST::FUNCTION: +POLICY_CONSTRAINTS_free 3344 EXIST::FUNCTION: +EVP_PKEY_add1_attr_by_NID 3345 EXIST::FUNCTION: +BN_nist_mod_192 3346 EXIST::FUNCTION: +EC_GROUP_get_trinomial_basis 3347 EXIST::FUNCTION:EC +STORE_set_method 3348 EXIST::FUNCTION: +GENERAL_SUBTREE_free 3349 EXIST::FUNCTION: +NAME_CONSTRAINTS_it 3350 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +NAME_CONSTRAINTS_it 3350 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ECDH_get_default_method 3351 EXIST::FUNCTION:ECDH +PKCS12_add_safe 3352 EXIST::FUNCTION: +EC_KEY_new_by_curve_name 3353 EXIST::FUNCTION:EC +STORE_method_get_update_store_function 3354 EXIST:!VMS:FUNCTION: +STORE_meth_get_update_store_fn 3354 EXIST:VMS:FUNCTION: +ENGINE_register_ECDH 3355 EXIST::FUNCTION:ENGINE +SHA512_Update 3356 EXIST::FUNCTION:SHA,SHA512 +i2d_ECPrivateKey 3357 EXIST::FUNCTION:EC +BN_get0_nist_prime_192 3358 EXIST::FUNCTION: +STORE_modify_certificate 3359 EXIST::FUNCTION: +EC_POINT_set_affine_coordinates_GF2m 3360 EXIST:!VMS:FUNCTION:EC +EC_POINT_set_affine_coords_GF2m 3360 EXIST:VMS:FUNCTION:EC +BN_GF2m_mod_exp_arr 3361 EXIST::FUNCTION: +STORE_ATTR_INFO_modify_number 3362 EXIST::FUNCTION: +X509_keyid_get0 3363 EXIST::FUNCTION: +ENGINE_load_gmp 3364 EXIST::FUNCTION:ENGINE,GMP,STATIC_ENGINE +pitem_new 3365 EXIST::FUNCTION: +BN_GF2m_mod_mul_arr 3366 EXIST::FUNCTION: +STORE_list_public_key_endp 3367 EXIST::FUNCTION: +o2i_ECPublicKey 3368 EXIST::FUNCTION:EC +EC_KEY_copy 3369 EXIST::FUNCTION:EC +BIO_dump_fp 3370 EXIST::FUNCTION:FP_API +X509_policy_node_get0_parent 3371 EXIST::FUNCTION: +EC_GROUP_check_discriminant 3372 EXIST::FUNCTION:EC +i2o_ECPublicKey 3373 EXIST::FUNCTION:EC +EC_KEY_precompute_mult 3374 EXIST::FUNCTION:EC +a2i_IPADDRESS 3375 EXIST::FUNCTION: +STORE_method_set_initialise_function 3376 EXIST:!VMS:FUNCTION: +STORE_meth_set_initialise_fn 3376 EXIST:VMS:FUNCTION: +X509_STORE_CTX_set_depth 3377 EXIST::FUNCTION: +X509_VERIFY_PARAM_inherit 3378 EXIST::FUNCTION: +EC_POINT_point2bn 3379 EXIST::FUNCTION:EC +STORE_ATTR_INFO_set_dn 3380 EXIST::FUNCTION: +X509_policy_tree_get0_policies 3381 EXIST::FUNCTION: +EC_GROUP_new_curve_GF2m 3382 EXIST::FUNCTION:EC +STORE_destroy_method 3383 EXIST::FUNCTION: +ENGINE_unregister_STORE 3384 EXIST::FUNCTION:ENGINE +EVP_PKEY_get1_EC_KEY 3385 EXIST::FUNCTION:EC +STORE_ATTR_INFO_get0_number 3386 EXIST::FUNCTION: +ENGINE_get_default_ECDH 3387 EXIST::FUNCTION:ENGINE +EC_KEY_get_conv_form 3388 EXIST::FUNCTION:EC +ASN1_OCTET_STRING_NDEF_it 3389 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_OCTET_STRING_NDEF_it 3389 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +STORE_delete_public_key 3390 EXIST::FUNCTION: +STORE_get_public_key 3391 EXIST::FUNCTION: +STORE_modify_arbitrary 3392 EXIST::FUNCTION: +ENGINE_get_static_state 3393 EXIST::FUNCTION:ENGINE +pqueue_iterator 3394 EXIST::FUNCTION: +ECDSA_SIG_new 3395 EXIST::FUNCTION:ECDSA +OPENSSL_DIR_end 3396 EXIST::FUNCTION: +BN_GF2m_mod_sqr 3397 EXIST::FUNCTION: +EC_POINT_bn2point 3398 EXIST::FUNCTION:EC +X509_VERIFY_PARAM_set_depth 3399 EXIST::FUNCTION: +EC_KEY_set_asn1_flag 3400 EXIST::FUNCTION:EC +STORE_get_method 3401 EXIST::FUNCTION: +EC_KEY_get_key_method_data 3402 EXIST::FUNCTION:EC +ECDSA_sign_ex 3403 EXIST::FUNCTION:ECDSA +STORE_parse_attrs_end 3404 EXIST::FUNCTION: +EC_GROUP_get_point_conversion_form 3405 EXIST:!VMS:FUNCTION:EC +EC_GROUP_get_point_conv_form 3405 EXIST:VMS:FUNCTION:EC +STORE_method_set_store_function 3406 EXIST::FUNCTION: +STORE_ATTR_INFO_in 3407 EXIST::FUNCTION: +PEM_read_bio_ECPKParameters 3408 EXIST::FUNCTION:EC +EC_GROUP_get_pentanomial_basis 3409 EXIST::FUNCTION:EC +EVP_PKEY_add1_attr_by_txt 3410 EXIST::FUNCTION: +BN_BLINDING_set_flags 3411 EXIST::FUNCTION: +X509_VERIFY_PARAM_set1_policies 3412 EXIST::FUNCTION: +X509_VERIFY_PARAM_set1_name 3413 EXIST::FUNCTION: +X509_VERIFY_PARAM_set_purpose 3414 EXIST::FUNCTION: +STORE_get_number 3415 EXIST::FUNCTION: +ECDSA_sign_setup 3416 EXIST::FUNCTION:ECDSA +BN_GF2m_mod_solve_quad_arr 3417 EXIST::FUNCTION: +EC_KEY_up_ref 3418 EXIST::FUNCTION:EC +POLICY_MAPPING_free 3419 EXIST::FUNCTION: +BN_GF2m_mod_div 3420 EXIST::FUNCTION: +X509_VERIFY_PARAM_set_flags 3421 EXIST::FUNCTION: +EC_KEY_free 3422 EXIST::FUNCTION:EC +STORE_method_set_list_next_function 3423 EXIST:!VMS:FUNCTION: +STORE_meth_set_list_next_fn 3423 EXIST:VMS:FUNCTION: +PEM_write_bio_ECPrivateKey 3424 EXIST::FUNCTION:EC +d2i_EC_PUBKEY 3425 EXIST::FUNCTION:EC +STORE_method_get_generate_function 3426 EXIST:!VMS:FUNCTION: +STORE_meth_get_generate_fn 3426 EXIST:VMS:FUNCTION: +STORE_method_set_list_end_function 3427 EXIST:!VMS:FUNCTION: +STORE_meth_set_list_end_fn 3427 EXIST:VMS:FUNCTION: +pqueue_print 3428 EXIST::FUNCTION: +EC_GROUP_have_precompute_mult 3429 EXIST::FUNCTION:EC +EC_KEY_print_fp 3430 EXIST::FUNCTION:EC,FP_API +BN_GF2m_mod_arr 3431 EXIST::FUNCTION: +PEM_write_bio_X509_CERT_PAIR 3432 EXIST::FUNCTION: +EVP_PKEY_cmp 3433 EXIST::FUNCTION: +X509_policy_level_node_count 3434 EXIST::FUNCTION: +STORE_new_engine 3435 EXIST::FUNCTION: +STORE_list_public_key_start 3436 EXIST::FUNCTION: +X509_VERIFY_PARAM_new 3437 EXIST::FUNCTION: +ECDH_get_ex_data 3438 EXIST::FUNCTION:ECDH +EVP_PKEY_get_attr 3439 EXIST::FUNCTION: +ECDSA_do_sign 3440 EXIST::FUNCTION:ECDSA +ENGINE_unregister_ECDH 3441 EXIST::FUNCTION:ENGINE +ECDH_OpenSSL 3442 EXIST::FUNCTION:ECDH +EC_KEY_set_conv_form 3443 EXIST::FUNCTION:EC +EC_POINT_dup 3444 EXIST::FUNCTION:EC +GENERAL_SUBTREE_new 3445 EXIST::FUNCTION: +STORE_list_crl_endp 3446 EXIST::FUNCTION: +EC_get_builtin_curves 3447 EXIST::FUNCTION:EC +X509_policy_node_get0_qualifiers 3448 EXIST:!VMS:FUNCTION: +X509_pcy_node_get0_qualifiers 3448 EXIST:VMS:FUNCTION: +STORE_list_crl_end 3449 EXIST::FUNCTION: +EVP_PKEY_set1_EC_KEY 3450 EXIST::FUNCTION:EC +BN_GF2m_mod_sqrt_arr 3451 EXIST::FUNCTION: +i2d_ECPrivateKey_bio 3452 EXIST::FUNCTION:BIO,EC +ECPKParameters_print_fp 3453 EXIST::FUNCTION:EC,FP_API +pqueue_find 3454 EXIST::FUNCTION: +ECDSA_SIG_free 3455 EXIST::FUNCTION:ECDSA +PEM_write_bio_ECPKParameters 3456 EXIST::FUNCTION:EC +STORE_method_set_ctrl_function 3457 EXIST::FUNCTION: +STORE_list_public_key_end 3458 EXIST::FUNCTION: +EC_KEY_set_private_key 3459 EXIST::FUNCTION:EC +pqueue_peek 3460 EXIST::FUNCTION: +STORE_get_arbitrary 3461 EXIST::FUNCTION: +STORE_store_crl 3462 EXIST::FUNCTION: +X509_policy_node_get0_policy 3463 EXIST::FUNCTION: +PKCS12_add_safes 3464 EXIST::FUNCTION: +BN_BLINDING_convert_ex 3465 EXIST::FUNCTION: +X509_policy_tree_free 3466 EXIST::FUNCTION: +OPENSSL_ia32cap_loc 3467 EXIST::FUNCTION: +BN_GF2m_poly2arr 3468 EXIST::FUNCTION: +STORE_ctrl 3469 EXIST::FUNCTION: +STORE_ATTR_INFO_compare 3470 EXIST::FUNCTION: +BN_get0_nist_prime_224 3471 EXIST::FUNCTION: +i2d_ECParameters 3472 EXIST::FUNCTION:EC +i2d_ECPKParameters 3473 EXIST::FUNCTION:EC +BN_GENCB_call 3474 EXIST::FUNCTION: +d2i_ECPKParameters 3475 EXIST::FUNCTION:EC +STORE_method_set_generate_function 3476 EXIST:!VMS:FUNCTION: +STORE_meth_set_generate_fn 3476 EXIST:VMS:FUNCTION: +ENGINE_set_ECDH 3477 EXIST::FUNCTION:ENGINE +NAME_CONSTRAINTS_new 3478 EXIST::FUNCTION: +SHA256_Init 3479 EXIST::FUNCTION:SHA,SHA256 +EC_KEY_get0_public_key 3480 EXIST::FUNCTION:EC +PEM_write_bio_EC_PUBKEY 3481 EXIST::FUNCTION:EC +STORE_ATTR_INFO_set_cstr 3482 EXIST::FUNCTION: +STORE_list_crl_next 3483 EXIST::FUNCTION: +STORE_ATTR_INFO_in_range 3484 EXIST::FUNCTION: +ECParameters_print 3485 EXIST::FUNCTION:BIO,EC +STORE_method_set_delete_function 3486 EXIST:!VMS:FUNCTION: +STORE_meth_set_delete_fn 3486 EXIST:VMS:FUNCTION: +STORE_list_certificate_next 3487 EXIST::FUNCTION: +ASN1_generate_nconf 3488 EXIST::FUNCTION: +BUF_memdup 3489 EXIST::FUNCTION: +BN_GF2m_mod_mul 3490 EXIST::FUNCTION: +STORE_method_get_list_next_function 3491 EXIST:!VMS:FUNCTION: +STORE_meth_get_list_next_fn 3491 EXIST:VMS:FUNCTION: +STORE_ATTR_INFO_get0_dn 3492 EXIST::FUNCTION: +STORE_list_private_key_next 3493 EXIST::FUNCTION: +EC_GROUP_set_seed 3494 EXIST::FUNCTION:EC +X509_VERIFY_PARAM_set_trust 3495 EXIST::FUNCTION: +STORE_ATTR_INFO_free 3496 EXIST::FUNCTION: +STORE_get_private_key 3497 EXIST::FUNCTION: +EVP_PKEY_get_attr_count 3498 EXIST::FUNCTION: +STORE_ATTR_INFO_new 3499 EXIST::FUNCTION: +EC_GROUP_get_curve_GF2m 3500 EXIST::FUNCTION:EC +STORE_method_set_revoke_function 3501 EXIST:!VMS:FUNCTION: +STORE_meth_set_revoke_fn 3501 EXIST:VMS:FUNCTION: +STORE_store_number 3502 EXIST::FUNCTION: +BN_is_prime_ex 3503 EXIST::FUNCTION: +STORE_revoke_public_key 3504 EXIST::FUNCTION: +X509_STORE_CTX_get0_param 3505 EXIST::FUNCTION: +STORE_delete_arbitrary 3506 EXIST::FUNCTION: +PEM_read_X509_CERT_PAIR 3507 EXIST:!WIN16:FUNCTION: +X509_STORE_set_depth 3508 EXIST::FUNCTION: +ECDSA_get_ex_data 3509 EXIST::FUNCTION:ECDSA +SHA224 3510 EXIST::FUNCTION:SHA,SHA256 +BIO_dump_indent_fp 3511 EXIST::FUNCTION:FP_API +EC_KEY_set_group 3512 EXIST::FUNCTION:EC +BUF_strndup 3513 EXIST::FUNCTION: +STORE_list_certificate_start 3514 EXIST::FUNCTION: +BN_GF2m_mod 3515 EXIST::FUNCTION: +X509_REQ_check_private_key 3516 EXIST::FUNCTION: +EC_GROUP_get_seed_len 3517 EXIST::FUNCTION:EC +ERR_load_STORE_strings 3518 EXIST::FUNCTION: +PEM_read_bio_EC_PUBKEY 3519 EXIST::FUNCTION:EC +STORE_list_private_key_end 3520 EXIST::FUNCTION: +i2d_EC_PUBKEY 3521 EXIST::FUNCTION:EC +ECDSA_get_default_method 3522 EXIST::FUNCTION:ECDSA +ASN1_put_eoc 3523 EXIST::FUNCTION: +X509_STORE_CTX_get_explicit_policy 3524 EXIST:!VMS:FUNCTION: +X509_STORE_CTX_get_expl_policy 3524 EXIST:VMS:FUNCTION: +X509_VERIFY_PARAM_table_cleanup 3525 EXIST::FUNCTION: +STORE_modify_private_key 3526 EXIST::FUNCTION: +X509_VERIFY_PARAM_free 3527 EXIST::FUNCTION: +EC_METHOD_get_field_type 3528 EXIST::FUNCTION:EC +EC_GFp_nist_method 3529 EXIST::FUNCTION:EC +STORE_method_set_modify_function 3530 EXIST:!VMS:FUNCTION: +STORE_meth_set_modify_fn 3530 EXIST:VMS:FUNCTION: +STORE_parse_attrs_next 3531 EXIST::FUNCTION: +ENGINE_load_padlock 3532 EXIST::FUNCTION:ENGINE +EC_GROUP_set_curve_name 3533 EXIST::FUNCTION:EC +X509_CERT_PAIR_it 3534 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_CERT_PAIR_it 3534 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +STORE_method_get_revoke_function 3535 EXIST:!VMS:FUNCTION: +STORE_meth_get_revoke_fn 3535 EXIST:VMS:FUNCTION: +STORE_method_set_get_function 3536 EXIST::FUNCTION: +STORE_modify_number 3537 EXIST::FUNCTION: +STORE_method_get_store_function 3538 EXIST::FUNCTION: +STORE_store_private_key 3539 EXIST::FUNCTION: +BN_GF2m_mod_sqr_arr 3540 EXIST::FUNCTION: +RSA_setup_blinding 3541 EXIST::FUNCTION:RSA +BIO_s_datagram 3542 EXIST::FUNCTION:DGRAM +STORE_Memory 3543 EXIST::FUNCTION: +sk_find_ex 3544 EXIST::FUNCTION: +EC_GROUP_set_curve_GF2m 3545 EXIST::FUNCTION:EC +ENGINE_set_default_ECDSA 3546 EXIST::FUNCTION:ENGINE +POLICY_CONSTRAINTS_new 3547 EXIST::FUNCTION: +BN_GF2m_mod_sqrt 3548 EXIST::FUNCTION: +ECDH_set_default_method 3549 EXIST::FUNCTION:ECDH +EC_KEY_generate_key 3550 EXIST::FUNCTION:EC +SHA384_Update 3551 EXIST::FUNCTION:SHA,SHA512 +BN_GF2m_arr2poly 3552 EXIST::FUNCTION: +STORE_method_get_get_function 3553 EXIST::FUNCTION: +STORE_method_set_cleanup_function 3554 EXIST:!VMS:FUNCTION: +STORE_meth_set_cleanup_fn 3554 EXIST:VMS:FUNCTION: +EC_GROUP_check 3555 EXIST::FUNCTION:EC +d2i_ECPrivateKey_bio 3556 EXIST::FUNCTION:BIO,EC +EC_KEY_insert_key_method_data 3557 EXIST::FUNCTION:EC +STORE_method_get_lock_store_function 3558 EXIST:!VMS:FUNCTION: +STORE_meth_get_lock_store_fn 3558 EXIST:VMS:FUNCTION: +X509_VERIFY_PARAM_get_depth 3559 EXIST::FUNCTION: +SHA224_Final 3560 EXIST::FUNCTION:SHA,SHA256 +STORE_method_set_update_store_function 3561 EXIST:!VMS:FUNCTION: +STORE_meth_set_update_store_fn 3561 EXIST:VMS:FUNCTION: +SHA224_Update 3562 EXIST::FUNCTION:SHA,SHA256 +d2i_ECPrivateKey 3563 EXIST::FUNCTION:EC +ASN1_item_ndef_i2d 3564 EXIST::FUNCTION: +STORE_delete_private_key 3565 EXIST::FUNCTION: +ERR_pop_to_mark 3566 EXIST::FUNCTION: +ENGINE_register_all_STORE 3567 EXIST::FUNCTION:ENGINE +X509_policy_level_get0_node 3568 EXIST::FUNCTION: +i2d_PKCS7_NDEF 3569 EXIST::FUNCTION: +EC_GROUP_get_degree 3570 EXIST::FUNCTION:EC +ASN1_generate_v3 3571 EXIST::FUNCTION: +STORE_ATTR_INFO_modify_cstr 3572 EXIST::FUNCTION: +X509_policy_tree_level_count 3573 EXIST::FUNCTION: +BN_GF2m_add 3574 EXIST::FUNCTION: +EC_KEY_get0_group 3575 EXIST::FUNCTION:EC +STORE_generate_crl 3576 EXIST::FUNCTION: +STORE_store_public_key 3577 EXIST::FUNCTION: +X509_CERT_PAIR_free 3578 EXIST::FUNCTION: +STORE_revoke_private_key 3579 EXIST::FUNCTION: +BN_nist_mod_224 3580 EXIST::FUNCTION: +SHA512_Final 3581 EXIST::FUNCTION:SHA,SHA512 +STORE_ATTR_INFO_modify_dn 3582 EXIST::FUNCTION: +STORE_method_get_initialise_function 3583 EXIST:!VMS:FUNCTION: +STORE_meth_get_initialise_fn 3583 EXIST:VMS:FUNCTION: +STORE_delete_number 3584 EXIST::FUNCTION: +i2d_EC_PUBKEY_bio 3585 EXIST::FUNCTION:BIO,EC +BIO_dgram_non_fatal_error 3586 EXIST::FUNCTION: +EC_GROUP_get_asn1_flag 3587 EXIST::FUNCTION:EC +STORE_ATTR_INFO_in_ex 3588 EXIST::FUNCTION: +STORE_list_crl_start 3589 EXIST::FUNCTION: +ECDH_get_ex_new_index 3590 EXIST::FUNCTION:ECDH +STORE_method_get_modify_function 3591 EXIST:!VMS:FUNCTION: +STORE_meth_get_modify_fn 3591 EXIST:VMS:FUNCTION: +v2i_ASN1_BIT_STRING 3592 EXIST::FUNCTION: +STORE_store_certificate 3593 EXIST::FUNCTION: +OBJ_bsearch_ex 3594 EXIST::FUNCTION: +X509_STORE_CTX_set_default 3595 EXIST::FUNCTION: +STORE_ATTR_INFO_set_sha1str 3596 EXIST::FUNCTION: +BN_GF2m_mod_inv 3597 EXIST::FUNCTION: +BN_GF2m_mod_exp 3598 EXIST::FUNCTION: +STORE_modify_public_key 3599 EXIST::FUNCTION: +STORE_method_get_list_start_function 3600 EXIST:!VMS:FUNCTION: +STORE_meth_get_list_start_fn 3600 EXIST:VMS:FUNCTION: +EC_GROUP_get0_seed 3601 EXIST::FUNCTION:EC +STORE_store_arbitrary 3602 EXIST::FUNCTION: +STORE_method_set_unlock_store_function 3603 EXIST:!VMS:FUNCTION: +STORE_meth_set_unlock_store_fn 3603 EXIST:VMS:FUNCTION: +BN_GF2m_mod_div_arr 3604 EXIST::FUNCTION: +ENGINE_set_ECDSA 3605 EXIST::FUNCTION:ENGINE +STORE_create_method 3606 EXIST::FUNCTION: +ECPKParameters_print 3607 EXIST::FUNCTION:BIO,EC +EC_KEY_get0_private_key 3608 EXIST::FUNCTION:EC +PEM_write_EC_PUBKEY 3609 EXIST:!WIN16:FUNCTION:EC +X509_VERIFY_PARAM_set1 3610 EXIST::FUNCTION: +ECDH_set_method 3611 EXIST::FUNCTION:ECDH +v2i_GENERAL_NAME_ex 3612 EXIST::FUNCTION: +ECDH_set_ex_data 3613 EXIST::FUNCTION:ECDH +STORE_generate_key 3614 EXIST::FUNCTION: +BN_nist_mod_521 3615 EXIST::FUNCTION: +X509_policy_tree_get0_level 3616 EXIST::FUNCTION: +EC_GROUP_set_point_conversion_form 3617 EXIST:!VMS:FUNCTION:EC +EC_GROUP_set_point_conv_form 3617 EXIST:VMS:FUNCTION:EC +PEM_read_EC_PUBKEY 3618 EXIST:!WIN16:FUNCTION:EC +i2d_ECDSA_SIG 3619 EXIST::FUNCTION:ECDSA +ECDSA_OpenSSL 3620 EXIST::FUNCTION:ECDSA +STORE_delete_crl 3621 EXIST::FUNCTION: +EC_KEY_get_enc_flags 3622 EXIST::FUNCTION:EC +ASN1_const_check_infinite_end 3623 EXIST::FUNCTION: +EVP_PKEY_delete_attr 3624 EXIST::FUNCTION: +ECDSA_set_default_method 3625 EXIST::FUNCTION:ECDSA +EC_POINT_set_compressed_coordinates_GF2m 3626 EXIST:!VMS:FUNCTION:EC +EC_POINT_set_compr_coords_GF2m 3626 EXIST:VMS:FUNCTION:EC +EC_GROUP_cmp 3627 EXIST::FUNCTION:EC +STORE_revoke_certificate 3628 EXIST::FUNCTION: +BN_get0_nist_prime_256 3629 EXIST::FUNCTION: +STORE_method_get_delete_function 3630 EXIST:!VMS:FUNCTION: +STORE_meth_get_delete_fn 3630 EXIST:VMS:FUNCTION: +SHA224_Init 3631 EXIST::FUNCTION:SHA,SHA256 +PEM_read_ECPrivateKey 3632 EXIST:!WIN16:FUNCTION:EC +SHA512_Init 3633 EXIST::FUNCTION:SHA,SHA512 +STORE_parse_attrs_endp 3634 EXIST::FUNCTION: +BN_set_negative 3635 EXIST::FUNCTION: +ERR_load_ECDSA_strings 3636 EXIST::FUNCTION:ECDSA +EC_GROUP_get_basis_type 3637 EXIST::FUNCTION:EC +STORE_list_public_key_next 3638 EXIST::FUNCTION: +i2v_ASN1_BIT_STRING 3639 EXIST::FUNCTION: +STORE_OBJECT_free 3640 EXIST::FUNCTION: +BN_nist_mod_384 3641 EXIST::FUNCTION: +i2d_X509_CERT_PAIR 3642 EXIST::FUNCTION: +PEM_write_ECPKParameters 3643 EXIST:!WIN16:FUNCTION:EC +ECDH_compute_key 3644 EXIST::FUNCTION:ECDH +STORE_ATTR_INFO_get0_sha1str 3645 EXIST::FUNCTION: +ENGINE_register_all_ECDH 3646 EXIST::FUNCTION:ENGINE +pqueue_pop 3647 EXIST::FUNCTION: +STORE_ATTR_INFO_get0_cstr 3648 EXIST::FUNCTION: +POLICY_CONSTRAINTS_it 3649 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +POLICY_CONSTRAINTS_it 3649 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +STORE_get_ex_new_index 3650 EXIST::FUNCTION: +EVP_PKEY_get_attr_by_OBJ 3651 EXIST::FUNCTION: +X509_VERIFY_PARAM_add0_policy 3652 EXIST::FUNCTION: +BN_GF2m_mod_solve_quad 3653 EXIST::FUNCTION: +SHA256 3654 EXIST::FUNCTION:SHA,SHA256 +i2d_ECPrivateKey_fp 3655 EXIST::FUNCTION:EC,FP_API +X509_policy_tree_get0_user_policies 3656 EXIST:!VMS:FUNCTION: +X509_pcy_tree_get0_usr_policies 3656 EXIST:VMS:FUNCTION: +OPENSSL_DIR_read 3657 EXIST::FUNCTION: +ENGINE_register_all_ECDSA 3658 EXIST::FUNCTION:ENGINE +X509_VERIFY_PARAM_lookup 3659 EXIST::FUNCTION: +EC_POINT_get_affine_coordinates_GF2m 3660 EXIST:!VMS:FUNCTION:EC +EC_POINT_get_affine_coords_GF2m 3660 EXIST:VMS:FUNCTION:EC +EC_GROUP_dup 3661 EXIST::FUNCTION:EC +ENGINE_get_default_ECDSA 3662 EXIST::FUNCTION:ENGINE +EC_KEY_new 3663 EXIST::FUNCTION:EC +SHA256_Transform 3664 EXIST::FUNCTION:SHA,SHA256 +EC_KEY_set_enc_flags 3665 EXIST::FUNCTION:EC +ECDSA_verify 3666 EXIST::FUNCTION:ECDSA +EC_POINT_point2hex 3667 EXIST::FUNCTION:EC +ENGINE_get_STORE 3668 EXIST::FUNCTION:ENGINE +SHA512 3669 EXIST::FUNCTION:SHA,SHA512 +STORE_get_certificate 3670 EXIST::FUNCTION: +ECDSA_do_sign_ex 3671 EXIST::FUNCTION:ECDSA +ECDSA_do_verify 3672 EXIST::FUNCTION:ECDSA +d2i_ECPrivateKey_fp 3673 EXIST::FUNCTION:EC,FP_API +STORE_delete_certificate 3674 EXIST::FUNCTION: +SHA512_Transform 3675 EXIST::FUNCTION:SHA,SHA512 +X509_STORE_set1_param 3676 EXIST::FUNCTION: +STORE_method_get_ctrl_function 3677 EXIST::FUNCTION: +STORE_free 3678 EXIST::FUNCTION: +PEM_write_ECPrivateKey 3679 EXIST:!WIN16:FUNCTION:EC +STORE_method_get_unlock_store_function 3680 EXIST:!VMS:FUNCTION: +STORE_meth_get_unlock_store_fn 3680 EXIST:VMS:FUNCTION: +STORE_get_ex_data 3681 EXIST::FUNCTION: +EC_KEY_set_public_key 3682 EXIST::FUNCTION:EC +PEM_read_ECPKParameters 3683 EXIST:!WIN16:FUNCTION:EC +X509_CERT_PAIR_new 3684 EXIST::FUNCTION: +ENGINE_register_STORE 3685 EXIST::FUNCTION:ENGINE +RSA_generate_key_ex 3686 EXIST::FUNCTION:RSA +DSA_generate_parameters_ex 3687 EXIST::FUNCTION:DSA +ECParameters_print_fp 3688 EXIST::FUNCTION:EC,FP_API +X509V3_NAME_from_section 3689 EXIST::FUNCTION: +EVP_PKEY_add1_attr 3690 EXIST::FUNCTION: +STORE_modify_crl 3691 EXIST::FUNCTION: +STORE_list_private_key_start 3692 EXIST::FUNCTION: +POLICY_MAPPINGS_it 3693 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +POLICY_MAPPINGS_it 3693 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +GENERAL_SUBTREE_it 3694 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +GENERAL_SUBTREE_it 3694 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EC_GROUP_get_curve_name 3695 EXIST::FUNCTION:EC +PEM_write_X509_CERT_PAIR 3696 EXIST:!WIN16:FUNCTION: +BIO_dump_indent_cb 3697 EXIST::FUNCTION: +d2i_X509_CERT_PAIR 3698 EXIST::FUNCTION: +STORE_list_private_key_endp 3699 EXIST::FUNCTION: +asn1_const_Finish 3700 EXIST::FUNCTION: +i2d_EC_PUBKEY_fp 3701 EXIST::FUNCTION:EC,FP_API +BN_nist_mod_256 3702 EXIST::FUNCTION: +X509_VERIFY_PARAM_add0_table 3703 EXIST::FUNCTION: +pqueue_free 3704 EXIST::FUNCTION: +BN_BLINDING_create_param 3705 EXIST::FUNCTION: +ECDSA_size 3706 EXIST::FUNCTION:ECDSA +d2i_EC_PUBKEY_bio 3707 EXIST::FUNCTION:BIO,EC +BN_get0_nist_prime_521 3708 EXIST::FUNCTION: +STORE_ATTR_INFO_modify_sha1str 3709 EXIST::FUNCTION: +BN_generate_prime_ex 3710 EXIST::FUNCTION: +EC_GROUP_new_by_curve_name 3711 EXIST::FUNCTION:EC +SHA256_Final 3712 EXIST::FUNCTION:SHA,SHA256 +DH_generate_parameters_ex 3713 EXIST::FUNCTION:DH +PEM_read_bio_ECPrivateKey 3714 EXIST::FUNCTION:EC +STORE_method_get_cleanup_function 3715 EXIST:!VMS:FUNCTION: +STORE_meth_get_cleanup_fn 3715 EXIST:VMS:FUNCTION: +ENGINE_get_ECDH 3716 EXIST::FUNCTION:ENGINE +d2i_ECDSA_SIG 3717 EXIST::FUNCTION:ECDSA +BN_is_prime_fasttest_ex 3718 EXIST::FUNCTION: +ECDSA_sign 3719 EXIST::FUNCTION:ECDSA +X509_policy_check 3720 EXIST::FUNCTION: +EVP_PKEY_get_attr_by_NID 3721 EXIST::FUNCTION: +STORE_set_ex_data 3722 EXIST::FUNCTION: +ENGINE_get_ECDSA 3723 EXIST::FUNCTION:ENGINE +EVP_ecdsa 3724 EXIST::FUNCTION:SHA +BN_BLINDING_get_flags 3725 EXIST::FUNCTION: +PKCS12_add_cert 3726 EXIST::FUNCTION: +STORE_OBJECT_new 3727 EXIST::FUNCTION: +ERR_load_ECDH_strings 3728 EXIST::FUNCTION:ECDH +EC_KEY_dup 3729 EXIST::FUNCTION:EC +EVP_CIPHER_CTX_rand_key 3730 EXIST::FUNCTION: +ECDSA_set_method 3731 EXIST::FUNCTION:ECDSA +a2i_IPADDRESS_NC 3732 EXIST::FUNCTION: +d2i_ECParameters 3733 EXIST::FUNCTION:EC +STORE_list_certificate_end 3734 EXIST::FUNCTION: +STORE_get_crl 3735 EXIST::FUNCTION: +X509_POLICY_NODE_print 3736 EXIST::FUNCTION: +SHA384_Init 3737 EXIST::FUNCTION:SHA,SHA512 +EC_GF2m_simple_method 3738 EXIST::FUNCTION:EC +ECDSA_set_ex_data 3739 EXIST::FUNCTION:ECDSA +SHA384_Final 3740 EXIST::FUNCTION:SHA,SHA512 +PKCS7_set_digest 3741 EXIST::FUNCTION: +EC_KEY_print 3742 EXIST::FUNCTION:BIO,EC +STORE_method_set_lock_store_function 3743 EXIST:!VMS:FUNCTION: +STORE_meth_set_lock_store_fn 3743 EXIST:VMS:FUNCTION: +ECDSA_get_ex_new_index 3744 EXIST::FUNCTION:ECDSA +SHA384 3745 EXIST::FUNCTION:SHA,SHA512 +POLICY_MAPPING_new 3746 EXIST::FUNCTION: +STORE_list_certificate_endp 3747 EXIST::FUNCTION: +X509_STORE_CTX_get0_policy_tree 3748 EXIST::FUNCTION: +EC_GROUP_set_asn1_flag 3749 EXIST::FUNCTION:EC +EC_KEY_check_key 3750 EXIST::FUNCTION:EC +d2i_EC_PUBKEY_fp 3751 EXIST::FUNCTION:EC,FP_API +PKCS7_set0_type_other 3752 EXIST::FUNCTION: +PEM_read_bio_X509_CERT_PAIR 3753 EXIST::FUNCTION: +pqueue_next 3754 EXIST::FUNCTION: +STORE_method_get_list_end_function 3755 EXIST:!VMS:FUNCTION: +STORE_meth_get_list_end_fn 3755 EXIST:VMS:FUNCTION: +EVP_PKEY_add1_attr_by_OBJ 3756 EXIST::FUNCTION: +X509_VERIFY_PARAM_set_time 3757 EXIST::FUNCTION: +pqueue_new 3758 EXIST::FUNCTION: +ENGINE_set_default_ECDH 3759 EXIST::FUNCTION:ENGINE +STORE_new_method 3760 EXIST::FUNCTION: +PKCS12_add_key 3761 EXIST::FUNCTION: +DSO_merge 3762 EXIST::FUNCTION: +EC_POINT_hex2point 3763 EXIST::FUNCTION:EC +BIO_dump_cb 3764 EXIST::FUNCTION: +SHA256_Update 3765 EXIST::FUNCTION:SHA,SHA256 +pqueue_insert 3766 EXIST::FUNCTION: +pitem_free 3767 EXIST::FUNCTION: +BN_GF2m_mod_inv_arr 3768 EXIST::FUNCTION: +ENGINE_unregister_ECDSA 3769 EXIST::FUNCTION:ENGINE +BN_BLINDING_set_thread_id 3770 EXIST::FUNCTION: -- GitLab From 71a61c573ed1597d127e94b5356ca4f6b81dc974 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Mon, 27 Jun 2005 15:58:55 +0000 Subject: [PATCH 313/929] Fix typos in apps/apps.c. --- apps/apps.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/apps/apps.c b/apps/apps.c index fb9f72fbea..9ae3e16ed3 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -1604,8 +1604,9 @@ int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix) { if (errno != ENOENT #ifdef ENOTDIR - && errno != ENOTDIR) + && errno != ENOTDIR #endif + ) goto err; } else @@ -1893,8 +1894,9 @@ int rotate_index(const char *dbfile, const char *new_suffix, const char *old_suf { if (errno != ENOENT #ifdef ENOTDIR - && errno != ENOTDIR) + && errno != ENOTDIR #endif + ) goto err; } else @@ -1929,8 +1931,9 @@ int rotate_index(const char *dbfile, const char *new_suffix, const char *old_suf { if (errno != ENOENT #ifdef ENOTDIR - && errno != ENOTDIR) + && errno != ENOTDIR #endif + ) goto err; } else -- GitLab From beae6324e5ef9b62500f9ddf6eb34541f4027dd9 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Mon, 27 Jun 2005 21:21:12 +0000 Subject: [PATCH 314/929] Eliminate dependency on UNICODE macro. --- crypto/dso/dso_win32.c | 21 ++++++++++++++++++++- ssl/kssl.c | 2 +- 2 files changed, 21 insertions(+), 2 deletions(-) diff --git a/crypto/dso/dso_win32.c b/crypto/dso/dso_win32.c index e6eaa99005..f019376b0f 100644 --- a/crypto/dso/dso_win32.c +++ b/crypto/dso/dso_win32.c @@ -68,6 +68,25 @@ DSO_METHOD *DSO_METHOD_win32(void) } #else +#ifdef _WIN32_WCE +# if _WIN32_WCE < 300 +static FARPROC GetProcAddressA(HMODULE hModule,LPCSTR lpProcName) + { + WCHAR lpProcNameW[64]; + int i; + + for (i=0;lpProcName[i] && i<64;i++) + lpProcNameW[i] = (WCHAR)lpProcName[i]; + if (i==64) return NULL; + lpProcNameW[i] = 0; + + return GetProcAddressW(hModule,lpProcNameW); + } +# endif +# undef GetProcAddress +# define GetProcAddress GetProcAddressA +#endif + /* Part of the hack in "win32_load" ... */ #define DSO_MAX_TRANSLATED_SIZE 256 @@ -127,7 +146,7 @@ static int win32_load(DSO *dso) DSOerr(DSO_F_WIN32_LOAD,DSO_R_NO_FILENAME); goto err; } - h = LoadLibrary(filename); + h = LoadLibraryA(filename); if(h == NULL) { DSOerr(DSO_F_WIN32_LOAD,DSO_R_LOAD_FAILED); diff --git a/ssl/kssl.c b/ssl/kssl.c index 26e3b2f3ea..ffa8d52e70 100644 --- a/ssl/kssl.c +++ b/ssl/kssl.c @@ -297,7 +297,7 @@ load_krb5_dll(void) HANDLE hKRB5_32; krb5_loaded++; - hKRB5_32 = LoadLibrary("KRB5_32"); + hKRB5_32 = LoadLibrary(TEXT("KRB5_32")); if (!hKRB5_32) return; -- GitLab From 0215c018616cef31506ac960f0e521eca9488d93 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 28 Jun 2005 05:55:24 +0000 Subject: [PATCH 315/929] There are a few showstoppers. Unfortunately, I only remember one. Please fill this in. --- STATUS | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/STATUS b/STATUS index 3b01ac8a9b..cf3cf7b5c6 100644 --- a/STATUS +++ b/STATUS @@ -1,6 +1,6 @@ OpenSSL STATUS Last modified at - ______________ $Date: 2005/06/24 22:23:54 $ + ______________ $Date: 2005/06/28 05:55:24 $ DEVELOPMENT STATE @@ -70,6 +70,7 @@ RELEASE SHOWSTOPPERS + o The Makefiles fail with some SysV makes. o AVAILABLE PATCHES -- GitLab From a24b7eeb874b61028d6ca187e971781439c544c8 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Tue, 28 Jun 2005 09:10:19 +0000 Subject: [PATCH 316/929] Makefile updates from HEAD [see http://cvs.openssl.org/chngview?cn=14099 for further details]. --- Makefile.org | 101 ++++++++++++++++++++--------------------------- apps/Makefile | 7 ++-- crypto/Makefile | 87 ++++++++++------------------------------ engines/Makefile | 2 +- test/Makefile | 2 +- 5 files changed, 67 insertions(+), 132 deletions(-) diff --git a/Makefile.org b/Makefile.org index 88fa37625e..ba60f70696 100644 --- a/Makefile.org +++ b/Makefile.org @@ -112,6 +112,8 @@ SDIRS= \ buffer bio stack lhash rand err \ evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \ store pqueue +# keep in mind that the above list is adjusted by ./Configure +# according to no-xxx arguments... # tests to perform. "alltests" is a special word indicating that all tests # should be performed. @@ -146,6 +148,22 @@ HEADER= e_os.h all: Makefile build_all openssl.pc +# as we stick to -e, CLEARENV ensures that local variables in lower +# Makefiles remain local and variable. $${VAR+VAR} is tribute to Korn +# shell, which [annoyingly enough] terminates unset with error if VAR +# is not present:-( TOP= && unset TOP is tribute to HP-UX /bin/sh, +# which terminates unset with error if no variable was present:-( +CLEARENV= TOP= && unset TOP $${LIB+LIB} $${LIBS+LIBS} \ + $${INCLUDE+INCLUDE} $${INCLUDES+INCLUDES} \ + $${DIR+DIR} $${DIRS+DIRS} $${SRC+SRC} \ + $${LIBSRC+LIBSRC} $${LIBOBJ+LIBOBJ} $${ALL+ALL} \ + $${EXHEADER+EXHEADER} $${HEADER+HEADER} \ + $${GENERAL+GENERAL} $${CFLAGS+CFLAGS} \ + $${ASFLAGS+ASFLAGS} $${AFLAGS+AFLAGS} \ + $${LDCMD+LDCMD} $${LDFLAGS+LDFLAGS} \ + $${SHAREDCMD+SHAREDCMD} $${SHAREDFLAGS+SHAREDFLAGS} \ + $${SHARED_LIB+SHARED_LIB} $${LIBEXTRAS+LIBEXTRAS} + BUILDENV= PLATFORM='${PLATFORM}' PROCESSOR='${PROCESSOR}' \ CC='${CC}' CFLAG='${CFLAG}' \ AS='${CC}' ASFLAG='${CFLAG} -c' \ @@ -153,10 +171,10 @@ BUILDENV= PLATFORM='${PLATFORM}' PROCESSOR='${PROCESSOR}' \ SDIRS='${SDIRS}' LIBRPATH='${INSTALLTOP}/lib' \ INSTALL_PREFIX='${INSTALL_PREFIX}' \ INSTALLTOP='${INSTALLTOP}' OPENSSLDIR='${OPENSSLDIR}' \ - MAKEDEPEND='$${TOP}/util/domd $${TOP} -MD ${MAKEDEPPROG}' \ + MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD ${MAKEDEPPROG}' \ DEPFLAG='-DOPENSSL_NO_DEPRECATED ${DEPFLAG}' \ MAKEDEPPROG='${MAKEDEPPROG}' \ - LDFLAGS='${LDFLAGS}' SHARED_LDFLAGS='${SHARED_LDFLAGS}' \ + SHARED_LDFLAGS='${SHARED_LDFLAGS}' \ KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' \ EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' \ SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' \ @@ -169,18 +187,19 @@ BUILDENV= PLATFORM='${PLATFORM}' PROCESSOR='${PROCESSOR}' \ SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' \ MD5_ASM_OBJ='${MD5_ASM_OBJ}' \ RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' \ - THIS=$${THIS:-$@} + THIS=$${THIS:-$@} MAKEFILE=Makefile MAKEOVERRIDES= +# MAKEOVERRIDES= effectively "equalizes" GNU-ish and SysV-ish make flavors, +# which in turn eliminates ambiguities in variable treatment with -e. -BUILD_CMD=if echo " $(DIRS) " | grep " $$dir " >/dev/null 2>/dev/null; then \ - if [ -d "$$dir" ]; then \ - (cd $$dir && echo "making $$target in $$dir..." && \ - $(MAKE) $(BUILDENV) BUILDENV="$(BUILDENV)" $$target ) || exit 1; \ - else \ - $(MAKE) $$dir; \ - fi; fi +BUILD_CMD= if [ -d "$$dir" ]; then \ + ( cd $$dir && echo "making $$target in $$dir..." && \ + $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. DIR=$$dir $$target \ + ) || exit 1; \ + fi +RECURSIVE_BUILD_CMD=for dir in $(DIRS); do $(BUILD_CMD); done reflect: - @[ -n "$(THIS)" ] && $(MAKE) $(THIS) $(BUILDENV) + @[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV) sub_all: build_all build_all: build_libs build_apps build_tests build_tools @@ -250,7 +269,7 @@ do_$(SHLIB_TARGET): if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ libs="$(LIBKRB5) $$libs"; \ fi; \ - $(MAKE) -f Makefile.shared $(BUILDENV) \ + $(CLEARENV) && $(MAKE) -f Makefile.shared -e $(BUILDENV) \ LIBNAME=$$i LIBVERSION=${SHLIB_MAJOR}.${SHLIB_MINOR} \ LIBCOMPATVERSIONS=";${SHLIB_VERSION_HISTORY}" \ LIBDEPS="$$libs $(EX_LIBS)" \ @@ -281,14 +300,8 @@ libclean: clean: libclean rm -f shlib/*.o *.o core a.out fluff rehash.time testlog make.log cctest cctest.c - @set -e; for i in $(DIRS) ;\ - do \ - if [ -d "$$i" ]; then \ - (cd $$i && echo "making clean in $$i..." && \ - $(MAKE) SDIRS='${SDIRS}' clean ) || exit 1; \ - rm -f $(LIBS); \ - fi; \ - done; + @set -e; target=clean; $(RECURSIVE_BUILD_CMD) + rm -f $(LIBS) rm -f openssl.pc rm -f speed.* .pure rm -f $(TARFILE) @@ -303,32 +316,20 @@ makefile.one: files files: $(PERL) $(TOP)/util/files.pl Makefile > $(TOP)/MINFO - @set -e; for i in $(DIRS) ;\ - do \ - if [ -d "$$i" ]; then \ - (cd $$i && echo "making 'files' in $$i..." && \ - $(MAKE) SDIRS='${SDIRS}' PERL='${PERL}' files ) || exit 1; \ - fi; \ - done; + @set -e; target=files; $(RECURSIVE_BUILD_CMD) links: @$(PERL) $(TOP)/util/mkdir-p.pl include/openssl @$(PERL) $(TOP)/util/mklink.pl include/openssl $(EXHEADER) - @set -e; target=links; for dir in $(DIRS); do $(BUILD_CMD); done + @set -e; target=links; $(RECURSIVE_BUILD_CMD) gentests: @(cd test && echo "generating dummy tests (if needed)..." && \ - $(MAKE) $(BUILDENV) TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on generate ); + $(CLEARENV) && $(MAKE) -e $(BUILDENV) TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on generate ); dclean: rm -f *.bak - @set -e; for i in $(DIRS) ;\ - do \ - if [ -d "$$i" ]; then \ - (cd $$i && echo "making dclean in $$i..." && \ - $(MAKE) SDIRS='${SDIRS}' PERL='${PERL}' dclean ) || exit 1; \ - fi; \ - done; + @set -e; target=dclean; $(RECURSIVE_BUILD_CMD) rehash: rehash.time rehash.time: certs @@ -342,29 +343,17 @@ test: tests tests: rehash @(cd test && echo "testing..." && \ - $(MAKE) $(BUILDENV) TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on tests ); + $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on tests ); util/opensslwrap.sh version -a report: @$(PERL) util/selftest.pl depend: - @set -e; for i in $(DIRS) ;\ - do \ - if [ -d "$$i" ]; then \ - (cd $$i && echo "making dependencies $$i..." && \ - $(MAKE) $(BUILDENV) depend ) || exit 1; \ - fi; \ - done; + @set -e; target=depend; $(RECURSIVE_BUILD_CMD) lint: - @set -e; for i in $(DIRS) ;\ - do \ - if [ -d "$$i" ]; then \ - (cd $$i && echo "making lint $$i..." && \ - $(MAKE) SDIRS='${SDIRS}' lint ) || exit 1; \ - fi; \ - done; + @set -e; target=lint; $(RECURSIVE_BUILD_CMD) tags: rm -f TAGS @@ -435,7 +424,7 @@ dist: @$(MAKE) TAR='${TAR}' TARFLAGS='${TARFLAGS}' tar dist_pem_h: - (cd crypto/pem; $(MAKE) $(BUILDENV) pem.h; $(MAKE) clean) + (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean) install: all install_docs install_sw @@ -453,13 +442,7 @@ install_sw: (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ done; - @set -e; for i in $(DIRS) ;\ - do \ - if [ -d "$$i" ]; then \ - (cd $$i; echo "installing $$i..."; \ - $(MAKE) $(BUILDENV) install ); \ - fi; \ - done + @set -e; target=install; $(RECURSIVE_BUILD_CMD) @set -e; for i in $(LIBS) ;\ do \ if [ -f "$$i" ]; then \ diff --git a/apps/Makefile b/apps/Makefile index b6565cca20..0c215e16bc 100644 --- a/apps/Makefile +++ b/apps/Makefile @@ -86,7 +86,7 @@ req: sreq.o $(A_OBJ) $(DLIBCRYPTO) shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \ shlib_target="$(SHLIB_TARGET)"; \ fi; \ - $(MAKE) -f $(TOP)/Makefile.shared $(BUILDENV) \ + $(MAKE) -f $(TOP)/Makefile.shared -e \ APPNAME=req OBJECTS="sreq.o $(A_OBJ) $(RAND_OBJ)" \ LIBDEPS="$(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)" \ link_app.$${shlib_target} @@ -158,11 +158,10 @@ $(EXE): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL) else \ LIBRARIES="$(LIBSSL) $(LIBKRB5) $(LIBCRYPTO)" ; \ fi; \ - $(MAKE) -f $(TOP)/Makefile.shared $(BUILDENV) \ + $(MAKE) -f $(TOP)/Makefile.shared -e \ APPNAME=$(EXE) OBJECTS="$(PROGRAM).o $(E_OBJ)" \ LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \ link_app.$${shlib_target} - @case "../*.dll" in *\**) ;; *) cp -p ../*.dll .;; esac -(cd ..; \ OPENSSL="`pwd`/util/opensslwrap.sh"; export OPENSSL; \ $(PERL) tools/c_rehash certs) @@ -835,7 +834,7 @@ speed.o: ../include/openssl/safestack.h ../include/openssl/sha.h speed.o: ../include/openssl/stack.h ../include/openssl/symhacks.h speed.o: ../include/openssl/txt_db.h ../include/openssl/ui.h speed.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h -speed.o: ../include/openssl/x509_vfy.h apps.h speed.c testdsa.h testrsa.h +speed.o: ../include/openssl/x509_vfy.h testdsa.h testrsa.h apps.h speed.c spkac.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h spkac.o: ../include/openssl/buffer.h ../include/openssl/conf.h spkac.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h diff --git a/crypto/Makefile b/crypto/Makefile index ee6e507dc7..879e593d89 100644 --- a/crypto/Makefile +++ b/crypto/Makefile @@ -15,6 +15,11 @@ MAKEFILE= Makefile RM= rm -f AR= ar r +RECURSIVE_MAKE= [ -n "$(SDIRS)" ] && for i in $(SDIRS) ; do \ + (cd $$i && echo "making $$target in $(DIR)/$$i..." && \ + $(MAKE) -e TOP=../.. DIR=$$i INCLUDES='${INCLUDES}' $$target ) || exit 1; \ + done; + PEX_LIBS= EX_LIBS= @@ -24,14 +29,6 @@ AFLAGS=$(ASFLAGS) LIBS= -SDIRS= objects \ - md2 md4 md5 sha mdc2 hmac ripemd \ - des rc2 rc4 rc5 idea bf cast \ - bn ec rsa dsa ecdsa ecdh dh dso engine aes \ - buffer bio stack lhash rand err \ - evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \ - store pqueue - GENERAL=Makefile README crypto-lib.com install.com LIB= $(TOP)/libcrypto.a @@ -79,34 +76,23 @@ ia64cpuid.s: ia64cpuid.S $(CC) $(CFLAGS) -E ia64cpuid.S > $@ testapps: - [ -z "$(THIS)" ] || ( if echo ${SDIRS} | fgrep ' des '; \ - then cd des && $(MAKE) des; fi ) - [ -z "$(THIS)" ] || ( cd pkcs7 && $(MAKE) testapps ); + [ -z "$(THIS)" ] || ( if echo ${SDIRS} | fgrep ' des '; \ + then cd des && $(MAKE) -e des; fi ) + [ -z "$(THIS)" ] || ( cd pkcs7 && $(MAKE) -e testapps ); @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi subdirs: - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making all in crypto/$$i..." && \ - $(MAKE) $(BUILDENV) INCLUDES='${INCLUDES}' all ) || exit 1; \ - done; + @target=all; $(RECURSIVE_MAKE) files: $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making 'files' in crypto/$$i..." && \ - $(MAKE) files ); \ - done; + @target=files; $(RECURSIVE_MAKE) links: @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) @$(PERL) $(TOP)/util/mklink.pl ../test $(TEST) @$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS) - @for i in $(SDIRS); do \ - (cd $$i && echo "making links in crypto/$$i..." && \ - $(MAKE) links ); \ - done; + @target=links; $(RECURSIVE_MAKE) lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) @@ -119,19 +105,7 @@ shared: buildinf.h lib subdirs fi libs: - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making libs in crypto/$$i..." && \ - $(MAKE) lib ); - done; - -tests: - @[ -z "$(THIS)" ] || (for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making tests in crypto/$$i..." && \ - $(MAKE) tests ); \ - done; ) - @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi + @target=lib; $(RECURSIVE_MAKE) install: @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @@ -140,47 +114,26 @@ install: (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ done; - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making install in crypto/$$i..." && \ - $(MAKE) install ); \ - done; + @target=install; $(RECURSIVE_MAKE) lint: - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making lint in crypto/$$i..." && \ - $(MAKE) lint ); \ - done; + @target=lint; $(RECURSIVE_MAKE) depend: - [ -z "$(THIS)" -o -f buildinf.h ] || touch buildinf.h # fake buildinf.h if it does not exist - [ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDE) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - [ -z "$(THIS)" -o -s buildinf.h ] || rm buildinf.h - @[ -z "$(THIS)" ] || (set -e; \ - for i in $(SDIRS) ; do \ - ( cd $$i && echo "making depend in crypto/$$i..." && \ - $(MAKE) INCLUDES='${INCLUDES}' depend \ - ); \ - done; ) + @[ -z "$(THIS)" -o -f buildinf.h ] || touch buildinf.h # fake buildinf.h if it does not exist + @[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDE) $(DEPFLAG) -- $(PROGS) $(LIBSRC) + @[ -z "$(THIS)" -o -s buildinf.h ] || rm buildinf.h + @[ -z "$(THIS)" ] || (set -e; target=depend; $(RECURSIVE_MAKE) ) @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi clean: rm -f buildinf.h *.s *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making clean in crypto/$$i..." && \ - $(MAKE) clean ); \ - done; + @target=clean; $(RECURSIVE_MAKE) dclean: $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new mv -f Makefile.new $(MAKEFILE) - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making dclean in crypto/$$i..." && \ - $(MAKE) dclean ); \ - done; + @target=dclean; $(RECURSIVE_MAKE) # DO NOT DELETE THIS LINE -- make depend depends on it. diff --git a/engines/Makefile b/engines/Makefile index 714c43fac5..b8fb1e9a0a 100644 --- a/engines/Makefile +++ b/engines/Makefile @@ -65,7 +65,7 @@ lib: $(LIBOBJ) @if [ -n "$(SHARED_LIBS)" ]; then \ set -e; \ for l in $(LIBNAMES); do \ - $(MAKE) -f ../Makefile.shared $(BUILDENV) \ + $(MAKE) -f ../Makefile.shared -e \ LIBNAME=$$l LIBEXTRAS=e_$$l.o \ LIBDEPS='-L.. -lcrypto $(EX_LIBS)' \ link_o.$(SHLIB_TARGET); \ diff --git a/test/Makefile b/test/Makefile index 598609e6fc..fc739875ac 100644 --- a/test/Makefile +++ b/test/Makefile @@ -312,7 +312,7 @@ BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \ else \ LIBRARIES="$(LIBSSL) $(LIBCRYPTO)"; \ fi; \ - $(MAKE) -f $(TOP)/Makefile.shared $(BUILDENV) \ + $(MAKE) -f $(TOP)/Makefile.shared -e \ APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \ LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \ link_app.$${shlib_target} -- GitLab From 564915681cc4d0dca947c66629b6f2b473e74788 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Tue, 28 Jun 2005 10:00:08 +0000 Subject: [PATCH 317/929] PROBLEMS update from HEAD. --- PROBLEMS | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/PROBLEMS b/PROBLEMS index e553af6a3b..cd4ad4f8c1 100644 --- a/PROBLEMS +++ b/PROBLEMS @@ -168,3 +168,9 @@ hire /bin/ksh to do the job /bin/sh fails to do. your $PATH with chosen location, e.g. PATH=/tmp:$PATH. Alter- natively just replace system /bin/test and /bin/[ with the above script. + +* hpux64-ia64-cc fails blowfish test. + +Compiler bug, presumably at particular patch level. It should be noted +that same compiler generates correct 32-bit code, a.k.a. hpux-ia64-cc +target. Drop optimization level to +O2 when compiling 64-bit bf_skey.o. -- GitLab From b44e2d341627488be6554590a0ccd42bd8e8e900 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Tue, 28 Jun 2005 11:30:12 +0000 Subject: [PATCH 318/929] x86nasm.pl update from HEAD. --- crypto/perlasm/x86nasm.pl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/perlasm/x86nasm.pl b/crypto/perlasm/x86nasm.pl index 7d09428387..ab5b96c6c2 100644 --- a/crypto/perlasm/x86nasm.pl +++ b/crypto/perlasm/x86nasm.pl @@ -262,8 +262,8 @@ sub using486 sub main'file { - push(@out,".") if ($main'mwerks); - push(@out,"section\t.text\n"); + if ($main'mwerks) { push(@out,".section\t.text\n"); } + else { push(@out,"section\t.text use32\n"); } } sub main'function_begin -- GitLab From 2f03129d468b625a6fbaee58240114dc26940d30 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Tue, 28 Jun 2005 11:52:52 +0000 Subject: [PATCH 319/929] bn.h update from HEAD. --- crypto/bn/bn.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/bn/bn.h b/crypto/bn/bn.h index 9f4668a51d..670584ad74 100644 --- a/crypto/bn/bn.h +++ b/crypto/bn/bn.h @@ -167,7 +167,7 @@ extern "C" { #ifdef THIRTY_TWO_BIT #ifdef BN_LLONG # if defined(OPENSSL_SYS_WIN32) && !defined(__GNUC__) -# define BN_ULLONG unsigned _int64 +# define BN_ULLONG unsigned __int64 # else # define BN_ULLONG unsigned long long # endif -- GitLab From c0e29e5b01d250f813fa0e985ad8a541fce1828e Mon Sep 17 00:00:00 2001 From: Ben Laurie Date: Tue, 28 Jun 2005 12:32:48 +0000 Subject: [PATCH 320/929] Fix warnings. --- crypto/bn/bn_nist.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/crypto/bn/bn_nist.c b/crypto/bn/bn_nist.c index faf0e347e2..f8e306bb82 100644 --- a/crypto/bn/bn_nist.c +++ b/crypto/bn/bn_nist.c @@ -172,6 +172,7 @@ const BIGNUM *BN_get0_nist_prime_521(void) } /* some misc internal functions */ +#if BN_BITS2 != 64 static BN_ULONG _256_data[BN_NIST_256_TOP*6]; static int _is_set_256_data = 0; static void _init_256_data(void); @@ -179,6 +180,7 @@ static void _init_256_data(void); static BN_ULONG _384_data[BN_NIST_384_TOP*8]; static int _is_set_384_data = 0; static void _init_384_data(void); +#endif #define BN_NIST_ADD_ONE(a) while (!(++(*(a)))) ++(a); @@ -405,6 +407,7 @@ int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, #endif } +#if BN_BITS2 != 64 static void _init_256_data(void) { int i; @@ -422,6 +425,7 @@ static void _init_256_data(void) } _is_set_256_data = 1; } +#endif #define nist_set_256(to, from, a1, a2, a3, a4, a5, a6, a7, a8) \ { \ @@ -555,6 +559,7 @@ int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, #endif } +#if BN_BITS2 != 64 static void _init_384_data(void) { int i; @@ -572,6 +577,7 @@ static void _init_384_data(void) } _is_set_384_data = 1; } +#endif #define nist_set_384(to,from,a1,a2,a3,a4,a5,a6,a7,a8,a9,a10,a11,a12) \ { \ -- GitLab From 5b9b62a7dbac1a752363df6d61ce115bbb01c1fb Mon Sep 17 00:00:00 2001 From: Ben Laurie Date: Tue, 28 Jun 2005 12:41:35 +0000 Subject: [PATCH 321/929] Fix warning. --- crypto/pqueue/pq_compat.h | 2 ++ crypto/pqueue/pqueue.c | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/crypto/pqueue/pq_compat.h b/crypto/pqueue/pq_compat.h index 653845353d..e7c46d5aa1 100644 --- a/crypto/pqueue/pq_compat.h +++ b/crypto/pqueue/pq_compat.h @@ -110,8 +110,10 @@ #if defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG) #define PQ_64BIT BN_ULONG +#define PQ_64BIT_PRINT "%ld" #elif defined(THIRTY_TWO_BIT) #define PQ_64BIT BN_ULLONG +#define PQ_64BIT_PRINT "%lld" #endif #define PQ_64BIT_CTX void diff --git a/crypto/pqueue/pqueue.c b/crypto/pqueue/pqueue.c index e3eb836d45..1d69952362 100644 --- a/crypto/pqueue/pqueue.c +++ b/crypto/pqueue/pqueue.c @@ -207,7 +207,7 @@ pqueue_print(pqueue_s *pq) while(item != NULL) { - printf("item\t%lld\n", item->priority); + printf("item" PQ_64BIT_PRINT "\n", item->priority); item = item->next; } } -- GitLab From 50d53766981c61c4d1059de12627d89ef52f6a24 Mon Sep 17 00:00:00 2001 From: Ben Laurie Date: Tue, 28 Jun 2005 12:53:33 +0000 Subject: [PATCH 322/929] Replace missing character deleted in error. --- crypto/pqueue/pqueue.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/pqueue/pqueue.c b/crypto/pqueue/pqueue.c index 1d69952362..5cc18527f8 100644 --- a/crypto/pqueue/pqueue.c +++ b/crypto/pqueue/pqueue.c @@ -207,7 +207,7 @@ pqueue_print(pqueue_s *pq) while(item != NULL) { - printf("item" PQ_64BIT_PRINT "\n", item->priority); + printf("item\t" PQ_64BIT_PRINT "\n", item->priority); item = item->next; } } -- GitLab From f18dd687c847c221fa8d610e5e9dbadcc8e5a73d Mon Sep 17 00:00:00 2001 From: Ben Laurie Date: Tue, 28 Jun 2005 13:07:46 +0000 Subject: [PATCH 323/929] Nasty fix for another warning, but all I have the patience for right now. --- apps/passwd.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/apps/passwd.c b/apps/passwd.c index 6965c6e090..9ca25dd1da 100644 --- a/apps/passwd.c +++ b/apps/passwd.c @@ -474,7 +474,8 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p, if ((strlen(passwd) > pw_maxlen)) { if (!quiet) - BIO_printf(bio_err, "Warning: truncating password to %u characters\n", pw_maxlen); + /* XXX: really we should know how to print a size_t, not cast it */ + BIO_printf(bio_err, "Warning: truncating password to %u characters\n", (unsigned)pw_maxlen); passwd[pw_maxlen] = 0; } assert(strlen(passwd) <= pw_maxlen); -- GitLab From 910d19302975b2f6b40eccd9cb24b54374c13c2d Mon Sep 17 00:00:00 2001 From: Ben Laurie Date: Tue, 28 Jun 2005 13:27:53 +0000 Subject: [PATCH 324/929] Did you know it was wrong to use a char as an array index? --- ssl/ssltest.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/ssl/ssltest.c b/ssl/ssltest.c index e47af50a4b..ef09a699b7 100644 --- a/ssl/ssltest.c +++ b/ssl/ssltest.c @@ -1694,7 +1694,7 @@ static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx) fprintf(stderr, " Certificate proxy rights = %*.*s", i, i, s); while(i-- > 0) { - char c = *s++; + int c = *s++; if (isascii(c) && isalpha(c)) { if (islower(c)) @@ -1755,11 +1755,11 @@ static int process_proxy_cond_adders(unsigned int letters[26], static int process_proxy_cond_val(unsigned int letters[26], const char *cond, const char **cond_end, int *pos, int indent) { - char c; + int c; int ok = 1; int negate = 0; - while(isspace(*cond)) + while(isspace((int)*cond)) { cond++; (*pos)++; } @@ -1774,7 +1774,7 @@ static int process_proxy_cond_val(unsigned int letters[26], { negate = !negate; cond++; (*pos)++; - while(isspace(*cond)) + while(isspace((int)*cond)) { cond++; (*pos)++; } @@ -1789,7 +1789,7 @@ static int process_proxy_cond_val(unsigned int letters[26], cond = *cond_end; if (ok < 0) goto end; - while(isspace(*cond)) + while(isspace((int)*cond)) { cond++; (*pos)++; } @@ -1849,7 +1849,7 @@ static int process_proxy_cond_multipliers(unsigned int letters[26], while(ok >= 0) { - while(isspace(*cond)) + while(isspace((int)*cond)) { cond++; (*pos)++; } @@ -1916,7 +1916,7 @@ static int process_proxy_cond_adders(unsigned int letters[26], while(ok >= 0) { - while(isspace(*cond)) + while(isspace((int)*cond)) { cond++; (*pos)++; } @@ -1999,7 +1999,7 @@ static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg) letters[i] = 0; for(sp = cb_arg->proxy_auth; *sp; sp++) { - char c = *sp; + int c = *sp; if (isascii(c) && isalpha(c)) { if (islower(c)) -- GitLab From 6b695fefd0874d606eb864ce993f88bcc34a219b Mon Sep 17 00:00:00 2001 From: Nils Larsch Date: Tue, 28 Jun 2005 15:03:58 +0000 Subject: [PATCH 325/929] remove OPENSSL_NO_ASM dependency --- crypto/ec/ecp_nist.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/crypto/ec/ecp_nist.c b/crypto/ec/ecp_nist.c index 9e3762ff42..71893d5eab 100644 --- a/crypto/ec/ecp_nist.c +++ b/crypto/ec/ecp_nist.c @@ -140,7 +140,7 @@ int ec_GFp_nist_group_set_curve(EC_GROUP *group, const BIGNUM *p, group->field_mod_func = BN_nist_mod_192; else if (BN_ucmp(BN_get0_nist_prime_224(), p) == 0) { -#if !defined(NO_32_BIT_TYPE) || defined(OPENSSL_NO_ASM) +#ifndef NO_32_BIT_TYPE group->field_mod_func = BN_nist_mod_224; #else ECerr(EC_F_EC_GFP_NIST_GROUP_SET_CURVE, EC_R_NOT_A_SUPPORTED_NIST_PRIME); @@ -149,7 +149,7 @@ int ec_GFp_nist_group_set_curve(EC_GROUP *group, const BIGNUM *p, } else if (BN_ucmp(BN_get0_nist_prime_256(), p) == 0) { -#if !defined(NO_32_BIT_TYPE) || defined(OPENSSL_NO_ASM) +#ifndef NO_32_BIT_TYPE group->field_mod_func = BN_nist_mod_256; #else ECerr(EC_F_EC_GFP_NIST_GROUP_SET_CURVE, EC_R_NOT_A_SUPPORTED_NIST_PRIME); @@ -158,7 +158,7 @@ int ec_GFp_nist_group_set_curve(EC_GROUP *group, const BIGNUM *p, } else if (BN_ucmp(BN_get0_nist_prime_384(), p) == 0) { -#if !defined(NO_32_BIT_TYPE) || defined(OPENSSL_NO_ASM) +#ifndef NO_32_BIT_TYPE group->field_mod_func = BN_nist_mod_384; #else ECerr(EC_F_EC_GFP_NIST_GROUP_SET_CURVE, EC_R_NOT_A_SUPPORTED_NIST_PRIME); -- GitLab From cc4cba7b5de8c1149b98ec701a40523abedf1a7c Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 28 Jun 2005 15:44:18 +0000 Subject: [PATCH 326/929] asn1parse doesn't support any TXT format, so let's stop pretending it does. --- apps/asn1pars.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/asn1pars.c b/apps/asn1pars.c index f1d8bc8b98..b1a7c8e5db 100644 --- a/apps/asn1pars.c +++ b/apps/asn1pars.c @@ -196,7 +196,7 @@ int MAIN(int argc, char **argv) bad: BIO_printf(bio_err,"%s [options] Date: Wed, 29 Jun 2005 18:48:12 +0000 Subject: [PATCH 327/929] Actually, the 64bit format specifier differs between SIXTY_FOUR_BIT and SIXTY_FOUR_BIT_LONG --- crypto/pqueue/pq_compat.h | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/crypto/pqueue/pq_compat.h b/crypto/pqueue/pq_compat.h index e7c46d5aa1..28c58a0261 100644 --- a/crypto/pqueue/pq_compat.h +++ b/crypto/pqueue/pq_compat.h @@ -108,7 +108,10 @@ #define PQ_64BIT_IS_INTEGER 1 #define PQ_64BIT_IS_BIGNUM 0 -#if defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG) +#if defined(SIXTY_FOUR_BIT) +#define PQ_64BIT BN_ULONG +#define PQ_64BIT_PRINT "%lld" +#elif defined(SIXTY_FOUR_BIT_LONG) #define PQ_64BIT BN_ULONG #define PQ_64BIT_PRINT "%ld" #elif defined(THIRTY_TWO_BIT) -- GitLab From 9152f07eaff7ae9775505cec2e8bf33b0407a21c Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Thu, 30 Jun 2005 11:34:27 +0000 Subject: [PATCH 328/929] Check PKCS7 structures in PKCS#12 files are of type data. --- crypto/pkcs12/p12_add.c | 11 ++++++++++- crypto/pkcs12/p12_mutl.c | 6 ++++++ crypto/pkcs12/pk12err.c | 3 +++ crypto/pkcs12/pkcs12.h | 3 +++ 4 files changed, 22 insertions(+), 1 deletion(-) diff --git a/crypto/pkcs12/p12_add.c b/crypto/pkcs12/p12_add.c index fead37a8c0..41bdc00551 100644 --- a/crypto/pkcs12/p12_add.c +++ b/crypto/pkcs12/p12_add.c @@ -148,7 +148,11 @@ PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk) /* Unpack SAFEBAGS from PKCS#7 data ContentInfo */ STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7) { - if(!PKCS7_type_is_data(p7)) return NULL; + if(!PKCS7_type_is_data(p7)) + { + PKCS12err(PKCS12_F_PKCS12_UNPACK_P7DATA,PKCS12_R_CONTENT_TYPE_NOT_DATA); + return NULL; + } return ASN1_item_unpack(p7->d.data, ASN1_ITEM_rptr(PKCS12_SAFEBAGS)); } @@ -211,5 +215,10 @@ int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes) STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12) { + if (!PKCS7_type_is_data(p12->authsafes)) + { + PKCS12err(PKCS12_F_PKCS12_UNPACK_AUTHSAFES,PKCS12_R_CONTENT_TYPE_NOT_DATA); + return NULL; + } return ASN1_item_unpack(p12->authsafes->d.data, ASN1_ITEM_rptr(PKCS12_AUTHSAFES)); } diff --git a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c index 5eac25f10e..7bff04889c 100644 --- a/crypto/pkcs12/p12_mutl.c +++ b/crypto/pkcs12/p12_mutl.c @@ -72,6 +72,12 @@ int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen, unsigned char key[PKCS12_MAC_KEY_LENGTH], *salt; int saltlen, iter; + if (!PKCS7_type_is_data(p12->authsafes)) + { + PKCS12err(PKCS12_F_PKCS12_GEN_MAC,PKCS12_R_CONTENT_TYPE_NOT_DATA); + return 0; + } + salt = p12->mac->salt->data; saltlen = p12->mac->salt->length; if (!p12->mac->iter) iter = 1; diff --git a/crypto/pkcs12/pk12err.c b/crypto/pkcs12/pk12err.c index f01801e686..5c92cb08e0 100644 --- a/crypto/pkcs12/pk12err.c +++ b/crypto/pkcs12/pk12err.c @@ -94,6 +94,8 @@ static ERR_STRING_DATA PKCS12_str_functs[]= {ERR_FUNC(PKCS12_F_PKCS12_PBE_KEYIVGEN), "PKCS12_PBE_keyivgen"}, {ERR_FUNC(PKCS12_F_PKCS12_SETUP_MAC), "PKCS12_setup_mac"}, {ERR_FUNC(PKCS12_F_PKCS12_SET_MAC), "PKCS12_set_mac"}, +{ERR_FUNC(PKCS12_F_PKCS12_UNPACK_AUTHSAFES), "PKCS12_unpack_authsafes"}, +{ERR_FUNC(PKCS12_F_PKCS12_UNPACK_P7DATA), "PKCS12_unpack_p7data"}, {ERR_FUNC(PKCS12_F_PKCS12_VERIFY_MAC), "PKCS12_verify_mac"}, {ERR_FUNC(PKCS12_F_PKCS8_ADD_KEYUSAGE), "PKCS8_add_keyusage"}, {ERR_FUNC(PKCS12_F_PKCS8_ENCRYPT), "PKCS8_encrypt"}, @@ -103,6 +105,7 @@ static ERR_STRING_DATA PKCS12_str_functs[]= static ERR_STRING_DATA PKCS12_str_reasons[]= { {ERR_REASON(PKCS12_R_CANT_PACK_STRUCTURE),"cant pack structure"}, +{ERR_REASON(PKCS12_R_CONTENT_TYPE_NOT_DATA),"content type not data"}, {ERR_REASON(PKCS12_R_DECODE_ERROR) ,"decode error"}, {ERR_REASON(PKCS12_R_ENCODE_ERROR) ,"encode error"}, {ERR_REASON(PKCS12_R_ENCRYPT_ERROR) ,"encrypt error"}, diff --git a/crypto/pkcs12/pkcs12.h b/crypto/pkcs12/pkcs12.h index f66f62a419..a2d7e359a0 100644 --- a/crypto/pkcs12/pkcs12.h +++ b/crypto/pkcs12/pkcs12.h @@ -297,12 +297,15 @@ void ERR_load_PKCS12_strings(void); #define PKCS12_F_PKCS12_PBE_KEYIVGEN 120 #define PKCS12_F_PKCS12_SETUP_MAC 122 #define PKCS12_F_PKCS12_SET_MAC 123 +#define PKCS12_F_PKCS12_UNPACK_AUTHSAFES 130 +#define PKCS12_F_PKCS12_UNPACK_P7DATA 131 #define PKCS12_F_PKCS12_VERIFY_MAC 126 #define PKCS12_F_PKCS8_ADD_KEYUSAGE 124 #define PKCS12_F_PKCS8_ENCRYPT 125 /* Reason codes. */ #define PKCS12_R_CANT_PACK_STRUCTURE 100 +#define PKCS12_R_CONTENT_TYPE_NOT_DATA 121 #define PKCS12_R_DECODE_ERROR 101 #define PKCS12_R_ENCODE_ERROR 102 #define PKCS12_R_ENCRYPT_ERROR 103 -- GitLab From 8b963f4ba481bb73b2edd2578569ad28229eac14 Mon Sep 17 00:00:00 2001 From: Nils Larsch Date: Fri, 1 Jul 2005 16:15:48 +0000 Subject: [PATCH 329/929] initialize newly allocated data PR: 1145 --- apps/apps.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/apps/apps.c b/apps/apps.c index 9ae3e16ed3..248c65adb3 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -374,10 +374,17 @@ int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[]) /* The start of something good :-) */ if (num >= arg->count) { - arg->count+=20; - arg->data=(char **)OPENSSL_realloc(arg->data, - sizeof(char *)*arg->count); - if (argc == 0) return(0); + char **tmp_p; + int tlen = arg->count + 20; + tmp_p = (char **)OPENSSL_realloc(arg->data, + sizeof(char *)*tlen); + if (tmp_p == NULL) + return 0; + arg->data = tmp_p; + arg->count = tlen; + /* initialize newly allocated data */ + for (i = num; i < arg->count; i++) + arg->data[i] = NULL; } arg->data[num++]=p; -- GitLab From fbfb947b21358b8be9459c4962e0f9f35227c286 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Sun, 3 Jul 2005 09:23:57 +0000 Subject: [PATCH 330/929] Bugfix for bn_div_words PPC assembler implementation [from HEAD]. --- crypto/bn/asm/ppc.pl | 23 ++++++++++------------- 1 file changed, 10 insertions(+), 13 deletions(-) diff --git a/crypto/bn/asm/ppc.pl b/crypto/bn/asm/ppc.pl index 307c7ccb35..08e0053473 100644 --- a/crypto/bn/asm/ppc.pl +++ b/crypto/bn/asm/ppc.pl @@ -116,7 +116,7 @@ if ($opf =~ /32\.s/) { $UDIV= "divwu"; # unsigned divide $UCMPI= "cmplwi"; # unsigned compare with immediate $UCMP= "cmplw"; # unsigned compare - $COUNTZ="cntlzw"; # count leading zeros + $CNTLZ= "cntlzw"; # count leading zeros $SHL= "slw"; # shift left $SHR= "srw"; # unsigned shift right $SHRI= "srwi"; # unsigned shift right by immediate @@ -124,6 +124,7 @@ if ($opf =~ /32\.s/) { $CLRU= "clrlwi"; # clear upper bits $INSR= "insrwi"; # insert right $ROTL= "rotlwi"; # rotate left by immediate + $TR= "tw"; # conditional trap } elsif ($opf =~ /64\.s/) { $BITS= 64; $BNSZ= $BITS/8; @@ -139,7 +140,7 @@ if ($opf =~ /32\.s/) { $UDIV= "divdu"; # unsigned divide $UCMPI= "cmpldi"; # unsigned compare with immediate $UCMP= "cmpld"; # unsigned compare - $COUNTZ="cntlzd"; # count leading zeros + $CNTLZ= "cntlzd"; # count leading zeros $SHL= "sld"; # shift left $SHR= "srd"; # unsigned shift right $SHRI= "srdi"; # unsigned shift right by immediate @@ -147,6 +148,7 @@ if ($opf =~ /32\.s/) { $CLRU= "clrldi"; # clear upper bits $INSR= "insrdi"; # insert right $ROTL= "rotldi"; # rotate left by immediate + $TR= "td"; # conditional trap } else { die "nonsense $opf"; } ( defined shift || open STDOUT,">$opf" ) || die "can't open $opf: $!"; @@ -1710,17 +1712,12 @@ Lppcasm_add_adios: bclr BO_ALWAYS,CR0_LT Lppcasm_div1: xor r0,r0,r0 #r0=0 - $COUNTZ r7,r5 #r7 = num leading 0s in d. - subfic r8,r7,$BITS #r8 = BN_num_bits_word(d) - cmpi 0,0,r8,$BITS # - bc BO_IF,CR0_EQ,Lppcasm_div2 #proceed if (r8==$BITS) - li r9,1 # r9=1 - $SHL r10,r9,r8 # r9<<=r8 - $UCMP 0,r3,r10 # - bc BO_IF,CR0_GT,Lppcasm_div2 #or if (h > (1<=d? bc BO_IF,CR0_LT,Lppcasm_div3 #goto Lppcasm_div3 if not -- GitLab From 2e39604021d38de29cc451699e0a2aceb0a74f59 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Sun, 3 Jul 2005 13:15:53 +0000 Subject: [PATCH 331/929] Fix bugs in bug-fix to x509/by_dir.c [from HEAD]. PR: 1131 --- crypto/x509/by_dir.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c index b4a21716f2..ea689aed1a 100644 --- a/crypto/x509/by_dir.c +++ b/crypto/x509/by_dir.c @@ -122,19 +122,18 @@ static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, { case X509_L_ADD_DIR: if (argl == X509_FILETYPE_DEFAULT) + { dir=(char *)Getenv(X509_get_default_cert_dir_env()); if (dir) - ret=add_cert_dir(ld,dir,X509_FILETYPE_PEM); + ret=add_cert_dir(ld,dir,X509_FILETYPE_PEM); else - { - ret=add_cert_dir(ld,X509_get_default_cert_dir(), - X509_FILETYPE_PEM); - } + ret=add_cert_dir(ld,X509_get_default_cert_dir(), + X509_FILETYPE_PEM); if (!ret) { X509err(X509_F_DIR_CTRL,X509_R_LOADING_CERT_DIR); } - + } else ret=add_cert_dir(ld,argp,(int)argl); break; -- GitLab From 8c6fed007feb4fbad1eb2ca4e1090dddebd00377 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 4 Jul 2005 21:44:22 +0000 Subject: [PATCH 332/929] The private key should never have ended up in newreq.pem. Now, it ends up in newkey.pem instead. --- apps/CA.pl.in | 15 ++++++++------- apps/CA.sh | 8 ++++---- 2 files changed, 12 insertions(+), 11 deletions(-) diff --git a/apps/CA.pl.in b/apps/CA.pl.in index 5d829c05eb..8ef8ac1c83 100644 --- a/apps/CA.pl.in +++ b/apps/CA.pl.in @@ -68,19 +68,19 @@ foreach (@ARGV) { exit 0; } elsif (/^-newcert$/) { # create a certificate - system ("$REQ -new -x509 -keyout newreq.pem -out newreq.pem $DAYS"); + system ("$REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS"); $RET=$?; - print "Certificate (and private key) is in newreq.pem\n" + print "Certificate is in newcert.pem, private key is in newkey.pem\n" } elsif (/^-newreq$/) { # create a certificate request - system ("$REQ -new -keyout newreq.pem -out newreq.pem $DAYS"); + system ("$REQ -new -keyout newkey.pem -out newreq.pem $DAYS"); $RET=$?; - print "Request (and private key) is in newreq.pem\n"; + print "Request is in newreq.pem, private key is in newkey.pem\n"; } elsif (/^-newreq-nodes$/) { # create a certificate request - system ("$REQ -new -nodes -keyout newreq.pem -out newreq.pem $DAYS"); + system ("$REQ -new -nodes -keyout newkey.pem -out newreq.pem $DAYS"); $RET=$?; - print "Request (and private key) is in newreq.pem\n"; + print "Request is in newreq.pem, private key is in newkey.pem\n"; } elsif (/^-newca$/) { # if explicitly asked for or it doesn't exist then setup the # directory structure that Eric likes to manage things @@ -120,10 +120,11 @@ foreach (@ARGV) { } elsif (/^-pkcs12$/) { my $cname = $ARGV[1]; $cname = "My Certificate" unless defined $cname; - system ("$PKCS12 -in newcert.pem -inkey newreq.pem " . + system ("$PKCS12 -in newcert.pem -inkey newkey.pem " . "-certfile ${CATOP}/$CACERT -out newcert.p12 " . "-export -name \"$cname\""); $RET=$?; + print "PKCS #12 file is in newcert.p12\n"; exit $RET; } elsif (/^-xsign$/) { system ("$CA -policy policy_anything -infiles newreq.pem"); diff --git a/apps/CA.sh b/apps/CA.sh index 46e86bf94b..a0b20d85a9 100644 --- a/apps/CA.sh +++ b/apps/CA.sh @@ -53,15 +53,15 @@ case $i in ;; -newcert) # create a certificate - $REQ -new -x509 -keyout newreq.pem -out newreq.pem $DAYS + $REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS RET=$? - echo "Certificate (and private key) is in newreq.pem" + echo "Certificate is in newcert.pem, private key is in newkey.pem" ;; -newreq) # create a certificate request - $REQ -new -keyout newreq.pem -out newreq.pem $DAYS + $REQ -new -keyout newkey.pem -out newreq.pem $DAYS RET=$? - echo "Request (and private key) is in newreq.pem" + echo "Request is in newreq.pem, private key is in newkey.pem" ;; -newca) # if explicitly asked for or it doesn't exist then setup the directory -- GitLab From 09c1a425a9daaf7c174f1ce62a832b61bb9532b4 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Mon, 4 Jul 2005 23:04:28 +0000 Subject: [PATCH 333/929] Add utf8 options to ca utility. PR:1109 --- CHANGES | 3 +++ apps/ca.c | 56 +++++++++++++++++++++++++++++++++++++++---------------- 2 files changed, 43 insertions(+), 16 deletions(-) diff --git a/CHANGES b/CHANGES index e8d45af0d1..d332f1044f 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,9 @@ Changes between 0.9.7h and 0.9.8 [xx XXX xxxx] + *) Add -utf8 command line and config file option to 'ca'. + [Stefan 0) @@ -1159,7 +1183,7 @@ bad: { total++; j=certify_cert(&x,ss_cert_file,pkey,x509,dgst,attribs, - db,serial,subj,multirdn,email_dn,startdate,enddate,days,batch, + db,serial,subj,chtype,multirdn,email_dn,startdate,enddate,days,batch, extensions,conf,verbose, certopt, nameopt, default_op, ext_copy, e); if (j < 0) goto err; @@ -1179,7 +1203,7 @@ bad: { total++; j=certify(&x,infile,pkey,x509p,dgst,attribs,db, - serial,subj,multirdn,email_dn,startdate,enddate,days,batch, + serial,subj,chtype,multirdn,email_dn,startdate,enddate,days,batch, extensions,conf,verbose, certopt, nameopt, default_op, ext_copy, selfsign); if (j < 0) goto err; @@ -1199,7 +1223,7 @@ bad: { total++; j=certify(&x,argv[i],pkey,x509p,dgst,attribs,db, - serial,subj,multirdn,email_dn,startdate,enddate,days,batch, + serial,subj,chtype,multirdn,email_dn,startdate,enddate,days,batch, extensions,conf,verbose, certopt, nameopt, default_op, ext_copy, selfsign); if (j < 0) goto err; @@ -1509,7 +1533,7 @@ static void lookup_fail(const char *name, const char *tag) static int certify(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy, CA_DB *db, - BIGNUM *serial, char *subj, int multirdn, int email_dn, char *startdate, char *enddate, + BIGNUM *serial, char *subj,unsigned long chtype, int multirdn, int email_dn, char *startdate, char *enddate, long days, int batch, char *ext_sect, CONF *lconf, int verbose, unsigned long certopt, unsigned long nameopt, int default_op, int ext_copy, int selfsign) @@ -1565,7 +1589,7 @@ static int certify(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509, else BIO_printf(bio_err,"Signature ok\n"); - ok=do_body(xret,pkey,x509,dgst,policy,db,serial,subj, multirdn, email_dn, + ok=do_body(xret,pkey,x509,dgst,policy,db,serial,subj,chtype,multirdn, email_dn, startdate,enddate,days,batch,verbose,req,ext_sect,lconf, certopt, nameopt, default_op, ext_copy, selfsign); @@ -1577,7 +1601,7 @@ err: static int certify_cert(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy, CA_DB *db, - BIGNUM *serial, char *subj, int multirdn, int email_dn, char *startdate, char *enddate, + BIGNUM *serial, char *subj, unsigned long chtype, int multirdn, int email_dn, char *startdate, char *enddate, long days, int batch, char *ext_sect, CONF *lconf, int verbose, unsigned long certopt, unsigned long nameopt, int default_op, int ext_copy, ENGINE *e) @@ -1619,7 +1643,7 @@ static int certify_cert(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509, if ((rreq=X509_to_X509_REQ(req,NULL,EVP_md5())) == NULL) goto err; - ok=do_body(xret,pkey,x509,dgst,policy,db,serial,subj,multirdn,email_dn,startdate,enddate, + ok=do_body(xret,pkey,x509,dgst,policy,db,serial,subj,chtype,multirdn,email_dn,startdate,enddate, days,batch,verbose,rreq,ext_sect,lconf, certopt, nameopt, default_op, ext_copy, 0); @@ -1631,7 +1655,7 @@ err: static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy, CA_DB *db, BIGNUM *serial, char *subj, - int multirdn, + unsigned long chtype, int multirdn, int email_dn, char *startdate, char *enddate, long days, int batch, int verbose, X509_REQ *req, char *ext_sect, CONF *lconf, unsigned long certopt, unsigned long nameopt, int default_op, @@ -1664,7 +1688,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst, if (subj) { - X509_NAME *n = parse_name(subj, MBSTRING_ASC, multirdn); + X509_NAME *n = parse_name(subj, chtype, multirdn); if (!n) { @@ -2201,7 +2225,7 @@ static void write_new_certificate(BIO *bp, X509 *x, int output_der, int notext) static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy, CA_DB *db, - BIGNUM *serial, char *subj, int multirdn, int email_dn, char *startdate, char *enddate, + BIGNUM *serial, char *subj,unsigned long chtype, int multirdn, int email_dn, char *startdate, char *enddate, long days, char *ext_sect, CONF *lconf, int verbose, unsigned long certopt, unsigned long nameopt, int default_op, int ext_copy) { @@ -2342,7 +2366,7 @@ static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509, X509_REQ_set_pubkey(req,pktmp); EVP_PKEY_free(pktmp); - ok=do_body(xret,pkey,x509,dgst,policy,db,serial,subj,multirdn,email_dn,startdate,enddate, + ok=do_body(xret,pkey,x509,dgst,policy,db,serial,subj,chtype,multirdn,email_dn,startdate,enddate, days,1,verbose,req,ext_sect,lconf, certopt, nameopt, default_op, ext_copy, 0); err: -- GitLab From dabaea8048988709af709e7d329dff311635ff84 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Mon, 4 Jul 2005 23:24:12 +0000 Subject: [PATCH 334/929] To secure Win64 API I'm throwing in this minimalistic Win64 support. --- Configure | 4 ++-- crypto/cryptlib.c | 2 +- crypto/mem_dbg.c | 8 ++++++++ e_os.h | 19 +++++++++++++++++++ ms/do_win64a.bat | 9 +++++++++ ms/do_win64i.bat | 9 +++++++++ util/mk1mf.pl | 7 +++++-- util/pl/VC-32.pl | 28 ++++++++++++++++++++++++++-- 8 files changed, 79 insertions(+), 7 deletions(-) create mode 100755 ms/do_win64a.bat create mode 100755 ms/do_win64i.bat diff --git a/Configure b/Configure index de5366b723..933246a157 100755 --- a/Configure +++ b/Configure @@ -456,8 +456,8 @@ my %table=( "OS390-Unix","c89.sh:-O -DB_ENDIAN -DCHARSET_EBCDIC -DNO_SYS_PARAM_H -D_ALL_SOURCE::(unknown):::THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR:::", # Win64 targets, WIN64I denotes IA-64 and WIN64A - AMD64 -"VC-WIN64I","cl::::WIN64I::SIXTY_FOUR_BIT EXPORT_VAR_AS_FN:${no_asm}:win32", -"VC-WIN64A","cl::::WIN64A::SIXTY_FOUR_BIT EXPORT_VAR_AS_FN:${no_asm}:win32", +"VC-WIN64I","cl::::WIN64I::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:${no_asm}:win32", +"VC-WIN64A","cl::::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:${no_asm}:win32", # Visual C targets "VC-NT","cl::::WINNT::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32", diff --git a/crypto/cryptlib.c b/crypto/cryptlib.c index e73d086eed..21332378cf 100644 --- a/crypto/cryptlib.c +++ b/crypto/cryptlib.c @@ -545,7 +545,6 @@ const char *CRYPTO_get_lock_name(int type) unsigned long OPENSSL_ia32cap_P=0; unsigned long *OPENSSL_ia32cap_loc(void) { return &OPENSSL_ia32cap_P; } -int OPENSSL_NONPIC_relocated=0; #if defined(OPENSSL_CPUID_OBJ) && !defined(OPENSSL_NO_ASM) && !defined(I386_ONLY) #define OPENSSL_CPUID_SETUP @@ -572,6 +571,7 @@ void OPENSSL_cpuid_setup(void) #else unsigned long *OPENSSL_ia32cap_loc(void) { return NULL; } #endif +int OPENSSL_NONPIC_relocated = 0; #if !defined(OPENSSL_CPUID_SETUP) void OPENSSL_cpuid_setup(void) {} #endif diff --git a/crypto/mem_dbg.c b/crypto/mem_dbg.c index 557516bde9..8316485217 100644 --- a/crypto/mem_dbg.c +++ b/crypto/mem_dbg.c @@ -252,8 +252,16 @@ long CRYPTO_dbg_get_options(void) /* static int mem_cmp(MEM *a, MEM *b) */ static int mem_cmp(const void *a_void, const void *b_void) { +#ifdef _WIN64 + const char *a=(const char *)((const MEM *)a_void)->addr, + *b=(const char *)((const MEM *)b_void)->addr; + if (a==b) return 0; + else if (a>b) return 1; + else return -1; +#else return((const char *)((const MEM *)a_void)->addr - (const char *)((const MEM *)b_void)->addr); +#endif } /* static unsigned long mem_hash(MEM *a) */ diff --git a/e_os.h b/e_os.h index 0b2b1cca67..965d1aa8d7 100644 --- a/e_os.h +++ b/e_os.h @@ -266,6 +266,16 @@ extern "C" { # include # include # include +# ifdef _WIN64 +# define strlen(s) _strlen31(s) +/* cut strings to 2GB */ +static unsigned int _strlen31(const char *str) + { + unsigned int len=0; + while (*str && len<0x80000000U) str++, len++; + return len&0x7FFFFFFF; + } +# endif # include # endif # include @@ -426,6 +436,15 @@ extern "C" { # elif !defined(__DJGPP__) # include extern HINSTANCE _hInstance; +# ifdef _WIN64 +/* + * Even though sizeof(SOCKET) is 8, it's safe to cast it to int, because + * the value constitutes an index in per-process table of limited size + * and not a real pointer. + */ +# define socket(d,t,p) ((int)socket(d,t,p)) +# define accept(s,f,l) ((int)accept(s,f,l)) +# endif # define SSLeay_Write(a,b,c) send((a),(b),(c),0) # define SSLeay_Read(a,b,c) recv((a),(b),(c),0) # define SHUTDOWN(fd) { shutdown((fd),0); closesocket(fd); } diff --git a/ms/do_win64a.bat b/ms/do_win64a.bat new file mode 100755 index 0000000000..825c690221 --- /dev/null +++ b/ms/do_win64a.bat @@ -0,0 +1,9 @@ + +perl util\mkfiles.pl >MINFO +perl ms\uplink.pl win64a > ms\uptable.asm +ml64 -c -Foms\uptable.obj ms\uptable.asm +perl util\mk1mf.pl no-asm VC-WIN64A >ms\nt.mak +perl util\mk1mf.pl dll no-asm VC-WIN64A >ms\ntdll.mak + +perl util\mkdef.pl 32 libeay > ms\libeay32.def +perl util\mkdef.pl 32 ssleay > ms\ssleay32.def diff --git a/ms/do_win64i.bat b/ms/do_win64i.bat new file mode 100755 index 0000000000..7bfc2f1818 --- /dev/null +++ b/ms/do_win64i.bat @@ -0,0 +1,9 @@ + +perl util\mkfiles.pl >MINFO +perl ms\uplink.pl win64i > ms\uptable.asm +ias -o ms\uptable.obj ms\uptable.asm +perl util\mk1mf.pl no-asm VC-WIN64I >ms\nt.mak +perl util\mk1mf.pl dll no-asm VC-WIN64I >ms\ntdll.mak + +perl util\mkdef.pl 32 libeay > ms\libeay32.def +perl util\mkdef.pl 32 ssleay > ms\ssleay32.def diff --git a/util/mk1mf.pl b/util/mk1mf.pl index 74bfc99ffe..f949bf27d6 100755 --- a/util/mk1mf.pl +++ b/util/mk1mf.pl @@ -24,6 +24,8 @@ $infile="MINFO"; %ops=( "VC-WIN32", "Microsoft Visual C++ [4-6] - Windows NT or 9X", + "VC-WIN64I", "Microsoft C/C++ - Win64/IA-64", + "VC-WIN64A", "Microsoft C/C++ - Win64/x64", "VC-CE", "Microsoft eMbedded Visual C++ 3.0 - Windows CE ONLY", "VC-NT", "Microsoft Visual C++ [4-6] - Windows NT ONLY", "Mingw32", "GNU C++ - Windows NT or 9x", @@ -120,9 +122,10 @@ $bin_dir=(defined($VARS{'BIN'}))?$VARS{'BIN'}:''; $NT=0; push(@INC,"util/pl","pl"); -if (($platform eq "VC-WIN32") || ($platform eq "VC-NT")) +if (($platform =~ /VC-(.+)/)) { - $NT = 1 if $platform eq "VC-NT"; + $FLAVOR=$1; + $NT = 1 if $1 eq "NT"; require 'VC-32.pl'; } elsif ($platform eq "VC-CE") diff --git a/util/pl/VC-32.pl b/util/pl/VC-32.pl index 710c4cd129..d39715cdad 100644 --- a/util/pl/VC-32.pl +++ b/util/pl/VC-32.pl @@ -11,8 +11,27 @@ $rm='del'; # C compiler stuff $cc='cl'; -$cflags=' /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32'; -$lflags="/nologo /subsystem:console /machine:I386 /opt:ref"; +if ($FLAVOR =~ /WIN64/) + { + # Note that we currently don't have /WX on Win64! There is a lot of + # warnings, but only of two types: + # + # C4344: conversion from '__int64' to 'int/long', possible loss of data + # C4267: conversion from 'size_t' to 'int/long', possible loss of data + # + # Amount of latter type is minimized by aliasing strlen to function of + # own desing and limiting its return value to 2GB-1 (see e_os.h). As + # per 0.9.8 release remaining warnings were explicitly examines and + # considered safe to ignore. + # + $cflags=' /MD /W3 /Ox /Gs0 /GF /Gy /nologo -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32 -DOPENSSL_SYSNAME_WIN32 -DOPENSSL_SYSNAME_WINNT -DUNICODE -D_UNICODE'; + $lflags="/nologo /subsystem:console /opt:ref"; + } +else + { + $cflags=' /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32'; + $lflags="/nologo /subsystem:console /machine:I386 /opt:ref"; + } $mlflags=''; $out_def="out32"; @@ -38,6 +57,7 @@ $exep='.exe'; if ($no_sock) { $ex_libs=""; } else { $ex_libs="wsock32.lib user32.lib gdi32.lib"; } +$ex_libs="$ex_libs bufferoverflowu.lib" if ($FLAVOR =~ /WIN64/); # static library stuff $mklib='lib'; @@ -115,6 +135,9 @@ EXHEADER= $(EXHEADER) $(INCO_D)\applink.c LIBS_DEP=$(LIBS_DEP) $(OBJ_D)\applink.obj CRYPTOOBJ=$(OBJ_D)\uplink.obj $(CRYPTOOBJ) +___ + $banner.=<<'___' if ($FLAVOR =~ /WIN64/); +CRYPTOOBJ=ms\uptable.obj $(CRYPTOOBJ) ___ } @@ -140,6 +163,7 @@ sub do_lib_rule { local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':''; $ex.=' wsock32.lib gdi32.lib advapi32.lib user32.lib'; + $ex.=' bufferoverflowu.lib' if ($FLAVOR =~ /WIN64/); $ret.="\t\$(LINK) \$(MLFLAGS) $efile$target /def:ms/${Name}.def @<<\n \$(SHLIB_EX_OBJ) $objs $ex\n<<\n"; } $ret.="\n"; -- GitLab From b914049c536afb1b842131f3f8b397463d8dc55b Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Mon, 4 Jul 2005 23:30:31 +0000 Subject: [PATCH 335/929] Get rid of "unary minus applied to unsigned type" warning. --- crypto/rc4/rc4_enc.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/rc4/rc4_enc.c b/crypto/rc4/rc4_enc.c index d5f18a3a70..0660ea60a2 100644 --- a/crypto/rc4/rc4_enc.c +++ b/crypto/rc4/rc4_enc.c @@ -157,7 +157,7 @@ void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, if (!is_endian.little) { /* BIG-ENDIAN CASE */ # define BESHFT(c) (((sizeof(RC4_CHUNK)-(c)-1)*8)&(sizeof(RC4_CHUNK)*8-1)) - for (;len&-sizeof(RC4_CHUNK);len-=sizeof(RC4_CHUNK)) + for (;len&~(sizeof(RC4_CHUNK)-1);len-=sizeof(RC4_CHUNK)) { ichunk = *(RC4_CHUNK *)indata; otp = RC4_STEP< Date: Tue, 5 Jul 2005 05:14:21 +0000 Subject: [PATCH 336/929] Add libcrypto.pc and libssl.pc, and install them along with openssl.pc. PR: 1143 --- Makefile.org | 34 ++++++++++++++++++++++++++++++++-- 1 file changed, 32 insertions(+), 2 deletions(-) diff --git a/Makefile.org b/Makefile.org index ba60f70696..ec96428985 100644 --- a/Makefile.org +++ b/Makefile.org @@ -146,7 +146,7 @@ WTARFILE= $(NAME)-win.tar EXHEADER= e_os2.h HEADER= e_os.h -all: Makefile build_all openssl.pc +all: Makefile build_all openssl.pc libssl.pc libcrypto.pc # as we stick to -e, CLEARENV ensures that local variables in lower # Makefiles remain local and variable. $${VAR+VAR} is tribute to Korn @@ -277,6 +277,32 @@ do_$(SHLIB_TARGET): libs="-l$$i $$libs"; \ done +libcrypto.pc: Makefile + @ ( echo 'prefix=$(INSTALLTOP)'; \ + echo 'exec_prefix=$${prefix}'; \ + echo 'libdir=$${exec_prefix}/lib'; \ + echo 'includedir=$${prefix}/include'; \ + echo ''; \ + echo 'Name: OpenSSL-libcrypto'; \ + echo 'Description: OpenSSL cryptography library'; \ + echo 'Version: '$(VERSION); \ + echo 'Requires: '; \ + echo 'Libs: -L$${libdir} -lcrypto $(EX_LIBS)'; \ + echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc + +libssl.pc: Makefile + @ ( echo 'prefix=$(INSTALLTOP)'; \ + echo 'exec_prefix=$${prefix}'; \ + echo 'libdir=$${exec_prefix}/lib'; \ + echo 'includedir=$${prefix}/include'; \ + echo ''; \ + echo 'Name: OpenSSL'; \ + echo 'Description: Secure Sockets Layer and cryptography libraries'; \ + echo 'Version: '$(VERSION); \ + echo 'Requires: '; \ + echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \ + echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc + openssl.pc: Makefile @ ( echo 'prefix=$(INSTALLTOP)'; \ echo 'exec_prefix=$${prefix}'; \ @@ -302,7 +328,7 @@ clean: libclean rm -f shlib/*.o *.o core a.out fluff rehash.time testlog make.log cctest cctest.c @set -e; target=clean; $(RECURSIVE_BUILD_CMD) rm -f $(LIBS) - rm -f openssl.pc + rm -f openssl.pc libssl.pc libcrypto.pc rm -f speed.* .pure rm -f $(TARFILE) @set -e; for i in $(ONEDIRS) ;\ @@ -484,6 +510,10 @@ install_sw: sed -e '1,/^$$/d' doc/openssl-shared.txt; \ fi; \ fi + cp libcrypto.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig + chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig/libcrypto.pc + cp libssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig + chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig/libssl.pc cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig/openssl.pc -- GitLab From e32ea818764f076bd75ae2c33b6319e8027141e8 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Tue, 5 Jul 2005 10:53:13 +0000 Subject: [PATCH 337/929] Mention Win64 support in CHANGES and throw in building instructions. --- CHANGES | 3 +++ INSTALL.W32 | 1 + INSTALL.W64 | 66 +++++++++++++++++++++++++++++++++++++++++++++++++++++ TABLE | 4 ++-- 4 files changed, 72 insertions(+), 2 deletions(-) create mode 100644 INSTALL.W64 diff --git a/CHANGES b/CHANGES index d332f1044f..fb85e776a1 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,9 @@ Changes between 0.9.7h and 0.9.8 [xx XXX xxxx] + *) Add initial support for Win64, both IA64 and AMD64/x64 flavors. + [Andy Polyakov] + *) Add -utf8 command line and config file option to 'ca'. [Stefan perl Configure VC-WIN64A + > ms\do_win64a + > nmake -f ms\ntdll.mak + > cd out32dll + > ..\ms\test + + To build for Win64/IA64: + + > perl Configure VC-WIN64I + > ms\do_win64i + > nmake -f ms\ntdll.mak + > cd out32dll + > ..\ms\test + + Naturally test-suite itself has to be executed on the target platform. + + Installation + ------------ + + TBD, for now see INSTALL.W32. + diff --git a/TABLE b/TABLE index bf0a1542bf..5c1007f37a 100644 --- a/TABLE +++ b/TABLE @@ -628,7 +628,7 @@ $unistd = $thread_cflag = $sys_id = WIN64A $lflags = -$bn_ops = SIXTY_FOUR_BIT EXPORT_VAR_AS_FN +$bn_ops = SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN $cpuid_obj = $bn_obj = $des_obj = @@ -655,7 +655,7 @@ $unistd = $thread_cflag = $sys_id = WIN64I $lflags = -$bn_ops = SIXTY_FOUR_BIT EXPORT_VAR_AS_FN +$bn_ops = SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN $cpuid_obj = $bn_obj = $des_obj = -- GitLab From 1d01c9d43d6f7b7481161dac5e1aeebc6ba9f554 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 5 Jul 2005 18:32:05 +0000 Subject: [PATCH 338/929] Last additions to the release documentation. --- CHANGES | 11 +++++++++++ NEWS | 3 +++ 2 files changed, 14 insertions(+) diff --git a/CHANGES b/CHANGES index fb85e776a1..71be5a352b 100644 --- a/CHANGES +++ b/CHANGES @@ -4,12 +4,23 @@ Changes between 0.9.7h and 0.9.8 [xx XXX xxxx] + *) Add libcrypto.pc and libssl.pc for those who feel they need them. + [Richard Levitte] + + *) Change CA.sh and CA.pl so they don't bundle the CSR and the private + key into the same file any more. + [Richard Levitte] + *) Add initial support for Win64, both IA64 and AMD64/x64 flavors. [Andy Polyakov] *) Add -utf8 command line and config file option to 'ca'. [Stefan Date: Tue, 5 Jul 2005 18:32:37 +0000 Subject: [PATCH 339/929] We don't support no-engine for now. It's a lot more work than one might imagine. --- PROBLEMS | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/PROBLEMS b/PROBLEMS index cd4ad4f8c1..c46d7e5e3c 100644 --- a/PROBLEMS +++ b/PROBLEMS @@ -174,3 +174,9 @@ hire /bin/ksh to do the job /bin/sh fails to do. Compiler bug, presumably at particular patch level. It should be noted that same compiler generates correct 32-bit code, a.k.a. hpux-ia64-cc target. Drop optimization level to +O2 when compiling 64-bit bf_skey.o. + +* no-engines generates errors. + +Unfortunately, the 'no-engines' configuration option currently doesn't +work properly. Use 'no-hw' and you'll will at least get no hardware +support. We'll see how we fix that on OpenSSL versions past 0.9.8. -- GitLab From 11024f252e9ae9837a29ed269f1c30ae81f2fc08 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 5 Jul 2005 18:41:28 +0000 Subject: [PATCH 340/929] make update --- apps/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/Makefile b/apps/Makefile index 0c215e16bc..79ea8a7337 100644 --- a/apps/Makefile +++ b/apps/Makefile @@ -834,7 +834,7 @@ speed.o: ../include/openssl/safestack.h ../include/openssl/sha.h speed.o: ../include/openssl/stack.h ../include/openssl/symhacks.h speed.o: ../include/openssl/txt_db.h ../include/openssl/ui.h speed.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h -speed.o: ../include/openssl/x509_vfy.h testdsa.h testrsa.h apps.h speed.c +speed.o: ../include/openssl/x509_vfy.h apps.h speed.c testdsa.h testrsa.h spkac.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h spkac.o: ../include/openssl/buffer.h ../include/openssl/conf.h spkac.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h -- GitLab From f254b540b8746c24bd0bb2a5249c7b30004a42f2 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 5 Jul 2005 18:49:43 +0000 Subject: [PATCH 341/929] Time to release OpenSSL 0.9.8. The tag will be OpenSSL_0_9_8. --- CHANGES | 2 +- FAQ | 2 +- README | 2 +- STATUS | 34 ++-------------------------------- crypto/opensslv.h | 6 +++--- openssl.spec | 2 +- 6 files changed, 9 insertions(+), 39 deletions(-) diff --git a/CHANGES b/CHANGES index 71be5a352b..47133b18d5 100644 --- a/CHANGES +++ b/CHANGES @@ -2,7 +2,7 @@ OpenSSL CHANGES _______________ - Changes between 0.9.7h and 0.9.8 [xx XXX xxxx] + Changes between 0.9.7h and 0.9.8 [05 Jul 2005] *) Add libcrypto.pc and libssl.pc for those who feel they need them. [Richard Levitte] diff --git a/FAQ b/FAQ index 86b6617f44..f9f2e97733 100644 --- a/FAQ +++ b/FAQ @@ -72,7 +72,7 @@ OpenSSL - Frequently Asked Questions * Which is the current version of OpenSSL? The current version is available from . -OpenSSL 0.9.7g was released on April 11, 2005. +OpenSSL 0.9.8 was released on June 5th, 2005. In addition to the current stable release, you can also access daily snapshots of the OpenSSL development version at Date: Tue, 5 Jul 2005 19:11:56 +0000 Subject: [PATCH 342/929] Now that 0.9.8 has been tagged, it's time to move on. --- CHANGES | 4 ++++ README | 2 +- crypto/opensslv.h | 6 +++--- openssl.spec | 8 ++++---- 4 files changed, 12 insertions(+), 8 deletions(-) diff --git a/CHANGES b/CHANGES index 47133b18d5..186324436e 100644 --- a/CHANGES +++ b/CHANGES @@ -2,6 +2,10 @@ OpenSSL CHANGES _______________ + Changes between 0.9.8 and 0.9.8a [XX xxx XXXX] + + *) + Changes between 0.9.7h and 0.9.8 [05 Jul 2005] *) Add libcrypto.pc and libssl.pc for those who feel they need them. diff --git a/README b/README index 74cb76a4c7..a26131b464 100644 --- a/README +++ b/README @@ -1,5 +1,5 @@ - OpenSSL 0.9.8 05 Jul 2005 + OpenSSL 0.9.8a XX xxx XXXX Copyright (c) 1998-2005 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson diff --git a/crypto/opensslv.h b/crypto/opensslv.h index fed5edbe71..bb3eac7b83 100644 --- a/crypto/opensslv.h +++ b/crypto/opensslv.h @@ -25,11 +25,11 @@ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -#define OPENSSL_VERSION_NUMBER 0x0090800fL +#define OPENSSL_VERSION_NUMBER 0x00908010L #ifdef OPENSSL_FIPS -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8-fips 05 Jul 2005" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8a-fips-dev XX xxx XXXX" #else -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8 05 Jul 2005" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8a-dev XX xxx XXXX" #endif #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT diff --git a/openssl.spec b/openssl.spec index 03fae0b5b8..606df33d99 100644 --- a/openssl.spec +++ b/openssl.spec @@ -1,15 +1,15 @@ %define libmaj 0 %define libmin 9 %define librel 8 -#%define librev a -Release: 3 +%define librev a +Release: 1 %define openssldir /var/ssl Summary: Secure Sockets Layer and cryptography libraries and tools Name: openssl -Version: %{libmaj}.%{libmin}.%{librel} -#Version: %{libmaj}.%{libmin}.%{librel}%{librev} +#Version: %{libmaj}.%{libmin}.%{librel} +Version: %{libmaj}.%{libmin}.%{librel}%{librev} Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz Copyright: Freely distributable Group: System Environment/Libraries -- GitLab From 6cae8221c96321b749ab3a7b0e5f281478ba0185 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 5 Jul 2005 19:20:11 +0000 Subject: [PATCH 343/929] Oops, the release date in the FAQ was wrong. I'm not retagging it, but I made the same change in the distribution directory, so the distribution will have a corrected FAQ. --- FAQ | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/FAQ b/FAQ index f9f2e97733..82d8a6f887 100644 --- a/FAQ +++ b/FAQ @@ -72,7 +72,7 @@ OpenSSL - Frequently Asked Questions * Which is the current version of OpenSSL? The current version is available from . -OpenSSL 0.9.8 was released on June 5th, 2005. +OpenSSL 0.9.8 was released on July 5th, 2005. In addition to the current stable release, you can also access daily snapshots of the OpenSSL development version at Date: Fri, 8 Jul 2005 10:13:25 +0000 Subject: [PATCH 344/929] On case insensitive systems, 'install' gets mixed up with the existing file 'INSTALL', so we need to put some force into installing --- crypto/bf/Makefile | 5 ++++- crypto/des/Makefile | 5 ++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/crypto/bf/Makefile b/crypto/bf/Makefile index 385215b5e5..81e4b7cd84 100644 --- a/crypto/bf/Makefile +++ b/crypto/bf/Makefile @@ -62,7 +62,10 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) -install: +# We need to use force because 'install' matches 'INSTALL' on case +# insensitive systems +FRC.install: +install: FRC.install @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ diff --git a/crypto/des/Makefile b/crypto/des/Makefile index 434809ae85..aa633bf3eb 100644 --- a/crypto/des/Makefile +++ b/crypto/des/Makefile @@ -88,7 +88,10 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) -install: +# We need to use force because 'install' matches 'INSTALL' on case +# insensitive systems +FRC.install: +install: FRC.install @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ -- GitLab From 2a824402f3638ffbee72f0f27ab31e2e7c0fcee3 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Fri, 8 Jul 2005 16:48:34 +0000 Subject: [PATCH 345/929] DES CFB bug-fix from HEAD. --- crypto/des/cfb_enc.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/des/cfb_enc.c b/crypto/des/cfb_enc.c index 6738e7c0e5..720f29a28e 100644 --- a/crypto/des/cfb_enc.c +++ b/crypto/des/cfb_enc.c @@ -125,7 +125,7 @@ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits, sh[0]=v0, sh[1]=v1, sh[2]=d0, sh[3]=d1; #endif if (rem==0) - memcpy(ovec,ovec+num,8); + memmove(ovec,ovec+num,8); else for(i=0 ; i < 8 ; ++i) ovec[i]=ovec[i+num]< Date: Wed, 13 Jul 2005 21:58:40 +0000 Subject: [PATCH 346/929] the second argument to d2i_X509, d2i_X509_CRL and d2i_X509_REQ is const PR: 1156 Submitted by: Michael Bell --- doc/crypto/d2i_X509.pod | 2 +- doc/crypto/d2i_X509_CRL.pod | 2 +- doc/crypto/d2i_X509_REQ.pod | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/crypto/d2i_X509.pod b/doc/crypto/d2i_X509.pod index e8e946e18a..5bfa18afbb 100644 --- a/doc/crypto/d2i_X509.pod +++ b/doc/crypto/d2i_X509.pod @@ -9,7 +9,7 @@ i2d_X509_fp - X509 encode and decode functions #include - X509 *d2i_X509(X509 **px, unsigned char **in, int len); + X509 *d2i_X509(X509 **px, const unsigned char **in, int len); int i2d_X509(X509 *x, unsigned char **out); X509 *d2i_X509_bio(BIO *bp, X509 **x); diff --git a/doc/crypto/d2i_X509_CRL.pod b/doc/crypto/d2i_X509_CRL.pod index 06c5b23c09..e7295a5d61 100644 --- a/doc/crypto/d2i_X509_CRL.pod +++ b/doc/crypto/d2i_X509_CRL.pod @@ -9,7 +9,7 @@ i2d_X509_CRL_bio, i2d_X509_CRL_fp - PKCS#10 certificate request functions. #include - X509_CRL *d2i_X509_CRL(X509_CRL **a, unsigned char **pp, long length); + X509_CRL *d2i_X509_CRL(X509_CRL **a, const unsigned char **pp, long length); int i2d_X509_CRL(X509_CRL *a, unsigned char **pp); X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **x); diff --git a/doc/crypto/d2i_X509_REQ.pod b/doc/crypto/d2i_X509_REQ.pod index be4ad68257..ae32a3891d 100644 --- a/doc/crypto/d2i_X509_REQ.pod +++ b/doc/crypto/d2i_X509_REQ.pod @@ -9,7 +9,7 @@ i2d_X509_REQ_bio, i2d_X509_REQ_fp - PKCS#10 certificate request functions. #include - X509_REQ *d2i_X509_REQ(X509_REQ **a, unsigned char **pp, long length); + X509_REQ *d2i_X509_REQ(X509_REQ **a, const unsigned char **pp, long length); int i2d_X509_REQ(X509_REQ *a, unsigned char **pp); X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **x); -- GitLab From 273157153c867940891a028b8b96f562cb65701c Mon Sep 17 00:00:00 2001 From: Nils Larsch Date: Fri, 15 Jul 2005 09:50:38 +0000 Subject: [PATCH 347/929] add missing entries for "-multivalue-rdn" and "-utf8" in ca.pod and req.pod PR: 1158 Submitted by: Michael Bell --- doc/apps/ca.pod | 32 +++++++++++++++++++++++++------- doc/apps/req.pod | 10 ++++++++++ 2 files changed, 35 insertions(+), 7 deletions(-) diff --git a/doc/apps/ca.pod b/doc/apps/ca.pod index 42bae7f4a7..5618c2dc9d 100644 --- a/doc/apps/ca.pod +++ b/doc/apps/ca.pod @@ -17,7 +17,6 @@ B B [B<-crl_hold instruction>] [B<-crl_compromise time>] [B<-crl_CA_compromise time>] -[B<-subj arg>] [B<-crldays days>] [B<-crlhours hours>] [B<-crlexts section>] @@ -45,6 +44,9 @@ B B [B<-extensions section>] [B<-extfile section>] [B<-engine id>] +[B<-subj arg>] +[B<-utf8>] +[B<-multivalue-rdn>] =head1 DESCRIPTION @@ -218,6 +220,28 @@ to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms. +=item B<-subj arg> + +supersedes subject name given in the request. +The arg must be formatted as I, +characters may be escaped by \ (backslash), no spaces are skipped. + +=item B<-utf8> + +this option causes field values to be interpreted as UTF8 strings, by +default they are interpreted as ASCII. This means that the field +values, whether prompted from a terminal or obtained from a +configuration file, must be valid UTF8 strings. + +=item B<-multivalue-rdn> + +this option causes the -subj argument to be interpretedt with full +support for multivalued RDNs. Example: + +I + +If -multi-rdn is not used then the UID value is I<123456+CN=John Doe>. + =back =head1 CRL OPTIONS @@ -268,12 +292,6 @@ B