Things merged from the main trunk, among others some well needed Win32
fixes.
This commit is contained in:
parent
ccd98b43ed
commit
1b2f8b6e2a
25
CHANGES
25
CHANGES
@ -4,6 +4,27 @@
|
||||
|
||||
Changes between 0.9.5a and 0.9.6 [xx XXX 2000]
|
||||
|
||||
*) Add BSD-style MD5-based passwords to 'openssl passwd' (option '-1').
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Addition of the command line parameter '-rand file' to 'openssl req'.
|
||||
The given file adds to whatever has already been seeded into the
|
||||
random pool through the RANDFILE configuration file option or
|
||||
environment variable, or the default random state file.
|
||||
[Richard Levitte]
|
||||
|
||||
*) mkstack.pl now sorts each macro group into lexical order.
|
||||
Previously the output order depended on the order the files
|
||||
appeared in the directory, resulting in needless rewriting
|
||||
of safestack.h .
|
||||
[Steve Henson]
|
||||
|
||||
*) Patches to make OpenSSL compile under Win32 again. Mostly
|
||||
work arounds for the VC++ problem that it treats func() as
|
||||
func(void). Also stripped out the parts of mkdef.pl that
|
||||
added extra typesafe functions: these no longer exist.
|
||||
[Steve Henson]
|
||||
|
||||
*) Reorganisation of the stack code. The macros are now all
|
||||
collected in safestack.h . Each macro is defined in terms of
|
||||
a "stack macro" of the form SKM_<name>(type, a, b). The
|
||||
@ -13,8 +34,8 @@
|
||||
then the non typesafe macros are used instead. Also modified the
|
||||
mkstack.pl script to handle the new form. Needs testing to see
|
||||
if which (if any) compilers it chokes and maybe make DEBUG_SAFESTACK
|
||||
the default if no major problems. Also need analagous stuff for
|
||||
ASN1_SET_OF etc.
|
||||
the default if no major problems. Similar behaviour for ASN1_SET_OF
|
||||
and PKCS12_STACK_OF.
|
||||
[Steve Henson]
|
||||
|
||||
*) When some versions of IIS use the 'NET' form of private key the
|
||||
|
@ -383,7 +383,7 @@ my %table=(
|
||||
|
||||
# Some OpenBSD from Bob Beck <beck@obtuse.com>
|
||||
"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown)::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:::",
|
||||
"OpenBSD-x86", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}",
|
||||
"OpenBSD-x86", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn",
|
||||
"OpenBSD", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown)::BN_LLONG RC2_CHAR RC4_INDEX DES_UNROLL:::",
|
||||
"OpenBSD-mips","gcc:-O2 -DL_ENDIAN::(unknown):BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR::::",
|
||||
|
||||
|
2
TABLE
2
TABLE
@ -268,7 +268,7 @@ $cast_obj = asm/cx86-out.o
|
||||
$rc4_obj = asm/rx86-out.o
|
||||
$rmd160_obj = asm/rm86-out.o
|
||||
$rc5_obj = asm/r586-out.o
|
||||
$dso_scheme =
|
||||
$dso_scheme = dlfcn
|
||||
|
||||
*** ReliantUNIX
|
||||
$cc = cc
|
||||
|
@ -166,11 +166,13 @@ apps.o: ../include/openssl/buffer.h ../include/openssl/cast.h
|
||||
apps.o: ../include/openssl/crypto.h ../include/openssl/des.h
|
||||
apps.o: ../include/openssl/dh.h ../include/openssl/dsa.h
|
||||
apps.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
|
||||
apps.o: ../include/openssl/evp.h ../include/openssl/idea.h
|
||||
apps.o: ../include/openssl/lhash.h ../include/openssl/md2.h
|
||||
apps.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
|
||||
apps.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
|
||||
apps.o: ../include/openssl/opensslv.h ../include/openssl/pkcs7.h
|
||||
apps.o: ../include/openssl/err.h ../include/openssl/evp.h
|
||||
apps.o: ../include/openssl/idea.h ../include/openssl/lhash.h
|
||||
apps.o: ../include/openssl/md2.h ../include/openssl/md5.h
|
||||
apps.o: ../include/openssl/mdc2.h ../include/openssl/objects.h
|
||||
apps.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
|
||||
apps.o: ../include/openssl/pem.h ../include/openssl/pem2.h
|
||||
apps.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h
|
||||
apps.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
|
||||
apps.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
|
||||
apps.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
|
||||
|
237
apps/apps.c
237
apps/apps.c
@ -64,6 +64,11 @@
|
||||
#define NON_MAIN
|
||||
#include "apps.h"
|
||||
#undef NON_MAIN
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/pkcs12.h>
|
||||
#include <openssl/safestack.h>
|
||||
|
||||
#ifdef WINDOWS
|
||||
# include "bss_file.c"
|
||||
@ -159,6 +164,10 @@ int str2fmt(char *s)
|
||||
return(FORMAT_PEM);
|
||||
else if ((*s == 'N') || (*s == 'n'))
|
||||
return(FORMAT_NETSCAPE);
|
||||
else if ((*s == '1')
|
||||
|| (strcmp(s,"PKCS12") == 0) || (strcmp(s,"pkcs12") == 0)
|
||||
|| (strcmp(s,"P12") == 0) || (strcmp(s,"p12") == 0))
|
||||
return(FORMAT_PKCS12);
|
||||
else
|
||||
return(FORMAT_UNDEF);
|
||||
}
|
||||
@ -414,3 +423,231 @@ static char *app_get_pass(BIO *err, char *arg, int keepbio)
|
||||
if(tmp) *tmp = 0;
|
||||
return BUF_strdup(tpass);
|
||||
}
|
||||
|
||||
int add_oid_section(BIO *err, LHASH *conf)
|
||||
{
|
||||
char *p;
|
||||
STACK_OF(CONF_VALUE) *sktmp;
|
||||
CONF_VALUE *cnf;
|
||||
int i;
|
||||
if(!(p=CONF_get_string(conf,NULL,"oid_section"))) return 1;
|
||||
if(!(sktmp = CONF_get_section(conf, p))) {
|
||||
BIO_printf(err, "problem loading oid section %s\n", p);
|
||||
return 0;
|
||||
}
|
||||
for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
|
||||
cnf = sk_CONF_VALUE_value(sktmp, i);
|
||||
if(OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) {
|
||||
BIO_printf(err, "problem creating object %s=%s\n",
|
||||
cnf->name, cnf->value);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
X509 *load_cert(BIO *err, char *file, int format)
|
||||
{
|
||||
ASN1_HEADER *ah=NULL;
|
||||
BUF_MEM *buf=NULL;
|
||||
X509 *x=NULL;
|
||||
BIO *cert;
|
||||
|
||||
if ((cert=BIO_new(BIO_s_file())) == NULL)
|
||||
{
|
||||
ERR_print_errors(err);
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (file == NULL)
|
||||
BIO_set_fp(cert,stdin,BIO_NOCLOSE);
|
||||
else
|
||||
{
|
||||
if (BIO_read_filename(cert,file) <= 0)
|
||||
{
|
||||
perror(file);
|
||||
goto end;
|
||||
}
|
||||
}
|
||||
|
||||
if (format == FORMAT_ASN1)
|
||||
x=d2i_X509_bio(cert,NULL);
|
||||
else if (format == FORMAT_NETSCAPE)
|
||||
{
|
||||
unsigned char *p,*op;
|
||||
int size=0,i;
|
||||
|
||||
/* We sort of have to do it this way because it is sort of nice
|
||||
* to read the header first and check it, then
|
||||
* try to read the certificate */
|
||||
buf=BUF_MEM_new();
|
||||
for (;;)
|
||||
{
|
||||
if ((buf == NULL) || (!BUF_MEM_grow(buf,size+1024*10)))
|
||||
goto end;
|
||||
i=BIO_read(cert,&(buf->data[size]),1024*10);
|
||||
size+=i;
|
||||
if (i == 0) break;
|
||||
if (i < 0)
|
||||
{
|
||||
perror("reading certificate");
|
||||
goto end;
|
||||
}
|
||||
}
|
||||
p=(unsigned char *)buf->data;
|
||||
op=p;
|
||||
|
||||
/* First load the header */
|
||||
if ((ah=d2i_ASN1_HEADER(NULL,&p,(long)size)) == NULL)
|
||||
goto end;
|
||||
if ((ah->header == NULL) || (ah->header->data == NULL) ||
|
||||
(strncmp(NETSCAPE_CERT_HDR,(char *)ah->header->data,
|
||||
ah->header->length) != 0))
|
||||
{
|
||||
BIO_printf(err,"Error reading header on certificate\n");
|
||||
goto end;
|
||||
}
|
||||
/* header is ok, so now read the object */
|
||||
p=op;
|
||||
ah->meth=X509_asn1_meth();
|
||||
if ((ah=d2i_ASN1_HEADER(&ah,&p,(long)size)) == NULL)
|
||||
goto end;
|
||||
x=(X509 *)ah->data;
|
||||
ah->data=NULL;
|
||||
}
|
||||
else if (format == FORMAT_PEM)
|
||||
x=PEM_read_bio_X509_AUX(cert,NULL,NULL,NULL);
|
||||
else if (format == FORMAT_PKCS12)
|
||||
{
|
||||
PKCS12 *p12 = d2i_PKCS12_bio(cert, NULL);
|
||||
|
||||
PKCS12_parse(p12, NULL, NULL, &x, NULL);
|
||||
PKCS12_free(p12);
|
||||
p12 = NULL;
|
||||
}
|
||||
else {
|
||||
BIO_printf(err,"bad input format specified for input cert\n");
|
||||
goto end;
|
||||
}
|
||||
end:
|
||||
if (x == NULL)
|
||||
{
|
||||
BIO_printf(err,"unable to load certificate\n");
|
||||
ERR_print_errors(err);
|
||||
}
|
||||
if (ah != NULL) ASN1_HEADER_free(ah);
|
||||
if (cert != NULL) BIO_free(cert);
|
||||
if (buf != NULL) BUF_MEM_free(buf);
|
||||
return(x);
|
||||
}
|
||||
|
||||
EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass)
|
||||
{
|
||||
BIO *key=NULL;
|
||||
EVP_PKEY *pkey=NULL;
|
||||
|
||||
if (file == NULL)
|
||||
{
|
||||
BIO_printf(err,"no keyfile specified\n");
|
||||
goto end;
|
||||
}
|
||||
key=BIO_new(BIO_s_file());
|
||||
if (key == NULL)
|
||||
{
|
||||
ERR_print_errors(err);
|
||||
goto end;
|
||||
}
|
||||
if (BIO_read_filename(key,file) <= 0)
|
||||
{
|
||||
perror(file);
|
||||
goto end;
|
||||
}
|
||||
if (format == FORMAT_ASN1)
|
||||
{
|
||||
pkey=d2i_PrivateKey_bio(key, NULL);
|
||||
}
|
||||
else if (format == FORMAT_PEM)
|
||||
{
|
||||
pkey=PEM_read_bio_PrivateKey(key,NULL,NULL,pass);
|
||||
}
|
||||
else if (format == FORMAT_PKCS12)
|
||||
{
|
||||
PKCS12 *p12 = d2i_PKCS12_bio(key, NULL);
|
||||
|
||||
PKCS12_parse(p12, pass, &pkey, NULL, NULL);
|
||||
PKCS12_free(p12);
|
||||
p12 = NULL;
|
||||
}
|
||||
else
|
||||
{
|
||||
BIO_printf(err,"bad input format specified for key\n");
|
||||
goto end;
|
||||
}
|
||||
end:
|
||||
if (key != NULL) BIO_free(key);
|
||||
if (pkey == NULL)
|
||||
BIO_printf(err,"unable to load Private Key\n");
|
||||
return(pkey);
|
||||
}
|
||||
|
||||
STACK_OF(X509) *load_certs(BIO *err, char *file, int format)
|
||||
{
|
||||
BIO *certs;
|
||||
int i;
|
||||
STACK_OF(X509) *othercerts = NULL;
|
||||
STACK_OF(X509_INFO) *allcerts = NULL;
|
||||
X509_INFO *xi;
|
||||
|
||||
if((certs = BIO_new(BIO_s_file())) == NULL)
|
||||
{
|
||||
ERR_print_errors(err);
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (file == NULL)
|
||||
BIO_set_fp(certs,stdin,BIO_NOCLOSE);
|
||||
else
|
||||
{
|
||||
if (BIO_read_filename(certs,file) <= 0)
|
||||
{
|
||||
perror(file);
|
||||
goto end;
|
||||
}
|
||||
}
|
||||
|
||||
if (format == FORMAT_PEM)
|
||||
{
|
||||
othercerts = sk_X509_new(NULL);
|
||||
if(!othercerts)
|
||||
{
|
||||
sk_X509_free(othercerts);
|
||||
othercerts = NULL;
|
||||
goto end;
|
||||
}
|
||||
allcerts = PEM_X509_INFO_read_bio(certs, NULL, NULL, NULL);
|
||||
for(i = 0; i < sk_X509_INFO_num(allcerts); i++)
|
||||
{
|
||||
xi = sk_X509_INFO_value (allcerts, i);
|
||||
if (xi->x509)
|
||||
{
|
||||
sk_X509_push(othercerts, xi->x509);
|
||||
xi->x509 = NULL;
|
||||
}
|
||||
}
|
||||
goto end;
|
||||
}
|
||||
else {
|
||||
BIO_printf(err,"bad input format specified for input cert\n");
|
||||
goto end;
|
||||
}
|
||||
end:
|
||||
if (othercerts == NULL)
|
||||
{
|
||||
BIO_printf(err,"unable to load certificates\n");
|
||||
ERR_print_errors(err);
|
||||
}
|
||||
if (allcerts) sk_X509_INFO_pop_free(allcerts, X509_INFO_free);
|
||||
if (certs != NULL) BIO_free(certs);
|
||||
return(othercerts);
|
||||
}
|
||||
|
||||
|
@ -65,6 +65,7 @@
|
||||
#include <openssl/bio.h>
|
||||
#include <openssl/crypto.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/lhash.h>
|
||||
|
||||
int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn);
|
||||
int app_RAND_write_file(const char *file, BIO *bio_e);
|
||||
@ -146,11 +147,19 @@ int chopup_args(ARGS *arg,char *buf, int *argc, char **argv[]);
|
||||
int dump_cert_text(BIO *out, X509 *x);
|
||||
#endif
|
||||
int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2);
|
||||
int add_oid_section(BIO *err, LHASH *conf);
|
||||
X509 *load_cert(BIO *err, char *file, int format);
|
||||
EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass);
|
||||
STACK_OF(X509) *load_certs(BIO *err, char *file, int format);
|
||||
|
||||
#define FORMAT_UNDEF 0
|
||||
#define FORMAT_ASN1 1
|
||||
#define FORMAT_TEXT 2
|
||||
#define FORMAT_PEM 3
|
||||
#define FORMAT_NETSCAPE 4
|
||||
#define FORMAT_PKCS12 5
|
||||
|
||||
#define NETSCAPE_CERT_HDR "certificate"
|
||||
|
||||
#define APP_PASS_LEN 1024
|
||||
|
||||
|
25
apps/ca.c
25
apps/ca.c
@ -176,7 +176,6 @@ extern int EF_PROTECT_BELOW;
|
||||
extern int EF_ALIGNMENT;
|
||||
#endif
|
||||
|
||||
static int add_oid_section(LHASH *conf);
|
||||
static void lookup_fail(char *name,char *tag);
|
||||
static unsigned long index_serial_hash(char **a);
|
||||
static int index_serial_cmp(char **a, char **b);
|
||||
@ -498,7 +497,7 @@ bad:
|
||||
BIO_free(oid_bio);
|
||||
}
|
||||
}
|
||||
if(!add_oid_section(conf))
|
||||
if(!add_oid_section(bio_err,conf))
|
||||
{
|
||||
ERR_print_errors(bio_err);
|
||||
goto err;
|
||||
@ -2100,28 +2099,6 @@ static int check_time_format(char *str)
|
||||
return(ASN1_UTCTIME_check(&tm));
|
||||
}
|
||||
|
||||
static int add_oid_section(LHASH *hconf)
|
||||
{
|
||||
char *p;
|
||||
STACK_OF(CONF_VALUE) *sktmp;
|
||||
CONF_VALUE *cnf;
|
||||
int i;
|
||||
if(!(p=CONF_get_string(hconf,NULL,"oid_section"))) return 1;
|
||||
if(!(sktmp = CONF_get_section(hconf, p))) {
|
||||
BIO_printf(bio_err, "problem loading oid section %s\n", p);
|
||||
return 0;
|
||||
}
|
||||
for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
|
||||
cnf = sk_CONF_VALUE_value(sktmp, i);
|
||||
if(OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) {
|
||||
BIO_printf(bio_err, "problem creating object %s=%s\n",
|
||||
cnf->name, cnf->value);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int do_revoke(X509 *x509, TXT_DB *db)
|
||||
{
|
||||
ASN1_UTCTIME *tm=NULL, *revtm=NULL;
|
||||
|
@ -1,10 +1,10 @@
|
||||
/* apps/passwd.c */
|
||||
|
||||
#if defined NO_MD5 || defined CHARSET_EBCDIC
|
||||
# define NO_APR1
|
||||
# define NO_MD5CRYPT_1
|
||||
#endif
|
||||
|
||||
#if !defined(NO_DES) || !defined(NO_APR1)
|
||||
#if !defined(NO_DES) || !defined(NO_MD5CRYPT_1)
|
||||
|
||||
#include <assert.h>
|
||||
#include <string.h>
|
||||
@ -19,7 +19,7 @@
|
||||
#ifndef NO_DES
|
||||
# include <openssl/des.h>
|
||||
#endif
|
||||
#ifndef NO_APR1
|
||||
#ifndef NO_MD5CRYPT_1
|
||||
# include <openssl/md5.h>
|
||||
#endif
|
||||
|
||||
@ -42,10 +42,11 @@ static unsigned const char cov_2char[64]={
|
||||
|
||||
static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
|
||||
char *passwd, BIO *out, int quiet, int table, int reverse,
|
||||
size_t pw_maxlen, int usecrypt, int useapr1);
|
||||
size_t pw_maxlen, int usecrypt, int use1, int useapr1);
|
||||
|
||||
/* -crypt - standard Unix password algorithm (default, only choice)
|
||||
* -apr1 - MD5-based password algorithm
|
||||
* -1 - MD5-based password algorithm
|
||||
* -apr1 - MD5-based password algorithm, Apache variant
|
||||
* -salt string - salt
|
||||
* -in file - read passwords from file
|
||||
* -stdin - read passwords from stdin
|
||||
@ -68,7 +69,7 @@ int MAIN(int argc, char **argv)
|
||||
BIO *in = NULL, *out = NULL;
|
||||
int i, badopt, opt_done;
|
||||
int passed_salt = 0, quiet = 0, table = 0, reverse = 0;
|
||||
int usecrypt = 0, useapr1 = 0;
|
||||
int usecrypt = 0, use1 = 0, useapr1 = 0;
|
||||
size_t pw_maxlen = 0;
|
||||
|
||||
apps_startup();
|
||||
@ -87,6 +88,8 @@ int MAIN(int argc, char **argv)
|
||||
{
|
||||
if (strcmp(argv[i], "-crypt") == 0)
|
||||
usecrypt = 1;
|
||||
else if (strcmp(argv[i], "-1") == 0)
|
||||
use1 = 1;
|
||||
else if (strcmp(argv[i], "-apr1") == 0)
|
||||
useapr1 = 1;
|
||||
else if (strcmp(argv[i], "-salt") == 0)
|
||||
@ -138,17 +141,17 @@ int MAIN(int argc, char **argv)
|
||||
badopt = 1;
|
||||
}
|
||||
|
||||
if (!usecrypt && !useapr1) /* use default */
|
||||
if (!usecrypt && !use1 && !useapr1) /* use default */
|
||||
usecrypt = 1;
|
||||
if (usecrypt + useapr1 > 1) /* conflict */
|
||||
if (usecrypt + use1 + useapr1 > 1) /* conflict */
|
||||
badopt = 1;
|
||||
|
||||
/* reject unsupported algorithms */
|
||||
#ifdef NO_DES
|
||||
if (usecrypt) badopt = 1;
|
||||
#endif
|
||||
#ifdef NO_APR1
|
||||
if (useapr1) badopt = 1;
|
||||
#ifdef NO_MD5CRYPT_1
|
||||
if (use1 || useapr1) badopt = 1;
|
||||
#endif
|
||||
|
||||
if (badopt)
|
||||
@ -158,8 +161,9 @@ int MAIN(int argc, char **argv)
|
||||
#ifndef NO_DES
|
||||
BIO_printf(bio_err, "-crypt standard Unix password algorithm (default)\n");
|
||||
#endif
|
||||
#ifndef NO_APR1
|
||||
BIO_printf(bio_err, "-apr1 MD5-based password algorithm\n");
|
||||
#ifndef NO_MD5CRYPT_1
|
||||
BIO_printf(bio_err, "-1 MD5-based password algorithm\n");
|
||||
BIO_printf(bio_err, "-apr1 MD5-based password algorithm, Apache variant\n");
|
||||
#endif
|
||||
BIO_printf(bio_err, "-salt string use provided salt\n");
|
||||
BIO_printf(bio_err, "-in file read passwords from file\n");
|
||||
@ -191,7 +195,7 @@ int MAIN(int argc, char **argv)
|
||||
|
||||
if (usecrypt)
|
||||
pw_maxlen = 8;
|
||||
else if (useapr1)
|
||||
else if (use1 || useapr1)
|
||||
pw_maxlen = 256; /* arbitrary limit, should be enough for most passwords */
|
||||
|
||||
if (passwds == NULL)
|
||||
@ -226,7 +230,7 @@ int MAIN(int argc, char **argv)
|
||||
{
|
||||
passwd = *passwds++;
|
||||
if (!do_passwd(passed_salt, &salt, &salt_malloc, passwd, out,
|
||||
quiet, table, reverse, pw_maxlen, usecrypt, useapr1))
|
||||
quiet, table, reverse, pw_maxlen, usecrypt, use1, useapr1))
|
||||
goto err;
|
||||
}
|
||||
while (*passwds != NULL);
|
||||
@ -255,7 +259,7 @@ int MAIN(int argc, char **argv)
|
||||
}
|
||||
|
||||
if (!do_passwd(passed_salt, &salt, &salt_malloc, passwd, out,
|
||||
quiet, table, reverse, pw_maxlen, usecrypt, useapr1))
|
||||
quiet, table, reverse, pw_maxlen, usecrypt, use1, useapr1))
|
||||
goto err;
|
||||
}
|
||||
done = (r <= 0);
|
||||
@ -277,11 +281,18 @@ err:
|
||||
}
|
||||
|
||||
|
||||
#ifndef NO_APR1
|
||||
/* MD5-based password algorithm compatible to the one found in Apache
|
||||
* (should probably be available as a library function;
|
||||
* then the static buffer would not be acceptable) */
|
||||
static char *apr1_crypt(const char *passwd, const char *salt)
|
||||
#ifndef NO_MD5CRYPT_1
|
||||
/* MD5-based password algorithm (should probably be available as a library
|
||||
* function; then the static buffer would not be acceptable).
|
||||
* For magic string "1", this should be compatible to the MD5-based BSD
|
||||
* password algorithm.
|
||||
* For 'magic' string "apr1", this is compatible to the MD5-based Apache
|
||||
* password algorithm.
|
||||
* (Apparently, the Apache password algorithm is identical except that the
|
||||
* 'magic' string was changed -- the laziest application of the NIH principle
|
||||
* I've ever encountered.)
|
||||
*/
|
||||
static char *md5crypt(const char *passwd, const char *magic, const char *salt)
|
||||
{
|
||||
static char out_buf[6 + 9 + 24 + 2]; /* "$apr1$..salt..$.......md5hash..........\0" */
|
||||
unsigned char buf[MD5_DIGEST_LENGTH];
|
||||
@ -291,7 +302,11 @@ static char *apr1_crypt(const char *passwd, const char *salt)
|
||||
size_t passwd_len, salt_len;
|
||||
|
||||
passwd_len = strlen(passwd);
|
||||
strcpy(out_buf, "$apr1$");
|
||||
out_buf[0] = '$';
|
||||
out_buf[1] = 0;
|
||||
assert(strlen(magic) <= 4); /* "1" or "apr1" */
|
||||
strncat(out_buf, magic, 4);
|
||||
strncat(out_buf, "$", 1);
|
||||
strncat(out_buf, salt, 8);
|
||||
assert(strlen(out_buf) <= 6 + 8); /* "$apr1$..salt.." */
|
||||
salt_out = out_buf + 6;
|
||||
@ -300,7 +315,9 @@ static char *apr1_crypt(const char *passwd, const char *salt)
|
||||
|
||||
MD5_Init(&md);
|
||||
MD5_Update(&md, passwd, passwd_len);
|
||||
MD5_Update(&md, "$apr1$", 6);
|
||||
MD5_Update(&md, "$", 1);
|
||||
MD5_Update(&md, magic, strlen(magic));
|
||||
MD5_Update(&md, "$", 1);
|
||||
MD5_Update(&md, salt_out, salt_len);
|
||||
|
||||
{
|
||||
@ -384,7 +401,7 @@ static char *apr1_crypt(const char *passwd, const char *salt)
|
||||
|
||||
static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
|
||||
char *passwd, BIO *out, int quiet, int table, int reverse,
|
||||
size_t pw_maxlen, int usecrypt, int useapr1)
|
||||
size_t pw_maxlen, int usecrypt, int use1, int useapr1)
|
||||
{
|
||||
char *hash = NULL;
|
||||
|
||||
@ -415,8 +432,8 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
|
||||
}
|
||||
#endif /* !NO_DES */
|
||||
|
||||
#ifndef NO_APR1
|
||||
if (useapr1)
|
||||
#ifndef NO_MD5CRYPT_1
|
||||
if (use1 || useapr1)
|
||||
{
|
||||
int i;
|
||||
|
||||
@ -433,7 +450,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
|
||||
(*salt_p)[i] = cov_2char[(*salt_p)[i] & 0x3f]; /* 6 bits */
|
||||
(*salt_p)[8] = 0;
|
||||
}
|
||||
#endif /* !NO_APR1 */
|
||||
#endif /* !NO_MD5CRYPT_1 */
|
||||
}
|
||||
|
||||
assert(*salt_p != NULL);
|
||||
@ -452,9 +469,9 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
|
||||
if (usecrypt)
|
||||
hash = des_crypt(passwd, *salt_p);
|
||||
#endif
|
||||
#ifndef NO_APR1
|
||||
if (useapr1)
|
||||
hash = apr1_crypt(passwd, *salt_p);
|
||||
#ifndef NO_MD5CRYPT_1
|
||||
if (use1 || useapr1)
|
||||
hash = md5crypt(passwd, (use1 ? "1" : "apr1"), *salt_p);
|
||||
#endif
|
||||
assert(hash != NULL);
|
||||
|
||||
|
170
apps/pem_mail.c
170
apps/pem_mail.c
@ -1,170 +0,0 @@
|
||||
/* apps/pem_mail.c */
|
||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
* This package is an SSL implementation written
|
||||
* by Eric Young (eay@cryptsoft.com).
|
||||
* The implementation was written so as to conform with Netscapes SSL.
|
||||
*
|
||||
* This library is free for commercial and non-commercial use as long as
|
||||
* the following conditions are aheared to. The following conditions
|
||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||
* included with this distribution is covered by the same copyright terms
|
||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||
* the code are not to be removed.
|
||||
* If this package is used in a product, Eric Young should be given attribution
|
||||
* as the author of the parts of the library used.
|
||||
* This can be in the form of a textual message at program startup or
|
||||
* in documentation (online or textual) provided with the package.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. All advertising materials mentioning features or use of this software
|
||||
* must display the following acknowledgement:
|
||||
* "This product includes cryptographic software written by
|
||||
* Eric Young (eay@cryptsoft.com)"
|
||||
* The word 'cryptographic' can be left out if the rouines from the library
|
||||
* being used are not cryptographic related :-).
|
||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||
* the apps directory (application code) you must include an acknowledgement:
|
||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* The licence and distribution terms for any publically available version or
|
||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||
* copied and put under another distribution licence
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
#ifndef NO_RSA
|
||||
#include <stdio.h>
|
||||
#include <openssl/rsa.h>
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/objects.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/pem.h>
|
||||
#include "apps.h"
|
||||
|
||||
#undef PROG
|
||||
#define PROG pem_mail_main
|
||||
|
||||
static char *usage[]={
|
||||
"usage: pem_mail args\n",
|
||||
"\n",
|
||||
" -in arg - input file - default stdin\n",
|
||||
" -out arg - output file - default stdout\n",
|
||||
" -cert arg - the certificate to use\n",
|
||||
" -key arg - the private key to use\n",
|
||||
" -MIC - sign the message\n",
|
||||
" -enc arg - encrypt with one of cbc-des\n",
|
||||
NULL
|
||||
};
|
||||
|
||||
|
||||
typedef struct lines_St
|
||||
{
|
||||
char *line;
|
||||
struct lines_st *next;
|
||||
} LINES;
|
||||
|
||||
int main(int argc, char **argv)
|
||||
{
|
||||
FILE *in;
|
||||
RSA *rsa=NULL;
|
||||
EVP_MD_CTX ctx;
|
||||
unsigned int mic=0,i,n;
|
||||
unsigned char buf[1024*15];
|
||||
char *prog,*infile=NULL,*outfile=NULL,*key=NULL;
|
||||
int badops=0;
|
||||
|
||||
apps_startup();
|
||||
|
||||
prog=argv[0];
|
||||
argc--;
|
||||
argv++;
|
||||
while (argc >= 1)
|
||||
{
|
||||
if (strcmp(*argv,"-key") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
key= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-in") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
infile= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-out") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
outfile= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-mic") == 0)
|
||||
mic=1;
|
||||
else
|
||||
{
|
||||
BIO_printf(bio_err,"unknown option %s\n",*argv);
|
||||
badops=1;
|
||||
break;
|
||||
}
|
||||
argc--;
|
||||
argv++;
|
||||
}
|
||||
|
||||
if (badops)
|
||||
{
|
||||
bad:
|
||||
BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
|
||||
BIO_printf(bio_err,"where options are\n");
|
||||
EXIT(1);
|
||||
}
|
||||
|
||||
if (key == NULL)
|
||||
{ BIO_printf(bio_err,"you need to specify a key\n"); EXIT(1); }
|
||||
in=fopen(key,"r");
|
||||
if (in == NULL) { perror(key); EXIT(1); }
|
||||
rsa=PEM_read_RSAPrivateKey(in,NULL,NULL);
|
||||
if (rsa == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"unable to load Private Key\n");
|
||||
ERR_print_errors(bio_err);
|
||||
EXIT(1);
|
||||
}
|
||||
fclose(in);
|
||||
|
||||
PEM_SignInit(&ctx,EVP_md5());
|
||||
for (;;)
|
||||
{
|
||||
i=fread(buf,1,1024*10,stdin);
|
||||
if (i <= 0) break;
|
||||
PEM_SignUpdate(&ctx,buf,i);
|
||||
}
|
||||
if (!PEM_SignFinal(&ctx,buf,&n,rsa)) goto err;
|
||||
BIO_printf(bio_err,"%s\n",buf);
|
||||
EXIT(0);
|
||||
err:
|
||||
ERR_print_errors(bio_err);
|
||||
EXIT(1);
|
||||
}
|
||||
#endif
|
37
apps/req.c
37
apps/req.c
@ -102,6 +102,7 @@
|
||||
* -config file - Load configuration file.
|
||||
* -key file - make a request using key in file (or use it for verification).
|
||||
* -keyform - key file format.
|
||||
* -rand file(s) - load the file(s) into the PRNG.
|
||||
* -newkey - make a key and a request.
|
||||
* -modulus - print RSA modulus.
|
||||
* -x509 - output a self signed X509 structure instead.
|
||||
@ -125,7 +126,6 @@ static void MS_CALLBACK req_cb(int p,int n,void *arg);
|
||||
#endif
|
||||
static int req_check_len(int len,int min,int max);
|
||||
static int check_end(char *str, char *end);
|
||||
static int add_oid_section(LHASH *conf);
|
||||
#ifndef MONOLITH
|
||||
static char *default_config_file=NULL;
|
||||
static LHASH *config=NULL;
|
||||
@ -156,6 +156,7 @@ int MAIN(int argc, char **argv)
|
||||
char *req_exts = NULL;
|
||||
EVP_CIPHER *cipher=NULL;
|
||||
int modulus=0;
|
||||
char *inrand=NULL;
|
||||
char *passargin = NULL, *passargout = NULL;
|
||||
char *passin = NULL, *passout = NULL;
|
||||
char *p;
|
||||
@ -239,6 +240,11 @@ int MAIN(int argc, char **argv)
|
||||
if (--argc < 1) goto bad;
|
||||
passargout= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-rand") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
inrand= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-newkey") == 0)
|
||||
{
|
||||
int is_numeric;
|
||||
@ -372,6 +378,9 @@ bad:
|
||||
BIO_printf(bio_err," -key file use the private key contained in file\n");
|
||||
BIO_printf(bio_err," -keyform arg key file format\n");
|
||||
BIO_printf(bio_err," -keyout arg file to send the key to\n");
|
||||
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
|
||||
BIO_printf(bio_err," load the file (or the files in the directory) into\n");
|
||||
BIO_printf(bio_err," the random number generator\n");
|
||||
BIO_printf(bio_err," -newkey rsa:bits generate a new RSA key of 'bits' in size\n");
|
||||
BIO_printf(bio_err," -newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'\n");
|
||||
|
||||
@ -457,7 +466,7 @@ bad:
|
||||
}
|
||||
}
|
||||
}
|
||||
if(!add_oid_section(req_conf)) goto end;
|
||||
if(!add_oid_section(bio_err, req_conf)) goto end;
|
||||
|
||||
if ((md_alg == NULL) &&
|
||||
((p=CONF_get_string(req_conf,SECTION,"default_md")) != NULL))
|
||||
@ -544,6 +553,8 @@ bad:
|
||||
{
|
||||
char *randfile = CONF_get_string(req_conf,SECTION,"RANDFILE");
|
||||
app_RAND_load_file(randfile, bio_err, 0);
|
||||
if (inrand)
|
||||
app_RAND_load_files(inrand);
|
||||
|
||||
if (newkey <= 0)
|
||||
{
|
||||
@ -1256,25 +1267,3 @@ static int check_end(char *str, char *end)
|
||||
tmp = str + slen - elen;
|
||||
return strcmp(tmp, end);
|
||||
}
|
||||
|
||||
static int add_oid_section(LHASH *conf)
|
||||
{
|
||||
char *p;
|
||||
STACK_OF(CONF_VALUE) *sktmp;
|
||||
CONF_VALUE *cnf;
|
||||
int i;
|
||||
if(!(p=CONF_get_string(conf,NULL,"oid_section"))) return 1;
|
||||
if(!(sktmp = CONF_get_section(conf, p))) {
|
||||
BIO_printf(bio_err, "problem loading oid section %s\n", p);
|
||||
return 0;
|
||||
}
|
||||
for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
|
||||
cnf = sk_CONF_VALUE_value(sktmp, i);
|
||||
if(OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) {
|
||||
BIO_printf(bio_err, "problem creating object %s=%s\n",
|
||||
cnf->name, cnf->value);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
56
apps/smime.c
56
apps/smime.c
@ -67,9 +67,6 @@
|
||||
|
||||
#undef PROG
|
||||
#define PROG smime_main
|
||||
static X509 *load_cert(char *file);
|
||||
static EVP_PKEY *load_key(char *file, char *pass);
|
||||
static STACK_OF(X509) *load_certs(char *file);
|
||||
static X509_STORE *setup_verify(char *CAfile, char *CApath);
|
||||
static int save_certs(char *signerfile, STACK_OF(X509) *signers);
|
||||
|
||||
@ -311,7 +308,7 @@ int MAIN(int argc, char **argv)
|
||||
}
|
||||
encerts = sk_X509_new_null();
|
||||
while (*args) {
|
||||
if(!(cert = load_cert(*args))) {
|
||||
if(!(cert = load_cert(bio_err,*args,FORMAT_PEM))) {
|
||||
BIO_printf(bio_err, "Can't read recipient certificate file %s\n", *args);
|
||||
goto end;
|
||||
}
|
||||
@ -322,14 +319,14 @@ int MAIN(int argc, char **argv)
|
||||
}
|
||||
|
||||
if(signerfile && (operation == SMIME_SIGN)) {
|
||||
if(!(signer = load_cert(signerfile))) {
|
||||
if(!(signer = load_cert(bio_err,signerfile,FORMAT_PEM))) {
|
||||
BIO_printf(bio_err, "Can't read signer certificate file %s\n", signerfile);
|
||||
goto end;
|
||||
}
|
||||
}
|
||||
|
||||
if(certfile) {
|
||||
if(!(other = load_certs(certfile))) {
|
||||
if(!(other = load_certs(bio_err,certfile,FORMAT_PEM))) {
|
||||
BIO_printf(bio_err, "Can't read certificate file %s\n", certfile);
|
||||
ERR_print_errors(bio_err);
|
||||
goto end;
|
||||
@ -337,7 +334,7 @@ int MAIN(int argc, char **argv)
|
||||
}
|
||||
|
||||
if(recipfile && (operation == SMIME_DECRYPT)) {
|
||||
if(!(recip = load_cert(recipfile))) {
|
||||
if(!(recip = load_cert(bio_err,recipfile,FORMAT_PEM))) {
|
||||
BIO_printf(bio_err, "Can't read recipient certificate file %s\n", recipfile);
|
||||
ERR_print_errors(bio_err);
|
||||
goto end;
|
||||
@ -351,7 +348,7 @@ int MAIN(int argc, char **argv)
|
||||
} else keyfile = NULL;
|
||||
|
||||
if(keyfile) {
|
||||
if(!(key = load_key(keyfile, passin))) {
|
||||
if(!(key = load_key(bio_err,keyfile, FORMAT_PEM, passin))) {
|
||||
BIO_printf(bio_err, "Can't read recipient certificate file %s\n", keyfile);
|
||||
ERR_print_errors(bio_err);
|
||||
goto end;
|
||||
@ -447,49 +444,6 @@ end:
|
||||
return (ret);
|
||||
}
|
||||
|
||||
static X509 *load_cert(char *file)
|
||||
{
|
||||
BIO *in;
|
||||
X509 *cert;
|
||||
if(!(in = BIO_new_file(file, "r"))) return NULL;
|
||||
cert = PEM_read_bio_X509(in, NULL, NULL,NULL);
|
||||
BIO_free(in);
|
||||
return cert;
|
||||
}
|
||||
|
||||
static EVP_PKEY *load_key(char *file, char *pass)
|
||||
{
|
||||
BIO *in;
|
||||
EVP_PKEY *key;
|
||||
if(!(in = BIO_new_file(file, "r"))) return NULL;
|
||||
key = PEM_read_bio_PrivateKey(in, NULL,NULL,pass);
|
||||
BIO_free(in);
|
||||
return key;
|
||||
}
|
||||
|
||||
static STACK_OF(X509) *load_certs(char *file)
|
||||
{
|
||||
BIO *in;
|
||||
int i;
|
||||
STACK_OF(X509) *othercerts;
|
||||
STACK_OF(X509_INFO) *allcerts;
|
||||
X509_INFO *xi;
|
||||
if(!(in = BIO_new_file(file, "r"))) return NULL;
|
||||
othercerts = sk_X509_new(NULL);
|
||||
if(!othercerts) return NULL;
|
||||
allcerts = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL);
|
||||
for(i = 0; i < sk_X509_INFO_num(allcerts); i++) {
|
||||
xi = sk_X509_INFO_value (allcerts, i);
|
||||
if (xi->x509) {
|
||||
sk_X509_push(othercerts, xi->x509);
|
||||
xi->x509 = NULL;
|
||||
}
|
||||
}
|
||||
sk_X509_INFO_pop_free(allcerts, X509_INFO_free);
|
||||
BIO_free(in);
|
||||
return othercerts;
|
||||
}
|
||||
|
||||
static X509_STORE *setup_verify(char *CAfile, char *CApath)
|
||||
{
|
||||
X509_STORE *store;
|
||||
|
148
apps/x509.c
148
apps/x509.c
@ -81,8 +81,6 @@
|
||||
#define POSTFIX ".srl"
|
||||
#define DEF_DAYS 30
|
||||
|
||||
#define CERT_HDR "certificate"
|
||||
|
||||
static char *x509_usage[]={
|
||||
"usage: x509 args\n",
|
||||
" -inform arg - input format - default PEM (one of DER, NET or PEM)\n",
|
||||
@ -134,8 +132,6 @@ NULL
|
||||
};
|
||||
|
||||
static int MS_CALLBACK callb(int ok, X509_STORE_CTX *ctx);
|
||||
static EVP_PKEY *load_key(char *file, int format, char *passin);
|
||||
static X509 *load_cert(char *file, int format);
|
||||
static int sign (X509 *x, EVP_PKEY *pkey,int days,int clrext, const EVP_MD *digest,
|
||||
LHASH *conf, char *section);
|
||||
static int x509_certify (X509_STORE *ctx,char *CAfile,const EVP_MD *digest,
|
||||
@ -547,12 +543,12 @@ bad:
|
||||
EVP_PKEY_free(pkey);
|
||||
}
|
||||
else
|
||||
x=load_cert(infile,informat);
|
||||
x=load_cert(bio_err,infile,informat);
|
||||
|
||||
if (x == NULL) goto end;
|
||||
if (CA_flag)
|
||||
{
|
||||
xca=load_cert(CAfile,CAformat);
|
||||
xca=load_cert(bio_err,CAfile,CAformat);
|
||||
if (xca == NULL) goto end;
|
||||
}
|
||||
|
||||
@ -791,7 +787,8 @@ bad:
|
||||
BIO_printf(bio_err,"Getting Private key\n");
|
||||
if (Upkey == NULL)
|
||||
{
|
||||
Upkey=load_key(keyfile,keyformat, passin);
|
||||
Upkey=load_key(bio_err,
|
||||
keyfile,keyformat, passin);
|
||||
if (Upkey == NULL) goto end;
|
||||
}
|
||||
#ifndef NO_DSA
|
||||
@ -808,7 +805,8 @@ bad:
|
||||
BIO_printf(bio_err,"Getting CA Private Key\n");
|
||||
if (CAkeyfile != NULL)
|
||||
{
|
||||
CApkey=load_key(CAkeyfile,CAkeyformat, passin);
|
||||
CApkey=load_key(bio_err,
|
||||
CAkeyfile,CAkeyformat, passin);
|
||||
if (CApkey == NULL) goto end;
|
||||
}
|
||||
#ifndef NO_DSA
|
||||
@ -834,7 +832,8 @@ bad:
|
||||
}
|
||||
else
|
||||
{
|
||||
pk=load_key(keyfile,FORMAT_PEM, passin);
|
||||
pk=load_key(bio_err,
|
||||
keyfile,FORMAT_PEM, passin);
|
||||
if (pk == NULL) goto end;
|
||||
}
|
||||
|
||||
@ -894,8 +893,8 @@ bad:
|
||||
ASN1_HEADER ah;
|
||||
ASN1_OCTET_STRING os;
|
||||
|
||||
os.data=(unsigned char *)CERT_HDR;
|
||||
os.length=strlen(CERT_HDR);
|
||||
os.data=(unsigned char *)NETSCAPE_CERT_HDR;
|
||||
os.length=strlen(NETSCAPE_CERT_HDR);
|
||||
ah.header= &os;
|
||||
ah.data=(char *)x;
|
||||
ah.meth=X509_asn1_meth();
|
||||
@ -1114,133 +1113,6 @@ static int MS_CALLBACK callb(int ok, X509_STORE_CTX *ctx)
|
||||
}
|
||||
}
|
||||
|
||||
static EVP_PKEY *load_key(char *file, int format, char *passin)
|
||||
{
|
||||
BIO *key=NULL;
|
||||
EVP_PKEY *pkey=NULL;
|
||||
|
||||
if (file == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"no keyfile specified\n");
|
||||
goto end;
|
||||
}
|
||||
key=BIO_new(BIO_s_file());
|
||||
if (key == NULL)
|
||||
{
|
||||
ERR_print_errors(bio_err);
|
||||
goto end;
|
||||
}
|
||||
if (BIO_read_filename(key,file) <= 0)
|
||||
{
|
||||
perror(file);
|
||||
goto end;
|
||||
}
|
||||
if (format == FORMAT_ASN1)
|
||||
{
|
||||
pkey=d2i_PrivateKey_bio(key, NULL);
|
||||
}
|
||||
else if (format == FORMAT_PEM)
|
||||
{
|
||||
pkey=PEM_read_bio_PrivateKey(key,NULL,NULL,passin);
|
||||
}
|
||||
else
|
||||
{
|
||||
BIO_printf(bio_err,"bad input format specified for key\n");
|
||||
goto end;
|
||||
}
|
||||
end:
|
||||
if (key != NULL) BIO_free(key);
|
||||
if (pkey == NULL)
|
||||
BIO_printf(bio_err,"unable to load Private Key\n");
|
||||
return(pkey);
|
||||
}
|
||||
|
||||
static X509 *load_cert(char *file, int format)
|
||||
{
|
||||
ASN1_HEADER *ah=NULL;
|
||||
BUF_MEM *buf=NULL;
|
||||
X509 *x=NULL;
|
||||
BIO *cert;
|
||||
|
||||
if ((cert=BIO_new(BIO_s_file())) == NULL)
|
||||
{
|
||||
ERR_print_errors(bio_err);
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (file == NULL)
|
||||
BIO_set_fp(cert,stdin,BIO_NOCLOSE);
|
||||
else
|
||||
{
|
||||
if (BIO_read_filename(cert,file) <= 0)
|
||||
{
|
||||
perror(file);
|
||||
goto end;
|
||||
}
|
||||
}
|
||||
if (format == FORMAT_ASN1)
|
||||
x=d2i_X509_bio(cert,NULL);
|
||||
else if (format == FORMAT_NETSCAPE)
|
||||
{
|
||||
unsigned char *p,*op;
|
||||
int size=0,i;
|
||||
|
||||
/* We sort of have to do it this way because it is sort of nice
|
||||
* to read the header first and check it, then
|
||||
* try to read the certificate */
|
||||
buf=BUF_MEM_new();
|
||||
for (;;)
|
||||
{
|
||||
if ((buf == NULL) || (!BUF_MEM_grow(buf,size+1024*10)))
|
||||
goto end;
|
||||
i=BIO_read(cert,&(buf->data[size]),1024*10);
|
||||
size+=i;
|
||||
if (i == 0) break;
|
||||
if (i < 0)
|
||||
{
|
||||
perror("reading certificate");
|
||||
goto end;
|
||||
}
|
||||
}
|
||||
p=(unsigned char *)buf->data;
|
||||
op=p;
|
||||
|
||||
/* First load the header */
|
||||
if ((ah=d2i_ASN1_HEADER(NULL,&p,(long)size)) == NULL)
|
||||
goto end;
|
||||
if ((ah->header == NULL) || (ah->header->data == NULL) ||
|
||||
(strncmp(CERT_HDR,(char *)ah->header->data,
|
||||
ah->header->length) != 0))
|
||||
{
|
||||
BIO_printf(bio_err,"Error reading header on certificate\n");
|
||||
goto end;
|
||||
}
|
||||
/* header is ok, so now read the object */
|
||||
p=op;
|
||||
ah->meth=X509_asn1_meth();
|
||||
if ((ah=d2i_ASN1_HEADER(&ah,&p,(long)size)) == NULL)
|
||||
goto end;
|
||||
x=(X509 *)ah->data;
|
||||
ah->data=NULL;
|
||||
}
|
||||
else if (format == FORMAT_PEM)
|
||||
x=PEM_read_bio_X509_AUX(cert,NULL,NULL,NULL);
|
||||
else {
|
||||
BIO_printf(bio_err,"bad input format specified for input cert\n");
|
||||
goto end;
|
||||
}
|
||||
end:
|
||||
if (x == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"unable to load certificate\n");
|
||||
ERR_print_errors(bio_err);
|
||||
}
|
||||
if (ah != NULL) ASN1_HEADER_free(ah);
|
||||
if (cert != NULL) BIO_free(cert);
|
||||
if (buf != NULL) BUF_MEM_free(buf);
|
||||
return(x);
|
||||
}
|
||||
|
||||
/* self sign */
|
||||
static int sign(X509 *x, EVP_PKEY *pkey, int days, int clrext, const EVP_MD *digest,
|
||||
LHASH *conf, char *section)
|
||||
|
@ -152,7 +152,7 @@ SetBlob
|
||||
}
|
||||
|
||||
STACK *d2i_ASN1_SET(STACK **a, unsigned char **pp, long length,
|
||||
char *(*func)(), void (*free_func)(), int ex_tag, int ex_class)
|
||||
char *(*func)(), void (*free_func)(void *), int ex_tag, int ex_class)
|
||||
{
|
||||
ASN1_CTX c;
|
||||
STACK *ret=NULL;
|
||||
|
@ -67,7 +67,7 @@ static STACK_OF(ASN1_STRING_TABLE) *stable = NULL;
|
||||
static void st_free(ASN1_STRING_TABLE *tbl);
|
||||
static int sk_table_cmp(const ASN1_STRING_TABLE * const *a,
|
||||
const ASN1_STRING_TABLE * const *b);
|
||||
static int table_cmp(ASN1_STRING_TABLE *a, ASN1_STRING_TABLE *b);
|
||||
static int table_cmp(const void *a, const void *b);
|
||||
|
||||
|
||||
/* This is the global mask for the mbstring functions: this is use to
|
||||
@ -180,9 +180,10 @@ static int sk_table_cmp(const ASN1_STRING_TABLE * const *a,
|
||||
return (*a)->nid - (*b)->nid;
|
||||
}
|
||||
|
||||
static int table_cmp(ASN1_STRING_TABLE *a, ASN1_STRING_TABLE *b)
|
||||
static int table_cmp(const void *a, const void *b)
|
||||
{
|
||||
return a->nid - b->nid;
|
||||
const ASN1_STRING_TABLE *sa = a, *sb = b;
|
||||
return sa->nid - sb->nid;
|
||||
}
|
||||
|
||||
ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid)
|
||||
@ -194,7 +195,7 @@ ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid)
|
||||
ttmp = (ASN1_STRING_TABLE *) OBJ_bsearch((char *)&fnd,
|
||||
(char *)tbl_standard,
|
||||
sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE),
|
||||
sizeof(ASN1_STRING_TABLE), (int(*)())table_cmp);
|
||||
sizeof(ASN1_STRING_TABLE), table_cmp);
|
||||
if(ttmp) return ttmp;
|
||||
if(!stable) return NULL;
|
||||
idx = sk_ASN1_STRING_TABLE_find(stable, &fnd);
|
||||
|
@ -145,49 +145,8 @@ extern "C" {
|
||||
|
||||
struct X509_algor_st;
|
||||
|
||||
#define DECLARE_ASN1_SET_OF(type) \
|
||||
int i2d_ASN1_SET_OF_##type(STACK_OF(type) *a,unsigned char **pp, \
|
||||
int (*func)(type *,unsigned char **), int ex_tag, \
|
||||
int ex_class, int is_set); \
|
||||
STACK_OF(type) *d2i_ASN1_SET_OF_##type(STACK_OF(type) **a,unsigned char **pp, \
|
||||
long length, \
|
||||
type *(*func)(type **, \
|
||||
unsigned char **,long), \
|
||||
void (*free_func)(type *), \
|
||||
int ex_tag,int ex_class); \
|
||||
unsigned char *ASN1_seq_pack_##type(STACK_OF(type) *st, \
|
||||
int (*i2d)(type *,unsigned char **), \
|
||||
unsigned char **buf,int *len); \
|
||||
STACK_OF(type) *ASN1_seq_unpack_##type(unsigned char *buf,int len, \
|
||||
type *(*d2i)(type **,unsigned char **, \
|
||||
long), \
|
||||
void (*free_func)(type *));
|
||||
|
||||
#define IMPLEMENT_ASN1_SET_OF(type) \
|
||||
int i2d_ASN1_SET_OF_##type(STACK_OF(type) *a,unsigned char **pp, \
|
||||
int (*func)(type *,unsigned char **), int ex_tag, \
|
||||
int ex_class, int is_set) \
|
||||
{ return i2d_ASN1_SET((STACK *)a,pp,func,ex_tag,ex_class,is_set); } \
|
||||
STACK_OF(type) *d2i_ASN1_SET_OF_##type(STACK_OF(type) **a,unsigned char **pp, \
|
||||
long length, \
|
||||
type *(*func)(type **, \
|
||||
unsigned char **,long), \
|
||||
void (*free_func)(type *), \
|
||||
int ex_tag,int ex_class) \
|
||||
{ return (STACK_OF(type) *)d2i_ASN1_SET((STACK **)a,pp,length, \
|
||||
(char *(*)())func, \
|
||||
(void (*)())free_func, \
|
||||
ex_tag,ex_class); } \
|
||||
unsigned char *ASN1_seq_pack_##type(STACK_OF(type) *st, \
|
||||
int (*i2d)(type *,unsigned char **), \
|
||||
unsigned char **buf,int *len) \
|
||||
{ return ASN1_seq_pack((STACK *)st,i2d,buf,len); } \
|
||||
STACK_OF(type) *ASN1_seq_unpack_##type(unsigned char *buf,int len, \
|
||||
type *(*d2i)(type **,unsigned char **, \
|
||||
long), \
|
||||
void (*free_func)(type *)) \
|
||||
{ return (STACK_OF(type) *)ASN1_seq_unpack(buf,len,(char *(*)())d2i, \
|
||||
(void(*)(void *))free_func); }
|
||||
#define DECLARE_ASN1_SET_OF(type) /* filled in by mkstack.pl */
|
||||
#define IMPLEMENT_ASN1_SET_OF(type) /* nothing, no longer needed */
|
||||
|
||||
typedef struct asn1_ctx_st
|
||||
{
|
||||
@ -699,7 +658,7 @@ ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s,time_t t);
|
||||
int i2d_ASN1_SET(STACK *a, unsigned char **pp,
|
||||
int (*func)(), int ex_tag, int ex_class, int is_set);
|
||||
STACK * d2i_ASN1_SET(STACK **a, unsigned char **pp, long length,
|
||||
char *(*func)(), void (*free_func)(),
|
||||
char *(*func)(), void (*free_func)(void *),
|
||||
int ex_tag, int ex_class);
|
||||
|
||||
#ifndef NO_BIO
|
||||
@ -794,7 +753,7 @@ int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a,long *num,
|
||||
unsigned char *data, int max_len);
|
||||
|
||||
STACK *ASN1_seq_unpack(unsigned char *buf, int len, char *(*d2i)(),
|
||||
void (*free_func)() );
|
||||
void (*free_func)(void *) );
|
||||
unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf,
|
||||
int *len );
|
||||
void *ASN1_unpack_string(ASN1_STRING *oct, char *(*d2i)());
|
||||
|
@ -65,7 +65,7 @@
|
||||
/* Turn an ASN1 encoded SEQUENCE OF into a STACK of structures */
|
||||
|
||||
STACK *ASN1_seq_unpack(unsigned char *buf, int len, char *(*d2i)(),
|
||||
void (*free_func)())
|
||||
void (*free_func)(void *))
|
||||
{
|
||||
STACK *sk;
|
||||
unsigned char *pbuf;
|
||||
|
@ -77,7 +77,9 @@ links:
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
||||
install:
|
||||
install: installs
|
||||
|
||||
installs:
|
||||
@for i in $(EXHEADER) ; \
|
||||
do \
|
||||
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
|
||||
|
@ -69,7 +69,7 @@ static int buffer_gets(BIO *h, char *str, int size);
|
||||
static long buffer_ctrl(BIO *h, int cmd, long arg1, void *arg2);
|
||||
static int buffer_new(BIO *h);
|
||||
static int buffer_free(BIO *data);
|
||||
static long buffer_callback_ctrl(BIO *h, int cmd, void (*fp)());
|
||||
static long buffer_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
|
||||
#define DEFAULT_BUFFER_SIZE 1024
|
||||
|
||||
static BIO_METHOD methods_buffer=
|
||||
@ -439,7 +439,7 @@ malloc_error:
|
||||
return(0);
|
||||
}
|
||||
|
||||
static long buffer_callback_ctrl(BIO *b, int cmd, void (*fp)())
|
||||
static long buffer_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
|
||||
{
|
||||
long ret=1;
|
||||
|
||||
|
@ -73,7 +73,7 @@ static int nbiof_gets(BIO *h,char *str,int size);
|
||||
static long nbiof_ctrl(BIO *h,int cmd,long arg1,void *arg2);
|
||||
static int nbiof_new(BIO *h);
|
||||
static int nbiof_free(BIO *data);
|
||||
static long nbiof_callback_ctrl(BIO *h,int cmd,void (*fp)());
|
||||
static long nbiof_callback_ctrl(BIO *h,int cmd,bio_info_cb *fp);
|
||||
typedef struct nbio_test_st
|
||||
{
|
||||
/* only set if we sent a 'should retry' error */
|
||||
@ -226,7 +226,7 @@ static long nbiof_ctrl(BIO *b, int cmd, long num, void *ptr)
|
||||
return(ret);
|
||||
}
|
||||
|
||||
static long nbiof_callback_ctrl(BIO *b, int cmd, void (*fp)())
|
||||
static long nbiof_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
|
||||
{
|
||||
long ret=1;
|
||||
|
||||
|
@ -72,7 +72,7 @@ static int nullf_gets(BIO *h, char *str, int size);
|
||||
static long nullf_ctrl(BIO *h, int cmd, long arg1, void *arg2);
|
||||
static int nullf_new(BIO *h);
|
||||
static int nullf_free(BIO *data);
|
||||
static long nullf_callback_ctrl(BIO *h, int cmd, void (*fp)());
|
||||
static long nullf_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
|
||||
static BIO_METHOD methods_nullf=
|
||||
{
|
||||
BIO_TYPE_NULL_FILTER,
|
||||
@ -154,7 +154,7 @@ static long nullf_ctrl(BIO *b, int cmd, long num, void *ptr)
|
||||
return(ret);
|
||||
}
|
||||
|
||||
static long nullf_callback_ctrl(BIO *b, int cmd, void (*fp)())
|
||||
static long nullf_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
|
||||
{
|
||||
long ret=1;
|
||||
|
||||
|
@ -211,6 +211,8 @@ extern "C" {
|
||||
|
||||
typedef struct bio_st BIO;
|
||||
|
||||
typedef void bio_info_cb(struct bio_st *, int, const char *, int, long, long);
|
||||
|
||||
#ifndef WIN16
|
||||
typedef struct bio_method_st
|
||||
{
|
||||
@ -223,7 +225,7 @@ typedef struct bio_method_st
|
||||
long (*ctrl)(BIO *, int, long, void *);
|
||||
int (*create)(BIO *);
|
||||
int (*destroy)(BIO *);
|
||||
long (*callback_ctrl)(BIO *, int, void (*)(struct bio_st *, int, const char *, int, long, long));
|
||||
long (*callback_ctrl)(BIO *, int, bio_info_cb *);
|
||||
} BIO_METHOD;
|
||||
#else
|
||||
typedef struct bio_method_st
|
||||
@ -460,8 +462,8 @@ int BIO_read_filename(BIO *b,const char *name);
|
||||
size_t BIO_ctrl_pending(BIO *b);
|
||||
size_t BIO_ctrl_wpending(BIO *b);
|
||||
#define BIO_flush(b) (int)BIO_ctrl(b,BIO_CTRL_FLUSH,0,NULL)
|
||||
#define BIO_get_info_callback(b,cbp) (int)BIO_ctrl(b,BIO_CTRL_GET_CALLBACK,0,(void (**)())(cbp))
|
||||
#define BIO_set_info_callback(b,cb) (int)BIO_callback_ctrl(b,BIO_CTRL_SET_CALLBACK,(void (*)())(cb))
|
||||
#define BIO_get_info_callback(b,cbp) (int)BIO_ctrl(b,BIO_CTRL_GET_CALLBACK,0,(bio_info_cb **)(cbp))
|
||||
#define BIO_set_info_callback(b,cb) (int)BIO_callback_ctrl(b,BIO_CTRL_SET_CALLBACK,(bio_info_cb *)(cb))
|
||||
|
||||
/* For the BIO_f_buffer() type */
|
||||
#define BIO_buffer_get_num_lines(b) BIO_ctrl(b,BIO_CTRL_GET,0,NULL)
|
||||
|
@ -104,7 +104,7 @@ static int conn_puts(BIO *h, const char *str);
|
||||
static long conn_ctrl(BIO *h, int cmd, long arg1, void *arg2);
|
||||
static int conn_new(BIO *h);
|
||||
static int conn_free(BIO *data);
|
||||
static long conn_callback_ctrl(BIO *h, int cmd, void (*fp)());
|
||||
static long conn_callback_ctrl(BIO *h, int cmd, bio_info_cb *);
|
||||
|
||||
static int conn_state(BIO *b, BIO_CONNECT *c);
|
||||
static void conn_close_socket(BIO *data);
|
||||
@ -574,7 +574,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
|
||||
if (data->param_hostname)
|
||||
BIO_set_conn_hostname(dbio,data->param_hostname);
|
||||
BIO_set_nbio(dbio,data->nbio);
|
||||
(void)BIO_set_info_callback(dbio,(void *(*)())(data->info_callback));
|
||||
(void)BIO_set_info_callback(dbio,data->info_callback);
|
||||
}
|
||||
break;
|
||||
case BIO_CTRL_SET_CALLBACK:
|
||||
@ -602,7 +602,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
|
||||
return(ret);
|
||||
}
|
||||
|
||||
static long conn_callback_ctrl(BIO *b, int cmd, void (*fp)())
|
||||
static long conn_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
|
||||
{
|
||||
long ret=1;
|
||||
BIO_CONNECT *data;
|
||||
|
@ -451,7 +451,7 @@ int BN_mod_exp_mont(BIGNUM *rr, BIGNUM *a, const BIGNUM *p,
|
||||
start=0;
|
||||
if (wstart < 0) break;
|
||||
}
|
||||
BN_from_montgomery(rr,r,mont,ctx);
|
||||
if (!BN_from_montgomery(rr,r,mont,ctx)) goto err;
|
||||
ret=1;
|
||||
err:
|
||||
if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont);
|
||||
@ -466,14 +466,20 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
|
||||
{
|
||||
BN_MONT_CTX *mont = NULL;
|
||||
int b, bits, ret=0;
|
||||
int r_is_one;
|
||||
BN_ULONG w, next_w;
|
||||
BIGNUM *d, *r, *t;
|
||||
BIGNUM *swap_tmp;
|
||||
#define BN_MOD_MUL_WORD(r, w, m) \
|
||||
(BN_mul_word(r, (w)) && \
|
||||
(BN_ucmp(r, (m)) >= 0 ? \
|
||||
(BN_mod(t, r, m, ctx) && (swap_tmp = r, r = t, t = swap_tmp, 1)) : \
|
||||
1))
|
||||
(/* BN_ucmp(r, (m)) < 0 ? 1 :*/ \
|
||||
(BN_mod(t, r, m, ctx) && (swap_tmp = r, r = t, t = swap_tmp, 1))))
|
||||
/* BN_MOD_MUL_WORD is only used with 'w' large,
|
||||
* so the BN_ucmp test is probably more overhead
|
||||
* than always using BN_mod (which uses BN_copy if
|
||||
* a similar test returns true). */
|
||||
#define BN_TO_MONTGOMERY_WORD(r, w, mont) \
|
||||
(BN_set_word(r, (w)) && BN_to_montgomery(r, r, (mont), ctx))
|
||||
|
||||
bn_check_top(p);
|
||||
bn_check_top(m);
|
||||
@ -503,7 +509,7 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
|
||||
if (!BN_MONT_CTX_set(mont, m, ctx)) goto err;
|
||||
}
|
||||
|
||||
if (!BN_to_montgomery(r, BN_value_one(), mont, ctx)) goto err;
|
||||
r_is_one = 1; /* except for Montgomery factor */
|
||||
|
||||
/* bits-1 >= 0 */
|
||||
|
||||
@ -515,13 +521,22 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
|
||||
next_w = w*w;
|
||||
if ((next_w/w) != w) /* overflow */
|
||||
{
|
||||
if (!BN_MOD_MUL_WORD(r, w, m))
|
||||
goto err;
|
||||
if (r_is_one)
|
||||
{
|
||||
if (!BN_TO_MONTGOMERY_WORD(r, w, mont)) goto err;
|
||||
r_is_one = 0;
|
||||
}
|
||||
else
|
||||
{
|
||||
if (!BN_MOD_MUL_WORD(r, w, m)) goto err;
|
||||
}
|
||||
next_w = 1;
|
||||
}
|
||||
w = next_w;
|
||||
if (!BN_mod_mul_montgomery(r, r, r, mont, ctx))
|
||||
goto err;
|
||||
if (!r_is_one)
|
||||
{
|
||||
if (!BN_mod_mul_montgomery(r, r, r, mont, ctx)) goto err;
|
||||
}
|
||||
|
||||
/* Second, multiply r*w by 'a' if exponent bit is set. */
|
||||
if (BN_is_bit_set(p, b))
|
||||
@ -529,21 +544,43 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
|
||||
next_w = w*a;
|
||||
if ((next_w/a) != w) /* overflow */
|
||||
{
|
||||
if (!BN_MOD_MUL_WORD(r, w, m))
|
||||
goto err;
|
||||
if (r_is_one)
|
||||
{
|
||||
if (!BN_TO_MONTGOMERY_WORD(r, w, mont)) goto err;
|
||||
r_is_one = 0;
|
||||
}
|
||||
else
|
||||
{
|
||||
if (!BN_MOD_MUL_WORD(r, w, m)) goto err;
|
||||
}
|
||||
next_w = a;
|
||||
}
|
||||
w = next_w;
|
||||
}
|
||||
}
|
||||
|
||||
/* Finally, set r:=r*w. */
|
||||
if (w != 1)
|
||||
{
|
||||
if (!BN_MOD_MUL_WORD(r, w, m))
|
||||
goto err;
|
||||
if (r_is_one)
|
||||
{
|
||||
if (!BN_TO_MONTGOMERY_WORD(r, w, mont)) goto err;
|
||||
r_is_one = 0;
|
||||
}
|
||||
else
|
||||
{
|
||||
if (!BN_MOD_MUL_WORD(r, w, m)) goto err;
|
||||
}
|
||||
}
|
||||
|
||||
BN_from_montgomery(rr, r, mont, ctx);
|
||||
if (r_is_one) /* can happen only if a == 1*/
|
||||
{
|
||||
if (!BN_one(rr)) goto err;
|
||||
}
|
||||
else
|
||||
{
|
||||
if (!BN_from_montgomery(rr, r, mont, ctx)) goto err;
|
||||
}
|
||||
ret = 1;
|
||||
err:
|
||||
if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont);
|
||||
|
@ -85,7 +85,7 @@ int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b,
|
||||
|
||||
if (a == b)
|
||||
{
|
||||
#if 0
|
||||
#if 1
|
||||
bn_wexpand(tmp,a->top*2);
|
||||
bn_wexpand(tmp2,a->top*4);
|
||||
bn_sqr_recursive(tmp->d,a->d,a->top,tmp2->d);
|
||||
|
@ -66,8 +66,8 @@
|
||||
static double SSLeay_MSVC5_hack=0.0; /* and for VC1.5 */
|
||||
#endif
|
||||
|
||||
DECLARE_STACK_OF(CRYPTO_dynlock);
|
||||
IMPLEMENT_STACK_OF(CRYPTO_dynlock);
|
||||
DECLARE_STACK_OF(CRYPTO_dynlock)
|
||||
IMPLEMENT_STACK_OF(CRYPTO_dynlock)
|
||||
|
||||
/* real #defines in crypto.h, keep these upto date */
|
||||
static const char* lock_names[CRYPTO_NUM_LOCKS] =
|
||||
@ -176,7 +176,7 @@ int CRYPTO_get_new_dynlockid(void)
|
||||
}
|
||||
CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
|
||||
if ((dyn_locks == NULL)
|
||||
&& ((dyn_locks=sk_new_null()) == NULL))
|
||||
&& ((dyn_locks=sk_CRYPTO_dynlock_new_null()) == NULL))
|
||||
{
|
||||
CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
|
||||
CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE);
|
||||
|
@ -106,6 +106,26 @@ DSO_METHOD *DSO_METHOD_dlfcn(void)
|
||||
return(&dso_meth_dlfcn);
|
||||
}
|
||||
|
||||
/* Prior to using the dlopen() function, we should decide on the flag
|
||||
* we send. There's a few different ways of doing this and it's a
|
||||
* messy venn-diagram to match up which platforms support what. So
|
||||
* as we don't have autoconf yet, I'm implementing a hack that could
|
||||
* be hacked further relatively easily to deal with cases as we find
|
||||
* them. Initially this is to cope with OpenBSD. */
|
||||
#ifdef __OpenBSD__
|
||||
# ifdef DL_LAZY
|
||||
# define DLOPEN_FLAG DL_LAZY
|
||||
# else
|
||||
# ifdef RTLD_NOW
|
||||
# define DLOPEN_FLAG RTLD_NOW
|
||||
# else
|
||||
# define DLOPEN_FLAG 0
|
||||
# endif
|
||||
# endif
|
||||
#else
|
||||
# define DLOPEN_FLAG RTLD_NOW /* Hope this works everywhere else */
|
||||
#endif
|
||||
|
||||
/* For this DSO_METHOD, our meth_data STACK will contain;
|
||||
* (i) the handle (void*) returned from dlopen().
|
||||
*/
|
||||
@ -126,11 +146,11 @@ static int dlfcn_load(DSO *dso, const char *filename)
|
||||
(strstr(filename, "/") == NULL))
|
||||
{
|
||||
sprintf(translated, "lib%s.so", filename);
|
||||
ptr = dlopen(translated, RTLD_NOW);
|
||||
ptr = dlopen(translated, DLOPEN_FLAG);
|
||||
}
|
||||
else
|
||||
{
|
||||
ptr = dlopen(filename, RTLD_NOW);
|
||||
ptr = dlopen(filename, DLOPEN_FLAG);
|
||||
}
|
||||
if(ptr == NULL)
|
||||
{
|
||||
|
@ -141,14 +141,14 @@ static int win32_load(DSO *dso, const char *filename)
|
||||
if(p == NULL)
|
||||
{
|
||||
DSOerr(DSO_F_WIN32_LOAD,ERR_R_MALLOC_FAILURE);
|
||||
OPENSSL_freeLibrary(h);
|
||||
FreeLibrary(h);
|
||||
return(0);
|
||||
}
|
||||
*p = h;
|
||||
if(!sk_push(dso->meth_data, (char *)p))
|
||||
{
|
||||
DSOerr(DSO_F_WIN32_LOAD,DSO_R_STACK_ERROR);
|
||||
OPENSSL_freeLibrary(h);
|
||||
FreeLibrary(h);
|
||||
OPENSSL_free(p);
|
||||
return(0);
|
||||
}
|
||||
@ -171,7 +171,7 @@ static int win32_unload(DSO *dso)
|
||||
DSOerr(DSO_F_WIN32_UNLOAD,DSO_R_NULL_HANDLE);
|
||||
return(0);
|
||||
}
|
||||
if(!OPENSSL_freeLibrary(p))
|
||||
if(!FreeLibrary(*p))
|
||||
{
|
||||
DSOerr(DSO_F_WIN32_UNLOAD,DSO_R_UNLOAD_FAILED);
|
||||
/* We should push the value back onto the stack in
|
||||
|
@ -69,7 +69,7 @@ static int b64_read(BIO *h, char *buf, int size);
|
||||
static long b64_ctrl(BIO *h, int cmd, long arg1, void *arg2);
|
||||
static int b64_new(BIO *h);
|
||||
static int b64_free(BIO *data);
|
||||
static long b64_callback_ctrl(BIO *h,int cmd,void (*fp)());
|
||||
static long b64_callback_ctrl(BIO *h,int cmd,bio_info_cb *fp);
|
||||
#define B64_BLOCK_SIZE 1024
|
||||
#define B64_BLOCK_SIZE2 768
|
||||
#define B64_NONE 0
|
||||
@ -524,7 +524,7 @@ again:
|
||||
return(ret);
|
||||
}
|
||||
|
||||
static long b64_callback_ctrl(BIO *b, int cmd, void (*fp)())
|
||||
static long b64_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
|
||||
{
|
||||
long ret=1;
|
||||
|
||||
|
@ -69,7 +69,7 @@ static int enc_read(BIO *h, char *buf, int size);
|
||||
static long enc_ctrl(BIO *h, int cmd, long arg1, void *arg2);
|
||||
static int enc_new(BIO *h);
|
||||
static int enc_free(BIO *data);
|
||||
static long enc_callback_ctrl(BIO *h, int cmd, void (*fp)());
|
||||
static long enc_callback_ctrl(BIO *h, int cmd, bio_info_cb *fps);
|
||||
#define ENC_BLOCK_SIZE (1024*4)
|
||||
|
||||
typedef struct enc_struct
|
||||
@ -370,7 +370,7 @@ again:
|
||||
return(ret);
|
||||
}
|
||||
|
||||
static long enc_callback_ctrl(BIO *b, int cmd, void (*fp)())
|
||||
static long enc_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
|
||||
{
|
||||
long ret=1;
|
||||
|
||||
|
@ -72,7 +72,7 @@ static int md_gets(BIO *h, char *str, int size);
|
||||
static long md_ctrl(BIO *h, int cmd, long arg1, void *arg2);
|
||||
static int md_new(BIO *h);
|
||||
static int md_free(BIO *data);
|
||||
static long md_callback_ctrl(BIO *h,int cmd,void (*fp)());
|
||||
static long md_callback_ctrl(BIO *h,int cmd,bio_info_cb *fp);
|
||||
|
||||
static BIO_METHOD methods_md=
|
||||
{
|
||||
@ -223,7 +223,7 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr)
|
||||
return(ret);
|
||||
}
|
||||
|
||||
static long md_callback_ctrl(BIO *b, int cmd, void (*fp)())
|
||||
static long md_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
|
||||
{
|
||||
long ret=1;
|
||||
|
||||
|
@ -130,7 +130,7 @@ static int ok_read(BIO *h, char *buf, int size);
|
||||
static long ok_ctrl(BIO *h, int cmd, long arg1, void *arg2);
|
||||
static int ok_new(BIO *h);
|
||||
static int ok_free(BIO *data);
|
||||
static long ok_callback_ctrl(BIO *h, int cmd, void (*fp)());
|
||||
static long ok_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
|
||||
|
||||
static void sig_out(BIO* b);
|
||||
static void sig_in(BIO* b);
|
||||
@ -431,7 +431,7 @@ static long ok_ctrl(BIO *b, int cmd, long num, void *ptr)
|
||||
return(ret);
|
||||
}
|
||||
|
||||
static long ok_callback_ctrl(BIO *b, int cmd, void (*fp)())
|
||||
static long ok_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
|
||||
{
|
||||
long ret=1;
|
||||
|
||||
|
@ -104,8 +104,9 @@ int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int pbe_cmp (EVP_PBE_CTL **pbe1, EVP_PBE_CTL **pbe2)
|
||||
static int pbe_cmp(const char * const *a, const char * const *b)
|
||||
{
|
||||
EVP_PBE_CTL **pbe1 = (EVP_PBE_CTL **) a, **pbe2 = (EVP_PBE_CTL **)b;
|
||||
return ((*pbe1)->pbe_nid - (*pbe2)->pbe_nid);
|
||||
}
|
||||
|
||||
@ -115,7 +116,7 @@ int EVP_PBE_alg_add (int nid, EVP_CIPHER *cipher, EVP_MD *md,
|
||||
EVP_PBE_KEYGEN *keygen)
|
||||
{
|
||||
EVP_PBE_CTL *pbe_tmp;
|
||||
if (!pbe_algs) pbe_algs = sk_new ((int (*)())pbe_cmp);
|
||||
if (!pbe_algs) pbe_algs = sk_new(pbe_cmp);
|
||||
if (!(pbe_tmp = (EVP_PBE_CTL*) OPENSSL_malloc (sizeof(EVP_PBE_CTL)))) {
|
||||
EVPerr(EVP_F_EVP_PBE_ALG_ADD,ERR_R_MALLOC_FAILURE);
|
||||
return 0;
|
||||
|
@ -30,7 +30,7 @@ ASFLAGS=$(CFLAGS)
|
||||
|
||||
GENERAL=Makefile
|
||||
TEST=md5test.c
|
||||
APPS=md5.c
|
||||
APPS=
|
||||
|
||||
LIB=$(TOP)/libcrypto.a
|
||||
LIBSRC=md5_dgst.c md5_one.c
|
||||
|
@ -36,8 +36,9 @@ int OBJ_NAME_init(void)
|
||||
return(names_lh != NULL);
|
||||
}
|
||||
|
||||
int OBJ_NAME_new_index(unsigned long (*hash_func)(), int (*cmp_func)(),
|
||||
void (*free_func)())
|
||||
int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *),
|
||||
int (*cmp_func)(const void *, const void *),
|
||||
void (*free_func)(const char *, int, const char *))
|
||||
{
|
||||
int ret;
|
||||
int i;
|
||||
|
@ -79,9 +79,9 @@ static ASN1_OBJECT *ln_objs[1];
|
||||
static ASN1_OBJECT *obj_objs[1];
|
||||
#endif
|
||||
|
||||
static int sn_cmp(ASN1_OBJECT **a, ASN1_OBJECT **b);
|
||||
static int ln_cmp(ASN1_OBJECT **a, ASN1_OBJECT **b);
|
||||
static int obj_cmp(ASN1_OBJECT **a, ASN1_OBJECT **b);
|
||||
static int sn_cmp(const void *a, const void *b);
|
||||
static int ln_cmp(const void *a, const void *b);
|
||||
static int obj_cmp(const void *a, const void *b);
|
||||
#define ADDED_DATA 0
|
||||
#define ADDED_SNAME 1
|
||||
#define ADDED_LNAME 2
|
||||
@ -96,11 +96,17 @@ typedef struct added_obj_st
|
||||
static int new_nid=NUM_NID;
|
||||
static LHASH *added=NULL;
|
||||
|
||||
static int sn_cmp(ASN1_OBJECT **ap, ASN1_OBJECT **bp)
|
||||
{ return(strcmp((*ap)->sn,(*bp)->sn)); }
|
||||
static int sn_cmp(const void *a, const void *b)
|
||||
{
|
||||
const ASN1_OBJECT * const *ap = a, * const *bp = b;
|
||||
return(strcmp((*ap)->sn,(*bp)->sn));
|
||||
}
|
||||
|
||||
static int ln_cmp(ASN1_OBJECT **ap, ASN1_OBJECT **bp)
|
||||
{ return(strcmp((*ap)->ln,(*bp)->ln)); }
|
||||
static int ln_cmp(const void *a, const void *b)
|
||||
{
|
||||
const ASN1_OBJECT * const *ap = a, * const *bp = b;
|
||||
return(strcmp((*ap)->ln,(*bp)->ln));
|
||||
}
|
||||
|
||||
static unsigned long add_hash(ADDED_OBJ *ca)
|
||||
{
|
||||
@ -365,7 +371,7 @@ int OBJ_obj2nid(ASN1_OBJECT *a)
|
||||
if (adp != NULL) return (adp->obj->nid);
|
||||
}
|
||||
op=(ASN1_OBJECT **)OBJ_bsearch((char *)&a,(char *)obj_objs,NUM_OBJ,
|
||||
sizeof(ASN1_OBJECT *),(int (*)())obj_cmp);
|
||||
sizeof(ASN1_OBJECT *),obj_cmp);
|
||||
if (op == NULL)
|
||||
return(NID_undef);
|
||||
return((*op)->nid);
|
||||
@ -504,7 +510,7 @@ int OBJ_ln2nid(const char *s)
|
||||
if (adp != NULL) return (adp->obj->nid);
|
||||
}
|
||||
op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)ln_objs,NUM_LN,
|
||||
sizeof(ASN1_OBJECT *),(int (*)())ln_cmp);
|
||||
sizeof(ASN1_OBJECT *),ln_cmp);
|
||||
if (op == NULL) return(NID_undef);
|
||||
return((*op)->nid);
|
||||
}
|
||||
@ -523,23 +529,23 @@ int OBJ_sn2nid(const char *s)
|
||||
if (adp != NULL) return (adp->obj->nid);
|
||||
}
|
||||
op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)sn_objs,NUM_SN,
|
||||
sizeof(ASN1_OBJECT *),(int (*)())sn_cmp);
|
||||
sizeof(ASN1_OBJECT *),sn_cmp);
|
||||
if (op == NULL) return(NID_undef);
|
||||
return((*op)->nid);
|
||||
}
|
||||
|
||||
static int obj_cmp(ASN1_OBJECT **ap, ASN1_OBJECT **bp)
|
||||
static int obj_cmp(const void *ap, const void *bp)
|
||||
{
|
||||
int j;
|
||||
ASN1_OBJECT *a= *ap;
|
||||
ASN1_OBJECT *b= *bp;
|
||||
ASN1_OBJECT *a= *(ASN1_OBJECT **)ap;
|
||||
ASN1_OBJECT *b= *(ASN1_OBJECT **)bp;
|
||||
|
||||
j=(a->length - b->length);
|
||||
if (j) return(j);
|
||||
return(memcmp(a->data,b->data,a->length));
|
||||
}
|
||||
|
||||
char *OBJ_bsearch(char *key, char *base, int num, int size, int (*cmp)())
|
||||
char *OBJ_bsearch(char *key, char *base, int num, int size, int (*cmp)(const void *, const void *))
|
||||
{
|
||||
int l,h,i,c;
|
||||
char *p;
|
||||
|
@ -109,7 +109,7 @@ unsigned char * PKCS12_pbe_crypt (X509_ALGOR *algor, const char *pass,
|
||||
*/
|
||||
|
||||
char * PKCS12_decrypt_d2i (X509_ALGOR *algor, char * (*d2i)(),
|
||||
void (*free_func)(), const char *pass, int passlen,
|
||||
void (*free_func)(void *), const char *pass, int passlen,
|
||||
ASN1_OCTET_STRING *oct, int seq)
|
||||
{
|
||||
unsigned char *out, *p;
|
||||
|
@ -135,9 +135,9 @@ int PKCS12_parse (PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
|
||||
|
||||
err:
|
||||
|
||||
if (pkey && *pkey) EVP_PKEY_free (*pkey);
|
||||
if (cert && *cert) X509_free (*cert);
|
||||
if (ca) sk_X509_pop_free (*ca, X509_free);
|
||||
if (pkey && *pkey) EVP_PKEY_free(*pkey);
|
||||
if (cert && *cert) X509_free(*cert);
|
||||
if (ca) sk_X509_pop_free(*ca, X509_free);
|
||||
return 0;
|
||||
|
||||
}
|
||||
@ -159,12 +159,12 @@ static int parse_pk12 (PKCS12 *p12, const char *pass, int passlen,
|
||||
p7 = sk_PKCS7_value (asafes, i);
|
||||
bagnid = OBJ_obj2nid (p7->type);
|
||||
if (bagnid == NID_pkcs7_data) {
|
||||
bags = M_PKCS12_unpack_p7data (p7);
|
||||
bags = M_PKCS12_unpack_p7data(p7);
|
||||
} else if (bagnid == NID_pkcs7_encrypted) {
|
||||
bags = M_PKCS12_unpack_p7encdata (p7, pass, passlen);
|
||||
bags = M_PKCS12_unpack_p7encdata(p7, pass, passlen);
|
||||
} else continue;
|
||||
if (!bags) {
|
||||
sk_PKCS7_pop_free (asafes, PKCS7_free);
|
||||
sk_PKCS7_pop_free(asafes, PKCS7_free);
|
||||
return 0;
|
||||
}
|
||||
if (!parse_bags(bags, pass, passlen, pkey, cert, ca,
|
||||
|
@ -146,24 +146,24 @@ union {
|
||||
#define M_PKCS12_crl_bag_type M_PKCS12_cert_bag_type
|
||||
|
||||
#define M_PKCS12_x5092certbag(x509) \
|
||||
PKCS12_pack_safebag ((char *)(x509), i2d_X509, NID_x509Certificate, NID_certBag)
|
||||
PKCS12_pack_safebag((char *)(x509), i2d_X509, NID_x509Certificate, NID_certBag)
|
||||
|
||||
#define M_PKCS12_x509crl2certbag(crl) \
|
||||
PKCS12_pack_safebag ((char *)(crl), i2d_X509CRL, NID_x509Crl, NID_crlBag)
|
||||
PKCS12_pack_safebag((char *)(crl), i2d_X509CRL, NID_x509Crl, NID_crlBag)
|
||||
|
||||
#define M_PKCS12_certbag2x509(bg) \
|
||||
(X509 *) ASN1_unpack_string ((bg)->value.bag->value.octet, \
|
||||
(X509 *) ASN1_unpack_string((bg)->value.bag->value.octet, \
|
||||
(char *(*)())d2i_X509)
|
||||
|
||||
#define M_PKCS12_certbag2x509crl(bg) \
|
||||
(X509CRL *) ASN1_unpack_string ((bg)->value.bag->value.octet, \
|
||||
(X509CRL *) ASN1_unpack_string((bg)->value.bag->value.octet, \
|
||||
(char *(*)())d2i_X509CRL)
|
||||
|
||||
/*#define M_PKCS12_pkcs82rsa(p8) \
|
||||
(RSA *) ASN1_unpack_string ((p8)->pkey, (char *(*)())d2i_RSAPrivateKey)*/
|
||||
(RSA *) ASN1_unpack_string((p8)->pkey, (char *(*)())d2i_RSAPrivateKey)*/
|
||||
|
||||
#define M_PKCS12_unpack_p7data(p7) \
|
||||
ASN1_seq_unpack_PKCS12_SAFEBAG ((p7)->d.data->data, p7->d.data->length, \
|
||||
ASN1_seq_unpack_PKCS12_SAFEBAG((p7)->d.data->data, p7->d.data->length, \
|
||||
d2i_PKCS12_SAFEBAG, PKCS12_SAFEBAG_free)
|
||||
|
||||
#define M_PKCS12_pack_authsafes(p12, safes) \
|
||||
@ -175,20 +175,20 @@ ASN1_seq_unpack_PKCS7((p12)->authsafes->d.data->data, \
|
||||
(p12)->authsafes->d.data->length, d2i_PKCS7, PKCS7_free)
|
||||
|
||||
#define M_PKCS12_unpack_p7encdata(p7, pass, passlen) \
|
||||
PKCS12_decrypt_d2i_PKCS12_SAFEBAG ((p7)->d.encrypted->enc_data->algorithm,\
|
||||
PKCS12_decrypt_d2i_PKCS12_SAFEBAG((p7)->d.encrypted->enc_data->algorithm,\
|
||||
d2i_PKCS12_SAFEBAG, PKCS12_SAFEBAG_free, \
|
||||
(pass), (passlen), \
|
||||
(p7)->d.encrypted->enc_data->enc_data, 3)
|
||||
|
||||
#define M_PKCS12_decrypt_skey(bag, pass, passlen) \
|
||||
(PKCS8_PRIV_KEY_INFO *) PKCS12_decrypt_d2i ((bag)->value.shkeybag->algor, \
|
||||
(char *(*)())d2i_PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_free, \
|
||||
(PKCS8_PRIV_KEY_INFO *) PKCS12_decrypt_d2i((bag)->value.shkeybag->algor, \
|
||||
(char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (void (*)(void *))PKCS8_PRIV_KEY_INFO_free, \
|
||||
(pass), (passlen), \
|
||||
(bag)->value.shkeybag->digest, 2)
|
||||
|
||||
#define M_PKCS8_decrypt(p8, pass, passlen) \
|
||||
(PKCS8_PRIV_KEY_INFO *) PKCS12_decrypt_d2i ((p8)->algor, \
|
||||
(char *(*)())d2i_PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_free,\
|
||||
(PKCS8_PRIV_KEY_INFO *) PKCS12_decrypt_d2i((p8)->algor, \
|
||||
(char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (void (*)(void *))PKCS8_PRIV_KEY_INFO_free,\
|
||||
(pass), (passlen), (p8)->digest, 2)
|
||||
|
||||
#define PKCS12_get_attr(bag, attr_nid) \
|
||||
@ -226,7 +226,7 @@ unsigned char *PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass,
|
||||
int passlen, unsigned char *in, int inlen,
|
||||
unsigned char **data, int *datalen, int en_de);
|
||||
char *PKCS12_decrypt_d2i(X509_ALGOR *algor, char *(*d2i)(),
|
||||
void (*free_func)(), const char *pass, int passlen,
|
||||
void (*free_func)(void *), const char *pass, int passlen,
|
||||
ASN1_STRING *oct, int seq);
|
||||
ASN1_STRING *PKCS12_i2d_encrypt(X509_ALGOR *algor, int (*i2d)(),
|
||||
const char *pass, int passlen, char *obj,
|
||||
|
@ -110,7 +110,8 @@
|
||||
*/
|
||||
|
||||
|
||||
#ifdef WINDOWS
|
||||
#if defined(WINDOWS) || defined(WIN32)
|
||||
#include "cryptlib.h"
|
||||
#include <windows.h>
|
||||
#include <openssl/rand.h>
|
||||
/* XXX There are probably other includes missing here ... */
|
||||
|
@ -22,7 +22,7 @@ CFLAGS= $(INCLUDES) $(CFLAG)
|
||||
|
||||
GENERAL=Makefile
|
||||
TEST=rmdtest.c
|
||||
APPS=rmd160.c
|
||||
APPS=
|
||||
|
||||
LIB=$(TOP)/libcrypto.a
|
||||
LIBSRC=rmd_dgst.c rmd_one.c
|
||||
|
File diff suppressed because it is too large
Load Diff
@ -102,26 +102,8 @@ extern "C" {
|
||||
#endif
|
||||
|
||||
/* If placed in pkcs12.h, we end up with a circular depency with pkcs7.h */
|
||||
#define DECLARE_PKCS12_STACK_OF(type) \
|
||||
STACK_OF(type) *PKCS12_decrypt_d2i_##type(struct X509_algor_st *algor, \
|
||||
type *(*d2i)(type **, \
|
||||
unsigned char **, \
|
||||
long), \
|
||||
void (*free_func)(type *), \
|
||||
const char *pass, int passlen, \
|
||||
ASN1_STRING *oct, int seq);
|
||||
|
||||
#define IMPLEMENT_PKCS12_STACK_OF(type) \
|
||||
STACK_OF(type) *PKCS12_decrypt_d2i_##type(struct X509_algor_st *algor, \
|
||||
type *(*d2i)(type **, \
|
||||
unsigned char **, \
|
||||
long), \
|
||||
void (*free_func)(type *), \
|
||||
const char *pass, int passlen, \
|
||||
ASN1_STRING *oct, int seq) \
|
||||
{ return (STACK_OF(type) *)PKCS12_decrypt_d2i(algor,(char *(*)())d2i, \
|
||||
(void(*)(void *))free_func, \
|
||||
pass,passlen,oct,seq); }
|
||||
#define DECLARE_PKCS12_STACK_OF(type) /* Nothing */
|
||||
#define IMPLEMENT_PKCS12_STACK_OF(type) /* Nothing */
|
||||
|
||||
#define X509_FILETYPE_PEM 1
|
||||
#define X509_FILETYPE_ASN1 2
|
||||
|
@ -19,6 +19,7 @@ B<openssl> B<req>
|
||||
[B<-verify>]
|
||||
[B<-modulus>]
|
||||
[B<-new>]
|
||||
[B<-rand file(s)>]
|
||||
[B<-newkey rsa:bits>]
|
||||
[B<-newkey dsa:file>]
|
||||
[B<-nodes>]
|
||||
@ -104,6 +105,14 @@ in the configuration file and any requested extensions.
|
||||
If the B<-key> option is not used it will generate a new RSA private
|
||||
key using information specified in the configuration file.
|
||||
|
||||
=item B<-rand file(s)>
|
||||
|
||||
a file or files containing random data used to seed the random number
|
||||
generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
|
||||
Multiple files can be specified separated by a OS-dependent character.
|
||||
The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
|
||||
all others.
|
||||
|
||||
=item B<-newkey arg>
|
||||
|
||||
this option creates a new certificate request and a new private
|
||||
|
@ -71,7 +71,7 @@ static int ssl_puts(BIO *h, const char *str);
|
||||
static long ssl_ctrl(BIO *h, int cmd, long arg1, void *arg2);
|
||||
static int ssl_new(BIO *h);
|
||||
static int ssl_free(BIO *data);
|
||||
static long ssl_callback_ctrl(BIO *h, int cmd, void (*fp)());
|
||||
static long ssl_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
|
||||
typedef struct bio_ssl_st
|
||||
{
|
||||
SSL *ssl; /* The ssl handle :-) */
|
||||
@ -470,7 +470,7 @@ static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr)
|
||||
return(ret);
|
||||
}
|
||||
|
||||
static long ssl_callback_ctrl(BIO *b, int cmd, void (*fp)())
|
||||
static long ssl_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
|
||||
{
|
||||
SSL *ssl;
|
||||
BIO_SSL *bs;
|
||||
|
@ -384,7 +384,7 @@ SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p)
|
||||
cpp=(SSL_CIPHER **)OBJ_bsearch((char *)&cp,
|
||||
(char *)sorted,
|
||||
SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER *),
|
||||
(int (*)())ssl_cipher_ptr_id_cmp);
|
||||
FP_ICC ssl_cipher_ptr_id_cmp);
|
||||
if ((cpp == NULL) || !(*cpp)->valid)
|
||||
return(NULL);
|
||||
else
|
||||
|
@ -1041,7 +1041,7 @@ SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
|
||||
cpp=(SSL_CIPHER **)OBJ_bsearch((char *)&cp,
|
||||
(char *)sorted,
|
||||
SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
|
||||
(int (*)())ssl_cipher_ptr_id_cmp);
|
||||
FP_ICC ssl_cipher_ptr_id_cmp);
|
||||
if ((cpp == NULL) || !(*cpp)->valid)
|
||||
return(NULL);
|
||||
else
|
||||
|
@ -271,37 +271,10 @@ sub do_defs
|
||||
} elsif (/^\#/) {
|
||||
next;
|
||||
}
|
||||
if (!$safe_stack_def &&
|
||||
/^\s*DECLARE_STACK_OF\s*\(\s*(\w*)\s*\)/) {
|
||||
if (/^\s*DECLARE_STACK_OF\s*\(\s*(\w*)\s*\)/) {
|
||||
next;
|
||||
} elsif ($safe_stack_def &&
|
||||
/^\s*DECLARE_STACK_OF\s*\(\s*(\w*)\s*\)/) {
|
||||
$funcs{"sk_${1}_new"} = 1;
|
||||
$funcs{"sk_${1}_new_null"} = 1;
|
||||
$funcs{"sk_${1}_free"} = 1;
|
||||
$funcs{"sk_${1}_num"} = 1;
|
||||
$funcs{"sk_${1}_value"} = 1;
|
||||
$funcs{"sk_${1}_set"} = 1;
|
||||
$funcs{"sk_${1}_zero"} = 1;
|
||||
$funcs{"sk_${1}_push"} = 1;
|
||||
$funcs{"sk_${1}_unshift"} = 1;
|
||||
$funcs{"sk_${1}_find"} = 1;
|
||||
$funcs{"sk_${1}_delete"} = 1;
|
||||
$funcs{"sk_${1}_delete_ptr"} = 1;
|
||||
$funcs{"sk_${1}_insert"} = 1;
|
||||
$funcs{"sk_${1}_set_cmp_func"} = 1;
|
||||
$funcs{"sk_${1}_dup"} = 1;
|
||||
$funcs{"sk_${1}_pop_free"} = 1;
|
||||
$funcs{"sk_${1}_shift"} = 1;
|
||||
$funcs{"sk_${1}_pop"} = 1;
|
||||
$funcs{"sk_${1}_sort"} = 1;
|
||||
} if (!$safe_stack_def &&
|
||||
/^\s*DECLARE_ASN1_SET_OF\s*\(\s*(\w*)\s*\)/) {
|
||||
} elsif (/^\s*DECLARE_ASN1_SET_OF\s*\(\s*(\w*)\s*\)/) {
|
||||
next;
|
||||
} elsif ($safe_stack_def &&
|
||||
/^\s*DECLARE_ASN1_SET_OF\s*\(\s*(\w*)\s*\)/) {
|
||||
$funcs{"d2i_ASN1_SET_OF_${1}"} = 1;
|
||||
$funcs{"i2d_ASN1_SET_OF_${1}"} = 1;
|
||||
} elsif (/^DECLARE_PEM_rw\s*\(\s*(\w*)\s*,/ ||
|
||||
/^DECLARE_PEM_rw_cb\s*\(\s*(\w*)\s*,/ ) {
|
||||
if (!($no_rsa && ($1 eq "RSAPrivateKey" ||
|
||||
|
@ -31,12 +31,17 @@ foreach $file (@source) {
|
||||
while(<IN>) {
|
||||
if (/^DECLARE_STACK_OF\(([^)]+)\)/) {
|
||||
push @stacklst, $1;
|
||||
} if (/^DECLARE_ASN1_SET_OF\(([^)]+)\)/) {
|
||||
push @asn1setlst, $1;
|
||||
} if (/^DECLARE_PKCS12_STACK_OF\(([^)]+)\)/) {
|
||||
push @p12stklst, $1;
|
||||
}
|
||||
}
|
||||
close(IN);
|
||||
}
|
||||
|
||||
|
||||
|
||||
my $old_stackfile = "";
|
||||
my $new_stackfile = "";
|
||||
my $inside_block = 0;
|
||||
@ -57,7 +62,7 @@ while(<IN>) {
|
||||
next if($inside_block != 1);
|
||||
$new_stackfile .= "/* This block of defines is updated by util/mkstack.pl, please do not touch! */";
|
||||
|
||||
foreach $type_thing (@stacklst) {
|
||||
foreach $type_thing (sort @stacklst) {
|
||||
$new_stackfile .= <<EOF;
|
||||
|
||||
#define sk_${type_thing}_new(st) SKM_sk_new($type_thing, (st))
|
||||
@ -79,6 +84,26 @@ while(<IN>) {
|
||||
#define sk_${type_thing}_shift(st) SKM_sk_shift($type_thing, (st))
|
||||
#define sk_${type_thing}_pop(st) SKM_sk_pop($type_thing, (st))
|
||||
#define sk_${type_thing}_sort(st) SKM_sk_sort($type_thing, (st))
|
||||
EOF
|
||||
}
|
||||
foreach $type_thing (sort @asn1setlst) {
|
||||
$new_stackfile .= <<EOF;
|
||||
|
||||
#define d2i_ASN1_SET_OF_${type_thing}(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \\
|
||||
SKM_ASN1_SET_OF_d2i($type_thing, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
|
||||
#define i2d_ASN1_SET_OF_${type_thing}(st, pp, i2d_func, ex_tag, ex_class, is_set) \\
|
||||
SKM_ASN1_SET_OF_i2d($type_thing, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
|
||||
#define ASN1_seq_pack_${type_thing}(st, i2d_func, buf, len) \\
|
||||
SKM_ASN1_seq_pack($type_thing, (st), (i2d_func), (buf), (len))
|
||||
#define ASN1_seq_unpack_${type_thing}(buf, len, d2i_func, free_func) \\
|
||||
SKM_ASN1_seq_unpack($type_thing, (buf), (len), (d2i_func), (free_func))
|
||||
EOF
|
||||
}
|
||||
foreach $type_thing (sort @p12stklst) {
|
||||
$new_stackfile .= <<EOF;
|
||||
|
||||
#define PKCS12_decrypt_d2i_${type_thing}(algor, d2i_func, free_func, pass, passlen, oct, seq) \\
|
||||
SKM_PKCS12_decrypt_d2i($type_thing, (algor), (d2i_func), (free_func), (pass), (passlen), (oct), (seq))
|
||||
EOF
|
||||
}
|
||||
$new_stackfile .= "/* End of util/mkstack.pl block, you may now edit :-) */\n";
|
||||
|
Loading…
x
Reference in New Issue
Block a user