ispell (and minor modifications)
This commit is contained in:
parent
9dbc41d7ee
commit
657e60fa00
@ -51,7 +51,7 @@ directory. The syntax is trhe following:
|
||||
|
||||
Note: The RSAREF libraries are NOT INCLUDED and you have to
|
||||
download it from "ftp://ftp.rsa.com/rsaref". You have to
|
||||
get the ".tar-Z" file as the ".zip" file dosen't have the
|
||||
get the ".tar-Z" file as the ".zip" file doesn't have the
|
||||
directory structure stored. You have to extract the file
|
||||
into the [.RSAREF] directory as that is where the scripts
|
||||
will look for the files.
|
||||
@ -175,7 +175,7 @@ dependent on the OpenVMS version or the C library version, *and* you
|
||||
can use those macros to simulate older OpenVMS or C library versions,
|
||||
by defining the macros _VMS_V6_SOURCE, __VMS_VER and __CTRL_VER with
|
||||
correct values. In the compilation scripts, I've provided the possibility
|
||||
for the user to influense the creation of such macros, through a bunch of
|
||||
for the user to influence the creation of such macros, through a bunch of
|
||||
symbols, all having names starting with USER_. Here's the list of them:
|
||||
|
||||
USER_CCFLAGS - Used to give additional qualifiers to the
|
||||
|
@ -4,7 +4,7 @@
|
||||
|
||||
Heres a few comments about building OpenSSL in Windows environments. Most of
|
||||
this is tested on Win32 but it may also work in Win 3.1 with some
|
||||
modification. See the end of this file for Eric's original comments.
|
||||
modification.
|
||||
|
||||
You need Perl for Win32 (available from http://www.activestate.com/ActivePerl)
|
||||
and one of the following C compilers:
|
||||
|
@ -66,7 +66,7 @@ foreach (@ARGV) {
|
||||
$RET=$?;
|
||||
print "Request (and private key) is in newreq.pem\n";
|
||||
} elsif (/^-newca$/) {
|
||||
# if explictly asked for or it doesn't exist then setup the
|
||||
# if explicitly asked for or it doesn't exist then setup the
|
||||
# directory structure that Eric likes to manage things
|
||||
$NEW="1";
|
||||
if ( "$NEW" || ! -f "${CATOP}/serial" ) {
|
||||
|
@ -60,7 +60,7 @@ case $i in
|
||||
echo "Request (and private key) is in newreq.pem"
|
||||
;;
|
||||
-newca)
|
||||
# if explictly asked for or it doesn't exist then setup the directory
|
||||
# if explicitly asked for or it doesn't exist then setup the directory
|
||||
# structure that Eric likes to manage things
|
||||
NEW="1"
|
||||
if [ "$NEW" -o ! -f ${CATOP}/serial ]; then
|
||||
|
@ -180,7 +180,7 @@ int app_RAND_write_file(const char *file, BIO *bio_e)
|
||||
if (!seeded)
|
||||
/* If we did not manage to read the seed file,
|
||||
* we should not write a low-entropy seed file back --
|
||||
* it would supress a crucial warning the next time
|
||||
* it would suppress a crucial warning the next time
|
||||
* we want to use it. */
|
||||
return 0;
|
||||
|
||||
|
@ -74,7 +74,7 @@
|
||||
* -i - indent the details by depth
|
||||
* -offset - where in the file to start
|
||||
* -length - how many bytes to use
|
||||
* -oid file - extra oid decription file
|
||||
* -oid file - extra oid description file
|
||||
*/
|
||||
|
||||
#undef PROG
|
||||
@ -172,7 +172,7 @@ bad:
|
||||
BIO_printf(bio_err," -out arg output file\n");
|
||||
BIO_printf(bio_err," -noout arg don't produce any output\n");
|
||||
BIO_printf(bio_err," -offset arg offset into file\n");
|
||||
BIO_printf(bio_err," -length arg lenth of section in file\n");
|
||||
BIO_printf(bio_err," -length arg length of section in file\n");
|
||||
BIO_printf(bio_err," -i indent entries\n");
|
||||
BIO_printf(bio_err," -oid file file of extra oid definitions\n");
|
||||
BIO_printf(bio_err," -strparse offset\n");
|
||||
|
20
apps/ca.c
20
apps/ca.c
@ -517,7 +517,7 @@ bad:
|
||||
}
|
||||
|
||||
/*****************************************************************/
|
||||
/* we definitly need an public key, so lets get it */
|
||||
/* we definitely need an public key, so lets get it */
|
||||
|
||||
if ((keyfile == NULL) && ((keyfile=CONF_get_string(conf,
|
||||
section,ENV_PRIVATE_KEY)) == NULL))
|
||||
@ -592,7 +592,7 @@ bad:
|
||||
if (access(outdir,R_OK|W_OK|X_OK) != 0)
|
||||
#endif
|
||||
{
|
||||
BIO_printf(bio_err,"I am unable to acces the %s directory\n",outdir);
|
||||
BIO_printf(bio_err,"I am unable to access the %s directory\n",outdir);
|
||||
perror(outdir);
|
||||
goto err;
|
||||
}
|
||||
@ -676,7 +676,7 @@ bad:
|
||||
TXT_DB_write(out,db);
|
||||
BIO_printf(bio_err,"%d entries loaded from the database\n",
|
||||
db->data->num);
|
||||
BIO_printf(bio_err,"generating indexs\n");
|
||||
BIO_printf(bio_err,"generating index\n");
|
||||
}
|
||||
|
||||
if (!TXT_DB_create_index(db,DB_serial,NULL,index_serial_hash,
|
||||
@ -1008,14 +1008,14 @@ bad:
|
||||
out=NULL;
|
||||
if (rename(serialfile,buf[2]) < 0)
|
||||
{
|
||||
BIO_printf(bio_err,"unabel to rename %s to %s\n",
|
||||
BIO_printf(bio_err,"unable to rename %s to %s\n",
|
||||
serialfile,buf[2]);
|
||||
perror("reason");
|
||||
goto err;
|
||||
}
|
||||
if (rename(buf[0],serialfile) < 0)
|
||||
{
|
||||
BIO_printf(bio_err,"unabel to rename %s to %s\n",
|
||||
BIO_printf(bio_err,"unable to rename %s to %s\n",
|
||||
buf[0],serialfile);
|
||||
perror("reason");
|
||||
rename(buf[2],serialfile);
|
||||
@ -1032,14 +1032,14 @@ bad:
|
||||
|
||||
if (rename(dbfile,buf[2]) < 0)
|
||||
{
|
||||
BIO_printf(bio_err,"unabel to rename %s to %s\n",
|
||||
BIO_printf(bio_err,"unable to rename %s to %s\n",
|
||||
dbfile,buf[2]);
|
||||
perror("reason");
|
||||
goto err;
|
||||
}
|
||||
if (rename(buf[1],dbfile) < 0)
|
||||
{
|
||||
BIO_printf(bio_err,"unabel to rename %s to %s\n",
|
||||
BIO_printf(bio_err,"unable to rename %s to %s\n",
|
||||
buf[1],dbfile);
|
||||
perror("reason");
|
||||
rename(buf[2],dbfile);
|
||||
@ -1686,7 +1686,7 @@ again2:
|
||||
}
|
||||
|
||||
if (verbose)
|
||||
BIO_printf(bio_err,"The subject name apears to be ok, checking data base for clashes\n");
|
||||
BIO_printf(bio_err,"The subject name appears to be ok, checking data base for clashes\n");
|
||||
|
||||
row[DB_name]=X509_NAME_oneline(subject,NULL,0);
|
||||
row[DB_serial]=BN_bn2hex(serial);
|
||||
@ -1743,7 +1743,7 @@ again2:
|
||||
goto err;
|
||||
}
|
||||
|
||||
/* We are now totaly happy, lets make and sign the certificate */
|
||||
/* We are now totally happy, lets make and sign the certificate */
|
||||
if (verbose)
|
||||
BIO_printf(bio_err,"Everything appears to be ok, creating and signing the certificate\n");
|
||||
|
||||
@ -1790,7 +1790,7 @@ again2:
|
||||
ASN1_INTEGER_set(ci->version,2); /* version 3 certificate */
|
||||
|
||||
/* Free the current entries if any, there should not
|
||||
* be any I belive */
|
||||
* be any I believe */
|
||||
if (ci->extensions != NULL)
|
||||
sk_X509_EXTENSION_pop_free(ci->extensions,
|
||||
X509_EXTENSION_free);
|
||||
|
@ -219,7 +219,7 @@ bad:
|
||||
BN_print(stdout,dh->g);
|
||||
printf("\n");
|
||||
if (dh->length != 0)
|
||||
printf("recomented private length=%ld\n",dh->length);
|
||||
printf("recommended private length=%ld\n",dh->length);
|
||||
#endif
|
||||
}
|
||||
|
||||
@ -298,7 +298,7 @@ bad:
|
||||
}
|
||||
if (!i)
|
||||
{
|
||||
BIO_printf(bio_err,"unable to write DH paramaters\n");
|
||||
BIO_printf(bio_err,"unable to write DH parameters\n");
|
||||
ERR_print_errors(bio_err);
|
||||
goto end;
|
||||
}
|
||||
|
@ -335,7 +335,7 @@ bad:
|
||||
}
|
||||
if (!i)
|
||||
{
|
||||
BIO_printf(bio_err,"unable to write DH paramaters\n");
|
||||
BIO_printf(bio_err,"unable to write DH parameters\n");
|
||||
ERR_print_errors(bio_err);
|
||||
goto end;
|
||||
}
|
||||
|
@ -317,7 +317,7 @@ bad:
|
||||
}
|
||||
if (!i)
|
||||
{
|
||||
BIO_printf(bio_err,"unable to write DSA paramaters\n");
|
||||
BIO_printf(bio_err,"unable to write DSA parameters\n");
|
||||
ERR_print_errors(bio_err);
|
||||
goto end;
|
||||
}
|
||||
|
@ -245,7 +245,7 @@ bad:
|
||||
BIO_printf(bio_err,"rc2 :128 bit key RC2 encryption\n");
|
||||
#endif
|
||||
#ifndef NO_BF
|
||||
BIO_printf(bio_err,"bf :128 bit key BlowFish encryption\n");
|
||||
BIO_printf(bio_err,"bf :128 bit key Blowfish encryption\n");
|
||||
#endif
|
||||
#ifndef NO_RC4
|
||||
BIO_printf(bio_err," -%-5s :128 bit key RC4 encryption\n",
|
||||
|
@ -94,7 +94,7 @@ int MAIN(int argc, char **argv)
|
||||
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
|
||||
if ((out=BIO_new(BIO_s_file())) == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"unable to creat BIO for output\n");
|
||||
BIO_printf(bio_err,"unable to create BIO for output\n");
|
||||
goto err;
|
||||
}
|
||||
|
||||
@ -178,7 +178,7 @@ bad:
|
||||
|
||||
if (rsa == NULL) goto err;
|
||||
|
||||
/* We need to do the folloing for when the base number size is <
|
||||
/* We need to do the following for when the base number size is <
|
||||
* long, esp windows 3.1 :-(. */
|
||||
l=0L;
|
||||
for (i=0; i<rsa->e->top; i++)
|
||||
|
@ -492,7 +492,7 @@ int MAIN(int argc, char **argv)
|
||||
CRYPTO_push_info("verify MAC");
|
||||
#endif
|
||||
if (!PKCS12_verify_mac (p12, mpass, -1)) {
|
||||
BIO_printf (bio_err, "Mac verify errror: invalid password?\n");
|
||||
BIO_printf (bio_err, "Mac verify error: invalid password?\n");
|
||||
ERR_print_errors (bio_err);
|
||||
goto end;
|
||||
} else BIO_printf (bio_err, "MAC verified OK\n");
|
||||
|
@ -148,7 +148,7 @@ static void sc_usage(void)
|
||||
BIO_printf(bio_err," -tls1 - just use TLSv1\n");
|
||||
BIO_printf(bio_err," -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n");
|
||||
BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n");
|
||||
BIO_printf(bio_err," -cipher - prefered cipher to use, use the 'openssl ciphers'\n");
|
||||
BIO_printf(bio_err," -cipher - preferred cipher to use, use the 'openssl ciphers'\n");
|
||||
BIO_printf(bio_err," command to see what is available\n");
|
||||
|
||||
}
|
||||
@ -354,7 +354,7 @@ bad:
|
||||
if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback);
|
||||
if (cipher != NULL)
|
||||
if(!SSL_CTX_set_cipher_list(ctx,cipher)) {
|
||||
BIO_printf(bio_err,"error seting cipher list\n");
|
||||
BIO_printf(bio_err,"error setting cipher list\n");
|
||||
ERR_print_errors(bio_err);
|
||||
goto end;
|
||||
}
|
||||
@ -370,7 +370,7 @@ bad:
|
||||
if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
|
||||
(!SSL_CTX_set_default_verify_paths(ctx)))
|
||||
{
|
||||
/* BIO_printf(bio_err,"error seting default verify locations\n"); */
|
||||
/* BIO_printf(bio_err,"error setting default verify locations\n"); */
|
||||
ERR_print_errors(bio_err);
|
||||
/* goto end; */
|
||||
}
|
||||
|
@ -239,7 +239,7 @@ static void sv_usage(void)
|
||||
#ifndef NO_DH
|
||||
BIO_printf(bio_err," -no_dhe - Disable ephemeral DH\n");
|
||||
#endif
|
||||
BIO_printf(bio_err," -bugs - Turn on SSL bug compatability\n");
|
||||
BIO_printf(bio_err," -bugs - Turn on SSL bug compatibility\n");
|
||||
BIO_printf(bio_err," -www - Respond to a 'GET /' with a status page\n");
|
||||
BIO_printf(bio_err," -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
|
||||
}
|
||||
@ -698,7 +698,7 @@ bad:
|
||||
|
||||
if (cipher != NULL)
|
||||
if(!SSL_CTX_set_cipher_list(ctx,cipher)) {
|
||||
BIO_printf(bio_err,"error seting cipher list\n");
|
||||
BIO_printf(bio_err,"error setting cipher list\n");
|
||||
ERR_print_errors(bio_err);
|
||||
goto end;
|
||||
}
|
||||
@ -1448,7 +1448,7 @@ end:
|
||||
/* make sure we re-use sessions */
|
||||
SSL_set_shutdown(con,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
|
||||
#else
|
||||
/* This kills performace */
|
||||
/* This kills performance */
|
||||
/* SSL_shutdown(con); A shutdown gets sent in the
|
||||
* BIO_free_all(io) procession */
|
||||
#endif
|
||||
|
@ -216,7 +216,7 @@ static void s_time_usage(void)
|
||||
file if not specified by this option\n\
|
||||
-CApath arg - PEM format directory of CA's\n\
|
||||
-CAfile arg - PEM format file of CA's\n\
|
||||
-cipher - prefered cipher to use, play with 'openssl ciphers'\n\n";
|
||||
-cipher - preferred cipher to use, play with 'openssl ciphers'\n\n";
|
||||
|
||||
printf( "usage: s_time <args>\n\n" );
|
||||
|
||||
@ -225,7 +225,7 @@ static void s_time_usage(void)
|
||||
printf("-nbio - Run with non-blocking IO\n");
|
||||
printf("-ssl2 - Just use SSLv2\n");
|
||||
printf("-ssl3 - Just use SSLv3\n");
|
||||
printf("-bugs - Turn on SSL bug compatability\n");
|
||||
printf("-bugs - Turn on SSL bug compatibility\n");
|
||||
printf("-new - Just time new connections\n");
|
||||
printf("-reuse - Just time connection reuse\n");
|
||||
printf("-www page - Retrieve 'page' from the site\n");
|
||||
@ -431,7 +431,7 @@ int MAIN(int argc, char **argv)
|
||||
if ((!SSL_CTX_load_verify_locations(tm_ctx,CAfile,CApath)) ||
|
||||
(!SSL_CTX_set_default_verify_paths(tm_ctx)))
|
||||
{
|
||||
/* BIO_printf(bio_err,"error seting default verify locations\n"); */
|
||||
/* BIO_printf(bio_err,"error setting default verify locations\n"); */
|
||||
ERR_print_errors(bio_err);
|
||||
/* goto end; */
|
||||
}
|
||||
|
@ -294,7 +294,7 @@ int MAIN(int argc, char **argv)
|
||||
encerts = sk_X509_new_null();
|
||||
while (*args) {
|
||||
if(!(cert = load_cert(*args))) {
|
||||
BIO_printf(bio_err, "Can't read recipent certificate file %s\n", *args);
|
||||
BIO_printf(bio_err, "Can't read recipient certificate file %s\n", *args);
|
||||
goto end;
|
||||
}
|
||||
sk_X509_push(encerts, cert);
|
||||
|
@ -119,7 +119,7 @@ int MAIN(int argc, char **argv)
|
||||
i = X509_PURPOSE_get_by_sname(*(++argv));
|
||||
if(i < 0)
|
||||
{
|
||||
BIO_printf(bio_err, "unrecognised purpose\n");
|
||||
BIO_printf(bio_err, "unrecognized purpose\n");
|
||||
goto end;
|
||||
}
|
||||
xptmp = X509_PURPOSE_iget(i);
|
||||
@ -185,7 +185,7 @@ int MAIN(int argc, char **argv)
|
||||
end:
|
||||
if (ret == 1) {
|
||||
BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] cert1 cert2 ...\n");
|
||||
BIO_printf(bio_err,"recognised usages:\n");
|
||||
BIO_printf(bio_err,"recognized usages:\n");
|
||||
for(i = 0; i < X509_PURPOSE_get_count(); i++) {
|
||||
X509_PURPOSE *ptmp;
|
||||
ptmp = X509_PURPOSE_iget(i);
|
||||
|
@ -93,7 +93,7 @@ static char *x509_usage[]={
|
||||
" -in arg - input file - default stdin\n",
|
||||
" -out arg - output file - default stdout\n",
|
||||
" -passin arg - private key password\n",
|
||||
" -envpassin arg - read private key password from encvironment variable \"arg\"\n",
|
||||
" -envpassin arg - read private key password from environment variable \"arg\"\n",
|
||||
" -serial - print serial number value\n",
|
||||
" -hash - print hash value\n",
|
||||
" -subject - print subject DN\n",
|
||||
@ -119,7 +119,7 @@ static char *x509_usage[]={
|
||||
" -req - input is a certificate request, sign and output.\n",
|
||||
" -CA arg - set the CA certificate, must be PEM format.\n",
|
||||
" -CAkey arg - set the CA key, must be PEM format\n",
|
||||
" missing, it is asssumed to be in the CA file.\n",
|
||||
" missing, it is assumed to be in the CA file.\n",
|
||||
" -CAcreateserial - create serial number file if it does not exist\n",
|
||||
" -CAserial - serial file\n",
|
||||
" -text - print the certificate in text form\n",
|
||||
|
@ -71,7 +71,7 @@ B_ASN1_T61STRING,B_ASN1_VIDEOTEXSTRING,B_ASN1_IA5STRING,0,
|
||||
B_ASN1_UNIVERSALSTRING,B_ASN1_UNKNOWN,B_ASN1_BMPSTRING,B_ASN1_UNKNOWN,
|
||||
};
|
||||
|
||||
static int asn1_collate_primative(ASN1_STRING *a, ASN1_CTX *c);
|
||||
static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c);
|
||||
/* type is a 'bitmap' of acceptable string types.
|
||||
*/
|
||||
ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, unsigned char **pp,
|
||||
@ -205,7 +205,7 @@ ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp, long length,
|
||||
c.tag=Ptag;
|
||||
c.xclass=Pclass;
|
||||
c.max=(length == 0)?0:(p+length);
|
||||
if (!asn1_collate_primative(ret,&c))
|
||||
if (!asn1_collate_primitive(ret,&c))
|
||||
goto err;
|
||||
else
|
||||
{
|
||||
@ -254,11 +254,11 @@ err:
|
||||
}
|
||||
|
||||
|
||||
/* We are about to parse 0..n d2i_ASN1_bytes objects, we are to collapes
|
||||
* them into the one struture that is then returned */
|
||||
/* We are about to parse 0..n d2i_ASN1_bytes objects, we are to collapse
|
||||
* them into the one structure that is then returned */
|
||||
/* There have been a few bug fixes for this function from
|
||||
* Paul Keogh <paul.keogh@sse.ie>, many thanks to him */
|
||||
static int asn1_collate_primative(ASN1_STRING *a, ASN1_CTX *c)
|
||||
static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c)
|
||||
{
|
||||
ASN1_STRING *os=NULL;
|
||||
BUF_MEM b;
|
||||
|
@ -60,7 +60,7 @@
|
||||
#include "cryptlib.h"
|
||||
#include <openssl/asn1.h>
|
||||
|
||||
/* ASN1 functions for NULL type. For compatability with other ASN1 code
|
||||
/* ASN1 functions for NULL type. For compatibility with other ASN1 code
|
||||
* it returns a pointer to an "ASN1_NULL" structure. The new/free functions
|
||||
* don't need to do any allocating because nothing is stored in a NULL.
|
||||
*/
|
||||
|
@ -269,7 +269,7 @@ void ASN1_OBJECT_free(ASN1_OBJECT *a)
|
||||
if (a == NULL) return;
|
||||
if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS)
|
||||
{
|
||||
#ifndef CONST_STRICT /* disable purely for compile-time strict const checking. Doing this on a "real" compile will cause mempory leaks */
|
||||
#ifndef CONST_STRICT /* disable purely for compile-time strict const checking. Doing this on a "real" compile will cause memory leaks */
|
||||
if (a->sn != NULL) Free((void *)a->sn);
|
||||
if (a->ln != NULL) Free((void *)a->ln);
|
||||
#endif
|
||||
|
@ -133,7 +133,7 @@ int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2,
|
||||
signature->data=buf_out;
|
||||
buf_out=NULL;
|
||||
signature->length=outl;
|
||||
/* In the interests of compatability, I'll make sure that
|
||||
/* In the interests of compatibility, I'll make sure that
|
||||
* the bit string has a 'not-used bits' value of 0
|
||||
*/
|
||||
signature->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
|
||||
|
@ -81,7 +81,7 @@ extern "C" {
|
||||
#define V_ASN1_PRIMITIVE_TAG 0x1f
|
||||
#define V_ASN1_PRIMATIVE_TAG 0x1f
|
||||
|
||||
#define V_ASN1_APP_CHOOSE -2 /* let the recipent choose */
|
||||
#define V_ASN1_APP_CHOOSE -2 /* let the recipient choose */
|
||||
|
||||
#define V_ASN1_UNDEF -1
|
||||
#define V_ASN1_EOC 0
|
||||
@ -176,7 +176,7 @@ typedef struct asn1_ctx_st
|
||||
int tag; /* tag from last 'get object' */
|
||||
int xclass; /* class from last 'get object' */
|
||||
long slen; /* length of last 'get object' */
|
||||
unsigned char *max; /* largest value of p alowed */
|
||||
unsigned char *max; /* largest value of p allowed */
|
||||
unsigned char *q;/* temporary variable */
|
||||
unsigned char **pp;/* variable */
|
||||
int line; /* used in error processing */
|
||||
|
@ -176,7 +176,7 @@ static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max)
|
||||
}
|
||||
|
||||
/* class 0 is constructed
|
||||
* constructed == 2 for indefinitle length constructed */
|
||||
* constructed == 2 for indefinite length constructed */
|
||||
void ASN1_put_object(unsigned char **pp, int constructed, int length, int tag,
|
||||
int xclass)
|
||||
{
|
||||
@ -349,7 +349,7 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len)
|
||||
if (data != NULL)
|
||||
{
|
||||
memcpy(str->data,data,len);
|
||||
/* an alowance for strings :-) */
|
||||
/* an allowance for strings :-) */
|
||||
str->data[len]='\0';
|
||||
}
|
||||
return(1);
|
||||
|
@ -122,7 +122,7 @@ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, unsigned char **pp,
|
||||
int keytype;
|
||||
p = *pp;
|
||||
/* Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE):
|
||||
* by analysing it we can determine the passed structure: this
|
||||
* by analyzing it we can determine the passed structure: this
|
||||
* assumes the input is surrounded by an ASN1 SEQUENCE.
|
||||
*/
|
||||
inkey = d2i_ASN1_SET_OF_ASN1_TYPE(NULL, &p, length, d2i_ASN1_TYPE,
|
||||
|
@ -298,7 +298,7 @@ int DHparams_print(BIO *bp, DH *x)
|
||||
if (!print(bp,"generator:",x->g,m,4)) goto err;
|
||||
if (x->length != 0)
|
||||
{
|
||||
if (BIO_printf(bp," recomented-private-length: %d bits\n",
|
||||
if (BIO_printf(bp," recommended-private-length: %d bits\n",
|
||||
(int)x->length) <= 0) goto err;
|
||||
}
|
||||
ret=1;
|
||||
|
@ -73,7 +73,7 @@ int i2d_X509_REQ_INFO(X509_REQ_INFO *a, unsigned char **pp)
|
||||
* allow some CA Software to accept the cert request.
|
||||
* It is not following the PKCS standards ...
|
||||
* PKCS#10 pg 5
|
||||
* attributes [0] IMPLICIT Attibutes
|
||||
* attributes [0] IMPLICIT Attributes
|
||||
* NOTE: no OPTIONAL ... so it *must* be there
|
||||
*/
|
||||
if (a->req_kludge)
|
||||
@ -94,7 +94,7 @@ int i2d_X509_REQ_INFO(X509_REQ_INFO *a, unsigned char **pp)
|
||||
/* this is a *nasty* hack reported to be required by some CA's.
|
||||
* It is not following the PKCS standards ...
|
||||
* PKCS#10 pg 5
|
||||
* attributes [0] IMPLICIT Attibutes
|
||||
* attributes [0] IMPLICIT Attributes
|
||||
* NOTE: no OPTIONAL ... so it *must* be there
|
||||
*/
|
||||
if (a->req_kludge)
|
||||
@ -126,7 +126,7 @@ X509_REQ_INFO *d2i_X509_REQ_INFO(X509_REQ_INFO **a, unsigned char **pp,
|
||||
* have been reported as requiring it.
|
||||
* It is not following the PKCS standards ...
|
||||
* PKCS#10 pg 5
|
||||
* attributes [0] IMPLICIT Attibutes
|
||||
* attributes [0] IMPLICIT Attributes
|
||||
* NOTE: no OPTIONAL ... so it *must* be there
|
||||
*/
|
||||
if (asn1_Finish(&c))
|
||||
|
@ -57,7 +57,7 @@
|
||||
*/
|
||||
|
||||
/* This module was send to me my Pat Richards <patr@x509.com> who
|
||||
* wrote it. It is under my Copyright with his permision
|
||||
* wrote it. It is under my Copyright with his permission
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
|
@ -61,11 +61,11 @@
|
||||
#include <openssl/opensslv.h>
|
||||
|
||||
/* Blowfish as implemented from 'Blowfish: Springer-Verlag paper'
|
||||
* (From LECTURE NOTES IN COIMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION,
|
||||
* (From LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION,
|
||||
* CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
|
||||
*/
|
||||
|
||||
const char *BF_version="BlowFish" OPENSSL_VERSION_PTEXT;
|
||||
const char *BF_version="Blowfish" OPENSSL_VERSION_PTEXT;
|
||||
|
||||
const char *BF_options(void)
|
||||
{
|
||||
|
@ -60,7 +60,7 @@
|
||||
#include "bf_locl.h"
|
||||
|
||||
/* Blowfish as implemented from 'Blowfish: Springer-Verlag paper'
|
||||
* (From LECTURE NOTES IN COIMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION,
|
||||
* (From LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION,
|
||||
* CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
|
||||
*/
|
||||
|
||||
|
@ -148,7 +148,7 @@
|
||||
*((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
|
||||
*((c)++)=(unsigned char)(((l) )&0xff))
|
||||
|
||||
/* This is actually a big endian algorithm, the most significate byte
|
||||
/* This is actually a big endian algorithm, the most significant byte
|
||||
* is used to lookup array 0 */
|
||||
|
||||
#if defined(BF_PTR2)
|
||||
@ -183,8 +183,8 @@
|
||||
|
||||
/*
|
||||
* This is normally very good on RISC platforms where normally you
|
||||
* have to explicitely "multiplicate" array index by sizeof(BF_LONG)
|
||||
* in order to caclulate the effective address. This implementation
|
||||
* have to explicitly "multiply" array index by sizeof(BF_LONG)
|
||||
* in order to calculate the effective address. This implementation
|
||||
* excuses CPU from this extra work. Power[PC] uses should have most
|
||||
* fun as (R>>BF_i)&BF_M gets folded into a single instruction, namely
|
||||
* rlwinm. So let'em double-check if their compiler does it.
|
||||
|
@ -242,7 +242,7 @@ int main(int argc, char **argv)
|
||||
}
|
||||
|
||||
#ifndef TIMES
|
||||
fprintf(stderr,"To get the most acurate results, try to run this\n");
|
||||
fprintf(stderr,"To get the most accurate results, try to run this\n");
|
||||
fprintf(stderr,"program when this computer is idle.\n");
|
||||
#endif
|
||||
|
||||
|
@ -183,7 +183,7 @@ int main(int argc, char **argv)
|
||||
#endif
|
||||
|
||||
#ifndef TIMES
|
||||
printf("To get the most acurate results, try to run this\n");
|
||||
printf("To get the most accurate results, try to run this\n");
|
||||
printf("program when this computer is idle.\n");
|
||||
#endif
|
||||
|
||||
|
@ -76,7 +76,7 @@ extern "C" {
|
||||
#define BIO_TYPE_SOCKET (5|0x0400|0x0100)
|
||||
#define BIO_TYPE_NULL (6|0x0400)
|
||||
#define BIO_TYPE_SSL (7|0x0200)
|
||||
#define BIO_TYPE_MD (8|0x0200) /* pasive filter */
|
||||
#define BIO_TYPE_MD (8|0x0200) /* passive filter */
|
||||
#define BIO_TYPE_BUFFER (9|0x0200) /* filter */
|
||||
#define BIO_TYPE_CIPHER (10|0x0200) /* filter */
|
||||
#define BIO_TYPE_BASE64 (11|0x0200) /* filter */
|
||||
@ -168,7 +168,7 @@ extern "C" {
|
||||
#define BIO_get_retry_flags(b) \
|
||||
((b)->flags&(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
|
||||
|
||||
/* These shouldbe used by the application to tell why we should retry */
|
||||
/* These should be used by the application to tell why we should retry */
|
||||
#define BIO_should_read(a) ((a)->flags & BIO_FLAGS_READ)
|
||||
#define BIO_should_write(a) ((a)->flags & BIO_FLAGS_WRITE)
|
||||
#define BIO_should_io_special(a) ((a)->flags & BIO_FLAGS_IO_SPECIAL)
|
||||
|
@ -65,7 +65,7 @@ struct bio_bio_st
|
||||
|
||||
size_t request; /* valid iff peer != NULL; 0 if len != 0,
|
||||
* otherwise set by peer to number of bytes
|
||||
* it (unsuccesfully) tried to read,
|
||||
* it (unsuccessfully) tried to read,
|
||||
* never more than buffer space (size-len) warrants. */
|
||||
};
|
||||
|
||||
@ -387,7 +387,7 @@ static size_t bio_nwrite0(BIO *bio, char **buf)
|
||||
write_offset -= b->size;
|
||||
if (write_offset + num > b->size)
|
||||
/* no ring buffer wrap-around for non-copying interface
|
||||
* (to fulfil the promise by BIO_ctrl_get_write_guarantee,
|
||||
* (to fulfill the promise by BIO_ctrl_get_write_guarantee,
|
||||
* BIO_nwrite may have to be called twice) */
|
||||
num = b->size - write_offset;
|
||||
|
||||
@ -479,7 +479,7 @@ static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr)
|
||||
|
||||
case BIO_C_GET_WRITE_GUARANTEE:
|
||||
/* How many bytes can the caller feed to the next write
|
||||
* withouth having to keep any? */
|
||||
* without having to keep any? */
|
||||
if (b->peer == NULL || b->closed)
|
||||
ret = 0;
|
||||
else
|
||||
@ -487,7 +487,7 @@ static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr)
|
||||
break;
|
||||
|
||||
case BIO_C_GET_READ_REQUEST:
|
||||
/* If the peer unsuccesfully tried to read, how many bytes
|
||||
/* If the peer unsuccessfully tried to read, how many bytes
|
||||
* were requested? (As with BIO_CTRL_PENDING, that number
|
||||
* can usually be treated as boolean.) */
|
||||
ret = (long) b->request;
|
||||
@ -765,7 +765,7 @@ int BIO_ctrl_reset_read_request(BIO *bio)
|
||||
}
|
||||
|
||||
|
||||
/* BIO_nread0/nread/nwrite0/nwrite are availabe only for BIO pairs for now
|
||||
/* BIO_nread0/nread/nwrite0/nwrite are available only for BIO pairs for now
|
||||
* (conceivably some other BIOs could allow non-copying reads and writes too.)
|
||||
*/
|
||||
int BIO_nread0(BIO *bio, char **buf)
|
||||
|
@ -90,11 +90,11 @@ typedef struct bio_connect_st
|
||||
struct sockaddr_in them;
|
||||
|
||||
/* int socket; this will be kept in bio->num so that it is
|
||||
* compatable with the bss_sock bio */
|
||||
* compatible with the bss_sock bio */
|
||||
|
||||
/* called when the connection is initially made
|
||||
* callback(BIO,state,ret); The callback should return
|
||||
* 'ret'. state is for compatablity with the ssl info_callback */
|
||||
* 'ret'. state is for compatibility with the ssl info_callback */
|
||||
int (*info_callback)();
|
||||
} BIO_CONNECT;
|
||||
|
||||
@ -500,7 +500,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, char *ptr)
|
||||
*((int *)ptr)=data->port;
|
||||
}
|
||||
if ((!b->init) || (ptr == NULL))
|
||||
*pptr="not initalised";
|
||||
*pptr="not initialized";
|
||||
ret=1;
|
||||
}
|
||||
break;
|
||||
|
@ -171,7 +171,7 @@ static int MS_CALLBACK file_write(BIO *b, char *in, int inl)
|
||||
if (fwrite(in,(int)inl,1,(FILE *)b->ptr))
|
||||
ret=inl;
|
||||
/* ret=fwrite(in,1,(int)inl,(FILE *)b->ptr); */
|
||||
/* acording to Tim Hudson <tjh@cryptsoft.com>, the commented
|
||||
/* according to Tim Hudson <tjh@cryptsoft.com>, the commented
|
||||
* out version above can cause 'inl' write calls under
|
||||
* some stupid stdio implementations (VMS) */
|
||||
}
|
||||
|
@ -83,12 +83,12 @@ extern "C" {
|
||||
* The reason for this flag is that when the particular C compiler
|
||||
* library routine is used, and the library is linked with a different
|
||||
* compiler, the library is missing. This mostly happens when the
|
||||
* library is built with gcc and then linked using nornal cc. This would
|
||||
* be a common occurance because gcc normally produces code that is
|
||||
* library is built with gcc and then linked using normal cc. This would
|
||||
* be a common occurrence because gcc normally produces code that is
|
||||
* 2 times faster than system compilers for the big number stuff.
|
||||
* For machines with only one compiler (or shared libraries), this should
|
||||
* be on. Again this in only really a problem on machines
|
||||
* using "long long's", are 32bit, and are not using my assember code. */
|
||||
* using "long long's", are 32bit, and are not using my assembler code. */
|
||||
#if defined(MSDOS) || defined(WINDOWS) || defined(linux)
|
||||
#define BN_DIV2W
|
||||
#endif
|
||||
@ -118,8 +118,8 @@ extern "C" {
|
||||
|
||||
/* This is where the long long data type is 64 bits, but long is 32.
|
||||
* For machines where there are 64bit registers, this is the mode to use.
|
||||
* IRIX, on R4000 and above should use this mode, along with the relevent
|
||||
* assember code :-). Do NOT define BN_LLONG.
|
||||
* IRIX, on R4000 and above should use this mode, along with the relevant
|
||||
* assembler code :-). Do NOT define BN_LLONG.
|
||||
*/
|
||||
#ifdef SIXTY_FOUR_BIT
|
||||
#undef BN_LLONG
|
||||
|
@ -9,7 +9,7 @@
|
||||
* bits=1 75.4% 79.4%
|
||||
* bits=2 61.2% 62.4%
|
||||
* bits=3 61.3% 59.3%
|
||||
* The lack of speed improvment is also a function of the pre-calculation
|
||||
* The lack of speed improvement is also a function of the pre-calculation
|
||||
* which could be removed.
|
||||
*/
|
||||
#define EXP2_TABLE_BITS 2 /* 1 2 3 4 5 */
|
||||
|
@ -394,7 +394,7 @@ BIGNUM *bn_expand2(BIGNUM *b, int words)
|
||||
* if A and B happen to share same cache line such code is going to
|
||||
* cause severe cache trashing. Both factors have severe impact on
|
||||
* performance of modern CPUs and this is the reason why this
|
||||
* particulare piece of code is #ifdefed away and replaced by more
|
||||
* particular piece of code is #ifdefed away and replaced by more
|
||||
* "friendly" version found in #else section below. This comment
|
||||
* also applies to BN_copy function.
|
||||
*
|
||||
@ -425,7 +425,7 @@ BIGNUM *bn_expand2(BIGNUM *b, int words)
|
||||
A[0]=B[0];
|
||||
case 0:
|
||||
/* I need the 'case 0' entry for utrix cc.
|
||||
* If the optimiser is turned on, it does the
|
||||
* If the optimizer is turned on, it does the
|
||||
* switch table by doing
|
||||
* a=top&7
|
||||
* a--;
|
||||
|
@ -66,7 +66,7 @@
|
||||
* n2 must be a power of 2.
|
||||
* We multiply and return the result.
|
||||
* t must be 2*n2 words in size
|
||||
* We calulate
|
||||
* We calculate
|
||||
* a[0]*b[0]
|
||||
* a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0])
|
||||
* a[1]*b[1]
|
||||
@ -620,7 +620,7 @@ printf("BN_mul %d * %d\n",a->top,b->top);
|
||||
goto end;
|
||||
}
|
||||
# ifdef BN_RECURSION
|
||||
goto symetric;
|
||||
goto symmetric;
|
||||
# endif
|
||||
}
|
||||
#endif
|
||||
@ -640,19 +640,19 @@ printf("BN_mul %d * %d\n",a->top,b->top);
|
||||
bn_wexpand(b,al);
|
||||
b->d[bl]=0;
|
||||
bl++;
|
||||
goto symetric;
|
||||
goto symmetric;
|
||||
}
|
||||
else if ((i == -1) && !BN_get_flags(a,BN_FLG_STATIC_DATA))
|
||||
{
|
||||
bn_wexpand(a,bl);
|
||||
a->d[al]=0;
|
||||
al++;
|
||||
goto symetric;
|
||||
goto symmetric;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
/* asymetric and >= 4 */
|
||||
/* asymmetric and >= 4 */
|
||||
if (bn_wexpand(rr,top) == NULL) return(0);
|
||||
rr->top=top;
|
||||
bn_mul_normal(rr->d,a->d,al,b->d,bl);
|
||||
@ -660,8 +660,8 @@ printf("BN_mul %d * %d\n",a->top,b->top);
|
||||
#ifdef BN_RECURSION
|
||||
if (0)
|
||||
{
|
||||
symetric:
|
||||
/* symetric and > 4 */
|
||||
symmetric:
|
||||
/* symmetric and > 4 */
|
||||
/* 16 or larger */
|
||||
j=BN_num_bits_word((BN_ULONG)al);
|
||||
j=1<<(j-1);
|
||||
|
@ -254,7 +254,7 @@ int time_it(int sec, PARMS *p)
|
||||
for (;;)
|
||||
{
|
||||
if (verbose)
|
||||
printf("timing %s for %d interations\n",p->name,i);
|
||||
printf("timing %s for %d interactions\n",p->name,i);
|
||||
|
||||
ms_time_get(start);
|
||||
p->func(i,p);
|
||||
@ -271,7 +271,7 @@ int time_it(int sec, PARMS *p)
|
||||
}
|
||||
}
|
||||
if (verbose)
|
||||
printf("using %d interations\n",i);
|
||||
printf("using %d interactions\n",i);
|
||||
return(i);
|
||||
}
|
||||
|
||||
|
@ -223,7 +223,7 @@ int BN_is_prime_fasttest(const BIGNUM *a, int checks,
|
||||
BN_CTX *ctx = NULL;
|
||||
BIGNUM *A1, *A1_odd, *check; /* taken from ctx */
|
||||
BN_MONT_CTX *mont = NULL;
|
||||
const BIGNUM *A;
|
||||
const BIGNUM *A = NULL;
|
||||
|
||||
if (checks == BN_prime_checks)
|
||||
checks = BN_prime_checks_for_size(BN_num_bits(a));
|
||||
@ -364,7 +364,7 @@ again:
|
||||
d=delta;
|
||||
delta+=2;
|
||||
/* perhaps need to check for overflow of
|
||||
* delta (but delta can be upto 2^32)
|
||||
* delta (but delta can be up to 2^32)
|
||||
* 21-May-98 eay - added overflow check */
|
||||
if (delta < d) goto again;
|
||||
goto loop;
|
||||
|
@ -137,7 +137,7 @@ char *BN_bn2dec(const BIGNUM *a)
|
||||
}
|
||||
lp--;
|
||||
/* We now have a series of blocks, BN_DEC_NUM chars
|
||||
* in length, where the last one needs trucation.
|
||||
* in length, where the last one needs truncation.
|
||||
* The blocks need to be reversed in order. */
|
||||
sprintf(p,BN_DEC_FMT1,*lp);
|
||||
while (*p) p++;
|
||||
@ -171,7 +171,7 @@ int BN_hex2bn(BIGNUM **bn, const char *a)
|
||||
num=i+neg;
|
||||
if (bn == NULL) return(num);
|
||||
|
||||
/* a is the start of the hex digets, and it is 'i' long */
|
||||
/* a is the start of the hex digits, and it is 'i' long */
|
||||
if (*bn == NULL)
|
||||
{
|
||||
if ((ret=BN_new()) == NULL) return(0);
|
||||
@ -185,7 +185,7 @@ int BN_hex2bn(BIGNUM **bn, const char *a)
|
||||
/* i is the number of hex digests; */
|
||||
if (bn_expand(ret,i*4) == NULL) goto err;
|
||||
|
||||
j=i; /* least significate 'hex' */
|
||||
j=i; /* least significant 'hex' */
|
||||
m=0;
|
||||
h=0;
|
||||
while (j > 0)
|
||||
@ -236,8 +236,8 @@ int BN_dec2bn(BIGNUM **bn, const char *a)
|
||||
num=i+neg;
|
||||
if (bn == NULL) return(num);
|
||||
|
||||
/* a is the start of the digets, and it is 'i' long.
|
||||
* We chop it into BN_DEC_NUM digets at a time */
|
||||
/* a is the start of the digits, and it is 'i' long.
|
||||
* We chop it into BN_DEC_NUM digits at a time */
|
||||
if (*bn == NULL)
|
||||
{
|
||||
if ((ret=BN_new()) == NULL) return(0);
|
||||
|
@ -185,7 +185,7 @@ void bn_sqr_normal(BN_ULONG *r, BN_ULONG *a, int n, BN_ULONG *tmp)
|
||||
* n must be a power of 2.
|
||||
* We multiply and return the result.
|
||||
* t must be 2*n words in size
|
||||
* We calulate
|
||||
* We calculate
|
||||
* a[0]*b[0]
|
||||
* a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0])
|
||||
* a[1]*b[1]
|
||||
|
@ -183,7 +183,7 @@ int main(int argc, char **argv)
|
||||
#endif
|
||||
|
||||
#ifndef TIMES
|
||||
printf("To get the most acurate results, try to run this\n");
|
||||
printf("To get the most accurate results, try to run this\n");
|
||||
printf("program when this computer is idle.\n");
|
||||
#endif
|
||||
|
||||
|
@ -252,7 +252,7 @@ int main(int argc, char **argv)
|
||||
}
|
||||
|
||||
#ifndef TIMES
|
||||
fprintf(stderr,"To get the most acurate results, try to run this\n");
|
||||
fprintf(stderr,"To get the most accurate results, try to run this\n");
|
||||
fprintf(stderr,"program when this computer is idle.\n");
|
||||
#endif
|
||||
|
||||
|
@ -325,11 +325,11 @@ void usage(void)
|
||||
"des <options> [input-file [output-file]]",
|
||||
"options:",
|
||||
"-v : des(1) version number",
|
||||
"-e : encrypt using sunOS compatible user key to DES key conversion.",
|
||||
"-e : encrypt using SunOS compatible user key to DES key conversion.",
|
||||
"-E : encrypt ",
|
||||
"-d : decrypt using sunOS compatible user key to DES key conversion.",
|
||||
"-d : decrypt using SunOS compatible user key to DES key conversion.",
|
||||
"-D : decrypt ",
|
||||
"-c[ckname] : generate a cbc_cksum using sunOS compatible user key to",
|
||||
"-c[ckname] : generate a cbc_cksum using SunOS compatible user key to",
|
||||
" DES key conversion and output to ckname (stdout default,",
|
||||
" stderr if data being output on stdout). The checksum is",
|
||||
" generated before encryption and after decryption if used",
|
||||
@ -340,10 +340,10 @@ void usage(void)
|
||||
" that is used directly as the des key",
|
||||
"-u[uuname] : input file is uudecoded if -[dD] or output uuencoded data if -[eE]",
|
||||
" (uuname is the filename to put in the uuencode header).",
|
||||
"-b : encrypt using DES in ecb encryption mode, the defaut is cbc mode.",
|
||||
"-3 : encrypt using tripple DES encryption. This uses 2 keys",
|
||||
"-b : encrypt using DES in ecb encryption mode, the default is cbc mode.",
|
||||
"-3 : encrypt using triple DES encryption. This uses 2 keys",
|
||||
" generated from the input key. If the input key is less",
|
||||
" than 8 characters long, this is equivelent to normal",
|
||||
" than 8 characters long, this is equivalent to normal",
|
||||
" encryption. Default is triple cbc, -b makes it triple ecb.",
|
||||
NULL
|
||||
};
|
||||
|
@ -182,14 +182,14 @@
|
||||
#endif
|
||||
|
||||
/* The changes to this macro may help or hinder, depending on the
|
||||
* compiler and the achitecture. gcc2 always seems to do well :-).
|
||||
* compiler and the architecture. gcc2 always seems to do well :-).
|
||||
* Inspired by Dana How <how@isl.stanford.edu>
|
||||
* DO NOT use the alternative version on machines with 8 byte longs.
|
||||
* It does not seem to work on the Alpha, even when DES_LONG is 4
|
||||
* bytes, probably an issue of accessing non-word aligned objects :-( */
|
||||
#ifdef DES_PTR
|
||||
|
||||
/* It recently occured to me that 0^0^0^0^0^0^0 == 0, so there
|
||||
/* It recently occurred to me that 0^0^0^0^0^0^0 == 0, so there
|
||||
* is no reason to not xor all the sub items together. This potentially
|
||||
* saves a register since things can be xored directly into L */
|
||||
|
||||
|
@ -434,7 +434,7 @@ int main(int argc, char **argv)
|
||||
}
|
||||
|
||||
#ifndef TIMES
|
||||
fprintf(stderr,"To get the most acurate results, try to run this\n");
|
||||
fprintf(stderr,"To get the most accurate results, try to run this\n");
|
||||
fprintf(stderr,"program when this computer is idle.\n");
|
||||
#endif
|
||||
|
||||
|
@ -152,7 +152,7 @@ int des_enc_write(int fd, const void *_buf, int len,
|
||||
for (j=0; j<outnum; j+=i)
|
||||
{
|
||||
/* eay 26/08/92 I was not doing writing from where we
|
||||
* got upto. */
|
||||
* got up to. */
|
||||
i=write(fd,(void *)&(outbuf[j]),outnum-j);
|
||||
if (i == -1)
|
||||
{
|
||||
|
@ -9,7 +9,7 @@
|
||||
#include <openssl/ebcdic.h>
|
||||
#endif
|
||||
|
||||
/* This version of crypt has been developed from my MIT compatable
|
||||
/* This version of crypt has been developed from my MIT compatible
|
||||
* DES library.
|
||||
* The library is available at pub/Crypto/DES at ftp.psy.uq.oz.au
|
||||
* Eric Young (eay@cryptsoft.com)
|
||||
@ -19,7 +19,7 @@
|
||||
* I have included directive PARA for shared memory computers.
|
||||
* I have included a directive LONGCRYPT to using this routine to cipher
|
||||
* passwords with more then 8 bytes like HP-UX 10.x it used. The MAXPLEN
|
||||
* definition is the maximum of lenght of password and can changed. I have
|
||||
* definition is the maximum of length of password and can changed. I have
|
||||
* defined 24.
|
||||
*/
|
||||
|
||||
@ -124,8 +124,8 @@ char *des_fcrypt(const char *buf, const char *salt, char *ret)
|
||||
* returns *\0XXXXXXXXX
|
||||
* The \0 makes the string look like * so the pwd "*" would
|
||||
* crypt to "*". This was found when replacing the crypt in
|
||||
* our shared libraries. People found that the disbled
|
||||
* accounts effectivly had no passwd :-(. */
|
||||
* our shared libraries. People found that the disabled
|
||||
* accounts effectively had no passwd :-(. */
|
||||
#ifndef CHARSET_EBCDIC
|
||||
x=ret[0]=((salt[0] == '\0')?'A':salt[0]);
|
||||
Eswap0=con_salt[x]<<2;
|
||||
|
@ -58,7 +58,7 @@
|
||||
|
||||
#include <stdio.h>
|
||||
|
||||
/* This version of crypt has been developed from my MIT compatable
|
||||
/* This version of crypt has been developed from my MIT compatible
|
||||
* DES library.
|
||||
* The library is available at pub/Crypto/DES at ftp.psy.uq.oz.au
|
||||
* Eric Young (eay@cryptsoft.com)
|
||||
|
@ -125,7 +125,7 @@ int des_is_weak_key(const_des_cblock *key)
|
||||
int i;
|
||||
|
||||
for (i=0; i<NUM_WEAK_KEY; i++)
|
||||
/* Added == 0 to comparision, I obviously don't run
|
||||
/* Added == 0 to comparison, I obviously don't run
|
||||
* this section very often :-(, thanks to
|
||||
* engineering@MorningStar.Com for the fix
|
||||
* eay 93/06/29
|
||||
|
@ -186,7 +186,7 @@ int main(int argc, char **argv)
|
||||
#endif
|
||||
|
||||
#ifndef TIMES
|
||||
printf("To get the most acurate results, try to run this\n");
|
||||
printf("To get the most accurate results, try to run this\n");
|
||||
printf("program when this computer is idle.\n");
|
||||
#endif
|
||||
|
||||
|
@ -91,7 +91,7 @@ static ERR_STRING_DATA ERR_str_libraries[]=
|
||||
{ERR_PACK(ERR_LIB_PEM,0,0) ,"PEM routines"},
|
||||
{ERR_PACK(ERR_LIB_ASN1,0,0) ,"asn1 encoding routines"},
|
||||
{ERR_PACK(ERR_LIB_X509,0,0) ,"x509 certificate routines"},
|
||||
{ERR_PACK(ERR_LIB_CONF,0,0) ,"configuation file routines"},
|
||||
{ERR_PACK(ERR_LIB_CONF,0,0) ,"configuration file routines"},
|
||||
{ERR_PACK(ERR_LIB_METH,0,0) ,"X509 lookup 'method' routines"},
|
||||
{ERR_PACK(ERR_LIB_SSL,0,0) ,"SSL routines"},
|
||||
{ERR_PACK(ERR_LIB_RSAREF,0,0) ,"RSAref routines"},
|
||||
|
@ -162,7 +162,7 @@ typedef struct err_state_st
|
||||
#define ERR_GET_REASON(l) (int)((l)&0xfffL)
|
||||
#define ERR_FATAL_ERROR(l) (int)((l)&ERR_R_FATAL)
|
||||
|
||||
/* OS fuctions */
|
||||
/* OS functions */
|
||||
#define SYS_F_FOPEN 1
|
||||
#define SYS_F_CONNECT 2
|
||||
#define SYS_F_GETSERVBYNAME 3
|
||||
|
@ -67,7 +67,7 @@
|
||||
and everything was OK. BUT if user types wrong password
|
||||
BIO_f_cipher outputs only garbage and my function crashes. Yes
|
||||
I can and I should fix my function, but BIO_f_cipher is
|
||||
easy way to add encryption support to many exisiting applications
|
||||
easy way to add encryption support to many existing applications
|
||||
and it's hard to debug and fix them all.
|
||||
|
||||
So I wanted another BIO which would catch the incorrect passwords and
|
||||
@ -80,10 +80,10 @@
|
||||
1) you must somehow separate checksum from actual data.
|
||||
2) you need lot's of memory when reading the file, because you
|
||||
must read to the end of the file and verify the checksum before
|
||||
leting the application to read the data.
|
||||
letting the application to read the data.
|
||||
|
||||
BIO_f_reliable tries to solve both problems, so that you can
|
||||
read and write arbitraly long streams using only fixed amount
|
||||
read and write arbitrary long streams using only fixed amount
|
||||
of memory.
|
||||
|
||||
BIO_f_reliable splits data stream into blocks. Each block is prefixed
|
||||
@ -91,7 +91,7 @@
|
||||
several Kbytes of memory to buffer single block before verifying
|
||||
it's digest.
|
||||
|
||||
BIO_f_reliable goes futher and adds several important capabilities:
|
||||
BIO_f_reliable goes further and adds several important capabilities:
|
||||
|
||||
1) the digest of the block is computed over the whole stream
|
||||
-- so nobody can rearrange the blocks or remove or replace them.
|
||||
@ -110,7 +110,7 @@
|
||||
and then compare the digest output.
|
||||
|
||||
Bad things: BIO_f_reliable knows what's going on in EVP_Digest. I
|
||||
initialy wrote and tested this code on x86 machine and wrote the
|
||||
initially wrote and tested this code on x86 machine and wrote the
|
||||
digests out in machine-dependent order :( There are people using
|
||||
this code and I cannot change this easily without making existing
|
||||
data files unreadable.
|
||||
|
@ -149,7 +149,7 @@ extern "C" {
|
||||
|
||||
/* Type needs to be a bit field
|
||||
* Sub-type needs to be for variations on the method, as in, can it do
|
||||
* arbitary encryption.... */
|
||||
* arbitrary encryption.... */
|
||||
typedef struct evp_pkey_st
|
||||
{
|
||||
int type;
|
||||
@ -343,7 +343,7 @@ typedef struct evp_cipher_ctx_st
|
||||
unsigned char buf[EVP_MAX_IV_LENGTH]; /* saved partial block */
|
||||
int num; /* used by cfb/ofb mode */
|
||||
|
||||
char *app_data; /* aplication stuff */
|
||||
char *app_data; /* application stuff */
|
||||
union {
|
||||
#ifndef NO_RC4
|
||||
struct
|
||||
@ -715,7 +715,7 @@ void EVP_PBE_cleanup(void);
|
||||
#define EVP_R_INPUT_NOT_INITIALIZED 111
|
||||
#define EVP_R_IV_TOO_LARGE 102
|
||||
#define EVP_R_KEYGEN_FAILURE 120
|
||||
#define EVP_R_MISSING_PARMATERS 103
|
||||
#define EVP_R_MISSING_PARAMETERS 103
|
||||
#define EVP_R_NO_DSA_PARAMETERS 116
|
||||
#define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104
|
||||
#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105
|
||||
|
@ -105,7 +105,7 @@ static ERR_STRING_DATA EVP_str_reasons[]=
|
||||
{EVP_R_INPUT_NOT_INITIALIZED ,"input not initialized"},
|
||||
{EVP_R_IV_TOO_LARGE ,"iv too large"},
|
||||
{EVP_R_KEYGEN_FAILURE ,"keygen failure"},
|
||||
{EVP_R_MISSING_PARMATERS ,"missing parmaters"},
|
||||
{EVP_R_MISSING_PARAMETERS ,"missing parameters"},
|
||||
{EVP_R_NO_DSA_PARAMETERS ,"no dsa parameters"},
|
||||
{EVP_R_NO_SIGN_FUNCTION_CONFIGURED ,"no sign function configured"},
|
||||
{EVP_R_NO_VERIFY_FUNCTION_CONFIGURED ,"no verify function configured"},
|
||||
|
@ -231,7 +231,7 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey)
|
||||
case EVP_PKEY_DSA:
|
||||
p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa);
|
||||
|
||||
/* get paramaters and place in AlgorithmIdentifier */
|
||||
/* get parameters and place in AlgorithmIdentifier */
|
||||
len = i2d_DSAparams (pkey->pkey.dsa, NULL);
|
||||
if (!(p = Malloc(len))) {
|
||||
EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
|
||||
|
@ -119,7 +119,7 @@ int EVP_PKEY_copy_parameters(EVP_PKEY *to, EVP_PKEY *from)
|
||||
|
||||
if (EVP_PKEY_missing_parameters(from))
|
||||
{
|
||||
EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARMATERS);
|
||||
EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARAMETERS);
|
||||
goto err;
|
||||
}
|
||||
#ifndef NO_DSA
|
||||
|
@ -56,7 +56,7 @@
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
/* The new form of this macro (check if the a*b == 0) was sugested by
|
||||
/* The new form of this macro (check if the a*b == 0) was suggested by
|
||||
* Colin Plumb <colin@nyx10.cs.du.edu> */
|
||||
/* Removal of the inner if from from Wei Dai 24/4/96 */
|
||||
#define idea_mul(r,a,b,ul) \
|
||||
|
@ -183,7 +183,7 @@ int main(int argc, char **argv)
|
||||
#endif
|
||||
|
||||
#ifndef TIMES
|
||||
printf("To get the most acurate results, try to run this\n");
|
||||
printf("To get the most accurate results, try to run this\n");
|
||||
printf("program when this computer is idle.\n");
|
||||
#endif
|
||||
|
||||
|
@ -64,11 +64,11 @@
|
||||
*
|
||||
* 2.1 eay - Added an 'error in last operation' flag. eay 6-May-98
|
||||
*
|
||||
* 2.0 eay - Fixed a bug that occured when using lh_delete
|
||||
* 2.0 eay - Fixed a bug that occurred when using lh_delete
|
||||
* from inside lh_doall(). As entries were deleted,
|
||||
* the 'table' was 'contract()ed', making some entries
|
||||
* jump from the end of the table to the start, there by
|
||||
* skiping the lh_doall() processing. eay - 4/12/95
|
||||
* skipping the lh_doall() processing. eay - 4/12/95
|
||||
*
|
||||
* 1.9 eay - Fixed a memory leak in lh_free, the LHASH_NODEs
|
||||
* were not being free()ed. 21/11/95
|
||||
|
@ -69,9 +69,9 @@ const char *MD2_version="MD2" OPENSSL_VERSION_PTEXT;
|
||||
|
||||
#define UCHAR unsigned char
|
||||
|
||||
static void md2_block(MD2_CTX *c, unsigned char *d);
|
||||
static void md2_block(MD2_CTX *c, const unsigned char *d);
|
||||
/* The magic S table - I have converted it to hex since it is
|
||||
* basicaly just a random byte string. */
|
||||
* basically just a random byte string. */
|
||||
static MD2_INT S[256]={
|
||||
0x29, 0x2E, 0x43, 0xC9, 0xA2, 0xD8, 0x7C, 0x01,
|
||||
0x3D, 0x36, 0x54, 0xA1, 0xEC, 0xF0, 0x06, 0x13,
|
||||
@ -161,7 +161,7 @@ void MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len)
|
||||
c->num=(int)len;
|
||||
}
|
||||
|
||||
static void md2_block(MD2_CTX *c, unsigned char *d)
|
||||
static void md2_block(MD2_CTX *c, const unsigned char *d)
|
||||
{
|
||||
register MD2_INT t,*sp1,*sp2;
|
||||
register int i,j;
|
||||
|
@ -81,7 +81,7 @@ void md5_block_data_order (MD5_CTX *c, const void *p,int num);
|
||||
/*
|
||||
* *_block_host_order is expected to handle aligned data while
|
||||
* *_block_data_order - unaligned. As algorithm and host (x86)
|
||||
* are in this case of the same "endianess" these two are
|
||||
* are in this case of the same "endianness" these two are
|
||||
* otherwise indistinguishable. But normally you don't want to
|
||||
* call the same function because unaligned access in places
|
||||
* where alignment is expected is usually a "Bad Thing". Indeed,
|
||||
@ -126,7 +126,7 @@ void md5_block_data_order (MD5_CTX *c, const void *p,int num);
|
||||
* Little-endians (Intel and Alpha) feel better without this.
|
||||
* It looks like memcpy does better job than generic
|
||||
* md5_block_data_order on copying-n-aligning input data.
|
||||
* But franlky speaking I didn't expect such result on Alpha.
|
||||
* But frankly speaking I didn't expect such result on Alpha.
|
||||
* On the other hand I've got this with egcs-1.0.2 and if
|
||||
* program is compiled with another (better?) compiler it
|
||||
* might turn out other way around.
|
||||
@ -147,7 +147,7 @@ void md5_block_data_order (MD5_CTX *c, const void *p,int num);
|
||||
*/
|
||||
|
||||
/* As pointed out by Wei Dai <weidai@eskimo.com>, the above can be
|
||||
* simplified to the code below. Wei attributes these optimisations
|
||||
* simplified to the code below. Wei attributes these optimizations
|
||||
* to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
|
||||
*/
|
||||
#define F(b,c,d) ((((c) ^ (d)) & (b)) ^ (d))
|
||||
|
@ -632,7 +632,7 @@ extern "C" {
|
||||
#define OBJ_ripemd160 1L,3L,36L,3L,2L,1L
|
||||
|
||||
/* The name should actually be rsaSignatureWithripemd160, but I'm going
|
||||
* to contiune using the convention I'm using with the other ciphers */
|
||||
* to continue using the convention I'm using with the other ciphers */
|
||||
#define SN_ripemd160WithRSA "RSA-RIPEMD160"
|
||||
#define LN_ripemd160WithRSA "ripemd160WithRSA"
|
||||
#define NID_ripemd160WithRSA 119
|
||||
@ -740,7 +740,7 @@ extern "C" {
|
||||
#define NID_ms_efs 138
|
||||
#define OBJ_ms_efs 1L,3L,6L,1L,4L,1L,311L,10L,3L,4L
|
||||
|
||||
/* Addidional usage: Netscape */
|
||||
/* Additional usage: Netscape */
|
||||
|
||||
#define SN_ns_sgc "nsSGC"
|
||||
#define LN_ns_sgc "Netscape Server Gated Crypto"
|
||||
|
@ -92,7 +92,7 @@ typedef struct bio_ber_struct
|
||||
/* most of the following are used when doing non-blocking IO */
|
||||
/* reading */
|
||||
long num_left; /* number of bytes still to read/write in block */
|
||||
int depth; /* used with idefinite encoding. */
|
||||
int depth; /* used with indefinite encoding. */
|
||||
int finished; /* No more read data */
|
||||
|
||||
/* writting */
|
||||
|
@ -597,7 +597,7 @@ static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value)
|
||||
tmpval = BUF_strdup(value);
|
||||
if(!tmpval) return 0;
|
||||
} else tmpval = NULL;
|
||||
/* Paramter values are case sensitive so leave as is */
|
||||
/* Parameter values are case sensitive so leave as is */
|
||||
mparam = (MIME_PARAM *) Malloc(sizeof(MIME_PARAM));
|
||||
if(!mparam) return 0;
|
||||
mparam->param_name = tmpname;
|
||||
|
@ -250,7 +250,7 @@ typedef struct pkcs7_st
|
||||
#define PKCS7_BINARY 0x80
|
||||
#define PKCS7_NOATTR 0x100
|
||||
|
||||
/* Flags: for compatability with older code */
|
||||
/* Flags: for compatibility with older code */
|
||||
|
||||
#define SMIME_TEXT PKCS7_TEXT
|
||||
#define SMIME_NOCERTS PKCS7_NOCERTS
|
||||
|
@ -497,12 +497,12 @@ static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num)
|
||||
*/
|
||||
/*
|
||||
* I have modified the loading of bytes via RAND_seed() mechanism since
|
||||
* the origional would have been very very CPU intensive since RAND_seed()
|
||||
* the original would have been very very CPU intensive since RAND_seed()
|
||||
* does an MD5 per 16 bytes of input. The cost to digest 16 bytes is the same
|
||||
* as that to digest 56 bytes. So under the old system, a screen of
|
||||
* 1024*768*256 would have been CPU cost of approximatly 49,000 56 byte MD5
|
||||
* 1024*768*256 would have been CPU cost of approximately 49,000 56 byte MD5
|
||||
* digests or digesting 2.7 mbytes. What I have put in place would
|
||||
* be 48 16k MD5 digests, or efectivly 48*16+48 MD5 bytes or 816 kbytes
|
||||
* be 48 16k MD5 digests, or effectively 48*16+48 MD5 bytes or 816 kbytes
|
||||
* or about 3.5 times as much.
|
||||
* - eric
|
||||
*/
|
||||
|
@ -183,7 +183,7 @@ int main(int argc, char **argv)
|
||||
#endif
|
||||
|
||||
#ifndef TIMES
|
||||
printf("To get the most acurate results, try to run this\n");
|
||||
printf("To get the most accurate results, try to run this\n");
|
||||
printf("program when this computer is idle.\n");
|
||||
#endif
|
||||
|
||||
|
@ -183,7 +183,7 @@ int main(int argc, char **argv)
|
||||
#endif
|
||||
|
||||
#ifndef TIMES
|
||||
printf("To get the most acurate results, try to run this\n");
|
||||
printf("To get the most accurate results, try to run this\n");
|
||||
printf("program when this computer is idle.\n");
|
||||
#endif
|
||||
|
||||
|
@ -183,7 +183,7 @@ int main(int argc, char **argv)
|
||||
#endif
|
||||
|
||||
#ifndef TIMES
|
||||
printf("To get the most acurate results, try to run this\n");
|
||||
printf("To get the most accurate results, try to run this\n");
|
||||
printf("program when this computer is idle.\n");
|
||||
#endif
|
||||
|
||||
|
@ -95,7 +95,7 @@ typedef struct rsa_meth_st
|
||||
* to be signed/verified: this allows them to be used. Note: for this to work
|
||||
* the RSA_public_decrypt() and RSA_private_encrypt() should *NOT* be used
|
||||
* RSA_sign(), RSA_verify() should be used instead. Note: for backwards
|
||||
* compatability this functionality is only enabled if the RSA_FLAG_SIGN_VER
|
||||
* compatibility this functionality is only enabled if the RSA_FLAG_SIGN_VER
|
||||
* option is set in 'flags'.
|
||||
*/
|
||||
int (*rsa_sign)(int type, unsigned char *m, unsigned int m_len,
|
||||
|
@ -264,7 +264,7 @@ static int RSA_eay_private_decrypt(int flen, unsigned char *from,
|
||||
goto err;
|
||||
}
|
||||
|
||||
/* This check was for equallity but PGP does evil things
|
||||
/* This check was for equality but PGP does evil things
|
||||
* and chops off the top '0' bytes */
|
||||
if (flen > num)
|
||||
{
|
||||
@ -357,7 +357,7 @@ static int RSA_eay_public_decrypt(int flen, unsigned char *from,
|
||||
goto err;
|
||||
}
|
||||
|
||||
/* This check was for equallity but PGP does evil things
|
||||
/* This check was for equality but PGP does evil things
|
||||
* and chops off the top '0' bytes */
|
||||
if (flen > num)
|
||||
{
|
||||
|
@ -181,7 +181,7 @@ int RSA_verify(int dtype, unsigned char *m, unsigned int m_len,
|
||||
|
||||
|
||||
#ifdef RSA_DEBUG
|
||||
/* put a backward compatability flag in EAY */
|
||||
/* put a backward compatibility flag in EAY */
|
||||
fprintf(stderr,"in(%s) expect(%s)\n",OBJ_nid2ln(sigtype),
|
||||
OBJ_nid2ln(dtype));
|
||||
#endif
|
||||
|
@ -59,7 +59,7 @@
|
||||
/* Code for stacks
|
||||
* Author - Eric Young v 1.0
|
||||
* 1.2 eay 12-Mar-97 - Modified sk_find so that it _DOES_ return the
|
||||
* lowest index for the seached item.
|
||||
* lowest index for the searched item.
|
||||
*
|
||||
* 1.1 eay - Take from netdb and added to SSLeay
|
||||
*
|
||||
|
@ -96,7 +96,7 @@ static unsigned long pthreads_thread_id(void );
|
||||
|
||||
/* usage:
|
||||
* CRYPTO_thread_setup();
|
||||
* applicaion code
|
||||
* application code
|
||||
* CRYPTO_thread_cleanup();
|
||||
*/
|
||||
|
||||
|
@ -379,7 +379,7 @@ DECLARE_STACK_OF(X509_INFO)
|
||||
|
||||
/* The next 2 structures and their 8 routines were sent to me by
|
||||
* Pat Richard <patr@x509.com> and are used to manipulate
|
||||
* Netscapes spki strucutres - usefull if you are writing a CA web page
|
||||
* Netscapes spki structures - useful if you are writing a CA web page
|
||||
*/
|
||||
typedef struct Netscape_spkac_st
|
||||
{
|
||||
@ -901,7 +901,7 @@ int X509_REQ_set_subject_name(X509_REQ *req,X509_NAME *name);
|
||||
int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
|
||||
EVP_PKEY * X509_REQ_get_pubkey(X509_REQ *req);
|
||||
int X509_REQ_extension_nid(int nid);
|
||||
int * X509_REQ_get_extesion_nids(void);
|
||||
int * X509_REQ_get_extension_nids(void);
|
||||
void X509_REQ_set_extension_nids(int *nids);
|
||||
STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req);
|
||||
int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
|
||||
@ -962,7 +962,7 @@ int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
|
||||
char *buf,int len);
|
||||
|
||||
/* NOTE: you should be passsing -1, not 0 as lastpos. The functions that use
|
||||
* lastpos, seach after that position on. */
|
||||
* lastpos, search after that position on. */
|
||||
int X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos);
|
||||
int X509_NAME_get_index_by_OBJ(X509_NAME *name,ASN1_OBJECT *obj,
|
||||
int lastpos);
|
||||
|
@ -188,7 +188,7 @@ int X509_NAME_cmp(X509_NAME *a, X509_NAME *b)
|
||||
|
||||
#ifndef NO_MD5
|
||||
/* I now DER encode the name and hash it. Since I cache the DER encoding,
|
||||
* this is reasonably effiecent. */
|
||||
* this is reasonably efficient. */
|
||||
unsigned long X509_NAME_hash(X509_NAME *x)
|
||||
{
|
||||
unsigned long ret=0;
|
||||
|
@ -132,7 +132,7 @@ int X509_REQ_extension_nid(int req_nid)
|
||||
}
|
||||
}
|
||||
|
||||
int *X509_REQ_get_extesion_nids(void)
|
||||
int *X509_REQ_get_extension_nids(void)
|
||||
{
|
||||
return ext_nids;
|
||||
}
|
||||
|
@ -227,7 +227,7 @@ int X509_TRUST_get_trust(X509_TRUST *xp)
|
||||
static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags)
|
||||
{
|
||||
if(x->aux) return obj_trust(trust->arg1, x, flags);
|
||||
/* we don't have any trust settings: for compatability
|
||||
/* we don't have any trust settings: for compatibility
|
||||
* we return trusted if it is self signed
|
||||
*/
|
||||
X509_check_purpose(x, -1, 0);
|
||||
|
@ -63,7 +63,7 @@ it creates a file "newcert.p12". This command can thus be called after the
|
||||
B<-sign> option. The PKCS#12 file can be imported directly into a browser.
|
||||
If there is an additional argument on the command line it will be used as the
|
||||
"friendly name" for the certificate (which is typically displayed in the browser
|
||||
list box), otherwise the name "My Certifictate" is used.
|
||||
list box), otherwise the name "My Certificate" is used.
|
||||
|
||||
=item B<-sign>, B<-signreq>, B<-xsign>
|
||||
|
||||
|
@ -25,7 +25,7 @@ the appropriate cipherlist.
|
||||
|
||||
=item B<-v>
|
||||
|
||||
verbose option. List ciphers with a complete decsription of the authentication,
|
||||
verbose option. List ciphers with a complete description of the authentication,
|
||||
key exchange, encryption and mac algorithms used along with any key size
|
||||
restrictions and whether the algorithm is classed as an "export" cipher.
|
||||
|
||||
@ -186,7 +186,7 @@ cipher suites using DH, including anonymous DH.
|
||||
|
||||
=item B<ADH>
|
||||
|
||||
anoymous DH cipher suites.
|
||||
anonymous DH cipher suites.
|
||||
|
||||
=item B<3DES>
|
||||
|
||||
@ -313,7 +313,7 @@ Note: these ciphers can also be used in SSL v3.
|
||||
|
||||
=head1 NOTES
|
||||
|
||||
The non ephemeral DH modes are currently unimplimented in OpenSSL
|
||||
The non-ephemeral DH modes are currently unimplemented in OpenSSL
|
||||
because there is no support for DH certificates.
|
||||
|
||||
Some compiled versions of OpenSSL may not include all the ciphers
|
||||
|
@ -49,7 +49,7 @@ instead of calling B<getenv()> directly.
|
||||
It is possible to escape certain characters by using any kind of quote
|
||||
or the B<\> character. By making the last character of a line a B<\>
|
||||
a B<value> string can be spread across multiple lines. In addition
|
||||
the sequences B<\n>, B<\r>, B<\b> and B<\t> are recognised.
|
||||
the sequences B<\n>, B<\r>, B<\b> and B<\t> are recognized.
|
||||
|
||||
=head1 NOTES
|
||||
|
||||
|
@ -308,7 +308,7 @@ just consist of field names and values: for example,
|
||||
|
||||
CN=My Name
|
||||
OU=My Organization
|
||||
emailAddress=someone@somehere.org
|
||||
emailAddress=someone@somewhere.org
|
||||
|
||||
This allows external programs (e.g. GUI based) to generate a template file
|
||||
with all the field names and values and just pass it to B<req>. An example
|
||||
|
@ -111,11 +111,11 @@ print extensive debugging information including a hex dump of all traffic.
|
||||
|
||||
=item B<-nbio_test>
|
||||
|
||||
tests non blocking I/O
|
||||
tests non-blocking I/O
|
||||
|
||||
=item B<-nbio>
|
||||
|
||||
turns on non blocking I/O
|
||||
turns on non-blocking I/O
|
||||
|
||||
=item B<-crlf>
|
||||
|
||||
|
@ -194,7 +194,7 @@ If a connection request is established with an SSL client and neither the
|
||||
B<-www> nor the B<-WWW> option has been used then normally any data received
|
||||
from the client is displayed and any key presses will be sent to the client.
|
||||
|
||||
Certain single letter commands are also recognised which perform special
|
||||
Certain single letter commands are also recognized which perform special
|
||||
operations: these are listed below.
|
||||
|
||||
=over 4
|
||||
|
@ -45,7 +45,7 @@ input by default.
|
||||
|
||||
=item B<-out filename>
|
||||
|
||||
This specifies the output filename to write session information toor standard
|
||||
This specifies the output filename to write session information to or standard
|
||||
output if this option is not specified.
|
||||
|
||||
=item B<-text>
|
||||
|
@ -179,7 +179,7 @@ may be trusted for SSL client but not SSL server use.
|
||||
See the description of the B<verify> utility for more information on the
|
||||
meaning of trust settings.
|
||||
|
||||
Future versions of OpenSSL will recognise trust settings on any
|
||||
Future versions of OpenSSL will recognize trust settings on any
|
||||
certificate: not just root CAs.
|
||||
|
||||
|
||||
|
@ -30,7 +30,7 @@ MD5_Final - MD2 and MD5 hash functions
|
||||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
MD2 and MD5 are cryptographic hashs function with a 128 bit output.
|
||||
MD2 and MD5 are cryptographic hash functions with a 128 bit output.
|
||||
|
||||
MD2() and MD5() compute the MD2 and MD5 message digest of the B<n>
|
||||
bytes at B<d> and place it in B<md> (which must have space for
|
||||
|
@ -413,7 +413,7 @@ next_bit:
|
||||
*(d++) = v[1];
|
||||
|
||||
/* lets populate the random area */
|
||||
/* get the chalenge_length */
|
||||
/* get the challenge_length */
|
||||
i=(cl > SSL3_RANDOM_SIZE)?SSL3_RANDOM_SIZE:cl;
|
||||
memset(d,0,SSL3_RANDOM_SIZE);
|
||||
memcpy(&(d[SSL3_RANDOM_SIZE-i]),&(p[csl+sil]),i);
|
||||
|
@ -245,7 +245,7 @@ int ssl2_connect(SSL *s)
|
||||
/* ERR_clear_error();*/
|
||||
|
||||
/* If we want to cache session-ids in the client
|
||||
* and we sucessfully add the session-id to the
|
||||
* and we successfully add the session-id to the
|
||||
* cache, and there is a callback, then pass it out.
|
||||
* 26/11/96 - eay - only add if not a re-used session.
|
||||
*/
|
||||
@ -368,7 +368,7 @@ static int get_server_hello(SSL *s)
|
||||
*/
|
||||
#endif
|
||||
|
||||
/* we need to do this incase we were trying to reuse a
|
||||
/* we need to do this in case we were trying to reuse a
|
||||
* client session but others are already reusing it.
|
||||
* If this was a new 'blank' session ID, the session-id
|
||||
* length will still be 0 */
|
||||
@ -418,7 +418,7 @@ static int get_server_hello(SSL *s)
|
||||
|
||||
/* In theory we could have ciphers sent back that we
|
||||
* don't want to use but that does not matter since we
|
||||
* will check against the list we origionally sent and
|
||||
* will check against the list we originally sent and
|
||||
* for performance reasons we should not bother to match
|
||||
* the two lists up just to check. */
|
||||
for (i=0; i<sk_SSL_CIPHER_num(cl); i++)
|
||||
@ -768,7 +768,7 @@ static int client_certificate(SSL *s)
|
||||
{
|
||||
/* this is not good. If things have failed it
|
||||
* means there so something wrong with the key.
|
||||
* We will contiune with a 0 length signature
|
||||
* We will continue with a 0 length signature
|
||||
*/
|
||||
}
|
||||
memset(&ctx,0,sizeof(ctx));
|
||||
|
@ -689,7 +689,7 @@ static int server_hello(SSL *s)
|
||||
s->init_off=0;
|
||||
}
|
||||
/* SSL2_ST_SEND_SERVER_HELLO_B */
|
||||
/* If we are using TCP/IP, the performace is bad if we do 2
|
||||
/* If we are using TCP/IP, the performance is bad if we do 2
|
||||
* writes without a read between them. This occurs when
|
||||
* Session-id reuse is used, so I will put in a buffering module
|
||||
*/
|
||||
|
@ -1225,7 +1225,7 @@ fclose(out);
|
||||
|
||||
if ((xn=d2i_X509_NAME(NULL,&q,l)) == NULL)
|
||||
{
|
||||
/* If netscape tollerance is on, ignore errors */
|
||||
/* If netscape tolerance is on, ignore errors */
|
||||
if (s->options & SSL_OP_NETSCAPE_CA_DN_BUG)
|
||||
goto cont;
|
||||
else
|
||||
@ -1258,7 +1258,7 @@ cont:
|
||||
ERR_clear_error();
|
||||
}
|
||||
|
||||
/* we should setup a certficate to return.... */
|
||||
/* we should setup a certificate to return.... */
|
||||
s->s3->tmp.cert_req=1;
|
||||
s->s3->tmp.ctype_num=ctype_num;
|
||||
if (s->s3->tmp.ca_names != NULL)
|
||||
|
@ -571,11 +571,11 @@ int ssl3_alert_code(int code)
|
||||
case SSL_AD_ACCESS_DENIED: return(SSL3_AD_HANDSHAKE_FAILURE);
|
||||
case SSL_AD_DECODE_ERROR: return(SSL3_AD_HANDSHAKE_FAILURE);
|
||||
case SSL_AD_DECRYPT_ERROR: return(SSL3_AD_HANDSHAKE_FAILURE);
|
||||
case SSL_AD_EXPORT_RESTRICION: return(SSL3_AD_HANDSHAKE_FAILURE);
|
||||
case SSL_AD_EXPORT_RESTRICTION: return(SSL3_AD_HANDSHAKE_FAILURE);
|
||||
case SSL_AD_PROTOCOL_VERSION: return(SSL3_AD_HANDSHAKE_FAILURE);
|
||||
case SSL_AD_INSUFFICIENT_SECURITY:return(SSL3_AD_HANDSHAKE_FAILURE);
|
||||
case SSL_AD_INTERNAL_ERROR: return(SSL3_AD_HANDSHAKE_FAILURE);
|
||||
case SSL_AD_USER_CANCLED: return(SSL3_AD_HANDSHAKE_FAILURE);
|
||||
case SSL_AD_USER_CANCELLED: return(SSL3_AD_HANDSHAKE_FAILURE);
|
||||
case SSL_AD_NO_RENEGOTIATION: return(-1); /* Don't send it :-) */
|
||||
default: return(-1);
|
||||
}
|
||||
|
@ -331,7 +331,7 @@ again:
|
||||
/* We now have - encrypted [ MAC [ compressed [ plain ] ] ]
|
||||
* rr->length bytes of encrypted compressed stuff. */
|
||||
|
||||
/* check is not needed I belive */
|
||||
/* check is not needed I believe */
|
||||
if (rr->length > (unsigned int)SSL3_RT_MAX_ENCRYPTED_LENGTH+extra)
|
||||
{
|
||||
al=SSL_AD_RECORD_OVERFLOW;
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
x
Reference in New Issue
Block a user