generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Run util/openssl-format-source -v -c .

Browse Source 
Reviewed-by: Tim Hudson <tjh@openssl.org>
This commit is contained in:
Matt Caswell 2015-01-22 03:29:12 +00:00
parent aae3233e1e
commit ae5c8664e5
1086 changed files with 282460 additions and 283592 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

77
MacOS/GetHTTPS.src/MacSocket.h
View File

@ -5,97 +5,98 @@
extern "C" {
#endif
enum
{
enum {
kMacSocket_TimeoutErr = -2
};
// Since MacSocket does busy waiting, I do a callback while waiting
typedef OSErr (*MacSocket_IdleWaitCallback)(void *);
typedef OSErr(*MacSocket_IdleWaitCallback) (void *);
// Call this before anything else!
OSErr MacSocket_Startup(void);
// Call this to cleanup before quitting
OSErr MacSocket_Shutdown(void);
// Call this to allocate a "socket" (reference number is returned in outSocketNum)
// Note that inDoThreadSwitching is pretty much irrelevant right now, since I ignore it
// Call this to allocate a "socket" (reference number is returned in
// outSocketNum)
// Note that inDoThreadSwitching is pretty much irrelevant right now, since I
// ignore it
// The inTimeoutTicks parameter is applied during reads/writes of data
// The inIdleWaitCallback parameter specifies a callback which is called during busy-waiting periods
// The inIdleWaitCallback parameter specifies a callback which is called
// during busy-waiting periods
// The inUserRefPtr parameter is passed back to the idle-wait callback
OSErr MacSocket_socket(int *outSocketNum,const Boolean inDoThreadSwitching,const long inTimeoutTicks,MacSocket_IdleWaitCallback inIdleWaitCallback,void *inUserRefPtr);
OSErr MacSocket_socket(int *outSocketNum, const Boolean inDoThreadSwitching,
const long inTimeoutTicks,
MacSocket_IdleWaitCallback inIdleWaitCallback,
void *inUserRefPtr);
// Call this to connect to an IP/DNS address
// Note that inTargetAddressAndPort is in "IP:port" format-- e.g. 10.1.1.1:123
OSErr MacSocket_connect(const int inSocketNum,char *inTargetAddressAndPort);
// Note that inTargetAddressAndPort is in "IP:port" format-- e.g.
// 10.1.1.1:123
OSErr MacSocket_connect(const int inSocketNum, char *inTargetAddressAndPort);
// Call this to listen on a port
// Since this a low-performance implementation, I allow a maximum of 1 (one!) incoming request when I listen
OSErr MacSocket_listen(const int inSocketNum,const int inPortNum);
// Since this a low-performance implementation, I allow a maximum of 1 (one!)
// incoming request when I listen
OSErr MacSocket_listen(const int inSocketNum, const int inPortNum);
// Call this to close a socket
OSErr MacSocket_close(const int inSocketNum);
// Call this to receive data on a socket
// Most parameters' purpose are obvious-- except maybe "inBlock" which controls whether I wait for data or return immediately
int MacSocket_recv(const int inSocketNum,void *outBuff,int outBuffLength,const Boolean inBlock);
// Most parameters' purpose are obvious-- except maybe "inBlock" which
// controls whether I wait for data or return immediately
int MacSocket_recv(const int inSocketNum, void *outBuff, int outBuffLength,
const Boolean inBlock);
// Call this to send data on a socket
int MacSocket_send(const int inSocketNum,const void *inBuff,int inBuffLength);
int MacSocket_send(const int inSocketNum, const void *inBuff,
int inBuffLength);
// If zero bytes were read in a call to MacSocket_recv(), it may be that the remote end has done a half-close
// If zero bytes were read in a call to MacSocket_recv(), it may be that the
// remote end has done a half-close
// This function will let you check whether that's true or not
Boolean MacSocket_RemoteEndIsClosing(const int inSocketNum);
// Call this to see if the listen has completed after a call to MacSocket_listen()
// Call this to see if the listen has completed after a call to
// MacSocket_listen()
Boolean MacSocket_ListenCompleted(const int inSocketNum);
// These really aren't very useful anymore
Boolean MacSocket_LocalEndIsOpen(const int inSocketNum);
Boolean MacSocket_RemoteEndIsOpen(const int inSocketNum);
// You may wish to change the userRefPtr for a socket callback-- use this to
// do it
// You may wish to change the userRefPtr for a socket callback-- use this to do it
void MacSocket_SetUserRefPtr(const int inSocketNum,void *inNewRefPtr);
void MacSocket_SetUserRefPtr(const int inSocketNum, void *inNewRefPtr);
// Call these to get the socket's IP:port descriptor
void MacSocket_GetLocalIPAndPort(const int inSocketNum,char *outIPAndPort,const int inIPAndPortLength);
void MacSocket_GetRemoteIPAndPort(const int inSocketNum,char *outIPAndPort,const int inIPAndPortLength);
void MacSocket_GetLocalIPAndPort(const int inSocketNum, char *outIPAndPort,
const int inIPAndPortLength);
void MacSocket_GetRemoteIPAndPort(const int inSocketNum, char *outIPAndPort,
const int inIPAndPortLength);
// Call this to get error info from a socket
void MacSocket_GetSocketErrorInfo(const int inSocketNum,int *outSocketErrCode,char *outSocketErrString,const int inSocketErrStringMaxLength);
void MacSocket_GetSocketErrorInfo(const int inSocketNum,
int *outSocketErrCode,
char *outSocketErrString,
const int inSocketErrStringMaxLength);
#ifdef __cplusplus

31
MacOS/Randomizer.h
View File

@ -4,28 +4,27 @@
#include <MacTypes.h>
class CRandomizer
{
public:
CRandomizer (void);
void PeriodicAction (void);
class CRandomizer {
public:
CRandomizer(void);
void PeriodicAction(void);
private:
private:
// Private calls
void AddTimeSinceMachineStartup (void);
void AddAbsoluteSystemStartupTime (void);
void AddAppRunningTime (void);
void AddStartupVolumeInfo (void);
void AddFiller (void);
void AddTimeSinceMachineStartup(void);
void AddAbsoluteSystemStartupTime(void);
void AddAppRunningTime(void);
void AddStartupVolumeInfo(void);
void AddFiller(void);
void AddCurrentMouse (void);
void AddNow (double millisecondUncertainty);
void AddBytes (void *data, long size, double entropy);
void AddCurrentMouse(void);
void AddNow(double millisecondUncertainty);
void AddBytes(void *data, long size, double entropy);
void GetTimeBaseResolution (void);
unsigned long SysTimer (void);
void GetTimeBaseResolution(void);
unsigned long SysTimer(void);
// System Info
bool mSupportsLargeVolumes;

4
MacOS/_MWERKS_GUSI_prefix.h
View File

@ -1,9 +1,9 @@
#include <MacHeaders.h>
#define B_ENDIAN
#ifdef __POWERPC__
#pragma longlong on
# pragma longlong on
#endif
#if 1
#define MAC_OS_GUSI_SOURCE
# define MAC_OS_GUSI_SOURCE
#endif
#define MONOLITH

4
MacOS/_MWERKS_prefix.h
View File

@ -1,9 +1,9 @@
#include <MacHeaders.h>
#define B_ENDIAN
#ifdef __POWERPC__
#pragma longlong on
# pragma longlong on
#endif
#if 0
#define MAC_OS_GUSI_SOURCE
# define MAC_OS_GUSI_SOURCE
#endif
#define MONOLITH

136
MacOS/opensslconf.h
View File

@ -1,116 +1,126 @@
/* MacOS/opensslconf.h */
#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
#define OPENSSLDIR "/usr/local/ssl"
#endif
# if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
# define OPENSSLDIR "/usr/local/ssl"
# endif
#endif
#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
#define IDEA_INT unsigned int
# define IDEA_INT unsigned int
#endif
#if defined(HEADER_MD2_H) && !defined(MD2_INT)
#define MD2_INT unsigned int
# define MD2_INT unsigned int
#endif
#if defined(HEADER_RC2_H) && !defined(RC2_INT)
/* I need to put in a mod for the alpha - eay */
#define RC2_INT unsigned int
# define RC2_INT unsigned int
#endif
#if defined(HEADER_RC4_H)
#if !defined(RC4_INT)
/* using int types make the structure larger but make the code faster
* on most boxes I have tested - up to %20 faster. */
# if !defined(RC4_INT)
/*
* using int types make the structure larger but make the code faster on most
* boxes I have tested - up to %20 faster.
*/
/*-
* I don't know what does "most" mean, but declaring "int" is a must on:
* - Intel P6 because partial register stalls are very expensive;
* - elder Alpha because it lacks byte load/store instructions;
*/
#define RC4_INT unsigned char
#endif
#if !defined(RC4_CHUNK)
# define RC4_INT unsigned char
# endif
# if !defined(RC4_CHUNK)
/*
* This enables code handling data aligned at natural CPU word
* boundary. See crypto/rc4/rc4_enc.c for further details.
*/
#define RC4_CHUNK unsigned long
#endif
# define RC4_CHUNK unsigned long
# endif
#endif
#if defined(HEADER_DES_H) && !defined(DES_LONG)
/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
* %20 speed up (longs are 8 bytes, int's are 4). */
#ifndef DES_LONG
#define DES_LONG unsigned long
#endif
/*
* If this is set to 'unsigned int' on a DEC Alpha, this gives about a %20
* speed up (longs are 8 bytes, int's are 4).
*/
# ifndef DES_LONG
# define DES_LONG unsigned long
# endif
#endif
#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
#define CONFIG_HEADER_BN_H
#if __option(longlong)
# define CONFIG_HEADER_BN_H
# if __option(longlong)
# define BN_LLONG
#else
# else
# undef BN_LLONG
#endif
# endif
/* Should we define BN_DIV2W here? */
/* Only one for the following should be defined */
/* The prime number generation stuff may not work when
* EIGHT_BIT but I don't care since I've only used this mode
* for debuging the bignum libraries */
#undef SIXTY_FOUR_BIT_LONG
#undef SIXTY_FOUR_BIT
#define THIRTY_TWO_BIT
#undef SIXTEEN_BIT
#undef EIGHT_BIT
/*
* The prime number generation stuff may not work when EIGHT_BIT but I don't
* care since I've only used this mode for debuging the bignum libraries
*/
# undef SIXTY_FOUR_BIT_LONG
# undef SIXTY_FOUR_BIT
# define THIRTY_TWO_BIT
# undef SIXTEEN_BIT
# undef EIGHT_BIT
#endif
#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
#define CONFIG_HEADER_RC4_LOCL_H
/* if this is defined data[i] is used instead of *data, this is a %20
* speedup on x86 */
#undef RC4_INDEX
# define CONFIG_HEADER_RC4_LOCL_H
/*
* if this is defined data[i] is used instead of *data, this is a %20 speedup
* on x86
*/
# undef RC4_INDEX
#endif
#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
#define CONFIG_HEADER_BF_LOCL_H
#define BF_PTR
# define CONFIG_HEADER_BF_LOCL_H
# define BF_PTR
#endif /* HEADER_BF_LOCL_H */
#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
#define CONFIG_HEADER_DES_LOCL_H
/* the following is tweaked from a config script, that is why it is a
* protected undef/define */
#ifndef DES_PTR
#define DES_PTR
#endif
# define CONFIG_HEADER_DES_LOCL_H
/*
* the following is tweaked from a config script, that is why it is a
* protected undef/define
*/
# ifndef DES_PTR
# define DES_PTR
# endif
/* This helps C compiler generate the correct code for multiple functional
/*
* This helps C compiler generate the correct code for multiple functional
* units. It reduces register dependancies at the expense of 2 more
* registers */
#ifndef DES_RISC1
#define DES_RISC1
#endif
* registers
*/
# ifndef DES_RISC1
# define DES_RISC1
# endif
#ifndef DES_RISC2
#undef DES_RISC2
#endif
#if defined(DES_RISC1) && defined(DES_RISC2)
YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
#endif
/* Unroll the inner loop, this sometimes helps, sometimes hinders.
* Very mucy CPU dependant */
#ifndef DES_UNROLL
#define DES_UNROLL
#endif
# ifndef DES_RISC2
# undef DES_RISC2
# endif
# if defined(DES_RISC1) && defined(DES_RISC2)
YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED ! !!!!
# endif
/*
* Unroll the inner loop, this sometimes helps, sometimes hinders. Very mucy
* CPU dependant
*/
# ifndef DES_UNROLL
# define DES_UNROLL
# endif
#endif /* HEADER_DES_LOCL_H */
#ifndef __POWERPC__
#define MD32_XARRAY
# define MD32_XARRAY
#endif

104
apps/app_rand.c
View File

@ -115,44 +115,44 @@
#include <openssl/bio.h>
#include <openssl/rand.h>
static int seeded = 0;
static int egdsocket = 0;
int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn)
{
{
int consider_randfile = (file == NULL);
char buffer[200];
#ifdef OPENSSL_SYS_WINDOWS
BIO_printf(bio_e,"Loading 'screen' into random state -");
BIO_printf(bio_e, "Loading 'screen' into random state -");
BIO_flush(bio_e);
RAND_screen();
BIO_printf(bio_e," done\n");
BIO_printf(bio_e, " done\n");
#endif
if (file == NULL)
file = RAND_file_name(buffer, sizeof buffer);
else if (RAND_egd(file) > 0)
{
/* we try if the given filename is an EGD socket.
if it is, we don't write anything back to the file. */
else if (RAND_egd(file) > 0) {
/*
* we try if the given filename is an EGD socket. if it is, we don't
* write anything back to the file.
*/
egdsocket = 1;
return 1;
}
if (file == NULL || !RAND_load_file(file, -1))
{
if (RAND_status() == 0)
{
if (!dont_warn)
{
BIO_printf(bio_e,"unable to load 'random state'\n");
BIO_printf(bio_e,"This means that the random number generator has not been seeded\n");
BIO_printf(bio_e,"with much random data.\n");
if (consider_randfile) /* explanation does not apply when a file is explicitly named */
{
BIO_printf(bio_e,"Consider setting the RANDFILE environment variable to point at a file that\n");
BIO_printf(bio_e,"'random' data can be kept in (the file will be overwritten).\n");
if (file == NULL || !RAND_load_file(file, -1)) {
if (RAND_status() == 0) {
if (!dont_warn) {
BIO_printf(bio_e, "unable to load 'random state'\n");
BIO_printf(bio_e,
"This means that the random number generator has not been seeded\n");
BIO_printf(bio_e, "with much random data.\n");
if (consider_randfile) { /* explanation does not apply when a
* file is explicitly named */
BIO_printf(bio_e,
"Consider setting the RANDFILE environment variable to point at a file that\n");
BIO_printf(bio_e,
"'random' data can be kept in (the file will be overwritten).\n");
}
}
return 0;
@ -160,59 +160,61 @@ int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn)
}
seeded = 1;
return 1;
}
}
long app_RAND_load_files(char *name)
{
char *p,*n;
{
char *p, *n;
int last;
long tot=0;
long tot = 0;
int egd;
for (;;)
{
last=0;
for (p=name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++);
if (*p == '\0') last=1;
*p='\0';
n=name;
name=p+1;
if (*n == '\0') break;
for (;;) {
last = 0;
for (p = name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++) ;
if (*p == '\0')
last = 1;
*p = '\0';
n = name;
name = p + 1;
if (*n == '\0')
break;
egd=RAND_egd(n);
egd = RAND_egd(n);
if (egd > 0)
tot+=egd;
tot += egd;
else
tot+=RAND_load_file(n,-1);
if (last) break;
tot += RAND_load_file(n, -1);
if (last)
break;
}
if (tot > 512)
app_RAND_allow_write_file();
return(tot);
}
return (tot);
}
int app_RAND_write_file(const char *file, BIO *bio_e)
{
{
char buffer[200];
if (egdsocket || !seeded)
/* If we did not manage to read the seed file,
* we should not write a low-entropy seed file back --
* it would suppress a crucial warning the next time
* we want to use it. */
/*
* If we did not manage to read the seed file, we should not write a
* low-entropy seed file back -- it would suppress a crucial warning
* the next time we want to use it.
*/
return 0;
if (file == NULL)
file = RAND_file_name(buffer, sizeof buffer);
if (file == NULL || !RAND_write_file(file))
{
BIO_printf(bio_e,"unable to write 'random state'\n");
if (file == NULL || !RAND_write_file(file)) {
BIO_printf(bio_e, "unable to write 'random state'\n");
return 0;
}
return 1;
}
}
void app_RAND_allow_write_file(void)
{
{
seeded = 1;
}
}

2306
apps/apps.c
View File

File diff suppressed because it is too large Load Diff

238
apps/apps.h
View File

@ -110,75 +110,76 @@
*/
#ifndef HEADER_APPS_H
#define HEADER_APPS_H
# define HEADER_APPS_H
#include "e_os.h"
# include "e_os.h"
#include <openssl/bio.h>
#include <openssl/x509.h>
#include <openssl/lhash.h>
#include <openssl/conf.h>
#include <openssl/txt_db.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
#ifndef OPENSSL_NO_OCSP
#include <openssl/ocsp.h>
#endif
#include <openssl/ossl_typ.h>
# include <openssl/bio.h>
# include <openssl/x509.h>
# include <openssl/lhash.h>
# include <openssl/conf.h>
# include <openssl/txt_db.h>
# ifndef OPENSSL_NO_ENGINE
# include <openssl/engine.h>
# endif
# ifndef OPENSSL_NO_OCSP
# include <openssl/ocsp.h>
# endif
# include <openssl/ossl_typ.h>
int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn);
int app_RAND_write_file(const char *file, BIO *bio_e);
/* When `file' is NULL, use defaults.
* `bio_e' is for error messages. */
/*
* When `file' is NULL, use defaults. `bio_e' is for error messages.
*/
void app_RAND_allow_write_file(void);
long app_RAND_load_files(char *file); /* `file' is a list of files to read,
* separated by LIST_SEPARATOR_CHAR
* (see e_os.h). The string is
* destroyed! */
#ifndef MONOLITH
# ifndef MONOLITH
#define MAIN(a,v) main(a,v)
# define MAIN(a,v) main(a,v)
#ifndef NON_MAIN
CONF *config=NULL;
BIO *bio_err=NULL;
#else
# ifndef NON_MAIN
CONF *config = NULL;
BIO *bio_err = NULL;
# else
extern CONF *config;
extern BIO *bio_err;
#endif
# endif
#else
# else
#define MAIN(a,v) PROG(a,v)
# define MAIN(a,v) PROG(a,v)
extern CONF *config;
extern char *default_config_file;
extern BIO *bio_err;
#endif
# endif
#ifndef OPENSSL_SYS_NETWARE
#include <signal.h>
#endif
# ifndef OPENSSL_SYS_NETWARE
# include <signal.h>
# endif
#ifdef SIGPIPE
#define do_pipe_sig() signal(SIGPIPE,SIG_IGN)
#else
#define do_pipe_sig()
#endif
# ifdef SIGPIPE
# define do_pipe_sig() signal(SIGPIPE,SIG_IGN)
# else
# define do_pipe_sig()
# endif
#ifdef OPENSSL_NO_COMP
#define zlib_cleanup()
#else
#define zlib_cleanup() COMP_zlib_cleanup()
#endif
# ifdef OPENSSL_NO_COMP
# define zlib_cleanup()
# else
# define zlib_cleanup() COMP_zlib_cleanup()
# endif
#if defined(MONOLITH) && !defined(OPENSSL_C)
# if defined(MONOLITH) && !defined(OPENSSL_C)
# define apps_startup() \
do_pipe_sig()
# define apps_shutdown()
#else
# else
# ifndef OPENSSL_NO_ENGINE
# define apps_startup() \
do { do_pipe_sig(); CRYPTO_malloc_init(); \
@ -202,30 +203,26 @@ extern BIO *bio_err;
RAND_cleanup(); \
ERR_free_strings(); zlib_cleanup(); } while(0)
# endif
#endif
# endif
#if defined(OPENSSL_SYSNAME_WIN32) || defined(OPENSSL_SYSNAME_WINCE)
# if defined(OPENSSL_SYSNAME_WIN32) || defined(OPENSSL_SYSNAME_WINCE)
# define openssl_fdset(a,b) FD_SET((unsigned int)a, b)
#else
# else
# define openssl_fdset(a,b) FD_SET(a, b)
#endif
# endif
typedef struct args_st
{
typedef struct args_st {
char **data;
int count;
} ARGS;
} ARGS;
#define PW_MIN_LENGTH 4
typedef struct pw_cb_data
{
# define PW_MIN_LENGTH 4
typedef struct pw_cb_data {
const void *password;
const char *prompt_info;
} PW_CB_DATA;
} PW_CB_DATA;
int password_callback(char *buf, int bufsiz, int verify,
PW_CB_DATA *cb_data);
int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_data);
int setup_ui_method(void);
void destroy_ui_method(void);
@ -233,12 +230,13 @@ void destroy_ui_method(void);
int should_retry(int i);
int args_from_file(char *file, int *argc, char **argv[]);
int str2fmt(char *s);
void program_name(char *in,char *out,int size);
int chopup_args(ARGS *arg,char *buf, int *argc, char **argv[]);
#ifdef HEADER_X509_H
void program_name(char *in, char *out, int size);
int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[]);
# ifdef HEADER_X509_H
int dump_cert_text(BIO *out, X509 *x);
void print_name(BIO *out, const char *title, X509_NAME *nm, unsigned long lflags);
#endif
void print_name(BIO *out, const char *title, X509_NAME *nm,
unsigned long lflags);
# endif
int set_cert_ex(unsigned long *flags, const char *arg);
int set_name_ex(unsigned long *flags, const char *arg);
int set_ext_copy(int *copy_type, const char *arg);
@ -255,21 +253,23 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
const char *pass, ENGINE *e, const char *key_descrip);
STACK_OF(X509) *load_certs(BIO *err, const char *file, int format,
const char *pass, ENGINE *e, const char *cert_descrip);
const char *pass, ENGINE *e,
const char *cert_descrip);
STACK_OF(X509_CRL) *load_crls(BIO *err, const char *file, int format,
const char *pass, ENGINE *e, const char *cert_descrip);
const char *pass, ENGINE *e,
const char *cert_descrip);
X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath);
#ifndef OPENSSL_NO_ENGINE
# ifndef OPENSSL_NO_ENGINE
ENGINE *setup_engine(BIO *err, const char *engine, int debug);
#endif
# endif
#ifndef OPENSSL_NO_OCSP
# ifndef OPENSSL_NO_OCSP
OCSP_RESPONSE *process_responder(BIO *err, OCSP_REQUEST *req,
const char *host, const char *path,
const char *port, int use_ssl,
const STACK_OF(CONF_VALUE) *headers,
int req_timeout);
#endif
# endif
int load_config(BIO *err, CONF *cnf);
char *make_config_name(void);
@ -278,38 +278,39 @@ char *make_config_name(void);
int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
ASN1_GENERALIZEDTIME **pinvtm, const char *str);
#define DB_type 0
#define DB_exp_date 1
#define DB_rev_date 2
#define DB_serial 3 /* index - unique */
#define DB_file 4
#define DB_name 5 /* index - unique when active and not disabled */
#define DB_NUMBER 6
# define DB_type 0
# define DB_exp_date 1
# define DB_rev_date 2
# define DB_serial 3 /* index - unique */
# define DB_file 4
# define DB_name 5 /* index - unique when active and not
* disabled */
# define DB_NUMBER 6
#define DB_TYPE_REV 'R'
#define DB_TYPE_EXP 'E'
#define DB_TYPE_VAL 'V'
# define DB_TYPE_REV 'R'
# define DB_TYPE_EXP 'E'
# define DB_TYPE_VAL 'V'
typedef struct db_attr_st
{
typedef struct db_attr_st {
int unique_subject;
} DB_ATTR;
typedef struct ca_db_st
{
} DB_ATTR;
typedef struct ca_db_st {
DB_ATTR attributes;
TXT_DB *db;
} CA_DB;
} CA_DB;
BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai);
int save_serial(char *serialfile, char *suffix, BIGNUM *serial, ASN1_INTEGER **retai);
int save_serial(char *serialfile, char *suffix, BIGNUM *serial,
ASN1_INTEGER **retai);
int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix);
int rand_serial(BIGNUM *b, ASN1_INTEGER *ai);
CA_DB *load_index(char *dbfile, DB_ATTR *dbattr);
int index_index(CA_DB *db);
int save_index(const char *dbfile, const char *suffix, CA_DB *db);
int rotate_index(const char *dbfile, const char *new_suffix, const char *old_suffix);
int rotate_index(const char *dbfile, const char *new_suffix,
const char *old_suffix);
void free_index(CA_DB *db);
#define index_name_cmp_noconst(a, b) \
# define index_name_cmp_noconst(a, b) \
index_name_cmp((const OPENSSL_CSTRING *)CHECKED_PTR_OF(OPENSSL_STRING, a), \
(const OPENSSL_CSTRING *)CHECKED_PTR_OF(OPENSSL_STRING, b))
int index_name_cmp(const OPENSSL_CSTRING *a, const OPENSSL_CSTRING *b);
@ -329,59 +330,58 @@ int do_X509_REQ_sign(BIO *err, X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md,
STACK_OF(OPENSSL_STRING) *sigopts);
int do_X509_CRL_sign(BIO *err, X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md,
STACK_OF(OPENSSL_STRING) *sigopts);
#ifndef OPENSSL_NO_PSK
# ifndef OPENSSL_NO_PSK
extern char *psk_key;
#endif
#ifndef OPENSSL_NO_JPAKE
# endif
# ifndef OPENSSL_NO_JPAKE
void jpake_client_auth(BIO *out, BIO *conn, const char *secret);
void jpake_server_auth(BIO *out, BIO *conn, const char *secret);
#endif
# endif
#ifndef OPENSSL_NO_TLSEXT
# ifndef OPENSSL_NO_TLSEXT
unsigned char *next_protos_parse(unsigned short *outlen, const char *in);
#endif /* ndef OPENSSL_NO_TLSEXT */
# endif /* ndef OPENSSL_NO_TLSEXT */
void print_cert_checks(BIO *bio, X509 *x,
const char *checkhost,
const char *checkemail,
const char *checkip);
const char *checkemail, const char *checkip);
void store_setup_crl_download(X509_STORE *st);
#define FORMAT_UNDEF 0
#define FORMAT_ASN1 1
#define FORMAT_TEXT 2
#define FORMAT_PEM 3
#define FORMAT_NETSCAPE 4
#define FORMAT_PKCS12 5
#define FORMAT_SMIME 6
#define FORMAT_ENGINE 7
#define FORMAT_IISSGC 8 /* XXX this stupid macro helps us to avoid
# define FORMAT_UNDEF 0
# define FORMAT_ASN1 1
# define FORMAT_TEXT 2
# define FORMAT_PEM 3
# define FORMAT_NETSCAPE 4
# define FORMAT_PKCS12 5
# define FORMAT_SMIME 6
# define FORMAT_ENGINE 7
# define FORMAT_IISSGC 8 /* XXX this stupid macro helps us to avoid
* adding yet another param to load_*key() */
#define FORMAT_PEMRSA 9 /* PEM RSAPubicKey format */
#define FORMAT_ASN1RSA 10 /* DER RSAPubicKey format */
#define FORMAT_MSBLOB 11 /* MS Key blob format */
#define FORMAT_PVK 12 /* MS PVK file format */
#define FORMAT_HTTP 13 /* Download using HTTP */
# define FORMAT_PEMRSA 9 /* PEM RSAPubicKey format */
# define FORMAT_ASN1RSA 10 /* DER RSAPubicKey format */
# define FORMAT_MSBLOB 11 /* MS Key blob format */
# define FORMAT_PVK 12 /* MS PVK file format */
# define FORMAT_HTTP 13 /* Download using HTTP */
#define EXT_COPY_NONE 0
#define EXT_COPY_ADD 1
#define EXT_COPY_ALL 2
# define EXT_COPY_NONE 0
# define EXT_COPY_ADD 1
# define EXT_COPY_ALL 2
#define NETSCAPE_CERT_HDR "certificate"
# define NETSCAPE_CERT_HDR "certificate"
#define APP_PASS_LEN 1024
# define APP_PASS_LEN 1024
#define SERIAL_RAND_BITS 64
# define SERIAL_RAND_BITS 64
int app_isdir(const char *);
int raw_read_stdin(void *,int);
int raw_write_stdout(const void *,int);
int raw_read_stdin(void *, int);
int raw_write_stdout(const void *, int);
#define TM_START 0
#define TM_STOP 1
double app_tminterval (int stop,int usertime);
# define TM_START 0
# define TM_STOP 1
double app_tminterval(int stop, int usertime);
#define OPENSSL_NO_SSL_INTERN
# define OPENSSL_NO_SSL_INTERN
#endif

372
apps/asn1pars.c
View File

@ -56,8 +56,9 @@
* [including the GNU Public Licence.]
*/
/* A nice addition from Dr Stephen Henson <steve@openssl.org> to
* add the -strparse option which parses nested binary structures
/*
* A nice addition from Dr Stephen Henson <steve@openssl.org> to add the
* -strparse option which parses nested binary structures
*/
#include <stdio.h>
@ -86,145 +87,134 @@ int MAIN(int, char **);
static int do_generate(BIO *bio, char *genstr, char *genconf, BUF_MEM *buf);
int MAIN(int argc, char **argv)
{
int i,badops=0,offset=0,ret=1,j;
unsigned int length=0;
long num,tmplen;
BIO *in=NULL,*out=NULL,*b64=NULL, *derout = NULL;
int informat,indent=0, noout = 0, dump = 0;
char *infile=NULL,*str=NULL,*prog,*oidfile=NULL, *derfile=NULL;
char *genstr=NULL, *genconf=NULL;
{
int i, badops = 0, offset = 0, ret = 1, j;
unsigned int length = 0;
long num, tmplen;
BIO *in = NULL, *out = NULL, *b64 = NULL, *derout = NULL;
int informat, indent = 0, noout = 0, dump = 0;
char *infile = NULL, *str = NULL, *prog, *oidfile = NULL, *derfile = NULL;
char *genstr = NULL, *genconf = NULL;
unsigned char *tmpbuf;
const unsigned char *ctmpbuf;
BUF_MEM *buf=NULL;
STACK_OF(OPENSSL_STRING) *osk=NULL;
ASN1_TYPE *at=NULL;
BUF_MEM *buf = NULL;
STACK_OF(OPENSSL_STRING) *osk = NULL;
ASN1_TYPE *at = NULL;
informat=FORMAT_PEM;
informat = FORMAT_PEM;
apps_startup();
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
if (!load_config(bio_err, NULL))
goto end;
prog=argv[0];
prog = argv[0];
argc--;
argv++;
if ((osk=sk_OPENSSL_STRING_new_null()) == NULL)
{
BIO_printf(bio_err,"Memory allocation failure\n");
if ((osk = sk_OPENSSL_STRING_new_null()) == NULL) {
BIO_printf(bio_err, "Memory allocation failure\n");
goto end;
}
while (argc >= 1)
{
if (strcmp(*argv,"-inform") == 0)
{
if (--argc < 1) goto bad;
informat=str2fmt(*(++argv));
}
else if (strcmp(*argv,"-in") == 0)
{
if (--argc < 1) goto bad;
infile= *(++argv);
}
else if (strcmp(*argv,"-out") == 0)
{
if (--argc < 1) goto bad;
derfile= *(++argv);
}
else if (strcmp(*argv,"-i") == 0)
{
indent=1;
}
else if (strcmp(*argv,"-noout") == 0) noout = 1;
else if (strcmp(*argv,"-oid") == 0)
{
if (--argc < 1) goto bad;
oidfile= *(++argv);
}
else if (strcmp(*argv,"-offset") == 0)
{
if (--argc < 1) goto bad;
offset= atoi(*(++argv));
}
else if (strcmp(*argv,"-length") == 0)
{
if (--argc < 1) goto bad;
length= atoi(*(++argv));
if (length == 0) goto bad;
}
else if (strcmp(*argv,"-dump") == 0)
{
dump= -1;
}
else if (strcmp(*argv,"-dlimit") == 0)
{
if (--argc < 1) goto bad;
dump= atoi(*(++argv));
if (dump <= 0) goto bad;
}
else if (strcmp(*argv,"-strparse") == 0)
{
if (--argc < 1) goto bad;
sk_OPENSSL_STRING_push(osk,*(++argv));
}
else if (strcmp(*argv,"-genstr") == 0)
{
if (--argc < 1) goto bad;
genstr= *(++argv);
}
else if (strcmp(*argv,"-genconf") == 0)
{
if (--argc < 1) goto bad;
genconf= *(++argv);
}
else
{
BIO_printf(bio_err,"unknown option %s\n",*argv);
badops=1;
while (argc >= 1) {
if (strcmp(*argv, "-inform") == 0) {
if (--argc < 1)
goto bad;
informat = str2fmt(*(++argv));
} else if (strcmp(*argv, "-in") == 0) {
if (--argc < 1)
goto bad;
infile = *(++argv);
} else if (strcmp(*argv, "-out") == 0) {
if (--argc < 1)
goto bad;
derfile = *(++argv);
} else if (strcmp(*argv, "-i") == 0) {
indent = 1;
} else if (strcmp(*argv, "-noout") == 0)
noout = 1;
else if (strcmp(*argv, "-oid") == 0) {
if (--argc < 1)
goto bad;
oidfile = *(++argv);
} else if (strcmp(*argv, "-offset") == 0) {
if (--argc < 1)
goto bad;
offset = atoi(*(++argv));
} else if (strcmp(*argv, "-length") == 0) {
if (--argc < 1)
goto bad;
length = atoi(*(++argv));
if (length == 0)
goto bad;
} else if (strcmp(*argv, "-dump") == 0) {
dump = -1;
} else if (strcmp(*argv, "-dlimit") == 0) {
if (--argc < 1)
goto bad;
dump = atoi(*(++argv));
if (dump <= 0)
goto bad;
} else if (strcmp(*argv, "-strparse") == 0) {
if (--argc < 1)
goto bad;
sk_OPENSSL_STRING_push(osk, *(++argv));
} else if (strcmp(*argv, "-genstr") == 0) {
if (--argc < 1)
goto bad;
genstr = *(++argv);
} else if (strcmp(*argv, "-genconf") == 0) {
if (--argc < 1)
goto bad;
genconf = *(++argv);
} else {
BIO_printf(bio_err, "unknown option %s\n", *argv);
badops = 1;
break;
}
argc--;
argv++;
}
if (badops)
{
bad:
BIO_printf(bio_err,"%s [options] <infile\n",prog);
BIO_printf(bio_err,"where options are\n");
BIO_printf(bio_err," -inform arg input format - one of DER PEM\n");
BIO_printf(bio_err," -in arg input file\n");
BIO_printf(bio_err," -out arg output file (output format is always DER\n");
BIO_printf(bio_err," -noout arg don't produce any output\n");
BIO_printf(bio_err," -offset arg offset into file\n");
BIO_printf(bio_err," -length arg length of section in file\n");
BIO_printf(bio_err," -i indent entries\n");
BIO_printf(bio_err," -dump dump unknown data in hex form\n");
BIO_printf(bio_err," -dlimit arg dump the first arg bytes of unknown data in hex form\n");
BIO_printf(bio_err," -oid file file of extra oid definitions\n");
BIO_printf(bio_err," -strparse offset\n");
BIO_printf(bio_err," a series of these can be used to 'dig' into multiple\n");
BIO_printf(bio_err," ASN1 blob wrappings\n");
BIO_printf(bio_err," -genstr str string to generate ASN1 structure from\n");
BIO_printf(bio_err," -genconf file file to generate ASN1 structure from\n");
if (badops) {
bad:
BIO_printf(bio_err, "%s [options] <infile\n", prog);
BIO_printf(bio_err, "where options are\n");
BIO_printf(bio_err, " -inform arg input format - one of DER PEM\n");
BIO_printf(bio_err, " -in arg input file\n");
BIO_printf(bio_err,
" -out arg output file (output format is always DER\n");
BIO_printf(bio_err, " -noout arg don't produce any output\n");
BIO_printf(bio_err, " -offset arg offset into file\n");
BIO_printf(bio_err, " -length arg length of section in file\n");
BIO_printf(bio_err, " -i indent entries\n");
BIO_printf(bio_err, " -dump dump unknown data in hex form\n");
BIO_printf(bio_err,
" -dlimit arg dump the first arg bytes of unknown data in hex form\n");
BIO_printf(bio_err, " -oid file file of extra oid definitions\n");
BIO_printf(bio_err, " -strparse offset\n");
BIO_printf(bio_err,
" a series of these can be used to 'dig' into multiple\n");
BIO_printf(bio_err, " ASN1 blob wrappings\n");
BIO_printf(bio_err,
" -genstr str string to generate ASN1 structure from\n");
BIO_printf(bio_err,
" -genconf file file to generate ASN1 structure from\n");
goto end;
}
ERR_load_crypto_strings();
in=BIO_new(BIO_s_file());
out=BIO_new(BIO_s_file());
if ((in == NULL) || (out == NULL))
{
in = BIO_new(BIO_s_file());
out = BIO_new(BIO_s_file());
if ((in == NULL) || (out == NULL)) {
ERR_print_errors(bio_err);
goto end;
}
BIO_set_fp(out,stdout,BIO_NOCLOSE|BIO_FP_TEXT);
BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
#ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
@ -232,11 +222,9 @@ bad:
}
#endif
if (oidfile != NULL)
{
if (BIO_read_filename(in,oidfile) <= 0)
{
BIO_printf(bio_err,"problems opening %s\n",oidfile);
if (oidfile != NULL) {
if (BIO_read_filename(in, oidfile) <= 0) {
BIO_printf(bio_err, "problems opening %s\n", oidfile);
ERR_print_errors(bio_err);
goto end;
}
@ -244,164 +232,160 @@ bad:
}
if (infile == NULL)
BIO_set_fp(in,stdin,BIO_NOCLOSE);
else
{
if (BIO_read_filename(in,infile) <= 0)
{
BIO_set_fp(in, stdin, BIO_NOCLOSE);
else {
if (BIO_read_filename(in, infile) <= 0) {
perror(infile);
goto end;
}
}
if (derfile) {
if(!(derout = BIO_new_file(derfile, "wb"))) {
BIO_printf(bio_err,"problems opening %s\n",derfile);
if (!(derout = BIO_new_file(derfile, "wb"))) {
BIO_printf(bio_err, "problems opening %s\n", derfile);
ERR_print_errors(bio_err);
goto end;
}
}
if ((buf=BUF_MEM_new()) == NULL) goto end;
if (!BUF_MEM_grow(buf,BUFSIZ*8)) goto end; /* Pre-allocate :-) */
if ((buf = BUF_MEM_new()) == NULL)
goto end;
if (!BUF_MEM_grow(buf, BUFSIZ * 8))
goto end; /* Pre-allocate :-) */
if (genstr || genconf)
{
if (genstr || genconf) {
num = do_generate(bio_err, genstr, genconf, buf);
if (num < 0)
{
if (num < 0) {
ERR_print_errors(bio_err);
goto end;
}
}
else
{
else {
if (informat == FORMAT_PEM)
{
if (informat == FORMAT_PEM) {
BIO *tmp;
if ((b64=BIO_new(BIO_f_base64())) == NULL)
if ((b64 = BIO_new(BIO_f_base64())) == NULL)
goto end;
BIO_push(b64,in);
tmp=in;
in=b64;
b64=tmp;
BIO_push(b64, in);
tmp = in;
in = b64;
b64 = tmp;
}
num=0;
for (;;)
{
if (!BUF_MEM_grow(buf,(int)num+BUFSIZ)) goto end;
i=BIO_read(in,&(buf->data[num]),BUFSIZ);
if (i <= 0) break;
num+=i;
num = 0;
for (;;) {
if (!BUF_MEM_grow(buf, (int)num + BUFSIZ))
goto end;
i = BIO_read(in, &(buf->data[num]), BUFSIZ);
if (i <= 0)
break;
num += i;
}
}
str=buf->data;
str = buf->data;
/* If any structs to parse go through in sequence */
if (sk_OPENSSL_STRING_num(osk))
{
tmpbuf=(unsigned char *)str;
tmplen=num;
for (i=0; i<sk_OPENSSL_STRING_num(osk); i++)
{
if (sk_OPENSSL_STRING_num(osk)) {
tmpbuf = (unsigned char *)str;
tmplen = num;
for (i = 0; i < sk_OPENSSL_STRING_num(osk); i++) {
ASN1_TYPE *atmp;
int typ;
j=atoi(sk_OPENSSL_STRING_value(osk,i));
if (j == 0)
{
BIO_printf(bio_err,"'%s' is an invalid number\n",sk_OPENSSL_STRING_value(osk,i));
j = atoi(sk_OPENSSL_STRING_value(osk, i));
if (j == 0) {
BIO_printf(bio_err, "'%s' is an invalid number\n",
sk_OPENSSL_STRING_value(osk, i));
continue;
}
tmpbuf+=j;
tmplen-=j;
tmpbuf += j;
tmplen -= j;
atmp = at;
ctmpbuf = tmpbuf;
at = d2i_ASN1_TYPE(NULL,&ctmpbuf,tmplen);
at = d2i_ASN1_TYPE(NULL, &ctmpbuf, tmplen);
ASN1_TYPE_free(atmp);
if(!at)
{
BIO_printf(bio_err,"Error parsing structure\n");
if (!at) {
BIO_printf(bio_err, "Error parsing structure\n");
ERR_print_errors(bio_err);
goto end;
}
typ = ASN1_TYPE_get(at);
if ((typ == V_ASN1_OBJECT)
|| (typ == V_ASN1_NULL))
{
|| (typ == V_ASN1_NULL)) {
BIO_printf(bio_err, "Can't parse %s type\n",
typ == V_ASN1_NULL ? "NULL" : "OBJECT");
ERR_print_errors(bio_err);
goto end;
}
/* hmm... this is a little evil but it works */
tmpbuf=at->value.asn1_string->data;
tmplen=at->value.asn1_string->length;
tmpbuf = at->value.asn1_string->data;
tmplen = at->value.asn1_string->length;
}
str=(char *)tmpbuf;
num=tmplen;
str = (char *)tmpbuf;
num = tmplen;
}
if (offset >= num)
{
if (offset >= num) {
BIO_printf(bio_err, "Error: offset too large\n");
goto end;
}
num -= offset;
if ((length == 0) || ((long)length > num)) length=(unsigned int)num;
if(derout) {
if(BIO_write(derout, str + offset, length) != (int)length) {
if ((length == 0) || ((long)length > num))
length = (unsigned int)num;
if (derout) {
if (BIO_write(derout, str + offset, length) != (int)length) {
BIO_printf(bio_err, "Error writing output\n");
ERR_print_errors(bio_err);
goto end;
}
}
if (!noout &&
!ASN1_parse_dump(out,(unsigned char *)&(str[offset]),length,
indent,dump))
{
!ASN1_parse_dump(out, (unsigned char *)&(str[offset]), length,
indent, dump)) {
ERR_print_errors(bio_err);
goto end;
}
ret=0;
end:
ret = 0;
end:
BIO_free(derout);
if (in != NULL) BIO_free(in);
if (out != NULL) BIO_free_all(out);
if (b64 != NULL) BIO_free(b64);
if (in != NULL)
BIO_free(in);
if (out != NULL)
BIO_free_all(out);
if (b64 != NULL)
BIO_free(b64);
if (ret != 0)
ERR_print_errors(bio_err);
if (buf != NULL) BUF_MEM_free(buf);
if (at != NULL) ASN1_TYPE_free(at);
if (osk != NULL) sk_OPENSSL_STRING_free(osk);
if (buf != NULL)
BUF_MEM_free(buf);
if (at != NULL)
ASN1_TYPE_free(at);
if (osk != NULL)
sk_OPENSSL_STRING_free(osk);
OBJ_cleanup();
apps_shutdown();
OPENSSL_EXIT(ret);
}
}
static int do_generate(BIO *bio, char *genstr, char *genconf, BUF_MEM *buf)
{
{
CONF *cnf = NULL;
int len;
long errline;
unsigned char *p;
ASN1_TYPE *atyp = NULL;
if (genconf)
{
if (genconf) {
cnf = NCONF_new(NULL);
if (!NCONF_load(cnf, genconf, &errline))
goto conferr;
if (!genstr)
genstr = NCONF_get_string(cnf, "default", "asn1");
if (!genstr)
{
if (!genstr) {
BIO_printf(bio, "Can't find 'asn1' in '%s'\n", genconf);
goto err;
}
@ -419,10 +403,10 @@ static int do_generate(BIO *bio, char *genstr, char *genconf, BUF_MEM *buf)
if (len <= 0)
goto err;
if (!BUF_MEM_grow(buf,len))
if (!BUF_MEM_grow(buf, len))
goto err;
p=(unsigned char *)buf->data;
p = (unsigned char *)buf->data;
i2d_ASN1_TYPE(atyp, &p);
@ -443,4 +427,4 @@ static int do_generate(BIO *bio, char *genstr, char *genconf, BUF_MEM *buf)
return -1;
}
}

2907
apps/ca.c
View File

File diff suppressed because it is too large Load Diff

180
apps/ciphers.c
View File

@ -60,7 +60,7 @@
#include <stdlib.h>
#include <string.h>
#ifdef OPENSSL_NO_STDIO
#define APPS_WIN16
# define APPS_WIN16
#endif
#include "apps.h"
#include <openssl/err.h>
@ -69,43 +69,43 @@
#undef PROG
#define PROG ciphers_main
static const char *ciphers_usage[]={
"usage: ciphers args\n",
" -v - verbose mode, a textual listing of the SSL/TLS ciphers in OpenSSL\n",
" -V - even more verbose\n",
" -ssl2 - SSL2 mode\n",
" -ssl3 - SSL3 mode\n",
" -tls1 - TLS1 mode\n",
NULL
static const char *ciphers_usage[] = {
"usage: ciphers args\n",
" -v - verbose mode, a textual listing of the SSL/TLS ciphers in OpenSSL\n",
" -V - even more verbose\n",
" -ssl2 - SSL2 mode\n",
" -ssl3 - SSL3 mode\n",
" -tls1 - TLS1 mode\n",
NULL
};
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
int ret=1,i;
int verbose=0,Verbose=0;
{
int ret = 1, i;
int verbose = 0, Verbose = 0;
#ifndef OPENSSL_NO_SSL_TRACE
int stdname = 0;
#endif
const char **pp;
const char *p;
int badops=0;
SSL_CTX *ctx=NULL;
SSL *ssl=NULL;
char *ciphers=NULL;
const SSL_METHOD *meth=NULL;
int badops = 0;
SSL_CTX *ctx = NULL;
SSL *ssl = NULL;
char *ciphers = NULL;
const SSL_METHOD *meth = NULL;
STACK_OF(SSL_CIPHER) *sk;
char buf[512];
BIO *STDout=NULL;
BIO *STDout = NULL;
meth=SSLv23_server_method();
meth = SSLv23_server_method();
apps_startup();
if (bio_err == NULL)
bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
STDout=BIO_new_fp(stdout,BIO_NOCLOSE);
bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
STDout = BIO_new_fp(stdout, BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
@ -117,133 +117,123 @@ int MAIN(int argc, char **argv)
argc--;
argv++;
while (argc >= 1)
{
if (strcmp(*argv,"-v") == 0)
verbose=1;
else if (strcmp(*argv,"-V") == 0)
verbose=Verbose=1;
while (argc >= 1) {
if (strcmp(*argv, "-v") == 0)
verbose = 1;
else if (strcmp(*argv, "-V") == 0)
verbose = Verbose = 1;
#ifndef OPENSSL_NO_SSL_TRACE
else if (strcmp(*argv,"-stdname") == 0)
stdname=verbose=1;
else if (strcmp(*argv, "-stdname") == 0)
stdname = verbose = 1;
#endif
#ifndef OPENSSL_NO_SSL2
else if (strcmp(*argv,"-ssl2") == 0)
meth=SSLv2_client_method();
else if (strcmp(*argv, "-ssl2") == 0)
meth = SSLv2_client_method();
#endif
#ifndef OPENSSL_NO_SSL3
else if (strcmp(*argv,"-ssl3") == 0)
meth=SSLv3_client_method();
else if (strcmp(*argv, "-ssl3") == 0)
meth = SSLv3_client_method();
#endif
#ifndef OPENSSL_NO_TLS1
else if (strcmp(*argv,"-tls1") == 0)
meth=TLSv1_client_method();
else if (strcmp(*argv, "-tls1") == 0)
meth = TLSv1_client_method();
#endif
else if ((strncmp(*argv,"-h",2) == 0) ||
(strcmp(*argv,"-?") == 0))
{
badops=1;
else if ((strncmp(*argv, "-h", 2) == 0) || (strcmp(*argv, "-?") == 0)) {
badops = 1;
break;
}
else
{
ciphers= *argv;
} else {
ciphers = *argv;
}
argc--;
argv++;
}
if (badops)
{
for (pp=ciphers_usage; (*pp != NULL); pp++)
BIO_printf(bio_err,"%s",*pp);
if (badops) {
for (pp = ciphers_usage; (*pp != NULL); pp++)
BIO_printf(bio_err, "%s", *pp);
goto end;
}
OpenSSL_add_ssl_algorithms();
ctx=SSL_CTX_new(meth);
if (ctx == NULL) goto err;
ctx = SSL_CTX_new(meth);
if (ctx == NULL)
goto err;
if (ciphers != NULL) {
if(!SSL_CTX_set_cipher_list(ctx,ciphers)) {
if (!SSL_CTX_set_cipher_list(ctx, ciphers)) {
BIO_printf(bio_err, "Error in cipher list\n");
goto err;
}
}
ssl=SSL_new(ctx);
if (ssl == NULL) goto err;
ssl = SSL_new(ctx);
if (ssl == NULL)
goto err;
if (!verbose)
{
for (i=0; ; i++)
{
p=SSL_get_cipher_list(ssl,i);
if (p == NULL) break;
if (i != 0) BIO_printf(STDout,":");
BIO_printf(STDout,"%s",p);
if (!verbose) {
for (i = 0;; i++) {
p = SSL_get_cipher_list(ssl, i);
if (p == NULL)
break;
if (i != 0)
BIO_printf(STDout, ":");
BIO_printf(STDout, "%s", p);
}
BIO_printf(STDout,"\n");
}
else /* verbose */
{
sk=SSL_get_ciphers(ssl);
BIO_printf(STDout, "\n");
} else { /* verbose */
for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
{
sk = SSL_get_ciphers(ssl);
for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
SSL_CIPHER *c;
c = sk_SSL_CIPHER_value(sk,i);
c = sk_SSL_CIPHER_value(sk, i);
if (Verbose)
{
if (Verbose) {
unsigned long id = SSL_CIPHER_get_id(c);
int id0 = (int)(id >> 24);
int id1 = (int)((id >> 16) & 0xffL);
int id2 = (int)((id >> 8) & 0xffL);
int id3 = (int)(id & 0xffL);
if ((id & 0xff000000L) == 0x02000000L)
{
if ((id & 0xff000000L) == 0x02000000L) {
/* SSL2 cipher */
BIO_printf(STDout, " 0x%02X,0x%02X,0x%02X - ", id1, id2, id3);
}
else if ((id & 0xff000000L) == 0x03000000L)
{
BIO_printf(STDout, " 0x%02X,0x%02X,0x%02X - ", id1,
id2, id3);
} else if ((id & 0xff000000L) == 0x03000000L) {
/* SSL3 cipher */
BIO_printf(STDout, " 0x%02X,0x%02X - ", id2, id3);
}
else
{
BIO_printf(STDout, " 0x%02X,0x%02X - ", id2,
id3);
} else {
/* whatever */
BIO_printf(STDout, "0x%02X,0x%02X,0x%02X,0x%02X - ", id0, id1, id2, id3);
BIO_printf(STDout, "0x%02X,0x%02X,0x%02X,0x%02X - ", id0,
id1, id2, id3);
}
}
#ifndef OPENSSL_NO_SSL_TRACE
if (stdname)
{
if (stdname) {
const char *nm = SSL_CIPHER_standard_name(c);
if (nm == NULL)
nm = "UNKNOWN";
BIO_printf(STDout, "%s - ", nm);
}
#endif
BIO_puts(STDout,SSL_CIPHER_description(c,buf,sizeof buf));
BIO_puts(STDout, SSL_CIPHER_description(c, buf, sizeof buf));
}
}
ret=0;
if (0)
{
err:
ret = 0;
if (0) {
err:
SSL_load_error_strings();
ERR_print_errors(bio_err);
}
end:
if (ctx != NULL) SSL_CTX_free(ctx);
if (ssl != NULL) SSL_free(ssl);
if (STDout != NULL) BIO_free_all(STDout);
end:
if (ctx != NULL)
SSL_CTX_free(ctx);
if (ssl != NULL)
SSL_free(ssl);
if (STDout != NULL)
BIO_free_all(STDout);
apps_shutdown();
OPENSSL_EXIT(ret);
}
}

1020
apps/cms.c
View File

File diff suppressed because it is too large Load Diff

434
apps/crl.c
View File

@ -72,46 +72,47 @@
#undef POSTFIX
#define POSTFIX ".rvk"
static const char *crl_usage[]={
"usage: crl args\n",
"\n",
" -inform arg - input format - default PEM (DER or PEM)\n",
" -outform arg - output format - default PEM\n",
" -text - print out a text format version\n",
" -in arg - input file - default stdin\n",
" -out arg - output file - default stdout\n",
" -hash - print hash value\n",
static const char *crl_usage[] = {
"usage: crl args\n",
"\n",
" -inform arg - input format - default PEM (DER or PEM)\n",
" -outform arg - output format - default PEM\n",
" -text - print out a text format version\n",
" -in arg - input file - default stdin\n",
" -out arg - output file - default stdout\n",
" -hash - print hash value\n",
#ifndef OPENSSL_NO_MD5
" -hash_old - print old-style (MD5) hash value\n",
" -hash_old - print old-style (MD5) hash value\n",
#endif
" -fingerprint - print the crl fingerprint\n",
" -issuer - print issuer DN\n",
" -lastupdate - lastUpdate field\n",
" -nextupdate - nextUpdate field\n",
" -crlnumber - print CRL number\n",
" -noout - no CRL output\n",
" -CAfile name - verify CRL using certificates in file \"name\"\n",
" -CApath dir - verify CRL using certificates in \"dir\"\n",
" -nameopt arg - various certificate name options\n",
NULL
" -fingerprint - print the crl fingerprint\n",
" -issuer - print issuer DN\n",
" -lastupdate - lastUpdate field\n",
" -nextupdate - nextUpdate field\n",
" -crlnumber - print CRL number\n",
" -noout - no CRL output\n",
" -CAfile name - verify CRL using certificates in file \"name\"\n",
" -CApath dir - verify CRL using certificates in \"dir\"\n",
" -nameopt arg - various certificate name options\n",
NULL
};
static BIO *bio_out=NULL;
static BIO *bio_out = NULL;
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
{
unsigned long nmflag = 0;
X509_CRL *x=NULL;
X509_CRL *x = NULL;
char *CAfile = NULL, *CApath = NULL;
int ret=1,i,num,badops=0,badsig=0;
BIO *out=NULL;
int informat,outformat, keyformat;
char *infile=NULL,*outfile=NULL, *crldiff = NULL, *keyfile = NULL;
int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0,text=0;
int ret = 1, i, num, badops = 0, badsig = 0;
BIO *out = NULL;
int informat, outformat, keyformat;
char *infile = NULL, *outfile = NULL, *crldiff = NULL, *keyfile = NULL;
int hash = 0, issuer = 0, lastupdate = 0, nextupdate = 0, noout =
0, text = 0;
#ifndef OPENSSL_NO_MD5
int hash_old=0;
int hash_old = 0;
#endif
int fingerprint = 0, crlnumber = 0;
const char **pp;
@ -121,21 +122,20 @@ int MAIN(int argc, char **argv)
X509_OBJECT xobj;
EVP_PKEY *pkey;
int do_ver = 0;
const EVP_MD *md_alg,*digest=EVP_sha1();
const EVP_MD *md_alg, *digest = EVP_sha1();
apps_startup();
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
if (!load_config(bio_err, NULL))
goto end;
if (bio_out == NULL)
if ((bio_out=BIO_new(BIO_s_file())) != NULL)
{
BIO_set_fp(bio_out,stdout,BIO_NOCLOSE);
if ((bio_out = BIO_new(BIO_s_file())) != NULL) {
BIO_set_fp(bio_out, stdout, BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
@ -144,304 +144,268 @@ int MAIN(int argc, char **argv)
#endif
}
informat=FORMAT_PEM;
outformat=FORMAT_PEM;
keyformat=FORMAT_PEM;
informat = FORMAT_PEM;
outformat = FORMAT_PEM;
keyformat = FORMAT_PEM;
argc--;
argv++;
num=0;
while (argc >= 1)
{
num = 0;
while (argc >= 1) {
#ifdef undef
if (strcmp(*argv,"-p") == 0)
{
if (--argc < 1) goto bad;
if (!args_from_file(++argv,Nargc,Nargv)) { goto end; }*/
if (strcmp(*argv, "-p") == 0) {
if (--argc < 1)
goto bad;
if (!args_from_file(++argv, Nargc, Nargv)) {
goto end;
}
*/}
#endif
if (strcmp(*argv,"-inform") == 0)
{
if (--argc < 1) goto bad;
informat=str2fmt(*(++argv));
}
else if (strcmp(*argv,"-outform") == 0)
{
if (--argc < 1) goto bad;
outformat=str2fmt(*(++argv));
}
else if (strcmp(*argv,"-in") == 0)
{
if (--argc < 1) goto bad;
infile= *(++argv);
}
else if (strcmp(*argv,"-gendelta") == 0)
{
if (--argc < 1) goto bad;
crldiff= *(++argv);
}
else if (strcmp(*argv,"-key") == 0)
{
if (--argc < 1) goto bad;
keyfile= *(++argv);
}
else if (strcmp(*argv,"-keyform") == 0)
{
if (--argc < 1) goto bad;
keyformat=str2fmt(*(++argv));
}
else if (strcmp(*argv,"-out") == 0)
{
if (--argc < 1) goto bad;
outfile= *(++argv);
}
else if (strcmp(*argv,"-CApath") == 0)
{
if (--argc < 1) goto bad;
if (strcmp(*argv, "-inform") == 0) {
if (--argc < 1)
goto bad;
informat = str2fmt(*(++argv));
} else if (strcmp(*argv, "-outform") == 0) {
if (--argc < 1)
goto bad;
outformat = str2fmt(*(++argv));
} else if (strcmp(*argv, "-in") == 0) {
if (--argc < 1)
goto bad;
infile = *(++argv);
} else if (strcmp(*argv, "-gendelta") == 0) {
if (--argc < 1)
goto bad;
crldiff = *(++argv);
} else if (strcmp(*argv, "-key") == 0) {
if (--argc < 1)
goto bad;
keyfile = *(++argv);
} else if (strcmp(*argv, "-keyform") == 0) {
if (--argc < 1)
goto bad;
keyformat = str2fmt(*(++argv));
} else if (strcmp(*argv, "-out") == 0) {
if (--argc < 1)
goto bad;
outfile = *(++argv);
} else if (strcmp(*argv, "-CApath") == 0) {
if (--argc < 1)
goto bad;
CApath = *(++argv);
do_ver = 1;
}
else if (strcmp(*argv,"-CAfile") == 0)
{
if (--argc < 1) goto bad;
} else if (strcmp(*argv, "-CAfile") == 0) {
if (--argc < 1)
goto bad;
CAfile = *(++argv);
do_ver = 1;
}
else if (strcmp(*argv,"-verify") == 0)
} else if (strcmp(*argv, "-verify") == 0)
do_ver = 1;
else if (strcmp(*argv,"-text") == 0)
else if (strcmp(*argv, "-text") == 0)
text = 1;
else if (strcmp(*argv,"-hash") == 0)
hash= ++num;
else if (strcmp(*argv, "-hash") == 0)
hash = ++num;
#ifndef OPENSSL_NO_MD5
else if (strcmp(*argv,"-hash_old") == 0)
hash_old= ++num;
else if (strcmp(*argv, "-hash_old") == 0)
hash_old = ++num;
#endif
else if (strcmp(*argv,"-nameopt") == 0)
{
if (--argc < 1) goto bad;
if (!set_name_ex(&nmflag, *(++argv))) goto bad;
}
else if (strcmp(*argv,"-issuer") == 0)
issuer= ++num;
else if (strcmp(*argv,"-lastupdate") == 0)
lastupdate= ++num;
else if (strcmp(*argv,"-nextupdate") == 0)
nextupdate= ++num;
else if (strcmp(*argv,"-noout") == 0)
noout= ++num;
else if (strcmp(*argv,"-fingerprint") == 0)
fingerprint= ++num;
else if (strcmp(*argv,"-crlnumber") == 0)
crlnumber= ++num;
else if (strcmp(*argv,"-badsig") == 0)
else if (strcmp(*argv, "-nameopt") == 0) {
if (--argc < 1)
goto bad;
if (!set_name_ex(&nmflag, *(++argv)))
goto bad;
} else if (strcmp(*argv, "-issuer") == 0)
issuer = ++num;
else if (strcmp(*argv, "-lastupdate") == 0)
lastupdate = ++num;
else if (strcmp(*argv, "-nextupdate") == 0)
nextupdate = ++num;
else if (strcmp(*argv, "-noout") == 0)
noout = ++num;
else if (strcmp(*argv, "-fingerprint") == 0)
fingerprint = ++num;
else if (strcmp(*argv, "-crlnumber") == 0)
crlnumber = ++num;
else if (strcmp(*argv, "-badsig") == 0)
badsig = 1;
else if ((md_alg=EVP_get_digestbyname(*argv + 1)))
{
else if ((md_alg = EVP_get_digestbyname(*argv + 1))) {
/* ok */
digest=md_alg;
}
else
{
BIO_printf(bio_err,"unknown option %s\n",*argv);
badops=1;
digest = md_alg;
} else {
BIO_printf(bio_err, "unknown option %s\n", *argv);
badops = 1;
break;
}
argc--;
argv++;
}
if (badops)
{
bad:
for (pp=crl_usage; (*pp != NULL); pp++)
BIO_printf(bio_err,"%s",*pp);
if (badops) {
bad:
for (pp = crl_usage; (*pp != NULL); pp++)
BIO_printf(bio_err, "%s", *pp);
goto end;
}
ERR_load_crypto_strings();
x=load_crl(infile,informat);
if (x == NULL) { goto end; }
x = load_crl(infile, informat);
if (x == NULL) {
goto end;
}
if(do_ver) {
if (do_ver) {
store = X509_STORE_new();
lookup=X509_STORE_add_lookup(store,X509_LOOKUP_file());
if (lookup == NULL) goto end;
if (!X509_LOOKUP_load_file(lookup,CAfile,X509_FILETYPE_PEM))
X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT);
lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file());
if (lookup == NULL)
goto end;
if (!X509_LOOKUP_load_file(lookup, CAfile, X509_FILETYPE_PEM))
X509_LOOKUP_load_file(lookup, NULL, X509_FILETYPE_DEFAULT);
lookup=X509_STORE_add_lookup(store,X509_LOOKUP_hash_dir());
if (lookup == NULL) goto end;
if (!X509_LOOKUP_add_dir(lookup,CApath,X509_FILETYPE_PEM))
X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);
lookup = X509_STORE_add_lookup(store, X509_LOOKUP_hash_dir());
if (lookup == NULL)
goto end;
if (!X509_LOOKUP_add_dir(lookup, CApath, X509_FILETYPE_PEM))
X509_LOOKUP_add_dir(lookup, NULL, X509_FILETYPE_DEFAULT);
ERR_clear_error();
if(!X509_STORE_CTX_init(&ctx, store, NULL, NULL)) {
BIO_printf(bio_err,
"Error initialising X509 store\n");
if (!X509_STORE_CTX_init(&ctx, store, NULL, NULL)) {
BIO_printf(bio_err, "Error initialising X509 store\n");
goto end;
}
i = X509_STORE_get_by_subject(&ctx, X509_LU_X509,
X509_CRL_get_issuer(x), &xobj);
if(i <= 0) {
BIO_printf(bio_err,
"Error getting CRL issuer certificate\n");
if (i <= 0) {
BIO_printf(bio_err, "Error getting CRL issuer certificate\n");
goto end;
}
pkey = X509_get_pubkey(xobj.data.x509);
X509_OBJECT_free_contents(&xobj);
if(!pkey) {
BIO_printf(bio_err,
"Error getting CRL issuer public key\n");
if (!pkey) {
BIO_printf(bio_err, "Error getting CRL issuer public key\n");
goto end;
}
i = X509_CRL_verify(x, pkey);
EVP_PKEY_free(pkey);
if(i < 0) goto end;
if(i == 0) BIO_printf(bio_err, "verify failure\n");
else BIO_printf(bio_err, "verify OK\n");
if (i < 0)
goto end;
if (i == 0)
BIO_printf(bio_err, "verify failure\n");
else
BIO_printf(bio_err, "verify OK\n");
}
if (crldiff)
{
if (crldiff) {
X509_CRL *newcrl, *delta;
if (!keyfile)
{
if (!keyfile) {
BIO_puts(bio_err, "Missing CRL signing key\n");
goto end;
}
newcrl = load_crl(crldiff,informat);
newcrl = load_crl(crldiff, informat);
if (!newcrl)
goto end;
pkey = load_key(bio_err, keyfile, keyformat, 0, NULL, NULL,
"CRL signing key");
if (!pkey)
{
if (!pkey) {
X509_CRL_free(newcrl);
goto end;
}
delta = X509_CRL_diff(x, newcrl, pkey, digest, 0);
X509_CRL_free(newcrl);
EVP_PKEY_free(pkey);
if (delta)
{
if (delta) {
X509_CRL_free(x);
x = delta;
}
else
{
} else {
BIO_puts(bio_err, "Error creating delta CRL\n");
goto end;
}
}
if (num)
{
for (i=1; i<=num; i++)
{
if (issuer == i)
{
print_name(bio_out, "issuer=", X509_CRL_get_issuer(x), nmflag);
if (num) {
for (i = 1; i <= num; i++) {
if (issuer == i) {
print_name(bio_out, "issuer=", X509_CRL_get_issuer(x),
nmflag);
}
if (crlnumber == i)
{
if (crlnumber == i) {
ASN1_INTEGER *crlnum;
crlnum = X509_CRL_get_ext_d2i(x, NID_crl_number,
NULL, NULL);
BIO_printf(bio_out,"crlNumber=");
if (crlnum)
{
crlnum = X509_CRL_get_ext_d2i(x, NID_crl_number, NULL, NULL);
BIO_printf(bio_out, "crlNumber=");
if (crlnum) {
i2a_ASN1_INTEGER(bio_out, crlnum);
ASN1_INTEGER_free(crlnum);
}
else
} else
BIO_puts(bio_out, "<NONE>");
BIO_printf(bio_out,"\n");
BIO_printf(bio_out, "\n");
}
if (hash == i)
{
BIO_printf(bio_out,"%08lx\n",
if (hash == i) {
BIO_printf(bio_out, "%08lx\n",
X509_NAME_hash(X509_CRL_get_issuer(x)));
}
#ifndef OPENSSL_NO_MD5
if (hash_old == i)
{
BIO_printf(bio_out,"%08lx\n",
X509_NAME_hash_old(
X509_CRL_get_issuer(x)));
if (hash_old == i) {
BIO_printf(bio_out, "%08lx\n",
X509_NAME_hash_old(X509_CRL_get_issuer(x)));
}
#endif
if (lastupdate == i)
{
BIO_printf(bio_out,"lastUpdate=");
ASN1_TIME_print(bio_out,
X509_CRL_get_lastUpdate(x));
BIO_printf(bio_out,"\n");
if (lastupdate == i) {
BIO_printf(bio_out, "lastUpdate=");
ASN1_TIME_print(bio_out, X509_CRL_get_lastUpdate(x));
BIO_printf(bio_out, "\n");
}
if (nextupdate == i)
{
BIO_printf(bio_out,"nextUpdate=");
if (nextupdate == i) {
BIO_printf(bio_out, "nextUpdate=");
if (X509_CRL_get_nextUpdate(x))
ASN1_TIME_print(bio_out,
X509_CRL_get_nextUpdate(x));
ASN1_TIME_print(bio_out, X509_CRL_get_nextUpdate(x));
else
BIO_printf(bio_out,"NONE");
BIO_printf(bio_out,"\n");
BIO_printf(bio_out, "NONE");
BIO_printf(bio_out, "\n");
}
if (fingerprint == i)
{
if (fingerprint == i) {
int j;
unsigned int n;
unsigned char md[EVP_MAX_MD_SIZE];
if (!X509_CRL_digest(x,digest,md,&n))
{
BIO_printf(bio_err,"out of memory\n");
if (!X509_CRL_digest(x, digest, md, &n)) {
BIO_printf(bio_err, "out of memory\n");
goto end;
}
BIO_printf(bio_out,"%s Fingerprint=",
BIO_printf(bio_out, "%s Fingerprint=",
OBJ_nid2sn(EVP_MD_type(digest)));
for (j=0; j<(int)n; j++)
{
BIO_printf(bio_out,"%02X%c",md[j],
(j+1 == (int)n)
?'\n':':');
for (j = 0; j < (int)n; j++) {
BIO_printf(bio_out, "%02X%c", md[j], (j + 1 == (int)n)
? '\n' : ':');
}
}
}
}
out=BIO_new(BIO_s_file());
if (out == NULL)
{
out = BIO_new(BIO_s_file());
if (out == NULL) {
ERR_print_errors(bio_err);
goto end;
}
if (outfile == NULL)
{
BIO_set_fp(out,stdout,BIO_NOCLOSE);
if (outfile == NULL) {
BIO_set_fp(out, stdout, BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
out = BIO_push(tmpbio, out);
}
#endif
}
else
{
if (BIO_write_filename(out,outfile) <= 0)
{
} else {
if (BIO_write_filename(out, outfile) <= 0) {
perror(outfile);
goto end;
}
}
if (text) X509_CRL_print(out, x);
if (text)
X509_CRL_print(out, x);
if (noout)
{
if (noout) {
ret = 0;
goto end;
}
@ -450,27 +414,29 @@ bad:
x->signature->data[x->signature->length - 1] ^= 0x1;
if (outformat == FORMAT_ASN1)
i=(int)i2d_X509_CRL_bio(out,x);
i = (int)i2d_X509_CRL_bio(out, x);
else if (outformat == FORMAT_PEM)
i=PEM_write_bio_X509_CRL(out,x);
else
{
BIO_printf(bio_err,"bad output format specified for outfile\n");
i = PEM_write_bio_X509_CRL(out, x);
else {
BIO_printf(bio_err, "bad output format specified for outfile\n");
goto end;
}
if (!i) { BIO_printf(bio_err,"unable to write CRL\n"); goto end; }
ret=0;
end:
if (!i) {
BIO_printf(bio_err, "unable to write CRL\n");
goto end;
}
ret = 0;
end:
if (ret != 0)
ERR_print_errors(bio_err);
BIO_free_all(out);
BIO_free_all(bio_out);
bio_out=NULL;
bio_out = NULL;
X509_CRL_free(x);
if(store) {
if (store) {
X509_STORE_CTX_cleanup(&ctx);
X509_STORE_free(store);
}
apps_shutdown();
OPENSSL_EXIT(ret);
}
}

288
apps/crl2p7.c
View File

@ -56,9 +56,11 @@
* [including the GNU Public Licence.]
*/
/* This was written by Gordon Chaffee <chaffee@plateau.cs.berkeley.edu>
* and donated 'to the cause' along with lots and lots of other fixes to
* the library. */
/*
* This was written by Gordon Chaffee <chaffee@plateau.cs.berkeley.edu> and
* donated 'to the cause' along with lots and lots of other fixes to the
* library.
*/
#include <stdio.h>
#include <string.h>
@ -85,158 +87,149 @@ static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile);
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
int i,badops=0;
BIO *in=NULL,*out=NULL;
int informat,outformat;
char *infile,*outfile,*prog,*certfile;
{
int i, badops = 0;
BIO *in = NULL, *out = NULL;
int informat, outformat;
char *infile, *outfile, *prog, *certfile;
PKCS7 *p7 = NULL;
PKCS7_SIGNED *p7s = NULL;
X509_CRL *crl=NULL;
STACK_OF(OPENSSL_STRING) *certflst=NULL;
STACK_OF(X509_CRL) *crl_stack=NULL;
STACK_OF(X509) *cert_stack=NULL;
int ret=1,nocrl=0;
X509_CRL *crl = NULL;
STACK_OF(OPENSSL_STRING) *certflst = NULL;
STACK_OF(X509_CRL) *crl_stack = NULL;
STACK_OF(X509) *cert_stack = NULL;
int ret = 1, nocrl = 0;
apps_startup();
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
infile=NULL;
outfile=NULL;
informat=FORMAT_PEM;
outformat=FORMAT_PEM;
infile = NULL;
outfile = NULL;
informat = FORMAT_PEM;
outformat = FORMAT_PEM;
prog=argv[0];
prog = argv[0];
argc--;
argv++;
while (argc >= 1)
{
if (strcmp(*argv,"-inform") == 0)
{
if (--argc < 1) goto bad;
informat=str2fmt(*(++argv));
}
else if (strcmp(*argv,"-outform") == 0)
{
if (--argc < 1) goto bad;
outformat=str2fmt(*(++argv));
}
else if (strcmp(*argv,"-in") == 0)
{
if (--argc < 1) goto bad;
infile= *(++argv);
}
else if (strcmp(*argv,"-nocrl") == 0)
{
nocrl=1;
}
else if (strcmp(*argv,"-out") == 0)
{
if (--argc < 1) goto bad;
outfile= *(++argv);
}
else if (strcmp(*argv,"-certfile") == 0)
{
if (--argc < 1) goto bad;
if(!certflst) certflst = sk_OPENSSL_STRING_new_null();
while (argc >= 1) {
if (strcmp(*argv, "-inform") == 0) {
if (--argc < 1)
goto bad;
informat = str2fmt(*(++argv));
} else if (strcmp(*argv, "-outform") == 0) {
if (--argc < 1)
goto bad;
outformat = str2fmt(*(++argv));
} else if (strcmp(*argv, "-in") == 0) {
if (--argc < 1)
goto bad;
infile = *(++argv);
} else if (strcmp(*argv, "-nocrl") == 0) {
nocrl = 1;
} else if (strcmp(*argv, "-out") == 0) {
if (--argc < 1)
goto bad;
outfile = *(++argv);
} else if (strcmp(*argv, "-certfile") == 0) {
if (--argc < 1)
goto bad;
if (!certflst)
certflst = sk_OPENSSL_STRING_new_null();
if (!certflst)
goto end;
if (!sk_OPENSSL_STRING_push(certflst,*(++argv)))
{
if (!sk_OPENSSL_STRING_push(certflst, *(++argv))) {
sk_OPENSSL_STRING_free(certflst);
goto end;
}
}
else
{
BIO_printf(bio_err,"unknown option %s\n",*argv);
badops=1;
} else {
BIO_printf(bio_err, "unknown option %s\n", *argv);
badops = 1;
break;
}
argc--;
argv++;
}
if (badops)
{
bad:
BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
BIO_printf(bio_err,"where options are\n");
BIO_printf(bio_err," -inform arg input format - DER or PEM\n");
BIO_printf(bio_err," -outform arg output format - DER or PEM\n");
BIO_printf(bio_err," -in arg input file\n");
BIO_printf(bio_err," -out arg output file\n");
BIO_printf(bio_err," -certfile arg certificates file of chain to a trusted CA\n");
BIO_printf(bio_err," (can be used more than once)\n");
BIO_printf(bio_err," -nocrl no crl to load, just certs from '-certfile'\n");
if (badops) {
bad:
BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
BIO_printf(bio_err, "where options are\n");
BIO_printf(bio_err, " -inform arg input format - DER or PEM\n");
BIO_printf(bio_err, " -outform arg output format - DER or PEM\n");
BIO_printf(bio_err, " -in arg input file\n");
BIO_printf(bio_err, " -out arg output file\n");
BIO_printf(bio_err,
" -certfile arg certificates file of chain to a trusted CA\n");
BIO_printf(bio_err, " (can be used more than once)\n");
BIO_printf(bio_err,
" -nocrl no crl to load, just certs from '-certfile'\n");
ret = 1;
goto end;
}
ERR_load_crypto_strings();
in=BIO_new(BIO_s_file());
out=BIO_new(BIO_s_file());
if ((in == NULL) || (out == NULL))
{
in = BIO_new(BIO_s_file());
out = BIO_new(BIO_s_file());
if ((in == NULL) || (out == NULL)) {
ERR_print_errors(bio_err);
goto end;
}
if (!nocrl)
{
if (!nocrl) {
if (infile == NULL)
BIO_set_fp(in,stdin,BIO_NOCLOSE);
else
{
if (BIO_read_filename(in,infile) <= 0)
{
BIO_set_fp(in, stdin, BIO_NOCLOSE);
else {
if (BIO_read_filename(in, infile) <= 0) {
perror(infile);
goto end;
}
}
if (informat == FORMAT_ASN1)
crl=d2i_X509_CRL_bio(in,NULL);
crl = d2i_X509_CRL_bio(in, NULL);
else if (informat == FORMAT_PEM)
crl=PEM_read_bio_X509_CRL(in,NULL,NULL,NULL);
crl = PEM_read_bio_X509_CRL(in, NULL, NULL, NULL);
else {
BIO_printf(bio_err,"bad input format specified for input crl\n");
BIO_printf(bio_err, "bad input format specified for input crl\n");
goto end;
}
if (crl == NULL)
{
BIO_printf(bio_err,"unable to load CRL\n");
if (crl == NULL) {
BIO_printf(bio_err, "unable to load CRL\n");
ERR_print_errors(bio_err);
goto end;
}
}
if ((p7=PKCS7_new()) == NULL) goto end;
if ((p7s=PKCS7_SIGNED_new()) == NULL) goto end;
p7->type=OBJ_nid2obj(NID_pkcs7_signed);
p7->d.sign=p7s;
p7s->contents->type=OBJ_nid2obj(NID_pkcs7_data);
if ((p7 = PKCS7_new()) == NULL)
goto end;
if ((p7s = PKCS7_SIGNED_new()) == NULL)
goto end;
p7->type = OBJ_nid2obj(NID_pkcs7_signed);
p7->d.sign = p7s;
p7s->contents->type = OBJ_nid2obj(NID_pkcs7_data);
if (!ASN1_INTEGER_set(p7s->version,1)) goto end;
if ((crl_stack=sk_X509_CRL_new_null()) == NULL) goto end;
p7s->crl=crl_stack;
if (crl != NULL)
{
sk_X509_CRL_push(crl_stack,crl);
crl=NULL; /* now part of p7 for OPENSSL_freeing */
if (!ASN1_INTEGER_set(p7s->version, 1))
goto end;
if ((crl_stack = sk_X509_CRL_new_null()) == NULL)
goto end;
p7s->crl = crl_stack;
if (crl != NULL) {
sk_X509_CRL_push(crl_stack, crl);
crl = NULL; /* now part of p7 for OPENSSL_freeing */
}
if ((cert_stack=sk_X509_new_null()) == NULL) goto end;
p7s->cert=cert_stack;
if ((cert_stack = sk_X509_new_null()) == NULL)
goto end;
p7s->cert = cert_stack;
if(certflst) for(i = 0; i < sk_OPENSSL_STRING_num(certflst); i++) {
if (certflst)
for (i = 0; i < sk_OPENSSL_STRING_num(certflst); i++) {
certfile = sk_OPENSSL_STRING_value(certflst, i);
if (add_certs_from_file(cert_stack,certfile) < 0)
{
if (add_certs_from_file(cert_stack, certfile) < 0) {
BIO_printf(bio_err, "error loading certificates\n");
ERR_print_errors(bio_err);
goto end;
@ -245,49 +238,48 @@ bad:
sk_OPENSSL_STRING_free(certflst);
if (outfile == NULL)
{
BIO_set_fp(out,stdout,BIO_NOCLOSE);
if (outfile == NULL) {
BIO_set_fp(out, stdout, BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
out = BIO_push(tmpbio, out);
}
#endif
}
else
{
if (BIO_write_filename(out,outfile) <= 0)
{
} else {
if (BIO_write_filename(out, outfile) <= 0) {
perror(outfile);
goto end;
}
}
if (outformat == FORMAT_ASN1)
i=i2d_PKCS7_bio(out,p7);
i = i2d_PKCS7_bio(out, p7);
else if (outformat == FORMAT_PEM)
i=PEM_write_bio_PKCS7(out,p7);
i = PEM_write_bio_PKCS7(out, p7);
else {
BIO_printf(bio_err,"bad output format specified for outfile\n");
BIO_printf(bio_err, "bad output format specified for outfile\n");
goto end;
}
if (!i)
{
BIO_printf(bio_err,"unable to write pkcs7 object\n");
if (!i) {
BIO_printf(bio_err, "unable to write pkcs7 object\n");
ERR_print_errors(bio_err);
goto end;
}
ret=0;
end:
if (in != NULL) BIO_free(in);
if (out != NULL) BIO_free_all(out);
if (p7 != NULL) PKCS7_free(p7);
if (crl != NULL) X509_CRL_free(crl);
ret = 0;
end:
if (in != NULL)
BIO_free(in);
if (out != NULL)
BIO_free_all(out);
if (p7 != NULL)
PKCS7_free(p7);
if (crl != NULL)
X509_CRL_free(crl);
apps_shutdown();
OPENSSL_EXIT(ret);
}
}
/*-
*----------------------------------------------------------------------
@ -300,45 +292,43 @@ end:
*----------------------------------------------------------------------
*/
static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile)
{
BIO *in=NULL;
int count=0;
int ret= -1;
STACK_OF(X509_INFO) *sk=NULL;
{
BIO *in = NULL;
int count = 0;
int ret = -1;
STACK_OF(X509_INFO) *sk = NULL;
X509_INFO *xi;
in=BIO_new(BIO_s_file());
if ((in == NULL) || (BIO_read_filename(in,certfile) <= 0))
{
BIO_printf(bio_err,"error opening the file, %s\n",certfile);
in = BIO_new(BIO_s_file());
if ((in == NULL) || (BIO_read_filename(in, certfile) <= 0)) {
BIO_printf(bio_err, "error opening the file, %s\n", certfile);
goto end;
}
/* This loads from a file, a stack of x509/crl/pkey sets */
sk=PEM_X509_INFO_read_bio(in,NULL,NULL,NULL);
sk = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL);
if (sk == NULL) {
BIO_printf(bio_err,"error reading the file, %s\n",certfile);
BIO_printf(bio_err, "error reading the file, %s\n", certfile);
goto end;
}
/* scan over it and pull out the CRL's */
while (sk_X509_INFO_num(sk))
{
xi=sk_X509_INFO_shift(sk);
if (xi->x509 != NULL)
{
sk_X509_push(stack,xi->x509);
xi->x509=NULL;
while (sk_X509_INFO_num(sk)) {
xi = sk_X509_INFO_shift(sk);
if (xi->x509 != NULL) {
sk_X509_push(stack, xi->x509);
xi->x509 = NULL;
count++;
}
X509_INFO_free(xi);
}
ret=count;
end:
ret = count;
end:
/* never need to OPENSSL_free x */
if (in != NULL) BIO_free(in);
if (sk != NULL) sk_X509_INFO_free(sk);
return(ret);
}
if (in != NULL)
BIO_free(in);
if (sk != NULL)
sk_X509_INFO_free(sk);
return (ret);
}

484
apps/dgst.c
View File

@ -77,11 +77,11 @@
int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
EVP_PKEY *key, unsigned char *sigin, int siglen,
const char *sig_name, const char *md_name,
const char *file,BIO *bmd);
const char *file, BIO *bmd);
static void list_md_fn(const EVP_MD *m,
const char *from, const char *to, void *arg)
{
{
const char *mname;
/* Skip aliases */
if (!m)
@ -94,27 +94,27 @@ static void list_md_fn(const EVP_MD *m,
if (EVP_MD_flags(m) & EVP_MD_FLAG_PKEY_DIGEST)
return;
if (strchr(mname, ' '))
mname= EVP_MD_name(m);
mname = EVP_MD_name(m);
BIO_printf(arg, "-%-14s to use the %s message digest algorithm\n",
mname, mname);
}
}
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
{
ENGINE *e = NULL, *impl = NULL;
unsigned char *buf=NULL;
int i,err=1;
const EVP_MD *md=NULL,*m;
BIO *in=NULL,*inp;
BIO *bmd=NULL;
unsigned char *buf = NULL;
int i, err = 1;
const EVP_MD *md = NULL, *m;
BIO *in = NULL, *inp;
BIO *bmd = NULL;
BIO *out = NULL;
#define PROG_NAME_SIZE 39
char pname[PROG_NAME_SIZE+1];
int separator=0;
int debug=0;
int keyform=FORMAT_PEM;
char pname[PROG_NAME_SIZE + 1];
int separator = 0;
int debug = 0;
int keyform = FORMAT_PEM;
const char *outfile = NULL, *keyfile = NULL;
const char *sigfile = NULL, *randfile = NULL;
int out_bin = -1, want_pub = 0, do_verify = 0;
@ -123,219 +123,207 @@ int MAIN(int argc, char **argv)
int siglen = 0;
char *passargin = NULL, *passin = NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
char *engine = NULL;
int engine_impl = 0;
#endif
char *hmac_key=NULL;
char *mac_name=NULL;
char *hmac_key = NULL;
char *mac_name = NULL;
int non_fips_allow = 0;
STACK_OF(OPENSSL_STRING) *sigopts = NULL, *macopts = NULL;
apps_startup();
if ((buf=(unsigned char *)OPENSSL_malloc(BUFSIZE)) == NULL)
{
BIO_printf(bio_err,"out of memory\n");
if ((buf = (unsigned char *)OPENSSL_malloc(BUFSIZE)) == NULL) {
BIO_printf(bio_err, "out of memory\n");
goto end;
}
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
if (!load_config(bio_err, NULL))
goto end;
/* first check the program name */
program_name(argv[0],pname,sizeof pname);
program_name(argv[0], pname, sizeof pname);
md=EVP_get_digestbyname(pname);
md = EVP_get_digestbyname(pname);
argc--;
argv++;
while (argc > 0)
{
if ((*argv)[0] != '-') break;
if (strcmp(*argv,"-c") == 0)
separator=1;
else if (strcmp(*argv,"-r") == 0)
separator=2;
else if (strcmp(*argv,"-rand") == 0)
{
if (--argc < 1) break;
randfile=*(++argv);
}
else if (strcmp(*argv,"-out") == 0)
{
if (--argc < 1) break;
outfile=*(++argv);
}
else if (strcmp(*argv,"-sign") == 0)
{
if (--argc < 1) break;
keyfile=*(++argv);
}
else if (!strcmp(*argv,"-passin"))
{
while (argc > 0) {
if ((*argv)[0] != '-')
break;
if (strcmp(*argv, "-c") == 0)
separator = 1;
else if (strcmp(*argv, "-r") == 0)
separator = 2;
else if (strcmp(*argv, "-rand") == 0) {
if (--argc < 1)
break;
passargin=*++argv;
}
else if (strcmp(*argv,"-verify") == 0)
{
if (--argc < 1) break;
keyfile=*(++argv);
randfile = *(++argv);
} else if (strcmp(*argv, "-out") == 0) {
if (--argc < 1)
break;
outfile = *(++argv);
} else if (strcmp(*argv, "-sign") == 0) {
if (--argc < 1)
break;
keyfile = *(++argv);
} else if (!strcmp(*argv, "-passin")) {
if (--argc < 1)
break;
passargin = *++argv;
} else if (strcmp(*argv, "-verify") == 0) {
if (--argc < 1)
break;
keyfile = *(++argv);
want_pub = 1;
do_verify = 1;
}
else if (strcmp(*argv,"-prverify") == 0)
{
if (--argc < 1) break;
keyfile=*(++argv);
} else if (strcmp(*argv, "-prverify") == 0) {
if (--argc < 1)
break;
keyfile = *(++argv);
do_verify = 1;
}
else if (strcmp(*argv,"-signature") == 0)
{
if (--argc < 1) break;
sigfile=*(++argv);
}
else if (strcmp(*argv,"-keyform") == 0)
{
if (--argc < 1) break;
keyform=str2fmt(*(++argv));
} else if (strcmp(*argv, "-signature") == 0) {
if (--argc < 1)
break;
sigfile = *(++argv);
} else if (strcmp(*argv, "-keyform") == 0) {
if (--argc < 1)
break;
keyform = str2fmt(*(++argv));
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) break;
engine= *(++argv);
else if (strcmp(*argv, "-engine") == 0) {
if (--argc < 1)
break;
engine = *(++argv);
e = setup_engine(bio_err, engine, 0);
}
else if (strcmp(*argv,"-engine_impl") == 0)
} else if (strcmp(*argv, "-engine_impl") == 0)
engine_impl = 1;
#endif
else if (strcmp(*argv,"-hex") == 0)
else if (strcmp(*argv, "-hex") == 0)
out_bin = 0;
else if (strcmp(*argv,"-binary") == 0)
else if (strcmp(*argv, "-binary") == 0)
out_bin = 1;
else if (strcmp(*argv,"-d") == 0)
debug=1;
else if (!strcmp(*argv,"-fips-fingerprint"))
else if (strcmp(*argv, "-d") == 0)
debug = 1;
else if (!strcmp(*argv, "-fips-fingerprint"))
hmac_key = "etaonrishdlcupfm";
else if (strcmp(*argv,"-non-fips-allow") == 0)
non_fips_allow=1;
else if (!strcmp(*argv,"-hmac"))
{
else if (strcmp(*argv, "-non-fips-allow") == 0)
non_fips_allow = 1;
else if (!strcmp(*argv, "-hmac")) {
if (--argc < 1)
break;
hmac_key=*++argv;
}
else if (!strcmp(*argv,"-mac"))
{
hmac_key = *++argv;
} else if (!strcmp(*argv, "-mac")) {
if (--argc < 1)
break;
mac_name=*++argv;
}
else if (strcmp(*argv,"-sigopt") == 0)
{
mac_name = *++argv;
} else if (strcmp(*argv, "-sigopt") == 0) {
if (--argc < 1)
break;
if (!sigopts)
sigopts = sk_OPENSSL_STRING_new_null();
if (!sigopts || !sk_OPENSSL_STRING_push(sigopts, *(++argv)))
break;
}
else if (strcmp(*argv,"-macopt") == 0)
{
} else if (strcmp(*argv, "-macopt") == 0) {
if (--argc < 1)
break;
if (!macopts)
macopts = sk_OPENSSL_STRING_new_null();
if (!macopts || !sk_OPENSSL_STRING_push(macopts, *(++argv)))
break;
}
else if ((m=EVP_get_digestbyname(&((*argv)[1]))) != NULL)
md=m;
} else if ((m = EVP_get_digestbyname(&((*argv)[1]))) != NULL)
md = m;
else
break;
argc--;
argv++;
}
if(do_verify && !sigfile) {
BIO_printf(bio_err, "No signature to verify: use the -signature option\n");
if (do_verify && !sigfile) {
BIO_printf(bio_err,
"No signature to verify: use the -signature option\n");
goto end;
}
if ((argc > 0) && (argv[0][0] == '-')) /* bad option */
{
BIO_printf(bio_err,"unknown option '%s'\n",*argv);
BIO_printf(bio_err,"options are\n");
BIO_printf(bio_err,"-c to output the digest with separating colons\n");
BIO_printf(bio_err,"-r to output the digest in coreutils format\n");
BIO_printf(bio_err,"-d to output debug info\n");
BIO_printf(bio_err,"-hex output as hex dump\n");
BIO_printf(bio_err,"-binary output in binary form\n");
BIO_printf(bio_err,"-hmac arg set the HMAC key to arg\n");
BIO_printf(bio_err,"-non-fips-allow allow use of non FIPS digest\n");
BIO_printf(bio_err,"-sign file sign digest using private key in file\n");
BIO_printf(bio_err,"-verify file verify a signature using public key in file\n");
BIO_printf(bio_err,"-prverify file verify a signature using private key in file\n");
BIO_printf(bio_err,"-keyform arg key file format (PEM or ENGINE)\n");
BIO_printf(bio_err,"-out filename output to filename rather than stdout\n");
BIO_printf(bio_err,"-signature file signature to verify\n");
BIO_printf(bio_err,"-sigopt nm:v signature parameter\n");
BIO_printf(bio_err,"-hmac key create hashed MAC with key\n");
BIO_printf(bio_err,"-mac algorithm create MAC (not neccessarily HMAC)\n");
BIO_printf(bio_err,"-macopt nm:v MAC algorithm parameters or key\n");
if ((argc > 0) && (argv[0][0] == '-')) { /* bad option */
BIO_printf(bio_err, "unknown option '%s'\n", *argv);
BIO_printf(bio_err, "options are\n");
BIO_printf(bio_err,
"-c to output the digest with separating colons\n");
BIO_printf(bio_err,
"-r to output the digest in coreutils format\n");
BIO_printf(bio_err, "-d to output debug info\n");
BIO_printf(bio_err, "-hex output as hex dump\n");
BIO_printf(bio_err, "-binary output in binary form\n");
BIO_printf(bio_err, "-hmac arg set the HMAC key to arg\n");
BIO_printf(bio_err, "-non-fips-allow allow use of non FIPS digest\n");
BIO_printf(bio_err,
"-sign file sign digest using private key in file\n");
BIO_printf(bio_err,
"-verify file verify a signature using public key in file\n");
BIO_printf(bio_err,
"-prverify file verify a signature using private key in file\n");
BIO_printf(bio_err,
"-keyform arg key file format (PEM or ENGINE)\n");
BIO_printf(bio_err,
"-out filename output to filename rather than stdout\n");
BIO_printf(bio_err, "-signature file signature to verify\n");
BIO_printf(bio_err, "-sigopt nm:v signature parameter\n");
BIO_printf(bio_err, "-hmac key create hashed MAC with key\n");
BIO_printf(bio_err,
"-mac algorithm create MAC (not neccessarily HMAC)\n");
BIO_printf(bio_err,
"-macopt nm:v MAC algorithm parameters or key\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err,"-engine e use engine e, possibly a hardware device.\n");
BIO_printf(bio_err,
"-engine e use engine e, possibly a hardware device.\n");
#endif
EVP_MD_do_all_sorted(list_md_fn, bio_err);
goto end;
}
#ifndef OPENSSL_NO_ENGINE
if (engine_impl)
impl = e;
#endif
in=BIO_new(BIO_s_file());
bmd=BIO_new(BIO_f_md());
if (debug)
{
BIO_set_callback(in,BIO_debug_callback);
in = BIO_new(BIO_s_file());
bmd = BIO_new(BIO_f_md());
if (debug) {
BIO_set_callback(in, BIO_debug_callback);
/* needed for windows 3.1 */
BIO_set_callback_arg(in,(char *)bio_err);
BIO_set_callback_arg(in, (char *)bio_err);
}
if(!app_passwd(bio_err, passargin, NULL, &passin, NULL))
{
if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
BIO_printf(bio_err, "Error getting password\n");
goto end;
}
if ((in == NULL) || (bmd == NULL))
{
if ((in == NULL) || (bmd == NULL)) {
ERR_print_errors(bio_err);
goto end;
}
if(out_bin == -1) {
if(keyfile)
if (out_bin == -1) {
if (keyfile)
out_bin = 1;
else
out_bin = 0;
}
if(randfile)
if (randfile)
app_RAND_load_file(randfile, bio_err, 0);
if(outfile) {
if(out_bin)
if (outfile) {
if (out_bin)
out = BIO_new_file(outfile, "wb");
else out = BIO_new_file(outfile, "w");
else
out = BIO_new_file(outfile, "w");
} else {
out = BIO_new_fp(stdout, BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
@ -346,58 +334,50 @@ int MAIN(int argc, char **argv)
#endif
}
if(!out) {
if (!out) {
BIO_printf(bio_err, "Error opening output file %s\n",
outfile ? outfile : "(stdout)");
ERR_print_errors(bio_err);
goto end;
}
if ((!!mac_name + !!keyfile + !!hmac_key) > 1)
{
if ((! !mac_name + ! !keyfile + ! !hmac_key) > 1) {
BIO_printf(bio_err, "MAC and Signing key cannot both be specified\n");
goto end;
}
if(keyfile)
{
if (keyfile) {
if (want_pub)
sigkey = load_pubkey(bio_err, keyfile, keyform, 0, NULL,
e, "key file");
else
sigkey = load_key(bio_err, keyfile, keyform, 0, passin,
e, "key file");
if (!sigkey)
{
/* load_[pub]key() has already printed an appropriate
message */
if (!sigkey) {
/*
* load_[pub]key() has already printed an appropriate message
*/
goto end;
}
}
if (mac_name)
{
if (mac_name) {
EVP_PKEY_CTX *mac_ctx = NULL;
int r = 0;
if (!init_gen_str(bio_err, &mac_ctx, mac_name, impl, 0))
goto mac_end;
if (macopts)
{
if (macopts) {
char *macopt;
for (i = 0; i < sk_OPENSSL_STRING_num(macopts); i++)
{
for (i = 0; i < sk_OPENSSL_STRING_num(macopts); i++) {
macopt = sk_OPENSSL_STRING_value(macopts, i);
if (pkey_ctrl_string(mac_ctx, macopt) <= 0)
{
if (pkey_ctrl_string(mac_ctx, macopt) <= 0) {
BIO_printf(bio_err,
"MAC parameter error \"%s\"\n",
macopt);
"MAC parameter error \"%s\"\n", macopt);
ERR_print_errors(bio_err);
goto mac_end;
}
}
}
if (EVP_PKEY_keygen(mac_ctx, &sigkey) <= 0)
{
if (EVP_PKEY_keygen(mac_ctx, &sigkey) <= 0) {
BIO_puts(bio_err, "Error generating key\n");
ERR_print_errors(bio_err);
goto mac_end;
@ -410,28 +390,24 @@ int MAIN(int argc, char **argv)
goto end;
}
if (non_fips_allow)
{
if (non_fips_allow) {
EVP_MD_CTX *md_ctx;
BIO_get_md_ctx(bmd,&md_ctx);
BIO_get_md_ctx(bmd, &md_ctx);
EVP_MD_CTX_set_flags(md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
}
if (hmac_key)
{
if (hmac_key) {
sigkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, impl,
(unsigned char *)hmac_key, -1);
if (!sigkey)
goto end;
}
if (sigkey)
{
if (sigkey) {
EVP_MD_CTX *mctx = NULL;
EVP_PKEY_CTX *pctx = NULL;
int r;
if (!BIO_get_md_ctx(bmd, &mctx))
{
if (!BIO_get_md_ctx(bmd, &mctx)) {
BIO_printf(bio_err, "Error getting context\n");
ERR_print_errors(bio_err);
goto end;
@ -440,23 +416,17 @@ int MAIN(int argc, char **argv)
r = EVP_DigestVerifyInit(mctx, &pctx, md, impl, sigkey);
else
r = EVP_DigestSignInit(mctx, &pctx, md, impl, sigkey);
if (!r)
{
if (!r) {
BIO_printf(bio_err, "Error setting context\n");
ERR_print_errors(bio_err);
goto end;
}
if (sigopts)
{
if (sigopts) {
char *sigopt;
for (i = 0; i < sk_OPENSSL_STRING_num(sigopts); i++)
{
for (i = 0; i < sk_OPENSSL_STRING_num(sigopts); i++) {
sigopt = sk_OPENSSL_STRING_value(sigopts, i);
if (pkey_ctrl_string(pctx, sigopt) <= 0)
{
BIO_printf(bio_err,
"parameter error \"%s\"\n",
sigopt);
if (pkey_ctrl_string(pctx, sigopt) <= 0) {
BIO_printf(bio_err, "parameter error \"%s\"\n", sigopt);
ERR_print_errors(bio_err);
goto end;
}
@ -464,67 +434,56 @@ int MAIN(int argc, char **argv)
}
}
/* we use md as a filter, reading from 'in' */
else
{
else {
EVP_MD_CTX *mctx = NULL;
if (!BIO_get_md_ctx(bmd, &mctx))
{
if (!BIO_get_md_ctx(bmd, &mctx)) {
BIO_printf(bio_err, "Error getting context\n");
ERR_print_errors(bio_err);
goto end;
}
if (md == NULL)
md = EVP_md5();
if (!EVP_DigestInit_ex(mctx, md, impl))
{
if (!EVP_DigestInit_ex(mctx, md, impl)) {
BIO_printf(bio_err, "Error setting digest %s\n", pname);
ERR_print_errors(bio_err);
goto end;
}
}
if(sigfile && sigkey) {
if (sigfile && sigkey) {
BIO *sigbio;
sigbio = BIO_new_file(sigfile, "rb");
siglen = EVP_PKEY_size(sigkey);
sigbuf = OPENSSL_malloc(siglen);
if(!sigbio) {
BIO_printf(bio_err, "Error opening signature file %s\n",
sigfile);
if (!sigbio) {
BIO_printf(bio_err, "Error opening signature file %s\n", sigfile);
ERR_print_errors(bio_err);
goto end;
}
siglen = BIO_read(sigbio, sigbuf, siglen);
BIO_free(sigbio);
if(siglen <= 0) {
BIO_printf(bio_err, "Error reading signature file %s\n",
sigfile);
if (siglen <= 0) {
BIO_printf(bio_err, "Error reading signature file %s\n", sigfile);
ERR_print_errors(bio_err);
goto end;
}
}
inp=BIO_push(bmd,in);
inp = BIO_push(bmd, in);
if (md == NULL)
{
if (md == NULL) {
EVP_MD_CTX *tctx;
BIO_get_md_ctx(bmd, &tctx);
md = EVP_MD_CTX_md(tctx);
}
if (argc == 0)
{
BIO_set_fp(in,stdin,BIO_NOCLOSE);
err=do_fp(out, buf,inp,separator, out_bin, sigkey, sigbuf,
siglen,NULL,NULL,"stdin",bmd);
}
else
{
if (argc == 0) {
BIO_set_fp(in, stdin, BIO_NOCLOSE);
err = do_fp(out, buf, inp, separator, out_bin, sigkey, sigbuf,
siglen, NULL, NULL, "stdin", bmd);
} else {
const char *md_name = NULL, *sig_name = NULL;
if(!out_bin)
{
if (sigkey)
{
if (!out_bin) {
if (sigkey) {
const EVP_PKEY_ASN1_METHOD *ameth;
ameth = EVP_PKEY_get0_asn1(sigkey);
if (ameth)
@ -535,30 +494,27 @@ int MAIN(int argc, char **argv)
md_name = EVP_MD_name(md);
}
err = 0;
for (i=0; i<argc; i++)
{
for (i = 0; i < argc; i++) {
int r;
if (BIO_read_filename(in,argv[i]) <= 0)
{
if (BIO_read_filename(in, argv[i]) <= 0) {
perror(argv[i]);
err++;
continue;
}
else
r=do_fp(out,buf,inp,separator,out_bin,sigkey,sigbuf,
siglen,sig_name,md_name, argv[i],bmd);
if(r)
err=r;
} else
r = do_fp(out, buf, inp, separator, out_bin, sigkey, sigbuf,
siglen, sig_name, md_name, argv[i], bmd);
if (r)
err = r;
(void)BIO_reset(bmd);
}
}
end:
if (buf != NULL)
{
OPENSSL_cleanse(buf,BUFSIZE);
end:
if (buf != NULL) {
OPENSSL_cleanse(buf, BUFSIZE);
OPENSSL_free(buf);
}
if (in != NULL) BIO_free(in);
if (in != NULL)
BIO_free(in);
if (passin)
OPENSSL_free(passin);
BIO_free_all(out);
@ -567,101 +523,87 @@ end:
sk_OPENSSL_STRING_free(sigopts);
if (macopts)
sk_OPENSSL_STRING_free(macopts);
if(sigbuf) OPENSSL_free(sigbuf);
if (bmd != NULL) BIO_free(bmd);
if (sigbuf)
OPENSSL_free(sigbuf);
if (bmd != NULL)
BIO_free(bmd);
apps_shutdown();
OPENSSL_EXIT(err);
}
}
int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
EVP_PKEY *key, unsigned char *sigin, int siglen,
const char *sig_name, const char *md_name,
const char *file,BIO *bmd)
{
const char *file, BIO *bmd)
{
size_t len;
int i;
for (;;)
{
i=BIO_read(bp,(char *)buf,BUFSIZE);
if(i < 0)
{
BIO_printf(bio_err, "Read Error in %s\n",file);
for (;;) {
i = BIO_read(bp, (char *)buf, BUFSIZE);
if (i < 0) {
BIO_printf(bio_err, "Read Error in %s\n", file);
ERR_print_errors(bio_err);
return 1;
}
if (i == 0) break;
if (i == 0)
break;
}
if(sigin)
{
if (sigin) {
EVP_MD_CTX *ctx;
BIO_get_md_ctx(bp, &ctx);
i = EVP_DigestVerifyFinal(ctx, sigin, (unsigned int)siglen);
if(i > 0)
if (i > 0)
BIO_printf(out, "Verified OK\n");
else if(i == 0)
{
else if (i == 0) {
BIO_printf(out, "Verification Failure\n");
return 1;
}
else
{
} else {
BIO_printf(bio_err, "Error Verifying Data\n");
ERR_print_errors(bio_err);
return 1;
}
return 0;
}
if(key)
{
if (key) {
EVP_MD_CTX *ctx;
BIO_get_md_ctx(bp, &ctx);
len = BUFSIZE;
if(!EVP_DigestSignFinal(ctx, buf, &len))
{
if (!EVP_DigestSignFinal(ctx, buf, &len)) {
BIO_printf(bio_err, "Error Signing Data\n");
ERR_print_errors(bio_err);
return 1;
}
}
else
{
len=BIO_gets(bp,(char *)buf,BUFSIZE);
if ((int)len <0)
{
} else {
len = BIO_gets(bp, (char *)buf, BUFSIZE);
if ((int)len < 0) {
ERR_print_errors(bio_err);
return 1;
}
}
if(binout) BIO_write(out, buf, len);
else if (sep == 2)
{
for (i=0; i<(int)len; i++)
BIO_printf(out, "%02x",buf[i]);
if (binout)
BIO_write(out, buf, len);
else if (sep == 2) {
for (i = 0; i < (int)len; i++)
BIO_printf(out, "%02x", buf[i]);
BIO_printf(out, " *%s\n", file);
}
else
{
if (sig_name)
{
} else {
if (sig_name) {
BIO_puts(out, sig_name);
if (md_name)
BIO_printf(out, "-%s", md_name);
BIO_printf(out, "(%s)= ", file);
}
else if (md_name)
} else if (md_name)
BIO_printf(out, "%s(%s)= ", md_name, file);
else
BIO_printf(out, "(%s)= ", file);
for (i=0; i<(int)len; i++)
{
for (i = 0; i < (int)len; i++) {
if (sep && (i != 0))
BIO_printf(out, ":");
BIO_printf(out, "%02x",buf[i]);
BIO_printf(out, "%02x", buf[i]);
}
BIO_printf(out, "\n");
}
return 0;
}
}

317
apps/dh.c
View File

@ -59,20 +59,20 @@
#include <openssl/opensslconf.h> /* for OPENSSL_NO_DH */
#ifndef OPENSSL_NO_DH
#include <stdio.h>
#include <stdlib.h>
#include <time.h>
#include <string.h>
#include "apps.h"
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/bn.h>
#include <openssl/dh.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
# include <stdio.h>
# include <stdlib.h>
# include <time.h>
# include <string.h>
# include "apps.h"
# include <openssl/bio.h>
# include <openssl/err.h>
# include <openssl/bn.h>
# include <openssl/dh.h>
# include <openssl/x509.h>
# include <openssl/pem.h>
#undef PROG
#define PROG dh_main
# undef PROG
# define PROG dh_main
/*-
* -inform arg - input format - default PEM (DER or PEM)
@ -88,181 +88,164 @@
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
DH *dh=NULL;
int i,badops=0,text=0;
BIO *in=NULL,*out=NULL;
int informat,outformat,check=0,noout=0,C=0,ret=1;
char *infile,*outfile,*prog;
#ifndef OPENSSL_NO_ENGINE
{
DH *dh = NULL;
int i, badops = 0, text = 0;
BIO *in = NULL, *out = NULL;
int informat, outformat, check = 0, noout = 0, C = 0, ret = 1;
char *infile, *outfile, *prog;
# ifndef OPENSSL_NO_ENGINE
char *engine;
#endif
# endif
apps_startup();
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
if (!load_config(bio_err, NULL))
goto end;
#ifndef OPENSSL_NO_ENGINE
engine=NULL;
#endif
infile=NULL;
outfile=NULL;
informat=FORMAT_PEM;
outformat=FORMAT_PEM;
# ifndef OPENSSL_NO_ENGINE
engine = NULL;
# endif
infile = NULL;
outfile = NULL;
informat = FORMAT_PEM;
outformat = FORMAT_PEM;
prog=argv[0];
prog = argv[0];
argc--;
argv++;
while (argc >= 1)
{
if (strcmp(*argv,"-inform") == 0)
{
if (--argc < 1) goto bad;
informat=str2fmt(*(++argv));
while (argc >= 1) {
if (strcmp(*argv, "-inform") == 0) {
if (--argc < 1)
goto bad;
informat = str2fmt(*(++argv));
} else if (strcmp(*argv, "-outform") == 0) {
if (--argc < 1)
goto bad;
outformat = str2fmt(*(++argv));
} else if (strcmp(*argv, "-in") == 0) {
if (--argc < 1)
goto bad;
infile = *(++argv);
} else if (strcmp(*argv, "-out") == 0) {
if (--argc < 1)
goto bad;
outfile = *(++argv);
}
else if (strcmp(*argv,"-outform") == 0)
{
if (--argc < 1) goto bad;
outformat=str2fmt(*(++argv));
# ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv, "-engine") == 0) {
if (--argc < 1)
goto bad;
engine = *(++argv);
}
else if (strcmp(*argv,"-in") == 0)
{
if (--argc < 1) goto bad;
infile= *(++argv);
}
else if (strcmp(*argv,"-out") == 0)
{
if (--argc < 1) goto bad;
outfile= *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-check") == 0)
check=1;
else if (strcmp(*argv,"-text") == 0)
text=1;
else if (strcmp(*argv,"-C") == 0)
C=1;
else if (strcmp(*argv,"-noout") == 0)
noout=1;
else
{
BIO_printf(bio_err,"unknown option %s\n",*argv);
badops=1;
# endif
else if (strcmp(*argv, "-check") == 0)
check = 1;
else if (strcmp(*argv, "-text") == 0)
text = 1;
else if (strcmp(*argv, "-C") == 0)
C = 1;
else if (strcmp(*argv, "-noout") == 0)
noout = 1;
else {
BIO_printf(bio_err, "unknown option %s\n", *argv);
badops = 1;
break;
}
argc--;
argv++;
}
if (badops)
{
bad:
BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
BIO_printf(bio_err,"where options are\n");
BIO_printf(bio_err," -inform arg input format - one of DER PEM\n");
BIO_printf(bio_err," -outform arg output format - one of DER PEM\n");
BIO_printf(bio_err," -in arg input file\n");
BIO_printf(bio_err," -out arg output file\n");
BIO_printf(bio_err," -check check the DH parameters\n");
BIO_printf(bio_err," -text print a text form of the DH parameters\n");
BIO_printf(bio_err," -C Output C code\n");
BIO_printf(bio_err," -noout no output\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
#endif
if (badops) {
bad:
BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
BIO_printf(bio_err, "where options are\n");
BIO_printf(bio_err, " -inform arg input format - one of DER PEM\n");
BIO_printf(bio_err,
" -outform arg output format - one of DER PEM\n");
BIO_printf(bio_err, " -in arg input file\n");
BIO_printf(bio_err, " -out arg output file\n");
BIO_printf(bio_err, " -check check the DH parameters\n");
BIO_printf(bio_err,
" -text print a text form of the DH parameters\n");
BIO_printf(bio_err, " -C Output C code\n");
BIO_printf(bio_err, " -noout no output\n");
# ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err,
" -engine e use engine e, possibly a hardware device.\n");
# endif
goto end;
}
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
# ifndef OPENSSL_NO_ENGINE
setup_engine(bio_err, engine, 0);
#endif
# endif
in=BIO_new(BIO_s_file());
out=BIO_new(BIO_s_file());
if ((in == NULL) || (out == NULL))
{
in = BIO_new(BIO_s_file());
out = BIO_new(BIO_s_file());
if ((in == NULL) || (out == NULL)) {
ERR_print_errors(bio_err);
goto end;
}
if (infile == NULL)
BIO_set_fp(in,stdin,BIO_NOCLOSE);
else
{
if (BIO_read_filename(in,infile) <= 0)
{
BIO_set_fp(in, stdin, BIO_NOCLOSE);
else {
if (BIO_read_filename(in, infile) <= 0) {
perror(infile);
goto end;
}
}
if (outfile == NULL)
{
BIO_set_fp(out,stdout,BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
if (outfile == NULL) {
BIO_set_fp(out, stdout, BIO_NOCLOSE);
# ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
out = BIO_push(tmpbio, out);
}
#endif
}
else
{
if (BIO_write_filename(out,outfile) <= 0)
{
# endif
} else {
if (BIO_write_filename(out, outfile) <= 0) {
perror(outfile);
goto end;
}
}
if (informat == FORMAT_ASN1)
dh=d2i_DHparams_bio(in,NULL);
dh = d2i_DHparams_bio(in, NULL);
else if (informat == FORMAT_PEM)
dh=PEM_read_bio_DHparams(in,NULL,NULL,NULL);
else
{
BIO_printf(bio_err,"bad input format specified\n");
dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL);
else {
BIO_printf(bio_err, "bad input format specified\n");
goto end;
}
if (dh == NULL)
{
BIO_printf(bio_err,"unable to load DH parameters\n");
if (dh == NULL) {
BIO_printf(bio_err, "unable to load DH parameters\n");
ERR_print_errors(bio_err);
goto end;
}
if (text)
{
DHparams_print(out,dh);
#ifdef undef
if (text) {
DHparams_print(out, dh);
# ifdef undef
printf("p=");
BN_print(stdout,dh->p);
BN_print(stdout, dh->p);
printf("\ng=");
BN_print(stdout,dh->g);
BN_print(stdout, dh->g);
printf("\n");
if (dh->length != 0)
printf("recommended private length=%ld\n",dh->length);
#endif
printf("recommended private length=%ld\n", dh->length);
# endif
}
if (check)
{
if (!DH_check(dh,&i))
{
if (check) {
if (!DH_check(dh, &i)) {
ERR_print_errors(bio_err);
goto end;
}
@ -277,80 +260,78 @@ bad:
if (i == 0)
printf("DH parameters appear to be ok.\n");
}
if (C)
{
if (C) {
unsigned char *data;
int len,l,bits;
int len, l, bits;
len=BN_num_bytes(dh->p);
bits=BN_num_bits(dh->p);
data=(unsigned char *)OPENSSL_malloc(len);
if (data == NULL)
{
len = BN_num_bytes(dh->p);
bits = BN_num_bits(dh->p);
data = (unsigned char *)OPENSSL_malloc(len);
if (data == NULL) {
perror("OPENSSL_malloc");
goto end;
}
l=BN_bn2bin(dh->p,data);
printf("static unsigned char dh%d_p[]={",bits);
for (i=0; i<l; i++)
{
if ((i%12) == 0) printf("\n\t");
printf("0x%02X,",data[i]);
l = BN_bn2bin(dh->p, data);
printf("static unsigned char dh%d_p[]={", bits);
for (i = 0; i < l; i++) {
if ((i % 12) == 0)
printf("\n\t");
printf("0x%02X,", data[i]);
}
printf("\n\t};\n");
l=BN_bn2bin(dh->g,data);
printf("static unsigned char dh%d_g[]={",bits);
for (i=0; i<l; i++)
{
if ((i%12) == 0) printf("\n\t");
printf("0x%02X,",data[i]);
l = BN_bn2bin(dh->g, data);
printf("static unsigned char dh%d_g[]={", bits);
for (i = 0; i < l; i++) {
if ((i % 12) == 0)
printf("\n\t");
printf("0x%02X,", data[i]);
}
printf("\n\t};\n\n");
printf("DH *get_dh%d()\n\t{\n",bits);
printf("DH *get_dh%d()\n\t{\n", bits);
printf("\tDH *dh;\n\n");
printf("\tif ((dh=DH_new()) == NULL) return(NULL);\n");
printf("\tdh->p=BN_bin2bn(dh%d_p,sizeof(dh%d_p),NULL);\n",
bits,bits);
bits, bits);
printf("\tdh->g=BN_bin2bn(dh%d_g,sizeof(dh%d_g),NULL);\n",
bits,bits);
bits, bits);
printf("\tif ((dh->p == NULL) || (dh->g == NULL))\n");
printf("\t\treturn(NULL);\n");
printf("\treturn(dh);\n\t}\n");
OPENSSL_free(data);
}
if (!noout)
{
if (!noout) {
if (outformat == FORMAT_ASN1)
i=i2d_DHparams_bio(out,dh);
i = i2d_DHparams_bio(out, dh);
else if (outformat == FORMAT_PEM)
i=PEM_write_bio_DHparams(out,dh);
i = PEM_write_bio_DHparams(out, dh);
else {
BIO_printf(bio_err,"bad output format specified for outfile\n");
BIO_printf(bio_err, "bad output format specified for outfile\n");
goto end;
}
if (!i)
{
BIO_printf(bio_err,"unable to write DH parameters\n");
if (!i) {
BIO_printf(bio_err, "unable to write DH parameters\n");
ERR_print_errors(bio_err);
goto end;
}
}
ret=0;
end:
if (in != NULL) BIO_free(in);
if (out != NULL) BIO_free_all(out);
if (dh != NULL) DH_free(dh);
ret = 0;
end:
if (in != NULL)
BIO_free(in);
if (out != NULL)
BIO_free_all(out);
if (dh != NULL)
DH_free(dh);
apps_shutdown();
OPENSSL_EXIT(ret);
}
}
#else /* !OPENSSL_NO_DH */
# if PEDANTIC
static void *dummy=&dummy;
static void *dummy = &dummy;
# endif
#endif

485
apps/dhparam.c
View File

@ -111,26 +111,26 @@
#include <openssl/opensslconf.h> /* for OPENSSL_NO_DH */
#ifndef OPENSSL_NO_DH
#include <stdio.h>
#include <stdlib.h>
#include <time.h>
#include <string.h>
#include "apps.h"
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/bn.h>
#include <openssl/dh.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
# include <stdio.h>
# include <stdlib.h>
# include <time.h>
# include <string.h>
# include "apps.h"
# include <openssl/bio.h>
# include <openssl/err.h>
# include <openssl/bn.h>
# include <openssl/dh.h>
# include <openssl/x509.h>
# include <openssl/pem.h>
#ifndef OPENSSL_NO_DSA
#include <openssl/dsa.h>
#endif
# ifndef OPENSSL_NO_DSA
# include <openssl/dsa.h>
# endif
#undef PROG
#define PROG dhparam_main
# undef PROG
# define PROG dhparam_main
#define DEFBITS 2048
# define DEFBITS 2048
/*-
* -inform arg - input format - default PEM (DER or PEM)
@ -149,190 +149,191 @@ static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb);
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
DH *dh=NULL;
int i,badops=0,text=0;
#ifndef OPENSSL_NO_DSA
int dsaparam=0;
#endif
BIO *in=NULL,*out=NULL;
int informat,outformat,check=0,noout=0,C=0,ret=1;
char *infile,*outfile,*prog;
char *inrand=NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
{
DH *dh = NULL;
int i, badops = 0, text = 0;
# ifndef OPENSSL_NO_DSA
int dsaparam = 0;
# endif
BIO *in = NULL, *out = NULL;
int informat, outformat, check = 0, noout = 0, C = 0, ret = 1;
char *infile, *outfile, *prog;
char *inrand = NULL;
# ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
# endif
int num = 0, g = 0;
apps_startup();
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
if (!load_config(bio_err, NULL))
goto end;
infile=NULL;
outfile=NULL;
informat=FORMAT_PEM;
outformat=FORMAT_PEM;
infile = NULL;
outfile = NULL;
informat = FORMAT_PEM;
outformat = FORMAT_PEM;
prog=argv[0];
prog = argv[0];
argc--;
argv++;
while (argc >= 1)
{
if (strcmp(*argv,"-inform") == 0)
{
if (--argc < 1) goto bad;
informat=str2fmt(*(++argv));
while (argc >= 1) {
if (strcmp(*argv, "-inform") == 0) {
if (--argc < 1)
goto bad;
informat = str2fmt(*(++argv));
} else if (strcmp(*argv, "-outform") == 0) {
if (--argc < 1)
goto bad;
outformat = str2fmt(*(++argv));
} else if (strcmp(*argv, "-in") == 0) {
if (--argc < 1)
goto bad;
infile = *(++argv);
} else if (strcmp(*argv, "-out") == 0) {
if (--argc < 1)
goto bad;
outfile = *(++argv);
}
else if (strcmp(*argv,"-outform") == 0)
{
if (--argc < 1) goto bad;
outformat=str2fmt(*(++argv));
# ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv, "-engine") == 0) {
if (--argc < 1)
goto bad;
engine = *(++argv);
}
else if (strcmp(*argv,"-in") == 0)
{
if (--argc < 1) goto bad;
infile= *(++argv);
}
else if (strcmp(*argv,"-out") == 0)
{
if (--argc < 1) goto bad;
outfile= *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-check") == 0)
check=1;
else if (strcmp(*argv,"-text") == 0)
text=1;
#ifndef OPENSSL_NO_DSA
else if (strcmp(*argv,"-dsaparam") == 0)
dsaparam=1;
#endif
else if (strcmp(*argv,"-C") == 0)
C=1;
else if (strcmp(*argv,"-noout") == 0)
noout=1;
else if (strcmp(*argv,"-2") == 0)
g=2;
else if (strcmp(*argv,"-5") == 0)
g=5;
else if (strcmp(*argv,"-rand") == 0)
{
if (--argc < 1) goto bad;
inrand= *(++argv);
}
else if (((sscanf(*argv,"%d",&num) == 0) || (num <= 0)))
# endif
else if (strcmp(*argv, "-check") == 0)
check = 1;
else if (strcmp(*argv, "-text") == 0)
text = 1;
# ifndef OPENSSL_NO_DSA
else if (strcmp(*argv, "-dsaparam") == 0)
dsaparam = 1;
# endif
else if (strcmp(*argv, "-C") == 0)
C = 1;
else if (strcmp(*argv, "-noout") == 0)
noout = 1;
else if (strcmp(*argv, "-2") == 0)
g = 2;
else if (strcmp(*argv, "-5") == 0)
g = 5;
else if (strcmp(*argv, "-rand") == 0) {
if (--argc < 1)
goto bad;
inrand = *(++argv);
} else if (((sscanf(*argv, "%d", &num) == 0) || (num <= 0)))
goto bad;
argv++;
argc--;
}
if (badops)
{
bad:
BIO_printf(bio_err,"%s [options] [numbits]\n",prog);
BIO_printf(bio_err,"where options are\n");
BIO_printf(bio_err," -inform arg input format - one of DER PEM\n");
BIO_printf(bio_err," -outform arg output format - one of DER PEM\n");
BIO_printf(bio_err," -in arg input file\n");
BIO_printf(bio_err," -out arg output file\n");
#ifndef OPENSSL_NO_DSA
BIO_printf(bio_err," -dsaparam read or generate DSA parameters, convert to DH\n");
#endif
BIO_printf(bio_err," -check check the DH parameters\n");
BIO_printf(bio_err," -text print a text form of the DH parameters\n");
BIO_printf(bio_err," -C Output C code\n");
BIO_printf(bio_err," -2 generate parameters using 2 as the generator value\n");
BIO_printf(bio_err," -5 generate parameters using 5 as the generator value\n");
BIO_printf(bio_err," numbits number of bits in to generate (default 2048)\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
#endif
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
BIO_printf(bio_err," -noout no output\n");
if (badops) {
bad:
BIO_printf(bio_err, "%s [options] [numbits]\n", prog);
BIO_printf(bio_err, "where options are\n");
BIO_printf(bio_err, " -inform arg input format - one of DER PEM\n");
BIO_printf(bio_err,
" -outform arg output format - one of DER PEM\n");
BIO_printf(bio_err, " -in arg input file\n");
BIO_printf(bio_err, " -out arg output file\n");
# ifndef OPENSSL_NO_DSA
BIO_printf(bio_err,
" -dsaparam read or generate DSA parameters, convert to DH\n");
# endif
BIO_printf(bio_err, " -check check the DH parameters\n");
BIO_printf(bio_err,
" -text print a text form of the DH parameters\n");
BIO_printf(bio_err, " -C Output C code\n");
BIO_printf(bio_err,
" -2 generate parameters using 2 as the generator value\n");
BIO_printf(bio_err,
" -5 generate parameters using 5 as the generator value\n");
BIO_printf(bio_err,
" numbits number of bits in to generate (default 2048)\n");
# ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err,
" -engine e use engine e, possibly a hardware device.\n");
# endif
BIO_printf(bio_err, " -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR,
LIST_SEPARATOR_CHAR);
BIO_printf(bio_err,
" - load the file (or the files in the directory) into\n");
BIO_printf(bio_err, " the random number generator\n");
BIO_printf(bio_err, " -noout no output\n");
goto end;
}
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
# ifndef OPENSSL_NO_ENGINE
setup_engine(bio_err, engine, 0);
#endif
# endif
if (g && !num)
num = DEFBITS;
#ifndef OPENSSL_NO_DSA
if (dsaparam)
{
if (g)
{
BIO_printf(bio_err, "generator may not be chosen for DSA parameters\n");
# ifndef OPENSSL_NO_DSA
if (dsaparam) {
if (g) {
BIO_printf(bio_err,
"generator may not be chosen for DSA parameters\n");
goto end;
}
}
else
#endif
} else
# endif
{
/* DH parameters */
if (num && !g)
g = 2;
}
if(num) {
if (num) {
BN_GENCB cb;
BN_GENCB_set(&cb, dh_cb, bio_err);
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
{
BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL) {
BIO_printf(bio_err,
"warning, not much extra random data, consider using the -rand option\n");
}
if (inrand != NULL)
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
app_RAND_load_files(inrand));
#ifndef OPENSSL_NO_DSA
if (dsaparam)
{
# ifndef OPENSSL_NO_DSA
if (dsaparam) {
DSA *dsa = DSA_new();
BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num);
if(!dsa || !DSA_generate_parameters_ex(dsa, num,
NULL, 0, NULL, NULL, &cb))
{
if(dsa) DSA_free(dsa);
BIO_printf(bio_err,
"Generating DSA parameters, %d bit long prime\n", num);
if (!dsa
|| !DSA_generate_parameters_ex(dsa, num, NULL, 0, NULL, NULL,
&cb)) {
if (dsa)
DSA_free(dsa);
ERR_print_errors(bio_err);
goto end;
}
dh = DSA_dup_DH(dsa);
DSA_free(dsa);
if (dh == NULL)
{
if (dh == NULL) {
ERR_print_errors(bio_err);
goto end;
}
}
else
#endif
} else
# endif
{
dh = DH_new();
BIO_printf(bio_err,"Generating DH parameters, %d bit long safe prime, generator %d\n",num,g);
BIO_printf(bio_err,"This is going to take a long time\n");
if(!dh || !DH_generate_parameters_ex(dh, num, g, &cb))
{
BIO_printf(bio_err,
"Generating DH parameters, %d bit long safe prime, generator %d\n",
num, g);
BIO_printf(bio_err, "This is going to take a long time\n");
if (!dh || !DH_generate_parameters_ex(dh, num, g, &cb)) {
ERR_print_errors(bio_err);
goto end;
}
@ -341,65 +342,55 @@ bad:
app_RAND_write_file(NULL, bio_err);
} else {
in=BIO_new(BIO_s_file());
if (in == NULL)
{
in = BIO_new(BIO_s_file());
if (in == NULL) {
ERR_print_errors(bio_err);
goto end;
}
if (infile == NULL)
BIO_set_fp(in,stdin,BIO_NOCLOSE);
else
{
if (BIO_read_filename(in,infile) <= 0)
{
BIO_set_fp(in, stdin, BIO_NOCLOSE);
else {
if (BIO_read_filename(in, infile) <= 0) {
perror(infile);
goto end;
}
}
if (informat != FORMAT_ASN1 && informat != FORMAT_PEM)
{
BIO_printf(bio_err,"bad input format specified\n");
if (informat != FORMAT_ASN1 && informat != FORMAT_PEM) {
BIO_printf(bio_err, "bad input format specified\n");
goto end;
}
#ifndef OPENSSL_NO_DSA
if (dsaparam)
{
# ifndef OPENSSL_NO_DSA
if (dsaparam) {
DSA *dsa;
if (informat == FORMAT_ASN1)
dsa=d2i_DSAparams_bio(in,NULL);
dsa = d2i_DSAparams_bio(in, NULL);
else /* informat == FORMAT_PEM */
dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL);
dsa = PEM_read_bio_DSAparams(in, NULL, NULL, NULL);
if (dsa == NULL)
{
BIO_printf(bio_err,"unable to load DSA parameters\n");
if (dsa == NULL) {
BIO_printf(bio_err, "unable to load DSA parameters\n");
ERR_print_errors(bio_err);
goto end;
}
dh = DSA_dup_DH(dsa);
DSA_free(dsa);
if (dh == NULL)
{
if (dh == NULL) {
ERR_print_errors(bio_err);
goto end;
}
}
else
#endif
} else
# endif
{
if (informat == FORMAT_ASN1)
dh=d2i_DHparams_bio(in,NULL);
dh = d2i_DHparams_bio(in, NULL);
else /* informat == FORMAT_PEM */
dh=PEM_read_bio_DHparams(in,NULL,NULL,NULL);
dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL);
if (dh == NULL)
{
BIO_printf(bio_err,"unable to load DH parameters\n");
if (dh == NULL) {
BIO_printf(bio_err, "unable to load DH parameters\n");
ERR_print_errors(bio_err);
goto end;
}
@ -408,41 +399,32 @@ bad:
/* dh != NULL */
}
out=BIO_new(BIO_s_file());
if (out == NULL)
{
out = BIO_new(BIO_s_file());
if (out == NULL) {
ERR_print_errors(bio_err);
goto end;
}
if (outfile == NULL)
{
BIO_set_fp(out,stdout,BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
if (outfile == NULL) {
BIO_set_fp(out, stdout, BIO_NOCLOSE);
# ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
out = BIO_push(tmpbio, out);
}
#endif
}
else
{
if (BIO_write_filename(out,outfile) <= 0)
{
# endif
} else {
if (BIO_write_filename(out, outfile) <= 0) {
perror(outfile);
goto end;
}
}
if (text)
{
DHparams_print(out,dh);
if (text) {
DHparams_print(out, dh);
}
if (check)
{
if (!DH_check(dh,&i))
{
if (check) {
if (!DH_check(dh, &i)) {
ERR_print_errors(bio_err);
goto end;
}
@ -457,48 +439,45 @@ bad:
if (i == 0)
printf("DH parameters appear to be ok.\n");
}
if (C)
{
if (C) {
unsigned char *data;
int len,l,bits;
int len, l, bits;
len=BN_num_bytes(dh->p);
bits=BN_num_bits(dh->p);
data=(unsigned char *)OPENSSL_malloc(len);
if (data == NULL)
{
len = BN_num_bytes(dh->p);
bits = BN_num_bits(dh->p);
data = (unsigned char *)OPENSSL_malloc(len);
if (data == NULL) {
perror("OPENSSL_malloc");
goto end;
}
printf("#ifndef HEADER_DH_H\n"
"#include <openssl/dh.h>\n"
"#endif\n");
printf("DH *get_dh%d()\n\t{\n",bits);
"#include <openssl/dh.h>\n" "#endif\n");
printf("DH *get_dh%d()\n\t{\n", bits);
l=BN_bn2bin(dh->p,data);
printf("\tstatic unsigned char dh%d_p[]={",bits);
for (i=0; i<l; i++)
{
if ((i%12) == 0) printf("\n\t\t");
printf("0x%02X,",data[i]);
l = BN_bn2bin(dh->p, data);
printf("\tstatic unsigned char dh%d_p[]={", bits);
for (i = 0; i < l; i++) {
if ((i % 12) == 0)
printf("\n\t\t");
printf("0x%02X,", data[i]);
}
printf("\n\t\t};\n");
l=BN_bn2bin(dh->g,data);
printf("\tstatic unsigned char dh%d_g[]={",bits);
for (i=0; i<l; i++)
{
if ((i%12) == 0) printf("\n\t\t");
printf("0x%02X,",data[i]);
l = BN_bn2bin(dh->g, data);
printf("\tstatic unsigned char dh%d_g[]={", bits);
for (i = 0; i < l; i++) {
if ((i % 12) == 0)
printf("\n\t\t");
printf("0x%02X,", data[i]);
}
printf("\n\t\t};\n");
printf("\tDH *dh;\n\n");
printf("\tif ((dh=DH_new()) == NULL) return(NULL);\n");
printf("\tdh->p=BN_bin2bn(dh%d_p,sizeof(dh%d_p),NULL);\n",
bits,bits);
bits, bits);
printf("\tdh->g=BN_bin2bn(dh%d_g,sizeof(dh%d_g),NULL);\n",
bits,bits);
bits, bits);
printf("\tif ((dh->p == NULL) || (dh->g == NULL))\n");
printf("\t\t{ DH_free(dh); return(NULL); }\n");
if (dh->length)
@ -507,59 +486,61 @@ bad:
OPENSSL_free(data);
}
if (!noout)
{
if (!noout) {
if (outformat == FORMAT_ASN1)
i=i2d_DHparams_bio(out,dh);
else if (outformat == FORMAT_PEM)
{
i = i2d_DHparams_bio(out, dh);
else if (outformat == FORMAT_PEM) {
if (dh->q)
i=PEM_write_bio_DHxparams(out,dh);
i = PEM_write_bio_DHxparams(out, dh);
else
i=PEM_write_bio_DHparams(out,dh);
}
else {
BIO_printf(bio_err,"bad output format specified for outfile\n");
i = PEM_write_bio_DHparams(out, dh);
} else {
BIO_printf(bio_err, "bad output format specified for outfile\n");
goto end;
}
if (!i)
{
BIO_printf(bio_err,"unable to write DH parameters\n");
if (!i) {
BIO_printf(bio_err, "unable to write DH parameters\n");
ERR_print_errors(bio_err);
goto end;
}
}
ret=0;
end:
if (in != NULL) BIO_free(in);
if (out != NULL) BIO_free_all(out);
if (dh != NULL) DH_free(dh);
ret = 0;
end:
if (in != NULL)
BIO_free(in);
if (out != NULL)
BIO_free_all(out);
if (dh != NULL)
DH_free(dh);
apps_shutdown();
OPENSSL_EXIT(ret);
}
}
/* dh_cb is identical to dsa_cb in apps/dsaparam.c */
static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb)
{
char c='*';
{
char c = '*';
if (p == 0) c='.';
if (p == 1) c='+';
if (p == 2) c='*';
if (p == 3) c='\n';
BIO_write(cb->arg,&c,1);
if (p == 0)
c = '.';
if (p == 1)
c = '+';
if (p == 2)
c = '*';
if (p == 3)
c = '\n';
BIO_write(cb->arg, &c, 1);
(void)BIO_flush(cb->arg);
#ifdef LINT
p=n;
#endif
# ifdef LINT
p = n;
# endif
return 1;
}
}
#else /* !OPENSSL_NO_DH */
# if PEDANTIC
static void *dummy=&dummy;
static void *dummy = &dummy;
# endif
#endif

367
apps/dsa.c
View File

@ -58,21 +58,21 @@
#include <openssl/opensslconf.h> /* for OPENSSL_NO_DSA */
#ifndef OPENSSL_NO_DSA
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>
#include "apps.h"
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/dsa.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/bn.h>
# include <stdio.h>
# include <stdlib.h>
# include <string.h>
# include <time.h>
# include "apps.h"
# include <openssl/bio.h>
# include <openssl/err.h>
# include <openssl/dsa.h>
# include <openssl/evp.h>
# include <openssl/x509.h>
# include <openssl/pem.h>
# include <openssl/bn.h>
#undef PROG
#define PROG dsa_main
# undef PROG
# define PROG dsa_main
/*-
* -inform arg - input format - default PEM (one of DER, NET or PEM)
@ -96,177 +96,175 @@
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
{
ENGINE *e = NULL;
int ret=1;
DSA *dsa=NULL;
int i,badops=0;
const EVP_CIPHER *enc=NULL;
BIO *in=NULL,*out=NULL;
int informat,outformat,text=0,noout=0;
int ret = 1;
DSA *dsa = NULL;
int i, badops = 0;
const EVP_CIPHER *enc = NULL;
BIO *in = NULL, *out = NULL;
int informat, outformat, text = 0, noout = 0;
int pubin = 0, pubout = 0;
char *infile,*outfile,*prog;
#ifndef OPENSSL_NO_ENGINE
char *infile, *outfile, *prog;
# ifndef OPENSSL_NO_ENGINE
char *engine;
#endif
# endif
char *passargin = NULL, *passargout = NULL;
char *passin = NULL, *passout = NULL;
int modulus=0;
int modulus = 0;
int pvk_encr = 2;
apps_startup();
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
if (!load_config(bio_err, NULL))
goto end;
#ifndef OPENSSL_NO_ENGINE
engine=NULL;
#endif
infile=NULL;
outfile=NULL;
informat=FORMAT_PEM;
outformat=FORMAT_PEM;
# ifndef OPENSSL_NO_ENGINE
engine = NULL;
# endif
infile = NULL;
outfile = NULL;
informat = FORMAT_PEM;
outformat = FORMAT_PEM;
prog=argv[0];
prog = argv[0];
argc--;
argv++;
while (argc >= 1)
{
if (strcmp(*argv,"-inform") == 0)
{
if (--argc < 1) goto bad;
informat=str2fmt(*(++argv));
while (argc >= 1) {
if (strcmp(*argv, "-inform") == 0) {
if (--argc < 1)
goto bad;
informat = str2fmt(*(++argv));
} else if (strcmp(*argv, "-outform") == 0) {
if (--argc < 1)
goto bad;
outformat = str2fmt(*(++argv));
} else if (strcmp(*argv, "-in") == 0) {
if (--argc < 1)
goto bad;
infile = *(++argv);
} else if (strcmp(*argv, "-out") == 0) {
if (--argc < 1)
goto bad;
outfile = *(++argv);
} else if (strcmp(*argv, "-passin") == 0) {
if (--argc < 1)
goto bad;
passargin = *(++argv);
} else if (strcmp(*argv, "-passout") == 0) {
if (--argc < 1)
goto bad;
passargout = *(++argv);
}
else if (strcmp(*argv,"-outform") == 0)
{
if (--argc < 1) goto bad;
outformat=str2fmt(*(++argv));
# ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv, "-engine") == 0) {
if (--argc < 1)
goto bad;
engine = *(++argv);
}
else if (strcmp(*argv,"-in") == 0)
{
if (--argc < 1) goto bad;
infile= *(++argv);
}
else if (strcmp(*argv,"-out") == 0)
{
if (--argc < 1) goto bad;
outfile= *(++argv);
}
else if (strcmp(*argv,"-passin") == 0)
{
if (--argc < 1) goto bad;
passargin= *(++argv);
}
else if (strcmp(*argv,"-passout") == 0)
{
if (--argc < 1) goto bad;
passargout= *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-pvk-strong") == 0)
pvk_encr=2;
else if (strcmp(*argv,"-pvk-weak") == 0)
pvk_encr=1;
else if (strcmp(*argv,"-pvk-none") == 0)
pvk_encr=0;
else if (strcmp(*argv,"-noout") == 0)
noout=1;
else if (strcmp(*argv,"-text") == 0)
text=1;
else if (strcmp(*argv,"-modulus") == 0)
modulus=1;
else if (strcmp(*argv,"-pubin") == 0)
pubin=1;
else if (strcmp(*argv,"-pubout") == 0)
pubout=1;
else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
{
BIO_printf(bio_err,"unknown option %s\n",*argv);
badops=1;
# endif
else if (strcmp(*argv, "-pvk-strong") == 0)
pvk_encr = 2;
else if (strcmp(*argv, "-pvk-weak") == 0)
pvk_encr = 1;
else if (strcmp(*argv, "-pvk-none") == 0)
pvk_encr = 0;
else if (strcmp(*argv, "-noout") == 0)
noout = 1;
else if (strcmp(*argv, "-text") == 0)
text = 1;
else if (strcmp(*argv, "-modulus") == 0)
modulus = 1;
else if (strcmp(*argv, "-pubin") == 0)
pubin = 1;
else if (strcmp(*argv, "-pubout") == 0)
pubout = 1;
else if ((enc = EVP_get_cipherbyname(&(argv[0][1]))) == NULL) {
BIO_printf(bio_err, "unknown option %s\n", *argv);
badops = 1;
break;
}
argc--;
argv++;
}
if (badops)
{
bad:
BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
BIO_printf(bio_err,"where options are\n");
BIO_printf(bio_err," -inform arg input format - DER or PEM\n");
BIO_printf(bio_err," -outform arg output format - DER or PEM\n");
BIO_printf(bio_err," -in arg input file\n");
BIO_printf(bio_err," -passin arg input file pass phrase source\n");
BIO_printf(bio_err," -out arg output file\n");
BIO_printf(bio_err," -passout arg output file pass phrase source\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
#endif
BIO_printf(bio_err," -des encrypt PEM output with cbc des\n");
BIO_printf(bio_err," -des3 encrypt PEM output with ede cbc des using 168 bit key\n");
#ifndef OPENSSL_NO_IDEA
BIO_printf(bio_err," -idea encrypt PEM output with cbc idea\n");
#endif
#ifndef OPENSSL_NO_AES
BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
BIO_printf(bio_err," encrypt PEM output with cbc aes\n");
#endif
#ifndef OPENSSL_NO_CAMELLIA
BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
BIO_printf(bio_err," encrypt PEM output with cbc camellia\n");
#endif
#ifndef OPENSSL_NO_SEED
BIO_printf(bio_err," -seed encrypt PEM output with cbc seed\n");
#endif
BIO_printf(bio_err," -text print the key in text\n");
BIO_printf(bio_err," -noout don't print key out\n");
BIO_printf(bio_err," -modulus print the DSA public value\n");
if (badops) {
bad:
BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
BIO_printf(bio_err, "where options are\n");
BIO_printf(bio_err, " -inform arg input format - DER or PEM\n");
BIO_printf(bio_err, " -outform arg output format - DER or PEM\n");
BIO_printf(bio_err, " -in arg input file\n");
BIO_printf(bio_err,
" -passin arg input file pass phrase source\n");
BIO_printf(bio_err, " -out arg output file\n");
BIO_printf(bio_err,
" -passout arg output file pass phrase source\n");
# ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err,
" -engine e use engine e, possibly a hardware device.\n");
# endif
BIO_printf(bio_err,
" -des encrypt PEM output with cbc des\n");
BIO_printf(bio_err,
" -des3 encrypt PEM output with ede cbc des using 168 bit key\n");
# ifndef OPENSSL_NO_IDEA
BIO_printf(bio_err,
" -idea encrypt PEM output with cbc idea\n");
# endif
# ifndef OPENSSL_NO_AES
BIO_printf(bio_err, " -aes128, -aes192, -aes256\n");
BIO_printf(bio_err,
" encrypt PEM output with cbc aes\n");
# endif
# ifndef OPENSSL_NO_CAMELLIA
BIO_printf(bio_err, " -camellia128, -camellia192, -camellia256\n");
BIO_printf(bio_err,
" encrypt PEM output with cbc camellia\n");
# endif
# ifndef OPENSSL_NO_SEED
BIO_printf(bio_err,
" -seed encrypt PEM output with cbc seed\n");
# endif
BIO_printf(bio_err, " -text print the key in text\n");
BIO_printf(bio_err, " -noout don't print key out\n");
BIO_printf(bio_err, " -modulus print the DSA public value\n");
goto end;
}
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
# ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
# endif
if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n");
goto end;
}
in=BIO_new(BIO_s_file());
out=BIO_new(BIO_s_file());
if ((in == NULL) || (out == NULL))
{
in = BIO_new(BIO_s_file());
out = BIO_new(BIO_s_file());
if ((in == NULL) || (out == NULL)) {
ERR_print_errors(bio_err);
goto end;
}
if (infile == NULL)
BIO_set_fp(in,stdin,BIO_NOCLOSE);
else
{
if (BIO_read_filename(in,infile) <= 0)
{
BIO_set_fp(in, stdin, BIO_NOCLOSE);
else {
if (BIO_read_filename(in, infile) <= 0) {
perror(infile);
goto end;
}
}
BIO_printf(bio_err,"read DSA key\n");
BIO_printf(bio_err, "read DSA key\n");
{
EVP_PKEY *pkey;
@ -278,64 +276,60 @@ bad:
pkey = load_key(bio_err, infile, informat, 1,
passin, e, "Private Key");
if (pkey)
{
if (pkey) {
dsa = EVP_PKEY_get1_DSA(pkey);
EVP_PKEY_free(pkey);
}
}
if (dsa == NULL)
{
BIO_printf(bio_err,"unable to load Key\n");
if (dsa == NULL) {
BIO_printf(bio_err, "unable to load Key\n");
ERR_print_errors(bio_err);
goto end;
}
if (outfile == NULL)
{
BIO_set_fp(out,stdout,BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
if (outfile == NULL) {
BIO_set_fp(out, stdout, BIO_NOCLOSE);
# ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
out = BIO_push(tmpbio, out);
}
#endif
}
else
{
if (BIO_write_filename(out,outfile) <= 0)
{
# endif
} else {
if (BIO_write_filename(out, outfile) <= 0) {
perror(outfile);
goto end;
}
}
if (text)
if (!DSA_print(out,dsa,0))
{
if (!DSA_print(out, dsa, 0)) {
perror(outfile);
ERR_print_errors(bio_err);
goto end;
}
if (modulus)
{
fprintf(stdout,"Public Key=");
BN_print(out,dsa->pub_key);
fprintf(stdout,"\n");
if (modulus) {
fprintf(stdout, "Public Key=");
BN_print(out, dsa->pub_key);
fprintf(stdout, "\n");
}
if (noout) goto end;
BIO_printf(bio_err,"writing DSA key\n");
if (noout)
goto end;
BIO_printf(bio_err, "writing DSA key\n");
if (outformat == FORMAT_ASN1) {
if(pubin || pubout) i=i2d_DSA_PUBKEY_bio(out,dsa);
else i=i2d_DSAPrivateKey_bio(out,dsa);
if (pubin || pubout)
i = i2d_DSA_PUBKEY_bio(out, dsa);
else
i = i2d_DSAPrivateKey_bio(out, dsa);
} else if (outformat == FORMAT_PEM) {
if(pubin || pubout)
i=PEM_write_bio_DSA_PUBKEY(out,dsa);
else i=PEM_write_bio_DSAPrivateKey(out,dsa,enc,
NULL,0,NULL, passout);
#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_RC4)
if (pubin || pubout)
i = PEM_write_bio_DSA_PUBKEY(out, dsa);
else
i = PEM_write_bio_DSAPrivateKey(out, dsa, enc,
NULL, 0, NULL, passout);
# if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_RC4)
} else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
EVP_PKEY *pk;
pk = EVP_PKEY_new();
@ -347,31 +341,34 @@ bad:
else
i = i2b_PrivateKey_bio(out, pk);
EVP_PKEY_free(pk);
#endif
# endif
} else {
BIO_printf(bio_err,"bad output format specified for outfile\n");
BIO_printf(bio_err, "bad output format specified for outfile\n");
goto end;
}
if (i <= 0)
{
BIO_printf(bio_err,"unable to write private key\n");
if (i <= 0) {
BIO_printf(bio_err, "unable to write private key\n");
ERR_print_errors(bio_err);
}
else
ret=0;
end:
if(in != NULL) BIO_free(in);
if(out != NULL) BIO_free_all(out);
if(dsa != NULL) DSA_free(dsa);
if(passin) OPENSSL_free(passin);
if(passout) OPENSSL_free(passout);
} else
ret = 0;
end:
if (in != NULL)
BIO_free(in);
if (out != NULL)
BIO_free_all(out);
if (dsa != NULL)
DSA_free(dsa);
if (passin)
OPENSSL_free(passin);
if (passout)
OPENSSL_free(passout);
apps_shutdown();
OPENSSL_EXIT(ret);
}
}
#else /* !OPENSSL_NO_DSA */
# if PEDANTIC
static void *dummy=&dummy;
static void *dummy = &dummy;
# endif
#endif

480
apps/dsaparam.c
View File

@ -57,28 +57,30 @@
*/
#include <openssl/opensslconf.h> /* for OPENSSL_NO_DSA */
/* Until the key-gen callbacks are modified to use newer prototypes, we allow
* deprecated functions for openssl-internal code */
/*
* Until the key-gen callbacks are modified to use newer prototypes, we allow
* deprecated functions for openssl-internal code
*/
#ifdef OPENSSL_NO_DEPRECATED
#undef OPENSSL_NO_DEPRECATED
# undef OPENSSL_NO_DEPRECATED
#endif
#ifndef OPENSSL_NO_DSA
#include <assert.h>
#include <stdio.h>
#include <stdlib.h>
#include <time.h>
#include <string.h>
#include "apps.h"
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/bn.h>
#include <openssl/dsa.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
# include <assert.h>
# include <stdio.h>
# include <stdlib.h>
# include <time.h>
# include <string.h>
# include "apps.h"
# include <openssl/bio.h>
# include <openssl/err.h>
# include <openssl/bn.h>
# include <openssl/dsa.h>
# include <openssl/x509.h>
# include <openssl/pem.h>
#undef PROG
#define PROG dsaparam_main
# undef PROG
# define PROG dsaparam_main
/*-
* -inform arg - input format - default PEM (DER or PEM)
@ -95,354 +97,327 @@
* #endif
*/
#ifdef GENCB_TEST
# ifdef GENCB_TEST
static int stop_keygen_flag = 0;
static void timebomb_sigalarm(int foo)
{
{
stop_keygen_flag = 1;
}
}
#endif
# endif
static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *cb);
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
DSA *dsa=NULL;
int i,badops=0,text=0;
BIO *in=NULL,*out=NULL;
int informat,outformat,noout=0,C=0,ret=1;
char *infile,*outfile,*prog,*inrand=NULL;
int numbits= -1,num,genkey=0;
int need_rand=0;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
#ifdef GENCB_TEST
int timebomb=0;
#endif
{
DSA *dsa = NULL;
int i, badops = 0, text = 0;
BIO *in = NULL, *out = NULL;
int informat, outformat, noout = 0, C = 0, ret = 1;
char *infile, *outfile, *prog, *inrand = NULL;
int numbits = -1, num, genkey = 0;
int need_rand = 0;
# ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
# endif
# ifdef GENCB_TEST
int timebomb = 0;
# endif
apps_startup();
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
if (!load_config(bio_err, NULL))
goto end;
infile=NULL;
outfile=NULL;
informat=FORMAT_PEM;
outformat=FORMAT_PEM;
infile = NULL;
outfile = NULL;
informat = FORMAT_PEM;
outformat = FORMAT_PEM;
prog=argv[0];
prog = argv[0];
argc--;
argv++;
while (argc >= 1)
{
if (strcmp(*argv,"-inform") == 0)
{
if (--argc < 1) goto bad;
informat=str2fmt(*(++argv));
while (argc >= 1) {
if (strcmp(*argv, "-inform") == 0) {
if (--argc < 1)
goto bad;
informat = str2fmt(*(++argv));
} else if (strcmp(*argv, "-outform") == 0) {
if (--argc < 1)
goto bad;
outformat = str2fmt(*(++argv));
} else if (strcmp(*argv, "-in") == 0) {
if (--argc < 1)
goto bad;
infile = *(++argv);
} else if (strcmp(*argv, "-out") == 0) {
if (--argc < 1)
goto bad;
outfile = *(++argv);
}
else if (strcmp(*argv,"-outform") == 0)
{
if (--argc < 1) goto bad;
outformat=str2fmt(*(++argv));
}
else if (strcmp(*argv,"-in") == 0)
{
if (--argc < 1) goto bad;
infile= *(++argv);
}
else if (strcmp(*argv,"-out") == 0)
{
if (--argc < 1) goto bad;
outfile= *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if(strcmp(*argv, "-engine") == 0)
{
if (--argc < 1) goto bad;
# ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv, "-engine") == 0) {
if (--argc < 1)
goto bad;
engine = *(++argv);
}
#endif
#ifdef GENCB_TEST
else if(strcmp(*argv, "-timebomb") == 0)
{
if (--argc < 1) goto bad;
# endif
# ifdef GENCB_TEST
else if (strcmp(*argv, "-timebomb") == 0) {
if (--argc < 1)
goto bad;
timebomb = atoi(*(++argv));
}
#endif
else if (strcmp(*argv,"-text") == 0)
text=1;
else if (strcmp(*argv,"-C") == 0)
C=1;
else if (strcmp(*argv,"-genkey") == 0)
{
genkey=1;
need_rand=1;
}
else if (strcmp(*argv,"-rand") == 0)
{
if (--argc < 1) goto bad;
inrand= *(++argv);
need_rand=1;
}
else if (strcmp(*argv,"-noout") == 0)
noout=1;
else if (sscanf(*argv,"%d",&num) == 1)
{
# endif
else if (strcmp(*argv, "-text") == 0)
text = 1;
else if (strcmp(*argv, "-C") == 0)
C = 1;
else if (strcmp(*argv, "-genkey") == 0) {
genkey = 1;
need_rand = 1;
} else if (strcmp(*argv, "-rand") == 0) {
if (--argc < 1)
goto bad;
inrand = *(++argv);
need_rand = 1;
} else if (strcmp(*argv, "-noout") == 0)
noout = 1;
else if (sscanf(*argv, "%d", &num) == 1) {
/* generate a key */
numbits=num;
need_rand=1;
}
else
{
BIO_printf(bio_err,"unknown option %s\n",*argv);
badops=1;
numbits = num;
need_rand = 1;
} else {
BIO_printf(bio_err, "unknown option %s\n", *argv);
badops = 1;
break;
}
argc--;
argv++;
}
if (badops)
{
bad:
BIO_printf(bio_err,"%s [options] [bits] <infile >outfile\n",prog);
BIO_printf(bio_err,"where options are\n");
BIO_printf(bio_err," -inform arg input format - DER or PEM\n");
BIO_printf(bio_err," -outform arg output format - DER or PEM\n");
BIO_printf(bio_err," -in arg input file\n");
BIO_printf(bio_err," -out arg output file\n");
BIO_printf(bio_err," -text print as text\n");
BIO_printf(bio_err," -C Output C code\n");
BIO_printf(bio_err," -noout no output\n");
BIO_printf(bio_err," -genkey generate a DSA key\n");
BIO_printf(bio_err," -rand files to use for random number input\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
#endif
#ifdef GENCB_TEST
BIO_printf(bio_err," -timebomb n interrupt keygen after <n> seconds\n");
#endif
BIO_printf(bio_err," number number of bits to use for generating private key\n");
if (badops) {
bad:
BIO_printf(bio_err, "%s [options] [bits] <infile >outfile\n", prog);
BIO_printf(bio_err, "where options are\n");
BIO_printf(bio_err, " -inform arg input format - DER or PEM\n");
BIO_printf(bio_err, " -outform arg output format - DER or PEM\n");
BIO_printf(bio_err, " -in arg input file\n");
BIO_printf(bio_err, " -out arg output file\n");
BIO_printf(bio_err, " -text print as text\n");
BIO_printf(bio_err, " -C Output C code\n");
BIO_printf(bio_err, " -noout no output\n");
BIO_printf(bio_err, " -genkey generate a DSA key\n");
BIO_printf(bio_err,
" -rand files to use for random number input\n");
# ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err,
" -engine e use engine e, possibly a hardware device.\n");
# endif
# ifdef GENCB_TEST
BIO_printf(bio_err,
" -timebomb n interrupt keygen after <n> seconds\n");
# endif
BIO_printf(bio_err,
" number number of bits to use for generating private key\n");
goto end;
}
ERR_load_crypto_strings();
in=BIO_new(BIO_s_file());
out=BIO_new(BIO_s_file());
if ((in == NULL) || (out == NULL))
{
in = BIO_new(BIO_s_file());
out = BIO_new(BIO_s_file());
if ((in == NULL) || (out == NULL)) {
ERR_print_errors(bio_err);
goto end;
}
if (infile == NULL)
BIO_set_fp(in,stdin,BIO_NOCLOSE);
else
{
if (BIO_read_filename(in,infile) <= 0)
{
BIO_set_fp(in, stdin, BIO_NOCLOSE);
else {
if (BIO_read_filename(in, infile) <= 0) {
perror(infile);
goto end;
}
}
if (outfile == NULL)
{
BIO_set_fp(out,stdout,BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
if (outfile == NULL) {
BIO_set_fp(out, stdout, BIO_NOCLOSE);
# ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
out = BIO_push(tmpbio, out);
}
#endif
}
else
{
if (BIO_write_filename(out,outfile) <= 0)
{
# endif
} else {
if (BIO_write_filename(out, outfile) <= 0) {
perror(outfile);
goto end;
}
}
#ifndef OPENSSL_NO_ENGINE
# ifndef OPENSSL_NO_ENGINE
setup_engine(bio_err, engine, 0);
#endif
# endif
if (need_rand)
{
if (need_rand) {
app_RAND_load_file(NULL, bio_err, (inrand != NULL));
if (inrand != NULL)
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
app_RAND_load_files(inrand));
}
if (numbits > 0)
{
if (numbits > 0) {
BN_GENCB cb;
BN_GENCB_set(&cb, dsa_cb, bio_err);
assert(need_rand);
dsa = DSA_new();
if(!dsa)
{
BIO_printf(bio_err,"Error allocating DSA object\n");
if (!dsa) {
BIO_printf(bio_err, "Error allocating DSA object\n");
goto end;
}
BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num);
BIO_printf(bio_err,"This could take some time\n");
#ifdef GENCB_TEST
if(timebomb > 0)
{
BIO_printf(bio_err, "Generating DSA parameters, %d bit long prime\n",
num);
BIO_printf(bio_err, "This could take some time\n");
# ifdef GENCB_TEST
if (timebomb > 0) {
struct sigaction act;
act.sa_handler = timebomb_sigalarm;
act.sa_flags = 0;
BIO_printf(bio_err,"(though I'll stop it if not done within %d secs)\n",
BIO_printf(bio_err,
"(though I'll stop it if not done within %d secs)\n",
timebomb);
if(sigaction(SIGALRM, &act, NULL) != 0)
{
BIO_printf(bio_err,"Error, couldn't set SIGALRM handler\n");
if (sigaction(SIGALRM, &act, NULL) != 0) {
BIO_printf(bio_err, "Error, couldn't set SIGALRM handler\n");
goto end;
}
alarm(timebomb);
}
#endif
if(!DSA_generate_parameters_ex(dsa,num,NULL,0,NULL,NULL, &cb))
{
#ifdef GENCB_TEST
if(stop_keygen_flag)
{
BIO_printf(bio_err,"DSA key generation time-stopped\n");
# endif
if (!DSA_generate_parameters_ex(dsa, num, NULL, 0, NULL, NULL, &cb)) {
# ifdef GENCB_TEST
if (stop_keygen_flag) {
BIO_printf(bio_err, "DSA key generation time-stopped\n");
/* This is an asked-for behaviour! */
ret = 0;
goto end;
}
#endif
# endif
ERR_print_errors(bio_err);
BIO_printf(bio_err,"Error, DSA key generation failed\n");
BIO_printf(bio_err, "Error, DSA key generation failed\n");
goto end;
}
}
else if (informat == FORMAT_ASN1)
dsa=d2i_DSAparams_bio(in,NULL);
} else if (informat == FORMAT_ASN1)
dsa = d2i_DSAparams_bio(in, NULL);
else if (informat == FORMAT_PEM)
dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL);
else
{
BIO_printf(bio_err,"bad input format specified\n");
dsa = PEM_read_bio_DSAparams(in, NULL, NULL, NULL);
else {
BIO_printf(bio_err, "bad input format specified\n");
goto end;
}
if (dsa == NULL)
{
BIO_printf(bio_err,"unable to load DSA parameters\n");
if (dsa == NULL) {
BIO_printf(bio_err, "unable to load DSA parameters\n");
ERR_print_errors(bio_err);
goto end;
}
if (text)
{
DSAparams_print(out,dsa);
if (text) {
DSAparams_print(out, dsa);
}
if (C)
{
if (C) {
unsigned char *data;
int l,len,bits_p;
int l, len, bits_p;
len=BN_num_bytes(dsa->p);
bits_p=BN_num_bits(dsa->p);
data=(unsigned char *)OPENSSL_malloc(len+20);
if (data == NULL)
{
len = BN_num_bytes(dsa->p);
bits_p = BN_num_bits(dsa->p);
data = (unsigned char *)OPENSSL_malloc(len + 20);
if (data == NULL) {
perror("OPENSSL_malloc");
goto end;
}
l=BN_bn2bin(dsa->p,data);
printf("static unsigned char dsa%d_p[]={",bits_p);
for (i=0; i<l; i++)
{
if ((i%12) == 0) printf("\n\t");
printf("0x%02X,",data[i]);
l = BN_bn2bin(dsa->p, data);
printf("static unsigned char dsa%d_p[]={", bits_p);
for (i = 0; i < l; i++) {
if ((i % 12) == 0)
printf("\n\t");
printf("0x%02X,", data[i]);
}
printf("\n\t};\n");
l=BN_bn2bin(dsa->q,data);
printf("static unsigned char dsa%d_q[]={",bits_p);
for (i=0; i<l; i++)
{
if ((i%12) == 0) printf("\n\t");
printf("0x%02X,",data[i]);
l = BN_bn2bin(dsa->q, data);
printf("static unsigned char dsa%d_q[]={", bits_p);
for (i = 0; i < l; i++) {
if ((i % 12) == 0)
printf("\n\t");
printf("0x%02X,", data[i]);
}
printf("\n\t};\n");
l=BN_bn2bin(dsa->g,data);
printf("static unsigned char dsa%d_g[]={",bits_p);
for (i=0; i<l; i++)
{
if ((i%12) == 0) printf("\n\t");
printf("0x%02X,",data[i]);
l = BN_bn2bin(dsa->g, data);
printf("static unsigned char dsa%d_g[]={", bits_p);
for (i = 0; i < l; i++) {
if ((i % 12) == 0)
printf("\n\t");
printf("0x%02X,", data[i]);
}
printf("\n\t};\n\n");
printf("DSA *get_dsa%d()\n\t{\n",bits_p);
printf("DSA *get_dsa%d()\n\t{\n", bits_p);
printf("\tDSA *dsa;\n\n");
printf("\tif ((dsa=DSA_new()) == NULL) return(NULL);\n");
printf("\tdsa->p=BN_bin2bn(dsa%d_p,sizeof(dsa%d_p),NULL);\n",
bits_p,bits_p);
bits_p, bits_p);
printf("\tdsa->q=BN_bin2bn(dsa%d_q,sizeof(dsa%d_q),NULL);\n",
bits_p,bits_p);
bits_p, bits_p);
printf("\tdsa->g=BN_bin2bn(dsa%d_g,sizeof(dsa%d_g),NULL);\n",
bits_p,bits_p);
printf("\tif ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))\n");
bits_p, bits_p);
printf
("\tif ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))\n");
printf("\t\t{ DSA_free(dsa); return(NULL); }\n");
printf("\treturn(dsa);\n\t}\n");
}
if (!noout)
{
if (!noout) {
if (outformat == FORMAT_ASN1)
i=i2d_DSAparams_bio(out,dsa);
i = i2d_DSAparams_bio(out, dsa);
else if (outformat == FORMAT_PEM)
i=PEM_write_bio_DSAparams(out,dsa);
i = PEM_write_bio_DSAparams(out, dsa);
else {
BIO_printf(bio_err,"bad output format specified for outfile\n");
BIO_printf(bio_err, "bad output format specified for outfile\n");
goto end;
}
if (!i)
{
BIO_printf(bio_err,"unable to write DSA parameters\n");
if (!i) {
BIO_printf(bio_err, "unable to write DSA parameters\n");
ERR_print_errors(bio_err);
goto end;
}
}
if (genkey)
{
if (genkey) {
DSA *dsakey;
assert(need_rand);
if ((dsakey=DSAparams_dup(dsa)) == NULL) goto end;
if (!DSA_generate_key(dsakey))
{
if ((dsakey = DSAparams_dup(dsa)) == NULL)
goto end;
if (!DSA_generate_key(dsakey)) {
ERR_print_errors(bio_err);
DSA_free(dsakey);
goto end;
}
if (outformat == FORMAT_ASN1)
i=i2d_DSAPrivateKey_bio(out,dsakey);
i = i2d_DSAPrivateKey_bio(out, dsakey);
else if (outformat == FORMAT_PEM)
i=PEM_write_bio_DSAPrivateKey(out,dsakey,NULL,NULL,0,NULL,NULL);
i = PEM_write_bio_DSAPrivateKey(out, dsakey, NULL, NULL, 0, NULL,
NULL);
else {
BIO_printf(bio_err,"bad output format specified for outfile\n");
BIO_printf(bio_err, "bad output format specified for outfile\n");
DSA_free(dsakey);
goto end;
}
@ -450,38 +425,45 @@ bad:
}
if (need_rand)
app_RAND_write_file(NULL, bio_err);
ret=0;
end:
if (in != NULL) BIO_free(in);
if (out != NULL) BIO_free_all(out);
if (dsa != NULL) DSA_free(dsa);
ret = 0;
end:
if (in != NULL)
BIO_free(in);
if (out != NULL)
BIO_free_all(out);
if (dsa != NULL)
DSA_free(dsa);
apps_shutdown();
OPENSSL_EXIT(ret);
}
}
static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *cb)
{
char c='*';
{
char c = '*';
if (p == 0) c='.';
if (p == 1) c='+';
if (p == 2) c='*';
if (p == 3) c='\n';
BIO_write(cb->arg,&c,1);
if (p == 0)
c = '.';
if (p == 1)
c = '+';
if (p == 2)
c = '*';
if (p == 3)
c = '\n';
BIO_write(cb->arg, &c, 1);
(void)BIO_flush(cb->arg);
#ifdef LINT
p=n;
#endif
#ifdef GENCB_TEST
if(stop_keygen_flag)
# ifdef LINT
p = n;
# endif
# ifdef GENCB_TEST
if (stop_keygen_flag)
return 0;
#endif
# endif
return 1;
}
}
#else /* !OPENSSL_NO_DSA */
# if PEDANTIC
static void *dummy=&dummy;
static void *dummy = &dummy;
# endif
#endif

210
apps/ec.c
View File

@ -58,17 +58,17 @@
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_EC
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "apps.h"
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/pem.h>
# include <stdio.h>
# include <stdlib.h>
# include <string.h>
# include "apps.h"
# include <openssl/bio.h>
# include <openssl/err.h>
# include <openssl/evp.h>
# include <openssl/pem.h>
#undef PROG
#define PROG ec_main
# undef PROG
# define PROG ec_main
/*-
* -inform arg - input format - default PEM (one of DER, NET or PEM)
@ -92,7 +92,7 @@ int MAIN(int argc, char **argv)
int i, badops = 0;
const EVP_CIPHER *enc = NULL;
BIO *in = NULL, *out = NULL;
int informat, outformat, text=0, noout=0;
int informat, outformat, text = 0, noout = 0;
int pubin = 0, pubout = 0, param_out = 0;
char *infile, *outfile, *prog, *engine;
char *passargin = NULL, *passargout = NULL;
@ -105,8 +105,8 @@ int MAIN(int argc, char **argv)
apps_startup();
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT);
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
if (!load_config(bio_err, NULL))
goto end;
@ -120,49 +120,40 @@ int MAIN(int argc, char **argv)
prog = argv[0];
argc--;
argv++;
while (argc >= 1)
{
if (strcmp(*argv,"-inform") == 0)
{
if (--argc < 1) goto bad;
informat=str2fmt(*(++argv));
}
else if (strcmp(*argv,"-outform") == 0)
{
if (--argc < 1) goto bad;
outformat=str2fmt(*(++argv));
}
else if (strcmp(*argv,"-in") == 0)
{
if (--argc < 1) goto bad;
infile= *(++argv);
}
else if (strcmp(*argv,"-out") == 0)
{
if (--argc < 1) goto bad;
outfile= *(++argv);
}
else if (strcmp(*argv,"-passin") == 0)
{
if (--argc < 1) goto bad;
passargin= *(++argv);
}
else if (strcmp(*argv,"-passout") == 0)
{
if (--argc < 1) goto bad;
passargout= *(++argv);
}
else if (strcmp(*argv, "-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
else if (strcmp(*argv, "-noout") == 0)
while (argc >= 1) {
if (strcmp(*argv, "-inform") == 0) {
if (--argc < 1)
goto bad;
informat = str2fmt(*(++argv));
} else if (strcmp(*argv, "-outform") == 0) {
if (--argc < 1)
goto bad;
outformat = str2fmt(*(++argv));
} else if (strcmp(*argv, "-in") == 0) {
if (--argc < 1)
goto bad;
infile = *(++argv);
} else if (strcmp(*argv, "-out") == 0) {
if (--argc < 1)
goto bad;
outfile = *(++argv);
} else if (strcmp(*argv, "-passin") == 0) {
if (--argc < 1)
goto bad;
passargin = *(++argv);
} else if (strcmp(*argv, "-passout") == 0) {
if (--argc < 1)
goto bad;
passargout = *(++argv);
} else if (strcmp(*argv, "-engine") == 0) {
if (--argc < 1)
goto bad;
engine = *(++argv);
} else if (strcmp(*argv, "-noout") == 0)
noout = 1;
else if (strcmp(*argv, "-text") == 0)
text = 1;
else if (strcmp(*argv, "-conv_form") == 0)
{
else if (strcmp(*argv, "-conv_form") == 0) {
if (--argc < 1)
goto bad;
++argv;
@ -175,9 +166,7 @@ int MAIN(int argc, char **argv)
form = POINT_CONVERSION_HYBRID;
else
goto bad;
}
else if (strcmp(*argv, "-param_enc") == 0)
{
} else if (strcmp(*argv, "-param_enc") == 0) {
if (--argc < 1)
goto bad;
++argv;
@ -188,26 +177,23 @@ int MAIN(int argc, char **argv)
asn1_flag = 0;
else
goto bad;
}
else if (strcmp(*argv, "-param_out") == 0)
} else if (strcmp(*argv, "-param_out") == 0)
param_out = 1;
else if (strcmp(*argv, "-pubin") == 0)
pubin=1;
pubin = 1;
else if (strcmp(*argv, "-pubout") == 0)
pubout=1;
else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
{
pubout = 1;
else if ((enc = EVP_get_cipherbyname(&(argv[0][1]))) == NULL) {
BIO_printf(bio_err, "unknown option %s\n", *argv);
badops=1;
badops = 1;
break;
}
argc--;
argv++;
}
if (badops)
{
bad:
if (badops) {
bad:
BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
BIO_printf(bio_err, "where options are\n");
BIO_printf(bio_err, " -inform arg input format - "
@ -236,93 +222,75 @@ bad:
" compressed\n");
BIO_printf(bio_err, " "
" uncompressed (default)\n");
BIO_printf(bio_err, " "
" hybrid\n");
BIO_printf(bio_err, " " " hybrid\n");
BIO_printf(bio_err, " -param_enc arg specifies the way"
" the ec parameters are encoded\n");
BIO_printf(bio_err, " in the asn1 der "
"encoding\n");
BIO_printf(bio_err, " in the asn1 der " "encoding\n");
BIO_printf(bio_err, " possible values:"
" named_curve (default)\n");
BIO_printf(bio_err," "
BIO_printf(bio_err, " "
"explicit\n");
goto end;
}
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
# ifndef OPENSSL_NO_ENGINE
setup_engine(bio_err, engine, 0);
#endif
# endif
if(!app_passwd(bio_err, passargin, passargout, &passin, &passout))
{
if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n");
goto end;
}
in = BIO_new(BIO_s_file());
out = BIO_new(BIO_s_file());
if ((in == NULL) || (out == NULL))
{
if ((in == NULL) || (out == NULL)) {
ERR_print_errors(bio_err);
goto end;
}
if (infile == NULL)
BIO_set_fp(in, stdin, BIO_NOCLOSE);
else
{
if (BIO_read_filename(in, infile) <= 0)
{
else {
if (BIO_read_filename(in, infile) <= 0) {
perror(infile);
goto end;
}
}
BIO_printf(bio_err, "read EC key\n");
if (informat == FORMAT_ASN1)
{
if (informat == FORMAT_ASN1) {
if (pubin)
eckey = d2i_EC_PUBKEY_bio(in, NULL);
else
eckey = d2i_ECPrivateKey_bio(in, NULL);
}
else if (informat == FORMAT_PEM)
{
} else if (informat == FORMAT_PEM) {
if (pubin)
eckey = PEM_read_bio_EC_PUBKEY(in, NULL, NULL,
NULL);
eckey = PEM_read_bio_EC_PUBKEY(in, NULL, NULL, NULL);
else
eckey = PEM_read_bio_ECPrivateKey(in, NULL, NULL,
passin);
}
else
{
eckey = PEM_read_bio_ECPrivateKey(in, NULL, NULL, passin);
} else {
BIO_printf(bio_err, "bad input format specified for key\n");
goto end;
}
if (eckey == NULL)
{
BIO_printf(bio_err,"unable to load Key\n");
if (eckey == NULL) {
BIO_printf(bio_err, "unable to load Key\n");
ERR_print_errors(bio_err);
goto end;
}
if (outfile == NULL)
{
if (outfile == NULL) {
BIO_set_fp(out, stdout, BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
# ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
out = BIO_push(tmpbio, out);
}
#endif
}
else
{
if (BIO_write_filename(out, outfile) <= 0)
{
# endif
} else {
if (BIO_write_filename(out, outfile) <= 0) {
perror(outfile);
goto end;
}
@ -337,31 +305,26 @@ bad:
EC_KEY_set_asn1_flag(eckey, asn1_flag);
if (text)
if (!EC_KEY_print(out, eckey, 0))
{
if (!EC_KEY_print(out, eckey, 0)) {
perror(outfile);
ERR_print_errors(bio_err);
goto end;
}
if (noout)
{
if (noout) {
ret = 0;
goto end;
}
BIO_printf(bio_err, "writing EC key\n");
if (outformat == FORMAT_ASN1)
{
if (outformat == FORMAT_ASN1) {
if (param_out)
i = i2d_ECPKParameters_bio(out, group);
else if (pubin || pubout)
i = i2d_EC_PUBKEY_bio(out, eckey);
else
i = i2d_ECPrivateKey_bio(out, eckey);
}
else if (outformat == FORMAT_PEM)
{
} else if (outformat == FORMAT_PEM) {
if (param_out)
i = PEM_write_bio_ECPKParameters(out, group);
else if (pubin || pubout)
@ -369,22 +332,17 @@ bad:
else
i = PEM_write_bio_ECPrivateKey(out, eckey, enc,
NULL, 0, NULL, passout);
}
else
{
BIO_printf(bio_err, "bad output format specified for "
"outfile\n");
} else {
BIO_printf(bio_err, "bad output format specified for " "outfile\n");
goto end;
}
if (!i)
{
if (!i) {
BIO_printf(bio_err, "unable to write private key\n");
ERR_print_errors(bio_err);
}
else
ret=0;
end:
} else
ret = 0;
end:
if (in)
BIO_free(in);
if (out)
@ -401,7 +359,7 @@ end:
#else /* !OPENSSL_NO_EC */
# if PEDANTIC
static void *dummy=&dummy;
static void *dummy = &dummy;
# endif
#endif

349
apps/ecparam.c
View File

@ -71,21 +71,21 @@
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_EC
#include <assert.h>
#include <stdio.h>
#include <stdlib.h>
#include <time.h>
#include <string.h>
#include "apps.h"
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/bn.h>
#include <openssl/ec.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
# include <assert.h>
# include <stdio.h>
# include <stdlib.h>
# include <time.h>
# include <string.h>
# include "apps.h"
# include <openssl/bio.h>
# include <openssl/err.h>
# include <openssl/bn.h>
# include <openssl/ec.h>
# include <openssl/x509.h>
# include <openssl/pem.h>
#undef PROG
#define PROG ecparam_main
# undef PROG
# define PROG ecparam_main
/*-
* -inform arg - input format - default PEM (DER or PEM)
@ -112,13 +112,13 @@
* -engine e - use engine e, possibly a hardware device
*/
static int ecparam_print_var(BIO *,BIGNUM *,const char *,int,unsigned char *);
static int ecparam_print_var(BIO *, BIGNUM *, const char *, int,
unsigned char *);
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
{
EC_GROUP *group = NULL;
point_conversion_form_t form = POINT_CONVERSION_UNCOMPRESSED;
int new_form = 0;
@ -139,56 +139,48 @@ int MAIN(int argc, char **argv)
apps_startup();
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
if (!load_config(bio_err, NULL))
goto end;
informat=FORMAT_PEM;
outformat=FORMAT_PEM;
informat = FORMAT_PEM;
outformat = FORMAT_PEM;
prog=argv[0];
prog = argv[0];
argc--;
argv++;
while (argc >= 1)
{
if (strcmp(*argv,"-inform") == 0)
{
if (--argc < 1) goto bad;
informat=str2fmt(*(++argv));
}
else if (strcmp(*argv,"-outform") == 0)
{
if (--argc < 1) goto bad;
outformat=str2fmt(*(++argv));
}
else if (strcmp(*argv,"-in") == 0)
{
if (--argc < 1) goto bad;
infile= *(++argv);
}
else if (strcmp(*argv,"-out") == 0)
{
if (--argc < 1) goto bad;
outfile= *(++argv);
}
else if (strcmp(*argv,"-text") == 0)
while (argc >= 1) {
if (strcmp(*argv, "-inform") == 0) {
if (--argc < 1)
goto bad;
informat = str2fmt(*(++argv));
} else if (strcmp(*argv, "-outform") == 0) {
if (--argc < 1)
goto bad;
outformat = str2fmt(*(++argv));
} else if (strcmp(*argv, "-in") == 0) {
if (--argc < 1)
goto bad;
infile = *(++argv);
} else if (strcmp(*argv, "-out") == 0) {
if (--argc < 1)
goto bad;
outfile = *(++argv);
} else if (strcmp(*argv, "-text") == 0)
text = 1;
else if (strcmp(*argv,"-C") == 0)
else if (strcmp(*argv, "-C") == 0)
C = 1;
else if (strcmp(*argv,"-check") == 0)
else if (strcmp(*argv, "-check") == 0)
check = 1;
else if (strcmp (*argv, "-name") == 0)
{
else if (strcmp(*argv, "-name") == 0) {
if (--argc < 1)
goto bad;
curve_name = *(++argv);
}
else if (strcmp(*argv, "-list_curves") == 0)
} else if (strcmp(*argv, "-list_curves") == 0)
list_curves = 1;
else if (strcmp(*argv, "-conv_form") == 0)
{
else if (strcmp(*argv, "-conv_form") == 0) {
if (--argc < 1)
goto bad;
++argv;
@ -201,9 +193,7 @@ int MAIN(int argc, char **argv)
form = POINT_CONVERSION_HYBRID;
else
goto bad;
}
else if (strcmp(*argv, "-param_enc") == 0)
{
} else if (strcmp(*argv, "-param_enc") == 0) {
if (--argc < 1)
goto bad;
++argv;
@ -214,41 +204,34 @@ int MAIN(int argc, char **argv)
asn1_flag = 0;
else
goto bad;
}
else if (strcmp(*argv, "-no_seed") == 0)
} else if (strcmp(*argv, "-no_seed") == 0)
no_seed = 1;
else if (strcmp(*argv, "-noout") == 0)
noout=1;
else if (strcmp(*argv,"-genkey") == 0)
{
genkey=1;
need_rand=1;
}
else if (strcmp(*argv, "-rand") == 0)
{
if (--argc < 1) goto bad;
inrand= *(++argv);
need_rand=1;
}
else if(strcmp(*argv, "-engine") == 0)
{
if (--argc < 1) goto bad;
noout = 1;
else if (strcmp(*argv, "-genkey") == 0) {
genkey = 1;
need_rand = 1;
} else if (strcmp(*argv, "-rand") == 0) {
if (--argc < 1)
goto bad;
inrand = *(++argv);
need_rand = 1;
} else if (strcmp(*argv, "-engine") == 0) {
if (--argc < 1)
goto bad;
engine = *(++argv);
}
else
{
BIO_printf(bio_err,"unknown option %s\n",*argv);
badops=1;
} else {
BIO_printf(bio_err, "unknown option %s\n", *argv);
badops = 1;
break;
}
argc--;
argv++;
}
if (badops)
{
bad:
BIO_printf(bio_err, "%s [options] <infile >outfile\n",prog);
if (badops) {
bad:
BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
BIO_printf(bio_err, "where options are\n");
BIO_printf(bio_err, " -inform arg input format - "
"default PEM (DER or PEM)\n");
@ -287,10 +270,8 @@ bad:
BIO_printf(bio_err, " "
" explicit\n");
BIO_printf(bio_err, " -no_seed if 'explicit'"
" parameters are chosen do not"
" use the seed\n");
BIO_printf(bio_err, " -genkey generate ec"
" key\n");
" parameters are chosen do not" " use the seed\n");
BIO_printf(bio_err, " -genkey generate ec" " key\n");
BIO_printf(bio_err, " -rand file files to use for"
" random number input\n");
BIO_printf(bio_err, " -engine e use engine e, "
@ -300,49 +281,41 @@ bad:
ERR_load_crypto_strings();
in=BIO_new(BIO_s_file());
out=BIO_new(BIO_s_file());
if ((in == NULL) || (out == NULL))
{
in = BIO_new(BIO_s_file());
out = BIO_new(BIO_s_file());
if ((in == NULL) || (out == NULL)) {
ERR_print_errors(bio_err);
goto end;
}
if (infile == NULL)
BIO_set_fp(in,stdin,BIO_NOCLOSE);
else
{
if (BIO_read_filename(in,infile) <= 0)
{
BIO_set_fp(in, stdin, BIO_NOCLOSE);
else {
if (BIO_read_filename(in, infile) <= 0) {
perror(infile);
goto end;
}
}
if (outfile == NULL)
{
BIO_set_fp(out,stdout,BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
if (outfile == NULL) {
BIO_set_fp(out, stdout, BIO_NOCLOSE);
# ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
out = BIO_push(tmpbio, out);
}
#endif
}
else
{
if (BIO_write_filename(out,outfile) <= 0)
{
# endif
} else {
if (BIO_write_filename(out, outfile) <= 0) {
perror(outfile);
goto end;
}
}
#ifndef OPENSSL_NO_ENGINE
# ifndef OPENSSL_NO_ENGINE
setup_engine(bio_err, engine, 0);
#endif
# endif
if (list_curves)
{
if (list_curves) {
EC_builtin_curve *curves = NULL;
size_t crv_len = 0;
size_t n = 0;
@ -354,15 +327,12 @@ bad:
if (curves == NULL)
goto end;
if (!EC_get_builtin_curves(curves, crv_len))
{
if (!EC_get_builtin_curves(curves, crv_len)) {
OPENSSL_free(curves);
goto end;
}
for (n = 0; n < crv_len; n++)
{
for (n = 0; n < crv_len; n++) {
const char *comment;
const char *sname;
comment = curves[n].comment;
@ -381,67 +351,51 @@ bad:
goto end;
}
if (curve_name != NULL)
{
if (curve_name != NULL) {
int nid;
/* workaround for the SECG curve names secp192r1
* and secp256r1 (which are the same as the curves
* prime192v1 and prime256v1 defined in X9.62)
/*
* workaround for the SECG curve names secp192r1 and secp256r1 (which
* are the same as the curves prime192v1 and prime256v1 defined in
* X9.62)
*/
if (!strcmp(curve_name, "secp192r1"))
{
if (!strcmp(curve_name, "secp192r1")) {
BIO_printf(bio_err, "using curve name prime192v1 "
"instead of secp192r1\n");
nid = NID_X9_62_prime192v1;
}
else if (!strcmp(curve_name, "secp256r1"))
{
} else if (!strcmp(curve_name, "secp256r1")) {
BIO_printf(bio_err, "using curve name prime256v1 "
"instead of secp256r1\n");
nid = NID_X9_62_prime256v1;
}
else
} else
nid = OBJ_sn2nid(curve_name);
if (nid == 0)
nid = EC_curve_nist2nid(curve_name);
if (nid == 0)
{
BIO_printf(bio_err, "unknown curve name (%s)\n",
curve_name);
if (nid == 0) {
BIO_printf(bio_err, "unknown curve name (%s)\n", curve_name);
goto end;
}
group = EC_GROUP_new_by_curve_name(nid);
if (group == NULL)
{
BIO_printf(bio_err, "unable to create curve (%s)\n",
curve_name);
if (group == NULL) {
BIO_printf(bio_err, "unable to create curve (%s)\n", curve_name);
goto end;
}
EC_GROUP_set_asn1_flag(group, asn1_flag);
EC_GROUP_set_point_conversion_form(group, form);
}
else if (informat == FORMAT_ASN1)
{
} else if (informat == FORMAT_ASN1) {
group = d2i_ECPKParameters_bio(in, NULL);
}
else if (informat == FORMAT_PEM)
{
group = PEM_read_bio_ECPKParameters(in,NULL,NULL,NULL);
}
else
{
} else if (informat == FORMAT_PEM) {
group = PEM_read_bio_ECPKParameters(in, NULL, NULL, NULL);
} else {
BIO_printf(bio_err, "bad input format specified\n");
goto end;
}
if (group == NULL)
{
BIO_printf(bio_err,
"unable to load elliptic curve parameters\n");
if (group == NULL) {
BIO_printf(bio_err, "unable to load elliptic curve parameters\n");
ERR_print_errors(bio_err);
goto end;
}
@ -452,34 +406,28 @@ bad:
if (new_asn1_flag)
EC_GROUP_set_asn1_flag(group, asn1_flag);
if (no_seed)
{
if (no_seed) {
EC_GROUP_set_seed(group, NULL, 0);
}
if (text)
{
if (text) {
if (!ECPKParameters_print(out, group, 0))
goto end;
}
if (check)
{
if (check) {
if (group == NULL)
BIO_printf(bio_err, "no elliptic curve parameters\n");
BIO_printf(bio_err, "checking elliptic curve parameters: ");
if (!EC_GROUP_check(group, NULL))
{
if (!EC_GROUP_check(group, NULL)) {
BIO_printf(bio_err, "failed\n");
ERR_print_errors(bio_err);
}
else
} else
BIO_printf(bio_err, "ok\n");
}
if (C)
{
if (C) {
size_t buf_len = 0, tmp_len = 0;
const EC_POINT *point;
int is_prime, len = 0;
@ -488,23 +436,17 @@ bad:
if ((ec_p = BN_new()) == NULL || (ec_a = BN_new()) == NULL ||
(ec_b = BN_new()) == NULL || (ec_gen = BN_new()) == NULL ||
(ec_order = BN_new()) == NULL ||
(ec_cofactor = BN_new()) == NULL )
{
(ec_cofactor = BN_new()) == NULL) {
perror("OPENSSL_malloc");
goto end;
}
is_prime = (EC_METHOD_get_field_type(meth) ==
NID_X9_62_prime_field);
is_prime = (EC_METHOD_get_field_type(meth) == NID_X9_62_prime_field);
if (is_prime)
{
if (!EC_GROUP_get_curve_GFp(group, ec_p, ec_a,
ec_b, NULL))
if (is_prime) {
if (!EC_GROUP_get_curve_GFp(group, ec_p, ec_a, ec_b, NULL))
goto end;
}
else
{
} else {
/* TODO */
goto end;
}
@ -512,16 +454,15 @@ bad:
if ((point = EC_GROUP_get0_generator(group)) == NULL)
goto end;
if (!EC_POINT_point2bn(group, point,
EC_GROUP_get_point_conversion_form(group), ec_gen,
NULL))
EC_GROUP_get_point_conversion_form(group),
ec_gen, NULL))
goto end;
if (!EC_GROUP_get_order(group, ec_order, NULL))
goto end;
if (!EC_GROUP_get_cofactor(group, ec_cofactor, NULL))
goto end;
if (!ec_p || !ec_a || !ec_b || !ec_gen ||
!ec_order || !ec_cofactor)
if (!ec_p || !ec_a || !ec_b || !ec_gen || !ec_order || !ec_cofactor)
goto end;
len = BN_num_bits(ec_order);
@ -541,8 +482,7 @@ bad:
buffer = (unsigned char *)OPENSSL_malloc(buf_len);
if (buffer == NULL)
{
if (buffer == NULL) {
perror("OPENSSL_malloc");
goto end;
}
@ -552,8 +492,7 @@ bad:
ecparam_print_var(out, ec_b, "ec_b", len, buffer);
ecparam_print_var(out, ec_gen, "ec_gen", len, buffer);
ecparam_print_var(out, ec_order, "ec_order", len, buffer);
ecparam_print_var(out, ec_cofactor, "ec_cofactor", len,
buffer);
ecparam_print_var(out, ec_cofactor, "ec_cofactor", len, buffer);
BIO_printf(out, "\n\n");
@ -572,14 +511,11 @@ bad:
BIO_printf(out, "\tif ((tmp_3 = BN_bin2bn(ec_b_%d, "
"sizeof(ec_b_%d), NULL)) == NULL)\n\t\t"
"goto err;\n", len, len);
if (is_prime)
{
if (is_prime) {
BIO_printf(out, "\tif ((group = EC_GROUP_new_curve_"
"GFp(tmp_1, tmp_2, tmp_3, NULL)) == NULL)"
"\n\t\tgoto err;\n\n");
}
else
{
} else {
/* TODO */
goto end;
}
@ -612,20 +548,17 @@ bad:
BIO_printf(out, "\treturn(group);\n\t}\n");
}
if (!noout)
{
if (!noout) {
if (outformat == FORMAT_ASN1)
i = i2d_ECPKParameters_bio(out, group);
else if (outformat == FORMAT_PEM)
i = PEM_write_bio_ECPKParameters(out, group);
else
{
BIO_printf(bio_err,"bad output format specified for"
else {
BIO_printf(bio_err, "bad output format specified for"
" outfile\n");
goto end;
}
if (!i)
{
if (!i) {
BIO_printf(bio_err, "unable to write elliptic "
"curve parameters\n");
ERR_print_errors(bio_err);
@ -633,16 +566,14 @@ bad:
}
}
if (need_rand)
{
if (need_rand) {
app_RAND_load_file(NULL, bio_err, (inrand != NULL));
if (inrand != NULL)
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
app_RAND_load_files(inrand));
}
if (genkey)
{
if (genkey) {
EC_KEY *eckey = EC_KEY_new();
if (eckey == NULL)
@ -653,8 +584,7 @@ bad:
if (EC_KEY_set_group(eckey, group) == 0)
goto end;
if (!EC_KEY_generate_key(eckey))
{
if (!EC_KEY_generate_key(eckey)) {
EC_KEY_free(eckey);
goto end;
}
@ -663,8 +593,7 @@ bad:
else if (outformat == FORMAT_PEM)
i = PEM_write_bio_ECPrivateKey(out, eckey, NULL,
NULL, 0, NULL, NULL);
else
{
else {
BIO_printf(bio_err, "bad output format specified "
"for outfile\n");
EC_KEY_free(eckey);
@ -676,8 +605,8 @@ bad:
if (need_rand)
app_RAND_write_file(NULL, bio_err);
ret=0;
end:
ret = 0;
end:
if (ec_p)
BN_free(ec_p);
if (ec_a)
@ -704,32 +633,30 @@ end:
static int ecparam_print_var(BIO *out, BIGNUM *in, const char *var,
int len, unsigned char *buffer)
{
{
BIO_printf(out, "static unsigned char %s_%d[] = {", var, len);
if (BN_is_zero(in))
BIO_printf(out, "\n\t0x00");
else
{
else {
int i, l;
l = BN_bn2bin(in, buffer);
for (i=0; i<l-1; i++)
{
if ((i%12) == 0)
for (i = 0; i < l - 1; i++) {
if ((i % 12) == 0)
BIO_printf(out, "\n\t");
BIO_printf(out, "0x%02X,", buffer[i]);
}
if ((i%12) == 0)
if ((i % 12) == 0)
BIO_printf(out, "\n\t");
BIO_printf(out, "0x%02X", buffer[i]);
}
BIO_printf(out, "\n\t};\n\n");
return 1;
}
}
#else /* !OPENSSL_NO_EC */
# if PEDANTIC
static void *dummy=&dummy;
static void *dummy = &dummy;
# endif
#endif

762
apps/enc.c
View File

File diff suppressed because it is too large Load Diff

412
apps/engine.c
View File

@ -1,6 +1,7 @@
/* apps/engine.c -*- mode: C; c-file-style: "eay" -*- */
/* Written by Richard Levitte <richard@levitte.org> for the OpenSSL
* project 2000.
/*
* Written by Richard Levitte <richard@levitte.org> for the OpenSSL project
* 2000.
*/
/* ====================================================================
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
@ -56,53 +57,51 @@
*
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#ifdef OPENSSL_NO_STDIO
#define APPS_WIN16
# define APPS_WIN16
#endif
#include "apps.h"
#include <openssl/err.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#include <openssl/ssl.h>
# include <openssl/engine.h>
# include <openssl/ssl.h>
#undef PROG
#define PROG engine_main
# undef PROG
# define PROG engine_main
static const char *engine_usage[]={
"usage: engine opts [engine ...]\n",
" -v[v[v[v]]] - verbose mode, for each engine, list its 'control commands'\n",
" -vv will additionally display each command's description\n",
" -vvv will also add the input flags for each command\n",
" -vvvv will also show internal input flags\n",
" -c - for each engine, also list the capabilities\n",
" -t[t] - for each engine, check that they are really available\n",
" -tt will display error trace for unavailable engines\n",
" -pre <cmd> - runs command 'cmd' against the ENGINE before any attempts\n",
" to load it (if -t is used)\n",
" -post <cmd> - runs command 'cmd' against the ENGINE after loading it\n",
" (only used if -t is also provided)\n",
" NB: -pre and -post will be applied to all ENGINEs supplied on the command\n",
" line, or all supported ENGINEs if none are specified.\n",
" Eg. '-pre \"SO_PATH:/lib/libdriver.so\"' calls command \"SO_PATH\" with\n",
" argument \"/lib/libdriver.so\".\n",
NULL
static const char *engine_usage[] = {
"usage: engine opts [engine ...]\n",
" -v[v[v[v]]] - verbose mode, for each engine, list its 'control commands'\n",
" -vv will additionally display each command's description\n",
" -vvv will also add the input flags for each command\n",
" -vvvv will also show internal input flags\n",
" -c - for each engine, also list the capabilities\n",
" -t[t] - for each engine, check that they are really available\n",
" -tt will display error trace for unavailable engines\n",
" -pre <cmd> - runs command 'cmd' against the ENGINE before any attempts\n",
" to load it (if -t is used)\n",
" -post <cmd> - runs command 'cmd' against the ENGINE after loading it\n",
" (only used if -t is also provided)\n",
" NB: -pre and -post will be applied to all ENGINEs supplied on the command\n",
" line, or all supported ENGINEs if none are specified.\n",
" Eg. '-pre \"SO_PATH:/lib/libdriver.so\"' calls command \"SO_PATH\" with\n",
" argument \"/lib/libdriver.so\".\n",
NULL
};
static void identity(char *ptr)
{
{
return;
}
}
static int append_buf(char **buf, const char *s, int *size, int step)
{
{
int l = strlen(s);
if (*buf == NULL)
{
if (*buf == NULL) {
*size = step;
*buf = OPENSSL_malloc(*size);
if (*buf == NULL)
@ -113,8 +112,7 @@ static int append_buf(char **buf, const char *s, int *size, int step)
if (**buf != '\0')
l += 2; /* ", " */
if (strlen(*buf) + strlen(s) >= (unsigned int)*size)
{
if (strlen(*buf) + strlen(s) >= (unsigned int)*size) {
*size += step;
*buf = OPENSSL_realloc(*buf, *size);
}
@ -127,48 +125,45 @@ static int append_buf(char **buf, const char *s, int *size, int step)
BUF_strlcat(*buf, s, *size);
return 1;
}
}
static int util_flags(BIO *bio_out, unsigned int flags, const char *indent)
{
{
int started = 0, err = 0;
/* Indent before displaying input flags */
BIO_printf(bio_out, "%s%s(input flags): ", indent, indent);
if(flags == 0)
{
if (flags == 0) {
BIO_printf(bio_out, "<no flags>\n");
return 1;
}
/* If the object is internal, mark it in a way that shows instead of
* having it part of all the other flags, even if it really is. */
if(flags & ENGINE_CMD_FLAG_INTERNAL)
{
/*
* If the object is internal, mark it in a way that shows instead of
* having it part of all the other flags, even if it really is.
*/
if (flags & ENGINE_CMD_FLAG_INTERNAL) {
BIO_printf(bio_out, "[Internal] ");
}
if(flags & ENGINE_CMD_FLAG_NUMERIC)
{
if (flags & ENGINE_CMD_FLAG_NUMERIC) {
BIO_printf(bio_out, "NUMERIC");
started = 1;
}
/* Now we check that no combinations of the mutually exclusive NUMERIC,
/*
* Now we check that no combinations of the mutually exclusive NUMERIC,
* STRING, and NO_INPUT flags have been used. Future flags that can be
* OR'd together with these would need to added after these to preserve
* the testing logic. */
if(flags & ENGINE_CMD_FLAG_STRING)
{
if(started)
{
* the testing logic.
*/
if (flags & ENGINE_CMD_FLAG_STRING) {
if (started) {
BIO_printf(bio_out, "|");
err = 1;
}
BIO_printf(bio_out, "STRING");
started = 1;
}
if(flags & ENGINE_CMD_FLAG_NO_INPUT)
{
if(started)
{
if (flags & ENGINE_CMD_FLAG_NO_INPUT) {
if (started) {
BIO_printf(bio_out, "|");
err = 1;
}
@ -178,21 +173,21 @@ static int util_flags(BIO *bio_out, unsigned int flags, const char *indent)
/* Check for unknown flags */
flags = flags & ~ENGINE_CMD_FLAG_NUMERIC &
~ENGINE_CMD_FLAG_STRING &
~ENGINE_CMD_FLAG_NO_INPUT &
~ENGINE_CMD_FLAG_INTERNAL;
if(flags)
{
if(started) BIO_printf(bio_out, "|");
~ENGINE_CMD_FLAG_NO_INPUT & ~ENGINE_CMD_FLAG_INTERNAL;
if (flags) {
if (started)
BIO_printf(bio_out, "|");
BIO_printf(bio_out, "<0x%04X>", flags);
}
if(err)
if (err)
BIO_printf(bio_out, " <illegal flags!>");
BIO_printf(bio_out, "\n");
return 1;
}
}
static int util_verbose(ENGINE *e, int verbose, BIO *bio_out, const char *indent)
{
static int util_verbose(ENGINE *e, int verbose, BIO *bio_out,
const char *indent)
{
static const int line_wrap = 78;
int num;
int ret = 0;
@ -201,349 +196,322 @@ static int util_verbose(ENGINE *e, int verbose, BIO *bio_out, const char *indent
int flags;
int xpos = 0;
STACK_OF(OPENSSL_STRING) *cmds = NULL;
if(!ENGINE_ctrl(e, ENGINE_CTRL_HAS_CTRL_FUNCTION, 0, NULL, NULL) ||
if (!ENGINE_ctrl(e, ENGINE_CTRL_HAS_CTRL_FUNCTION, 0, NULL, NULL) ||
((num = ENGINE_ctrl(e, ENGINE_CTRL_GET_FIRST_CMD_TYPE,
0, NULL, NULL)) <= 0))
{
#if 0
0, NULL, NULL)) <= 0)) {
# if 0
BIO_printf(bio_out, "%s<no control commands>\n", indent);
#endif
# endif
return 1;
}
cmds = sk_OPENSSL_STRING_new_null();
if(!cmds)
if (!cmds)
goto err;
do {
int len;
/* Get the command input flags */
if((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, num,
if ((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, num,
NULL, NULL)) < 0)
goto err;
if (!(flags & ENGINE_CMD_FLAG_INTERNAL) || verbose >= 4)
{
if (!(flags & ENGINE_CMD_FLAG_INTERNAL) || verbose >= 4) {
/* Get the command name */
if((len = ENGINE_ctrl(e, ENGINE_CTRL_GET_NAME_LEN_FROM_CMD, num,
if ((len = ENGINE_ctrl(e, ENGINE_CTRL_GET_NAME_LEN_FROM_CMD, num,
NULL, NULL)) <= 0)
goto err;
if((name = OPENSSL_malloc(len + 1)) == NULL)
if ((name = OPENSSL_malloc(len + 1)) == NULL)
goto err;
if(ENGINE_ctrl(e, ENGINE_CTRL_GET_NAME_FROM_CMD, num, name,
if (ENGINE_ctrl(e, ENGINE_CTRL_GET_NAME_FROM_CMD, num, name,
NULL) <= 0)
goto err;
/* Get the command description */
if((len = ENGINE_ctrl(e, ENGINE_CTRL_GET_DESC_LEN_FROM_CMD, num,
if ((len = ENGINE_ctrl(e, ENGINE_CTRL_GET_DESC_LEN_FROM_CMD, num,
NULL, NULL)) < 0)
goto err;
if(len > 0)
{
if((desc = OPENSSL_malloc(len + 1)) == NULL)
if (len > 0) {
if ((desc = OPENSSL_malloc(len + 1)) == NULL)
goto err;
if(ENGINE_ctrl(e, ENGINE_CTRL_GET_DESC_FROM_CMD, num, desc,
if (ENGINE_ctrl(e, ENGINE_CTRL_GET_DESC_FROM_CMD, num, desc,
NULL) <= 0)
goto err;
}
/* Now decide on the output */
if(xpos == 0)
if (xpos == 0)
/* Do an indent */
xpos = BIO_puts(bio_out, indent);
else
/* Otherwise prepend a ", " */
xpos += BIO_printf(bio_out, ", ");
if(verbose == 1)
{
/* We're just listing names, comma-delimited */
if((xpos > (int)strlen(indent)) &&
(xpos + (int)strlen(name) > line_wrap))
{
if (verbose == 1) {
/*
* We're just listing names, comma-delimited
*/
if ((xpos > (int)strlen(indent)) &&
(xpos + (int)strlen(name) > line_wrap)) {
BIO_printf(bio_out, "\n");
xpos = BIO_puts(bio_out, indent);
}
xpos += BIO_printf(bio_out, "%s", name);
}
else
{
} else {
/* We're listing names plus descriptions */
BIO_printf(bio_out, "%s: %s\n", name,
(desc == NULL) ? "<no description>" : desc);
/* ... and sometimes input flags */
if((verbose >= 3) && !util_flags(bio_out, flags,
indent))
if ((verbose >= 3) && !util_flags(bio_out, flags, indent))
goto err;
xpos = 0;
}
}
OPENSSL_free(name); name = NULL;
if(desc) { OPENSSL_free(desc); desc = NULL; }
OPENSSL_free(name);
name = NULL;
if (desc) {
OPENSSL_free(desc);
desc = NULL;
}
/* Move to the next command */
num = ENGINE_ctrl(e, ENGINE_CTRL_GET_NEXT_CMD_TYPE,
num, NULL, NULL);
} while(num > 0);
if(xpos > 0)
num = ENGINE_ctrl(e, ENGINE_CTRL_GET_NEXT_CMD_TYPE, num, NULL, NULL);
} while (num > 0);
if (xpos > 0)
BIO_printf(bio_out, "\n");
ret = 1;
err:
if(cmds) sk_OPENSSL_STRING_pop_free(cmds, identity);
if(name) OPENSSL_free(name);
if(desc) OPENSSL_free(desc);
err:
if (cmds)
sk_OPENSSL_STRING_pop_free(cmds, identity);
if (name)
OPENSSL_free(name);
if (desc)
OPENSSL_free(desc);
return ret;
}
}
static void util_do_cmds(ENGINE *e, STACK_OF(OPENSSL_STRING) *cmds,
BIO *bio_out, const char *indent)
{
{
int loop, res, num = sk_OPENSSL_STRING_num(cmds);
if(num < 0)
{
if (num < 0) {
BIO_printf(bio_out, "[Error]: internal stack error\n");
return;
}
for(loop = 0; loop < num; loop++)
{
for (loop = 0; loop < num; loop++) {
char buf[256];
const char *cmd, *arg;
cmd = sk_OPENSSL_STRING_value(cmds, loop);
res = 1; /* assume success */
/* Check if this command has no ":arg" */
if((arg = strstr(cmd, ":")) == NULL)
{
if(!ENGINE_ctrl_cmd_string(e, cmd, NULL, 0))
if ((arg = strstr(cmd, ":")) == NULL) {
if (!ENGINE_ctrl_cmd_string(e, cmd, NULL, 0))
res = 0;
}
else
{
if((int)(arg - cmd) > 254)
{
BIO_printf(bio_out,"[Error]: command name too long\n");
} else {
if ((int)(arg - cmd) > 254) {
BIO_printf(bio_out, "[Error]: command name too long\n");
return;
}
memcpy(buf, cmd, (int)(arg - cmd));
buf[arg-cmd] = '\0';
buf[arg - cmd] = '\0';
arg++; /* Move past the ":" */
/* Call the command with the argument */
if(!ENGINE_ctrl_cmd_string(e, buf, arg, 0))
if (!ENGINE_ctrl_cmd_string(e, buf, arg, 0))
res = 0;
}
if(res)
if (res)
BIO_printf(bio_out, "[Success]: %s\n", cmd);
else
{
else {
BIO_printf(bio_out, "[Failure]: %s\n", cmd);
ERR_print_errors(bio_out);
}
}
}
}
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
int ret=1,i;
{
int ret = 1, i;
const char **pp;
int verbose=0, list_cap=0, test_avail=0, test_avail_noise = 0;
int verbose = 0, list_cap = 0, test_avail = 0, test_avail_noise = 0;
ENGINE *e;
STACK_OF(OPENSSL_STRING) *engines = sk_OPENSSL_STRING_new_null();
STACK_OF(OPENSSL_STRING) *pre_cmds = sk_OPENSSL_STRING_new_null();
STACK_OF(OPENSSL_STRING) *post_cmds = sk_OPENSSL_STRING_new_null();
int badops=1;
BIO *bio_out=NULL;
int badops = 1;
BIO *bio_out = NULL;
const char *indent = " ";
apps_startup();
SSL_load_error_strings();
if (bio_err == NULL)
bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
if (!load_config(bio_err, NULL))
goto end;
bio_out=BIO_new_fp(stdout,BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
# ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
bio_out = BIO_push(tmpbio, bio_out);
}
#endif
# endif
argc--;
argv++;
while (argc >= 1)
{
if (strncmp(*argv,"-v",2) == 0)
{
if(strspn(*argv + 1, "v") < strlen(*argv + 1))
while (argc >= 1) {
if (strncmp(*argv, "-v", 2) == 0) {
if (strspn(*argv + 1, "v") < strlen(*argv + 1))
goto skip_arg_loop;
if((verbose=strlen(*argv + 1)) > 4)
if ((verbose = strlen(*argv + 1)) > 4)
goto skip_arg_loop;
}
else if (strcmp(*argv,"-c") == 0)
list_cap=1;
else if (strncmp(*argv,"-t",2) == 0)
{
test_avail=1;
if(strspn(*argv + 1, "t") < strlen(*argv + 1))
} else if (strcmp(*argv, "-c") == 0)
list_cap = 1;
else if (strncmp(*argv, "-t", 2) == 0) {
test_avail = 1;
if (strspn(*argv + 1, "t") < strlen(*argv + 1))
goto skip_arg_loop;
if((test_avail_noise = strlen(*argv + 1) - 1) > 1)
if ((test_avail_noise = strlen(*argv + 1) - 1) > 1)
goto skip_arg_loop;
}
else if (strcmp(*argv,"-pre") == 0)
{
argc--; argv++;
} else if (strcmp(*argv, "-pre") == 0) {
argc--;
argv++;
if (argc == 0)
goto skip_arg_loop;
sk_OPENSSL_STRING_push(pre_cmds,*argv);
}
else if (strcmp(*argv,"-post") == 0)
{
argc--; argv++;
sk_OPENSSL_STRING_push(pre_cmds, *argv);
} else if (strcmp(*argv, "-post") == 0) {
argc--;
argv++;
if (argc == 0)
goto skip_arg_loop;
sk_OPENSSL_STRING_push(post_cmds,*argv);
}
else if ((strncmp(*argv,"-h",2) == 0) ||
(strcmp(*argv,"-?") == 0))
sk_OPENSSL_STRING_push(post_cmds, *argv);
} else if ((strncmp(*argv, "-h", 2) == 0) ||
(strcmp(*argv, "-?") == 0))
goto skip_arg_loop;
else
sk_OPENSSL_STRING_push(engines,*argv);
sk_OPENSSL_STRING_push(engines, *argv);
argc--;
argv++;
}
/* Looks like everything went OK */
badops = 0;
skip_arg_loop:
skip_arg_loop:
if (badops)
{
for (pp=engine_usage; (*pp != NULL); pp++)
BIO_printf(bio_err,"%s",*pp);
if (badops) {
for (pp = engine_usage; (*pp != NULL); pp++)
BIO_printf(bio_err, "%s", *pp);
goto end;
}
if (sk_OPENSSL_STRING_num(engines) == 0)
{
for(e = ENGINE_get_first(); e != NULL; e = ENGINE_get_next(e))
{
sk_OPENSSL_STRING_push(engines,(char *)ENGINE_get_id(e));
if (sk_OPENSSL_STRING_num(engines) == 0) {
for (e = ENGINE_get_first(); e != NULL; e = ENGINE_get_next(e)) {
sk_OPENSSL_STRING_push(engines, (char *)ENGINE_get_id(e));
}
}
for (i=0; i<sk_OPENSSL_STRING_num(engines); i++)
{
const char *id = sk_OPENSSL_STRING_value(engines,i);
if ((e = ENGINE_by_id(id)) != NULL)
{
for (i = 0; i < sk_OPENSSL_STRING_num(engines); i++) {
const char *id = sk_OPENSSL_STRING_value(engines, i);
if ((e = ENGINE_by_id(id)) != NULL) {
const char *name = ENGINE_get_name(e);
/* Do "id" first, then "name". Easier to auto-parse. */
/*
* Do "id" first, then "name". Easier to auto-parse.
*/
BIO_printf(bio_out, "(%s) %s\n", id, name);
util_do_cmds(e, pre_cmds, bio_out, indent);
if (strcmp(ENGINE_get_id(e), id) != 0)
{
if (strcmp(ENGINE_get_id(e), id) != 0) {
BIO_printf(bio_out, "Loaded: (%s) %s\n",
ENGINE_get_id(e), ENGINE_get_name(e));
}
if (list_cap)
{
if (list_cap) {
int cap_size = 256;
char *cap_buf = NULL;
int k,n;
int k, n;
const int *nids;
ENGINE_CIPHERS_PTR fn_c;
ENGINE_DIGESTS_PTR fn_d;
ENGINE_PKEY_METHS_PTR fn_pk;
if (ENGINE_get_RSA(e) != NULL
&& !append_buf(&cap_buf, "RSA",
&cap_size, 256))
&& !append_buf(&cap_buf, "RSA", &cap_size, 256))
goto end;
if (ENGINE_get_DSA(e) != NULL
&& !append_buf(&cap_buf, "DSA",
&cap_size, 256))
&& !append_buf(&cap_buf, "DSA", &cap_size, 256))
goto end;
if (ENGINE_get_DH(e) != NULL
&& !append_buf(&cap_buf, "DH",
&cap_size, 256))
&& !append_buf(&cap_buf, "DH", &cap_size, 256))
goto end;
if (ENGINE_get_RAND(e) != NULL
&& !append_buf(&cap_buf, "RAND",
&cap_size, 256))
&& !append_buf(&cap_buf, "RAND", &cap_size, 256))
goto end;
fn_c = ENGINE_get_ciphers(e);
if(!fn_c) goto skip_ciphers;
if (!fn_c)
goto skip_ciphers;
n = fn_c(e, NULL, &nids, 0);
for(k=0 ; k < n ; ++k)
if(!append_buf(&cap_buf,
OBJ_nid2sn(nids[k]),
&cap_size, 256))
for (k = 0; k < n; ++k)
if (!append_buf(&cap_buf,
OBJ_nid2sn(nids[k]), &cap_size, 256))
goto end;
skip_ciphers:
skip_ciphers:
fn_d = ENGINE_get_digests(e);
if(!fn_d) goto skip_digests;
if (!fn_d)
goto skip_digests;
n = fn_d(e, NULL, &nids, 0);
for(k=0 ; k < n ; ++k)
if(!append_buf(&cap_buf,
OBJ_nid2sn(nids[k]),
&cap_size, 256))
for (k = 0; k < n; ++k)
if (!append_buf(&cap_buf,
OBJ_nid2sn(nids[k]), &cap_size, 256))
goto end;
skip_digests:
skip_digests:
fn_pk = ENGINE_get_pkey_meths(e);
if(!fn_pk) goto skip_pmeths;
if (!fn_pk)
goto skip_pmeths;
n = fn_pk(e, NULL, &nids, 0);
for(k=0 ; k < n ; ++k)
if(!append_buf(&cap_buf,
OBJ_nid2sn(nids[k]),
&cap_size, 256))
for (k = 0; k < n; ++k)
if (!append_buf(&cap_buf,
OBJ_nid2sn(nids[k]), &cap_size, 256))
goto end;
skip_pmeths:
skip_pmeths:
if (cap_buf && (*cap_buf != '\0'))
BIO_printf(bio_out, " [%s]\n", cap_buf);
OPENSSL_free(cap_buf);
}
if(test_avail)
{
if (test_avail) {
BIO_printf(bio_out, "%s", indent);
if (ENGINE_init(e))
{
if (ENGINE_init(e)) {
BIO_printf(bio_out, "[ available ]\n");
util_do_cmds(e, post_cmds, bio_out, indent);
ENGINE_finish(e);
}
else
{
} else {
BIO_printf(bio_out, "[ unavailable ]\n");
if(test_avail_noise)
if (test_avail_noise)
ERR_print_errors_fp(stdout);
ERR_clear_error();
}
}
if((verbose > 0) && !util_verbose(e, verbose, bio_out, indent))
if ((verbose > 0) && !util_verbose(e, verbose, bio_out, indent))
goto end;
ENGINE_free(e);
}
else
} else
ERR_print_errors(bio_err);
}
ret=0;
end:
ret = 0;
end:
ERR_print_errors(bio_err);
sk_OPENSSL_STRING_pop_free(engines, identity);
sk_OPENSSL_STRING_pop_free(pre_cmds, identity);
sk_OPENSSL_STRING_pop_free(post_cmds, identity);
if (bio_out != NULL) BIO_free_all(bio_out);
if (bio_out != NULL)
BIO_free_all(bio_out);
apps_shutdown();
OPENSSL_EXIT(ret);
}
}
#else
# if PEDANTIC
static void *dummy=&dummy;
static void *dummy = &dummy;
# endif
#endif

45
apps/errstr.c
View File

@ -71,58 +71,51 @@
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
int i,ret=0;
{
int i, ret = 0;
char buf[256];
unsigned long l;
apps_startup();
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
SSL_load_error_strings();
if ((argc > 1) && (strcmp(argv[1],"-stats") == 0))
{
BIO *out=NULL;
if ((argc > 1) && (strcmp(argv[1], "-stats") == 0)) {
BIO *out = NULL;
out=BIO_new(BIO_s_file());
if ((out != NULL) && BIO_set_fp(out,stdout,BIO_NOCLOSE))
{
out = BIO_new(BIO_s_file());
if ((out != NULL) && BIO_set_fp(out, stdout, BIO_NOCLOSE)) {
#ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
out = BIO_push(tmpbio, out);
}
#endif
lh_ERR_STRING_DATA_node_stats_bio(
ERR_get_string_table(), out);
lh_ERR_STRING_DATA_stats_bio(ERR_get_string_table(),
lh_ERR_STRING_DATA_node_stats_bio(ERR_get_string_table(), out);
lh_ERR_STRING_DATA_stats_bio(ERR_get_string_table(), out);
lh_ERR_STRING_DATA_node_usage_stats_bio(ERR_get_string_table(),
out);
lh_ERR_STRING_DATA_node_usage_stats_bio(
ERR_get_string_table(),out);
}
if (out != NULL) BIO_free_all(out);
if (out != NULL)
BIO_free_all(out);
argc--;
argv++;
}
for (i=1; i<argc; i++)
{
if (sscanf(argv[i],"%lx",&l))
{
for (i = 1; i < argc; i++) {
if (sscanf(argv[i], "%lx", &l)) {
ERR_error_string_n(l, buf, sizeof buf);
printf("%s\n",buf);
}
else
{
printf("%s: bad error code\n",argv[i]);
printf("%s\n", buf);
} else {
printf("%s: bad error code\n", argv[i]);
printf("usage: errstr [-stats] <errno> ...\n");
ret++;
}
}
apps_shutdown();
OPENSSL_EXIT(ret);
}
}

225
apps/gendh.c
View File

@ -58,184 +58,191 @@
*/
#include <openssl/opensslconf.h>
/* Until the key-gen callbacks are modified to use newer prototypes, we allow
* deprecated functions for openssl-internal code */
/*
* Until the key-gen callbacks are modified to use newer prototypes, we allow
* deprecated functions for openssl-internal code
*/
#ifdef OPENSSL_NO_DEPRECATED
#undef OPENSSL_NO_DEPRECATED
# undef OPENSSL_NO_DEPRECATED
#endif
#ifndef OPENSSL_NO_DH
#include <stdio.h>
#include <string.h>
#include <sys/types.h>
#include <sys/stat.h>
#include "apps.h"
#include <openssl/bio.h>
#include <openssl/rand.h>
#include <openssl/err.h>
#include <openssl/bn.h>
#include <openssl/dh.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
# include <stdio.h>
# include <string.h>
# include <sys/types.h>
# include <sys/stat.h>
# include "apps.h"
# include <openssl/bio.h>
# include <openssl/rand.h>
# include <openssl/err.h>
# include <openssl/bn.h>
# include <openssl/dh.h>
# include <openssl/x509.h>
# include <openssl/pem.h>
#define DEFBITS 2048
#undef PROG
#define PROG gendh_main
# define DEFBITS 2048
# undef PROG
# define PROG gendh_main
static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb);
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
{
BN_GENCB cb;
DH *dh=NULL;
int ret=1,num=DEFBITS;
int g=2;
char *outfile=NULL;
char *inrand=NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
BIO *out=NULL;
DH *dh = NULL;
int ret = 1, num = DEFBITS;
int g = 2;
char *outfile = NULL;
char *inrand = NULL;
# ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
# endif
BIO *out = NULL;
apps_startup();
BN_GENCB_set(&cb, dh_cb, bio_err);
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
if (!load_config(bio_err, NULL))
goto end;
argv++;
argc--;
for (;;)
{
if (argc <= 0) break;
if (strcmp(*argv,"-out") == 0)
{
if (--argc < 1) goto bad;
outfile= *(++argv);
}
else if (strcmp(*argv,"-2") == 0)
g=2;
for (;;) {
if (argc <= 0)
break;
if (strcmp(*argv, "-out") == 0) {
if (--argc < 1)
goto bad;
outfile = *(++argv);
} else if (strcmp(*argv, "-2") == 0)
g = 2;
/*- else if (strcmp(*argv,"-3") == 0)
g=3; */
else if (strcmp(*argv,"-5") == 0)
g=5;
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
else if (strcmp(*argv, "-5") == 0)
g = 5;
# ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv, "-engine") == 0) {
if (--argc < 1)
goto bad;
engine = *(++argv);
}
#endif
else if (strcmp(*argv,"-rand") == 0)
{
if (--argc < 1) goto bad;
inrand= *(++argv);
}
else
# endif
else if (strcmp(*argv, "-rand") == 0) {
if (--argc < 1)
goto bad;
inrand = *(++argv);
} else
break;
argv++;
argc--;
}
if ((argc >= 1) && ((sscanf(*argv,"%d",&num) == 0) || (num < 0)))
{
bad:
BIO_printf(bio_err,"usage: gendh [args] [numbits]\n");
BIO_printf(bio_err," -out file - output the key to 'file\n");
BIO_printf(bio_err," -2 - use 2 as the generator value\n");
/* BIO_printf(bio_err," -3 - use 3 as the generator value\n"); */
BIO_printf(bio_err," -5 - use 5 as the generator value\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
#endif
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
if ((argc >= 1) && ((sscanf(*argv, "%d", &num) == 0) || (num < 0))) {
bad:
BIO_printf(bio_err, "usage: gendh [args] [numbits]\n");
BIO_printf(bio_err, " -out file - output the key to 'file\n");
BIO_printf(bio_err, " -2 - use 2 as the generator value\n");
/*
* BIO_printf(bio_err," -3 - use 3 as the generator value\n");
*/
BIO_printf(bio_err, " -5 - use 5 as the generator value\n");
# ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err,
" -engine e - use engine e, possibly a hardware device.\n");
# endif
BIO_printf(bio_err, " -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR,
LIST_SEPARATOR_CHAR);
BIO_printf(bio_err,
" - load the file (or the files in the directory) into\n");
BIO_printf(bio_err, " the random number generator\n");
goto end;
}
#ifndef OPENSSL_NO_ENGINE
# ifndef OPENSSL_NO_ENGINE
setup_engine(bio_err, engine, 0);
#endif
# endif
out=BIO_new(BIO_s_file());
if (out == NULL)
{
out = BIO_new(BIO_s_file());
if (out == NULL) {
ERR_print_errors(bio_err);
goto end;
}
if (outfile == NULL)
{
BIO_set_fp(out,stdout,BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
if (outfile == NULL) {
BIO_set_fp(out, stdout, BIO_NOCLOSE);
# ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
out = BIO_push(tmpbio, out);
}
#endif
}
else
{
if (BIO_write_filename(out,outfile) <= 0)
{
# endif
} else {
if (BIO_write_filename(out, outfile) <= 0) {
perror(outfile);
goto end;
}
}
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
{
BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL) {
BIO_printf(bio_err,
"warning, not much extra random data, consider using the -rand option\n");
}
if (inrand != NULL)
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
app_RAND_load_files(inrand));
BIO_printf(bio_err,"Generating DH parameters, %d bit long safe prime, generator %d\n",num,g);
BIO_printf(bio_err,"This is going to take a long time\n");
BIO_printf(bio_err,
"Generating DH parameters, %d bit long safe prime, generator %d\n",
num, g);
BIO_printf(bio_err, "This is going to take a long time\n");
if(((dh = DH_new()) == NULL) || !DH_generate_parameters_ex(dh, num, g, &cb))
if (((dh = DH_new()) == NULL)
|| !DH_generate_parameters_ex(dh, num, g, &cb))
goto end;
app_RAND_write_file(NULL, bio_err);
if (!PEM_write_bio_DHparams(out,dh))
if (!PEM_write_bio_DHparams(out, dh))
goto end;
ret=0;
end:
ret = 0;
end:
if (ret != 0)
ERR_print_errors(bio_err);
if (out != NULL) BIO_free_all(out);
if (dh != NULL) DH_free(dh);
if (out != NULL)
BIO_free_all(out);
if (dh != NULL)
DH_free(dh);
apps_shutdown();
OPENSSL_EXIT(ret);
}
}
static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb)
{
char c='*';
{
char c = '*';
if (p == 0) c='.';
if (p == 1) c='+';
if (p == 2) c='*';
if (p == 3) c='\n';
BIO_write(cb->arg,&c,1);
if (p == 0)
c = '.';
if (p == 1)
c = '+';
if (p == 2)
c = '*';
if (p == 3)
c = '\n';
BIO_write(cb->arg, &c, 1);
(void)BIO_flush(cb->arg);
#ifdef LINT
p=n;
#endif
# ifdef LINT
p = n;
# endif
return 1;
}
}
#else /* !OPENSSL_NO_DH */
# if PEDANTIC
static void *dummy=&dummy;
static void *dummy = &dummy;
# endif
#endif

316
apps/gendsa.c
View File

@ -58,228 +58,230 @@
#include <openssl/opensslconf.h> /* for OPENSSL_NO_DSA */
#ifndef OPENSSL_NO_DSA
#include <stdio.h>
#include <string.h>
#include <sys/types.h>
#include <sys/stat.h>
#include "apps.h"
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/bn.h>
#include <openssl/dsa.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
# include <stdio.h>
# include <string.h>
# include <sys/types.h>
# include <sys/stat.h>
# include "apps.h"
# include <openssl/bio.h>
# include <openssl/err.h>
# include <openssl/bn.h>
# include <openssl/dsa.h>
# include <openssl/x509.h>
# include <openssl/pem.h>
#define DEFBITS 512
#undef PROG
#define PROG gendsa_main
# define DEFBITS 512
# undef PROG
# define PROG gendsa_main
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
DSA *dsa=NULL;
int ret=1;
char *outfile=NULL;
char *inrand=NULL,*dsaparams=NULL;
{
DSA *dsa = NULL;
int ret = 1;
char *outfile = NULL;
char *inrand = NULL, *dsaparams = NULL;
char *passargout = NULL, *passout = NULL;
BIO *out=NULL,*in=NULL;
const EVP_CIPHER *enc=NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
BIO *out = NULL, *in = NULL;
const EVP_CIPHER *enc = NULL;
# ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
# endif
apps_startup();
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
if (!load_config(bio_err, NULL))
goto end;
argv++;
argc--;
for (;;)
{
if (argc <= 0) break;
if (strcmp(*argv,"-out") == 0)
{
if (--argc < 1) goto bad;
outfile= *(++argv);
}
else if (strcmp(*argv,"-passout") == 0)
{
if (--argc < 1) goto bad;
passargout= *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-rand") == 0)
{
if (--argc < 1) goto bad;
inrand= *(++argv);
}
else if (strcmp(*argv,"-") == 0)
for (;;) {
if (argc <= 0)
break;
if (strcmp(*argv, "-out") == 0) {
if (--argc < 1)
goto bad;
#ifndef OPENSSL_NO_DES
else if (strcmp(*argv,"-des") == 0)
enc=EVP_des_cbc();
else if (strcmp(*argv,"-des3") == 0)
enc=EVP_des_ede3_cbc();
#endif
#ifndef OPENSSL_NO_IDEA
else if (strcmp(*argv,"-idea") == 0)
enc=EVP_idea_cbc();
#endif
#ifndef OPENSSL_NO_SEED
else if (strcmp(*argv,"-seed") == 0)
enc=EVP_seed_cbc();
#endif
#ifndef OPENSSL_NO_AES
else if (strcmp(*argv,"-aes128") == 0)
enc=EVP_aes_128_cbc();
else if (strcmp(*argv,"-aes192") == 0)
enc=EVP_aes_192_cbc();
else if (strcmp(*argv,"-aes256") == 0)
enc=EVP_aes_256_cbc();
#endif
#ifndef OPENSSL_NO_CAMELLIA
else if (strcmp(*argv,"-camellia128") == 0)
enc=EVP_camellia_128_cbc();
else if (strcmp(*argv,"-camellia192") == 0)
enc=EVP_camellia_192_cbc();
else if (strcmp(*argv,"-camellia256") == 0)
enc=EVP_camellia_256_cbc();
#endif
else if (**argv != '-' && dsaparams == NULL)
{
dsaparams = *argv;
outfile = *(++argv);
} else if (strcmp(*argv, "-passout") == 0) {
if (--argc < 1)
goto bad;
passargout = *(++argv);
}
else
# ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv, "-engine") == 0) {
if (--argc < 1)
goto bad;
engine = *(++argv);
}
# endif
else if (strcmp(*argv, "-rand") == 0) {
if (--argc < 1)
goto bad;
inrand = *(++argv);
} else if (strcmp(*argv, "-") == 0)
goto bad;
# ifndef OPENSSL_NO_DES
else if (strcmp(*argv, "-des") == 0)
enc = EVP_des_cbc();
else if (strcmp(*argv, "-des3") == 0)
enc = EVP_des_ede3_cbc();
# endif
# ifndef OPENSSL_NO_IDEA
else if (strcmp(*argv, "-idea") == 0)
enc = EVP_idea_cbc();
# endif
# ifndef OPENSSL_NO_SEED
else if (strcmp(*argv, "-seed") == 0)
enc = EVP_seed_cbc();
# endif
# ifndef OPENSSL_NO_AES
else if (strcmp(*argv, "-aes128") == 0)
enc = EVP_aes_128_cbc();
else if (strcmp(*argv, "-aes192") == 0)
enc = EVP_aes_192_cbc();
else if (strcmp(*argv, "-aes256") == 0)
enc = EVP_aes_256_cbc();
# endif
# ifndef OPENSSL_NO_CAMELLIA
else if (strcmp(*argv, "-camellia128") == 0)
enc = EVP_camellia_128_cbc();
else if (strcmp(*argv, "-camellia192") == 0)
enc = EVP_camellia_192_cbc();
else if (strcmp(*argv, "-camellia256") == 0)
enc = EVP_camellia_256_cbc();
# endif
else if (**argv != '-' && dsaparams == NULL) {
dsaparams = *argv;
} else
goto bad;
argv++;
argc--;
}
if (dsaparams == NULL)
{
bad:
BIO_printf(bio_err,"usage: gendsa [args] dsaparam-file\n");
BIO_printf(bio_err," -out file - output the key to 'file'\n");
#ifndef OPENSSL_NO_DES
BIO_printf(bio_err," -des - encrypt the generated key with DES in cbc mode\n");
BIO_printf(bio_err," -des3 - encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
#endif
#ifndef OPENSSL_NO_IDEA
BIO_printf(bio_err," -idea - encrypt the generated key with IDEA in cbc mode\n");
#endif
#ifndef OPENSSL_NO_SEED
BIO_printf(bio_err," -seed\n");
BIO_printf(bio_err," encrypt PEM output with cbc seed\n");
#endif
#ifndef OPENSSL_NO_AES
BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
BIO_printf(bio_err," encrypt PEM output with cbc aes\n");
#endif
#ifndef OPENSSL_NO_CAMELLIA
BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
BIO_printf(bio_err," encrypt PEM output with cbc camellia\n");
#endif
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
#endif
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
BIO_printf(bio_err," dsaparam-file\n");
BIO_printf(bio_err," - a DSA parameter file as generated by the dsaparam command\n");
if (dsaparams == NULL) {
bad:
BIO_printf(bio_err, "usage: gendsa [args] dsaparam-file\n");
BIO_printf(bio_err, " -out file - output the key to 'file'\n");
# ifndef OPENSSL_NO_DES
BIO_printf(bio_err,
" -des - encrypt the generated key with DES in cbc mode\n");
BIO_printf(bio_err,
" -des3 - encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
# endif
# ifndef OPENSSL_NO_IDEA
BIO_printf(bio_err,
" -idea - encrypt the generated key with IDEA in cbc mode\n");
# endif
# ifndef OPENSSL_NO_SEED
BIO_printf(bio_err, " -seed\n");
BIO_printf(bio_err,
" encrypt PEM output with cbc seed\n");
# endif
# ifndef OPENSSL_NO_AES
BIO_printf(bio_err, " -aes128, -aes192, -aes256\n");
BIO_printf(bio_err,
" encrypt PEM output with cbc aes\n");
# endif
# ifndef OPENSSL_NO_CAMELLIA
BIO_printf(bio_err, " -camellia128, -camellia192, -camellia256\n");
BIO_printf(bio_err,
" encrypt PEM output with cbc camellia\n");
# endif
# ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err,
" -engine e - use engine e, possibly a hardware device.\n");
# endif
BIO_printf(bio_err, " -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR,
LIST_SEPARATOR_CHAR);
BIO_printf(bio_err,
" - load the file (or the files in the directory) into\n");
BIO_printf(bio_err, " the random number generator\n");
BIO_printf(bio_err, " dsaparam-file\n");
BIO_printf(bio_err,
" - a DSA parameter file as generated by the dsaparam command\n");
goto end;
}
#ifndef OPENSSL_NO_ENGINE
# ifndef OPENSSL_NO_ENGINE
setup_engine(bio_err, engine, 0);
#endif
# endif
if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
if (!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
BIO_printf(bio_err, "Error getting password\n");
goto end;
}
in=BIO_new(BIO_s_file());
if (!(BIO_read_filename(in,dsaparams)))
{
in = BIO_new(BIO_s_file());
if (!(BIO_read_filename(in, dsaparams))) {
perror(dsaparams);
goto end;
}
if ((dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL)) == NULL)
{
BIO_printf(bio_err,"unable to load DSA parameter file\n");
if ((dsa = PEM_read_bio_DSAparams(in, NULL, NULL, NULL)) == NULL) {
BIO_printf(bio_err, "unable to load DSA parameter file\n");
goto end;
}
BIO_free(in);
in = NULL;
out=BIO_new(BIO_s_file());
if (out == NULL) goto end;
out = BIO_new(BIO_s_file());
if (out == NULL)
goto end;
if (outfile == NULL)
{
BIO_set_fp(out,stdout,BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
if (outfile == NULL) {
BIO_set_fp(out, stdout, BIO_NOCLOSE);
# ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
out = BIO_push(tmpbio, out);
}
#endif
}
else
{
if (BIO_write_filename(out,outfile) <= 0)
{
# endif
} else {
if (BIO_write_filename(out, outfile) <= 0) {
perror(outfile);
goto end;
}
}
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
{
BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL) {
BIO_printf(bio_err,
"warning, not much extra random data, consider using the -rand option\n");
}
if (inrand != NULL)
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
app_RAND_load_files(inrand));
BIO_printf(bio_err,"Generating DSA key, %d bits\n",
BN_num_bits(dsa->p));
if (!DSA_generate_key(dsa)) goto end;
BIO_printf(bio_err, "Generating DSA key, %d bits\n", BN_num_bits(dsa->p));
if (!DSA_generate_key(dsa))
goto end;
app_RAND_write_file(NULL, bio_err);
if (!PEM_write_bio_DSAPrivateKey(out,dsa,enc,NULL,0,NULL, passout))
if (!PEM_write_bio_DSAPrivateKey(out, dsa, enc, NULL, 0, NULL, passout))
goto end;
ret=0;
end:
ret = 0;
end:
if (ret != 0)
ERR_print_errors(bio_err);
if (in != NULL) BIO_free(in);
if (out != NULL) BIO_free_all(out);
if (dsa != NULL) DSA_free(dsa);
if(passout) OPENSSL_free(passout);
if (in != NULL)
BIO_free(in);
if (out != NULL)
BIO_free_all(out);
if (dsa != NULL)
DSA_free(dsa);
if (passout)
OPENSSL_free(passout);
apps_shutdown();
OPENSSL_EXIT(ret);
}
}
#else /* !OPENSSL_NO_DSA */
# if PEDANTIC
static void *dummy=&dummy;
static void *dummy = &dummy;
# endif
#endif

215
apps/genpkey.c
View File

@ -1,6 +1,7 @@
/* apps/genpkey.c */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
* 2006
*/
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
@ -62,7 +63,7 @@
#include <openssl/err.h>
#include <openssl/evp.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
# include <openssl/engine.h>
#endif
static int init_keygen_file(BIO *err, EVP_PKEY_CTX **pctx,
@ -74,7 +75,7 @@ static int genpkey_cb(EVP_PKEY_CTX *ctx);
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
{
ENGINE *e = NULL;
char **args, *outfile = NULL;
char *passarg = NULL;
@ -82,7 +83,7 @@ int MAIN(int argc, char **argv)
const EVP_CIPHER *cipher = NULL;
int outformat;
int text = 0;
EVP_PKEY *pkey=NULL;
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *ctx = NULL;
char *pass = NULL;
int badarg = 0;
@ -91,42 +92,36 @@ int MAIN(int argc, char **argv)
int do_param = 0;
if (bio_err == NULL)
bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
if (!load_config(bio_err, NULL))
goto end;
outformat=FORMAT_PEM;
outformat = FORMAT_PEM;
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
args = argv + 1;
while (!badarg && *args && *args[0] == '-')
{
if (!strcmp(*args,"-outform"))
{
if (args[1])
{
while (!badarg && *args && *args[0] == '-') {
if (!strcmp(*args, "-outform")) {
if (args[1]) {
args++;
outformat=str2fmt(*args);
}
else badarg = 1;
}
else if (!strcmp(*args,"-pass"))
{
if (!args[1]) goto bad;
passarg= *(++args);
outformat = str2fmt(*args);
} else
badarg = 1;
} else if (!strcmp(*args, "-pass")) {
if (!args[1])
goto bad;
passarg = *(++args);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*args,"-engine") == 0)
{
else if (strcmp(*args, "-engine") == 0) {
if (!args[1])
goto bad;
e = setup_engine(bio_err, *(++args), 0);
}
#endif
else if (!strcmp (*args, "-paramfile"))
{
else if (!strcmp(*args, "-paramfile")) {
if (!args[1])
goto bad;
args++;
@ -134,54 +129,38 @@ int MAIN(int argc, char **argv)
goto bad;
if (!init_keygen_file(bio_err, &ctx, *args, e))
goto end;
}
else if (!strcmp (*args, "-out"))
{
if (args[1])
{
} else if (!strcmp(*args, "-out")) {
if (args[1]) {
args++;
outfile = *args;
}
else badarg = 1;
}
else if (strcmp(*args,"-algorithm") == 0)
{
} else
badarg = 1;
} else if (strcmp(*args, "-algorithm") == 0) {
if (!args[1])
goto bad;
if (!init_gen_str(bio_err, &ctx, *(++args),e, do_param))
if (!init_gen_str(bio_err, &ctx, *(++args), e, do_param))
goto end;
}
else if (strcmp(*args,"-pkeyopt") == 0)
{
} else if (strcmp(*args, "-pkeyopt") == 0) {
if (!args[1])
goto bad;
if (!ctx)
{
if (!ctx) {
BIO_puts(bio_err, "No keytype specified\n");
goto bad;
}
else if (pkey_ctrl_string(ctx, *(++args)) <= 0)
{
} else if (pkey_ctrl_string(ctx, *(++args)) <= 0) {
BIO_puts(bio_err, "parameter setting error\n");
ERR_print_errors(bio_err);
goto end;
}
}
else if (strcmp(*args,"-genparam") == 0)
{
} else if (strcmp(*args, "-genparam") == 0) {
if (ctx)
goto bad;
do_param = 1;
}
else if (strcmp(*args,"-text") == 0)
text=1;
else
{
} else if (strcmp(*args, "-text") == 0)
text = 1;
else {
cipher = EVP_get_cipherbyname(*args + 1);
if (!cipher)
{
BIO_printf(bio_err, "Unknown cipher %s\n",
*args + 1);
if (!cipher) {
BIO_printf(bio_err, "Unknown cipher %s\n", *args + 1);
badarg = 1;
}
if (do_param == 1)
@ -193,46 +172,46 @@ int MAIN(int argc, char **argv)
if (!ctx)
badarg = 1;
if (badarg)
{
if (badarg) {
bad:
BIO_printf(bio_err, "Usage: genpkey [options]\n");
BIO_printf(bio_err, "where options may be\n");
BIO_printf(bio_err, "-out file output file\n");
BIO_printf(bio_err, "-outform X output format (DER or PEM)\n");
BIO_printf(bio_err, "-pass arg output file pass phrase source\n");
BIO_printf(bio_err, "-<cipher> use cipher <cipher> to encrypt the key\n");
BIO_printf(bio_err,
"-outform X output format (DER or PEM)\n");
BIO_printf(bio_err,
"-pass arg output file pass phrase source\n");
BIO_printf(bio_err,
"-<cipher> use cipher <cipher> to encrypt the key\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n");
BIO_printf(bio_err,
"-engine e use engine e, possibly a hardware device.\n");
#endif
BIO_printf(bio_err, "-paramfile file parameters file\n");
BIO_printf(bio_err, "-algorithm alg the public key algorithm\n");
BIO_printf(bio_err, "-pkeyopt opt:value set the public key algorithm option <opt>\n"
BIO_printf(bio_err,
"-pkeyopt opt:value set the public key algorithm option <opt>\n"
" to value <value>\n");
BIO_printf(bio_err, "-genparam generate parameters, not key\n");
BIO_printf(bio_err,
"-genparam generate parameters, not key\n");
BIO_printf(bio_err, "-text print the in text\n");
BIO_printf(bio_err, "NB: options order may be important! See the manual page.\n");
BIO_printf(bio_err,
"NB: options order may be important! See the manual page.\n");
goto end;
}
if (!app_passwd(bio_err, passarg, NULL, &pass, NULL))
{
if (!app_passwd(bio_err, passarg, NULL, &pass, NULL)) {
BIO_puts(bio_err, "Error getting password\n");
goto end;
}
if (outfile)
{
if (!(out = BIO_new_file (outfile, "wb")))
{
BIO_printf(bio_err,
"Can't open output file %s\n", outfile);
if (outfile) {
if (!(out = BIO_new_file(outfile, "wb"))) {
BIO_printf(bio_err, "Can't open output file %s\n", outfile);
goto end;
}
}
else
{
out = BIO_new_fp (stdout, BIO_NOCLOSE);
} else {
out = BIO_new_fp(stdout, BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
@ -244,19 +223,14 @@ int MAIN(int argc, char **argv)
EVP_PKEY_CTX_set_cb(ctx, genpkey_cb);
EVP_PKEY_CTX_set_app_data(ctx, bio_err);
if (do_param)
{
if (EVP_PKEY_paramgen(ctx, &pkey) <= 0)
{
if (do_param) {
if (EVP_PKEY_paramgen(ctx, &pkey) <= 0) {
BIO_puts(bio_err, "Error generating parameters\n");
ERR_print_errors(bio_err);
goto end;
}
}
else
{
if (EVP_PKEY_keygen(ctx, &pkey) <= 0)
{
} else {
if (EVP_PKEY_keygen(ctx, &pkey) <= 0) {
BIO_puts(bio_err, "Error generating key\n");
ERR_print_errors(bio_err);
goto end;
@ -266,31 +240,26 @@ int MAIN(int argc, char **argv)
if (do_param)
rv = PEM_write_bio_Parameters(out, pkey);
else if (outformat == FORMAT_PEM)
rv = PEM_write_bio_PrivateKey(out, pkey, cipher, NULL, 0,
NULL, pass);
rv = PEM_write_bio_PrivateKey(out, pkey, cipher, NULL, 0, NULL, pass);
else if (outformat == FORMAT_ASN1)
rv = i2d_PrivateKey_bio(out, pkey);
else
{
else {
BIO_printf(bio_err, "Bad format specified for key\n");
goto end;
}
if (rv <= 0)
{
if (rv <= 0) {
BIO_puts(bio_err, "Error writing key\n");
ERR_print_errors(bio_err);
}
if (text)
{
if (text) {
if (do_param)
rv = EVP_PKEY_print_params(out, pkey, 0, NULL);
else
rv = EVP_PKEY_print_private(out, pkey, 0, NULL);
if (rv <= 0)
{
if (rv <= 0) {
BIO_puts(bio_err, "Error printing key\n");
ERR_print_errors(bio_err);
}
@ -310,23 +279,21 @@ int MAIN(int argc, char **argv)
OPENSSL_free(pass);
return ret;
}
}
static int init_keygen_file(BIO *err, EVP_PKEY_CTX **pctx,
const char *file, ENGINE *e)
{
{
BIO *pbio;
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *ctx = NULL;
if (*pctx)
{
if (*pctx) {
BIO_puts(err, "Parameters already set!\n");
return 0;
}
pbio = BIO_new_file(file, "r");
if (!pbio)
{
if (!pbio) {
BIO_printf(err, "Can't open parameter file %s\n", file);
return 0;
}
@ -334,8 +301,7 @@ static int init_keygen_file(BIO *err, EVP_PKEY_CTX **pctx,
pkey = PEM_read_bio_Parameters(pbio, NULL);
BIO_free(pbio);
if (!pkey)
{
if (!pkey) {
BIO_printf(bio_err, "Error reading parameter file %s\n", file);
return 0;
}
@ -358,18 +324,17 @@ static int init_keygen_file(BIO *err, EVP_PKEY_CTX **pctx,
EVP_PKEY_free(pkey);
return 0;
}
}
int init_gen_str(BIO *err, EVP_PKEY_CTX **pctx,
const char *algname, ENGINE *e, int do_param)
{
{
EVP_PKEY_CTX *ctx = NULL;
const EVP_PKEY_ASN1_METHOD *ameth;
ENGINE *tmpeng = NULL;
int pkey_id;
if (*pctx)
{
if (*pctx) {
BIO_puts(err, "Algorithm already set!\n");
return 0;
}
@ -381,8 +346,7 @@ int init_gen_str(BIO *err, EVP_PKEY_CTX **pctx,
ameth = ENGINE_get_pkey_asn1_meth_str(e, algname, -1);
#endif
if (!ameth)
{
if (!ameth) {
BIO_printf(bio_err, "Algorithm %s not found\n", algname);
return 0;
}
@ -398,13 +362,10 @@ int init_gen_str(BIO *err, EVP_PKEY_CTX **pctx,
if (!ctx)
goto err;
if (do_param)
{
if (do_param) {
if (EVP_PKEY_paramgen_init(ctx) <= 0)
goto err;
}
else
{
} else {
if (EVP_PKEY_keygen_init(ctx) <= 0)
goto err;
}
@ -419,22 +380,26 @@ int init_gen_str(BIO *err, EVP_PKEY_CTX **pctx,
EVP_PKEY_CTX_free(ctx);
return 0;
}
}
static int genpkey_cb(EVP_PKEY_CTX *ctx)
{
char c='*';
{
char c = '*';
BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
int p;
p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
if (p == 0) c='.';
if (p == 1) c='+';
if (p == 2) c='*';
if (p == 3) c='\n';
BIO_write(b,&c,1);
if (p == 0)
c = '.';
if (p == 1)
c = '+';
if (p == 2)
c = '*';
if (p == 3)
c = '\n';
BIO_write(b, &c, 1);
(void)BIO_flush(b);
#ifdef LINT
p=n;
p = n;
#endif
return 1;
}
}

379
apps/genrsa.c
View File

@ -57,279 +57,294 @@
*/
#include <openssl/opensslconf.h>
/* Until the key-gen callbacks are modified to use newer prototypes, we allow
* deprecated functions for openssl-internal code */
/*
* Until the key-gen callbacks are modified to use newer prototypes, we allow
* deprecated functions for openssl-internal code
*/
#ifdef OPENSSL_NO_DEPRECATED
#undef OPENSSL_NO_DEPRECATED
# undef OPENSSL_NO_DEPRECATED
#endif
#ifndef OPENSSL_NO_RSA
#include <stdio.h>
#include <string.h>
#include <sys/types.h>
#include <sys/stat.h>
#include "apps.h"
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/bn.h>
#include <openssl/rsa.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/rand.h>
# include <stdio.h>
# include <string.h>
# include <sys/types.h>
# include <sys/stat.h>
# include "apps.h"
# include <openssl/bio.h>
# include <openssl/err.h>
# include <openssl/bn.h>
# include <openssl/rsa.h>
# include <openssl/evp.h>
# include <openssl/x509.h>
# include <openssl/pem.h>
# include <openssl/rand.h>
#define DEFBITS 2048
#undef PROG
#define PROG genrsa_main
# define DEFBITS 2048
# undef PROG
# define PROG genrsa_main
static int MS_CALLBACK genrsa_cb(int p, int n, BN_GENCB *cb);
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
{
BN_GENCB cb;
#ifndef OPENSSL_NO_ENGINE
# ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
int ret=1;
int i,num=DEFBITS;
# endif
int ret = 1;
int i, num = DEFBITS;
long l;
const EVP_CIPHER *enc=NULL;
unsigned long f4=RSA_F4;
char *outfile=NULL;
const EVP_CIPHER *enc = NULL;
unsigned long f4 = RSA_F4;
char *outfile = NULL;
char *passargout = NULL, *passout = NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
char *inrand=NULL;
BIO *out=NULL;
# ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
# endif
char *inrand = NULL;
BIO *out = NULL;
BIGNUM *bn = BN_new();
RSA *rsa = NULL;
if(!bn) goto err;
if (!bn)
goto err;
apps_startup();
BN_GENCB_set(&cb, genrsa_cb, bio_err);
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
if (!load_config(bio_err, NULL))
goto err;
if ((out=BIO_new(BIO_s_file())) == NULL)
{
BIO_printf(bio_err,"unable to create BIO for output\n");
if ((out = BIO_new(BIO_s_file())) == NULL) {
BIO_printf(bio_err, "unable to create BIO for output\n");
goto err;
}
argv++;
argc--;
for (;;)
{
if (argc <= 0) break;
if (strcmp(*argv,"-out") == 0)
{
if (--argc < 1) goto bad;
outfile= *(++argv);
for (;;) {
if (argc <= 0)
break;
if (strcmp(*argv, "-out") == 0) {
if (--argc < 1)
goto bad;
outfile = *(++argv);
} else if (strcmp(*argv, "-3") == 0)
f4 = 3;
else if (strcmp(*argv, "-F4") == 0 || strcmp(*argv, "-f4") == 0)
f4 = RSA_F4;
# ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv, "-engine") == 0) {
if (--argc < 1)
goto bad;
engine = *(++argv);
}
else if (strcmp(*argv,"-3") == 0)
f4=3;
else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0)
f4=RSA_F4;
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
# endif
else if (strcmp(*argv, "-rand") == 0) {
if (--argc < 1)
goto bad;
inrand = *(++argv);
}
#endif
else if (strcmp(*argv,"-rand") == 0)
{
if (--argc < 1) goto bad;
inrand= *(++argv);
}
#ifndef OPENSSL_NO_DES
else if (strcmp(*argv,"-des") == 0)
enc=EVP_des_cbc();
else if (strcmp(*argv,"-des3") == 0)
enc=EVP_des_ede3_cbc();
#endif
#ifndef OPENSSL_NO_IDEA
else if (strcmp(*argv,"-idea") == 0)
enc=EVP_idea_cbc();
#endif
#ifndef OPENSSL_NO_SEED
else if (strcmp(*argv,"-seed") == 0)
enc=EVP_seed_cbc();
#endif
#ifndef OPENSSL_NO_AES
else if (strcmp(*argv,"-aes128") == 0)
enc=EVP_aes_128_cbc();
else if (strcmp(*argv,"-aes192") == 0)
enc=EVP_aes_192_cbc();
else if (strcmp(*argv,"-aes256") == 0)
enc=EVP_aes_256_cbc();
#endif
#ifndef OPENSSL_NO_CAMELLIA
else if (strcmp(*argv,"-camellia128") == 0)
enc=EVP_camellia_128_cbc();
else if (strcmp(*argv,"-camellia192") == 0)
enc=EVP_camellia_192_cbc();
else if (strcmp(*argv,"-camellia256") == 0)
enc=EVP_camellia_256_cbc();
#endif
else if (strcmp(*argv,"-passout") == 0)
{
if (--argc < 1) goto bad;
passargout= *(++argv);
}
else
# ifndef OPENSSL_NO_DES
else if (strcmp(*argv, "-des") == 0)
enc = EVP_des_cbc();
else if (strcmp(*argv, "-des3") == 0)
enc = EVP_des_ede3_cbc();
# endif
# ifndef OPENSSL_NO_IDEA
else if (strcmp(*argv, "-idea") == 0)
enc = EVP_idea_cbc();
# endif
# ifndef OPENSSL_NO_SEED
else if (strcmp(*argv, "-seed") == 0)
enc = EVP_seed_cbc();
# endif
# ifndef OPENSSL_NO_AES
else if (strcmp(*argv, "-aes128") == 0)
enc = EVP_aes_128_cbc();
else if (strcmp(*argv, "-aes192") == 0)
enc = EVP_aes_192_cbc();
else if (strcmp(*argv, "-aes256") == 0)
enc = EVP_aes_256_cbc();
# endif
# ifndef OPENSSL_NO_CAMELLIA
else if (strcmp(*argv, "-camellia128") == 0)
enc = EVP_camellia_128_cbc();
else if (strcmp(*argv, "-camellia192") == 0)
enc = EVP_camellia_192_cbc();
else if (strcmp(*argv, "-camellia256") == 0)
enc = EVP_camellia_256_cbc();
# endif
else if (strcmp(*argv, "-passout") == 0) {
if (--argc < 1)
goto bad;
passargout = *(++argv);
} else
break;
argv++;
argc--;
}
if ((argc >= 1) && ((sscanf(*argv,"%d",&num) == 0) || (num < 0)))
{
bad:
BIO_printf(bio_err,"usage: genrsa [args] [numbits]\n");
BIO_printf(bio_err," -des encrypt the generated key with DES in cbc mode\n");
BIO_printf(bio_err," -des3 encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
#ifndef OPENSSL_NO_IDEA
BIO_printf(bio_err," -idea encrypt the generated key with IDEA in cbc mode\n");
#endif
#ifndef OPENSSL_NO_SEED
BIO_printf(bio_err," -seed\n");
BIO_printf(bio_err," encrypt PEM output with cbc seed\n");
#endif
#ifndef OPENSSL_NO_AES
BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
BIO_printf(bio_err," encrypt PEM output with cbc aes\n");
#endif
#ifndef OPENSSL_NO_CAMELLIA
BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
BIO_printf(bio_err," encrypt PEM output with cbc camellia\n");
#endif
BIO_printf(bio_err," -out file output the key to 'file\n");
BIO_printf(bio_err," -passout arg output file pass phrase source\n");
BIO_printf(bio_err," -f4 use F4 (0x10001) for the E value\n");
BIO_printf(bio_err," -3 use 3 for the E value\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
#endif
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err," load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
if ((argc >= 1) && ((sscanf(*argv, "%d", &num) == 0) || (num < 0))) {
bad:
BIO_printf(bio_err, "usage: genrsa [args] [numbits]\n");
BIO_printf(bio_err,
" -des encrypt the generated key with DES in cbc mode\n");
BIO_printf(bio_err,
" -des3 encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
# ifndef OPENSSL_NO_IDEA
BIO_printf(bio_err,
" -idea encrypt the generated key with IDEA in cbc mode\n");
# endif
# ifndef OPENSSL_NO_SEED
BIO_printf(bio_err, " -seed\n");
BIO_printf(bio_err,
" encrypt PEM output with cbc seed\n");
# endif
# ifndef OPENSSL_NO_AES
BIO_printf(bio_err, " -aes128, -aes192, -aes256\n");
BIO_printf(bio_err,
" encrypt PEM output with cbc aes\n");
# endif
# ifndef OPENSSL_NO_CAMELLIA
BIO_printf(bio_err, " -camellia128, -camellia192, -camellia256\n");
BIO_printf(bio_err,
" encrypt PEM output with cbc camellia\n");
# endif
BIO_printf(bio_err, " -out file output the key to 'file\n");
BIO_printf(bio_err,
" -passout arg output file pass phrase source\n");
BIO_printf(bio_err,
" -f4 use F4 (0x10001) for the E value\n");
BIO_printf(bio_err, " -3 use 3 for the E value\n");
# ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err,
" -engine e use engine e, possibly a hardware device.\n");
# endif
BIO_printf(bio_err, " -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR,
LIST_SEPARATOR_CHAR);
BIO_printf(bio_err,
" load the file (or the files in the directory) into\n");
BIO_printf(bio_err, " the random number generator\n");
goto err;
}
ERR_load_crypto_strings();
if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
if (!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
BIO_printf(bio_err, "Error getting password\n");
goto err;
}
#ifndef OPENSSL_NO_ENGINE
# ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
# endif
if (outfile == NULL)
{
BIO_set_fp(out,stdout,BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
if (outfile == NULL) {
BIO_set_fp(out, stdout, BIO_NOCLOSE);
# ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
out = BIO_push(tmpbio, out);
}
#endif
}
else
{
if (BIO_write_filename(out,outfile) <= 0)
{
# endif
} else {
if (BIO_write_filename(out, outfile) <= 0) {
perror(outfile);
goto err;
}
}
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
&& !RAND_status())
{
BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
&& !RAND_status()) {
BIO_printf(bio_err,
"warning, not much extra random data, consider using the -rand option\n");
}
if (inrand != NULL)
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
app_RAND_load_files(inrand));
BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n",
BIO_printf(bio_err, "Generating RSA private key, %d bit long modulus\n",
num);
#ifdef OPENSSL_NO_ENGINE
# ifdef OPENSSL_NO_ENGINE
rsa = RSA_new();
#else
# else
rsa = RSA_new_method(e);
#endif
# endif
if (!rsa)
goto err;
if(!BN_set_word(bn, f4) || !RSA_generate_key_ex(rsa, num, bn, &cb))
if (!BN_set_word(bn, f4) || !RSA_generate_key_ex(rsa, num, bn, &cb))
goto err;
app_RAND_write_file(NULL, bio_err);
/* We need to do the following for when the base number size is <
* long, esp windows 3.1 :-(. */
l=0L;
for (i=0; i<rsa->e->top; i++)
{
#ifndef SIXTY_FOUR_BIT
l<<=BN_BITS4;
l<<=BN_BITS4;
#endif
l+=rsa->e->d[i];
/*
* We need to do the following for when the base number size is < long,
* esp windows 3.1 :-(.
*/
l = 0L;
for (i = 0; i < rsa->e->top; i++) {
# ifndef SIXTY_FOUR_BIT
l <<= BN_BITS4;
l <<= BN_BITS4;
# endif
l += rsa->e->d[i];
}
BIO_printf(bio_err,"e is %ld (0x%lX)\n",l,l);
BIO_printf(bio_err, "e is %ld (0x%lX)\n", l, l);
{
PW_CB_DATA cb_data;
cb_data.password = passout;
cb_data.prompt_info = outfile;
if (!PEM_write_bio_RSAPrivateKey(out,rsa,enc,NULL,0,
(pem_password_cb *)password_callback,&cb_data))
if (!PEM_write_bio_RSAPrivateKey(out, rsa, enc, NULL, 0,
(pem_password_cb *)password_callback,
&cb_data))
goto err;
}
ret=0;
err:
if (bn) BN_free(bn);
if (rsa) RSA_free(rsa);
if (out) BIO_free_all(out);
if(passout) OPENSSL_free(passout);
ret = 0;
err:
if (bn)
BN_free(bn);
if (rsa)
RSA_free(rsa);
if (out)
BIO_free_all(out);
if (passout)
OPENSSL_free(passout);
if (ret != 0)
ERR_print_errors(bio_err);
apps_shutdown();
OPENSSL_EXIT(ret);
}
}
static int MS_CALLBACK genrsa_cb(int p, int n, BN_GENCB *cb)
{
char c='*';
{
char c = '*';
if (p == 0) c='.';
if (p == 1) c='+';
if (p == 2) c='*';
if (p == 3) c='\n';
BIO_write(cb->arg,&c,1);
if (p == 0)
c = '.';
if (p == 1)
c = '+';
if (p == 2)
c = '*';
if (p == 3)
c = '\n';
BIO_write(cb->arg, &c, 1);
(void)BIO_flush(cb->arg);
#ifdef LINT
p=n;
#endif
# ifdef LINT
p = n;
# endif
return 1;
}
}
#else /* !OPENSSL_NO_RSA */
# if PEDANTIC
static void *dummy=&dummy;
static void *dummy = &dummy;
# endif
#endif

65
apps/nseq.c
View File

@ -1,6 +1,7 @@
/* nseq.c */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
* 1999.
*/
/* ====================================================================
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
@ -76,47 +77,51 @@ int MAIN(int argc, char **argv)
NETSCAPE_CERT_SEQUENCE *seq = NULL;
int i, ret = 1;
int badarg = 0;
if (bio_err == NULL) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
if (bio_err == NULL)
bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
ERR_load_crypto_strings();
args = argv + 1;
while (!badarg && *args && *args[0] == '-') {
if (!strcmp (*args, "-toseq")) toseq = 1;
else if (!strcmp (*args, "-in")) {
if (!strcmp(*args, "-toseq"))
toseq = 1;
else if (!strcmp(*args, "-in")) {
if (args[1]) {
args++;
infile = *args;
} else badarg = 1;
} else if (!strcmp (*args, "-out")) {
} else
badarg = 1;
} else if (!strcmp(*args, "-out")) {
if (args[1]) {
args++;
outfile = *args;
} else badarg = 1;
} else badarg = 1;
} else
badarg = 1;
} else
badarg = 1;
args++;
}
if (badarg) {
BIO_printf (bio_err, "Netscape certificate sequence utility\n");
BIO_printf (bio_err, "Usage nseq [options]\n");
BIO_printf (bio_err, "where options are\n");
BIO_printf (bio_err, "-in file input file\n");
BIO_printf (bio_err, "-out file output file\n");
BIO_printf (bio_err, "-toseq output NS Sequence file\n");
BIO_printf(bio_err, "Netscape certificate sequence utility\n");
BIO_printf(bio_err, "Usage nseq [options]\n");
BIO_printf(bio_err, "where options are\n");
BIO_printf(bio_err, "-in file input file\n");
BIO_printf(bio_err, "-out file output file\n");
BIO_printf(bio_err, "-toseq output NS Sequence file\n");
OPENSSL_EXIT(1);
}
if (infile) {
if (!(in = BIO_new_file (infile, "r"))) {
BIO_printf (bio_err,
"Can't open input file %s\n", infile);
if (!(in = BIO_new_file(infile, "r"))) {
BIO_printf(bio_err, "Can't open input file %s\n", infile);
goto end;
}
} else in = BIO_new_fp(stdin, BIO_NOCLOSE);
} else
in = BIO_new_fp(stdin, BIO_NOCLOSE);
if (outfile) {
if (!(out = BIO_new_file (outfile, "w"))) {
BIO_printf (bio_err,
"Can't open output file %s\n", outfile);
if (!(out = BIO_new_file(outfile, "w"))) {
BIO_printf(bio_err, "Can't open output file %s\n", outfile);
goto end;
}
} else {
@ -131,12 +136,11 @@ int MAIN(int argc, char **argv)
if (toseq) {
seq = NETSCAPE_CERT_SEQUENCE_new();
seq->certs = sk_X509_new_null();
while((x509 = PEM_read_bio_X509(in, NULL, NULL, NULL)))
sk_X509_push(seq->certs,x509);
while ((x509 = PEM_read_bio_X509(in, NULL, NULL, NULL)))
sk_X509_push(seq->certs, x509);
if(!sk_X509_num(seq->certs))
{
BIO_printf (bio_err, "Error reading certs file %s\n", infile);
if (!sk_X509_num(seq->certs)) {
BIO_printf(bio_err, "Error reading certs file %s\n", infile);
ERR_print_errors(bio_err);
goto end;
}
@ -146,22 +150,21 @@ int MAIN(int argc, char **argv)
}
if (!(seq = PEM_read_bio_NETSCAPE_CERT_SEQUENCE(in, NULL, NULL, NULL))) {
BIO_printf (bio_err, "Error reading sequence file %s\n", infile);
BIO_printf(bio_err, "Error reading sequence file %s\n", infile);
ERR_print_errors(bio_err);
goto end;
}
for(i = 0; i < sk_X509_num(seq->certs); i++) {
for (i = 0; i < sk_X509_num(seq->certs); i++) {
x509 = sk_X509_value(seq->certs, i);
dump_cert_text(out, x509);
PEM_write_bio_X509(out, x509);
}
ret = 0;
end:
end:
BIO_free(in);
BIO_free_all(out);
NETSCAPE_CERT_SEQUENCE_free(seq);
OPENSSL_EXIT(ret);
}

1064
apps/ocsp.c
View File

File diff suppressed because it is too large Load Diff

523
apps/openssl.c
View File

@ -109,11 +109,11 @@
*
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#define OPENSSL_C /* tells apps.h to use complete apps_startup() */
#define OPENSSL_C /* tells apps.h to use complete
* apps_startup() */
#include "apps.h"
#include <openssl/bio.h>
#include <openssl/crypto.h>
@ -124,97 +124,90 @@
#include <openssl/pem.h>
#include <openssl/ssl.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
# include <openssl/engine.h>
#endif
#define USE_SOCKETS /* needed for the _O_BINARY defs in the MS world */
#define USE_SOCKETS /* needed for the _O_BINARY defs in the MS
* world */
#include "progs.h"
#include "s_apps.h"
#include <openssl/err.h>
#ifdef OPENSSL_FIPS
#include <openssl/fips.h>
# include <openssl/fips.h>
#endif
/* The LHASH callbacks ("hash" & "cmp") have been replaced by functions with the
* base prototypes (we cast each variable inside the function to the required
* type of "FUNCTION*"). This removes the necessity for macro-generated wrapper
* functions. */
/*
* The LHASH callbacks ("hash" & "cmp") have been replaced by functions with
* the base prototypes (we cast each variable inside the function to the
* required type of "FUNCTION*"). This removes the necessity for
* macro-generated wrapper functions.
*/
static LHASH_OF(FUNCTION) *prog_init(void );
static int do_cmd(LHASH_OF(FUNCTION) *prog,int argc,char *argv[]);
static LHASH_OF(FUNCTION) *prog_init(void);
static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[]);
static void list_pkey(BIO *out);
static void list_cipher(BIO *out);
static void list_md(BIO *out);
char *default_config_file=NULL;
char *default_config_file = NULL;
/* Make sure there is only one when MONOLITH is defined */
#ifdef MONOLITH
CONF *config=NULL;
BIO *bio_err=NULL;
CONF *config = NULL;
BIO *bio_err = NULL;
#endif
static void lock_dbg_cb(int mode, int type, const char *file, int line)
{
{
static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
const char *errstr = NULL;
int rw;
rw = mode & (CRYPTO_READ|CRYPTO_WRITE);
if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE)))
{
rw = mode & (CRYPTO_READ | CRYPTO_WRITE);
if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE))) {
errstr = "invalid mode";
goto err;
}
if (type < 0 || type >= CRYPTO_NUM_LOCKS)
{
if (type < 0 || type >= CRYPTO_NUM_LOCKS) {
errstr = "type out of bounds";
goto err;
}
if (mode & CRYPTO_LOCK)
{
if (modes[type])
{
if (mode & CRYPTO_LOCK) {
if (modes[type]) {
errstr = "already locked";
/* must not happen in a single-threaded program
* (would deadlock) */
/*
* must not happen in a single-threaded program (would deadlock)
*/
goto err;
}
modes[type] = rw;
}
else if (mode & CRYPTO_UNLOCK)
{
if (!modes[type])
{
} else if (mode & CRYPTO_UNLOCK) {
if (!modes[type]) {
errstr = "not locked";
goto err;
}
if (modes[type] != rw)
{
if (modes[type] != rw) {
errstr = (rw == CRYPTO_READ) ?
"CRYPTO_r_unlock on write lock" :
"CRYPTO_w_unlock on read lock";
}
modes[type] = 0;
}
else
{
} else {
errstr = "invalid mode";
goto err;
}
err:
if (errstr)
{
if (errstr) {
/* we cannot use bio_err here */
fprintf(stderr, "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
fprintf(stderr,
"openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
errstr, mode, type, file, line);
}
}
}
#if defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64)
# define ARGV _Argv
@ -223,18 +216,18 @@ static void lock_dbg_cb(int mode, int type, const char *file, int line)
#endif
int main(int Argc, char *ARGV[])
{
{
ARGS arg;
#define PROG_NAME_SIZE 39
char pname[PROG_NAME_SIZE+1];
FUNCTION f,*fp;
char pname[PROG_NAME_SIZE + 1];
FUNCTION f, *fp;
MS_STATIC const char *prompt;
MS_STATIC char buf[1024];
char *to_free=NULL;
int n,i,ret=0;
char *to_free = NULL;
int n, i, ret = 0;
int argc;
char **argv,*p;
LHASH_OF(FUNCTION) *prog=NULL;
char **argv, *p;
LHASH_OF(FUNCTION) *prog = NULL;
long errline;
#if defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64)
@ -262,46 +255,46 @@ int main(int Argc, char *ARGV[])
char **Argv = NULL;
int free_Argv = 0;
if ((sizeof( _Argv) < 8) /* 32-bit argv[]. */
if ((sizeof(_Argv) < 8) /* 32-bit argv[]. */
# if !defined( VMS_TRUST_ARGV)
|| (_Argv[ Argc] != NULL) /* Untrusted argv[argc] not NULL. */
|| (_Argv[Argc] != NULL) /* Untrusted argv[argc] not NULL. */
# endif
)
{
) {
int i;
Argv = OPENSSL_malloc( (Argc+ 1)* sizeof( char *));
if (Argv == NULL)
{ ret = -1; goto end; }
for(i = 0; i < Argc; i++)
Argv[i] = _Argv[i];
Argv[ Argc] = NULL; /* Certain NULL termination. */
free_Argv = 1;
Argv = OPENSSL_malloc((Argc + 1) * sizeof(char *));
if (Argv == NULL) {
ret = -1;
goto end;
}
else
{
/* Use the known-good 32-bit argv[] (which needs the
* type cast to satisfy the compiler), or the trusted or
* tested-good 64-bit argv[] as-is. */
for (i = 0; i < Argc; i++)
Argv[i] = _Argv[i];
Argv[Argc] = NULL; /* Certain NULL termination. */
free_Argv = 1;
} else {
/*
* Use the known-good 32-bit argv[] (which needs the type cast to
* satisfy the compiler), or the trusted or tested-good 64-bit argv[]
* as-is.
*/
Argv = (char **)_Argv;
}
#endif /* defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64) */
#endif /* defined( OPENSSL_SYS_VMS) &&
* (__INITIAL_POINTER_SIZE == 64) */
arg.data=NULL;
arg.count=0;
arg.data = NULL;
arg.count = 0;
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
if (getenv("OPENSSL_DEBUG_MEMORY") != NULL) /* if not defined, use compiled-in library defaults */
{
if (!(0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))
{
if (getenv("OPENSSL_DEBUG_MEMORY") != NULL) { /* if not defined, use
* compiled-in library
* defaults */
if (!(0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))) {
CRYPTO_malloc_debug_init();
CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
}
else
{
} else {
/* OPENSSL_DEBUG_MEMORY=off */
CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
}
@ -315,11 +308,11 @@ int main(int Argc, char *ARGV[])
CRYPTO_set_locking_callback(lock_dbg_cb);
}
if(getenv("OPENSSL_FIPS")) {
if (getenv("OPENSSL_FIPS")) {
#ifdef OPENSSL_FIPS
if (!FIPS_mode_set(1)) {
ERR_load_crypto_strings();
ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
ERR_print_errors(BIO_new_fp(stderr, BIO_NOCLOSE));
EXIT(1);
}
#else
@ -331,121 +324,117 @@ int main(int Argc, char *ARGV[])
apps_startup();
/* Lets load up our environment a little */
p=getenv("OPENSSL_CONF");
p = getenv("OPENSSL_CONF");
if (p == NULL)
p=getenv("SSLEAY_CONF");
p = getenv("SSLEAY_CONF");
if (p == NULL)
p=to_free=make_config_name();
p = to_free = make_config_name();
default_config_file=p;
default_config_file = p;
config=NCONF_new(NULL);
i=NCONF_load(config,p,&errline);
if (i == 0)
{
config = NCONF_new(NULL);
i = NCONF_load(config, p, &errline);
if (i == 0) {
if (ERR_GET_REASON(ERR_peek_last_error())
== CONF_R_NO_SUCH_FILE)
{
BIO_printf(bio_err,
"WARNING: can't open config file: %s\n",p);
== CONF_R_NO_SUCH_FILE) {
BIO_printf(bio_err, "WARNING: can't open config file: %s\n", p);
ERR_clear_error();
NCONF_free(config);
config = NULL;
}
else
{
} else {
ERR_print_errors(bio_err);
NCONF_free(config);
exit(1);
}
}
prog=prog_init();
prog = prog_init();
/* first check the program name */
program_name(Argv[0],pname,sizeof pname);
program_name(Argv[0], pname, sizeof pname);
f.name=pname;
fp=lh_FUNCTION_retrieve(prog,&f);
if (fp != NULL)
{
Argv[0]=pname;
ret=fp->func(Argc,Argv);
f.name = pname;
fp = lh_FUNCTION_retrieve(prog, &f);
if (fp != NULL) {
Argv[0] = pname;
ret = fp->func(Argc, Argv);
goto end;
}
/* ok, now check that there are not arguments, if there are,
* run with them, shifting the ssleay off the front */
if (Argc != 1)
{
/*
* ok, now check that there are not arguments, if there are, run with
* them, shifting the ssleay off the front
*/
if (Argc != 1) {
Argc--;
Argv++;
ret=do_cmd(prog,Argc,Argv);
if (ret < 0) ret=0;
ret = do_cmd(prog, Argc, Argv);
if (ret < 0)
ret = 0;
goto end;
}
/* ok, lets enter the old 'OpenSSL>' mode */
for (;;)
{
ret=0;
p=buf;
n=sizeof buf;
i=0;
for (;;)
{
p[0]='\0';
for (;;) {
ret = 0;
p = buf;
n = sizeof buf;
i = 0;
for (;;) {
p[0] = '\0';
if (i++)
prompt=">";
else prompt="OpenSSL> ";
fputs(prompt,stdout);
prompt = ">";
else
prompt = "OpenSSL> ";
fputs(prompt, stdout);
fflush(stdout);
if (!fgets(p,n,stdin))
if (!fgets(p, n, stdin))
goto end;
if (p[0] == '\0') goto end;
i=strlen(p);
if (i <= 1) break;
if (p[i-2] != '\\') break;
i-=2;
p+=i;
n-=i;
if (p[0] == '\0')
goto end;
i = strlen(p);
if (i <= 1)
break;
if (p[i - 2] != '\\')
break;
i -= 2;
p += i;
n -= i;
}
if (!chopup_args(&arg,buf,&argc,&argv)) break;
if (!chopup_args(&arg, buf, &argc, &argv))
break;
ret=do_cmd(prog,argc,argv);
if (ret < 0)
{
ret=0;
ret = do_cmd(prog, argc, argv);
if (ret < 0) {
ret = 0;
goto end;
}
if (ret != 0)
BIO_printf(bio_err,"error in %s\n",argv[0]);
BIO_printf(bio_err, "error in %s\n", argv[0]);
(void)BIO_flush(bio_err);
}
BIO_printf(bio_err,"bad exit\n");
ret=1;
end:
BIO_printf(bio_err, "bad exit\n");
ret = 1;
end:
if (to_free)
OPENSSL_free(to_free);
if (config != NULL)
{
if (config != NULL) {
NCONF_free(config);
config=NULL;
config = NULL;
}
if (prog != NULL) lh_FUNCTION_free(prog);
if (arg.data != NULL) OPENSSL_free(arg.data);
if (prog != NULL)
lh_FUNCTION_free(prog);
if (arg.data != NULL)
OPENSSL_free(arg.data);
if (bio_err != NULL)
{
if (bio_err != NULL) {
BIO_free(bio_err);
bio_err=NULL;
bio_err = NULL;
}
#if defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64)
/* Free any duplicate Argv[] storage. */
if (free_Argv)
{
if (free_Argv) {
OPENSSL_free(Argv);
}
#endif
@ -453,7 +442,7 @@ end:
CRYPTO_mem_leaks(bio_err);
OPENSSL_EXIT(ret);
}
}
#define LIST_STANDARD_COMMANDS "list-standard-commands"
#define LIST_MESSAGE_DIGEST_COMMANDS "list-message-digest-commands"
@ -462,84 +451,74 @@ end:
#define LIST_CIPHER_ALGORITHMS "list-cipher-algorithms"
#define LIST_PUBLIC_KEY_ALGORITHMS "list-public-key-algorithms"
static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[])
{
FUNCTION f,*fp;
int i,ret=1,tp,nl;
{
FUNCTION f, *fp;
int i, ret = 1, tp, nl;
if ((argc <= 0) || (argv[0] == NULL))
{ ret=0; goto end; }
f.name=argv[0];
fp=lh_FUNCTION_retrieve(prog,&f);
if (fp == NULL)
{
if (EVP_get_digestbyname(argv[0]))
{
if ((argc <= 0) || (argv[0] == NULL)) {
ret = 0;
goto end;
}
f.name = argv[0];
fp = lh_FUNCTION_retrieve(prog, &f);
if (fp == NULL) {
if (EVP_get_digestbyname(argv[0])) {
f.type = FUNC_TYPE_MD;
f.func = dgst_main;
fp = &f;
}
else if (EVP_get_cipherbyname(argv[0]))
{
} else if (EVP_get_cipherbyname(argv[0])) {
f.type = FUNC_TYPE_CIPHER;
f.func = enc_main;
fp = &f;
}
}
if (fp != NULL)
{
ret=fp->func(argc,argv);
}
else if ((strncmp(argv[0],"no-",3)) == 0)
{
BIO *bio_stdout = BIO_new_fp(stdout,BIO_NOCLOSE);
if (fp != NULL) {
ret = fp->func(argc, argv);
} else if ((strncmp(argv[0], "no-", 3)) == 0) {
BIO *bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
bio_stdout = BIO_push(tmpbio, bio_stdout);
}
#endif
f.name=argv[0]+3;
ret = (lh_FUNCTION_retrieve(prog,&f) != NULL);
f.name = argv[0] + 3;
ret = (lh_FUNCTION_retrieve(prog, &f) != NULL);
if (!ret)
BIO_printf(bio_stdout, "%s\n", argv[0]);
else
BIO_printf(bio_stdout, "%s\n", argv[0]+3);
BIO_printf(bio_stdout, "%s\n", argv[0] + 3);
BIO_free_all(bio_stdout);
goto end;
}
else if ((strcmp(argv[0],"quit") == 0) ||
(strcmp(argv[0],"q") == 0) ||
(strcmp(argv[0],"exit") == 0) ||
(strcmp(argv[0],"bye") == 0))
{
ret= -1;
} else if ((strcmp(argv[0], "quit") == 0) ||
(strcmp(argv[0], "q") == 0) ||
(strcmp(argv[0], "exit") == 0) ||
(strcmp(argv[0], "bye") == 0)) {
ret = -1;
goto end;
}
else if ((strcmp(argv[0],LIST_STANDARD_COMMANDS) == 0) ||
(strcmp(argv[0],LIST_MESSAGE_DIGEST_COMMANDS) == 0) ||
(strcmp(argv[0],LIST_MESSAGE_DIGEST_ALGORITHMS) == 0) ||
(strcmp(argv[0],LIST_CIPHER_COMMANDS) == 0) ||
(strcmp(argv[0],LIST_CIPHER_ALGORITHMS) == 0) ||
(strcmp(argv[0],LIST_PUBLIC_KEY_ALGORITHMS) == 0))
{
} else if ((strcmp(argv[0], LIST_STANDARD_COMMANDS) == 0) ||
(strcmp(argv[0], LIST_MESSAGE_DIGEST_COMMANDS) == 0) ||
(strcmp(argv[0], LIST_MESSAGE_DIGEST_ALGORITHMS) == 0) ||
(strcmp(argv[0], LIST_CIPHER_COMMANDS) == 0) ||
(strcmp(argv[0], LIST_CIPHER_ALGORITHMS) == 0) ||
(strcmp(argv[0], LIST_PUBLIC_KEY_ALGORITHMS) == 0)) {
int list_type;
BIO *bio_stdout;
if (strcmp(argv[0],LIST_STANDARD_COMMANDS) == 0)
if (strcmp(argv[0], LIST_STANDARD_COMMANDS) == 0)
list_type = FUNC_TYPE_GENERAL;
else if (strcmp(argv[0],LIST_MESSAGE_DIGEST_COMMANDS) == 0)
else if (strcmp(argv[0], LIST_MESSAGE_DIGEST_COMMANDS) == 0)
list_type = FUNC_TYPE_MD;
else if (strcmp(argv[0],LIST_MESSAGE_DIGEST_ALGORITHMS) == 0)
else if (strcmp(argv[0], LIST_MESSAGE_DIGEST_ALGORITHMS) == 0)
list_type = FUNC_TYPE_MD_ALG;
else if (strcmp(argv[0],LIST_PUBLIC_KEY_ALGORITHMS) == 0)
else if (strcmp(argv[0], LIST_PUBLIC_KEY_ALGORITHMS) == 0)
list_type = FUNC_TYPE_PKEY;
else if (strcmp(argv[0],LIST_CIPHER_ALGORITHMS) == 0)
else if (strcmp(argv[0], LIST_CIPHER_ALGORITHMS) == 0)
list_type = FUNC_TYPE_CIPHER_ALG;
else /* strcmp(argv[0],LIST_CIPHER_COMMANDS) == 0 */
list_type = FUNC_TYPE_CIPHER;
bio_stdout = BIO_new_fp(stdout,BIO_NOCLOSE);
bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
@ -556,95 +535,83 @@ static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[])
list_md(bio_stdout);
if (list_type == FUNC_TYPE_CIPHER_ALG)
list_cipher(bio_stdout);
else
{
for (fp=functions; fp->name != NULL; fp++)
else {
for (fp = functions; fp->name != NULL; fp++)
if (fp->type == list_type)
BIO_printf(bio_stdout, "%s\n",
fp->name);
BIO_printf(bio_stdout, "%s\n", fp->name);
}
BIO_free_all(bio_stdout);
ret=0;
ret = 0;
goto end;
}
else
{
BIO_printf(bio_err,"openssl:Error: '%s' is an invalid command.\n",
} else {
BIO_printf(bio_err, "openssl:Error: '%s' is an invalid command.\n",
argv[0]);
BIO_printf(bio_err, "\nStandard commands");
i=0;
tp=0;
for (fp=functions; fp->name != NULL; fp++)
{
nl=0;
i = 0;
tp = 0;
for (fp = functions; fp->name != NULL; fp++) {
nl = 0;
#ifdef OPENSSL_NO_CAMELLIA
if (((i++) % 5) == 0)
#else
if (((i++) % 4) == 0)
#endif
{
BIO_printf(bio_err,"\n");
nl=1;
BIO_printf(bio_err, "\n");
nl = 1;
}
if (fp->type != tp)
{
tp=fp->type;
if (!nl) BIO_printf(bio_err,"\n");
if (tp == FUNC_TYPE_MD)
{
i=1;
if (fp->type != tp) {
tp = fp->type;
if (!nl)
BIO_printf(bio_err, "\n");
if (tp == FUNC_TYPE_MD) {
i = 1;
BIO_printf(bio_err,
"\nMessage Digest commands (see the `dgst' command for more details)\n");
}
else if (tp == FUNC_TYPE_CIPHER)
{
i=1;
BIO_printf(bio_err,"\nCipher commands (see the `enc' command for more details)\n");
} else if (tp == FUNC_TYPE_CIPHER) {
i = 1;
BIO_printf(bio_err,
"\nCipher commands (see the `enc' command for more details)\n");
}
}
#ifdef OPENSSL_NO_CAMELLIA
BIO_printf(bio_err,"%-15s",fp->name);
BIO_printf(bio_err, "%-15s", fp->name);
#else
BIO_printf(bio_err,"%-18s",fp->name);
BIO_printf(bio_err, "%-18s", fp->name);
#endif
}
BIO_printf(bio_err,"\n\n");
ret=0;
}
end:
return(ret);
BIO_printf(bio_err, "\n\n");
ret = 0;
}
end:
return (ret);
}
static int SortFnByName(const void *_f1,const void *_f2)
{
const FUNCTION *f1=_f1;
const FUNCTION *f2=_f2;
static int SortFnByName(const void *_f1, const void *_f2)
{
const FUNCTION *f1 = _f1;
const FUNCTION *f2 = _f2;
if(f1->type != f2->type)
return f1->type-f2->type;
return strcmp(f1->name,f2->name);
}
if (f1->type != f2->type)
return f1->type - f2->type;
return strcmp(f1->name, f2->name);
}
static void list_pkey(BIO *out)
{
{
int i;
for (i = 0; i < EVP_PKEY_asn1_get_count(); i++)
{
for (i = 0; i < EVP_PKEY_asn1_get_count(); i++) {
const EVP_PKEY_ASN1_METHOD *ameth;
int pkey_id, pkey_base_id, pkey_flags;
const char *pinfo, *pem_str;
ameth = EVP_PKEY_asn1_get0(i);
EVP_PKEY_asn1_get0_info(&pkey_id, &pkey_base_id, &pkey_flags,
&pinfo, &pem_str, ameth);
if (pkey_flags & ASN1_PKEY_ALIAS)
{
BIO_printf(out, "Name: %s\n",
OBJ_nid2ln(pkey_id));
if (pkey_flags & ASN1_PKEY_ALIAS) {
BIO_printf(out, "Name: %s\n", OBJ_nid2ln(pkey_id));
BIO_printf(out, "\tType: Alias to %s\n",
OBJ_nid2ln(pkey_base_id));
}
else
{
} else {
BIO_printf(out, "Name: %s\n", pinfo);
BIO_printf(out, "\tType: %s Algorithm\n",
pkey_flags & ASN1_PKEY_DYNAMIC ?
@ -656,76 +623,74 @@ static void list_pkey(BIO *out)
}
}
}
}
static void list_cipher_fn(const EVP_CIPHER *c,
const char *from, const char *to, void *arg)
{
{
if (c)
BIO_printf(arg, "%s\n", EVP_CIPHER_name(c));
else
{
else {
if (!from)
from = "<undefined>";
if (!to)
to = "<undefined>";
BIO_printf(arg, "%s => %s\n", from, to);
}
}
}
static void list_cipher(BIO *out)
{
{
EVP_CIPHER_do_all_sorted(list_cipher_fn, out);
}
}
static void list_md_fn(const EVP_MD *m,
const char *from, const char *to, void *arg)
{
{
if (m)
BIO_printf(arg, "%s\n", EVP_MD_name(m));
else
{
else {
if (!from)
from = "<undefined>";
if (!to)
to = "<undefined>";
BIO_printf(arg, "%s => %s\n", from, to);
}
}
}
static void list_md(BIO *out)
{
{
EVP_MD_do_all_sorted(list_md_fn, out);
}
}
static int MS_CALLBACK function_cmp(const FUNCTION * a, const FUNCTION * b)
{
return strncmp(a->name, b->name, 8);
}
static int MS_CALLBACK function_cmp(const FUNCTION *a, const FUNCTION *b)
{
return strncmp(a->name,b->name,8);
}
static IMPLEMENT_LHASH_COMP_FN(function, FUNCTION)
static unsigned long MS_CALLBACK function_hash(const FUNCTION *a)
{
static unsigned long MS_CALLBACK function_hash(const FUNCTION * a)
{
return lh_strhash(a->name);
}
}
static IMPLEMENT_LHASH_HASH_FN(function, FUNCTION)
static LHASH_OF(FUNCTION) *prog_init(void)
{
{
LHASH_OF(FUNCTION) *ret;
FUNCTION *f;
size_t i;
/* Purely so it looks nice when the user hits ? */
for(i=0,f=functions ; f->name != NULL ; ++f,++i)
;
qsort(functions,i,sizeof *functions,SortFnByName);
for (i = 0, f = functions; f->name != NULL; ++f, ++i) ;
qsort(functions, i, sizeof *functions, SortFnByName);
if ((ret=lh_FUNCTION_new()) == NULL)
return(NULL);
for (f=functions; f->name != NULL; f++)
(void)lh_FUNCTION_insert(ret,f);
return(ret);
}
if ((ret = lh_FUNCTION_new()) == NULL)
return (NULL);
for (f = functions; f->name != NULL; f++)
(void)lh_FUNCTION_insert(ret, f);
return (ret);
}

326
apps/passwd.c
View File

@ -6,42 +6,41 @@
#if !defined(OPENSSL_NO_DES) || !defined(NO_MD5CRYPT_1)
#include <assert.h>
#include <string.h>
# include <assert.h>
# include <string.h>
#include "apps.h"
# include "apps.h"
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/rand.h>
#ifndef OPENSSL_NO_DES
# include <openssl/bio.h>
# include <openssl/err.h>
# include <openssl/evp.h>
# include <openssl/rand.h>
# ifndef OPENSSL_NO_DES
# include <openssl/des.h>
#endif
#ifndef NO_MD5CRYPT_1
# endif
# ifndef NO_MD5CRYPT_1
# include <openssl/md5.h>
#endif
# endif
# undef PROG
# define PROG passwd_main
#undef PROG
#define PROG passwd_main
static unsigned const char cov_2char[64]={
static unsigned const char cov_2char[64] = {
/* from crypto/des/fcrypt.c */
0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,0x35,
0x36,0x37,0x38,0x39,0x41,0x42,0x43,0x44,
0x45,0x46,0x47,0x48,0x49,0x4A,0x4B,0x4C,
0x4D,0x4E,0x4F,0x50,0x51,0x52,0x53,0x54,
0x55,0x56,0x57,0x58,0x59,0x5A,0x61,0x62,
0x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6A,
0x6B,0x6C,0x6D,0x6E,0x6F,0x70,0x71,0x72,
0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7A
0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35,
0x36, 0x37, 0x38, 0x39, 0x41, 0x42, 0x43, 0x44,
0x45, 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C,
0x4D, 0x4E, 0x4F, 0x50, 0x51, 0x52, 0x53, 0x54,
0x55, 0x56, 0x57, 0x58, 0x59, 0x5A, 0x61, 0x62,
0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6A,
0x6B, 0x6C, 0x6D, 0x6E, 0x6F, 0x70, 0x71, 0x72,
0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7A
};
static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
char *passwd, BIO *out, int quiet, int table, int reverse,
size_t pw_maxlen, int usecrypt, int use1, int useapr1);
char *passwd, BIO *out, int quiet, int table,
int reverse, size_t pw_maxlen, int usecrypt, int use1,
int useapr1);
/*-
* -crypt - standard Unix password algorithm (default)
@ -59,7 +58,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
{
int ret = 1;
char *infile = NULL;
int in_stdin = 0;
@ -77,8 +76,8 @@ int MAIN(int argc, char **argv)
apps_startup();
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
if (!load_config(bio_err, NULL))
goto err;
@ -86,54 +85,41 @@ int MAIN(int argc, char **argv)
if (out == NULL)
goto err;
BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
#ifdef OPENSSL_SYS_VMS
# ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
out = BIO_push(tmpbio, out);
}
#endif
# endif
badopt = 0, opt_done = 0;
i = 0;
while (!badopt && !opt_done && argv[++i] != NULL)
{
while (!badopt && !opt_done && argv[++i] != NULL) {
if (strcmp(argv[i], "-crypt") == 0)
usecrypt = 1;
else if (strcmp(argv[i], "-1") == 0)
use1 = 1;
else if (strcmp(argv[i], "-apr1") == 0)
useapr1 = 1;
else if (strcmp(argv[i], "-salt") == 0)
{
if ((argv[i+1] != NULL) && (salt == NULL))
{
else if (strcmp(argv[i], "-salt") == 0) {
if ((argv[i + 1] != NULL) && (salt == NULL)) {
passed_salt = 1;
salt = argv[++i];
}
else
} else
badopt = 1;
}
else if (strcmp(argv[i], "-in") == 0)
{
if ((argv[i+1] != NULL) && !pw_source_defined)
{
} else if (strcmp(argv[i], "-in") == 0) {
if ((argv[i + 1] != NULL) && !pw_source_defined) {
pw_source_defined = 1;
infile = argv[++i];
}
else
} else
badopt = 1;
}
else if (strcmp(argv[i], "-stdin") == 0)
{
if (!pw_source_defined)
{
} else if (strcmp(argv[i], "-stdin") == 0) {
if (!pw_source_defined) {
pw_source_defined = 1;
in_stdin = 1;
}
else
} else
badopt = 1;
}
else if (strcmp(argv[i], "-noverify") == 0)
} else if (strcmp(argv[i], "-noverify") == 0)
in_noverify = 1;
else if (strcmp(argv[i], "-quiet") == 0)
quiet = 1;
@ -149,8 +135,7 @@ int MAIN(int argc, char **argv)
pw_source_defined = 1;
passwds = &argv[i];
opt_done = 1;
}
else
} else
badopt = 1;
}
@ -160,28 +145,33 @@ int MAIN(int argc, char **argv)
badopt = 1;
/* reject unsupported algorithms */
#ifdef OPENSSL_NO_DES
if (usecrypt) badopt = 1;
#endif
#ifdef NO_MD5CRYPT_1
if (use1 || useapr1) badopt = 1;
#endif
# ifdef OPENSSL_NO_DES
if (usecrypt)
badopt = 1;
# endif
# ifdef NO_MD5CRYPT_1
if (use1 || useapr1)
badopt = 1;
# endif
if (badopt)
{
if (badopt) {
BIO_printf(bio_err, "Usage: passwd [options] [passwords]\n");
BIO_printf(bio_err, "where options are\n");
#ifndef OPENSSL_NO_DES
BIO_printf(bio_err, "-crypt standard Unix password algorithm (default)\n");
#endif
#ifndef NO_MD5CRYPT_1
BIO_printf(bio_err, "-1 MD5-based password algorithm\n");
BIO_printf(bio_err, "-apr1 MD5-based password algorithm, Apache variant\n");
#endif
# ifndef OPENSSL_NO_DES
BIO_printf(bio_err,
"-crypt standard Unix password algorithm (default)\n");
# endif
# ifndef NO_MD5CRYPT_1
BIO_printf(bio_err,
"-1 MD5-based password algorithm\n");
BIO_printf(bio_err,
"-apr1 MD5-based password algorithm, Apache variant\n");
# endif
BIO_printf(bio_err, "-salt string use provided salt\n");
BIO_printf(bio_err, "-in file read passwords from file\n");
BIO_printf(bio_err, "-stdin read passwords from stdin\n");
BIO_printf(bio_err, "-noverify never verify when reading password from terminal\n");
BIO_printf(bio_err,
"-noverify never verify when reading password from terminal\n");
BIO_printf(bio_err, "-quiet no warnings\n");
BIO_printf(bio_err, "-table format output as table\n");
BIO_printf(bio_err, "-reverse switch table columns\n");
@ -189,19 +179,15 @@ int MAIN(int argc, char **argv)
goto err;
}
if ((infile != NULL) || in_stdin)
{
if ((infile != NULL) || in_stdin) {
in = BIO_new(BIO_s_file());
if (in == NULL)
goto err;
if (infile != NULL)
{
if (infile != NULL) {
assert(in_stdin == 0);
if (BIO_read_filename(in, infile) <= 0)
goto err;
}
else
{
} else {
assert(in_stdin);
BIO_set_fp(in, stdin, BIO_NOCLOSE);
}
@ -210,61 +196,59 @@ int MAIN(int argc, char **argv)
if (usecrypt)
pw_maxlen = 8;
else if (use1 || useapr1)
pw_maxlen = 256; /* arbitrary limit, should be enough for most passwords */
pw_maxlen = 256; /* arbitrary limit, should be enough for most
* passwords */
if (passwds == NULL)
{
if (passwds == NULL) {
/* no passwords on the command line */
passwd_malloc_size = pw_maxlen + 2;
/* longer than necessary so that we can warn about truncation */
/*
* longer than necessary so that we can warn about truncation
*/
passwd = passwd_malloc = OPENSSL_malloc(passwd_malloc_size);
if (passwd_malloc == NULL)
goto err;
}
if ((in == NULL) && (passwds == NULL))
{
if ((in == NULL) && (passwds == NULL)) {
/* build a null-terminated list */
static char *passwds_static[2] = {NULL, NULL};
static char *passwds_static[2] = { NULL, NULL };
passwds = passwds_static;
if (in == NULL)
if (EVP_read_pw_string(passwd_malloc, passwd_malloc_size, "Password: ", !(passed_salt || in_noverify)) != 0)
if (EVP_read_pw_string
(passwd_malloc, passwd_malloc_size, "Password: ",
!(passed_salt || in_noverify)) != 0)
goto err;
passwds[0] = passwd_malloc;
}
if (in == NULL)
{
if (in == NULL) {
assert(passwds != NULL);
assert(*passwds != NULL);
do /* loop over list of passwords */
{
do { /* loop over list of passwords */
passwd = *passwds++;
if (!do_passwd(passed_salt, &salt, &salt_malloc, passwd, out,
quiet, table, reverse, pw_maxlen, usecrypt, use1, useapr1))
quiet, table, reverse, pw_maxlen, usecrypt, use1,
useapr1))
goto err;
}
while (*passwds != NULL);
}
else
} else
/* in != NULL */
{
int done;
assert (passwd != NULL);
do
{
assert(passwd != NULL);
do {
int r = BIO_gets(in, passwd, pw_maxlen + 1);
if (r > 0)
{
char *c = (strchr(passwd, '\n')) ;
if (r > 0) {
char *c = (strchr(passwd, '\n'));
if (c != NULL)
*c = 0; /* truncate at newline */
else
{
else {
/* ignore rest of line */
char trash[BUFSIZ];
do
@ -273,7 +257,8 @@ int MAIN(int argc, char **argv)
}
if (!do_passwd(passed_salt, &salt, &salt_malloc, passwd, out,
quiet, table, reverse, pw_maxlen, usecrypt, use1, useapr1))
quiet, table, reverse, pw_maxlen, usecrypt,
use1, useapr1))
goto err;
}
done = (r <= 0);
@ -282,7 +267,7 @@ int MAIN(int argc, char **argv)
}
ret = 0;
err:
err:
ERR_print_errors(bio_err);
if (salt_malloc)
OPENSSL_free(salt_malloc);
@ -294,29 +279,27 @@ err:
BIO_free_all(out);
apps_shutdown();
OPENSSL_EXIT(ret);
}
}
#ifndef NO_MD5CRYPT_1
/* MD5-based password algorithm (should probably be available as a library
* function; then the static buffer would not be acceptable).
* For magic string "1", this should be compatible to the MD5-based BSD
* password algorithm.
* For 'magic' string "apr1", this is compatible to the MD5-based Apache
* password algorithm.
* (Apparently, the Apache password algorithm is identical except that the
* 'magic' string was changed -- the laziest application of the NIH principle
* I've ever encountered.)
# ifndef NO_MD5CRYPT_1
/*
* MD5-based password algorithm (should probably be available as a library
* function; then the static buffer would not be acceptable). For magic
* string "1", this should be compatible to the MD5-based BSD password
* algorithm. For 'magic' string "apr1", this is compatible to the MD5-based
* Apache password algorithm. (Apparently, the Apache password algorithm is
* identical except that the 'magic' string was changed -- the laziest
* application of the NIH principle I've ever encountered.)
*/
static char *md5crypt(const char *passwd, const char *magic, const char *salt)
{
{
/* "$apr1$..salt..$.......md5hash..........\0" */
static char out_buf[6 + 9 + 24 + 2];
unsigned char buf[MD5_DIGEST_LENGTH];
char *salt_out;
int n;
unsigned int i;
EVP_MD_CTX md,md2;
EVP_MD_CTX md, md2;
size_t passwd_len, salt_len;
passwd_len = strlen(passwd);
@ -332,7 +315,7 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
assert(salt_len <= 8);
EVP_MD_CTX_init(&md);
EVP_DigestInit_ex(&md,EVP_md5(), NULL);
EVP_DigestInit_ex(&md, EVP_md5(), NULL);
EVP_DigestUpdate(&md, passwd, passwd_len);
EVP_DigestUpdate(&md, "$", 1);
EVP_DigestUpdate(&md, magic, strlen(magic));
@ -340,7 +323,7 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
EVP_DigestUpdate(&md, salt_out, salt_len);
EVP_MD_CTX_init(&md2);
EVP_DigestInit_ex(&md2,EVP_md5(), NULL);
EVP_DigestInit_ex(&md2, EVP_md5(), NULL);
EVP_DigestUpdate(&md2, passwd, passwd_len);
EVP_DigestUpdate(&md2, salt_out, salt_len);
EVP_DigestUpdate(&md2, passwd, passwd_len);
@ -351,23 +334,21 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
EVP_DigestUpdate(&md, buf, i);
n = passwd_len;
while (n)
{
while (n) {
EVP_DigestUpdate(&md, (n & 1) ? "\0" : passwd, 1);
n >>= 1;
}
EVP_DigestFinal_ex(&md, buf, NULL);
for (i = 0; i < 1000; i++)
{
EVP_DigestInit_ex(&md2,EVP_md5(), NULL);
EVP_DigestUpdate(&md2, (i & 1) ? (unsigned const char *) passwd : buf,
for (i = 0; i < 1000; i++) {
EVP_DigestInit_ex(&md2, EVP_md5(), NULL);
EVP_DigestUpdate(&md2, (i & 1) ? (unsigned const char *)passwd : buf,
(i & 1) ? passwd_len : sizeof buf);
if (i % 3)
EVP_DigestUpdate(&md2, salt_out, salt_len);
if (i % 7)
EVP_DigestUpdate(&md2, passwd, passwd_len);
EVP_DigestUpdate(&md2, (i & 1) ? buf : (unsigned const char *) passwd,
EVP_DigestUpdate(&md2, (i & 1) ? buf : (unsigned const char *)passwd,
(i & 1) ? sizeof buf : passwd_len);
EVP_DigestFinal_ex(&md2, buf, NULL);
}
@ -381,26 +362,27 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
char *output;
/* silly output permutation */
for (dest = 0, source = 0; dest < 14; dest++, source = (source + 6) % 17)
for (dest = 0, source = 0; dest < 14;
dest++, source = (source + 6) % 17)
buf_perm[dest] = buf[source];
buf_perm[14] = buf[5];
buf_perm[15] = buf[11];
#ifndef PEDANTIC /* Unfortunately, this generates a "no effect" warning */
# ifndef PEDANTIC /* Unfortunately, this generates a "no
* effect" warning */
assert(16 == sizeof buf_perm);
#endif
# endif
output = salt_out + salt_len;
assert(output == out_buf + strlen(out_buf));
*output++ = '$';
for (i = 0; i < 15; i += 3)
{
*output++ = cov_2char[buf_perm[i+2] & 0x3f];
*output++ = cov_2char[((buf_perm[i+1] & 0xf) << 2) |
(buf_perm[i+2] >> 6)];
for (i = 0; i < 15; i += 3) {
*output++ = cov_2char[buf_perm[i + 2] & 0x3f];
*output++ = cov_2char[((buf_perm[i + 1] & 0xf) << 2) |
(buf_perm[i + 2] >> 6)];
*output++ = cov_2char[((buf_perm[i] & 3) << 4) |
(buf_perm[i+1] >> 4)];
(buf_perm[i + 1] >> 4)];
*output++ = cov_2char[buf_perm[i] >> 2];
}
assert(i == 15);
@ -412,27 +394,24 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
EVP_MD_CTX_cleanup(&md);
return out_buf;
}
#endif
}
# endif
static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
char *passwd, BIO *out, int quiet, int table, int reverse,
size_t pw_maxlen, int usecrypt, int use1, int useapr1)
{
char *passwd, BIO *out, int quiet, int table,
int reverse, size_t pw_maxlen, int usecrypt, int use1,
int useapr1)
{
char *hash = NULL;
assert(salt_p != NULL);
assert(salt_malloc_p != NULL);
/* first make sure we have a salt */
if (!passed_salt)
{
#ifndef OPENSSL_NO_DES
if (usecrypt)
{
if (*salt_malloc_p == NULL)
{
if (!passed_salt) {
# ifndef OPENSSL_NO_DES
if (usecrypt) {
if (*salt_malloc_p == NULL) {
*salt_p = *salt_malloc_p = OPENSSL_malloc(3);
if (*salt_malloc_p == NULL)
goto err;
@ -442,20 +421,18 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
(*salt_p)[0] = cov_2char[(*salt_p)[0] & 0x3f]; /* 6 bits */
(*salt_p)[1] = cov_2char[(*salt_p)[1] & 0x3f]; /* 6 bits */
(*salt_p)[2] = 0;
#ifdef CHARSET_EBCDIC
ascii2ebcdic(*salt_p, *salt_p, 2); /* des_crypt will convert
* back to ASCII */
#endif
# ifdef CHARSET_EBCDIC
ascii2ebcdic(*salt_p, *salt_p, 2); /* des_crypt will convert back
* to ASCII */
# endif
}
#endif /* !OPENSSL_NO_DES */
# endif /* !OPENSSL_NO_DES */
#ifndef NO_MD5CRYPT_1
if (use1 || useapr1)
{
# ifndef NO_MD5CRYPT_1
if (use1 || useapr1) {
int i;
if (*salt_malloc_p == NULL)
{
if (*salt_malloc_p == NULL) {
*salt_p = *salt_malloc_p = OPENSSL_malloc(9);
if (*salt_malloc_p == NULL)
goto err;
@ -467,30 +444,33 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
(*salt_p)[i] = cov_2char[(*salt_p)[i] & 0x3f]; /* 6 bits */
(*salt_p)[8] = 0;
}
#endif /* !NO_MD5CRYPT_1 */
# endif /* !NO_MD5CRYPT_1 */
}
assert(*salt_p != NULL);
/* truncate password if necessary */
if ((strlen(passwd) > pw_maxlen))
{
if ((strlen(passwd) > pw_maxlen)) {
if (!quiet)
/* XXX: really we should know how to print a size_t, not cast it */
BIO_printf(bio_err, "Warning: truncating password to %u characters\n", (unsigned)pw_maxlen);
/*
* XXX: really we should know how to print a size_t, not cast it
*/
BIO_printf(bio_err,
"Warning: truncating password to %u characters\n",
(unsigned)pw_maxlen);
passwd[pw_maxlen] = 0;
}
assert(strlen(passwd) <= pw_maxlen);
/* now compute password hash */
#ifndef OPENSSL_NO_DES
# ifndef OPENSSL_NO_DES
if (usecrypt)
hash = DES_crypt(passwd, *salt_p);
#endif
#ifndef NO_MD5CRYPT_1
# endif
# ifndef NO_MD5CRYPT_1
if (use1 || useapr1)
hash = md5crypt(passwd, (use1 ? "1" : "apr1"), *salt_p);
#endif
# endif
assert(hash != NULL);
if (table && !reverse)
@ -501,14 +481,14 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
BIO_printf(out, "%s\n", hash);
return 1;
err:
err:
return 0;
}
}
#else
int MAIN(int argc, char **argv)
{
{
fputs("Program not available.\n", stderr)
OPENSSL_EXIT(1);
}
}
#endif

864
apps/pkcs12.c
View File

File diff suppressed because it is too large Load Diff

255
apps/pkcs7.c
View File

@ -82,96 +82,92 @@
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
PKCS7 *p7=NULL;
int i,badops=0;
BIO *in=NULL,*out=NULL;
int informat,outformat;
char *infile,*outfile,*prog;
int print_certs=0,text=0,noout=0,p7_print=0;
int ret=1;
{
PKCS7 *p7 = NULL;
int i, badops = 0;
BIO *in = NULL, *out = NULL;
int informat, outformat;
char *infile, *outfile, *prog;
int print_certs = 0, text = 0, noout = 0, p7_print = 0;
int ret = 1;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
char *engine = NULL;
#endif
apps_startup();
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
if (!load_config(bio_err, NULL))
goto end;
infile=NULL;
outfile=NULL;
informat=FORMAT_PEM;
outformat=FORMAT_PEM;
infile = NULL;
outfile = NULL;
informat = FORMAT_PEM;
outformat = FORMAT_PEM;
prog=argv[0];
prog = argv[0];
argc--;
argv++;
while (argc >= 1)
{
if (strcmp(*argv,"-inform") == 0)
{
if (--argc < 1) goto bad;
informat=str2fmt(*(++argv));
}
else if (strcmp(*argv,"-outform") == 0)
{
if (--argc < 1) goto bad;
outformat=str2fmt(*(++argv));
}
else if (strcmp(*argv,"-in") == 0)
{
if (--argc < 1) goto bad;
infile= *(++argv);
}
else if (strcmp(*argv,"-out") == 0)
{
if (--argc < 1) goto bad;
outfile= *(++argv);
}
else if (strcmp(*argv,"-noout") == 0)
noout=1;
else if (strcmp(*argv,"-text") == 0)
text=1;
else if (strcmp(*argv,"-print") == 0)
p7_print=1;
else if (strcmp(*argv,"-print_certs") == 0)
print_certs=1;
while (argc >= 1) {
if (strcmp(*argv, "-inform") == 0) {
if (--argc < 1)
goto bad;
informat = str2fmt(*(++argv));
} else if (strcmp(*argv, "-outform") == 0) {
if (--argc < 1)
goto bad;
outformat = str2fmt(*(++argv));
} else if (strcmp(*argv, "-in") == 0) {
if (--argc < 1)
goto bad;
infile = *(++argv);
} else if (strcmp(*argv, "-out") == 0) {
if (--argc < 1)
goto bad;
outfile = *(++argv);
} else if (strcmp(*argv, "-noout") == 0)
noout = 1;
else if (strcmp(*argv, "-text") == 0)
text = 1;
else if (strcmp(*argv, "-print") == 0)
p7_print = 1;
else if (strcmp(*argv, "-print_certs") == 0)
print_certs = 1;
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
else if (strcmp(*argv, "-engine") == 0) {
if (--argc < 1)
goto bad;
engine = *(++argv);
}
#endif
else
{
BIO_printf(bio_err,"unknown option %s\n",*argv);
badops=1;
else {
BIO_printf(bio_err, "unknown option %s\n", *argv);
badops = 1;
break;
}
argc--;
argv++;
}
if (badops)
{
bad:
BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
BIO_printf(bio_err,"where options are\n");
BIO_printf(bio_err," -inform arg input format - DER or PEM\n");
BIO_printf(bio_err," -outform arg output format - DER or PEM\n");
BIO_printf(bio_err," -in arg input file\n");
BIO_printf(bio_err," -out arg output file\n");
BIO_printf(bio_err," -print_certs print any certs or crl in the input\n");
BIO_printf(bio_err," -text print full details of certificates\n");
BIO_printf(bio_err," -noout don't output encoded data\n");
if (badops) {
bad:
BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
BIO_printf(bio_err, "where options are\n");
BIO_printf(bio_err, " -inform arg input format - DER or PEM\n");
BIO_printf(bio_err, " -outform arg output format - DER or PEM\n");
BIO_printf(bio_err, " -in arg input file\n");
BIO_printf(bio_err, " -out arg output file\n");
BIO_printf(bio_err,
" -print_certs print any certs or crl in the input\n");
BIO_printf(bio_err,
" -text print full details of certificates\n");
BIO_printf(bio_err, " -noout don't output encoded data\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
BIO_printf(bio_err,
" -engine e use engine e, possibly a hardware device.\n");
#endif
ret = 1;
goto end;
@ -183,56 +179,47 @@ bad:
setup_engine(bio_err, engine, 0);
#endif
in=BIO_new(BIO_s_file());
out=BIO_new(BIO_s_file());
if ((in == NULL) || (out == NULL))
{
in = BIO_new(BIO_s_file());
out = BIO_new(BIO_s_file());
if ((in == NULL) || (out == NULL)) {
ERR_print_errors(bio_err);
goto end;
}
if (infile == NULL)
BIO_set_fp(in,stdin,BIO_NOCLOSE);
else
{
if (BIO_read_filename(in,infile) <= 0)
if (in == NULL)
{
BIO_set_fp(in, stdin, BIO_NOCLOSE);
else {
if (BIO_read_filename(in, infile) <= 0)
if (in == NULL) {
perror(infile);
goto end;
}
}
if (informat == FORMAT_ASN1)
p7=d2i_PKCS7_bio(in,NULL);
p7 = d2i_PKCS7_bio(in, NULL);
else if (informat == FORMAT_PEM)
p7=PEM_read_bio_PKCS7(in,NULL,NULL,NULL);
else
{
BIO_printf(bio_err,"bad input format specified for pkcs7 object\n");
p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL);
else {
BIO_printf(bio_err, "bad input format specified for pkcs7 object\n");
goto end;
}
if (p7 == NULL)
{
BIO_printf(bio_err,"unable to load PKCS7 object\n");
if (p7 == NULL) {
BIO_printf(bio_err, "unable to load PKCS7 object\n");
ERR_print_errors(bio_err);
goto end;
}
if (outfile == NULL)
{
BIO_set_fp(out,stdout,BIO_NOCLOSE);
if (outfile == NULL) {
BIO_set_fp(out, stdout, BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
out = BIO_push(tmpbio, out);
}
#endif
}
else
{
if (BIO_write_filename(out,outfile) <= 0)
{
} else {
if (BIO_write_filename(out, outfile) <= 0) {
perror(outfile);
goto end;
}
@ -241,81 +228,81 @@ bad:
if (p7_print)
PKCS7_print_ctx(out, p7, 0, NULL);
if (print_certs)
{
STACK_OF(X509) *certs=NULL;
STACK_OF(X509_CRL) *crls=NULL;
if (print_certs) {
STACK_OF(X509) *certs = NULL;
STACK_OF(X509_CRL) *crls = NULL;
i=OBJ_obj2nid(p7->type);
switch (i)
{
i = OBJ_obj2nid(p7->type);
switch (i) {
case NID_pkcs7_signed:
certs=p7->d.sign->cert;
crls=p7->d.sign->crl;
certs = p7->d.sign->cert;
crls = p7->d.sign->crl;
break;
case NID_pkcs7_signedAndEnveloped:
certs=p7->d.signed_and_enveloped->cert;
crls=p7->d.signed_and_enveloped->crl;
certs = p7->d.signed_and_enveloped->cert;
crls = p7->d.signed_and_enveloped->crl;
break;
default:
break;
}
if (certs != NULL)
{
if (certs != NULL) {
X509 *x;
for (i=0; i<sk_X509_num(certs); i++)
{
x=sk_X509_value(certs,i);
if(text) X509_print(out, x);
else dump_cert_text(out, x);
for (i = 0; i < sk_X509_num(certs); i++) {
x = sk_X509_value(certs, i);
if (text)
X509_print(out, x);
else
dump_cert_text(out, x);
if(!noout) PEM_write_bio_X509(out,x);
BIO_puts(out,"\n");
if (!noout)
PEM_write_bio_X509(out, x);
BIO_puts(out, "\n");
}
}
if (crls != NULL)
{
if (crls != NULL) {
X509_CRL *crl;
for (i=0; i<sk_X509_CRL_num(crls); i++)
{
crl=sk_X509_CRL_value(crls,i);
for (i = 0; i < sk_X509_CRL_num(crls); i++) {
crl = sk_X509_CRL_value(crls, i);
X509_CRL_print(out, crl);
if(!noout)PEM_write_bio_X509_CRL(out,crl);
BIO_puts(out,"\n");
if (!noout)
PEM_write_bio_X509_CRL(out, crl);
BIO_puts(out, "\n");
}
}
ret=0;
ret = 0;
goto end;
}
if(!noout) {
if (!noout) {
if (outformat == FORMAT_ASN1)
i=i2d_PKCS7_bio(out,p7);
i = i2d_PKCS7_bio(out, p7);
else if (outformat == FORMAT_PEM)
i=PEM_write_bio_PKCS7(out,p7);
i = PEM_write_bio_PKCS7(out, p7);
else {
BIO_printf(bio_err,"bad output format specified for outfile\n");
BIO_printf(bio_err, "bad output format specified for outfile\n");
goto end;
}
if (!i)
{
BIO_printf(bio_err,"unable to write pkcs7 object\n");
if (!i) {
BIO_printf(bio_err, "unable to write pkcs7 object\n");
ERR_print_errors(bio_err);
goto end;
}
}
ret=0;
end:
if (p7 != NULL) PKCS7_free(p7);
if (in != NULL) BIO_free(in);
if (out != NULL) BIO_free_all(out);
ret = 0;
end:
if (p7 != NULL)
PKCS7_free(p7);
if (in != NULL)
BIO_free(in);
if (out != NULL)
BIO_free_all(out);
apps_shutdown();
OPENSSL_EXIT(ret);
}
}

297
apps/pkcs8.c
View File

@ -1,6 +1,7 @@
/* pkcs8.c */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999-2004.
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
* 1999-2004.
*/
/* ====================================================================
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
@ -68,7 +69,7 @@
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
{
ENGINE *e = NULL;
char **args, *infile = NULL, *outfile = NULL;
char *passargin = NULL, *passargout = NULL;
@ -82,175 +83,151 @@ int MAIN(int argc, char **argv)
int nocrypt = 0;
X509_SIG *p8 = NULL;
PKCS8_PRIV_KEY_INFO *p8inf = NULL;
EVP_PKEY *pkey=NULL;
EVP_PKEY *pkey = NULL;
char pass[50], *passin = NULL, *passout = NULL, *p8pass = NULL;
int badarg = 0;
int ret = 1;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
char *engine = NULL;
#endif
if (bio_err == NULL) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
if (bio_err == NULL)
bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
if (!load_config(bio_err, NULL))
goto end;
informat=FORMAT_PEM;
outformat=FORMAT_PEM;
informat = FORMAT_PEM;
outformat = FORMAT_PEM;
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
args = argv + 1;
while (!badarg && *args && *args[0] == '-')
{
if (!strcmp(*args,"-v2"))
{
if (args[1])
{
while (!badarg && *args && *args[0] == '-') {
if (!strcmp(*args, "-v2")) {
if (args[1]) {
args++;
cipher=EVP_get_cipherbyname(*args);
if (!cipher)
{
BIO_printf(bio_err,
"Unknown cipher %s\n", *args);
cipher = EVP_get_cipherbyname(*args);
if (!cipher) {
BIO_printf(bio_err, "Unknown cipher %s\n", *args);
badarg = 1;
}
}
else
} else
badarg = 1;
}
else if (!strcmp(*args,"-v1"))
{
if (args[1])
{
} else if (!strcmp(*args, "-v1")) {
if (args[1]) {
args++;
pbe_nid=OBJ_txt2nid(*args);
if (pbe_nid == NID_undef)
{
BIO_printf(bio_err,
"Unknown PBE algorithm %s\n", *args);
pbe_nid = OBJ_txt2nid(*args);
if (pbe_nid == NID_undef) {
BIO_printf(bio_err, "Unknown PBE algorithm %s\n", *args);
badarg = 1;
}
}
else
} else
badarg = 1;
}
else if (!strcmp(*args,"-v2prf"))
{
if (args[1])
{
} else if (!strcmp(*args, "-v2prf")) {
if (args[1]) {
args++;
pbe_nid=OBJ_txt2nid(*args);
if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, pbe_nid, NULL, NULL, 0))
{
BIO_printf(bio_err,
"Unknown PRF algorithm %s\n", *args);
pbe_nid = OBJ_txt2nid(*args);
if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, pbe_nid, NULL, NULL, 0)) {
BIO_printf(bio_err, "Unknown PRF algorithm %s\n", *args);
badarg = 1;
}
}
else
} else
badarg = 1;
}
else if (!strcmp(*args,"-inform"))
{
if (args[1])
{
} else if (!strcmp(*args, "-inform")) {
if (args[1]) {
args++;
informat=str2fmt(*args);
}
else badarg = 1;
}
else if (!strcmp(*args,"-outform"))
{
if (args[1])
{
informat = str2fmt(*args);
} else
badarg = 1;
} else if (!strcmp(*args, "-outform")) {
if (args[1]) {
args++;
outformat=str2fmt(*args);
}
else badarg = 1;
}
else if (!strcmp (*args, "-topk8"))
outformat = str2fmt(*args);
} else
badarg = 1;
} else if (!strcmp(*args, "-topk8"))
topk8 = 1;
else if (!strcmp (*args, "-noiter"))
else if (!strcmp(*args, "-noiter"))
iter = 1;
else if (!strcmp (*args, "-nocrypt"))
else if (!strcmp(*args, "-nocrypt"))
nocrypt = 1;
else if (!strcmp (*args, "-nooct"))
else if (!strcmp(*args, "-nooct"))
p8_broken = PKCS8_NO_OCTET;
else if (!strcmp (*args, "-nsdb"))
else if (!strcmp(*args, "-nsdb"))
p8_broken = PKCS8_NS_DB;
else if (!strcmp (*args, "-embed"))
else if (!strcmp(*args, "-embed"))
p8_broken = PKCS8_EMBEDDED_PARAM;
else if (!strcmp(*args,"-passin"))
{
if (!args[1]) goto bad;
passargin= *(++args);
}
else if (!strcmp(*args,"-passout"))
{
if (!args[1]) goto bad;
passargout= *(++args);
else if (!strcmp(*args, "-passin")) {
if (!args[1])
goto bad;
passargin = *(++args);
} else if (!strcmp(*args, "-passout")) {
if (!args[1])
goto bad;
passargout = *(++args);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*args,"-engine") == 0)
{
if (!args[1]) goto bad;
engine= *(++args);
else if (strcmp(*args, "-engine") == 0) {
if (!args[1])
goto bad;
engine = *(++args);
}
#endif
else if (!strcmp (*args, "-in"))
{
if (args[1])
{
else if (!strcmp(*args, "-in")) {
if (args[1]) {
args++;
infile = *args;
}
else badarg = 1;
}
else if (!strcmp (*args, "-out"))
{
if (args[1])
{
} else
badarg = 1;
} else if (!strcmp(*args, "-out")) {
if (args[1]) {
args++;
outfile = *args;
}
else badarg = 1;
}
else badarg = 1;
} else
badarg = 1;
} else
badarg = 1;
args++;
}
if (badarg)
{
if (badarg) {
bad:
BIO_printf(bio_err, "Usage pkcs8 [options]\n");
BIO_printf(bio_err, "where options are\n");
BIO_printf(bio_err, "-in file input file\n");
BIO_printf(bio_err, "-inform X input format (DER or PEM)\n");
BIO_printf(bio_err, "-passin arg input file pass phrase source\n");
BIO_printf(bio_err,
"-passin arg input file pass phrase source\n");
BIO_printf(bio_err, "-outform X output format (DER or PEM)\n");
BIO_printf(bio_err, "-out file output file\n");
BIO_printf(bio_err, "-passout arg output file pass phrase source\n");
BIO_printf(bio_err,
"-passout arg output file pass phrase source\n");
BIO_printf(bio_err, "-topk8 output PKCS8 file\n");
BIO_printf(bio_err, "-nooct use (nonstandard) no octet format\n");
BIO_printf(bio_err, "-embed use (nonstandard) embedded DSA parameters format\n");
BIO_printf(bio_err, "-nsdb use (nonstandard) DSA Netscape DB format\n");
BIO_printf(bio_err,
"-nooct use (nonstandard) no octet format\n");
BIO_printf(bio_err,
"-embed use (nonstandard) embedded DSA parameters format\n");
BIO_printf(bio_err,
"-nsdb use (nonstandard) DSA Netscape DB format\n");
BIO_printf(bio_err, "-noiter use 1 as iteration count\n");
BIO_printf(bio_err, "-nocrypt use or expect unencrypted private key\n");
BIO_printf(bio_err, "-v2 alg use PKCS#5 v2.0 and cipher \"alg\"\n");
BIO_printf(bio_err, "-v1 obj use PKCS#5 v1.5 and cipher \"alg\"\n");
BIO_printf(bio_err,
"-nocrypt use or expect unencrypted private key\n");
BIO_printf(bio_err,
"-v2 alg use PKCS#5 v2.0 and cipher \"alg\"\n");
BIO_printf(bio_err,
"-v1 obj use PKCS#5 v1.5 and cipher \"alg\"\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
BIO_printf(bio_err,
" -engine e use engine e, possibly a hardware device.\n");
#endif
goto end;
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if (!app_passwd(bio_err, passargin, passargout, &passin, &passout))
{
if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n");
goto end;
}
@ -258,30 +235,21 @@ int MAIN(int argc, char **argv)
if ((pbe_nid == -1) && !cipher)
pbe_nid = NID_pbeWithMD5AndDES_CBC;
if (infile)
{
if (!(in = BIO_new_file(infile, "rb")))
{
BIO_printf(bio_err,
"Can't open input file %s\n", infile);
if (infile) {
if (!(in = BIO_new_file(infile, "rb"))) {
BIO_printf(bio_err, "Can't open input file %s\n", infile);
goto end;
}
}
else
in = BIO_new_fp (stdin, BIO_NOCLOSE);
} else
in = BIO_new_fp(stdin, BIO_NOCLOSE);
if (outfile)
{
if (!(out = BIO_new_file (outfile, "wb")))
{
BIO_printf(bio_err,
"Can't open output file %s\n", outfile);
if (outfile) {
if (!(out = BIO_new_file(outfile, "wb"))) {
BIO_printf(bio_err, "Can't open output file %s\n", outfile);
goto end;
}
}
else
{
out = BIO_new_fp (stdout, BIO_NOCLOSE);
} else {
out = BIO_new_fp(stdout, BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
@ -289,45 +257,37 @@ int MAIN(int argc, char **argv)
}
#endif
}
if (topk8)
{
pkey = load_key(bio_err, infile, informat, 1,
passin, e, "key");
if (topk8) {
pkey = load_key(bio_err, infile, informat, 1, passin, e, "key");
if (!pkey)
goto end;
if (!(p8inf = EVP_PKEY2PKCS8_broken(pkey, p8_broken)))
{
if (!(p8inf = EVP_PKEY2PKCS8_broken(pkey, p8_broken))) {
BIO_printf(bio_err, "Error converting key\n");
ERR_print_errors(bio_err);
goto end;
}
if (nocrypt)
{
if (nocrypt) {
if (outformat == FORMAT_PEM)
PEM_write_bio_PKCS8_PRIV_KEY_INFO(out, p8inf);
else if (outformat == FORMAT_ASN1)
i2d_PKCS8_PRIV_KEY_INFO_bio(out, p8inf);
else
{
else {
BIO_printf(bio_err, "Bad format specified for key\n");
goto end;
}
}
else
{
} else {
if (passout)
p8pass = passout;
else
{
else {
p8pass = pass;
if (EVP_read_pw_string(pass, sizeof pass, "Enter Encryption Password:", 1))
if (EVP_read_pw_string
(pass, sizeof pass, "Enter Encryption Password:", 1))
goto end;
}
app_RAND_load_file(NULL, bio_err, 0);
if (!(p8 = PKCS8_encrypt(pbe_nid, cipher,
p8pass, strlen(p8pass),
NULL, 0, iter, p8inf)))
{
NULL, 0, iter, p8inf))) {
BIO_printf(bio_err, "Error encrypting key\n");
ERR_print_errors(bio_err);
goto end;
@ -337,8 +297,7 @@ int MAIN(int argc, char **argv)
PEM_write_bio_PKCS8(out, p8);
else if (outformat == FORMAT_ASN1)
i2d_PKCS8_bio(out, p8);
else
{
else {
BIO_printf(bio_err, "Bad format specified for key\n");
goto end;
}
@ -348,65 +307,54 @@ int MAIN(int argc, char **argv)
goto end;
}
if (nocrypt)
{
if (nocrypt) {
if (informat == FORMAT_PEM)
p8inf = PEM_read_bio_PKCS8_PRIV_KEY_INFO(in,NULL,NULL, NULL);
p8inf = PEM_read_bio_PKCS8_PRIV_KEY_INFO(in, NULL, NULL, NULL);
else if (informat == FORMAT_ASN1)
p8inf = d2i_PKCS8_PRIV_KEY_INFO_bio(in, NULL);
else
{
else {
BIO_printf(bio_err, "Bad format specified for key\n");
goto end;
}
}
else
{
} else {
if (informat == FORMAT_PEM)
p8 = PEM_read_bio_PKCS8(in, NULL, NULL, NULL);
else if (informat == FORMAT_ASN1)
p8 = d2i_PKCS8_bio(in, NULL);
else
{
else {
BIO_printf(bio_err, "Bad format specified for key\n");
goto end;
}
if (!p8)
{
BIO_printf (bio_err, "Error reading key\n");
if (!p8) {
BIO_printf(bio_err, "Error reading key\n");
ERR_print_errors(bio_err);
goto end;
}
if (passin)
p8pass = passin;
else
{
else {
p8pass = pass;
EVP_read_pw_string(pass, sizeof pass, "Enter Password:", 0);
}
p8inf = PKCS8_decrypt(p8, p8pass, strlen(p8pass));
}
if (!p8inf)
{
if (!p8inf) {
BIO_printf(bio_err, "Error decrypting key\n");
ERR_print_errors(bio_err);
goto end;
}
if (!(pkey = EVP_PKCS82PKEY(p8inf)))
{
if (!(pkey = EVP_PKCS82PKEY(p8inf))) {
BIO_printf(bio_err, "Error converting key\n");
ERR_print_errors(bio_err);
goto end;
}
if (p8inf->broken)
{
if (p8inf->broken) {
BIO_printf(bio_err, "Warning: broken key encoding: ");
switch (p8inf->broken)
{
switch (p8inf->broken) {
case PKCS8_NO_OCTET:
BIO_printf(bio_err, "No Octet String in PrivateKey\n");
break;
@ -433,8 +381,7 @@ int MAIN(int argc, char **argv)
PEM_write_bio_PrivateKey(out, pkey, NULL, NULL, 0, NULL, passout);
else if (outformat == FORMAT_ASN1)
i2d_PrivateKey_bio(out, pkey);
else
{
else {
BIO_printf(bio_err, "Bad format specified for key\n");
goto end;
}
@ -452,4 +399,4 @@ int MAIN(int argc, char **argv)
OPENSSL_free(passout);
return ret;
}
}

187
apps/pkey.c
View File

@ -1,6 +1,7 @@
/* apps/pkey.c */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
* 2006
*/
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
@ -67,7 +68,7 @@
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
{
ENGINE *e = NULL;
char **args, *infile = NULL, *outfile = NULL;
char *passargin = NULL, *passargout = NULL;
@ -75,150 +76,124 @@ int MAIN(int argc, char **argv)
const EVP_CIPHER *cipher = NULL;
int informat, outformat;
int pubin = 0, pubout = 0, pubtext = 0, text = 0, noout = 0;
EVP_PKEY *pkey=NULL;
EVP_PKEY *pkey = NULL;
char *passin = NULL, *passout = NULL;
int badarg = 0;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
char *engine = NULL;
#endif
int ret = 1;
if (bio_err == NULL)
bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
if (!load_config(bio_err, NULL))
goto end;
informat=FORMAT_PEM;
outformat=FORMAT_PEM;
informat = FORMAT_PEM;
outformat = FORMAT_PEM;
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
args = argv + 1;
while (!badarg && *args && *args[0] == '-')
{
if (!strcmp(*args,"-inform"))
{
if (args[1])
{
while (!badarg && *args && *args[0] == '-') {
if (!strcmp(*args, "-inform")) {
if (args[1]) {
args++;
informat=str2fmt(*args);
}
else badarg = 1;
}
else if (!strcmp(*args,"-outform"))
{
if (args[1])
{
informat = str2fmt(*args);
} else
badarg = 1;
} else if (!strcmp(*args, "-outform")) {
if (args[1]) {
args++;
outformat=str2fmt(*args);
}
else badarg = 1;
}
else if (!strcmp(*args,"-passin"))
{
if (!args[1]) goto bad;
passargin= *(++args);
}
else if (!strcmp(*args,"-passout"))
{
if (!args[1]) goto bad;
passargout= *(++args);
outformat = str2fmt(*args);
} else
badarg = 1;
} else if (!strcmp(*args, "-passin")) {
if (!args[1])
goto bad;
passargin = *(++args);
} else if (!strcmp(*args, "-passout")) {
if (!args[1])
goto bad;
passargout = *(++args);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*args,"-engine") == 0)
{
if (!args[1]) goto bad;
engine= *(++args);
else if (strcmp(*args, "-engine") == 0) {
if (!args[1])
goto bad;
engine = *(++args);
}
#endif
else if (!strcmp (*args, "-in"))
{
if (args[1])
{
else if (!strcmp(*args, "-in")) {
if (args[1]) {
args++;
infile = *args;
}
else badarg = 1;
}
else if (!strcmp (*args, "-out"))
{
if (args[1])
{
} else
badarg = 1;
} else if (!strcmp(*args, "-out")) {
if (args[1]) {
args++;
outfile = *args;
}
else badarg = 1;
}
else if (strcmp(*args,"-pubin") == 0)
{
pubin=1;
pubout=1;
pubtext=1;
}
else if (strcmp(*args,"-pubout") == 0)
pubout=1;
else if (strcmp(*args,"-text_pub") == 0)
{
pubtext=1;
text=1;
}
else if (strcmp(*args,"-text") == 0)
text=1;
else if (strcmp(*args,"-noout") == 0)
noout=1;
else
{
} else
badarg = 1;
} else if (strcmp(*args, "-pubin") == 0) {
pubin = 1;
pubout = 1;
pubtext = 1;
} else if (strcmp(*args, "-pubout") == 0)
pubout = 1;
else if (strcmp(*args, "-text_pub") == 0) {
pubtext = 1;
text = 1;
} else if (strcmp(*args, "-text") == 0)
text = 1;
else if (strcmp(*args, "-noout") == 0)
noout = 1;
else {
cipher = EVP_get_cipherbyname(*args + 1);
if (!cipher)
{
BIO_printf(bio_err, "Unknown cipher %s\n",
*args + 1);
if (!cipher) {
BIO_printf(bio_err, "Unknown cipher %s\n", *args + 1);
badarg = 1;
}
}
args++;
}
if (badarg)
{
if (badarg) {
bad:
BIO_printf(bio_err, "Usage pkey [options]\n");
BIO_printf(bio_err, "where options are\n");
BIO_printf(bio_err, "-in file input file\n");
BIO_printf(bio_err, "-inform X input format (DER or PEM)\n");
BIO_printf(bio_err, "-passin arg input file pass phrase source\n");
BIO_printf(bio_err,
"-passin arg input file pass phrase source\n");
BIO_printf(bio_err, "-outform X output format (DER or PEM)\n");
BIO_printf(bio_err, "-out file output file\n");
BIO_printf(bio_err, "-passout arg output file pass phrase source\n");
BIO_printf(bio_err,
"-passout arg output file pass phrase source\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n");
BIO_printf(bio_err,
"-engine e use engine e, possibly a hardware device.\n");
#endif
return 1;
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if (!app_passwd(bio_err, passargin, passargout, &passin, &passout))
{
if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n");
goto end;
}
if (outfile)
{
if (!(out = BIO_new_file (outfile, "wb")))
{
BIO_printf(bio_err,
"Can't open output file %s\n", outfile);
if (outfile) {
if (!(out = BIO_new_file(outfile, "wb"))) {
BIO_printf(bio_err, "Can't open output file %s\n", outfile);
goto end;
}
}
else
{
out = BIO_new_fp (stdout, BIO_NOCLOSE);
} else {
out = BIO_new_fp(stdout, BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
@ -231,38 +206,30 @@ int MAIN(int argc, char **argv)
pkey = load_pubkey(bio_err, infile, informat, 1,
passin, e, "Public Key");
else
pkey = load_key(bio_err, infile, informat, 1,
passin, e, "key");
pkey = load_key(bio_err, infile, informat, 1, passin, e, "key");
if (!pkey)
goto end;
if (!noout)
{
if (outformat == FORMAT_PEM)
{
if (!noout) {
if (outformat == FORMAT_PEM) {
if (pubout)
PEM_write_bio_PUBKEY(out,pkey);
PEM_write_bio_PUBKEY(out, pkey);
else
PEM_write_bio_PrivateKey(out, pkey, cipher,
NULL, 0, NULL, passout);
}
else if (outformat == FORMAT_ASN1)
{
} else if (outformat == FORMAT_ASN1) {
if (pubout)
i2d_PUBKEY_bio(out, pkey);
else
i2d_PrivateKey_bio(out, pkey);
}
else
{
} else {
BIO_printf(bio_err, "Bad format specified for key\n");
goto end;
}
}
if (text)
{
if (text) {
if (pubtext)
EVP_PKEY_print_public(out, pkey, 0, NULL);
else
@ -281,4 +248,4 @@ int MAIN(int argc, char **argv)
OPENSSL_free(passout);
return ret;
}
}

99
apps/pkeyparam.c
View File

@ -1,6 +1,7 @@
/* apps/pkeyparam.c */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
* 2006
*/
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
@ -67,19 +68,19 @@
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
{
char **args, *infile = NULL, *outfile = NULL;
BIO *in = NULL, *out = NULL;
int text = 0, noout = 0;
EVP_PKEY *pkey=NULL;
EVP_PKEY *pkey = NULL;
int badarg = 0;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
char *engine = NULL;
#endif
int ret = 1;
if (bio_err == NULL)
bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
if (!load_config(bio_err, NULL))
goto end;
@ -87,43 +88,36 @@ int MAIN(int argc, char **argv)
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
args = argv + 1;
while (!badarg && *args && *args[0] == '-')
{
if (!strcmp (*args, "-in"))
{
if (args[1])
{
while (!badarg && *args && *args[0] == '-') {
if (!strcmp(*args, "-in")) {
if (args[1]) {
args++;
infile = *args;
}
else badarg = 1;
}
else if (!strcmp (*args, "-out"))
{
if (args[1])
{
} else
badarg = 1;
} else if (!strcmp(*args, "-out")) {
if (args[1]) {
args++;
outfile = *args;
}
else badarg = 1;
} else
badarg = 1;
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*args,"-engine") == 0)
{
if (!args[1]) goto bad;
engine= *(++args);
else if (strcmp(*args, "-engine") == 0) {
if (!args[1])
goto bad;
engine = *(++args);
}
#endif
else if (strcmp(*args,"-text") == 0)
text=1;
else if (strcmp(*args,"-noout") == 0)
noout=1;
else if (strcmp(*args, "-text") == 0)
text = 1;
else if (strcmp(*args, "-noout") == 0)
noout = 1;
args++;
}
if (badarg)
{
if (badarg) {
#ifndef OPENSSL_NO_ENGINE
bad:
#endif
@ -132,41 +126,33 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "-in file input file\n");
BIO_printf(bio_err, "-out file output file\n");
BIO_printf(bio_err, "-text print parameters as text\n");
BIO_printf(bio_err, "-noout don't output encoded parameters\n");
BIO_printf(bio_err,
"-noout don't output encoded parameters\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n");
BIO_printf(bio_err,
"-engine e use engine e, possibly a hardware device.\n");
#endif
return 1;
}
#ifndef OPENSSL_NO_ENGINE
setup_engine(bio_err, engine, 0);
#endif
if (infile)
{
if (!(in = BIO_new_file (infile, "r")))
{
BIO_printf(bio_err,
"Can't open input file %s\n", infile);
if (infile) {
if (!(in = BIO_new_file(infile, "r"))) {
BIO_printf(bio_err, "Can't open input file %s\n", infile);
goto end;
}
}
else
in = BIO_new_fp (stdin, BIO_NOCLOSE);
} else
in = BIO_new_fp(stdin, BIO_NOCLOSE);
if (outfile)
{
if (!(out = BIO_new_file (outfile, "w")))
{
BIO_printf(bio_err,
"Can't open output file %s\n", outfile);
if (outfile) {
if (!(out = BIO_new_file(outfile, "w"))) {
BIO_printf(bio_err, "Can't open output file %s\n", outfile);
goto end;
}
}
else
{
out = BIO_new_fp (stdout, BIO_NOCLOSE);
} else {
out = BIO_new_fp(stdout, BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
@ -176,15 +162,14 @@ int MAIN(int argc, char **argv)
}
pkey = PEM_read_bio_Parameters(in, NULL);
if (!pkey)
{
if (!pkey) {
BIO_printf(bio_err, "Error reading parameters\n");
ERR_print_errors(bio_err);
goto end;
}
if (!noout)
PEM_write_bio_Parameters(out,pkey);
PEM_write_bio_Parameters(out, pkey);
if (text)
EVP_PKEY_print_params(out, pkey, 0, NULL);
@ -197,4 +182,4 @@ int MAIN(int argc, char **argv)
BIO_free(in);
return ret;
}
}

267
apps/pkeyutl.c
View File

@ -1,5 +1,6 @@
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
* 2006.
*/
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
@ -55,7 +56,6 @@
*
*/
#include "apps.h"
#include <string.h>
#include <openssl/err.h>
@ -107,121 +107,108 @@ int MAIN(int argc, char **argv)
argc--;
argv++;
if(!bio_err) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
if (!bio_err)
bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
if (!load_config(bio_err, NULL))
goto end;
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
while(argc >= 1)
{
if (!strcmp(*argv,"-in"))
{
if (--argc < 1) badarg = 1;
else infile= *(++argv);
}
else if (!strcmp(*argv,"-out"))
{
if (--argc < 1) badarg = 1;
else outfile= *(++argv);
}
else if (!strcmp(*argv,"-sigfile"))
{
if (--argc < 1) badarg = 1;
else sigfile= *(++argv);
}
else if(!strcmp(*argv, "-inkey"))
{
while (argc >= 1) {
if (!strcmp(*argv, "-in")) {
if (--argc < 1)
badarg = 1;
else
{
infile = *(++argv);
} else if (!strcmp(*argv, "-out")) {
if (--argc < 1)
badarg = 1;
else
outfile = *(++argv);
} else if (!strcmp(*argv, "-sigfile")) {
if (--argc < 1)
badarg = 1;
else
sigfile = *(++argv);
} else if (!strcmp(*argv, "-inkey")) {
if (--argc < 1)
badarg = 1;
else {
ctx = init_ctx(&keysize,
*(++argv), keyform, key_type,
passargin, pkey_op, e);
if (!ctx)
{
BIO_puts(bio_err,
"Error initializing context\n");
if (!ctx) {
BIO_puts(bio_err, "Error initializing context\n");
ERR_print_errors(bio_err);
badarg = 1;
}
}
}
else if (!strcmp(*argv,"-peerkey"))
{
} else if (!strcmp(*argv, "-peerkey")) {
if (--argc < 1)
badarg = 1;
else if (!setup_peer(bio_err, ctx, peerform, *(++argv)))
badarg = 1;
}
else if (!strcmp(*argv,"-passin"))
{
if (--argc < 1) badarg = 1;
else passargin= *(++argv);
}
else if (strcmp(*argv,"-peerform") == 0)
{
if (--argc < 1) badarg = 1;
else peerform=str2fmt(*(++argv));
}
else if (strcmp(*argv,"-keyform") == 0)
{
if (--argc < 1) badarg = 1;
else keyform=str2fmt(*(++argv));
} else if (!strcmp(*argv, "-passin")) {
if (--argc < 1)
badarg = 1;
else
passargin = *(++argv);
} else if (strcmp(*argv, "-peerform") == 0) {
if (--argc < 1)
badarg = 1;
else
peerform = str2fmt(*(++argv));
} else if (strcmp(*argv, "-keyform") == 0) {
if (--argc < 1)
badarg = 1;
else
keyform = str2fmt(*(++argv));
}
#ifndef OPENSSL_NO_ENGINE
else if(!strcmp(*argv, "-engine"))
{
else if (!strcmp(*argv, "-engine")) {
if (--argc < 1)
badarg = 1;
else
e = setup_engine(bio_err, *(++argv), 0);
}
#endif
else if(!strcmp(*argv, "-pubin"))
else if (!strcmp(*argv, "-pubin"))
key_type = KEY_PUBKEY;
else if(!strcmp(*argv, "-certin"))
else if (!strcmp(*argv, "-certin"))
key_type = KEY_CERT;
else if(!strcmp(*argv, "-asn1parse"))
else if (!strcmp(*argv, "-asn1parse"))
asn1parse = 1;
else if(!strcmp(*argv, "-hexdump"))
else if (!strcmp(*argv, "-hexdump"))
hexdump = 1;
else if(!strcmp(*argv, "-sign"))
else if (!strcmp(*argv, "-sign"))
pkey_op = EVP_PKEY_OP_SIGN;
else if(!strcmp(*argv, "-verify"))
else if (!strcmp(*argv, "-verify"))
pkey_op = EVP_PKEY_OP_VERIFY;
else if(!strcmp(*argv, "-verifyrecover"))
else if (!strcmp(*argv, "-verifyrecover"))
pkey_op = EVP_PKEY_OP_VERIFYRECOVER;
else if(!strcmp(*argv, "-rev"))
else if (!strcmp(*argv, "-rev"))
rev = 1;
else if(!strcmp(*argv, "-encrypt"))
else if (!strcmp(*argv, "-encrypt"))
pkey_op = EVP_PKEY_OP_ENCRYPT;
else if(!strcmp(*argv, "-decrypt"))
else if (!strcmp(*argv, "-decrypt"))
pkey_op = EVP_PKEY_OP_DECRYPT;
else if(!strcmp(*argv, "-derive"))
else if (!strcmp(*argv, "-derive"))
pkey_op = EVP_PKEY_OP_DERIVE;
else if (strcmp(*argv,"-pkeyopt") == 0)
{
else if (strcmp(*argv, "-pkeyopt") == 0) {
if (--argc < 1)
badarg = 1;
else if (!ctx)
{
BIO_puts(bio_err,
"-pkeyopt command before -inkey\n");
else if (!ctx) {
BIO_puts(bio_err, "-pkeyopt command before -inkey\n");
badarg = 1;
}
else if (pkey_ctrl_string(ctx, *(++argv)) <= 0)
{
} else if (pkey_ctrl_string(ctx, *(++argv)) <= 0) {
BIO_puts(bio_err, "parameter setting error\n");
ERR_print_errors(bio_err);
goto end;
}
}
else badarg = 1;
if(badarg)
{
} else
badarg = 1;
if (badarg) {
usage();
goto end;
}
@ -229,20 +216,17 @@ int MAIN(int argc, char **argv)
argv++;
}
if (!ctx)
{
if (!ctx) {
usage();
goto end;
}
if (sigfile && (pkey_op != EVP_PKEY_OP_VERIFY))
{
if (sigfile && (pkey_op != EVP_PKEY_OP_VERIFY)) {
BIO_puts(bio_err, "Signature file specified for non verify\n");
goto end;
}
if (!sigfile && (pkey_op == EVP_PKEY_OP_VERIFY))
{
if (!sigfile && (pkey_op == EVP_PKEY_OP_VERIFY)) {
BIO_puts(bio_err, "No signature file specified for verify\n");
goto end;
}
@ -250,33 +234,24 @@ int MAIN(int argc, char **argv)
/* FIXME: seed PRNG only if needed */
app_RAND_load_file(NULL, bio_err, 0);
if (pkey_op != EVP_PKEY_OP_DERIVE)
{
if(infile)
{
if(!(in = BIO_new_file(infile, "rb")))
{
BIO_puts(bio_err,
"Error Opening Input File\n");
if (pkey_op != EVP_PKEY_OP_DERIVE) {
if (infile) {
if (!(in = BIO_new_file(infile, "rb"))) {
BIO_puts(bio_err, "Error Opening Input File\n");
ERR_print_errors(bio_err);
goto end;
}
}
else
} else
in = BIO_new_fp(stdin, BIO_NOCLOSE);
}
if(outfile)
{
if(!(out = BIO_new_file(outfile, "wb")))
{
if (outfile) {
if (!(out = BIO_new_file(outfile, "wb"))) {
BIO_printf(bio_err, "Error Creating Output File\n");
ERR_print_errors(bio_err);
goto end;
}
}
else
{
} else {
out = BIO_new_fp(stdout, BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
{
@ -286,40 +261,32 @@ int MAIN(int argc, char **argv)
#endif
}
if (sigfile)
{
if (sigfile) {
BIO *sigbio = BIO_new_file(sigfile, "rb");
if (!sigbio)
{
BIO_printf(bio_err, "Can't open signature file %s\n",
sigfile);
if (!sigbio) {
BIO_printf(bio_err, "Can't open signature file %s\n", sigfile);
goto end;
}
siglen = bio_to_mem(&sig, keysize * 10, sigbio);
BIO_free(sigbio);
if (siglen <= 0)
{
if (siglen <= 0) {
BIO_printf(bio_err, "Error reading signature data\n");
goto end;
}
}
if (in)
{
if (in) {
/* Read the input data */
buf_inlen = bio_to_mem(&buf_in, keysize * 10, in);
if(buf_inlen <= 0)
{
if (buf_inlen <= 0) {
BIO_printf(bio_err, "Error reading input Data\n");
exit(1);
}
if(rev)
{
if (rev) {
size_t i;
unsigned char ctmp;
size_t l = (size_t)buf_inlen;
for(i = 0; i < l/2; i++)
{
for (i = 0; i < l / 2; i++) {
ctmp = buf_in[i];
buf_in[i] = buf_in[l - 1 - i];
buf_in[l - 1 - i] = ctmp;
@ -327,8 +294,7 @@ int MAIN(int argc, char **argv)
}
}
if(pkey_op == EVP_PKEY_OP_VERIFY)
{
if (pkey_op == EVP_PKEY_OP_VERIFY) {
rv = EVP_PKEY_verify(ctx, sig, (size_t)siglen,
buf_in, (size_t)buf_inlen);
if (rv == 0)
@ -337,13 +303,10 @@ int MAIN(int argc, char **argv)
BIO_puts(out, "Signature Verified Successfully\n");
if (rv >= 0)
goto end;
}
else
{
} else {
rv = do_keyop(ctx, pkey_op, NULL, (size_t *)&buf_outlen,
buf_in, (size_t)buf_inlen);
if (rv > 0)
{
if (rv > 0) {
buf_out = OPENSSL_malloc(buf_outlen);
if (!buf_out)
rv = -1;
@ -354,19 +317,16 @@ int MAIN(int argc, char **argv)
}
}
if(rv <= 0)
{
if (rv <= 0) {
BIO_printf(bio_err, "Public Key operation error\n");
ERR_print_errors(bio_err);
goto end;
}
ret = 0;
if(asn1parse)
{
if(!ASN1_parse_dump(out, buf_out, buf_outlen, 1, -1))
if (asn1parse) {
if (!ASN1_parse_dump(out, buf_out, buf_outlen, 1, -1))
ERR_print_errors(bio_err);
}
else if(hexdump)
} else if (hexdump)
BIO_dump(out, (char *)buf_out, buf_outlen);
else
BIO_write(out, buf_out, buf_outlen);
@ -390,21 +350,25 @@ static void usage()
BIO_printf(bio_err, "Usage: pkeyutl [options]\n");
BIO_printf(bio_err, "-in file input file\n");
BIO_printf(bio_err, "-out file output file\n");
BIO_printf(bio_err, "-sigfile file signature file (verify operation only)\n");
BIO_printf(bio_err,
"-sigfile file signature file (verify operation only)\n");
BIO_printf(bio_err, "-inkey file input key\n");
BIO_printf(bio_err, "-keyform arg private key format - default PEM\n");
BIO_printf(bio_err, "-pubin input is a public key\n");
BIO_printf(bio_err, "-certin input is a certificate carrying a public key\n");
BIO_printf(bio_err,
"-certin input is a certificate carrying a public key\n");
BIO_printf(bio_err, "-pkeyopt X:Y public key options\n");
BIO_printf(bio_err, "-sign sign with private key\n");
BIO_printf(bio_err, "-verify verify with public key\n");
BIO_printf(bio_err, "-verifyrecover verify with public key, recover original data\n");
BIO_printf(bio_err,
"-verifyrecover verify with public key, recover original data\n");
BIO_printf(bio_err, "-encrypt encrypt with public key\n");
BIO_printf(bio_err, "-decrypt decrypt with private key\n");
BIO_printf(bio_err, "-derive derive shared secret\n");
BIO_printf(bio_err, "-hexdump hex dump output\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n");
BIO_printf(bio_err,
"-engine e use engine e, possibly a hardware device.\n");
#endif
BIO_printf(bio_err, "-passin arg pass phrase source\n");
@ -413,26 +377,23 @@ static void usage()
static EVP_PKEY_CTX *init_ctx(int *pkeysize,
char *keyfile, int keyform, int key_type,
char *passargin, int pkey_op, ENGINE *e)
{
{
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *ctx = NULL;
char *passin = NULL;
int rv = -1;
X509 *x;
if(((pkey_op == EVP_PKEY_OP_SIGN) || (pkey_op == EVP_PKEY_OP_DECRYPT)
if (((pkey_op == EVP_PKEY_OP_SIGN) || (pkey_op == EVP_PKEY_OP_DECRYPT)
|| (pkey_op == EVP_PKEY_OP_DERIVE))
&& (key_type != KEY_PRIVKEY))
{
&& (key_type != KEY_PRIVKEY)) {
BIO_printf(bio_err, "A private key is needed for this operation\n");
goto end;
}
if(!app_passwd(bio_err, passargin, NULL, &passin, NULL))
{
if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
BIO_printf(bio_err, "Error getting password\n");
goto end;
}
switch(key_type)
{
switch (key_type) {
case KEY_PRIVKEY:
pkey = load_key(bio_err, keyfile, keyform, 0,
passin, e, "Private Key");
@ -444,10 +405,8 @@ static EVP_PKEY_CTX *init_ctx(int *pkeysize,
break;
case KEY_CERT:
x = load_cert(bio_err, keyfile, keyform,
NULL, e, "Certificate");
if(x)
{
x = load_cert(bio_err, keyfile, keyform, NULL, e, "Certificate");
if (x) {
pkey = X509_get_pubkey(x);
X509_free(x);
}
@ -467,8 +426,7 @@ static EVP_PKEY_CTX *init_ctx(int *pkeysize,
if (!ctx)
goto end;
switch(pkey_op)
{
switch (pkey_op) {
case EVP_PKEY_OP_SIGN:
rv = EVP_PKEY_sign_init(ctx);
break;
@ -494,8 +452,7 @@ static EVP_PKEY_CTX *init_ctx(int *pkeysize,
break;
}
if (rv <= 0)
{
if (rv <= 0) {
EVP_PKEY_CTX_free(ctx);
ctx = NULL;
}
@ -507,24 +464,21 @@ static EVP_PKEY_CTX *init_ctx(int *pkeysize,
return ctx;
}
}
static int setup_peer(BIO *err, EVP_PKEY_CTX *ctx, int peerform,
const char *file)
{
{
EVP_PKEY *peer = NULL;
int ret;
if (!ctx)
{
if (!ctx) {
BIO_puts(err, "-peerkey command before -inkey\n");
return 0;
}
peer = load_pubkey(bio_err, file, peerform, 0, NULL, NULL, "Peer Key");
if (!peer)
{
if (!peer) {
BIO_printf(bio_err, "Error reading peer key %s\n", file);
ERR_print_errors(err);
return 0;
@ -536,15 +490,14 @@ static int setup_peer(BIO *err, EVP_PKEY_CTX *ctx, int peerform,
if (ret <= 0)
ERR_print_errors(err);
return ret;
}
}
static int do_keyop(EVP_PKEY_CTX *ctx, int pkey_op,
unsigned char *out, size_t *poutlen,
unsigned char *in, size_t inlen)
{
{
int rv = 0;
switch(pkey_op)
{
switch (pkey_op) {
case EVP_PKEY_OP_VERIFYRECOVER:
rv = EVP_PKEY_verify_recover(ctx, out, poutlen, in, inlen);
break;
@ -567,4 +520,4 @@ static int do_keyop(EVP_PKEY_CTX *ctx, int pkey_op,
}
return rv;
}
}

101
apps/prime.c
View File

@ -52,66 +52,61 @@
#include "apps.h"
#include <openssl/bn.h>
#undef PROG
#define PROG prime_main
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
int hex=0;
int checks=20;
int generate=0;
int bits=0;
int safe=0;
BIGNUM *bn=NULL;
{
int hex = 0;
int checks = 20;
int generate = 0;
int bits = 0;
int safe = 0;
BIGNUM *bn = NULL;
BIO *bio_out;
apps_startup();
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
--argc;
++argv;
while (argc >= 1 && **argv == '-')
{
if(!strcmp(*argv,"-hex"))
hex=1;
else if(!strcmp(*argv,"-generate"))
generate=1;
else if(!strcmp(*argv,"-bits"))
if(--argc < 1)
while (argc >= 1 && **argv == '-') {
if (!strcmp(*argv, "-hex"))
hex = 1;
else if (!strcmp(*argv, "-generate"))
generate = 1;
else if (!strcmp(*argv, "-bits"))
if (--argc < 1)
goto bad;
else
bits=atoi(*++argv);
else if(!strcmp(*argv,"-safe"))
safe=1;
else if(!strcmp(*argv,"-checks"))
if(--argc < 1)
bits = atoi(*++argv);
else if (!strcmp(*argv, "-safe"))
safe = 1;
else if (!strcmp(*argv, "-checks"))
if (--argc < 1)
goto bad;
else
checks=atoi(*++argv);
else
{
BIO_printf(bio_err,"Unknown option '%s'\n",*argv);
checks = atoi(*++argv);
else {
BIO_printf(bio_err, "Unknown option '%s'\n", *argv);
goto bad;
}
--argc;
++argv;
}
if (argv[0] == NULL && !generate)
{
BIO_printf(bio_err,"No prime specified\n");
if (argv[0] == NULL && !generate) {
BIO_printf(bio_err, "No prime specified\n");
goto bad;
}
if ((bio_out=BIO_new(BIO_s_file())) != NULL)
{
BIO_set_fp(bio_out,stdout,BIO_NOCLOSE);
if ((bio_out = BIO_new(BIO_s_file())) != NULL) {
BIO_set_fp(bio_out, stdout, BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
@ -120,31 +115,27 @@ int MAIN(int argc, char **argv)
#endif
}
if(generate)
{
if (generate) {
char *s;
if(!bits)
{
BIO_printf(bio_err,"Specifiy the number of bits.\n");
if (!bits) {
BIO_printf(bio_err, "Specifiy the number of bits.\n");
return 1;
}
bn=BN_new();
BN_generate_prime_ex(bn,bits,safe,NULL,NULL,NULL);
s=hex ? BN_bn2hex(bn) : BN_bn2dec(bn);
BIO_printf(bio_out,"%s\n",s);
bn = BN_new();
BN_generate_prime_ex(bn, bits, safe, NULL, NULL, NULL);
s = hex ? BN_bn2hex(bn) : BN_bn2dec(bn);
BIO_printf(bio_out, "%s\n", s);
OPENSSL_free(s);
}
} else {
if (hex)
BN_hex2bn(&bn, argv[0]);
else
{
if(hex)
BN_hex2bn(&bn,argv[0]);
else
BN_dec2bn(&bn,argv[0]);
BN_dec2bn(&bn, argv[0]);
BN_print(bio_out,bn);
BIO_printf(bio_out," is %sprime\n",
BN_is_prime_ex(bn,checks,NULL,NULL) ? "" : "not ");
BN_print(bio_out, bn);
BIO_printf(bio_out, " is %sprime\n",
BN_is_prime_ex(bn, checks, NULL, NULL) ? "" : "not ");
}
BN_free(bn);
@ -153,8 +144,8 @@ int MAIN(int argc, char **argv)
return 0;
bad:
BIO_printf(bio_err,"options are\n");
BIO_printf(bio_err,"%-14s hex\n","-hex");
BIO_printf(bio_err,"%-14s number of checks\n","-checks <n>");
BIO_printf(bio_err, "options are\n");
BIO_printf(bio_err, "%-14s hex\n", "-hex");
BIO_printf(bio_err, "%-14s number of checks\n", "-checks <n>");
return 1;
}
}

334
apps/progs.h
View File

@ -1,52 +1,52 @@
/* apps/progs.h */
/* automatically generated by progs.pl for openssl.c */
extern int verify_main(int argc,char *argv[]);
extern int asn1parse_main(int argc,char *argv[]);
extern int req_main(int argc,char *argv[]);
extern int dgst_main(int argc,char *argv[]);
extern int dh_main(int argc,char *argv[]);
extern int dhparam_main(int argc,char *argv[]);
extern int enc_main(int argc,char *argv[]);
extern int passwd_main(int argc,char *argv[]);
extern int gendh_main(int argc,char *argv[]);
extern int errstr_main(int argc,char *argv[]);
extern int ca_main(int argc,char *argv[]);
extern int crl_main(int argc,char *argv[]);
extern int rsa_main(int argc,char *argv[]);
extern int rsautl_main(int argc,char *argv[]);
extern int dsa_main(int argc,char *argv[]);
extern int dsaparam_main(int argc,char *argv[]);
extern int ec_main(int argc,char *argv[]);
extern int ecparam_main(int argc,char *argv[]);
extern int x509_main(int argc,char *argv[]);
extern int genrsa_main(int argc,char *argv[]);
extern int gendsa_main(int argc,char *argv[]);
extern int genpkey_main(int argc,char *argv[]);
extern int s_server_main(int argc,char *argv[]);
extern int s_client_main(int argc,char *argv[]);
extern int speed_main(int argc,char *argv[]);
extern int s_time_main(int argc,char *argv[]);
extern int version_main(int argc,char *argv[]);
extern int pkcs7_main(int argc,char *argv[]);
extern int cms_main(int argc,char *argv[]);
extern int crl2pkcs7_main(int argc,char *argv[]);
extern int sess_id_main(int argc,char *argv[]);
extern int ciphers_main(int argc,char *argv[]);
extern int nseq_main(int argc,char *argv[]);
extern int pkcs12_main(int argc,char *argv[]);
extern int pkcs8_main(int argc,char *argv[]);
extern int pkey_main(int argc,char *argv[]);
extern int pkeyparam_main(int argc,char *argv[]);
extern int pkeyutl_main(int argc,char *argv[]);
extern int spkac_main(int argc,char *argv[]);
extern int smime_main(int argc,char *argv[]);
extern int rand_main(int argc,char *argv[]);
extern int engine_main(int argc,char *argv[]);
extern int ocsp_main(int argc,char *argv[]);
extern int prime_main(int argc,char *argv[]);
extern int ts_main(int argc,char *argv[]);
extern int srp_main(int argc,char *argv[]);
extern int verify_main(int argc, char *argv[]);
extern int asn1parse_main(int argc, char *argv[]);
extern int req_main(int argc, char *argv[]);
extern int dgst_main(int argc, char *argv[]);
extern int dh_main(int argc, char *argv[]);
extern int dhparam_main(int argc, char *argv[]);
extern int enc_main(int argc, char *argv[]);
extern int passwd_main(int argc, char *argv[]);
extern int gendh_main(int argc, char *argv[]);
extern int errstr_main(int argc, char *argv[]);
extern int ca_main(int argc, char *argv[]);
extern int crl_main(int argc, char *argv[]);
extern int rsa_main(int argc, char *argv[]);
extern int rsautl_main(int argc, char *argv[]);
extern int dsa_main(int argc, char *argv[]);
extern int dsaparam_main(int argc, char *argv[]);
extern int ec_main(int argc, char *argv[]);
extern int ecparam_main(int argc, char *argv[]);
extern int x509_main(int argc, char *argv[]);
extern int genrsa_main(int argc, char *argv[]);
extern int gendsa_main(int argc, char *argv[]);
extern int genpkey_main(int argc, char *argv[]);
extern int s_server_main(int argc, char *argv[]);
extern int s_client_main(int argc, char *argv[]);
extern int speed_main(int argc, char *argv[]);
extern int s_time_main(int argc, char *argv[]);
extern int version_main(int argc, char *argv[]);
extern int pkcs7_main(int argc, char *argv[]);
extern int cms_main(int argc, char *argv[]);
extern int crl2pkcs7_main(int argc, char *argv[]);
extern int sess_id_main(int argc, char *argv[]);
extern int ciphers_main(int argc, char *argv[]);
extern int nseq_main(int argc, char *argv[]);
extern int pkcs12_main(int argc, char *argv[]);
extern int pkcs8_main(int argc, char *argv[]);
extern int pkey_main(int argc, char *argv[]);
extern int pkeyparam_main(int argc, char *argv[]);
extern int pkeyutl_main(int argc, char *argv[]);
extern int spkac_main(int argc, char *argv[]);
extern int smime_main(int argc, char *argv[]);
extern int rand_main(int argc, char *argv[]);
extern int engine_main(int argc, char *argv[]);
extern int ocsp_main(int argc, char *argv[]);
extern int prime_main(int argc, char *argv[]);
extern int ts_main(int argc, char *argv[]);
extern int srp_main(int argc, char *argv[]);
#define FUNC_TYPE_GENERAL 1
#define FUNC_TYPE_MD 2
@ -58,309 +58,309 @@ extern int srp_main(int argc,char *argv[]);
typedef struct {
int type;
const char *name;
int (*func)(int argc,char *argv[]);
} FUNCTION;
int (*func) (int argc, char *argv[]);
} FUNCTION;
DECLARE_LHASH_OF(FUNCTION);
FUNCTION functions[] = {
{FUNC_TYPE_GENERAL,"verify",verify_main},
{FUNC_TYPE_GENERAL,"asn1parse",asn1parse_main},
{FUNC_TYPE_GENERAL,"req",req_main},
{FUNC_TYPE_GENERAL,"dgst",dgst_main},
{FUNC_TYPE_GENERAL, "verify", verify_main},
{FUNC_TYPE_GENERAL, "asn1parse", asn1parse_main},
{FUNC_TYPE_GENERAL, "req", req_main},
{FUNC_TYPE_GENERAL, "dgst", dgst_main},
#ifndef OPENSSL_NO_DH
{FUNC_TYPE_GENERAL,"dh",dh_main},
{FUNC_TYPE_GENERAL, "dh", dh_main},
#endif
#ifndef OPENSSL_NO_DH
{FUNC_TYPE_GENERAL,"dhparam",dhparam_main},
{FUNC_TYPE_GENERAL, "dhparam", dhparam_main},
#endif
{FUNC_TYPE_GENERAL,"enc",enc_main},
{FUNC_TYPE_GENERAL,"passwd",passwd_main},
{FUNC_TYPE_GENERAL, "enc", enc_main},
{FUNC_TYPE_GENERAL, "passwd", passwd_main},
#ifndef OPENSSL_NO_DH
{FUNC_TYPE_GENERAL,"gendh",gendh_main},
{FUNC_TYPE_GENERAL, "gendh", gendh_main},
#endif
{FUNC_TYPE_GENERAL,"errstr",errstr_main},
{FUNC_TYPE_GENERAL,"ca",ca_main},
{FUNC_TYPE_GENERAL,"crl",crl_main},
{FUNC_TYPE_GENERAL, "errstr", errstr_main},
{FUNC_TYPE_GENERAL, "ca", ca_main},
{FUNC_TYPE_GENERAL, "crl", crl_main},
#ifndef OPENSSL_NO_RSA
{FUNC_TYPE_GENERAL,"rsa",rsa_main},
{FUNC_TYPE_GENERAL, "rsa", rsa_main},
#endif
#ifndef OPENSSL_NO_RSA
{FUNC_TYPE_GENERAL,"rsautl",rsautl_main},
{FUNC_TYPE_GENERAL, "rsautl", rsautl_main},
#endif
#ifndef OPENSSL_NO_DSA
{FUNC_TYPE_GENERAL,"dsa",dsa_main},
{FUNC_TYPE_GENERAL, "dsa", dsa_main},
#endif
#ifndef OPENSSL_NO_DSA
{FUNC_TYPE_GENERAL,"dsaparam",dsaparam_main},
{FUNC_TYPE_GENERAL, "dsaparam", dsaparam_main},
#endif
#ifndef OPENSSL_NO_EC
{FUNC_TYPE_GENERAL,"ec",ec_main},
{FUNC_TYPE_GENERAL, "ec", ec_main},
#endif
#ifndef OPENSSL_NO_EC
{FUNC_TYPE_GENERAL,"ecparam",ecparam_main},
{FUNC_TYPE_GENERAL, "ecparam", ecparam_main},
#endif
{FUNC_TYPE_GENERAL,"x509",x509_main},
{FUNC_TYPE_GENERAL, "x509", x509_main},
#ifndef OPENSSL_NO_RSA
{FUNC_TYPE_GENERAL,"genrsa",genrsa_main},
{FUNC_TYPE_GENERAL, "genrsa", genrsa_main},
#endif
#ifndef OPENSSL_NO_DSA
{FUNC_TYPE_GENERAL,"gendsa",gendsa_main},
{FUNC_TYPE_GENERAL, "gendsa", gendsa_main},
#endif
{FUNC_TYPE_GENERAL,"genpkey",genpkey_main},
{FUNC_TYPE_GENERAL, "genpkey", genpkey_main},
#if !defined(OPENSSL_NO_SOCK)
{FUNC_TYPE_GENERAL,"s_server",s_server_main},
{FUNC_TYPE_GENERAL, "s_server", s_server_main},
#endif
#if !defined(OPENSSL_NO_SOCK)
{FUNC_TYPE_GENERAL,"s_client",s_client_main},
{FUNC_TYPE_GENERAL, "s_client", s_client_main},
#endif
#ifndef OPENSSL_NO_SPEED
{FUNC_TYPE_GENERAL,"speed",speed_main},
{FUNC_TYPE_GENERAL, "speed", speed_main},
#endif
#if !defined(OPENSSL_NO_SOCK)
{FUNC_TYPE_GENERAL,"s_time",s_time_main},
{FUNC_TYPE_GENERAL, "s_time", s_time_main},
#endif
{FUNC_TYPE_GENERAL,"version",version_main},
{FUNC_TYPE_GENERAL,"pkcs7",pkcs7_main},
{FUNC_TYPE_GENERAL, "version", version_main},
{FUNC_TYPE_GENERAL, "pkcs7", pkcs7_main},
#ifndef OPENSSL_NO_CMS
{FUNC_TYPE_GENERAL,"cms",cms_main},
{FUNC_TYPE_GENERAL, "cms", cms_main},
#endif
{FUNC_TYPE_GENERAL,"crl2pkcs7",crl2pkcs7_main},
{FUNC_TYPE_GENERAL,"sess_id",sess_id_main},
{FUNC_TYPE_GENERAL, "crl2pkcs7", crl2pkcs7_main},
{FUNC_TYPE_GENERAL, "sess_id", sess_id_main},
#if !defined(OPENSSL_NO_SOCK)
{FUNC_TYPE_GENERAL,"ciphers",ciphers_main},
{FUNC_TYPE_GENERAL, "ciphers", ciphers_main},
#endif
{FUNC_TYPE_GENERAL,"nseq",nseq_main},
{FUNC_TYPE_GENERAL, "nseq", nseq_main},
#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)
{FUNC_TYPE_GENERAL,"pkcs12",pkcs12_main},
{FUNC_TYPE_GENERAL, "pkcs12", pkcs12_main},
#endif
{FUNC_TYPE_GENERAL,"pkcs8",pkcs8_main},
{FUNC_TYPE_GENERAL,"pkey",pkey_main},
{FUNC_TYPE_GENERAL,"pkeyparam",pkeyparam_main},
{FUNC_TYPE_GENERAL,"pkeyutl",pkeyutl_main},
{FUNC_TYPE_GENERAL,"spkac",spkac_main},
{FUNC_TYPE_GENERAL,"smime",smime_main},
{FUNC_TYPE_GENERAL,"rand",rand_main},
{FUNC_TYPE_GENERAL, "pkcs8", pkcs8_main},
{FUNC_TYPE_GENERAL, "pkey", pkey_main},
{FUNC_TYPE_GENERAL, "pkeyparam", pkeyparam_main},
{FUNC_TYPE_GENERAL, "pkeyutl", pkeyutl_main},
{FUNC_TYPE_GENERAL, "spkac", spkac_main},
{FUNC_TYPE_GENERAL, "smime", smime_main},
{FUNC_TYPE_GENERAL, "rand", rand_main},
#ifndef OPENSSL_NO_ENGINE
{FUNC_TYPE_GENERAL,"engine",engine_main},
{FUNC_TYPE_GENERAL, "engine", engine_main},
#endif
#ifndef OPENSSL_NO_OCSP
{FUNC_TYPE_GENERAL,"ocsp",ocsp_main},
{FUNC_TYPE_GENERAL, "ocsp", ocsp_main},
#endif
{FUNC_TYPE_GENERAL,"prime",prime_main},
{FUNC_TYPE_GENERAL,"ts",ts_main},
{FUNC_TYPE_GENERAL, "prime", prime_main},
{FUNC_TYPE_GENERAL, "ts", ts_main},
#ifndef OPENSSL_NO_SRP
{FUNC_TYPE_GENERAL,"srp",srp_main},
{FUNC_TYPE_GENERAL, "srp", srp_main},
#endif
#ifndef OPENSSL_NO_MD2
{FUNC_TYPE_MD,"md2",dgst_main},
{FUNC_TYPE_MD, "md2", dgst_main},
#endif
#ifndef OPENSSL_NO_MD4
{FUNC_TYPE_MD,"md4",dgst_main},
{FUNC_TYPE_MD, "md4", dgst_main},
#endif
#ifndef OPENSSL_NO_MD5
{FUNC_TYPE_MD,"md5",dgst_main},
{FUNC_TYPE_MD, "md5", dgst_main},
#endif
#ifndef OPENSSL_NO_SHA
{FUNC_TYPE_MD,"sha",dgst_main},
{FUNC_TYPE_MD, "sha", dgst_main},
#endif
#ifndef OPENSSL_NO_SHA1
{FUNC_TYPE_MD,"sha1",dgst_main},
{FUNC_TYPE_MD, "sha1", dgst_main},
#endif
#ifndef OPENSSL_NO_MDC2
{FUNC_TYPE_MD,"mdc2",dgst_main},
{FUNC_TYPE_MD, "mdc2", dgst_main},
#endif
#ifndef OPENSSL_NO_RMD160
{FUNC_TYPE_MD,"rmd160",dgst_main},
{FUNC_TYPE_MD, "rmd160", dgst_main},
#endif
#ifndef OPENSSL_NO_AES
{FUNC_TYPE_CIPHER,"aes-128-cbc",enc_main},
{FUNC_TYPE_CIPHER, "aes-128-cbc", enc_main},
#endif
#ifndef OPENSSL_NO_AES
{FUNC_TYPE_CIPHER,"aes-128-ecb",enc_main},
{FUNC_TYPE_CIPHER, "aes-128-ecb", enc_main},
#endif
#ifndef OPENSSL_NO_AES
{FUNC_TYPE_CIPHER,"aes-192-cbc",enc_main},
{FUNC_TYPE_CIPHER, "aes-192-cbc", enc_main},
#endif
#ifndef OPENSSL_NO_AES
{FUNC_TYPE_CIPHER,"aes-192-ecb",enc_main},
{FUNC_TYPE_CIPHER, "aes-192-ecb", enc_main},
#endif
#ifndef OPENSSL_NO_AES
{FUNC_TYPE_CIPHER,"aes-256-cbc",enc_main},
{FUNC_TYPE_CIPHER, "aes-256-cbc", enc_main},
#endif
#ifndef OPENSSL_NO_AES
{FUNC_TYPE_CIPHER,"aes-256-ecb",enc_main},
{FUNC_TYPE_CIPHER, "aes-256-ecb", enc_main},
#endif
#ifndef OPENSSL_NO_CAMELLIA
{FUNC_TYPE_CIPHER,"camellia-128-cbc",enc_main},
{FUNC_TYPE_CIPHER, "camellia-128-cbc", enc_main},
#endif
#ifndef OPENSSL_NO_CAMELLIA
{FUNC_TYPE_CIPHER,"camellia-128-ecb",enc_main},
{FUNC_TYPE_CIPHER, "camellia-128-ecb", enc_main},
#endif
#ifndef OPENSSL_NO_CAMELLIA
{FUNC_TYPE_CIPHER,"camellia-192-cbc",enc_main},
{FUNC_TYPE_CIPHER, "camellia-192-cbc", enc_main},
#endif
#ifndef OPENSSL_NO_CAMELLIA
{FUNC_TYPE_CIPHER,"camellia-192-ecb",enc_main},
{FUNC_TYPE_CIPHER, "camellia-192-ecb", enc_main},
#endif
#ifndef OPENSSL_NO_CAMELLIA
{FUNC_TYPE_CIPHER,"camellia-256-cbc",enc_main},
{FUNC_TYPE_CIPHER, "camellia-256-cbc", enc_main},
#endif
#ifndef OPENSSL_NO_CAMELLIA
{FUNC_TYPE_CIPHER,"camellia-256-ecb",enc_main},
{FUNC_TYPE_CIPHER, "camellia-256-ecb", enc_main},
#endif
{FUNC_TYPE_CIPHER,"base64",enc_main},
{FUNC_TYPE_CIPHER, "base64", enc_main},
#ifdef ZLIB
{FUNC_TYPE_CIPHER,"zlib",enc_main},
{FUNC_TYPE_CIPHER, "zlib", enc_main},
#endif
#ifndef OPENSSL_NO_DES
{FUNC_TYPE_CIPHER,"des",enc_main},
{FUNC_TYPE_CIPHER, "des", enc_main},
#endif
#ifndef OPENSSL_NO_DES
{FUNC_TYPE_CIPHER,"des3",enc_main},
{FUNC_TYPE_CIPHER, "des3", enc_main},
#endif
#ifndef OPENSSL_NO_DES
{FUNC_TYPE_CIPHER,"desx",enc_main},
{FUNC_TYPE_CIPHER, "desx", enc_main},
#endif
#ifndef OPENSSL_NO_IDEA
{FUNC_TYPE_CIPHER,"idea",enc_main},
{FUNC_TYPE_CIPHER, "idea", enc_main},
#endif
#ifndef OPENSSL_NO_SEED
{FUNC_TYPE_CIPHER,"seed",enc_main},
{FUNC_TYPE_CIPHER, "seed", enc_main},
#endif
#ifndef OPENSSL_NO_RC4
{FUNC_TYPE_CIPHER,"rc4",enc_main},
{FUNC_TYPE_CIPHER, "rc4", enc_main},
#endif
#ifndef OPENSSL_NO_RC4
{FUNC_TYPE_CIPHER,"rc4-40",enc_main},
{FUNC_TYPE_CIPHER, "rc4-40", enc_main},
#endif
#ifndef OPENSSL_NO_RC2
{FUNC_TYPE_CIPHER,"rc2",enc_main},
{FUNC_TYPE_CIPHER, "rc2", enc_main},
#endif
#ifndef OPENSSL_NO_BF
{FUNC_TYPE_CIPHER,"bf",enc_main},
{FUNC_TYPE_CIPHER, "bf", enc_main},
#endif
#ifndef OPENSSL_NO_CAST
{FUNC_TYPE_CIPHER,"cast",enc_main},
{FUNC_TYPE_CIPHER, "cast", enc_main},
#endif
#ifndef OPENSSL_NO_RC5
{FUNC_TYPE_CIPHER,"rc5",enc_main},
{FUNC_TYPE_CIPHER, "rc5", enc_main},
#endif
#ifndef OPENSSL_NO_DES
{FUNC_TYPE_CIPHER,"des-ecb",enc_main},
{FUNC_TYPE_CIPHER, "des-ecb", enc_main},
#endif
#ifndef OPENSSL_NO_DES
{FUNC_TYPE_CIPHER,"des-ede",enc_main},
{FUNC_TYPE_CIPHER, "des-ede", enc_main},
#endif
#ifndef OPENSSL_NO_DES
{FUNC_TYPE_CIPHER,"des-ede3",enc_main},
{FUNC_TYPE_CIPHER, "des-ede3", enc_main},
#endif
#ifndef OPENSSL_NO_DES
{FUNC_TYPE_CIPHER,"des-cbc",enc_main},
{FUNC_TYPE_CIPHER, "des-cbc", enc_main},
#endif
#ifndef OPENSSL_NO_DES
{FUNC_TYPE_CIPHER,"des-ede-cbc",enc_main},
{FUNC_TYPE_CIPHER, "des-ede-cbc", enc_main},
#endif
#ifndef OPENSSL_NO_DES
{FUNC_TYPE_CIPHER,"des-ede3-cbc",enc_main},
{FUNC_TYPE_CIPHER, "des-ede3-cbc", enc_main},
#endif
#ifndef OPENSSL_NO_DES
{FUNC_TYPE_CIPHER,"des-cfb",enc_main},
{FUNC_TYPE_CIPHER, "des-cfb", enc_main},
#endif
#ifndef OPENSSL_NO_DES
{FUNC_TYPE_CIPHER,"des-ede-cfb",enc_main},
{FUNC_TYPE_CIPHER, "des-ede-cfb", enc_main},
#endif
#ifndef OPENSSL_NO_DES
{FUNC_TYPE_CIPHER,"des-ede3-cfb",enc_main},
{FUNC_TYPE_CIPHER, "des-ede3-cfb", enc_main},
#endif
#ifndef OPENSSL_NO_DES
{FUNC_TYPE_CIPHER,"des-ofb",enc_main},
{FUNC_TYPE_CIPHER, "des-ofb", enc_main},
#endif
#ifndef OPENSSL_NO_DES
{FUNC_TYPE_CIPHER,"des-ede-ofb",enc_main},
{FUNC_TYPE_CIPHER, "des-ede-ofb", enc_main},
#endif
#ifndef OPENSSL_NO_DES
{FUNC_TYPE_CIPHER,"des-ede3-ofb",enc_main},
{FUNC_TYPE_CIPHER, "des-ede3-ofb", enc_main},
#endif
#ifndef OPENSSL_NO_IDEA
{FUNC_TYPE_CIPHER,"idea-cbc",enc_main},
{FUNC_TYPE_CIPHER, "idea-cbc", enc_main},
#endif
#ifndef OPENSSL_NO_IDEA
{FUNC_TYPE_CIPHER,"idea-ecb",enc_main},
{FUNC_TYPE_CIPHER, "idea-ecb", enc_main},
#endif
#ifndef OPENSSL_NO_IDEA
{FUNC_TYPE_CIPHER,"idea-cfb",enc_main},
{FUNC_TYPE_CIPHER, "idea-cfb", enc_main},
#endif
#ifndef OPENSSL_NO_IDEA
{FUNC_TYPE_CIPHER,"idea-ofb",enc_main},
{FUNC_TYPE_CIPHER, "idea-ofb", enc_main},
#endif
#ifndef OPENSSL_NO_SEED
{FUNC_TYPE_CIPHER,"seed-cbc",enc_main},
{FUNC_TYPE_CIPHER, "seed-cbc", enc_main},
#endif
#ifndef OPENSSL_NO_SEED
{FUNC_TYPE_CIPHER,"seed-ecb",enc_main},
{FUNC_TYPE_CIPHER, "seed-ecb", enc_main},
#endif
#ifndef OPENSSL_NO_SEED
{FUNC_TYPE_CIPHER,"seed-cfb",enc_main},
{FUNC_TYPE_CIPHER, "seed-cfb", enc_main},
#endif
#ifndef OPENSSL_NO_SEED
{FUNC_TYPE_CIPHER,"seed-ofb",enc_main},
{FUNC_TYPE_CIPHER, "seed-ofb", enc_main},
#endif
#ifndef OPENSSL_NO_RC2
{FUNC_TYPE_CIPHER,"rc2-cbc",enc_main},
{FUNC_TYPE_CIPHER, "rc2-cbc", enc_main},
#endif
#ifndef OPENSSL_NO_RC2
{FUNC_TYPE_CIPHER,"rc2-ecb",enc_main},
{FUNC_TYPE_CIPHER, "rc2-ecb", enc_main},
#endif
#ifndef OPENSSL_NO_RC2
{FUNC_TYPE_CIPHER,"rc2-cfb",enc_main},
{FUNC_TYPE_CIPHER, "rc2-cfb", enc_main},
#endif
#ifndef OPENSSL_NO_RC2
{FUNC_TYPE_CIPHER,"rc2-ofb",enc_main},
{FUNC_TYPE_CIPHER, "rc2-ofb", enc_main},
#endif
#ifndef OPENSSL_NO_RC2
{FUNC_TYPE_CIPHER,"rc2-64-cbc",enc_main},
{FUNC_TYPE_CIPHER, "rc2-64-cbc", enc_main},
#endif
#ifndef OPENSSL_NO_RC2
{FUNC_TYPE_CIPHER,"rc2-40-cbc",enc_main},
{FUNC_TYPE_CIPHER, "rc2-40-cbc", enc_main},
#endif
#ifndef OPENSSL_NO_BF
{FUNC_TYPE_CIPHER,"bf-cbc",enc_main},
{FUNC_TYPE_CIPHER, "bf-cbc", enc_main},
#endif
#ifndef OPENSSL_NO_BF
{FUNC_TYPE_CIPHER,"bf-ecb",enc_main},
{FUNC_TYPE_CIPHER, "bf-ecb", enc_main},
#endif
#ifndef OPENSSL_NO_BF
{FUNC_TYPE_CIPHER,"bf-cfb",enc_main},
{FUNC_TYPE_CIPHER, "bf-cfb", enc_main},
#endif
#ifndef OPENSSL_NO_BF
{FUNC_TYPE_CIPHER,"bf-ofb",enc_main},
{FUNC_TYPE_CIPHER, "bf-ofb", enc_main},
#endif
#ifndef OPENSSL_NO_CAST
{FUNC_TYPE_CIPHER,"cast5-cbc",enc_main},
{FUNC_TYPE_CIPHER, "cast5-cbc", enc_main},
#endif
#ifndef OPENSSL_NO_CAST
{FUNC_TYPE_CIPHER,"cast5-ecb",enc_main},
{FUNC_TYPE_CIPHER, "cast5-ecb", enc_main},
#endif
#ifndef OPENSSL_NO_CAST
{FUNC_TYPE_CIPHER,"cast5-cfb",enc_main},
{FUNC_TYPE_CIPHER, "cast5-cfb", enc_main},
#endif
#ifndef OPENSSL_NO_CAST
{FUNC_TYPE_CIPHER,"cast5-ofb",enc_main},
{FUNC_TYPE_CIPHER, "cast5-ofb", enc_main},
#endif
#ifndef OPENSSL_NO_CAST
{FUNC_TYPE_CIPHER,"cast-cbc",enc_main},
{FUNC_TYPE_CIPHER, "cast-cbc", enc_main},
#endif
#ifndef OPENSSL_NO_RC5
{FUNC_TYPE_CIPHER,"rc5-cbc",enc_main},
{FUNC_TYPE_CIPHER, "rc5-cbc", enc_main},
#endif
#ifndef OPENSSL_NO_RC5
{FUNC_TYPE_CIPHER,"rc5-ecb",enc_main},
{FUNC_TYPE_CIPHER, "rc5-ecb", enc_main},
#endif
#ifndef OPENSSL_NO_RC5
{FUNC_TYPE_CIPHER,"rc5-cfb",enc_main},
{FUNC_TYPE_CIPHER, "rc5-cfb", enc_main},
#endif
#ifndef OPENSSL_NO_RC5
{FUNC_TYPE_CIPHER,"rc5-ofb",enc_main},
{FUNC_TYPE_CIPHER, "rc5-ofb", enc_main},
#endif
{0,NULL,NULL}
};
{0, NULL, NULL}
};

73
apps/rand.c
View File

@ -77,7 +77,7 @@
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
{
int i, r, ret = 1;
int badopt;
char *outfile = NULL;
@ -87,71 +87,58 @@ int MAIN(int argc, char **argv)
BIO *out = NULL;
int num = -1;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
char *engine = NULL;
#endif
apps_startup();
if (bio_err == NULL)
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT);
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
if (!load_config(bio_err, NULL))
goto err;
badopt = 0;
i = 0;
while (!badopt && argv[++i] != NULL)
{
if (strcmp(argv[i], "-out") == 0)
{
if ((argv[i+1] != NULL) && (outfile == NULL))
while (!badopt && argv[++i] != NULL) {
if (strcmp(argv[i], "-out") == 0) {
if ((argv[i + 1] != NULL) && (outfile == NULL))
outfile = argv[++i];
else
badopt = 1;
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(argv[i], "-engine") == 0)
{
if ((argv[i+1] != NULL) && (engine == NULL))
else if (strcmp(argv[i], "-engine") == 0) {
if ((argv[i + 1] != NULL) && (engine == NULL))
engine = argv[++i];
else
badopt = 1;
}
#endif
else if (strcmp(argv[i], "-rand") == 0)
{
if ((argv[i+1] != NULL) && (inrand == NULL))
else if (strcmp(argv[i], "-rand") == 0) {
if ((argv[i + 1] != NULL) && (inrand == NULL))
inrand = argv[++i];
else
badopt = 1;
}
else if (strcmp(argv[i], "-base64") == 0)
{
} else if (strcmp(argv[i], "-base64") == 0) {
if (!base64)
base64 = 1;
else
badopt = 1;
}
else if (strcmp(argv[i], "-hex") == 0)
{
} else if (strcmp(argv[i], "-hex") == 0) {
if (!hex)
hex = 1;
else
badopt = 1;
}
else if (isdigit((unsigned char)argv[i][0]))
{
if (num < 0)
{
} else if (isdigit((unsigned char)argv[i][0])) {
if (num < 0) {
r = sscanf(argv[i], "%d", &num);
if (r == 0 || num < 0)
badopt = 1;
}
else
} else
badopt = 1;
}
else
} else
badopt = 1;
}
@ -161,27 +148,27 @@ int MAIN(int argc, char **argv)
if (num < 0)
badopt = 1;
if (badopt)
{
if (badopt) {
BIO_printf(bio_err, "Usage: rand [options] num\n");
BIO_printf(bio_err, "where options are\n");
BIO_printf(bio_err, "-out file - write to file\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err, "-engine e - use engine e, possibly a hardware device.\n");
BIO_printf(bio_err,
"-engine e - use engine e, possibly a hardware device.\n");
#endif
BIO_printf(bio_err, "-rand file%cfile%c... - seed PRNG from files\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err, "-rand file%cfile%c... - seed PRNG from files\n",
LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err, "-base64 - base64 encode output\n");
BIO_printf(bio_err, "-hex - hex encode output\n");
goto err;
}
#ifndef OPENSSL_NO_ENGINE
setup_engine(bio_err, engine, 0);
#endif
app_RAND_load_file(NULL, bio_err, (inrand != NULL));
if (inrand != NULL)
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
app_RAND_load_files(inrand));
out = BIO_new(BIO_s_file());
@ -189,8 +176,7 @@ int MAIN(int argc, char **argv)
goto err;
if (outfile != NULL)
r = BIO_write_filename(out, outfile);
else
{
else {
r = BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
#ifdef OPENSSL_SYS_VMS
{
@ -202,16 +188,14 @@ int MAIN(int argc, char **argv)
if (r <= 0)
goto err;
if (base64)
{
if (base64) {
BIO *b64 = BIO_new(BIO_f_base64());
if (b64 == NULL)
goto err;
out = BIO_push(b64, out);
}
while (num > 0)
{
while (num > 0) {
unsigned char buf[4096];
int chunk;
@ -223,8 +207,7 @@ int MAIN(int argc, char **argv)
goto err;
if (!hex)
BIO_write(out, buf, chunk);
else
{
else {
for (i = 0; i < chunk; i++)
BIO_printf(out, "%02x", buf[i]);
}
@ -237,10 +220,10 @@ int MAIN(int argc, char **argv)
app_RAND_write_file(NULL, bio_err);
ret = 0;
err:
err:
ERR_print_errors(bio_err);
if (out)
BIO_free_all(out);
apps_shutdown();
OPENSSL_EXIT(ret);
}
}

1651
apps/req.c
View File

File diff suppressed because it is too large Load Diff

430
apps/rsa.c
View File

@ -58,21 +58,21 @@
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_RSA
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>
#include "apps.h"
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/rsa.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/bn.h>
# include <stdio.h>
# include <stdlib.h>
# include <string.h>
# include <time.h>
# include "apps.h"
# include <openssl/bio.h>
# include <openssl/err.h>
# include <openssl/rsa.h>
# include <openssl/evp.h>
# include <openssl/x509.h>
# include <openssl/pem.h>
# include <openssl/bn.h>
#undef PROG
#define PROG rsa_main
# undef PROG
# define PROG rsa_main
/*-
* -inform arg - input format - default PEM (one of DER, NET or PEM)
@ -99,195 +99,195 @@
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
{
ENGINE *e = NULL;
int ret=1;
RSA *rsa=NULL;
int i,badops=0, sgckey=0;
const EVP_CIPHER *enc=NULL;
BIO *out=NULL;
int informat,outformat,text=0,check=0,noout=0;
int ret = 1;
RSA *rsa = NULL;
int i, badops = 0, sgckey = 0;
const EVP_CIPHER *enc = NULL;
BIO *out = NULL;
int informat, outformat, text = 0, check = 0, noout = 0;
int pubin = 0, pubout = 0;
char *infile,*outfile,*prog;
char *infile, *outfile, *prog;
char *passargin = NULL, *passargout = NULL;
char *passin = NULL, *passout = NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
int modulus=0;
# ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
# endif
int modulus = 0;
int pvk_encr = 2;
apps_startup();
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
if (!load_config(bio_err, NULL))
goto end;
infile=NULL;
outfile=NULL;
informat=FORMAT_PEM;
outformat=FORMAT_PEM;
infile = NULL;
outfile = NULL;
informat = FORMAT_PEM;
outformat = FORMAT_PEM;
prog=argv[0];
prog = argv[0];
argc--;
argv++;
while (argc >= 1)
{
if (strcmp(*argv,"-inform") == 0)
{
if (--argc < 1) goto bad;
informat=str2fmt(*(++argv));
while (argc >= 1) {
if (strcmp(*argv, "-inform") == 0) {
if (--argc < 1)
goto bad;
informat = str2fmt(*(++argv));
} else if (strcmp(*argv, "-outform") == 0) {
if (--argc < 1)
goto bad;
outformat = str2fmt(*(++argv));
} else if (strcmp(*argv, "-in") == 0) {
if (--argc < 1)
goto bad;
infile = *(++argv);
} else if (strcmp(*argv, "-out") == 0) {
if (--argc < 1)
goto bad;
outfile = *(++argv);
} else if (strcmp(*argv, "-passin") == 0) {
if (--argc < 1)
goto bad;
passargin = *(++argv);
} else if (strcmp(*argv, "-passout") == 0) {
if (--argc < 1)
goto bad;
passargout = *(++argv);
}
else if (strcmp(*argv,"-outform") == 0)
{
if (--argc < 1) goto bad;
outformat=str2fmt(*(++argv));
# ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv, "-engine") == 0) {
if (--argc < 1)
goto bad;
engine = *(++argv);
}
else if (strcmp(*argv,"-in") == 0)
{
if (--argc < 1) goto bad;
infile= *(++argv);
}
else if (strcmp(*argv,"-out") == 0)
{
if (--argc < 1) goto bad;
outfile= *(++argv);
}
else if (strcmp(*argv,"-passin") == 0)
{
if (--argc < 1) goto bad;
passargin= *(++argv);
}
else if (strcmp(*argv,"-passout") == 0)
{
if (--argc < 1) goto bad;
passargout= *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-sgckey") == 0)
sgckey=1;
else if (strcmp(*argv,"-pubin") == 0)
pubin=1;
else if (strcmp(*argv,"-pubout") == 0)
pubout=1;
else if (strcmp(*argv,"-RSAPublicKey_in") == 0)
# endif
else if (strcmp(*argv, "-sgckey") == 0)
sgckey = 1;
else if (strcmp(*argv, "-pubin") == 0)
pubin = 1;
else if (strcmp(*argv, "-pubout") == 0)
pubout = 1;
else if (strcmp(*argv, "-RSAPublicKey_in") == 0)
pubin = 2;
else if (strcmp(*argv,"-RSAPublicKey_out") == 0)
else if (strcmp(*argv, "-RSAPublicKey_out") == 0)
pubout = 2;
else if (strcmp(*argv,"-pvk-strong") == 0)
pvk_encr=2;
else if (strcmp(*argv,"-pvk-weak") == 0)
pvk_encr=1;
else if (strcmp(*argv,"-pvk-none") == 0)
pvk_encr=0;
else if (strcmp(*argv,"-noout") == 0)
noout=1;
else if (strcmp(*argv,"-text") == 0)
text=1;
else if (strcmp(*argv,"-modulus") == 0)
modulus=1;
else if (strcmp(*argv,"-check") == 0)
check=1;
else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
{
BIO_printf(bio_err,"unknown option %s\n",*argv);
badops=1;
else if (strcmp(*argv, "-pvk-strong") == 0)
pvk_encr = 2;
else if (strcmp(*argv, "-pvk-weak") == 0)
pvk_encr = 1;
else if (strcmp(*argv, "-pvk-none") == 0)
pvk_encr = 0;
else if (strcmp(*argv, "-noout") == 0)
noout = 1;
else if (strcmp(*argv, "-text") == 0)
text = 1;
else if (strcmp(*argv, "-modulus") == 0)
modulus = 1;
else if (strcmp(*argv, "-check") == 0)
check = 1;
else if ((enc = EVP_get_cipherbyname(&(argv[0][1]))) == NULL) {
BIO_printf(bio_err, "unknown option %s\n", *argv);
badops = 1;
break;
}
argc--;
argv++;
}
if (badops)
{
bad:
BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
BIO_printf(bio_err,"where options are\n");
BIO_printf(bio_err," -inform arg input format - one of DER NET PEM\n");
BIO_printf(bio_err," -outform arg output format - one of DER NET PEM\n");
BIO_printf(bio_err," -in arg input file\n");
BIO_printf(bio_err," -sgckey Use IIS SGC key format\n");
BIO_printf(bio_err," -passin arg input file pass phrase source\n");
BIO_printf(bio_err," -out arg output file\n");
BIO_printf(bio_err," -passout arg output file pass phrase source\n");
BIO_printf(bio_err," -des encrypt PEM output with cbc des\n");
BIO_printf(bio_err," -des3 encrypt PEM output with ede cbc des using 168 bit key\n");
#ifndef OPENSSL_NO_IDEA
BIO_printf(bio_err," -idea encrypt PEM output with cbc idea\n");
#endif
#ifndef OPENSSL_NO_SEED
BIO_printf(bio_err," -seed encrypt PEM output with cbc seed\n");
#endif
#ifndef OPENSSL_NO_AES
BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
BIO_printf(bio_err," encrypt PEM output with cbc aes\n");
#endif
#ifndef OPENSSL_NO_CAMELLIA
BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
BIO_printf(bio_err," encrypt PEM output with cbc camellia\n");
#endif
BIO_printf(bio_err," -text print the key in text\n");
BIO_printf(bio_err," -noout don't print key out\n");
BIO_printf(bio_err," -modulus print the RSA key modulus\n");
BIO_printf(bio_err," -check verify key consistency\n");
BIO_printf(bio_err," -pubin expect a public key in input file\n");
BIO_printf(bio_err," -pubout output a public key\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
#endif
if (badops) {
bad:
BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
BIO_printf(bio_err, "where options are\n");
BIO_printf(bio_err,
" -inform arg input format - one of DER NET PEM\n");
BIO_printf(bio_err,
" -outform arg output format - one of DER NET PEM\n");
BIO_printf(bio_err, " -in arg input file\n");
BIO_printf(bio_err, " -sgckey Use IIS SGC key format\n");
BIO_printf(bio_err,
" -passin arg input file pass phrase source\n");
BIO_printf(bio_err, " -out arg output file\n");
BIO_printf(bio_err,
" -passout arg output file pass phrase source\n");
BIO_printf(bio_err,
" -des encrypt PEM output with cbc des\n");
BIO_printf(bio_err,
" -des3 encrypt PEM output with ede cbc des using 168 bit key\n");
# ifndef OPENSSL_NO_IDEA
BIO_printf(bio_err,
" -idea encrypt PEM output with cbc idea\n");
# endif
# ifndef OPENSSL_NO_SEED
BIO_printf(bio_err,
" -seed encrypt PEM output with cbc seed\n");
# endif
# ifndef OPENSSL_NO_AES
BIO_printf(bio_err, " -aes128, -aes192, -aes256\n");
BIO_printf(bio_err,
" encrypt PEM output with cbc aes\n");
# endif
# ifndef OPENSSL_NO_CAMELLIA
BIO_printf(bio_err, " -camellia128, -camellia192, -camellia256\n");
BIO_printf(bio_err,
" encrypt PEM output with cbc camellia\n");
# endif
BIO_printf(bio_err, " -text print the key in text\n");
BIO_printf(bio_err, " -noout don't print key out\n");
BIO_printf(bio_err, " -modulus print the RSA key modulus\n");
BIO_printf(bio_err, " -check verify key consistency\n");
BIO_printf(bio_err,
" -pubin expect a public key in input file\n");
BIO_printf(bio_err, " -pubout output a public key\n");
# ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err,
" -engine e use engine e, possibly a hardware device.\n");
# endif
goto end;
}
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
# ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
# endif
if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n");
goto end;
}
if(check && pubin) {
if (check && pubin) {
BIO_printf(bio_err, "Only private keys can be checked\n");
goto end;
}
out=BIO_new(BIO_s_file());
out = BIO_new(BIO_s_file());
{
EVP_PKEY *pkey;
if (pubin)
{
int tmpformat=-1;
if (pubin == 2)
{
if (pubin) {
int tmpformat = -1;
if (pubin == 2) {
if (informat == FORMAT_PEM)
tmpformat = FORMAT_PEMRSA;
else if (informat == FORMAT_ASN1)
tmpformat = FORMAT_ASN1RSA;
}
else if (informat == FORMAT_NETSCAPE && sgckey)
} else if (informat == FORMAT_NETSCAPE && sgckey)
tmpformat = FORMAT_IISSGC;
else
tmpformat = informat;
pkey = load_pubkey(bio_err, infile, tmpformat, 1,
passin, e, "Public Key");
}
else
} else
pkey = load_key(bio_err, infile,
(informat == FORMAT_NETSCAPE && sgckey ?
FORMAT_IISSGC : informat), 1,
@ -298,119 +298,105 @@ bad:
EVP_PKEY_free(pkey);
}
if (rsa == NULL)
{
if (rsa == NULL) {
ERR_print_errors(bio_err);
goto end;
}
if (outfile == NULL)
{
BIO_set_fp(out,stdout,BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
if (outfile == NULL) {
BIO_set_fp(out, stdout, BIO_NOCLOSE);
# ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
out = BIO_push(tmpbio, out);
}
#endif
}
else
{
if (BIO_write_filename(out,outfile) <= 0)
{
# endif
} else {
if (BIO_write_filename(out, outfile) <= 0) {
perror(outfile);
goto end;
}
}
if (text)
if (!RSA_print(out,rsa,0))
{
if (!RSA_print(out, rsa, 0)) {
perror(outfile);
ERR_print_errors(bio_err);
goto end;
}
if (modulus)
{
BIO_printf(out,"Modulus=");
BN_print(out,rsa->n);
BIO_printf(out,"\n");
if (modulus) {
BIO_printf(out, "Modulus=");
BN_print(out, rsa->n);
BIO_printf(out, "\n");
}
if (check)
{
if (check) {
int r = RSA_check_key(rsa);
if (r == 1)
BIO_printf(out,"RSA key ok\n");
else if (r == 0)
{
BIO_printf(out, "RSA key ok\n");
else if (r == 0) {
unsigned long err;
while ((err = ERR_peek_error()) != 0 &&
ERR_GET_LIB(err) == ERR_LIB_RSA &&
ERR_GET_FUNC(err) == RSA_F_RSA_CHECK_KEY &&
ERR_GET_REASON(err) != ERR_R_MALLOC_FAILURE)
{
BIO_printf(out, "RSA key error: %s\n", ERR_reason_error_string(err));
ERR_GET_REASON(err) != ERR_R_MALLOC_FAILURE) {
BIO_printf(out, "RSA key error: %s\n",
ERR_reason_error_string(err));
ERR_get_error(); /* remove e from error stack */
}
}
if (r == -1 || ERR_peek_error() != 0) /* should happen only if r == -1 */
{
if (r == -1 || ERR_peek_error() != 0) { /* should happen only if r ==
* -1 */
ERR_print_errors(bio_err);
goto end;
}
}
if (noout)
{
if (noout) {
ret = 0;
goto end;
}
BIO_printf(bio_err,"writing RSA key\n");
BIO_printf(bio_err, "writing RSA key\n");
if (outformat == FORMAT_ASN1) {
if(pubout || pubin)
{
if (pubout || pubin) {
if (pubout == 2)
i=i2d_RSAPublicKey_bio(out,rsa);
i = i2d_RSAPublicKey_bio(out, rsa);
else
i=i2d_RSA_PUBKEY_bio(out,rsa);
i = i2d_RSA_PUBKEY_bio(out, rsa);
} else
i = i2d_RSAPrivateKey_bio(out, rsa);
}
else i=i2d_RSAPrivateKey_bio(out,rsa);
}
#ifndef OPENSSL_NO_RC4
else if (outformat == FORMAT_NETSCAPE)
{
unsigned char *p,*pp;
# ifndef OPENSSL_NO_RC4
else if (outformat == FORMAT_NETSCAPE) {
unsigned char *p, *pp;
int size;
i=1;
size=i2d_RSA_NET(rsa,NULL,NULL, sgckey);
if ((p=(unsigned char *)OPENSSL_malloc(size)) == NULL)
{
BIO_printf(bio_err,"Memory allocation failure\n");
i = 1;
size = i2d_RSA_NET(rsa, NULL, NULL, sgckey);
if ((p = (unsigned char *)OPENSSL_malloc(size)) == NULL) {
BIO_printf(bio_err, "Memory allocation failure\n");
goto end;
}
pp=p;
i2d_RSA_NET(rsa,&p,NULL, sgckey);
BIO_write(out,(char *)pp,size);
pp = p;
i2d_RSA_NET(rsa, &p, NULL, sgckey);
BIO_write(out, (char *)pp, size);
OPENSSL_free(pp);
}
#endif
# endif
else if (outformat == FORMAT_PEM) {
if(pubout || pubin)
{
if (pubout || pubin) {
if (pubout == 2)
i=PEM_write_bio_RSAPublicKey(out,rsa);
i = PEM_write_bio_RSAPublicKey(out, rsa);
else
i=PEM_write_bio_RSA_PUBKEY(out,rsa);
}
else i=PEM_write_bio_RSAPrivateKey(out,rsa,
enc,NULL,0,NULL,passout);
#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
i = PEM_write_bio_RSA_PUBKEY(out, rsa);
} else
i = PEM_write_bio_RSAPrivateKey(out, rsa,
enc, NULL, 0, NULL, passout);
# if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
} else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
EVP_PKEY *pk;
pk = EVP_PKEY_new();
@ -422,30 +408,32 @@ bad:
else
i = i2b_PrivateKey_bio(out, pk);
EVP_PKEY_free(pk);
#endif
# endif
} else {
BIO_printf(bio_err,"bad output format specified for outfile\n");
BIO_printf(bio_err, "bad output format specified for outfile\n");
goto end;
}
if (i <= 0)
{
BIO_printf(bio_err,"unable to write key\n");
if (i <= 0) {
BIO_printf(bio_err, "unable to write key\n");
ERR_print_errors(bio_err);
}
else
ret=0;
end:
if(out != NULL) BIO_free_all(out);
if(rsa != NULL) RSA_free(rsa);
if(passin) OPENSSL_free(passin);
if(passout) OPENSSL_free(passout);
} else
ret = 0;
end:
if (out != NULL)
BIO_free_all(out);
if (rsa != NULL)
RSA_free(rsa);
if (passin)
OPENSSL_free(passin);
if (passout)
OPENSSL_free(passout);
apps_shutdown();
OPENSSL_EXIT(ret);
}
}
#else /* !OPENSSL_NO_RSA */
# if PEDANTIC
static void *dummy=&dummy;
static void *dummy = &dummy;
# endif
#endif

199
apps/rsautl.c
View File

@ -1,6 +1,7 @@
/* rsautl.c */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
* 2000.
*/
/* ====================================================================
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
@ -59,26 +60,26 @@
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_RSA
#include "apps.h"
#include <string.h>
#include <openssl/err.h>
#include <openssl/pem.h>
#include <openssl/rsa.h>
# include "apps.h"
# include <string.h>
# include <openssl/err.h>
# include <openssl/pem.h>
# include <openssl/rsa.h>
#define RSA_SIGN 1
#define RSA_VERIFY 2
#define RSA_ENCRYPT 3
#define RSA_DECRYPT 4
# define RSA_SIGN 1
# define RSA_VERIFY 2
# define RSA_ENCRYPT 3
# define RSA_DECRYPT 4
#define KEY_PRIVKEY 1
#define KEY_PUBKEY 2
#define KEY_CERT 3
# define KEY_PRIVKEY 1
# define KEY_PUBKEY 2
# define KEY_CERT 3
static void usage(void);
#undef PROG
# undef PROG
#define PROG rsautl_main
# define PROG rsautl_main
int MAIN(int argc, char **);
@ -87,9 +88,9 @@ int MAIN(int argc, char **argv)
ENGINE *e = NULL;
BIO *in = NULL, *out = NULL;
char *infile = NULL, *outfile = NULL;
#ifndef OPENSSL_NO_ENGINE
# ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
#endif
# endif
char *keyfile = NULL;
char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY;
int keyform = FORMAT_PEM;
@ -108,7 +109,8 @@ int MAIN(int argc, char **argv)
argc--;
argv++;
if(!bio_err) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
if (!bio_err)
bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
if (!load_config(bio_err, NULL))
goto end;
@ -116,63 +118,72 @@ int MAIN(int argc, char **argv)
OpenSSL_add_all_algorithms();
pad = RSA_PKCS1_PADDING;
while(argc >= 1)
{
if (!strcmp(*argv,"-in")) {
while (argc >= 1) {
if (!strcmp(*argv, "-in")) {
if (--argc < 1)
badarg = 1;
else
infile= *(++argv);
} else if (!strcmp(*argv,"-out")) {
infile = *(++argv);
} else if (!strcmp(*argv, "-out")) {
if (--argc < 1)
badarg = 1;
else
outfile= *(++argv);
} else if(!strcmp(*argv, "-inkey")) {
outfile = *(++argv);
} else if (!strcmp(*argv, "-inkey")) {
if (--argc < 1)
badarg = 1;
else
keyfile = *(++argv);
} else if (!strcmp(*argv,"-passin")) {
} else if (!strcmp(*argv, "-passin")) {
if (--argc < 1)
badarg = 1;
else
passargin= *(++argv);
} else if (strcmp(*argv,"-keyform") == 0) {
passargin = *(++argv);
} else if (strcmp(*argv, "-keyform") == 0) {
if (--argc < 1)
badarg = 1;
else
keyform=str2fmt(*(++argv));
#ifndef OPENSSL_NO_ENGINE
} else if(!strcmp(*argv, "-engine")) {
keyform = str2fmt(*(++argv));
# ifndef OPENSSL_NO_ENGINE
} else if (!strcmp(*argv, "-engine")) {
if (--argc < 1)
badarg = 1;
else
engine = *(++argv);
#endif
} else if(!strcmp(*argv, "-pubin")) {
# endif
} else if (!strcmp(*argv, "-pubin")) {
key_type = KEY_PUBKEY;
} else if(!strcmp(*argv, "-certin")) {
} else if (!strcmp(*argv, "-certin")) {
key_type = KEY_CERT;
}
else if(!strcmp(*argv, "-asn1parse")) asn1parse = 1;
else if(!strcmp(*argv, "-hexdump")) hexdump = 1;
else if(!strcmp(*argv, "-raw")) pad = RSA_NO_PADDING;
else if(!strcmp(*argv, "-oaep")) pad = RSA_PKCS1_OAEP_PADDING;
else if(!strcmp(*argv, "-ssl")) pad = RSA_SSLV23_PADDING;
else if(!strcmp(*argv, "-pkcs")) pad = RSA_PKCS1_PADDING;
else if(!strcmp(*argv, "-x931")) pad = RSA_X931_PADDING;
else if(!strcmp(*argv, "-sign")) {
} else if (!strcmp(*argv, "-asn1parse"))
asn1parse = 1;
else if (!strcmp(*argv, "-hexdump"))
hexdump = 1;
else if (!strcmp(*argv, "-raw"))
pad = RSA_NO_PADDING;
else if (!strcmp(*argv, "-oaep"))
pad = RSA_PKCS1_OAEP_PADDING;
else if (!strcmp(*argv, "-ssl"))
pad = RSA_SSLV23_PADDING;
else if (!strcmp(*argv, "-pkcs"))
pad = RSA_PKCS1_PADDING;
else if (!strcmp(*argv, "-x931"))
pad = RSA_X931_PADDING;
else if (!strcmp(*argv, "-sign")) {
rsa_mode = RSA_SIGN;
need_priv = 1;
} else if(!strcmp(*argv, "-verify")) rsa_mode = RSA_VERIFY;
else if(!strcmp(*argv, "-rev")) rev = 1;
else if(!strcmp(*argv, "-encrypt")) rsa_mode = RSA_ENCRYPT;
else if(!strcmp(*argv, "-decrypt")) {
} else if (!strcmp(*argv, "-verify"))
rsa_mode = RSA_VERIFY;
else if (!strcmp(*argv, "-rev"))
rev = 1;
else if (!strcmp(*argv, "-encrypt"))
rsa_mode = RSA_ENCRYPT;
else if (!strcmp(*argv, "-decrypt")) {
rsa_mode = RSA_DECRYPT;
need_priv = 1;
} else badarg = 1;
if(badarg) {
} else
badarg = 1;
if (badarg) {
usage();
goto end;
}
@ -180,15 +191,14 @@ int MAIN(int argc, char **argv)
argv++;
}
if(need_priv && (key_type != KEY_PRIVKEY)) {
if (need_priv && (key_type != KEY_PRIVKEY)) {
BIO_printf(bio_err, "A private key is needed for this operation\n");
goto end;
}
#ifndef OPENSSL_NO_ENGINE
# ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
# endif
if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
BIO_printf(bio_err, "Error getting password\n");
goto end;
}
@ -196,7 +206,7 @@ int MAIN(int argc, char **argv)
/* FIXME: seed PRNG only if needed */
app_RAND_load_file(NULL, bio_err, 0);
switch(key_type) {
switch (key_type) {
case KEY_PRIVKEY:
pkey = load_key(bio_err, keyfile, keyform, 0,
passin, e, "Private Key");
@ -208,51 +218,50 @@ int MAIN(int argc, char **argv)
break;
case KEY_CERT:
x = load_cert(bio_err, keyfile, keyform,
NULL, e, "Certificate");
if(x) {
x = load_cert(bio_err, keyfile, keyform, NULL, e, "Certificate");
if (x) {
pkey = X509_get_pubkey(x);
X509_free(x);
}
break;
}
if(!pkey) {
if (!pkey) {
return 1;
}
rsa = EVP_PKEY_get1_RSA(pkey);
EVP_PKEY_free(pkey);
if(!rsa) {
if (!rsa) {
BIO_printf(bio_err, "Error getting RSA key\n");
ERR_print_errors(bio_err);
goto end;
}
if(infile) {
if(!(in = BIO_new_file(infile, "rb"))) {
if (infile) {
if (!(in = BIO_new_file(infile, "rb"))) {
BIO_printf(bio_err, "Error Reading Input File\n");
ERR_print_errors(bio_err);
goto end;
}
} else in = BIO_new_fp(stdin, BIO_NOCLOSE);
} else
in = BIO_new_fp(stdin, BIO_NOCLOSE);
if(outfile) {
if(!(out = BIO_new_file(outfile, "wb"))) {
if (outfile) {
if (!(out = BIO_new_file(outfile, "wb"))) {
BIO_printf(bio_err, "Error Reading Output File\n");
ERR_print_errors(bio_err);
goto end;
}
} else {
out = BIO_new_fp(stdout, BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
# ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
out = BIO_push(tmpbio, out);
}
#endif
# endif
}
keysize = RSA_size(rsa);
@ -262,27 +271,28 @@ int MAIN(int argc, char **argv)
/* Read the input data */
rsa_inlen = BIO_read(in, rsa_in, keysize * 2);
if(rsa_inlen <= 0) {
if (rsa_inlen <= 0) {
BIO_printf(bio_err, "Error reading input Data\n");
exit(1);
}
if(rev) {
if (rev) {
int i;
unsigned char ctmp;
for(i = 0; i < rsa_inlen/2; i++) {
for (i = 0; i < rsa_inlen / 2; i++) {
ctmp = rsa_in[i];
rsa_in[i] = rsa_in[rsa_inlen - 1 - i];
rsa_in[rsa_inlen - 1 - i] = ctmp;
}
}
switch(rsa_mode) {
switch (rsa_mode) {
case RSA_VERIFY:
rsa_outlen = RSA_public_decrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
break;
case RSA_SIGN:
rsa_outlen = RSA_private_encrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
rsa_outlen =
RSA_private_encrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
break;
case RSA_ENCRYPT:
@ -290,30 +300,36 @@ int MAIN(int argc, char **argv)
break;
case RSA_DECRYPT:
rsa_outlen = RSA_private_decrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
rsa_outlen =
RSA_private_decrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
break;
}
if(rsa_outlen <= 0) {
if (rsa_outlen <= 0) {
BIO_printf(bio_err, "RSA operation error\n");
ERR_print_errors(bio_err);
goto end;
}
ret = 0;
if(asn1parse) {
if(!ASN1_parse_dump(out, rsa_out, rsa_outlen, 1, -1)) {
if (asn1parse) {
if (!ASN1_parse_dump(out, rsa_out, rsa_outlen, 1, -1)) {
ERR_print_errors(bio_err);
}
} else if(hexdump) BIO_dump(out, (char *)rsa_out, rsa_outlen);
else BIO_write(out, rsa_out, rsa_outlen);
} else if (hexdump)
BIO_dump(out, (char *)rsa_out, rsa_outlen);
else
BIO_write(out, rsa_out, rsa_outlen);
end:
RSA_free(rsa);
BIO_free(in);
BIO_free_all(out);
if(rsa_in) OPENSSL_free(rsa_in);
if(rsa_out) OPENSSL_free(rsa_out);
if(passin) OPENSSL_free(passin);
if (rsa_in)
OPENSSL_free(rsa_in);
if (rsa_out)
OPENSSL_free(rsa_out);
if (passin)
OPENSSL_free(passin);
return ret;
}
@ -325,27 +341,30 @@ static void usage()
BIO_printf(bio_err, "-inkey file input key\n");
BIO_printf(bio_err, "-keyform arg private key format - default PEM\n");
BIO_printf(bio_err, "-pubin input is an RSA public\n");
BIO_printf(bio_err, "-certin input is a certificate carrying an RSA public key\n");
BIO_printf(bio_err,
"-certin input is a certificate carrying an RSA public key\n");
BIO_printf(bio_err, "-ssl use SSL v2 padding\n");
BIO_printf(bio_err, "-raw use no padding\n");
BIO_printf(bio_err, "-pkcs use PKCS#1 v1.5 padding (default)\n");
BIO_printf(bio_err,
"-pkcs use PKCS#1 v1.5 padding (default)\n");
BIO_printf(bio_err, "-oaep use PKCS#1 OAEP\n");
BIO_printf(bio_err, "-sign sign with private key\n");
BIO_printf(bio_err, "-verify verify with public key\n");
BIO_printf(bio_err, "-encrypt encrypt with public key\n");
BIO_printf(bio_err, "-decrypt decrypt with private key\n");
BIO_printf(bio_err, "-hexdump hex dump output\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n");
BIO_printf (bio_err, "-passin arg pass phrase source\n");
#endif
# ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err,
"-engine e use engine e, possibly a hardware device.\n");
BIO_printf(bio_err, "-passin arg pass phrase source\n");
# endif
}
#else /* !OPENSSL_NO_RSA */
# if PEDANTIC
static void *dummy=&dummy;
static void *dummy = &dummy;
# endif
#endif

65
apps/s_apps.h
View File

@ -110,46 +110,51 @@
*/
/* conflicts with winsock2 stuff on netware */
#if !defined(OPENSSL_SYS_NETWARE)
#include <sys/types.h>
# include <sys/types.h>
#endif
#include <openssl/opensslconf.h>
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
#include <conio.h>
# include <conio.h>
#endif
#if defined(OPENSSL_SYS_MSDOS) && !defined(_WIN32)
#define _kbhit kbhit
# define _kbhit kbhit
#endif
#if defined(OPENSSL_SYS_VMS) && !defined(FD_SET)
/* VAX C does not defined fd_set and friends, but it's actually quite simple */
/*
* VAX C does not defined fd_set and friends, but it's actually quite simple
*/
/* These definitions are borrowed from SOCKETSHR. /Richard Levitte */
#define MAX_NOFILE 32
#define NBBY 8 /* number of bits in a byte */
# define MAX_NOFILE 32
# define NBBY 8 /* number of bits in a byte */
#ifndef FD_SETSIZE
#define FD_SETSIZE MAX_NOFILE
#endif /* FD_SETSIZE */
# ifndef FD_SETSIZE
# define FD_SETSIZE MAX_NOFILE
# endif /* FD_SETSIZE */
/* How many things we'll allow select to use. 0 if unlimited */
#define MAXSELFD MAX_NOFILE
# define MAXSELFD MAX_NOFILE
typedef int fd_mask; /* int here! VMS prototypes int, not long */
#define NFDBITS (sizeof(fd_mask) * NBBY) /* bits per mask (power of 2!)*/
#define NFDSHIFT 5 /* Shift based on above */
# define NFDBITS (sizeof(fd_mask) * NBBY)/* bits per mask (power of 2!) */
# define NFDSHIFT 5 /* Shift based on above */
typedef fd_mask fd_set;
#define FD_SET(n, p) (*(p) |= (1 << ((n) % NFDBITS)))
#define FD_CLR(n, p) (*(p) &= ~(1 << ((n) % NFDBITS)))
#define FD_ISSET(n, p) (*(p) & (1 << ((n) % NFDBITS)))
#define FD_ZERO(p) memset((char *)(p), 0, sizeof(*(p)))
# define FD_SET(n, p) (*(p) |= (1 << ((n) % NFDBITS)))
# define FD_CLR(n, p) (*(p) &= ~(1 << ((n) % NFDBITS)))
# define FD_ISSET(n, p) (*(p) & (1 << ((n) % NFDBITS)))
# define FD_ZERO(p) memset((char *)(p), 0, sizeof(*(p)))
#endif
#define PORT 4433
#define PORT_STR "4433"
#define PROTOCOL "tcp"
int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, int stype, unsigned char *context), unsigned char *context, int naccept);
int do_server(int port, int type, int *ret,
int (*cb) (char *hostname, int s, int stype,
unsigned char *context), unsigned char *context,
int naccept);
#ifdef HEADER_X509_H
int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
#endif
@ -165,21 +170,24 @@ int ssl_print_tmp_key(BIO *out, SSL *s);
int init_client(int *sock, char *server, int port, int type);
int should_retry(int i);
int extract_port(char *str, short *port_ptr);
int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p);
int extract_host_port(char *str, char **host_ptr, unsigned char *ip,
short *p);
long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
int argi, long argl, long ret);
#ifdef HEADER_SSL_H
void MS_CALLBACK apps_ssl_info_callback(const SSL *s, int where, int ret);
void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg);
void MS_CALLBACK msg_cb(int write_p, int version, int content_type,
const void *buf, size_t len, SSL *ssl, void *arg);
void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type,
unsigned char *data, int len,
void *arg);
unsigned char *data, int len, void *arg);
#endif
int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len);
int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int cookie_len);
int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie,
unsigned int *cookie_len);
int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie,
unsigned int cookie_len);
typedef struct ssl_excert_st SSL_EXCERT;
@ -194,9 +202,10 @@ int args_ssl(char ***pargs, int *pargc, SSL_CONF_CTX *cctx,
int *badarg, BIO *err, STACK_OF(OPENSSL_STRING) **pstr);
int args_ssl_call(SSL_CTX *ctx, BIO *err, SSL_CONF_CTX *cctx,
STACK_OF(OPENSSL_STRING) *str, int no_ecdhe, int no_jpake);
int ssl_ctx_add_crls(SSL_CTX *ctx, STACK_OF(X509_CRL) *crls, int crl_download);
int ssl_load_stores(SSL_CTX *ctx,
const char *vfyCApath, const char *vfyCAfile,
const char *chCApath, const char *chCAfile,
STACK_OF(X509_CRL) *crls, int crl_download);
int ssl_ctx_add_crls(SSL_CTX *ctx, STACK_OF(X509_CRL) *crls,
int crl_download);
int ssl_load_stores(SSL_CTX *ctx, const char *vfyCApath,
const char *vfyCAfile, const char *chCApath,
const char *chCAfile, STACK_OF(X509_CRL) *crls,
int crl_download);
#endif

762
apps/s_cb.c
View File

File diff suppressed because it is too large Load Diff

2164
apps/s_client.c
View File

File diff suppressed because it is too large Load Diff

3036
apps/s_server.c
View File

File diff suppressed because it is too large Load Diff

667
apps/s_socket.c
View File

@ -1,4 +1,6 @@
/* apps/s_socket.c - socket-related functions used by s_client and s_server */
/*
* apps/s_socket.c - socket-related functions used by s_client and s_server
*/
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -63,17 +65,19 @@
#include <signal.h>
#ifdef FLAT_INC
#include "e_os2.h"
# include "e_os2.h"
#else
#include "../e_os2.h"
# include "../e_os2.h"
#endif
/* With IPv6, it looks like Digital has mixed up the proper order of
recursive header file inclusion, resulting in the compiler complaining
that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which
is needed to have fileno() declared correctly... So let's define u_int */
/*
* With IPv6, it looks like Digital has mixed up the proper order of
* recursive header file inclusion, resulting in the compiler complaining
* that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which is
* needed to have fileno() declared correctly... So let's define u_int
*/
#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT)
#define __U_INT
# define __U_INT
typedef unsigned int u_int;
#endif
@ -86,340 +90,342 @@ typedef unsigned int u_int;
#include <openssl/ssl.h>
#ifdef FLAT_INC
#include "e_os.h"
# include "e_os.h"
#else
#include "../e_os.h"
# include "../e_os.h"
#endif
#ifndef OPENSSL_NO_SOCK
#if defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_BSDSOCK)
#include "netdb.h"
#endif
# if defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_BSDSOCK)
# include "netdb.h"
# endif
static struct hostent *GetHostByName(char *name);
#if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
# if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
static void ssl_sock_cleanup(void);
#endif
# endif
static int ssl_sock_init(void);
static int init_client_ip(int *sock,unsigned char ip[4], int port, int type);
static int init_client_ip(int *sock, unsigned char ip[4], int port, int type);
static int init_server(int *sock, int port, int type);
static int init_server_long(int *sock, int port,char *ip, int type);
static int init_server_long(int *sock, int port, char *ip, int type);
static int do_accept(int acc_sock, int *sock, char **host);
static int host_ip(char *str, unsigned char ip[4]);
#ifdef OPENSSL_SYS_WIN16
#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
#else
#define SOCKET_PROTOCOL IPPROTO_TCP
#endif
# ifdef OPENSSL_SYS_WIN16
# define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
# else
# define SOCKET_PROTOCOL IPPROTO_TCP
# endif
#if defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
static int wsa_init_done=0;
#endif
# if defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
static int wsa_init_done = 0;
# endif
#ifdef OPENSSL_SYS_WINDOWS
# ifdef OPENSSL_SYS_WINDOWS
static struct WSAData wsa_state;
static int wsa_init_done=0;
static int wsa_init_done = 0;
#ifdef OPENSSL_SYS_WIN16
static HWND topWnd=0;
static FARPROC lpTopWndProc=NULL;
static FARPROC lpTopHookProc=NULL;
# ifdef OPENSSL_SYS_WIN16
static HWND topWnd = 0;
static FARPROC lpTopWndProc = NULL;
static FARPROC lpTopHookProc = NULL;
extern HINSTANCE _hInstance; /* nice global CRT provides */
static LONG FAR PASCAL topHookProc(HWND hwnd, UINT message, WPARAM wParam,
LPARAM lParam)
{
if (hwnd == topWnd)
{
switch(message)
{
{
if (hwnd == topWnd) {
switch (message) {
case WM_DESTROY:
case WM_CLOSE:
SetWindowLong(topWnd,GWL_WNDPROC,(LONG)lpTopWndProc);
SetWindowLong(topWnd, GWL_WNDPROC, (LONG) lpTopWndProc);
ssl_sock_cleanup();
break;
}
}
return CallWindowProc(lpTopWndProc,hwnd,message,wParam,lParam);
}
return CallWindowProc(lpTopWndProc, hwnd, message, wParam, lParam);
}
static BOOL CALLBACK enumproc(HWND hwnd,LPARAM lParam)
{
topWnd=hwnd;
return(FALSE);
}
static BOOL CALLBACK enumproc(HWND hwnd, LPARAM lParam)
{
topWnd = hwnd;
return (FALSE);
}
#endif /* OPENSSL_SYS_WIN32 */
#endif /* OPENSSL_SYS_WINDOWS */
# endif /* OPENSSL_SYS_WIN32 */
# endif /* OPENSSL_SYS_WINDOWS */
#ifdef OPENSSL_SYS_WINDOWS
# ifdef OPENSSL_SYS_WINDOWS
static void ssl_sock_cleanup(void)
{
if (wsa_init_done)
{
wsa_init_done=0;
#ifndef OPENSSL_SYS_WINCE
{
if (wsa_init_done) {
wsa_init_done = 0;
# ifndef OPENSSL_SYS_WINCE
WSACancelBlockingCall();
#endif
# endif
WSACleanup();
}
}
#elif defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
}
# elif defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
static void sock_cleanup(void)
{
if (wsa_init_done)
{
wsa_init_done=0;
{
if (wsa_init_done) {
wsa_init_done = 0;
WSACleanup();
}
}
#endif
}
# endif
static int ssl_sock_init(void)
{
#ifdef WATT32
{
# ifdef WATT32
extern int _watt_do_exit;
_watt_do_exit = 0;
if (sock_init())
return (0);
#elif defined(OPENSSL_SYS_WINDOWS)
if (!wsa_init_done)
{
# elif defined(OPENSSL_SYS_WINDOWS)
if (!wsa_init_done) {
int err;
#ifdef SIGINT
signal(SIGINT,(void (*)(int))ssl_sock_cleanup);
#endif
wsa_init_done=1;
memset(&wsa_state,0,sizeof(wsa_state));
if (WSAStartup(0x0101,&wsa_state)!=0)
{
err=WSAGetLastError();
BIO_printf(bio_err,"unable to start WINSOCK, error code=%d\n",err);
return(0);
# ifdef SIGINT
signal(SIGINT, (void (*)(int))ssl_sock_cleanup);
# endif
wsa_init_done = 1;
memset(&wsa_state, 0, sizeof(wsa_state));
if (WSAStartup(0x0101, &wsa_state) != 0) {
err = WSAGetLastError();
BIO_printf(bio_err, "unable to start WINSOCK, error code=%d\n",
err);
return (0);
}
# ifdef OPENSSL_SYS_WIN16
EnumTaskWindows(GetCurrentTask(), enumproc, 0L);
lpTopWndProc = (FARPROC) GetWindowLong(topWnd, GWL_WNDPROC);
lpTopHookProc = MakeProcInstance((FARPROC) topHookProc, _hInstance);
#ifdef OPENSSL_SYS_WIN16
EnumTaskWindows(GetCurrentTask(),enumproc,0L);
lpTopWndProc=(FARPROC)GetWindowLong(topWnd,GWL_WNDPROC);
lpTopHookProc=MakeProcInstance((FARPROC)topHookProc,_hInstance);
SetWindowLong(topWnd,GWL_WNDPROC,(LONG)lpTopHookProc);
#endif /* OPENSSL_SYS_WIN16 */
SetWindowLong(topWnd, GWL_WNDPROC, (LONG) lpTopHookProc);
# endif /* OPENSSL_SYS_WIN16 */
}
#elif defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
# elif defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
WORD wVerReq;
WSADATA wsaData;
int err;
if (!wsa_init_done)
{
if (!wsa_init_done) {
# ifdef SIGINT
signal(SIGINT,(void (*)(int))sock_cleanup);
signal(SIGINT, (void (*)(int))sock_cleanup);
# endif
wsa_init_done=1;
wVerReq = MAKEWORD( 2, 0 );
err = WSAStartup(wVerReq,&wsaData);
if (err != 0)
{
BIO_printf(bio_err,"unable to start WINSOCK2, error code=%d\n",err);
return(0);
wsa_init_done = 1;
wVerReq = MAKEWORD(2, 0);
err = WSAStartup(wVerReq, &wsaData);
if (err != 0) {
BIO_printf(bio_err, "unable to start WINSOCK2, error code=%d\n",
err);
return (0);
}
}
#endif /* OPENSSL_SYS_WINDOWS */
return(1);
}
# endif /* OPENSSL_SYS_WINDOWS */
return (1);
}
int init_client(int *sock, char *host, int port, int type)
{
{
unsigned char ip[4];
memset(ip, '\0', sizeof ip);
if (!host_ip(host,&(ip[0])))
if (!host_ip(host, &(ip[0])))
return 0;
return init_client_ip(sock,ip,port,type);
}
return init_client_ip(sock, ip, port, type);
}
static int init_client_ip(int *sock, unsigned char ip[4], int port, int type)
{
{
unsigned long addr;
struct sockaddr_in them;
int s,i;
int s, i;
if (!ssl_sock_init()) return(0);
if (!ssl_sock_init())
return (0);
memset((char *)&them,0,sizeof(them));
them.sin_family=AF_INET;
them.sin_port=htons((unsigned short)port);
addr=(unsigned long)
((unsigned long)ip[0]<<24L)|
((unsigned long)ip[1]<<16L)|
((unsigned long)ip[2]<< 8L)|
((unsigned long)ip[3]);
them.sin_addr.s_addr=htonl(addr);
memset((char *)&them, 0, sizeof(them));
them.sin_family = AF_INET;
them.sin_port = htons((unsigned short)port);
addr = (unsigned long)
((unsigned long)ip[0] << 24L) |
((unsigned long)ip[1] << 16L) |
((unsigned long)ip[2] << 8L) | ((unsigned long)ip[3]);
them.sin_addr.s_addr = htonl(addr);
if (type == SOCK_STREAM)
s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
s = socket(AF_INET, SOCK_STREAM, SOCKET_PROTOCOL);
else /* ( type == SOCK_DGRAM) */
s=socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP);
s = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
if (s == INVALID_SOCKET) { perror("socket"); return(0); }
#if defined(SO_KEEPALIVE) && !defined(OPENSSL_SYS_MPE)
if (type == SOCK_STREAM)
{
i=0;
i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
if (i < 0) { closesocket(s); perror("keepalive"); return(0); }
if (s == INVALID_SOCKET) {
perror("socket");
return (0);
}
#endif
if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1)
{ closesocket(s); perror("connect"); return(0); }
*sock=s;
return(1);
# if defined(SO_KEEPALIVE) && !defined(OPENSSL_SYS_MPE)
if (type == SOCK_STREAM) {
i = 0;
i = setsockopt(s, SOL_SOCKET, SO_KEEPALIVE, (char *)&i, sizeof(i));
if (i < 0) {
closesocket(s);
perror("keepalive");
return (0);
}
}
# endif
int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, int stype, unsigned char *context), unsigned char *context, int naccept)
{
if (connect(s, (struct sockaddr *)&them, sizeof(them)) == -1) {
closesocket(s);
perror("connect");
return (0);
}
*sock = s;
return (1);
}
int do_server(int port, int type, int *ret,
int (*cb) (char *hostname, int s, int stype,
unsigned char *context), unsigned char *context,
int naccept)
{
int sock;
char *name = NULL;
int accept_socket = 0;
int i;
if (!init_server(&accept_socket,port,type)) return(0);
if (!init_server(&accept_socket, port, type))
return (0);
if (ret != NULL)
{
*ret=accept_socket;
/* return(1);*/
if (ret != NULL) {
*ret = accept_socket;
/* return(1); */
}
for (;;)
{
if (type==SOCK_STREAM)
{
if (do_accept(accept_socket,&sock,&name) == 0)
{
for (;;) {
if (type == SOCK_STREAM) {
if (do_accept(accept_socket, &sock, &name) == 0) {
SHUTDOWN(accept_socket);
return(0);
return (0);
}
}
else
} else
sock = accept_socket;
i=(*cb)(name,sock, type, context);
if (name != NULL) OPENSSL_free(name);
if (type==SOCK_STREAM)
i = (*cb) (name, sock, type, context);
if (name != NULL)
OPENSSL_free(name);
if (type == SOCK_STREAM)
SHUTDOWN2(sock);
if (naccept != -1)
naccept--;
if (i < 0 || naccept == 0)
{
if (i < 0 || naccept == 0) {
SHUTDOWN2(accept_socket);
return(i);
}
return (i);
}
}
}
static int init_server_long(int *sock, int port, char *ip, int type)
{
int ret=0;
{
int ret = 0;
struct sockaddr_in server;
int s= -1;
int s = -1;
if (!ssl_sock_init()) return(0);
if (!ssl_sock_init())
return (0);
memset((char *)&server,0,sizeof(server));
server.sin_family=AF_INET;
server.sin_port=htons((unsigned short)port);
memset((char *)&server, 0, sizeof(server));
server.sin_family = AF_INET;
server.sin_port = htons((unsigned short)port);
if (ip == NULL)
server.sin_addr.s_addr=INADDR_ANY;
server.sin_addr.s_addr = INADDR_ANY;
else
/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */
#ifndef BIT_FIELD_LIMITS
memcpy(&server.sin_addr.s_addr,ip,4);
#else
memcpy(&server.sin_addr,ip,4);
#endif
# ifndef BIT_FIELD_LIMITS
memcpy(&server.sin_addr.s_addr, ip, 4);
# else
memcpy(&server.sin_addr, ip, 4);
# endif
if (type == SOCK_STREAM)
s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
s = socket(AF_INET, SOCK_STREAM, SOCKET_PROTOCOL);
else /* type == SOCK_DGRAM */
s=socket(AF_INET, SOCK_DGRAM,IPPROTO_UDP);
s = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
if (s == INVALID_SOCKET) goto err;
#if defined SOL_SOCKET && defined SO_REUSEADDR
if (s == INVALID_SOCKET)
goto err;
# if defined SOL_SOCKET && defined SO_REUSEADDR
{
int j = 1;
setsockopt(s, SOL_SOCKET, SO_REUSEADDR,
(void *) &j, sizeof j);
setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void *)&j, sizeof j);
}
#endif
if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1)
{
#ifndef OPENSSL_SYS_WINDOWS
# endif
if (bind(s, (struct sockaddr *)&server, sizeof(server)) == -1) {
# ifndef OPENSSL_SYS_WINDOWS
perror("bind");
#endif
# endif
goto err;
}
/* Make it 128 for linux */
if (type==SOCK_STREAM && listen(s,128) == -1) goto err;
*sock=s;
ret=1;
err:
if ((ret == 0) && (s != -1))
{
if (type == SOCK_STREAM && listen(s, 128) == -1)
goto err;
*sock = s;
ret = 1;
err:
if ((ret == 0) && (s != -1)) {
SHUTDOWN(s);
}
return(ret);
}
return (ret);
}
static int init_server(int *sock, int port, int type)
{
return(init_server_long(sock, port, NULL, type));
}
{
return (init_server_long(sock, port, NULL, type));
}
static int do_accept(int acc_sock, int *sock, char **host)
{
{
int ret;
struct hostent *h1,*h2;
struct hostent *h1, *h2;
static struct sockaddr_in from;
int len;
/* struct linger ling; */
if (!ssl_sock_init()) return(0);
if (!ssl_sock_init())
return (0);
#ifndef OPENSSL_SYS_WINDOWS
redoit:
#endif
# ifndef OPENSSL_SYS_WINDOWS
redoit:
# endif
memset((char *)&from,0,sizeof(from));
len=sizeof(from);
/* Note: under VMS with SOCKETSHR the fourth parameter is currently
* of type (int *) whereas under other systems it is (void *) if
* you don't have a cast it will choke the compiler: if you do
* have a cast then you can either go for (int *) or (void *).
memset((char *)&from, 0, sizeof(from));
len = sizeof(from);
/*
* Note: under VMS with SOCKETSHR the fourth parameter is currently of
* type (int *) whereas under other systems it is (void *) if you don't
* have a cast it will choke the compiler: if you do have a cast then you
* can either go for (int *) or (void *).
*/
ret=accept(acc_sock,(struct sockaddr *)&from,(void *)&len);
if (ret == INVALID_SOCKET)
{
#if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
ret = accept(acc_sock, (struct sockaddr *)&from, (void *)&len);
if (ret == INVALID_SOCKET) {
# if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
int i;
i=WSAGetLastError();
BIO_printf(bio_err,"accept error %d\n",i);
#else
if (errno == EINTR)
{
/*check_timeout(); */
i = WSAGetLastError();
BIO_printf(bio_err, "accept error %d\n", i);
# else
if (errno == EINTR) {
/*
* check_timeout();
*/
goto redoit;
}
fprintf(stderr,"errno=%d ",errno);
fprintf(stderr, "errno=%d ", errno);
perror("accept");
#endif
return(0);
# endif
return (0);
}
/*-
@ -432,193 +438,176 @@ redoit:
if (i < 0) { perror("keepalive"); return(0); }
*/
if (host == NULL) goto end;
#ifndef BIT_FIELD_LIMITS
if (host == NULL)
goto end;
# ifndef BIT_FIELD_LIMITS
/* I should use WSAAsyncGetHostByName() under windows */
h1=gethostbyaddr((char *)&from.sin_addr.s_addr,
sizeof(from.sin_addr.s_addr),AF_INET);
#else
h1=gethostbyaddr((char *)&from.sin_addr,
sizeof(struct in_addr),AF_INET);
#endif
if (h1 == NULL)
{
BIO_printf(bio_err,"bad gethostbyaddr\n");
*host=NULL;
h1 = gethostbyaddr((char *)&from.sin_addr.s_addr,
sizeof(from.sin_addr.s_addr), AF_INET);
# else
h1 = gethostbyaddr((char *)&from.sin_addr,
sizeof(struct in_addr), AF_INET);
# endif
if (h1 == NULL) {
BIO_printf(bio_err, "bad gethostbyaddr\n");
*host = NULL;
/* return(0); */
}
else
{
if ((*host=(char *)OPENSSL_malloc(strlen(h1->h_name)+1)) == NULL)
{
} else {
if ((*host = (char *)OPENSSL_malloc(strlen(h1->h_name) + 1)) == NULL) {
perror("OPENSSL_malloc");
closesocket(ret);
return(0);
return (0);
}
BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1);
BUF_strlcpy(*host, h1->h_name, strlen(h1->h_name) + 1);
h2=GetHostByName(*host);
if (h2 == NULL)
{
BIO_printf(bio_err,"gethostbyname failure\n");
h2 = GetHostByName(*host);
if (h2 == NULL) {
BIO_printf(bio_err, "gethostbyname failure\n");
closesocket(ret);
return(0);
return (0);
}
if (h2->h_addrtype != AF_INET)
{
BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
if (h2->h_addrtype != AF_INET) {
BIO_printf(bio_err, "gethostbyname addr is not AF_INET\n");
closesocket(ret);
return(0);
return (0);
}
}
end:
*sock=ret;
return(1);
}
end:
*sock = ret;
return (1);
}
int extract_host_port(char *str, char **host_ptr, unsigned char *ip,
short *port_ptr)
{
char *h,*p;
{
char *h, *p;
h=str;
p=strchr(str,':');
if (p == NULL)
{
BIO_printf(bio_err,"no port defined\n");
return(0);
h = str;
p = strchr(str, ':');
if (p == NULL) {
BIO_printf(bio_err, "no port defined\n");
return (0);
}
*(p++)='\0';
*(p++) = '\0';
if ((ip != NULL) && !host_ip(str,ip))
if ((ip != NULL) && !host_ip(str, ip))
goto err;
if (host_ptr != NULL) *host_ptr=h;
if (host_ptr != NULL)
*host_ptr = h;
if (!extract_port(p,port_ptr))
if (!extract_port(p, port_ptr))
goto err;
return(1);
err:
return(0);
}
return (1);
err:
return (0);
}
static int host_ip(char *str, unsigned char ip[4])
{
{
unsigned int in[4];
int i;
if (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4)
{
for (i=0; i<4; i++)
if (in[i] > 255)
{
BIO_printf(bio_err,"invalid IP address\n");
if (sscanf(str, "%u.%u.%u.%u", &(in[0]), &(in[1]), &(in[2]), &(in[3])) ==
4) {
for (i = 0; i < 4; i++)
if (in[i] > 255) {
BIO_printf(bio_err, "invalid IP address\n");
goto err;
}
ip[0]=in[0];
ip[1]=in[1];
ip[2]=in[2];
ip[3]=in[3];
}
else
{ /* do a gethostbyname */
ip[0] = in[0];
ip[1] = in[1];
ip[2] = in[2];
ip[3] = in[3];
} else { /* do a gethostbyname */
struct hostent *he;
if (!ssl_sock_init()) return(0);
if (!ssl_sock_init())
return (0);
he=GetHostByName(str);
if (he == NULL)
{
BIO_printf(bio_err,"gethostbyname failure\n");
he = GetHostByName(str);
if (he == NULL) {
BIO_printf(bio_err, "gethostbyname failure\n");
goto err;
}
/* cast to short because of win16 winsock definition */
if ((short)he->h_addrtype != AF_INET)
{
BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
return(0);
if ((short)he->h_addrtype != AF_INET) {
BIO_printf(bio_err, "gethostbyname addr is not AF_INET\n");
return (0);
}
ip[0]=he->h_addr_list[0][0];
ip[1]=he->h_addr_list[0][1];
ip[2]=he->h_addr_list[0][2];
ip[3]=he->h_addr_list[0][3];
}
return(1);
err:
return(0);
ip[0] = he->h_addr_list[0][0];
ip[1] = he->h_addr_list[0][1];
ip[2] = he->h_addr_list[0][2];
ip[3] = he->h_addr_list[0][3];
}
return (1);
err:
return (0);
}
int extract_port(char *str, short *port_ptr)
{
{
int i;
struct servent *s;
i=atoi(str);
i = atoi(str);
if (i != 0)
*port_ptr=(unsigned short)i;
else
{
s=getservbyname(str,"tcp");
if (s == NULL)
{
BIO_printf(bio_err,"getservbyname failure for %s\n",str);
return(0);
*port_ptr = (unsigned short)i;
else {
s = getservbyname(str, "tcp");
if (s == NULL) {
BIO_printf(bio_err, "getservbyname failure for %s\n", str);
return (0);
}
*port_ptr=ntohs((unsigned short)s->s_port);
}
return(1);
*port_ptr = ntohs((unsigned short)s->s_port);
}
return (1);
}
#define GHBN_NUM 4
static struct ghbn_cache_st
{
# define GHBN_NUM 4
static struct ghbn_cache_st {
char name[128];
struct hostent ent;
unsigned long order;
} ghbn_cache[GHBN_NUM];
} ghbn_cache[GHBN_NUM];
static unsigned long ghbn_hits=0L;
static unsigned long ghbn_miss=0L;
static unsigned long ghbn_hits = 0L;
static unsigned long ghbn_miss = 0L;
static struct hostent *GetHostByName(char *name)
{
{
struct hostent *ret;
int i,lowi=0;
unsigned long low= (unsigned long)-1;
int i, lowi = 0;
unsigned long low = (unsigned long)-1;
for (i=0; i<GHBN_NUM; i++)
{
if (low > ghbn_cache[i].order)
{
low=ghbn_cache[i].order;
lowi=i;
for (i = 0; i < GHBN_NUM; i++) {
if (low > ghbn_cache[i].order) {
low = ghbn_cache[i].order;
lowi = i;
}
if (ghbn_cache[i].order > 0)
{
if (strncmp(name,ghbn_cache[i].name,128) == 0)
if (ghbn_cache[i].order > 0) {
if (strncmp(name, ghbn_cache[i].name, 128) == 0)
break;
}
}
if (i == GHBN_NUM) /* no hit*/
{
if (i == GHBN_NUM) { /* no hit */
ghbn_miss++;
ret=gethostbyname(name);
if (ret == NULL) return(NULL);
ret = gethostbyname(name);
if (ret == NULL)
return (NULL);
/* else add to cache */
if(strlen(name) < sizeof ghbn_cache[0].name)
{
strcpy(ghbn_cache[lowi].name,name);
memcpy((char *)&(ghbn_cache[lowi].ent),ret,sizeof(struct hostent));
ghbn_cache[lowi].order=ghbn_miss+ghbn_hits;
if (strlen(name) < sizeof ghbn_cache[0].name) {
strcpy(ghbn_cache[lowi].name, name);
memcpy((char *)&(ghbn_cache[lowi].ent), ret,
sizeof(struct hostent));
ghbn_cache[lowi].order = ghbn_miss + ghbn_hits;
}
return(ret);
}
else
{
return (ret);
} else {
ghbn_hits++;
ret= &(ghbn_cache[i].ent);
ghbn_cache[i].order=ghbn_miss+ghbn_hits;
return(ret);
}
ret = &(ghbn_cache[i].ent);
ghbn_cache[i].order = ghbn_miss + ghbn_hits;
return (ret);
}
}
#endif

493
apps/s_time.c
View File

@ -58,7 +58,7 @@
#define NO_SHUTDOWN
/*-----------------------------------------
/* ----------------------------------------
s_time - SSL client connection timer program
Written and donated by Larry Streepy <streepy@healthcare.com>
-----------------------------------------*/
@ -70,7 +70,7 @@
#define USE_SOCKETS
#include "apps.h"
#ifdef OPENSSL_NO_STDIO
#define APPS_WIN16
# define APPS_WIN16
#endif
#include <openssl/x509.h>
#include <openssl/ssl.h>
@ -78,11 +78,11 @@
#include "s_apps.h"
#include <openssl/err.h>
#ifdef WIN32_STUFF
#include "winmain.h"
#include "wintext.h"
# include "winmain.h"
# include "wintext.h"
#endif
#if !defined(OPENSSL_SYS_MSDOS)
#include OPENSSL_UNISTD
# include OPENSSL_UNISTD
#endif
#undef PROG
@ -94,7 +94,9 @@
#define SSL_CONNECT_NAME "localhost:4433"
/* no default cert. */
/*#define TEST_CERT "client.pem" */
/*
* #define TEST_CERT "client.pem"
*/
#undef BUFSIZZ
#define BUFSIZZ 1024*10
@ -112,8 +114,8 @@ extern int verify_depth;
extern int verify_error;
static void s_time_usage(void);
static int parseArgs( int argc, char **argv );
static SSL *doConnection( SSL *scon );
static int parseArgs(int argc, char **argv);
static SSL *doConnection(SSL *scon);
static void s_time_init(void);
/***********************************************************************
@ -121,51 +123,51 @@ static void s_time_init(void);
*/
/* static char *port=PORT_STR;*/
static char *host=SSL_CONNECT_NAME;
static char *t_cert_file=NULL;
static char *t_key_file=NULL;
static char *CApath=NULL;
static char *CAfile=NULL;
static char *tm_cipher=NULL;
static char *host = SSL_CONNECT_NAME;
static char *t_cert_file = NULL;
static char *t_key_file = NULL;
static char *CApath = NULL;
static char *CAfile = NULL;
static char *tm_cipher = NULL;
static int tm_verify = SSL_VERIFY_NONE;
static int maxTime = SECONDS;
static SSL_CTX *tm_ctx=NULL;
static const SSL_METHOD *s_time_meth=NULL;
static char *s_www_path=NULL;
static long bytes_read=0;
static int st_bugs=0;
static int perform=0;
static SSL_CTX *tm_ctx = NULL;
static const SSL_METHOD *s_time_meth = NULL;
static char *s_www_path = NULL;
static long bytes_read = 0;
static int st_bugs = 0;
static int perform = 0;
#ifdef FIONBIO
static int t_nbio=0;
static int t_nbio = 0;
#endif
#ifdef OPENSSL_SYS_WIN32
static int exitNow = 0; /* Set when it's time to exit main */
#endif
static void s_time_init(void)
{
host=SSL_CONNECT_NAME;
t_cert_file=NULL;
t_key_file=NULL;
CApath=NULL;
CAfile=NULL;
tm_cipher=NULL;
{
host = SSL_CONNECT_NAME;
t_cert_file = NULL;
t_key_file = NULL;
CApath = NULL;
CAfile = NULL;
tm_cipher = NULL;
tm_verify = SSL_VERIFY_NONE;
maxTime = SECONDS;
tm_ctx=NULL;
s_time_meth=NULL;
s_www_path=NULL;
bytes_read=0;
st_bugs=0;
perform=0;
tm_ctx = NULL;
s_time_meth = NULL;
s_www_path = NULL;
bytes_read = 0;
st_bugs = 0;
perform = 0;
#ifdef FIONBIO
t_nbio=0;
t_nbio = 0;
#endif
#ifdef OPENSSL_SYS_WIN32
exitNow = 0; /* Set when it's time to exit main */
#endif
}
}
/***********************************************************************
* usage - display usage message
@ -182,9 +184,10 @@ static void s_time_usage(void)
-CAfile arg - PEM format file of CA's\n\
-cipher - preferred cipher to use, play with 'openssl ciphers'\n\n";
printf( "usage: s_time <args>\n\n" );
printf("usage: s_time <args>\n\n");
printf("-connect host:port - host:port to connect to (default is %s)\n",SSL_CONNECT_NAME);
printf("-connect host:port - host:port to connect to (default is %s)\n",
SSL_CONNECT_NAME);
#ifdef FIONBIO
printf("-nbio - Run with non-blocking IO\n");
printf("-ssl2 - Just use SSLv2\n");
@ -194,7 +197,7 @@ static void s_time_usage(void)
printf("-reuse - Just time connection reuse\n");
printf("-www page - Retrieve 'page' from the site\n");
#endif
printf( umsg,SECONDS );
printf(umsg, SECONDS);
}
/***********************************************************************
@ -206,99 +209,102 @@ static int parseArgs(int argc, char **argv)
{
int badop = 0;
verify_depth=0;
verify_error=X509_V_OK;
verify_depth = 0;
verify_error = X509_V_OK;
argc--;
argv++;
while (argc >= 1) {
if (strcmp(*argv,"-connect") == 0)
{
if (--argc < 1) goto bad;
host= *(++argv);
if (strcmp(*argv, "-connect") == 0) {
if (--argc < 1)
goto bad;
host = *(++argv);
}
#if 0
else if( strcmp(*argv,"-host") == 0)
{
if (--argc < 1) goto bad;
host= *(++argv);
}
else if( strcmp(*argv,"-port") == 0)
{
if (--argc < 1) goto bad;
port= *(++argv);
else if (strcmp(*argv, "-host") == 0) {
if (--argc < 1)
goto bad;
host = *(++argv);
} else if (strcmp(*argv, "-port") == 0) {
if (--argc < 1)
goto bad;
port = *(++argv);
}
#endif
else if (strcmp(*argv,"-reuse") == 0)
perform=2;
else if (strcmp(*argv,"-new") == 0)
perform=1;
else if( strcmp(*argv,"-verify") == 0) {
else if (strcmp(*argv, "-reuse") == 0)
perform = 2;
else if (strcmp(*argv, "-new") == 0)
perform = 1;
else if (strcmp(*argv, "-verify") == 0) {
tm_verify=SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE;
if (--argc < 1) goto bad;
verify_depth=atoi(*(++argv));
BIO_printf(bio_err,"verify depth is %d\n",verify_depth);
tm_verify = SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE;
if (--argc < 1)
goto bad;
verify_depth = atoi(*(++argv));
BIO_printf(bio_err, "verify depth is %d\n", verify_depth);
} else if( strcmp(*argv,"-cert") == 0) {
} else if (strcmp(*argv, "-cert") == 0) {
if (--argc < 1) goto bad;
t_cert_file= *(++argv);
if (--argc < 1)
goto bad;
t_cert_file = *(++argv);
} else if( strcmp(*argv,"-key") == 0) {
} else if (strcmp(*argv, "-key") == 0) {
if (--argc < 1) goto bad;
t_key_file= *(++argv);
if (--argc < 1)
goto bad;
t_key_file = *(++argv);
} else if( strcmp(*argv,"-CApath") == 0) {
} else if (strcmp(*argv, "-CApath") == 0) {
if (--argc < 1) goto bad;
CApath= *(++argv);
if (--argc < 1)
goto bad;
CApath = *(++argv);
} else if( strcmp(*argv,"-CAfile") == 0) {
} else if (strcmp(*argv, "-CAfile") == 0) {
if (--argc < 1) goto bad;
CAfile= *(++argv);
if (--argc < 1)
goto bad;
CAfile = *(++argv);
} else if( strcmp(*argv,"-cipher") == 0) {
} else if (strcmp(*argv, "-cipher") == 0) {
if (--argc < 1) goto bad;
tm_cipher= *(++argv);
if (--argc < 1)
goto bad;
tm_cipher = *(++argv);
}
#ifdef FIONBIO
else if(strcmp(*argv,"-nbio") == 0) {
t_nbio=1;
else if (strcmp(*argv, "-nbio") == 0) {
t_nbio = 1;
}
#endif
else if(strcmp(*argv,"-www") == 0)
{
if (--argc < 1) goto bad;
s_www_path= *(++argv);
if(strlen(s_www_path) > MYBUFSIZ-100)
{
BIO_printf(bio_err,"-www option too long\n");
badop=1;
else if (strcmp(*argv, "-www") == 0) {
if (--argc < 1)
goto bad;
s_www_path = *(++argv);
if (strlen(s_www_path) > MYBUFSIZ - 100) {
BIO_printf(bio_err, "-www option too long\n");
badop = 1;
}
}
else if(strcmp(*argv,"-bugs") == 0)
st_bugs=1;
} else if (strcmp(*argv, "-bugs") == 0)
st_bugs = 1;
#ifndef OPENSSL_NO_SSL2
else if(strcmp(*argv,"-ssl2") == 0)
s_time_meth=SSLv2_client_method();
else if (strcmp(*argv, "-ssl2") == 0)
s_time_meth = SSLv2_client_method();
#endif
#ifndef OPENSSL_NO_SSL3
else if(strcmp(*argv,"-ssl3") == 0)
s_time_meth=SSLv3_client_method();
else if (strcmp(*argv, "-ssl3") == 0)
s_time_meth = SSLv3_client_method();
#endif
else if( strcmp(*argv,"-time") == 0) {
else if (strcmp(*argv, "-time") == 0) {
if (--argc < 1) goto bad;
maxTime= atoi(*(++argv));
}
else {
BIO_printf(bio_err,"unknown option %s\n",*argv);
badop=1;
if (--argc < 1)
goto bad;
maxTime = atoi(*(++argv));
} else {
BIO_printf(bio_err, "unknown option %s\n", *argv);
badop = 1;
break;
}
@ -306,10 +312,11 @@ static int parseArgs(int argc, char **argv)
argv++;
}
if (perform == 0) perform=3;
if (perform == 0)
perform = 3;
if(badop) {
bad:
if (badop) {
bad:
s_time_usage();
return -1;
}
@ -324,9 +331,9 @@ bad:
#define STOP 1
static double tm_Time_F(int s)
{
return app_tminterval(s,1);
}
{
return app_tminterval(s, 1);
}
/***********************************************************************
* MAIN - main processing area for client
@ -335,43 +342,46 @@ static double tm_Time_F(int s)
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
{
double totalTime = 0.0;
int nConn = 0;
SSL *scon=NULL;
long finishtime=0;
int ret=1,i;
MS_STATIC char buf[1024*8];
SSL *scon = NULL;
long finishtime = 0;
int ret = 1, i;
MS_STATIC char buf[1024 * 8];
int ver;
apps_startup();
s_time_init();
if (bio_err == NULL)
bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
s_time_meth=SSLv23_client_method();
s_time_meth = SSLv23_client_method();
/* parse the command line arguments */
if( parseArgs( argc, argv ) < 0 )
if (parseArgs(argc, argv) < 0)
goto end;
OpenSSL_add_ssl_algorithms();
if ((tm_ctx=SSL_CTX_new(s_time_meth)) == NULL) return(1);
if ((tm_ctx = SSL_CTX_new(s_time_meth)) == NULL)
return (1);
SSL_CTX_set_quiet_shutdown(tm_ctx,1);
SSL_CTX_set_quiet_shutdown(tm_ctx, 1);
if (st_bugs) SSL_CTX_set_options(tm_ctx,SSL_OP_ALL);
SSL_CTX_set_cipher_list(tm_ctx,tm_cipher);
if(!set_cert_stuff(tm_ctx,t_cert_file,t_key_file))
if (st_bugs)
SSL_CTX_set_options(tm_ctx, SSL_OP_ALL);
SSL_CTX_set_cipher_list(tm_ctx, tm_cipher);
if (!set_cert_stuff(tm_ctx, t_cert_file, t_key_file))
goto end;
SSL_load_error_strings();
if ((!SSL_CTX_load_verify_locations(tm_ctx,CAfile,CApath)) ||
(!SSL_CTX_set_default_verify_paths(tm_ctx)))
{
/* BIO_printf(bio_err,"error setting default verify locations\n"); */
if ((!SSL_CTX_load_verify_locations(tm_ctx, CAfile, CApath)) ||
(!SSL_CTX_set_default_verify_paths(tm_ctx))) {
/*
* BIO_printf(bio_err,"error setting default verify locations\n");
*/
ERR_print_errors(bio_err);
/* goto end; */
}
@ -379,43 +389,43 @@ int MAIN(int argc, char **argv)
if (tm_cipher == NULL)
tm_cipher = getenv("SSL_CIPHER");
if (tm_cipher == NULL ) {
fprintf( stderr, "No CIPHER specified\n" );
if (tm_cipher == NULL) {
fprintf(stderr, "No CIPHER specified\n");
}
if (!(perform & 1)) goto next;
printf( "Collecting connection statistics for %d seconds\n", maxTime );
if (!(perform & 1))
goto next;
printf("Collecting connection statistics for %d seconds\n", maxTime);
/* Loop and time how long it takes to make connections */
bytes_read=0;
finishtime=(long)time(NULL)+maxTime;
bytes_read = 0;
finishtime = (long)time(NULL) + maxTime;
tm_Time_F(START);
for (;;)
{
if (finishtime < (long)time(NULL)) break;
for (;;) {
if (finishtime < (long)time(NULL))
break;
#ifdef WIN32_STUFF
if( flushWinMsgs(0) == -1 )
if (flushWinMsgs(0) == -1)
goto end;
if( waitingToDie || exitNow ) /* we're dead */
if (waitingToDie || exitNow) /* we're dead */
goto end;
#endif
if( (scon = doConnection( NULL )) == NULL )
if ((scon = doConnection(NULL)) == NULL)
goto end;
if (s_www_path != NULL)
{
BIO_snprintf(buf,sizeof buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
SSL_write(scon,buf,strlen(buf));
while ((i=SSL_read(scon,buf,sizeof(buf))) > 0)
bytes_read+=i;
if (s_www_path != NULL) {
BIO_snprintf(buf, sizeof buf, "GET %s HTTP/1.0\r\n\r\n",
s_www_path);
SSL_write(scon, buf, strlen(buf));
while ((i = SSL_read(scon, buf, sizeof(buf))) > 0)
bytes_read += i;
}
#ifdef NO_SHUTDOWN
SSL_set_shutdown(scon,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
#else
SSL_shutdown(scon);
#endif
@ -423,53 +433,56 @@ int MAIN(int argc, char **argv)
nConn += 1;
if (SSL_session_reused(scon))
ver='r';
else
{
ver=SSL_version(scon);
ver = 'r';
else {
ver = SSL_version(scon);
if (ver == TLS1_VERSION)
ver='t';
ver = 't';
else if (ver == SSL3_VERSION)
ver='3';
ver = '3';
else if (ver == SSL2_VERSION)
ver='2';
ver = '2';
else
ver='*';
ver = '*';
}
fputc(ver,stdout);
fputc(ver, stdout);
fflush(stdout);
SSL_free( scon );
scon=NULL;
SSL_free(scon);
scon = NULL;
}
totalTime += tm_Time_F(STOP); /* Add the time for this iteration */
i=(int)((long)time(NULL)-finishtime+maxTime);
printf( "\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n", nConn, totalTime, ((double)nConn/totalTime),bytes_read);
printf( "%d connections in %ld real seconds, %ld bytes read per connection\n",nConn,(long)time(NULL)-finishtime+maxTime,bytes_read/nConn);
i = (int)((long)time(NULL) - finishtime + maxTime);
printf
("\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n",
nConn, totalTime, ((double)nConn / totalTime), bytes_read);
printf
("%d connections in %ld real seconds, %ld bytes read per connection\n",
nConn, (long)time(NULL) - finishtime + maxTime, bytes_read / nConn);
/* Now loop and time connections using the same session id over and over */
/*
* Now loop and time connections using the same session id over and over
*/
next:
if (!(perform & 2)) goto end;
printf( "\n\nNow timing with session id reuse.\n" );
next:
if (!(perform & 2))
goto end;
printf("\n\nNow timing with session id reuse.\n");
/* Get an SSL object so we can reuse the session id */
if( (scon = doConnection( NULL )) == NULL )
{
fprintf( stderr, "Unable to get connection\n" );
if ((scon = doConnection(NULL)) == NULL) {
fprintf(stderr, "Unable to get connection\n");
goto end;
}
if (s_www_path != NULL)
{
BIO_snprintf(buf,sizeof buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
SSL_write(scon,buf,strlen(buf));
while (SSL_read(scon,buf,sizeof(buf)) > 0)
;
if (s_www_path != NULL) {
BIO_snprintf(buf, sizeof buf, "GET %s HTTP/1.0\r\n\r\n", s_www_path);
SSL_write(scon, buf, strlen(buf));
while (SSL_read(scon, buf, sizeof(buf)) > 0) ;
}
#ifdef NO_SHUTDOWN
SSL_set_shutdown(scon,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
#else
SSL_shutdown(scon);
#endif
@ -478,37 +491,36 @@ next:
nConn = 0;
totalTime = 0.0;
finishtime=(long)time(NULL)+maxTime;
finishtime = (long)time(NULL) + maxTime;
printf( "starting\n" );
bytes_read=0;
printf("starting\n");
bytes_read = 0;
tm_Time_F(START);
for (;;)
{
if (finishtime < (long)time(NULL)) break;
for (;;) {
if (finishtime < (long)time(NULL))
break;
#ifdef WIN32_STUFF
if( flushWinMsgs(0) == -1 )
if (flushWinMsgs(0) == -1)
goto end;
if( waitingToDie || exitNow ) /* we're dead */
if (waitingToDie || exitNow) /* we're dead */
goto end;
#endif
if( (doConnection( scon )) == NULL )
if ((doConnection(scon)) == NULL)
goto end;
if (s_www_path)
{
BIO_snprintf(buf,sizeof buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
SSL_write(scon,buf,strlen(buf));
while ((i=SSL_read(scon,buf,sizeof(buf))) > 0)
bytes_read+=i;
if (s_www_path) {
BIO_snprintf(buf, sizeof buf, "GET %s HTTP/1.0\r\n\r\n",
s_www_path);
SSL_write(scon, buf, strlen(buf));
while ((i = SSL_read(scon, buf, sizeof(buf))) > 0)
bytes_read += i;
}
#ifdef NO_SHUTDOWN
SSL_set_shutdown(scon,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
#else
SSL_shutdown(scon);
#endif
@ -516,40 +528,42 @@ next:
nConn += 1;
if (SSL_session_reused(scon))
ver='r';
else
{
ver=SSL_version(scon);
ver = 'r';
else {
ver = SSL_version(scon);
if (ver == TLS1_VERSION)
ver='t';
ver = 't';
else if (ver == SSL3_VERSION)
ver='3';
ver = '3';
else if (ver == SSL2_VERSION)
ver='2';
ver = '2';
else
ver='*';
ver = '*';
}
fputc(ver,stdout);
fputc(ver, stdout);
fflush(stdout);
}
totalTime += tm_Time_F(STOP); /* Add the time for this iteration*/
totalTime += tm_Time_F(STOP); /* Add the time for this iteration */
printf
("\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n",
nConn, totalTime, ((double)nConn / totalTime), bytes_read);
printf
("%d connections in %ld real seconds, %ld bytes read per connection\n",
nConn, (long)time(NULL) - finishtime + maxTime, bytes_read / nConn);
printf( "\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n", nConn, totalTime, ((double)nConn/totalTime),bytes_read);
printf( "%d connections in %ld real seconds, %ld bytes read per connection\n",nConn,(long)time(NULL)-finishtime+maxTime,bytes_read/nConn);
ret = 0;
end:
if (scon != NULL)
SSL_free(scon);
ret=0;
end:
if (scon != NULL) SSL_free(scon);
if (tm_ctx != NULL)
{
if (tm_ctx != NULL) {
SSL_CTX_free(tm_ctx);
tm_ctx=NULL;
tm_ctx = NULL;
}
apps_shutdown();
OPENSSL_EXIT(ret);
}
}
/*-
* doConnection - make a connection
@ -559,60 +573,57 @@ end:
* SSL * = the connection pointer.
*/
static SSL *doConnection(SSL *scon)
{
{
BIO *conn;
SSL *serverCon;
int width, i;
fd_set readfds;
if ((conn=BIO_new(BIO_s_connect())) == NULL)
return(NULL);
if ((conn = BIO_new(BIO_s_connect())) == NULL)
return (NULL);
/* BIO_set_conn_port(conn,port);*/
BIO_set_conn_hostname(conn,host);
BIO_set_conn_hostname(conn, host);
if (scon == NULL)
serverCon=SSL_new(tm_ctx);
else
{
serverCon=scon;
serverCon = SSL_new(tm_ctx);
else {
serverCon = scon;
SSL_set_connect_state(serverCon);
}
SSL_set_bio(serverCon,conn,conn);
SSL_set_bio(serverCon, conn, conn);
#if 0
if( scon != NULL )
SSL_set_session(serverCon,SSL_get_session(scon));
if (scon != NULL)
SSL_set_session(serverCon, SSL_get_session(scon));
#endif
/* ok, lets connect */
for(;;) {
i=SSL_connect(serverCon);
if (BIO_sock_should_retry(i))
{
BIO_printf(bio_err,"DELAY\n");
for (;;) {
i = SSL_connect(serverCon);
if (BIO_sock_should_retry(i)) {
BIO_printf(bio_err, "DELAY\n");
i=SSL_get_fd(serverCon);
width=i+1;
i = SSL_get_fd(serverCon);
width = i + 1;
FD_ZERO(&readfds);
openssl_fdset(i,&readfds);
/* Note: under VMS with SOCKETSHR the 2nd parameter
* is currently of type (int *) whereas under other
* systems it is (void *) if you don't have a cast it
* will choke the compiler: if you do have a cast then
* you can either go for (int *) or (void *).
openssl_fdset(i, &readfds);
/*
* Note: under VMS with SOCKETSHR the 2nd parameter is currently
* of type (int *) whereas under other systems it is (void *) if
* you don't have a cast it will choke the compiler: if you do
* have a cast then you can either go for (int *) or (void *).
*/
select(width,(void *)&readfds,NULL,NULL,NULL);
select(width, (void *)&readfds, NULL, NULL, NULL);
continue;
}
break;
}
if(i <= 0)
{
BIO_printf(bio_err,"ERROR\n");
if (i <= 0) {
BIO_printf(bio_err, "ERROR\n");
if (verify_error != X509_V_OK)
BIO_printf(bio_err,"verify error:%s\n",
BIO_printf(bio_err, "verify error:%s\n",
X509_verify_cert_error_string(verify_error));
else
ERR_print_errors(bio_err);
@ -622,6 +633,4 @@ static SSL *doConnection(SSL *scon)
}
return serverCon;
}
}

266
apps/sess_id.c
View File

@ -69,18 +69,18 @@
#undef PROG
#define PROG sess_id_main
static const char *sess_id_usage[]={
"usage: sess_id args\n",
"\n",
" -inform arg - input format - default PEM (DER or PEM)\n",
" -outform arg - output format - default PEM\n",
" -in arg - input file - default stdin\n",
" -out arg - output file - default stdout\n",
" -text - print ssl session id details\n",
" -cert - output certificate \n",
" -noout - no CRL output\n",
" -context arg - set the session ID context\n",
NULL
static const char *sess_id_usage[] = {
"usage: sess_id args\n",
"\n",
" -inform arg - input format - default PEM (DER or PEM)\n",
" -outform arg - output format - default PEM\n",
" -in arg - input file - default stdin\n",
" -out arg - output file - default stdout\n",
" -text - print ssl session id details\n",
" -cert - output certificate \n",
" -noout - no CRL output\n",
" -context arg - set the session ID context\n",
NULL
};
static SSL_SESSION *load_sess_id(char *file, int format);
@ -88,235 +88,213 @@ static SSL_SESSION *load_sess_id(char *file, int format);
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
SSL_SESSION *x=NULL;
{
SSL_SESSION *x = NULL;
X509 *peer = NULL;
int ret=1,i,num,badops=0;
BIO *out=NULL;
int informat,outformat;
char *infile=NULL,*outfile=NULL,*context=NULL;
int cert=0,noout=0,text=0;
int ret = 1, i, num, badops = 0;
BIO *out = NULL;
int informat, outformat;
char *infile = NULL, *outfile = NULL, *context = NULL;
int cert = 0, noout = 0, text = 0;
const char **pp;
apps_startup();
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
informat=FORMAT_PEM;
outformat=FORMAT_PEM;
informat = FORMAT_PEM;
outformat = FORMAT_PEM;
argc--;
argv++;
num=0;
while (argc >= 1)
{
if (strcmp(*argv,"-inform") == 0)
{
if (--argc < 1) goto bad;
informat=str2fmt(*(++argv));
}
else if (strcmp(*argv,"-outform") == 0)
{
if (--argc < 1) goto bad;
outformat=str2fmt(*(++argv));
}
else if (strcmp(*argv,"-in") == 0)
{
if (--argc < 1) goto bad;
infile= *(++argv);
}
else if (strcmp(*argv,"-out") == 0)
{
if (--argc < 1) goto bad;
outfile= *(++argv);
}
else if (strcmp(*argv,"-text") == 0)
text= ++num;
else if (strcmp(*argv,"-cert") == 0)
cert= ++num;
else if (strcmp(*argv,"-noout") == 0)
noout= ++num;
else if (strcmp(*argv,"-context") == 0)
{
if(--argc < 1) goto bad;
context=*++argv;
}
else
{
BIO_printf(bio_err,"unknown option %s\n",*argv);
badops=1;
num = 0;
while (argc >= 1) {
if (strcmp(*argv, "-inform") == 0) {
if (--argc < 1)
goto bad;
informat = str2fmt(*(++argv));
} else if (strcmp(*argv, "-outform") == 0) {
if (--argc < 1)
goto bad;
outformat = str2fmt(*(++argv));
} else if (strcmp(*argv, "-in") == 0) {
if (--argc < 1)
goto bad;
infile = *(++argv);
} else if (strcmp(*argv, "-out") == 0) {
if (--argc < 1)
goto bad;
outfile = *(++argv);
} else if (strcmp(*argv, "-text") == 0)
text = ++num;
else if (strcmp(*argv, "-cert") == 0)
cert = ++num;
else if (strcmp(*argv, "-noout") == 0)
noout = ++num;
else if (strcmp(*argv, "-context") == 0) {
if (--argc < 1)
goto bad;
context = *++argv;
} else {
BIO_printf(bio_err, "unknown option %s\n", *argv);
badops = 1;
break;
}
argc--;
argv++;
}
if (badops)
{
bad:
for (pp=sess_id_usage; (*pp != NULL); pp++)
BIO_printf(bio_err,"%s",*pp);
if (badops) {
bad:
for (pp = sess_id_usage; (*pp != NULL); pp++)
BIO_printf(bio_err, "%s", *pp);
goto end;
}
ERR_load_crypto_strings();
x=load_sess_id(infile,informat);
if (x == NULL) { goto end; }
x = load_sess_id(infile, informat);
if (x == NULL) {
goto end;
}
peer = SSL_SESSION_get0_peer(x);
if(context)
{
if (context) {
size_t ctx_len = strlen(context);
if(ctx_len > SSL_MAX_SID_CTX_LENGTH)
{
BIO_printf(bio_err,"Context too long\n");
if (ctx_len > SSL_MAX_SID_CTX_LENGTH) {
BIO_printf(bio_err, "Context too long\n");
goto end;
}
SSL_SESSION_set1_id_context(x, (unsigned char *)context, ctx_len);
}
#ifdef undef
/* just testing for memory leaks :-) */
{
SSL_SESSION *s;
char buf[1024*10],*p;
char buf[1024 * 10], *p;
int i;
s=SSL_SESSION_new();
s = SSL_SESSION_new();
p= &buf;
i=i2d_SSL_SESSION(x,&p);
p= &buf;
d2i_SSL_SESSION(&s,&p,(long)i);
p= &buf;
d2i_SSL_SESSION(&s,&p,(long)i);
p= &buf;
d2i_SSL_SESSION(&s,&p,(long)i);
p = &buf;
i = i2d_SSL_SESSION(x, &p);
p = &buf;
d2i_SSL_SESSION(&s, &p, (long)i);
p = &buf;
d2i_SSL_SESSION(&s, &p, (long)i);
p = &buf;
d2i_SSL_SESSION(&s, &p, (long)i);
SSL_SESSION_free(s);
}
#endif
if (!noout || text)
{
out=BIO_new(BIO_s_file());
if (out == NULL)
{
if (!noout || text) {
out = BIO_new(BIO_s_file());
if (out == NULL) {
ERR_print_errors(bio_err);
goto end;
}
if (outfile == NULL)
{
BIO_set_fp(out,stdout,BIO_NOCLOSE);
if (outfile == NULL) {
BIO_set_fp(out, stdout, BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
out = BIO_push(tmpbio, out);
}
#endif
}
else
{
if (BIO_write_filename(out,outfile) <= 0)
{
} else {
if (BIO_write_filename(out, outfile) <= 0) {
perror(outfile);
goto end;
}
}
}
if (text)
{
SSL_SESSION_print(out,x);
if (text) {
SSL_SESSION_print(out, x);
if (cert)
{
if (cert) {
if (peer == NULL)
BIO_puts(out,"No certificate present\n");
BIO_puts(out, "No certificate present\n");
else
X509_print(out,peer);
X509_print(out, peer);
}
}
if (!noout && !cert)
{
if (!noout && !cert) {
if (outformat == FORMAT_ASN1)
i=i2d_SSL_SESSION_bio(out,x);
i = i2d_SSL_SESSION_bio(out, x);
else if (outformat == FORMAT_PEM)
i=PEM_write_bio_SSL_SESSION(out,x);
i = PEM_write_bio_SSL_SESSION(out, x);
else {
BIO_printf(bio_err,"bad output format specified for outfile\n");
BIO_printf(bio_err, "bad output format specified for outfile\n");
goto end;
}
if (!i) {
BIO_printf(bio_err,"unable to write SSL_SESSION\n");
BIO_printf(bio_err, "unable to write SSL_SESSION\n");
goto end;
}
}
else if (!noout && (peer != NULL)) /* just print the certificate */
{
} else if (!noout && (peer != NULL)) { /* just print the certificate */
if (outformat == FORMAT_ASN1)
i=(int)i2d_X509_bio(out,peer);
i = (int)i2d_X509_bio(out, peer);
else if (outformat == FORMAT_PEM)
i=PEM_write_bio_X509(out,peer);
i = PEM_write_bio_X509(out, peer);
else {
BIO_printf(bio_err,"bad output format specified for outfile\n");
BIO_printf(bio_err, "bad output format specified for outfile\n");
goto end;
}
if (!i) {
BIO_printf(bio_err,"unable to write X509\n");
BIO_printf(bio_err, "unable to write X509\n");
goto end;
}
}
ret=0;
end:
if (out != NULL) BIO_free_all(out);
if (x != NULL) SSL_SESSION_free(x);
ret = 0;
end:
if (out != NULL)
BIO_free_all(out);
if (x != NULL)
SSL_SESSION_free(x);
apps_shutdown();
OPENSSL_EXIT(ret);
}
}
static SSL_SESSION *load_sess_id(char *infile, int format)
{
SSL_SESSION *x=NULL;
BIO *in=NULL;
{
SSL_SESSION *x = NULL;
BIO *in = NULL;
in=BIO_new(BIO_s_file());
if (in == NULL)
{
in = BIO_new(BIO_s_file());
if (in == NULL) {
ERR_print_errors(bio_err);
goto end;
}
if (infile == NULL)
BIO_set_fp(in,stdin,BIO_NOCLOSE);
else
{
if (BIO_read_filename(in,infile) <= 0)
{
BIO_set_fp(in, stdin, BIO_NOCLOSE);
else {
if (BIO_read_filename(in, infile) <= 0) {
perror(infile);
goto end;
}
}
if (format == FORMAT_ASN1)
x=d2i_SSL_SESSION_bio(in,NULL);
x = d2i_SSL_SESSION_bio(in, NULL);
else if (format == FORMAT_PEM)
x=PEM_read_bio_SSL_SESSION(in,NULL,NULL,NULL);
x = PEM_read_bio_SSL_SESSION(in, NULL, NULL, NULL);
else {
BIO_printf(bio_err,"bad input format specified for input crl\n");
BIO_printf(bio_err, "bad input format specified for input crl\n");
goto end;
}
if (x == NULL)
{
BIO_printf(bio_err,"unable to load SSL_SESSION\n");
if (x == NULL) {
BIO_printf(bio_err, "unable to load SSL_SESSION\n");
ERR_print_errors(bio_err);
goto end;
}
end:
if (in != NULL) BIO_free(in);
return(x);
}
end:
if (in != NULL)
BIO_free(in);
return (x);
}

545
apps/smime.c
View File

@ -1,5 +1,6 @@
/* smime.c */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
*/
/* ====================================================================
@ -85,7 +86,7 @@ static int smime_cb(int ok, X509_STORE_CTX *ctx);
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
{
ENGINE *e = NULL;
int operation = 0;
int ret = 0;
@ -94,7 +95,7 @@ int MAIN(int argc, char **argv)
char *infile = NULL, *outfile = NULL;
char *signerfile = NULL, *recipfile = NULL;
STACK_OF(OPENSSL_STRING) *sksigners = NULL, *skkeys = NULL;
char *certfile = NULL, *keyfile = NULL, *contfile=NULL;
char *certfile = NULL, *keyfile = NULL, *contfile = NULL;
const EVP_CIPHER *cipher = NULL;
PKCS7 *p7 = NULL;
X509_STORE *store = NULL;
@ -114,7 +115,7 @@ int MAIN(int argc, char **argv)
int informat = FORMAT_SMIME, outformat = FORMAT_SMIME;
int keyform = FORMAT_PEM;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
char *engine = NULL;
#endif
X509_VERIFY_PARAM *vpm = NULL;
@ -124,95 +125,92 @@ int MAIN(int argc, char **argv)
apps_startup();
if (bio_err == NULL)
{
if (bio_err == NULL) {
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT);
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
}
if (!load_config(bio_err, NULL))
goto end;
while (!badarg && *args && *args[0] == '-')
{
if (!strcmp (*args, "-encrypt"))
while (!badarg && *args && *args[0] == '-') {
if (!strcmp(*args, "-encrypt"))
operation = SMIME_ENCRYPT;
else if (!strcmp (*args, "-decrypt"))
else if (!strcmp(*args, "-decrypt"))
operation = SMIME_DECRYPT;
else if (!strcmp (*args, "-sign"))
else if (!strcmp(*args, "-sign"))
operation = SMIME_SIGN;
else if (!strcmp (*args, "-resign"))
else if (!strcmp(*args, "-resign"))
operation = SMIME_RESIGN;
else if (!strcmp (*args, "-verify"))
else if (!strcmp(*args, "-verify"))
operation = SMIME_VERIFY;
else if (!strcmp (*args, "-pk7out"))
else if (!strcmp(*args, "-pk7out"))
operation = SMIME_PK7OUT;
#ifndef OPENSSL_NO_DES
else if (!strcmp (*args, "-des3"))
else if (!strcmp(*args, "-des3"))
cipher = EVP_des_ede3_cbc();
else if (!strcmp (*args, "-des"))
else if (!strcmp(*args, "-des"))
cipher = EVP_des_cbc();
#endif
#ifndef OPENSSL_NO_SEED
else if (!strcmp (*args, "-seed"))
else if (!strcmp(*args, "-seed"))
cipher = EVP_seed_cbc();
#endif
#ifndef OPENSSL_NO_RC2
else if (!strcmp (*args, "-rc2-40"))
else if (!strcmp(*args, "-rc2-40"))
cipher = EVP_rc2_40_cbc();
else if (!strcmp (*args, "-rc2-128"))
else if (!strcmp(*args, "-rc2-128"))
cipher = EVP_rc2_cbc();
else if (!strcmp (*args, "-rc2-64"))
else if (!strcmp(*args, "-rc2-64"))
cipher = EVP_rc2_64_cbc();
#endif
#ifndef OPENSSL_NO_AES
else if (!strcmp(*args,"-aes128"))
else if (!strcmp(*args, "-aes128"))
cipher = EVP_aes_128_cbc();
else if (!strcmp(*args,"-aes192"))
else if (!strcmp(*args, "-aes192"))
cipher = EVP_aes_192_cbc();
else if (!strcmp(*args,"-aes256"))
else if (!strcmp(*args, "-aes256"))
cipher = EVP_aes_256_cbc();
#endif
#ifndef OPENSSL_NO_CAMELLIA
else if (!strcmp(*args,"-camellia128"))
else if (!strcmp(*args, "-camellia128"))
cipher = EVP_camellia_128_cbc();
else if (!strcmp(*args,"-camellia192"))
else if (!strcmp(*args, "-camellia192"))
cipher = EVP_camellia_192_cbc();
else if (!strcmp(*args,"-camellia256"))
else if (!strcmp(*args, "-camellia256"))
cipher = EVP_camellia_256_cbc();
#endif
else if (!strcmp (*args, "-text"))
else if (!strcmp(*args, "-text"))
flags |= PKCS7_TEXT;
else if (!strcmp (*args, "-nointern"))
else if (!strcmp(*args, "-nointern"))
flags |= PKCS7_NOINTERN;
else if (!strcmp (*args, "-noverify"))
else if (!strcmp(*args, "-noverify"))
flags |= PKCS7_NOVERIFY;
else if (!strcmp (*args, "-nochain"))
else if (!strcmp(*args, "-nochain"))
flags |= PKCS7_NOCHAIN;
else if (!strcmp (*args, "-nocerts"))
else if (!strcmp(*args, "-nocerts"))
flags |= PKCS7_NOCERTS;
else if (!strcmp (*args, "-noattr"))
else if (!strcmp(*args, "-noattr"))
flags |= PKCS7_NOATTR;
else if (!strcmp (*args, "-nodetach"))
else if (!strcmp(*args, "-nodetach"))
flags &= ~PKCS7_DETACHED;
else if (!strcmp (*args, "-nosmimecap"))
else if (!strcmp(*args, "-nosmimecap"))
flags |= PKCS7_NOSMIMECAP;
else if (!strcmp (*args, "-binary"))
else if (!strcmp(*args, "-binary"))
flags |= PKCS7_BINARY;
else if (!strcmp (*args, "-nosigs"))
else if (!strcmp(*args, "-nosigs"))
flags |= PKCS7_NOSIGS;
else if (!strcmp (*args, "-stream"))
else if (!strcmp(*args, "-stream"))
indef = 1;
else if (!strcmp (*args, "-indef"))
else if (!strcmp(*args, "-indef"))
indef = 1;
else if (!strcmp (*args, "-noindef"))
else if (!strcmp(*args, "-noindef"))
indef = 0;
else if (!strcmp (*args, "-nooldmime"))
else if (!strcmp(*args, "-nooldmime"))
flags |= PKCS7_NOOLDMIMETYPE;
else if (!strcmp (*args, "-crlfeol"))
else if (!strcmp(*args, "-crlfeol"))
flags |= PKCS7_CRLFEOL;
else if (!strcmp(*args,"-rand"))
{
else if (!strcmp(*args, "-rand")) {
if (!args[1])
goto argerr;
args++;
@ -220,45 +218,34 @@ int MAIN(int argc, char **argv)
need_rand = 1;
}
#ifndef OPENSSL_NO_ENGINE
else if (!strcmp(*args,"-engine"))
{
else if (!strcmp(*args, "-engine")) {
if (!args[1])
goto argerr;
engine = *++args;
}
#endif
else if (!strcmp(*args,"-passin"))
{
else if (!strcmp(*args, "-passin")) {
if (!args[1])
goto argerr;
passargin = *++args;
}
else if (!strcmp (*args, "-to"))
{
} else if (!strcmp(*args, "-to")) {
if (!args[1])
goto argerr;
to = *++args;
}
else if (!strcmp (*args, "-from"))
{
} else if (!strcmp(*args, "-from")) {
if (!args[1])
goto argerr;
from = *++args;
}
else if (!strcmp (*args, "-subject"))
{
} else if (!strcmp(*args, "-subject")) {
if (!args[1])
goto argerr;
subject = *++args;
}
else if (!strcmp (*args, "-signer"))
{
} else if (!strcmp(*args, "-signer")) {
if (!args[1])
goto argerr;
/* If previous -signer argument add signer to list */
if (signerfile)
{
if (signerfile) {
if (!sksigners)
sksigners = sk_OPENSSL_STRING_new_null();
sk_OPENSSL_STRING_push(sksigners, signerfile);
@ -270,34 +257,24 @@ int MAIN(int argc, char **argv)
keyfile = NULL;
}
signerfile = *++args;
}
else if (!strcmp (*args, "-recip"))
{
} else if (!strcmp(*args, "-recip")) {
if (!args[1])
goto argerr;
recipfile = *++args;
}
else if (!strcmp (*args, "-md"))
{
} else if (!strcmp(*args, "-md")) {
if (!args[1])
goto argerr;
sign_md = EVP_get_digestbyname(*++args);
if (sign_md == NULL)
{
BIO_printf(bio_err, "Unknown digest %s\n",
*args);
if (sign_md == NULL) {
BIO_printf(bio_err, "Unknown digest %s\n", *args);
goto argerr;
}
}
else if (!strcmp (*args, "-inkey"))
{
} else if (!strcmp(*args, "-inkey")) {
if (!args[1])
goto argerr;
/* If previous -inkey arument add signer to list */
if (keyfile)
{
if (!signerfile)
{
if (keyfile) {
if (!signerfile) {
BIO_puts(bio_err, "Illegal -inkey without -signer\n");
goto argerr;
}
@ -310,84 +287,61 @@ int MAIN(int argc, char **argv)
sk_OPENSSL_STRING_push(skkeys, keyfile);
}
keyfile = *++args;
}
else if (!strcmp (*args, "-keyform"))
{
} else if (!strcmp(*args, "-keyform")) {
if (!args[1])
goto argerr;
keyform = str2fmt(*++args);
}
else if (!strcmp (*args, "-certfile"))
{
} else if (!strcmp(*args, "-certfile")) {
if (!args[1])
goto argerr;
certfile = *++args;
}
else if (!strcmp (*args, "-CAfile"))
{
} else if (!strcmp(*args, "-CAfile")) {
if (!args[1])
goto argerr;
CAfile = *++args;
}
else if (!strcmp (*args, "-CApath"))
{
} else if (!strcmp(*args, "-CApath")) {
if (!args[1])
goto argerr;
CApath = *++args;
}
else if (!strcmp (*args, "-in"))
{
} else if (!strcmp(*args, "-in")) {
if (!args[1])
goto argerr;
infile = *++args;
}
else if (!strcmp (*args, "-inform"))
{
} else if (!strcmp(*args, "-inform")) {
if (!args[1])
goto argerr;
informat = str2fmt(*++args);
}
else if (!strcmp (*args, "-outform"))
{
} else if (!strcmp(*args, "-outform")) {
if (!args[1])
goto argerr;
outformat = str2fmt(*++args);
}
else if (!strcmp (*args, "-out"))
{
} else if (!strcmp(*args, "-out")) {
if (!args[1])
goto argerr;
outfile = *++args;
}
else if (!strcmp (*args, "-content"))
{
} else if (!strcmp(*args, "-content")) {
if (!args[1])
goto argerr;
contfile = *++args;
}
else if (args_verify(&args, NULL, &badarg, bio_err, &vpm))
} else if (args_verify(&args, NULL, &badarg, bio_err, &vpm))
continue;
else if ((cipher = EVP_get_cipherbyname(*args + 1)) == NULL)
badarg = 1;
args++;
}
if (!(operation & SMIME_SIGNERS) && (skkeys || sksigners))
{
if (!(operation & SMIME_SIGNERS) && (skkeys || sksigners)) {
BIO_puts(bio_err, "Multiple signers or keys not allowed\n");
goto argerr;
}
if (operation & SMIME_SIGNERS)
{
if (operation & SMIME_SIGNERS) {
/* Check to see if any final signer needs to be appended */
if (keyfile && !signerfile)
{
if (keyfile && !signerfile) {
BIO_puts(bio_err, "Illegal -inkey without -signer\n");
goto argerr;
}
if (signerfile)
{
if (signerfile) {
if (!sksigners)
sksigners = sk_OPENSSL_STRING_new_null();
sk_OPENSSL_STRING_push(sksigners, signerfile);
@ -397,116 +351,127 @@ int MAIN(int argc, char **argv)
keyfile = signerfile;
sk_OPENSSL_STRING_push(skkeys, keyfile);
}
if (!sksigners)
{
if (!sksigners) {
BIO_printf(bio_err, "No signer certificate specified\n");
badarg = 1;
}
signerfile = NULL;
keyfile = NULL;
need_rand = 1;
}
else if (operation == SMIME_DECRYPT)
{
if (!recipfile && !keyfile)
{
BIO_printf(bio_err, "No recipient certificate or key specified\n");
} else if (operation == SMIME_DECRYPT) {
if (!recipfile && !keyfile) {
BIO_printf(bio_err,
"No recipient certificate or key specified\n");
badarg = 1;
}
}
else if (operation == SMIME_ENCRYPT)
{
if (!*args)
{
} else if (operation == SMIME_ENCRYPT) {
if (!*args) {
BIO_printf(bio_err, "No recipient(s) certificate(s) specified\n");
badarg = 1;
}
need_rand = 1;
}
else if (!operation)
} else if (!operation)
badarg = 1;
if (badarg)
{
if (badarg) {
argerr:
BIO_printf (bio_err, "Usage smime [options] cert.pem ...\n");
BIO_printf (bio_err, "where options are\n");
BIO_printf (bio_err, "-encrypt encrypt message\n");
BIO_printf (bio_err, "-decrypt decrypt encrypted message\n");
BIO_printf (bio_err, "-sign sign message\n");
BIO_printf (bio_err, "-verify verify signed message\n");
BIO_printf (bio_err, "-pk7out output PKCS#7 structure\n");
BIO_printf(bio_err, "Usage smime [options] cert.pem ...\n");
BIO_printf(bio_err, "where options are\n");
BIO_printf(bio_err, "-encrypt encrypt message\n");
BIO_printf(bio_err, "-decrypt decrypt encrypted message\n");
BIO_printf(bio_err, "-sign sign message\n");
BIO_printf(bio_err, "-verify verify signed message\n");
BIO_printf(bio_err, "-pk7out output PKCS#7 structure\n");
#ifndef OPENSSL_NO_DES
BIO_printf (bio_err, "-des3 encrypt with triple DES\n");
BIO_printf (bio_err, "-des encrypt with DES\n");
BIO_printf(bio_err, "-des3 encrypt with triple DES\n");
BIO_printf(bio_err, "-des encrypt with DES\n");
#endif
#ifndef OPENSSL_NO_SEED
BIO_printf (bio_err, "-seed encrypt with SEED\n");
BIO_printf(bio_err, "-seed encrypt with SEED\n");
#endif
#ifndef OPENSSL_NO_RC2
BIO_printf (bio_err, "-rc2-40 encrypt with RC2-40 (default)\n");
BIO_printf (bio_err, "-rc2-64 encrypt with RC2-64\n");
BIO_printf (bio_err, "-rc2-128 encrypt with RC2-128\n");
BIO_printf(bio_err, "-rc2-40 encrypt with RC2-40 (default)\n");
BIO_printf(bio_err, "-rc2-64 encrypt with RC2-64\n");
BIO_printf(bio_err, "-rc2-128 encrypt with RC2-128\n");
#endif
#ifndef OPENSSL_NO_AES
BIO_printf (bio_err, "-aes128, -aes192, -aes256\n");
BIO_printf (bio_err, " encrypt PEM output with cbc aes\n");
BIO_printf(bio_err, "-aes128, -aes192, -aes256\n");
BIO_printf(bio_err,
" encrypt PEM output with cbc aes\n");
#endif
#ifndef OPENSSL_NO_CAMELLIA
BIO_printf (bio_err, "-camellia128, -camellia192, -camellia256\n");
BIO_printf (bio_err, " encrypt PEM output with cbc camellia\n");
BIO_printf(bio_err, "-camellia128, -camellia192, -camellia256\n");
BIO_printf(bio_err,
" encrypt PEM output with cbc camellia\n");
#endif
BIO_printf (bio_err, "-nointern don't search certificates in message for signer\n");
BIO_printf (bio_err, "-nosigs don't verify message signature\n");
BIO_printf (bio_err, "-noverify don't verify signers certificate\n");
BIO_printf (bio_err, "-nocerts don't include signers certificate when signing\n");
BIO_printf (bio_err, "-nodetach use opaque signing\n");
BIO_printf (bio_err, "-noattr don't include any signed attributes\n");
BIO_printf (bio_err, "-binary don't translate message to text\n");
BIO_printf (bio_err, "-certfile file other certificates file\n");
BIO_printf (bio_err, "-signer file signer certificate file\n");
BIO_printf (bio_err, "-recip file recipient certificate file for decryption\n");
BIO_printf (bio_err, "-in file input file\n");
BIO_printf (bio_err, "-inform arg input format SMIME (default), PEM or DER\n");
BIO_printf (bio_err, "-inkey file input private key (if not signer or recipient)\n");
BIO_printf (bio_err, "-keyform arg input private key format (PEM or ENGINE)\n");
BIO_printf (bio_err, "-out file output file\n");
BIO_printf (bio_err, "-outform arg output format SMIME (default), PEM or DER\n");
BIO_printf (bio_err, "-content file supply or override content for detached signature\n");
BIO_printf (bio_err, "-to addr to address\n");
BIO_printf (bio_err, "-from ad from address\n");
BIO_printf (bio_err, "-subject s subject\n");
BIO_printf (bio_err, "-text include or delete text MIME headers\n");
BIO_printf (bio_err, "-CApath dir trusted certificates directory\n");
BIO_printf (bio_err, "-CAfile file trusted certificates file\n");
BIO_printf (bio_err, "-crl_check check revocation status of signer's certificate using CRLs\n");
BIO_printf (bio_err, "-crl_check_all check revocation status of signer's certificate chain using CRLs\n");
BIO_printf(bio_err,
"-nointern don't search certificates in message for signer\n");
BIO_printf(bio_err,
"-nosigs don't verify message signature\n");
BIO_printf(bio_err,
"-noverify don't verify signers certificate\n");
BIO_printf(bio_err,
"-nocerts don't include signers certificate when signing\n");
BIO_printf(bio_err, "-nodetach use opaque signing\n");
BIO_printf(bio_err,
"-noattr don't include any signed attributes\n");
BIO_printf(bio_err,
"-binary don't translate message to text\n");
BIO_printf(bio_err, "-certfile file other certificates file\n");
BIO_printf(bio_err, "-signer file signer certificate file\n");
BIO_printf(bio_err,
"-recip file recipient certificate file for decryption\n");
BIO_printf(bio_err, "-in file input file\n");
BIO_printf(bio_err,
"-inform arg input format SMIME (default), PEM or DER\n");
BIO_printf(bio_err,
"-inkey file input private key (if not signer or recipient)\n");
BIO_printf(bio_err,
"-keyform arg input private key format (PEM or ENGINE)\n");
BIO_printf(bio_err, "-out file output file\n");
BIO_printf(bio_err,
"-outform arg output format SMIME (default), PEM or DER\n");
BIO_printf(bio_err,
"-content file supply or override content for detached signature\n");
BIO_printf(bio_err, "-to addr to address\n");
BIO_printf(bio_err, "-from ad from address\n");
BIO_printf(bio_err, "-subject s subject\n");
BIO_printf(bio_err,
"-text include or delete text MIME headers\n");
BIO_printf(bio_err,
"-CApath dir trusted certificates directory\n");
BIO_printf(bio_err, "-CAfile file trusted certificates file\n");
BIO_printf(bio_err,
"-crl_check check revocation status of signer's certificate using CRLs\n");
BIO_printf(bio_err,
"-crl_check_all check revocation status of signer's certificate chain using CRLs\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf (bio_err, "-engine e use engine e, possibly a hardware device.\n");
BIO_printf(bio_err,
"-engine e use engine e, possibly a hardware device.\n");
#endif
BIO_printf (bio_err, "-passin arg input file pass phrase source\n");
BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err, " load the file (or the files in the directory) into\n");
BIO_printf(bio_err, "-passin arg input file pass phrase source\n");
BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR,
LIST_SEPARATOR_CHAR);
BIO_printf(bio_err,
" load the file (or the files in the directory) into\n");
BIO_printf(bio_err, " the random number generator\n");
BIO_printf (bio_err, "cert.pem recipient certificate(s) for encryption\n");
BIO_printf(bio_err,
"cert.pem recipient certificate(s) for encryption\n");
goto end;
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if (!app_passwd(bio_err, passargin, NULL, &passin, NULL))
{
if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
BIO_printf(bio_err, "Error getting password\n");
goto end;
}
if (need_rand)
{
if (need_rand) {
app_RAND_load_file(NULL, bio_err, (inrand != NULL));
if (inrand != NULL)
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
app_RAND_load_files(inrand));
}
@ -515,32 +480,24 @@ int MAIN(int argc, char **argv)
if (!(operation & SMIME_SIGNERS))
flags &= ~PKCS7_DETACHED;
if (operation & SMIME_OP)
{
if (operation & SMIME_OP) {
if (outformat == FORMAT_ASN1)
outmode = "wb";
}
else
{
} else {
if (flags & PKCS7_BINARY)
outmode = "wb";
}
if (operation & SMIME_IP)
{
if (operation & SMIME_IP) {
if (informat == FORMAT_ASN1)
inmode = "rb";
}
else
{
} else {
if (flags & PKCS7_BINARY)
inmode = "rb";
}
if (operation == SMIME_ENCRYPT)
{
if (!cipher)
{
if (operation == SMIME_ENCRYPT) {
if (!cipher) {
#ifndef OPENSSL_NO_DES
cipher = EVP_des_ede3_cbc();
#else
@ -549,13 +506,13 @@ int MAIN(int argc, char **argv)
#endif
}
encerts = sk_X509_new_null();
while (*args)
{
if (!(cert = load_cert(bio_err,*args,FORMAT_PEM,
NULL, e, "recipient certificate file")))
{
while (*args) {
if (!(cert = load_cert(bio_err, *args, FORMAT_PEM,
NULL, e, "recipient certificate file"))) {
#if 0 /* An appropriate message is already printed */
BIO_printf(bio_err, "Can't read recipient certificate file %s\n", *args);
BIO_printf(bio_err,
"Can't read recipient certificate file %s\n",
*args);
#endif
goto end;
}
@ -565,99 +522,77 @@ int MAIN(int argc, char **argv)
}
}
if (certfile)
{
if (!(other = load_certs(bio_err,certfile,FORMAT_PEM, NULL,
e, "certificate file")))
{
if (certfile) {
if (!(other = load_certs(bio_err, certfile, FORMAT_PEM, NULL,
e, "certificate file"))) {
ERR_print_errors(bio_err);
goto end;
}
}
if (recipfile && (operation == SMIME_DECRYPT))
{
if (!(recip = load_cert(bio_err,recipfile,FORMAT_PEM,NULL,
e, "recipient certificate file")))
{
if (recipfile && (operation == SMIME_DECRYPT)) {
if (!(recip = load_cert(bio_err, recipfile, FORMAT_PEM, NULL,
e, "recipient certificate file"))) {
ERR_print_errors(bio_err);
goto end;
}
}
if (operation == SMIME_DECRYPT)
{
if (operation == SMIME_DECRYPT) {
if (!keyfile)
keyfile = recipfile;
}
else if (operation == SMIME_SIGN)
{
} else if (operation == SMIME_SIGN) {
if (!keyfile)
keyfile = signerfile;
}
else keyfile = NULL;
} else
keyfile = NULL;
if (keyfile)
{
if (keyfile) {
key = load_key(bio_err, keyfile, keyform, 0, passin, e,
"signing key file");
if (!key)
goto end;
}
if (infile)
{
if (!(in = BIO_new_file(infile, inmode)))
{
BIO_printf (bio_err,
"Can't open input file %s\n", infile);
if (infile) {
if (!(in = BIO_new_file(infile, inmode))) {
BIO_printf(bio_err, "Can't open input file %s\n", infile);
goto end;
}
}
else
} else
in = BIO_new_fp(stdin, BIO_NOCLOSE);
if (operation & SMIME_IP)
{
if (operation & SMIME_IP) {
if (informat == FORMAT_SMIME)
p7 = SMIME_read_PKCS7(in, &indata);
else if (informat == FORMAT_PEM)
p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL);
else if (informat == FORMAT_ASN1)
p7 = d2i_PKCS7_bio(in, NULL);
else
{
else {
BIO_printf(bio_err, "Bad input format for PKCS#7 file\n");
goto end;
}
if (!p7)
{
if (!p7) {
BIO_printf(bio_err, "Error reading S/MIME message\n");
goto end;
}
if (contfile)
{
if (contfile) {
BIO_free(indata);
if (!(indata = BIO_new_file(contfile, "rb")))
{
if (!(indata = BIO_new_file(contfile, "rb"))) {
BIO_printf(bio_err, "Can't read content file %s\n", contfile);
goto end;
}
}
}
if (outfile)
{
if (!(out = BIO_new_file(outfile, outmode)))
{
BIO_printf (bio_err,
"Can't open output file %s\n", outfile);
if (outfile) {
if (!(out = BIO_new_file(outfile, outmode))) {
BIO_printf(bio_err, "Can't open output file %s\n", outfile);
goto end;
}
}
else
{
} else {
out = BIO_new_fp(stdout, BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
{
@ -667,8 +602,7 @@ int MAIN(int argc, char **argv)
#endif
}
if (operation == SMIME_VERIFY)
{
if (operation == SMIME_VERIFY) {
if (!(store = setup_verify(bio_err, CAfile, CApath)))
goto end;
X509_STORE_set_verify_cb(store, smime_cb);
@ -676,50 +610,40 @@ int MAIN(int argc, char **argv)
X509_STORE_set1_param(store, vpm);
}
ret = 3;
if (operation == SMIME_ENCRYPT)
{
if (operation == SMIME_ENCRYPT) {
if (indef)
flags |= PKCS7_STREAM;
p7 = PKCS7_encrypt(encerts, in, cipher, flags);
}
else if (operation & SMIME_SIGNERS)
{
} else if (operation & SMIME_SIGNERS) {
int i;
/* If detached data content we only enable streaming if
* S/MIME output format.
/*
* If detached data content we only enable streaming if S/MIME output
* format.
*/
if (operation == SMIME_SIGN)
{
if (flags & PKCS7_DETACHED)
{
if (operation == SMIME_SIGN) {
if (flags & PKCS7_DETACHED) {
if (outformat == FORMAT_SMIME)
flags |= PKCS7_STREAM;
}
else if (indef)
} else if (indef)
flags |= PKCS7_STREAM;
flags |= PKCS7_PARTIAL;
p7 = PKCS7_sign(NULL, NULL, other, in, flags);
if (!p7)
goto end;
if (flags & PKCS7_NOCERTS)
{
for (i = 0; i < sk_X509_num(other); i++)
{
if (flags & PKCS7_NOCERTS) {
for (i = 0; i < sk_X509_num(other); i++) {
X509 *x = sk_X509_value(other, i);
PKCS7_add_certificate(p7, x);
}
}
}
else
} else
flags |= PKCS7_REUSE_DIGEST;
for (i = 0; i < sk_OPENSSL_STRING_num(sksigners); i++)
{
for (i = 0; i < sk_OPENSSL_STRING_num(sksigners); i++) {
signerfile = sk_OPENSSL_STRING_value(sksigners, i);
keyfile = sk_OPENSSL_STRING_value(skkeys, i);
signer = load_cert(bio_err, signerfile,FORMAT_PEM, NULL,
signer = load_cert(bio_err, signerfile, FORMAT_PEM, NULL,
e, "signer certificate");
if (!signer)
goto end;
@ -727,8 +651,7 @@ int MAIN(int argc, char **argv)
"signing key file");
if (!key)
goto end;
if (!PKCS7_sign_add_signer(p7, signer, key,
sign_md, flags))
if (!PKCS7_sign_add_signer(p7, signer, key, sign_md, flags))
goto end;
X509_free(signer);
signer = NULL;
@ -736,80 +659,67 @@ int MAIN(int argc, char **argv)
key = NULL;
}
/* If not streaming or resigning finalize structure */
if ((operation == SMIME_SIGN) && !(flags & PKCS7_STREAM))
{
if ((operation == SMIME_SIGN) && !(flags & PKCS7_STREAM)) {
if (!PKCS7_final(p7, in, flags))
goto end;
}
}
if (!p7)
{
if (!p7) {
BIO_printf(bio_err, "Error creating PKCS#7 structure\n");
goto end;
}
ret = 4;
if (operation == SMIME_DECRYPT)
{
if (!PKCS7_decrypt(p7, key, recip, out, flags))
{
if (operation == SMIME_DECRYPT) {
if (!PKCS7_decrypt(p7, key, recip, out, flags)) {
BIO_printf(bio_err, "Error decrypting PKCS#7 structure\n");
goto end;
}
}
else if (operation == SMIME_VERIFY)
{
} else if (operation == SMIME_VERIFY) {
STACK_OF(X509) *signers;
if (PKCS7_verify(p7, other, store, indata, out, flags))
BIO_printf(bio_err, "Verification successful\n");
else
{
else {
BIO_printf(bio_err, "Verification failure\n");
goto end;
}
signers = PKCS7_get0_signers(p7, other, flags);
if (!save_certs(signerfile, signers))
{
BIO_printf(bio_err, "Error writing signers to %s\n",
signerfile);
if (!save_certs(signerfile, signers)) {
BIO_printf(bio_err, "Error writing signers to %s\n", signerfile);
ret = 5;
goto end;
}
sk_X509_free(signers);
}
else if (operation == SMIME_PK7OUT)
} else if (operation == SMIME_PK7OUT)
PEM_write_bio_PKCS7(out, p7);
else
{
else {
if (to)
BIO_printf(out, "To: %s\n", to);
if (from)
BIO_printf(out, "From: %s\n", from);
if (subject)
BIO_printf(out, "Subject: %s\n", subject);
if (outformat == FORMAT_SMIME)
{
if (outformat == FORMAT_SMIME) {
if (operation == SMIME_RESIGN)
SMIME_write_PKCS7(out, p7, indata, flags);
else
SMIME_write_PKCS7(out, p7, in, flags);
}
else if (outformat == FORMAT_PEM)
} else if (outformat == FORMAT_PEM)
PEM_write_bio_PKCS7_stream(out, p7, in, flags);
else if (outformat == FORMAT_ASN1)
i2d_PKCS7_bio_stream(out,p7, in, flags);
else
{
i2d_PKCS7_bio_stream(out, p7, in, flags);
else {
BIO_printf(bio_err, "Bad output format for PKCS#7 file\n");
goto end;
}
}
ret = 0;
end:
end:
if (need_rand)
app_RAND_write_file(NULL, bio_err);
if (ret) ERR_print_errors(bio_err);
if (ret)
ERR_print_errors(bio_err);
sk_X509_pop_free(encerts, X509_free);
sk_X509_pop_free(other, X509_free);
if (vpm)
@ -827,29 +737,30 @@ end:
BIO_free(in);
BIO_free(indata);
BIO_free_all(out);
if (passin) OPENSSL_free(passin);
if (passin)
OPENSSL_free(passin);
return (ret);
}
static int save_certs(char *signerfile, STACK_OF(X509) *signers)
{
{
int i;
BIO *tmp;
if (!signerfile)
return 1;
tmp = BIO_new_file(signerfile, "w");
if (!tmp) return 0;
for(i = 0; i < sk_X509_num(signers); i++)
if (!tmp)
return 0;
for (i = 0; i < sk_X509_num(signers); i++)
PEM_write_bio_X509(tmp, sk_X509_value(signers, i));
BIO_free(tmp);
return 1;
}
}
/* Minimal callback just to output policy info (if any) */
static int smime_cb(int ok, X509_STORE_CTX *ctx)
{
{
int error;
error = X509_STORE_CTX_get_error(ctx);
@ -862,4 +773,4 @@ static int smime_cb(int ok, X509_STORE_CTX *ctx)
return ok;
}
}

4078
apps/speed.c
View File

File diff suppressed because it is too large Load Diff

197
apps/spkac.c
View File

@ -1,8 +1,8 @@
/* apps/spkac.c */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999. Based on an original idea by Massimiliano Pala
* (madwolf@openca.org).
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
* 1999. Based on an original idea by Massimiliano Pala (madwolf@openca.org).
*/
/* ====================================================================
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
@ -81,12 +81,12 @@
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
{
ENGINE *e = NULL;
int i,badops=0, ret = 1;
BIO *in = NULL,*out = NULL;
int verify=0,noout=0,pubkey=0;
char *infile = NULL,*outfile = NULL,*prog;
int i, badops = 0, ret = 1;
BIO *in = NULL, *out = NULL;
int verify = 0, noout = 0, pubkey = 0;
char *infile = NULL, *outfile = NULL, *prog;
char *passargin = NULL, *passin = NULL;
const char *spkac = "SPKAC", *spksect = "default";
char *spkstr = NULL;
@ -95,119 +95,117 @@ int MAIN(int argc, char **argv)
NETSCAPE_SPKI *spki = NULL;
EVP_PKEY *pkey = NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
char *engine = NULL;
#endif
apps_startup();
if (!bio_err) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
if (!bio_err)
bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
if (!load_config(bio_err, NULL))
goto end;
prog=argv[0];
prog = argv[0];
argc--;
argv++;
while (argc >= 1)
{
if (strcmp(*argv,"-in") == 0)
{
if (--argc < 1) goto bad;
infile= *(++argv);
}
else if (strcmp(*argv,"-out") == 0)
{
if (--argc < 1) goto bad;
outfile= *(++argv);
}
else if (strcmp(*argv,"-passin") == 0)
{
if (--argc < 1) goto bad;
passargin= *(++argv);
}
else if (strcmp(*argv,"-key") == 0)
{
if (--argc < 1) goto bad;
keyfile= *(++argv);
}
else if (strcmp(*argv,"-challenge") == 0)
{
if (--argc < 1) goto bad;
challenge= *(++argv);
}
else if (strcmp(*argv,"-spkac") == 0)
{
if (--argc < 1) goto bad;
spkac= *(++argv);
}
else if (strcmp(*argv,"-spksect") == 0)
{
if (--argc < 1) goto bad;
spksect= *(++argv);
while (argc >= 1) {
if (strcmp(*argv, "-in") == 0) {
if (--argc < 1)
goto bad;
infile = *(++argv);
} else if (strcmp(*argv, "-out") == 0) {
if (--argc < 1)
goto bad;
outfile = *(++argv);
} else if (strcmp(*argv, "-passin") == 0) {
if (--argc < 1)
goto bad;
passargin = *(++argv);
} else if (strcmp(*argv, "-key") == 0) {
if (--argc < 1)
goto bad;
keyfile = *(++argv);
} else if (strcmp(*argv, "-challenge") == 0) {
if (--argc < 1)
goto bad;
challenge = *(++argv);
} else if (strcmp(*argv, "-spkac") == 0) {
if (--argc < 1)
goto bad;
spkac = *(++argv);
} else if (strcmp(*argv, "-spksect") == 0) {
if (--argc < 1)
goto bad;
spksect = *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
else if (strcmp(*argv, "-engine") == 0) {
if (--argc < 1)
goto bad;
engine = *(++argv);
}
#endif
else if (strcmp(*argv,"-noout") == 0)
noout=1;
else if (strcmp(*argv,"-pubkey") == 0)
pubkey=1;
else if (strcmp(*argv,"-verify") == 0)
verify=1;
else badops = 1;
else if (strcmp(*argv, "-noout") == 0)
noout = 1;
else if (strcmp(*argv, "-pubkey") == 0)
pubkey = 1;
else if (strcmp(*argv, "-verify") == 0)
verify = 1;
else
badops = 1;
argc--;
argv++;
}
if (badops)
{
bad:
BIO_printf(bio_err,"%s [options]\n",prog);
BIO_printf(bio_err,"where options are\n");
BIO_printf(bio_err," -in arg input file\n");
BIO_printf(bio_err," -out arg output file\n");
BIO_printf(bio_err," -key arg create SPKAC using private key\n");
BIO_printf(bio_err," -passin arg input file pass phrase source\n");
BIO_printf(bio_err," -challenge arg challenge string\n");
BIO_printf(bio_err," -spkac arg alternative SPKAC name\n");
BIO_printf(bio_err," -noout don't print SPKAC\n");
BIO_printf(bio_err," -pubkey output public key\n");
BIO_printf(bio_err," -verify verify SPKAC signature\n");
if (badops) {
bad:
BIO_printf(bio_err, "%s [options]\n", prog);
BIO_printf(bio_err, "where options are\n");
BIO_printf(bio_err, " -in arg input file\n");
BIO_printf(bio_err, " -out arg output file\n");
BIO_printf(bio_err,
" -key arg create SPKAC using private key\n");
BIO_printf(bio_err,
" -passin arg input file pass phrase source\n");
BIO_printf(bio_err, " -challenge arg challenge string\n");
BIO_printf(bio_err, " -spkac arg alternative SPKAC name\n");
BIO_printf(bio_err, " -noout don't print SPKAC\n");
BIO_printf(bio_err, " -pubkey output public key\n");
BIO_printf(bio_err, " -verify verify SPKAC signature\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
BIO_printf(bio_err,
" -engine e use engine e, possibly a hardware device.\n");
#endif
goto end;
}
ERR_load_crypto_strings();
if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
BIO_printf(bio_err, "Error getting password\n");
goto end;
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if(keyfile) {
if (keyfile) {
pkey = load_key(bio_err,
strcmp(keyfile, "-") ? keyfile : NULL,
FORMAT_PEM, 1, passin, e, "private key");
if(!pkey) {
if (!pkey) {
goto end;
}
spki = NETSCAPE_SPKI_new();
if(challenge) ASN1_STRING_set(spki->spkac->challenge,
if (challenge)
ASN1_STRING_set(spki->spkac->challenge,
challenge, (int)strlen(challenge));
NETSCAPE_SPKI_set_pubkey(spki, pkey);
NETSCAPE_SPKI_sign(spki, pkey, EVP_md5());
spkstr = NETSCAPE_SPKI_b64_encode(spki);
if (outfile) out = BIO_new_file(outfile, "w");
if (outfile)
out = BIO_new_file(outfile, "w");
else {
out = BIO_new_fp(stdout, BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
@ -218,7 +216,7 @@ bad:
#endif
}
if(!out) {
if (!out) {
BIO_printf(bio_err, "Error opening output file\n");
ERR_print_errors(bio_err);
goto end;
@ -229,12 +227,12 @@ bad:
goto end;
}
if (infile)
in = BIO_new_file(infile, "r");
else
in = BIO_new_fp(stdin, BIO_NOCLOSE);
if (infile) in = BIO_new_file(infile, "r");
else in = BIO_new_fp(stdin, BIO_NOCLOSE);
if(!in) {
if (!in) {
BIO_printf(bio_err, "Error opening input file\n");
ERR_print_errors(bio_err);
goto end;
@ -243,7 +241,7 @@ bad:
conf = NCONF_new(NULL);
i = NCONF_load_bio(conf, in, NULL);
if(!i) {
if (!i) {
BIO_printf(bio_err, "Error parsing config file\n");
ERR_print_errors(bio_err);
goto end;
@ -251,7 +249,7 @@ bad:
spkstr = NCONF_get_string(conf, spksect, spkac);
if(!spkstr) {
if (!spkstr) {
BIO_printf(bio_err, "Can't find SPKAC called \"%s\"\n", spkac);
ERR_print_errors(bio_err);
goto end;
@ -259,13 +257,14 @@ bad:
spki = NETSCAPE_SPKI_b64_decode(spkstr, -1);
if(!spki) {
if (!spki) {
BIO_printf(bio_err, "Error loading SPKAC\n");
ERR_print_errors(bio_err);
goto end;
}
if (outfile) out = BIO_new_file(outfile, "w");
if (outfile)
out = BIO_new_file(outfile, "w");
else {
out = BIO_new_fp(stdout, BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
@ -276,34 +275,38 @@ bad:
#endif
}
if(!out) {
if (!out) {
BIO_printf(bio_err, "Error opening output file\n");
ERR_print_errors(bio_err);
goto end;
}
if(!noout) NETSCAPE_SPKI_print(out, spki);
if (!noout)
NETSCAPE_SPKI_print(out, spki);
pkey = NETSCAPE_SPKI_get_pubkey(spki);
if(verify) {
if (verify) {
i = NETSCAPE_SPKI_verify(spki, pkey);
if (i > 0) BIO_printf(bio_err, "Signature OK\n");
if (i > 0)
BIO_printf(bio_err, "Signature OK\n");
else {
BIO_printf(bio_err, "Signature Failure\n");
ERR_print_errors(bio_err);
goto end;
}
}
if(pubkey) PEM_write_bio_PUBKEY(out, pkey);
if (pubkey)
PEM_write_bio_PUBKEY(out, pkey);
ret = 0;
end:
end:
NCONF_free(conf);
NETSCAPE_SPKI_free(spki);
BIO_free(in);
BIO_free_all(out);
EVP_PKEY_free(pkey);
if(passin) OPENSSL_free(passin);
if (passin)
OPENSSL_free(passin);
apps_shutdown();
OPENSSL_EXIT(ret);
}
}

786
apps/srp.c
View File

File diff suppressed because it is too large Load Diff

410
apps/testdsa.h
View File

@ -1,217 +1,233 @@
/* NOCW */
/* used by apps/speed.c */
DSA *get_dsa512(void );
DSA *get_dsa1024(void );
DSA *get_dsa2048(void );
DSA *get_dsa512(void);
DSA *get_dsa1024(void);
DSA *get_dsa2048(void);
static unsigned char dsa512_priv[] = {
0x65,0xe5,0xc7,0x38,0x60,0x24,0xb5,0x89,0xd4,0x9c,0xeb,0x4c,
0x9c,0x1d,0x7a,0x22,0xbd,0xd1,0xc2,0xd2,
};
0x65, 0xe5, 0xc7, 0x38, 0x60, 0x24, 0xb5, 0x89, 0xd4, 0x9c, 0xeb, 0x4c,
0x9c, 0x1d, 0x7a, 0x22, 0xbd, 0xd1, 0xc2, 0xd2,
};
static unsigned char dsa512_pub[] = {
0x00,0x95,0xa7,0x0d,0xec,0x93,0x68,0xba,0x5f,0xf7,0x5f,0x07,
0xf2,0x3b,0xad,0x6b,0x01,0xdc,0xbe,0xec,0xde,0x04,0x7a,0x3a,
0x27,0xb3,0xec,0x49,0xfd,0x08,0x43,0x3d,0x7e,0xa8,0x2c,0x5e,
0x7b,0xbb,0xfc,0xf4,0x6e,0xeb,0x6c,0xb0,0x6e,0xf8,0x02,0x12,
0x8c,0x38,0x5d,0x83,0x56,0x7d,0xee,0x53,0x05,0x3e,0x24,0x84,
0xbe,0xba,0x0a,0x6b,0xc8,
};
static unsigned char dsa512_p[]={
0x9D,0x1B,0x69,0x8E,0x26,0xDB,0xF2,0x2B,0x11,0x70,0x19,0x86,
0xF6,0x19,0xC8,0xF8,0x19,0xF2,0x18,0x53,0x94,0x46,0x06,0xD0,
0x62,0x50,0x33,0x4B,0x02,0x3C,0x52,0x30,0x03,0x8B,0x3B,0xF9,
0x5F,0xD1,0x24,0x06,0x4F,0x7B,0x4C,0xBA,0xAA,0x40,0x9B,0xFD,
0x96,0xE4,0x37,0x33,0xBB,0x2D,0x5A,0xD7,0x5A,0x11,0x40,0x66,
0xA2,0x76,0x7D,0x31,
};
static unsigned char dsa512_q[]={
0xFB,0x53,0xEF,0x50,0xB4,0x40,0x92,0x31,0x56,0x86,0x53,0x7A,
0xE8,0x8B,0x22,0x9A,0x49,0xFB,0x71,0x8F,
};
static unsigned char dsa512_g[]={
0x83,0x3E,0x88,0xE5,0xC5,0x89,0x73,0xCE,0x3B,0x6C,0x01,0x49,
0xBF,0xB3,0xC7,0x9F,0x0A,0xEA,0x44,0x91,0xE5,0x30,0xAA,0xD9,
0xBE,0x5B,0x5F,0xB7,0x10,0xD7,0x89,0xB7,0x8E,0x74,0xFB,0xCF,
0x29,0x1E,0xEB,0xA8,0x2C,0x54,0x51,0xB8,0x10,0xDE,0xA0,0xCE,
0x2F,0xCC,0x24,0x6B,0x90,0x77,0xDE,0xA2,0x68,0xA6,0x52,0x12,
0xA2,0x03,0x9D,0x20,
};
0x00, 0x95, 0xa7, 0x0d, 0xec, 0x93, 0x68, 0xba, 0x5f, 0xf7, 0x5f, 0x07,
0xf2, 0x3b, 0xad, 0x6b, 0x01, 0xdc, 0xbe, 0xec, 0xde, 0x04, 0x7a, 0x3a,
0x27, 0xb3, 0xec, 0x49, 0xfd, 0x08, 0x43, 0x3d, 0x7e, 0xa8, 0x2c, 0x5e,
0x7b, 0xbb, 0xfc, 0xf4, 0x6e, 0xeb, 0x6c, 0xb0, 0x6e, 0xf8, 0x02, 0x12,
0x8c, 0x38, 0x5d, 0x83, 0x56, 0x7d, 0xee, 0x53, 0x05, 0x3e, 0x24, 0x84,
0xbe, 0xba, 0x0a, 0x6b, 0xc8,
};
static unsigned char dsa512_p[] = {
0x9D, 0x1B, 0x69, 0x8E, 0x26, 0xDB, 0xF2, 0x2B, 0x11, 0x70, 0x19, 0x86,
0xF6, 0x19, 0xC8, 0xF8, 0x19, 0xF2, 0x18, 0x53, 0x94, 0x46, 0x06, 0xD0,
0x62, 0x50, 0x33, 0x4B, 0x02, 0x3C, 0x52, 0x30, 0x03, 0x8B, 0x3B, 0xF9,
0x5F, 0xD1, 0x24, 0x06, 0x4F, 0x7B, 0x4C, 0xBA, 0xAA, 0x40, 0x9B, 0xFD,
0x96, 0xE4, 0x37, 0x33, 0xBB, 0x2D, 0x5A, 0xD7, 0x5A, 0x11, 0x40, 0x66,
0xA2, 0x76, 0x7D, 0x31,
};
static unsigned char dsa512_q[] = {
0xFB, 0x53, 0xEF, 0x50, 0xB4, 0x40, 0x92, 0x31, 0x56, 0x86, 0x53, 0x7A,
0xE8, 0x8B, 0x22, 0x9A, 0x49, 0xFB, 0x71, 0x8F,
};
static unsigned char dsa512_g[] = {
0x83, 0x3E, 0x88, 0xE5, 0xC5, 0x89, 0x73, 0xCE, 0x3B, 0x6C, 0x01, 0x49,
0xBF, 0xB3, 0xC7, 0x9F, 0x0A, 0xEA, 0x44, 0x91, 0xE5, 0x30, 0xAA, 0xD9,
0xBE, 0x5B, 0x5F, 0xB7, 0x10, 0xD7, 0x89, 0xB7, 0x8E, 0x74, 0xFB, 0xCF,
0x29, 0x1E, 0xEB, 0xA8, 0x2C, 0x54, 0x51, 0xB8, 0x10, 0xDE, 0xA0, 0xCE,
0x2F, 0xCC, 0x24, 0x6B, 0x90, 0x77, 0xDE, 0xA2, 0x68, 0xA6, 0x52, 0x12,
0xA2, 0x03, 0x9D, 0x20,
};
DSA *get_dsa512()
{
{
DSA *dsa;
if ((dsa=DSA_new()) == NULL) return(NULL);
dsa->priv_key=BN_bin2bn(dsa512_priv,sizeof(dsa512_priv),NULL);
dsa->pub_key=BN_bin2bn(dsa512_pub,sizeof(dsa512_pub),NULL);
dsa->p=BN_bin2bn(dsa512_p,sizeof(dsa512_p),NULL);
dsa->q=BN_bin2bn(dsa512_q,sizeof(dsa512_q),NULL);
dsa->g=BN_bin2bn(dsa512_g,sizeof(dsa512_g),NULL);
if ((dsa->priv_key == NULL) || (dsa->pub_key == NULL) || (dsa->p == NULL) ||
(dsa->q == NULL) || (dsa->g == NULL))
return(NULL);
return(dsa);
}
if ((dsa = DSA_new()) == NULL)
return (NULL);
dsa->priv_key = BN_bin2bn(dsa512_priv, sizeof(dsa512_priv), NULL);
dsa->pub_key = BN_bin2bn(dsa512_pub, sizeof(dsa512_pub), NULL);
dsa->p = BN_bin2bn(dsa512_p, sizeof(dsa512_p), NULL);
dsa->q = BN_bin2bn(dsa512_q, sizeof(dsa512_q), NULL);
dsa->g = BN_bin2bn(dsa512_g, sizeof(dsa512_g), NULL);
if ((dsa->priv_key == NULL) || (dsa->pub_key == NULL) || (dsa->p == NULL)
|| (dsa->q == NULL) || (dsa->g == NULL))
return (NULL);
return (dsa);
}
static unsigned char dsa1024_priv[]={
0x7d,0x21,0xda,0xbb,0x62,0x15,0x47,0x36,0x07,0x67,0x12,0xe8,
0x8c,0xaa,0x1c,0xcd,0x38,0x12,0x61,0x18,
};
static unsigned char dsa1024_pub[]={
0x3c,0x4e,0x9c,0x2a,0x7f,0x16,0xc1,0x25,0xeb,0xac,0x78,0x63,
0x90,0x14,0x8c,0x8b,0xf4,0x68,0x43,0x3c,0x2d,0xee,0x65,0x50,
0x7d,0x9c,0x8f,0x8c,0x8a,0x51,0xd6,0x11,0x2b,0x99,0xaf,0x1e,
0x90,0x97,0xb5,0xd3,0xa6,0x20,0x25,0xd6,0xfe,0x43,0x02,0xd5,
0x91,0x7d,0xa7,0x8c,0xdb,0xc9,0x85,0xa3,0x36,0x48,0xf7,0x68,
0xaa,0x60,0xb1,0xf7,0x05,0x68,0x3a,0xa3,0x3f,0xd3,0x19,0x82,
0xd8,0x82,0x7a,0x77,0xfb,0xef,0xf4,0x15,0x0a,0xeb,0x06,0x04,
0x7f,0x53,0x07,0x0c,0xbc,0xcb,0x2d,0x83,0xdb,0x3e,0xd1,0x28,
0xa5,0xa1,0x31,0xe0,0x67,0xfa,0x50,0xde,0x9b,0x07,0x83,0x7e,
0x2c,0x0b,0xc3,0x13,0x50,0x61,0xe5,0xad,0xbd,0x36,0xb8,0x97,
0x4e,0x40,0x7d,0xe8,0x83,0x0d,0xbc,0x4b
};
static unsigned char dsa1024_p[]={
0xA7,0x3F,0x6E,0x85,0xBF,0x41,0x6A,0x29,0x7D,0xF0,0x9F,0x47,
0x19,0x30,0x90,0x9A,0x09,0x1D,0xDA,0x6A,0x33,0x1E,0xC5,0x3D,
0x86,0x96,0xB3,0x15,0xE0,0x53,0x2E,0x8F,0xE0,0x59,0x82,0x73,
0x90,0x3E,0x75,0x31,0x99,0x47,0x7A,0x52,0xFB,0x85,0xE4,0xD9,
0xA6,0x7B,0x38,0x9B,0x68,0x8A,0x84,0x9B,0x87,0xC6,0x1E,0xB5,
0x7E,0x86,0x4B,0x53,0x5B,0x59,0xCF,0x71,0x65,0x19,0x88,0x6E,
0xCE,0x66,0xAE,0x6B,0x88,0x36,0xFB,0xEC,0x28,0xDC,0xC2,0xD7,
0xA5,0xBB,0xE5,0x2C,0x39,0x26,0x4B,0xDA,0x9A,0x70,0x18,0x95,
0x37,0x95,0x10,0x56,0x23,0xF6,0x15,0xED,0xBA,0x04,0x5E,0xDE,
0x39,0x4F,0xFD,0xB7,0x43,0x1F,0xB5,0xA4,0x65,0x6F,0xCD,0x80,
0x11,0xE4,0x70,0x95,0x5B,0x50,0xCD,0x49,
};
static unsigned char dsa1024_q[]={
0xF7,0x07,0x31,0xED,0xFA,0x6C,0x06,0x03,0xD5,0x85,0x8A,0x1C,
0xAC,0x9C,0x65,0xE7,0x50,0x66,0x65,0x6F,
};
static unsigned char dsa1024_g[]={
0x4D,0xDF,0x4C,0x03,0xA6,0x91,0x8A,0xF5,0x19,0x6F,0x50,0x46,
0x25,0x99,0xE5,0x68,0x6F,0x30,0xE3,0x69,0xE1,0xE5,0xB3,0x5D,
0x98,0xBB,0x28,0x86,0x48,0xFC,0xDE,0x99,0x04,0x3F,0x5F,0x88,
0x0C,0x9C,0x73,0x24,0x0D,0x20,0x5D,0xB9,0x2A,0x9A,0x3F,0x18,
0x96,0x27,0xE4,0x62,0x87,0xC1,0x7B,0x74,0x62,0x53,0xFC,0x61,
0x27,0xA8,0x7A,0x91,0x09,0x9D,0xB6,0xF1,0x4D,0x9C,0x54,0x0F,
0x58,0x06,0xEE,0x49,0x74,0x07,0xCE,0x55,0x7E,0x23,0xCE,0x16,
0xF6,0xCA,0xDC,0x5A,0x61,0x01,0x7E,0xC9,0x71,0xB5,0x4D,0xF6,
0xDC,0x34,0x29,0x87,0x68,0xF6,0x5E,0x20,0x93,0xB3,0xDB,0xF5,
0xE4,0x09,0x6C,0x41,0x17,0x95,0x92,0xEB,0x01,0xB5,0x73,0xA5,
0x6A,0x7E,0xD8,0x32,0xED,0x0E,0x02,0xB8,
};
static unsigned char dsa1024_priv[] = {
0x7d, 0x21, 0xda, 0xbb, 0x62, 0x15, 0x47, 0x36, 0x07, 0x67, 0x12, 0xe8,
0x8c, 0xaa, 0x1c, 0xcd, 0x38, 0x12, 0x61, 0x18,
};
static unsigned char dsa1024_pub[] = {
0x3c, 0x4e, 0x9c, 0x2a, 0x7f, 0x16, 0xc1, 0x25, 0xeb, 0xac, 0x78, 0x63,
0x90, 0x14, 0x8c, 0x8b, 0xf4, 0x68, 0x43, 0x3c, 0x2d, 0xee, 0x65, 0x50,
0x7d, 0x9c, 0x8f, 0x8c, 0x8a, 0x51, 0xd6, 0x11, 0x2b, 0x99, 0xaf, 0x1e,
0x90, 0x97, 0xb5, 0xd3, 0xa6, 0x20, 0x25, 0xd6, 0xfe, 0x43, 0x02, 0xd5,
0x91, 0x7d, 0xa7, 0x8c, 0xdb, 0xc9, 0x85, 0xa3, 0x36, 0x48, 0xf7, 0x68,
0xaa, 0x60, 0xb1, 0xf7, 0x05, 0x68, 0x3a, 0xa3, 0x3f, 0xd3, 0x19, 0x82,
0xd8, 0x82, 0x7a, 0x77, 0xfb, 0xef, 0xf4, 0x15, 0x0a, 0xeb, 0x06, 0x04,
0x7f, 0x53, 0x07, 0x0c, 0xbc, 0xcb, 0x2d, 0x83, 0xdb, 0x3e, 0xd1, 0x28,
0xa5, 0xa1, 0x31, 0xe0, 0x67, 0xfa, 0x50, 0xde, 0x9b, 0x07, 0x83, 0x7e,
0x2c, 0x0b, 0xc3, 0x13, 0x50, 0x61, 0xe5, 0xad, 0xbd, 0x36, 0xb8, 0x97,
0x4e, 0x40, 0x7d, 0xe8, 0x83, 0x0d, 0xbc, 0x4b
};
static unsigned char dsa1024_p[] = {
0xA7, 0x3F, 0x6E, 0x85, 0xBF, 0x41, 0x6A, 0x29, 0x7D, 0xF0, 0x9F, 0x47,
0x19, 0x30, 0x90, 0x9A, 0x09, 0x1D, 0xDA, 0x6A, 0x33, 0x1E, 0xC5, 0x3D,
0x86, 0x96, 0xB3, 0x15, 0xE0, 0x53, 0x2E, 0x8F, 0xE0, 0x59, 0x82, 0x73,
0x90, 0x3E, 0x75, 0x31, 0x99, 0x47, 0x7A, 0x52, 0xFB, 0x85, 0xE4, 0xD9,
0xA6, 0x7B, 0x38, 0x9B, 0x68, 0x8A, 0x84, 0x9B, 0x87, 0xC6, 0x1E, 0xB5,
0x7E, 0x86, 0x4B, 0x53, 0x5B, 0x59, 0xCF, 0x71, 0x65, 0x19, 0x88, 0x6E,
0xCE, 0x66, 0xAE, 0x6B, 0x88, 0x36, 0xFB, 0xEC, 0x28, 0xDC, 0xC2, 0xD7,
0xA5, 0xBB, 0xE5, 0x2C, 0x39, 0x26, 0x4B, 0xDA, 0x9A, 0x70, 0x18, 0x95,
0x37, 0x95, 0x10, 0x56, 0x23, 0xF6, 0x15, 0xED, 0xBA, 0x04, 0x5E, 0xDE,
0x39, 0x4F, 0xFD, 0xB7, 0x43, 0x1F, 0xB5, 0xA4, 0x65, 0x6F, 0xCD, 0x80,
0x11, 0xE4, 0x70, 0x95, 0x5B, 0x50, 0xCD, 0x49,
};
static unsigned char dsa1024_q[] = {
0xF7, 0x07, 0x31, 0xED, 0xFA, 0x6C, 0x06, 0x03, 0xD5, 0x85, 0x8A, 0x1C,
0xAC, 0x9C, 0x65, 0xE7, 0x50, 0x66, 0x65, 0x6F,
};
static unsigned char dsa1024_g[] = {
0x4D, 0xDF, 0x4C, 0x03, 0xA6, 0x91, 0x8A, 0xF5, 0x19, 0x6F, 0x50, 0x46,
0x25, 0x99, 0xE5, 0x68, 0x6F, 0x30, 0xE3, 0x69, 0xE1, 0xE5, 0xB3, 0x5D,
0x98, 0xBB, 0x28, 0x86, 0x48, 0xFC, 0xDE, 0x99, 0x04, 0x3F, 0x5F, 0x88,
0x0C, 0x9C, 0x73, 0x24, 0x0D, 0x20, 0x5D, 0xB9, 0x2A, 0x9A, 0x3F, 0x18,
0x96, 0x27, 0xE4, 0x62, 0x87, 0xC1, 0x7B, 0x74, 0x62, 0x53, 0xFC, 0x61,
0x27, 0xA8, 0x7A, 0x91, 0x09, 0x9D, 0xB6, 0xF1, 0x4D, 0x9C, 0x54, 0x0F,
0x58, 0x06, 0xEE, 0x49, 0x74, 0x07, 0xCE, 0x55, 0x7E, 0x23, 0xCE, 0x16,
0xF6, 0xCA, 0xDC, 0x5A, 0x61, 0x01, 0x7E, 0xC9, 0x71, 0xB5, 0x4D, 0xF6,
0xDC, 0x34, 0x29, 0x87, 0x68, 0xF6, 0x5E, 0x20, 0x93, 0xB3, 0xDB, 0xF5,
0xE4, 0x09, 0x6C, 0x41, 0x17, 0x95, 0x92, 0xEB, 0x01, 0xB5, 0x73, 0xA5,
0x6A, 0x7E, 0xD8, 0x32, 0xED, 0x0E, 0x02, 0xB8,
};
DSA *get_dsa1024()
{
{
DSA *dsa;
if ((dsa=DSA_new()) == NULL) return(NULL);
dsa->priv_key=BN_bin2bn(dsa1024_priv,sizeof(dsa1024_priv),NULL);
dsa->pub_key=BN_bin2bn(dsa1024_pub,sizeof(dsa1024_pub),NULL);
dsa->p=BN_bin2bn(dsa1024_p,sizeof(dsa1024_p),NULL);
dsa->q=BN_bin2bn(dsa1024_q,sizeof(dsa1024_q),NULL);
dsa->g=BN_bin2bn(dsa1024_g,sizeof(dsa1024_g),NULL);
if ((dsa->priv_key == NULL) || (dsa->pub_key == NULL) || (dsa->p == NULL) ||
(dsa->q == NULL) || (dsa->g == NULL))
return(NULL);
return(dsa);
}
if ((dsa = DSA_new()) == NULL)
return (NULL);
dsa->priv_key = BN_bin2bn(dsa1024_priv, sizeof(dsa1024_priv), NULL);
dsa->pub_key = BN_bin2bn(dsa1024_pub, sizeof(dsa1024_pub), NULL);
dsa->p = BN_bin2bn(dsa1024_p, sizeof(dsa1024_p), NULL);
dsa->q = BN_bin2bn(dsa1024_q, sizeof(dsa1024_q), NULL);
dsa->g = BN_bin2bn(dsa1024_g, sizeof(dsa1024_g), NULL);
if ((dsa->priv_key == NULL) || (dsa->pub_key == NULL) || (dsa->p == NULL)
|| (dsa->q == NULL) || (dsa->g == NULL))
return (NULL);
return (dsa);
}
static unsigned char dsa2048_priv[]={
0x32,0x67,0x92,0xf6,0xc4,0xe2,0xe2,0xe8,0xa0,0x8b,0x6b,0x45,
0x0c,0x8a,0x76,0xb0,0xee,0xcf,0x91,0xa7,
};
static unsigned char dsa2048_pub[]={
0x17,0x8f,0xa8,0x11,0x84,0x92,0xec,0x83,0x47,0xc7,0x6a,0xb0,
0x92,0xaf,0x5a,0x20,0x37,0xa3,0x64,0x79,0xd2,0xd0,0x3d,0xcd,
0xe0,0x61,0x88,0x88,0x21,0xcc,0x74,0x5d,0xce,0x4c,0x51,0x47,
0xf0,0xc5,0x5c,0x4c,0x82,0x7a,0xaf,0x72,0xad,0xb9,0xe0,0x53,
0xf2,0x78,0xb7,0xf0,0xb5,0x48,0x7f,0x8a,0x3a,0x18,0xd1,0x9f,
0x8b,0x7d,0xa5,0x47,0xb7,0x95,0xab,0x98,0xf8,0x7b,0x74,0x50,
0x56,0x8e,0x57,0xf0,0xee,0xf5,0xb7,0xba,0xab,0x85,0x86,0xf9,
0x2b,0xef,0x41,0x56,0xa0,0xa4,0x9f,0xb7,0x38,0x00,0x46,0x0a,
0xa6,0xf1,0xfc,0x1f,0xd8,0x4e,0x85,0x44,0x92,0x43,0x21,0x5d,
0x6e,0xcc,0xc2,0xcb,0x26,0x31,0x0d,0x21,0xc4,0xbd,0x8d,0x24,
0xbc,0xd9,0x18,0x19,0xd7,0xdc,0xf1,0xe7,0x93,0x50,0x48,0x03,
0x2c,0xae,0x2e,0xe7,0x49,0x88,0x5f,0x93,0x57,0x27,0x99,0x36,
0xb4,0x20,0xab,0xfc,0xa7,0x2b,0xf2,0xd9,0x98,0xd7,0xd4,0x34,
0x9d,0x96,0x50,0x58,0x9a,0xea,0x54,0xf3,0xee,0xf5,0x63,0x14,
0xee,0x85,0x83,0x74,0x76,0xe1,0x52,0x95,0xc3,0xf7,0xeb,0x04,
0x04,0x7b,0xa7,0x28,0x1b,0xcc,0xea,0x4a,0x4e,0x84,0xda,0xd8,
0x9c,0x79,0xd8,0x9b,0x66,0x89,0x2f,0xcf,0xac,0xd7,0x79,0xf9,
0xa9,0xd8,0x45,0x13,0x78,0xb9,0x00,0x14,0xc9,0x7e,0x22,0x51,
0x86,0x67,0xb0,0x9f,0x26,0x11,0x23,0xc8,0x38,0xd7,0x70,0x1d,
0x15,0x8e,0x4d,0x4f,0x95,0x97,0x40,0xa1,0xc2,0x7e,0x01,0x18,
0x72,0xf4,0x10,0xe6,0x8d,0x52,0x16,0x7f,0xf2,0xc9,0xf8,0x33,
0x8b,0x33,0xb7,0xce,
};
static unsigned char dsa2048_p[]={
0xA0,0x25,0xFA,0xAD,0xF4,0x8E,0xB9,0xE5,0x99,0xF3,0x5D,0x6F,
0x4F,0x83,0x34,0xE2,0x7E,0xCF,0x6F,0xBF,0x30,0xAF,0x6F,0x81,
0xEB,0xF8,0xC4,0x13,0xD9,0xA0,0x5D,0x8B,0x5C,0x8E,0xDC,0xC2,
0x1D,0x0B,0x41,0x32,0xB0,0x1F,0xFE,0xEF,0x0C,0xC2,0xA2,0x7E,
0x68,0x5C,0x28,0x21,0xE9,0xF5,0xB1,0x58,0x12,0x63,0x4C,0x19,
0x4E,0xFF,0x02,0x4B,0x92,0xED,0xD2,0x07,0x11,0x4D,0x8C,0x58,
0x16,0x5C,0x55,0x8E,0xAD,0xA3,0x67,0x7D,0xB9,0x86,0x6E,0x0B,
0xE6,0x54,0x6F,0x40,0xAE,0x0E,0x67,0x4C,0xF9,0x12,0x5B,0x3C,
0x08,0x7A,0xF7,0xFC,0x67,0x86,0x69,0xE7,0x0A,0x94,0x40,0xBF,
0x8B,0x76,0xFE,0x26,0xD1,0xF2,0xA1,0x1A,0x84,0xA1,0x43,0x56,
0x28,0xBC,0x9A,0x5F,0xD7,0x3B,0x69,0x89,0x8A,0x36,0x2C,0x51,
0xDF,0x12,0x77,0x2F,0x57,0x7B,0xA0,0xAA,0xDD,0x7F,0xA1,0x62,
0x3B,0x40,0x7B,0x68,0x1A,0x8F,0x0D,0x38,0xBB,0x21,0x5D,0x18,
0xFC,0x0F,0x46,0xF7,0xA3,0xB0,0x1D,0x23,0xC3,0xD2,0xC7,0x72,
0x51,0x18,0xDF,0x46,0x95,0x79,0xD9,0xBD,0xB5,0x19,0x02,0x2C,
0x87,0xDC,0xE7,0x57,0x82,0x7E,0xF1,0x8B,0x06,0x3D,0x00,0xA5,
0x7B,0x6B,0x26,0x27,0x91,0x0F,0x6A,0x77,0xE4,0xD5,0x04,0xE4,
0x12,0x2C,0x42,0xFF,0xD2,0x88,0xBB,0xD3,0x92,0xA0,0xF9,0xC8,
0x51,0x64,0x14,0x5C,0xD8,0xF9,0x6C,0x47,0x82,0xB4,0x1C,0x7F,
0x09,0xB8,0xF0,0x25,0x83,0x1D,0x3F,0x3F,0x05,0xB3,0x21,0x0A,
0x5D,0xA7,0xD8,0x54,0xC3,0x65,0x7D,0xC3,0xB0,0x1D,0xBF,0xAE,
0xF8,0x68,0xCF,0x9B,
};
static unsigned char dsa2048_q[]={
0x97,0xE7,0x33,0x4D,0xD3,0x94,0x3E,0x0B,0xDB,0x62,0x74,0xC6,
0xA1,0x08,0xDD,0x19,0xA3,0x75,0x17,0x1B,
};
static unsigned char dsa2048_g[]={
0x2C,0x78,0x16,0x59,0x34,0x63,0xF4,0xF3,0x92,0xFC,0xB5,0xA5,
0x4F,0x13,0xDE,0x2F,0x1C,0xA4,0x3C,0xAE,0xAD,0x38,0x3F,0x7E,
0x90,0xBF,0x96,0xA6,0xAE,0x25,0x90,0x72,0xF5,0x8E,0x80,0x0C,
0x39,0x1C,0xD9,0xEC,0xBA,0x90,0x5B,0x3A,0xE8,0x58,0x6C,0x9E,
0x30,0x42,0x37,0x02,0x31,0x82,0xBC,0x6A,0xDF,0x6A,0x09,0x29,
0xE3,0xC0,0x46,0xD1,0xCB,0x85,0xEC,0x0C,0x30,0x5E,0xEA,0xC8,
0x39,0x8E,0x22,0x9F,0x22,0x10,0xD2,0x34,0x61,0x68,0x37,0x3D,
0x2E,0x4A,0x5B,0x9A,0xF5,0xC1,0x48,0xC6,0xF6,0xDC,0x63,0x1A,
0xD3,0x96,0x64,0xBA,0x34,0xC9,0xD1,0xA0,0xD1,0xAE,0x6C,0x2F,
0x48,0x17,0x93,0x14,0x43,0xED,0xF0,0x21,0x30,0x19,0xC3,0x1B,
0x5F,0xDE,0xA3,0xF0,0x70,0x78,0x18,0xE1,0xA8,0xE4,0xEE,0x2E,
0x00,0xA5,0xE4,0xB3,0x17,0xC8,0x0C,0x7D,0x6E,0x42,0xDC,0xB7,
0x46,0x00,0x36,0x4D,0xD4,0x46,0xAA,0x3D,0x3C,0x46,0x89,0x40,
0xBF,0x1D,0x84,0x77,0x0A,0x75,0xF3,0x87,0x1D,0x08,0x4C,0xA6,
0xD1,0xA9,0x1C,0x1E,0x12,0x1E,0xE1,0xC7,0x30,0x28,0x76,0xA5,
0x7F,0x6C,0x85,0x96,0x2B,0x6F,0xDB,0x80,0x66,0x26,0xAE,0xF5,
0x93,0xC7,0x8E,0xAE,0x9A,0xED,0xE4,0xCA,0x04,0xEA,0x3B,0x72,
0xEF,0xDC,0x87,0xED,0x0D,0xA5,0x4C,0x4A,0xDD,0x71,0x22,0x64,
0x59,0x69,0x4E,0x8E,0xBF,0x43,0xDC,0xAB,0x8E,0x66,0xBB,0x01,
0xB6,0xF4,0xE7,0xFD,0xD2,0xAD,0x9F,0x36,0xC1,0xA0,0x29,0x99,
0xD1,0x96,0x70,0x59,0x06,0x78,0x35,0xBD,0x65,0x55,0x52,0x9E,
0xF8,0xB2,0xE5,0x38,
};
static unsigned char dsa2048_priv[] = {
0x32, 0x67, 0x92, 0xf6, 0xc4, 0xe2, 0xe2, 0xe8, 0xa0, 0x8b, 0x6b, 0x45,
0x0c, 0x8a, 0x76, 0xb0, 0xee, 0xcf, 0x91, 0xa7,
};
static unsigned char dsa2048_pub[] = {
0x17, 0x8f, 0xa8, 0x11, 0x84, 0x92, 0xec, 0x83, 0x47, 0xc7, 0x6a, 0xb0,
0x92, 0xaf, 0x5a, 0x20, 0x37, 0xa3, 0x64, 0x79, 0xd2, 0xd0, 0x3d, 0xcd,
0xe0, 0x61, 0x88, 0x88, 0x21, 0xcc, 0x74, 0x5d, 0xce, 0x4c, 0x51, 0x47,
0xf0, 0xc5, 0x5c, 0x4c, 0x82, 0x7a, 0xaf, 0x72, 0xad, 0xb9, 0xe0, 0x53,
0xf2, 0x78, 0xb7, 0xf0, 0xb5, 0x48, 0x7f, 0x8a, 0x3a, 0x18, 0xd1, 0x9f,
0x8b, 0x7d, 0xa5, 0x47, 0xb7, 0x95, 0xab, 0x98, 0xf8, 0x7b, 0x74, 0x50,
0x56, 0x8e, 0x57, 0xf0, 0xee, 0xf5, 0xb7, 0xba, 0xab, 0x85, 0x86, 0xf9,
0x2b, 0xef, 0x41, 0x56, 0xa0, 0xa4, 0x9f, 0xb7, 0x38, 0x00, 0x46, 0x0a,
0xa6, 0xf1, 0xfc, 0x1f, 0xd8, 0x4e, 0x85, 0x44, 0x92, 0x43, 0x21, 0x5d,
0x6e, 0xcc, 0xc2, 0xcb, 0x26, 0x31, 0x0d, 0x21, 0xc4, 0xbd, 0x8d, 0x24,
0xbc, 0xd9, 0x18, 0x19, 0xd7, 0xdc, 0xf1, 0xe7, 0x93, 0x50, 0x48, 0x03,
0x2c, 0xae, 0x2e, 0xe7, 0x49, 0x88, 0x5f, 0x93, 0x57, 0x27, 0x99, 0x36,
0xb4, 0x20, 0xab, 0xfc, 0xa7, 0x2b, 0xf2, 0xd9, 0x98, 0xd7, 0xd4, 0x34,
0x9d, 0x96, 0x50, 0x58, 0x9a, 0xea, 0x54, 0xf3, 0xee, 0xf5, 0x63, 0x14,
0xee, 0x85, 0x83, 0x74, 0x76, 0xe1, 0x52, 0x95, 0xc3, 0xf7, 0xeb, 0x04,
0x04, 0x7b, 0xa7, 0x28, 0x1b, 0xcc, 0xea, 0x4a, 0x4e, 0x84, 0xda, 0xd8,
0x9c, 0x79, 0xd8, 0x9b, 0x66, 0x89, 0x2f, 0xcf, 0xac, 0xd7, 0x79, 0xf9,
0xa9, 0xd8, 0x45, 0x13, 0x78, 0xb9, 0x00, 0x14, 0xc9, 0x7e, 0x22, 0x51,
0x86, 0x67, 0xb0, 0x9f, 0x26, 0x11, 0x23, 0xc8, 0x38, 0xd7, 0x70, 0x1d,
0x15, 0x8e, 0x4d, 0x4f, 0x95, 0x97, 0x40, 0xa1, 0xc2, 0x7e, 0x01, 0x18,
0x72, 0xf4, 0x10, 0xe6, 0x8d, 0x52, 0x16, 0x7f, 0xf2, 0xc9, 0xf8, 0x33,
0x8b, 0x33, 0xb7, 0xce,
};
static unsigned char dsa2048_p[] = {
0xA0, 0x25, 0xFA, 0xAD, 0xF4, 0x8E, 0xB9, 0xE5, 0x99, 0xF3, 0x5D, 0x6F,
0x4F, 0x83, 0x34, 0xE2, 0x7E, 0xCF, 0x6F, 0xBF, 0x30, 0xAF, 0x6F, 0x81,
0xEB, 0xF8, 0xC4, 0x13, 0xD9, 0xA0, 0x5D, 0x8B, 0x5C, 0x8E, 0xDC, 0xC2,
0x1D, 0x0B, 0x41, 0x32, 0xB0, 0x1F, 0xFE, 0xEF, 0x0C, 0xC2, 0xA2, 0x7E,
0x68, 0x5C, 0x28, 0x21, 0xE9, 0xF5, 0xB1, 0x58, 0x12, 0x63, 0x4C, 0x19,
0x4E, 0xFF, 0x02, 0x4B, 0x92, 0xED, 0xD2, 0x07, 0x11, 0x4D, 0x8C, 0x58,
0x16, 0x5C, 0x55, 0x8E, 0xAD, 0xA3, 0x67, 0x7D, 0xB9, 0x86, 0x6E, 0x0B,
0xE6, 0x54, 0x6F, 0x40, 0xAE, 0x0E, 0x67, 0x4C, 0xF9, 0x12, 0x5B, 0x3C,
0x08, 0x7A, 0xF7, 0xFC, 0x67, 0x86, 0x69, 0xE7, 0x0A, 0x94, 0x40, 0xBF,
0x8B, 0x76, 0xFE, 0x26, 0xD1, 0xF2, 0xA1, 0x1A, 0x84, 0xA1, 0x43, 0x56,
0x28, 0xBC, 0x9A, 0x5F, 0xD7, 0x3B, 0x69, 0x89, 0x8A, 0x36, 0x2C, 0x51,
0xDF, 0x12, 0x77, 0x2F, 0x57, 0x7B, 0xA0, 0xAA, 0xDD, 0x7F, 0xA1, 0x62,
0x3B, 0x40, 0x7B, 0x68, 0x1A, 0x8F, 0x0D, 0x38, 0xBB, 0x21, 0x5D, 0x18,
0xFC, 0x0F, 0x46, 0xF7, 0xA3, 0xB0, 0x1D, 0x23, 0xC3, 0xD2, 0xC7, 0x72,
0x51, 0x18, 0xDF, 0x46, 0x95, 0x79, 0xD9, 0xBD, 0xB5, 0x19, 0x02, 0x2C,
0x87, 0xDC, 0xE7, 0x57, 0x82, 0x7E, 0xF1, 0x8B, 0x06, 0x3D, 0x00, 0xA5,
0x7B, 0x6B, 0x26, 0x27, 0x91, 0x0F, 0x6A, 0x77, 0xE4, 0xD5, 0x04, 0xE4,
0x12, 0x2C, 0x42, 0xFF, 0xD2, 0x88, 0xBB, 0xD3, 0x92, 0xA0, 0xF9, 0xC8,
0x51, 0x64, 0x14, 0x5C, 0xD8, 0xF9, 0x6C, 0x47, 0x82, 0xB4, 0x1C, 0x7F,
0x09, 0xB8, 0xF0, 0x25, 0x83, 0x1D, 0x3F, 0x3F, 0x05, 0xB3, 0x21, 0x0A,
0x5D, 0xA7, 0xD8, 0x54, 0xC3, 0x65, 0x7D, 0xC3, 0xB0, 0x1D, 0xBF, 0xAE,
0xF8, 0x68, 0xCF, 0x9B,
};
static unsigned char dsa2048_q[] = {
0x97, 0xE7, 0x33, 0x4D, 0xD3, 0x94, 0x3E, 0x0B, 0xDB, 0x62, 0x74, 0xC6,
0xA1, 0x08, 0xDD, 0x19, 0xA3, 0x75, 0x17, 0x1B,
};
static unsigned char dsa2048_g[] = {
0x2C, 0x78, 0x16, 0x59, 0x34, 0x63, 0xF4, 0xF3, 0x92, 0xFC, 0xB5, 0xA5,
0x4F, 0x13, 0xDE, 0x2F, 0x1C, 0xA4, 0x3C, 0xAE, 0xAD, 0x38, 0x3F, 0x7E,
0x90, 0xBF, 0x96, 0xA6, 0xAE, 0x25, 0x90, 0x72, 0xF5, 0x8E, 0x80, 0x0C,
0x39, 0x1C, 0xD9, 0xEC, 0xBA, 0x90, 0x5B, 0x3A, 0xE8, 0x58, 0x6C, 0x9E,
0x30, 0x42, 0x37, 0x02, 0x31, 0x82, 0xBC, 0x6A, 0xDF, 0x6A, 0x09, 0x29,
0xE3, 0xC0, 0x46, 0xD1, 0xCB, 0x85, 0xEC, 0x0C, 0x30, 0x5E, 0xEA, 0xC8,
0x39, 0x8E, 0x22, 0x9F, 0x22, 0x10, 0xD2, 0x34, 0x61, 0x68, 0x37, 0x3D,
0x2E, 0x4A, 0x5B, 0x9A, 0xF5, 0xC1, 0x48, 0xC6, 0xF6, 0xDC, 0x63, 0x1A,
0xD3, 0x96, 0x64, 0xBA, 0x34, 0xC9, 0xD1, 0xA0, 0xD1, 0xAE, 0x6C, 0x2F,
0x48, 0x17, 0x93, 0x14, 0x43, 0xED, 0xF0, 0x21, 0x30, 0x19, 0xC3, 0x1B,
0x5F, 0xDE, 0xA3, 0xF0, 0x70, 0x78, 0x18, 0xE1, 0xA8, 0xE4, 0xEE, 0x2E,
0x00, 0xA5, 0xE4, 0xB3, 0x17, 0xC8, 0x0C, 0x7D, 0x6E, 0x42, 0xDC, 0xB7,
0x46, 0x00, 0x36, 0x4D, 0xD4, 0x46, 0xAA, 0x3D, 0x3C, 0x46, 0x89, 0x40,
0xBF, 0x1D, 0x84, 0x77, 0x0A, 0x75, 0xF3, 0x87, 0x1D, 0x08, 0x4C, 0xA6,
0xD1, 0xA9, 0x1C, 0x1E, 0x12, 0x1E, 0xE1, 0xC7, 0x30, 0x28, 0x76, 0xA5,
0x7F, 0x6C, 0x85, 0x96, 0x2B, 0x6F, 0xDB, 0x80, 0x66, 0x26, 0xAE, 0xF5,
0x93, 0xC7, 0x8E, 0xAE, 0x9A, 0xED, 0xE4, 0xCA, 0x04, 0xEA, 0x3B, 0x72,
0xEF, 0xDC, 0x87, 0xED, 0x0D, 0xA5, 0x4C, 0x4A, 0xDD, 0x71, 0x22, 0x64,
0x59, 0x69, 0x4E, 0x8E, 0xBF, 0x43, 0xDC, 0xAB, 0x8E, 0x66, 0xBB, 0x01,
0xB6, 0xF4, 0xE7, 0xFD, 0xD2, 0xAD, 0x9F, 0x36, 0xC1, 0xA0, 0x29, 0x99,
0xD1, 0x96, 0x70, 0x59, 0x06, 0x78, 0x35, 0xBD, 0x65, 0x55, 0x52, 0x9E,
0xF8, 0xB2, 0xE5, 0x38,
};
DSA *get_dsa2048()
{
{
DSA *dsa;
if ((dsa=DSA_new()) == NULL) return(NULL);
dsa->priv_key=BN_bin2bn(dsa2048_priv,sizeof(dsa2048_priv),NULL);
dsa->pub_key=BN_bin2bn(dsa2048_pub,sizeof(dsa2048_pub),NULL);
dsa->p=BN_bin2bn(dsa2048_p,sizeof(dsa2048_p),NULL);
dsa->q=BN_bin2bn(dsa2048_q,sizeof(dsa2048_q),NULL);
dsa->g=BN_bin2bn(dsa2048_g,sizeof(dsa2048_g),NULL);
if ((dsa->priv_key == NULL) || (dsa->pub_key == NULL) || (dsa->p == NULL) ||
(dsa->q == NULL) || (dsa->g == NULL))
return(NULL);
return(dsa);
}
if ((dsa = DSA_new()) == NULL)
return (NULL);
dsa->priv_key = BN_bin2bn(dsa2048_priv, sizeof(dsa2048_priv), NULL);
dsa->pub_key = BN_bin2bn(dsa2048_pub, sizeof(dsa2048_pub), NULL);
dsa->p = BN_bin2bn(dsa2048_p, sizeof(dsa2048_p), NULL);
dsa->q = BN_bin2bn(dsa2048_q, sizeof(dsa2048_q), NULL);
dsa->g = BN_bin2bn(dsa2048_g, sizeof(dsa2048_g), NULL);
if ((dsa->priv_key == NULL) || (dsa->pub_key == NULL) || (dsa->p == NULL)
|| (dsa->q == NULL) || (dsa->g == NULL))
return (NULL);
return (dsa);
}
static const char rnd_seed[] = "string to make the random number generator think it has entropy";
static const char rnd_seed[] =
"string to make the random number generator think it has entropy";
static int rnd_fake = 0;

910
apps/testrsa.h
View File

@ -57,462 +57,462 @@
* [including the GNU Public Licence.]
*/
static unsigned char test512[]={
0x30,0x82,0x01,0x3a,0x02,0x01,0x00,0x02,0x41,0x00,
0xd6,0x33,0xb9,0xc8,0xfb,0x4f,0x3c,0x7d,0xc0,0x01,
0x86,0xd0,0xe7,0xa0,0x55,0xf2,0x95,0x93,0xcc,0x4f,
0xb7,0x5b,0x67,0x5b,0x94,0x68,0xc9,0x34,0x15,0xde,
0xa5,0x2e,0x1c,0x33,0xc2,0x6e,0xfc,0x34,0x5e,0x71,
0x13,0xb7,0xd6,0xee,0xd8,0xa5,0x65,0x05,0x72,0x87,
0xa8,0xb0,0x77,0xfe,0x57,0xf5,0xfc,0x5f,0x55,0x83,
0x87,0xdd,0x57,0x49,0x02,0x03,0x01,0x00,0x01,0x02,
0x41,0x00,0xa7,0xf7,0x91,0xc5,0x0f,0x84,0x57,0xdc,
0x07,0xf7,0x6a,0x7f,0x60,0x52,0xb3,0x72,0xf1,0x66,
0x1f,0x7d,0x97,0x3b,0x9e,0xb6,0x0a,0x8f,0x8c,0xcf,
0x42,0x23,0x00,0x04,0xd4,0x28,0x0e,0x1c,0x90,0xc4,
0x11,0x25,0x25,0xa5,0x93,0xa5,0x2f,0x70,0x02,0xdf,
0x81,0x9c,0x49,0x03,0xa0,0xf8,0x6d,0x54,0x2e,0x26,
0xde,0xaa,0x85,0x59,0xa8,0x31,0x02,0x21,0x00,0xeb,
0x47,0xd7,0x3b,0xf6,0xc3,0xdd,0x5a,0x46,0xc5,0xb9,
0x2b,0x9a,0xa0,0x09,0x8f,0xa6,0xfb,0xf3,0x78,0x7a,
0x33,0x70,0x9d,0x0f,0x42,0x6b,0x13,0x68,0x24,0xd3,
0x15,0x02,0x21,0x00,0xe9,0x10,0xb0,0xb3,0x0d,0xe2,
0x82,0x68,0x77,0x8a,0x6e,0x7c,0xda,0xbc,0x3e,0x53,
0x83,0xfb,0xd6,0x22,0xe7,0xb5,0xae,0x6e,0x80,0xda,
0x00,0x55,0x97,0xc1,0xd0,0x65,0x02,0x20,0x4c,0xf8,
0x73,0xb1,0x6a,0x49,0x29,0x61,0x1f,0x46,0x10,0x0d,
0xf3,0xc7,0xe7,0x58,0xd7,0x88,0x15,0x5e,0x94,0x9b,
0xbf,0x7b,0xa2,0x42,0x58,0x45,0x41,0x0c,0xcb,0x01,
0x02,0x20,0x12,0x11,0xba,0x31,0x57,0x9d,0x3d,0x11,
0x0e,0x5b,0x8c,0x2f,0x5f,0xe2,0x02,0x4f,0x05,0x47,
0x8c,0x15,0x8e,0xb3,0x56,0x3f,0xb8,0xfb,0xad,0xd4,
0xf4,0xfc,0x10,0xc5,0x02,0x20,0x18,0xa1,0x29,0x99,
0x5b,0xd9,0xc8,0xd4,0xfc,0x49,0x7a,0x2a,0x21,0x2c,
0x49,0xe4,0x4f,0xeb,0xef,0x51,0xf1,0xab,0x6d,0xfb,
0x4b,0x14,0xe9,0x4b,0x52,0xb5,0x82,0x2c,
};
static unsigned char test512[] = {
0x30, 0x82, 0x01, 0x3a, 0x02, 0x01, 0x00, 0x02, 0x41, 0x00,
0xd6, 0x33, 0xb9, 0xc8, 0xfb, 0x4f, 0x3c, 0x7d, 0xc0, 0x01,
0x86, 0xd0, 0xe7, 0xa0, 0x55, 0xf2, 0x95, 0x93, 0xcc, 0x4f,
0xb7, 0x5b, 0x67, 0x5b, 0x94, 0x68, 0xc9, 0x34, 0x15, 0xde,
0xa5, 0x2e, 0x1c, 0x33, 0xc2, 0x6e, 0xfc, 0x34, 0x5e, 0x71,
0x13, 0xb7, 0xd6, 0xee, 0xd8, 0xa5, 0x65, 0x05, 0x72, 0x87,
0xa8, 0xb0, 0x77, 0xfe, 0x57, 0xf5, 0xfc, 0x5f, 0x55, 0x83,
0x87, 0xdd, 0x57, 0x49, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02,
0x41, 0x00, 0xa7, 0xf7, 0x91, 0xc5, 0x0f, 0x84, 0x57, 0xdc,
0x07, 0xf7, 0x6a, 0x7f, 0x60, 0x52, 0xb3, 0x72, 0xf1, 0x66,
0x1f, 0x7d, 0x97, 0x3b, 0x9e, 0xb6, 0x0a, 0x8f, 0x8c, 0xcf,
0x42, 0x23, 0x00, 0x04, 0xd4, 0x28, 0x0e, 0x1c, 0x90, 0xc4,
0x11, 0x25, 0x25, 0xa5, 0x93, 0xa5, 0x2f, 0x70, 0x02, 0xdf,
0x81, 0x9c, 0x49, 0x03, 0xa0, 0xf8, 0x6d, 0x54, 0x2e, 0x26,
0xde, 0xaa, 0x85, 0x59, 0xa8, 0x31, 0x02, 0x21, 0x00, 0xeb,
0x47, 0xd7, 0x3b, 0xf6, 0xc3, 0xdd, 0x5a, 0x46, 0xc5, 0xb9,
0x2b, 0x9a, 0xa0, 0x09, 0x8f, 0xa6, 0xfb, 0xf3, 0x78, 0x7a,
0x33, 0x70, 0x9d, 0x0f, 0x42, 0x6b, 0x13, 0x68, 0x24, 0xd3,
0x15, 0x02, 0x21, 0x00, 0xe9, 0x10, 0xb0, 0xb3, 0x0d, 0xe2,
0x82, 0x68, 0x77, 0x8a, 0x6e, 0x7c, 0xda, 0xbc, 0x3e, 0x53,
0x83, 0xfb, 0xd6, 0x22, 0xe7, 0xb5, 0xae, 0x6e, 0x80, 0xda,
0x00, 0x55, 0x97, 0xc1, 0xd0, 0x65, 0x02, 0x20, 0x4c, 0xf8,
0x73, 0xb1, 0x6a, 0x49, 0x29, 0x61, 0x1f, 0x46, 0x10, 0x0d,
0xf3, 0xc7, 0xe7, 0x58, 0xd7, 0x88, 0x15, 0x5e, 0x94, 0x9b,
0xbf, 0x7b, 0xa2, 0x42, 0x58, 0x45, 0x41, 0x0c, 0xcb, 0x01,
0x02, 0x20, 0x12, 0x11, 0xba, 0x31, 0x57, 0x9d, 0x3d, 0x11,
0x0e, 0x5b, 0x8c, 0x2f, 0x5f, 0xe2, 0x02, 0x4f, 0x05, 0x47,
0x8c, 0x15, 0x8e, 0xb3, 0x56, 0x3f, 0xb8, 0xfb, 0xad, 0xd4,
0xf4, 0xfc, 0x10, 0xc5, 0x02, 0x20, 0x18, 0xa1, 0x29, 0x99,
0x5b, 0xd9, 0xc8, 0xd4, 0xfc, 0x49, 0x7a, 0x2a, 0x21, 0x2c,
0x49, 0xe4, 0x4f, 0xeb, 0xef, 0x51, 0xf1, 0xab, 0x6d, 0xfb,
0x4b, 0x14, 0xe9, 0x4b, 0x52, 0xb5, 0x82, 0x2c,
};
static unsigned char test1024[]={
0x30,0x82,0x02,0x5c,0x02,0x01,0x00,0x02,0x81,0x81,
0x00,0xdc,0x98,0x43,0xe8,0x3d,0x43,0x5b,0xe4,0x05,
0xcd,0xd0,0xa9,0x3e,0xcb,0x83,0x75,0xf6,0xb5,0xa5,
0x9f,0x6b,0xe9,0x34,0x41,0x29,0x18,0xfa,0x6a,0x55,
0x4d,0x70,0xfc,0xec,0xae,0x87,0x38,0x0a,0x20,0xa9,
0xc0,0x45,0x77,0x6e,0x57,0x60,0x57,0xf4,0xed,0x96,
0x22,0xcb,0x8f,0xe1,0x33,0x3a,0x17,0x1f,0xed,0x37,
0xa5,0x6f,0xeb,0xa6,0xbc,0x12,0x80,0x1d,0x53,0xbd,
0x70,0xeb,0x21,0x76,0x3e,0xc9,0x2f,0x1a,0x45,0x24,
0x82,0xff,0xcd,0x59,0x32,0x06,0x2e,0x12,0x3b,0x23,
0x78,0xed,0x12,0x3d,0xe0,0x8d,0xf9,0x67,0x4f,0x37,
0x4e,0x47,0x02,0x4c,0x2d,0xc0,0x4f,0x1f,0xb3,0x94,
0xe1,0x41,0x2e,0x2d,0x90,0x10,0xfc,0x82,0x91,0x8b,
0x0f,0x22,0xd4,0xf2,0xfc,0x2c,0xab,0x53,0x55,0x02,
0x03,0x01,0x00,0x01,0x02,0x81,0x80,0x2b,0xcc,0x3f,
0x8f,0x58,0xba,0x8b,0x00,0x16,0xf6,0xea,0x3a,0xf0,
0x30,0xd0,0x05,0x17,0xda,0xb0,0xeb,0x9a,0x2d,0x4f,
0x26,0xb0,0xd6,0x38,0xc1,0xeb,0xf5,0xd8,0x3d,0x1f,
0x70,0xf7,0x7f,0xf4,0xe2,0xcf,0x51,0x51,0x79,0x88,
0xfa,0xe8,0x32,0x0e,0x7b,0x2d,0x97,0xf2,0xfa,0xba,
0x27,0xc5,0x9c,0xd9,0xc5,0xeb,0x8a,0x79,0x52,0x3c,
0x64,0x34,0x7d,0xc2,0xcf,0x28,0xc7,0x4e,0xd5,0x43,
0x0b,0xd1,0xa6,0xca,0x6d,0x03,0x2d,0x72,0x23,0xbc,
0x6d,0x05,0xfa,0x16,0x09,0x2f,0x2e,0x5c,0xb6,0xee,
0x74,0xdd,0xd2,0x48,0x8e,0x36,0x0c,0x06,0x3d,0x4d,
0xe5,0x10,0x82,0xeb,0x6a,0xf3,0x4b,0x9f,0xd6,0xed,
0x11,0xb1,0x6e,0xec,0xf4,0xfe,0x8e,0x75,0x94,0x20,
0x2f,0xcb,0xac,0x46,0xf1,0x02,0x41,0x00,0xf9,0x8c,
0xa3,0x85,0xb1,0xdd,0x29,0xaf,0x65,0xc1,0x33,0xf3,
0x95,0xc5,0x52,0x68,0x0b,0xd4,0xf1,0xe5,0x0e,0x02,
0x9f,0x4f,0xfa,0x77,0xdc,0x46,0x9e,0xc7,0xa6,0xe4,
0x16,0x29,0xda,0xb0,0x07,0xcf,0x5b,0xa9,0x12,0x8a,
0xdd,0x63,0x0a,0xde,0x2e,0x8c,0x66,0x8b,0x8c,0xdc,
0x19,0xa3,0x7e,0xf4,0x3b,0xd0,0x1a,0x8c,0xa4,0xc2,
0xe1,0xd3,0x02,0x41,0x00,0xe2,0x4c,0x05,0xf2,0x04,
0x86,0x4e,0x61,0x43,0xdb,0xb0,0xb9,0x96,0x86,0x52,
0x2c,0xca,0x8d,0x7b,0xab,0x0b,0x13,0x0d,0x7e,0x38,
0x5b,0xe2,0x2e,0x7b,0x0e,0xe7,0x19,0x99,0x38,0xe7,
0xf2,0x21,0xbd,0x85,0x85,0xe3,0xfd,0x28,0x77,0x20,
0x31,0x71,0x2c,0xd0,0xff,0xfb,0x2e,0xaf,0x85,0xb4,
0x86,0xca,0xf3,0xbb,0xca,0xaa,0x0f,0x95,0x37,0x02,
0x40,0x0e,0x41,0x9a,0x95,0xe8,0xb3,0x59,0xce,0x4b,
0x61,0xde,0x35,0xec,0x38,0x79,0x9c,0xb8,0x10,0x52,
0x41,0x63,0xab,0x82,0xae,0x6f,0x00,0xa9,0xf4,0xde,
0xdd,0x49,0x0b,0x7e,0xb8,0xa5,0x65,0xa9,0x0c,0x8f,
0x8f,0xf9,0x1f,0x35,0xc6,0x92,0xb8,0x5e,0xb0,0x66,
0xab,0x52,0x40,0xc0,0xb6,0x36,0x6a,0x7d,0x80,0x46,
0x04,0x02,0xe5,0x9f,0x41,0x02,0x41,0x00,0xc0,0xad,
0xcc,0x4e,0x21,0xee,0x1d,0x24,0x91,0xfb,0xa7,0x80,
0x8d,0x9a,0xb6,0xb3,0x2e,0x8f,0xc2,0xe1,0x82,0xdf,
0x69,0x18,0xb4,0x71,0xff,0xa6,0x65,0xde,0xed,0x84,
0x8d,0x42,0xb7,0xb3,0x21,0x69,0x56,0x1c,0x07,0x60,
0x51,0x29,0x04,0xff,0x34,0x06,0xdd,0xb9,0x67,0x2c,
0x7c,0x04,0x93,0x0e,0x46,0x15,0xbb,0x2a,0xb7,0x1b,
0xe7,0x87,0x02,0x40,0x78,0xda,0x5d,0x07,0x51,0x0c,
0x16,0x7a,0x9f,0x29,0x20,0x84,0x0d,0x42,0xfa,0xd7,
0x00,0xd8,0x77,0x7e,0xb0,0xb0,0x6b,0xd6,0x5b,0x53,
0xb8,0x9b,0x7a,0xcd,0xc7,0x2b,0xb8,0x6a,0x63,0xa9,
0xfb,0x6f,0xa4,0x72,0xbf,0x4c,0x5d,0x00,0x14,0xba,
0xfa,0x59,0x88,0xed,0xe4,0xe0,0x8c,0xa2,0xec,0x14,
0x7e,0x2d,0xe2,0xf0,0x46,0x49,0x95,0x45,
};
static unsigned char test1024[] = {
0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81,
0x00, 0xdc, 0x98, 0x43, 0xe8, 0x3d, 0x43, 0x5b, 0xe4, 0x05,
0xcd, 0xd0, 0xa9, 0x3e, 0xcb, 0x83, 0x75, 0xf6, 0xb5, 0xa5,
0x9f, 0x6b, 0xe9, 0x34, 0x41, 0x29, 0x18, 0xfa, 0x6a, 0x55,
0x4d, 0x70, 0xfc, 0xec, 0xae, 0x87, 0x38, 0x0a, 0x20, 0xa9,
0xc0, 0x45, 0x77, 0x6e, 0x57, 0x60, 0x57, 0xf4, 0xed, 0x96,
0x22, 0xcb, 0x8f, 0xe1, 0x33, 0x3a, 0x17, 0x1f, 0xed, 0x37,
0xa5, 0x6f, 0xeb, 0xa6, 0xbc, 0x12, 0x80, 0x1d, 0x53, 0xbd,
0x70, 0xeb, 0x21, 0x76, 0x3e, 0xc9, 0x2f, 0x1a, 0x45, 0x24,
0x82, 0xff, 0xcd, 0x59, 0x32, 0x06, 0x2e, 0x12, 0x3b, 0x23,
0x78, 0xed, 0x12, 0x3d, 0xe0, 0x8d, 0xf9, 0x67, 0x4f, 0x37,
0x4e, 0x47, 0x02, 0x4c, 0x2d, 0xc0, 0x4f, 0x1f, 0xb3, 0x94,
0xe1, 0x41, 0x2e, 0x2d, 0x90, 0x10, 0xfc, 0x82, 0x91, 0x8b,
0x0f, 0x22, 0xd4, 0xf2, 0xfc, 0x2c, 0xab, 0x53, 0x55, 0x02,
0x03, 0x01, 0x00, 0x01, 0x02, 0x81, 0x80, 0x2b, 0xcc, 0x3f,
0x8f, 0x58, 0xba, 0x8b, 0x00, 0x16, 0xf6, 0xea, 0x3a, 0xf0,
0x30, 0xd0, 0x05, 0x17, 0xda, 0xb0, 0xeb, 0x9a, 0x2d, 0x4f,
0x26, 0xb0, 0xd6, 0x38, 0xc1, 0xeb, 0xf5, 0xd8, 0x3d, 0x1f,
0x70, 0xf7, 0x7f, 0xf4, 0xe2, 0xcf, 0x51, 0x51, 0x79, 0x88,
0xfa, 0xe8, 0x32, 0x0e, 0x7b, 0x2d, 0x97, 0xf2, 0xfa, 0xba,
0x27, 0xc5, 0x9c, 0xd9, 0xc5, 0xeb, 0x8a, 0x79, 0x52, 0x3c,
0x64, 0x34, 0x7d, 0xc2, 0xcf, 0x28, 0xc7, 0x4e, 0xd5, 0x43,
0x0b, 0xd1, 0xa6, 0xca, 0x6d, 0x03, 0x2d, 0x72, 0x23, 0xbc,
0x6d, 0x05, 0xfa, 0x16, 0x09, 0x2f, 0x2e, 0x5c, 0xb6, 0xee,
0x74, 0xdd, 0xd2, 0x48, 0x8e, 0x36, 0x0c, 0x06, 0x3d, 0x4d,
0xe5, 0x10, 0x82, 0xeb, 0x6a, 0xf3, 0x4b, 0x9f, 0xd6, 0xed,
0x11, 0xb1, 0x6e, 0xec, 0xf4, 0xfe, 0x8e, 0x75, 0x94, 0x20,
0x2f, 0xcb, 0xac, 0x46, 0xf1, 0x02, 0x41, 0x00, 0xf9, 0x8c,
0xa3, 0x85, 0xb1, 0xdd, 0x29, 0xaf, 0x65, 0xc1, 0x33, 0xf3,
0x95, 0xc5, 0x52, 0x68, 0x0b, 0xd4, 0xf1, 0xe5, 0x0e, 0x02,
0x9f, 0x4f, 0xfa, 0x77, 0xdc, 0x46, 0x9e, 0xc7, 0xa6, 0xe4,
0x16, 0x29, 0xda, 0xb0, 0x07, 0xcf, 0x5b, 0xa9, 0x12, 0x8a,
0xdd, 0x63, 0x0a, 0xde, 0x2e, 0x8c, 0x66, 0x8b, 0x8c, 0xdc,
0x19, 0xa3, 0x7e, 0xf4, 0x3b, 0xd0, 0x1a, 0x8c, 0xa4, 0xc2,
0xe1, 0xd3, 0x02, 0x41, 0x00, 0xe2, 0x4c, 0x05, 0xf2, 0x04,
0x86, 0x4e, 0x61, 0x43, 0xdb, 0xb0, 0xb9, 0x96, 0x86, 0x52,
0x2c, 0xca, 0x8d, 0x7b, 0xab, 0x0b, 0x13, 0x0d, 0x7e, 0x38,
0x5b, 0xe2, 0x2e, 0x7b, 0x0e, 0xe7, 0x19, 0x99, 0x38, 0xe7,
0xf2, 0x21, 0xbd, 0x85, 0x85, 0xe3, 0xfd, 0x28, 0x77, 0x20,
0x31, 0x71, 0x2c, 0xd0, 0xff, 0xfb, 0x2e, 0xaf, 0x85, 0xb4,
0x86, 0xca, 0xf3, 0xbb, 0xca, 0xaa, 0x0f, 0x95, 0x37, 0x02,
0x40, 0x0e, 0x41, 0x9a, 0x95, 0xe8, 0xb3, 0x59, 0xce, 0x4b,
0x61, 0xde, 0x35, 0xec, 0x38, 0x79, 0x9c, 0xb8, 0x10, 0x52,
0x41, 0x63, 0xab, 0x82, 0xae, 0x6f, 0x00, 0xa9, 0xf4, 0xde,
0xdd, 0x49, 0x0b, 0x7e, 0xb8, 0xa5, 0x65, 0xa9, 0x0c, 0x8f,
0x8f, 0xf9, 0x1f, 0x35, 0xc6, 0x92, 0xb8, 0x5e, 0xb0, 0x66,
0xab, 0x52, 0x40, 0xc0, 0xb6, 0x36, 0x6a, 0x7d, 0x80, 0x46,
0x04, 0x02, 0xe5, 0x9f, 0x41, 0x02, 0x41, 0x00, 0xc0, 0xad,
0xcc, 0x4e, 0x21, 0xee, 0x1d, 0x24, 0x91, 0xfb, 0xa7, 0x80,
0x8d, 0x9a, 0xb6, 0xb3, 0x2e, 0x8f, 0xc2, 0xe1, 0x82, 0xdf,
0x69, 0x18, 0xb4, 0x71, 0xff, 0xa6, 0x65, 0xde, 0xed, 0x84,
0x8d, 0x42, 0xb7, 0xb3, 0x21, 0x69, 0x56, 0x1c, 0x07, 0x60,
0x51, 0x29, 0x04, 0xff, 0x34, 0x06, 0xdd, 0xb9, 0x67, 0x2c,
0x7c, 0x04, 0x93, 0x0e, 0x46, 0x15, 0xbb, 0x2a, 0xb7, 0x1b,
0xe7, 0x87, 0x02, 0x40, 0x78, 0xda, 0x5d, 0x07, 0x51, 0x0c,
0x16, 0x7a, 0x9f, 0x29, 0x20, 0x84, 0x0d, 0x42, 0xfa, 0xd7,
0x00, 0xd8, 0x77, 0x7e, 0xb0, 0xb0, 0x6b, 0xd6, 0x5b, 0x53,
0xb8, 0x9b, 0x7a, 0xcd, 0xc7, 0x2b, 0xb8, 0x6a, 0x63, 0xa9,
0xfb, 0x6f, 0xa4, 0x72, 0xbf, 0x4c, 0x5d, 0x00, 0x14, 0xba,
0xfa, 0x59, 0x88, 0xed, 0xe4, 0xe0, 0x8c, 0xa2, 0xec, 0x14,
0x7e, 0x2d, 0xe2, 0xf0, 0x46, 0x49, 0x95, 0x45,
};
static unsigned char test2048[]={
0x30,0x82,0x04,0xa3,0x02,0x01,0x00,0x02,0x82,0x01,
0x01,0x00,0xc0,0xc0,0xce,0x3e,0x3c,0x53,0x67,0x3f,
0x4f,0xc5,0x2f,0xa4,0xc2,0x5a,0x2f,0x58,0xfd,0x27,
0x52,0x6a,0xe8,0xcf,0x4a,0x73,0x47,0x8d,0x25,0x0f,
0x5f,0x03,0x26,0x78,0xef,0xf0,0x22,0x12,0xd3,0xde,
0x47,0xb2,0x1c,0x0b,0x38,0x63,0x1a,0x6c,0x85,0x7a,
0x80,0xc6,0x8f,0xa0,0x41,0xaf,0x62,0xc4,0x67,0x32,
0x88,0xf8,0xa6,0x9c,0xf5,0x23,0x1d,0xe4,0xac,0x3f,
0x29,0xf9,0xec,0xe1,0x8b,0x26,0x03,0x2c,0xb2,0xab,
0xf3,0x7d,0xb5,0xca,0x49,0xc0,0x8f,0x1c,0xdf,0x33,
0x3a,0x60,0xda,0x3c,0xb0,0x16,0xf8,0xa9,0x12,0x8f,
0x64,0xac,0x23,0x0c,0x69,0x64,0x97,0x5d,0x99,0xd4,
0x09,0x83,0x9b,0x61,0xd3,0xac,0xf0,0xde,0xdd,0x5e,
0x9f,0x44,0x94,0xdb,0x3a,0x4d,0x97,0xe8,0x52,0x29,
0xf7,0xdb,0x94,0x07,0x45,0x90,0x78,0x1e,0x31,0x0b,
0x80,0xf7,0x57,0xad,0x1c,0x79,0xc5,0xcb,0x32,0xb0,
0xce,0xcd,0x74,0xb3,0xe2,0x94,0xc5,0x78,0x2f,0x34,
0x1a,0x45,0xf7,0x8c,0x52,0xa5,0xbc,0x8d,0xec,0xd1,
0x2f,0x31,0x3b,0xf0,0x49,0x59,0x5e,0x88,0x9d,0x15,
0x92,0x35,0x32,0xc1,0xe7,0x61,0xec,0x50,0x48,0x7c,
0xba,0x05,0xf9,0xf8,0xf8,0xa7,0x8c,0x83,0xe8,0x66,
0x5b,0xeb,0xfe,0xd8,0x4f,0xdd,0x6d,0x36,0xc0,0xb2,
0x90,0x0f,0xb8,0x52,0xf9,0x04,0x9b,0x40,0x2c,0x27,
0xd6,0x36,0x8e,0xc2,0x1b,0x44,0xf3,0x92,0xd5,0x15,
0x9e,0x9a,0xbc,0xf3,0x7d,0x03,0xd7,0x02,0x14,0x20,
0xe9,0x10,0x92,0xfd,0xf9,0xfc,0x8f,0xe5,0x18,0xe1,
0x95,0xcc,0x9e,0x60,0xa6,0xfa,0x38,0x4d,0x02,0x03,
0x01,0x00,0x01,0x02,0x82,0x01,0x00,0x00,0xc3,0xc3,
0x0d,0xb4,0x27,0x90,0x8d,0x4b,0xbf,0xb8,0x84,0xaa,
0xd0,0xb8,0xc7,0x5d,0x99,0xbe,0x55,0xf6,0x3e,0x7c,
0x49,0x20,0xcb,0x8a,0x8e,0x19,0x0e,0x66,0x24,0xac,
0xaf,0x03,0x33,0x97,0xeb,0x95,0xd5,0x3b,0x0f,0x40,
0x56,0x04,0x50,0xd1,0xe6,0xbe,0x84,0x0b,0x25,0xd3,
0x9c,0xe2,0x83,0x6c,0xf5,0x62,0x5d,0xba,0x2b,0x7d,
0x3d,0x7a,0x6c,0xe1,0xd2,0x0e,0x54,0x93,0x80,0x01,
0x91,0x51,0x09,0xe8,0x5b,0x8e,0x47,0xbd,0x64,0xe4,
0x0e,0x03,0x83,0x55,0xcf,0x5a,0x37,0xf0,0x25,0xb5,
0x7d,0x21,0xd7,0x69,0xdf,0x6f,0xc2,0xcf,0x10,0xc9,
0x8a,0x40,0x9f,0x7a,0x70,0xc0,0xe8,0xe8,0xc0,0xe6,
0x9a,0x15,0x0a,0x8d,0x4e,0x46,0xcb,0x7a,0xdb,0xb3,
0xcb,0x83,0x02,0xc4,0xf0,0xab,0xeb,0x02,0x01,0x0e,
0x23,0xfc,0x1d,0xc4,0xbd,0xd4,0xaa,0x5d,0x31,0x46,
0x99,0xce,0x9e,0xf8,0x04,0x75,0x10,0x67,0xc4,0x53,
0x47,0x44,0xfa,0xc2,0x25,0x73,0x7e,0xd0,0x8e,0x59,
0xd1,0xb2,0x5a,0xf4,0xc7,0x18,0x92,0x2f,0x39,0xab,
0xcd,0xa3,0xb5,0xc2,0xb9,0xc7,0xb9,0x1b,0x9f,0x48,
0xfa,0x13,0xc6,0x98,0x4d,0xca,0x84,0x9c,0x06,0xca,
0xe7,0x89,0x01,0x04,0xc4,0x6c,0xfd,0x29,0x59,0x35,
0xe7,0xf3,0xdd,0xce,0x64,0x59,0xbf,0x21,0x13,0xa9,
0x9f,0x0e,0xc5,0xff,0xbd,0x33,0x00,0xec,0xac,0x6b,
0x11,0xef,0x51,0x5e,0xad,0x07,0x15,0xde,0xb8,0x5f,
0xc6,0xb9,0xa3,0x22,0x65,0x46,0x83,0x14,0xdf,0xd0,
0xf1,0x44,0x8a,0xe1,0x9c,0x23,0x33,0xb4,0x97,0x33,
0xe6,0x6b,0x81,0x02,0x81,0x81,0x00,0xec,0x12,0xa7,
0x59,0x74,0x6a,0xde,0x3e,0xad,0xd8,0x36,0x80,0x50,
0xa2,0xd5,0x21,0x81,0x07,0xf1,0xd0,0x91,0xf2,0x6c,
0x12,0x2f,0x9d,0x1a,0x26,0xf8,0x30,0x65,0xdf,0xe8,
0xc0,0x9b,0x6a,0x30,0x98,0x82,0x87,0xec,0xa2,0x56,
0x87,0x62,0x6f,0xe7,0x9f,0xf6,0x56,0xe6,0x71,0x8f,
0x49,0x86,0x93,0x5a,0x4d,0x34,0x58,0xfe,0xd9,0x04,
0x13,0xaf,0x79,0xb7,0xad,0x11,0xd1,0x30,0x9a,0x14,
0x06,0xa0,0xfa,0xb7,0x55,0xdc,0x6c,0x5a,0x4c,0x2c,
0x59,0x56,0xf6,0xe8,0x9d,0xaf,0x0a,0x78,0x99,0x06,
0x06,0x9e,0xe7,0x9c,0x51,0x55,0x43,0xfc,0x3b,0x6c,
0x0b,0xbf,0x2d,0x41,0xa7,0xaf,0xb7,0xe0,0xe8,0x28,
0x18,0xb4,0x13,0xd1,0xe6,0x97,0xd0,0x9f,0x6a,0x80,
0xca,0xdd,0x1a,0x7e,0x15,0x02,0x81,0x81,0x00,0xd1,
0x06,0x0c,0x1f,0xe3,0xd0,0xab,0xd6,0xca,0x7c,0xbc,
0x7d,0x13,0x35,0xce,0x27,0xcd,0xd8,0x49,0x51,0x63,
0x64,0x0f,0xca,0x06,0x12,0xfc,0x07,0x3e,0xaf,0x61,
0x6d,0xe2,0x53,0x39,0x27,0xae,0xc3,0x11,0x9e,0x94,
0x01,0x4f,0xe3,0xf3,0x67,0xf9,0x77,0xf9,0xe7,0x95,
0x3a,0x6f,0xe2,0x20,0x73,0x3e,0xa4,0x7a,0x28,0xd4,
0x61,0x97,0xf6,0x17,0xa0,0x23,0x10,0x2b,0xce,0x84,
0x57,0x7e,0x25,0x1f,0xf4,0xa8,0x54,0xd2,0x65,0x94,
0xcc,0x95,0x0a,0xab,0x30,0xc1,0x59,0x1f,0x61,0x8e,
0xb9,0x6b,0xd7,0x4e,0xb9,0x83,0x43,0x79,0x85,0x11,
0xbc,0x0f,0xae,0x25,0x20,0x05,0xbc,0xd2,0x48,0xa1,
0x68,0x09,0x84,0xf6,0x12,0x9a,0x66,0xb9,0x2b,0xbb,
0x76,0x03,0x17,0x46,0x4e,0x97,0x59,0x02,0x81,0x80,
0x09,0x4c,0xfa,0xd6,0xe5,0x65,0x48,0x78,0x43,0xb5,
0x1f,0x00,0x93,0x2c,0xb7,0x24,0xe8,0xc6,0x7d,0x5a,
0x70,0x45,0x92,0xc8,0x6c,0xa3,0xcd,0xe1,0xf7,0x29,
0x40,0xfa,0x3f,0x5b,0x47,0x44,0x39,0xc1,0xe8,0x72,
0x9e,0x7a,0x0e,0xda,0xaa,0xa0,0x2a,0x09,0xfd,0x54,
0x93,0x23,0xaa,0x37,0x85,0x5b,0xcc,0xd4,0xf9,0xd8,
0xff,0xc1,0x61,0x0d,0xbd,0x7e,0x18,0x24,0x73,0x6d,
0x40,0x72,0xf1,0x93,0x09,0x48,0x97,0x6c,0x84,0x90,
0xa8,0x46,0x14,0x01,0x39,0x11,0xe5,0x3c,0x41,0x27,
0x32,0x75,0x24,0xed,0xa1,0xd9,0x12,0x29,0x8a,0x28,
0x71,0x89,0x8d,0xca,0x30,0xb0,0x01,0xc4,0x2f,0x82,
0x19,0x14,0x4c,0x70,0x1c,0xb8,0x23,0x2e,0xe8,0x90,
0x49,0x97,0x92,0x97,0x6b,0x7a,0x9d,0xb9,0x02,0x81,
0x80,0x0f,0x0e,0xa1,0x76,0xf6,0xa1,0x44,0x8f,0xaf,
0x7c,0x76,0xd3,0x87,0xbb,0xbb,0x83,0x10,0x88,0x01,
0x18,0x14,0xd1,0xd3,0x75,0x59,0x24,0xaa,0xf5,0x16,
0xa5,0xe9,0x9d,0xd1,0xcc,0xee,0xf4,0x15,0xd9,0xc5,
0x7e,0x27,0xe9,0x44,0x49,0x06,0x72,0xb9,0xfc,0xd3,
0x8a,0xc4,0x2c,0x36,0x7d,0x12,0x9b,0x5a,0xaa,0xdc,
0x85,0xee,0x6e,0xad,0x54,0xb3,0xf4,0xfc,0x31,0xa1,
0x06,0x3a,0x70,0x57,0x0c,0xf3,0x95,0x5b,0x3e,0xe8,
0xfd,0x1a,0x4f,0xf6,0x78,0x93,0x46,0x6a,0xd7,0x31,
0xb4,0x84,0x64,0x85,0x09,0x38,0x89,0x92,0x94,0x1c,
0xbf,0xe2,0x3c,0x2a,0xe0,0xff,0x99,0xa3,0xf0,0x2b,
0x31,0xc2,0x36,0xcd,0x60,0xbf,0x9d,0x2d,0x74,0x32,
0xe8,0x9c,0x93,0x6e,0xbb,0x91,0x7b,0xfd,0xd9,0x02,
0x81,0x81,0x00,0xa2,0x71,0x25,0x38,0xeb,0x2a,0xe9,
0x37,0xcd,0xfe,0x44,0xce,0x90,0x3f,0x52,0x87,0x84,
0x52,0x1b,0xae,0x8d,0x22,0x94,0xce,0x38,0xe6,0x04,
0x88,0x76,0x85,0x9a,0xd3,0x14,0x09,0xe5,0x69,0x9a,
0xff,0x58,0x92,0x02,0x6a,0x7d,0x7c,0x1e,0x2c,0xfd,
0xa8,0xca,0x32,0x14,0x4f,0x0d,0x84,0x0d,0x37,0x43,
0xbf,0xe4,0x5d,0x12,0xc8,0x24,0x91,0x27,0x8d,0x46,
0xd9,0x54,0x53,0xe7,0x62,0x71,0xa8,0x2b,0x71,0x41,
0x8d,0x75,0xf8,0x3a,0xa0,0x61,0x29,0x46,0xa6,0xe5,
0x82,0xfa,0x3a,0xd9,0x08,0xfa,0xfc,0x63,0xfd,0x6b,
0x30,0xbc,0xf4,0x4e,0x9e,0x8c,0x25,0x0c,0xb6,0x55,
0xe7,0x3c,0xd4,0x4e,0x0b,0xfd,0x8b,0xc3,0x0e,0x1d,
0x9c,0x44,0x57,0x8f,0x1f,0x86,0xf7,0xd5,0x1b,0xe4,
static unsigned char test2048[] = {
0x30, 0x82, 0x04, 0xa3, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01,
0x01, 0x00, 0xc0, 0xc0, 0xce, 0x3e, 0x3c, 0x53, 0x67, 0x3f,
0x4f, 0xc5, 0x2f, 0xa4, 0xc2, 0x5a, 0x2f, 0x58, 0xfd, 0x27,
0x52, 0x6a, 0xe8, 0xcf, 0x4a, 0x73, 0x47, 0x8d, 0x25, 0x0f,
0x5f, 0x03, 0x26, 0x78, 0xef, 0xf0, 0x22, 0x12, 0xd3, 0xde,
0x47, 0xb2, 0x1c, 0x0b, 0x38, 0x63, 0x1a, 0x6c, 0x85, 0x7a,
0x80, 0xc6, 0x8f, 0xa0, 0x41, 0xaf, 0x62, 0xc4, 0x67, 0x32,
0x88, 0xf8, 0xa6, 0x9c, 0xf5, 0x23, 0x1d, 0xe4, 0xac, 0x3f,
0x29, 0xf9, 0xec, 0xe1, 0x8b, 0x26, 0x03, 0x2c, 0xb2, 0xab,
0xf3, 0x7d, 0xb5, 0xca, 0x49, 0xc0, 0x8f, 0x1c, 0xdf, 0x33,
0x3a, 0x60, 0xda, 0x3c, 0xb0, 0x16, 0xf8, 0xa9, 0x12, 0x8f,
0x64, 0xac, 0x23, 0x0c, 0x69, 0x64, 0x97, 0x5d, 0x99, 0xd4,
0x09, 0x83, 0x9b, 0x61, 0xd3, 0xac, 0xf0, 0xde, 0xdd, 0x5e,
0x9f, 0x44, 0x94, 0xdb, 0x3a, 0x4d, 0x97, 0xe8, 0x52, 0x29,
0xf7, 0xdb, 0x94, 0x07, 0x45, 0x90, 0x78, 0x1e, 0x31, 0x0b,
0x80, 0xf7, 0x57, 0xad, 0x1c, 0x79, 0xc5, 0xcb, 0x32, 0xb0,
0xce, 0xcd, 0x74, 0xb3, 0xe2, 0x94, 0xc5, 0x78, 0x2f, 0x34,
0x1a, 0x45, 0xf7, 0x8c, 0x52, 0xa5, 0xbc, 0x8d, 0xec, 0xd1,
0x2f, 0x31, 0x3b, 0xf0, 0x49, 0x59, 0x5e, 0x88, 0x9d, 0x15,
0x92, 0x35, 0x32, 0xc1, 0xe7, 0x61, 0xec, 0x50, 0x48, 0x7c,
0xba, 0x05, 0xf9, 0xf8, 0xf8, 0xa7, 0x8c, 0x83, 0xe8, 0x66,
0x5b, 0xeb, 0xfe, 0xd8, 0x4f, 0xdd, 0x6d, 0x36, 0xc0, 0xb2,
0x90, 0x0f, 0xb8, 0x52, 0xf9, 0x04, 0x9b, 0x40, 0x2c, 0x27,
0xd6, 0x36, 0x8e, 0xc2, 0x1b, 0x44, 0xf3, 0x92, 0xd5, 0x15,
0x9e, 0x9a, 0xbc, 0xf3, 0x7d, 0x03, 0xd7, 0x02, 0x14, 0x20,
0xe9, 0x10, 0x92, 0xfd, 0xf9, 0xfc, 0x8f, 0xe5, 0x18, 0xe1,
0x95, 0xcc, 0x9e, 0x60, 0xa6, 0xfa, 0x38, 0x4d, 0x02, 0x03,
0x01, 0x00, 0x01, 0x02, 0x82, 0x01, 0x00, 0x00, 0xc3, 0xc3,
0x0d, 0xb4, 0x27, 0x90, 0x8d, 0x4b, 0xbf, 0xb8, 0x84, 0xaa,
0xd0, 0xb8, 0xc7, 0x5d, 0x99, 0xbe, 0x55, 0xf6, 0x3e, 0x7c,
0x49, 0x20, 0xcb, 0x8a, 0x8e, 0x19, 0x0e, 0x66, 0x24, 0xac,
0xaf, 0x03, 0x33, 0x97, 0xeb, 0x95, 0xd5, 0x3b, 0x0f, 0x40,
0x56, 0x04, 0x50, 0xd1, 0xe6, 0xbe, 0x84, 0x0b, 0x25, 0xd3,
0x9c, 0xe2, 0x83, 0x6c, 0xf5, 0x62, 0x5d, 0xba, 0x2b, 0x7d,
0x3d, 0x7a, 0x6c, 0xe1, 0xd2, 0x0e, 0x54, 0x93, 0x80, 0x01,
0x91, 0x51, 0x09, 0xe8, 0x5b, 0x8e, 0x47, 0xbd, 0x64, 0xe4,
0x0e, 0x03, 0x83, 0x55, 0xcf, 0x5a, 0x37, 0xf0, 0x25, 0xb5,
0x7d, 0x21, 0xd7, 0x69, 0xdf, 0x6f, 0xc2, 0xcf, 0x10, 0xc9,
0x8a, 0x40, 0x9f, 0x7a, 0x70, 0xc0, 0xe8, 0xe8, 0xc0, 0xe6,
0x9a, 0x15, 0x0a, 0x8d, 0x4e, 0x46, 0xcb, 0x7a, 0xdb, 0xb3,
0xcb, 0x83, 0x02, 0xc4, 0xf0, 0xab, 0xeb, 0x02, 0x01, 0x0e,
0x23, 0xfc, 0x1d, 0xc4, 0xbd, 0xd4, 0xaa, 0x5d, 0x31, 0x46,
0x99, 0xce, 0x9e, 0xf8, 0x04, 0x75, 0x10, 0x67, 0xc4, 0x53,
0x47, 0x44, 0xfa, 0xc2, 0x25, 0x73, 0x7e, 0xd0, 0x8e, 0x59,
0xd1, 0xb2, 0x5a, 0xf4, 0xc7, 0x18, 0x92, 0x2f, 0x39, 0xab,
0xcd, 0xa3, 0xb5, 0xc2, 0xb9, 0xc7, 0xb9, 0x1b, 0x9f, 0x48,
0xfa, 0x13, 0xc6, 0x98, 0x4d, 0xca, 0x84, 0x9c, 0x06, 0xca,
0xe7, 0x89, 0x01, 0x04, 0xc4, 0x6c, 0xfd, 0x29, 0x59, 0x35,
0xe7, 0xf3, 0xdd, 0xce, 0x64, 0x59, 0xbf, 0x21, 0x13, 0xa9,
0x9f, 0x0e, 0xc5, 0xff, 0xbd, 0x33, 0x00, 0xec, 0xac, 0x6b,
0x11, 0xef, 0x51, 0x5e, 0xad, 0x07, 0x15, 0xde, 0xb8, 0x5f,
0xc6, 0xb9, 0xa3, 0x22, 0x65, 0x46, 0x83, 0x14, 0xdf, 0xd0,
0xf1, 0x44, 0x8a, 0xe1, 0x9c, 0x23, 0x33, 0xb4, 0x97, 0x33,
0xe6, 0x6b, 0x81, 0x02, 0x81, 0x81, 0x00, 0xec, 0x12, 0xa7,
0x59, 0x74, 0x6a, 0xde, 0x3e, 0xad, 0xd8, 0x36, 0x80, 0x50,
0xa2, 0xd5, 0x21, 0x81, 0x07, 0xf1, 0xd0, 0x91, 0xf2, 0x6c,
0x12, 0x2f, 0x9d, 0x1a, 0x26, 0xf8, 0x30, 0x65, 0xdf, 0xe8,
0xc0, 0x9b, 0x6a, 0x30, 0x98, 0x82, 0x87, 0xec, 0xa2, 0x56,
0x87, 0x62, 0x6f, 0xe7, 0x9f, 0xf6, 0x56, 0xe6, 0x71, 0x8f,
0x49, 0x86, 0x93, 0x5a, 0x4d, 0x34, 0x58, 0xfe, 0xd9, 0x04,
0x13, 0xaf, 0x79, 0xb7, 0xad, 0x11, 0xd1, 0x30, 0x9a, 0x14,
0x06, 0xa0, 0xfa, 0xb7, 0x55, 0xdc, 0x6c, 0x5a, 0x4c, 0x2c,
0x59, 0x56, 0xf6, 0xe8, 0x9d, 0xaf, 0x0a, 0x78, 0x99, 0x06,
0x06, 0x9e, 0xe7, 0x9c, 0x51, 0x55, 0x43, 0xfc, 0x3b, 0x6c,
0x0b, 0xbf, 0x2d, 0x41, 0xa7, 0xaf, 0xb7, 0xe0, 0xe8, 0x28,
0x18, 0xb4, 0x13, 0xd1, 0xe6, 0x97, 0xd0, 0x9f, 0x6a, 0x80,
0xca, 0xdd, 0x1a, 0x7e, 0x15, 0x02, 0x81, 0x81, 0x00, 0xd1,
0x06, 0x0c, 0x1f, 0xe3, 0xd0, 0xab, 0xd6, 0xca, 0x7c, 0xbc,
0x7d, 0x13, 0x35, 0xce, 0x27, 0xcd, 0xd8, 0x49, 0x51, 0x63,
0x64, 0x0f, 0xca, 0x06, 0x12, 0xfc, 0x07, 0x3e, 0xaf, 0x61,
0x6d, 0xe2, 0x53, 0x39, 0x27, 0xae, 0xc3, 0x11, 0x9e, 0x94,
0x01, 0x4f, 0xe3, 0xf3, 0x67, 0xf9, 0x77, 0xf9, 0xe7, 0x95,
0x3a, 0x6f, 0xe2, 0x20, 0x73, 0x3e, 0xa4, 0x7a, 0x28, 0xd4,
0x61, 0x97, 0xf6, 0x17, 0xa0, 0x23, 0x10, 0x2b, 0xce, 0x84,
0x57, 0x7e, 0x25, 0x1f, 0xf4, 0xa8, 0x54, 0xd2, 0x65, 0x94,
0xcc, 0x95, 0x0a, 0xab, 0x30, 0xc1, 0x59, 0x1f, 0x61, 0x8e,
0xb9, 0x6b, 0xd7, 0x4e, 0xb9, 0x83, 0x43, 0x79, 0x85, 0x11,
0xbc, 0x0f, 0xae, 0x25, 0x20, 0x05, 0xbc, 0xd2, 0x48, 0xa1,
0x68, 0x09, 0x84, 0xf6, 0x12, 0x9a, 0x66, 0xb9, 0x2b, 0xbb,
0x76, 0x03, 0x17, 0x46, 0x4e, 0x97, 0x59, 0x02, 0x81, 0x80,
0x09, 0x4c, 0xfa, 0xd6, 0xe5, 0x65, 0x48, 0x78, 0x43, 0xb5,
0x1f, 0x00, 0x93, 0x2c, 0xb7, 0x24, 0xe8, 0xc6, 0x7d, 0x5a,
0x70, 0x45, 0x92, 0xc8, 0x6c, 0xa3, 0xcd, 0xe1, 0xf7, 0x29,
0x40, 0xfa, 0x3f, 0x5b, 0x47, 0x44, 0x39, 0xc1, 0xe8, 0x72,
0x9e, 0x7a, 0x0e, 0xda, 0xaa, 0xa0, 0x2a, 0x09, 0xfd, 0x54,
0x93, 0x23, 0xaa, 0x37, 0x85, 0x5b, 0xcc, 0xd4, 0xf9, 0xd8,
0xff, 0xc1, 0x61, 0x0d, 0xbd, 0x7e, 0x18, 0x24, 0x73, 0x6d,
0x40, 0x72, 0xf1, 0x93, 0x09, 0x48, 0x97, 0x6c, 0x84, 0x90,
0xa8, 0x46, 0x14, 0x01, 0x39, 0x11, 0xe5, 0x3c, 0x41, 0x27,
0x32, 0x75, 0x24, 0xed, 0xa1, 0xd9, 0x12, 0x29, 0x8a, 0x28,
0x71, 0x89, 0x8d, 0xca, 0x30, 0xb0, 0x01, 0xc4, 0x2f, 0x82,
0x19, 0x14, 0x4c, 0x70, 0x1c, 0xb8, 0x23, 0x2e, 0xe8, 0x90,
0x49, 0x97, 0x92, 0x97, 0x6b, 0x7a, 0x9d, 0xb9, 0x02, 0x81,
0x80, 0x0f, 0x0e, 0xa1, 0x76, 0xf6, 0xa1, 0x44, 0x8f, 0xaf,
0x7c, 0x76, 0xd3, 0x87, 0xbb, 0xbb, 0x83, 0x10, 0x88, 0x01,
0x18, 0x14, 0xd1, 0xd3, 0x75, 0x59, 0x24, 0xaa, 0xf5, 0x16,
0xa5, 0xe9, 0x9d, 0xd1, 0xcc, 0xee, 0xf4, 0x15, 0xd9, 0xc5,
0x7e, 0x27, 0xe9, 0x44, 0x49, 0x06, 0x72, 0xb9, 0xfc, 0xd3,
0x8a, 0xc4, 0x2c, 0x36, 0x7d, 0x12, 0x9b, 0x5a, 0xaa, 0xdc,
0x85, 0xee, 0x6e, 0xad, 0x54, 0xb3, 0xf4, 0xfc, 0x31, 0xa1,
0x06, 0x3a, 0x70, 0x57, 0x0c, 0xf3, 0x95, 0x5b, 0x3e, 0xe8,
0xfd, 0x1a, 0x4f, 0xf6, 0x78, 0x93, 0x46, 0x6a, 0xd7, 0x31,
0xb4, 0x84, 0x64, 0x85, 0x09, 0x38, 0x89, 0x92, 0x94, 0x1c,
0xbf, 0xe2, 0x3c, 0x2a, 0xe0, 0xff, 0x99, 0xa3, 0xf0, 0x2b,
0x31, 0xc2, 0x36, 0xcd, 0x60, 0xbf, 0x9d, 0x2d, 0x74, 0x32,
0xe8, 0x9c, 0x93, 0x6e, 0xbb, 0x91, 0x7b, 0xfd, 0xd9, 0x02,
0x81, 0x81, 0x00, 0xa2, 0x71, 0x25, 0x38, 0xeb, 0x2a, 0xe9,
0x37, 0xcd, 0xfe, 0x44, 0xce, 0x90, 0x3f, 0x52, 0x87, 0x84,
0x52, 0x1b, 0xae, 0x8d, 0x22, 0x94, 0xce, 0x38, 0xe6, 0x04,
0x88, 0x76, 0x85, 0x9a, 0xd3, 0x14, 0x09, 0xe5, 0x69, 0x9a,
0xff, 0x58, 0x92, 0x02, 0x6a, 0x7d, 0x7c, 0x1e, 0x2c, 0xfd,
0xa8, 0xca, 0x32, 0x14, 0x4f, 0x0d, 0x84, 0x0d, 0x37, 0x43,
0xbf, 0xe4, 0x5d, 0x12, 0xc8, 0x24, 0x91, 0x27, 0x8d, 0x46,
0xd9, 0x54, 0x53, 0xe7, 0x62, 0x71, 0xa8, 0x2b, 0x71, 0x41,
0x8d, 0x75, 0xf8, 0x3a, 0xa0, 0x61, 0x29, 0x46, 0xa6, 0xe5,
0x82, 0xfa, 0x3a, 0xd9, 0x08, 0xfa, 0xfc, 0x63, 0xfd, 0x6b,
0x30, 0xbc, 0xf4, 0x4e, 0x9e, 0x8c, 0x25, 0x0c, 0xb6, 0x55,
0xe7, 0x3c, 0xd4, 0x4e, 0x0b, 0xfd, 0x8b, 0xc3, 0x0e, 0x1d,
0x9c, 0x44, 0x57, 0x8f, 0x1f, 0x86, 0xf7, 0xd5, 0x1b, 0xe4,
0x95,
};
};
static unsigned char test4096[]={
0x30,0x82,0x09,0x29,0x02,0x01,0x00,0x02,0x82,0x02,
0x01,0x00,0xc0,0x71,0xac,0x1a,0x13,0x88,0x82,0x43,
0x3b,0x51,0x57,0x71,0x8d,0xb6,0x2b,0x82,0x65,0x21,
0x53,0x5f,0x28,0x29,0x4f,0x8d,0x7c,0x8a,0xb9,0x44,
0xb3,0x28,0x41,0x4f,0xd3,0xfa,0x6a,0xf8,0xb9,0x28,
0x50,0x39,0x67,0x53,0x2c,0x3c,0xd7,0xcb,0x96,0x41,
0x40,0x32,0xbb,0xeb,0x70,0xae,0x1f,0xb0,0x65,0xf7,
0x3a,0xd9,0x22,0xfd,0x10,0xae,0xbd,0x02,0xe2,0xdd,
0xf3,0xc2,0x79,0x3c,0xc6,0xfc,0x75,0xbb,0xaf,0x4e,
0x3a,0x36,0xc2,0x4f,0xea,0x25,0xdf,0x13,0x16,0x4b,
0x20,0xfe,0x4b,0x69,0x16,0xc4,0x7f,0x1a,0x43,0xa6,
0x17,0x1b,0xb9,0x0a,0xf3,0x09,0x86,0x28,0x89,0xcf,
0x2c,0xd0,0xd4,0x81,0xaf,0xc6,0x6d,0xe6,0x21,0x8d,
0xee,0xef,0xea,0xdc,0xb7,0xc6,0x3b,0x63,0x9f,0x0e,
0xad,0x89,0x78,0x23,0x18,0xbf,0x70,0x7e,0x84,0xe0,
0x37,0xec,0xdb,0x8e,0x9c,0x3e,0x6a,0x19,0xcc,0x99,
0x72,0xe6,0xb5,0x7d,0x6d,0xfa,0xe5,0xd3,0xe4,0x90,
0xb5,0xb2,0xb2,0x12,0x70,0x4e,0xca,0xf8,0x10,0xf8,
0xa3,0x14,0xc2,0x48,0x19,0xeb,0x60,0x99,0xbb,0x2a,
0x1f,0xb1,0x7a,0xb1,0x3d,0x24,0xfb,0xa0,0x29,0xda,
0xbd,0x1b,0xd7,0xa4,0xbf,0xef,0x60,0x2d,0x22,0xca,
0x65,0x98,0xf1,0xc4,0xe1,0xc9,0x02,0x6b,0x16,0x28,
0x2f,0xa1,0xaa,0x79,0x00,0xda,0xdc,0x7c,0x43,0xf7,
0x42,0x3c,0xa0,0xef,0x68,0xf7,0xdf,0xb9,0x69,0xfb,
0x8e,0x01,0xed,0x01,0x42,0xb5,0x4e,0x57,0xa6,0x26,
0xb8,0xd0,0x7b,0x56,0x6d,0x03,0xc6,0x40,0x8c,0x8c,
0x2a,0x55,0xd7,0x9c,0x35,0x00,0x94,0x93,0xec,0x03,
0xeb,0x22,0xef,0x77,0xbb,0x79,0x13,0x3f,0x15,0xa1,
0x8f,0xca,0xdf,0xfd,0xd3,0xb8,0xe1,0xd4,0xcc,0x09,
0x3f,0x3c,0x2c,0xdb,0xd1,0x49,0x7f,0x38,0x07,0x83,
0x6d,0xeb,0x08,0x66,0xe9,0x06,0x44,0x12,0xac,0x95,
0x22,0x90,0x23,0x67,0xd4,0x08,0xcc,0xf4,0xb7,0xdc,
0xcc,0x87,0xd4,0xac,0x69,0x35,0x4c,0xb5,0x39,0x36,
0xcd,0xa4,0xd2,0x95,0xca,0x0d,0xc5,0xda,0xc2,0xc5,
0x22,0x32,0x28,0x08,0xe3,0xd2,0x8b,0x38,0x30,0xdc,
0x8c,0x75,0x4f,0x6a,0xec,0x7a,0xac,0x16,0x3e,0xa8,
0xd4,0x6a,0x45,0xe1,0xa8,0x4f,0x2e,0x80,0x34,0xaa,
0x54,0x1b,0x02,0x95,0x7d,0x8a,0x6d,0xcc,0x79,0xca,
0xf2,0xa4,0x2e,0x8d,0xfb,0xfe,0x15,0x51,0x10,0x0e,
0x4d,0x88,0xb1,0xc7,0xf4,0x79,0xdb,0xf0,0xb4,0x56,
0x44,0x37,0xca,0x5a,0xc1,0x8c,0x48,0xac,0xae,0x48,
0x80,0x83,0x01,0x3f,0xde,0xd9,0xd3,0x2c,0x51,0x46,
0xb1,0x41,0xb6,0xc6,0x91,0x72,0xf9,0x83,0x55,0x1b,
0x8c,0xba,0xf3,0x73,0xe5,0x2c,0x74,0x50,0x3a,0xbe,
0xc5,0x2f,0xa7,0xb2,0x6d,0x8c,0x9e,0x13,0x77,0xa3,
0x13,0xcd,0x6d,0x8c,0x45,0xe1,0xfc,0x0b,0xb7,0x69,
0xe9,0x27,0xbc,0x65,0xc3,0xfa,0x9b,0xd0,0xef,0xfe,
0xe8,0x1f,0xb3,0x5e,0x34,0xf4,0x8c,0xea,0xfc,0xd3,
0x81,0xbf,0x3d,0x30,0xb2,0xb4,0x01,0xe8,0x43,0x0f,
0xba,0x02,0x23,0x42,0x76,0x82,0x31,0x73,0x91,0xed,
0x07,0x46,0x61,0x0d,0x39,0x83,0x40,0xce,0x7a,0xd4,
0xdb,0x80,0x2c,0x1f,0x0d,0xd1,0x34,0xd4,0x92,0xe3,
0xd4,0xf1,0xc2,0x01,0x02,0x03,0x01,0x00,0x01,0x02,
0x82,0x02,0x01,0x00,0x97,0x6c,0xda,0x6e,0xea,0x4f,
0xcf,0xaf,0xf7,0x4c,0xd9,0xf1,0x90,0x00,0x77,0xdb,
0xf2,0x97,0x76,0x72,0xb9,0xb7,0x47,0xd1,0x9c,0xdd,
0xcb,0x4a,0x33,0x6e,0xc9,0x75,0x76,0xe6,0xe4,0xa5,
0x31,0x8c,0x77,0x13,0xb4,0x29,0xcd,0xf5,0x52,0x17,
0xef,0xf3,0x08,0x00,0xe3,0xbd,0x2e,0xbc,0xd4,0x52,
0x88,0xe9,0x30,0x75,0x0b,0x02,0xf5,0xcd,0x89,0x0c,
0x6c,0x57,0x19,0x27,0x3d,0x1e,0x85,0xb4,0xc1,0x2f,
0x1d,0x92,0x00,0x5c,0x76,0x29,0x4b,0xa4,0xe1,0x12,
0xb3,0xc8,0x09,0xfe,0x0e,0x78,0x72,0x61,0xcb,0x61,
0x6f,0x39,0x91,0x95,0x4e,0xd5,0x3e,0xc7,0x8f,0xb8,
0xf6,0x36,0xfe,0x9c,0x93,0x9a,0x38,0x25,0x7a,0xf4,
0x4a,0x12,0xd4,0xa0,0x13,0xbd,0xf9,0x1d,0x12,0x3e,
0x21,0x39,0xfb,0x72,0xe0,0x05,0x3d,0xc3,0xe5,0x50,
0xa8,0x5d,0x85,0xa3,0xea,0x5f,0x1c,0xb2,0x3f,0xea,
0x6d,0x03,0x91,0x55,0xd8,0x19,0x0a,0x21,0x12,0x16,
0xd9,0x12,0xc4,0xe6,0x07,0x18,0x5b,0x26,0xa4,0xae,
0xed,0x2b,0xb7,0xa6,0xed,0xf8,0xad,0xec,0x77,0xe6,
0x7f,0x4f,0x76,0x00,0xc0,0xfa,0x15,0x92,0xb4,0x2c,
0x22,0xc2,0xeb,0x6a,0xad,0x14,0x05,0xb2,0xe5,0x8a,
0x9e,0x85,0x83,0xcc,0x04,0xf1,0x56,0x78,0x44,0x5e,
0xde,0xe0,0x60,0x1a,0x65,0x79,0x31,0x23,0x05,0xbb,
0x01,0xff,0xdd,0x2e,0xb7,0xb3,0xaa,0x74,0xe0,0xa5,
0x94,0xaf,0x4b,0xde,0x58,0x0f,0x55,0xde,0x33,0xf6,
0xe3,0xd6,0x34,0x36,0x57,0xd6,0x79,0x91,0x2e,0xbe,
0x3b,0xd9,0x4e,0xb6,0x9d,0x21,0x5c,0xd3,0x48,0x14,
0x7f,0x4a,0xc4,0x60,0xa9,0x29,0xf8,0x53,0x7f,0x88,
0x11,0x2d,0xb5,0xc5,0x2d,0x6f,0xee,0x85,0x0b,0xf7,
0x8d,0x9a,0xbe,0xb0,0x42,0xf2,0x2e,0x71,0xaf,0x19,
0x31,0x6d,0xec,0xcd,0x6f,0x2b,0x23,0xdf,0xb4,0x40,
0xaf,0x2c,0x0a,0xc3,0x1b,0x7d,0x7d,0x03,0x1d,0x4b,
0xf3,0xb5,0xe0,0x85,0xd8,0xdf,0x91,0x6b,0x0a,0x69,
0xf7,0xf2,0x69,0x66,0x5b,0xf1,0xcf,0x46,0x7d,0xe9,
0x70,0xfa,0x6d,0x7e,0x75,0x4e,0xa9,0x77,0xe6,0x8c,
0x02,0xf7,0x14,0x4d,0xa5,0x41,0x8f,0x3f,0xc1,0x62,
0x1e,0x71,0x5e,0x38,0xb4,0xd6,0xe6,0xe1,0x4b,0xc2,
0x2c,0x30,0x83,0x81,0x6f,0x49,0x2e,0x96,0xe6,0xc9,
0x9a,0xf7,0x5d,0x09,0xa0,0x55,0x02,0xa5,0x3a,0x25,
0x23,0xd0,0x92,0xc3,0xa3,0xe3,0x0e,0x12,0x2f,0x4d,
0xef,0xf3,0x55,0x5a,0xbe,0xe6,0x19,0x86,0x31,0xab,
0x75,0x9a,0xd3,0xf0,0x2c,0xc5,0x41,0x92,0xd9,0x1f,
0x5f,0x11,0x8c,0x75,0x1c,0x63,0xd0,0x02,0x80,0x2c,
0x68,0xcb,0x93,0xfb,0x51,0x73,0x49,0xb4,0x60,0xda,
0xe2,0x26,0xaf,0xa9,0x46,0x12,0xb8,0xec,0x50,0xdd,
0x12,0x06,0x5f,0xce,0x59,0xe6,0xf6,0x1c,0xe0,0x54,
0x10,0xad,0xf6,0xcd,0x98,0xcc,0x0f,0xfb,0xcb,0x41,
0x14,0x9d,0xed,0xe4,0xb4,0x74,0x5f,0x09,0x60,0xc7,
0x12,0xf6,0x7b,0x3c,0x8f,0xa7,0x20,0xbc,0xe4,0xb1,
0xef,0xeb,0xa4,0x93,0xc5,0x06,0xca,0x9a,0x27,0x9d,
0x87,0xf3,0xde,0xca,0xe5,0xe7,0xf6,0x1c,0x01,0x65,
0x5b,0xfb,0x19,0x79,0x6e,0x08,0x26,0xc5,0xc8,0x28,
0x0e,0xb6,0x3b,0x07,0x08,0xc1,0x02,0x82,0x01,0x01,
0x00,0xe8,0x1c,0x73,0xa6,0xb8,0xe0,0x0e,0x6d,0x8d,
0x1b,0xb9,0x53,0xed,0x58,0x94,0xe6,0x1d,0x60,0x14,
0x5c,0x76,0x43,0xc4,0x58,0x19,0xc4,0x24,0xe8,0xbc,
0x1b,0x3b,0x0b,0x13,0x24,0x45,0x54,0x0e,0xcc,0x37,
0xf0,0xe0,0x63,0x7d,0xc3,0xf7,0xfb,0x81,0x74,0x81,
0xc4,0x0f,0x1a,0x21,0x48,0xaf,0xce,0xc1,0xc4,0x94,
0x18,0x06,0x44,0x8d,0xd3,0xd2,0x22,0x2d,0x2d,0x3e,
0x5a,0x31,0xdc,0x95,0x8e,0xf4,0x41,0xfc,0x58,0xc9,
0x40,0x92,0x17,0x5f,0xe3,0xda,0xac,0x9e,0x3f,0x1c,
0x2a,0x6b,0x58,0x5f,0x48,0x78,0x20,0xb1,0xaf,0x24,
0x9b,0x3c,0x20,0x8b,0x93,0x25,0x9e,0xe6,0x6b,0xbc,
0x13,0x42,0x14,0x6c,0x36,0x31,0xff,0x7a,0xd1,0xc1,
0x1a,0x26,0x14,0x7f,0xa9,0x76,0xa7,0x0c,0xf8,0xcc,
0xed,0x07,0x6a,0xd2,0xdf,0x62,0xee,0x0a,0x7c,0x84,
0xcb,0x49,0x90,0xb2,0x03,0x0d,0xa2,0x82,0x06,0x77,
0xf1,0xcd,0x67,0xf2,0x47,0x21,0x02,0x3f,0x43,0x21,
0xf0,0x46,0x30,0x62,0x51,0x72,0xb1,0xe7,0x48,0xc6,
0x67,0x12,0xcd,0x9e,0xd6,0x15,0xe5,0x21,0xed,0xfa,
0x8f,0x30,0xa6,0x41,0xfe,0xb6,0xfa,0x8f,0x34,0x14,
0x19,0xe8,0x11,0xf7,0xa5,0x77,0x3e,0xb7,0xf9,0x39,
0x07,0x8c,0x67,0x2a,0xab,0x7b,0x08,0xf8,0xb0,0x06,
0xa8,0xea,0x2f,0x8f,0xfa,0xcc,0xcc,0x40,0xce,0xf3,
0x70,0x4f,0x3f,0x7f,0xe2,0x0c,0xea,0x76,0x4a,0x35,
0x4e,0x47,0xad,0x2b,0xa7,0x97,0x5d,0x74,0x43,0x97,
0x90,0xd2,0xfb,0xd9,0xf9,0x96,0x01,0x33,0x05,0xed,
0x7b,0x03,0x05,0xad,0xf8,0x49,0x03,0x02,0x82,0x01,
0x01,0x00,0xd4,0x40,0x17,0x66,0x10,0x92,0x95,0xc8,
0xec,0x62,0xa9,0x7a,0xcb,0x93,0x8e,0xe6,0x53,0xd4,
0x80,0x48,0x27,0x4b,0x41,0xce,0x61,0xdf,0xbf,0x94,
0xa4,0x3d,0x71,0x03,0x0b,0xed,0x25,0x71,0x98,0xa4,
0xd6,0xd5,0x4a,0x57,0xf5,0x6c,0x1b,0xda,0x21,0x7d,
0x35,0x45,0xb3,0xf3,0x6a,0xd9,0xd3,0x43,0xe8,0x5c,
0x54,0x1c,0x83,0x1b,0xb4,0x5f,0xf2,0x97,0x24,0x2e,
0xdc,0x40,0xde,0x92,0x23,0x59,0x8e,0xbc,0xd2,0xa1,
0xf2,0xe0,0x4c,0xdd,0x0b,0xd1,0xe7,0xae,0x65,0xbc,
0xb5,0xf5,0x5b,0x98,0xe9,0xd7,0xc2,0xb7,0x0e,0x55,
0x71,0x0e,0x3c,0x0a,0x24,0x6b,0xa6,0xe6,0x14,0x61,
0x11,0xfd,0x33,0x42,0x99,0x2b,0x84,0x77,0x74,0x92,
0x91,0xf5,0x79,0x79,0xcf,0xad,0x8e,0x04,0xef,0x80,
0x1e,0x57,0xf4,0x14,0xf5,0x35,0x09,0x74,0xb2,0x13,
0x71,0x58,0x6b,0xea,0x32,0x5d,0xf3,0xd3,0x76,0x48,
0x39,0x10,0x23,0x84,0x9d,0xbe,0x92,0x77,0x4a,0xed,
0x70,0x3e,0x1a,0xa2,0x6c,0xb3,0x81,0x00,0xc3,0xc9,
0xe4,0x52,0xc8,0x24,0x88,0x0c,0x41,0xad,0x87,0x5a,
0xea,0xa3,0x7a,0x85,0x1c,0x5e,0x31,0x7f,0xc3,0x35,
0xc6,0xfa,0x10,0xc8,0x75,0x10,0xc4,0x96,0x99,0xe7,
0xfe,0x01,0xb4,0x74,0xdb,0xb4,0x11,0xc3,0xc8,0x8c,
0xf6,0xf7,0x3b,0x66,0x50,0xfc,0xdb,0xeb,0xca,0x47,
0x85,0x89,0xe1,0x65,0xd9,0x62,0x34,0x3c,0x70,0xd8,
0x2e,0xb4,0x2f,0x65,0x3c,0x4a,0xa6,0x2a,0xe7,0xc7,
0xd8,0x41,0x8f,0x8a,0x43,0xbf,0x42,0xf2,0x4d,0xbc,
0xfc,0x9e,0x27,0x95,0xfb,0x75,0xff,0xab,0x02,0x82,
0x01,0x00,0x41,0x2f,0x44,0x57,0x6d,0x12,0x17,0x5b,
0x32,0xc6,0xb7,0x6c,0x57,0x7a,0x8a,0x0e,0x79,0xef,
0x72,0xa8,0x68,0xda,0x2d,0x38,0xe4,0xbb,0x8d,0xf6,
0x02,0x65,0xcf,0x56,0x13,0xe1,0x1a,0xcb,0x39,0x80,
0xa6,0xb1,0x32,0x03,0x1e,0xdd,0xbb,0x35,0xd9,0xac,
0x43,0x89,0x31,0x08,0x90,0x92,0x5e,0x35,0x3d,0x7b,
0x9c,0x6f,0x86,0xcb,0x17,0xdd,0x85,0xe4,0xed,0x35,
0x08,0x8e,0xc1,0xf4,0x05,0xd8,0x68,0xc6,0x63,0x3c,
0xf7,0xff,0xf7,0x47,0x33,0x39,0xc5,0x3e,0xb7,0x0e,
0x58,0x35,0x9d,0x81,0xea,0xf8,0x6a,0x2c,0x1c,0x5a,
0x68,0x78,0x64,0x11,0x6b,0xc1,0x3e,0x4e,0x7a,0xbd,
0x84,0xcb,0x0f,0xc2,0xb6,0x85,0x1d,0xd3,0x76,0xc5,
0x93,0x6a,0x69,0x89,0x56,0x34,0xdc,0x4a,0x9b,0xbc,
0xff,0xa8,0x0d,0x6e,0x35,0x9c,0x60,0xa7,0x23,0x30,
0xc7,0x06,0x64,0x39,0x8b,0x94,0x89,0xee,0xba,0x7f,
0x60,0x8d,0xfa,0xb6,0x97,0x76,0xdc,0x51,0x4a,0x3c,
0xeb,0x3a,0x14,0x2c,0x20,0x60,0x69,0x4a,0x86,0xfe,
0x8c,0x21,0x84,0x49,0x54,0xb3,0x20,0xe1,0x01,0x7f,
0x58,0xdf,0x7f,0xb5,0x21,0x51,0x8c,0x47,0x9f,0x91,
0xeb,0x97,0x3e,0xf2,0x54,0xcf,0x16,0x46,0xf9,0xd9,
0xb6,0xe7,0x64,0xc9,0xd0,0x54,0xea,0x2f,0xa1,0xcf,
0xa5,0x7f,0x28,0x8d,0x84,0xec,0xd5,0x39,0x03,0x76,
0x5b,0x2d,0x8e,0x43,0xf2,0x01,0x24,0xc9,0x6f,0xc0,
0xf5,0x69,0x6f,0x7d,0xb5,0x85,0xd2,0x5f,0x7f,0x78,
0x40,0x07,0x7f,0x09,0x15,0xb5,0x1f,0x28,0x65,0x10,
0xe4,0x19,0xa8,0xc6,0x9e,0x8d,0xdc,0xcb,0x02,0x82,
0x01,0x00,0x13,0x01,0xee,0x56,0x80,0x93,0x70,0x00,
0x7f,0x52,0xd2,0x94,0xa1,0x98,0x84,0x4a,0x92,0x25,
0x4c,0x9b,0xa9,0x91,0x2e,0xc2,0x79,0xb7,0x5c,0xe3,
0xc5,0xd5,0x8e,0xc2,0x54,0x16,0x17,0xad,0x55,0x9b,
0x25,0x76,0x12,0x63,0x50,0x22,0x2f,0x58,0x58,0x79,
0x6b,0x04,0xe3,0xf9,0x9f,0x8f,0x04,0x41,0x67,0x94,
0xa5,0x1f,0xac,0x8a,0x15,0x9c,0x26,0x10,0x6c,0xf8,
0x19,0x57,0x61,0xd7,0x3a,0x7d,0x31,0xb0,0x2d,0x38,
0xbd,0x94,0x62,0xad,0xc4,0xfa,0x36,0x42,0x42,0xf0,
0x24,0x67,0x65,0x9d,0x8b,0x0b,0x7c,0x6f,0x82,0x44,
0x1a,0x8c,0xc8,0xc9,0xab,0xbb,0x4c,0x45,0xfc,0x7b,
0x38,0xee,0x30,0xe1,0xfc,0xef,0x8d,0xbc,0x58,0xdf,
0x2b,0x5d,0x0d,0x54,0xe0,0x49,0x4d,0x97,0x99,0x8f,
0x22,0xa8,0x83,0xbe,0x40,0xbb,0x50,0x2e,0x78,0x28,
0x0f,0x95,0x78,0x8c,0x8f,0x98,0x24,0x56,0xc2,0x97,
0xf3,0x2c,0x43,0xd2,0x03,0x82,0x66,0x81,0x72,0x5f,
0x53,0x16,0xec,0xb1,0xb1,0x04,0x5e,0x40,0x20,0x48,
0x7b,0x3f,0x02,0x97,0x6a,0xeb,0x96,0x12,0x21,0x35,
0xfe,0x1f,0x47,0xc0,0x95,0xea,0xc5,0x8a,0x08,0x84,
0x4f,0x5e,0x63,0x94,0x60,0x0f,0x71,0x5b,0x7f,0x4a,
0xec,0x4f,0x60,0xc6,0xba,0x4a,0x24,0xf1,0x20,0x8b,
0xa7,0x2e,0x3a,0xce,0x8d,0xe0,0x27,0x1d,0xb5,0x8e,
0xb4,0x21,0xc5,0xe2,0xa6,0x16,0x0a,0x51,0x83,0x55,
0x88,0xd1,0x30,0x11,0x63,0xd5,0xd7,0x8d,0xae,0x16,
0x12,0x82,0xc4,0x85,0x00,0x4e,0x27,0x83,0xa5,0x7c,
0x90,0x2e,0xe5,0xa2,0xa3,0xd3,0x4c,0x63,0x02,0x82,
0x01,0x01,0x00,0x86,0x08,0x98,0x98,0xa5,0x00,0x05,
0x39,0x77,0xd9,0x66,0xb3,0xcf,0xca,0xa0,0x71,0xb3,
0x50,0xce,0x3d,0xb1,0x93,0x95,0x35,0xc4,0xd4,0x2e,
0x90,0xdf,0x0f,0xfc,0x60,0xc1,0x94,0x68,0x61,0x43,
0xca,0x9a,0x23,0x4a,0x1e,0x45,0x72,0x99,0xb5,0x1e,
0x61,0x8d,0x77,0x0f,0xa0,0xbb,0xd7,0x77,0xb4,0x2a,
0x15,0x11,0x88,0x2d,0xb3,0x56,0x61,0x5e,0x6a,0xed,
0xa4,0x46,0x4a,0x3f,0x50,0x11,0xd6,0xba,0xb6,0xd7,
0x95,0x65,0x53,0xc3,0xa1,0x8f,0xe0,0xa3,0xf5,0x1c,
0xfd,0xaf,0x6e,0x43,0xd7,0x17,0xa7,0xd3,0x81,0x1b,
0xa4,0xdf,0xe0,0x97,0x8a,0x46,0x03,0xd3,0x46,0x0e,
0x83,0x48,0x4e,0xd2,0x02,0xcb,0xc0,0xad,0x79,0x95,
0x8c,0x96,0xba,0x40,0x34,0x11,0x71,0x5e,0xe9,0x11,
0xf9,0xc5,0x4a,0x5e,0x91,0x9d,0xf5,0x92,0x4f,0xeb,
0xc6,0x70,0x02,0x2d,0x3d,0x04,0xaa,0xe9,0x3a,0x8e,
0xd5,0xa8,0xad,0xf7,0xce,0x0d,0x16,0xb2,0xec,0x0a,
0x9c,0xf5,0x94,0x39,0xb9,0x8a,0xfc,0x1e,0xf9,0xcc,
0xf2,0x5f,0x21,0x31,0x74,0x72,0x6b,0x64,0xae,0x35,
0x61,0x8d,0x0d,0xcb,0xe7,0xda,0x39,0xca,0xf3,0x21,
0x66,0x0b,0x95,0xd7,0x0a,0x7c,0xca,0xa1,0xa9,0x5a,
0xe8,0xac,0xe0,0x71,0x54,0xaf,0x28,0xcf,0xd5,0x70,
0x89,0xe0,0xf3,0x9e,0x43,0x6c,0x8d,0x7b,0x99,0x01,
0x68,0x4d,0xa1,0x45,0x46,0x0c,0x43,0xbc,0xcc,0x2c,
0xdd,0xc5,0x46,0xc8,0x4e,0x0e,0xbe,0xed,0xb9,0x26,
0xab,0x2e,0xdb,0xeb,0x8f,0xff,0xdb,0xb0,0xc6,0x55,
0xaf,0xf8,0x2a,0x91,0x9d,0x50,0x44,0x21,0x17,
};
static unsigned char test4096[] = {
0x30, 0x82, 0x09, 0x29, 0x02, 0x01, 0x00, 0x02, 0x82, 0x02,
0x01, 0x00, 0xc0, 0x71, 0xac, 0x1a, 0x13, 0x88, 0x82, 0x43,
0x3b, 0x51, 0x57, 0x71, 0x8d, 0xb6, 0x2b, 0x82, 0x65, 0x21,
0x53, 0x5f, 0x28, 0x29, 0x4f, 0x8d, 0x7c, 0x8a, 0xb9, 0x44,
0xb3, 0x28, 0x41, 0x4f, 0xd3, 0xfa, 0x6a, 0xf8, 0xb9, 0x28,
0x50, 0x39, 0x67, 0x53, 0x2c, 0x3c, 0xd7, 0xcb, 0x96, 0x41,
0x40, 0x32, 0xbb, 0xeb, 0x70, 0xae, 0x1f, 0xb0, 0x65, 0xf7,
0x3a, 0xd9, 0x22, 0xfd, 0x10, 0xae, 0xbd, 0x02, 0xe2, 0xdd,
0xf3, 0xc2, 0x79, 0x3c, 0xc6, 0xfc, 0x75, 0xbb, 0xaf, 0x4e,
0x3a, 0x36, 0xc2, 0x4f, 0xea, 0x25, 0xdf, 0x13, 0x16, 0x4b,
0x20, 0xfe, 0x4b, 0x69, 0x16, 0xc4, 0x7f, 0x1a, 0x43, 0xa6,
0x17, 0x1b, 0xb9, 0x0a, 0xf3, 0x09, 0x86, 0x28, 0x89, 0xcf,
0x2c, 0xd0, 0xd4, 0x81, 0xaf, 0xc6, 0x6d, 0xe6, 0x21, 0x8d,
0xee, 0xef, 0xea, 0xdc, 0xb7, 0xc6, 0x3b, 0x63, 0x9f, 0x0e,
0xad, 0x89, 0x78, 0x23, 0x18, 0xbf, 0x70, 0x7e, 0x84, 0xe0,
0x37, 0xec, 0xdb, 0x8e, 0x9c, 0x3e, 0x6a, 0x19, 0xcc, 0x99,
0x72, 0xe6, 0xb5, 0x7d, 0x6d, 0xfa, 0xe5, 0xd3, 0xe4, 0x90,
0xb5, 0xb2, 0xb2, 0x12, 0x70, 0x4e, 0xca, 0xf8, 0x10, 0xf8,
0xa3, 0x14, 0xc2, 0x48, 0x19, 0xeb, 0x60, 0x99, 0xbb, 0x2a,
0x1f, 0xb1, 0x7a, 0xb1, 0x3d, 0x24, 0xfb, 0xa0, 0x29, 0xda,
0xbd, 0x1b, 0xd7, 0xa4, 0xbf, 0xef, 0x60, 0x2d, 0x22, 0xca,
0x65, 0x98, 0xf1, 0xc4, 0xe1, 0xc9, 0x02, 0x6b, 0x16, 0x28,
0x2f, 0xa1, 0xaa, 0x79, 0x00, 0xda, 0xdc, 0x7c, 0x43, 0xf7,
0x42, 0x3c, 0xa0, 0xef, 0x68, 0xf7, 0xdf, 0xb9, 0x69, 0xfb,
0x8e, 0x01, 0xed, 0x01, 0x42, 0xb5, 0x4e, 0x57, 0xa6, 0x26,
0xb8, 0xd0, 0x7b, 0x56, 0x6d, 0x03, 0xc6, 0x40, 0x8c, 0x8c,
0x2a, 0x55, 0xd7, 0x9c, 0x35, 0x00, 0x94, 0x93, 0xec, 0x03,
0xeb, 0x22, 0xef, 0x77, 0xbb, 0x79, 0x13, 0x3f, 0x15, 0xa1,
0x8f, 0xca, 0xdf, 0xfd, 0xd3, 0xb8, 0xe1, 0xd4, 0xcc, 0x09,
0x3f, 0x3c, 0x2c, 0xdb, 0xd1, 0x49, 0x7f, 0x38, 0x07, 0x83,
0x6d, 0xeb, 0x08, 0x66, 0xe9, 0x06, 0x44, 0x12, 0xac, 0x95,
0x22, 0x90, 0x23, 0x67, 0xd4, 0x08, 0xcc, 0xf4, 0xb7, 0xdc,
0xcc, 0x87, 0xd4, 0xac, 0x69, 0x35, 0x4c, 0xb5, 0x39, 0x36,
0xcd, 0xa4, 0xd2, 0x95, 0xca, 0x0d, 0xc5, 0xda, 0xc2, 0xc5,
0x22, 0x32, 0x28, 0x08, 0xe3, 0xd2, 0x8b, 0x38, 0x30, 0xdc,
0x8c, 0x75, 0x4f, 0x6a, 0xec, 0x7a, 0xac, 0x16, 0x3e, 0xa8,
0xd4, 0x6a, 0x45, 0xe1, 0xa8, 0x4f, 0x2e, 0x80, 0x34, 0xaa,
0x54, 0x1b, 0x02, 0x95, 0x7d, 0x8a, 0x6d, 0xcc, 0x79, 0xca,
0xf2, 0xa4, 0x2e, 0x8d, 0xfb, 0xfe, 0x15, 0x51, 0x10, 0x0e,
0x4d, 0x88, 0xb1, 0xc7, 0xf4, 0x79, 0xdb, 0xf0, 0xb4, 0x56,
0x44, 0x37, 0xca, 0x5a, 0xc1, 0x8c, 0x48, 0xac, 0xae, 0x48,
0x80, 0x83, 0x01, 0x3f, 0xde, 0xd9, 0xd3, 0x2c, 0x51, 0x46,
0xb1, 0x41, 0xb6, 0xc6, 0x91, 0x72, 0xf9, 0x83, 0x55, 0x1b,
0x8c, 0xba, 0xf3, 0x73, 0xe5, 0x2c, 0x74, 0x50, 0x3a, 0xbe,
0xc5, 0x2f, 0xa7, 0xb2, 0x6d, 0x8c, 0x9e, 0x13, 0x77, 0xa3,
0x13, 0xcd, 0x6d, 0x8c, 0x45, 0xe1, 0xfc, 0x0b, 0xb7, 0x69,
0xe9, 0x27, 0xbc, 0x65, 0xc3, 0xfa, 0x9b, 0xd0, 0xef, 0xfe,
0xe8, 0x1f, 0xb3, 0x5e, 0x34, 0xf4, 0x8c, 0xea, 0xfc, 0xd3,
0x81, 0xbf, 0x3d, 0x30, 0xb2, 0xb4, 0x01, 0xe8, 0x43, 0x0f,
0xba, 0x02, 0x23, 0x42, 0x76, 0x82, 0x31, 0x73, 0x91, 0xed,
0x07, 0x46, 0x61, 0x0d, 0x39, 0x83, 0x40, 0xce, 0x7a, 0xd4,
0xdb, 0x80, 0x2c, 0x1f, 0x0d, 0xd1, 0x34, 0xd4, 0x92, 0xe3,
0xd4, 0xf1, 0xc2, 0x01, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02,
0x82, 0x02, 0x01, 0x00, 0x97, 0x6c, 0xda, 0x6e, 0xea, 0x4f,
0xcf, 0xaf, 0xf7, 0x4c, 0xd9, 0xf1, 0x90, 0x00, 0x77, 0xdb,
0xf2, 0x97, 0x76, 0x72, 0xb9, 0xb7, 0x47, 0xd1, 0x9c, 0xdd,
0xcb, 0x4a, 0x33, 0x6e, 0xc9, 0x75, 0x76, 0xe6, 0xe4, 0xa5,
0x31, 0x8c, 0x77, 0x13, 0xb4, 0x29, 0xcd, 0xf5, 0x52, 0x17,
0xef, 0xf3, 0x08, 0x00, 0xe3, 0xbd, 0x2e, 0xbc, 0xd4, 0x52,
0x88, 0xe9, 0x30, 0x75, 0x0b, 0x02, 0xf5, 0xcd, 0x89, 0x0c,
0x6c, 0x57, 0x19, 0x27, 0x3d, 0x1e, 0x85, 0xb4, 0xc1, 0x2f,
0x1d, 0x92, 0x00, 0x5c, 0x76, 0x29, 0x4b, 0xa4, 0xe1, 0x12,
0xb3, 0xc8, 0x09, 0xfe, 0x0e, 0x78, 0x72, 0x61, 0xcb, 0x61,
0x6f, 0x39, 0x91, 0x95, 0x4e, 0xd5, 0x3e, 0xc7, 0x8f, 0xb8,
0xf6, 0x36, 0xfe, 0x9c, 0x93, 0x9a, 0x38, 0x25, 0x7a, 0xf4,
0x4a, 0x12, 0xd4, 0xa0, 0x13, 0xbd, 0xf9, 0x1d, 0x12, 0x3e,
0x21, 0x39, 0xfb, 0x72, 0xe0, 0x05, 0x3d, 0xc3, 0xe5, 0x50,
0xa8, 0x5d, 0x85, 0xa3, 0xea, 0x5f, 0x1c, 0xb2, 0x3f, 0xea,
0x6d, 0x03, 0x91, 0x55, 0xd8, 0x19, 0x0a, 0x21, 0x12, 0x16,
0xd9, 0x12, 0xc4, 0xe6, 0x07, 0x18, 0x5b, 0x26, 0xa4, 0xae,
0xed, 0x2b, 0xb7, 0xa6, 0xed, 0xf8, 0xad, 0xec, 0x77, 0xe6,
0x7f, 0x4f, 0x76, 0x00, 0xc0, 0xfa, 0x15, 0x92, 0xb4, 0x2c,
0x22, 0xc2, 0xeb, 0x6a, 0xad, 0x14, 0x05, 0xb2, 0xe5, 0x8a,
0x9e, 0x85, 0x83, 0xcc, 0x04, 0xf1, 0x56, 0x78, 0x44, 0x5e,
0xde, 0xe0, 0x60, 0x1a, 0x65, 0x79, 0x31, 0x23, 0x05, 0xbb,
0x01, 0xff, 0xdd, 0x2e, 0xb7, 0xb3, 0xaa, 0x74, 0xe0, 0xa5,
0x94, 0xaf, 0x4b, 0xde, 0x58, 0x0f, 0x55, 0xde, 0x33, 0xf6,
0xe3, 0xd6, 0x34, 0x36, 0x57, 0xd6, 0x79, 0x91, 0x2e, 0xbe,
0x3b, 0xd9, 0x4e, 0xb6, 0x9d, 0x21, 0x5c, 0xd3, 0x48, 0x14,
0x7f, 0x4a, 0xc4, 0x60, 0xa9, 0x29, 0xf8, 0x53, 0x7f, 0x88,
0x11, 0x2d, 0xb5, 0xc5, 0x2d, 0x6f, 0xee, 0x85, 0x0b, 0xf7,
0x8d, 0x9a, 0xbe, 0xb0, 0x42, 0xf2, 0x2e, 0x71, 0xaf, 0x19,
0x31, 0x6d, 0xec, 0xcd, 0x6f, 0x2b, 0x23, 0xdf, 0xb4, 0x40,
0xaf, 0x2c, 0x0a, 0xc3, 0x1b, 0x7d, 0x7d, 0x03, 0x1d, 0x4b,
0xf3, 0xb5, 0xe0, 0x85, 0xd8, 0xdf, 0x91, 0x6b, 0x0a, 0x69,
0xf7, 0xf2, 0x69, 0x66, 0x5b, 0xf1, 0xcf, 0x46, 0x7d, 0xe9,
0x70, 0xfa, 0x6d, 0x7e, 0x75, 0x4e, 0xa9, 0x77, 0xe6, 0x8c,
0x02, 0xf7, 0x14, 0x4d, 0xa5, 0x41, 0x8f, 0x3f, 0xc1, 0x62,
0x1e, 0x71, 0x5e, 0x38, 0xb4, 0xd6, 0xe6, 0xe1, 0x4b, 0xc2,
0x2c, 0x30, 0x83, 0x81, 0x6f, 0x49, 0x2e, 0x96, 0xe6, 0xc9,
0x9a, 0xf7, 0x5d, 0x09, 0xa0, 0x55, 0x02, 0xa5, 0x3a, 0x25,
0x23, 0xd0, 0x92, 0xc3, 0xa3, 0xe3, 0x0e, 0x12, 0x2f, 0x4d,
0xef, 0xf3, 0x55, 0x5a, 0xbe, 0xe6, 0x19, 0x86, 0x31, 0xab,
0x75, 0x9a, 0xd3, 0xf0, 0x2c, 0xc5, 0x41, 0x92, 0xd9, 0x1f,
0x5f, 0x11, 0x8c, 0x75, 0x1c, 0x63, 0xd0, 0x02, 0x80, 0x2c,
0x68, 0xcb, 0x93, 0xfb, 0x51, 0x73, 0x49, 0xb4, 0x60, 0xda,
0xe2, 0x26, 0xaf, 0xa9, 0x46, 0x12, 0xb8, 0xec, 0x50, 0xdd,
0x12, 0x06, 0x5f, 0xce, 0x59, 0xe6, 0xf6, 0x1c, 0xe0, 0x54,
0x10, 0xad, 0xf6, 0xcd, 0x98, 0xcc, 0x0f, 0xfb, 0xcb, 0x41,
0x14, 0x9d, 0xed, 0xe4, 0xb4, 0x74, 0x5f, 0x09, 0x60, 0xc7,
0x12, 0xf6, 0x7b, 0x3c, 0x8f, 0xa7, 0x20, 0xbc, 0xe4, 0xb1,
0xef, 0xeb, 0xa4, 0x93, 0xc5, 0x06, 0xca, 0x9a, 0x27, 0x9d,
0x87, 0xf3, 0xde, 0xca, 0xe5, 0xe7, 0xf6, 0x1c, 0x01, 0x65,
0x5b, 0xfb, 0x19, 0x79, 0x6e, 0x08, 0x26, 0xc5, 0xc8, 0x28,
0x0e, 0xb6, 0x3b, 0x07, 0x08, 0xc1, 0x02, 0x82, 0x01, 0x01,
0x00, 0xe8, 0x1c, 0x73, 0xa6, 0xb8, 0xe0, 0x0e, 0x6d, 0x8d,
0x1b, 0xb9, 0x53, 0xed, 0x58, 0x94, 0xe6, 0x1d, 0x60, 0x14,
0x5c, 0x76, 0x43, 0xc4, 0x58, 0x19, 0xc4, 0x24, 0xe8, 0xbc,
0x1b, 0x3b, 0x0b, 0x13, 0x24, 0x45, 0x54, 0x0e, 0xcc, 0x37,
0xf0, 0xe0, 0x63, 0x7d, 0xc3, 0xf7, 0xfb, 0x81, 0x74, 0x81,
0xc4, 0x0f, 0x1a, 0x21, 0x48, 0xaf, 0xce, 0xc1, 0xc4, 0x94,
0x18, 0x06, 0x44, 0x8d, 0xd3, 0xd2, 0x22, 0x2d, 0x2d, 0x3e,
0x5a, 0x31, 0xdc, 0x95, 0x8e, 0xf4, 0x41, 0xfc, 0x58, 0xc9,
0x40, 0x92, 0x17, 0x5f, 0xe3, 0xda, 0xac, 0x9e, 0x3f, 0x1c,
0x2a, 0x6b, 0x58, 0x5f, 0x48, 0x78, 0x20, 0xb1, 0xaf, 0x24,
0x9b, 0x3c, 0x20, 0x8b, 0x93, 0x25, 0x9e, 0xe6, 0x6b, 0xbc,
0x13, 0x42, 0x14, 0x6c, 0x36, 0x31, 0xff, 0x7a, 0xd1, 0xc1,
0x1a, 0x26, 0x14, 0x7f, 0xa9, 0x76, 0xa7, 0x0c, 0xf8, 0xcc,
0xed, 0x07, 0x6a, 0xd2, 0xdf, 0x62, 0xee, 0x0a, 0x7c, 0x84,
0xcb, 0x49, 0x90, 0xb2, 0x03, 0x0d, 0xa2, 0x82, 0x06, 0x77,
0xf1, 0xcd, 0x67, 0xf2, 0x47, 0x21, 0x02, 0x3f, 0x43, 0x21,
0xf0, 0x46, 0x30, 0x62, 0x51, 0x72, 0xb1, 0xe7, 0x48, 0xc6,
0x67, 0x12, 0xcd, 0x9e, 0xd6, 0x15, 0xe5, 0x21, 0xed, 0xfa,
0x8f, 0x30, 0xa6, 0x41, 0xfe, 0xb6, 0xfa, 0x8f, 0x34, 0x14,
0x19, 0xe8, 0x11, 0xf7, 0xa5, 0x77, 0x3e, 0xb7, 0xf9, 0x39,
0x07, 0x8c, 0x67, 0x2a, 0xab, 0x7b, 0x08, 0xf8, 0xb0, 0x06,
0xa8, 0xea, 0x2f, 0x8f, 0xfa, 0xcc, 0xcc, 0x40, 0xce, 0xf3,
0x70, 0x4f, 0x3f, 0x7f, 0xe2, 0x0c, 0xea, 0x76, 0x4a, 0x35,
0x4e, 0x47, 0xad, 0x2b, 0xa7, 0x97, 0x5d, 0x74, 0x43, 0x97,
0x90, 0xd2, 0xfb, 0xd9, 0xf9, 0x96, 0x01, 0x33, 0x05, 0xed,
0x7b, 0x03, 0x05, 0xad, 0xf8, 0x49, 0x03, 0x02, 0x82, 0x01,
0x01, 0x00, 0xd4, 0x40, 0x17, 0x66, 0x10, 0x92, 0x95, 0xc8,
0xec, 0x62, 0xa9, 0x7a, 0xcb, 0x93, 0x8e, 0xe6, 0x53, 0xd4,
0x80, 0x48, 0x27, 0x4b, 0x41, 0xce, 0x61, 0xdf, 0xbf, 0x94,
0xa4, 0x3d, 0x71, 0x03, 0x0b, 0xed, 0x25, 0x71, 0x98, 0xa4,
0xd6, 0xd5, 0x4a, 0x57, 0xf5, 0x6c, 0x1b, 0xda, 0x21, 0x7d,
0x35, 0x45, 0xb3, 0xf3, 0x6a, 0xd9, 0xd3, 0x43, 0xe8, 0x5c,
0x54, 0x1c, 0x83, 0x1b, 0xb4, 0x5f, 0xf2, 0x97, 0x24, 0x2e,
0xdc, 0x40, 0xde, 0x92, 0x23, 0x59, 0x8e, 0xbc, 0xd2, 0xa1,
0xf2, 0xe0, 0x4c, 0xdd, 0x0b, 0xd1, 0xe7, 0xae, 0x65, 0xbc,
0xb5, 0xf5, 0x5b, 0x98, 0xe9, 0xd7, 0xc2, 0xb7, 0x0e, 0x55,
0x71, 0x0e, 0x3c, 0x0a, 0x24, 0x6b, 0xa6, 0xe6, 0x14, 0x61,
0x11, 0xfd, 0x33, 0x42, 0x99, 0x2b, 0x84, 0x77, 0x74, 0x92,
0x91, 0xf5, 0x79, 0x79, 0xcf, 0xad, 0x8e, 0x04, 0xef, 0x80,
0x1e, 0x57, 0xf4, 0x14, 0xf5, 0x35, 0x09, 0x74, 0xb2, 0x13,
0x71, 0x58, 0x6b, 0xea, 0x32, 0x5d, 0xf3, 0xd3, 0x76, 0x48,
0x39, 0x10, 0x23, 0x84, 0x9d, 0xbe, 0x92, 0x77, 0x4a, 0xed,
0x70, 0x3e, 0x1a, 0xa2, 0x6c, 0xb3, 0x81, 0x00, 0xc3, 0xc9,
0xe4, 0x52, 0xc8, 0x24, 0x88, 0x0c, 0x41, 0xad, 0x87, 0x5a,
0xea, 0xa3, 0x7a, 0x85, 0x1c, 0x5e, 0x31, 0x7f, 0xc3, 0x35,
0xc6, 0xfa, 0x10, 0xc8, 0x75, 0x10, 0xc4, 0x96, 0x99, 0xe7,
0xfe, 0x01, 0xb4, 0x74, 0xdb, 0xb4, 0x11, 0xc3, 0xc8, 0x8c,
0xf6, 0xf7, 0x3b, 0x66, 0x50, 0xfc, 0xdb, 0xeb, 0xca, 0x47,
0x85, 0x89, 0xe1, 0x65, 0xd9, 0x62, 0x34, 0x3c, 0x70, 0xd8,
0x2e, 0xb4, 0x2f, 0x65, 0x3c, 0x4a, 0xa6, 0x2a, 0xe7, 0xc7,
0xd8, 0x41, 0x8f, 0x8a, 0x43, 0xbf, 0x42, 0xf2, 0x4d, 0xbc,
0xfc, 0x9e, 0x27, 0x95, 0xfb, 0x75, 0xff, 0xab, 0x02, 0x82,
0x01, 0x00, 0x41, 0x2f, 0x44, 0x57, 0x6d, 0x12, 0x17, 0x5b,
0x32, 0xc6, 0xb7, 0x6c, 0x57, 0x7a, 0x8a, 0x0e, 0x79, 0xef,
0x72, 0xa8, 0x68, 0xda, 0x2d, 0x38, 0xe4, 0xbb, 0x8d, 0xf6,
0x02, 0x65, 0xcf, 0x56, 0x13, 0xe1, 0x1a, 0xcb, 0x39, 0x80,
0xa6, 0xb1, 0x32, 0x03, 0x1e, 0xdd, 0xbb, 0x35, 0xd9, 0xac,
0x43, 0x89, 0x31, 0x08, 0x90, 0x92, 0x5e, 0x35, 0x3d, 0x7b,
0x9c, 0x6f, 0x86, 0xcb, 0x17, 0xdd, 0x85, 0xe4, 0xed, 0x35,
0x08, 0x8e, 0xc1, 0xf4, 0x05, 0xd8, 0x68, 0xc6, 0x63, 0x3c,
0xf7, 0xff, 0xf7, 0x47, 0x33, 0x39, 0xc5, 0x3e, 0xb7, 0x0e,
0x58, 0x35, 0x9d, 0x81, 0xea, 0xf8, 0x6a, 0x2c, 0x1c, 0x5a,
0x68, 0x78, 0x64, 0x11, 0x6b, 0xc1, 0x3e, 0x4e, 0x7a, 0xbd,
0x84, 0xcb, 0x0f, 0xc2, 0xb6, 0x85, 0x1d, 0xd3, 0x76, 0xc5,
0x93, 0x6a, 0x69, 0x89, 0x56, 0x34, 0xdc, 0x4a, 0x9b, 0xbc,
0xff, 0xa8, 0x0d, 0x6e, 0x35, 0x9c, 0x60, 0xa7, 0x23, 0x30,
0xc7, 0x06, 0x64, 0x39, 0x8b, 0x94, 0x89, 0xee, 0xba, 0x7f,
0x60, 0x8d, 0xfa, 0xb6, 0x97, 0x76, 0xdc, 0x51, 0x4a, 0x3c,
0xeb, 0x3a, 0x14, 0x2c, 0x20, 0x60, 0x69, 0x4a, 0x86, 0xfe,
0x8c, 0x21, 0x84, 0x49, 0x54, 0xb3, 0x20, 0xe1, 0x01, 0x7f,
0x58, 0xdf, 0x7f, 0xb5, 0x21, 0x51, 0x8c, 0x47, 0x9f, 0x91,
0xeb, 0x97, 0x3e, 0xf2, 0x54, 0xcf, 0x16, 0x46, 0xf9, 0xd9,
0xb6, 0xe7, 0x64, 0xc9, 0xd0, 0x54, 0xea, 0x2f, 0xa1, 0xcf,
0xa5, 0x7f, 0x28, 0x8d, 0x84, 0xec, 0xd5, 0x39, 0x03, 0x76,
0x5b, 0x2d, 0x8e, 0x43, 0xf2, 0x01, 0x24, 0xc9, 0x6f, 0xc0,
0xf5, 0x69, 0x6f, 0x7d, 0xb5, 0x85, 0xd2, 0x5f, 0x7f, 0x78,
0x40, 0x07, 0x7f, 0x09, 0x15, 0xb5, 0x1f, 0x28, 0x65, 0x10,
0xe4, 0x19, 0xa8, 0xc6, 0x9e, 0x8d, 0xdc, 0xcb, 0x02, 0x82,
0x01, 0x00, 0x13, 0x01, 0xee, 0x56, 0x80, 0x93, 0x70, 0x00,
0x7f, 0x52, 0xd2, 0x94, 0xa1, 0x98, 0x84, 0x4a, 0x92, 0x25,
0x4c, 0x9b, 0xa9, 0x91, 0x2e, 0xc2, 0x79, 0xb7, 0x5c, 0xe3,
0xc5, 0xd5, 0x8e, 0xc2, 0x54, 0x16, 0x17, 0xad, 0x55, 0x9b,
0x25, 0x76, 0x12, 0x63, 0x50, 0x22, 0x2f, 0x58, 0x58, 0x79,
0x6b, 0x04, 0xe3, 0xf9, 0x9f, 0x8f, 0x04, 0x41, 0x67, 0x94,
0xa5, 0x1f, 0xac, 0x8a, 0x15, 0x9c, 0x26, 0x10, 0x6c, 0xf8,
0x19, 0x57, 0x61, 0xd7, 0x3a, 0x7d, 0x31, 0xb0, 0x2d, 0x38,
0xbd, 0x94, 0x62, 0xad, 0xc4, 0xfa, 0x36, 0x42, 0x42, 0xf0,
0x24, 0x67, 0x65, 0x9d, 0x8b, 0x0b, 0x7c, 0x6f, 0x82, 0x44,
0x1a, 0x8c, 0xc8, 0xc9, 0xab, 0xbb, 0x4c, 0x45, 0xfc, 0x7b,
0x38, 0xee, 0x30, 0xe1, 0xfc, 0xef, 0x8d, 0xbc, 0x58, 0xdf,
0x2b, 0x5d, 0x0d, 0x54, 0xe0, 0x49, 0x4d, 0x97, 0x99, 0x8f,
0x22, 0xa8, 0x83, 0xbe, 0x40, 0xbb, 0x50, 0x2e, 0x78, 0x28,
0x0f, 0x95, 0x78, 0x8c, 0x8f, 0x98, 0x24, 0x56, 0xc2, 0x97,
0xf3, 0x2c, 0x43, 0xd2, 0x03, 0x82, 0x66, 0x81, 0x72, 0x5f,
0x53, 0x16, 0xec, 0xb1, 0xb1, 0x04, 0x5e, 0x40, 0x20, 0x48,
0x7b, 0x3f, 0x02, 0x97, 0x6a, 0xeb, 0x96, 0x12, 0x21, 0x35,
0xfe, 0x1f, 0x47, 0xc0, 0x95, 0xea, 0xc5, 0x8a, 0x08, 0x84,
0x4f, 0x5e, 0x63, 0x94, 0x60, 0x0f, 0x71, 0x5b, 0x7f, 0x4a,
0xec, 0x4f, 0x60, 0xc6, 0xba, 0x4a, 0x24, 0xf1, 0x20, 0x8b,
0xa7, 0x2e, 0x3a, 0xce, 0x8d, 0xe0, 0x27, 0x1d, 0xb5, 0x8e,
0xb4, 0x21, 0xc5, 0xe2, 0xa6, 0x16, 0x0a, 0x51, 0x83, 0x55,
0x88, 0xd1, 0x30, 0x11, 0x63, 0xd5, 0xd7, 0x8d, 0xae, 0x16,
0x12, 0x82, 0xc4, 0x85, 0x00, 0x4e, 0x27, 0x83, 0xa5, 0x7c,
0x90, 0x2e, 0xe5, 0xa2, 0xa3, 0xd3, 0x4c, 0x63, 0x02, 0x82,
0x01, 0x01, 0x00, 0x86, 0x08, 0x98, 0x98, 0xa5, 0x00, 0x05,
0x39, 0x77, 0xd9, 0x66, 0xb3, 0xcf, 0xca, 0xa0, 0x71, 0xb3,
0x50, 0xce, 0x3d, 0xb1, 0x93, 0x95, 0x35, 0xc4, 0xd4, 0x2e,
0x90, 0xdf, 0x0f, 0xfc, 0x60, 0xc1, 0x94, 0x68, 0x61, 0x43,
0xca, 0x9a, 0x23, 0x4a, 0x1e, 0x45, 0x72, 0x99, 0xb5, 0x1e,
0x61, 0x8d, 0x77, 0x0f, 0xa0, 0xbb, 0xd7, 0x77, 0xb4, 0x2a,
0x15, 0x11, 0x88, 0x2d, 0xb3, 0x56, 0x61, 0x5e, 0x6a, 0xed,
0xa4, 0x46, 0x4a, 0x3f, 0x50, 0x11, 0xd6, 0xba, 0xb6, 0xd7,
0x95, 0x65, 0x53, 0xc3, 0xa1, 0x8f, 0xe0, 0xa3, 0xf5, 0x1c,
0xfd, 0xaf, 0x6e, 0x43, 0xd7, 0x17, 0xa7, 0xd3, 0x81, 0x1b,
0xa4, 0xdf, 0xe0, 0x97, 0x8a, 0x46, 0x03, 0xd3, 0x46, 0x0e,
0x83, 0x48, 0x4e, 0xd2, 0x02, 0xcb, 0xc0, 0xad, 0x79, 0x95,
0x8c, 0x96, 0xba, 0x40, 0x34, 0x11, 0x71, 0x5e, 0xe9, 0x11,
0xf9, 0xc5, 0x4a, 0x5e, 0x91, 0x9d, 0xf5, 0x92, 0x4f, 0xeb,
0xc6, 0x70, 0x02, 0x2d, 0x3d, 0x04, 0xaa, 0xe9, 0x3a, 0x8e,
0xd5, 0xa8, 0xad, 0xf7, 0xce, 0x0d, 0x16, 0xb2, 0xec, 0x0a,
0x9c, 0xf5, 0x94, 0x39, 0xb9, 0x8a, 0xfc, 0x1e, 0xf9, 0xcc,
0xf2, 0x5f, 0x21, 0x31, 0x74, 0x72, 0x6b, 0x64, 0xae, 0x35,
0x61, 0x8d, 0x0d, 0xcb, 0xe7, 0xda, 0x39, 0xca, 0xf3, 0x21,
0x66, 0x0b, 0x95, 0xd7, 0x0a, 0x7c, 0xca, 0xa1, 0xa9, 0x5a,
0xe8, 0xac, 0xe0, 0x71, 0x54, 0xaf, 0x28, 0xcf, 0xd5, 0x70,
0x89, 0xe0, 0xf3, 0x9e, 0x43, 0x6c, 0x8d, 0x7b, 0x99, 0x01,
0x68, 0x4d, 0xa1, 0x45, 0x46, 0x0c, 0x43, 0xbc, 0xcc, 0x2c,
0xdd, 0xc5, 0x46, 0xc8, 0x4e, 0x0e, 0xbe, 0xed, 0xb9, 0x26,
0xab, 0x2e, 0xdb, 0xeb, 0x8f, 0xff, 0xdb, 0xb0, 0xc6, 0x55,
0xaf, 0xf8, 0x2a, 0x91, 0x9d, 0x50, 0x44, 0x21, 0x17,
};

6
apps/timeouts.h
View File

@ -58,10 +58,10 @@
*/
#ifndef INCLUDED_TIMEOUTS_H
#define INCLUDED_TIMEOUTS_H
# define INCLUDED_TIMEOUTS_H
/* numbers in us */
#define DGRAM_RCV_TIMEOUT 250000
#define DGRAM_SND_TIMEOUT 250000
# define DGRAM_RCV_TIMEOUT 250000
# define DGRAM_SND_TIMEOUT 250000
#endif /* ! INCLUDED_TIMEOUTS_H */

704
apps/ts.c
View File

File diff suppressed because it is too large Load Diff

238
apps/verify.c
View File

@ -73,100 +73,90 @@ static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx);
static int check(X509_STORE *ctx, char *file,
STACK_OF(X509) *uchain, STACK_OF(X509) *tchain,
STACK_OF(X509_CRL) *crls, ENGINE *e);
static int v_verbose=0, vflags = 0;
static int v_verbose = 0, vflags = 0;
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
{
ENGINE *e = NULL;
int i,ret=1, badarg = 0;
char *CApath=NULL,*CAfile=NULL;
int i, ret = 1, badarg = 0;
char *CApath = NULL, *CAfile = NULL;
char *untfile = NULL, *trustfile = NULL, *crlfile = NULL;
STACK_OF(X509) *untrusted = NULL, *trusted = NULL;
STACK_OF(X509_CRL) *crls = NULL;
X509_STORE *cert_ctx=NULL;
X509_LOOKUP *lookup=NULL;
X509_STORE *cert_ctx = NULL;
X509_LOOKUP *lookup = NULL;
X509_VERIFY_PARAM *vpm = NULL;
int crl_download = 0;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
char *engine = NULL;
#endif
cert_ctx=X509_STORE_new();
if (cert_ctx == NULL) goto end;
X509_STORE_set_verify_cb(cert_ctx,cb);
cert_ctx = X509_STORE_new();
if (cert_ctx == NULL)
goto end;
X509_STORE_set_verify_cb(cert_ctx, cb);
ERR_load_crypto_strings();
apps_startup();
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
if (!load_config(bio_err, NULL))
goto end;
argc--;
argv++;
for (;;)
{
if (argc >= 1)
{
if (strcmp(*argv,"-CApath") == 0)
{
if (argc-- < 1) goto end;
CApath= *(++argv);
}
else if (strcmp(*argv,"-CAfile") == 0)
{
if (argc-- < 1) goto end;
CAfile= *(++argv);
}
else if (args_verify(&argv, &argc, &badarg, bio_err,
&vpm))
{
for (;;) {
if (argc >= 1) {
if (strcmp(*argv, "-CApath") == 0) {
if (argc-- < 1)
goto end;
CApath = *(++argv);
} else if (strcmp(*argv, "-CAfile") == 0) {
if (argc-- < 1)
goto end;
CAfile = *(++argv);
} else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm)) {
if (badarg)
goto end;
continue;
}
else if (strcmp(*argv,"-untrusted") == 0)
{
if (argc-- < 1) goto end;
untfile= *(++argv);
}
else if (strcmp(*argv,"-trusted") == 0)
{
if (argc-- < 1) goto end;
trustfile= *(++argv);
}
else if (strcmp(*argv,"-CRLfile") == 0)
{
if (argc-- < 1) goto end;
crlfile= *(++argv);
}
else if (strcmp(*argv,"-crl_download") == 0)
} else if (strcmp(*argv, "-untrusted") == 0) {
if (argc-- < 1)
goto end;
untfile = *(++argv);
} else if (strcmp(*argv, "-trusted") == 0) {
if (argc-- < 1)
goto end;
trustfile = *(++argv);
} else if (strcmp(*argv, "-CRLfile") == 0) {
if (argc-- < 1)
goto end;
crlfile = *(++argv);
} else if (strcmp(*argv, "-crl_download") == 0)
crl_download = 1;
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto end;
engine= *(++argv);
else if (strcmp(*argv, "-engine") == 0) {
if (--argc < 1)
goto end;
engine = *(++argv);
}
#endif
else if (strcmp(*argv,"-help") == 0)
else if (strcmp(*argv, "-help") == 0)
goto end;
else if (strcmp(*argv,"-verbose") == 0)
v_verbose=1;
else if (strcmp(*argv, "-verbose") == 0)
v_verbose = 1;
else if (argv[0][0] == '-')
goto end;
else
break;
argc--;
argv++;
}
else
} else
break;
}
@ -177,51 +167,51 @@ int MAIN(int argc, char **argv)
if (vpm)
X509_STORE_set1_param(cert_ctx, vpm);
lookup=X509_STORE_add_lookup(cert_ctx,X509_LOOKUP_file());
if (lookup == NULL) abort();
lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_file());
if (lookup == NULL)
abort();
if (CAfile) {
i=X509_LOOKUP_load_file(lookup,CAfile,X509_FILETYPE_PEM);
if(!i) {
i = X509_LOOKUP_load_file(lookup, CAfile, X509_FILETYPE_PEM);
if (!i) {
BIO_printf(bio_err, "Error loading file %s\n", CAfile);
ERR_print_errors(bio_err);
goto end;
}
} else X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT);
} else
X509_LOOKUP_load_file(lookup, NULL, X509_FILETYPE_DEFAULT);
lookup=X509_STORE_add_lookup(cert_ctx,X509_LOOKUP_hash_dir());
if (lookup == NULL) abort();
lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_hash_dir());
if (lookup == NULL)
abort();
if (CApath) {
i=X509_LOOKUP_add_dir(lookup,CApath,X509_FILETYPE_PEM);
if(!i) {
i = X509_LOOKUP_add_dir(lookup, CApath, X509_FILETYPE_PEM);
if (!i) {
BIO_printf(bio_err, "Error loading directory %s\n", CApath);
ERR_print_errors(bio_err);
goto end;
}
} else X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);
} else
X509_LOOKUP_add_dir(lookup, NULL, X509_FILETYPE_DEFAULT);
ERR_clear_error();
if(untfile)
{
if (untfile) {
untrusted = load_certs(bio_err, untfile, FORMAT_PEM,
NULL, e, "untrusted certificates");
if(!untrusted)
if (!untrusted)
goto end;
}
if(trustfile)
{
if (trustfile) {
trusted = load_certs(bio_err, trustfile, FORMAT_PEM,
NULL, e, "trusted certificates");
if(!trusted)
if (!trusted)
goto end;
}
if(crlfile)
{
crls = load_crls(bio_err, crlfile, FORMAT_PEM,
NULL, e, "other CRLs");
if(!crls)
if (crlfile) {
crls = load_crls(bio_err, crlfile, FORMAT_PEM, NULL, e, "other CRLs");
if (!crls)
goto end;
}
@ -229,30 +219,27 @@ int MAIN(int argc, char **argv)
if (crl_download)
store_setup_crl_download(cert_ctx);
if (argc < 1)
{
if (argc < 1) {
if (1 != check(cert_ctx, NULL, untrusted, trusted, crls, e))
ret = -1;
}
else
{
for (i=0; i<argc; i++)
if (1 != check(cert_ctx,argv[i], untrusted, trusted, crls, e))
} else {
for (i = 0; i < argc; i++)
if (1 != check(cert_ctx, argv[i], untrusted, trusted, crls, e))
ret = -1;
}
end:
end:
if (ret == 1) {
BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check]");
BIO_printf(bio_err," [-attime timestamp]");
BIO_printf(bio_err,
"usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check]");
BIO_printf(bio_err, " [-attime timestamp]");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," [-engine e]");
BIO_printf(bio_err, " [-engine e]");
#endif
BIO_printf(bio_err," cert1 cert2 ...\n");
BIO_printf(bio_err, " cert1 cert2 ...\n");
BIO_printf(bio_err,"recognized usages:\n");
for(i = 0; i < X509_PURPOSE_get_count(); i++)
{
BIO_printf(bio_err, "recognized usages:\n");
for (i = 0; i < X509_PURPOSE_get_count(); i++) {
X509_PURPOSE *ptmp;
ptmp = X509_PURPOSE_get0(i);
BIO_printf(bio_err, "\t%-10s\t%s\n",
@ -260,69 +247,67 @@ end:
X509_PURPOSE_get0_name(ptmp));
}
}
if (vpm) X509_VERIFY_PARAM_free(vpm);
if (cert_ctx != NULL) X509_STORE_free(cert_ctx);
if (vpm)
X509_VERIFY_PARAM_free(vpm);
if (cert_ctx != NULL)
X509_STORE_free(cert_ctx);
sk_X509_pop_free(untrusted, X509_free);
sk_X509_pop_free(trusted, X509_free);
sk_X509_CRL_pop_free(crls, X509_CRL_free);
apps_shutdown();
OPENSSL_EXIT(ret < 0 ? 2 : ret);
}
}
static int check(X509_STORE *ctx, char *file,
STACK_OF(X509) *uchain, STACK_OF(X509) *tchain,
STACK_OF(X509_CRL) *crls, ENGINE *e)
{
X509 *x=NULL;
int i=0,ret=0;
{
X509 *x = NULL;
int i = 0, ret = 0;
X509_STORE_CTX *csc;
x = load_cert(bio_err, file, FORMAT_PEM, NULL, e, "certificate file");
if (x == NULL)
goto end;
fprintf(stdout,"%s: ",(file == NULL)?"stdin":file);
fprintf(stdout, "%s: ", (file == NULL) ? "stdin" : file);
csc = X509_STORE_CTX_new();
if (csc == NULL)
{
if (csc == NULL) {
ERR_print_errors(bio_err);
goto end;
}
X509_STORE_set_flags(ctx, vflags);
if(!X509_STORE_CTX_init(csc,ctx,x,uchain))
{
if (!X509_STORE_CTX_init(csc, ctx, x, uchain)) {
ERR_print_errors(bio_err);
goto end;
}
if(tchain) X509_STORE_CTX_trusted_stack(csc, tchain);
if (tchain)
X509_STORE_CTX_trusted_stack(csc, tchain);
if (crls)
X509_STORE_CTX_set0_crls(csc, crls);
i=X509_verify_cert(csc);
i = X509_verify_cert(csc);
X509_STORE_CTX_free(csc);
ret=0;
end:
if (i > 0)
{
fprintf(stdout,"OK\n");
ret=1;
}
else
ret = 0;
end:
if (i > 0) {
fprintf(stdout, "OK\n");
ret = 1;
} else
ERR_print_errors(bio_err);
if (x != NULL) X509_free(x);
if (x != NULL)
X509_free(x);
return(ret);
}
return (ret);
}
static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx)
{
{
int cert_error = X509_STORE_CTX_get_error(ctx);
X509 *current_cert = X509_STORE_CTX_get_current_cert(ctx);
if (!ok)
{
if (current_cert)
{
if (!ok) {
if (current_cert) {
X509_NAME_print_ex_fp(stdout,
X509_get_subject_name(current_cert),
0, XN_FLAG_ONELINE);
@ -333,15 +318,14 @@ static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx)
cert_error,
X509_STORE_CTX_get_error_depth(ctx),
X509_verify_cert_error_string(cert_error));
switch(cert_error)
{
switch (cert_error) {
case X509_V_ERR_NO_EXPLICIT_POLICY:
policies_print(NULL, ctx);
case X509_V_ERR_CERT_HAS_EXPIRED:
/* since we are just checking the certificates, it is
* ok if they are self signed. But we should still warn
* the user.
/*
* since we are just checking the certificates, it is ok if they
* are self signed. But we should still warn the user.
*/
case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
@ -364,5 +348,5 @@ static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx)
policies_print(NULL, ctx);
if (!v_verbose)
ERR_clear_error();
return(ok);
}
return (ok);
}

97
apps/version.c
View File

@ -138,80 +138,77 @@
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
int i,ret=0;
int cflags=0,version=0,date=0,options=0,platform=0,dir=0;
{
int i, ret = 0;
int cflags = 0, version = 0, date = 0, options = 0, platform = 0, dir = 0;
apps_startup();
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
if (argc == 1) version=1;
for (i=1; i<argc; i++)
{
if (strcmp(argv[i],"-v") == 0)
version=1;
else if (strcmp(argv[i],"-b") == 0)
date=1;
else if (strcmp(argv[i],"-f") == 0)
cflags=1;
else if (strcmp(argv[i],"-o") == 0)
options=1;
else if (strcmp(argv[i],"-p") == 0)
platform=1;
else if (strcmp(argv[i],"-d") == 0)
dir=1;
else if (strcmp(argv[i],"-a") == 0)
date=version=cflags=options=platform=dir=1;
else
{
BIO_printf(bio_err,"usage:version -[avbofpd]\n");
ret=1;
if (argc == 1)
version = 1;
for (i = 1; i < argc; i++) {
if (strcmp(argv[i], "-v") == 0)
version = 1;
else if (strcmp(argv[i], "-b") == 0)
date = 1;
else if (strcmp(argv[i], "-f") == 0)
cflags = 1;
else if (strcmp(argv[i], "-o") == 0)
options = 1;
else if (strcmp(argv[i], "-p") == 0)
platform = 1;
else if (strcmp(argv[i], "-d") == 0)
dir = 1;
else if (strcmp(argv[i], "-a") == 0)
date = version = cflags = options = platform = dir = 1;
else {
BIO_printf(bio_err, "usage:version -[avbofpd]\n");
ret = 1;
goto end;
}
}
if (version)
{
if (SSLeay() == SSLEAY_VERSION_NUMBER)
{
printf("%s\n",SSLeay_version(SSLEAY_VERSION));
}
else
{
if (version) {
if (SSLeay() == SSLEAY_VERSION_NUMBER) {
printf("%s\n", SSLeay_version(SSLEAY_VERSION));
} else {
printf("%s (Library: %s)\n",
OPENSSL_VERSION_TEXT,
SSLeay_version(SSLEAY_VERSION));
OPENSSL_VERSION_TEXT, SSLeay_version(SSLEAY_VERSION));
}
}
if (date) printf("%s\n",SSLeay_version(SSLEAY_BUILT_ON));
if (platform) printf("%s\n",SSLeay_version(SSLEAY_PLATFORM));
if (options)
{
if (date)
printf("%s\n", SSLeay_version(SSLEAY_BUILT_ON));
if (platform)
printf("%s\n", SSLeay_version(SSLEAY_PLATFORM));
if (options) {
printf("options: ");
printf("%s ",BN_options());
printf("%s ", BN_options());
#ifndef OPENSSL_NO_MD2
printf("%s ",MD2_options());
printf("%s ", MD2_options());
#endif
#ifndef OPENSSL_NO_RC4
printf("%s ",RC4_options());
printf("%s ", RC4_options());
#endif
#ifndef OPENSSL_NO_DES
printf("%s ",DES_options());
printf("%s ", DES_options());
#endif
#ifndef OPENSSL_NO_IDEA
printf("%s ",idea_options());
printf("%s ", idea_options());
#endif
#ifndef OPENSSL_NO_BF
printf("%s ",BF_options());
printf("%s ", BF_options());
#endif
printf("\n");
}
if (cflags) printf("%s\n",SSLeay_version(SSLEAY_CFLAGS));
if (dir) printf("%s\n",SSLeay_version(SSLEAY_DIR));
end:
if (cflags)
printf("%s\n", SSLeay_version(SSLEAY_CFLAGS));
if (dir)
printf("%s\n", SSLeay_version(SSLEAY_DIR));
end:
apps_shutdown();
OPENSSL_EXIT(ret);
}
}

144
apps/vms_decc_init.c Executable file → Normal file
View File

@ -18,10 +18,9 @@
*----------------------------------------------------------------------
*/
#include <stdio.h>
#include <stdlib.h>
#include <unixlib.h>
# include <stdio.h>
# include <stdlib.h>
# include <unixlib.h>
/* Global storage. */
@ -29,41 +28,38 @@
int decc_init_done = -1;
/* Structure to hold a DECC$* feature name and its desired value. */
typedef struct
{
typedef struct {
char *name;
int value;
} decc_feat_t;
/* Array of DECC$* feature names and their desired values.
* Note: DECC$ARGV_PARSE_STYLE is the urgent one.
/*
* Array of DECC$* feature names and their desired values. Note:
* DECC$ARGV_PARSE_STYLE is the urgent one.
*/
decc_feat_t decc_feat_array[] =
{
decc_feat_t decc_feat_array[] = {
/* Preserve command-line case with SET PROCESS/PARSE_STYLE=EXTENDED */
{ "DECC$ARGV_PARSE_STYLE", 1 },
{"DECC$ARGV_PARSE_STYLE", 1},
/* Preserve case for file names on ODS5 disks. */
{ "DECC$EFS_CASE_PRESERVE", 1 },
{"DECC$EFS_CASE_PRESERVE", 1},
/* Enable multiple dots (and most characters) in ODS5 file names,
* while preserving VMS-ness of ";version".
/*
* Enable multiple dots (and most characters) in ODS5 file names, while
* preserving VMS-ness of ";version".
*/
{ "DECC$EFS_CHARSET", 1 },
{"DECC$EFS_CHARSET", 1},
/* List terminator. */
{ (char *)NULL, 0 }
{(char *)NULL, 0}
};
/* LIB$INITIALIZE initialization function. */
static void decc_init( void)
static void decc_init(void)
{
char *openssl_debug_decc_init;
int verbose = 0;
@ -75,12 +71,10 @@ static void decc_init( void)
int sts;
/* Get debug option. */
openssl_debug_decc_init = getenv( "OPENSSL_DEBUG_DECC_INIT");
if (openssl_debug_decc_init != NULL)
{
verbose = strtol( openssl_debug_decc_init, NULL, 10);
if (verbose <= 0)
{
openssl_debug_decc_init = getenv("OPENSSL_DEBUG_DECC_INIT");
if (openssl_debug_decc_init != NULL) {
verbose = strtol(openssl_debug_decc_init, NULL, 10);
if (verbose <= 0) {
verbose = 1;
}
}
@ -90,99 +84,89 @@ static void decc_init( void)
/* Loop through all items in the decc_feat_array[]. */
for (i = 0; decc_feat_array[ i].name != NULL; i++)
{
for (i = 0; decc_feat_array[i].name != NULL; i++) {
/* Get the feature index. */
feat_index = decc$feature_get_index( decc_feat_array[ i].name);
if (feat_index >= 0)
{
feat_index = decc$feature_get_index(decc_feat_array[i].name);
if (feat_index >= 0) {
/* Valid item. Collect its properties. */
feat_value = decc$feature_get_value( feat_index, 1);
feat_value_min = decc$feature_get_value( feat_index, 2);
feat_value_max = decc$feature_get_value( feat_index, 3);
feat_value = decc$feature_get_value(feat_index, 1);
feat_value_min = decc$feature_get_value(feat_index, 2);
feat_value_max = decc$feature_get_value(feat_index, 3);
/* Check the validity of our desired value. */
if ((decc_feat_array[ i].value >= feat_value_min) &&
(decc_feat_array[ i].value <= feat_value_max))
{
if ((decc_feat_array[i].value >= feat_value_min) &&
(decc_feat_array[i].value <= feat_value_max)) {
/* Valid value. Set it if necessary. */
if (feat_value != decc_feat_array[ i].value)
{
sts = decc$feature_set_value( feat_index,
1,
decc_feat_array[ i].value);
if (feat_value != decc_feat_array[i].value) {
sts = decc$feature_set_value(feat_index,
1, decc_feat_array[i].value);
if (verbose > 1)
{
fprintf( stderr, " %s = %d, sts = %d.\n",
decc_feat_array[ i].name,
decc_feat_array[ i].value,
sts);
if (verbose > 1) {
fprintf(stderr, " %s = %d, sts = %d.\n",
decc_feat_array[i].name,
decc_feat_array[i].value, sts);
}
}
}
else
{
} else {
/* Invalid DECC feature value. */
fprintf( stderr,
fprintf(stderr,
" INVALID DECC$FEATURE VALUE, %d: %d <= %s <= %d.\n",
feat_value,
feat_value_min, decc_feat_array[ i].name, feat_value_max);
feat_value_min, decc_feat_array[i].name,
feat_value_max);
}
}
else
{
} else {
/* Invalid DECC feature name. */
fprintf( stderr,
" UNKNOWN DECC$FEATURE: %s.\n", decc_feat_array[ i].name);
fprintf(stderr,
" UNKNOWN DECC$FEATURE: %s.\n", decc_feat_array[i].name);
}
}
if (verbose > 0)
{
fprintf( stderr, " DECC_INIT complete.\n");
if (verbose > 0) {
fprintf(stderr, " DECC_INIT complete.\n");
}
}
/* Get "decc_init()" into a valid, loaded LIB$INITIALIZE PSECT. */
#pragma nostandard
# pragma nostandard
/* Establish the LIB$INITIALIZE PSECTs, with proper alignment and
* other attributes. Note that "nopic" is significant only on VAX.
/*
* Establish the LIB$INITIALIZE PSECTs, with proper alignment and other
* attributes. Note that "nopic" is significant only on VAX.
*/
#pragma extern_model save
# pragma extern_model save
#if __INITIAL_POINTER_SIZE == 64
# if __INITIAL_POINTER_SIZE == 64
# define PSECT_ALIGN 3
#else
# else
# define PSECT_ALIGN 2
#endif
# endif
#pragma extern_model strict_refdef "LIB$INITIALIZ" PSECT_ALIGN, nopic, nowrt
const int spare[ 8] = { 0 };
# pragma extern_model strict_refdef "LIB$INITIALIZ" PSECT_ALIGN, nopic, nowrt
const int spare[8] = { 0 };
#pragma extern_model strict_refdef "LIB$INITIALIZE" PSECT_ALIGN, nopic, nowrt
void (*const x_decc_init)() = decc_init;
# pragma extern_model strict_refdef "LIB$INITIALIZE" PSECT_ALIGN, nopic, nowrt
void (*const x_decc_init) () = decc_init;
#pragma extern_model restore
# pragma extern_model restore
/* Fake reference to ensure loading the LIB$INITIALIZE PSECT. */
#pragma extern_model save
# pragma extern_model save
int LIB$INITIALIZE( void);
int LIB$INITIALIZE(void);
#pragma extern_model strict_refdef
int dmy_lib$initialize = (int) LIB$INITIALIZE;
# pragma extern_model strict_refdef
int dmy_lib$initialize = (int)LIB$INITIALIZE;
#pragma extern_model restore
# pragma extern_model restore
#pragma standard
# pragma standard
#else /* def USE_DECC_INIT */
/* Dummy code to avoid a %CC-W-EMPTYFILE complaint. */
int decc_init_dummy( void);
int decc_init_dummy(void);
#endif /* def USE_DECC_INIT */

21
apps/winrand.c
View File

@ -69,7 +69,7 @@ const char *filename;
int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance,
PSTR cmdline, int iCmdShow)
{
{
static char appname[] = "OpenSSL";
HWND hwnd;
MSG msg;
@ -99,30 +99,28 @@ int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance,
hwnd = CreateWindow(appname, OPENSSL_VERSION_TEXT,
WS_OVERLAPPEDWINDOW, CW_USEDEFAULT, CW_USEDEFAULT,
CW_USEDEFAULT, CW_USEDEFAULT, NULL, NULL, hInstance, NULL);
CW_USEDEFAULT, CW_USEDEFAULT, NULL, NULL, hInstance,
NULL);
ShowWindow(hwnd, iCmdShow);
UpdateWindow(hwnd);
while (GetMessage(&msg, NULL, 0, 0))
{
while (GetMessage(&msg, NULL, 0, 0)) {
TranslateMessage(&msg);
DispatchMessage(&msg);
}
return msg.wParam;
}
}
LRESULT CALLBACK WndProc(HWND hwnd, UINT iMsg, WPARAM wParam, LPARAM lParam)
{
{
HDC hdc;
PAINTSTRUCT ps;
RECT rect;
static int seeded = 0;
switch (iMsg)
{
switch (iMsg) {
case WM_PAINT:
hdc = BeginPaint(hwnd, &ps);
GetClientRect(hwnd, &rect);
@ -136,8 +134,7 @@ LRESULT CALLBACK WndProc(HWND hwnd, UINT iMsg, WPARAM wParam, LPARAM lParam)
return 0;
}
if (RAND_event(iMsg, wParam, lParam) == 1 && seeded == 0)
{
if (RAND_event(iMsg, wParam, lParam) == 1 && seeded == 0) {
seeded = 1;
if (RAND_write_file(filename) <= 0)
MessageBox(hwnd, "Couldn't write random file!",
@ -146,4 +143,4 @@ LRESULT CALLBACK WndProc(HWND hwnd, UINT iMsg, WPARAM wParam, LPARAM lParam)
}
return DefWindowProc(hwnd, iMsg, wParam, lParam);
}
}

1447
apps/x509.c
View File

File diff suppressed because it is too large Load Diff

28
bugs/alpha.c
View File

@ -56,9 +56,10 @@
* [including the GNU Public Licence.]
*/
/* while not exactly a bug (ASN1 C leaves this undefined) it is
* something to watch out for. This was fine on linux/NT/Solaris but not
* Alpha */
/*
* while not exactly a bug (ASN1 C leaves this undefined) it is something to
* watch out for. This was fine on linux/NT/Solaris but not Alpha
*/
/*-
* it is basically an example of
@ -70,23 +71,22 @@
#define TYPE unsigned int
void func(a,b)
void func(a, b)
TYPE *a;
TYPE b;
{
printf("%ld -1 == %ld\n",a[0],b);
}
{
printf("%ld -1 == %ld\n", a[0], b);
}
main()
{
TYPE data[5]={1L,2L,3L,4L,5L};
{
TYPE data[5] = { 1L, 2L, 3L, 4L, 5L };
TYPE *p;
int i;
p=data;
p = data;
for (i=0; i<4; i++)
{
func(p,*(p++));
}
for (i = 0; i < 4; i++) {
func(p, *(p++));
}
}

35
bugs/dggccbug.c
View File

@ -4,15 +4,15 @@
#include <stdio.h>
/* There is a bug in
* gcc version 2.5.8 (88open OCS/BCS, DG-2.5.8.3, Oct 14 1994)
* as shipped with DGUX 5.4R3.10 that can be bypassed by defining
* DG_GCC_BUG in my code.
* The bug manifests itself by the vaule of a pointer that is
* used only by reference, not having it's value change when it is used
* to check for exiting the loop. Probably caused by there being 2
* copies of the valiable, one in a register and one being an address
* that is passed. */
/*
* There is a bug in gcc version 2.5.8 (88open OCS/BCS, DG-2.5.8.3, Oct 14
* 1994) as shipped with DGUX 5.4R3.10 that can be bypassed by defining
* DG_GCC_BUG in my code. The bug manifests itself by the vaule of a pointer
* that is used only by reference, not having it's value change when it is
* used to check for exiting the loop. Probably caused by there being 2
* copies of the valiable, one in a register and one being an address that is
* passed.
*/
/*-
* compare the out put from
@ -24,23 +24,22 @@
void inc(a)
int *a;
{
{
(*a)++;
}
}
main()
{
int p=0;
{
int p = 0;
#ifdef FIXBUG
int dummy;
#endif
while (p<3)
{
fprintf(stderr,"%08X\n",p);
while (p < 3) {
fprintf(stderr, "%08X\n", p);
inc(&p);
#ifdef FIXBUG
dummy+=p;
dummy += p;
#endif
}
}
}

66
bugs/sgiccbug.c
View File

@ -4,11 +4,11 @@
#include <stdio.h>
/* This compiler bug it present on IRIX 5.3, 5.1 and 4.0.5 (these are
* the only versions of IRIX I have access to.
* defining FIXBUG removes the bug.
* (bug is still present in IRIX 6.3 according to
* Gage <agage@forgetmenot.Mines.EDU>
/*
* This compiler bug it present on IRIX 5.3, 5.1 and 4.0.5 (these are the
* only versions of IRIX I have access to. defining FIXBUG removes the bug.
* (bug is still present in IRIX 6.3 according to Gage
* <agage@forgetmenot.Mines.EDU>
*/
/*-
@ -18,41 +18,43 @@
* cc -O sgiccbug.c; ./a.out
*/
static unsigned long a[4]={0x01234567,0x89ABCDEF,0xFEDCBA98,0x76543210};
static unsigned long b[4]={0x89ABCDEF,0xFEDCBA98,0x76543210,0x01234567};
static unsigned long c[4]={0x77777778,0x8ACF1357,0x88888888,0x7530ECA9};
static unsigned long a[4] =
{ 0x01234567, 0x89ABCDEF, 0xFEDCBA98, 0x76543210 };
static unsigned long b[4] =
{ 0x89ABCDEF, 0xFEDCBA98, 0x76543210, 0x01234567 };
static unsigned long c[4] =
{ 0x77777778, 0x8ACF1357, 0x88888888, 0x7530ECA9 };
main()
{
{
unsigned long r[4];
sub(r,a,b);
fprintf(stderr,"input a= %08X %08X %08X %08X\n",a[3],a[2],a[1],a[0]);
fprintf(stderr,"input b= %08X %08X %08X %08X\n",b[3],b[2],b[1],b[0]);
fprintf(stderr,"output = %08X %08X %08X %08X\n",r[3],r[2],r[1],r[0]);
fprintf(stderr,"correct= %08X %08X %08X %08X\n",c[3],c[2],c[1],c[0]);
}
sub(r, a, b);
fprintf(stderr, "input a= %08X %08X %08X %08X\n", a[3], a[2], a[1], a[0]);
fprintf(stderr, "input b= %08X %08X %08X %08X\n", b[3], b[2], b[1], b[0]);
fprintf(stderr, "output = %08X %08X %08X %08X\n", r[3], r[2], r[1], r[0]);
fprintf(stderr, "correct= %08X %08X %08X %08X\n", c[3], c[2], c[1], c[0]);
}
int sub(r,a,b)
unsigned long *r,*a,*b;
{
register unsigned long t1,t2,*ap,*bp,*rp;
int i,carry;
int sub(r, a, b)
unsigned long *r, *a, *b;
{
register unsigned long t1, t2, *ap, *bp, *rp;
int i, carry;
#ifdef FIXBUG
unsigned long dummy;
#endif
ap=a;
bp=b;
rp=r;
carry=0;
for (i=0; i<4; i++)
{
t1= *(ap++);
t2= *(bp++);
t1=(t1-t2);
ap = a;
bp = b;
rp = r;
carry = 0;
for (i = 0; i < 4; i++) {
t1 = *(ap++);
t2 = *(bp++);
t1 = (t1 - t2);
#ifdef FIXBUG
dummy=t1;
dummy = t1;
#endif
*(rp++)=t1&0xffffffff;
}
*(rp++) = t1 & 0xffffffff;
}
}

91
bugs/stream.c
View File

@ -59,73 +59,74 @@
#include <stdio.h>
#include <openssl/rc4.h>
#ifdef OPENSSL_NO_DES
#include <des.h>
# include <des.h>
#else
#include <openssl/des.h>
# include <openssl/des.h>
#endif
/* show how stream ciphers are not very good. The mac has no affect
* on RC4 while it does for cfb DES
/*
* show how stream ciphers are not very good. The mac has no affect on RC4
* while it does for cfb DES
*/
main()
{
fprintf(stderr,"rc4\n");
{
fprintf(stderr, "rc4\n");
rc4();
fprintf(stderr,"cfb des\n");
fprintf(stderr, "cfb des\n");
des();
}
}
int des()
{
{
des_key_schedule ks;
des_cblock iv,key;
des_cblock iv, key;
int num;
static char *keystr="01234567";
static char *in1="0123456789ABCEDFdata 12345";
static char *in2="9876543210abcdefdata 12345";
static char *keystr = "01234567";
static char *in1 = "0123456789ABCEDFdata 12345";
static char *in2 = "9876543210abcdefdata 12345";
unsigned char out[100];
int i;
des_set_key((des_cblock *)keystr,ks);
des_set_key((des_cblock *)keystr, ks);
num=0;
memset(iv,0,8);
des_cfb64_encrypt(in1,out,26,ks,(des_cblock *)iv,&num,1);
for (i=0; i<26; i++)
fprintf(stderr,"%02X ",out[i]);
fprintf(stderr,"\n");
num = 0;
memset(iv, 0, 8);
des_cfb64_encrypt(in1, out, 26, ks, (des_cblock *)iv, &num, 1);
for (i = 0; i < 26; i++)
fprintf(stderr, "%02X ", out[i]);
fprintf(stderr, "\n");
num=0;
memset(iv,0,8);
des_cfb64_encrypt(in2,out,26,ks,(des_cblock *)iv,&num,1);
for (i=0; i<26; i++)
fprintf(stderr,"%02X ",out[i]);
fprintf(stderr,"\n");
}
num = 0;
memset(iv, 0, 8);
des_cfb64_encrypt(in2, out, 26, ks, (des_cblock *)iv, &num, 1);
for (i = 0; i < 26; i++)
fprintf(stderr, "%02X ", out[i]);
fprintf(stderr, "\n");
}
int rc4()
{
static char *keystr="0123456789abcdef";
{
static char *keystr = "0123456789abcdef";
RC4_KEY key;
unsigned char in[100],out[100];
unsigned char in[100], out[100];
int i;
RC4_set_key(&key,16,keystr);
in[0]='\0';
strcpy(in,"0123456789ABCEDFdata 12345");
RC4(key,26,in,out);
RC4_set_key(&key, 16, keystr);
in[0] = '\0';
strcpy(in, "0123456789ABCEDFdata 12345");
RC4(key, 26, in, out);
for (i=0; i<26; i++)
fprintf(stderr,"%02X ",out[i]);
fprintf(stderr,"\n");
for (i = 0; i < 26; i++)
fprintf(stderr, "%02X ", out[i]);
fprintf(stderr, "\n");
RC4_set_key(&key,16,keystr);
in[0]='\0';
strcpy(in,"9876543210abcdefdata 12345");
RC4(key,26,in,out);
RC4_set_key(&key, 16, keystr);
in[0] = '\0';
strcpy(in, "9876543210abcdefdata 12345");
RC4(key, 26, in, out);
for (i=0; i<26; i++)
fprintf(stderr,"%02X ",out[i]);
fprintf(stderr,"\n");
}
for (i = 0; i < 26; i++)
fprintf(stderr, "%02X ", out[i]);
fprintf(stderr, "\n");
}

12
bugs/ultrixcc.c
View File

@ -13,16 +13,15 @@
*/
main()
{
{
f(5);
f(0);
}
}
int f(a)
int a;
{
switch(a&7)
{
{
switch (a & 7) {
case 7:
printf("7\n");
case 6:
@ -42,5 +41,4 @@ int a;
;
#endif
}
}
}

19
crypto/LPdir_nyi.c
View File

@ -1,4 +1,6 @@
/* $LP: LPlib/source/LPdir_win.c,v 1.1 2004/06/14 10:07:56 _cvs_levitte Exp $ */
/*
* $LP: LPlib/source/LPdir_win.c,v 1.1 2004/06/14 10:07:56 _cvs_levitte Exp $
*/
/*
* Copyright (c) 2004, Richard Levitte <richard@levitte.org>
* All rights reserved.
@ -26,17 +28,20 @@
*/
#ifndef LPDIR_H
#include "LPdir.h"
# include "LPdir.h"
#endif
struct LP_dir_context_st { void *dummy; };
struct LP_dir_context_st {
void *dummy;
};
const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
{
{
errno = EINVAL;
return 0;
}
}
int LP_find_file_end(LP_DIR_CTX **ctx)
{
{
errno = EINVAL;
return 0;
}
}

57
crypto/LPdir_unix.c
View File

@ -1,4 +1,7 @@
/* $LP: LPlib/source/LPdir_unix.c,v 1.11 2004/09/23 22:07:22 _cvs_levitte Exp $ */
/*
* $LP: LPlib/source/LPdir_unix.c,v 1.11 2004/09/23 22:07:22 _cvs_levitte Exp
* $
*/
/*
* Copyright (c) 2004, Richard Levitte <richard@levitte.org>
* All rights reserved.
@ -33,59 +36,57 @@
#include <dirent.h>
#include <errno.h>
#ifndef LPDIR_H
#include "LPdir.h"
# include "LPdir.h"
#endif
/* The POSIXly macro for the maximum number of characters in a file path
is NAME_MAX. However, some operating systems use PATH_MAX instead.
Therefore, it seems natural to first check for PATH_MAX and use that,
and if it doesn't exist, use NAME_MAX. */
/*
* The POSIXly macro for the maximum number of characters in a file path is
* NAME_MAX. However, some operating systems use PATH_MAX instead.
* Therefore, it seems natural to first check for PATH_MAX and use that, and
* if it doesn't exist, use NAME_MAX.
*/
#if defined(PATH_MAX)
# define LP_ENTRY_SIZE PATH_MAX
#elif defined(NAME_MAX)
# define LP_ENTRY_SIZE NAME_MAX
#endif
/* Of course, there's the possibility that neither PATH_MAX nor NAME_MAX
exist. It's also possible that NAME_MAX exists but is define to a
very small value (HP-UX offers 14), so we need to check if we got a
result, and if it meets a minimum standard, and create or change it
if not. */
/*
* Of course, there's the possibility that neither PATH_MAX nor NAME_MAX
* exist. It's also possible that NAME_MAX exists but is define to a very
* small value (HP-UX offers 14), so we need to check if we got a result, and
* if it meets a minimum standard, and create or change it if not.
*/
#if !defined(LP_ENTRY_SIZE) || LP_ENTRY_SIZE<255
# undef LP_ENTRY_SIZE
# define LP_ENTRY_SIZE 255
#endif
struct LP_dir_context_st
{
struct LP_dir_context_st {
DIR *dir;
char entry_name[LP_ENTRY_SIZE+1];
char entry_name[LP_ENTRY_SIZE + 1];
};
const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
{
struct dirent *direntry = NULL;
if (ctx == NULL || directory == NULL)
{
if (ctx == NULL || directory == NULL) {
errno = EINVAL;
return 0;
}
errno = 0;
if (*ctx == NULL)
{
if (*ctx == NULL) {
*ctx = (LP_DIR_CTX *)malloc(sizeof(LP_DIR_CTX));
if (*ctx == NULL)
{
if (*ctx == NULL) {
errno = ENOMEM;
return 0;
}
memset(*ctx, '\0', sizeof(LP_DIR_CTX));
(*ctx)->dir = opendir(directory);
if ((*ctx)->dir == NULL)
{
if ((*ctx)->dir == NULL) {
int save_errno = errno; /* Probably not needed, but I'm paranoid */
free(*ctx);
*ctx = NULL;
@ -95,25 +96,23 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
}
direntry = readdir((*ctx)->dir);
if (direntry == NULL)
{
if (direntry == NULL) {
return 0;
}
strncpy((*ctx)->entry_name, direntry->d_name, sizeof((*ctx)->entry_name) - 1);
strncpy((*ctx)->entry_name, direntry->d_name,
sizeof((*ctx)->entry_name) - 1);
(*ctx)->entry_name[sizeof((*ctx)->entry_name) - 1] = '\0';
return (*ctx)->entry_name;
}
int LP_find_file_end(LP_DIR_CTX **ctx)
{
if (ctx != NULL && *ctx != NULL)
{
if (ctx != NULL && *ctx != NULL) {
int ret = closedir((*ctx)->dir);
free(*ctx);
switch (ret)
{
switch (ret) {
case 0:
return 1;
case -1:

72
crypto/LPdir_vms.c
View File

@ -37,7 +37,7 @@
#include <str$routines.h>
#include <stsdef.h>
#ifndef LPDIR_H
#include "LPdir.h"
# include "LPdir.h"
#endif
#include "vms_rms.h"
@ -46,11 +46,10 @@
# define EVMSERR 65535 /* error for non-translatable VMS errors */
#endif
struct LP_dir_context_st
{
struct LP_dir_context_st {
unsigned long VMS_context;
char filespec[ NAMX_MAXRSS+ 1];
char result[ NAMX_MAXRSS+ 1];
char filespec[NAMX_MAXRSS + 1];
char result[NAMX_MAXRSS + 1];
struct dsc$descriptor_d filespec_dsc;
struct dsc$descriptor_d result_dsc;
};
@ -68,65 +67,59 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
# pragma pointer_size 32
char *ctx_filespec_32p;
# pragma pointer_size restore
char ctx_filespec_32[ NAMX_MAXRSS+ 1];
char ctx_filespec_32[NAMX_MAXRSS + 1];
#endif /* __INITIAL_POINTER_SIZE == 64 */
#ifdef NAML$C_MAXRSS
flags |= LIB$M_FIL_LONG_NAMES;
#endif
if (ctx == NULL || directory == NULL)
{
if (ctx == NULL || directory == NULL) {
errno = EINVAL;
return 0;
}
errno = 0;
if (*ctx == NULL)
{
if (*ctx == NULL) {
size_t filespeclen = strlen(directory);
char *filespec = NULL;
if (filespeclen == 0)
{
if (filespeclen == 0) {
errno = ENOENT;
return 0;
}
/* MUST be a VMS directory specification! Let's estimate if it is. */
if (directory[filespeclen-1] != ']'
&& directory[filespeclen-1] != '>'
&& directory[filespeclen-1] != ':')
{
if (directory[filespeclen - 1] != ']'
&& directory[filespeclen - 1] != '>'
&& directory[filespeclen - 1] != ':') {
errno = EINVAL;
return 0;
}
filespeclen += 4; /* "*.*;" */
if (filespeclen > NAMX_MAXRSS)
{
if (filespeclen > NAMX_MAXRSS) {
errno = ENAMETOOLONG;
return 0;
}
*ctx = (LP_DIR_CTX *)malloc(sizeof(LP_DIR_CTX));
if (*ctx == NULL)
{
if (*ctx == NULL) {
errno = ENOMEM;
return 0;
}
memset(*ctx, '\0', sizeof(LP_DIR_CTX));
strcpy((*ctx)->filespec,directory);
strcat((*ctx)->filespec,"*.*;");
strcpy((*ctx)->filespec, directory);
strcat((*ctx)->filespec, "*.*;");
/* Arrange 32-bit pointer to (copied) string storage, if needed. */
#if __INITIAL_POINTER_SIZE == 64
# define CTX_FILESPEC ctx_filespec_32p
/* Copy the file name to storage with a 32-bit pointer. */
ctx_filespec_32p = ctx_filespec_32;
strcpy( ctx_filespec_32p, (*ctx)->filespec);
strcpy(ctx_filespec_32p, (*ctx)->filespec);
#else /* __INITIAL_POINTER_SIZE == 64 */
# define CTX_FILESPEC (*ctx)->filespec
#endif /* __INITIAL_POINTER_SIZE == 64 [else] */
@ -145,38 +138,32 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
status = lib$find_file(&(*ctx)->filespec_dsc, &(*ctx)->result_dsc,
&(*ctx)->VMS_context, 0, 0, 0, &flags);
if (status == RMS$_NMF)
{
if (status == RMS$_NMF) {
errno = 0;
vaxc$errno = status;
return NULL;
}
if(!$VMS_STATUS_SUCCESS(status))
{
if (!$VMS_STATUS_SUCCESS(status)) {
errno = EVMSERR;
vaxc$errno = status;
return NULL;
}
/* Quick, cheap and dirty way to discard any device and directory,
since we only want file names */
/*
* Quick, cheap and dirty way to discard any device and directory, since
* we only want file names
*/
l = (*ctx)->result_dsc.dsc$w_length;
p = (*ctx)->result_dsc.dsc$a_pointer;
r = p;
for (; *p; p++)
{
if (*p == '^' && p[1] != '\0') /* Take care of ODS-5 escapes */
{
for (; *p; p++) {
if (*p == '^' && p[1] != '\0') { /* Take care of ODS-5 escapes */
p++;
}
else if (*p == ':' || *p == '>' || *p == ']')
{
} else if (*p == ':' || *p == '>' || *p == ']') {
l -= p + 1 - r;
r = p + 1;
}
else if (*p == ';')
{
} else if (*p == ';') {
l = p - r;
break;
}
@ -191,14 +178,12 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
int LP_find_file_end(LP_DIR_CTX **ctx)
{
if (ctx != NULL && *ctx != NULL)
{
if (ctx != NULL && *ctx != NULL) {
int status = lib$find_file_end(&(*ctx)->VMS_context);
free(*ctx);
if(!$VMS_STATUS_SUCCESS(status))
{
if (!$VMS_STATUS_SUCCESS(status)) {
errno = EVMSERR;
vaxc$errno = status;
return 0;
@ -208,4 +193,3 @@ int LP_find_file_end(LP_DIR_CTX **ctx)
errno = EINVAL;
return 0;
}

99
crypto/LPdir_win.c
View File

@ -26,13 +26,14 @@
#include <windows.h>
#include <tchar.h>
#ifndef LPDIR_H
#include "LPdir.h"
# include "LPdir.h"
#endif
/* We're most likely overcautious here, but let's reserve for
broken WinCE headers and explicitly opt for UNICODE call.
Keep in mind that our WinCE builds are compiled with -DUNICODE
[as well as -D_UNICODE]. */
/*
* We're most likely overcautious here, but let's reserve for broken WinCE
* headers and explicitly opt for UNICODE call. Keep in mind that our WinCE
* builds are compiled with -DUNICODE [as well as -D_UNICODE].
*/
#if defined(LP_SYS_WINCE) && !defined(FindFirstFile)
# define FindFirstFile FindFirstFileW
#endif
@ -41,82 +42,72 @@
#endif
#ifndef NAME_MAX
#define NAME_MAX 255
# define NAME_MAX 255
#endif
struct LP_dir_context_st
{
struct LP_dir_context_st {
WIN32_FIND_DATA ctx;
HANDLE handle;
char entry_name[NAME_MAX+1];
char entry_name[NAME_MAX + 1];
};
const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
{
if (ctx == NULL || directory == NULL)
{
if (ctx == NULL || directory == NULL) {
errno = EINVAL;
return 0;
}
errno = 0;
if (*ctx == NULL)
{
if (*ctx == NULL) {
const char *extdir = directory;
char *extdirbuf = NULL;
size_t dirlen = strlen (directory);
size_t dirlen = strlen(directory);
if (dirlen == 0)
{
if (dirlen == 0) {
errno = ENOENT;
return 0;
}
*ctx = (LP_DIR_CTX *)malloc(sizeof(LP_DIR_CTX));
if (*ctx == NULL)
{
if (*ctx == NULL) {
errno = ENOMEM;
return 0;
}
memset(*ctx, '\0', sizeof(LP_DIR_CTX));
if (directory[dirlen-1] != '*')
{
if (directory[dirlen - 1] != '*') {
extdirbuf = (char *)malloc(dirlen + 3);
if (extdirbuf == NULL)
{
if (extdirbuf == NULL) {
free(*ctx);
*ctx = NULL;
errno = ENOMEM;
return 0;
}
if (directory[dirlen-1] != '/' && directory[dirlen-1] != '\\')
extdir = strcat(strcpy (extdirbuf,directory),"/*");
if (directory[dirlen - 1] != '/' && directory[dirlen - 1] != '\\')
extdir = strcat(strcpy(extdirbuf, directory), "/*");
else
extdir = strcat(strcpy (extdirbuf,directory),"*");
extdir = strcat(strcpy(extdirbuf, directory), "*");
}
if (sizeof(TCHAR) != sizeof(char))
{
if (sizeof(TCHAR) != sizeof(char)) {
TCHAR *wdir = NULL;
/* len_0 denotes string length *with* trailing 0 */
size_t index = 0,len_0 = strlen(extdir) + 1;
size_t index = 0, len_0 = strlen(extdir) + 1;
wdir = (TCHAR *)calloc(len_0, sizeof(TCHAR));
if (wdir == NULL)
{
if (extdirbuf != NULL)
{
free (extdirbuf);
if (wdir == NULL) {
if (extdirbuf != NULL) {
free(extdirbuf);
}
free(*ctx);
*ctx = NULL;
errno = ENOMEM;
return 0;
}
#ifdef LP_MULTIBYTE_AVAILABLE
if (!MultiByteToWideChar(CP_ACP, 0, extdir, len_0, (WCHAR *)wdir, len_0))
if (!MultiByteToWideChar
(CP_ACP, 0, extdir, len_0, (WCHAR *)wdir, len_0))
#endif
for (index = 0; index < len_0; index++)
wdir[index] = (TCHAR)extdir[index];
@ -124,59 +115,51 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
(*ctx)->handle = FindFirstFile(wdir, &(*ctx)->ctx);
free(wdir);
}
else
{
} else {
(*ctx)->handle = FindFirstFile((TCHAR *)extdir, &(*ctx)->ctx);
}
if (extdirbuf != NULL)
{
free (extdirbuf);
if (extdirbuf != NULL) {
free(extdirbuf);
}
if ((*ctx)->handle == INVALID_HANDLE_VALUE)
{
if ((*ctx)->handle == INVALID_HANDLE_VALUE) {
free(*ctx);
*ctx = NULL;
errno = EINVAL;
return 0;
}
}
else
{
if (FindNextFile((*ctx)->handle, &(*ctx)->ctx) == FALSE)
{
} else {
if (FindNextFile((*ctx)->handle, &(*ctx)->ctx) == FALSE) {
return 0;
}
}
if (sizeof(TCHAR) != sizeof(char))
{
if (sizeof(TCHAR) != sizeof(char)) {
TCHAR *wdir = (*ctx)->ctx.cFileName;
size_t index, len_0 = 0;
while (wdir[len_0] && len_0 < (sizeof((*ctx)->entry_name) - 1)) len_0++;
while (wdir[len_0] && len_0 < (sizeof((*ctx)->entry_name) - 1))
len_0++;
len_0++;
#ifdef LP_MULTIBYTE_AVAILABLE
if (!WideCharToMultiByte(CP_ACP, 0, (WCHAR *)wdir, len_0, (*ctx)->entry_name,
if (!WideCharToMultiByte
(CP_ACP, 0, (WCHAR *)wdir, len_0, (*ctx)->entry_name,
sizeof((*ctx)->entry_name), NULL, 0))
#endif
for (index = 0; index < len_0; index++)
(*ctx)->entry_name[index] = (char)wdir[index];
}
else
} else
strncpy((*ctx)->entry_name, (const char *)(*ctx)->ctx.cFileName,
sizeof((*ctx)->entry_name)-1);
sizeof((*ctx)->entry_name) - 1);
(*ctx)->entry_name[sizeof((*ctx)->entry_name)-1] = '\0';
(*ctx)->entry_name[sizeof((*ctx)->entry_name) - 1] = '\0';
return (*ctx)->entry_name;
}
int LP_find_file_end(LP_DIR_CTX **ctx)
{
if (ctx != NULL && *ctx != NULL)
{
if (ctx != NULL && *ctx != NULL) {
FindClose((*ctx)->handle);
free(*ctx);
*ctx = NULL;

5
crypto/LPdir_win32.c
View File

@ -1,4 +1,7 @@
/* $LP: LPlib/source/LPdir_win32.c,v 1.3 2004/08/26 13:36:05 _cvs_levitte Exp $ */
/*
* $LP: LPlib/source/LPdir_win32.c,v 1.3 2004/08/26 13:36:05 _cvs_levitte Exp
* $
*/
/*
* Copyright (c) 2004, Richard Levitte <richard@levitte.org>
* All rights reserved.

11
crypto/LPdir_wince.c
View File

@ -1,4 +1,7 @@
/* $LP: LPlib/source/LPdir_wince.c,v 1.3 2004/08/26 13:36:05 _cvs_levitte Exp $ */
/*
* $LP: LPlib/source/LPdir_wince.c,v 1.3 2004/08/26 13:36:05 _cvs_levitte Exp
* $
*/
/*
* Copyright (c) 2004, Richard Levitte <richard@levitte.org>
* All rights reserved.
@ -26,6 +29,8 @@
*/
#define LP_SYS_WINCE
/* We might want to define LP_MULTIBYTE_AVAILABLE here. It's currently
under investigation what the exact conditions would be */
/*
* We might want to define LP_MULTIBYTE_AVAILABLE here. It's currently under
* investigation what the exact conditions would be
*/
#include "LPdir_win.c"

36
crypto/aes/aes.h
View File

@ -50,23 +50,25 @@
*/
#ifndef HEADER_AES_H
#define HEADER_AES_H
# define HEADER_AES_H
#include <openssl/opensslconf.h>
# include <openssl/opensslconf.h>
#ifdef OPENSSL_NO_AES
#error AES is disabled.
#endif
# ifdef OPENSSL_NO_AES
# error AES is disabled.
# endif
#include <stddef.h>
# include <stddef.h>
#define AES_ENCRYPT 1
#define AES_DECRYPT 0
# define AES_ENCRYPT 1
# define AES_DECRYPT 0
/* Because array size can't be a const in C, the following two are macros.
Both sizes are in bytes. */
#define AES_MAXNR 14
#define AES_BLOCK_SIZE 16
/*
* Because array size can't be a const in C, the following two are macros.
* Both sizes are in bytes.
*/
# define AES_MAXNR 14
# define AES_BLOCK_SIZE 16
#ifdef __cplusplus
extern "C" {
@ -74,11 +76,11 @@ extern "C" {
/* This should be a hidden type, but EVP requires that the size be known */
struct aes_key_st {
#ifdef AES_LONG
unsigned long rd_key[4 *(AES_MAXNR + 1)];
#else
unsigned int rd_key[4 *(AES_MAXNR + 1)];
#endif
# ifdef AES_LONG
unsigned long rd_key[4 * (AES_MAXNR + 1)];
# else
unsigned int rd_key[4 * (AES_MAXNR + 1)];
# endif
int rounds;
};
typedef struct aes_key_st AES_KEY;

9
crypto/aes/aes_cbc.c
View File

@ -54,10 +54,13 @@
void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const AES_KEY *key,
unsigned char *ivec, const int enc) {
unsigned char *ivec, const int enc)
{
if (enc)
CRYPTO_cbc128_encrypt(in,out,len,key,ivec,(block128_f)AES_encrypt);
CRYPTO_cbc128_encrypt(in, out, len, key, ivec,
(block128_f) AES_encrypt);
else
CRYPTO_cbc128_decrypt(in,out,len,key,ivec,(block128_f)AES_decrypt);
CRYPTO_cbc128_decrypt(in, out, len, key, ivec,
(block128_f) AES_decrypt);
}

28
crypto/aes/aes_cfb.c
View File

@ -52,30 +52,34 @@
#include <openssl/aes.h>
#include <openssl/modes.h>
/* The input and output encrypted as though 128bit cfb mode is being
* used. The extra state information to record how much of the
* 128bit block we have used is contained in *num;
/*
* The input and output encrypted as though 128bit cfb mode is being used.
* The extra state information to record how much of the 128bit block we have
* used is contained in *num;
*/
void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const AES_KEY *key,
unsigned char *ivec, int *num, const int enc) {
unsigned char *ivec, int *num, const int enc)
{
CRYPTO_cfb128_encrypt(in,out,length,key,ivec,num,enc,(block128_f)AES_encrypt);
CRYPTO_cfb128_encrypt(in, out, length, key, ivec, num, enc,
(block128_f) AES_encrypt);
}
/* N.B. This expects the input to be packed, MS bit first */
void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const AES_KEY *key,
unsigned char *ivec, int *num, const int enc)
{
CRYPTO_cfb128_1_encrypt(in,out,length,key,ivec,num,enc,(block128_f)AES_encrypt);
}
{
CRYPTO_cfb128_1_encrypt(in, out, length, key, ivec, num, enc,
(block128_f) AES_encrypt);
}
void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const AES_KEY *key,
unsigned char *ivec, int *num, const int enc)
{
CRYPTO_cfb128_8_encrypt(in,out,length,key,ivec,num,enc,(block128_f)AES_encrypt);
}
{
CRYPTO_cfb128_8_encrypt(in, out, length, key, ivec, num, enc,
(block128_f) AES_encrypt);
}

6
crypto/aes/aes_ctr.c
View File

@ -56,6 +56,8 @@ void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const AES_KEY *key,
unsigned char ivec[AES_BLOCK_SIZE],
unsigned char ecount_buf[AES_BLOCK_SIZE],
unsigned int *num) {
CRYPTO_ctr128_encrypt(in,out,length,key,ivec,ecount_buf,num,(block128_f)AES_encrypt);
unsigned int *num)
{
CRYPTO_ctr128_encrypt(in, out, length, key, ivec, ecount_buf, num,
(block128_f) AES_encrypt);
}

6
crypto/aes/aes_ecb.c
View File

@ -60,14 +60,14 @@
#include "aes_locl.h"
void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key, const int enc) {
const AES_KEY *key, const int enc)
{
assert(in && out && key);
assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc));
assert((AES_ENCRYPT == enc) || (AES_DECRYPT == enc));
if (AES_ENCRYPT == enc)
AES_encrypt(in, out, key);
else
AES_decrypt(in, out, key);
}

178
crypto/aes/aes_ige.c
View File

@ -61,17 +61,17 @@ typedef struct {
/* XXX: probably some better way to do this */
#if defined(__i386__) || defined(__x86_64__)
#define UNALIGNED_MEMOPS_ARE_FAST 1
# define UNALIGNED_MEMOPS_ARE_FAST 1
#else
#define UNALIGNED_MEMOPS_ARE_FAST 0
# define UNALIGNED_MEMOPS_ARE_FAST 0
#endif
#if UNALIGNED_MEMOPS_ARE_FAST
#define load_block(d, s) (d) = *(const aes_block_t *)(s)
#define store_block(d, s) *(aes_block_t *)(d) = (s)
# define load_block(d, s) (d) = *(const aes_block_t *)(s)
# define store_block(d, s) *(aes_block_t *)(d) = (s)
#else
#define load_block(d, s) memcpy((d).data, (s), AES_BLOCK_SIZE)
#define store_block(d, s) memcpy((d), (s).data, AES_BLOCK_SIZE)
# define load_block(d, s) memcpy((d).data, (s), AES_BLOCK_SIZE)
# define store_block(d, s) memcpy((d), (s).data, AES_BLOCK_SIZE)
#endif
/* N.B. The IV for this mode is _twice_ the block size */
@ -79,33 +79,33 @@ typedef struct {
void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const AES_KEY *key,
unsigned char *ivec, const int enc)
{
{
size_t n;
size_t len = length;
OPENSSL_assert(in && out && key && ivec);
OPENSSL_assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc));
OPENSSL_assert((length%AES_BLOCK_SIZE) == 0);
OPENSSL_assert((AES_ENCRYPT == enc) || (AES_DECRYPT == enc));
OPENSSL_assert((length % AES_BLOCK_SIZE) == 0);
len = length / AES_BLOCK_SIZE;
if (AES_ENCRYPT == enc)
{
if (AES_ENCRYPT == enc) {
if (in != out &&
(UNALIGNED_MEMOPS_ARE_FAST || ((size_t)in|(size_t)out|(size_t)ivec)%sizeof(long)==0))
{
aes_block_t *ivp = (aes_block_t *)ivec;
aes_block_t *iv2p = (aes_block_t *)(ivec + AES_BLOCK_SIZE);
(UNALIGNED_MEMOPS_ARE_FAST
|| ((size_t)in | (size_t)out | (size_t)ivec) % sizeof(long) ==
0)) {
aes_block_t *ivp = (aes_block_t *) ivec;
aes_block_t *iv2p = (aes_block_t *) (ivec + AES_BLOCK_SIZE);
while (len)
{
aes_block_t *inp = (aes_block_t *)in;
aes_block_t *outp = (aes_block_t *)out;
while (len) {
aes_block_t *inp = (aes_block_t *) in;
aes_block_t *outp = (aes_block_t *) out;
for(n=0 ; n < N_WORDS; ++n)
for (n = 0; n < N_WORDS; ++n)
outp->data[n] = inp->data[n] ^ ivp->data[n];
AES_encrypt((unsigned char *)outp->data, (unsigned char *)outp->data, key);
for(n=0 ; n < N_WORDS; ++n)
AES_encrypt((unsigned char *)outp->data,
(unsigned char *)outp->data, key);
for (n = 0; n < N_WORDS; ++n)
outp->data[n] ^= iv2p->data[n];
ivp = outp;
iv2p = inp;
@ -115,9 +115,7 @@ void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
}
memcpy(ivec, ivp->data, AES_BLOCK_SIZE);
memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE);
}
else
{
} else {
aes_block_t tmp, tmp2;
aes_block_t iv;
aes_block_t iv2;
@ -125,13 +123,13 @@ void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
load_block(iv, ivec);
load_block(iv2, ivec + AES_BLOCK_SIZE);
while (len)
{
while (len) {
load_block(tmp, in);
for(n=0 ; n < N_WORDS; ++n)
for (n = 0; n < N_WORDS; ++n)
tmp2.data[n] = tmp.data[n] ^ iv.data[n];
AES_encrypt((unsigned char *)tmp2.data, (unsigned char *)tmp2.data, key);
for(n=0 ; n < N_WORDS; ++n)
AES_encrypt((unsigned char *)tmp2.data,
(unsigned char *)tmp2.data, key);
for (n = 0; n < N_WORDS; ++n)
tmp2.data[n] ^= iv2.data[n];
store_block(out, tmp2);
iv = tmp2;
@ -143,25 +141,24 @@ void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
memcpy(ivec, iv.data, AES_BLOCK_SIZE);
memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE);
}
}
else
{
} else {
if (in != out &&
(UNALIGNED_MEMOPS_ARE_FAST || ((size_t)in|(size_t)out|(size_t)ivec)%sizeof(long)==0))
{
aes_block_t *ivp = (aes_block_t *)ivec;
aes_block_t *iv2p = (aes_block_t *)(ivec + AES_BLOCK_SIZE);
(UNALIGNED_MEMOPS_ARE_FAST
|| ((size_t)in | (size_t)out | (size_t)ivec) % sizeof(long) ==
0)) {
aes_block_t *ivp = (aes_block_t *) ivec;
aes_block_t *iv2p = (aes_block_t *) (ivec + AES_BLOCK_SIZE);
while (len)
{
while (len) {
aes_block_t tmp;
aes_block_t *inp = (aes_block_t *)in;
aes_block_t *outp = (aes_block_t *)out;
aes_block_t *inp = (aes_block_t *) in;
aes_block_t *outp = (aes_block_t *) out;
for(n=0 ; n < N_WORDS; ++n)
for (n = 0; n < N_WORDS; ++n)
tmp.data[n] = inp->data[n] ^ iv2p->data[n];
AES_decrypt((unsigned char *)tmp.data, (unsigned char *)outp->data, key);
for(n=0 ; n < N_WORDS; ++n)
AES_decrypt((unsigned char *)tmp.data,
(unsigned char *)outp->data, key);
for (n = 0; n < N_WORDS; ++n)
outp->data[n] ^= ivp->data[n];
ivp = inp;
iv2p = outp;
@ -171,9 +168,7 @@ void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
}
memcpy(ivec, ivp->data, AES_BLOCK_SIZE);
memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE);
}
else
{
} else {
aes_block_t tmp, tmp2;
aes_block_t iv;
aes_block_t iv2;
@ -181,14 +176,14 @@ void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
load_block(iv, ivec);
load_block(iv2, ivec + AES_BLOCK_SIZE);
while (len)
{
while (len) {
load_block(tmp, in);
tmp2 = tmp;
for(n=0 ; n < N_WORDS; ++n)
for (n = 0; n < N_WORDS; ++n)
tmp.data[n] ^= iv2.data[n];
AES_decrypt((unsigned char *)tmp.data, (unsigned char *)tmp.data, key);
for(n=0 ; n < N_WORDS; ++n)
AES_decrypt((unsigned char *)tmp.data,
(unsigned char *)tmp.data, key);
for (n = 0; n < N_WORDS; ++n)
tmp.data[n] ^= iv.data[n];
store_block(out, tmp);
iv = tmp2;
@ -201,7 +196,7 @@ void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE);
}
}
}
}
/*
* Note that its effectively impossible to do biIGE in anything other
@ -214,7 +209,7 @@ void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const AES_KEY *key,
const AES_KEY *key2, const unsigned char *ivec,
const int enc)
{
{
size_t n;
size_t len = length;
unsigned char tmp[AES_BLOCK_SIZE];
@ -225,23 +220,23 @@ void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
const unsigned char *iv2;
OPENSSL_assert(in && out && key && ivec);
OPENSSL_assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc));
OPENSSL_assert((length%AES_BLOCK_SIZE) == 0);
OPENSSL_assert((AES_ENCRYPT == enc) || (AES_DECRYPT == enc));
OPENSSL_assert((length % AES_BLOCK_SIZE) == 0);
if (AES_ENCRYPT == enc)
{
/* XXX: Do a separate case for when in != out (strictly should
check for overlap, too) */
if (AES_ENCRYPT == enc) {
/*
* XXX: Do a separate case for when in != out (strictly should check
* for overlap, too)
*/
/* First the forward pass */
iv = ivec;
iv2 = ivec + AES_BLOCK_SIZE;
while (len >= AES_BLOCK_SIZE)
{
for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
while (len >= AES_BLOCK_SIZE) {
for (n = 0; n < AES_BLOCK_SIZE; ++n)
out[n] = in[n] ^ iv[n];
AES_encrypt(out, out, key);
for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
for (n = 0; n < AES_BLOCK_SIZE; ++n)
out[n] ^= iv2[n];
iv = out;
memcpy(prev, in, AES_BLOCK_SIZE);
@ -252,46 +247,52 @@ void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
}
/* And now backwards */
iv = ivec + AES_BLOCK_SIZE*2;
iv2 = ivec + AES_BLOCK_SIZE*3;
iv = ivec + AES_BLOCK_SIZE * 2;
iv2 = ivec + AES_BLOCK_SIZE * 3;
len = length;
while(len >= AES_BLOCK_SIZE)
{
while (len >= AES_BLOCK_SIZE) {
out -= AES_BLOCK_SIZE;
/* XXX: reduce copies by alternating between buffers */
/*
* XXX: reduce copies by alternating between buffers
*/
memcpy(tmp, out, AES_BLOCK_SIZE);
for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
for (n = 0; n < AES_BLOCK_SIZE; ++n)
out[n] ^= iv[n];
/* hexdump(stdout, "out ^ iv", out, AES_BLOCK_SIZE); */
/*
* hexdump(stdout, "out ^ iv", out, AES_BLOCK_SIZE);
*/
AES_encrypt(out, out, key);
/* hexdump(stdout,"enc", out, AES_BLOCK_SIZE); */
/* hexdump(stdout,"iv2", iv2, AES_BLOCK_SIZE); */
for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
/*
* hexdump(stdout,"enc", out, AES_BLOCK_SIZE);
*/
/*
* hexdump(stdout,"iv2", iv2, AES_BLOCK_SIZE);
*/
for (n = 0; n < AES_BLOCK_SIZE; ++n)
out[n] ^= iv2[n];
/* hexdump(stdout,"out", out, AES_BLOCK_SIZE); */
/*
* hexdump(stdout,"out", out, AES_BLOCK_SIZE);
*/
iv = out;
memcpy(prev, tmp, AES_BLOCK_SIZE);
iv2 = prev;
len -= AES_BLOCK_SIZE;
}
}
else
{
} else {
/* First backwards */
iv = ivec + AES_BLOCK_SIZE*2;
iv2 = ivec + AES_BLOCK_SIZE*3;
iv = ivec + AES_BLOCK_SIZE * 2;
iv2 = ivec + AES_BLOCK_SIZE * 3;
in += length;
out += length;
while (len >= AES_BLOCK_SIZE)
{
while (len >= AES_BLOCK_SIZE) {
in -= AES_BLOCK_SIZE;
out -= AES_BLOCK_SIZE;
memcpy(tmp, in, AES_BLOCK_SIZE);
memcpy(tmp2, in, AES_BLOCK_SIZE);
for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
for (n = 0; n < AES_BLOCK_SIZE; ++n)
tmp[n] ^= iv2[n];
AES_decrypt(tmp, out, key);
for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
for (n = 0; n < AES_BLOCK_SIZE; ++n)
out[n] ^= iv[n];
memcpy(tmp3, tmp2, AES_BLOCK_SIZE);
iv = tmp3;
@ -303,14 +304,13 @@ void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
iv = ivec;
iv2 = ivec + AES_BLOCK_SIZE;
len = length;
while (len >= AES_BLOCK_SIZE)
{
while (len >= AES_BLOCK_SIZE) {
memcpy(tmp, out, AES_BLOCK_SIZE);
memcpy(tmp2, out, AES_BLOCK_SIZE);
for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
for (n = 0; n < AES_BLOCK_SIZE; ++n)
tmp[n] ^= iv2[n];
AES_decrypt(tmp, out, key);
for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
for (n = 0; n < AES_BLOCK_SIZE; ++n)
out[n] ^= iv[n];
memcpy(tmp3, tmp2, AES_BLOCK_SIZE);
iv = tmp3;
@ -320,4 +320,4 @@ void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
out += AES_BLOCK_SIZE;
}
}
}
}

36
crypto/aes/aes_locl.h
View File

@ -50,40 +50,40 @@
*/
#ifndef HEADER_AES_LOCL_H
#define HEADER_AES_LOCL_H
# define HEADER_AES_LOCL_H
#include <openssl/e_os2.h>
# include <openssl/e_os2.h>
#ifdef OPENSSL_NO_AES
#error AES is disabled.
#endif
# ifdef OPENSSL_NO_AES
# error AES is disabled.
# endif
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
# include <stdio.h>
# include <stdlib.h>
# include <string.h>
#if defined(_MSC_VER) && (defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64))
# if defined(_MSC_VER) && (defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64))
# define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00)
# define GETU32(p) SWAP(*((u32 *)(p)))
# define PUTU32(ct, st) { *((u32 *)(ct)) = SWAP((st)); }
#else
# else
# define GETU32(pt) (((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ ((u32)(pt)[2] << 8) ^ ((u32)(pt)[3]))
# define PUTU32(ct, st) { (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); (ct)[2] = (u8)((st) >> 8); (ct)[3] = (u8)(st); }
#endif
# endif
#ifdef AES_LONG
# ifdef AES_LONG
typedef unsigned long u32;
#else
# else
typedef unsigned int u32;
#endif
# endif
typedef unsigned short u16;
typedef unsigned char u8;
#define MAXKC (256/32)
#define MAXKB (256/8)
#define MAXNR 14
# define MAXKC (256/32)
# define MAXKB (256/8)
# define MAXNR 14
/* This controls loop-unrolling in aes_core.c */
#undef FULL_UNROLL
# undef FULL_UNROLL
#endif /* !HEADER_AES_LOCL_H */

13
crypto/aes/aes_misc.c
View File

@ -54,9 +54,10 @@
#include <openssl/aes.h>
#include "aes_locl.h"
const char AES_version[]="AES" OPENSSL_VERSION_PTEXT;
const char AES_version[] = "AES" OPENSSL_VERSION_PTEXT;
const char *AES_options(void) {
const char *AES_options(void)
{
#ifdef FULL_UNROLL
return "aes(full)";
#else
@ -68,18 +69,18 @@ const char *AES_options(void) {
int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
AES_KEY *key)
{
{
#ifdef OPENSSL_FIPS
fips_cipher_abort(AES);
#endif
return private_AES_set_encrypt_key(userKey, bits, key);
}
}
int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
AES_KEY *key)
{
{
#ifdef OPENSSL_FIPS
fips_cipher_abort(AES);
#endif
return private_AES_set_decrypt_key(userKey, bits, key);
}
}

3
crypto/aes/aes_ofb.c
View File

@ -56,5 +56,6 @@ void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const AES_KEY *key,
unsigned char *ivec, int *num)
{
CRYPTO_ofb128_encrypt(in,out,length,key,ivec,num,(block128_f)AES_encrypt);
CRYPTO_ofb128_encrypt(in, out, length, key, ivec, num,
(block128_f) AES_encrypt);
}

16
crypto/aes/aes_wrap.c
View File

@ -1,5 +1,6 @@
/* crypto/aes/aes_wrap.c */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
*/
/* ====================================================================
@ -58,13 +59,14 @@
int AES_wrap_key(AES_KEY *key, const unsigned char *iv,
unsigned char *out,
const unsigned char *in, unsigned int inlen)
{
return CRYPTO_128_wrap(key, iv, out, in, inlen, (block128_f)AES_encrypt);
}
{
return CRYPTO_128_wrap(key, iv, out, in, inlen, (block128_f) AES_encrypt);
}
int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
unsigned char *out,
const unsigned char *in, unsigned int inlen)
{
return CRYPTO_128_unwrap(key, iv, out, in, inlen, (block128_f)AES_decrypt);
}
{
return CRYPTO_128_unwrap(key, iv, out, in, inlen,
(block128_f) AES_decrypt);
}

38
crypto/arm_arch.h
View File

@ -1,7 +1,7 @@
#ifndef __ARM_ARCH_H__
#define __ARM_ARCH_H__
# define __ARM_ARCH_H__
#if !defined(__ARM_ARCH__)
# if !defined(__ARM_ARCH__)
# if defined(__CC_ARM)
# define __ARM_ARCH__ __TARGET_ARCH_ARM
# if defined(__BIG_ENDIAN)
@ -46,33 +46,33 @@
# error "unsupported ARM architecture"
# endif
# endif
#endif
# endif
#ifdef OPENSSL_FIPSCANISTER
#include <openssl/fipssyms.h>
#endif
# ifdef OPENSSL_FIPSCANISTER
# include <openssl/fipssyms.h>
# endif
#if !defined(__ARM_MAX_ARCH__)
# if !defined(__ARM_MAX_ARCH__)
# define __ARM_MAX_ARCH__ __ARM_ARCH__
#endif
# endif
#if __ARM_MAX_ARCH__<__ARM_ARCH__
# if __ARM_MAX_ARCH__<__ARM_ARCH__
# error "__ARM_MAX_ARCH__ can't be less than __ARM_ARCH__"
#elif __ARM_MAX_ARCH__!=__ARM_ARCH__
# elif __ARM_MAX_ARCH__!=__ARM_ARCH__
# if __ARM_ARCH__<7 && __ARM_MAX_ARCH__>=7 && defined(__ARMEB__)
# error "can't build universal big-endian binary"
# endif
#endif
# endif
#if !__ASSEMBLER__
# if !__ASSEMBLER__
extern unsigned int OPENSSL_armcap_P;
#endif
# endif
#define ARMV7_NEON (1<<0)
#define ARMV7_TICK (1<<1)
#define ARMV8_AES (1<<2)
#define ARMV8_SHA1 (1<<3)
#define ARMV8_SHA256 (1<<4)
#define ARMV8_PMULL (1<<5)
# define ARMV7_NEON (1<<0)
# define ARMV7_TICK (1<<1)
# define ARMV8_AES (1<<2)
# define ARMV8_SHA1 (1<<3)
# define ARMV8_SHA256 (1<<4)
# define ARMV8_PMULL (1<<5)
#endif

114
crypto/armcap.c
View File

@ -7,16 +7,25 @@
#include "arm_arch.h"
unsigned int OPENSSL_armcap_P=0;
unsigned int OPENSSL_armcap_P = 0;
#if __ARM_MAX_ARCH__<7
void OPENSSL_cpuid_setup(void) {}
unsigned long OPENSSL_rdtsc(void) { return 0; }
void OPENSSL_cpuid_setup(void)
{
}
unsigned long OPENSSL_rdtsc(void)
{
return 0;
}
#else
static sigset_t all_masked;
static sigjmp_buf ill_jmp;
static void ill_handler (int sig) { siglongjmp(ill_jmp,sig); }
static void ill_handler(int sig)
{
siglongjmp(ill_jmp, sig);
}
/*
* Following subroutines could have been inlined, but it's not all
@ -30,39 +39,42 @@ void _armv8_pmull_probe(void);
unsigned long _armv7_tick(void);
unsigned long OPENSSL_rdtsc(void)
{
{
if (OPENSSL_armcap_P & ARMV7_TICK)
return _armv7_tick();
else
return 0;
}
}
/*
* Use a weak reference to getauxval() so we can use it if it is available but
* don't break the build if it is not.
*/
#if defined(__GNUC__) && __GNUC__>=2
void OPENSSL_cpuid_setup(void) __attribute__((constructor));
extern unsigned long getauxval(unsigned long type) __attribute__((weak));
#else
static unsigned long (*getauxval)(unsigned long) = NULL;
#endif
# if defined(__GNUC__) && __GNUC__>=2
void OPENSSL_cpuid_setup(void) __attribute__ ((constructor));
extern unsigned long getauxval(unsigned long type) __attribute__ ((weak));
# else
static unsigned long (*getauxval) (unsigned long) = NULL;
# endif
/*
* ARM puts the the feature bits for Crypto Extensions in AT_HWCAP2, whereas
* AArch64 used AT_HWCAP.
*/
#if defined(__arm__) || defined (__arm)
# define HWCAP 16 /* AT_HWCAP */
# if defined(__arm__) || defined (__arm)
# define HWCAP 16
/* AT_HWCAP */
# define HWCAP_NEON (1 << 12)
# define HWCAP_CE 26 /* AT_HWCAP2 */
# define HWCAP_CE 26
/* AT_HWCAP2 */
# define HWCAP_CE_AES (1 << 0)
# define HWCAP_CE_PMULL (1 << 1)
# define HWCAP_CE_SHA1 (1 << 2)
# define HWCAP_CE_SHA256 (1 << 3)
#elif defined(__aarch64__)
# define HWCAP 16 /* AT_HWCAP */
# elif defined(__aarch64__)
# define HWCAP 16
/* AT_HWCAP */
# define HWCAP_NEON (1 << 1)
# define HWCAP_CE HWCAP
@ -70,44 +82,42 @@ static unsigned long (*getauxval)(unsigned long) = NULL;
# define HWCAP_CE_PMULL (1 << 4)
# define HWCAP_CE_SHA1 (1 << 5)
# define HWCAP_CE_SHA256 (1 << 6)
#endif
# endif
void OPENSSL_cpuid_setup(void)
{
{
char *e;
struct sigaction ill_oact,ill_act;
struct sigaction ill_oact, ill_act;
sigset_t oset;
static int trigger=0;
static int trigger = 0;
if (trigger) return;
trigger=1;
if (trigger)
return;
trigger = 1;
if ((e=getenv("OPENSSL_armcap")))
{
OPENSSL_armcap_P=(unsigned int)strtoul(e,NULL,0);
if ((e = getenv("OPENSSL_armcap"))) {
OPENSSL_armcap_P = (unsigned int)strtoul(e, NULL, 0);
return;
}
sigfillset(&all_masked);
sigdelset(&all_masked,SIGILL);
sigdelset(&all_masked,SIGTRAP);
sigdelset(&all_masked,SIGFPE);
sigdelset(&all_masked,SIGBUS);
sigdelset(&all_masked,SIGSEGV);
sigdelset(&all_masked, SIGILL);
sigdelset(&all_masked, SIGTRAP);
sigdelset(&all_masked, SIGFPE);
sigdelset(&all_masked, SIGBUS);
sigdelset(&all_masked, SIGSEGV);
OPENSSL_armcap_P = 0;
memset(&ill_act,0,sizeof(ill_act));
memset(&ill_act, 0, sizeof(ill_act));
ill_act.sa_handler = ill_handler;
ill_act.sa_mask = all_masked;
sigprocmask(SIG_SETMASK,&ill_act.sa_mask,&oset);
sigaction(SIGILL,&ill_act,&ill_oact);
sigprocmask(SIG_SETMASK, &ill_act.sa_mask, &oset);
sigaction(SIGILL, &ill_act, &ill_oact);
if (getauxval != NULL)
{
if (getauxval(HWCAP) & HWCAP_NEON)
{
if (getauxval != NULL) {
if (getauxval(HWCAP) & HWCAP_NEON) {
unsigned long hwcap = getauxval(HWCAP_CE);
OPENSSL_armcap_P |= ARMV7_NEON;
@ -124,39 +134,31 @@ void OPENSSL_cpuid_setup(void)
if (hwcap & HWCAP_CE_SHA256)
OPENSSL_armcap_P |= ARMV8_SHA256;
}
}
else if (sigsetjmp(ill_jmp,1) == 0)
{
} else if (sigsetjmp(ill_jmp, 1) == 0) {
_armv7_neon_probe();
OPENSSL_armcap_P |= ARMV7_NEON;
if (sigsetjmp(ill_jmp,1) == 0)
{
if (sigsetjmp(ill_jmp, 1) == 0) {
_armv8_pmull_probe();
OPENSSL_armcap_P |= ARMV8_PMULL|ARMV8_AES;
}
else if (sigsetjmp(ill_jmp,1) == 0)
{
OPENSSL_armcap_P |= ARMV8_PMULL | ARMV8_AES;
} else if (sigsetjmp(ill_jmp, 1) == 0) {
_armv8_aes_probe();
OPENSSL_armcap_P |= ARMV8_AES;
}
if (sigsetjmp(ill_jmp,1) == 0)
{
if (sigsetjmp(ill_jmp, 1) == 0) {
_armv8_sha1_probe();
OPENSSL_armcap_P |= ARMV8_SHA1;
}
if (sigsetjmp(ill_jmp,1) == 0)
{
if (sigsetjmp(ill_jmp, 1) == 0) {
_armv8_sha256_probe();
OPENSSL_armcap_P |= ARMV8_SHA256;
}
}
if (sigsetjmp(ill_jmp,1) == 0)
{
if (sigsetjmp(ill_jmp, 1) == 0) {
_armv7_tick();
OPENSSL_armcap_P |= ARMV7_TICK;
}
sigaction (SIGILL,&ill_oact,NULL);
sigprocmask(SIG_SETMASK,&oset,NULL);
}
sigaction(SIGILL, &ill_oact, NULL);
sigprocmask(SIG_SETMASK, &oset, NULL);
}
#endif

265
crypto/asn1/a_bitstr.c
View File

@ -61,172 +61,179 @@
#include <openssl/asn1.h>
int ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, unsigned char *d, int len)
{ return M_ASN1_BIT_STRING_set(x, d, len); }
{
return M_ASN1_BIT_STRING_set(x, d, len);
}
int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
{
int ret,j,bits,len;
unsigned char *p,*d;
{
int ret, j, bits, len;
unsigned char *p, *d;
if (a == NULL) return(0);
if (a == NULL)
return (0);
len=a->length;
len = a->length;
if (len > 0) {
if (a->flags & ASN1_STRING_FLAG_BITS_LEFT) {
bits = (int)a->flags & 0x07;
} else {
for (; len > 0; len--) {
if (a->data[len - 1])
break;
}
j = a->data[len - 1];
if (j & 0x01)
bits = 0;
else if (j & 0x02)
bits = 1;
else if (j & 0x04)
bits = 2;
else if (j & 0x08)
bits = 3;
else if (j & 0x10)
bits = 4;
else if (j & 0x20)
bits = 5;
else if (j & 0x40)
bits = 6;
else if (j & 0x80)
bits = 7;
else
bits = 0; /* should not happen */
}
} else
bits = 0;
ret = 1 + len;
if (pp == NULL)
return (ret);
p = *pp;
*(p++) = (unsigned char)bits;
d = a->data;
memcpy(p, d, len);
p += len;
if (len > 0)
{
if (a->flags & ASN1_STRING_FLAG_BITS_LEFT)
{
bits=(int)a->flags&0x07;
}
else
{
for ( ; len > 0; len--)
{
if (a->data[len-1]) break;
}
j=a->data[len-1];
if (j & 0x01) bits=0;
else if (j & 0x02) bits=1;
else if (j & 0x04) bits=2;
else if (j & 0x08) bits=3;
else if (j & 0x10) bits=4;
else if (j & 0x20) bits=5;
else if (j & 0x40) bits=6;
else if (j & 0x80) bits=7;
else bits=0; /* should not happen */
}
}
else
bits=0;
ret=1+len;
if (pp == NULL) return(ret);
p= *pp;
*(p++)=(unsigned char)bits;
d=a->data;
memcpy(p,d,len);
p+=len;
if (len > 0) p[-1]&=(0xff<<bits);
*pp=p;
return(ret);
}
p[-1] &= (0xff << bits);
*pp = p;
return (ret);
}
ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,
const unsigned char **pp, long len)
{
ASN1_BIT_STRING *ret=NULL;
{
ASN1_BIT_STRING *ret = NULL;
const unsigned char *p;
unsigned char *s;
int i;
if (len < 1)
{
i=ASN1_R_STRING_TOO_SHORT;
if (len < 1) {
i = ASN1_R_STRING_TOO_SHORT;
goto err;
}
if ((a == NULL) || ((*a) == NULL))
{
if ((ret=M_ASN1_BIT_STRING_new()) == NULL) return(NULL);
}
else
ret=(*a);
if ((a == NULL) || ((*a) == NULL)) {
if ((ret = M_ASN1_BIT_STRING_new()) == NULL)
return (NULL);
} else
ret = (*a);
p= *pp;
i= *(p++);
if (i > 7)
{
i=ASN1_R_INVALID_BIT_STRING_BITS_LEFT;
p = *pp;
i = *(p++);
if (i > 7) {
i = ASN1_R_INVALID_BIT_STRING_BITS_LEFT;
goto err;
}
/* We do this to preserve the settings. If we modify
* the settings, via the _set_bit function, we will recalculate
* on output */
ret->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear */
ret->flags|=(ASN1_STRING_FLAG_BITS_LEFT|i); /* set */
/*
* We do this to preserve the settings. If we modify the settings, via
* the _set_bit function, we will recalculate on output
*/
ret->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); /* clear */
ret->flags |= (ASN1_STRING_FLAG_BITS_LEFT | i); /* set */
if (len-- > 1) /* using one because of the bits left byte */
{
s=(unsigned char *)OPENSSL_malloc((int)len);
if (s == NULL)
{
i=ERR_R_MALLOC_FAILURE;
if (len-- > 1) { /* using one because of the bits left byte */
s = (unsigned char *)OPENSSL_malloc((int)len);
if (s == NULL) {
i = ERR_R_MALLOC_FAILURE;
goto err;
}
memcpy(s,p,(int)len);
s[len-1]&=(0xff<<i);
p+=len;
}
else
s=NULL;
memcpy(s, p, (int)len);
s[len - 1] &= (0xff << i);
p += len;
} else
s = NULL;
ret->length=(int)len;
if (ret->data != NULL) OPENSSL_free(ret->data);
ret->data=s;
ret->type=V_ASN1_BIT_STRING;
if (a != NULL) (*a)=ret;
*pp=p;
return(ret);
err:
ASN1err(ASN1_F_C2I_ASN1_BIT_STRING,i);
ret->length = (int)len;
if (ret->data != NULL)
OPENSSL_free(ret->data);
ret->data = s;
ret->type = V_ASN1_BIT_STRING;
if (a != NULL)
(*a) = ret;
*pp = p;
return (ret);
err:
ASN1err(ASN1_F_C2I_ASN1_BIT_STRING, i);
if ((ret != NULL) && ((a == NULL) || (*a != ret)))
M_ASN1_BIT_STRING_free(ret);
return(NULL);
}
return (NULL);
}
/* These next 2 functions from Goetz Babin-Ebell <babinebell@trustcenter.de>
/*
* These next 2 functions from Goetz Babin-Ebell <babinebell@trustcenter.de>
*/
int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value)
{
int w,v,iv;
{
int w, v, iv;
unsigned char *c;
w=n/8;
v=1<<(7-(n&0x07));
iv= ~v;
if (!value) v=0;
w = n / 8;
v = 1 << (7 - (n & 0x07));
iv = ~v;
if (!value)
v = 0;
if (a == NULL)
return 0;
a->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear, set on write */
a->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); /* clear, set on write */
if ((a->length < (w+1)) || (a->data == NULL))
{
if (!value) return(1); /* Don't need to set */
if ((a->length < (w + 1)) || (a->data == NULL)) {
if (!value)
return (1); /* Don't need to set */
if (a->data == NULL)
c=(unsigned char *)OPENSSL_malloc(w+1);
c = (unsigned char *)OPENSSL_malloc(w + 1);
else
c=(unsigned char *)OPENSSL_realloc_clean(a->data,
a->length,
w+1);
if (c == NULL)
{
ASN1err(ASN1_F_ASN1_BIT_STRING_SET_BIT,ERR_R_MALLOC_FAILURE);
c = (unsigned char *)OPENSSL_realloc_clean(a->data,
a->length, w + 1);
if (c == NULL) {
ASN1err(ASN1_F_ASN1_BIT_STRING_SET_BIT, ERR_R_MALLOC_FAILURE);
return 0;
}
if (w+1-a->length > 0) memset(c+a->length, 0, w+1-a->length);
a->data=c;
a->length=w+1;
if (w + 1 - a->length > 0)
memset(c + a->length, 0, w + 1 - a->length);
a->data = c;
a->length = w + 1;
}
a->data[w]=((a->data[w])&iv)|v;
while ((a->length > 0) && (a->data[a->length-1] == 0))
a->data[w] = ((a->data[w]) & iv) | v;
while ((a->length > 0) && (a->data[a->length - 1] == 0))
a->length--;
return(1);
}
return (1);
}
int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n)
{
int w,v;
{
int w, v;
w=n/8;
v=1<<(7-(n&0x07));
if ((a == NULL) || (a->length < (w+1)) || (a->data == NULL))
return(0);
return((a->data[w]&v) != 0);
}
w = n / 8;
v = 1 << (7 - (n & 0x07));
if ((a == NULL) || (a->length < (w + 1)) || (a->data == NULL))
return (0);
return ((a->data[w] & v) != 0);
}
/*
* Checks if the given bit string contains only bits specified by
@ -236,18 +243,20 @@ int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n)
*/
int ASN1_BIT_STRING_check(ASN1_BIT_STRING *a,
unsigned char *flags, int flags_len)
{
{
int i, ok;
/* Check if there is one bit set at all. */
if (!a || !a->data) return 1;
if (!a || !a->data)
return 1;
/* Check each byte of the internal representation of the bit string. */
/*
* Check each byte of the internal representation of the bit string.
*/
ok = 1;
for (i = 0; i < a->length && ok; ++i)
{
for (i = 0; i < a->length && ok; ++i) {
unsigned char mask = i < flags_len ? ~flags[i] : 0xff;
/* We are done if there is an unneeded bit set. */
ok = (a->data[i] & mask) == 0;
}
return ok;
}
}

65
crypto/asn1/a_bool.c
View File

@ -61,54 +61,51 @@
#include <openssl/asn1t.h>
int i2d_ASN1_BOOLEAN(int a, unsigned char **pp)
{
{
int r;
unsigned char *p;
r=ASN1_object_size(0,1,V_ASN1_BOOLEAN);
if (pp == NULL) return(r);
p= *pp;
r = ASN1_object_size(0, 1, V_ASN1_BOOLEAN);
if (pp == NULL)
return (r);
p = *pp;
ASN1_put_object(&p,0,1,V_ASN1_BOOLEAN,V_ASN1_UNIVERSAL);
*(p++)= (unsigned char)a;
*pp=p;
return(r);
}
ASN1_put_object(&p, 0, 1, V_ASN1_BOOLEAN, V_ASN1_UNIVERSAL);
*(p++) = (unsigned char)a;
*pp = p;
return (r);
}
int d2i_ASN1_BOOLEAN(int *a, const unsigned char **pp, long length)
{
int ret= -1;
{
int ret = -1;
const unsigned char *p;
long len;
int inf,tag,xclass;
int i=0;
int inf, tag, xclass;
int i = 0;
p= *pp;
inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
if (inf & 0x80)
{
i=ASN1_R_BAD_OBJECT_HEADER;
p = *pp;
inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
if (inf & 0x80) {
i = ASN1_R_BAD_OBJECT_HEADER;
goto err;
}
if (tag != V_ASN1_BOOLEAN)
{
i=ASN1_R_EXPECTING_A_BOOLEAN;
if (tag != V_ASN1_BOOLEAN) {
i = ASN1_R_EXPECTING_A_BOOLEAN;
goto err;
}
if (len != 1)
{
i=ASN1_R_BOOLEAN_IS_WRONG_LENGTH;
if (len != 1) {
i = ASN1_R_BOOLEAN_IS_WRONG_LENGTH;
goto err;
}
ret= (int)*(p++);
if (a != NULL) (*a)=ret;
*pp=p;
return(ret);
err:
ASN1err(ASN1_F_D2I_ASN1_BOOLEAN,i);
return(ret);
}
ret = (int)*(p++);
if (a != NULL)
(*a) = ret;
*pp = p;
return (ret);
err:
ASN1err(ASN1_F_D2I_ASN1_BOOLEAN, i);
return (ret);
}

336
crypto/asn1/a_bytes.c
View File

@ -61,254 +61,246 @@
#include <openssl/asn1.h>
static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c);
/* type is a 'bitmap' of acceptable string types.
/*
* type is a 'bitmap' of acceptable string types.
*/
ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, const unsigned char **pp,
long length, int type)
{
ASN1_STRING *ret=NULL;
{
ASN1_STRING *ret = NULL;
const unsigned char *p;
unsigned char *s;
long len;
int inf,tag,xclass;
int i=0;
int inf, tag, xclass;
int i = 0;
p= *pp;
inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
if (inf & 0x80) goto err;
p = *pp;
inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
if (inf & 0x80)
goto err;
if (tag >= 32)
{
i=ASN1_R_TAG_VALUE_TOO_HIGH;
if (tag >= 32) {
i = ASN1_R_TAG_VALUE_TOO_HIGH;
goto err;
}
if (!(ASN1_tag2bit(tag) & type))
{
i=ASN1_R_WRONG_TYPE;
if (!(ASN1_tag2bit(tag) & type)) {
i = ASN1_R_WRONG_TYPE;
goto err;
}
/* If a bit-string, exit early */
if (tag == V_ASN1_BIT_STRING)
return(d2i_ASN1_BIT_STRING(a,pp,length));
return (d2i_ASN1_BIT_STRING(a, pp, length));
if ((a == NULL) || ((*a) == NULL))
{
if ((ret=ASN1_STRING_new()) == NULL) return(NULL);
}
else
ret=(*a);
if ((a == NULL) || ((*a) == NULL)) {
if ((ret = ASN1_STRING_new()) == NULL)
return (NULL);
} else
ret = (*a);
if (len != 0)
{
s=(unsigned char *)OPENSSL_malloc((int)len+1);
if (s == NULL)
{
i=ERR_R_MALLOC_FAILURE;
if (len != 0) {
s = (unsigned char *)OPENSSL_malloc((int)len + 1);
if (s == NULL) {
i = ERR_R_MALLOC_FAILURE;
goto err;
}
memcpy(s,p,(int)len);
s[len]='\0';
p+=len;
}
else
s=NULL;
memcpy(s, p, (int)len);
s[len] = '\0';
p += len;
} else
s = NULL;
if (ret->data != NULL) OPENSSL_free(ret->data);
ret->length=(int)len;
ret->data=s;
ret->type=tag;
if (a != NULL) (*a)=ret;
*pp=p;
return(ret);
err:
ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES,i);
if (ret->data != NULL)
OPENSSL_free(ret->data);
ret->length = (int)len;
ret->data = s;
ret->type = tag;
if (a != NULL)
(*a) = ret;
*pp = p;
return (ret);
err:
ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES, i);
if ((ret != NULL) && ((a == NULL) || (*a != ret)))
ASN1_STRING_free(ret);
return(NULL);
}
return (NULL);
}
int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass)
{
int ret,r,constructed;
{
int ret, r, constructed;
unsigned char *p;
if (a == NULL) return(0);
if (a == NULL)
return (0);
if (tag == V_ASN1_BIT_STRING)
return(i2d_ASN1_BIT_STRING(a,pp));
return (i2d_ASN1_BIT_STRING(a, pp));
ret=a->length;
r=ASN1_object_size(0,ret,tag);
if (pp == NULL) return(r);
p= *pp;
ret = a->length;
r = ASN1_object_size(0, ret, tag);
if (pp == NULL)
return (r);
p = *pp;
if ((tag == V_ASN1_SEQUENCE) || (tag == V_ASN1_SET))
constructed=1;
constructed = 1;
else
constructed=0;
ASN1_put_object(&p,constructed,ret,tag,xclass);
memcpy(p,a->data,a->length);
p+=a->length;
*pp= p;
return(r);
}
constructed = 0;
ASN1_put_object(&p, constructed, ret, tag, xclass);
memcpy(p, a->data, a->length);
p += a->length;
*pp = p;
return (r);
}
ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
long length, int Ptag, int Pclass)
{
ASN1_STRING *ret=NULL;
{
ASN1_STRING *ret = NULL;
const unsigned char *p;
unsigned char *s;
long len;
int inf,tag,xclass;
int i=0;
int inf, tag, xclass;
int i = 0;
if ((a == NULL) || ((*a) == NULL))
{
if ((ret=ASN1_STRING_new()) == NULL) return(NULL);
}
else
ret=(*a);
if ((a == NULL) || ((*a) == NULL)) {
if ((ret = ASN1_STRING_new()) == NULL)
return (NULL);
} else
ret = (*a);
p= *pp;
inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
if (inf & 0x80)
{
i=ASN1_R_BAD_OBJECT_HEADER;
p = *pp;
inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
if (inf & 0x80) {
i = ASN1_R_BAD_OBJECT_HEADER;
goto err;
}
if (tag != Ptag)
{
i=ASN1_R_WRONG_TAG;
if (tag != Ptag) {
i = ASN1_R_WRONG_TAG;
goto err;
}
if (inf & V_ASN1_CONSTRUCTED)
{
if (inf & V_ASN1_CONSTRUCTED) {
ASN1_const_CTX c;
c.pp=pp;
c.p=p;
c.inf=inf;
c.slen=len;
c.tag=Ptag;
c.xclass=Pclass;
c.max=(length == 0)?0:(p+length);
if (!asn1_collate_primitive(ret,&c))
c.pp = pp;
c.p = p;
c.inf = inf;
c.slen = len;
c.tag = Ptag;
c.xclass = Pclass;
c.max = (length == 0) ? 0 : (p + length);
if (!asn1_collate_primitive(ret, &c))
goto err;
else
{
p=c.p;
else {
p = c.p;
}
}
else
{
if (len != 0)
{
if ((ret->length < len) || (ret->data == NULL))
{
if (ret->data != NULL) OPENSSL_free(ret->data);
s=(unsigned char *)OPENSSL_malloc((int)len + 1);
if (s == NULL)
{
i=ERR_R_MALLOC_FAILURE;
} else {
if (len != 0) {
if ((ret->length < len) || (ret->data == NULL)) {
if (ret->data != NULL)
OPENSSL_free(ret->data);
s = (unsigned char *)OPENSSL_malloc((int)len + 1);
if (s == NULL) {
i = ERR_R_MALLOC_FAILURE;
goto err;
}
}
else
s=ret->data;
memcpy(s,p,(int)len);
} else
s = ret->data;
memcpy(s, p, (int)len);
s[len] = '\0';
p+=len;
}
else
{
s=NULL;
if (ret->data != NULL) OPENSSL_free(ret->data);
p += len;
} else {
s = NULL;
if (ret->data != NULL)
OPENSSL_free(ret->data);
}
ret->length=(int)len;
ret->data=s;
ret->type=Ptag;
ret->length = (int)len;
ret->data = s;
ret->type = Ptag;
}
if (a != NULL) (*a)=ret;
*pp=p;
return(ret);
err:
if (a != NULL)
(*a) = ret;
*pp = p;
return (ret);
err:
if ((ret != NULL) && ((a == NULL) || (*a != ret)))
ASN1_STRING_free(ret);
ASN1err(ASN1_F_D2I_ASN1_BYTES,i);
return(NULL);
}
ASN1err(ASN1_F_D2I_ASN1_BYTES, i);
return (NULL);
}
/* We are about to parse 0..n d2i_ASN1_bytes objects, we are to collapse
* them into the one structure that is then returned */
/* There have been a few bug fixes for this function from
* Paul Keogh <paul.keogh@sse.ie>, many thanks to him */
/*
* We are about to parse 0..n d2i_ASN1_bytes objects, we are to collapse them
* into the one structure that is then returned
*/
/*
* There have been a few bug fixes for this function from Paul Keogh
* <paul.keogh@sse.ie>, many thanks to him
*/
static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c)
{
ASN1_STRING *os=NULL;
{
ASN1_STRING *os = NULL;
BUF_MEM b;
int num;
b.length=0;
b.max=0;
b.data=NULL;
b.length = 0;
b.max = 0;
b.data = NULL;
if (a == NULL)
{
c->error=ERR_R_PASSED_NULL_PARAMETER;
if (a == NULL) {
c->error = ERR_R_PASSED_NULL_PARAMETER;
goto err;
}
num=0;
for (;;)
{
if (c->inf & 1)
{
c->eos=ASN1_const_check_infinite_end(&c->p,
(long)(c->max-c->p));
if (c->eos) break;
}
else
{
if (c->slen <= 0) break;
num = 0;
for (;;) {
if (c->inf & 1) {
c->eos = ASN1_const_check_infinite_end(&c->p,
(long)(c->max - c->p));
if (c->eos)
break;
} else {
if (c->slen <= 0)
break;
}
c->q=c->p;
if (d2i_ASN1_bytes(&os,&c->p,c->max-c->p,c->tag,c->xclass)
== NULL)
{
c->error=ERR_R_ASN1_LIB;
c->q = c->p;
if (d2i_ASN1_bytes(&os, &c->p, c->max - c->p, c->tag, c->xclass)
== NULL) {
c->error = ERR_R_ASN1_LIB;
goto err;
}
if (!BUF_MEM_grow_clean(&b,num+os->length))
{
c->error=ERR_R_BUF_LIB;
if (!BUF_MEM_grow_clean(&b, num + os->length)) {
c->error = ERR_R_BUF_LIB;
goto err;
}
memcpy(&(b.data[num]),os->data,os->length);
memcpy(&(b.data[num]), os->data, os->length);
if (!(c->inf & 1))
c->slen-=(c->p-c->q);
num+=os->length;
c->slen -= (c->p - c->q);
num += os->length;
}
if (!asn1_const_Finish(c)) goto err;
a->length=num;
if (a->data != NULL) OPENSSL_free(a->data);
a->data=(unsigned char *)b.data;
if (os != NULL) ASN1_STRING_free(os);
return(1);
err:
ASN1err(ASN1_F_ASN1_COLLATE_PRIMITIVE,c->error);
if (os != NULL) ASN1_STRING_free(os);
if (b.data != NULL) OPENSSL_free(b.data);
return(0);
}
if (!asn1_const_Finish(c))
goto err;
a->length = num;
if (a->data != NULL)
OPENSSL_free(a->data);
a->data = (unsigned char *)b.data;
if (os != NULL)
ASN1_STRING_free(os);
return (1);
err:
ASN1err(ASN1_F_ASN1_COLLATE_PRIMITIVE, c->error);
if (os != NULL)
ASN1_STRING_free(os);
if (b.data != NULL)
OPENSSL_free(b.data);
return (0);
}

228
crypto/asn1/a_d2i_fp.c
View File

@ -65,222 +65,204 @@
static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb);
#ifndef NO_OLD_ASN1
#ifndef OPENSSL_NO_FP_API
# ifndef OPENSSL_NO_FP_API
void *ASN1_d2i_fp(void *(*xnew)(void), d2i_of_void *d2i, FILE *in, void **x)
{
void *ASN1_d2i_fp(void *(*xnew) (void), d2i_of_void *d2i, FILE *in, void **x)
{
BIO *b;
void *ret;
if ((b=BIO_new(BIO_s_file())) == NULL)
{
ASN1err(ASN1_F_ASN1_D2I_FP,ERR_R_BUF_LIB);
return(NULL);
if ((b = BIO_new(BIO_s_file())) == NULL) {
ASN1err(ASN1_F_ASN1_D2I_FP, ERR_R_BUF_LIB);
return (NULL);
}
BIO_set_fp(b,in,BIO_NOCLOSE);
ret=ASN1_d2i_bio(xnew,d2i,b,x);
BIO_set_fp(b, in, BIO_NOCLOSE);
ret = ASN1_d2i_bio(xnew, d2i, b, x);
BIO_free(b);
return(ret);
}
#endif
return (ret);
}
# endif
void *ASN1_d2i_bio(void *(*xnew)(void), d2i_of_void *d2i, BIO *in, void **x)
{
void *ASN1_d2i_bio(void *(*xnew) (void), d2i_of_void *d2i, BIO *in, void **x)
{
BUF_MEM *b = NULL;
const unsigned char *p;
void *ret=NULL;
void *ret = NULL;
int len;
len = asn1_d2i_read_bio(in, &b);
if(len < 0) goto err;
if (len < 0)
goto err;
p=(unsigned char *)b->data;
ret=d2i(x,&p,len);
err:
if (b != NULL) BUF_MEM_free(b);
return(ret);
}
p = (unsigned char *)b->data;
ret = d2i(x, &p, len);
err:
if (b != NULL)
BUF_MEM_free(b);
return (ret);
}
#endif
void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x)
{
{
BUF_MEM *b = NULL;
const unsigned char *p;
void *ret=NULL;
void *ret = NULL;
int len;
len = asn1_d2i_read_bio(in, &b);
if(len < 0) goto err;
if (len < 0)
goto err;
p=(const unsigned char *)b->data;
ret=ASN1_item_d2i(x,&p,len, it);
err:
if (b != NULL) BUF_MEM_free(b);
return(ret);
}
p = (const unsigned char *)b->data;
ret = ASN1_item_d2i(x, &p, len, it);
err:
if (b != NULL)
BUF_MEM_free(b);
return (ret);
}
#ifndef OPENSSL_NO_FP_API
void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x)
{
{
BIO *b;
char *ret;
if ((b=BIO_new(BIO_s_file())) == NULL)
{
ASN1err(ASN1_F_ASN1_ITEM_D2I_FP,ERR_R_BUF_LIB);
return(NULL);
if ((b = BIO_new(BIO_s_file())) == NULL) {
ASN1err(ASN1_F_ASN1_ITEM_D2I_FP, ERR_R_BUF_LIB);
return (NULL);
}
BIO_set_fp(b,in,BIO_NOCLOSE);
ret=ASN1_item_d2i_bio(it,b,x);
BIO_set_fp(b, in, BIO_NOCLOSE);
ret = ASN1_item_d2i_bio(it, b, x);
BIO_free(b);
return(ret);
}
return (ret);
}
#endif
#define HEADER_SIZE 8
static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
{
{
BUF_MEM *b;
unsigned char *p;
int i;
ASN1_const_CTX c;
size_t want=HEADER_SIZE;
int eos=0;
size_t off=0;
size_t len=0;
size_t want = HEADER_SIZE;
int eos = 0;
size_t off = 0;
size_t len = 0;
b=BUF_MEM_new();
if (b == NULL)
{
ASN1err(ASN1_F_ASN1_D2I_READ_BIO,ERR_R_MALLOC_FAILURE);
b = BUF_MEM_new();
if (b == NULL) {
ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE);
return -1;
}
ERR_clear_error();
for (;;)
{
if (want >= (len-off))
{
want-=(len-off);
for (;;) {
if (want >= (len - off)) {
want -= (len - off);
if (len + want < len || !BUF_MEM_grow_clean(b,len+want))
{
ASN1err(ASN1_F_ASN1_D2I_READ_BIO,ERR_R_MALLOC_FAILURE);
if (len + want < len || !BUF_MEM_grow_clean(b, len + want)) {
ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE);
goto err;
}
i=BIO_read(in,&(b->data[len]),want);
if ((i < 0) && ((len-off) == 0))
{
ASN1err(ASN1_F_ASN1_D2I_READ_BIO,ASN1_R_NOT_ENOUGH_DATA);
i = BIO_read(in, &(b->data[len]), want);
if ((i < 0) && ((len - off) == 0)) {
ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_NOT_ENOUGH_DATA);
goto err;
}
if (i > 0)
{
if (len+i < len)
{
ASN1err(ASN1_F_ASN1_D2I_READ_BIO,ASN1_R_TOO_LONG);
if (i > 0) {
if (len + i < len) {
ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
goto err;
}
len+=i;
len += i;
}
}
/* else data already loaded */
p=(unsigned char *)&(b->data[off]);
c.p=p;
c.inf=ASN1_get_object(&(c.p),&(c.slen),&(c.tag),&(c.xclass),
len-off);
if (c.inf & 0x80)
{
p = (unsigned char *)&(b->data[off]);
c.p = p;
c.inf = ASN1_get_object(&(c.p), &(c.slen), &(c.tag), &(c.xclass),
len - off);
if (c.inf & 0x80) {
unsigned long e;
e=ERR_GET_REASON(ERR_peek_error());
e = ERR_GET_REASON(ERR_peek_error());
if (e != ASN1_R_TOO_LONG)
goto err;
else
ERR_clear_error(); /* clear error */
}
i=c.p-p;/* header length */
off+=i; /* end of data */
i = c.p - p; /* header length */
off += i; /* end of data */
if (c.inf & 1)
{
if (c.inf & 1) {
/* no data body so go round again */
eos++;
if (eos < 0)
{
ASN1err(ASN1_F_ASN1_D2I_READ_BIO,ASN1_R_HEADER_TOO_LONG);
if (eos < 0) {
ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_HEADER_TOO_LONG);
goto err;
}
want=HEADER_SIZE;
}
else if (eos && (c.slen == 0) && (c.tag == V_ASN1_EOC))
{
want = HEADER_SIZE;
} else if (eos && (c.slen == 0) && (c.tag == V_ASN1_EOC)) {
/* eos value, so go back and read another header */
eos--;
if (eos <= 0)
break;
else
want=HEADER_SIZE;
}
else
{
want = HEADER_SIZE;
} else {
/* suck in c.slen bytes of data */
want=c.slen;
if (want > (len-off))
{
want-=(len-off);
want = c.slen;
if (want > (len - off)) {
want -= (len - off);
if (want > INT_MAX /* BIO_read takes an int length */ ||
len+want < len)
{
ASN1err(ASN1_F_ASN1_D2I_READ_BIO,ASN1_R_TOO_LONG);
len + want < len) {
ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
goto err;
}
if (!BUF_MEM_grow_clean(b,len+want))
{
ASN1err(ASN1_F_ASN1_D2I_READ_BIO,ERR_R_MALLOC_FAILURE);
if (!BUF_MEM_grow_clean(b, len + want)) {
ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE);
goto err;
}
while (want > 0)
{
i=BIO_read(in,&(b->data[len]),want);
if (i <= 0)
{
while (want > 0) {
i = BIO_read(in, &(b->data[len]), want);
if (i <= 0) {
ASN1err(ASN1_F_ASN1_D2I_READ_BIO,
ASN1_R_NOT_ENOUGH_DATA);
goto err;
}
/* This can't overflow because
* |len+want| didn't overflow. */
len+=i;
want-=i;
/*
* This can't overflow because |len+want| didn't
* overflow.
*/
len += i;
want -= i;
}
}
if (off + c.slen < off)
{
ASN1err(ASN1_F_ASN1_D2I_READ_BIO,ASN1_R_TOO_LONG);
if (off + c.slen < off) {
ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
goto err;
}
off+=c.slen;
if (eos <= 0)
{
off += c.slen;
if (eos <= 0) {
break;
}
else
want=HEADER_SIZE;
} else
want = HEADER_SIZE;
}
}
if (off > INT_MAX)
{
ASN1err(ASN1_F_ASN1_D2I_READ_BIO,ASN1_R_TOO_LONG);
if (off > INT_MAX) {
ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
goto err;
}
*pb = b;
return off;
err:
if (b != NULL) BUF_MEM_free(b);
err:
if (b != NULL)
BUF_MEM_free(b);
return -1;
}
}

34
crypto/asn1/a_digest.c
View File

@ -74,40 +74,38 @@
int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data,
unsigned char *md, unsigned int *len)
{
{
int i;
unsigned char *str,*p;
unsigned char *str, *p;
i=i2d(data,NULL);
if ((str=(unsigned char *)OPENSSL_malloc(i)) == NULL)
{
ASN1err(ASN1_F_ASN1_DIGEST,ERR_R_MALLOC_FAILURE);
return(0);
i = i2d(data, NULL);
if ((str = (unsigned char *)OPENSSL_malloc(i)) == NULL) {
ASN1err(ASN1_F_ASN1_DIGEST, ERR_R_MALLOC_FAILURE);
return (0);
}
p=str;
i2d(data,&p);
p = str;
i2d(data, &p);
if (!EVP_Digest(str, i, md, len, type, NULL))
return 0;
OPENSSL_free(str);
return(1);
}
return (1);
}
#endif
int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *asn,
unsigned char *md, unsigned int *len)
{
{
int i;
unsigned char *str = NULL;
i=ASN1_item_i2d(asn,&str, it);
if (!str) return(0);
i = ASN1_item_i2d(asn, &str, it);
if (!str)
return (0);
if (!EVP_Digest(str, i, md, len, type, NULL))
return 0;
OPENSSL_free(str);
return(1);
}
return (1);
}

58
crypto/asn1/a_dup.c
View File

@ -63,47 +63,55 @@
#ifndef NO_OLD_ASN1
void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x)
{
unsigned char *b,*p;
{
unsigned char *b, *p;
const unsigned char *p2;
int i;
char *ret;
if (x == NULL) return(NULL);
if (x == NULL)
return (NULL);
i=i2d(x,NULL);
b=OPENSSL_malloc(i+10);
if (b == NULL)
{ ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE); return(NULL); }
p= b;
i=i2d(x,&p);
p2= b;
ret=d2i(NULL,&p2,i);
OPENSSL_free(b);
return(ret);
i = i2d(x, NULL);
b = OPENSSL_malloc(i + 10);
if (b == NULL) {
ASN1err(ASN1_F_ASN1_DUP, ERR_R_MALLOC_FAILURE);
return (NULL);
}
p = b;
i = i2d(x, &p);
p2 = b;
ret = d2i(NULL, &p2, i);
OPENSSL_free(b);
return (ret);
}
#endif
/* ASN1_ITEM version of dup: this follows the model above except we don't need
* to allocate the buffer. At some point this could be rewritten to directly dup
* the underlying structure instead of doing and encode and decode.
/*
* ASN1_ITEM version of dup: this follows the model above except we don't
* need to allocate the buffer. At some point this could be rewritten to
* directly dup the underlying structure instead of doing and encode and
* decode.
*/
void *ASN1_item_dup(const ASN1_ITEM *it, void *x)
{
{
unsigned char *b = NULL;
const unsigned char *p;
long i;
void *ret;
if (x == NULL) return(NULL);
if (x == NULL)
return (NULL);
i=ASN1_item_i2d(x,&b,it);
if (b == NULL)
{ ASN1err(ASN1_F_ASN1_ITEM_DUP,ERR_R_MALLOC_FAILURE); return(NULL); }
p= b;
ret=ASN1_item_d2i(NULL,&p,i, it);
OPENSSL_free(b);
return(ret);
i = ASN1_item_i2d(x, &b, it);
if (b == NULL) {
ASN1err(ASN1_F_ASN1_ITEM_DUP, ERR_R_MALLOC_FAILURE);
return (NULL);
}
p = b;
ret = ASN1_item_d2i(NULL, &p, i, it);
OPENSSL_free(b);
return (ret);
}

147
crypto/asn1/a_enum.c
View File

@ -67,116 +67,115 @@
*/
int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v)
{
int j,k;
{
int j, k;
unsigned int i;
unsigned char buf[sizeof(long)+1];
unsigned char buf[sizeof(long) + 1];
long d;
a->type=V_ASN1_ENUMERATED;
if (a->length < (int)(sizeof(long)+1))
{
a->type = V_ASN1_ENUMERATED;
if (a->length < (int)(sizeof(long) + 1)) {
if (a->data != NULL)
OPENSSL_free(a->data);
if ((a->data=(unsigned char *)OPENSSL_malloc(sizeof(long)+1)) != NULL)
memset((char *)a->data,0,sizeof(long)+1);
if ((a->data =
(unsigned char *)OPENSSL_malloc(sizeof(long) + 1)) != NULL)
memset((char *)a->data, 0, sizeof(long) + 1);
}
if (a->data == NULL)
{
ASN1err(ASN1_F_ASN1_ENUMERATED_SET,ERR_R_MALLOC_FAILURE);
return(0);
if (a->data == NULL) {
ASN1err(ASN1_F_ASN1_ENUMERATED_SET, ERR_R_MALLOC_FAILURE);
return (0);
}
d=v;
if (d < 0)
{
d= -d;
a->type=V_ASN1_NEG_ENUMERATED;
d = v;
if (d < 0) {
d = -d;
a->type = V_ASN1_NEG_ENUMERATED;
}
for (i=0; i<sizeof(long); i++)
{
if (d == 0) break;
buf[i]=(int)d&0xff;
d>>=8;
}
j=0;
for (k=i-1; k >=0; k--)
a->data[j++]=buf[k];
a->length=j;
return(1);
for (i = 0; i < sizeof(long); i++) {
if (d == 0)
break;
buf[i] = (int)d & 0xff;
d >>= 8;
}
j = 0;
for (k = i - 1; k >= 0; k--)
a->data[j++] = buf[k];
a->length = j;
return (1);
}
long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a)
{
int neg=0,i;
long r=0;
{
int neg = 0, i;
long r = 0;
if (a == NULL) return(0L);
i=a->type;
if (a == NULL)
return (0L);
i = a->type;
if (i == V_ASN1_NEG_ENUMERATED)
neg=1;
neg = 1;
else if (i != V_ASN1_ENUMERATED)
return -1;
if (a->length > (int)sizeof(long))
{
if (a->length > (int)sizeof(long)) {
/* hmm... a bit ugly */
return(0xffffffffL);
return (0xffffffffL);
}
if (a->data == NULL)
return 0;
for (i=0; i<a->length; i++)
{
r<<=8;
r|=(unsigned char)a->data[i];
}
if (neg) r= -r;
return(r);
for (i = 0; i < a->length; i++) {
r <<= 8;
r |= (unsigned char)a->data[i];
}
if (neg)
r = -r;
return (r);
}
ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai)
{
{
ASN1_ENUMERATED *ret;
int len,j;
int len, j;
if (ai == NULL)
ret=M_ASN1_ENUMERATED_new();
ret = M_ASN1_ENUMERATED_new();
else
ret=ai;
if (ret == NULL)
{
ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED,ERR_R_NESTED_ASN1_ERROR);
ret = ai;
if (ret == NULL) {
ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED, ERR_R_NESTED_ASN1_ERROR);
goto err;
}
if(BN_is_negative(bn)) ret->type = V_ASN1_NEG_ENUMERATED;
else ret->type=V_ASN1_ENUMERATED;
j=BN_num_bits(bn);
len=((j == 0)?0:((j/8)+1));
if (ret->length < len+4)
{
unsigned char *new_data=OPENSSL_realloc(ret->data, len+4);
if (!new_data)
{
ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED,ERR_R_MALLOC_FAILURE);
if (BN_is_negative(bn))
ret->type = V_ASN1_NEG_ENUMERATED;
else
ret->type = V_ASN1_ENUMERATED;
j = BN_num_bits(bn);
len = ((j == 0) ? 0 : ((j / 8) + 1));
if (ret->length < len + 4) {
unsigned char *new_data = OPENSSL_realloc(ret->data, len + 4);
if (!new_data) {
ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE);
goto err;
}
ret->data=new_data;
ret->data = new_data;
}
ret->length=BN_bn2bin(bn,ret->data);
return(ret);
err:
if (ret != ai) M_ASN1_ENUMERATED_free(ret);
return(NULL);
}
ret->length = BN_bn2bin(bn, ret->data);
return (ret);
err:
if (ret != ai)
M_ASN1_ENUMERATED_free(ret);
return (NULL);
}
BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn)
{
{
BIGNUM *ret;
if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL)
ASN1err(ASN1_F_ASN1_ENUMERATED_TO_BN,ASN1_R_BN_LIB);
else if(ai->type == V_ASN1_NEG_ENUMERATED) BN_set_negative(ret,1);
return(ret);
}
if ((ret = BN_bin2bn(ai->data, ai->length, bn)) == NULL)
ASN1err(ASN1_F_ASN1_ENUMERATED_TO_BN, ASN1_R_BN_LIB);
else if (ai->type == V_ASN1_NEG_ENUMERATED)
BN_set_negative(ret, 1);
return (ret);
}

247
crypto/asn1/a_gentm.c
View File

@ -56,7 +56,9 @@
* [including the GNU Public Licence.]
*/
/* GENERALIZEDTIME implementation, written by Steve Henson. Based on UTCTIME */
/*
* GENERALIZEDTIME implementation, written by Steve Henson. Based on UTCTIME
*/
#include <stdio.h>
#include <time.h>
@ -68,8 +70,8 @@
#if 0
int i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a, unsigned char **pp)
{
#ifdef CHARSET_EBCDIC
{
# ifdef CHARSET_EBCDIC
/* KLUDGE! We convert to ascii before writing DER */
int len;
char tmp[24];
@ -79,82 +81,85 @@ int i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a, unsigned char **pp)
ebcdic2ascii(tmp, tmpstr.data, (len >= sizeof tmp) ? sizeof tmp : len);
tmpstr.data = tmp;
a = (ASN1_GENERALIZEDTIME *) &tmpstr;
#endif
return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
V_ASN1_GENERALIZEDTIME,V_ASN1_UNIVERSAL));
}
a = (ASN1_GENERALIZEDTIME *)&tmpstr;
# endif
return (i2d_ASN1_bytes((ASN1_STRING *)a, pp,
V_ASN1_GENERALIZEDTIME, V_ASN1_UNIVERSAL));
}
ASN1_GENERALIZEDTIME *d2i_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME **a,
unsigned char **pp, long length)
{
ASN1_GENERALIZEDTIME *ret=NULL;
unsigned char **pp,
long length)
{
ASN1_GENERALIZEDTIME *ret = NULL;
ret=(ASN1_GENERALIZEDTIME *)d2i_ASN1_bytes((ASN1_STRING **)a,pp,length,
V_ASN1_GENERALIZEDTIME,V_ASN1_UNIVERSAL);
if (ret == NULL)
{
ASN1err(ASN1_F_D2I_ASN1_GENERALIZEDTIME,ERR_R_NESTED_ASN1_ERROR);
return(NULL);
ret =
(ASN1_GENERALIZEDTIME *)d2i_ASN1_bytes((ASN1_STRING **)a, pp, length,
V_ASN1_GENERALIZEDTIME,
V_ASN1_UNIVERSAL);
if (ret == NULL) {
ASN1err(ASN1_F_D2I_ASN1_GENERALIZEDTIME, ERR_R_NESTED_ASN1_ERROR);
return (NULL);
}
#ifdef CHARSET_EBCDIC
# ifdef CHARSET_EBCDIC
ascii2ebcdic(ret->data, ret->data, ret->length);
#endif
if (!ASN1_GENERALIZEDTIME_check(ret))
{
ASN1err(ASN1_F_D2I_ASN1_GENERALIZEDTIME,ASN1_R_INVALID_TIME_FORMAT);
# endif
if (!ASN1_GENERALIZEDTIME_check(ret)) {
ASN1err(ASN1_F_D2I_ASN1_GENERALIZEDTIME, ASN1_R_INVALID_TIME_FORMAT);
goto err;
}
return(ret);
err:
return (ret);
err:
if ((ret != NULL) && ((a == NULL) || (*a != ret)))
M_ASN1_GENERALIZEDTIME_free(ret);
return(NULL);
}
return (NULL);
}
#endif
int asn1_generalizedtime_to_tm(struct tm *tm, const ASN1_GENERALIZEDTIME *d)
{
static const int min[9]={ 0, 0, 1, 1, 0, 0, 0, 0, 0};
static const int max[9]={99, 99,12,31,23,59,59,12,59};
{
static const int min[9] = { 0, 0, 1, 1, 0, 0, 0, 0, 0 };
static const int max[9] = { 99, 99, 12, 31, 23, 59, 59, 12, 59 };
char *a;
int n,i,l,o;
int n, i, l, o;
if (d->type != V_ASN1_GENERALIZEDTIME) return(0);
l=d->length;
a=(char *)d->data;
o=0;
/* GENERALIZEDTIME is similar to UTCTIME except the year is
* represented as YYYY. This stuff treats everything as a two digit
* field so make first two fields 00 to 99
if (d->type != V_ASN1_GENERALIZEDTIME)
return (0);
l = d->length;
a = (char *)d->data;
o = 0;
/*
* GENERALIZEDTIME is similar to UTCTIME except the year is represented
* as YYYY. This stuff treats everything as a two digit field so make
* first two fields 00 to 99
*/
if (l < 13) goto err;
for (i=0; i<7; i++)
{
if ((i == 6) && ((a[o] == 'Z') ||
(a[o] == '+') || (a[o] == '-')))
{
if (l < 13)
goto err;
for (i = 0; i < 7; i++) {
if ((i == 6) && ((a[o] == 'Z') || (a[o] == '+') || (a[o] == '-'))) {
i++;
if (tm)
tm->tm_sec = 0;
break;
}
if ((a[o] < '0') || (a[o] > '9')) goto err;
n= a[o]-'0';
if (++o > l) goto err;
if ((a[o] < '0') || (a[o] > '9'))
goto err;
n = a[o] - '0';
if (++o > l)
goto err;
if ((a[o] < '0') || (a[o] > '9')) goto err;
n=(n*10)+ a[o]-'0';
if (++o > l) goto err;
if ((a[o] < '0') || (a[o] > '9'))
goto err;
n = (n * 10) + a[o] - '0';
if (++o > l)
goto err;
if ((n < min[i]) || (n > max[i])) goto err;
if (tm)
{
switch(i)
{
if ((n < min[i]) || (n > max[i]))
goto err;
if (tm) {
switch (i) {
case 0:
tm->tm_year = n * 100 - 1900;
break;
@ -179,36 +184,39 @@ int asn1_generalizedtime_to_tm(struct tm *tm, const ASN1_GENERALIZEDTIME *d)
}
}
}
/* Optional fractional seconds: decimal point followed by one
* or more digits.
/*
* Optional fractional seconds: decimal point followed by one or more
* digits.
*/
if (a[o] == '.')
{
if (++o > l) goto err;
if (a[o] == '.') {
if (++o > l)
goto err;
i = o;
while ((a[o] >= '0') && (a[o] <= '9') && (o <= l))
o++;
/* Must have at least one digit after decimal point */
if (i == o) goto err;
if (i == o)
goto err;
}
if (a[o] == 'Z')
o++;
else if ((a[o] == '+') || (a[o] == '-'))
{
else if ((a[o] == '+') || (a[o] == '-')) {
int offsign = a[o] == '-' ? -1 : 1, offset = 0;
o++;
if (o+4 > l) goto err;
for (i=7; i<9; i++)
{
if ((a[o] < '0') || (a[o] > '9')) goto err;
n= a[o]-'0';
if (o + 4 > l)
goto err;
for (i = 7; i < 9; i++) {
if ((a[o] < '0') || (a[o] > '9'))
goto err;
n = a[o] - '0';
o++;
if ((a[o] < '0') || (a[o] > '9')) goto err;
n=(n*10)+ a[o]-'0';
if ((n < min[i]) || (n > max[i])) goto err;
if (tm)
{
if ((a[o] < '0') || (a[o] > '9'))
goto err;
n = (n * 10) + a[o] - '0';
if ((n < min[i]) || (n > max[i]))
goto err;
if (tm) {
if (i == 7)
offset = n * 3600;
else if (i == 8)
@ -218,94 +226,87 @@ int asn1_generalizedtime_to_tm(struct tm *tm, const ASN1_GENERALIZEDTIME *d)
}
if (offset && !OPENSSL_gmtime_adj(tm, 0, offset * offsign))
return 0;
}
else if (a[o])
{
} else if (a[o]) {
/* Missing time zone information. */
goto err;
}
return(o == l);
err:
return(0);
}
return (o == l);
err:
return (0);
}
int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *d)
{
{
return asn1_generalizedtime_to_tm(NULL, d);
}
}
int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str)
{
{
ASN1_GENERALIZEDTIME t;
t.type=V_ASN1_GENERALIZEDTIME;
t.length=strlen(str);
t.data=(unsigned char *)str;
if (ASN1_GENERALIZEDTIME_check(&t))
{
if (s != NULL)
{
t.type = V_ASN1_GENERALIZEDTIME;
t.length = strlen(str);
t.data = (unsigned char *)str;
if (ASN1_GENERALIZEDTIME_check(&t)) {
if (s != NULL) {
if (!ASN1_STRING_set((ASN1_STRING *)s,
(unsigned char *)str,t.length))
(unsigned char *)str, t.length))
return 0;
s->type=V_ASN1_GENERALIZEDTIME;
}
return(1);
}
else
return(0);
s->type = V_ASN1_GENERALIZEDTIME;
}
return (1);
} else
return (0);
}
ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
time_t t)
{
{
return ASN1_GENERALIZEDTIME_adj(s, t, 0, 0);
}
}
ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
time_t t, int offset_day, long offset_sec)
{
time_t t, int offset_day,
long offset_sec)
{
char *p;
struct tm *ts;
struct tm data;
size_t len = 20;
if (s == NULL)
s=M_ASN1_GENERALIZEDTIME_new();
s = M_ASN1_GENERALIZEDTIME_new();
if (s == NULL)
return(NULL);
return (NULL);
ts=OPENSSL_gmtime(&t, &data);
ts = OPENSSL_gmtime(&t, &data);
if (ts == NULL)
return(NULL);
return (NULL);
if (offset_day || offset_sec)
{
if (offset_day || offset_sec) {
if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
return NULL;
}
p=(char *)s->data;
if ((p == NULL) || ((size_t)s->length < len))
{
p=OPENSSL_malloc(len);
if (p == NULL)
{
ASN1err(ASN1_F_ASN1_GENERALIZEDTIME_ADJ,
ERR_R_MALLOC_FAILURE);
return(NULL);
p = (char *)s->data;
if ((p == NULL) || ((size_t)s->length < len)) {
p = OPENSSL_malloc(len);
if (p == NULL) {
ASN1err(ASN1_F_ASN1_GENERALIZEDTIME_ADJ, ERR_R_MALLOC_FAILURE);
return (NULL);
}
if (s->data != NULL)
OPENSSL_free(s->data);
s->data=(unsigned char *)p;
s->data = (unsigned char *)p;
}
BIO_snprintf(p,len,"%04d%02d%02d%02d%02d%02dZ",ts->tm_year + 1900,
ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec);
s->length=strlen(p);
s->type=V_ASN1_GENERALIZEDTIME;
BIO_snprintf(p, len, "%04d%02d%02d%02d%02d%02dZ", ts->tm_year + 1900,
ts->tm_mon + 1, ts->tm_mday, ts->tm_hour, ts->tm_min,
ts->tm_sec);
s->length = strlen(p);
s->type = V_ASN1_GENERALIZEDTIME;
#ifdef CHARSET_EBCDIC_not
ebcdic2ascii(s->data, s->data, s->length);
#endif
return(s);
}
return (s);
}

110
crypto/asn1/a_i2d_fp.c
View File

@ -63,101 +63,95 @@
#ifndef NO_OLD_ASN1
#ifndef OPENSSL_NO_FP_API
# ifndef OPENSSL_NO_FP_API
int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x)
{
{
BIO *b;
int ret;
if ((b=BIO_new(BIO_s_file())) == NULL)
{
ASN1err(ASN1_F_ASN1_I2D_FP,ERR_R_BUF_LIB);
return(0);
if ((b = BIO_new(BIO_s_file())) == NULL) {
ASN1err(ASN1_F_ASN1_I2D_FP, ERR_R_BUF_LIB);
return (0);
}
BIO_set_fp(b,out,BIO_NOCLOSE);
ret=ASN1_i2d_bio(i2d,b,x);
BIO_set_fp(b, out, BIO_NOCLOSE);
ret = ASN1_i2d_bio(i2d, b, x);
BIO_free(b);
return(ret);
}
#endif
return (ret);
}
# endif
int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x)
{
{
char *b;
unsigned char *p;
int i,j=0,n,ret=1;
int i, j = 0, n, ret = 1;
n=i2d(x,NULL);
b=(char *)OPENSSL_malloc(n);
if (b == NULL)
{
ASN1err(ASN1_F_ASN1_I2D_BIO,ERR_R_MALLOC_FAILURE);
return(0);
n = i2d(x, NULL);
b = (char *)OPENSSL_malloc(n);
if (b == NULL) {
ASN1err(ASN1_F_ASN1_I2D_BIO, ERR_R_MALLOC_FAILURE);
return (0);
}
p=(unsigned char *)b;
i2d(x,&p);
p = (unsigned char *)b;
i2d(x, &p);
for (;;)
{
i=BIO_write(out,&(b[j]),n);
if (i == n) break;
if (i <= 0)
{
ret=0;
for (;;) {
i = BIO_write(out, &(b[j]), n);
if (i == n)
break;
if (i <= 0) {
ret = 0;
break;
}
j+=i;
n-=i;
j += i;
n -= i;
}
OPENSSL_free(b);
return(ret);
}
return (ret);
}
#endif
#ifndef OPENSSL_NO_FP_API
int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x)
{
{
BIO *b;
int ret;
if ((b=BIO_new(BIO_s_file())) == NULL)
{
ASN1err(ASN1_F_ASN1_ITEM_I2D_FP,ERR_R_BUF_LIB);
return(0);
if ((b = BIO_new(BIO_s_file())) == NULL) {
ASN1err(ASN1_F_ASN1_ITEM_I2D_FP, ERR_R_BUF_LIB);
return (0);
}
BIO_set_fp(b,out,BIO_NOCLOSE);
ret=ASN1_item_i2d_bio(it,b,x);
BIO_set_fp(b, out, BIO_NOCLOSE);
ret = ASN1_item_i2d_bio(it, b, x);
BIO_free(b);
return(ret);
}
return (ret);
}
#endif
int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x)
{
{
unsigned char *b = NULL;
int i,j=0,n,ret=1;
int i, j = 0, n, ret = 1;
n = ASN1_item_i2d(x, &b, it);
if (b == NULL)
{
ASN1err(ASN1_F_ASN1_ITEM_I2D_BIO,ERR_R_MALLOC_FAILURE);
return(0);
if (b == NULL) {
ASN1err(ASN1_F_ASN1_ITEM_I2D_BIO, ERR_R_MALLOC_FAILURE);
return (0);
}
for (;;)
{
i=BIO_write(out,&(b[j]),n);
if (i == n) break;
if (i <= 0)
{
ret=0;
for (;;) {
i = BIO_write(out, &(b[j]), n);
if (i == n)
break;
if (i <= 0) {
ret = 0;
break;
}
j+=i;
n-=i;
j += i;
n -= i;
}
OPENSSL_free(b);
return(ret);
}
return (ret);
}

412
crypto/asn1/a_int.c
View File

@ -62,15 +62,16 @@
#include <openssl/bn.h>
ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x)
{ return M_ASN1_INTEGER_dup(x);}
{
return M_ASN1_INTEGER_dup(x);
}
int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y)
{
{
int neg, ret;
/* Compare signs */
neg = x->type & V_ASN1_NEG;
if (neg != (y->type & V_ASN1_NEG))
{
if (neg != (y->type & V_ASN1_NEG)) {
if (neg)
return -1;
else
@ -83,8 +84,7 @@ int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y)
return -ret;
else
return ret;
}
}
/*-
* This converts an ASN1 INTEGER into its content encoding.
@ -112,52 +112,57 @@ int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y)
*/
int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
{
int pad=0,ret,i,neg;
unsigned char *p,*n,pb=0;
{
int pad = 0, ret, i, neg;
unsigned char *p, *n, pb = 0;
if (a == NULL) return(0);
neg=a->type & V_ASN1_NEG;
if (a == NULL)
return (0);
neg = a->type & V_ASN1_NEG;
if (a->length == 0)
ret=1;
else
{
ret=a->length;
i=a->data[0];
ret = 1;
else {
ret = a->length;
i = a->data[0];
if (!neg && (i > 127)) {
pad=1;
pb=0;
} else if(neg) {
if(i>128) {
pad=1;
pb=0xFF;
} else if(i == 128) {
pad = 1;
pb = 0;
} else if (neg) {
if (i > 128) {
pad = 1;
pb = 0xFF;
} else if (i == 128) {
/*
* Special case: if any other bytes non zero we pad:
* otherwise we don't.
*/
for(i = 1; i < a->length; i++) if(a->data[i]) {
pad=1;
pb=0xFF;
for (i = 1; i < a->length; i++)
if (a->data[i]) {
pad = 1;
pb = 0xFF;
break;
}
}
}
ret+=pad;
ret += pad;
}
if (pp == NULL) return(ret);
p= *pp;
if (pp == NULL)
return (ret);
p = *pp;
if (pad) *(p++)=pb;
if (a->length == 0) *(p++)=0;
else if (!neg) memcpy(p,a->data,(unsigned int)a->length);
if (pad)
*(p++) = pb;
if (a->length == 0)
*(p++) = 0;
else if (!neg)
memcpy(p, a->data, (unsigned int)a->length);
else {
/* Begin at the end of the encoding */
n=a->data + a->length - 1;
n = a->data + a->length - 1;
p += a->length - 1;
i = a->length;
/* Copy zeros to destination as long as source is zero */
while(!*n) {
while (!*n) {
*(p--) = 0;
n--;
i--;
@ -166,51 +171,51 @@ int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
*(p--) = ((*(n--)) ^ 0xff) + 1;
i--;
/* Complement any octets left */
for(;i > 0; i--) *(p--) = *(n--) ^ 0xff;
for (; i > 0; i--)
*(p--) = *(n--) ^ 0xff;
}
*pp+=ret;
return(ret);
}
*pp += ret;
return (ret);
}
/* Convert just ASN1 INTEGER content octets to ASN1_INTEGER structure */
ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
long len)
{
ASN1_INTEGER *ret=NULL;
{
ASN1_INTEGER *ret = NULL;
const unsigned char *p, *pend;
unsigned char *to,*s;
unsigned char *to, *s;
int i;
if ((a == NULL) || ((*a) == NULL))
{
if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL);
ret->type=V_ASN1_INTEGER;
}
else
ret=(*a);
if ((a == NULL) || ((*a) == NULL)) {
if ((ret = M_ASN1_INTEGER_new()) == NULL)
return (NULL);
ret->type = V_ASN1_INTEGER;
} else
ret = (*a);
p= *pp;
p = *pp;
pend = p + len;
/* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it
* signifies a missing NULL parameter. */
s=(unsigned char *)OPENSSL_malloc((int)len+1);
if (s == NULL)
{
i=ERR_R_MALLOC_FAILURE;
/*
* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it signifies
* a missing NULL parameter.
*/
s = (unsigned char *)OPENSSL_malloc((int)len + 1);
if (s == NULL) {
i = ERR_R_MALLOC_FAILURE;
goto err;
}
to=s;
if(!len) {
/* Strictly speaking this is an illegal INTEGER but we
* tolerate it.
to = s;
if (!len) {
/*
* Strictly speaking this is an illegal INTEGER but we tolerate it.
*/
ret->type=V_ASN1_INTEGER;
} else if (*p & 0x80) /* a negative number */
{
ret->type=V_ASN1_NEG_INTEGER;
ret->type = V_ASN1_INTEGER;
} else if (*p & 0x80) { /* a negative number */
ret->type = V_ASN1_NEG_INTEGER;
if ((*p == 0xff) && (len != 1)) {
p++;
len--;
@ -218,241 +223,240 @@ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
i = len;
p += i - 1;
to += i - 1;
while((!*p) && i) {
while ((!*p) && i) {
*(to--) = 0;
i--;
p--;
}
/* Special case: if all zeros then the number will be of
* the form FF followed by n zero bytes: this corresponds to
* 1 followed by n zero bytes. We've already written n zeros
* so we just append an extra one and set the first byte to
* a 1. This is treated separately because it is the only case
* where the number of bytes is larger than len.
/*
* Special case: if all zeros then the number will be of the form FF
* followed by n zero bytes: this corresponds to 1 followed by n zero
* bytes. We've already written n zeros so we just append an extra
* one and set the first byte to a 1. This is treated separately
* because it is the only case where the number of bytes is larger
* than len.
*/
if(!i) {
if (!i) {
*s = 1;
s[len] = 0;
len++;
} else {
*(to--) = (*(p--) ^ 0xff) + 1;
i--;
for(;i > 0; i--) *(to--) = *(p--) ^ 0xff;
for (; i > 0; i--)
*(to--) = *(p--) ^ 0xff;
}
} else {
ret->type=V_ASN1_INTEGER;
if ((*p == 0) && (len != 1))
{
ret->type = V_ASN1_INTEGER;
if ((*p == 0) && (len != 1)) {
p++;
len--;
}
memcpy(s,p,(int)len);
memcpy(s, p, (int)len);
}
if (ret->data != NULL) OPENSSL_free(ret->data);
ret->data=s;
ret->length=(int)len;
if (a != NULL) (*a)=ret;
*pp=pend;
return(ret);
err:
ASN1err(ASN1_F_C2I_ASN1_INTEGER,i);
if (ret->data != NULL)
OPENSSL_free(ret->data);
ret->data = s;
ret->length = (int)len;
if (a != NULL)
(*a) = ret;
*pp = pend;
return (ret);
err:
ASN1err(ASN1_F_C2I_ASN1_INTEGER, i);
if ((ret != NULL) && ((a == NULL) || (*a != ret)))
M_ASN1_INTEGER_free(ret);
return(NULL);
}
return (NULL);
}
/* This is a version of d2i_ASN1_INTEGER that ignores the sign bit of
* ASN1 integers: some broken software can encode a positive INTEGER
* with its MSB set as negative (it doesn't add a padding zero).
/*
* This is a version of d2i_ASN1_INTEGER that ignores the sign bit of ASN1
* integers: some broken software can encode a positive INTEGER with its MSB
* set as negative (it doesn't add a padding zero).
*/
ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
long length)
{
ASN1_INTEGER *ret=NULL;
{
ASN1_INTEGER *ret = NULL;
const unsigned char *p;
unsigned char *s;
long len;
int inf,tag,xclass;
int inf, tag, xclass;
int i;
if ((a == NULL) || ((*a) == NULL))
{
if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL);
ret->type=V_ASN1_INTEGER;
}
else
ret=(*a);
if ((a == NULL) || ((*a) == NULL)) {
if ((ret = M_ASN1_INTEGER_new()) == NULL)
return (NULL);
ret->type = V_ASN1_INTEGER;
} else
ret = (*a);
p= *pp;
inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
if (inf & 0x80)
{
i=ASN1_R_BAD_OBJECT_HEADER;
p = *pp;
inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
if (inf & 0x80) {
i = ASN1_R_BAD_OBJECT_HEADER;
goto err;
}
if (tag != V_ASN1_INTEGER)
{
i=ASN1_R_EXPECTING_AN_INTEGER;
if (tag != V_ASN1_INTEGER) {
i = ASN1_R_EXPECTING_AN_INTEGER;
goto err;
}
/* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it
* signifies a missing NULL parameter. */
s=(unsigned char *)OPENSSL_malloc((int)len+1);
if (s == NULL)
{
i=ERR_R_MALLOC_FAILURE;
/*
* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it signifies
* a missing NULL parameter.
*/
s = (unsigned char *)OPENSSL_malloc((int)len + 1);
if (s == NULL) {
i = ERR_R_MALLOC_FAILURE;
goto err;
}
ret->type=V_ASN1_INTEGER;
if(len) {
if ((*p == 0) && (len != 1))
{
ret->type = V_ASN1_INTEGER;
if (len) {
if ((*p == 0) && (len != 1)) {
p++;
len--;
}
memcpy(s,p,(int)len);
p+=len;
memcpy(s, p, (int)len);
p += len;
}
if (ret->data != NULL) OPENSSL_free(ret->data);
ret->data=s;
ret->length=(int)len;
if (a != NULL) (*a)=ret;
*pp=p;
return(ret);
err:
ASN1err(ASN1_F_D2I_ASN1_UINTEGER,i);
if (ret->data != NULL)
OPENSSL_free(ret->data);
ret->data = s;
ret->length = (int)len;
if (a != NULL)
(*a) = ret;
*pp = p;
return (ret);
err:
ASN1err(ASN1_F_D2I_ASN1_UINTEGER, i);
if ((ret != NULL) && ((a == NULL) || (*a != ret)))
M_ASN1_INTEGER_free(ret);
return(NULL);
}
return (NULL);
}
int ASN1_INTEGER_set(ASN1_INTEGER *a, long v)
{
int j,k;
{
int j, k;
unsigned int i;
unsigned char buf[sizeof(long)+1];
unsigned char buf[sizeof(long) + 1];
long d;
a->type=V_ASN1_INTEGER;
if (a->length < (int)(sizeof(long)+1))
{
a->type = V_ASN1_INTEGER;
if (a->length < (int)(sizeof(long) + 1)) {
if (a->data != NULL)
OPENSSL_free(a->data);
if ((a->data=(unsigned char *)OPENSSL_malloc(sizeof(long)+1)) != NULL)
memset((char *)a->data,0,sizeof(long)+1);
if ((a->data =
(unsigned char *)OPENSSL_malloc(sizeof(long) + 1)) != NULL)
memset((char *)a->data, 0, sizeof(long) + 1);
}
if (a->data == NULL)
{
ASN1err(ASN1_F_ASN1_INTEGER_SET,ERR_R_MALLOC_FAILURE);
return(0);
if (a->data == NULL) {
ASN1err(ASN1_F_ASN1_INTEGER_SET, ERR_R_MALLOC_FAILURE);
return (0);
}
d=v;
if (d < 0)
{
d= -d;
a->type=V_ASN1_NEG_INTEGER;
d = v;
if (d < 0) {
d = -d;
a->type = V_ASN1_NEG_INTEGER;
}
for (i=0; i<sizeof(long); i++)
{
if (d == 0) break;
buf[i]=(int)d&0xff;
d>>=8;
}
j=0;
for (k=i-1; k >=0; k--)
a->data[j++]=buf[k];
a->length=j;
return(1);
for (i = 0; i < sizeof(long); i++) {
if (d == 0)
break;
buf[i] = (int)d & 0xff;
d >>= 8;
}
j = 0;
for (k = i - 1; k >= 0; k--)
a->data[j++] = buf[k];
a->length = j;
return (1);
}
long ASN1_INTEGER_get(const ASN1_INTEGER *a)
{
int neg=0,i;
long r=0;
{
int neg = 0, i;
long r = 0;
if (a == NULL) return(0L);
i=a->type;
if (a == NULL)
return (0L);
i = a->type;
if (i == V_ASN1_NEG_INTEGER)
neg=1;
neg = 1;
else if (i != V_ASN1_INTEGER)
return -1;
if (a->length > (int)sizeof(long))
{
if (a->length > (int)sizeof(long)) {
/* hmm... a bit ugly, return all ones */
return -1;
}
if (a->data == NULL)
return 0;
for (i=0; i<a->length; i++)
{
r<<=8;
r|=(unsigned char)a->data[i];
}
if (neg) r= -r;
return(r);
for (i = 0; i < a->length; i++) {
r <<= 8;
r |= (unsigned char)a->data[i];
}
if (neg)
r = -r;
return (r);
}
ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai)
{
{
ASN1_INTEGER *ret;
int len,j;
int len, j;
if (ai == NULL)
ret=M_ASN1_INTEGER_new();
ret = M_ASN1_INTEGER_new();
else
ret=ai;
if (ret == NULL)
{
ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_NESTED_ASN1_ERROR);
ret = ai;
if (ret == NULL) {
ASN1err(ASN1_F_BN_TO_ASN1_INTEGER, ERR_R_NESTED_ASN1_ERROR);
goto err;
}
if (BN_is_negative(bn))
ret->type = V_ASN1_NEG_INTEGER;
else ret->type=V_ASN1_INTEGER;
j=BN_num_bits(bn);
len=((j == 0)?0:((j/8)+1));
if (ret->length < len+4)
{
unsigned char *new_data=OPENSSL_realloc(ret->data, len+4);
if (!new_data)
{
ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
else
ret->type = V_ASN1_INTEGER;
j = BN_num_bits(bn);
len = ((j == 0) ? 0 : ((j / 8) + 1));
if (ret->length < len + 4) {
unsigned char *new_data = OPENSSL_realloc(ret->data, len + 4);
if (!new_data) {
ASN1err(ASN1_F_BN_TO_ASN1_INTEGER, ERR_R_MALLOC_FAILURE);
goto err;
}
ret->data=new_data;
ret->data = new_data;
}
ret->length=BN_bn2bin(bn,ret->data);
ret->length = BN_bn2bin(bn, ret->data);
/* Correct zero case */
if(!ret->length)
{
if (!ret->length) {
ret->data[0] = 0;
ret->length = 1;
}
return(ret);
err:
if (ret != ai) M_ASN1_INTEGER_free(ret);
return(NULL);
}
return (ret);
err:
if (ret != ai)
M_ASN1_INTEGER_free(ret);
return (NULL);
}
BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn)
{
{
BIGNUM *ret;
if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL)
ASN1err(ASN1_F_ASN1_INTEGER_TO_BN,ASN1_R_BN_LIB);
else if(ai->type == V_ASN1_NEG_INTEGER)
if ((ret = BN_bin2bn(ai->data, ai->length, bn)) == NULL)
ASN1err(ASN1_F_ASN1_INTEGER_TO_BN, ASN1_R_BN_LIB);
else if (ai->type == V_ASN1_NEG_INTEGER)
BN_set_negative(ret, 1);
return(ret);
}
return (ret);
}
IMPLEMENT_STACK_OF(ASN1_INTEGER)
IMPLEMENT_ASN1_SET_OF(ASN1_INTEGER)

179
crypto/asn1/a_mbstr.c
View File

@ -1,6 +1,7 @@
/* a_mbstr.c */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
* 1999.
*/
/* ====================================================================
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
@ -62,7 +63,8 @@
#include <openssl/asn1.h>
static int traverse_string(const unsigned char *p, int len, int inform,
int (*rfunc)(unsigned long value, void *in), void *arg);
int (*rfunc) (unsigned long value, void *in),
void *arg);
static int in_utf8(unsigned long value, void *arg);
static int out_utf8(unsigned long value, void *arg);
static int type_str(unsigned long value, void *arg);
@ -72,12 +74,13 @@ static int cpy_univ(unsigned long value, void *arg);
static int cpy_utf8(unsigned long value, void *arg);
static int is_printable(unsigned long value);
/* These functions take a string in UTF8, ASCII or multibyte form and
* a mask of permissible ASN1 string types. It then works out the minimal
* type (using the order Printable < IA5 < T61 < BMP < Universal < UTF8)
* and creates a string of the correct type with the supplied data.
* Yes this is horrible: it has to be :-(
* The 'ncopy' form checks minimum and maximum size limits too.
/*
* These functions take a string in UTF8, ASCII or multibyte form and a mask
* of permissible ASN1 string types. It then works out the minimal type
* (using the order Printable < IA5 < T61 < BMP < Universal < UTF8) and
* creates a string of the correct type with the supplied data. Yes this is
* horrible: it has to be :-( The 'ncopy' form checks minimum and maximum
* size limits too.
*/
int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len,
@ -98,15 +101,17 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
unsigned char *p;
int nchar;
char strbuf[32];
int (*cpyfunc)(unsigned long,void *) = NULL;
if(len == -1) len = strlen((const char *)in);
if(!mask) mask = DIRSTRING_TYPE;
int (*cpyfunc) (unsigned long, void *) = NULL;
if (len == -1)
len = strlen((const char *)in);
if (!mask)
mask = DIRSTRING_TYPE;
/* First do a string check and work out the number of characters */
switch(inform) {
switch (inform) {
case MBSTRING_BMP:
if(len & 1) {
if (len & 1) {
ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,
ASN1_R_INVALID_BMPSTRING_LENGTH);
return -1;
@ -115,7 +120,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
break;
case MBSTRING_UNIV:
if(len & 3) {
if (len & 3) {
ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,
ASN1_R_INVALID_UNIVERSALSTRING_LENGTH);
return -1;
@ -127,9 +132,8 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
nchar = 0;
/* This counts the characters and does utf8 syntax checking */
ret = traverse_string(in, len, MBSTRING_UTF8, in_utf8, &nchar);
if(ret < 0) {
ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,
ASN1_R_INVALID_UTF8STRING);
if (ret < 0) {
ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_INVALID_UTF8STRING);
return -1;
}
break;
@ -143,14 +147,14 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
return -1;
}
if((minsize > 0) && (nchar < minsize)) {
if ((minsize > 0) && (nchar < minsize)) {
ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_SHORT);
BIO_snprintf(strbuf, sizeof strbuf, "%ld", minsize);
ERR_add_error_data(2, "minsize=", strbuf);
return -1;
}
if((maxsize > 0) && (nchar > maxsize)) {
if ((maxsize > 0) && (nchar > maxsize)) {
ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_LONG);
BIO_snprintf(strbuf, sizeof strbuf, "%ld", maxsize);
ERR_add_error_data(2, "maxsize=", strbuf);
@ -158,32 +162,35 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
}
/* Now work out minimal type (if any) */
if(traverse_string(in, len, inform, type_str, &mask) < 0) {
if (traverse_string(in, len, inform, type_str, &mask) < 0) {
ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_ILLEGAL_CHARACTERS);
return -1;
}
/* Now work out output format and string type */
outform = MBSTRING_ASC;
if(mask & B_ASN1_PRINTABLESTRING) str_type = V_ASN1_PRINTABLESTRING;
else if(mask & B_ASN1_IA5STRING) str_type = V_ASN1_IA5STRING;
else if(mask & B_ASN1_T61STRING) str_type = V_ASN1_T61STRING;
else if(mask & B_ASN1_BMPSTRING) {
if (mask & B_ASN1_PRINTABLESTRING)
str_type = V_ASN1_PRINTABLESTRING;
else if (mask & B_ASN1_IA5STRING)
str_type = V_ASN1_IA5STRING;
else if (mask & B_ASN1_T61STRING)
str_type = V_ASN1_T61STRING;
else if (mask & B_ASN1_BMPSTRING) {
str_type = V_ASN1_BMPSTRING;
outform = MBSTRING_BMP;
} else if(mask & B_ASN1_UNIVERSALSTRING) {
} else if (mask & B_ASN1_UNIVERSALSTRING) {
str_type = V_ASN1_UNIVERSALSTRING;
outform = MBSTRING_UNIV;
} else {
str_type = V_ASN1_UTF8STRING;
outform = MBSTRING_UTF8;
}
if(!out) return str_type;
if(*out) {
if (!out)
return str_type;
if (*out) {
free_out = 0;
dest = *out;
if(dest->data) {
if (dest->data) {
dest->length = 0;
OPENSSL_free(dest->data);
dest->data = NULL;
@ -192,24 +199,23 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
} else {
free_out = 1;
dest = ASN1_STRING_type_new(str_type);
if(!dest) {
ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,
ERR_R_MALLOC_FAILURE);
if (!dest) {
ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ERR_R_MALLOC_FAILURE);
return -1;
}
*out = dest;
}
/* If both the same type just copy across */
if(inform == outform) {
if(!ASN1_STRING_set(dest, in, len)) {
ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,ERR_R_MALLOC_FAILURE);
if (inform == outform) {
if (!ASN1_STRING_set(dest, in, len)) {
ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ERR_R_MALLOC_FAILURE);
return -1;
}
return str_type;
}
/* Work out how much space the destination will need */
switch(outform) {
switch (outform) {
case MBSTRING_ASC:
outlen = nchar;
cpyfunc = cpy_asc;
@ -231,9 +237,10 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
cpyfunc = cpy_utf8;
break;
}
if(!(p = OPENSSL_malloc(outlen + 1))) {
if(free_out) ASN1_STRING_free(dest);
ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,ERR_R_MALLOC_FAILURE);
if (!(p = OPENSSL_malloc(outlen + 1))) {
if (free_out)
ASN1_STRING_free(dest);
ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ERR_R_MALLOC_FAILURE);
return -1;
}
dest->length = outlen;
@ -243,24 +250,26 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
return str_type;
}
/* This function traverses a string and passes the value of each character
* to an optional function along with a void * argument.
/*
* This function traverses a string and passes the value of each character to
* an optional function along with a void * argument.
*/
static int traverse_string(const unsigned char *p, int len, int inform,
int (*rfunc)(unsigned long value, void *in), void *arg)
int (*rfunc) (unsigned long value, void *in),
void *arg)
{
unsigned long value;
int ret;
while(len) {
if(inform == MBSTRING_ASC) {
while (len) {
if (inform == MBSTRING_ASC) {
value = *p++;
len--;
} else if(inform == MBSTRING_BMP) {
} else if (inform == MBSTRING_BMP) {
value = *p++ << 8;
value |= *p++;
len -= 2;
} else if(inform == MBSTRING_UNIV) {
} else if (inform == MBSTRING_UNIV) {
value = ((unsigned long)*p++) << 24;
value |= ((unsigned long)*p++) << 16;
value |= *p++ << 8;
@ -268,13 +277,15 @@ static int traverse_string(const unsigned char *p, int len, int inform,
len -= 4;
} else {
ret = UTF8_getc(p, len, &value);
if(ret < 0) return -1;
if (ret < 0)
return -1;
len -= ret;
p += ret;
}
if(rfunc) {
if (rfunc) {
ret = rfunc(value, arg);
if(ret <= 0) return ret;
if (ret <= 0)
return ret;
}
}
return 1;
@ -302,23 +313,25 @@ static int out_utf8(unsigned long value, void *arg)
return 1;
}
/* Determine the "type" of a string: check each character against a
* supplied "mask".
/*
* Determine the "type" of a string: check each character against a supplied
* "mask".
*/
static int type_str(unsigned long value, void *arg)
{
unsigned long types;
types = *((unsigned long *)arg);
if((types & B_ASN1_PRINTABLESTRING) && !is_printable(value))
if ((types & B_ASN1_PRINTABLESTRING) && !is_printable(value))
types &= ~B_ASN1_PRINTABLESTRING;
if((types & B_ASN1_IA5STRING) && (value > 127))
if ((types & B_ASN1_IA5STRING) && (value > 127))
types &= ~B_ASN1_IA5STRING;
if((types & B_ASN1_T61STRING) && (value > 0xff))
if ((types & B_ASN1_T61STRING) && (value > 0xff))
types &= ~B_ASN1_T61STRING;
if((types & B_ASN1_BMPSTRING) && (value > 0xffff))
if ((types & B_ASN1_BMPSTRING) && (value > 0xffff))
types &= ~B_ASN1_BMPSTRING;
if(!types) return -1;
if (!types)
return -1;
*((unsigned long *)arg) = types;
return 1;
}
@ -330,7 +343,7 @@ static int cpy_asc(unsigned long value, void *arg)
unsigned char **p, *q;
p = arg;
q = *p;
*q = (unsigned char) value;
*q = (unsigned char)value;
(*p)++;
return 1;
}
@ -342,8 +355,8 @@ static int cpy_bmp(unsigned long value, void *arg)
unsigned char **p, *q;
p = arg;
q = *p;
*q++ = (unsigned char) ((value >> 8) & 0xff);
*q = (unsigned char) (value & 0xff);
*q++ = (unsigned char)((value >> 8) & 0xff);
*q = (unsigned char)(value & 0xff);
*p += 2;
return 1;
}
@ -355,10 +368,10 @@ static int cpy_univ(unsigned long value, void *arg)
unsigned char **p, *q;
p = arg;
q = *p;
*q++ = (unsigned char) ((value >> 24) & 0xff);
*q++ = (unsigned char) ((value >> 16) & 0xff);
*q++ = (unsigned char) ((value >> 8) & 0xff);
*q = (unsigned char) (value & 0xff);
*q++ = (unsigned char)((value >> 24) & 0xff);
*q++ = (unsigned char)((value >> 16) & 0xff);
*q++ = (unsigned char)((value >> 8) & 0xff);
*q = (unsigned char)(value & 0xff);
*p += 4;
return 1;
}
@ -380,21 +393,31 @@ static int cpy_utf8(unsigned long value, void *arg)
static int is_printable(unsigned long value)
{
int ch;
if(value > 0x7f) return 0;
ch = (int) value;
/* Note: we can't use 'isalnum' because certain accented
* characters may count as alphanumeric in some environments.
if (value > 0x7f)
return 0;
ch = (int)value;
/*
* Note: we can't use 'isalnum' because certain accented characters may
* count as alphanumeric in some environments.
*/
#ifndef CHARSET_EBCDIC
if((ch >= 'a') && (ch <= 'z')) return 1;
if((ch >= 'A') && (ch <= 'Z')) return 1;
if((ch >= '0') && (ch <= '9')) return 1;
if ((ch == ' ') || strchr("'()+,-./:=?", ch)) return 1;
#else /*CHARSET_EBCDIC*/
if((ch >= os_toascii['a']) && (ch <= os_toascii['z'])) return 1;
if((ch >= os_toascii['A']) && (ch <= os_toascii['Z'])) return 1;
if((ch >= os_toascii['0']) && (ch <= os_toascii['9'])) return 1;
if ((ch == os_toascii[' ']) || strchr("'()+,-./:=?", os_toebcdic[ch])) return 1;
#endif /*CHARSET_EBCDIC*/
if ((ch >= 'a') && (ch <= 'z'))
return 1;
if ((ch >= 'A') && (ch <= 'Z'))
return 1;
if ((ch >= '0') && (ch <= '9'))
return 1;
if ((ch == ' ') || strchr("'()+,-./:=?", ch))
return 1;
#else /* CHARSET_EBCDIC */
if ((ch >= os_toascii['a']) && (ch <= os_toascii['z']))
return 1;
if ((ch >= os_toascii['A']) && (ch <= os_toascii['Z']))
return 1;
if ((ch >= os_toascii['0']) && (ch <= os_toascii['9']))
return 1;
if ((ch == os_toascii[' ']) || strchr("'()+,-./:=?", os_toebcdic[ch]))
return 1;
#endif /* CHARSET_EBCDIC */
return 0;
}

379
crypto/asn1/a_object.c
View File

@ -65,27 +65,29 @@
#include <openssl/bn.h>
int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp)
{
{
unsigned char *p;
int objsize;
if ((a == NULL) || (a->data == NULL)) return(0);
if ((a == NULL) || (a->data == NULL))
return (0);
objsize = ASN1_object_size(0,a->length,V_ASN1_OBJECT);
if (pp == NULL) return objsize;
objsize = ASN1_object_size(0, a->length, V_ASN1_OBJECT);
if (pp == NULL)
return objsize;
p= *pp;
ASN1_put_object(&p,0,a->length,V_ASN1_OBJECT,V_ASN1_UNIVERSAL);
memcpy(p,a->data,a->length);
p+=a->length;
p = *pp;
ASN1_put_object(&p, 0, a->length, V_ASN1_OBJECT, V_ASN1_UNIVERSAL);
memcpy(p, a->data, a->length);
p += a->length;
*pp=p;
return(objsize);
}
*pp = p;
return (objsize);
}
int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
{
int i,first,len=0,c, use_bn;
{
int i, first, len = 0, c, use_bn;
char ftmp[24], *tmp = ftmp;
int tmpsize = sizeof ftmp;
const char *p;
@ -93,92 +95,78 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
BIGNUM *bl = NULL;
if (num == 0)
return(0);
return (0);
else if (num == -1)
num=strlen(buf);
num = strlen(buf);
p=buf;
c= *(p++);
p = buf;
c = *(p++);
num--;
if ((c >= '0') && (c <= '2'))
{
first= c-'0';
}
else
{
ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_FIRST_NUM_TOO_LARGE);
if ((c >= '0') && (c <= '2')) {
first = c - '0';
} else {
ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_FIRST_NUM_TOO_LARGE);
goto err;
}
if (num <= 0) {
ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_MISSING_SECOND_NUMBER);
goto err;
}
c = *(p++);
num--;
for (;;) {
if (num <= 0)
{
ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_MISSING_SECOND_NUMBER);
break;
if ((c != '.') && (c != ' ')) {
ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_INVALID_SEPARATOR);
goto err;
}
c= *(p++);
num--;
for (;;)
{
if (num <= 0) break;
if ((c != '.') && (c != ' '))
{
ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_SEPARATOR);
goto err;
}
l=0;
l = 0;
use_bn = 0;
for (;;)
{
if (num <= 0) break;
for (;;) {
if (num <= 0)
break;
num--;
c= *(p++);
c = *(p++);
if ((c == ' ') || (c == '.'))
break;
if ((c < '0') || (c > '9'))
{
ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_DIGIT);
if ((c < '0') || (c > '9')) {
ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_INVALID_DIGIT);
goto err;
}
if (!use_bn && l >= ((ULONG_MAX - 80) / 10L))
{
if (!use_bn && l >= ((ULONG_MAX - 80) / 10L)) {
use_bn = 1;
if (!bl)
bl = BN_new();
if (!bl || !BN_set_word(bl, l))
goto err;
}
if (use_bn)
{
if (use_bn) {
if (!BN_mul_word(bl, 10L)
|| !BN_add_word(bl, c-'0'))
|| !BN_add_word(bl, c - '0'))
goto err;
} else
l = l * 10L + (long)(c - '0');
}
if (len == 0) {
if ((first < 2) && (l >= 40)) {
ASN1err(ASN1_F_A2D_ASN1_OBJECT,
ASN1_R_SECOND_NUMBER_TOO_LARGE);
goto err;
}
else
l=l*10L+(long)(c-'0');
}
if (len == 0)
{
if ((first < 2) && (l >= 40))
{
ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_SECOND_NUMBER_TOO_LARGE);
goto err;
}
if (use_bn)
{
if (use_bn) {
if (!BN_add_word(bl, first * 40))
goto err;
} else
l += (long)first *40;
}
else
l+=(long)first*40;
}
i=0;
if (use_bn)
{
i = 0;
if (use_bn) {
int blsize;
blsize = BN_num_bits(bl);
blsize = (blsize + 6)/7;
if (blsize > tmpsize)
{
blsize = (blsize + 6) / 7;
if (blsize > tmpsize) {
if (tmp != ftmp)
OPENSSL_free(tmp);
tmpsize = blsize + 32;
@ -186,46 +174,41 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
if (!tmp)
goto err;
}
while(blsize--)
while (blsize--)
tmp[i++] = (unsigned char)BN_div_word(bl, 0x80L);
}
else
{
} else {
for (;;)
{
tmp[i++]=(unsigned char)l&0x7f;
l>>=7L;
if (l == 0L) break;
for (;;) {
tmp[i++] = (unsigned char)l & 0x7f;
l >>= 7L;
if (l == 0L)
break;
}
}
if (out != NULL)
{
if (len+i > olen)
{
ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_BUFFER_TOO_SMALL);
if (out != NULL) {
if (len + i > olen) {
ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_BUFFER_TOO_SMALL);
goto err;
}
while (--i > 0)
out[len++]=tmp[i]|0x80;
out[len++]=tmp[0];
}
else
len+=i;
out[len++] = tmp[i] | 0x80;
out[len++] = tmp[0];
} else
len += i;
}
if (tmp != ftmp)
OPENSSL_free(tmp);
if (bl)
BN_free(bl);
return(len);
err:
return (len);
err:
if (tmp != ftmp)
OPENSSL_free(tmp);
if (bl)
BN_free(bl);
return(0);
}
return (0);
}
int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a)
{
@ -233,183 +216,187 @@ int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a)
}
int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
{
{
char buf[80], *p = buf;
int i;
if ((a == NULL) || (a->data == NULL))
return(BIO_write(bp,"NULL",4));
i=i2t_ASN1_OBJECT(buf,sizeof buf,a);
if (i > (int)(sizeof(buf) - 1))
{
return (BIO_write(bp, "NULL", 4));
i = i2t_ASN1_OBJECT(buf, sizeof buf, a);
if (i > (int)(sizeof(buf) - 1)) {
p = OPENSSL_malloc(i + 1);
if (!p)
return -1;
i2t_ASN1_OBJECT(p,i + 1,a);
i2t_ASN1_OBJECT(p, i + 1, a);
}
if (i <= 0)
return BIO_write(bp, "<INVALID>", 9);
BIO_write(bp,p,i);
BIO_write(bp, p, i);
if (p != buf)
OPENSSL_free(p);
return(i);
}
return (i);
}
ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
long length)
{
const unsigned char *p;
long len;
int tag,xclass;
int inf,i;
int tag, xclass;
int inf, i;
ASN1_OBJECT *ret = NULL;
p= *pp;
inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
if (inf & 0x80)
{
i=ASN1_R_BAD_OBJECT_HEADER;
p = *pp;
inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
if (inf & 0x80) {
i = ASN1_R_BAD_OBJECT_HEADER;
goto err;
}
if (tag != V_ASN1_OBJECT)
{
i=ASN1_R_EXPECTING_AN_OBJECT;
if (tag != V_ASN1_OBJECT) {
i = ASN1_R_EXPECTING_AN_OBJECT;
goto err;
}
ret = c2i_ASN1_OBJECT(a, &p, len);
if(ret) *pp = p;
if (ret)
*pp = p;
return ret;
err:
ASN1err(ASN1_F_D2I_ASN1_OBJECT,i);
return(NULL);
err:
ASN1err(ASN1_F_D2I_ASN1_OBJECT, i);
return (NULL);
}
ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
long len)
{
ASN1_OBJECT *ret=NULL;
{
ASN1_OBJECT *ret = NULL;
const unsigned char *p;
unsigned char *data;
int i, length;
/* Sanity check OID encoding.
* Need at least one content octet.
* MSB must be clear in the last octet.
* can't have leading 0x80 in subidentifiers, see: X.690 8.19.2
/*
* Sanity check OID encoding. Need at least one content octet. MSB must
* be clear in the last octet. can't have leading 0x80 in subidentifiers,
* see: X.690 8.19.2
*/
if (len <= 0 || len > INT_MAX || pp == NULL || (p = *pp) == NULL ||
p[len - 1] & 0x80)
{
ASN1err(ASN1_F_C2I_ASN1_OBJECT,ASN1_R_INVALID_OBJECT_ENCODING);
p[len - 1] & 0x80) {
ASN1err(ASN1_F_C2I_ASN1_OBJECT, ASN1_R_INVALID_OBJECT_ENCODING);
return NULL;
}
/* Now 0 < len <= INT_MAX, so the cast is safe. */
length = (int)len;
for (i = 0; i < length; i++, p++)
{
if (*p == 0x80 && (!i || !(p[-1] & 0x80)))
{
ASN1err(ASN1_F_C2I_ASN1_OBJECT,ASN1_R_INVALID_OBJECT_ENCODING);
for (i = 0; i < length; i++, p++) {
if (*p == 0x80 && (!i || !(p[-1] & 0x80))) {
ASN1err(ASN1_F_C2I_ASN1_OBJECT, ASN1_R_INVALID_OBJECT_ENCODING);
return NULL;
}
}
/* only the ASN1_OBJECTs from the 'table' will have values
* for ->sn or ->ln */
/*
* only the ASN1_OBJECTs from the 'table' will have values for ->sn or
* ->ln
*/
if ((a == NULL) || ((*a) == NULL) ||
!((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC))
{
if ((ret=ASN1_OBJECT_new()) == NULL) return(NULL);
}
else ret=(*a);
!((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC)) {
if ((ret = ASN1_OBJECT_new()) == NULL)
return (NULL);
} else
ret = (*a);
p= *pp;
p = *pp;
/* detach data from object */
data = (unsigned char *)ret->data;
ret->data = NULL;
/* once detached we can change it */
if ((data == NULL) || (ret->length < length))
{
ret->length=0;
if (data != NULL) OPENSSL_free(data);
data=(unsigned char *)OPENSSL_malloc(length);
if (data == NULL)
{ i=ERR_R_MALLOC_FAILURE; goto err; }
ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA;
if ((data == NULL) || (ret->length < length)) {
ret->length = 0;
if (data != NULL)
OPENSSL_free(data);
data = (unsigned char *)OPENSSL_malloc(length);
if (data == NULL) {
i = ERR_R_MALLOC_FAILURE;
goto err;
}
memcpy(data,p,length);
ret->flags |= ASN1_OBJECT_FLAG_DYNAMIC_DATA;
}
memcpy(data, p, length);
/* reattach data to object, after which it remains const */
ret->data =data;
ret->length=length;
ret->sn=NULL;
ret->ln=NULL;
ret->data = data;
ret->length = length;
ret->sn = NULL;
ret->ln = NULL;
/* ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; we know it is dynamic */
p+=length;
p += length;
if (a != NULL) (*a)=ret;
*pp=p;
return(ret);
err:
ASN1err(ASN1_F_C2I_ASN1_OBJECT,i);
if (a != NULL)
(*a) = ret;
*pp = p;
return (ret);
err:
ASN1err(ASN1_F_C2I_ASN1_OBJECT, i);
if ((ret != NULL) && ((a == NULL) || (*a != ret)))
ASN1_OBJECT_free(ret);
return(NULL);
}
return (NULL);
}
ASN1_OBJECT *ASN1_OBJECT_new(void)
{
{
ASN1_OBJECT *ret;
ret=(ASN1_OBJECT *)OPENSSL_malloc(sizeof(ASN1_OBJECT));
if (ret == NULL)
{
ASN1err(ASN1_F_ASN1_OBJECT_NEW,ERR_R_MALLOC_FAILURE);
return(NULL);
}
ret->length=0;
ret->data=NULL;
ret->nid=0;
ret->sn=NULL;
ret->ln=NULL;
ret->flags=ASN1_OBJECT_FLAG_DYNAMIC;
return(ret);
ret = (ASN1_OBJECT *)OPENSSL_malloc(sizeof(ASN1_OBJECT));
if (ret == NULL) {
ASN1err(ASN1_F_ASN1_OBJECT_NEW, ERR_R_MALLOC_FAILURE);
return (NULL);
}
ret->length = 0;
ret->data = NULL;
ret->nid = 0;
ret->sn = NULL;
ret->ln = NULL;
ret->flags = ASN1_OBJECT_FLAG_DYNAMIC;
return (ret);
}
void ASN1_OBJECT_free(ASN1_OBJECT *a)
{
if (a == NULL) return;
if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS)
{
#ifndef CONST_STRICT /* disable purely for compile-time strict const checking. Doing this on a "real" compile will cause memory leaks */
if (a->sn != NULL) OPENSSL_free((void *)a->sn);
if (a->ln != NULL) OPENSSL_free((void *)a->ln);
{
if (a == NULL)
return;
if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS) {
#ifndef CONST_STRICT /* disable purely for compile-time strict
* const checking. Doing this on a "real"
* compile will cause memory leaks */
if (a->sn != NULL)
OPENSSL_free((void *)a->sn);
if (a->ln != NULL)
OPENSSL_free((void *)a->ln);
#endif
a->sn=a->ln=NULL;
a->sn = a->ln = NULL;
}
if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA)
{
if (a->data != NULL) OPENSSL_free((void *)a->data);
a->data=NULL;
a->length=0;
if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) {
if (a->data != NULL)
OPENSSL_free((void *)a->data);
a->data = NULL;
a->length = 0;
}
if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC)
OPENSSL_free(a);
}
}
ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len,
const char *sn, const char *ln)
{
{
ASN1_OBJECT o;
o.sn=sn;
o.ln=ln;
o.data=data;
o.nid=nid;
o.length=len;
o.flags=ASN1_OBJECT_FLAG_DYNAMIC|ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|
o.sn = sn;
o.ln = ln;
o.data = data;
o.nid = nid;
o.length = len;
o.flags = ASN1_OBJECT_FLAG_DYNAMIC | ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |
ASN1_OBJECT_FLAG_DYNAMIC_DATA;
return(OBJ_dup(&o));
}
return (OBJ_dup(&o));
}
IMPLEMENT_STACK_OF(ASN1_OBJECT)
IMPLEMENT_ASN1_SET_OF(ASN1_OBJECT)

19
crypto/asn1/a_octet.c
View File

@ -61,11 +61,18 @@
#include <openssl/asn1.h>
ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *x)
{ return M_ASN1_OCTET_STRING_dup(x); }
{
return M_ASN1_OCTET_STRING_dup(x);
}
int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a, const ASN1_OCTET_STRING *b)
{ return M_ASN1_OCTET_STRING_cmp(a, b); }
int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *x, const unsigned char *d, int len)
{ return M_ASN1_OCTET_STRING_set(x, d, len); }
int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a,
const ASN1_OCTET_STRING *b)
{
return M_ASN1_OCTET_STRING_cmp(a, b);
}
int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *x, const unsigned char *d,
int len)
{
return M_ASN1_OCTET_STRING_set(x, d, len);
}

Some files were not shown because too many files have changed in this diff Show More