This commit was manufactured by cvs2svn to create tag 'BEFORE_COMPAQ_PATCH'.

bignum assembly method of bn-586.pl
and co-586.pl which (for some reason)
VC++ doesn't use.

CHANGES

@@ -4,6 +4,21 @@
 
  Changes between 0.9.7 and 0.9.8  [xx XXX 2002]
 
+  *) Change internals of the EC library so that the functions
+          EC_GROUP_set_generator()
+          EC_GROUP_get_generator()
+          EC_GROUP_get_order()
+          EC_GROUP_get_cofactor()
+     are implemented directly in crypto/ec/ec_lib.c and not dispatched
+     to methods, which would lead to unnecessary code duplication when
+     adding different types of curves.
+     [Nils Larsch with input by Bodo Moeller]
+
+  *) Implement compute_wNAF (crypto/ec/ec_mult.c) without BIGNUM
+     arithmetic, and such that modified wNAFs are generated
+     (which avoid length expansion in many cases).
+     [Bodo Moeller]
+
   *) Add a function EC_GROUP_check_discriminant() (defined via
      EC_METHOD) that verifies that the curve discriminant is non-zero.
 
@@ -40,6 +55,23 @@
  
  Changes between 0.9.6d and 0.9.7  [XX xxx 2002]
 
+  *) Remove most calls to EVP_CIPHER_CTX_cleanup() in evp_enc.c, this 
+     allows existing EVP_CIPHER_CTX structures to be reused after
+     calling EVP_*Final(). This behaviour is used by encryption
+     BIOs and some applications. This has the side effect that
+     applications must explicitly clean up cipher contexts with
+     EVP_CIPHER_CTX_cleanup() or they will leak memory.
+     [Steve Henson]
+
+  *) Check the values of dna and dnb in bn_mul_recursive before calling
+     bn_mul_comba (a non zero value means the a or b arrays do not contain
+     n2 elements) and fallback to bn_mul_normal if either is not zero.
+     [Steve Henson]
+
+  *) Fix escaping of non-ASCII characters when using the -subj option
+     of the "openssl req" command line tool. (Robert Joop <joop@fokus.gmd.de>)
+     [Lutz Jaenicke]
+
   *) Make object definitions compliant to LDAP (RFC2256): SN is the short
      form for "surname", serialNumber has no short form.
      Use "mail" as the short name for "rfc822Mailbox" according to RFC2798;
@@ -1053,9 +1085,16 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
 
   *) Update Rijndael code to version 3.0 and change EVP AES ciphers to
      handle the new API. Currently only ECB, CBC modes supported. Add new
-     AES OIDs. Add TLS AES ciphersuites as described in the "AES Ciphersuites
-     for TLS" draft-ietf-tls-ciphersuite-03.txt.
-     [Ben Laurie, Steve Henson]
+     AES OIDs.
+
+     Add TLS AES ciphersuites as described in the "AES Ciphersuites
+     for TLS" draft-ietf-tls-ciphersuite-06.txt. As these are not yet
+     official, they are not enabled by default and are not even part
+     of the "ALL" ciphersuite alias; for now, they must be explicitly
+     requested by specifying the new "AESdraft" ciphersuite alias. If
+     you want the default ciphersuite list plus the new ciphersuites,
+     use "DEFAULT:AESdraft:@STRENGTH".
+     [Ben Laurie, Steve Henson, Bodo Moeller]
 
   *) New function OCSP_copy_nonce() to copy nonce value (if present) from
      request to response.
@@ -1625,7 +1664,16 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
   *) Clean old EAY MD5 hack from e_os.h.
      [Richard Levitte]
 
- Changes between 0.9.6c and 0.9.6d  [XX xxx 2002]
+ Changes between 0.9.6d and 0.9.6e  [XX xxx XXXX]
+
+  *) Fix EVP_dsa_sha macro.
+     [Nils Larsch]
+
+ Changes between 0.9.6c and 0.9.6d  [9 May 2002]
+
+  *) Fix crypto/asn1/a_sign.c so that 'parameters' is omitted (not
+     encoded as NULL) with id-dsa-with-sha1.
+     [Nils Larsch <nla@trustcenter.de>; problem pointed out by Bodo Moeller]
 
   *) Check various X509_...() return values in apps/req.c.
      [Nils Larsch <nla@trustcenter.de>]

Configure

@@ -144,6 +144,7 @@ my %table=(
 "debug-bodo",	"gcc:-DL_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DBIO_PAIR_DEBUG -DPEDANTIC -g -m486 -pedantic -Wshadow -Wall::-D_REENTRANT:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
 "debug-ulf",	"gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT:::${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
 "debug-steve",	"gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -mcpu=i486 -pedantic -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
+"debug-steve-linux-pseudo64",	"gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DOPENSSL_NO_ASM -g -mcpu=i486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:SIXTY_FOUR_BIT::dlfcn",
 "debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "dist",		"cc:-O::(unknown)::::::",

FAQ

@@ -29,6 +29,7 @@ OpenSSL  -  Frequently Asked Questions
 * Why can't I use OpenSSL certificates with SSL client authentication?
 * Why does my browser give a warning about a mismatched hostname?
 * How do I install a CA certificate into a browser?
+* Why is OpenSSL x509 DN output not conformant to RFC2253?
 
 [BUILD] Questions about building and testing OpenSSL
 
@@ -59,7 +60,7 @@ OpenSSL  -  Frequently Asked Questions
 * Which is the current version of OpenSSL?
 
 The current version is available from <URL: http://www.openssl.org>.
-OpenSSL 0.9.6c was released on December 21st, 2001.
+OpenSSL 0.9.6d was released on May 9, 2002.
 
 In addition to the current stable release, you can also access daily
 snapshots of the OpenSSL development version at <URL:
@@ -343,6 +344,13 @@ DO NOT DO THIS! This command will give away your CAs private key and
 reduces its security to zero: allowing anyone to forge certificates in
 whatever name they choose.
 
+* Why is OpenSSL x509 DN output not conformant to RFC2253?
+
+The ways to print out the oneline format of the DN (Distinguished Name) have
+been extended in version 0.9.7 of OpenSSL. Using the new X509_NAME_print_ex()
+interface, the "-nameopt" option could be introduded. See the manual
+page of the "openssl x509" commandline tool for details. The old behaviour
+has however been left as default for the sake of compatibility.
 
 [BUILD] =======================================================================
 

INSTALL.W32

@@ -112,10 +112,10 @@
  * Compiler installation:
 
    Mingw32 is available from <ftp://ftp.xraylith.wisc.edu/pub/khan/
-   gnu-win32/mingw32/gcc-2.95.2/gcc-2.95.2-msvcrt.exe>. GNU make is at
-   <ftp://agnes.dida.physik.uni-essen.de/home/janjaap/mingw32/binaries/
-   make-3.76.1.zip>. Install both of them in C:\egcs-1.1.2 and run
-   C:\egcs-1.1.2\mingw32.bat to set the PATH.
+   gnu-win32/mingw32/gcc-2.95.2/gcc-2.95.2-msvcrt.exe>. Extract it
+   to a directory such as C:\gcc-2.95.2 and add c:\gcc-2.95.2\bin to
+   the PATH environment variable in "System Properties"; or edit and
+   run C:\gcc-2.95.2\mingw32.bat to set the PATH.
 
  * Compile OpenSSL:
 

Makefile.org

@@ -697,8 +697,8 @@ install: all install_docs
 			cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \
 			$(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \
 			chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i ); \
-		fi \
-	done
+		fi; \
+	done;
 	@if [ -n "$(SHARED_LIBS)" ]; then \
 		tmp="$(SHARED_LIBS)"; \
 		for i in $${tmp:-x}; \
@@ -715,7 +715,7 @@ install: all install_docs
 					cp $$i.a $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a; \
 					chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a; \
 				fi ); \
-			fi \
+			fi; \
 		done; \
 		(	here="`pwd`"; \
 			cd $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \

NEWS

@@ -38,6 +38,7 @@
       o SSL/TLS: support Kerberos cipher suites (RFC2712).
       o SSL/TLS: allow more precise control of renegotiations and sessions.
       o SSL/TLS: add callback to retrieve SSL/TLS messages.
+      o SSL/TLS: add draft AES ciphersuites (disabled unless explicitly requested).
 
   Major changes between OpenSSL 0.9.6c and OpenSSL 0.9.6d:
 

STATUS

@@ -1,10 +1,11 @@
 
   OpenSSL STATUS                           Last modified at
-  ______________                           $Date: 2002/04/13 22:47:04 $
+  ______________                           $Date: 2002/05/16 10:01:53 $
 
   DEVELOPMENT STATE
 
     o  OpenSSL 0.9.7:  Under development...
+    o  OpenSSL 0.9.6d: Released on May        9th, 2002
     o  OpenSSL 0.9.6c: Released on December  21st, 2001
     o  OpenSSL 0.9.6b: Released on July       9th, 2001
     o  OpenSSL 0.9.6a: Released on April      5th, 2001
@@ -17,23 +18,12 @@
     o  OpenSSL 0.9.2b: Released on March     22th, 1999
     o  OpenSSL 0.9.1c: Released on December  23th, 1998
 
+  [See also http://www.openssl.org/support/rt2.html]
+
   RELEASE SHOWSTOPPERS
 
-    o BIGNUM library failures on 64-bit platforms (0.9.7-dev):
-      - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc
-        and other 64-bit platforms
-
-	Checked on			Result
-	alpha-cc (Tru64 version 4.0)	works
-	linux-alpha+bwx-gcc		doesn't work. Reported by
-					Sean O'Riordain <seanpor@acm.org>
-	OpenBSD-sparc64			doesn't work.  BN_mod_mul breaks.
-
-	Needs checked on
-	[add platforms here]
-
-      - BN_mod_mul verification fails for mips3-sgi-irix
-        unless configured with no-asm
+    o BN_mod_mul verification fails for mips3-sgi-irix
+      unless configured with no-asm
 
   AVAILABLE PATCHES
 
@@ -68,6 +58,9 @@
 
   OPEN ISSUES
 
+    o  Do we want the EVP API changes in 0.9.7?
+       Can compatibility be improved?
+
     o  The Makefile hierarchy and build mechanism is still not a round thing:
 
        1. The config vs. Configure scripts

apps/apps.h

@@ -253,6 +253,8 @@ int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
 			ASN1_GENERALIZEDTIME **pinvtm, char *str);
 int make_serial_index(TXT_DB *db);
 
+X509_NAME *do_subject(char *str, long chtype);
+
 #define FORMAT_UNDEF    0
 #define FORMAT_ASN1     1
 #define FORMAT_TEXT     2

apps/ca.c

@@ -238,7 +238,6 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst,
        	int verbose, X509_REQ *req, char *ext_sect, CONF *conf,
 	unsigned long certopt, unsigned long nameopt, int default_op,
 	int ext_copy);
-static X509_NAME *do_subject(char *subject);
 static int do_revoke(X509 *x509, TXT_DB *db, int ext, char *extval);
 static int get_certificate_status(const char *ser_status, TXT_DB *db);
 static int do_updatedb(TXT_DB *db);
@@ -1879,7 +1878,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst,
 
 	if (subj)
 		{
-		X509_NAME *n = do_subject(subj);
+		X509_NAME *n = do_subject(subj, MBSTRING_ASC);
 
 		if (!n)
 			{
@@ -3023,65 +3022,124 @@ int make_revoked(X509_REVOKED *rev, char *str)
 	return ret;
 	}
 
-static X509_NAME *do_subject(char *subject)
+/*
+ * subject is expected to be in the format /type0=value0/type1=value1/type2=...
+ * where characters may be escaped by \
+ */
+X509_NAME *do_subject(char *subject, long chtype)
 	{
+	size_t buflen = strlen(subject)+1; /* to copy the types and values into. due to escaping, the copy can only become shorter */
+	char *buf = OPENSSL_malloc(buflen);
+	size_t max_ne = buflen / 2 + 1; /* maximum number of name elements */
+	char **ne_types = OPENSSL_malloc(max_ne * sizeof (char *));
+	char **ne_values = OPENSSL_malloc(max_ne * sizeof (char *));
+
+	char *sp = subject, *bp = buf;
+	int i, ne_num = 0;
+
 	X509_NAME *n = NULL;
+	int nid;
 
-	int i, nid, ne_num=0;
+	if (!buf || !ne_types || !ne_values)
+	{
+		BIO_printf(bio_err, "malloc error\n");
+		goto error;
+	}
 
-	char *ne_name = NULL;
-	char *ne_value = NULL;
+	if (*subject != '/')
+	{
+		BIO_printf(bio_err, "Subject does not start with '/'.\n");
+		goto error;
+	}
+	sp++; /* skip leading / */
 
-	char *tmp = NULL;
-	char *p[2];
-
-	char *str_list[256];
-       
-	p[0] = ",/";
-	p[1] = "=";
-
-	n = X509_NAME_new();
-
-	tmp = strtok(subject, p[0]);
-	while((tmp != NULL) && (ne_num < (sizeof str_list/sizeof *str_list)))
+	while (*sp)
+	{
+		/* collect type */
+		ne_types[ne_num] = bp;
+		while (*sp)
 		{
-		char *token = tmp;
-
-		while (token[0] == ' ')
-			token++;
-		str_list[ne_num] = token;
-
-		tmp = strtok(NULL, p[0]);
-		ne_num++;
+			if (*sp == '\\') /* is there anything to escape in the type...? */
+				if (*++sp)
+					*bp++ = *sp++;
+				else
+				{
+					BIO_printf(bio_err, "escape character at end of string\n");
+					goto error;
+				}
+			else if (*sp == '=')
+			{
+				sp++;
+				*bp++ = '\0';
+				break;
+			}
+			else
+				*bp++ = *sp++;
 		}
+		if (!*sp)
+		{
+			BIO_printf(bio_err, "end of string encountered while processing type of subject name element #%d\n", ne_num);
+			goto error;
+		}
+		ne_values[ne_num] = bp;
+		while (*sp)
+		{
+			if (*sp == '\\')
+				if (*++sp)
+					*bp++ = *sp++;
+				else
+				{
+					BIO_printf(bio_err, "escape character at end of string\n");
+					goto error;
+				}
+			else if (*sp == '/')
+			{
+				sp++;
+				break;
+			}
+			else
+				*bp++ = *sp++;
+		}
+		*bp++ = '\0';
+		ne_num++;
+	}
+
+	if (!(n = X509_NAME_new()))
+		goto error;
 
 	for (i = 0; i < ne_num; i++)
 		{
-		ne_name  = strtok(str_list[i], p[1]);
-		ne_value = strtok(NULL, p[1]);
-
-		if ((nid=OBJ_txt2nid(ne_name)) == NID_undef)
+		if ((nid=OBJ_txt2nid(ne_types[i])) == NID_undef)
 			{
-			BIO_printf(bio_err, "Subject Attribute %s has no known NID, skipped\n", ne_name);
+			BIO_printf(bio_err, "Subject Attribute %s has no known NID, skipped\n", ne_types[i]);
 			continue;
 			}
 
-		if (ne_value == NULL)
+		if (!*ne_values[i])
 			{
-			BIO_printf(bio_err, "No value provided for Subject Attribute %s, skipped\n", ne_name);
+			BIO_printf(bio_err, "No value provided for Subject Attribute %s, skipped\n", ne_types[i]);
 			continue;
 			}
 
-		if (!X509_NAME_add_entry_by_NID(n, nid, MBSTRING_ASC, (unsigned char*)ne_value, -1,-1,0))
-			{
-			X509_NAME_free(n);
-			return NULL;
-			}
+		if (!X509_NAME_add_entry_by_NID(n, nid, chtype, (unsigned char*)ne_values[i], -1,-1,0))
+			goto error;
 		}
 
+	OPENSSL_free(ne_values);
+	OPENSSL_free(ne_types);
+	OPENSSL_free(buf);
 	return n;
-	}
 
+error:
+	X509_NAME_free(n);
+	if (ne_values)
+		OPENSSL_free(ne_values);
+	if (ne_types)
+		OPENSSL_free(ne_types);
+	if (buf)
+		OPENSSL_free(buf);
+	return NULL;
+}
 
 int old_entry_print(BIO *bp, ASN1_OBJECT *obj, ASN1_STRING *str)
 	{

apps/crl.c

@@ -87,6 +87,7 @@ static char *crl_usage[]={
 " -noout          - no CRL output\n",
 " -CAfile  name   - verify CRL using certificates in file \"name\"\n",
 " -CApath  dir    - verify CRL using certificates in \"dir\"\n",
+" -nameopt arg    - various certificate name options\n",
 NULL
 };
 
@@ -97,6 +98,7 @@ int MAIN(int, char **);
 
 int MAIN(int argc, char **argv)
 	{
+	unsigned long nmflag = 0;
 	X509_CRL *x=NULL;
 	char *CAfile = NULL, *CApath = NULL;
 	int ret=1,i,num,badops=0;
@@ -105,7 +107,7 @@ int MAIN(int argc, char **argv)
 	char *infile=NULL,*outfile=NULL;
 	int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0,text=0;
 	int fingerprint = 0;
-	char **pp,buf[256];
+	char **pp;
 	X509_STORE *store = NULL;
 	X509_STORE_CTX ctx;
 	X509_LOOKUP *lookup = NULL;
@@ -188,6 +190,11 @@ int MAIN(int argc, char **argv)
 			text = 1;
 		else if (strcmp(*argv,"-hash") == 0)
 			hash= ++num;
+		else if (strcmp(*argv,"-nameopt") == 0)
+			{
+			if (--argc < 1) goto bad;
+			if (!set_name_ex(&nmflag, *(++argv))) goto bad;
+			}
 		else if (strcmp(*argv,"-issuer") == 0)
 			issuer= ++num;
 		else if (strcmp(*argv,"-lastupdate") == 0)
@@ -271,9 +278,7 @@ bad:
 			{
 			if (issuer == i)
 				{
-				X509_NAME_oneline(X509_CRL_get_issuer(x),
-								buf,256);
-				BIO_printf(bio_out,"issuer= %s\n",buf);
+				print_name(bio_out, "issuer=", X509_CRL_get_issuer(x), nmflag);
 				}
 
 			if (hash == i)

apps/dsaparam.c

@@ -186,7 +186,7 @@ bad:
 		BIO_printf(bio_err," -outform arg  output format - DER or PEM\n");
 		BIO_printf(bio_err," -in arg       input file\n");
 		BIO_printf(bio_err," -out arg      output file\n");
-		BIO_printf(bio_err," -text         print the key in text\n");
+		BIO_printf(bio_err," -text         print as text\n");
 		BIO_printf(bio_err," -C            Output C code\n");
 		BIO_printf(bio_err," -noout        no output\n");
 		BIO_printf(bio_err," -genkey       generate a DSA key\n");

apps/ecdsaparam.c

@@ -336,7 +336,7 @@ bad:
 		BIO_printf(bio_err," -outform arg       output format - DER or PEM\n");
 		BIO_printf(bio_err," -in arg            input file\n");
 		BIO_printf(bio_err," -out arg           output file\n");
-		BIO_printf(bio_err," -text              print the key in text\n");
+		BIO_printf(bio_err," -text              print as text\n");
 		BIO_printf(bio_err," -C                 Output C code\n");
 		BIO_printf(bio_err," -check             validate the ec parameters\n");
 		BIO_printf(bio_err," -noout             no output\n");

apps/pkcs12.c

@@ -779,7 +779,10 @@ int dump_certs_pkeys_bag (BIO *out, PKCS12_SAFEBAG *bag, char *pass,
 		print_attribs (out, bag->attrib, "Bag Attributes");
 		if (!(p8 = PKCS12_decrypt_skey(bag, pass, passlen)))
 				return 0;
-		if (!(pkey = EVP_PKCS82PKEY (p8))) return 0;
+		if (!(pkey = EVP_PKCS82PKEY (p8))) {
+			PKCS8_PRIV_KEY_INFO_free(p8);
+			return 0;
+		}
 		print_attribs (out, p8->attributes, "Key Attributes");
 		PKCS8_PRIV_KEY_INFO_free(p8);
 		PEM_write_bio_PrivateKey (out, pkey, enc, NULL, 0, NULL, pempass);

apps/req.c

@@ -505,6 +505,7 @@ bad:
 		BIO_printf(bio_err," -extensions .. specify certificate extension section (override value in config file)\n");
 		BIO_printf(bio_err," -reqexts ..    specify request extension section (override value in config file)\n");
 		BIO_printf(bio_err," -utf8          input characters are UTF8 (default ASCII)\n");
+		BIO_printf(bio_err," -nameopt arg    - various certificate name options\n");
 		goto end;
 		}
 
@@ -1210,64 +1211,22 @@ err:
 	return(ret);
 	}
 
+/*
+ * subject is expected to be in the format /type0=value0/type1=value1/type2=...
+ * where characters may be escaped by \
+ */
 static int build_subject(X509_REQ *req, char *subject, unsigned long chtype)
 	{
-	X509_NAME *n = NULL;
+	X509_NAME *n;
 
-	int i, nid, ne_num=0;
-
-	char *ne_name = NULL;
-	char *ne_value = NULL;
-
-	char *tmp = NULL;
-	char *p[2];
-
-	char *str_list[256];
-       
-	p[0] = ",/";
-        p[1] = "=";
-
-	n = X509_NAME_new();
-
-	tmp = strtok(subject, p[0]);
-	while((tmp != NULL) && (ne_num < (sizeof str_list/sizeof *str_list)))
-		{
-		char *token = tmp;
-
-		while (token[0] == ' ')
-			token++;
-		str_list[ne_num] = token;
-
-		tmp = strtok(NULL, p[0]);
-		ne_num++;
-		}
-
-	for(i = 0; i < ne_num; i++)
-		{
-		ne_name  = strtok(str_list[i], p[1]);
-		ne_value = strtok(NULL, p[1]);
-
-		if ((nid=OBJ_txt2nid(ne_name)) == NID_undef)
-			{
-			BIO_printf(bio_err, "Subject Attribute %s has no known NID, skipped\n", ne_name);
-			continue;
-			}
-
-		if (ne_value == NULL)
-			{
-			BIO_printf(bio_err, "No value provided for Subject Attribute %s, skipped\n", ne_name);
-			continue;
-			}
-
-		if (!X509_NAME_add_entry_by_NID(n, nid, chtype, (unsigned char*)ne_value, -1,-1,0))
-			{
-			X509_NAME_free(n);
-			return 0;
-			}
-		}
+	if (!(n = do_subject(subject, chtype)))
+		return 0;
 
 	if (!X509_REQ_set_subject_name(req, n))
+		{
+		X509_NAME_free(n);
 		return 0;
+		}
 	X509_NAME_free(n);
 	return 1;
 }

apps/smime.c

@@ -109,6 +109,12 @@ int MAIN(int argc, char **argv)
 	args = argv + 1;
 	ret = 1;
 
+	apps_startup();
+
+	if (bio_err == NULL)
+		if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+			BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT);
+
 	if (!load_config(bio_err, NULL))
 		goto end;
 
@@ -465,7 +471,10 @@ int MAIN(int argc, char **argv)
 		p7 = PKCS7_encrypt(encerts, in, cipher, flags);
 	} else if(operation == SMIME_SIGN) {
 		p7 = PKCS7_sign(signer, key, other, in, flags);
-		BIO_reset(in);
+		if (BIO_reset(in) != 0 && (flags & PKCS7_DETACHED)) {
+		  BIO_printf(bio_err, "Can't rewind input file\n");
+		  goto end;
+		}
 	} else {
 		if(informat == FORMAT_SMIME) 
 			p7 = SMIME_read_PKCS7(in, &indata);

config

@@ -517,6 +517,10 @@ EOF
 	${CC} -o dummy dummy.c && OUT=`./dummy ${MACHINE}`
 	rm dummy dummy.c
 	;;
+  ppc64-*-linux2)
+	#Use the standard target for PPC architecture until we create a
+	#special one for the 64bit architecture.
+	OUT="linux-ppc" ;;
   ppc-*-linux2) OUT="linux-ppc" ;;
   m68k-*-linux*) OUT="linux-m68k" ;;
   ia64-*-linux?) OUT="linux-ia64" ;;

crypto/Makefile.ssl

@@ -57,7 +57,7 @@ buildinf.h: ../Makefile.ssl
 	echo "  /* auto-generated by crypto/Makefile.ssl for crypto/cversion.c */"; \
 	echo "  #define CFLAGS \"$(CC) $(CFLAG)\""; \
 	echo "  #define PLATFORM \"$(PLATFORM)\""; \
-	echo "  #define DATE \"`date`\""; \
+	echo "  #define DATE \"`LC_ALL=C LC_TIME=C date`\""; \
 	echo "#endif" ) >buildinf.h
 
 testapps:

crypto/asn1/a_sign.c

@@ -55,6 +55,59 @@
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
  */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
 
 #include <stdio.h>
 #include <time.h>
@@ -90,7 +143,14 @@ int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2,
 		else
 			a=algor2;
 		if (a == NULL) continue;
-		if (	(a->parameter == NULL) || 
+                if (type->pkey_type == NID_dsaWithSHA1)
+			{
+			/* special case: RFC 2459 tells us to omit 'parameters'
+			 * with id-dsa-with-sha1 */
+			ASN1_TYPE_free(a->parameter);
+			a->parameter = NULL;
+			}
+		else if ((a->parameter == NULL) || 
 			(a->parameter->type != V_ASN1_NULL))
 			{
 			ASN1_TYPE_free(a->parameter);
@@ -169,7 +229,14 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
 		else
 			a=algor2;
 		if (a == NULL) continue;
-		if (	(a->parameter == NULL) || 
+                if (type->pkey_type == NID_dsaWithSHA1)
+			{
+			/* special case: RFC 2459 tells us to omit 'parameters'
+			 * with id-dsa-with-sha1 */
+			ASN1_TYPE_free(a->parameter);
+			a->parameter = NULL;
+			}
+		else if ((a->parameter == NULL) || 
 			(a->parameter->type != V_ASN1_NULL))
 			{
 			ASN1_TYPE_free(a->parameter);

crypto/asn1/p5_pbev2.c

@@ -116,6 +116,8 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
 	if (RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0)
 		goto err;
 
+	EVP_CIPHER_CTX_init(&ctx);
+
 	/* Dummy cipherinit to just setup the IV */
 	EVP_CipherInit_ex(&ctx, cipher, NULL, NULL, iv, 0);
 	if(EVP_CIPHER_param_to_asn1(&ctx, scheme->parameter) < 0) {

crypto/bio/b_print.c

@@ -56,6 +56,13 @@
  * [including the GNU Public Licence.]
  */
 
+/* disable assert() unless BIO_DEBUG has been defined */
+#ifndef BIO_DEBUG
+# ifndef NDEBUG
+#  define NDEBUG
+# endif
+#endif
+
 /* 
  * Stolen from tjh's ssl/ssl_trc.c stuff.
  */
@@ -716,12 +723,13 @@ doapr_outch(
     if (buffer) {
 	while (*currlen >= *maxlen) {
 	    if (*buffer == NULL) {
-		assert(*sbuffer != NULL);
 		if (*maxlen == 0)
 		    *maxlen = 1024;
 		*buffer = OPENSSL_malloc(*maxlen);
-		if (*currlen > 0)
+		if (*currlen > 0) {
+		    assert(*sbuffer != NULL);
 		    memcpy(*buffer, *sbuffer, *currlen);
+		}
 		*sbuffer = NULL;
 	    } else {
 		*maxlen += 1024;
@@ -761,7 +769,9 @@ int BIO_vprintf (BIO *bio, const char *format, va_list args)
 	{
 	int ret;
 	size_t retlen;
-	MS_STATIC char hugebuf[1024*10];
+	char hugebuf[1024*2];	/* Was previously 10k, which is unreasonable
+				   in small-stack environments, like threads
+				   or DOS programs. */
 	char *hugebufp = hugebuf;
 	size_t hugebufsize = sizeof(hugebuf);
 	char *dynbuf = NULL;

crypto/bio/bss_bio.c

@@ -7,9 +7,18 @@
  * for which no specific BIO method is available.
  * See ssl/ssltest.c for some hints on how this can be used. */
 
+/* BIO_DEBUG implies BIO_PAIR_DEBUG */
+#ifdef BIO_DEBUG
+# ifndef BIO_PAIR_DEBUG
+#  define BIO_PAIR_DEBUG
+# endif
+#endif
+
+/* disable assert() unless BIO_PAIR_DEBUG has been defined */
 #ifndef BIO_PAIR_DEBUG
-# undef NDEBUG /* avoid conflicting definitions */
-# define NDEBUG
+# ifndef NDEBUG
+#  define NDEBUG
+# endif
 #endif
 
 #include <assert.h>

crypto/bn/bn.h

@@ -136,7 +136,7 @@ extern "C" {
 #define BN_MASK2h	(0xffffffff00000000LL)
 #define BN_MASK2h1	(0xffffffff80000000LL)
 #define BN_TBIT		(0x8000000000000000LL)
-#define BN_DEC_CONV	(10000000000000000000LL)
+#define BN_DEC_CONV	(10000000000000000000ULL)
 #define BN_DEC_FMT1	"%llu"
 #define BN_DEC_FMT2	"%019llu"
 #define BN_DEC_NUM	19

crypto/bn/bn_mul.c

@@ -408,16 +408,22 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
 		return;
 		}
 #  endif
-	if (n2 == 8)
+	/* Only call bn_mul_comba 8 if n2 == 8 and the
+	 * two arrays are complete [steve]
+	 */
+	if (n2 == 8 && dna == 0 && dnb == 0)
 		{
 		bn_mul_comba8(r,a,b);
 		return; 
 		}
 # endif /* BN_MUL_COMBA */
+	/* Else do normal multiply */
 	if (n2 < BN_MUL_RECURSIVE_SIZE_NORMAL)
 		{
-		/* This should not happen */
-		bn_mul_normal(r,a,n2,b,n2);
+		bn_mul_normal(r,a,n2+dna,b,n2+dnb);
+		if ((dna + dnb) < 0)
+			memset(&r[2*n2 + dna + dnb], 0,
+				sizeof(BN_ULONG) * -(dna + dnb));
 		return;
 		}
 	/* r=(a[0]-a[1])*(b[1]-b[0]) */

crypto/ec/ec.h

@@ -107,11 +107,16 @@ void EC_GROUP_free(EC_GROUP *);
 void EC_GROUP_clear_free(EC_GROUP *);
 int EC_GROUP_copy(EC_GROUP *, const EC_GROUP *);
 
+const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *);
+
+int EC_GROUP_set_generator(EC_GROUP *, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor);
+EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *);
+int EC_GROUP_get_order(const EC_GROUP *, BIGNUM *order, BN_CTX *);
+int EC_GROUP_get_cofactor(const EC_GROUP *, BIGNUM *cofactor, BN_CTX *);
+
 void EC_GROUP_set_nid(EC_GROUP *, int);
 int EC_GROUP_get_nid(const EC_GROUP *);
 
-const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *);
-
 
 /* We don't have types for field specifications and field elements in general.
  * Otherwise we could declare
@@ -120,11 +125,6 @@ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *);
 int EC_GROUP_set_curve_GFp(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
 int EC_GROUP_get_curve_GFp(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *);
 
-int EC_GROUP_set_generator(EC_GROUP *, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor);
-EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *);
-int EC_GROUP_get_order(const EC_GROUP *, BIGNUM *order, BN_CTX *);
-int EC_GROUP_get_cofactor(const EC_GROUP *, BIGNUM *cofactor, BN_CTX *);
-
 /* EC_GROUP_check() returns 1 if 'group' defines a valid group, 0 otherwise */
 int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
 /* EC_GROUP_check_discriminant() returns 1 if the discriminant of the

crypto/ec/ec_lcl.h

@@ -73,15 +73,6 @@ struct ec_method_st {
 	int (*group_set_curve_GFp)(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
 	int (*group_get_curve_GFp)(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *);
 
-	/* used by EC_GROUP_set_generator, EC_GROUP_get0_generator,
-	 * EC_GROUP_get_order, EC_GROUP_get_cofactor:
-	 */
-	int (*group_set_generator)(EC_GROUP *, const EC_POINT *generator,
-	        const BIGNUM *order, const BIGNUM *cofactor);
-	EC_POINT *(*group_get0_generator)(const EC_GROUP *);
-	int (*group_get_order)(const EC_GROUP *, BIGNUM *order, BN_CTX *);
-	int (*group_get_cofactor)(const EC_GROUP *, BIGNUM *cofactor, BN_CTX *);
-
 	/* used by EC_GROUP_check: */
 	int (*group_check_discriminant)(const EC_GROUP *, BN_CTX *);
 
@@ -146,16 +137,24 @@ struct ec_method_st {
 struct ec_group_st {
 	const EC_METHOD *meth;
 
+	EC_POINT *generator; /* optional */
+	BIGNUM order, cofactor;
+
+	int nid; /* optional NID for named curve */
+
 	void *extra_data;
 	void *(*extra_data_dup_func)(void *);
 	void (*extra_data_free_func)(void *);
 	void (*extra_data_clear_free_func)(void *);
 
-	/* All members except 'meth' and 'extra_data...' are handled by
-	 * the method functions, even if they appear generic */
+	/* The following members are handled by the method functions,
+	 * even if they appear generic */
 	
 	BIGNUM field; /* Field specification.
-	               * For curves over GF(p), this is the modulus. */
+	               * For curves over GF(p), this is the modulus;
+	               * for curves over GF(2^m), this is the 
+	               * irreducible polynomial defining the field.
+	               */
 
 	BIGNUM a, b; /* Curve coefficients.
 	              * (Here the assumption is that BIGNUMs can be used
@@ -163,14 +162,13 @@ struct ec_group_st {
 	              * For characteristic  > 3,  the curve is defined
 	              * by a Weierstrass equation of the form
 	              *     y^2 = x^3 + a*x + b.
+	              * For characteristic  2,  the curve is defined by
+	              * an equation of the form
+	              *     y^2 + x*y = x^3 + a*x^2 + b.
 	              */
+
 	int a_is_minus3; /* enable optimized point arithmetics for special case */
 
-	EC_POINT *generator; /* optional */
-	BIGNUM order, cofactor;
-
-	int nid;
-
 	void *field_data1; /* method-specific (e.g., Montgomery structure) */
 	void *field_data2; /* method-specific */
 } /* EC_GROUP */;
@@ -213,11 +211,6 @@ void ec_GFp_simple_group_clear_finish(EC_GROUP *);
 int ec_GFp_simple_group_copy(EC_GROUP *, const EC_GROUP *);
 int ec_GFp_simple_group_set_curve_GFp(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
 int ec_GFp_simple_group_get_curve_GFp(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *);
-int ec_GFp_simple_group_set_generator(EC_GROUP *, const EC_POINT *generator,
-	const BIGNUM *order, const BIGNUM *cofactor);
-EC_POINT *ec_GFp_simple_group_get0_generator(const EC_GROUP *);
-int ec_GFp_simple_group_get_order(const EC_GROUP *, BIGNUM *order, BN_CTX *);
-int ec_GFp_simple_group_get_cofactor(const EC_GROUP *, BIGNUM *cofactor, BN_CTX *);
 int ec_GFp_simple_group_check_discriminant(const EC_GROUP *, BN_CTX *);
 int ec_GFp_simple_point_init(EC_POINT *);
 void ec_GFp_simple_point_finish(EC_POINT *);

crypto/ec/ec_lib.c

@@ -94,6 +94,10 @@ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth)
 	ret->extra_data_free_func = 0;
 	ret->extra_data_clear_free_func = 0;
 
+	ret->generator = NULL;
+	BN_init(&ret->order);
+	BN_init(&ret->cofactor);
+
 	ret->nid = 0;	
 
 	if (!meth->group_init(ret))
@@ -108,17 +112,26 @@ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth)
 
 void EC_GROUP_free(EC_GROUP *group)
 	{
+	if (!group) return;
+
 	if (group->meth->group_finish != 0)
 		group->meth->group_finish(group);
 
 	EC_GROUP_free_extra_data(group);
 
+	if (group->generator != NULL)
+		EC_POINT_free(group->generator);
+	BN_free(&group->order);
+	BN_free(&group->cofactor);
+
 	OPENSSL_free(group);
 	}
  
 
 void EC_GROUP_clear_free(EC_GROUP *group)
 	{
+	if (!group) return;
+
 	if (group->meth->group_clear_finish != 0)
 		group->meth->group_clear_finish(group);
 	else if (group->meth != NULL && group->meth->group_finish != 0)
@@ -126,6 +139,11 @@ void EC_GROUP_clear_free(EC_GROUP *group)
 
 	EC_GROUP_clear_free_extra_data(group);
 
+	if (group->generator != NULL)
+		EC_POINT_clear_free(group->generator);
+	BN_clear_free(&group->order);
+	BN_clear_free(&group->cofactor);
+
 	memset(group, 0, sizeof *group);
 	OPENSSL_free(group);
 	}
@@ -161,6 +179,30 @@ int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src)
 		dest->extra_data_clear_free_func = src->extra_data_clear_free_func;
 		}
 
+	if (src->generator != NULL)
+		{
+		if (dest->generator == NULL)
+			{
+			dest->generator = EC_POINT_new(dest);
+			if (dest->generator == NULL) return 0;
+			}
+		if (!EC_POINT_copy(dest->generator, src->generator)) return 0;
+		}
+	else
+		{
+		/* src->generator == NULL */
+		if (dest->generator != NULL)
+			{
+			EC_POINT_clear_free(dest->generator);
+			dest->generator = NULL;
+			}
+		}
+
+	if (!BN_copy(&dest->order, &src->order)) return 0;
+	if (!BN_copy(&dest->cofactor, &src->cofactor)) return 0;
+
+	dest->nid = src->nid;
+
 	return dest->meth->group_copy(dest, src);
 	}
 
@@ -171,6 +213,71 @@ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group)
 	}
 
 
+int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor)
+	{
+	if (generator == NULL)
+		{
+		ECerr(EC_F_EC_GROUP_SET_GENERATOR, ERR_R_PASSED_NULL_PARAMETER);
+		return 0   ;
+		}
+
+	if (group->generator == NULL)
+		{
+		group->generator = EC_POINT_new(group);
+		if (group->generator == NULL) return 0;
+		}
+	if (!EC_POINT_copy(group->generator, generator)) return 0;
+
+	if (order != NULL)
+		{ if (!BN_copy(&group->order, order)) return 0; }	
+	else
+		{ if (!BN_zero(&group->order)) return 0; }	
+
+	if (cofactor != NULL)
+		{ if (!BN_copy(&group->cofactor, cofactor)) return 0; }	
+	else
+		{ if (!BN_zero(&group->cofactor)) return 0; }	
+
+	return 1;
+	}
+
+
+EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group)
+	{
+	return group->generator;
+	}
+
+
+int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx)
+	{
+	if (!BN_copy(order, &group->order))
+		return 0;
+
+	return !BN_is_zero(order);
+	}
+
+
+int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx)
+	{
+	if (!BN_copy(cofactor, &group->cofactor))
+		return 0;
+
+	return !BN_is_zero(&group->cofactor);
+	}
+
+
+void EC_GROUP_set_nid(EC_GROUP *group, int nid)
+	{
+	group->nid = nid;
+	}
+
+
+int EC_GROUP_get_nid(const EC_GROUP *group)
+	{
+	return group->nid;
+	}
+
+
 int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
 	{
 	if (group->meth->group_set_curve_GFp == 0)
@@ -193,50 +300,6 @@ int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *
 	}
 
 
-int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor)
-	{
-	if (group->meth->group_set_generator == 0)
-		{
-		ECerr(EC_F_EC_GROUP_SET_GENERATOR, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	return group->meth->group_set_generator(group, generator, order, cofactor);
-	}
-
-
-EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group)
-	{
-	if (group->meth->group_get0_generator == 0)
-		{
-		ECerr(EC_F_EC_GROUP_GET0_GENERATOR, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	return group->meth->group_get0_generator(group);
-	}
-
-
-int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx)
-	{
-	if (group->meth->group_get_order == 0)
-		{
-		ECerr(EC_F_EC_GROUP_GET_ORDER, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	return group->meth->group_get_order(group, order, ctx);
-	}
-
-
-int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx)
-	{
-	if (group->meth->group_get_cofactor == 0)
-		{
-		ECerr(EC_F_EC_GROUP_GET_COFACTOR, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	return group->meth->group_get_cofactor(group, cofactor, ctx);
-	}
-
-
 int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx)
 	{
 	if (group->meth->group_check_discriminant == 0)
@@ -248,18 +311,6 @@ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx)
 	}
 
 
-void EC_GROUP_set_nid(EC_GROUP *group, int nid)
-	{
-	group->nid = nid;
-	}
-
-
-int EC_GROUP_get_nid(const EC_GROUP *group)
-	{
-	return group->nid;
-	}
-
-
 /* this has 'package' visibility */
 int EC_GROUP_set_extra_data(EC_GROUP *group, void *extra_data, void *(*extra_data_dup_func)(void *),
 	void (*extra_data_free_func)(void *), void (*extra_data_clear_free_func)(void *))
@@ -361,6 +412,8 @@ EC_POINT *EC_POINT_new(const EC_GROUP *group)
 
 void EC_POINT_free(EC_POINT *point)
 	{
+	if (!point) return;
+
 	if (point->meth->point_finish != 0)
 		point->meth->point_finish(point);
 	OPENSSL_free(point);
@@ -369,6 +422,8 @@ void EC_POINT_free(EC_POINT *point)
 
 void EC_POINT_clear_free(EC_POINT *point)
 	{
+	if (!point) return;
+
 	if (point->meth->point_clear_finish != 0)
 		point->meth->point_clear_finish(point);
 	else if (point->meth != NULL && point->meth->point_finish != 0)

crypto/ec/ec_mult.c

@@ -1,6 +1,6 @@
 /* crypto/ec/ec_mult.c */
 /* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -68,25 +68,23 @@
  */
 
 
-/* Determine the width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'.
+/* Determine the modified width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'.
  * This is an array  r[]  of values that are either zero or odd with an
  * absolute value less than  2^w  satisfying
  *     scalar = \sum_j r[j]*2^j
- * where at most one of any  w+1  consecutive digits is non-zero.
+ * where at most one of any  w+1  consecutive digits is non-zero
+ * with the exception that the most significant digit may be only
+ * w-1 zeros away from that next non-zero digit.
  */
-static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len, BN_CTX *ctx)
+static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len)
 	{
-	BIGNUM *c;
+	int window_val;
 	int ok = 0;
 	signed char *r = NULL;
 	int sign = 1;
 	int bit, next_bit, mask;
 	size_t len = 0, j;
 	
-	BN_CTX_start(ctx);
-	c = BN_CTX_get(ctx);
-	if (c == NULL) goto err;
-	
 	if (w <= 0 || w > 7) /* 'signed char' can represent integers with absolute values less than 2^7 */
 		{
 		ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
@@ -96,60 +94,84 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len, B
 	next_bit = bit << 1; /* at most 256 */
 	mask = next_bit - 1; /* at most 255 */
 
-	if (!BN_copy(c, scalar)) goto err;
-	if (c->neg)
+	if (scalar->neg)
 		{
 		sign = -1;
-		c->neg = 0;
 		}
 
-	len = BN_num_bits(c) + 1; /* wNAF may be one digit longer than binary representation */
-	r = OPENSSL_malloc(len);
+	len = BN_num_bits(scalar);
+	r = OPENSSL_malloc(len + 1); /* modified wNAF may be one digit longer than binary representation */
 	if (r == NULL) goto err;
 
-	j = 0;
-	while (!BN_is_zero(c))
+	if (scalar->d == NULL || scalar->top == 0)
 		{
-		int u = 0;
+		ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
+		goto err;
+		}
+	window_val = scalar->d[0] & mask;
+	j = 0;
+	while ((window_val != 0) || (j + w + 1 < len)) /* if j+w+1 >= len, window_val will not increase */
+		{
+		int digit = 0;
 
-		if (BN_is_odd(c)) 
+		/* 0 <= window_val <= 2^(w+1) */
+
+		if (window_val & 1)
 			{
-			if (c->d == NULL || c->top == 0)
+			/* 0 < window_val < 2^(w+1) */
+
+			if (window_val & bit)
+				{
+				digit = window_val - next_bit; /* -2^w < digit < 0 */
+
+#if 1 /* modified wNAF */
+				if (j + w + 1 >= len)
+					{
+					/* special case for generating modified wNAFs:
+					 * no new bits will be added into window_val,
+					 * so using a positive digit here will decrease
+					 * the total length of the representation */
+					
+					digit = window_val & (mask >> 1); /* 0 < digit < 2^w */
+					}
+#endif
+				}
+			else
+				{
+				digit = window_val; /* 0 < digit < 2^w */
+				}
+			
+			if (digit <= -bit || digit >= bit || !(digit & 1))
 				{
 				ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
 				goto err;
 				}
-			u = c->d[0] & mask;
-			if (u & bit)
-				{
-				u -= next_bit;
-				/* u < 0 */
-				if (!BN_add_word(c, -u)) goto err;
-				}
-			else
-				{
-				/* u > 0 */
-				if (!BN_sub_word(c, u)) goto err;
-				}
 
-			if (u <= -bit || u >= bit || !(u & 1) || c->neg)
+			window_val -= digit;
+
+			/* now window_val is 0 or 2^(w+1) in standard wNAF generation;
+			 * for modified window NAFs, it may also be 2^w
+			 */
+			if (window_val != 0 && window_val != next_bit && window_val != bit)
 				{
 				ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
 				goto err;
 				}
 			}
 
-		r[j++] = sign * u;
-		
-		if (BN_is_odd(c))
+		r[j++] = sign * digit;
+
+		window_val >>= 1;
+		window_val += bit * BN_is_bit_set(scalar, j + w);
+
+		if (window_val > next_bit)
 			{
 			ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
 			goto err;
 			}
-		if (!BN_rshift1(c, c)) goto err;
 		}
 
-	if (j > len)
+	if (j > len + 1)
 		{
 		ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
 		goto err;
@@ -158,7 +180,6 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len, B
 	ok = 1;
 
  err:
-	BN_CTX_end(ctx);
 	if (!ok)
 		{
 		OPENSSL_free(r);
@@ -314,7 +335,7 @@ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
 			}
 
 		wNAF[i + 1] = NULL; /* make sure we always have a pivot */
-		wNAF[i] = compute_wNAF((i < num ? scalars[i] : scalar), wsize[i], &wNAF_len[i], ctx);
+		wNAF[i] = compute_wNAF((i < num ? scalars[i] : scalar), wsize[i], &wNAF_len[i]);
 		if (wNAF[i] == NULL) goto err;
 		if (wNAF_len[i] > max_len)
 			max_len = wNAF_len[i];

crypto/ec/ecp_mont.c

@@ -67,10 +67,6 @@ const EC_METHOD *EC_GFp_mont_method(void)
 		ec_GFp_mont_group_copy,
 		ec_GFp_mont_group_set_curve_GFp,
 		ec_GFp_simple_group_get_curve_GFp,
-		ec_GFp_simple_group_set_generator,
-		ec_GFp_simple_group_get0_generator,
-		ec_GFp_simple_group_get_order,
-		ec_GFp_simple_group_get_cofactor,
 		ec_GFp_simple_group_check_discriminant,
 		ec_GFp_simple_point_init,
 		ec_GFp_simple_point_finish,

crypto/ec/ecp_smpl.c

@@ -69,10 +69,6 @@ const EC_METHOD *EC_GFp_simple_method(void)
 		ec_GFp_simple_group_copy,
 		ec_GFp_simple_group_set_curve_GFp,
 		ec_GFp_simple_group_get_curve_GFp,
-		ec_GFp_simple_group_set_generator,
-		ec_GFp_simple_group_get0_generator,
-		ec_GFp_simple_group_get_order,
-		ec_GFp_simple_group_get_cofactor,
 		ec_GFp_simple_group_check_discriminant,
 		ec_GFp_simple_point_init,
 		ec_GFp_simple_point_finish,
@@ -110,9 +106,6 @@ int ec_GFp_simple_group_init(EC_GROUP *group)
 	BN_init(&group->a);
 	BN_init(&group->b);
 	group->a_is_minus3 = 0;
-	group->generator = NULL;
-	BN_init(&group->order);
-	BN_init(&group->cofactor);
 	return 1;
 	}
 
@@ -122,10 +115,6 @@ void ec_GFp_simple_group_finish(EC_GROUP *group)
 	BN_free(&group->field);
 	BN_free(&group->a);
 	BN_free(&group->b);
-	if (group->generator != NULL)
-		EC_POINT_free(group->generator);
-	BN_free(&group->order);
-	BN_free(&group->cofactor);
 	}
 
 
@@ -134,13 +123,6 @@ void ec_GFp_simple_group_clear_finish(EC_GROUP *group)
 	BN_clear_free(&group->field);
 	BN_clear_free(&group->a);
 	BN_clear_free(&group->b);
-	if (group->generator != NULL)
-		{
-		EC_POINT_clear_free(group->generator);
-		group->generator = NULL;
-		}
-	BN_clear_free(&group->order);
-	BN_clear_free(&group->cofactor);
 	}
 
 
@@ -152,28 +134,6 @@ int ec_GFp_simple_group_copy(EC_GROUP *dest, const EC_GROUP *src)
 
 	dest->a_is_minus3 = src->a_is_minus3;
 
-	if (src->generator != NULL)
-		{
-		if (dest->generator == NULL)
-			{
-			dest->generator = EC_POINT_new(dest);
-			if (dest->generator == NULL) return 0;
-			}
-		if (!EC_POINT_copy(dest->generator, src->generator)) return 0;
-		}
-	else
-		{
-		/* src->generator == NULL */
-		if (dest->generator != NULL)
-			{
-			EC_POINT_clear_free(dest->generator);
-			dest->generator = NULL;
-			}
-		}
-
-	if (!BN_copy(&dest->order, &src->order)) return 0;
-	if (!BN_copy(&dest->cofactor, &src->cofactor)) return 0;
-
 	return 1;
 	}
 
@@ -284,61 +244,6 @@ int ec_GFp_simple_group_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *
 	}
 
 
-
-int ec_GFp_simple_group_set_generator(EC_GROUP *group, const EC_POINT *generator,
-	const BIGNUM *order, const BIGNUM *cofactor)
-	{
-	if (generator == NULL)
-		{
-		ECerr(EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR, ERR_R_PASSED_NULL_PARAMETER);
-		return 0   ;
-		}
-
-	if (group->generator == NULL)
-		{
-		group->generator = EC_POINT_new(group);
-		if (group->generator == NULL) return 0;
-		}
-	if (!EC_POINT_copy(group->generator, generator)) return 0;
-
-	if (order != NULL)
-		{ if (!BN_copy(&group->order, order)) return 0; }	
-	else
-		{ if (!BN_zero(&group->order)) return 0; }	
-
-	if (cofactor != NULL)
-		{ if (!BN_copy(&group->cofactor, cofactor)) return 0; }	
-	else
-		{ if (!BN_zero(&group->cofactor)) return 0; }	
-
-	return 1;
-	}
-
-
-EC_POINT *ec_GFp_simple_group_get0_generator(const EC_GROUP *group)
-	{
-	return group->generator;
-	}
-
-
-int ec_GFp_simple_group_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx)
-	{
-	if (!BN_copy(order, &group->order))
-		return 0;
-
-	return !BN_is_zero(&group->order);
-	}
-
-
-int ec_GFp_simple_group_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx)
-	{
-	if (!BN_copy(cofactor, &group->cofactor))
-		return 0;
-
-	return !BN_is_zero(&group->cofactor);
-	}
-
-
 int ec_GFp_simple_group_check_discriminant(const EC_GROUP *group, BN_CTX *ctx)
 	{
 	int ret = 0;

crypto/engine/hw_4758_cca.c

@@ -287,13 +287,13 @@ err:
 		DSO_free(dso);
 	dso = NULL;
 
-	keyRecordRead = (F_KEYRECORDREAD)NULL;
-	randomNumberGenerate = (F_RANDOMNUMBERGENERATE)NULL;
-	digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE)NULL;
-	digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)NULL;
-	publicKeyExtract = (F_PUBLICKEYEXTRACT)NULL;
-	pkaEncrypt = (F_PKAENCRYPT)NULL;
-	pkaDecrypt = (F_PKADECRYPT)NULL;
+	keyRecordRead = (F_KEYRECORDREAD)0;
+	randomNumberGenerate = (F_RANDOMNUMBERGENERATE)0;
+	digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE)0;
+	digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)0;
+	publicKeyExtract = (F_PUBLICKEYEXTRACT)0;
+	pkaEncrypt = (F_PKAENCRYPT)0;
+	pkaDecrypt = (F_PKADECRYPT)0;
 	return 0;
 	}
 
@@ -312,13 +312,13 @@ static int ibm_4758_cca_finish(ENGINE *e)
 		return 0;
 		}
 	dso = NULL;
-	keyRecordRead = (F_KEYRECORDREAD)NULL;
-	randomNumberGenerate = (F_RANDOMNUMBERGENERATE)NULL;
-	digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE)NULL;
-	digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)NULL;
-	publicKeyExtract = (F_PUBLICKEYEXTRACT)NULL;
-	pkaEncrypt = (F_PKAENCRYPT)NULL;
-	pkaDecrypt = (F_PKADECRYPT)NULL;
+	keyRecordRead = (F_KEYRECORDREAD)0;
+	randomNumberGenerate = (F_RANDOMNUMBERGENERATE)0;
+	digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE)0;
+	digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)0;
+	publicKeyExtract = (F_PUBLICKEYEXTRACT)0;
+	pkaEncrypt = (F_PKAENCRYPT)0;
+	pkaDecrypt = (F_PKADECRYPT)0;
 	return 1;
 	}
 

crypto/engine/hw_sureware.c

@@ -95,10 +95,10 @@ static EVP_PKEY *surewarehk_load_privkey(ENGINE *e, const char *key_id,
 static EVP_PKEY *surewarehk_load_pubkey(ENGINE *e, const char *key_id,
 	UI_METHOD *ui_method, void *callback_data);
 static void surewarehk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
-	int index_,long argl, void *argp);
+	int idx,long argl, void *argp);
 #if 0
 static void surewarehk_dh_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
-	int index_,long argl, void *argp);
+	int idx,long argl, void *argp);
 #endif
 
 #ifndef OPENSSL_NO_RSA
@@ -816,7 +816,7 @@ static EVP_PKEY *surewarehk_load_pubkey(ENGINE *e, const char *key_id,
 /* This cleans up an RSA/DSA KM key(do not destroy the key into the hardware)
 , called when ex_data is freed */
 static void surewarehk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
-	int index_,long argl, void *argp)
+	int idx,long argl, void *argp)
 {
 	if(!p_surewarehk_Free)
 	{
@@ -831,7 +831,7 @@ static void surewarehk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
 /* This cleans up an DH KM key (destroys the key into hardware), 
 called when ex_data is freed */
 static void surewarehk_dh_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
-	int index_,long argl, void *argp)
+	int idx,long argl, void *argp)
 {
 	if(!p_surewarehk_Free)
 	{

crypto/err/err.h

@@ -159,7 +159,7 @@ typedef struct err_state_st
 #define ENGINEerr(f,r) ERR_PUT_error(ERR_LIB_ENGINE,(f),(r),__FILE__,__LINE__)
 #define OCSPerr(f,r) ERR_PUT_error(ERR_LIB_OCSP,(f),(r),__FILE__,__LINE__)
 #define UIerr(f,r) ERR_PUT_error(ERR_LIB_UI,(f),(r),__FILE__,__LINE__)
-#define COMPerr(f,r) ERR_PUT_error(ERR_LIB_COMP,(f),(r),ERR_file_name,__LINE__)
+#define COMPerr(f,r) ERR_PUT_error(ERR_LIB_COMP,(f),(r),__FILE__,__LINE__)
 #define ECDSAerr(f,r)  ERR_PUT_error(ERR_LIB_ECDSA,(f),(r),__FILE__,__LINE__)
 
 /* Borland C seems too stupid to be able to shift and do longs in

crypto/evp/evp.h

@@ -190,7 +190,7 @@ typedef struct evp_pkey_md_st
 			EVP_rsa_octet_string(),EVP_mdc2())
 #define EVP_dsa_sha() \
 		EVP_PKEY_MD_add(NID_dsaWithSHA,\
-			EVP_dsa(),EVP_mdc2())
+			EVP_dsa(),EVP_sha())
 #define EVP_dsa_sha1() \
 		EVP_PKEY_MD_add(NID_dsaWithSHA1,\
 			EVP_dsa(),EVP_sha1())
@@ -543,7 +543,7 @@ int	EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
 
 int	EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek,
 		int *ekl, unsigned char *iv,EVP_PKEY **pubk, int npubk);
-void	EVP_SealFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl);
+int	EVP_SealFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl);
 
 void	EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
 void	EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,

crypto/evp/evp_enc.c

@@ -102,11 +102,13 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
 		goto skip_to_init;
 	if (cipher)
 		{
-		/* Ensure an ENGINE left lying around from last time is cleared
+		/* Ensure a context left lying around from last time is cleared
 		 * (the previous check attempted to avoid this if the same
 		 * ENGINE and EVP_CIPHER could be used). */
-		if(ctx->engine)
-			ENGINE_finish(ctx->engine);
+		EVP_CIPHER_CTX_cleanup(ctx);
+
+		/* Restore encrypt field: it is zeroed by cleanup */
+		ctx->encrypt = enc;
 		if(impl)
 			{
 			if (!ENGINE_init(impl))
@@ -140,6 +142,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
 			}
 		else
 			ctx->engine = NULL;
+
 		ctx->cipher=cipher;
 		ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size);
 		ctx->key_len = cipher->key_len;
@@ -303,7 +306,6 @@ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
 	{
 	int ret;
 	ret = EVP_EncryptFinal_ex(ctx, out, outl);
-	EVP_CIPHER_CTX_cleanup(ctx);
 	return ret;
 	}
 
@@ -314,14 +316,12 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
 	b=ctx->cipher->block_size;
 	if (b == 1)
 		{
-		EVP_CIPHER_CTX_cleanup(ctx);
 		*outl=0;
 		return 1;
 		}
 	bl=ctx->buf_len;
 	if (ctx->flags & EVP_CIPH_NO_PADDING)
 		{
-		EVP_CIPHER_CTX_cleanup(ctx);
 		if(bl)
 			{
 			EVPerr(EVP_F_EVP_ENCRYPTFINAL,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
@@ -336,7 +336,6 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
 		ctx->buf[i]=n;
 	ret=ctx->cipher->do_cipher(ctx,out,ctx->buf,b);
 
-	EVP_CIPHER_CTX_cleanup(ctx);
 
 	if(ret)
 		*outl=b;
@@ -394,7 +393,6 @@ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
 	{
 	int ret;
 	ret = EVP_DecryptFinal_ex(ctx, out, outl);
-	EVP_CIPHER_CTX_cleanup(ctx);
 	return ret;
 	}
 
@@ -407,7 +405,6 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
 	b=ctx->cipher->block_size;
 	if (ctx->flags & EVP_CIPH_NO_PADDING)
 		{
-		EVP_CIPHER_CTX_cleanup(ctx);
 		if(ctx->buf_len)
 			{
 			EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
@@ -420,14 +417,12 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
 		{
 		if (ctx->buf_len || !ctx->final_used)
 			{
-			EVP_CIPHER_CTX_cleanup(ctx);
 			EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_WRONG_FINAL_BLOCK_LENGTH);
 			return(0);
 			}
 		n=ctx->final[b-1];
 		if (n > b)
 			{
-			EVP_CIPHER_CTX_cleanup(ctx);
 			EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
 			return(0);
 			}
@@ -435,7 +430,6 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
 			{
 			if (ctx->final[--b] != n)
 				{
-				EVP_CIPHER_CTX_cleanup(ctx);
 				EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
 				return(0);
 				}
@@ -447,17 +441,21 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
 		}
 	else
 		*outl=0;
-	EVP_CIPHER_CTX_cleanup(ctx);
 	return(1);
 	}
 
 int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
 	{
-	if ((c->cipher != NULL) && (c->cipher->cleanup != NULL))
+	if (c->cipher != NULL)
 		{
-		if(!c->cipher->cleanup(c)) return 0;
+		if(c->cipher->cleanup && !c->cipher->cleanup(c))
+			return 0;
+		/* Zero cipher context data */
+		if (c->cipher_data)
+			memset(c->cipher_data, 0, c->cipher->ctx_size);
 		}
-	OPENSSL_free(c->cipher_data);
+	if (c->cipher_data)
+		OPENSSL_free(c->cipher_data);
 	if (c->engine)
 		/* The EVP_CIPHER we used belongs to an ENGINE, release the
 		 * functional reference we held for this reason. */

crypto/evp/evp_test.c

@@ -209,6 +209,8 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn,
 	exit(9);
 	}
 
+    EVP_CIPHER_CTX_cleanup(&ctx);
+
     printf("\n");
     }
 
@@ -279,6 +281,8 @@ static int test_digest(const char *digest,
 
     printf("\n");
 
+    EVP_MD_CTX_cleanup(&ctx);
+
     return 1;
     }
 

crypto/evp/p_seal.c

@@ -106,8 +106,10 @@ int inl;
 	}
 */
 
-void EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
+int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
 	{
-	EVP_EncryptFinal_ex(ctx,out,outl);
+	int i;
+	i = EVP_EncryptFinal_ex(ctx,out,outl);
 	EVP_EncryptInit_ex(ctx,NULL,NULL,NULL,NULL);
+	return i;
 	}

crypto/objects/obj_dat.h

@@ -62,12 +62,12 @@
  * [including the GNU Public Licence.]
  */
 
-#define NUM_NID 574
-#define NUM_SN 569
-#define NUM_LN 569
-#define NUM_OBJ 543
+#define NUM_NID 575
+#define NUM_SN 570
+#define NUM_LN 570
+#define NUM_OBJ 544
 
-static unsigned char lvalues[4257]={
+static unsigned char lvalues[4260]={
 0x00,                                        /* [  0] OBJ_undef */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,               /* [  1] OBJ_rsadsi */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,          /* [  7] OBJ_pkcs */
@@ -611,6 +611,7 @@ static unsigned char lvalues[4257]={
 0x2B,0x06,0x01,0x07,0x01,0x02,               /* [4236] OBJ_mime_mhs_bodies */
 0x2B,0x06,0x01,0x07,0x01,0x01,0x01,          /* [4242] OBJ_id_hex_partial_message */
 0x2B,0x06,0x01,0x07,0x01,0x01,0x02,          /* [4249] OBJ_id_hex_multipart_message */
+0x55,0x04,0x2C,                              /* [4256] OBJ_generationQualifier */
 };
 
 static ASN1_OBJECT nid_objs[NUM_NID]={
@@ -1465,6 +1466,8 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
 	NID_id_hex_partial_message,7,&(lvalues[4242]),0},
 {"id-hex-multipart-message","id-hex-multipart-message",
 	NID_id_hex_multipart_message,7,&(lvalues[4249]),0},
+{"generationQualifier","generationQualifier",NID_generationQualifier,
+	3,&(lvalues[4256]),0},
 };
 
 static ASN1_OBJECT *sn_objs[NUM_SN]={
@@ -1682,6 +1685,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
 &(nid_objs[453]),/* "friendlyCountry" */
 &(nid_objs[490]),/* "friendlyCountryName" */
 &(nid_objs[156]),/* "friendlyName" */
+&(nid_objs[574]),/* "generationQualifier" */
 &(nid_objs[99]),/* "gn" */
 &(nid_objs[163]),/* "hmacWithSHA1" */
 &(nid_objs[432]),/* "holdInstructionCallIssuer" */
@@ -2246,6 +2250,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
 &(nid_objs[453]),/* "friendlyCountry" */
 &(nid_objs[490]),/* "friendlyCountryName" */
 &(nid_objs[156]),/* "friendlyName" */
+&(nid_objs[574]),/* "generationQualifier" */
 &(nid_objs[99]),/* "givenName" */
 &(nid_objs[163]),/* "hmacWithSHA1" */
 &(nid_objs[486]),/* "homePostalAddress" */
@@ -2617,8 +2622,8 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
 &(nid_objs[434]),/* OBJ_data                         0 9 */
 &(nid_objs[181]),/* OBJ_iso                          1 */
 &(nid_objs[182]),/* OBJ_member_body                  1 2 */
-&(nid_objs[379]),/* OBJ_org                          1 3 */
 &(nid_objs[527]),/* OBJ_identified_organization      1 3 */
+&(nid_objs[379]),/* OBJ_org                          1 3 */
 &(nid_objs[393]),/* OBJ_joint_iso_ccitt              2 */
 &(nid_objs[11]),/* OBJ_X500                         2 5 */
 &(nid_objs[380]),/* OBJ_dod                          1 3 6 */
@@ -2644,6 +2649,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
 &(nid_objs[173]),/* OBJ_name                         2 5 4 41 */
 &(nid_objs[99]),/* OBJ_givenName                    2 5 4 42 */
 &(nid_objs[101]),/* OBJ_initials                     2 5 4 43 */
+&(nid_objs[574]),/* OBJ_generationQualifier          2 5 4 44 */
 &(nid_objs[568]),/* OBJ_x500UniqueIdentifier         2 5 4 45 */
 &(nid_objs[174]),/* OBJ_dnQualifier                  2 5 4 46 */
 &(nid_objs[400]),/* OBJ_role                         2 5 4 72 */

crypto/objects/obj_mac.h

@@ -1897,6 +1897,10 @@
 #define NID_initials		101
 #define OBJ_initials		OBJ_X509,43L
 
+#define LN_generationQualifier		"generationQualifier"
+#define NID_generationQualifier		574
+#define OBJ_generationQualifier		OBJ_X509,44L
+
 #define LN_x500UniqueIdentifier		"x500UniqueIdentifier"
 #define NID_x500UniqueIdentifier		568
 #define OBJ_x500UniqueIdentifier		OBJ_X509,45L

crypto/objects/obj_mac.num

@@ -571,3 +571,4 @@ mime_mhs_headings		570
 mime_mhs_bodies		571
 id_hex_partial_message		572
 id_hex_multipart_message		573
+generationQualifier		574

crypto/objects/objects.txt

@@ -611,6 +611,7 @@ X509 13			: 			: description
 X509 41			: name			: name
 X509 42			: gn			: givenName
 X509 43			: 			: initials
+X509 44			: 			: generationQualifier
 X509 45			: 			: x500UniqueIdentifier
 X509 46			: dnQualifier		: dnQualifier
 X509 72			: role			: role

crypto/pem/pem_info.c

@@ -370,7 +370,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
 		}
 
 	/* if we have a certificate then write it out now */
-	if ((xi->x509 != NULL) || (PEM_write_bio_X509(bp,xi->x509) <= 0))
+	if ((xi->x509 != NULL) && (PEM_write_bio_X509(bp,xi->x509) <= 0))
 		goto err;
 
 	/* we are ignoring anything else that is loaded into the X509_INFO

crypto/pkcs7/pk7_lib.c

@@ -307,9 +307,13 @@ int PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl)
 int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
 	     const EVP_MD *dgst)
 	{
+	int nid;
 	char is_dsa;
-	if (pkey->type == EVP_PKEY_DSA || pkey->type == EVP_PKEY_ECDSA) is_dsa = 1;
-	else is_dsa = 0;
+
+	if (pkey->type == EVP_PKEY_DSA || pkey->type == EVP_PKEY_ECDSA)
+		is_dsa = 1;
+	else
+		is_dsa = 0;
 	/* We now need to add another PKCS7_SIGNER_INFO entry */
 	ASN1_INTEGER_set(p7i->version,1);
 	X509_NAME_set(&p7i->issuer_and_serial->issuer,
@@ -336,16 +340,38 @@ int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
 		goto err;
 	p7i->digest_alg->parameter->type=V_ASN1_NULL;
 
-	p7i->digest_enc_alg->algorithm=OBJ_nid2obj(EVP_PKEY_type(pkey->type));
-
 	if (p7i->digest_enc_alg->parameter != NULL)
 		ASN1_TYPE_free(p7i->digest_enc_alg->parameter);
-	if(is_dsa) p7i->digest_enc_alg->parameter = NULL;
-	else {
+	nid = EVP_PKEY_type(pkey->type);
+	if (nid == EVP_PKEY_RSA)
+		{
+		p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_rsaEncryption);
 		if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new()))
 			goto err;
 		p7i->digest_enc_alg->parameter->type=V_ASN1_NULL;
-	}
+		}
+	else if (nid == EVP_PKEY_DSA)
+		{
+#if 1
+		/* use 'dsaEncryption' OID for compatibility with other software
+		 * (PKCS #7 v1.5 does specify how to handle DSA) ... */
+		p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_dsa);
+#else
+		/* ... although the 'dsaWithSHA1' OID (as required by RFC 2630 for CMS)
+		 * would make more sense. */
+		p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_dsaWithSHA1);
+#endif
+		p7i->digest_enc_alg->parameter = NULL; /* special case for DSA: omit 'parameter'! */
+		}
+	else if (nid == EVP_PKEY_ECDSA)
+		{
+		p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_ecdsa_with_SHA1);
+		if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new()))
+			goto err;
+		p7i->digest_enc_alg->parameter->type=V_ASN1_NULL;
+		}
+	else
+		return(0);
 
 	return(1);
 err:

crypto/ripemd/rmdtest.c

@@ -59,6 +59,7 @@
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
+#include <openssl/ripemd.h>
 
 #ifdef OPENSSL_NO_RIPEMD
 int main(int argc, char *argv[])
@@ -67,7 +68,6 @@ int main(int argc, char *argv[])
     return(0);
 }
 #else
-#include <openssl/ripemd.h>
 #include <openssl/evp.h>
 
 #ifdef CHARSET_EBCDIC

crypto/ui/ui_openssl.c

@@ -465,7 +465,7 @@ static int open_console(UI *ui)
 		tty_out=stderr;
 #endif
 
-#if defined(TTY_get) && !defined(VMS)
+#if defined(TTY_get) && !defined(OPENSSL_SYS_VMS)
 	if (TTY_get(fileno(tty_in),&tty_orig) == -1)
 		{
 #ifdef ENOTTY

doc/apps/ca.pod

@@ -216,7 +216,9 @@ a filename containing a certificate to revoke.
 
 =item B<-subj arg>
 
-supersedes subject name given in the request
+supersedes subject name given in the request.
+The arg must be formatted as I</type0=value0/type1=value1/type2=...>,
+characters may be escaped by \ (backslash), no spaces are skipped.
 
 =item B<-crlexts section>
 

doc/apps/req.pod

@@ -38,6 +38,7 @@ B<openssl> B<req>
 [B<-extensions section>]
 [B<-reqexts section>]
 [B<-utf8>]
+[B<-nameopt>]
 [B<-batch>]
 [B<-verbose>]
 
@@ -168,6 +169,8 @@ the B<OPENSSL_CONF> environment variable.
 
 sets subject name for new request or supersedes the subject name
 when processing a request.
+The arg must be formatted as I</type0=value0/type1=value1/type2=...>,
+characters may be escaped by \ (backslash), no spaces are skipped.
 
 =item B<-x509>
 
@@ -206,6 +209,13 @@ default they are interpreted as ASCII. This means that the field
 values, whether prompted from a terminal or obtained from a
 configuration file, must be valid UTF8 strings.
 
+=item B<-nameopt option>
+
+option which determines how the subject or issuer names are displayed. The
+B<option> argument can be a single option or multiple options separated by
+commas.  Alternatively the B<-nameopt> switch may be used more than once to
+set multiple options. See the L<x509(1)|x509(1)> manual page for details.
+
 =item B<-asn1-kludge>
 
 by default the B<req> command outputs certificate requests containing

doc/apps/x509.pod

@@ -505,6 +505,8 @@ As well as customising the name output format, it is also possible to
 customise the actual fields printed using the B<certopt> options when
 the B<text> option is present. The default behaviour is to print all fields.
 
+=over 4
+
 =item B<compatible>
 
 use the old format. This is equivalent to specifying no output options at all.
@@ -574,10 +576,6 @@ hex dump unsupported extensions.
 the value used by the B<ca> utility, equivalent to B<no_issuer>, B<no_pubkey>, B<no_header>,
 B<no_version>, B<no_sigdump> and B<no_signame>.
 
-
-
-=over 4
-
 =back
 
 =head1 EXAMPLES

doc/crypto/EVP_EncryptInit.pod

@@ -243,7 +243,7 @@ EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for fail
 EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.
 
 EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure.
-EVP_CipherFinal_ex() returns 1 for a decryption failure or 1 for success.
+EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.
 
 EVP_CIPHER_CTX_cleanup() returns 1 for success and 0 for failure.
 

doc/crypto/SSLeay_version.pod

@@ -1,74 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSLeay_version - retrieve version/build information about OpenSSL library
-
-=head1 SYNOPSIS
-
- #include <openssl/crypto.h>
-
- const char *SSLeay_version(int type);
-
-=head1 DESCRIPTION
-
-SSLeay_version() returns a pointer to a constant string describing the
-version of the OpenSSL library or giving information about the library
-build.
-
-The following B<type> values are supported:
-
-=over 4
-
-=item SSLEAY_VERSION
-
-The version of the OpenSSL library including the release date.
-
-=item SSLEAY_CFLAGS
-
-The compiler flags set for the compilation process in the form
-"compiler: ..."  if available or "compiler: information not available"
-otherwise.
-
-=item SSLEAY_BUILT_ON
-
-The date of the build process in the form "built on: ..." if available
-or "built on: date not available" otherwise.
-
-=item SSLEAY_PLATFORM
-
-The "Configure" target of the library build in the form "platform: ..."
-if available or "platform: information not available" otherwise.
-
-=item SSLEAY_DIR
-
-The "OPENSSLDIR" setting of the library build in the form "OPENSSLDIR: "...""
-if available or "OPENSSLDIR: N/A" otherwise.
-
-=back
-
-=head1 RETURN VALUES
-
-The following return values can occur:
-
-=over 4
-
-=item "not available"
-
-An invalid value for B<type> was given.
-
-=item Pointer to constant string
-
-Textual description.
-
-=back
-
-=head1 SEE ALSO
-
-L<crypto(3)|crypto(3)>
-
-=head1 HISTORY
-
-B<SSLEAY_DIR> was added in OpenSSL 0.9.7.
-
-=cut

ms/mingw32.bat

@@ -12,7 +12,8 @@ echo Generating x86 for GNU assember
 
 echo Bignum
 cd crypto\bn\asm
-perl x86.pl gaswin > bn-win32.s
+perl bn-586.pl gaswin > bn-win32.s
+perl co-586.pl gaswin > co-win32.s
 cd ..\..\..
 
 echo DES

shlib/svr5-shared-gcc.sh

@@ -9,7 +9,7 @@ sh_slib=$slib.so.$major.$minor
 clib=libcrypto
 sh_clib=$clib.so.$major.$minor
 
-FLAGS="-O3 -DFILIO_H -fomit-frame-pointer -pthread
+FLAGS="-O3 -DFILIO_H -fomit-frame-pointer -pthread"
 SHFLAGS="-DPIC -fPIC"
 
 touch $sh_clib

ssl/s3_pkt.c

@@ -236,7 +236,8 @@ static int ssl3_get_record(SSL *s)
 	unsigned char md[EVP_MAX_MD_SIZE];
 	short version;
 	unsigned int mac_size;
-	int clear=0,extra;
+	int clear=0;
+	size_t extra;
 
 	rr= &(s->s3->rrec);
 	sess=s->session;
@@ -245,7 +246,7 @@ static int ssl3_get_record(SSL *s)
 		extra=SSL3_RT_MAX_EXTRA;
 	else
 		extra=0;
-	if ((size_t)extra != (s->s3->rbuf.len - SSL3_RT_MAX_PACKET_SIZE))
+	if (extra != s->s3->rbuf.len - SSL3_RT_MAX_PACKET_SIZE)
 		{
 		/* actually likely an application error: SLS_OP_MICROSOFT_BIG_SSLV3_BUFFER
 		 * set after ssl3_setup_buffers() was done */
@@ -295,8 +296,7 @@ again:
 			goto err;
 			}
 
-		if (rr->length > 
-			(unsigned int)SSL3_RT_MAX_ENCRYPTED_LENGTH+extra)
+		if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH+extra)
 			{
 			al=SSL_AD_RECORD_OVERFLOW;
 			SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PACKET_LENGTH_TOO_LONG);
@@ -308,7 +308,7 @@ again:
 
 	/* s->rstate == SSL_ST_READ_BODY, get and decode the data */
 
-	if (rr->length > (s->packet_length-SSL3_RT_HEADER_LENGTH))
+	if (rr->length > s->packet_length-SSL3_RT_HEADER_LENGTH)
 		{
 		/* now s->packet_length == SSL3_RT_HEADER_LENGTH */
 		i=rr->length;
@@ -336,7 +336,7 @@ again:
 	 * rr->length bytes of encrypted compressed stuff. */
 
 	/* check is not needed I believe */
-	if (rr->length > (unsigned int)SSL3_RT_MAX_ENCRYPTED_LENGTH+extra)
+	if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH+extra)
 		{
 		al=SSL_AD_RECORD_OVERFLOW;
 		SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_ENCRYPTED_LENGTH_TOO_LONG);
@@ -405,8 +405,7 @@ printf("\n");
 	/* r->length is now just compressed */
 	if (s->expand != NULL)
 		{
-		if (rr->length > 
-			(unsigned int)SSL3_RT_MAX_COMPRESSED_LENGTH+extra)
+		if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra)
 			{
 			al=SSL_AD_RECORD_OVERFLOW;
 			SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG);
@@ -420,7 +419,7 @@ printf("\n");
 			}
 		}
 
-	if (rr->length > (unsigned int)SSL3_RT_MAX_PLAIN_LENGTH+extra)
+	if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH+extra)
 		{
 		al=SSL_AD_RECORD_OVERFLOW;
 		SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DATA_LENGTH_TOO_LONG);

ssl/ssl.h

@@ -253,7 +253,7 @@ extern "C" {
 #define SSL_TXT_RC4		"RC4"
 #define SSL_TXT_RC2		"RC2"
 #define SSL_TXT_IDEA		"IDEA"
-#define SSL_TXT_AES		"AES"
+#define SSL_TXT_AES		"AESdraft" /* AES ciphersuites are not yet official (thus excluded from 'ALL') */
 #define SSL_TXT_MD5		"MD5"
 #define SSL_TXT_SHA1		"SHA1"
 #define SSL_TXT_SHA		"SHA"
@@ -266,9 +266,10 @@ extern "C" {
 #define SSL_TXT_TLSV1		"TLSv1"
 #define SSL_TXT_ALL		"ALL"
 
-/* 'DEFAULT' at the start of the cipher list insert the following string
- * in addition to this being the default cipher string */
-#define SSL_DEFAULT_CIPHER_LIST	"ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH"
+/* The following cipher list is used by default.
+ * It also is substituted when an application-defined cipher list string
+ * starts with 'DEFAULT'. */
+#define SSL_DEFAULT_CIPHER_LIST	"ALL:!ADH:+RC4:@STRENGTH" /* low priority for RC4 */
 
 /* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
 #define SSL_SENT_SHUTDOWN	1

ssl/ssl_cert.c

@@ -824,7 +824,7 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
 
 err:
 	FindClose(hFind);
-err_noclose:	
+err_noclose:
 	CRYPTO_w_unlock(CRYPTO_LOCK_READDIR);
 	return ret;
 	}

ssl/ssl_ciph.c

@@ -100,8 +100,9 @@ typedef struct cipher_order_st
 	} CIPHER_ORDER;
 
 static const SSL_CIPHER cipher_aliases[]={
-	/* Don't include eNULL unless specifically enabled */
-	{0,SSL_TXT_ALL, 0,SSL_ALL & ~SSL_eNULL, SSL_ALL ,0,0,0,SSL_ALL,SSL_ALL}, /* must be first */
+	/* Don't include eNULL unless specifically enabled.
+	 * Similarly, don't include AES in ALL because these ciphers are not yet official. */
+	{0,SSL_TXT_ALL, 0,SSL_ALL & ~SSL_eNULL & ~SSL_AES, SSL_ALL ,0,0,0,SSL_ALL,SSL_ALL}, /* must be first */
         {0,SSL_TXT_kKRB5,0,SSL_kKRB5,0,0,0,0,SSL_MKEY_MASK,0},  /* VRS Kerberos5 */
 	{0,SSL_TXT_kRSA,0,SSL_kRSA,  0,0,0,0,SSL_MKEY_MASK,0},
 	{0,SSL_TXT_kDHr,0,SSL_kDHr,  0,0,0,0,SSL_MKEY_MASK,0},
@@ -998,10 +999,10 @@ char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len)
 	case SSL_AES:
 		switch(cipher->strength_bits)
 			{
-		case 128: enc="AES(128)"; break;
-		case 192: enc="AES(192)"; break;
-		case 256: enc="AES(256)"; break;
-		default: enc="AES(?""?""?)"; break;
+		case 128: enc="AESdraft(128)"; break;
+		case 192: enc="AESdraft(192)"; break;
+		case 256: enc="AESdraft(256)"; break;
+		default: enc="AESdraft(?""?""?)"; break;
 			}
 		break;
 	default:

ssl/ssltest.c

@@ -991,7 +991,7 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
 			do
 				{
 				size_t num;
-				size_t r;
+				int r;
 
 				r1 = BIO_ctrl_pending(io1);
 				r2 = BIO_ctrl_get_write_guarantee(io2);
@@ -1055,7 +1055,7 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
 					
 					r = BIO_nwrite0(io1, &dataptr);
 					assert(r > 0);
-					if (r < num)
+					if (r < (int)num)
 						num = r;
 					r = BIO_read(io2, dataptr, (int)num);
 					if (r != (int)num) /* can't happen */

ssl/tls1.h

@@ -96,7 +96,7 @@ extern "C" {
 #define TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA	0x03000065
 #define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA		0x03000066
 
-  /* AES ciphersuites from draft ietf-tls-ciphersuite-03.txt */
+  /* AES ciphersuites from draft-ietf-tls-ciphersuite-06.txt */
 
 #define TLS1_CK_RSA_WITH_AES_128_SHA			0x0300002F
 #define TLS1_CK_DH_DSS_WITH_AES_128_SHA			0x03000030
@@ -127,19 +127,19 @@ extern "C" {
 #define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA	"EXP1024-DHE-DSS-RC4-SHA"
 #define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA		"DHE-DSS-RC4-SHA"
   /* AES ciphersuites from draft ietf-tls-ciphersuite-03.txt */
-#define TLS1_TXT_RSA_WITH_AES_128_SHA			"AES128-SHA"
-#define TLS1_TXT_DH_DSS_WITH_AES_128_SHA		"DH-DSS-AES128-SHA"
-#define TLS1_TXT_DH_RSA_WITH_AES_128_SHA		"DH-RSA-AES128-SHA"
-#define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA		"DHE-DSS-AES128-SHA"
-#define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA		"DHE-RSA-AES128-SHA"
-#define TLS1_TXT_ADH_WITH_AES_128_SHA			"ADH-AES128-SHA"
+#define TLS1_TXT_RSA_WITH_AES_128_SHA			"AESdraft128-SHA"
+#define TLS1_TXT_DH_DSS_WITH_AES_128_SHA		"DH-DSS-AESdraft128-SHA"
+#define TLS1_TXT_DH_RSA_WITH_AES_128_SHA		"DH-RSA-AESdraft128-SHA"
+#define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA		"DHE-DSS-AESdraft128-SHA"
+#define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA		"DHE-RSA-AESdraft128-SHA"
+#define TLS1_TXT_ADH_WITH_AES_128_SHA			"ADH-AESdraft128-SHA"
 
-#define TLS1_TXT_RSA_WITH_AES_256_SHA			"AES256-SHA"
-#define TLS1_TXT_DH_DSS_WITH_AES_256_SHA		"DH-DSS-AES256-SHA"
-#define TLS1_TXT_DH_RSA_WITH_AES_256_SHA		"DH-RSA-AES256-SHA"
-#define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA		"DHE-DSS-AES256-SHA"
-#define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA		"DHE-RSA-AES256-SHA"
-#define TLS1_TXT_ADH_WITH_AES_256_SHA			"ADH-AES256-SHA"
+#define TLS1_TXT_RSA_WITH_AES_256_SHA			"AESdraft256-SHA"
+#define TLS1_TXT_DH_DSS_WITH_AES_256_SHA		"DH-DSS-AESdraft256-SHA"
+#define TLS1_TXT_DH_RSA_WITH_AES_256_SHA		"DH-RSA-AESdraft256-SHA"
+#define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA		"DHE-DSS-AESdraft256-SHA"
+#define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA		"DHE-RSA-AESdraft256-SHA"
+#define TLS1_TXT_ADH_WITH_AES_256_SHA			"ADH-AESdraft256-SHA"
 
 
 #define TLS_CT_RSA_SIGN			1

util/pl/Mingw32.pl

@@ -25,6 +25,8 @@ if ($gaswin and !$no_asm)
 	{
         $bn_asm_obj='$(OBJ_D)/bn-win32.o';
         $bn_asm_src='crypto/bn/asm/bn-win32.s';
+        $bnco_asm_obj='$(OBJ_D)/co-win32.o';
+        $bnco_asm_src='crypto/bn/asm/co-win32.s';
         $des_enc_obj='$(OBJ_D)/d-win32.o $(OBJ_D)/y-win32.o';
         $des_enc_src='crypto/des/asm/d-win32.s crypto/des/asm/y-win32.s';
         $bf_enc_obj='$(OBJ_D)/b-win32.o';
@@ -66,12 +68,12 @@ $lfile='';
 
 $asm='as';
 $afile='-o ';
-$bn_asm_obj="";
-$bn_asm_src="";
-$des_enc_obj="";
-$des_enc_src="";
-$bf_enc_obj="";
-$bf_enc_src="";
+#$bn_asm_obj="";
+#$bn_asm_src="";
+#$des_enc_obj="";
+#$des_enc_src="";
+#$bf_enc_obj="";
+#$bf_enc_src="";
 
 sub do_lib_rule
 	{