Change version string to reflect the release of beta 2.

Also, on Alpha, vms.mar is no longer used (it produced a lot of
confusing messages) for BN.  Instead, the assembler part of bn_lcl.h
is used.

.cvsignore

@@ -5,3 +5,7 @@ tmp
 out
 outinc
 rehash.time
+testlog
+make.log
+cctest
+cctest.c

CHANGES

@@ -4,6 +4,47 @@
 
  Changes between 0.9.4 and 0.9.5  [xx XXX 2000]
 
+  *) BN_mul bugfix: In bn_mul_part_recursion() only the a>a[n] && b>b[n]
+     case was implemented. This caused BN_div_recp() to fail occasionally.
+     [Ulf M<>ller]
+
+  *) Add an optional second argument to the set_label() in the perl
+     assembly language builder. If this argument exists and is set
+     to 1 it signals that the assembler should use a symbol whose 
+     scope is the entire file, not just the current function. This
+     is needed with MASM which uses the format label:: for this scope.
+     [Steve Henson, pointed out by Peter Runestig <peter@runestig.com>]
+
+  *) Change the ASN1 types so they are typedefs by default. Before
+     almost all types were #define'd to ASN1_STRING which was causing
+     STACK_OF() problems: you couldn't declare STACK_OF(ASN1_UTF8STRING)
+     for example.
+     [Steve Henson]
+
+  *) Change names of new functions to the new get1/get0 naming
+     convention: After 'get1', the caller owns a reference count
+     and has to call ..._free; 'get0' returns a pointer to some
+     data structure without incrementing reference counters.
+     (Some of the existing 'get' functions increment a reference
+     counter, some don't.)
+     Similarly, 'set1' and 'add1' functions increase reference
+     counters or duplicate objects.
+     [Steve Henson]
+
+  *) Allow for the possibility of temp RSA key generation failure:
+     the code used to assume it always worked and crashed on failure.
+     [Steve Henson]
+
+  *) Fix potential buffer overrun problem in BIO_printf().
+     [Ulf M<>ller, using public domain code by Patrick Powell; problem
+      pointed out by David Sacerdote <das33@cornell.edu>]
+
+  *) Support EGD <http://www.lothar.com/tech/crypto/>.  New functions
+     RAND_egd() and RAND_status().  In the command line application,
+     the EGD socket can be specified like a seed file using RANDFILE
+     or -rand.
+     [Ulf M<>ller]
+
   *) Allow the string CERTIFICATE to be tolerated in PKCS#7 structures.
      Some CAs (e.g. Verisign) distribute certificates in this form.
      [Steve Henson]
@@ -288,7 +329,8 @@
   *) Rewrite ssl3_read_n (ssl/s3_pkt.c) avoiding a couple of bugs.
      [Bodo Moeller]
 
-  *) New function X509_CTX_rget_chain(), this returns the chain
+  *) New function X509_CTX_rget_chain() (renamed to X509_CTX_get1_chain
+     in the 0.9.5 release), this returns the chain
      from an X509_CTX structure with a dup of the stack and all
      the X509 reference counts upped: so the stack will exist
      after X509_CTX_cleanup() has been called. Modify pkcs12.c
@@ -624,10 +666,12 @@
      it clearly returns an error if you try to read the wrong kind of key.
 
      Added a -pubkey option to the 'x509' utility to output the public key.
-     Also rename the EVP_PKEY_get_*() to EVP_PKEY_rget_*() and add
-     EVP_PKEY_rset_*() functions that do the same as the EVP_PKEY_assign_*()
-     except they up the reference count of the added key (they don't "swallow"
-     the supplied key).
+     Also rename the EVP_PKEY_get_*() to EVP_PKEY_rget_*()
+     (renamed to EVP_PKEY_get1_*() in the OpenSSL 0.9.5 release) and add
+     EVP_PKEY_rset_*() functions (renamed to EVP_PKEY_set1_*())
+     that do the same as the EVP_PKEY_assign_*() except they up the
+     reference count of the added key (they don't "swallow" the
+     supplied key).
      [Steve Henson]
 
   *) Fixes to crypto/x509/by_file.c the code to read in certificates and

Configure

@@ -102,7 +102,7 @@ my %table=(
 "debug-ben-strict",	"gcc:-DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown):::::",
 "debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown)::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
 "debug-bodo",	"gcc:-DBIO_PAIR_DEBUG -DL_ENDIAN -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -m486 -pedantic -Wshadow -Wall::-D_REENTRANT::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
-"debug-ulf",	"gcc:-DL_ENDIAN -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::$x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+"debug-ulf",	"gcc:-DL_ENDIAN -DREF_CHECK -DBN_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::$x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
 "debug-steve",	"gcc:-DL_ENDIAN -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -O2 -m486 -pedantic -Wall -Werror -Wshadow -pipe::-D_REENTRANT::$x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
 "debug-levitte-linux-elf","gcc:-DRL_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe::-D_REENTRANT:::",
 "dist",		"cc:-O::(unknown):::::",
@@ -270,7 +270,7 @@ my %table=(
 "debug-linux-elf","gcc:-DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT:-lefence:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
 "linux-aout",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::(unknown)::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
 "linux-mips",   "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown)::BN_LLONG:::",
-"linux-ppc",    "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown)::::",
+"linux-ppc",    "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG::",
 "NetBSD-sparc",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
 "NetBSD-m68",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
 "NetBSD-x86",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown)::BN_LLONG $x86_gcc_des $x86_gcc_opts:",
@@ -287,6 +287,9 @@ my %table=(
 "unixware-2.0","cc:-O -DFILIO_H::(unknown):-lsocket -lnsl:$x86_gcc_des ${x86_gcc_opts}:::",
 "unixware-2.0-pentium","cc:-O -DFILIO_H -Kpentium -Kthread::(unknown):-lsocket -lnsl:MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
 
+# UnixWare 7
+"unixware-7","cc:-O -DFILIO_H -Kalloca::-Kthread:-lsocket -lnsl:MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
+
 # IBM's AIX.
 "aix-cc",   "cc:-O -DAIX -DB_ENDIAN::(unknown)::BN_LLONG RC4_CHAR:::",
 "aix-gcc",  "gcc:-O3 -DAIX -DB_ENDIAN::(unknown)::BN_LLONG RC4_CHAR:::",
@@ -554,14 +557,14 @@ else
 	{
 	$thread_cflags="-DTHREADS $thread_cflag $cflags";
 	$thread_defines .= "#define THREADS\n";
-	my $def;
-	foreach $def (split ' ',$thread_cflag)
-		{
-		if ($def =~ s/^-D// && $def !~ /^_/)
-			{
-			$thread_defines .= "#define $def\n";
-			}
-		}
+#	my $def;
+#	foreach $def (split ' ',$thread_cflag)
+#		{
+#		if ($def =~ s/^-D// && $def !~ /^_/)
+#			{
+#			$thread_defines .= "#define $def\n";
+#			}
+#		}
 	}	
 
 $lflags="$libs$lflags"if ($libs ne "");

FAQ

@@ -44,8 +44,11 @@ might want to read Ariel Glenn's documentation on SSLeay 0.9, OpenSSL's
 predecessor, at <URL: http://www.columbia.edu/~ariel/ssleay/>.  Much
 of this still applies to OpenSSL.
 
+There is some documentation about certificate extensions and PKCS#12
+in doc/openssl.txt
+
 The original SSLeay documentation is included in OpenSSL as
-doc/ssleay.txt.  It may be useful when none of the other ressources
+doc/ssleay.txt.  It may be useful when none of the other resources
 help, but please note that it reflects the obsolete version SSLeay
 0.6.6.
 
@@ -103,7 +106,7 @@ perform potentially insecure encryption.
 
 * Why does the linker complain about undefined symbols?
 
-Maybe the compilation was interruped, and make doesn't notice that
+Maybe the compilation was interrupted, and make doesn't notice that
 something is missing.  Run "make clean; make".
 
 If you used ./Configure instead of ./config, make sure that you

INSTALL

@@ -77,8 +77,9 @@
 
      This guesses at your operating system (and compiler, if necessary) and
      configures OpenSSL based on this guess. Run ./config -t to see
-     if it guessed correctly. If it did not get it correct or you want to
-     use a different compiler then go to step 1b. Otherwise go to step 2.
+     if it guessed correctly. If you want to use a different compiler, you
+     are cross-compiling for another platform, or the ./config guess was
+     wrong for other reasons, go to step 1b. Otherwise go to step 2.
 
      On some systems, you can include debugging information as follows:
 
@@ -101,7 +102,8 @@
 
      If your system is not available, you will have to edit the Configure
      program and add the correct configuration for your system. The
-     generic configurations "cc" or "gcc" should usually work.
+     generic configurations "cc" or "gcc" should usually work on 32 bit
+     systems.
 
      Configure creates the file Makefile.ssl from Makefile.org and
      defines various macros in crypto/opensslconf.h (generated from
@@ -117,8 +119,7 @@
 
      If "make" fails, please report the problem to <openssl-bugs@openssl.org>
      (note that your message will be forwarded to a public mailing list).
-     Include the output of "./config -t" and the OpenSSL version
-     number in your message.
+     Include the output of "make report" in your message.
 
      [If you encounter assembler error messages, try the "no-asm"
      configuration option as an immediate fix.]
@@ -133,7 +134,7 @@
     If a test fails, try removing any compiler optimization flags from
     the CFLAGS line in Makefile.ssl and run "make clean; make". Please
     send a bug report to <openssl-bugs@openssl.org>, including the
-    output of "openssl version -a" and of the failed test.
+    output of "make report".
 
   4. If everything tests ok, install OpenSSL with
 

INSTALL.VMS

@@ -16,6 +16,7 @@ This file is divided in the following parts:
 				  may go wrong or may surprise you.
   Report			- How to get in touch with me.
 
+
 Compilation:
 ============
 
@@ -35,26 +36,28 @@ directory.  The syntax is trhe following:
 <option> must be one of the following:
 
       ALL       Just build "everything".
-      DATE      Just build the "[.INCLUDE]DATE.H" file.
+      CONFIG    Just build the "[.CRYPTO]OPENSSLCONF.H" file.
+      BUILDINF  Just build the "[.INCLUDE]BUILDINF.H" file.
       SOFTLINKS Just copies some files, to simulate Unix soft links.
+      BUILDALL  Same as ALL, except CONFIG, BUILDINF and SOFTILNKS aren't done.
       RSAREF    Just build the "[.xxx.EXE.RSAREF]LIBRSAGLUE.OLB" library.
       CRYPTO    Just build the "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" library.
       SSL       Just build the "[.xxx.EXE.SSL]LIBSSL.OLB" library.
       SSL_TASK  Just build the "[.xxx.EXE.SSL]SSL_TASK.EXE" program.
-      TEST      Just build the "test" programs for OpenSSL.
-      APPS      Just build the "application" programs for OpenSSL.
+      TEST      Just build the "[.xxx.EXE.TEST]" test programs for OpenSSL.
+      APPS      Just build the "[.xxx.EXE.APPS]" application programs for OpenSSL.
 
 <rsaref-p> must be one of the following:
 
       RSAREF    compile using the RSAREF Library
       NORSAREF  compile without using RSAREF
 
-Note: The RSAREF libraries are NOT INCLUDED and you have to
-      download it from "ftp://ftp.rsa.com/rsaref".  You have to
-      get the ".tar-Z" file as the ".zip" file doesn't have the
-      directory structure stored.  You have to extract the file
-      into the [.RSAREF] directory as that is where the scripts
-      will look for the files.
+Note 1: The RSAREF libraries are NOT INCLUDED and you have to
+        download it from "ftp://ftp.rsa.com/rsaref".  You have to
+        get the ".tar-Z" file as the ".zip" file doesn't have the
+        directory structure stored.  You have to extract the file
+        into the [.RSAREF] directory as that is where the scripts
+        will look for the files.
 
 Note 2: I have never done this, so I've no idea if it works or not.
 
@@ -65,7 +68,6 @@ Note 2: I have never done this, so I've no idea if it works or not.
 
 <compiler> must be one of the following:
 
-      VAXC      For VAX C.
       DECC      For DEC C.
       GNUC      For GNU C.
 
@@ -77,15 +79,33 @@ named LIBSSL.OLB, and you will find a bunch of useful programs in
 just to test them.  For production use, make sure you install first, see
 Installation below.
 
-Note: Some programs in this package require a TCP/IP library.
+Note 1: Some programs in this package require a TCP/IP library.
 
 Note 2: if you want to compile the crypto library only, please make sure
-        you have at least done a @MAKEVMS DATE and a @MAKEVMS SOFTLINKS.
-        A lot of things will break if you don't.
+        you have at least done a @MAKEVMS CONFIG, a @MAKEVMS BUILDINF and
+        a @MAKEVMS SOFTLINKS.  A lot of things will break if you don't.
+
+
+Logical names:
+==============
+
+There are a few things that can't currently be given through the command
+line.  Instead, logical names are used.
+
+Currently, the logical names supported are:
+
+      OPENSSL_NO_ASM    with value YES, the assembler parts of OpenSSL will
+                        not be used.  Instead, plain C implementations are
+                        used.  This is good to try if something doesn't work.
+      OPENSSL_NO_'alg'  with value YES, the corresponding crypto algorithm
+                        will not be implemented.  Supported algorithms to
+                        do this with are: RSA, DSA, DH, MD2, MD5, RIPEMD,
+                        SHA, DES, MDC2, CR2, RC4, RC5, IDEA, BF, CAST, HMAC,
+                        SSL2.  So, for example, having the logical name
+                        OPENSSL_NO_RSA with the value YES means that the
+                        LIBCRYPTO.OLB library will not contain an RSA
+                        implementation.
 
-Note 3: Alpha users will get a number of informational messages when
-        compiling the [.asm]vms.mar file in the BN (bignum) part of
-        the crypto library.  These can be safely ignored.
 
 Test:
 =====
@@ -99,6 +119,7 @@ it's an ugly hack!) and rebuild. Please send a bug report to
 <openssl-bugs@openssl.org>, including the output of "openssl version -a"
 and of the failed test.
 
+
 Installation:
 =============
 
@@ -158,6 +179,7 @@ The logical names that are set up are the following:
 		(the NOTE in section 4 of "Installation in Detail").
 		You don't need to "deleting old header files"!!!
 
+
 Backward portability:
 =====================
 
@@ -212,19 +234,6 @@ directory by default, it may very well be that you have to give them
 extra arguments.  Please experiment.
 
 
-Report:
-=======
-
-I maintain a few mailinglists for bug reports and such on software that
-I develop/port/enhance/destroy.  Please look at http://www.free.lp.se/
-for further info.
-
-
--- 
-Richard Levitte <richard@levitte.org>
-1999-03-09
-
-
 TODO:
 =====
 
@@ -242,4 +251,4 @@ have any ideas.
 
 --
 Richard Levitte <richard@levitte.org>
-1999-05-24
+2000-02-27

INSTALL.W32

@@ -21,10 +21,12 @@
   * Microsoft MASM (aka "ml")
   * Free Netwide Assembler NASM.
 
- MASM was I believe distributed in the past with VC++ and it is also part of
- the MSDN SDKs. It is no longer distributed as part of VC++ and can be hard
- to get hold of. It can be purchased: see Microsoft's site for details at:
- http://www.microsoft.com/
+ MASM was at one point distributed with VC++. It is now distributed with some
+ Microsoft DDKs, for example the Windows NT 4.0 DDK and the Windows 98 DDK. If
+ you do not have either of these DDKs then you can just download the binaries
+ for the Windows 98 DDK and extract and rename the two files XXXXXml.exe and
+ XXXXXml.err, to ml.exe and ml.err and install somewhere on your PATH. Both
+ DDKs can be downloaded from the Microsoft developers site www.msdn.com.
 
  NASM is freely available. Version 0.98 was used during testing: other versions
  may also work. It is available from many places, see for example:
@@ -59,7 +61,7 @@
    > ms\do_ms
 
  If you get errors about things not having numbers assigned then check the
- troubleshooting section: you probably wont be able to compile it as it
+ troubleshooting section: you probably won't be able to compile it as it
  stands.
 
  Then from the VC++ environment at a prompt do:
@@ -145,12 +147,16 @@
  assigned in the CVS tree: so anything linked against this version of the
  library may need to be recompiled.
 
- If you get errors about unresolved externals then this means that either you
- didn't read the note above about functions not having numbers assigned or
- someone forgot to add a function to the header file.
+ If you get errors about unresolved symbols there are several possible
+ causes.
 
- In this latter case check out the header file to see if the function is
- defined in the header file.
+ If this happens when the DLL is being linked and you have disabled some
+ ciphers then it is possible the DEF file generator hasn't removed all
+ the disabled symbols: the easiest solution is to edit the DEF files manually
+ to delete them. The DEF files are ms\libeay32.def ms\ssleay32.def.
+
+ Another cause is if you missed or ignored the errors about missing numbers
+ mentioned above.
 
  If you get warnings in the code then the compilation will halt.
 

Makefile.org

@@ -219,7 +219,7 @@ libclean:
 	rm -f *.a */lib */*/lib
 
 clean:
-	rm -f shlib/*.o *.o core a.out fluff *.map rehash.time
+	rm -f shlib/*.o *.o core a.out fluff *.map rehash.time testlog make.log cctest cctest.c
 	@for i in $(DIRS) ;\
 	do \
 	(cd $$i && echo "making clean in $$i..." && \

NEWS

@@ -35,8 +35,9 @@
       o Memory leak detection now allows applications to add extra information
         via a per-thread stack
       o PRNG robustness improved
+      o EGD support
       o BIGNUM library bug fixes
-      o faster DSA parameter generation
+      o Faster DSA parameter generation
       o Enhanced support for Alpha Linux
       o Experimental MacOS support
 

STATUS

@@ -1,11 +1,20 @@
 
   OpenSSL STATUS                           Last modified at
-  ______________                           $Date: 2000/02/14 16:58:40 $
+  ______________                           $Date: 2000/02/27 01:15:18 $
 
   DEVELOPMENT STATE
 
     o  OpenSSL 0.9.5:  Under development...
-                       Proposed freeze  time: Monday, February 21st 2000
+                       0.9.5-beta1 is available.
+                         Debian GNU/Linux 2.1 - test passed
+                         Mingw32 egcs 1.1.2   - test passed
+                         FreeBSD 3.0-RELEASE  - test passed
+                         FreeBSD 3.2-RELEASE  - test passed
+                         solaris-sparcv9-cc   - test passed
+                         solaris-sparcv9-gcc  - test passed
+                         hpux-parisc-gcc      - test passed
+                         AIX 4.3 (aix-cc)     - test passed
+                         VC++                 - test passed
                        Proposed release time: Monday, February 28th 2000
     o  OpenSSL 0.9.4:  Released on August   09th, 1999
     o  OpenSSL 0.9.3a: Released on May      29th, 1999
@@ -18,8 +27,6 @@
   AVAILABLE PATCHES
 
     o shared libraries <behnke@trustcenter.de>
-    o getenv in ca.c and x509_def.c (jaltman@watsun.cc.columbia.edu)
-    o SMIME tool (demo), Sampo Kellomaki <sampo@iki.fi>
     o CA.pl patch (Damien Miller)
     o FreeBSD 3.0 changes (Richard Levitte)
 
@@ -32,38 +39,9 @@
         Various X509 issues: character sets, certificate request extensions.
 	Documentation for the openssl utility.
 
-    o Mark is currently working on:
-        Folding in any changes that are in the C2Net code base that were
-        not in the original SSLeay-0.9.1.b release.  Plus other minor
-        tidying.
-
-    o Ralf is currently working on:
-        1. Support for SSL_set_default_verify_paths(),
-           SSL_load_verify_locations(), SSL_get_cert_store() and
-           SSL_set_cert_store() functions which work like their existing
-           SSL_CTX_xxx() variants but on a per connection basis. That's needed
-           to let us provide full-featured per-URL client verification in
-           mod_ssl or Apache-SSL.
-           => It still dumps core, so I suspend this and investigate
-              again for OpenSSL 0.9.3.
-        2. The perl/ stuff to make it really work the first time ;-)
-           => I'll investigate a few more hours for OpenSSL 0.9.2
-        3. The new documentation set in POD format under doc/
-           => I'll investigate a few more hours for OpenSSL 0.9.2
-        4. More cleanups to get rid of obsolete/old/ugly files in the
-           source tree which are not really needed.
-           => Done all which were possible with my personal knowledge
-
-    o Ben is currently working on:
-	1. Function Prototype Thought Police issues.
-	2. Integrated documentation.
-	3. New TLS Ciphersuites.
-	4. Anything else that takes his fancy.
-
   NEEDS PATCH
 
-    o  salzr@certco.com (Rich Salz): Bug in X509_name_print
-       <29E0A6D39ABED111A36000A0C99609CA2C2BA4@macertco-srv1.ma.certco.com>
+    o  non-blocking socket on AIX
     o  $(PERL) in */Makefile.ssl
     o  "Sign the certificate?" - "n" creates empty certificate file
 
@@ -122,8 +100,6 @@
       use a key length decided by the size of the RSA encrypted key and expect
       RC2 to adapt).
 
-    o Properly initialize the PRNG in the absence of /dev/random.
-
     o ERR_error_string(..., buf) does not know how large buf is,
       there should be ERR_error_string_n(..., buf, bufsize)
       or similar.

TABLE

@@ -801,7 +801,7 @@ $rc5_obj      = asm/r586-elf.o
 
 *** debug-ulf
 $cc           = gcc
-$cflags       = -DL_ENDIAN -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe
+$cflags       = -DL_ENDIAN -DREF_CHECK -DBN_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $lflags       = 
@@ -1313,9 +1313,9 @@ $rc5_obj      =
 $cc           = gcc
 $cflags       = -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
 $unistd       = 
-$thread_cflag = (unknown)
+$thread_cflag = -D_REENTRANT
 $lflags       = 
-$bn_ops       = 
+$bn_ops       = BN_LLONG
 $bn_obj       = 
 $des_obj      = 
 $bf_obj       = 
@@ -1750,3 +1750,20 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+
+*** unixware-7
+$cc           = cc
+$cflags       = -O -DFILIO_H -Kalloca
+$unistd       = 
+$thread_cflag = -Kthread
+$lflags       = -lsocket -lnsl
+$bn_ops       = MD2_CHAR RC4_INDEX DES_PTR DES_RISC1 DES_UNROLL
+$bn_obj       = 
+$des_obj      = 
+$bf_obj       = 
+$md5_obj      = 
+$sha1_obj     = 
+$cast_obj     = 
+$rc4_obj      = 
+$rmd160_obj   = 
+$rc5_obj      = 

VMS/vms_idhacks.h

@@ -143,6 +143,27 @@
 #define sk_ACCESS_DESCRIPTION_pop		sk_ACC_DESC_pop
 #define sk_ACCESS_DESCRIPTION_sort		sk_ACC_DESC_sort
 
+/* Hack the names created with DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS) */
+#define sk_CRYPTO_EX_DATA_FUNCS_new		sk_CRYPT_EX_DATFNS_new
+#define sk_CRYPTO_EX_DATA_FUNCS_new_null	sk_CRYPT_EX_DATFNS_new_null
+#define sk_CRYPTO_EX_DATA_FUNCS_free		sk_CRYPT_EX_DATFNS_free
+#define sk_CRYPTO_EX_DATA_FUNCS_num		sk_CRYPT_EX_DATFNS_num
+#define sk_CRYPTO_EX_DATA_FUNCS_value		sk_CRYPT_EX_DATFNS_value
+#define sk_CRYPTO_EX_DATA_FUNCS_set		sk_CRYPT_EX_DATFNS_set
+#define sk_CRYPTO_EX_DATA_FUNCS_zero		sk_CRYPT_EX_DATFNS_zero
+#define sk_CRYPTO_EX_DATA_FUNCS_push		sk_CRYPT_EX_DATFNS_push
+#define sk_CRYPTO_EX_DATA_FUNCS_unshift		sk_CRYPT_EX_DATFNS_unshift
+#define sk_CRYPTO_EX_DATA_FUNCS_find		sk_CRYPT_EX_DATFNS_find
+#define sk_CRYPTO_EX_DATA_FUNCS_delete		sk_CRYPT_EX_DATFNS_delete
+#define sk_CRYPTO_EX_DATA_FUNCS_delete_ptr	sk_CRYPT_EX_DATFNS_delete_ptr
+#define sk_CRYPTO_EX_DATA_FUNCS_insert		sk_CRYPT_EX_DATFNS_insert
+#define sk_CRYPTO_EX_DATA_FUNCS_set_cmp_func	sk_CRYPT_EX_DATFNS_set_cmp_func
+#define sk_CRYPTO_EX_DATA_FUNCS_dup		sk_CRYPT_EX_DATFNS_dup
+#define sk_CRYPTO_EX_DATA_FUNCS_pop_free	sk_CRYPT_EX_DATFNS_pop_free
+#define sk_CRYPTO_EX_DATA_FUNCS_shift		sk_CRYPT_EX_DATFNS_shift
+#define sk_CRYPTO_EX_DATA_FUNCS_pop		sk_CRYPT_EX_DATFNS_pop
+#define sk_CRYPTO_EX_DATA_FUNCS_sort		sk_CRYPT_EX_DATFNS_sort
+
 /* Hack the names created with DECLARE_ASN1_SET_OF(PKCS7_SIGNER_INFO) */
 #define i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO	i2d_ASN1_SET_OF_PKCS7_SIGINF
 #define d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO	d2i_ASN1_SET_OF_PKCS7_SIGINF

apps/app_rand.c

@@ -115,6 +115,7 @@
 
 
 static int seeded = 0;
+static int egdsocket = 0;
 
 int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn)
 	{
@@ -130,12 +131,19 @@ int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn)
 
 	if (file == NULL)
 		file = RAND_file_name(buffer, sizeof buffer);
+	else if (RAND_egd(file) > 0)
+		{
+		/* we try if the given filename is an EGD socket.
+		   if it is, we don't write anything back to the file. */
+		egdsocket = 1;
+		return 1;
+		}
 	if (file == NULL || !RAND_load_file(file, -1))
 		{
-		if (!dont_warn)
+		if (RAND_status() == 0 && !dont_warn)
 			{
 			BIO_printf(bio_e,"unable to load 'random state'\n");
-			BIO_printf(bio_e,"What this means is that the random number generator has not been seeded\n");
+			BIO_printf(bio_e,"This means that the random number generator has not been seeded\n");
 			BIO_printf(bio_e,"with much random data.\n");
 			if (consider_randfile) /* explanation does not apply when a file is explicitly named */
 				{
@@ -154,7 +162,8 @@ long app_RAND_load_files(char *name)
 	char *p,*n;
 	int last;
 	long tot=0;
-
+    int egd;
+	
 	for (;;)
 		{
 		last=0;
@@ -165,6 +174,8 @@ long app_RAND_load_files(char *name)
 		name=p+1;
 		if (*n == '\0') break;
 
+        egd=RAND_egd(n);
+		if (egd > 0) tot+=egd;
 		tot+=RAND_load_file(n,1024L*1024L);
 		if (last) break;
 		}
@@ -177,7 +188,7 @@ int app_RAND_write_file(const char *file, BIO *bio_e)
 	{
 	char buffer[200];
 	
-	if (!seeded)
+	if (egdsocket || !seeded)
 		/* If we did not manage to read the seed file,
 		 * we should not write a low-entropy seed file back --
 		 * it would suppress a crucial warning the next time

apps/ca.c

@@ -603,7 +603,6 @@ bad:
 			perror(outdir);
 			goto err;
 			}
-#endif
 
 		if (stat(outdir,&sb) != 0)
 			{
@@ -618,6 +617,7 @@ bad:
 			perror(outdir);
 			goto err;
 			}
+#endif
 #endif
 		}
 

apps/makeapps.com

@@ -152,15 +152,14 @@ $ GOSUB CHECK_OPT_FILE
 $!
 $! Define The Application Files.
 $!
-$ LIB_FILES = "VERIFY;ASN1PARS;REQ;DGST;DH;DHPARAM;ENC;GENDH;ERRSTR;"+-
+$ LIB_FILES = "VERIFY;ASN1PARS;REQ;DGST;DH;DHPARAM;ENC;PASSWD;GENDH;ERRSTR;"+-
 	      "CA;PKCS7;CRL2P7;CRL;"+-
 	      "RSA;DSA;DSAPARAM;"+-
 	      "X509;GENRSA;GENDSA;S_SERVER;S_CLIENT;SPEED;"+-
 	      "S_TIME;APPS;S_CB;S_SOCKET;APP_RAND;VERSION;SESS_ID;"+-
 	      "CIPHERS;NSEQ;PKCS12;PKCS8;SPKAC;SMIME"
-$ APP_FILES := OPENSSL,'OBJ_DIR'VERIFY.OBJ,ASN1PARS.OBJ,REQ.OBJ,DGST.OBJ,DH.OBJ,ENC.OBJ,GENDH.OBJ,-
-	       ERRSTR.OBJ,CA.OBJ,-
-	       PKCS7.OBJ,CRL2P7.OBJ,CRL.OBJ,-
+$ APP_FILES := OPENSSL,'OBJ_DIR'VERIFY.OBJ,ASN1PARS.OBJ,REQ.OBJ,DGST.OBJ,DH.OBJ,DHPARAM.OBJ,ENC.OBJ,PASSWD.OBJ,GENDH.OBJ,ERRSTR.OBJ,-
+	       CA.OBJ,PKCS7.OBJ,CRL2P7.OBJ,CRL.OBJ,-
 	       RSA.OBJ,DSA.OBJ,DSAPARAM.OBJ,-
 	       X509.OBJ,GENRSA.OBJ,GENDSA.OBJ,S_SERVER.OBJ,S_CLIENT.OBJ,SPEED.OBJ,-
 	       S_TIME.OBJ,APPS.OBJ,S_CB.OBJ,S_SOCKET.OBJ,APP_RAND.OBJ,VERSION.OBJ,SESS_ID.OBJ,-
@@ -807,12 +806,36 @@ $!
 $! Set Up Initial CC Definitions, Possibly With User Ones
 $!
 $ CCDEFS = "VMS=1,MONOLITH"
+$ IF F$TRNLNM("OPENSSL_NO_ASM") THEN CCDEFS = CCDEFS + ",NO_ASM"
+$ IF F$TRNLNM("OPENSSL_NO_RSA") THEN CCDEFS = CCDEFS + ",NO_RSA"
+$ IF F$TRNLNM("OPENSSL_NO_DSA") THEN CCDEFS = CCDEFS + ",NO_DSA"
+$ IF F$TRNLNM("OPENSSL_NO_DH") THEN CCDEFS = CCDEFS + ",NO_DH"
+$ IF F$TRNLNM("OPENSSL_NO_MD2") THEN CCDEFS = CCDEFS + ",NO_MD2"
+$ IF F$TRNLNM("OPENSSL_NO_MD5") THEN CCDEFS = CCDEFS + ",NO_MD5"
+$ IF F$TRNLNM("OPENSSL_NO_RIPEMD") THEN CCDEFS = CCDEFS + ",NO_RIPEMD"
+$ IF F$TRNLNM("OPENSSL_NO_SHA") THEN CCDEFS = CCDEFS + ",NO_SHA"
+$ IF F$TRNLNM("OPENSSL_NO_SHA0") THEN CCDEFS = CCDEFS + ",NO_SHA0"
+$ IF F$TRNLNM("OPENSSL_NO_SHA1") THEN CCDEFS = CCDEFS + ",NO_SHA1"
+$ IF F$TRNLNM("OPENSSL_NO_DES")
+$ THEN
+$   CCDEFS = CCDEFS + ",NO_DES,NO_MDC2"
+$ ELSE
+$   IF F$TRNLNM("OPENSSL_NO_MDC2") THEN CCDEFS = CCDEFS + ",NO_MDC2"
+$ ENDIF
+$ IF F$TRNLNM("OPENSSL_NO_RC2") THEN CCDEFS = CCDEFS + ",NO_RC2"
+$ IF F$TRNLNM("OPENSSL_NO_RC4") THEN CCDEFS = CCDEFS + ",NO_RC4"
+$ IF F$TRNLNM("OPENSSL_NO_RC5") THEN CCDEFS = CCDEFS + ",NO_RC5"
+$ IF F$TRNLNM("OPENSSL_NO_IDEA") THEN CCDEFS = CCDEFS + ",NO_IDEA"
+$ IF F$TRNLNM("OPENSSL_NO_BF") THEN CCDEFS = CCDEFS + ",NO_BF"
+$ IF F$TRNLNM("OPENSSL_NO_CAST") THEN CCDEFS = CCDEFS + ",NO_CAST"
+$ IF F$TRNLNM("OPENSSL_NO_HMAC") THEN CCDEFS = CCDEFS + ",NO_HMAC"
+$ IF F$TRNLNM("OPENSSL_NO_SSL2") THEN CCDEFS = CCDEFS + ",NO_SSL2"
 $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
 $ CCEXTRAFLAGS = ""
 $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
-$ CCDISABLEWARNINGS = ""
+$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX"
 $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
-	CCDISABLEWARNINGS = USER_CCDISABLEWARNINGS
+	CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
 $!
 $!  Check To See If The User Entered A Valid Paramter.
 $!

apps/passwd.c

@@ -54,6 +54,8 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
  * -reverse      - switch table columns
  */
 
+int MAIN(int, char **);
+
 int MAIN(int argc, char **argv)
 	{
 	int ret = 1;

apps/pkcs12.c

@@ -693,7 +693,7 @@ int get_cert_chain (X509 *cert, STACK_OF(X509) **chain)
 		i = X509_STORE_CTX_get_error (&store_ctx);
 		goto err;
 	}
-	chn =  X509_STORE_CTX_rget_chain(&store_ctx);
+	chn =  X509_STORE_CTX_get1_chain(&store_ctx);
 	i = 0;
 	*chain = chn;
 err:

apps/req.c

@@ -1103,7 +1103,7 @@ static int auto_info(X509_REQ *req, STACK_OF(CONF_VALUE) *dn_sk,
 			for (i = 0; i < sk_CONF_VALUE_num(attr_sk); i++)
 				{
 				v=sk_CONF_VALUE_value(attr_sk,i);
-				if(!X509_REQ_radd_attr_by_txt(req, v->name, MBSTRING_ASC,
+				if(!X509_REQ_add1_attr_by_txt(req, v->name, MBSTRING_ASC,
 					(unsigned char *)v->value, -1)) return 0;
 				}
 			}
@@ -1201,7 +1201,7 @@ start:
 	buf[--i]='\0';
 	if(!req_check_len(i, min, max)) goto start;
 
-	if(!X509_REQ_radd_attr_by_NID(req, nid, MBSTRING_ASC,
+	if(!X509_REQ_add1_attr_by_NID(req, nid, MBSTRING_ASC,
 					(unsigned char *)buf, -1)) {
 		BIO_printf(bio_err, "Error adding attribute\n");
 		ERR_print_errors(bio_err);

apps/smime.c

@@ -488,9 +488,9 @@ int MAIN(int argc, char **argv)
 		}
 #ifdef CRYPTO_MDEBUG
 		CRYPTO_pop_info();
-		CRYPTO_push_info("PKCS7_iget_signers");
+		CRYPTO_push_info("PKCS7_get0_signers");
 #endif		
-		signers = PKCS7_iget_signers(p7, other, flags);
+		signers = PKCS7_get0_signers(p7, other, flags);
 #ifdef CRYPTO_MDEBUG
 		CRYPTO_pop_info();
 		CRYPTO_push_info("save_certs");

apps/verify.c

@@ -124,7 +124,7 @@ int MAIN(int argc, char **argv)
 					BIO_printf(bio_err, "unrecognized purpose\n");
 					goto end;
 					}
-				xptmp = X509_PURPOSE_iget(i);
+				xptmp = X509_PURPOSE_get0(i);
 				purpose = X509_PURPOSE_get_id(xptmp);
 				}
 			else if (strcmp(*argv,"-untrusted") == 0)
@@ -190,9 +190,9 @@ end:
 		BIO_printf(bio_err,"recognized usages:\n");
 		for(i = 0; i < X509_PURPOSE_get_count(); i++) {
 			X509_PURPOSE *ptmp;
-			ptmp = X509_PURPOSE_iget(i);
-			BIO_printf(bio_err, "\t%-10s\t%s\n", X509_PURPOSE_iget_sname(ptmp),
-								X509_PURPOSE_iget_name(ptmp));
+			ptmp = X509_PURPOSE_get0(i);
+			BIO_printf(bio_err, "\t%-10s\t%s\n", X509_PURPOSE_get0_sname(ptmp),
+								X509_PURPOSE_get0_name(ptmp));
 		}
 	}
 	if (cert_ctx != NULL) X509_STORE_free(cert_ctx);

apps/x509.c

@@ -555,7 +555,7 @@ bad:
 			}
 		}
 
-	if(alias) X509_alias_rset(x, (unsigned char *)alias, -1);
+	if(alias) X509_alias_set1(x, (unsigned char *)alias, -1);
 
 	if(clrtrust) X509_trust_clear(x);
 	if(clrreject) X509_reject_clear(x);
@@ -563,14 +563,14 @@ bad:
 	if(trust) {
 		for(i = 0; i < sk_ASN1_OBJECT_num(trust); i++) {
 			objtmp = sk_ASN1_OBJECT_value(trust, i);
-			X509_radd_trust_object(x, objtmp);
+			X509_add1_trust_object(x, objtmp);
 		}
 	}
 
 	if(reject) {
 		for(i = 0; i < sk_ASN1_OBJECT_num(reject); i++) {
 			objtmp = sk_ASN1_OBJECT_value(reject, i);
-			X509_radd_reject_object(x, objtmp);
+			X509_add1_reject_object(x, objtmp);
 		}
 	}
 
@@ -599,7 +599,7 @@ bad:
 			else if (aliasout == i)
 				{
 				unsigned char *alstr;
-				alstr = X509_alias_iget(x, NULL);
+				alstr = X509_alias_get0(x, NULL);
 				if(alstr) BIO_printf(STDout,"%s\n", alstr);
 				else BIO_puts(STDout,"<No Alias>\n");
 				}
@@ -614,7 +614,7 @@ bad:
 				BIO_printf(STDout, "Certificate purposes:\n");
 				for(j = 0; j < X509_PURPOSE_get_count(); j++)
 					{
-					ptmp = X509_PURPOSE_iget(j);
+					ptmp = X509_PURPOSE_get0(j);
 					purpose_print(STDout, x, ptmp);
 					}
 				}
@@ -1235,7 +1235,7 @@ static int purpose_print(BIO *bio, X509 *cert, X509_PURPOSE *pt)
 	int id, i, idret;
 	char *pname;
 	id = X509_PURPOSE_get_id(pt);
-	pname = X509_PURPOSE_iget_name(pt);
+	pname = X509_PURPOSE_get0_name(pt);
 	for(i = 0; i < 2; i++) {
 		idret = X509_check_purpose(cert, id, i);
 		BIO_printf(bio, "%s%s : ", pname, i ? " CA" : ""); 

config

@@ -57,6 +57,9 @@ if [ "x$XREL" != "x" ]; then
 	    4.2)
 		echo "whatever-whatever-unixware1"; exit 0
 		;;
+	    5*)
+		echo "${MACHINE}-sco-unixware7"; exit 0
+		;;
 	esac
     fi
 fi
@@ -444,8 +447,12 @@ case "$GUESSOS" in
   *-*-openbsd) OUT="OpenBSD" ;;
   *86*-*-bsdi4) OUT="bsdi-elf-gcc" ;;
   *-*-osf) OUT="alpha-cc" ;;
-  *-*-unixware*) OUT="unixware-2.0" ;;
-  *-*-UnixWare*) OUT="unixware-2.0" ;;
+  *-*-unixware7) OUT="unixware-7" ;;
+  *-*-UnixWare7) OUT="unixware-7" ;;
+  *-*-Unixware7) OUT="unixware-7" ;;
+  *-*-unixware[1-2]*) OUT="unixware-2.0" ;;
+  *-*-UnixWare[1-2]*) OUT="unixware-2.0" ;;
+  *-*-Unixware[1-2]*) OUT="unixware-2.0" ;;
   BS2000-siemens-sysv4) OUT="BS2000-OSD" ;;
   RM*-siemens-sysv4) OUT="ReliantUNIX" ;;
   *-siemens-sysv4) OUT="SINIX" ;;

crypto/asn1/asn1.h

@@ -238,7 +238,7 @@ DECLARE_STACK_OF(ASN1_STRING_TABLE)
 #define ub_title			64
 #define ub_email_address		128
 
-#ifndef DEBUG
+#ifdef NO_ASN1_TYPEDEFS
 #define ASN1_INTEGER		ASN1_STRING
 #define ASN1_ENUMERATED		ASN1_STRING
 #define ASN1_BIT_STRING		ASN1_STRING

crypto/asn1/asn1_err.c

@@ -91,7 +91,7 @@ static ERR_STRING_DATA ASN1_str_functs[]=
 {ERR_PACK(0,ASN1_F_ASN1_SEQ_UNPACK,0),	"ASN1_seq_unpack"},
 {ERR_PACK(0,ASN1_F_ASN1_SIGN,0),	"ASN1_sign"},
 {ERR_PACK(0,ASN1_F_ASN1_STRING_NEW,0),	"ASN1_STRING_new"},
-{ERR_PACK(0,ASN1_F_ASN1_STRING_TABLE_ADD,0),	"ASN1_STRING_TABLE_ADD"},
+{ERR_PACK(0,ASN1_F_ASN1_STRING_TABLE_ADD,0),	"ASN1_STRING_TABLE_add"},
 {ERR_PACK(0,ASN1_F_ASN1_STRING_TYPE_NEW,0),	"ASN1_STRING_type_new"},
 {ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,0),	"ASN1_TYPE_get_int_octetstring"},
 {ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_OCTETSTRING,0),	"ASN1_TYPE_get_octetstring"},

crypto/asn1/x_pubkey.c

@@ -297,7 +297,7 @@ RSA *d2i_RSA_PUBKEY(RSA **a, unsigned char **pp,
 	q = *pp;
 	pkey = d2i_PUBKEY(NULL, &q, length);
 	if(!pkey) return NULL;
-	key = EVP_PKEY_rget_RSA(pkey);
+	key = EVP_PKEY_get1_RSA(pkey);
 	EVP_PKEY_free(pkey);
 	if(!key) return NULL;
 	*pp = q;
@@ -318,7 +318,7 @@ int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp)
 		ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE);
 		return 0;
 	}
-	EVP_PKEY_rset_RSA(pktmp, a);
+	EVP_PKEY_set1_RSA(pktmp, a);
 	ret = i2d_PUBKEY(pktmp, pp);
 	EVP_PKEY_free(pktmp);
 	return ret;
@@ -335,7 +335,7 @@ DSA *d2i_DSA_PUBKEY(DSA **a, unsigned char **pp,
 	q = *pp;
 	pkey = d2i_PUBKEY(NULL, &q, length);
 	if(!pkey) return NULL;
-	key = EVP_PKEY_rget_DSA(pkey);
+	key = EVP_PKEY_get1_DSA(pkey);
 	EVP_PKEY_free(pkey);
 	if(!key) return NULL;
 	*pp = q;
@@ -356,7 +356,7 @@ int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp)
 		ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE);
 		return 0;
 	}
-	EVP_PKEY_rset_DSA(pktmp, a);
+	EVP_PKEY_set1_DSA(pktmp, a);
 	ret = i2d_PUBKEY(pktmp, pp);
 	EVP_PKEY_free(pktmp);
 	return ret;

crypto/asn1/x_x509a.c

@@ -145,7 +145,7 @@ static X509_CERT_AUX *aux_get(X509 *x)
 	return x->aux;
 }
 
-int X509_alias_rset(X509 *x, unsigned char *name, int len)
+int X509_alias_set1(X509 *x, unsigned char *name, int len)
 {
 	X509_CERT_AUX *aux;
 	if(!(aux = aux_get(x))) return 0;
@@ -153,14 +153,14 @@ int X509_alias_rset(X509 *x, unsigned char *name, int len)
 	return ASN1_STRING_set(aux->alias, name, len);
 }
 
-unsigned char *X509_alias_iget(X509 *x, int *len)
+unsigned char *X509_alias_get0(X509 *x, int *len)
 {
 	if(!x->aux || !x->aux->alias) return NULL;
 	if(len) *len = x->aux->alias->length;
 	return x->aux->alias->data;
 }
 
-int X509_radd_trust_object(X509 *x, ASN1_OBJECT *obj)
+int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj)
 {
 	X509_CERT_AUX *aux;
 	ASN1_OBJECT *objtmp;
@@ -171,7 +171,7 @@ int X509_radd_trust_object(X509 *x, ASN1_OBJECT *obj)
 	return sk_ASN1_OBJECT_push(aux->trust, objtmp);
 }
 
-int X509_radd_reject_object(X509 *x, ASN1_OBJECT *obj)
+int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj)
 {
 	X509_CERT_AUX *aux;
 	ASN1_OBJECT *objtmp;

crypto/bio/b_print.c

@@ -62,26 +62,650 @@
 
 #include <stdio.h>
 #include <stdarg.h>
+#include <string.h>
+#include <ctype.h>
 #include "cryptlib.h"
+#ifndef NO_SYS_TYPES_H
+#include <sys/types.h>
+#endif
 #include <openssl/bio.h>
 
+#ifdef BN_LLONG
+# ifndef HAVE_LONG_LONG
+#  define HAVE_LONG_LONG
+# endif
+#endif
+
+static void dopr (char *buffer, size_t maxlen, size_t *retlen,
+	const char *format, va_list args);
+
 int BIO_printf (BIO *bio, ...)
 	{
 	va_list args;
 	char *format;
 	int ret;
+	size_t retlen;
 	MS_STATIC char hugebuf[1024*2]; /* 10k in one chunk is the limit */
 
 	va_start(args, bio);
 	format=va_arg(args, char *);
 
 	hugebuf[0]='\0';
-
-	vsprintf(hugebuf,format,args);
-
-	ret=BIO_write(bio,hugebuf,strlen(hugebuf));
+	dopr(hugebuf, sizeof(hugebuf), &retlen, format, args);
+	ret=BIO_write(bio, hugebuf, (int)retlen);
 
 	va_end(args);
 	return(ret);
 	}
 
+/*
+ * Copyright Patrick Powell 1995
+ * This code is based on code written by Patrick Powell <papowell@astart.com>
+ * It may be used for any purpose as long as this notice remains intact
+ * on all source code distributions.
+ */
+
+/*
+ * This code contains numerious changes and enhancements which were
+ * made by lots of contributors over the last years to Patrick Powell's
+ * original code:
+ *
+ * o Patrick Powell <papowell@astart.com>      (1995)
+ * o Brandon Long <blong@fiction.net>          (1996, for Mutt)
+ * o Thomas Roessler <roessler@guug.de>        (1998, for Mutt)
+ * o Michael Elkins <me@cs.hmc.edu>            (1998, for Mutt)
+ * o Andrew Tridgell <tridge@samba.org>        (1998, for Samba)
+ * o Luke Mewburn <lukem@netbsd.org>           (1999, for LukemFTP)
+ * o Ralf S. Engelschall <rse@engelschall.com> (1999, for Pth)
+ */
+
+#if HAVE_LONG_DOUBLE
+#define LDOUBLE long double
+#else
+#define LDOUBLE double
+#endif
+
+#if HAVE_LONG_LONG
+#define LLONG long long
+#else
+#define LLONG long
+#endif
+
+static void fmtstr     (char *, size_t *, size_t, char *, int, int, int);
+static void fmtint     (char *, size_t *, size_t, LLONG, int, int, int, int);
+static void fmtfp      (char *, size_t *, size_t, LDOUBLE, int, int, int);
+static void dopr_outch (char *, size_t *, size_t, int);
+
+/* format read states */
+#define DP_S_DEFAULT    0
+#define DP_S_FLAGS      1
+#define DP_S_MIN        2
+#define DP_S_DOT        3
+#define DP_S_MAX        4
+#define DP_S_MOD        5
+#define DP_S_CONV       6
+#define DP_S_DONE       7
+
+/* format flags - Bits */
+#define DP_F_MINUS      (1 << 0)
+#define DP_F_PLUS       (1 << 1)
+#define DP_F_SPACE      (1 << 2)
+#define DP_F_NUM        (1 << 3)
+#define DP_F_ZERO       (1 << 4)
+#define DP_F_UP         (1 << 5)
+#define DP_F_UNSIGNED   (1 << 6)
+
+/* conversion flags */
+#define DP_C_SHORT      1
+#define DP_C_LONG       2
+#define DP_C_LDOUBLE    3
+#define DP_C_LLONG      4
+
+/* some handy macros */
+#define char_to_int(p) (p - '0')
+#define MAX(p,q) ((p >= q) ? p : q)
+
+static void
+dopr(
+    char *buffer,
+    size_t maxlen,
+    size_t *retlen,
+    const char *format,
+    va_list args)
+{
+    char ch;
+    LLONG value;
+    LDOUBLE fvalue;
+    char *strvalue;
+    int min;
+    int max;
+    int state;
+    int flags;
+    int cflags;
+    size_t currlen;
+
+    state = DP_S_DEFAULT;
+    flags = currlen = cflags = min = 0;
+    max = -1;
+    ch = *format++;
+
+    while (state != DP_S_DONE) {
+        if ((ch == '\0') || (currlen >= maxlen))
+            state = DP_S_DONE;
+
+        switch (state) {
+        case DP_S_DEFAULT:
+            if (ch == '%')
+                state = DP_S_FLAGS;
+            else
+                dopr_outch(buffer, &currlen, maxlen, ch);
+            ch = *format++;
+            break;
+        case DP_S_FLAGS:
+            switch (ch) {
+            case '-':
+                flags |= DP_F_MINUS;
+                ch = *format++;
+                break;
+            case '+':
+                flags |= DP_F_PLUS;
+                ch = *format++;
+                break;
+            case ' ':
+                flags |= DP_F_SPACE;
+                ch = *format++;
+                break;
+            case '#':
+                flags |= DP_F_NUM;
+                ch = *format++;
+                break;
+            case '0':
+                flags |= DP_F_ZERO;
+                ch = *format++;
+                break;
+            default:
+                state = DP_S_MIN;
+                break;
+            }
+            break;
+        case DP_S_MIN:
+            if (isdigit((unsigned char)ch)) {
+                min = 10 * min + char_to_int(ch);
+                ch = *format++;
+            } else if (ch == '*') {
+                min = va_arg(args, int);
+                ch = *format++;
+                state = DP_S_DOT;
+            } else
+                state = DP_S_DOT;
+            break;
+        case DP_S_DOT:
+            if (ch == '.') {
+                state = DP_S_MAX;
+                ch = *format++;
+            } else
+                state = DP_S_MOD;
+            break;
+        case DP_S_MAX:
+            if (isdigit((unsigned char)ch)) {
+                if (max < 0)
+                    max = 0;
+                max = 10 * max + char_to_int(ch);
+                ch = *format++;
+            } else if (ch == '*') {
+                max = va_arg(args, int);
+                ch = *format++;
+                state = DP_S_MOD;
+            } else
+                state = DP_S_MOD;
+            break;
+        case DP_S_MOD:
+            switch (ch) {
+            case 'h':
+                cflags = DP_C_SHORT;
+                ch = *format++;
+                break;
+            case 'l':
+                if (*format == 'l') {
+                    cflags = DP_C_LLONG;
+                    format++;
+                } else
+                    cflags = DP_C_LONG;
+                ch = *format++;
+                break;
+            case 'q':
+                cflags = DP_C_LLONG;
+                ch = *format++;
+                break;
+            case 'L':
+                cflags = DP_C_LDOUBLE;
+                ch = *format++;
+                break;
+            default:
+                break;
+            }
+            state = DP_S_CONV;
+            break;
+        case DP_S_CONV:
+            switch (ch) {
+            case 'd':
+            case 'i':
+                switch (cflags) {
+                case DP_C_SHORT:
+                    value = va_arg(args, short int);
+                    break;
+                case DP_C_LONG:
+                    value = va_arg(args, long int);
+                    break;
+                case DP_C_LLONG:
+                    value = va_arg(args, LLONG);
+                    break;
+                default:
+                    value = va_arg(args, int);
+                    break;
+                }
+                fmtint(buffer, &currlen, maxlen, value, 10, min, max, flags);
+                break;
+            case 'X':
+                flags |= DP_F_UP;
+                /* FALLTHROUGH */
+            case 'x':
+            case 'o':
+            case 'u':
+                flags |= DP_F_UNSIGNED;
+                switch (cflags) {
+                case DP_C_SHORT:
+                    value = va_arg(args,
+                        unsigned short int);
+                    break;
+                case DP_C_LONG:
+                    value = (LLONG) va_arg(args,
+                        unsigned long int);
+                    break;
+                case DP_C_LLONG:
+                    value = va_arg(args, unsigned LLONG);
+                    break;
+                default:
+                    value = (LLONG) va_arg(args,
+                        unsigned int);
+                    break;
+                }
+                fmtint(buffer, &currlen, maxlen, value,
+                       ch == 'o' ? 8 : (ch == 'u' ? 10 : 16),
+                       min, max, flags);
+                break;
+            case 'f':
+                if (cflags == DP_C_LDOUBLE)
+                    fvalue = va_arg(args, LDOUBLE);
+                else
+                    fvalue = va_arg(args, double);
+                fmtfp(buffer, &currlen, maxlen, fvalue, min, max, flags);
+                break;
+            case 'E':
+                flags |= DP_F_UP;
+            case 'e':
+                if (cflags == DP_C_LDOUBLE)
+                    fvalue = va_arg(args, LDOUBLE);
+                else
+                    fvalue = va_arg(args, double);
+                break;
+            case 'G':
+                flags |= DP_F_UP;
+            case 'g':
+                if (cflags == DP_C_LDOUBLE)
+                    fvalue = va_arg(args, LDOUBLE);
+                else
+                    fvalue = va_arg(args, double);
+                break;
+            case 'c':
+                dopr_outch(buffer, &currlen, maxlen,
+                    va_arg(args, int));
+                break;
+            case 's':
+                strvalue = va_arg(args, char *);
+                if (max < 0)
+                    max = maxlen;
+                fmtstr(buffer, &currlen, maxlen, strvalue,
+                    flags, min, max);
+                break;
+            case 'p':
+                value = (long)va_arg(args, void *);
+                fmtint(buffer, &currlen, maxlen,
+                    value, 16, min, max, flags);
+                break;
+            case 'n': /* XXX */
+                if (cflags == DP_C_SHORT) {
+                    short int *num;
+                    num = va_arg(args, short int *);
+                    *num = currlen;
+                } else if (cflags == DP_C_LONG) { /* XXX */
+                    long int *num;
+                    num = va_arg(args, long int *);
+                    *num = (long int) currlen;
+                } else if (cflags == DP_C_LLONG) { /* XXX */
+                    LLONG *num;
+                    num = va_arg(args, LLONG *);
+                    *num = (LLONG) currlen;
+                } else {
+                    int    *num;
+                    num = va_arg(args, int *);
+                    *num = currlen;
+                }
+                break;
+            case '%':
+                dopr_outch(buffer, &currlen, maxlen, ch);
+                break;
+            case 'w':
+                /* not supported yet, treat as next char */
+                ch = *format++;
+                break;
+            default:
+                /* unknown, skip */
+                break;
+            }
+            ch = *format++;
+            state = DP_S_DEFAULT;
+            flags = cflags = min = 0;
+            max = -1;
+            break;
+        case DP_S_DONE:
+            break;
+        default:
+            break;
+        }
+    }
+    if (currlen >= maxlen - 1)
+        currlen = maxlen - 1;
+    buffer[currlen] = '\0';
+    *retlen = currlen;
+    return;
+}
+
+static void
+fmtstr(
+    char *buffer,
+    size_t *currlen,
+    size_t maxlen,
+    char *value,
+    int flags,
+    int min,
+    int max)
+{
+    int padlen, strln;
+    int cnt = 0;
+
+    if (value == 0)
+        value = "<NULL>";
+    for (strln = 0; value[strln]; ++strln)
+        ;
+    padlen = min - strln;
+    if (padlen < 0)
+        padlen = 0;
+    if (flags & DP_F_MINUS)
+        padlen = -padlen;
+
+    while ((padlen > 0) && (cnt < max)) {
+        dopr_outch(buffer, currlen, maxlen, ' ');
+        --padlen;
+        ++cnt;
+    }
+    while (*value && (cnt < max)) {
+        dopr_outch(buffer, currlen, maxlen, *value++);
+        ++cnt;
+    }
+    while ((padlen < 0) && (cnt < max)) {
+        dopr_outch(buffer, currlen, maxlen, ' ');
+        ++padlen;
+        ++cnt;
+    }
+}
+
+static void
+fmtint(
+    char *buffer,
+    size_t *currlen,
+    size_t maxlen,
+    LLONG value,
+    int base,
+    int min,
+    int max,
+    int flags)
+{
+    int signvalue = 0;
+    unsigned LLONG uvalue;
+    char convert[20];
+    int place = 0;
+    int spadlen = 0;
+    int zpadlen = 0;
+    int caps = 0;
+
+    if (max < 0)
+        max = 0;
+    uvalue = value;
+    if (!(flags & DP_F_UNSIGNED)) {
+        if (value < 0) {
+            signvalue = '-';
+            uvalue = -value;
+        } else if (flags & DP_F_PLUS)
+            signvalue = '+';
+        else if (flags & DP_F_SPACE)
+            signvalue = ' ';
+    }
+    if (flags & DP_F_UP)
+        caps = 1;
+    do {
+        convert[place++] =
+            (caps ? "0123456789ABCDEF" : "0123456789abcdef")
+            [uvalue % (unsigned) base];
+        uvalue = (uvalue / (unsigned) base);
+    } while (uvalue && (place < 20));
+    if (place == 20)
+        place--;
+    convert[place] = 0;
+
+    zpadlen = max - place;
+    spadlen = min - MAX(max, place) - (signvalue ? 1 : 0);
+    if (zpadlen < 0)
+        zpadlen = 0;
+    if (spadlen < 0)
+        spadlen = 0;
+    if (flags & DP_F_ZERO) {
+        zpadlen = MAX(zpadlen, spadlen);
+        spadlen = 0;
+    }
+    if (flags & DP_F_MINUS)
+        spadlen = -spadlen;
+
+    /* spaces */
+    while (spadlen > 0) {
+        dopr_outch(buffer, currlen, maxlen, ' ');
+        --spadlen;
+    }
+
+    /* sign */
+    if (signvalue)
+        dopr_outch(buffer, currlen, maxlen, signvalue);
+
+    /* zeros */
+    if (zpadlen > 0) {
+        while (zpadlen > 0) {
+            dopr_outch(buffer, currlen, maxlen, '0');
+            --zpadlen;
+        }
+    }
+    /* digits */
+    while (place > 0)
+        dopr_outch(buffer, currlen, maxlen, convert[--place]);
+
+    /* left justified spaces */
+    while (spadlen < 0) {
+        dopr_outch(buffer, currlen, maxlen, ' ');
+        ++spadlen;
+    }
+    return;
+}
+
+static LDOUBLE
+abs_val(LDOUBLE value)
+{
+    LDOUBLE result = value;
+    if (value < 0)
+        result = -value;
+    return result;
+}
+
+static LDOUBLE
+pow10(int exp)
+{
+    LDOUBLE result = 1;
+    while (exp) {
+        result *= 10;
+        exp--;
+    }
+    return result;
+}
+
+static long
+round(LDOUBLE value)
+{
+    long intpart;
+    intpart = (long) value;
+    value = value - intpart;
+    if (value >= 0.5)
+        intpart++;
+    return intpart;
+}
+
+static void
+fmtfp(
+    char *buffer,
+    size_t *currlen,
+    size_t maxlen,
+    LDOUBLE fvalue,
+    int min,
+    int max,
+    int flags)
+{
+    int signvalue = 0;
+    LDOUBLE ufvalue;
+    char iconvert[20];
+    char fconvert[20];
+    int iplace = 0;
+    int fplace = 0;
+    int padlen = 0;
+    int zpadlen = 0;
+    int caps = 0;
+    long intpart;
+    long fracpart;
+
+    if (max < 0)
+        max = 6;
+    ufvalue = abs_val(fvalue);
+    if (fvalue < 0)
+        signvalue = '-';
+    else if (flags & DP_F_PLUS)
+        signvalue = '+';
+    else if (flags & DP_F_SPACE)
+        signvalue = ' ';
+
+    intpart = (long)ufvalue;
+
+    /* sorry, we only support 9 digits past the decimal because of our
+       conversion method */
+    if (max > 9)
+        max = 9;
+
+    /* we "cheat" by converting the fractional part to integer by
+       multiplying by a factor of 10 */
+    fracpart = round((pow10(max)) * (ufvalue - intpart));
+
+    if (fracpart >= pow10(max)) {
+        intpart++;
+        fracpart -= (long)pow10(max);
+    }
+
+    /* convert integer part */
+    do {
+        iconvert[iplace++] =
+            (caps ? "0123456789ABCDEF"
+              : "0123456789abcdef")[intpart % 10];
+        intpart = (intpart / 10);
+    } while (intpart && (iplace < 20));
+    if (iplace == 20)
+        iplace--;
+    iconvert[iplace] = 0;
+
+    /* convert fractional part */
+    do {
+        fconvert[fplace++] =
+            (caps ? "0123456789ABCDEF"
+              : "0123456789abcdef")[fracpart % 10];
+        fracpart = (fracpart / 10);
+    } while (fracpart && (fplace < 20));
+    if (fplace == 20)
+        fplace--;
+    fconvert[fplace] = 0;
+
+    /* -1 for decimal point, another -1 if we are printing a sign */
+    padlen = min - iplace - max - 1 - ((signvalue) ? 1 : 0);
+    zpadlen = max - fplace;
+    if (zpadlen < 0)
+        zpadlen = 0;
+    if (padlen < 0)
+        padlen = 0;
+    if (flags & DP_F_MINUS)
+        padlen = -padlen;
+
+    if ((flags & DP_F_ZERO) && (padlen > 0)) {
+        if (signvalue) {
+            dopr_outch(buffer, currlen, maxlen, signvalue);
+            --padlen;
+            signvalue = 0;
+        }
+        while (padlen > 0) {
+            dopr_outch(buffer, currlen, maxlen, '0');
+            --padlen;
+        }
+    }
+    while (padlen > 0) {
+        dopr_outch(buffer, currlen, maxlen, ' ');
+        --padlen;
+    }
+    if (signvalue)
+        dopr_outch(buffer, currlen, maxlen, signvalue);
+
+    while (iplace > 0)
+        dopr_outch(buffer, currlen, maxlen, iconvert[--iplace]);
+
+    /*
+     * Decimal point. This should probably use locale to find the correct
+     * char to print out.
+     */
+    if (max > 0) {
+        dopr_outch(buffer, currlen, maxlen, '.');
+
+        while (fplace > 0)
+            dopr_outch(buffer, currlen, maxlen, fconvert[--fplace]);
+    }
+    while (zpadlen > 0) {
+        dopr_outch(buffer, currlen, maxlen, '0');
+        --zpadlen;
+    }
+
+    while (padlen < 0) {
+        dopr_outch(buffer, currlen, maxlen, ' ');
+        ++padlen;
+    }
+}
+
+static void
+dopr_outch(
+    char *buffer,
+    size_t *currlen,
+    size_t maxlen,
+    int c)
+{
+    if (*currlen < maxlen)
+        buffer[(*currlen)++] = (char)c;
+    return;
+}

crypto/bn/Makefile.ssl

@@ -59,12 +59,11 @@ all:	lib
 bn_prime.h: bn_prime.pl
 	$(PERL) bn_prime.pl >bn_prime.h
 
-knuth: bn_knuth.c
-	cc -pg -I.. -I../../include bn_knuth.c -o knuth $(LIB) #../../../libefence.a
-
-knuth.fast: bn_knuth.c
-	cc -pg -fast -I.. -I../../include bn_knuth.c -o knuth $(LIB) #../../../libefence.a
+divtest: divtest.c ../../libcrypto.a
+	cc -I../../include divtest.c -o divtest ../../libcrypto.a
 
+bnbug: bnbug.c ../../libcrypto.a top
+	cc -g -I../../include bnbug.c -o bnbug ../../libcrypto.a
 
 lib:	$(LIBOBJ)
 	$(AR) $(LIB) $(LIBOBJ)

crypto/bn/asm/README

@@ -1,5 +1,5 @@
 All assember in this directory are just version of the file
-crypto/bn/bn_mulw.c.
+crypto/bn/bn_asm.c.
 
 Quite a few of these files are just the assember output from gcc since on 
 quite a few machines they are 2 times faster than the system compiler.
@@ -15,13 +15,6 @@ On the 2 alpha C compilers I had access to, it was not possible to do
 were 64 bits).  So the hand assember gives access to the 128 bit result and
 a 2 times speedup :-).
 
-The x86xxxx.obj files are the assembled version of x86xxxx.asm files.
-I had such a hard time finding a macro assember for Microsoft, I decided to
-include the object file to save others the hassle :-).
-
-I have also included uu encoded versions of the .obj incase they get
-trashed.
-
 There are 2 versions of assember for the HP PA-RISC.
 pa-risc.s is the origional one which works fine.
 pa-risc2.s is a new version that often generates warnings but if the

crypto/bn/bn.h

@@ -289,7 +289,6 @@ typedef struct bn_recp_ctx_st
 #define BN_prime_checks 0 /* default: select number of iterations
 			     based on the size of the number */
 
-
 /* number of Miller-Rabin iterations for an error rate  of less than 2^-80
  * for random 'b'-bit input, b >= 100 (taken from table 4.4 in the Handbook
  * of Applied Cryptography [Menezes, van Oorschot, Vanstone; CRC Press 1996];
@@ -319,20 +318,6 @@ typedef struct bn_recp_ctx_st
 /*#define BN_ascii2bn(a)	BN_hex2bn(a) */
 /*#define BN_bn2ascii(a)	BN_bn2hex(a) */
 
-#define bn_expand(n,b) ((((((b+BN_BITS2-1))/BN_BITS2)) <= (n)->max)?\
-	(n):bn_expand2((n),(b)/BN_BITS2+1))
-#define bn_wexpand(n,b) (((b) <= (n)->max)?(n):bn_expand2((n),(b)))
-
-#define bn_fix_top(a) \
-        { \
-        BN_ULONG *ftl; \
-	if ((a)->top > 0) \
-		{ \
-		for (ftl= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \
-		if (*(ftl--)) break; \
-		} \
-	}
-
 BIGNUM *BN_value_one(void);
 char *	BN_options(void);
 BN_CTX *BN_CTX_new(void);
@@ -385,19 +370,18 @@ int	BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p,
 	BIGNUM *m,BN_CTX *ctx);
 int	BN_mask_bits(BIGNUM *a,int n);
 int	BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m, BN_CTX *ctx);
-#ifndef WIN16
+#ifndef NO_FP_API
 int	BN_print_fp(FILE *fp, const BIGNUM *a);
 #endif
 #ifdef HEADER_BIO_H
 int	BN_print(BIO *fp, const BIGNUM *a);
 #else
-int	BN_print(char *fp, const BIGNUM *a);
+int	BN_print(void *fp, const BIGNUM *a);
 #endif
 int	BN_reciprocal(BIGNUM *r, BIGNUM *m, int len, BN_CTX *ctx);
 int	BN_rshift(BIGNUM *r, BIGNUM *a, int n);
 int	BN_rshift1(BIGNUM *r, BIGNUM *a);
 void	BN_clear(BIGNUM *a);
-BIGNUM *bn_expand2(BIGNUM *b, int bits);
 BIGNUM *BN_dup(const BIGNUM *a);
 int	BN_ucmp(const BIGNUM *a, const BIGNUM *b);
 int	BN_set_bit(BIGNUM *a, int n);
@@ -418,13 +402,6 @@ int	BN_is_prime_fasttest(const BIGNUM *p,int nchecks,
 		int do_trial_division);
 void	ERR_load_BN_strings(void );
 
-BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
-BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
-void     bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num);
-BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d);
-BN_ULONG bn_add_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num);
-BN_ULONG bn_sub_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num);
-
 BN_MONT_CTX *BN_MONT_CTX_new(void );
 void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
 int BN_mod_mul_montgomery(BIGNUM *r,BIGNUM *a,BIGNUM *b,BN_MONT_CTX *mont,
@@ -454,6 +431,39 @@ int	BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 int	BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *m,
 		BN_RECP_CTX *recp, BN_CTX *ctx);
 
+/* library internal functions */
+
+#define bn_expand(a,bits) ((((((bits+BN_BITS2-1))/BN_BITS2)) <= (a)->max)?\
+	(a):bn_expand2((a),(bits)/BN_BITS2+1))
+#define bn_wexpand(a,words) (((words) <= (a)->max)?(a):bn_expand2((a),(words)))
+BIGNUM *bn_expand2(BIGNUM *a, int words);
+
+#define bn_fix_top(a) \
+        { \
+        BN_ULONG *ftl; \
+	if ((a)->top > 0) \
+		{ \
+		for (ftl= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \
+		if (*(ftl--)) break; \
+		} \
+	}
+
+BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
+BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
+void     bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num);
+BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d);
+BN_ULONG bn_add_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num);
+BN_ULONG bn_sub_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num);
+
+#ifdef BN_DEBUG
+  void bn_dump1(FILE *o, const char *a, BN_ULONG *b,int n);
+# define bn_print(a) {fprintf(stderr, #a "="); BN_print_fp(stderr,a); \
+   fprintf(stderr,"\n");}
+# define bn_dump(a,n) bn_dump1(stderr,#a,a,n);
+#else
+# define bn_print(a)
+# define bn_dump(a,b)
+#endif
 
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes

crypto/bn/bn_asm.c

@@ -56,7 +56,13 @@
  * [including the GNU Public Licence.]
  */
 
+#ifndef BN_DEBUG
+# undef NDEBUG /* avoid conflicting definitions */
+# define NDEBUG
+#endif
+
 #include <stdio.h>
+#include <assert.h>
 #include "cryptlib.h"
 #include "bn_lcl.h"
 
@@ -66,7 +72,7 @@ BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
 	{
 	BN_ULONG c1=0;
 
-	bn_check_num(num);
+	assert(num >= 0);
 	if (num <= 0) return(c1);
 
 	while (num&~3)
@@ -91,7 +97,7 @@ BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
 	{
 	BN_ULONG c1=0;
 
-	bn_check_num(num);
+	assert(num >= 0);
 	if (num <= 0) return(c1);
 
 	while (num&~3)
@@ -113,7 +119,7 @@ BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
 
 void bn_sqr_words(BN_ULONG *r, BN_ULONG *a, int n)
         {
-	bn_check_num(n);
+	assert(n >= 0);
 	if (n <= 0) return;
 	while (n&~3)
 		{
@@ -131,14 +137,14 @@ void bn_sqr_words(BN_ULONG *r, BN_ULONG *a, int n)
 		}
 	}
 
-#else
+#else /* !(defined(BN_LLONG) || defined(BN_UMULT_HIGH)) */
 
 BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
 	{
 	BN_ULONG c=0;
 	BN_ULONG bl,bh;
 
-	bn_check_num(num);
+	assert(num >= 0);
 	if (num <= 0) return((BN_ULONG)0);
 
 	bl=LBITS(w);
@@ -165,7 +171,7 @@ BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
 	BN_ULONG carry=0;
 	BN_ULONG bl,bh;
 
-	bn_check_num(num);
+	assert(num >= 0);
 	if (num <= 0) return((BN_ULONG)0);
 
 	bl=LBITS(w);
@@ -189,7 +195,7 @@ BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
 
 void bn_sqr_words(BN_ULONG *r, BN_ULONG *a, int n)
         {
-	bn_check_num(n);
+	assert(num >= 0);
 	if (n <= 0) return;
 	for (;;)
 		{
@@ -210,7 +216,7 @@ void bn_sqr_words(BN_ULONG *r, BN_ULONG *a, int n)
 		}
 	}
 
-#endif
+#endif /* !(defined(BN_LLONG) || defined(BN_UMULT_HIGH)) */
 
 #if defined(BN_LLONG) && defined(BN_DIV2W)
 
@@ -292,14 +298,14 @@ BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
 	ret|=q;
 	return(ret);
 	}
-#endif
+#endif /* !defined(BN_LLONG) && defined(BN_DIV2W) */
 
 #ifdef BN_LLONG
 BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
         {
 	BN_ULLONG ll=0;
 
-	bn_check_num(n);
+	assert(n >= 0);
 	if (n <= 0) return((BN_ULONG)0);
 
 	for (;;)
@@ -330,12 +336,12 @@ BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
 		}
 	return((BN_ULONG)ll);
 	}
-#else
+#else /* !BN_LLONG */
 BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
         {
 	BN_ULONG c,l,t;
 
-	bn_check_num(n);
+	assert(n >= 0);
 	if (n <= 0) return((BN_ULONG)0);
 
 	c=0;
@@ -379,14 +385,14 @@ BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
 		}
 	return((BN_ULONG)c);
 	}
-#endif
+#endif /* !BN_LLONG */
 
 BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
         {
 	BN_ULONG t1,t2;
 	int c=0;
 
-	bn_check_num(n);
+	assert(n >= 0);
 	if (n <= 0) return((BN_ULONG)0);
 
 	for (;;)
@@ -425,6 +431,11 @@ BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
 #undef bn_sqr_comba8
 #undef bn_sqr_comba4
 
+/* mul_add_c(a,b,c0,c1,c2)  -- c+=a*b for three word number c=(c2,c1,c0) */
+/* mul_add_c2(a,b,c0,c1,c2) -- c+=2*a*b for three word number c=(c2,c1,c0) */
+/* sqr_add_c(a,i,c0,c1,c2)  -- c+=a[i]^2 for three word number c=(c2,c1,c0) */
+/* sqr_add_c2(a,i,c0,c1,c2) -- c+=2*a[i]*a[j] for three word number c=(c2,c1,c0) */
+
 #ifdef BN_LLONG
 #define mul_add_c(a,b,c0,c1,c2) \
 	t=(BN_ULLONG)a*b; \
@@ -484,7 +495,7 @@ BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
 #define sqr_add_c2(a,i,j,c0,c1,c2)	\
 	mul_add_c2((a)[i],(a)[j],c0,c1,c2)
 
-#else
+#else /* !BN_LLONG */
 #define mul_add_c(a,b,c0,c1,c2) \
 	t1=LBITS(a); t2=HBITS(a); \
 	bl=LBITS(b); bh=HBITS(b); \
@@ -511,7 +522,7 @@ BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
 
 #define sqr_add_c2(a,i,j,c0,c1,c2) \
 	mul_add_c2((a)[i],(a)[j],c0,c1,c2)
-#endif
+#endif /* !BN_LLONG */
 
 void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
 	{
@@ -786,7 +797,7 @@ void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
 	r[6]=c1;
 	r[7]=c2;
 	}
-#else
+#else /* !BN_MUL_COMBA */
 
 /* hmm... is it faster just to do a multiply? */
 #undef bn_sqr_comba4
@@ -823,4 +834,4 @@ void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
 	r[15]=bn_mul_add_words(&(r[7]),a,8,b[7]);
 	}
 
-#endif /* BN_COMBA */
+#endif /* !BN_MUL_COMBA */

crypto/bn/bn_comba.c

@@ -1,345 +0,0 @@
-/* crypto/bn/bn_comba.c */
-#include <stdio.h>
-#include "bn_lcl.h"
-/* Auto generated from crypto/bn/comba.pl
- */
-
-#undef bn_mul_comba8
-#undef bn_mul_comba4
-#undef bn_sqr_comba8
-#undef bn_sqr_comba4
-
-#ifdef BN_LLONG
-#define mul_add_c(a,b,c0,c1,c2) \
-	t=(BN_ULLONG)a*b; \
-	t1=(BN_ULONG)Lw(t); \
-	t2=(BN_ULONG)Hw(t); \
-	c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define mul_add_c2(a,b,c0,c1,c2) \
-	t=(BN_ULLONG)a*b; \
-	tt=(t+t)&BN_MASK; \
-	if (tt < t) c2++; \
-	t1=(BN_ULONG)Lw(tt); \
-	t2=(BN_ULONG)Hw(tt); \
-	c0=(c0+t1)&BN_MASK2;  \
-	if ((c0 < t1) && (((++t2)&BN_MASK2) == 0)) c2++; \
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define sqr_add_c(a,i,c0,c1,c2) \
-	t=(BN_ULLONG)a[i]*a[i]; \
-	t1=(BN_ULONG)Lw(t); \
-	t2=(BN_ULONG)Hw(t); \
-	c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define sqr_add_c2(a,i,j,c0,c1,c2) \
-	mul_add_c2((a)[i],(a)[j],c0,c1,c2)
-#else
-#define mul_add_c(a,b,c0,c1,c2) \
-	t1=LBITS(a); t2=HBITS(a); \
-	bl=LBITS(b); bh=HBITS(b); \
-	mul64(t1,t2,bl,bh); \
-	c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define mul_add_c2(a,b,c0,c1,c2) \
-	t1=LBITS(a); t2=HBITS(a); \
-	bl=LBITS(b); bh=HBITS(b); \
-	mul64(t1,t2,bl,bh); \
-	if (t2 & BN_TBIT) c2++; \
-	t2=(t2+t2)&BN_MASK2; \
-	if (t1 & BN_TBIT) t2++; \
-	t1=(t1+t1)&BN_MASK2; \
-	c0=(c0+t1)&BN_MASK2;  \
-	if ((c0 < t1) && (((++t2)&BN_MASK2) == 0)) c2++; \
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define sqr_add_c(a,i,c0,c1,c2) \
-	sqr64(t1,t2,(a)[i]); \
-	c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define sqr_add_c2(a,i,j,c0,c1,c2) \
-	mul_add_c2((a)[i],(a)[j],c0,c1,c2)
-#endif
-
-void bn_mul_comba88(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b);
-void bn_mul_comba44(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b);
-void bn_sqr_comba88(BN_ULONG *r,BN_ULONG *a);
-void bn_sqr_comba44(BN_ULONG *r,BN_ULONG *a);
-
-void bn_mul_comba88(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-	{
-#ifdef BN_LLONG
-	BN_ULLONG t;
-#else
-	BN_ULONG bl,bh;
-#endif
-	BN_ULONG t1,t2;
-	BN_ULONG c1,c2,c3;
-
-	c1=0;
-	c2=0;
-	c3=0;
-	mul_add_c(a[0],b[0],c1,c2,c3);
-	r[0]=c1;
-	c1=0;
-	mul_add_c(a[0],b[1],c2,c3,c1);
-	mul_add_c(a[1],b[0],c2,c3,c1);
-	r[1]=c2;
-	c2=0;
-	mul_add_c(a[2],b[0],c3,c1,c2);
-	mul_add_c(a[1],b[1],c3,c1,c2);
-	mul_add_c(a[0],b[2],c3,c1,c2);
-	r[2]=c3;
-	c3=0;
-	mul_add_c(a[0],b[3],c1,c2,c3);
-	mul_add_c(a[1],b[2],c1,c2,c3);
-	mul_add_c(a[2],b[1],c1,c2,c3);
-	mul_add_c(a[3],b[0],c1,c2,c3);
-	r[3]=c1;
-	c1=0;
-	mul_add_c(a[4],b[0],c2,c3,c1);
-	mul_add_c(a[3],b[1],c2,c3,c1);
-	mul_add_c(a[2],b[2],c2,c3,c1);
-	mul_add_c(a[1],b[3],c2,c3,c1);
-	mul_add_c(a[0],b[4],c2,c3,c1);
-	r[4]=c2;
-	c2=0;
-	mul_add_c(a[0],b[5],c3,c1,c2);
-	mul_add_c(a[1],b[4],c3,c1,c2);
-	mul_add_c(a[2],b[3],c3,c1,c2);
-	mul_add_c(a[3],b[2],c3,c1,c2);
-	mul_add_c(a[4],b[1],c3,c1,c2);
-	mul_add_c(a[5],b[0],c3,c1,c2);
-	r[5]=c3;
-	c3=0;
-	mul_add_c(a[6],b[0],c1,c2,c3);
-	mul_add_c(a[5],b[1],c1,c2,c3);
-	mul_add_c(a[4],b[2],c1,c2,c3);
-	mul_add_c(a[3],b[3],c1,c2,c3);
-	mul_add_c(a[2],b[4],c1,c2,c3);
-	mul_add_c(a[1],b[5],c1,c2,c3);
-	mul_add_c(a[0],b[6],c1,c2,c3);
-	r[6]=c1;
-	c1=0;
-	mul_add_c(a[0],b[7],c2,c3,c1);
-	mul_add_c(a[1],b[6],c2,c3,c1);
-	mul_add_c(a[2],b[5],c2,c3,c1);
-	mul_add_c(a[3],b[4],c2,c3,c1);
-	mul_add_c(a[4],b[3],c2,c3,c1);
-	mul_add_c(a[5],b[2],c2,c3,c1);
-	mul_add_c(a[6],b[1],c2,c3,c1);
-	mul_add_c(a[7],b[0],c2,c3,c1);
-	r[7]=c2;
-	c2=0;
-	mul_add_c(a[7],b[1],c3,c1,c2);
-	mul_add_c(a[6],b[2],c3,c1,c2);
-	mul_add_c(a[5],b[3],c3,c1,c2);
-	mul_add_c(a[4],b[4],c3,c1,c2);
-	mul_add_c(a[3],b[5],c3,c1,c2);
-	mul_add_c(a[2],b[6],c3,c1,c2);
-	mul_add_c(a[1],b[7],c3,c1,c2);
-	r[8]=c3;
-	c3=0;
-	mul_add_c(a[2],b[7],c1,c2,c3);
-	mul_add_c(a[3],b[6],c1,c2,c3);
-	mul_add_c(a[4],b[5],c1,c2,c3);
-	mul_add_c(a[5],b[4],c1,c2,c3);
-	mul_add_c(a[6],b[3],c1,c2,c3);
-	mul_add_c(a[7],b[2],c1,c2,c3);
-	r[9]=c1;
-	c1=0;
-	mul_add_c(a[7],b[3],c2,c3,c1);
-	mul_add_c(a[6],b[4],c2,c3,c1);
-	mul_add_c(a[5],b[5],c2,c3,c1);
-	mul_add_c(a[4],b[6],c2,c3,c1);
-	mul_add_c(a[3],b[7],c2,c3,c1);
-	r[10]=c2;
-	c2=0;
-	mul_add_c(a[4],b[7],c3,c1,c2);
-	mul_add_c(a[5],b[6],c3,c1,c2);
-	mul_add_c(a[6],b[5],c3,c1,c2);
-	mul_add_c(a[7],b[4],c3,c1,c2);
-	r[11]=c3;
-	c3=0;
-	mul_add_c(a[7],b[5],c1,c2,c3);
-	mul_add_c(a[6],b[6],c1,c2,c3);
-	mul_add_c(a[5],b[7],c1,c2,c3);
-	r[12]=c1;
-	c1=0;
-	mul_add_c(a[6],b[7],c2,c3,c1);
-	mul_add_c(a[7],b[6],c2,c3,c1);
-	r[13]=c2;
-	c2=0;
-	mul_add_c(a[7],b[7],c3,c1,c2);
-	r[14]=c3;
-	r[15]=c1;
-	}
-
-void bn_mul_comba44(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-	{
-#ifdef BN_LLONG
-	BN_ULLONG t;
-#else
-	BN_ULONG bl,bh;
-#endif
-	BN_ULONG t1,t2;
-	BN_ULONG c1,c2,c3;
-
-	c1=0;
-	c2=0;
-	c3=0;
-	mul_add_c(a[0],b[0],c1,c2,c3);
-	r[0]=c1;
-	c1=0;
-	mul_add_c(a[0],b[1],c2,c3,c1);
-	mul_add_c(a[1],b[0],c2,c3,c1);
-	r[1]=c2;
-	c2=0;
-	mul_add_c(a[2],b[0],c3,c1,c2);
-	mul_add_c(a[1],b[1],c3,c1,c2);
-	mul_add_c(a[0],b[2],c3,c1,c2);
-	r[2]=c3;
-	c3=0;
-	mul_add_c(a[0],b[3],c1,c2,c3);
-	mul_add_c(a[1],b[2],c1,c2,c3);
-	mul_add_c(a[2],b[1],c1,c2,c3);
-	mul_add_c(a[3],b[0],c1,c2,c3);
-	r[3]=c1;
-	c1=0;
-	mul_add_c(a[3],b[1],c2,c3,c1);
-	mul_add_c(a[2],b[2],c2,c3,c1);
-	mul_add_c(a[1],b[3],c2,c3,c1);
-	r[4]=c2;
-	c2=0;
-	mul_add_c(a[2],b[3],c3,c1,c2);
-	mul_add_c(a[3],b[2],c3,c1,c2);
-	r[5]=c3;
-	c3=0;
-	mul_add_c(a[3],b[3],c1,c2,c3);
-	r[6]=c1;
-	r[7]=c2;
-	}
-
-void bn_sqr_comba88(BN_ULONG *r, BN_ULONG *a)
-	{
-#ifdef BN_LLONG
-	BN_ULLONG t,tt;
-#else
-	BN_ULONG bl,bh;
-#endif
-	BN_ULONG t1,t2;
-	BN_ULONG c1,c2,c3;
-
-	c1=0;
-	c2=0;
-	c3=0;
-	sqr_add_c(a,0,c1,c2,c3);
-	r[0]=c1;
-	c1=0;
-	sqr_add_c2(a,1,0,c2,c3,c1);
-	r[1]=c2;
-	c2=0;
-	sqr_add_c(a,1,c3,c1,c2);
-	sqr_add_c2(a,2,0,c3,c1,c2);
-	r[2]=c3;
-	c3=0;
-	sqr_add_c2(a,3,0,c1,c2,c3);
-	sqr_add_c2(a,2,1,c1,c2,c3);
-	r[3]=c1;
-	c1=0;
-	sqr_add_c(a,2,c2,c3,c1);
-	sqr_add_c2(a,3,1,c2,c3,c1);
-	sqr_add_c2(a,4,0,c2,c3,c1);
-	r[4]=c2;
-	c2=0;
-	sqr_add_c2(a,5,0,c3,c1,c2);
-	sqr_add_c2(a,4,1,c3,c1,c2);
-	sqr_add_c2(a,3,2,c3,c1,c2);
-	r[5]=c3;
-	c3=0;
-	sqr_add_c(a,3,c1,c2,c3);
-	sqr_add_c2(a,4,2,c1,c2,c3);
-	sqr_add_c2(a,5,1,c1,c2,c3);
-	sqr_add_c2(a,6,0,c1,c2,c3);
-	r[6]=c1;
-	c1=0;
-	sqr_add_c2(a,7,0,c2,c3,c1);
-	sqr_add_c2(a,6,1,c2,c3,c1);
-	sqr_add_c2(a,5,2,c2,c3,c1);
-	sqr_add_c2(a,4,3,c2,c3,c1);
-	r[7]=c2;
-	c2=0;
-	sqr_add_c(a,4,c3,c1,c2);
-	sqr_add_c2(a,5,3,c3,c1,c2);
-	sqr_add_c2(a,6,2,c3,c1,c2);
-	sqr_add_c2(a,7,1,c3,c1,c2);
-	r[8]=c3;
-	c3=0;
-	sqr_add_c2(a,7,2,c1,c2,c3);
-	sqr_add_c2(a,6,3,c1,c2,c3);
-	sqr_add_c2(a,5,4,c1,c2,c3);
-	r[9]=c1;
-	c1=0;
-	sqr_add_c(a,5,c2,c3,c1);
-	sqr_add_c2(a,6,4,c2,c3,c1);
-	sqr_add_c2(a,7,3,c2,c3,c1);
-	r[10]=c2;
-	c2=0;
-	sqr_add_c2(a,7,4,c3,c1,c2);
-	sqr_add_c2(a,6,5,c3,c1,c2);
-	r[11]=c3;
-	c3=0;
-	sqr_add_c(a,6,c1,c2,c3);
-	sqr_add_c2(a,7,5,c1,c2,c3);
-	r[12]=c1;
-	c1=0;
-	sqr_add_c2(a,7,6,c2,c3,c1);
-	r[13]=c2;
-	c2=0;
-	sqr_add_c(a,7,c3,c1,c2);
-	r[14]=c3;
-	r[15]=c1;
-	}
-
-void bn_sqr_comba44(BN_ULONG *r, BN_ULONG *a)
-	{
-#ifdef BN_LLONG
-	BN_ULLONG t,tt;
-#else
-	BN_ULONG bl,bh;
-#endif
-	BN_ULONG t1,t2;
-	BN_ULONG c1,c2,c3;
-
-	c1=0;
-	c2=0;
-	c3=0;
-	sqr_add_c(a,0,c1,c2,c3);
-	r[0]=c1;
-	c1=0;
-	sqr_add_c2(a,1,0,c2,c3,c1);
-	r[1]=c2;
-	c2=0;
-	sqr_add_c(a,1,c3,c1,c2);
-	sqr_add_c2(a,2,0,c3,c1,c2);
-	r[2]=c3;
-	c3=0;
-	sqr_add_c2(a,3,0,c1,c2,c3);
-	sqr_add_c2(a,2,1,c1,c2,c3);
-	r[3]=c1;
-	c1=0;
-	sqr_add_c(a,2,c2,c3,c1);
-	sqr_add_c2(a,3,1,c2,c3,c1);
-	r[4]=c2;
-	c2=0;
-	sqr_add_c2(a,3,2,c3,c1,c2);
-	r[5]=c3;
-	c3=0;
-	sqr_add_c(a,3,c1,c2,c3);
-	r[6]=c1;
-	r[7]=c2;
-	}

crypto/bn/bn_lcl.h

@@ -73,19 +73,6 @@ extern "C" {
 #define BN_MUL_LOW_RECURSIVE_SIZE_NORMAL	(32) /* 32 */
 #define BN_MONT_CTX_SET_SIZE_WORD		(64) /* 32 */
 
-#if 0
-#ifndef BN_MUL_COMBA
-/* #define bn_mul_comba8(r,a,b)	bn_mul_normal(r,a,8,b,8) */
-/* #define bn_mul_comba4(r,a,b)	bn_mul_normal(r,a,4,b,4) */
-#endif
-
-#ifndef BN_SQR_COMBA
-/* This is probably faster than using the C code - I need to check */
-#define bn_sqr_comba8(r,a)	bn_mul_normal(r,a,8,a,8)
-#define bn_sqr_comba4(r,a)	bn_mul_normal(r,a,4,a,4)
-#endif
-#endif
-
 #if !defined(NO_ASM) && !defined(NO_INLINE_ASM) && !defined(PEDANTIC)
 /*
  * BN_UMULT_HIGH section.
@@ -140,15 +127,12 @@ extern "C" {
 #define Lw(t)    (((BN_ULONG)(t))&BN_MASK2)
 #define Hw(t)    (((BN_ULONG)((t)>>BN_BITS2))&BN_MASK2)
 
-/* These are used for internal error checking and are not normally used */
+/* This is used for internal error checking and is not normally used */
 #ifdef BN_DEBUG
-#define bn_check_top(a) \
-	{ if (((a)->top < 0) || ((a)->top > (a)->max)) \
-		{ char *nullp=NULL; *nullp='z'; } }
-#define bn_check_num(a) if ((a) < 0) { char *nullp=NULL; *nullp='z'; }
+# include <assert.h>
+# define bn_check_top(a) assert ((a)->top >= 0 && (a)->top <= (a)->max);
 #else
-#define bn_check_top(a)
-#define bn_check_num(a)
+# define bn_check_top(a)
 #endif
 
 /* This macro is to add extra stuff for development checking */
@@ -182,8 +166,6 @@ extern "C" {
 	bn_set_max(r); \
 	}
 
-/* #define bn_expand(n,b) ((((b)/BN_BITS2) <= (n)->max)?(n):bn_expand2((n),(b))) */
-
 #ifdef BN_LLONG
 #define mul_add(r,a,w,c) { \
 	BN_ULLONG t; \
@@ -313,21 +295,7 @@ extern "C" {
 	(c)=h&BN_MASK2; \
 	(r)=l&BN_MASK2; \
 	}
-
-#endif
-
-OPENSSL_EXTERN int bn_limit_bits;
-OPENSSL_EXTERN int bn_limit_num;        /* (1<<bn_limit_bits) */
-/* Recursive 'low' limit */
-OPENSSL_EXTERN int bn_limit_bits_low;
-OPENSSL_EXTERN int bn_limit_num_low;    /* (1<<bn_limit_bits_low) */
-/* Do modified 'high' part calculation' */
-OPENSSL_EXTERN int bn_limit_bits_high;
-OPENSSL_EXTERN int bn_limit_num_high;   /* (1<<bn_limit_bits_high) */
-OPENSSL_EXTERN int bn_limit_bits_mont;
-OPENSSL_EXTERN int bn_limit_num_mont;   /* (1<<bn_limit_bits_mont) */
-
-BIGNUM *bn_expand2(BIGNUM *b, int bits);
+#endif /* !BN_LLONG */
 
 void bn_mul_normal(BN_ULONG *r,BN_ULONG *a,int na,BN_ULONG *b,int nb);
 void bn_mul_comba8(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b);

crypto/bn/bn_lib.c

@@ -71,14 +71,14 @@ const char *BN_version="Big Number" OPENSSL_VERSION_PTEXT;
  * 7 - 128 == 4096
  * 8 - 256 == 8192
  */
-OPENSSL_GLOBAL int bn_limit_bits=0;
-OPENSSL_GLOBAL int bn_limit_num=8;        /* (1<<bn_limit_bits) */
-OPENSSL_GLOBAL int bn_limit_bits_low=0;
-OPENSSL_GLOBAL int bn_limit_num_low=8;    /* (1<<bn_limit_bits_low) */
-OPENSSL_GLOBAL int bn_limit_bits_high=0;
-OPENSSL_GLOBAL int bn_limit_num_high=8;   /* (1<<bn_limit_bits_high) */
-OPENSSL_GLOBAL int bn_limit_bits_mont=0;
-OPENSSL_GLOBAL int bn_limit_num_mont=8;   /* (1<<bn_limit_bits_mont) */
+static int bn_limit_bits=0;
+static int bn_limit_num=8;        /* (1<<bn_limit_bits) */
+static int bn_limit_bits_low=0;
+static int bn_limit_num_low=8;    /* (1<<bn_limit_bits_low) */
+static int bn_limit_bits_high=0;
+static int bn_limit_num_high=8;   /* (1<<bn_limit_bits_high) */
+static int bn_limit_bits_mont=0;
+static int bn_limit_num_mont=8;   /* (1<<bn_limit_bits_mont) */
 
 void BN_set_params(int mult, int high, int low, int mont)
 	{
@@ -305,10 +305,10 @@ BIGNUM *BN_new(void)
 	}
 
 /* This is an internal function that should not be used in applications.
- * It ensures that 'b' has enough room for a 'bits' bit number.  It is
- * mostly used by the various BIGNUM routines.  If there is an error,
- * NULL is returned. if not, 'b' is returned.
- */
+ * It ensures that 'b' has enough room for a 'words' word number number.
+ * It is mostly used by the various BIGNUM routines. If there is an error,
+ * NULL is returned. If not, 'b' is returned. */
+
 BIGNUM *bn_expand2(BIGNUM *b, int words)
 	{
 	BN_ULONG *A,*a;

crypto/bn/bn_mul.c

@@ -78,21 +78,23 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
 	unsigned int neg,zero;
 	BN_ULONG ln,lo,*p;
 
-#ifdef BN_COUNT
-printf(" bn_mul_recursive %d * %d\n",n2,n2);
-#endif
-#ifdef BN_MUL_COMBA
-/*	if (n2 == 4)
+# ifdef BN_COUNT
+	printf(" bn_mul_recursive %d * %d\n",n2,n2);
+# endif
+# ifdef BN_MUL_COMBA
+#  if 0
+	if (n2 == 4)
 		{
 		bn_mul_comba4(r,a,b);
 		return;
 		}
-	else */ if (n2 == 8)
+#  endif
+	if (n2 == 8)
 		{
 		bn_mul_comba8(r,a,b);
 		return; 
 		}
-#endif
+# endif /* BN_MUL_COMBA */
 	if (n2 < BN_MUL_RECURSIVE_SIZE_NORMAL)
 		{
 		/* This should not happen */
@@ -136,7 +138,7 @@ printf(" bn_mul_recursive %d * %d\n",n2,n2);
 		break;
 		}
 
-#ifdef BN_MUL_COMBA
+# ifdef BN_MUL_COMBA
 	if (n == 4)
 		{
 		if (!zero)
@@ -158,7 +160,7 @@ printf(" bn_mul_recursive %d * %d\n",n2,n2);
 		bn_mul_comba8(&(r[n2]),&(a[n]),&(b[n]));
 		}
 	else
-#endif
+# endif /* BN_MUL_COMBA */
 		{
 		p= &(t[n2*2]);
 		if (!zero)
@@ -219,12 +221,12 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int tn,
 	     int n, BN_ULONG *t)
 	{
 	int i,j,n2=n*2;
-	unsigned int c1;
+	unsigned int c1,c2,neg,zero;
 	BN_ULONG ln,lo,*p;
 
-#ifdef BN_COUNT
-printf(" bn_mul_part_recursive %d * %d\n",tn+n,tn+n);
-#endif
+# ifdef BN_COUNT
+	printf(" bn_mul_part_recursive %d * %d\n",tn+n,tn+n);
+# endif
 	if (n < 8)
 		{
 		i=tn+n;
@@ -233,17 +235,54 @@ printf(" bn_mul_part_recursive %d * %d\n",tn+n,tn+n);
 		}
 
 	/* r=(a[0]-a[1])*(b[1]-b[0]) */
-	bn_sub_words(t,      a,      &(a[n]),n); /* + */
-	bn_sub_words(&(t[n]),b,      &(b[n]),n); /* - */
-
-/*	if (n == 4)
+	c1=bn_cmp_words(a,&(a[n]),n);
+	c2=bn_cmp_words(&(b[n]),b,n);
+	zero=neg=0;
+	switch (c1*3+c2)
+		{
+	case -4:
+		bn_sub_words(t,      &(a[n]),a,      n); /* - */
+		bn_sub_words(&(t[n]),b,      &(b[n]),n); /* - */
+		break;
+	case -3:
+		zero=1;
+		/* break; */
+	case -2:
+		bn_sub_words(t,      &(a[n]),a,      n); /* - */
+		bn_sub_words(&(t[n]),&(b[n]),b,      n); /* + */
+		neg=1;
+		break;
+	case -1:
+	case 0:
+	case 1:
+		zero=1;
+		/* break; */
+	case 2:
+		bn_sub_words(t,      a,      &(a[n]),n); /* + */
+		bn_sub_words(&(t[n]),b,      &(b[n]),n); /* - */
+		neg=1;
+		break;
+	case 3:
+		zero=1;
+		/* break; */
+	case 4:
+		bn_sub_words(t,      a,      &(a[n]),n);
+		bn_sub_words(&(t[n]),&(b[n]),b,      n);
+		break;
+		}
+		/* The zero case isn't yet implemented here. The speedup
+		   would probably be negligible. */
+# if 0
+	if (n == 4)
 		{
 		bn_mul_comba4(&(t[n2]),t,&(t[n]));
 		bn_mul_comba4(r,a,b);
 		bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn);
 		memset(&(r[n2+tn*2]),0,sizeof(BN_ULONG)*(n2-tn*2));
 		}
-	else */ if (n == 8)
+	else
+# endif
+	if (n == 8)
 		{
 		bn_mul_comba8(&(t[n2]),t,&(t[n]));
 		bn_mul_comba8(r,a,b);
@@ -308,7 +347,16 @@ printf(" bn_mul_part_recursive %d * %d\n",tn+n,tn+n);
 	 */
 
 	c1=(int)(bn_add_words(t,r,&(r[n2]),n2));
-	c1-=(int)(bn_sub_words(&(t[n2]),t,&(t[n2]),n2));
+
+	if (neg) /* if t[32] is negative */
+		{
+		c1-=(int)(bn_sub_words(&(t[n2]),t,&(t[n2]),n2));
+		}
+	else
+		{
+		/* Might have a carry */
+		c1+=(int)(bn_add_words(&(t[n2]),&(t[n2]),t,n2));
+		}
 
 	/* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
 	 * r[10] holds (a[0]*b[0])
@@ -345,9 +393,9 @@ void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
 	{
 	int n=n2/2;
 
-#ifdef BN_COUNT
-printf(" bn_mul_low_recursive %d * %d\n",n2,n2);
-#endif
+# ifdef BN_COUNT
+	printf(" bn_mul_low_recursive %d * %d\n",n2,n2);
+# endif
 
 	bn_mul_recursive(r,a,b,n,&(t[0]));
 	if (n >= BN_MUL_LOW_RECURSIVE_SIZE_NORMAL)
@@ -379,9 +427,9 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2,
 	int neg,oneg,zero;
 	BN_ULONG ll,lc,*lp,*mp;
 
-#ifdef BN_COUNT
-printf(" bn_mul_high %d * %d\n",n2,n2);
-#endif
+# ifdef BN_COUNT
+	printf(" bn_mul_high %d * %d\n",n2,n2);
+# endif
 	n=n2/2;
 
 	/* Calculate (al-ah)*(bh-bl) */
@@ -424,14 +472,14 @@ printf(" bn_mul_high %d * %d\n",n2,n2);
 	oneg=neg;
 	/* t[10] = (a[0]-a[1])*(b[1]-b[0]) */
 	/* r[10] = (a[1]*b[1]) */
-#ifdef BN_MUL_COMBA
+# ifdef BN_MUL_COMBA
 	if (n == 8)
 		{
 		bn_mul_comba8(&(t[0]),&(r[0]),&(r[n]));
 		bn_mul_comba8(r,&(a[n]),&(b[n]));
 		}
 	else
-#endif
+# endif
 		{
 		bn_mul_recursive(&(t[0]),&(r[0]),&(r[n]),n,&(t[n2]));
 		bn_mul_recursive(r,&(a[n]),&(b[n]),n,&(t[n2]));
@@ -555,19 +603,23 @@ printf(" bn_mul_high %d * %d\n",n2,n2);
 			}
 		}
 	}
-#endif
+#endif /* BN_RECURSION */
 
 int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx)
 	{
 	int top,al,bl;
 	BIGNUM *rr;
+	int ret = 0;
+#if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
+	int i;
+#endif
 #ifdef BN_RECURSION
 	BIGNUM *t;
-	int i,j,k;
+	int j,k;
 #endif
 
 #ifdef BN_COUNT
-printf("BN_mul %d * %d\n",a->top,b->top);
+	printf("BN_mul %d * %d\n",a->top,b->top);
 #endif
 
 	bn_check_top(a);
@@ -594,113 +646,90 @@ printf("BN_mul %d * %d\n",a->top,b->top);
 		rr = r;
 
 #if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
-	if (al == bl)
+	i = al-bl;
+#endif
+#ifdef BN_MUL_COMBA
+	if (i == 0)
 		{
-#  ifdef BN_MUL_COMBA
-/*		if (al == 4)
+# if 0
+		if (al == 4)
 			{
 			if (bn_wexpand(rr,8) == NULL) goto err;
 			rr->top=8;
 			bn_mul_comba4(rr->d,a->d,b->d);
 			goto end;
 			}
-		else */ if (al == 8)
+# endif
+		if (al == 8)
 			{
 			if (bn_wexpand(rr,16) == NULL) goto err;
 			rr->top=16;
 			bn_mul_comba8(rr->d,a->d,b->d);
 			goto end;
 			}
-		else
-#  endif
-#ifdef BN_RECURSION
-		if (al < BN_MULL_SIZE_NORMAL)
-#endif
-			{
-			if (bn_wexpand(rr,top) == NULL) goto err;
-			rr->top=top;
-			bn_mul_normal(rr->d,a->d,al,b->d,bl);
-			goto end;
-			}
-#  ifdef BN_RECURSION
-		goto symmetric;
-#  endif
 		}
-#endif
+#endif /* BN_MUL_COMBA */
 #ifdef BN_RECURSION
-	else if ((al < BN_MULL_SIZE_NORMAL) || (bl < BN_MULL_SIZE_NORMAL))
+	if ((al >= BN_MULL_SIZE_NORMAL) && (bl >= BN_MULL_SIZE_NORMAL))
 		{
-		if (bn_wexpand(rr,top) == NULL) goto err;
-		rr->top=top;
-		bn_mul_normal(rr->d,a->d,al,b->d,bl);
-		goto end;
-		}
-	else
-		{
-		i=(al-bl);
-		if ((i ==  1) && !BN_get_flags(b,BN_FLG_STATIC_DATA))
+		if (i == 1 && !BN_get_flags(b,BN_FLG_STATIC_DATA))
 			{
 			bn_wexpand(b,al);
 			b->d[bl]=0;
 			bl++;
-			goto symmetric;
+			i--;
 			}
-		else if ((i ==  -1) && !BN_get_flags(a,BN_FLG_STATIC_DATA))
+		else if (i == -1 && !BN_get_flags(a,BN_FLG_STATIC_DATA))
 			{
 			bn_wexpand(a,bl);
 			a->d[al]=0;
 			al++;
-			goto symmetric;
+			i++;
+			}
+		if (i == 0)
+			{
+			/* symmetric and > 4 */
+			/* 16 or larger */
+			j=BN_num_bits_word((BN_ULONG)al);
+			j=1<<(j-1);
+			k=j+j;
+			t = BN_CTX_get(ctx);
+			if (al == j) /* exact multiple */
+				{
+				bn_wexpand(t,k*2);
+				bn_wexpand(rr,k*2);
+				bn_mul_recursive(rr->d,a->d,b->d,al,t->d);
+				}
+			else
+				{
+				bn_wexpand(a,k);
+				bn_wexpand(b,k);
+				bn_wexpand(t,k*4);
+				bn_wexpand(rr,k*4);
+				for (i=a->top; i<k; i++)
+					a->d[i]=0;
+				for (i=b->top; i<k; i++)
+					b->d[i]=0;
+				bn_mul_part_recursive(rr->d,a->d,b->d,al-j,j,t->d);
+				}
+			rr->top=top;
+			goto end;
 			}
 		}
-#endif
-
-	/* asymmetric and >= 4 */ 
+#endif /* BN_RECURSION */
 	if (bn_wexpand(rr,top) == NULL) goto err;
 	rr->top=top;
 	bn_mul_normal(rr->d,a->d,al,b->d,bl);
 
-#ifdef BN_RECURSION
-	if (0)
-		{
-symmetric:
-		/* symmetric and > 4 */
-		/* 16 or larger */
-		j=BN_num_bits_word((BN_ULONG)al);
-		j=1<<(j-1);
-		k=j+j;
-		t = BN_CTX_get(ctx);
-		if (al == j) /* exact multiple */
-			{
-			bn_wexpand(t,k*2);
-			bn_wexpand(rr,k*2);
-			bn_mul_recursive(rr->d,a->d,b->d,al,t->d);
-			}
-		else
-			{
-			bn_wexpand(a,k);
-			bn_wexpand(b,k);
-			bn_wexpand(t,k*4);
-			bn_wexpand(rr,k*4);
-			for (i=a->top; i<k; i++)
-				a->d[i]=0;
-			for (i=b->top; i<k; i++)
-				b->d[i]=0;
-			bn_mul_part_recursive(rr->d,a->d,b->d,al-j,j,t->d);
-			}
-		rr->top=top;
-		}
-#endif
 #if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
 end:
 #endif
 	bn_fix_top(rr);
 	if (r != rr) BN_copy(r,rr);
-	BN_CTX_end(ctx);
-	return(1);
+	ret=1;
 err:
 	BN_CTX_end(ctx);
-	return(0);
+	return(ret);
 	}
 
 void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb)
@@ -708,7 +737,7 @@ void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb)
 	BN_ULONG *rr;
 
 #ifdef BN_COUNT
-printf(" bn_mul_normal %d * %d\n",na,nb);
+	printf(" bn_mul_normal %d * %d\n",na,nb);
 #endif
 
 	if (na < nb)
@@ -742,7 +771,7 @@ printf(" bn_mul_normal %d * %d\n",na,nb);
 void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
 	{
 #ifdef BN_COUNT
-printf(" bn_mul_low_normal %d * %d\n",n,n);
+	printf(" bn_mul_low_normal %d * %d\n",n,n);
 #endif
 	bn_mul_words(r,a,n,b[0]);
 
@@ -760,4 +789,3 @@ printf(" bn_mul_low_normal %d * %d\n",n,n);
 		b+=4;
 		}
 	}
-

crypto/bn/bn_opts.c

@@ -1,326 +0,0 @@
-/* unused */
-
-/* crypto/bn/bn_opts.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* most of this code has been pilfered from my libdes speed.c program */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <signal.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/tmdiff.h>
-#include <openssl/bn.h>
-#include <openssl/err.h>
-
-#define DEFAULT_SIZE	512
-#define DEFAULT_TIME	3
-
-int verbose=1;
-
-typedef struct parms_st
-	{
-	char *name;
-	void (*func)();
-	BIGNUM r;
-	BIGNUM a;
-	BIGNUM b;
-	BIGNUM c;
-	BIGNUM low;
-	BN_CTX *ctx;
-	BN_MONT_CTX *mont;
-	int w;
-	} PARMS;
-
-void do_mul_exp(int num,PARMS *p);
-void do_mul(int num,PARMS *p);
-void do_sqr(int num,PARMS *p);
-void do_mul_low(int num,PARMS *p);
-void do_mul_high(int num,PARMS *p);
-void do_from_montgomery(int num,PARMS *p);
-int time_it(int sec, PARMS *p);
-void do_it(int sec, PARMS *p);
-
-#define P_EXP	1
-#define P_MUL	2
-#define P_SQR	3
-#define P_MULL	4
-#define P_MULH	5
-#define P_MRED	6
-
-int main(int argc, char **argv)
-	{
-	PARMS p;
-	BN_MONT_CTX *mont;
-	int size=0,num;
-	char *name;
-	int type=P_EXP;
-
-	mont=BN_MONT_CTX_new();
-	p.mont=NULL;
-	p.ctx=BN_CTX_new();
-	BN_init(&p.r);
-	BN_init(&p.a);
-	BN_init(&p.b);
-	BN_init(&p.c);
-	BN_init(&p.low);
-	p.w=0;
-
-	for (;;)
-		{
-		if (argc > 1)
-			{
-			if (argv[1][0] == '-')
-				{
-				switch(argv[1][1])
-					{
-				case 'e': type=P_EXP; break;
-				case 'm': type=P_MUL; break;
-				case 's': type=P_SQR; break;
-				case 'l': type=P_MULL; break;
-				case 'h': type=P_MULH; break;
-				case 'r': type=P_MRED; break;
-				default:
-					fprintf(stderr,"options: -[emslhr]\n");
-					exit(1);
-					}
-				}
-			else
-				{
-				size=atoi(argv[1]);
-				}
-			argc--;
-			argv++;
-			}
-		else
-			break;
-		}
-	if (size == 0)
-		size=DEFAULT_SIZE;
-
-	printf("bit size:%5d\n",size);
-
-	BN_rand(&p.a,size,1,0);
-	BN_rand(&p.b,size,1,0);
-	BN_rand(&p.c,size,1,1);
-	BN_mod(&p.a,&p.a,&p.c,p.ctx);
-	BN_mod(&p.b,&p.b,&p.c,p.ctx);
-	p.w=(p.a.top+1)/2;
-
-	BN_mul(&p.low,&p.a,&p.b,p.ctx);
-	p.low.top=p.a.top;
-	
-	switch(type)
-		{
-	case P_EXP:
-		p.name="r=a^b%c";
-		p.func=do_mul_exp;
-		p.mont=mont;
-		break;
-	case P_MUL:
-		p.name="r=a*b";
-		p.func=do_mul;
-		break;
-	case P_SQR:
-		p.name="r=a*a";
-		p.func=do_sqr;
-		break;
-	case P_MULL:
-		p.name="r=low(a*b)";
-		p.func=do_mul_low;
-		break;
-	case P_MULH:
-		p.name="r=high(a*b)";
-		p.func=do_mul_high;
-		break;
-	case P_MRED:
-		p.name="r=montgomery_reduction(a)";
-		p.func=do_from_montgomery;
-		p.mont=mont;
-		break;
-	default:
-		fprintf(stderr,"options: -[emslhr]\n");
-		exit(1);
-		}
-
-	num=time_it(DEFAULT_TIME,&p);
-	do_it(num,&p);
-	}
-
-void do_it(int num, PARMS *p)
-	{
-	char *start,*end;
-	int i,j,number;
-	double d;
-
-	start=ms_time_new();
-	end=ms_time_new();
-
-	number=BN_num_bits_word((BN_ULONG)BN_num_bits(&(p->c)))-
-		BN_num_bits_word(BN_BITS2)+2;
-	for (i=number-1; i >=0; i--)
-		{
-		if (i == 1) continue;
-		BN_set_params(i,i,i,1);
-		if (p->mont != NULL)
-			BN_MONT_CTX_set(p->mont,&(p->c),p->ctx);
-
-		printf("Timing %5d (%2d bit) %2d %2d %2d %2d :",
-			(1<<i)*BN_BITS2,i,
-				BN_get_params(0),
-				BN_get_params(1),
-				BN_get_params(2),
-				BN_get_params(3));
-		fflush(stdout);
-
-		ms_time_get(start);
-		p->func(num,p);
-		ms_time_get(end);
-		d=ms_time_diff(start,end);
-		printf("%6.6f sec, or %d in %.4f seconds\n",
-			(double)d/num,num,d);
-		}
-	}
-
-int time_it(int sec, PARMS *p)
-	{
-	char *start,*end;
-	int i,j;
-	double d;
-
-	if (p->mont != NULL)
-		BN_MONT_CTX_set(p->mont,&(p->c),p->ctx);
-
-	start=ms_time_new();
-	end=ms_time_new();
-
-	i=1;
-	for (;;)
-		{
-		if (verbose)
-			printf("timing %s for %d iterations\n",p->name,i);
-
-		ms_time_get(start);
-		p->func(i,p);
-		ms_time_get(end);
-		d=ms_time_diff(start,end);
-
-		if 	(d < 0.01) i*=100;
-		else if (d < 0.1 ) i*=10;
-		else if (d > (double)sec) break;
-		else
-			{
-			i=(int)(1.0*i*sec/d);
-			break;
-			}
-		}
-	if (verbose)
-		printf("using %d iterations\n",i);
-	return(i);
-	}
-
-void do_mul_exp(int num, PARMS *p)
-	{
-	int i;
-
-	for (i=0; i<num; i++)
-		BN_mod_exp_mont(&(p->r),&(p->a),&(p->b),&(p->c),
-			p->ctx,p->mont);
-	}
-
-void do_mul(int num, PARMS *p)
-	{
-	int i;
-
-	for (i=0; i<num; i++)
-		BN_mul(&(p->r),&(p->a),&(p->b),p->ctx);
-	}
-
-void do_sqr(int num, PARMS *p)
-	{
-	int i;
-
-	for (i=0; i<num; i++)
-			BN_sqr(&(p->r),&(p->a),p->ctx);
-	}
-
-void do_mul_low(int num, PARMS *p)
-	{
-	int i;
-	
-	for (i=0; i<num; i++)
-		BN_mul_low(&(p->r),&(p->a),&(p->b),p->w,p->ctx);
-	}
-
-void do_mul_high(int num, PARMS *p)
-	{
-	int i;
-
-	for (i=0; i<num; i++)
-		BN_mul_low(&(p->r),&(p->a),&(p->b),&(p->low),p->w,p->ctx);
-	}
-
-void do_from_montgomery(int num, PARMS *p)
-	{
-	int i;
-	
-	for (i=0; i<num; i++)
-		BN_from_montgomery(&(p->r),&(p->a),p->mont,p->ctx);
-	}
-

crypto/bn/bn_print.c

@@ -278,7 +278,6 @@ err:
 	}
 
 #ifndef NO_BIO
-
 #ifndef NO_FP_API
 int BN_print_fp(FILE *fp, const BIGNUM *a)
 	{
@@ -319,5 +318,15 @@ int BN_print(BIO *bp, const BIGNUM *a)
 end:
 	return(ret);
 	}
-
+#endif
+
+#ifdef BN_DEBUG
+void bn_dump1(FILE *o, const char *a, BN_ULONG *b,int n)
+	{
+	int i;
+	fprintf(o, "%s=", a);
+	for (i=n-1;i>=0;i--)
+		fprintf(o, "%08lX", b[i]);
+	fprintf(o, "\n");
+	}
 #endif

crypto/bn/bn_recp.c

@@ -128,7 +128,7 @@ err:
 int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, BN_RECP_CTX *recp,
 	     BN_CTX *ctx)
 	{
-	int i,j,ret=0,ex;
+	int i,j,ret=0;
 	BIGNUM *a,*b,*d,*r;
 
 	BN_CTX_start(ctx);
@@ -158,35 +158,25 @@ int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, BN_RECP_CTX *recp,
 	 *
 	 */
 	i=BN_num_bits(m);
-	if (i%2) i--;
 
-	j=recp->num_bits*2;
-	if (j > i)
-		{
-		i=j;
-		ex=0;
-		}
-	else
-		{
-		ex=(i-j)/2;
-		}
-
-	j=i/2;
+	j=recp->num_bits<<1;
+	if (j>i) i=j;
+	j>>=1;
 
 	if (i != recp->shift)
 		recp->shift=BN_reciprocal(&(recp->Nr),&(recp->N),
 			i,ctx);
 
-	if (!BN_rshift(a,m,j-ex)) goto err;
+	if (!BN_rshift(a,m,j)) goto err;
 	if (!BN_mul(b,a,&(recp->Nr),ctx)) goto err;
-	if (!BN_rshift(d,b,j+ex)) goto err;
+	if (!BN_rshift(d,b,i-j)) goto err;
 	d->neg=0;
 	if (!BN_mul(b,&(recp->N),d,ctx)) goto err;
 	if (!BN_usub(r,m,b)) goto err;
 	r->neg=0;
 
-	j=0;
 #if 1
+	j=0;
 	while (BN_ucmp(r,&(recp->N)) >= 0)
 		{
 		if (j++ > 2)

crypto/bn/bntest.c

@@ -165,68 +165,68 @@ int main(int argc, char *argv[])
 
 	message(out,"BN_add");
 	if (!test_add(out)) goto err;
-	fflush(stdout);
+	BIO_flush(out);
 
 	message(out,"BN_sub");
 	if (!test_sub(out)) goto err;
-	fflush(stdout);
+	BIO_flush(out);
 
 	message(out,"BN_lshift1");
 	if (!test_lshift1(out)) goto err;
-	fflush(stdout);
+	BIO_flush(out);
 
 	message(out,"BN_lshift (fixed)");
 	if (!test_lshift(out,ctx,BN_bin2bn(lst,sizeof(lst)-1,NULL)))
 	    goto err;
-	fflush(stdout);
+	BIO_flush(out);
 
 	message(out,"BN_lshift");
 	if (!test_lshift(out,ctx,NULL)) goto err;
-	fflush(stdout);
+	BIO_flush(out);
 
 	message(out,"BN_rshift1");
 	if (!test_rshift1(out)) goto err;
-	fflush(stdout);
+	BIO_flush(out);
 
 	message(out,"BN_rshift");
 	if (!test_rshift(out,ctx)) goto err;
-	fflush(stdout);
+	BIO_flush(out);
 
 	message(out,"BN_sqr");
 	if (!test_sqr(out,ctx)) goto err;
-	fflush(stdout);
+	BIO_flush(out);
 
 	message(out,"BN_mul");
 	if (!test_mul(out)) goto err;
-	fflush(stdout);
+	BIO_flush(out);
 
 	message(out,"BN_div");
 	if (!test_div(out,ctx)) goto err;
-	fflush(stdout);
+	BIO_flush(out);
 
 	message(out,"BN_div_recp");
 	if (!test_div_recp(out,ctx)) goto err;
-	fflush(stdout);
+	BIO_flush(out);
 
 	message(out,"BN_mod");
 	if (!test_mod(out,ctx)) goto err;
-	fflush(stdout);
+	BIO_flush(out);
 
 	message(out,"BN_mod_mul");
 	if (!test_mod_mul(out,ctx)) goto err;
-	fflush(stdout);
+	BIO_flush(out);
 
 	message(out,"BN_mont");
 	if (!test_mont(out,ctx)) goto err;
-	fflush(stdout);
+	BIO_flush(out);
 
 	message(out,"BN_mod_exp");
 	if (!test_mod_exp(out,ctx)) goto err;
-	fflush(stdout);
+	BIO_flush(out);
 
 	message(out,"BN_exp");
 	if (!test_exp(out,ctx)) goto err;
-	fflush(stdout);
+	BIO_flush(out);
 
 	BN_CTX_free(ctx);
 	BIO_free(out);
@@ -235,6 +235,7 @@ int main(int argc, char *argv[])
 	exit(0);
 err:
 	BIO_puts(out,"1\n"); /* make sure bc fails if we are piping to it */
+	BIO_flush(out);
 	ERR_load_crypto_strings();
 	ERR_print_errors_fp(stderr);
 	exit(1);

crypto/bn/comba.pl

@@ -1,285 +0,0 @@
-#!/usr/local/bin/perl
-
-$num=8;
-$num2=8/2;
-
-print <<"EOF";
-/* crypto/bn/bn_comba.c */
-#include <stdio.h>
-#include "bn_lcl.h"
-/* Auto generated from crypto/bn/comba.pl
- */
-
-#undef bn_mul_comba8
-#undef bn_mul_comba4
-#undef bn_sqr_comba8
-#undef bn_sqr_comba4
-
-#ifdef BN_LLONG
-#define mul_add_c(a,b,c0,c1,c2) \\
-	t=(BN_ULLONG)a*b; \\
-	t1=(BN_ULONG)Lw(t); \\
-	t2=(BN_ULONG)Hw(t); \\
-	c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \\
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define mul_add_c2(a,b,c0,c1,c2) \\
-	t=(BN_ULLONG)a*b; \\
-	tt=(t+t)&BN_MASK; \\
-	if (tt < t) c2++; \\
-	t1=(BN_ULONG)Lw(tt); \\
-	t2=(BN_ULONG)Hw(tt); \\
-	c0=(c0+t1)&BN_MASK2;  \\
-	if ((c0 < t1) && (((++t2)&BN_MASK2) == 0)) c2++; \\
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define sqr_add_c(a,i,c0,c1,c2) \\
-	t=(BN_ULLONG)a[i]*a[i]; \\
-	t1=(BN_ULONG)Lw(t); \\
-	t2=(BN_ULONG)Hw(t); \\
-	c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \\
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define sqr_add_c2(a,i,j,c0,c1,c2) \\
-	mul_add_c2((a)[i],(a)[j],c0,c1,c2)
-#else
-#define mul_add_c(a,b,c0,c1,c2) \\
-	t1=LBITS(a); t2=HBITS(a); \\
-	bl=LBITS(b); bh=HBITS(b); \\
-	mul64(t1,t2,bl,bh); \\
-	c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \\
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define mul_add_c2(a,b,c0,c1,c2) \\
-	t1=LBITS(a); t2=HBITS(a); \\
-	bl=LBITS(b); bh=HBITS(b); \\
-	mul64(t1,t2,bl,bh); \\
-	if (t2 & BN_TBIT) c2++; \\
-	t2=(t2+t2)&BN_MASK2; \\
-	if (t1 & BN_TBIT) t2++; \\
-	t1=(t1+t1)&BN_MASK2; \\
-	c0=(c0+t1)&BN_MASK2;  \\
-	if ((c0 < t1) && (((++t2)&BN_MASK2) == 0)) c2++; \\
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define sqr_add_c(a,i,c0,c1,c2) \\
-	sqr64(t1,t2,(a)[i]); \\
-	c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \\
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define sqr_add_c2(a,i,j,c0,c1,c2) \\
-	mul_add_c2((a)[i],(a)[j],c0,c1,c2)
-#endif
-
-void bn_mul_comba${num}(r,a,b)
-BN_ULONG *r,*a,*b;
-	{
-#ifdef BN_LLONG
-	BN_ULLONG t;
-#else
-	BN_ULONG bl,bh;
-#endif
-	BN_ULONG t1,t2;
-	BN_ULONG c1,c2,c3;
-
-EOF
-$ret=&combas_mul("r","a","b",$num,"c1","c2","c3");
-printf <<"EOF";
-	}
-
-void bn_mul_comba${num2}(r,a,b)
-BN_ULONG *r,*a,*b;
-	{
-#ifdef BN_LLONG
-	BN_ULLONG t;
-#else
-	BN_ULONG bl,bh;
-#endif
-	BN_ULONG t1,t2;
-	BN_ULONG c1,c2,c3;
-
-EOF
-$ret=&combas_mul("r","a","b",$num2,"c1","c2","c3");
-printf <<"EOF";
-	}
-
-void bn_sqr_comba${num}(r,a)
-BN_ULONG *r,*a;
-	{
-#ifdef BN_LLONG
-	BN_ULLONG t,tt;
-#else
-	BN_ULONG bl,bh;
-#endif
-	BN_ULONG t1,t2;
-	BN_ULONG c1,c2,c3;
-
-EOF
-$ret=&combas_sqr("r","a",$num,"c1","c2","c3");
-printf <<"EOF";
-	}
-
-void bn_sqr_comba${num2}(r,a)
-BN_ULONG *r,*a;
-	{
-#ifdef BN_LLONG
-	BN_ULLONG t,tt;
-#else
-	BN_ULONG bl,bh;
-#endif
-	BN_ULONG t1,t2;
-	BN_ULONG c1,c2,c3;
-
-EOF
-$ret=&combas_sqr("r","a",$num2,"c1","c2","c3");
-printf <<"EOF";
-	}
-EOF
-
-sub bn_str
-	{
-	local($var,$val)=@_;
-	print "\t$var=$val;\n";
-	}
-
-sub bn_ary
-	{
-	local($var,$idx)=@_;
-	return("${var}[$idx]");
-	}
-
-sub bn_clr
-	{
-	local($var)=@_;
-
-	print "\t$var=0;\n";
-	}
-
-sub bn_mad
-	{
-	local($a,$b,$c0,$c1,$c2,$num)=@_;
-
-	if ($num == 2)
-		{ printf("\tmul_add_c2($a,$b,$c0,$c1,$c2);\n"); }
-	else
-		{ printf("\tmul_add_c($a,$b,$c0,$c1,$c2);\n"); }
-	}
-
-sub bn_sad
-	{
-	local($a,$i,$j,$c0,$c1,$c2,$num)=@_;
-
-	if ($num == 2)
-		{ printf("\tsqr_add_c2($a,$i,$j,$c0,$c1,$c2);\n"); }
-	else
-		{ printf("\tsqr_add_c($a,$i,$c0,$c1,$c2);\n"); }
-	}
-
-sub combas_mul
-	{
-	local($r,$a,$b,$num,$c0,$c1,$c2)=@_;
-	local($i,$as,$ae,$bs,$be,$ai,$bi);
-	local($tot,$end);
-
-	$as=0;
-	$ae=0;
-	$bs=0;
-	$be=0;
-	$tot=$num+$num-1;
-	&bn_clr($c0);
-	&bn_clr($c1);
-	for ($i=0; $i<$tot; $i++)
-		{
-		$ai=$as;
-		$bi=$bs;
-		$end=$be+1;
-		@numa=@numb=();
-
-#print "($as $ae) ($bs $be) $bs -> $end [$i $num]\n";
-		for ($j=$bs; $j<$end; $j++)
-			{
-			push(@numa,$ai);
-			push(@numb,$bi);
-			$ai--;
-			$bi++;
-			}
-
-		if ($i & 1)
-			{
-			@numa=reverse(@numa);
-			@numb=reverse(@numb);
-			}
-
-		&bn_clr($c2);
-		for ($j=0; $j<=$#numa; $j++)
-			{
-			&bn_mad(&bn_ary($a,$numa[$j]),
-				&bn_ary($b,$numb[$j]),$c0,$c1,$c2,1);
-			}
-		&bn_str(&bn_ary($r,$i),$c0);
-		($c0,$c1,$c2)=($c1,$c2,$c0);
-
-		$as++ if ($i < ($num-1));
-		$ae++ if ($i >= ($num-1));
-
-		$bs++ if ($i >= ($num-1));
-		$be++ if ($i < ($num-1));
-		}
-	&bn_str(&bn_ary($r,$i),$c0);
-	}
-
-sub combas_sqr
-	{
-	local($r,$a,$num,$c0,$c1,$c2)=@_;
-	local($i,$as,$ae,$bs,$be,$ai,$bi);
-	local($b,$tot,$end,$half);
-
-	$b=$a;
-	$as=0;
-	$ae=0;
-	$bs=0;
-	$be=0;
-	$tot=$num+$num-1;
-	&bn_clr($c0);
-	&bn_clr($c1);
-	for ($i=0; $i<$tot; $i++)
-		{
-		$ai=$as;
-		$bi=$bs;
-		$end=$be+1;
-		@numa=@numb=();
-
-#print "($as $ae) ($bs $be) $bs -> $end [$i $num]\n";
-		for ($j=$bs; $j<$end; $j++)
-			{
-			push(@numa,$ai);
-			push(@numb,$bi);
-			$ai--;
-			$bi++;
-			last if ($ai < $bi);
-			}
-		if (!($i & 1))
-			{
-			@numa=reverse(@numa);
-			@numb=reverse(@numb);
-			}
-
-		&bn_clr($c2);
-		for ($j=0; $j <= $#numa; $j++)
-			{
-			if ($numa[$j] == $numb[$j])
-				{&bn_sad($a,$numa[$j],$numb[$j],$c0,$c1,$c2,1);}
-			else
-				{&bn_sad($a,$numa[$j],$numb[$j],$c0,$c1,$c2,2);}
-			}
-		&bn_str(&bn_ary($r,$i),$c0);
-		($c0,$c1,$c2)=($c1,$c2,$c0);
-
-		$as++ if ($i < ($num-1));
-		$ae++ if ($i >= ($num-1));
-
-		$bs++ if ($i >= ($num-1));
-		$be++ if ($i < ($num-1));
-		}
-	&bn_str(&bn_ary($r,$i),$c0);
-	}

crypto/bn/d.c

@@ -1,74 +0,0 @@
-/* unused */
-
-#include <stdio.h>
-#include <openssl/bio.h>
-#include "bn_lcl.h"
-
-#define SIZE_A (100*4+4)
-#define SIZE_B (13*4)
-
-main(argc,argv)
-int argc;
-char *argv[];
-	{
-	BN_CTX ctx;
-	BN_RECP_CTX recp;
-	BIGNUM a,b,dd,d,r,rr,t,l;
-	int i;
-
-	MemCheck_start();
-	MemCheck_on();
-	BN_CTX_init(&ctx);
-	BN_RECP_CTX_init(&recp);
-
-	BN_init(&r);
-	BN_init(&rr);
-	BN_init(&d);
-	BN_init(&dd);
-	BN_init(&a);
-	BN_init(&b);
-
-	{
-	BN_rand(&a,SIZE_A,0,0);
-	BN_rand(&b,SIZE_B,0,0);
-
-	a.neg=1;
-	BN_RECP_CTX_set(&recp,&b,&ctx);
-
-	BN_print_fp(stdout,&a); printf(" a\n");
-	BN_print_fp(stdout,&b); printf(" b\n");
-
-	BN_print_fp(stdout,&recp.N); printf(" N\n");
-	BN_print_fp(stdout,&recp.Nr); printf(" Nr num_bits=%d\n",recp.num_bits);
-
-	BN_div_recp(&r,&d,&a,&recp,&ctx);
-
-for (i=0; i<300; i++)
-	BN_div(&rr,&dd,&a,&b,&ctx);
-
-	BN_print_fp(stdout,&r); printf(" div recp\n");
-	BN_print_fp(stdout,&rr); printf(" div\n");
-	BN_print_fp(stdout,&d); printf(" rem recp\n");
-	BN_print_fp(stdout,&dd); printf(" rem\n");
-	}
-	BN_CTX_free(&ctx);
-	BN_RECP_CTX_free(&recp);
-
-	BN_free(&r);
-	BN_free(&rr);
-	BN_free(&d);
-	BN_free(&dd);
-	BN_free(&a);
-	BN_free(&b);
-
-	{
-	BIO *out;
-
-	if ((out=BIO_new(BIO_s_file())) != NULL)
-		BIO_set_fp(out,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-        CRYPTO_mem_leaks(out);
-	BIO_free(out);
-	}
-
-	}

crypto/bn/divtest.c

@@ -0,0 +1,40 @@
+#include <openssl/bn.h>
+
+int rand(n)
+{
+    unsigned char x[2];
+    RAND_pseudo_bytes(&x,2);
+    return (x[0] + 2*x[1]);
+}
+
+void bug(char *m, BIGNUM *a, BIGNUM *b)
+{
+    printf("%s!\na=",m);
+    BN_print_fp(stdout, a);
+    printf("\nb=");
+    BN_print_fp(stdout, b);
+    printf("\n");
+    fflush(stdout);
+}
+
+main()
+{
+    BIGNUM *a=BN_new(), *b=BN_new(), *c=BN_new(), *d=BN_new(),
+	*C=BN_new(), *D=BN_new();
+    BN_RECP_CTX *recp=BN_RECP_CTX_new();
+    BN_CTX *ctx=BN_CTX_new();
+
+    for(;;) {
+	BN_pseudo_rand(a,rand(),0,0);
+	BN_pseudo_rand(b,rand(),0,0);
+	if (BN_is_zero(b)) continue;
+
+	BN_RECP_CTX_set(recp,b,ctx);
+	if (BN_div(C,D,a,b,ctx) != 1)
+	    bug("BN_div failed",a,b);
+	if (BN_div_recp(c,d,a,recp,ctx) != 1)
+	    bug("BN_div_recp failed",a,b);
+	else if (BN_cmp(c,C) != 0 || BN_cmp(c,C) != 0)
+	    bug("mismatch",a,b);
+    }
+}

crypto/bn/new

@@ -1,23 +0,0 @@
-void BN_RECP_CTX_init(BN_RECP_CTX *recp);
-BN_RECP_CTX *BN_RECP_CTX_new();
-void BN_RECP_CTX_free(BN_RECP_CTX *recp);
-int BN_RECP_CTX_set(BN_RECP_CTX *recp,BIGNUM *div,BN_CTX *ctx);
-
-int BN_mod_exp_recp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,
-	BN_RECP_CTX *recp,BN_CTX *ctx);
-
-int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, BIGNUM *d,
-	BN_RECP_CTX *recp, BN_CTX *ctx);
-int BN_mod_recp(BIGNUM *rem, BIGNUM *m, BIGNUM *d,
-	BN_RECP_CTX *recp, BN_CTX *ctx);
-int BN_mod_mul_recp(BIGNUM *ret,BIGNUM *a,BIGNUM *b,BIGNUM *m
-
-int BN_mod_exp_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *p,
-	BN_MONT_CTX *m_ctx,BN_CTX *ctx);
-int BN_mod_exp2_montgomery(BIGNUM *r, BIGNUM *a1, BIGNUM *p1,BIGNUM *a2,
-                BIGNUM *p2,BN_MONT_CTX *m_ctx,BN_CTX *ctx);
-
-
-bn_div64 -> bn_div_words
-
-

crypto/bn/old/b_sqr.c

@@ -1,199 +0,0 @@
-/* crypto/bn/bn_mul.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-static int bn_mm(BIGNUM *m,BIGNUM *A,BIGNUM *B, BIGNUM *sk,BN_CTX *ctx);
-
-/* r must be different to a and b */
-/* int BN_mmul(r, a, b) */
-int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b)
-	{
-	BN_ULONG *ap,*bp,*rp;
-	BIGNUM *sk;
-	int i,n,ret;
-	int max,al,bl;
-	BN_CTX ctx;
-
-	bn_check_top(a);
-	bn_check_top(b);
-
-	al=a->top;
-	bl=b->top;
-	if ((al == 0) || (bl == 0))
-		{
-		r->top=0;
-		return(1);
-		}
-#ifdef BN_MUL_DEBUG
-printf("BN_mul(%d,%d)\n",a->top,b->top);
-#endif
-
-	if (	(bn_limit_bits > 0) &&
-		(bl > bn_limit_num) && (al > bn_limit_num))
-		{
-		n=(BN_num_bits_word(al|bl)-bn_limit_bits);
-		n*=2;
-		sk=(BIGNUM *)Malloc(sizeof(BIGNUM)*n);
-		memset(sk,0,sizeof(BIGNUM)*n);
-		memset(&ctx,0,sizeof(ctx));
-
-		ret=bn_mm(r,a,b,&(sk[0]),&ctx);
-		for (i=0; i<n; i+=2)
-			{
-			BN_clear_free(&sk[i]);
-			BN_clear_free(&sk[i+1]);
-			}
-		Free(sk);
-		return(ret);
-		}
-
-	max=(al+bl);
-	if (bn_wexpand(r,max) == NULL) return(0);
-	r->top=max;
-	r->neg=a->neg^b->neg;
-	ap=a->d;
-	bp=b->d;
-	rp=r->d;
-
-	rp[al]=bn_mul_words(rp,ap,al,*(bp++));
-	rp++;
-	for (i=1; i<bl; i++)
-		{
-		rp[al]=bn_mul_add_words(rp,ap,al,*(bp++));
-		rp++;
-		}
-	if ((max > 0) && (r->d[max-1] == 0)) r->top--;
-	return(1);
-	}
-
-
-#define ahal	(sk[0])
-#define blbh	(sk[1])
-
-/* r must be different to a and b */
-int bn_mm(BIGNUM *m, BIGNUM *A, BIGNUM *B, BIGNUM *sk, BN_CTX *ctx)
-	{
-	int n,num,sqr=0;
-	int an,bn;
-	BIGNUM ah,al,bh,bl;
-
-	an=A->top;
-	bn=B->top;
-#ifdef BN_MUL_DEBUG
-printf("bn_mm(%d,%d)\n",A->top,B->top);
-#endif
-
-	if (A == B) sqr=1;
-	num=(an>bn)?an:bn;
-	n=(num+1)/2;
-	/* Are going to now chop things into 'num' word chunks. */
-
-	BN_init(&ah);
-	BN_init(&al);
-	BN_init(&bh);
-	BN_init(&bl);
-
-	bn_set_low (&al,A,n);
-	bn_set_high(&ah,A,n);
-	bn_set_low (&bl,B,n);
-	bn_set_high(&bh,B,n);
-
-	BN_sub(&ahal,&ah,&al);
-	BN_sub(&blbh,&bl,&bh);
-
-	if (num <= (bn_limit_num+bn_limit_num))
-		{
-		BN_mul(m,&ahal,&blbh);
-		if (sqr)
-			{
-			BN_sqr(&ahal,&al,ctx);
-			BN_sqr(&blbh,&ah,ctx);
-			}
-		else
-			{
-			BN_mul(&ahal,&al,&bl);
-			BN_mul(&blbh,&ah,&bh);
-			}
-		}
-	else
-		{
-		bn_mm(m,&ahal,&blbh,&(sk[2]),ctx);
-		bn_mm(&ahal,&al,&bl,&(sk[2]),ctx);
-		bn_mm(&blbh,&ah,&bh,&(sk[2]),ctx);
-		}
-
-	BN_add(m,m,&ahal);
-	BN_add(m,m,&blbh);
-
-	BN_lshift(m,m,n*BN_BITS2);
-	BN_lshift(&blbh,&blbh,n*BN_BITS2*2);
-
-	BN_add(m,m,&ahal);
-	BN_add(m,m,&blbh);
-
-	m->neg=A->neg^B->neg;
-	return(1);
-	}
-#undef ahal	(sk[0])
-#undef blbh	(sk[1])
-
-#include "bn_low.c"
-#include "bn_high.c"

crypto/bn/old/bn_com.c

@@ -1,90 +0,0 @@
-/* crypto/bn/bn_mulw.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-#ifdef BN_LLONG 
-
-ab
-12
-   a2 b2
-a1 b1
-
-abc
-123
-      a3 b3 c3
-   a2 b2 c2
-a1 b1 c1
-
-abcd
-1234
-         a4 b4 c4 d4
-      a3 b3 c3 d3
-   a2 b2 c2 d2
-a1 b1 c1 d1
-
-abcde
-01234
-               a5 b5 c5 d5 e5
-            a4 b4 c4 d4 e4
-         a3 b3 c3 d3 e3
-      a2 b2 c2 d2 e2
-   a1 b1 c1 d1 e1
-a0 b0 c0 d0 e0

crypto/bn/old/bn_high.c

@@ -1,135 +0,0 @@
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-#undef BN_MUL_HIGH_DEBUG
-
-#ifdef BN_MUL_HIGH_DEBUG
-#define debug_BN_print(a,b,c) BN_print_fp(a,b); printf(c);
-#else
-#define debug_BN_print(a,b,c)
-#endif
-
-int BN_mul_high(BIGNUM *r,BIGNUM *a,BIGNUM *b,BIGNUM *low, int words);
-
-#undef t1
-#undef t2
-
-int BN_mul_high(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *low, int words)
-	{
-	int w2,borrow=0,full=0;
-	BIGNUM t1,t2,t3,h,ah,al,bh,bl,m,s0,s1;
-	BN_ULONG ul1,ul2;
-	
-	BN_mul(r,a,b);
-	BN_rshift(r,r,words*BN_BITS2);
-	return(1);
-
-	w2=(words+1)/2;
-
-#ifdef BN_MUL_HIGH_DEBUG
-fprintf(stdout,"words=%d w2=%d\n",words,w2);
-#endif
-debug_BN_print(stdout,a," a\n");
-debug_BN_print(stdout,b," b\n");
-debug_BN_print(stdout,low," low\n");
-	BN_init(&al); BN_init(&ah);
-	BN_init(&bl); BN_init(&bh);
-	BN_init(&t1); BN_init(&t2); BN_init(&t3);
-	BN_init(&s0); BN_init(&s1);
-	BN_init(&h); BN_init(&m);
-
-	bn_set_low (&al,a,w2);
-	bn_set_high(&ah,a,w2);
-	bn_set_low (&bl,b,w2);
-	bn_set_high(&bh,b,w2);
-
-	bn_set_low(&s0,low,w2);
-	bn_set_high(&s1,low,w2);
-
-debug_BN_print(stdout,&al," al\n");
-debug_BN_print(stdout,&ah," ah\n");
-debug_BN_print(stdout,&bl," bl\n");
-debug_BN_print(stdout,&bh," bh\n");
-debug_BN_print(stdout,&s0," s0\n");
-debug_BN_print(stdout,&s1," s1\n");
-
-	/* Calculate (al-ah)*(bh-bl) */
-	BN_sub(&t1,&al,&ah);
-	BN_sub(&t2,&bh,&bl);
-	BN_mul(&m,&t1,&t2);
-
-	/* Calculate ah*bh */
-	BN_mul(&h,&ah,&bh);
-
-	/* s0 == low(al*bl)
-	 * s1 == low(ah*bh)+low((al-ah)*(bh-bl))+low(al*bl)+high(al*bl)
-	 * We know s0 and s1 so the only unknown is high(al*bl)
-	 * high(al*bl) == s1 - low(ah*bh+(al-ah)*(bh-bl)+s0)
-	 */
-	BN_add(&m,&m,&h);
-	BN_add(&t2,&m,&s0);
-
-debug_BN_print(stdout,&t2," middle value\n");
-
-	/* Quick and dirty mask off of high words */
-	if (w2 < t2.top) t2.top=w2;
-#if 0
-	bn_set_low(&t3,&t2,w2);
-#endif
-
-debug_BN_print(stdout,&t2," low middle value\n");
-	BN_sub(&t1,&s1,&t2);
-
-	if (t1.neg)
-		{
-debug_BN_print(stdout,&t1," before\n");
-		BN_zero(&t2);
-		BN_set_bit(&t2,w2*BN_BITS2);
-		BN_add(&t1,&t2,&t1);
-		/* BN_mask_bits(&t1,w2*BN_BITS2); */
-		/* if (words < t1.top) t1.top=words; */
-debug_BN_print(stdout,&t1," after\n");
-		borrow=1;
-		}
-
-/* XXXXX SPEED THIS UP */
-	/* al*bl == high(al*bl)<<words+s0 */
-	BN_lshift(&t1,&t1,w2*BN_BITS2);
-	BN_add(&t1,&t1,&s0);
-	if (w2*2 < t1.top) t1.top=w2*2; /* This should not happen? */
-	
-	/* We now have
-	 * al*bl			- t1
-	 * (al-ah)*(bh-bl)+ah*bh	- m
-	 * ah*bh			- h
-	 */
-#if 0
-	BN_add(&m,&m,&t1);
-debug_BN_print(stdout,&t1," s10\n");
-debug_BN_print(stdout,&m," s21\n");
-debug_BN_print(stdout,&h," s32\n");
-	BN_lshift(&m,&m,w2*BN_BITS2);
-	BN_lshift(&h,&h,w2*2*BN_BITS2);
-	BN_add(r,&m,&t1);
-	BN_add(r,r,&h);
-	BN_rshift(r,r,w2*2*BN_BITS2);
-#else
-	BN_add(&m,&m,&t1); 		/* Do a cmp then +1 if needed? */
-	bn_set_high(&t3,&t1,w2);
-	BN_add(&m,&m,&t3);
-	bn_set_high(&t3,&m,w2);
-	BN_add(r,&h,&t3);
-#endif
-
-#ifdef BN_MUL_HIGH_DEBUG
-printf("carry=%d\n",borrow);
-#endif
-debug_BN_print(stdout,r," ret\n");
-	BN_free(&t1); BN_free(&t2);
-	BN_free(&m); BN_free(&h);
-	return(1);
-	}
-
-
-

crypto/bn/old/bn_ka.c

@@ -1,567 +0,0 @@
-#include <stdio.h>
-#include <stdlib.h>
-#include <strings.h>
-#include "bn_lcl.h"
-
-/* r is 2*n2 words in size,
- * a and b are both n2 words in size.
- * n2 must be a power of 2.
- * We multiply and return the result.
- * t must be 2*n2 words in size
- * We calulate
- * a[0]*b[0]
- * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0])
- * a[1]*b[1]
- */
-void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
-	     BN_ULONG *t)
-	{
-	int n=n2/2;
-	int neg,zero,c1,c2;
-	BN_ULONG ln,lo,*p;
-
-#ifdef BN_COUNT
-printf(" bn_mul_recursive %d * %d\n",n2,n2);
-#endif
-	if (n2 <= 8)
-		{
-		if (n2 == 8)
-			bn_mul_comba8(r,a,b);
-		else
-			bn_mul_normal(r,a,n2,b,n2);
-		return;
-		}
-
-	if (n2 < BN_MUL_RECURSIVE_SIZE_NORMAL)
-		{
-		/* This should not happen */
-		/*abort(); */
-		bn_mul_normal(r,a,n2,b,n2);
-		return;
-		}
-	/* r=(a[0]-a[1])*(b[1]-b[0]) */
-	c1=bn_cmp_words(a,&(a[n]),n);
-	c2=bn_cmp_words(&(b[n]),b,n);
-	zero=neg=0;
-	switch (c1*3+c2)
-		{
-	case -4:
-		bn_sub_words(t,      &(a[n]),a,      n); /* - */
-		bn_sub_words(&(t[n]),b,      &(b[n]),n); /* - */
-		break;
-	case -3:
-		zero=1;
-		break;
-	case -2:
-		bn_sub_words(t,      &(a[n]),a,      n); /* - */
-		bn_sub_words(&(t[n]),&(b[n]),b,      n); /* + */
-		neg=1;
-		break;
-	case -1:
-	case 0:
-	case 1:
-		zero=1;
-		break;
-	case 2:
-		bn_sub_words(t,      a,      &(a[n]),n); /* + */
-		bn_sub_words(&(t[n]),b,      &(b[n]),n); /* - */
-		neg=1;
-		break;
-	case 3:
-		zero=1;
-		break;
-	case 4:
-		bn_sub_words(t,      a,      &(a[n]),n);
-		bn_sub_words(&(t[n]),&(b[n]),b,      n);
-		break;
-		}
-
-	if (n == 8)
-		{
-		if (!zero)
-			bn_mul_comba8(&(t[n2]),t,&(t[n]));
-		else
-			memset(&(t[n2]),0,8*sizeof(BN_ULONG));
-		
-		bn_mul_comba8(r,a,b);
-		bn_mul_comba8(&(r[n2]),&(a[n]),&(b[n]));
-		}
-	else
-		{
-		p= &(t[n2*2]);
-		if (!zero)
-			bn_mul_recursive(&(t[n2]),t,&(t[n]),n,p);
-		else
-			memset(&(t[n2]),0,n*sizeof(BN_ULONG));
-		bn_mul_recursive(r,a,b,n,p);
-		bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),n,p);
-		}
-
-	/* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
-	 * r[10] holds (a[0]*b[0])
-	 * r[32] holds (b[1]*b[1])
-	 */
-
-	c1=bn_add_words(t,r,&(r[n2]),n2);
-
-	if (neg) /* if t[32] is negative */
-		{
-		c1-=bn_sub_words(&(t[n2]),t,&(t[n2]),n2);
-		}
-	else
-		{
-		/* Might have a carry */
-		c1+=bn_add_words(&(t[n2]),&(t[n2]),t,n2);
-		}
-
-	/* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
-	 * r[10] holds (a[0]*b[0])
-	 * r[32] holds (b[1]*b[1])
-	 * c1 holds the carry bits
-	 */
-	c1+=bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2);
-	if (c1)
-		{
-		p= &(r[n+n2]);
-		lo= *p;
-		ln=(lo+c1)&BN_MASK2;
-		*p=ln;
-
-		/* The overflow will stop before we over write
-		 * words we should not overwrite */
-		if (ln < c1)
-			{
-			do	{
-				p++;
-				lo= *p;
-				ln=(lo+1)&BN_MASK2;
-				*p=ln;
-				} while (ln == 0);
-			}
-		}
-	}
-
-/* n+tn is the word length
- * t needs to be n*4 is size, as does r */
-void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int tn,
-	     int n, BN_ULONG *t)
-	{
-	int n2=n*2,i,j;
-	int c1;
-	BN_ULONG ln,lo,*p;
-
-#ifdef BN_COUNT
-printf(" bn_mul_part_recursive %d * %d\n",tn+n,tn+n);
-#endif
-	if (n < 8)
-		{
-		i=tn+n;
-		bn_mul_normal(r,a,i,b,i);
-		return;
-		}
-
-	/* r=(a[0]-a[1])*(b[1]-b[0]) */
-	bn_sub_words(t,      a,      &(a[n]),n); /* + */
-	bn_sub_words(&(t[n]),b,      &(b[n]),n); /* - */
-
-	if (n == 8)
-		{
-		bn_mul_comba8(&(t[n2]),t,&(t[n]));
-		bn_mul_comba8(r,a,b);
-		bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn);
-		memset(&(r[n2+tn*2]),0,sizeof(BN_ULONG)*(n2-tn*2));
-		}
-	else
-		{
-		p= &(t[n2*2]);
-		bn_mul_recursive(&(t[n2]),t,&(t[n]),n,p);
-		bn_mul_recursive(r,a,b,n,p);
-		i=n/2;
-		/* If there is only a bottom half to the number,
-		 * just do it */
-		j=tn-i;
-		if (j == 0)
-			{
-			bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),i,p);
-			memset(&(r[n2+i*2]),0,sizeof(BN_ULONG)*(n2-i*2));
-			}
-		else if (j > 0) /* eg, n == 16, i == 8 and tn == 11 */
-				{
-				bn_mul_part_recursive(&(r[n2]),&(a[n]),&(b[n]),
-					j,i,p);
-				memset(&(r[n2+tn*2]),0,
-					sizeof(BN_ULONG)*(n2-tn*2));
-				}
-		else /* (j < 0) eg, n == 16, i == 8 and tn == 5 */
-			{
-			memset(&(r[n2]),0,sizeof(BN_ULONG)*(tn*2));
-			for (;;)
-				{
-				i/=2;
-				if (i < tn)
-					{
-					bn_mul_part_recursive(&(r[n2]),
-						&(a[n]),&(b[n]),
-						tn-i,i,p);
-					break;
-					}
-				else if (i == tn)
-					{
-					bn_mul_recursive(&(r[n2]),
-						&(a[n]),&(b[n]),
-						i,p);
-					break;
-					}
-				}
-			}
-		}
-
-	/* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
-	 * r[10] holds (a[0]*b[0])
-	 * r[32] holds (b[1]*b[1])
-	 */
-
-	c1=bn_add_words(t,r,&(r[n2]),n2);
-	c1-=bn_sub_words(&(t[n2]),t,&(t[n2]),n2);
-
-	/* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
-	 * r[10] holds (a[0]*b[0])
-	 * r[32] holds (b[1]*b[1])
-	 * c1 holds the carry bits
-	 */
-	c1+=bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2);
-	if (c1)
-		{
-		p= &(r[n+n2]);
-		lo= *p;
-		ln=(lo+c1)&BN_MASK2;
-		*p=ln;
-
-		/* The overflow will stop before we over write
-		 * words we should not overwrite */
-		if (ln < c1)
-			{
-			do	{
-				p++;
-				lo= *p;
-				ln=(lo+1)&BN_MASK2;
-				*p=ln;
-				} while (ln == 0);
-			}
-		}
-	}
-
-/* r is 2*n words in size,
- * a and b are both n words in size.
- * n must be a power of 2.
- * We multiply and return the result.
- * t must be 2*n words in size
- * We calulate
- * a[0]*b[0]
- * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0])
- * a[1]*b[1]
- */
-void bn_sqr_recursive(BN_ULONG *r, BN_ULONG *a, int n2, BN_ULONG *t)
-	{
-	int n=n2/2;
-	int zero,c1;
-	BN_ULONG ln,lo,*p;
-
-#ifdef BN_COUNT
-printf(" bn_sqr_recursive %d * %d\n",n2,n2);
-#endif
-	if (n2 == 4)
-		{
-		bn_sqr_comba4(r,a);
-		return;
-		}
-	else if (n2 == 8)
-		{
-		bn_sqr_comba8(r,a);
-		return;
-		}
-	if (n2 < BN_SQR_RECURSIVE_SIZE_NORMAL)
-		{
-		bn_sqr_normal(r,a,n2,t);
-		return;
-		abort();
-		}
-	/* r=(a[0]-a[1])*(a[1]-a[0]) */
-	c1=bn_cmp_words(a,&(a[n]),n);
-	zero=0;
-	if (c1 > 0)
-		bn_sub_words(t,a,&(a[n]),n);
-	else if (c1 < 0)
-		bn_sub_words(t,&(a[n]),a,n);
-	else
-		zero=1;
-
-	/* The result will always be negative unless it is zero */
-
-	if (n == 8)
-		{
-		if (!zero)
-			bn_sqr_comba8(&(t[n2]),t);
-		else
-			memset(&(t[n2]),0,8*sizeof(BN_ULONG));
-		
-		bn_sqr_comba8(r,a);
-		bn_sqr_comba8(&(r[n2]),&(a[n]));
-		}
-	else
-		{
-		p= &(t[n2*2]);
-		if (!zero)
-			bn_sqr_recursive(&(t[n2]),t,n,p);
-		else
-			memset(&(t[n2]),0,n*sizeof(BN_ULONG));
-		bn_sqr_recursive(r,a,n,p);
-		bn_sqr_recursive(&(r[n2]),&(a[n]),n,p);
-		}
-
-	/* t[32] holds (a[0]-a[1])*(a[1]-a[0]), it is negative or zero
-	 * r[10] holds (a[0]*b[0])
-	 * r[32] holds (b[1]*b[1])
-	 */
-
-	c1=bn_add_words(t,r,&(r[n2]),n2);
-
-	/* t[32] is negative */
-	c1-=bn_sub_words(&(t[n2]),t,&(t[n2]),n2);
-
-	/* t[32] holds (a[0]-a[1])*(a[1]-a[0])+(a[0]*a[0])+(a[1]*a[1])
-	 * r[10] holds (a[0]*a[0])
-	 * r[32] holds (a[1]*a[1])
-	 * c1 holds the carry bits
-	 */
-	c1+=bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2);
-	if (c1)
-		{
-		p= &(r[n+n2]);
-		lo= *p;
-		ln=(lo+c1)&BN_MASK2;
-		*p=ln;
-
-		/* The overflow will stop before we over write
-		 * words we should not overwrite */
-		if (ln < c1)
-			{
-			do	{
-				p++;
-				lo= *p;
-				ln=(lo+1)&BN_MASK2;
-				*p=ln;
-				} while (ln == 0);
-			}
-		}
-	}
-
-#if 1
-/* a and b must be the same size, which is n2.
- * r needs to be n2 words and t needs to be n2*2
- */
-void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
-	     BN_ULONG *t)
-	{
-	int n=n2/2;
-
-#ifdef BN_COUNT
-printf(" bn_mul_low_recursive %d * %d\n",n2,n2);
-#endif
-
-	bn_mul_recursive(r,a,b,n,&(t[0]));
-	if (n > BN_MUL_LOW_RECURSIVE_SIZE_NORMAL)
-		{
-		bn_mul_low_recursive(&(t[0]),&(a[0]),&(b[n]),n,&(t[n2]));
-		bn_add_words(&(r[n]),&(r[n]),&(t[0]),n);
-		bn_mul_low_recursive(&(t[0]),&(a[n]),&(b[0]),n,&(t[n2]));
-		bn_add_words(&(r[n]),&(r[n]),&(t[0]),n);
-		}
-	else
-		{
-		bn_mul_low_normal(&(t[0]),&(a[0]),&(b[n]),n);
-		bn_mul_low_normal(&(t[n]),&(a[n]),&(b[0]),n);
-		bn_add_words(&(r[n]),&(r[n]),&(t[0]),n);
-		bn_add_words(&(r[n]),&(r[n]),&(t[n]),n);
-		}
-	}
-
-/* a and b must be the same size, which is n2.
- * r needs to be n2 words and t needs to be n2*2
- * l is the low words of the output.
- * t needs to be n2*3
- */
-void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2,
-	     BN_ULONG *t)
-	{
-	int j,i,n,c1,c2;
-	int neg,oneg,zero;
-	BN_ULONG ll,lc,*lp,*mp;
-
-#ifdef BN_COUNT
-printf(" bn_mul_high %d * %d\n",n2,n2);
-#endif
-	n=(n2+1)/2;
-
-	/* Calculate (al-ah)*(bh-bl) */
-	neg=zero=0;
-	c1=bn_cmp_words(&(a[0]),&(a[n]),n);
-	c2=bn_cmp_words(&(b[n]),&(b[0]),n);
-	switch (c1*3+c2)
-		{
-	case -4:
-		bn_sub_words(&(r[0]),&(a[n]),&(a[0]),n);
-		bn_sub_words(&(r[n]),&(b[0]),&(b[n]),n);
-		break;
-	case -3:
-		zero=1;
-		break;
-	case -2:
-		bn_sub_words(&(r[0]),&(a[n]),&(a[0]),n);
-		bn_sub_words(&(r[n]),&(b[n]),&(b[0]),n);
-		neg=1;
-		break;
-	case -1:
-	case 0:
-	case 1:
-		zero=1;
-		break;
-	case 2:
-		bn_sub_words(&(r[0]),&(a[0]),&(a[n]),n);
-		bn_sub_words(&(r[n]),&(b[0]),&(b[n]),n);
-		neg=1;
-		break;
-	case 3:
-		zero=1;
-		break;
-	case 4:
-		bn_sub_words(&(r[0]),&(a[0]),&(a[n]),n);
-		bn_sub_words(&(r[n]),&(b[n]),&(b[0]),n);
-		break;
-		}
-		
-	oneg=neg;
-	/* t[10] = (a[0]-a[1])*(b[1]-b[0]) */
-	bn_mul_recursive(&(t[0]),&(r[0]),&(r[n]),n,&(t[n2]));
-	/* r[10] = (a[1]*b[1]) */
-	bn_mul_recursive(r,&(a[n]),&(b[n]),n,&(t[n2]));
-
-	/* s0 == low(al*bl)
-	 * s1 == low(ah*bh)+low((al-ah)*(bh-bl))+low(al*bl)+high(al*bl)
-	 * We know s0 and s1 so the only unknown is high(al*bl)
-	 * high(al*bl) == s1 - low(ah*bh+s0+(al-ah)*(bh-bl))
-	 * high(al*bl) == s1 - (r[0]+l[0]+t[0])
-	 */
-	if (l != NULL)
-		{
-		lp= &(t[n2+n]);
-		c1=bn_add_words(lp,&(r[0]),&(l[0]),n);
-		}
-	else
-		{
-		c1=0;
-		lp= &(r[0]);
-		}
-
-	if (neg)
-		neg=bn_sub_words(&(t[n2]),lp,&(t[0]),n);
-	else
-		{
-		bn_add_words(&(t[n2]),lp,&(t[0]),n);
-		neg=0;
-		}
-
-	if (l != NULL)
-		{
-		bn_sub_words(&(t[n2+n]),&(l[n]),&(t[n2]),n);
-		}
-	else
-		{
-		lp= &(t[n2+n]);
-		mp= &(t[n2]);
-		for (i=0; i<n; i++)
-			lp[i]=((~mp[i])+1)&BN_MASK2;
-		}
-
-	/* s[0] = low(al*bl)
-	 * t[3] = high(al*bl)
-	 * t[10] = (a[0]-a[1])*(b[1]-b[0]) neg is the sign
-	 * r[10] = (a[1]*b[1])
-	 */
-	/* R[10] = al*bl
-	 * R[21] = al*bl + ah*bh + (a[0]-a[1])*(b[1]-b[0])
-	 * R[32] = ah*bh
-	 */
-	/* R[1]=t[3]+l[0]+r[0](+-)t[0] (have carry/borrow)
-	 * R[2]=r[0]+t[3]+r[1](+-)t[1] (have carry/borrow)
-	 * R[3]=r[1]+(carry/borrow)
-	 */
-	if (l != NULL)
-		{
-		lp= &(t[n2]);
-		c1= bn_add_words(lp,&(t[n2+n]),&(l[0]),n);
-		}
-	else
-		{
-		lp= &(t[n2+n]);
-		c1=0;
-		}
-	c1+=bn_add_words(&(t[n2]),lp,  &(r[0]),n);
-	if (oneg)
-		c1-=bn_sub_words(&(t[n2]),&(t[n2]),&(t[0]),n);
-	else
-		c1+=bn_add_words(&(t[n2]),&(t[n2]),&(t[0]),n);
-
-	c2 =bn_add_words(&(r[0]),&(r[0]),&(t[n2+n]),n);
-	c2+=bn_add_words(&(r[0]),&(r[0]),&(r[n]),n);
-	if (oneg)
-		c2-=bn_sub_words(&(r[0]),&(r[0]),&(t[n]),n);
-	else
-		c2+=bn_add_words(&(r[0]),&(r[0]),&(t[n]),n);
-	
-	if (c1 != 0) /* Add starting at r[0], could be +ve or -ve */
-		{
-		i=0;
-		if (c1 > 0)
-			{
-			lc=c1;
-			do	{
-				ll=(r[i]+lc)&BN_MASK2;
-				r[i++]=ll;
-				lc=(lc > ll);
-				} while (lc);
-			}
-		else
-			{
-			lc= -c1;
-			do	{
-				ll=r[i];
-				r[i++]=(ll-lc)&BN_MASK2;
-				lc=(lc > ll);
-				} while (lc);
-			}
-		}
-	if (c2 != 0) /* Add starting at r[1] */
-		{
-		i=n;
-		if (c2 > 0)
-			{
-			lc=c2;
-			do	{
-				ll=(r[i]+lc)&BN_MASK2;
-				r[i++]=ll;
-				lc=(lc > ll);
-				} while (lc);
-			}
-		else
-			{
-			lc= -c2;
-			do	{
-				ll=r[i];
-				r[i++]=(ll-lc)&BN_MASK2;
-				lc=(lc > ll);
-				} while (lc);
-			}
-		}
-	}
-#endif

crypto/bn/old/bn_low.c

@@ -1,194 +0,0 @@
-/* crypto/bn/bn_mul.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-static int bn_mm_low(BIGNUM *m,BIGNUM *A,BIGNUM *B, int num,
-		BIGNUM *sk,BN_CTX *ctx);
-int BN_mul_low(BIGNUM *r, BIGNUM *a, BIGNUM *b,int words);
-
-/* r must be different to a and b */
-int BN_mul_low(BIGNUM *r, BIGNUM *a, BIGNUM *b, int num)
-	{
-	BN_ULONG *ap,*bp,*rp;
-	BIGNUM *sk;
-	int j,i,n,ret;
-	int max,al,bl;
-	BN_CTX ctx;
-
-	bn_check_top(a);
-	bn_check_top(b);
-
-#ifdef BN_MUL_DEBUG
-printf("BN_mul_low(%d,%d,%d)\n",a->top,b->top,num);
-#endif
-
-	al=a->top;
-	bl=b->top;
-	if ((al == 0) || (bl == 0))
-		{
-		r->top=0;
-		return(1);
-		}
-
-	if ((bn_limit_bits_low > 0) && (num > bn_limit_num_low))
-		{
-		n=BN_num_bits_word(num*2)-bn_limit_bits_low;
-		n*=2;
-		sk=(BIGNUM *)Malloc(sizeof(BIGNUM)*n);
-		memset(sk,0,sizeof(BIGNUM)*n);
-		memset(&ctx,0,sizeof(ctx));
-
-		ret=bn_mm_low(r,a,b,num,&(sk[0]),&ctx);
-		for (i=0; i<n; i+=2)
-			{
-			BN_clear_free(&sk[i]);
-			BN_clear_free(&sk[i+1]);
-			}
-		Free(sk);
-		return(ret);
-		}
-
-	max=(al+bl);
-	if (bn_wexpand(r,max) == NULL) return(0);
-	r->neg=a->neg^b->neg;
-	ap=a->d;
-	bp=b->d;
-	rp=r->d;
-	r->top=(max > num)?num:max;
-
-	rp[al]=bn_mul_words(rp,ap,al,*(bp++));
-	rp++;
-	j=bl;
-	for (i=1; i<j; i++)
-		{
-		if (al >= num--)
-			{
-			al--;
-			if (al <= 0) break;
-			}
-		rp[al]=bn_mul_add_words(rp,ap,al,*(bp++));
-		rp++;
-		}
-	
-	while ((r->top > 0) && (r->d[r->top-1] == 0))
-		r->top--;
-	return(1);
-	}
-
-
-#define t1	(sk[0])
-#define t2	(sk[1])
-
-/* r must be different to a and b */
-int bn_mm_low(BIGNUM *m, BIGNUM *A, BIGNUM *B, int num, BIGNUM *sk,
-	     BN_CTX *ctx)
-	{
-	int n; /* ,sqr=0; */
-	int an,bn;
-	BIGNUM ah,al,bh,bl;
-
-	bn_wexpand(m,num+3);
-	an=A->top;
-	bn=B->top;
-
-#ifdef BN_MUL_DEBUG
-printf("bn_mm_low(%d,%d,%d)\n",A->top,B->top,num);
-#endif
-
-	n=(num+1)/2;
-
-	BN_init(&ah); BN_init(&al); BN_init(&bh); BN_init(&bl);
-
-	bn_set_low( &al,A,n);
-	bn_set_high(&ah,A,n);
-	bn_set_low( &bl,B,n);
-	bn_set_high(&bh,B,n);
-
-	if (num <= (bn_limit_num_low+bn_limit_num_low))
-		{
-		BN_mul(m,&al,&bl);
-		BN_mul_low(&t1,&al,&bh,n);
-		BN_mul_low(&t2,&ah,&bl,n);
-		}
-	else
-		{
-		bn_mm(m  ,&al,&bl,&(sk[2]),ctx);
-		bn_mm_low(&t1,&al,&bh,n,&(sk[2]),ctx);
-		bn_mm_low(&t2,&ah,&bl,n,&(sk[2]),ctx);
-		}
-
-	BN_add(&t1,&t1,&t2);
-
-	/* We will now do an evil hack instead of
-	 * BN_lshift(&t1,&t1,n*BN_BITS2);
-	 * BN_add(m,m,&t1);
-	 * BN_mask_bits(m,num*BN_BITS2);
-	 */
-	bn_set_high(&ah,m,n); ah.max=num+2;
-	BN_add(&ah,&ah,&t1);
-	m->top=num;
-
-	m->neg=A->neg^B->neg;
-	return(1);
-	}
-
-#undef t1	(sk[0])
-#undef t2	(sk[1])

crypto/bn/old/bn_m.c

@@ -1,139 +0,0 @@
-/* crypto/bn/bn_m.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-/*#include "cryptlib.h"*/
-#include "bn_lcl.h"
-
-#define limit_bits 5			/* 2^5, or 32 words */
-#define limit_num (1<<limit_bits)
-
-int BN_m(BIGNUM *r, BIGNUM *a, BIGNUM *b)
-	{
-	BIGNUM *sk;
-	int i,n;
-
-	n=(BN_num_bits_word(a->top|b->top)-limit_bits);
-	n*=2;
-	sk=(BIGNUM *)malloc(sizeof(BIGNUM)*n);
-	for (i=0; i<n; i++)
-		BN_init(&(sk[i]));
-
-	return(BN_mm(r,a,b,&(sk[0])));
-	}
-
-#define ahal	(sk[0])
-#define blbh	(sk[1])
-
-/* r must be different to a and b */
-int BN_mm(BIGNUM *m, BIGNUM *A, BIGNUM *B, BIGNUM *sk)
-	{
-	int i,num,anum,bnum;
-	int an,bn;
-	BIGNUM ah,al,bh,bl;
-
-	an=A->top;
-	bn=B->top;
-	if ((an <= limit_num) || (bn <= limit_num))
-		{
-		return(BN_mul(m,A,B));
-		}
-
-	anum=(an>bn)?an:bn;
-	num=(anum)/2;
-
-	/* Are going to now chop things into 'num' word chunks. */
-	bnum=num*BN_BITS2;
-
-	BN_init(&ahal);
-	BN_init(&blbh);
-	BN_init(&ah);
-	BN_init(&al);
-	BN_init(&bh);
-	BN_init(&bl);
-
-	al.top=num;
-	al.d=A->d;
-	ah.top=A->top-num;
-	ah.d= &(A->d[num]);
-
-	bl.top=num;
-	bl.d=B->d;
-	bh.top=B->top-num;
-	bh.d= &(B->d[num]);
-
-	BN_sub(&ahal,&ah,&al);
-	BN_sub(&blbh,&bl,&bh);
-
-	BN_mm(m,&ahal,&blbh,&(sk[2]));
-	BN_mm(&ahal,&al,&bl,&(sk[2]));
-	BN_mm(&blbh,&ah,&bh,&(sk[2]));
-
-	BN_add(m,m,&ahal);
-	BN_add(m,m,&blbh);
-
-	BN_lshift(m,m,bnum);
-	BN_add(m,m,&ahal);
-
-	BN_lshift(&blbh,&blbh,bnum*2);
-	BN_add(m,m,&blbh);
-
-	m->neg=A->neg^B->neg;
-	return(1);
-	}
-

crypto/bn/old/bn_mul.c.works

@@ -1,219 +0,0 @@
-/* crypto/bn/bn_mul.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-int bn_mm(BIGNUM *m,BIGNUM *A,BIGNUM *B, BIGNUM *sk,BN_CTX *ctx);
-
-/* r must be different to a and b */
-int BN_mul(r, a, b)
-BIGNUM *r;
-BIGNUM *a;
-BIGNUM *b;
-	{
-	BN_ULONG *ap,*bp,*rp;
-	BIGNUM *sk;
-	int i,n,ret;
-	int max,al,bl;
-	BN_CTX ctx;
-
-	bn_check_top(a);
-	bn_check_top(b);
-
-	al=a->top;
-	bl=b->top;
-	if ((al == 0) || (bl == 0))
-		{
-		r->top=0;
-		return(1);
-		}
-#ifdef BN_MUL_DEBUG
-printf("BN_mul(%d,%d)\n",a->top,b->top);
-#endif
-
-#ifdef BN_RECURSION
-	if (	(bn_limit_bits > 0) &&
-		(bl > bn_limit_num) && (al > bn_limit_num))
-		{
-		n=(BN_num_bits_word(al|bl)-bn_limit_bits);
-		n*=2;
-		sk=(BIGNUM *)Malloc(sizeof(BIGNUM)*n);
-		memset(sk,0,sizeof(BIGNUM)*n);
-		memset(&ctx,0,sizeof(ctx));
-
-		ret=bn_mm(r,a,b,&(sk[0]),&ctx);
-		for (i=0; i<n; i+=2)
-			{
-			BN_clear_free(&sk[i]);
-			BN_clear_free(&sk[i+1]);
-			}
-		Free(sk);
-		return(ret);
-		}
-#endif
-
-	max=(al+bl);
-	if (bn_wexpand(r,max) == NULL) return(0);
-	r->top=max;
-	r->neg=a->neg^b->neg;
-	ap=a->d;
-	bp=b->d;
-	rp=r->d;
-
-#ifdef BN_RECURSION
-	if ((al == bl) && (al == 8))
-		{
-		bn_mul_comba8(rp,ap,bp);
-		}
-	else
-#endif
-		{
-		rp[al]=bn_mul_words(rp,ap,al,*(bp++));
-		rp++;
-		for (i=1; i<bl; i++)
-			{
-			rp[al]=bn_mul_add_words(rp,ap,al,*(bp++));
-			rp++;
-			}
-		}
-	if ((max > 0) && (r->d[max-1] == 0)) r->top--;
-	return(1);
-	}
-
-#ifdef BN_RECURSION
-
-#define ahal	(sk[0])
-#define blbh	(sk[1])
-
-/* r must be different to a and b */
-int bn_mm(m, A, B, sk,ctx)
-BIGNUM *m,*A,*B;
-BIGNUM *sk;
-BN_CTX *ctx;
-	{
-	int n,num,sqr=0;
-	int an,bn;
-	BIGNUM ah,al,bh,bl;
-
-	an=A->top;
-	bn=B->top;
-#ifdef BN_MUL_DEBUG
-printf("bn_mm(%d,%d)\n",A->top,B->top);
-#endif
-
-	if (A == B) sqr=1;
-	num=(an>bn)?an:bn;
-	n=(num+1)/2;
-	/* Are going to now chop things into 'num' word chunks. */
-
-	BN_init(&ah);
-	BN_init(&al);
-	BN_init(&bh);
-	BN_init(&bl);
-
-	bn_set_low (&al,A,n);
-	bn_set_high(&ah,A,n);
-	bn_set_low (&bl,B,n);
-	bn_set_high(&bh,B,n);
-
-	BN_sub(&ahal,&ah,&al);
-	BN_sub(&blbh,&bl,&bh);
-
-	if (num <= (bn_limit_num+bn_limit_num))
-		{
-		BN_mul(m,&ahal,&blbh);
-		if (sqr)
-			{
-			BN_sqr(&ahal,&al,ctx);
-			BN_sqr(&blbh,&ah,ctx);
-			}
-		else
-			{
-			BN_mul(&ahal,&al,&bl);
-			BN_mul(&blbh,&ah,&bh);
-			}
-		}
-	else
-		{
-		bn_mm(m,&ahal,&blbh,&(sk[2]),ctx);
-		bn_mm(&ahal,&al,&bl,&(sk[2]),ctx);
-		bn_mm(&blbh,&ah,&bh,&(sk[2]),ctx);
-		}
-
-	BN_add(m,m,&ahal);
-	BN_add(m,m,&blbh);
-
-	BN_lshift(m,m,n*BN_BITS2);
-	BN_lshift(&blbh,&blbh,n*BN_BITS2*2);
-
-	BN_add(m,m,&ahal);
-	BN_add(m,m,&blbh);
-
-	m->neg=A->neg^B->neg;
-	return(1);
-	}
-#undef ahal	(sk[0])
-#undef blbh	(sk[1])
-
-#include "bn_low.c"
-#include "bn_high.c"
-#include "f.c"
-
-#endif

crypto/bn/old/bn_wmul.c

@@ -1,175 +0,0 @@
-#include <stdio.h>
-#include "bn_lcl.h"
-
-#if 1
-
-int bn_mull(BIGNUM *r,BIGNUM *a,BIGNUM *b, BN_CTX *ctx);
-
-int bn_mull(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx)
-	{
-	int top,i,j,k,al,bl;
-	BIGNUM *t;
-
-#ifdef BN_COUNT
-printf("bn_mull %d * %d\n",a->top,b->top);
-#endif
-
-	bn_check_top(a);
-	bn_check_top(b);
-	bn_check_top(r);
-	BN_CTX_start(ctx);
-
-	al=a->top;
-	bl=b->top;
-	r->neg=a->neg^b->neg;
-
-	top=al+bl;
-	if ((al < 4) || (bl < 4))
-		{
-		if (bn_wexpand(r,top) == NULL) return(0);
-		r->top=top;
-		bn_mul_normal(r->d,a->d,al,b->d,bl);
-		goto end;
-		}
-	else if (al == bl) /* A good start, they are the same size */
-		goto symetric;
-	else
-		{
-		i=(al-bl);
-		if ((i ==  1) && !BN_get_flags(b,BN_FLG_STATIC_DATA))
-			{
-			bn_wexpand(b,al);
-			b->d[bl]=0;
-			bl++;
-			goto symetric;
-			}
-		else if ((i ==  -1) && !BN_get_flags(a,BN_FLG_STATIC_DATA))
-			{
-			bn_wexpand(a,bl);
-			a->d[al]=0;
-			al++;
-			goto symetric;
-			}
-		}
-
-	/* asymetric and >= 4 */ 
-	if (bn_wexpand(r,top) == NULL) return(0);
-	r->top=top;
-	bn_mul_normal(r->d,a->d,al,b->d,bl);
-
-	if (0)
-		{
-		/* symetric and > 4 */
-symetric:
-		if (al == 4)
-			{
-			if (bn_wexpand(r,al*2) == NULL) return(0);
-			r->top=top;
-			bn_mul_comba4(r->d,a->d,b->d);
-			goto end;
-			}
-		if (al == 8)
-			{
-			if (bn_wexpand(r,al*2) == NULL) return(0);
-			r->top=top;
-			bn_mul_comba8(r->d,a->d,b->d);
-			goto end;
-			}
-		if (al <= BN_MULL_NORMAL_SIZE)
-			{
-			if (bn_wexpand(r,al*2) == NULL) return(0);
-			r->top=top;
-			bn_mul_normal(r->d,a->d,al,b->d,bl);
-			goto end;
-			}
-		/* 16 or larger */
-		j=BN_num_bits_word((BN_ULONG)al);
-		j=1<<(j-1);
-		k=j+j;
-		t = BN_CTX_get(ctx);
-		if (al == j) /* exact multiple */
-			{
-			bn_wexpand(t,k*2);
-			bn_wexpand(r,k*2);
-			bn_mul_recursive(r->d,a->d,b->d,al,t->d);
-			}
-		else
-			{
-			bn_wexpand(a,k);
-			bn_wexpand(b,k);
-			bn_wexpand(t,k*4);
-			bn_wexpand(r,k*4);
-			for (i=a->top; i<k; i++)
-				a->d[i]=0;
-			for (i=b->top; i<k; i++)
-				b->d[i]=0;
-			bn_mul_part_recursive(r->d,a->d,b->d,al-j,j,t->d);
-			}
-		r->top=top;
-		}
-end:
-	BN_CTX_end(ctx);
-	bn_fix_top(r);
-	return(1);
-	}
-#endif
-
-void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb)
-	{
-	BN_ULONG *rr;
-
-#ifdef BN_COUNT
-printf(" bn_mul_normal %d * %d\n",na,nb);
-#endif
-
-	if (na < nb)
-		{
-		int itmp;
-		BN_ULONG *ltmp;
-
-		itmp=na; na=nb; nb=itmp;
-		ltmp=a;   a=b;   b=ltmp;
-
-		}
-	rr= &(r[na]);
-	rr[0]=bn_mul_words(r,a,na,b[0]);
-
-	for (;;)
-		{
-		if (--nb <= 0) return;
-		rr[1]=bn_mul_add_words(&(r[1]),a,na,b[1]);
-		if (--nb <= 0) return;
-		rr[2]=bn_mul_add_words(&(r[2]),a,na,b[2]);
-		if (--nb <= 0) return;
-		rr[3]=bn_mul_add_words(&(r[3]),a,na,b[3]);
-		if (--nb <= 0) return;
-		rr[4]=bn_mul_add_words(&(r[4]),a,na,b[4]);
-		rr+=4;
-		r+=4;
-		b+=4;
-		}
-	}
-
-#if 1
-void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
-	{
-#ifdef BN_COUNT
-printf(" bn_mul_low_normal %d * %d\n",n,n);
-#endif
-	bn_mul_words(r,a,n,b[0]);
-
-	for (;;)
-		{
-		if (--n <= 0) return;
-		bn_mul_add_words(&(r[1]),a,n,b[1]);
-		if (--n <= 0) return;
-		bn_mul_add_words(&(r[2]),a,n,b[2]);
-		if (--n <= 0) return;
-		bn_mul_add_words(&(r[3]),a,n,b[3]);
-		if (--n <= 0) return;
-		bn_mul_add_words(&(r[4]),a,n,b[4]);
-		r+=4;
-		b+=4;
-		}
-	}
-#endif

crypto/bn/old/build

@@ -1,3 +0,0 @@
-#!/bin/sh -x
-
-gcc -g -I../../include test.c -L../.. -lcrypto

crypto/bn/old/info

@@ -1,22 +0,0 @@
-Given A1A0 * B1B0 == S3S2S1S0
-
-S0=     low(A0*B0)
-S1=     low( (A1-A0)*(B0-B1)) +low( A1*B1) +high(A0*B0)
-S2=     high((A1-A0)*(B0-B1)) +high(A1*B1) +low( A1*B1)
-S3=     high(A1*B1);
-
-Assume we know S1 and S0, and can calulate A1*B1 and high((A1-A0)*(B0-B1))
-
-k0=	S0 == low(A0*B0)
-k1=	S1
-k2=	low( A1*B1)
-k3=	high(A1*B1)
-k4=	high((A1-A0)*(B0-B1))
-
-k1=	low((A1-A0)*(B0-B1)) +k2 +high(A0*B0)
-S2=	k4 +k3 +k2
-S3=	k3
-
-S1-k2= low((A1-A0)*(B0-B1)) +high(A0*B0)
-
-We potentially have a carry or a borrow from S1

crypto/bn/old/test.works

@@ -1,205 +0,0 @@
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-#define SIZE	128
-
-#define BN_MONT_CTX_set		bn_mcs
-#define BN_from_montgomery	bn_fm
-#define BN_mod_mul_montgomery	bn_mmm
-#undef BN_to_montgomery
-#define BN_to_montgomery(r,a,mont,ctx)	bn_mmm(\
-	r,a,(mont)->RR,(mont),ctx)
-
-main()
-	{
-	BIGNUM prime,a,b,r,A,B,R;
-	BN_MONT_CTX *mont;
-	BN_CTX *ctx;
-	int i;
-
-	ctx=BN_CTX_new();
-	BN_init(&prime);
-	BN_init(&a); BN_init(&b); BN_init(&r);
-	BN_init(&A); BN_init(&B); BN_init(&R);
-
-	BN_generate_prime(&prime,SIZE,0,NULL,NULL,NULL,NULL);
-	BN_rand(&A,SIZE,1,0);
-	BN_rand(&B,SIZE,1,0);
-	BN_mod(&A,&A,&prime,ctx);
-	BN_mod(&B,&B,&prime,ctx);
-
-	mont=BN_MONT_CTX_new();
-	BN_MONT_CTX_set(mont,&prime,ctx);
-
-	BN_to_montgomery(&a,&A,mont,ctx);
-	BN_to_montgomery(&b,&B,mont,ctx);
-
-	BN_mul(&r,&a,&b);
-	BN_print_fp(stdout,&r); printf("\n");
-	BN_from_montgomery(&r,&r,mont,ctx);
-	BN_print_fp(stdout,&r); printf("\n");
-	BN_from_montgomery(&r,&r,mont,ctx);
-	BN_print_fp(stdout,&r); printf("\n");
-
-	BN_mod_mul(&R,&A,&B,&prime,ctx);
-
-	BN_print_fp(stdout,&a); printf("\n");
-	BN_print_fp(stdout,&b); printf("\n");
-	BN_print_fp(stdout,&prime); printf("\n");
-	BN_print_fp(stdout,&r); printf("\n\n");
-
-	BN_print_fp(stdout,&A); printf("\n");
-	BN_print_fp(stdout,&B); printf("\n");
-	BN_print_fp(stdout,&prime); printf("\n");
-	BN_print_fp(stdout,&R); printf("\n\n");
-
-	BN_mul(&r,&a,&b);
-	BN_print_fp(stdout,&r); printf(" <- BA*DC\n");
-	BN_copy(&A,&r);
-	i=SIZE/2;
-	BN_mask_bits(&A,i*2);
-//	BN_print_fp(stdout,&A); printf(" <- low(BA*DC)\n");
-	bn_do_lower(&r,&a,&b,&A,i);
-//	BN_print_fp(stdout,&r); printf(" <- low(BA*DC)\n");
-	}
-
-int bn_mul_low(r,a,b,low,i)
-BIGNUM *r,*a,*b,*low;
-int i;
-	{
-	int w;
-	BIGNUM Kh,Km,t1,t2,h,ah,al,bh,bl,l,m,s0,s1;
-
-	BN_init(&Kh); BN_init(&Km); BN_init(&t1); BN_init(&t2); BN_init(&l);
-	BN_init(&ah); BN_init(&al); BN_init(&bh); BN_init(&bl); BN_init(&h);
-	BN_init(&m); BN_init(&s0); BN_init(&s1);
-
-	BN_copy(&al,a); BN_mask_bits(&al,i); BN_rshift(&ah,a,i);
-	BN_copy(&bl,b); BN_mask_bits(&bl,i); BN_rshift(&bh,b,i);
-
-
-	BN_sub(&t1,&al,&ah);
-	BN_sub(&t2,&bh,&bl);
-	BN_mul(&m,&t1,&t2);
-	BN_mul(&h,&ah,&bh);
-
-	BN_copy(&s0,low); BN_mask_bits(&s0,i);
-	BN_rshift(&s1,low,i);
-
-	BN_add(&t1,&h,&m);
-	BN_add(&t1,&t1,&s0);
-
-	BN_copy(&t2,&t1); BN_mask_bits(&t2,i);
-	BN_sub(&t1,&s1,&t2);
-	BN_lshift(&t1,&t1,i);
-	BN_add(&t1,&t1,&s0);
-	if (t1.neg)
-		{
-		BN_lshift(&t2,BN_value_one(),i*2);
-		BN_add(&t1,&t2,&t1);
-		BN_mask_bits(&t1,i*2);
-		}
-	
-	BN_free(&Kh); BN_free(&Km); BN_free(&t1); BN_free(&t2);
-	BN_free(&ah); BN_free(&al); BN_free(&bh); BN_free(&bl);
-	}
-
-int BN_mod_mul_montgomery(r,a,b,mont,ctx)
-BIGNUM *r,*a,*b;
-BN_MONT_CTX *mont;
-BN_CTX *ctx;
-	{
-	BIGNUM *tmp;
-
-        tmp= &(ctx->bn[ctx->tos++]);
-
-	if (a == b)
-		{
-		if (!BN_sqr(tmp,a,ctx)) goto err;
-		}
-	else
-		{
-		if (!BN_mul(tmp,a,b)) goto err;
-		}
-	/* reduce from aRR to aR */
-	if (!BN_from_montgomery(r,tmp,mont,ctx)) goto err;
-	ctx->tos--;
-	return(1);
-err:
-	return(0);
-	}
-
-int BN_from_montgomery(r,a,mont,ctx)
-BIGNUM *r;
-BIGNUM *a;
-BN_MONT_CTX *mont;
-BN_CTX *ctx;
-	{
-	BIGNUM z1;
-	BIGNUM *t1,*t2;
-	BN_ULONG *ap,*bp,*rp;
-	int j,i,bl,al;
-
-	BN_init(&z1);
-	t1= &(ctx->bn[ctx->tos]);
-	t2= &(ctx->bn[ctx->tos+1]);
-
-	if (!BN_copy(t1,a)) goto err;
-	/* can cheat */
-	BN_mask_bits(t1,mont->ri);
-	if (!BN_mul(t2,t1,mont->Ni)) goto err;
-	BN_mask_bits(t2,mont->ri);
-
-	if (!BN_mul(t1,t2,mont->N)) goto err;
-	if (!BN_add(t2,t1,a)) goto err;
-
-	/* At this point, t2 has the bottom ri bits set to zero.
-	 * This means that the bottom ri bits == the 1^ri minus the bottom
-	 * ri bits of a.
-	 * This means that only the bits above 'ri' in a need to be added,
-	 * and XXXXXXXXXXXXXXXXXXXXXXXX
-	 */
-BN_print_fp(stdout,t2); printf("\n");
-	BN_rshift(r,t2,mont->ri);
-
-	if (BN_ucmp(r,mont->N) >= 0)
-		bn_qsub(r,r,mont->N);
-
-	return(1);
-err:
-	return(0);
-	}
-
-int BN_MONT_CTX_set(mont,mod,ctx)
-BN_MONT_CTX *mont;
-BIGNUM *mod;
-BN_CTX *ctx;
-	{
-	BIGNUM *Ri=NULL,*R=NULL;
-
-	if (mont->RR == NULL) mont->RR=BN_new();
-	if (mont->N == NULL)  mont->N=BN_new();
-
-	R=mont->RR;					/* grab RR as a temp */
-	BN_copy(mont->N,mod);				/* Set N */
-
-	mont->ri=(BN_num_bits(mod)+(BN_BITS2-1))/BN_BITS2*BN_BITS2;
-	BN_lshift(R,BN_value_one(),mont->ri);			/* R */
-	if ((Ri=BN_mod_inverse(NULL,R,mod,ctx)) == NULL) goto err;/* Ri */
-	BN_lshift(Ri,Ri,mont->ri);				/* R*Ri */
-	bn_qsub(Ri,Ri,BN_value_one());				/* R*Ri - 1 */
-	BN_div(Ri,NULL,Ri,mod,ctx);
-	if (mont->Ni != NULL) BN_free(mont->Ni);
-	mont->Ni=Ri;					/* Ni=(R*Ri-1)/N */
-
-	/* setup RR for conversions */
-	BN_lshift(mont->RR,BN_value_one(),mont->ri*2);
-	BN_mod(mont->RR,mont->RR,mont->N,ctx);
-
-	return(1);
-err:
-	return(0);
-	}
-
-

crypto/bn/test.c

@@ -1,243 +0,0 @@
-/* unused */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-#define SIZE	32
-
-#define BN_MONT_CTX_set		bn_mcs
-#define BN_from_montgomery	bn_fm
-#define BN_mod_mul_montgomery	bn_mmm
-#undef BN_to_montgomery
-#define BN_to_montgomery(r,a,mont,ctx)	bn_mmm(\
-	r,a,(mont)->RR,(mont),ctx)
-
-main()
-	{
-	BIGNUM prime,a,b,r,A,B,R;
-	BN_MONT_CTX *mont;
-	BN_CTX *ctx;
-	int i;
-
-	ctx=BN_CTX_new();
-	BN_init(&prime);
-	BN_init(&a); BN_init(&b); BN_init(&r);
-	BN_init(&A); BN_init(&B); BN_init(&R);
-
-	BN_generate_prime(&prime,SIZE,0,NULL,NULL,NULL,NULL);
-	BN_rand(&A,SIZE,1,0);
-	BN_rand(&B,SIZE,1,0);
-	BN_mod(&A,&A,&prime,ctx);
-	BN_mod(&B,&B,&prime,ctx);
-
-	i=A.top;
-	BN_mul(&R,&A,&B,ctx);
-	BN_mask_bits(&R,i*BN_BITS2);
-
-
-	BN_print_fp(stdout,&A); printf(" <- a\n");
-	BN_print_fp(stdout,&B); printf(" <- b\n");
-	BN_mul_high(&r,&A,&B,&R,i);
-	BN_print_fp(stdout,&r); printf(" <- high(BA*DC)\n");
-
-	BN_mask_bits(&A,i*32);
-	BN_mask_bits(&B,i*32);
-
-	BN_mul(&R,&A,&B);
-	BN_rshift(&R,&R,i*32);
-	BN_print_fp(stdout,&R); printf(" <- norm BA*DC\n");
-	BN_sub(&R,&R,&r);
-	BN_print_fp(stdout,&R); printf(" <- diff\n");
-	}
-
-#if 0
-int bn_mul_high(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *low, int words)
-	{
-	int i;
-	BIGNUM t1,t2,t3,h,ah,al,bh,bl,m,s0,s1;
-
-	BN_init(&al); BN_init(&ah);
-	BN_init(&bl); BN_init(&bh);
-	BN_init(&t1); BN_init(&t2); BN_init(&t3);
-	BN_init(&s0); BN_init(&s1);
-	BN_init(&h); BN_init(&m);
-
-	i=a->top;
-	if (i >= words)
-		{
-		al.top=words;
-		ah.top=a->top-words;
-		ah.d= &(a->d[ah.top]);
-		}
-	else
-		al.top=i;
-	al.d=a->d;
-
-	i=b->top;
-	if (i >= words)
-		{
-		bl.top=words;
-		bh.top=i-words;
-		bh.d= &(b->d[bh.top]);
-		}
-	else
-		bl.top=i;
-	bl.d=b->d;
-
-	i=low->top;
-	if (i >= words)
-		{
-		s0.top=words;
-		s1.top=i-words;
-		s1.d= &(low->d[s1.top]);
-		}
-	else
-		s0.top=i;
-	s0.d=low->d;
-
-al.max=al.top; ah.max=ah.top;
-bl.max=bl.top; bh.max=bh.top;
-s0.max=bl.top; s1.max=bh.top;
-
-	/* Calculate (al-ah)*(bh-bl) */
-	BN_sub(&t1,&al,&ah);
-	BN_sub(&t2,&bh,&bl);
-	BN_mul(&m,&t1,&t2);
-
-	/* Calculate ah*bh */
-	BN_mul(&h,&ah,&bh);
-
-	/* s0 == low(al*bl)
-	 * s1 == low(ah*bh)+low((al-ah)*(bh-bl))+low(al*bl)+high(al*bl)
-	 * We know s0 and s1 so the only unknown is high(al*bl)
-	 * high(al*bl) == s1 - low(ah*bh+(al-ah)*(bh-bl)+s0)
-	 */
-	BN_add(&m,&m,&h);
-	BN_add(&t2,&m,&s0);
-	/* Quick and dirty mask off of high words */
-	t3.d=t2.d;
-	t3.top=(t2.top > words)?words:t2.top;
-	t3.neg=t2.neg;
-t3.max=t3.top;
-/* BN_print_fp(stdout,&s1); printf(" s1\n"); */
-/* BN_print_fp(stdout,&t2); printf(" middle value\n"); */
-/* BN_print_fp(stdout,&t3); printf(" low middle value\n"); */
-	BN_sub(&t1,&s1,&t3);
-
-	if (t1.neg)
-		{
-/*printf("neg fixup\n"); BN_print_fp(stdout,&t1); printf(" before\n"); */
-		BN_lshift(&t2,BN_value_one(),words*32);
-		BN_add(&t1,&t2,&t1);
-		BN_mask_bits(&t1,words*32);
-/* BN_print_fp(stdout,&t1); printf(" after\n"); */
-		}
-	/* al*bl == high(al*bl)<<words+s0 */
-	BN_lshift(&t1,&t1,words*32);
-	BN_add(&t1,&t1,&s0);
-	
-	/* We now have
-	 * al*bl			- t1
-	 * (al-ah)*(bh-bl)+ah*bh	- m
-	 * ah*bh			- h
-	 */
-	BN_copy(r,&t1);
-	BN_mask_bits(r,words*32*2);
-
-	/*BN_lshift(&m,&m,words*/
-
-	BN_free(&t1); BN_free(&t2);
-	BN_free(&m); BN_free(&h);
-	}
-
-int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_MONT_CTX *mont,
-	     BN_CTX *ctx)
-	{
-	BIGNUM *tmp;
-
-        tmp= &(ctx->bn[ctx->tos++]);
-
-	if (a == b)
-		{
-		if (!BN_sqr(tmp,a,ctx)) goto err;
-		}
-	else
-		{
-		if (!BN_mul(tmp,a,b)) goto err;
-		}
-	/* reduce from aRR to aR */
-	if (!BN_from_montgomery(r,tmp,mont,ctx)) goto err;
-	ctx->tos--;
-	return(1);
-err:
-	return(0);
-	}
-
-int BN_from_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont, BN_CTX *ctx)
-	{
-	BIGNUM z1;
-	BIGNUM *t1,*t2;
-	BN_ULONG *ap,*bp,*rp;
-	int j,i,bl,al;
-
-	BN_init(&z1);
-	t1= &(ctx->bn[ctx->tos]);
-	t2= &(ctx->bn[ctx->tos+1]);
-
-	if (!BN_copy(t1,a)) goto err;
-	/* can cheat */
-	BN_mask_bits(t1,mont->ri);
-	if (!BN_mul(t2,t1,mont->Ni)) goto err;
-	BN_mask_bits(t2,mont->ri);
-
-	if (!BN_mul(t1,t2,mont->N)) goto err;
-	if (!BN_add(t2,t1,a)) goto err;
-
-	/* At this point, t2 has the bottom ri bits set to zero.
-	 * This means that the bottom ri bits == the 1^ri minus the bottom
-	 * ri bits of a.
-	 * This means that only the bits above 'ri' in a need to be added,
-	 * and XXXXXXXXXXXXXXXXXXXXXXXX
-	 */
-BN_print_fp(stdout,t2); printf("\n");
-	BN_rshift(r,t2,mont->ri);
-
-	if (BN_ucmp(r,mont->N) >= 0)
-		BN_usub(r,r,mont->N);
-
-	return(1);
-err:
-	return(0);
-	}
-
-int BN_MONT_CTX_set(BN_MONT_CTX *mont, BIGNUM *mod, BN_CTX *ctx)
-	{
-	BIGNUM *Ri=NULL,*R=NULL;
-
-	if (mont->RR == NULL) mont->RR=BN_new();
-	if (mont->N == NULL)  mont->N=BN_new();
-
-	R=mont->RR;					/* grab RR as a temp */
-	BN_copy(mont->N,mod);				/* Set N */
-
-	mont->ri=(BN_num_bits(mod)+(BN_BITS2-1))/BN_BITS2*BN_BITS2;
-	BN_lshift(R,BN_value_one(),mont->ri);			/* R */
-	if ((Ri=BN_mod_inverse(NULL,R,mod,ctx)) == NULL) goto err;/* Ri */
-	BN_lshift(Ri,Ri,mont->ri);				/* R*Ri */
-	BN_usub(Ri,Ri,BN_value_one());				/* R*Ri - 1 */
-	BN_div(Ri,NULL,Ri,mod,ctx);
-	if (mont->Ni != NULL) BN_free(mont->Ni);
-	mont->Ni=Ri;					/* Ni=(R*Ri-1)/N */
-
-	/* setup RR for conversions */
-	BN_lshift(mont->RR,BN_value_one(),mont->ri*2);
-	BN_mod(mont->RR,mont->RR,mont->N,ctx);
-
-	return(1);
-err:
-	return(0);
-	}
-
-
-#endif

crypto/crypto-lib.com

@@ -194,7 +194,7 @@ $ LIB_IDEA = "i_cbc,i_cfb64,i_ofb64,i_ecb,i_skey"
 $ LIB_BF = "bf_skey,bf_ecb,bf_enc,bf_cfb64,bf_ofb64"
 $ LIB_CAST = "c_skey,c_ecb,c_enc,c_cfb64,c_ofb64"
 $ LIB_BN_ASM = "[.asm]vms.mar,vms-helper"
-$ IF F$TRNLNM("OPENSSL_NO_ASM") .NES. "" THEN LIB_BN_ASM = "bn_asm"
+$ IF F$TRNLNM("OPENSSL_NO_ASM").OR.ARCH.EQS."AXP" THEN LIB_BN_ASM = "bn_asm"
 $ LIB_BN = "bn_add,bn_div,bn_exp,bn_lib,bn_ctx,bn_mul,"+ -
 	"bn_print,bn_rand,bn_shift,bn_word,bn_blind,"+ -
 	"bn_gcd,bn_prime,bn_err,bn_sqr,"+LIB_BN_ASM+",bn_recp,bn_mont,"+ -
@@ -211,7 +211,7 @@ $ LIB_BIO = "bio_lib,bio_cb,bio_err,"+ -
 	"b_sock,bss_acpt,bf_nbio,bss_rtcp,bss_bio" ! + ",bss_log" for syslog
 $ LIB_STACK = "stack"
 $ LIB_LHASH = "lhash,lh_stats"
-$ LIB_RAND = "md_rand,randfile,rand_lib,rand_err"
+$ LIB_RAND = "md_rand,randfile,rand_lib,rand_err,rand_egd"
 $ LIB_ERR = "err,err_all,err_prn"
 $ LIB_OBJECTS = "o_names,obj_dat,obj_lib,obj_err"
 $ LIB_EVP = "encode,digest,evp_enc,evp_key,"+ -
@@ -1140,15 +1140,36 @@ $!
 $! Set Up Initial CC Definitions, Possibly With User Ones
 $!
 $ CCDEFS = "VMS=1,TCPIP_TYPE_''P5'"
+$ IF F$TRNLNM("OPENSSL_NO_ASM") THEN CCDEFS = CCDEFS + ",NO_ASM"
+$ IF F$TRNLNM("OPENSSL_NO_RSA") THEN CCDEFS = CCDEFS + ",NO_RSA"
+$ IF F$TRNLNM("OPENSSL_NO_DSA") THEN CCDEFS = CCDEFS + ",NO_DSA"
+$ IF F$TRNLNM("OPENSSL_NO_DH") THEN CCDEFS = CCDEFS + ",NO_DH"
+$ IF F$TRNLNM("OPENSSL_NO_MD2") THEN CCDEFS = CCDEFS + ",NO_MD2"
+$ IF F$TRNLNM("OPENSSL_NO_MD5") THEN CCDEFS = CCDEFS + ",NO_MD5"
+$ IF F$TRNLNM("OPENSSL_NO_RIPEMD") THEN CCDEFS = CCDEFS + ",NO_RIPEMD"
+$ IF F$TRNLNM("OPENSSL_NO_SHA") THEN CCDEFS = CCDEFS + ",NO_SHA"
+$ IF F$TRNLNM("OPENSSL_NO_SHA0") THEN CCDEFS = CCDEFS + ",NO_SHA0"
+$ IF F$TRNLNM("OPENSSL_NO_SHA1") THEN CCDEFS = CCDEFS + ",NO_SHA1"
+$ IF F$TRNLNM("OPENSSL_NO_DES")
+$ THEN
+$   CCDEFS = CCDEFS + ",NO_DES,NO_MDC2"
+$ ELSE
+$   IF F$TRNLNM("OPENSSL_NO_MDC2") THEN CCDEFS = CCDEFS + ",NO_MDC2"
+$ ENDIF
+$ IF F$TRNLNM("OPENSSL_NO_RC2") THEN CCDEFS = CCDEFS + ",NO_RC2"
+$ IF F$TRNLNM("OPENSSL_NO_RC4") THEN CCDEFS = CCDEFS + ",NO_RC4"
+$ IF F$TRNLNM("OPENSSL_NO_RC5") THEN CCDEFS = CCDEFS + ",NO_RC5"
+$ IF F$TRNLNM("OPENSSL_NO_IDEA") THEN CCDEFS = CCDEFS + ",NO_IDEA"
+$ IF F$TRNLNM("OPENSSL_NO_BF") THEN CCDEFS = CCDEFS + ",NO_BF"
+$ IF F$TRNLNM("OPENSSL_NO_CAST") THEN CCDEFS = CCDEFS + ",NO_CAST"
+$ IF F$TRNLNM("OPENSSL_NO_HMAC") THEN CCDEFS = CCDEFS + ",NO_HMAC"
+$ IF F$TRNLNM("OPENSSL_NO_SSL2") THEN CCDEFS = CCDEFS + ",NO_SSL2"
 $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
 $ CCEXTRAFLAGS = ""
 $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
-$ CCDISABLEWARNINGS = ""
+$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX"
 $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
-	CCDISABLEWARNINGS = USER_CCDISABLEWARNINGS
-$!$ CCDISABLEWARNINGS = "NONSTANDCAST"
-$!$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
-$!	CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
+	CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
 $!
 $!  Check To See If The User Entered A Valid Paramter.
 $!

crypto/crypto.h

@@ -77,6 +77,11 @@ extern "C" {
 #include <openssl/ebcdic.h>
 #endif
 
+#if defined(VMS) || defined(__VMS)
+#include "vms_idhacks.h"
+#endif
+
+
 /* Backward compatibility to SSLeay */
 /* This is more to be used to check the correct DLL is being used
  * in the MS world. */
@@ -183,7 +188,7 @@ typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d
 					int idx, long argl, void *argp);
 
 /* This stuff is basically class callback functions
- * The current classes are SSL_CTX, SSL, SSL_SESION, and a few more */
+ * The current classes are SSL_CTX, SSL, SSL_SESSION, and a few more */
 
 typedef struct crypto_ex_data_func_st
 	{

crypto/des/destest.c

@@ -795,7 +795,7 @@ plain[8+4], plain[8+5], plain[8+6], plain[8+7]);
 		err=1;
 		}
 	printf("\n");
-	exit(err);
+	return(err);
 	}
 
 static char *pt(unsigned char *p)

crypto/err/openssl.ec

@@ -48,11 +48,11 @@ R SSL_R_TLSV1_ALERT_UNKNOWN_CA			1048
 R SSL_R_TLSV1_ALERT_ACCESS_DENIED		1049
 R SSL_R_TLSV1_ALERT_DECODE_ERROR		1050
 R SSL_R_TLSV1_ALERT_DECRYPT_ERROR		1051
-R SSL_R_TLSV1_ALERT_EXPORT_RESTRICION		1060
+R SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION		1060
 R SSL_R_TLSV1_ALERT_PROTOCOL_VERSION		1070
 R SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY	1071
 R SSL_R_TLSV1_ALERT_INTERNAL_ERROR		1080
-R SSL_R_TLSV1_ALERT_USER_CANCLED		1090
+R SSL_R_TLSV1_ALERT_USER_CANCELLED		1090
 R SSL_R_TLSV1_ALERT_NO_RENEGOTIATION		1100
 
 R RSAREF_R_CONTENT_ENCODING			0x0400

crypto/evp/evp.h

@@ -617,16 +617,16 @@ int		EVP_PKEY_bits(EVP_PKEY *pkey);
 int		EVP_PKEY_size(EVP_PKEY *pkey);
 int 		EVP_PKEY_assign(EVP_PKEY *pkey,int type,char *key);
 #ifndef NO_RSA
-int 		EVP_PKEY_rset_RSA(EVP_PKEY *pkey,RSA *key);
-RSA *		EVP_PKEY_rget_RSA(EVP_PKEY *pkey);
+int 		EVP_PKEY_set1_RSA(EVP_PKEY *pkey,RSA *key);
+RSA *		EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
 #endif
 #ifndef NO_DSA
-int 		EVP_PKEY_rset_DSA(EVP_PKEY *pkey,DSA *key);
-DSA *		EVP_PKEY_rget_DSA(EVP_PKEY *pkey);
+int 		EVP_PKEY_set1_DSA(EVP_PKEY *pkey,DSA *key);
+DSA *		EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
 #endif
 #ifndef NO_DH
-int 		EVP_PKEY_rset_DH(EVP_PKEY *pkey,DH *key);
-DH *		EVP_PKEY_rget_DH(EVP_PKEY *pkey);
+int 		EVP_PKEY_set1_DH(EVP_PKEY *pkey,DH *key);
+DH *		EVP_PKEY_get1_DH(EVP_PKEY *pkey);
 #endif
 EVP_PKEY *	EVP_PKEY_new(void);
 void		EVP_PKEY_free(EVP_PKEY *pkey);
@@ -694,10 +694,10 @@ void EVP_PBE_cleanup(void);
 #define EVP_F_EVP_PKEY_COPY_PARAMETERS			 103
 #define EVP_F_EVP_PKEY_DECRYPT				 104
 #define EVP_F_EVP_PKEY_ENCRYPT				 105
+#define EVP_F_EVP_PKEY_GET1_DH				 119
+#define EVP_F_EVP_PKEY_GET1_DSA				 120
+#define EVP_F_EVP_PKEY_GET1_RSA				 121
 #define EVP_F_EVP_PKEY_NEW				 106
-#define EVP_F_EVP_PKEY_RGET_DH				 119
-#define EVP_F_EVP_PKEY_RGET_DSA				 120
-#define EVP_F_EVP_PKEY_RGET_RSA				 121
 #define EVP_F_EVP_SIGNFINAL				 107
 #define EVP_F_EVP_VERIFYFINAL				 108
 #define EVP_F_PKCS5_PBE_KEYIVGEN			 117

crypto/evp/evp_err.c

@@ -77,10 +77,10 @@ static ERR_STRING_DATA EVP_str_functs[]=
 {ERR_PACK(0,EVP_F_EVP_PKEY_COPY_PARAMETERS,0),	"EVP_PKEY_copy_parameters"},
 {ERR_PACK(0,EVP_F_EVP_PKEY_DECRYPT,0),	"EVP_PKEY_decrypt"},
 {ERR_PACK(0,EVP_F_EVP_PKEY_ENCRYPT,0),	"EVP_PKEY_encrypt"},
+{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_DH,0),	"EVP_PKEY_get1_DH"},
+{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_DSA,0),	"EVP_PKEY_get1_DSA"},
+{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_RSA,0),	"EVP_PKEY_get1_RSA"},
 {ERR_PACK(0,EVP_F_EVP_PKEY_NEW,0),	"EVP_PKEY_new"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_RGET_DH,0),	"EVP_PKEY_rget_DH"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_RGET_DSA,0),	"EVP_PKEY_rget_DSA"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_RGET_RSA,0),	"EVP_PKEY_rget_RSA"},
 {ERR_PACK(0,EVP_F_EVP_SIGNFINAL,0),	"EVP_SignFinal"},
 {ERR_PACK(0,EVP_F_EVP_VERIFYFINAL,0),	"EVP_VerifyFinal"},
 {ERR_PACK(0,EVP_F_PKCS5_PBE_KEYIVGEN,0),	"PKCS5_PBE_keyivgen"},

crypto/evp/p_lib.c

@@ -206,17 +206,17 @@ int EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key)
 	}
 
 #ifndef NO_RSA
-int EVP_PKEY_rset_RSA(EVP_PKEY *pkey, RSA *key)
+int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key)
 {
 	int ret = EVP_PKEY_assign_RSA(pkey, key);
 	if(ret) CRYPTO_add(&key->references, 1, CRYPTO_LOCK_RSA);
 	return ret;
 }
 
-RSA *EVP_PKEY_rget_RSA(EVP_PKEY *pkey)
+RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey)
 	{
 	if(pkey->type != EVP_PKEY_RSA) {
-		EVPerr(EVP_F_EVP_PKEY_RGET_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
+		EVPerr(EVP_F_EVP_PKEY_GET1_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
 		return NULL;
 	}
 	CRYPTO_add(&pkey->pkey.rsa->references, 1, CRYPTO_LOCK_RSA);
@@ -225,17 +225,17 @@ RSA *EVP_PKEY_rget_RSA(EVP_PKEY *pkey)
 #endif
 
 #ifndef NO_DSA
-int EVP_PKEY_rset_DSA(EVP_PKEY *pkey, DSA *key)
+int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key)
 {
 	int ret = EVP_PKEY_assign_DSA(pkey, key);
 	if(ret) CRYPTO_add(&key->references, 1, CRYPTO_LOCK_DSA);
 	return ret;
 }
 
-DSA *EVP_PKEY_rget_DSA(EVP_PKEY *pkey)
+DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
 	{
 	if(pkey->type != EVP_PKEY_DSA) {
-		EVPerr(EVP_F_EVP_PKEY_RGET_DSA, EVP_R_EXPECTING_A_DSA_KEY);
+		EVPerr(EVP_F_EVP_PKEY_GET1_DSA, EVP_R_EXPECTING_A_DSA_KEY);
 		return NULL;
 	}
 	CRYPTO_add(&pkey->pkey.dsa->references, 1, CRYPTO_LOCK_DSA);
@@ -245,17 +245,17 @@ DSA *EVP_PKEY_rget_DSA(EVP_PKEY *pkey)
 
 #ifndef NO_DH
 
-int EVP_PKEY_rset_DH(EVP_PKEY *pkey, DH *key)
+int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key)
 {
 	int ret = EVP_PKEY_assign_DH(pkey, key);
 	if(ret) CRYPTO_add(&key->references, 1, CRYPTO_LOCK_DH);
 	return ret;
 }
 
-DH *EVP_PKEY_rget_DH(EVP_PKEY *pkey)
+DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey)
 	{
 	if(pkey->type != EVP_PKEY_DH) {
-		EVPerr(EVP_F_EVP_PKEY_RGET_DH, EVP_R_EXPECTING_A_DH_KEY);
+		EVPerr(EVP_F_EVP_PKEY_GET1_DH, EVP_R_EXPECTING_A_DH_KEY);
 		return NULL;
 	}
 	CRYPTO_add(&pkey->pkey.dh->references, 1, CRYPTO_LOCK_DH);

crypto/objects/o_names.c

@@ -61,7 +61,7 @@ int OBJ_NAME_new_index(unsigned long (*hash_func)(), int (*cmp_func)(),
 		MemCheck_off();
 		name_funcs = Malloc(sizeof(NAME_FUNCS));
 		name_funcs->hash_func = lh_strhash;
-		name_funcs->cmp_func = strcmp;
+		name_funcs->cmp_func = (int (*)())strcmp;
 		name_funcs->free_func = 0; /* NULL is often declared to
 					    * ((void *)0), which according
 					    * to Compaq C is not really

crypto/opensslv.h

@@ -7,15 +7,15 @@
  * 0.9.3-dev	  0x00903000
  * 0.9.3beta1	  0x00903001
  * 0.9.3beta2-dev 0x00903002
- * 0.9.3beta2     0x00903002
+ * 0.9.3beta2     0x00903002 (same as ...beta2-dev)
  * 0.9.3	  0x00903100
  * 0.9.3a	  0x00903101
  * 0.9.4 	  0x00904100
  * 1.2.3z	  0x1020311a
  * (Prior to 0.9.3-dev a different scheme was used: 0.9.2b is 0x0922.)
  */
-#define OPENSSL_VERSION_NUMBER	0x00905001L
-#define OPENSSL_VERSION_TEXT	"OpenSSL 0.9.5beta1 24 Feb 2000"
+#define OPENSSL_VERSION_NUMBER	0x00905002L
+#define OPENSSL_VERSION_TEXT	"OpenSSL 0.9.5beta2 27 Feb 2000"
 #define OPENSSL_VERSION_PTEXT	" part of " OPENSSL_VERSION_TEXT
 
 #endif /* HEADER_OPENSSLV_H */

crypto/pem/pem_all.c

@@ -105,7 +105,7 @@ static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa)
 {
 	RSA *rtmp;
 	if(!key) return NULL;
-	rtmp = EVP_PKEY_rget_RSA(key);
+	rtmp = EVP_PKEY_get1_RSA(key);
 	EVP_PKEY_free(key);
 	if(!rtmp) return NULL;
 	if(rsa) {
@@ -147,7 +147,7 @@ static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa)
 {
 	DSA *dtmp;
 	if(!key) return NULL;
-	dtmp = EVP_PKEY_rget_DSA(key);
+	dtmp = EVP_PKEY_get1_DSA(key);
 	EVP_PKEY_free(key);
 	if(!dtmp) return NULL;
 	if(dsa) {

crypto/perlasm/x86ms.pl

@@ -341,7 +341,14 @@ sub main'set_label
 		$label{$_[0]}="${label}${_[0]}";
 		$label++;
 		}
-	push(@out,"$label{$_[0]}:\n");
+	if((defined $_[1]) && ($_[1] == 1))
+		{
+		push(@out,"$label{$_[0]}::\n");
+		}
+	else
+		{
+		push(@out,"$label{$_[0]}:\n");
+		}
 	}
 
 sub main'data_word

crypto/pkcs7/pk7_smime.c

@@ -184,7 +184,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
 	}
 
 
-	signers = PKCS7_iget_signers(p7, certs, flags);
+	signers = PKCS7_get0_signers(p7, certs, flags);
 
 	if(!signers) return 0;
 
@@ -264,7 +264,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
 	return 0;
 }
 
-STACK_OF(X509) *PKCS7_iget_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags)
+STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags)
 {
 	STACK_OF(X509) *signers;
 	STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
@@ -274,16 +274,16 @@ STACK_OF(X509) *PKCS7_iget_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags)
 	int i;
 
 	if(!p7) {
-		PKCS7err(PKCS7_F_PKCS7_IGET_SIGNERS,PKCS7_R_INVALID_NULL_POINTER);
+		PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_INVALID_NULL_POINTER);
 		return NULL;
 	}
 
 	if(!PKCS7_type_is_signed(p7)) {
-		PKCS7err(PKCS7_F_PKCS7_IGET_SIGNERS,PKCS7_R_WRONG_CONTENT_TYPE);
+		PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_WRONG_CONTENT_TYPE);
 		return NULL;
 	}
 	if(!(signers = sk_X509_new(NULL))) {
-		PKCS7err(PKCS7_F_PKCS7_IGET_SIGNERS,ERR_R_MALLOC_FAILURE);
+		PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,ERR_R_MALLOC_FAILURE);
 		return NULL;
 	}
 
@@ -292,7 +292,7 @@ STACK_OF(X509) *PKCS7_iget_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags)
 	sinfos = PKCS7_get_signer_info(p7);
 
 	if(sk_PKCS7_SIGNER_INFO_num(sinfos) <= 0) {
-		PKCS7err(PKCS7_F_PKCS7_IGET_SIGNERS,PKCS7_R_NO_SIGNERS);
+		PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_NO_SIGNERS);
 		return 0;
 	}
 
@@ -309,7 +309,7 @@ STACK_OF(X509) *PKCS7_iget_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags)
 		              X509_find_by_issuer_and_serial (p7->d.sign->cert,
 					      	ias->issuer, ias->serial);
 	    if (!signer) {
-			PKCS7err(PKCS7_F_PKCS7_IGET_SIGNERS,PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND);
+			PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND);
 			sk_X509_free(signers);
 			return 0;
 	    }

crypto/pkcs7/pkcs7.h

@@ -397,7 +397,7 @@ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
 							BIO *data, int flags);
 int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
 					BIO *indata, BIO *out, int flags);
-STACK_OF(X509) *PKCS7_iget_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags);
+STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags);
 PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, EVP_CIPHER *cipher,
 								int flags);
 int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags);
@@ -433,7 +433,7 @@ int SMIME_text(BIO *in, BIO *out);
 #define PKCS7_F_PKCS7_DATAVERIFY			 107
 #define PKCS7_F_PKCS7_DECRYPT				 114
 #define PKCS7_F_PKCS7_ENCRYPT				 115
-#define PKCS7_F_PKCS7_IGET_SIGNERS			 124
+#define PKCS7_F_PKCS7_GET0_SIGNERS			 124
 #define PKCS7_F_PKCS7_SET_CIPHER			 108
 #define PKCS7_F_PKCS7_SET_CONTENT			 109
 #define PKCS7_F_PKCS7_SET_TYPE				 110

crypto/pkcs7/pkcs7err.c

@@ -79,7 +79,7 @@ static ERR_STRING_DATA PKCS7_str_functs[]=
 {ERR_PACK(0,PKCS7_F_PKCS7_DATAVERIFY,0),	"PKCS7_dataVerify"},
 {ERR_PACK(0,PKCS7_F_PKCS7_DECRYPT,0),	"PKCS7_decrypt"},
 {ERR_PACK(0,PKCS7_F_PKCS7_ENCRYPT,0),	"PKCS7_encrypt"},
-{ERR_PACK(0,PKCS7_F_PKCS7_IGET_SIGNERS,0),	"PKCS7_iget_signers"},
+{ERR_PACK(0,PKCS7_F_PKCS7_GET0_SIGNERS,0),	"PKCS7_get0_signers"},
 {ERR_PACK(0,PKCS7_F_PKCS7_SET_CIPHER,0),	"PKCS7_set_cipher"},
 {ERR_PACK(0,PKCS7_F_PKCS7_SET_CONTENT,0),	"PKCS7_set_content"},
 {ERR_PACK(0,PKCS7_F_PKCS7_SET_TYPE,0),	"PKCS7_set_type"},

crypto/rand/Makefile.ssl

@@ -22,8 +22,8 @@ TEST= randtest.c
 APPS=
 
 LIB=$(TOP)/libcrypto.a
-LIBSRC=md_rand.c randfile.c rand_lib.c rand_err.c
-LIBOBJ=md_rand.o randfile.o rand_lib.o rand_err.o
+LIBSRC=md_rand.c randfile.c rand_lib.c rand_err.c rand_egd.c
+LIBOBJ=md_rand.o randfile.o rand_lib.o rand_err.o rand_egd.o
 
 SRC= $(LIBSRC)
 
@@ -83,7 +83,10 @@ md_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
 md_rand.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
 md_rand.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
 md_rand.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+rand_egd.o: ../../include/openssl/opensslconf.h ../../include/openssl/rand.h
 rand_err.o: ../../include/openssl/err.h ../../include/openssl/rand.h
 rand_lib.o: ../../include/openssl/rand.h
-randfile.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-randfile.o: ../../include/openssl/opensslconf.h ../../include/openssl/rand.h
+randfile.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
+randfile.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+randfile.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
+randfile.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h

crypto/rand/md_rand.c

@@ -139,6 +139,7 @@ static unsigned char state[STATE_SIZE+MD_DIGEST_LENGTH];
 static unsigned char md[MD_DIGEST_LENGTH];
 static long md_count[2]={0,0};
 static double entropy=0;
+static int initialized=0;
 
 const char *RAND_version="RAND" OPENSSL_VERSION_PTEXT;
 
@@ -281,13 +282,13 @@ static void ssleay_rand_add(const void *buf, int num, double add)
 		{
 		md[k] ^= local_md[k];
 		}
+	if (entropy < ENTROPY_NEEDED) /* stop counting when we have enough */
+	    entropy += add;
 	CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 	
 #ifndef THREADS	
 	assert(md_c[1] == md_count[1]);
 #endif
-	if (entropy < ENTROPY_NEEDED) /* stop counting when we have enough */
-	    entropy += add;
 	}
 
 static void ssleay_rand_seed(const void *buf, int num)
@@ -295,6 +296,52 @@ static void ssleay_rand_seed(const void *buf, int num)
 	ssleay_rand_add(buf, num, num);
 	}
 
+static void ssleay_rand_initialize(void)
+	{
+	unsigned long l;
+#ifndef GETPID_IS_MEANINGLESS
+	pid_t curr_pid = getpid();
+#endif
+#ifdef DEVRANDOM
+	FILE *fh;
+#endif
+
+	CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+	/* put in some default random data, we need more than just this */
+#ifndef GETPID_IS_MEANINGLESS
+	l=curr_pid;
+	RAND_add(&l,sizeof(l),0);
+	l=getuid();
+	RAND_add(&l,sizeof(l),0);
+#endif
+	l=time(NULL);
+	RAND_add(&l,sizeof(l),0);
+
+#ifdef DEVRANDOM
+	/* Use a random entropy pool device. Linux, FreeBSD and OpenBSD
+	 * have this. Use /dev/urandom if you can as /dev/random may block
+	 * if it runs out of random entries.  */
+
+	if ((fh = fopen(DEVRANDOM, "r")) != NULL)
+		{
+		unsigned char tmpbuf[ENTROPY_NEEDED];
+		int n;
+		
+		setvbuf(fh, NULL, _IONBF, 0);
+		n=fread((unsigned char *)tmpbuf,1,ENTROPY_NEEDED,fh);
+		fclose(fh);
+		RAND_add(tmpbuf,sizeof tmpbuf,n);
+		memset(tmpbuf,0,n);
+		}
+#endif
+#ifdef PURIFY
+	memset(state,0,STATE_SIZE);
+	memset(md,0,MD_DIGEST_LENGTH);
+#endif
+	CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+	initialized=1;
+	}
+
 static int ssleay_rand_bytes(unsigned char *buf, int num)
 	{
 	int i,j,k,st_num,st_idx;
@@ -302,14 +349,9 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
 	long md_c[2];
 	unsigned char local_md[MD_DIGEST_LENGTH];
 	MD_CTX m;
-	static int init=1;
-	unsigned long l;
 #ifndef GETPID_IS_MEANINGLESS
 	pid_t curr_pid = getpid();
 #endif
-#ifdef DEVRANDOM
-	FILE *fh;
-#endif
 
 #ifdef PREDICT
 	{
@@ -342,49 +384,23 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
 
 	CRYPTO_w_lock(CRYPTO_LOCK_RAND);
 
-	if (init)
-		{
-		CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-		/* put in some default random data, we need more than
-		 * just this */
-		RAND_add(&m,sizeof(m),0);
-#ifndef GETPID_IS_MEANINGLESS
-		l=curr_pid;
-		RAND_add(&l,sizeof(l),0);
-		l=getuid();
-		RAND_add(&l,sizeof(l),0);
-#endif
-		l=time(NULL);
-		RAND_add(&l,sizeof(l),0);
-
-#ifdef DEVRANDOM
-		/* 
-		 * Use a random entropy pool device.
-		 * Linux 1.3.x and FreeBSD-Current has 
-		 * this. Use /dev/urandom if you can
-		 * as /dev/random will block if it runs out
-		 * of random entries.
-		 */
-		if ((fh = fopen(DEVRANDOM, "r")) != NULL)
-			{
-			unsigned char tmpbuf[ENTROPY_NEEDED];
-			int n;
-
-			n=fread((unsigned char *)tmpbuf,1,ENTROPY_NEEDED,fh);
-			fclose(fh);
-			RAND_add(tmpbuf,sizeof tmpbuf,n);
-			memset(tmpbuf,0,n);
-			}
-#endif
-#ifdef PURIFY
-		memset(state,0,STATE_SIZE);
-		memset(md,0,MD_DIGEST_LENGTH);
-#endif
-		CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-		init=0;
-		}
+	if (!initialized)
+		ssleay_rand_initialize();
 
 	ok = (entropy >= ENTROPY_NEEDED);
+	if (!ok)
+		{
+		/* If the PRNG state is not yet unpredictable, then seeing
+		 * the PRNG output may help attackers to determine the new
+		 * state; thus we have to decrease the entropy estimate.
+		 * Once we've had enough initial seeding we don't bother to
+		 * adjust the entropy count, though, because we're not ambitious
+		 * to provide *information-theoretic* randomness.
+		 */
+		entropy -= num;
+		if (entropy < 0)
+			entropy = 0;
+		}
 
 	st_idx=state_index;
 	st_num=state_num;
@@ -473,6 +489,13 @@ static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num)
 	return (ret);
 	}
 
+int RAND_status(void)
+	{
+	if (!initialized)
+		ssleay_rand_initialize();
+	return (entropy >= ENTROPY_NEEDED);
+	}
+
 #ifdef WINDOWS
 #include <windows.h>
 #include <openssl/rand.h>

crypto/rand/rand.h

@@ -83,6 +83,8 @@ void RAND_add(const void *buf,int num,double entropy);
 int  RAND_load_file(const char *file,long max_bytes);
 int  RAND_write_file(const char *file);
 const char *RAND_file_name(char *file,int num);
+int RAND_status(void);
+int RAND_egd(const char *path);
 #ifdef WINDOWS
 void RAND_screen(void);
 #endif

crypto/rand/rand_egd.c

@@ -0,0 +1,109 @@
+/* crypto/rand/rand_egd.c */
+/* Written by Ulf Moeller for the OpenSSL project. */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/rand.h>
+
+/* Query the EGD <URL: http://www.lothar.com/tech/crypto/>.
+ */
+
+#if defined(WIN32) || defined(VMS) || defined(__VMS)
+int RAND_egd(const char *path)
+	{
+	return(-1);
+	}
+#else
+#include <openssl/opensslconf.h>
+#include OPENSSL_UNISTD
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/un.h>
+
+#ifndef offsetof
+#  define offsetof(TYPE, MEMBER) ((size_t) &((TYPE *)0)->MEMBER)
+#endif
+
+int RAND_egd(const char *path)
+	{
+	int ret = -1;
+	struct sockaddr_un addr;
+	int len, num;
+	int fd = -1;
+	unsigned char buf[256];
+
+	memset(&addr, 0, sizeof(addr));
+	addr.sun_family = AF_UNIX;
+	if (strlen(path) > sizeof(addr.sun_path))
+		return (-1);
+	strcpy(addr.sun_path,path);
+	len = offsetof(struct sockaddr_un, sun_path) + strlen(path);
+	fd = socket(AF_UNIX, SOCK_STREAM, 0);
+	if (fd == -1) return (-1);
+	if (connect(fd, (struct sockaddr *)&addr, len) == -1) goto err;
+	buf[0] = 1;
+	buf[1] = 255;
+	write(fd, buf, 2);
+	if (read(fd, buf, 1) != 1) goto err;
+    if (buf[0] == 0) goto err;
+	num = read(fd, buf, 255);
+	if (num < 1) goto err;
+	RAND_seed(buf, num);
+	if (RAND_status() == 1)
+		ret = num;
+ err:
+	if (fd != -1) close(fd);
+	return(ret);
+	}
+#endif

crypto/rand/randfile.c

@@ -63,6 +63,9 @@
 
 #include "openssl/e_os.h"
 
+#ifdef VMS
+#include <unixio.h>
+#endif
 #ifndef NO_SYS_TYPES_H
 # include <sys/types.h>
 #endif
@@ -72,6 +75,7 @@
 # include <sys/stat.h>
 #endif
 
+#include <openssl/crypto.h>
 #include <openssl/rand.h>
 
 #undef BUFSIZE
@@ -134,9 +138,15 @@ int RAND_write_file(const char *file)
 	/* Under VMS, fopen(file, "wb") will create a new version of the
 	   same file.  This is not good, so let's try updating an existing
 	   one, and create file only if it doesn't already exist. */
+	/* At the same time, if we just update a file, we also need to
+	   truncate it, and unfortunately, ftruncate() and truncate() do
+	   not exist everywhere.  All that remains is to delete old versions
+	   of the random data file (done at the end). */
+#if 0
 	out=fopen(file,"rb+");
 	if (out == NULL && errno != ENOENT)
 		goto err;
+#endif
 #endif
 
 	if (out == NULL)
@@ -174,8 +184,28 @@ int RAND_write_file(const char *file)
 #ifdef VMS
 	/* We may have updated an existing file using mode "rb+",
 	 * now remove any old extra bytes */
+#if 0
 	if (ret > 0)
 		ftruncate(fileno(out), ret);
+#else
+	/* Try to delete older versions of the file, until there aren't
+	   any */
+	{
+	char *tmpf;
+
+	tmpf = Malloc(strlen(file) + 4);  /* to add ";-1" and a nul */
+	if (tmpf)
+		{
+		strcpy(tmpf, file);
+		strcat(tmpf, ";-1");
+		while(delete(tmpf) == 0)
+			;
+		rename(file,";1"); /* Make sure it's version 1, or we
+				      will reach the limit (32767) at
+				      some point... */
+		}
+	}
+#endif
 #endif
 
 	fclose(out);

crypto/sha/asm/sha1-586.pl

@@ -392,7 +392,7 @@ sub sha1_block_data
 	&X_expand("esi");
 	 &mov(&wparam(1),"esi");
 
-	&set_label("shortcut");
+	&set_label("shortcut", 1);
 	&comment("");
 	&comment("Start processing");
 

crypto/threads/mttest.c

@@ -74,26 +74,29 @@
 #include <ulocks.h>
 #include <sys/prctl.h>
 #endif
+#ifdef PTHREADS
+#include <pthread.h>
+#endif
 #include <openssl/lhash.h>
 #include <openssl/crypto.h>
 #include <openssl/buffer.h>
-#include "../e_os.h"
+#include "../../e_os.h"
 #include <openssl/x509.h>
 #include <openssl/ssl.h>
 #include <openssl/err.h>
+#include <openssl/rand.h>
 
 #ifdef NO_FP_API
 #define APPS_WIN16
-#include "../crypto/buffer/bss_file.c"
+#include "../buffer/bss_file.c"
 #endif
 
-#define TEST_SERVER_CERT "../apps/server.pem"
-#define TEST_CLIENT_CERT "../apps/client.pem"
+#define TEST_SERVER_CERT "../../apps/server.pem"
+#define TEST_CLIENT_CERT "../../apps/client.pem"
 
 #define MAX_THREAD_NUMBER	100
 
-int MS_CALLBACK verify_callback(int ok, X509 *xs, X509 *xi, int depth,
-	int error,char *arg);
+int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *xs);
 void thread_setup(void);
 void thread_cleanup(void);
 void do_threads(SSL_CTX *s_ctx,SSL_CTX *c_ctx);
@@ -121,6 +124,8 @@ int number_of_loops=10;
 int reconnect=0;
 int cache_stats=0;
 
+static const char rnd_seed[] = "string to make the random number generator think it has entropy";
+
 int doit(char *ctx[4]);
 static void print_stats(FILE *fp, SSL_CTX *ctx)
 {
@@ -170,6 +175,8 @@ int main(int argc, char *argv[])
 	char *ccert=TEST_CLIENT_CERT;
 	SSL_METHOD *ssl_method=SSLv23_method();
 
+	RAND_seed(rnd_seed, sizeof rnd_seed);
+
 	if (bio_err == NULL)
 		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
 	if (bio_stdout == NULL)
@@ -259,8 +266,15 @@ bad:
 	SSL_CTX_set_session_cache_mode(c_ctx,
 		SSL_SESS_CACHE_NO_AUTO_CLEAR|SSL_SESS_CACHE_SERVER);
 
-	SSL_CTX_use_certificate_file(s_ctx,scert,SSL_FILETYPE_PEM);
-	SSL_CTX_use_RSAPrivateKey_file(s_ctx,scert,SSL_FILETYPE_PEM);
+	if (!SSL_CTX_use_certificate_file(s_ctx,scert,SSL_FILETYPE_PEM))
+		{
+		ERR_print_errors(bio_err);
+		}
+	else if (!SSL_CTX_use_RSAPrivateKey_file(s_ctx,scert,SSL_FILETYPE_PEM))
+		{
+		ERR_print_errors(bio_err);
+		goto end;
+		}
 
 	if (client_auth)
 		{
@@ -489,6 +503,7 @@ int doit(char *ctx[4])
 					else
 						{
 						fprintf(stderr,"ERROR in CLIENT\n");
+						ERR_print_errors_fp(stderr);
 						return(1);
 						}
 					}
@@ -520,6 +535,7 @@ int doit(char *ctx[4])
 					else
 						{
 						fprintf(stderr,"ERROR in CLIENT\n");
+						ERR_print_errors_fp(stderr);
 						return(1);
 						}
 					}
@@ -652,18 +668,23 @@ err:
 	return(0);
 	}
 
-int MS_CALLBACK verify_callback(int ok, X509 *xs, X509 *xi, int depth,
-	     int error, char *arg)
+int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
 	{
-	char buf[256];
+	char *s, buf[256];
 
 	if (verbose)
 		{
-		X509_NAME_oneline(X509_get_subject_name(xs),buf,256);
-		if (ok)
-			fprintf(stderr,"depth=%d %s\n",depth,buf);
-		else
-			fprintf(stderr,"depth=%d error=%d %s\n",depth,error,buf);
+		s=X509_NAME_oneline(X509_get_subject_name(ctx->current_cert),
+				    buf,256);
+		if (s != NULL)
+			{
+			if (ok)
+				fprintf(stderr,"depth=%d %s\n",
+					ctx->error_depth,buf);
+			else
+				fprintf(stderr,"depth=%d error=%d %s\n",
+					ctx->error_depth,ctx->error,buf);
+			}
 		}
 	return(ok);
 	}
@@ -672,13 +693,14 @@ int MS_CALLBACK verify_callback(int ok, X509 *xs, X509 *xi, int depth,
 
 #ifdef WIN32
 
-static HANDLE lock_cs[CRYPTO_NUM_LOCKS];
+static HANDLE *lock_cs;
 
 void thread_setup(void)
 	{
 	int i;
 
-	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+	lock_cs=Malloc(CRYPTO_num_locks() * sizeof(HANDLE));
+	for (i=0; i<CRYPTO_num_locks(); i++)
 		{
 		lock_cs[i]=CreateMutex(NULL,FALSE,NULL);
 		}
@@ -692,8 +714,9 @@ void thread_cleanup(void)
 	int i;
 
 	CRYPTO_set_locking_callback(NULL);
-	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+	for (i=0; i<CRYPTO_num_locks(); i++)
 		CloseHandle(lock_cs[i]);
+	Free(lock_cs);
 	}
 
 void win32_locking_callback(int mode, int type, char *file, int line)
@@ -763,15 +786,17 @@ void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx)
 
 #ifdef SOLARIS
 
-static mutex_t lock_cs[CRYPTO_NUM_LOCKS];
-/*static rwlock_t lock_cs[CRYPTO_NUM_LOCKS]; */
-static long lock_count[CRYPTO_NUM_LOCKS];
+static mutex_t *lock_cs;
+/*static rwlock_t *lock_cs; */
+static long *lock_count;
 
 void thread_setup(void)
 	{
 	int i;
 
-	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+	lock_cs=Malloc(CRYPTO_num_locks() * sizeof(mutex_t));
+	lock_count=Malloc(CRYPTO_num_locks() * sizeof(long));
+	for (i=0; i<CRYPTO_num_locks(); i++)
 		{
 		lock_count[i]=0;
 		/* rwlock_init(&(lock_cs[i]),USYNC_THREAD,NULL); */
@@ -787,31 +812,37 @@ void thread_cleanup(void)
 	int i;
 
 	CRYPTO_set_locking_callback(NULL);
-fprintf(stderr,"cleanup\n");
-	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+
+	fprintf(stderr,"cleanup\n");
+
+	for (i=0; i<CRYPTO_num_locks(); i++)
 		{
 		/* rwlock_destroy(&(lock_cs[i])); */
 		mutex_destroy(&(lock_cs[i]));
 		fprintf(stderr,"%8ld:%s\n",lock_count[i],CRYPTO_get_lock_name(i));
 		}
-fprintf(stderr,"done cleanup\n");
+	Free(lock_cs);
+	Free(lock_count);
+
+	fprintf(stderr,"done cleanup\n");
+
 	}
 
 void solaris_locking_callback(int mode, int type, char *file, int line)
 	{
 #ifdef undef
-fprintf(stderr,"thread=%4d mode=%s lock=%s %s:%d\n",
-	CRYPTO_thread_id(),
-	(mode&CRYPTO_LOCK)?"l":"u",
-	(type&CRYPTO_READ)?"r":"w",file,line);
+	fprintf(stderr,"thread=%4d mode=%s lock=%s %s:%d\n",
+		CRYPTO_thread_id(),
+		(mode&CRYPTO_LOCK)?"l":"u",
+		(type&CRYPTO_READ)?"r":"w",file,line);
 #endif
 
-/*
-if (CRYPTO_LOCK_SSL_CERT == type)
+	/*
+	if (CRYPTO_LOCK_SSL_CERT == type)
 	fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
 		CRYPTO_thread_id(),
 		mode,file,line);
-*/
+	*/
 	if (mode & CRYPTO_LOCK)
 		{
 	/*	if (mode & CRYPTO_READ)
@@ -871,7 +902,7 @@ unsigned long solaris_thread_id(void)
 
 
 static usptr_t *arena;
-static usema_t *lock_cs[CRYPTO_NUM_LOCKS];
+static usema_t **lock_cs;
 
 void thread_setup(void)
 	{
@@ -888,7 +919,8 @@ void thread_setup(void)
 	arena=usinit(filename);
 	unlink(filename);
 
-	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+	lock_cs=Malloc(CRYPTO_num_locks() * sizeof(usema_t *));
+	for (i=0; i<CRYPTO_num_locks(); i++)
 		{
 		lock_cs[i]=usnewsema(arena,1);
 		}
@@ -902,7 +934,7 @@ void thread_cleanup(void)
 	int i;
 
 	CRYPTO_set_locking_callback(NULL);
-	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+	for (i=0; i<CRYPTO_num_locks(); i++)
 		{
 		char buf[10];
 
@@ -910,6 +942,7 @@ void thread_cleanup(void)
 		usdumpsema(lock_cs[i],stdout,buf);
 		usfreesema(lock_cs[i],arena);
 		}
+	Free(lock_cs);
 	}
 
 void irix_locking_callback(int mode, int type, char *file, int line)
@@ -962,14 +995,16 @@ unsigned long irix_thread_id(void)
 
 #ifdef PTHREADS
 
-static pthread_mutex_t lock_cs[CRYPTO_NUM_LOCKS];
-static long lock_count[CRYPTO_NUM_LOCKS];
+static pthread_mutex_t *lock_cs;
+static long *lock_count;
 
 void thread_setup(void)
 	{
 	int i;
 
-	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+	lock_cs=Malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t));
+	lock_count=Malloc(CRYPTO_num_locks() * sizeof(long));
+	for (i=0; i<CRYPTO_num_locks(); i++)
 		{
 		lock_count[i]=0;
 		pthread_mutex_init(&(lock_cs[i]),NULL);
@@ -985,12 +1020,15 @@ void thread_cleanup(void)
 
 	CRYPTO_set_locking_callback(NULL);
 	fprintf(stderr,"cleanup\n");
-	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+	for (i=0; i<CRYPTO_num_locks(); i++)
 		{
 		pthread_mutex_destroy(&(lock_cs[i]));
 		fprintf(stderr,"%8ld:%s\n",lock_count[i],
 			CRYPTO_get_lock_name(i));
 		}
+	Free(lock_cs);
+	Free(lock_count);
+
 	fprintf(stderr,"done cleanup\n");
 	}
 
@@ -1045,7 +1083,7 @@ void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx)
 		}
 
 	printf("pthreads threads done (%d,%d)\n",
-	s_ctx->references,c_ctx->references);
+		s_ctx->references,c_ctx->references);
 	}
 
 unsigned long pthreads_thread_id(void)

crypto/threads/profile.sh

@@ -0,0 +1,4 @@
+#!/bin/sh
+/bin/rm -f mttest
+cc -p -DSOLARIS -I../../include -g mttest.c -o mttest -L/usr/lib/libc -ldl -L../.. -lthread  -lssl -lcrypto -lnsl -lsocket
+

crypto/threads/ptest.bat

@@ -0,0 +1,4 @@
+del mttest.exe
+
+purify cl /O2 -DWIN32 /MD -I..\..\out mttest.c /Femttest ..\..\out\ssl32.lib ..\..\out\crypt32.lib
+

crypto/threads/pthread.sh

@@ -5,5 +5,5 @@
 # http://www.mit.edu:8001/people/proven/pthreads.html
 #
 /bin/rm -f mttest
-pgcc -DPTHREADS -I../include -g mttest.c -o mttest -L.. -lssl -lcrypto 
+pgcc -DPTHREADS -I../../include -g mttest.c -o mttest -L../.. -lssl -lcrypto 
 

crypto/threads/pthread2.sh

@@ -0,0 +1,7 @@
+#!/bin/sh
+#
+# build using pthreads where it's already built into the system
+#
+/bin/rm -f mttest
+gcc -DPTHREADS -I../../include -g mttest.c -o mttest -L../.. -lssl -lcrypto -lpthread
+

crypto/threads/pthreads-vms.com

@@ -0,0 +1,9 @@
+$! To compile mttest on VMS.
+$!
+$! WARNING: only tested with DEC C so far.
+$
+$ arch := vax
+$ if f$getsyi("CPU") .ge. 128 then arch := axp
+$ define/user openssl [--.include.openssl]
+$ cc/def=PTHREADS mttest.c
+$ link mttest,[--.'arch'.exe.ssl]libssl/lib,[--.'arch'.exe.crypto]libcrypto/lib

crypto/threads/purify.sh

@@ -0,0 +1,4 @@
+#!/bin/sh
+/bin/rm -f mttest
+purify cc -DSOLARIS -I../../include -g mttest.c -o mttest -L../.. -lthread  -lssl -lcrypto -lnsl -lsocket
+

crypto/threads/solaris.sh

@@ -0,0 +1,4 @@
+#!/bin/sh
+/bin/rm -f mttest
+cc -DSOLARIS -I../../include -g mttest.c -o mttest -L../.. -lthread  -lssl -lcrypto -lnsl -lsocket
+

crypto/threads/th-lock.c

@@ -74,6 +74,9 @@
 #include <ulocks.h>
 #include <sys/prctl.h>
 #endif
+#ifdef PTHREADS
+#include <pthread.h>
+#endif
 #include <openssl/lhash.h>
 #include <openssl/crypto.h>
 #include <openssl/buffer.h>
@@ -82,7 +85,7 @@
 #include <openssl/ssl.h>
 #include <openssl/err.h>
 
-int CRYPTO_thread_setup(void);
+void CRYPTO_thread_setup(void);
 void CRYPTO_thread_cleanup(void);
 
 static void irix_locking_callback(int mode,int type,char *file,int line);
@@ -104,13 +107,14 @@ static unsigned long pthreads_thread_id(void );
 
 #ifdef WIN32
 
-static HANDLE lock_cs[CRYPTO_NUM_LOCKS];
+static HANDLE *lock_cs;
 
-int CRYPTO_thread_setup(void)
+void CRYPTO_thread_setup(void)
 	{
 	int i;
 
-	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+	lock_cs=Malloc(CRYPTO_num_locks() * sizeof(HANDLE));
+	for (i=0; i<CRYPTO_num_locks(); i++)
 		{
 		lock_cs[i]=CreateMutex(NULL,FALSE,NULL);
 		}
@@ -125,8 +129,9 @@ static void CRYPTO_thread_cleanup(void)
 	int i;
 
 	CRYPTO_set_locking_callback(NULL);
-	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+	for (i=0; i<CRYPTO_num_locks(); i++)
 		CloseHandle(lock_cs[i]);
+	Free(lock_cs);
 	}
 
 void win32_locking_callback(int mode, int type, char *file, int line)
@@ -147,18 +152,24 @@ void win32_locking_callback(int mode, int type, char *file, int line)
 
 #define USE_MUTEX
 
-static mutex_t lock_cs[CRYPTO_NUM_LOCKS];
 #ifdef USE_MUTEX
-static long lock_count[CRYPTO_NUM_LOCKS];
+static mutex_t *lock_cs;
 #else
-static rwlock_t lock_cs[CRYPTO_NUM_LOCKS];
+static rwlock_t *lock_cs;
 #endif
+static long *lock_count;
 
 void CRYPTO_thread_setup(void)
 	{
 	int i;
 
-	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+#ifdef USE_MUTEX
+	lock_cs=Malloc(CRYPTO_num_locks() * sizeof(mutex_t));
+#else
+	lock_cs=Malloc(CRYPTO_num_locks() * sizeof(rwlock_t));
+#endif
+	lock_count=Malloc(CRYPTO_num_locks() * sizeof(long));
+	for (i=0; i<CRYPTO_num_locks(); i++)
 		{
 		lock_count[i]=0;
 #ifdef USE_MUTEX
@@ -177,7 +188,7 @@ void CRYPTO_thread_cleanup(void)
 	int i;
 
 	CRYPTO_set_locking_callback(NULL);
-	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+	for (i=0; i<CRYPTO_num_locks(); i++)
 		{
 #ifdef USE_MUTEX
 		mutex_destroy(&(lock_cs[i]));
@@ -185,6 +196,8 @@ void CRYPTO_thread_cleanup(void)
 		rwlock_destroy(&(lock_cs[i]));
 #endif
 		}
+	Free(lock_cs);
+	Free(lock_count);
 	}
 
 void solaris_locking_callback(int mode, int type, char *file, int line)
@@ -237,7 +250,7 @@ unsigned long solaris_thread_id(void)
 /* I don't think this works..... */
 
 static usptr_t *arena;
-static usema_t *lock_cs[CRYPTO_NUM_LOCKS];
+static usema_t **lock_cs;
 
 void CRYPTO_thread_setup(void)
 	{
@@ -254,7 +267,8 @@ void CRYPTO_thread_setup(void)
 	arena=usinit(filename);
 	unlink(filename);
 
-	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+	lock_cs=Malloc(CRYPTO_num_locks() * sizeof(usema_t *));
+	for (i=0; i<CRYPTO_num_locks(); i++)
 		{
 		lock_cs[i]=usnewsema(arena,1);
 		}
@@ -268,7 +282,7 @@ void CRYPTO_thread_cleanup(void)
 	int i;
 
 	CRYPTO_set_locking_callback(NULL);
-	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+	for (i=0; i<CRYPTO_num_locks(); i++)
 		{
 		char buf[10];
 
@@ -276,6 +290,7 @@ void CRYPTO_thread_cleanup(void)
 		usdumpsema(lock_cs[i],stdout,buf);
 		usfreesema(lock_cs[i],arena);
 		}
+	Free(lock_cs);
 	}
 
 void irix_locking_callback(int mode, int type, char *file, int line)
@@ -302,14 +317,16 @@ unsigned long irix_thread_id(void)
 /* Linux and a few others */
 #ifdef PTHREADS
 
-static pthread_mutex_t lock_cs[CRYPTO_NUM_LOCKS];
-static long lock_count[CRYPTO_NUM_LOCKS];
+static pthread_mutex_t *lock_cs;
+static long *lock_count;
 
 void CRYPTO_thread_setup(void)
 	{
 	int i;
 
-	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+	lock_cs=Malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t));
+	lock_count=Malloc(CRYPTO_num_locks() * sizeof(long));
+	for (i=0; i<CRYPTO_num_locks(); i++)
 		{
 		lock_count[i]=0;
 		pthread_mutex_init(&(lock_cs[i]),NULL);
@@ -324,10 +341,12 @@ void thread_cleanup(void)
 	int i;
 
 	CRYPTO_set_locking_callback(NULL);
-	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+	for (i=0; i<CRYPTO_num_locks(); i++)
 		{
 		pthread_mutex_destroy(&(lock_cs[i]));
 		}
+	Free(lock_cs);
+	Free(lock_count);
 	}
 
 void pthreads_locking_callback(int mode, int type, char *file,

crypto/threads/win32.bat

@@ -0,0 +1,4 @@
+del mttest.exe
+
+cl /O2 -DWIN32 /MD -I..\..\out mttest.c /Femttest ..\..\out\ssleay32.lib ..\..\out\libeay32.lib
+

crypto/x509/x509.h

@@ -822,11 +822,11 @@ void		X509_CERT_AUX_free(X509_CERT_AUX *a);
 int		i2d_X509_CERT_AUX(X509_CERT_AUX *a,unsigned char **pp);
 X509_CERT_AUX *	d2i_X509_CERT_AUX(X509_CERT_AUX **a,unsigned char **pp,
 								long length);
-int X509_alias_rset(X509 *x, unsigned char *name, int len);
-unsigned char * X509_alias_iget(X509 *x, int *len);
+int X509_alias_set1(X509 *x, unsigned char *name, int len);
+unsigned char * X509_alias_get0(X509 *x, int *len);
 int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int);
-int X509_radd_trust_object(X509 *x, ASN1_OBJECT *obj);
-int X509_radd_reject_object(X509 *x, ASN1_OBJECT *obj);
+int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj);
+int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj);
 void X509_trust_clear(X509 *x);
 void X509_reject_clear(X509 *x);
 
@@ -916,14 +916,14 @@ int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, ASN1_OBJECT *obj,
 			  int lastpos);
 X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc);
 X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc);
-int X509_REQ_radd_attr(X509_REQ *req, X509_ATTRIBUTE *attr);
-int X509_REQ_radd_attr_by_OBJ(X509_REQ *req,
+int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr);
+int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
 			ASN1_OBJECT *obj, int type,
 			unsigned char *bytes, int len);
-int X509_REQ_radd_attr_by_NID(X509_REQ *req,
+int X509_REQ_add1_attr_by_NID(X509_REQ *req,
 			int nid, int type,
 			unsigned char *bytes, int len);
-int X509_REQ_radd_attr_by_txt(X509_REQ *req,
+int X509_REQ_add1_attr_by_txt(X509_REQ *req,
 			char *attrname, int type,
 			unsigned char *bytes, int len);
 
@@ -1050,15 +1050,15 @@ int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj,
 			  int lastpos);
 X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc);
 X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc);
-STACK_OF(X509_ATTRIBUTE) *X509at_radd_attr(STACK_OF(X509_ATTRIBUTE) **x,
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
 					 X509_ATTRIBUTE *attr);
-STACK_OF(X509_ATTRIBUTE) *X509at_radd_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x,
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x,
 			ASN1_OBJECT *obj, int type,
 			unsigned char *bytes, int len);
-STACK_OF(X509_ATTRIBUTE) *X509at_radd_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
 			int nid, int type,
 			unsigned char *bytes, int len);
-STACK_OF(X509_ATTRIBUTE) *X509at_radd_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
 			char *attrname, int type,
 			unsigned char *bytes, int len);
 X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
@@ -1067,13 +1067,13 @@ X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
 	     ASN1_OBJECT *obj, int atrtype, void *data, int len);
 X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
 		char *atrname, int type, unsigned char *bytes, int len);
-int X509_ATTRIBUTE_rset_object(X509_ATTRIBUTE *attr, ASN1_OBJECT *obj);
-int X509_ATTRIBUTE_rset_data(X509_ATTRIBUTE *attr, int attrtype, void *data, int len);
-void *X509_ATTRIBUTE_iget_data(X509_ATTRIBUTE *attr, int idx,
+int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, ASN1_OBJECT *obj);
+int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, void *data, int len);
+void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx,
 					int atrtype, void *data);
 int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr);
-ASN1_OBJECT *X509_ATTRIBUTE_iget_object(X509_ATTRIBUTE *attr);
-ASN1_TYPE *X509_ATTRIBUTE_iget_type(X509_ATTRIBUTE *attr, int idx);
+ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr);
+ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx);
 
 int		X509_verify_cert(X509_STORE_CTX *ctx);
 
@@ -1115,13 +1115,13 @@ PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken);
 
 int X509_check_trust(X509 *x, int id, int flags);
 int X509_TRUST_get_count(void);
-X509_TRUST * X509_TRUST_iget(int idx);
+X509_TRUST * X509_TRUST_get0(int idx);
 int X509_TRUST_get_by_id(int id);
 int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int),
 					char *name, int arg1, void *arg2);
 void X509_TRUST_cleanup(void);
 int X509_TRUST_get_flags(X509_TRUST *xp);
-char *X509_TRUST_iget_name(X509_TRUST *xp);
+char *X509_TRUST_get0_name(X509_TRUST *xp);
 int X509_TRUST_get_trust(X509_TRUST *xp);
 
 /* BEGIN ERROR CODES */
@@ -1143,8 +1143,8 @@ int X509_TRUST_get_trust(X509_TRUST *xp);
 #define X509_F_X509_ATTRIBUTE_CREATE_BY_NID		 136
 #define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ		 137
 #define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT		 140
-#define X509_F_X509_ATTRIBUTE_IGET_DATA			 139
-#define X509_F_X509_ATTRIBUTE_RSET_DATA			 138
+#define X509_F_X509_ATTRIBUTE_GET0_DATA			 139
+#define X509_F_X509_ATTRIBUTE_SET1_DATA			 138
 #define X509_F_X509_CHECK_PRIVATE_KEY			 128
 #define X509_F_X509_EXTENSION_CREATE_BY_NID		 108
 #define X509_F_X509_EXTENSION_CREATE_BY_OBJ		 109

crypto/x509/x509_att.c

@@ -119,7 +119,7 @@ X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc)
 	return(ret);
 }
 
-STACK_OF(X509_ATTRIBUTE) *X509at_radd_attr(STACK_OF(X509_ATTRIBUTE) **x,
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
 					 X509_ATTRIBUTE *attr)
 {
 	X509_ATTRIBUTE *new_attr=NULL;
@@ -148,7 +148,7 @@ err2:
 	return(NULL);
 }
 
-STACK_OF(X509_ATTRIBUTE) *X509at_radd_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x,
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x,
 			ASN1_OBJECT *obj, int type,
 			unsigned char *bytes, int len)
 {
@@ -156,12 +156,12 @@ STACK_OF(X509_ATTRIBUTE) *X509at_radd_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x,
 	STACK_OF(X509_ATTRIBUTE) *ret;
 	attr = X509_ATTRIBUTE_create_by_OBJ(NULL, obj, type, bytes, len);
 	if(!attr) return 0;
-	ret = X509at_radd_attr(x, attr);
+	ret = X509at_add1_attr(x, attr);
 	X509_ATTRIBUTE_free(attr);
 	return ret;
 }
 
-STACK_OF(X509_ATTRIBUTE) *X509at_radd_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
 			int nid, int type,
 			unsigned char *bytes, int len)
 {
@@ -169,12 +169,12 @@ STACK_OF(X509_ATTRIBUTE) *X509at_radd_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
 	STACK_OF(X509_ATTRIBUTE) *ret;
 	attr = X509_ATTRIBUTE_create_by_NID(NULL, nid, type, bytes, len);
 	if(!attr) return 0;
-	ret = X509at_radd_attr(x, attr);
+	ret = X509at_add1_attr(x, attr);
 	X509_ATTRIBUTE_free(attr);
 	return ret;
 }
 
-STACK_OF(X509_ATTRIBUTE) *X509at_radd_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
 			char *attrname, int type,
 			unsigned char *bytes, int len)
 {
@@ -182,7 +182,7 @@ STACK_OF(X509_ATTRIBUTE) *X509at_radd_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
 	STACK_OF(X509_ATTRIBUTE) *ret;
 	attr = X509_ATTRIBUTE_create_by_txt(NULL, attrname, type, bytes, len);
 	if(!attr) return 0;
-	ret = X509at_radd_attr(x, attr);
+	ret = X509at_add1_attr(x, attr);
 	X509_ATTRIBUTE_free(attr);
 	return ret;
 }
@@ -220,9 +220,9 @@ X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
 	else
 		ret= *attr;
 
-	if (!X509_ATTRIBUTE_rset_object(ret,obj))
+	if (!X509_ATTRIBUTE_set1_object(ret,obj))
 		goto err;
-	if (!X509_ATTRIBUTE_rset_data(ret,atrtype,data,len))
+	if (!X509_ATTRIBUTE_set1_data(ret,atrtype,data,len))
 		goto err;
 	
 	if ((attr != NULL) && (*attr == NULL)) *attr=ret;
@@ -252,7 +252,7 @@ X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
 	return nattr;
 	}
 
-int X509_ATTRIBUTE_rset_object(X509_ATTRIBUTE *attr, ASN1_OBJECT *obj)
+int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, ASN1_OBJECT *obj)
 {
 	if ((attr == NULL) || (obj == NULL))
 		return(0);
@@ -261,7 +261,7 @@ int X509_ATTRIBUTE_rset_object(X509_ATTRIBUTE *attr, ASN1_OBJECT *obj)
 	return(1);
 }
 
-int X509_ATTRIBUTE_rset_data(X509_ATTRIBUTE *attr, int attrtype, void *data, int len)
+int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, void *data, int len)
 {
 	ASN1_TYPE *ttmp;
 	ASN1_STRING *stmp;
@@ -271,7 +271,7 @@ int X509_ATTRIBUTE_rset_data(X509_ATTRIBUTE *attr, int attrtype, void *data, int
 		stmp = ASN1_STRING_set_by_NID(NULL, data, len, attrtype,
 						OBJ_obj2nid(attr->object));
 		if(!stmp) {
-			X509err(X509_F_X509_ATTRIBUTE_RSET_DATA, ERR_R_ASN1_LIB);
+			X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_ASN1_LIB);
 			return 0;
 		}
 		atype = stmp->type;
@@ -287,7 +287,7 @@ int X509_ATTRIBUTE_rset_data(X509_ATTRIBUTE *attr, int attrtype, void *data, int
 	ASN1_TYPE_set(ttmp, atype, stmp);
 	return 1;
 	err:
-	X509err(X509_F_X509_ATTRIBUTE_RSET_DATA, ERR_R_MALLOC_FAILURE);
+	X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_MALLOC_FAILURE);
 	return 0;
 }
 
@@ -298,26 +298,26 @@ int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr)
 	return 0;
 }
 
-ASN1_OBJECT *X509_ATTRIBUTE_iget_object(X509_ATTRIBUTE *attr)
+ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr)
 {
 	if (attr == NULL) return(NULL);
 	return(attr->object);
 }
 
-void *X509_ATTRIBUTE_iget_data(X509_ATTRIBUTE *attr, int idx,
+void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx,
 					int atrtype, void *data)
 {
 	ASN1_TYPE *ttmp;
-	ttmp = X509_ATTRIBUTE_iget_type(attr, idx);
+	ttmp = X509_ATTRIBUTE_get0_type(attr, idx);
 	if(!ttmp) return NULL;
 	if(atrtype != ASN1_TYPE_get(ttmp)){
-		X509err(X509_F_X509_ATTRIBUTE_IGET_DATA, X509_R_WRONG_TYPE);
+		X509err(X509_F_X509_ATTRIBUTE_GET0_DATA, X509_R_WRONG_TYPE);
 		return NULL;
 	}
 	return ttmp->value.ptr;
 }
 
-ASN1_TYPE *X509_ATTRIBUTE_iget_type(X509_ATTRIBUTE *attr, int idx)
+ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx)
 {
 	if (attr == NULL) return(NULL);
 	if(idx >= X509_ATTRIBUTE_count(attr)) return NULL;

crypto/x509/x509_err.c

@@ -76,8 +76,8 @@ static ERR_STRING_DATA X509_str_functs[]=
 {ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_NID,0),	"X509_ATTRIBUTE_create_by_NID"},
 {ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ,0),	"X509_ATTRIBUTE_create_by_OBJ"},
 {ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_TXT,0),	"X509_ATTRIBUTE_create_by_txt"},
-{ERR_PACK(0,X509_F_X509_ATTRIBUTE_IGET_DATA,0),	"X509_ATTRIBUTE_iget_data"},
-{ERR_PACK(0,X509_F_X509_ATTRIBUTE_RSET_DATA,0),	"X509_ATTRIBUTE_rset_data"},
+{ERR_PACK(0,X509_F_X509_ATTRIBUTE_GET0_DATA,0),	"X509_ATTRIBUTE_get0_data"},
+{ERR_PACK(0,X509_F_X509_ATTRIBUTE_SET1_DATA,0),	"X509_ATTRIBUTE_set1_data"},
 {ERR_PACK(0,X509_F_X509_CHECK_PRIVATE_KEY,0),	"X509_check_private_key"},
 {ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_NID,0),	"X509_EXTENSION_create_by_NID"},
 {ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_OBJ,0),	"X509_EXTENSION_create_by_OBJ"},

crypto/x509/x509_req.c

@@ -244,35 +244,35 @@ X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc)
 	return X509at_delete_attr(req->req_info->attributes, loc);
 }
 
-int X509_REQ_radd_attr(X509_REQ *req, X509_ATTRIBUTE *attr)
+int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr)
 {
-	if(X509at_radd_attr(&req->req_info->attributes, attr)) return 1;
+	if(X509at_add1_attr(&req->req_info->attributes, attr)) return 1;
 	return 0;
 }
 
-int X509_REQ_radd_attr_by_OBJ(X509_REQ *req,
+int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
 			ASN1_OBJECT *obj, int type,
 			unsigned char *bytes, int len)
 {
-	if(X509at_radd_attr_by_OBJ(&req->req_info->attributes, obj,
+	if(X509at_add1_attr_by_OBJ(&req->req_info->attributes, obj,
 				type, bytes, len)) return 1;
 	return 0;
 }
 
-int X509_REQ_radd_attr_by_NID(X509_REQ *req,
+int X509_REQ_add1_attr_by_NID(X509_REQ *req,
 			int nid, int type,
 			unsigned char *bytes, int len)
 {
-	if(X509at_radd_attr_by_NID(&req->req_info->attributes, nid,
+	if(X509at_add1_attr_by_NID(&req->req_info->attributes, nid,
 				type, bytes, len)) return 1;
 	return 0;
 }
 
-int X509_REQ_radd_attr_by_txt(X509_REQ *req,
+int X509_REQ_add1_attr_by_txt(X509_REQ *req,
 			char *attrname, int type,
 			unsigned char *bytes, int len)
 {
-	if(X509at_radd_attr_by_txt(&req->req_info->attributes, attrname,
+	if(X509at_add1_attr_by_txt(&req->req_info->attributes, attrname,
 				type, bytes, len)) return 1;
 	return 0;
 }

crypto/x509/x509_trs.c

@@ -109,7 +109,7 @@ int X509_check_trust(X509 *x, int id, int flags)
 	if(id == -1) return 1;
 	if(!(idx = X509_TRUST_get_by_id(id)))
 			return default_trust(id, x, flags);
-	pt = X509_TRUST_iget(idx);
+	pt = X509_TRUST_get0(idx);
 	return pt->check_trust(pt, x, flags);
 }
 
@@ -119,7 +119,7 @@ int X509_TRUST_get_count(void)
 	return sk_X509_TRUST_num(trtable) + X509_TRUST_COUNT;
 }
 
-X509_TRUST * X509_TRUST_iget(int idx)
+X509_TRUST * X509_TRUST_get0(int idx)
 {
 	if(idx < 0) return NULL;
 	if(idx < X509_TRUST_COUNT) return trstandard + idx;
@@ -157,7 +157,7 @@ int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int),
 			return 0;
 		}
 		trtmp->flags = X509_TRUST_DYNAMIC;
-	} else trtmp = X509_TRUST_iget(idx);
+	} else trtmp = X509_TRUST_get0(idx);
 
 	/* Free existing name if dynamic */
 	if(trtmp->flags & X509_TRUST_DYNAMIC_NAME) Free(trtmp->name);
@@ -214,7 +214,7 @@ int X509_TRUST_get_flags(X509_TRUST *xp)
 	return xp->flags;
 }
 
-char *X509_TRUST_iget_name(X509_TRUST *xp)
+char *X509_TRUST_get0_name(X509_TRUST *xp)
 {
 	return xp->name;
 }

crypto/x509/x509_vfy.c

@@ -717,7 +717,7 @@ STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx)
 	return(ctx->chain);
 	}
 
-STACK_OF(X509) *X509_STORE_CTX_rget_chain(X509_STORE_CTX *ctx)
+STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx)
 	{
 	int i;
 	X509 *x;
@@ -777,7 +777,7 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
 		/* If trust not set then get from purpose default */
 		if(!trust) {
 			X509_PURPOSE *ptmp;
-			ptmp = X509_PURPOSE_iget(idx);
+			ptmp = X509_PURPOSE_get0(idx);
 			trust = ptmp->trust;
 		}
 	}

crypto/x509/x509_vfy.h

@@ -347,7 +347,7 @@ void	X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s);
 int	X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
 X509 *	X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
 STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
-STACK_OF(X509) *X509_STORE_CTX_rget_chain(X509_STORE_CTX *ctx);
+STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
 void	X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x);
 void	X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK_OF(X509) *sk);
 int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose);

crypto/x509v3/v3_purp.c

@@ -107,7 +107,7 @@ int X509_check_purpose(X509 *x, int id, int ca)
 	if(id == -1) return 1;
 	idx = X509_PURPOSE_get_by_id(id);
 	if(idx == -1) return -1;
-	pt = X509_PURPOSE_iget(idx);
+	pt = X509_PURPOSE_get0(idx);
 	return pt->check_purpose(pt, x, ca);
 }
 
@@ -117,7 +117,7 @@ int X509_PURPOSE_get_count(void)
 	return sk_X509_PURPOSE_num(xptable) + X509_PURPOSE_COUNT;
 }
 
-X509_PURPOSE * X509_PURPOSE_iget(int idx)
+X509_PURPOSE * X509_PURPOSE_get0(int idx)
 {
 	if(idx < 0) return NULL;
 	if(idx < X509_PURPOSE_COUNT) return xstandard + idx;
@@ -129,7 +129,7 @@ int X509_PURPOSE_get_by_sname(char *sname)
 	int i;
 	X509_PURPOSE *xptmp;
 	for(i = 0; i < X509_PURPOSE_get_count(); i++) {
-		xptmp = X509_PURPOSE_iget(i);
+		xptmp = X509_PURPOSE_get0(i);
 		if(!strcmp(xptmp->sname, sname)) return i;
 	}
 	return -1;
@@ -168,7 +168,7 @@ int X509_PURPOSE_add(int id, int trust, int flags,
 			return 0;
 		}
 		ptmp->flags = X509_PURPOSE_DYNAMIC;
-	} else ptmp = X509_PURPOSE_iget(idx);
+	} else ptmp = X509_PURPOSE_get0(idx);
 
 	/* Free existing name if dynamic */
 	if(ptmp->flags & X509_PURPOSE_DYNAMIC_NAME) {
@@ -232,12 +232,12 @@ int X509_PURPOSE_get_id(X509_PURPOSE *xp)
 	return xp->purpose;
 }
 
-char *X509_PURPOSE_iget_name(X509_PURPOSE *xp)
+char *X509_PURPOSE_get0_name(X509_PURPOSE *xp)
 {
 	return xp->name;
 }
 
-char *X509_PURPOSE_iget_sname(X509_PURPOSE *xp)
+char *X509_PURPOSE_get0_sname(X509_PURPOSE *xp)
 {
 	return xp->sname;
 }

crypto/x509v3/x509v3.h

@@ -529,14 +529,14 @@ int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
 
 int X509_check_purpose(X509 *x, int id, int ca);
 int X509_PURPOSE_get_count(void);
-X509_PURPOSE * X509_PURPOSE_iget(int idx);
+X509_PURPOSE * X509_PURPOSE_get0(int idx);
 int X509_PURPOSE_get_by_sname(char *sname);
 int X509_PURPOSE_get_by_id(int id);
 int X509_PURPOSE_add(int id, int trust, int flags,
 			int (*ck)(X509_PURPOSE *, X509 *, int),
 				char *name, char *sname, void *arg);
-char *X509_PURPOSE_iget_name(X509_PURPOSE *xp);
-char *X509_PURPOSE_iget_sname(X509_PURPOSE *xp);
+char *X509_PURPOSE_get0_name(X509_PURPOSE *xp);
+char *X509_PURPOSE_get0_sname(X509_PURPOSE *xp);
 int X509_PURPOSE_get_trust(X509_PURPOSE *xp);
 void X509_PURPOSE_cleanup(void);
 int X509_PURPOSE_get_id(X509_PURPOSE *);

doc/apps/ca.pod

@@ -238,7 +238,8 @@ CA private key. Mandatory.
 
 =item B<RANDFILE>
 
-a file used to read and write random number seed information.
+a file used to read and write random number seed information, or
+an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
 
 =item B<default_days>
 

doc/apps/dhparam.pod

@@ -58,9 +58,10 @@ input file is ignored and parameters are generated instead.
 =item B<-rand file(s)>
 
 a file or files containing random data used to seed the random number
-generator. Multiple files can be specified separated by a OS-dependent
-character.  For MS-Windows, the separator is B<;>.  For OpenVMS, it's
-B<,>. For all others, it's B<:>.
+generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+Multiple files can be specified separated by a OS-dependent character.
+The separator is B<;> for MS-Windows, B<,> for OpenVSM, and B<:> for
+all others.
 
 =item B<numbits>
 

doc/apps/dsaparam.pod

@@ -71,9 +71,10 @@ parameters.
 =item B<-rand file(s)>
 
 a file or files containing random data used to seed the random number
-generator. Multiple files can be specified separated by a OS-dependent
-character.  For MS-Windows, the separator is B<;>.  For OpenVMS, it's
-B<,>.  For all others, it's B<:>.
+generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+Multiple files can be specified separated by a OS-dependent character.
+The separator is B<;> for MS-Windows, B<,> for OpenVSM, and B<:> for
+all others.
 
 =item B<numbits>
 

doc/apps/gendsa.pod

@@ -32,9 +32,10 @@ If none of these options is specified no encryption is used.
 =item B<-rand file(s)>
 
 a file or files containing random data used to seed the random number
-generator. Multiple files can be specified separated by a OS-dependent
-character.  For MS-Windows, the separator is B<;>.  For OpenVMS, it's
-B<,>.  For all others, it's B<:>.
+generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+Multiple files can be specified separated by a OS-dependent character.
+The separator is B<;> for MS-Windows, B<,> for OpenVSM, and B<:> for
+all others.
 
 =item B<paramfile>
 

doc/apps/genrsa.pod

@@ -49,9 +49,10 @@ the public exponent to use, either 65537 or 3. The default is 65537.
 =item B<-rand file(s)>
 
 a file or files containing random data used to seed the random number
-generator. Multiple files can be specified separated by a OS-dependent
-character.  For MS-Windows, the separator is B<;>.  For OpenVMS, it's
-B<,>.  For all others, it's B<:>.
+generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+Multiple files can be specified separated by a OS-dependent character.
+The separator is B<;> for MS-Windows, B<,> for OpenVSM, and B<:> for
+all others.
 
 =item B<numbits>