diff options
| author | kris <kris@FreeBSD.org> | 2000-11-13 01:03:58 +0000 |
|---|---|---|
| committer | kris <kris@FreeBSD.org> | 2000-11-13 01:03:58 +0000 |
| commit | 539b977eff7c71f628cb2a407543a51070b14763 (patch) | |
| tree | 258f64877cac3711a3434257baddcbae72af2af3 /crypto/openssl/apps | |
| parent | 893841d237b49d10e810e8b130839b4b63fd5ab4 (diff) | |
| download | FreeBSD-src-539b977eff7c71f628cb2a407543a51070b14763.zip FreeBSD-src-539b977eff7c71f628cb2a407543a51070b14763.tar.gz | |
Initial import of OpenSSL 0.9.6
Diffstat (limited to 'crypto/openssl/apps')
45 files changed, 2762 insertions, 1154 deletions
diff --git a/crypto/openssl/apps/CA.pl b/crypto/openssl/apps/CA.pl index 4eef57e..f1ac7e7 100755 --- a/crypto/openssl/apps/CA.pl +++ b/crypto/openssl/apps/CA.pl @@ -36,6 +36,7 @@ # default openssl.cnf file has setup as per the following # demoCA ... where everything is stored +$SSLEAY_CONFIG=$ENV{"SSLEAY_CONFIG"}; $DAYS="-days 365"; $REQ="openssl req $SSLEAY_CONFIG"; $CA="openssl ca $SSLEAY_CONFIG"; @@ -116,6 +117,11 @@ foreach (@ARGV) { "-infiles newreq.pem"); $RET=$?; print "Signed certificate is in newcert.pem\n"; + } elsif (/^(-signCA)$/) { + system ("$CA -policy policy_anything -out newcert.pem " . + "-extensions v3_ca -infiles newreq.pem"); + $RET=$?; + print "Signed CA certificate is in newcert.pem\n"; } elsif (/^-signcert$/) { system ("$X509 -x509toreq -in newreq.pem -signkey newreq.pem " . "-out tmp.pem"); diff --git a/crypto/openssl/apps/CA.pl.in b/crypto/openssl/apps/CA.pl.in index 4eef57e..f1ac7e7 100644 --- a/crypto/openssl/apps/CA.pl.in +++ b/crypto/openssl/apps/CA.pl.in @@ -36,6 +36,7 @@ # default openssl.cnf file has setup as per the following # demoCA ... where everything is stored +$SSLEAY_CONFIG=$ENV{"SSLEAY_CONFIG"}; $DAYS="-days 365"; $REQ="openssl req $SSLEAY_CONFIG"; $CA="openssl ca $SSLEAY_CONFIG"; @@ -116,6 +117,11 @@ foreach (@ARGV) { "-infiles newreq.pem"); $RET=$?; print "Signed certificate is in newcert.pem\n"; + } elsif (/^(-signCA)$/) { + system ("$CA -policy policy_anything -out newcert.pem " . + "-extensions v3_ca -infiles newreq.pem"); + $RET=$?; + print "Signed CA certificate is in newcert.pem\n"; } elsif (/^-signcert$/) { system ("$X509 -x509toreq -in newreq.pem -signkey newreq.pem " . "-out tmp.pem"); diff --git a/crypto/openssl/apps/Makefile.ssl b/crypto/openssl/apps/Makefile.ssl index b8d0b1b..438c052 100644 --- a/crypto/openssl/apps/Makefile.ssl +++ b/crypto/openssl/apps/Makefile.ssl @@ -35,7 +35,7 @@ SCRIPTS=CA.sh CA.pl der_chop EXE= $(PROGRAM) E_EXE= verify asn1pars req dgst dh dhparam enc passwd gendh errstr \ - ca crl rsa dsa dsaparam \ + ca crl rsa rsautl dsa dsaparam \ x509 genrsa gendsa s_server s_client speed \ s_time version pkcs7 crl2pkcs7 sess_id ciphers nseq pkcs12 \ pkcs8 spkac smime rand @@ -51,14 +51,14 @@ RAND_SRC=app_rand.c E_OBJ= verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o errstr.o \ ca.o pkcs7.o crl2p7.o crl.o \ - rsa.o dsa.o dsaparam.o \ + rsa.o rsautl.o dsa.o dsaparam.o \ x509.o genrsa.o gendsa.o s_server.o s_client.o speed.o \ s_time.o $(A_OBJ) $(S_OBJ) $(RAND_OBJ) version.o sess_id.o \ ciphers.o nseq.o pkcs12.o pkcs8.o spkac.o smime.o rand.o E_SRC= verify.c asn1pars.c req.c dgst.c dh.c enc.c passwd.c gendh.c errstr.c ca.c \ pkcs7.c crl2p7.c crl.c \ - rsa.c dsa.c dsaparam.c \ + rsa.c rsautl.c dsa.c dsaparam.c \ x509.c genrsa.c gendsa.c s_server.c s_client.c speed.c \ s_time.c $(A_SRC) $(S_SRC) $(RAND_SRC) version.c sess_id.c \ ciphers.c nseq.c pkcs12.c pkcs8.c spkac.c smime.c rand.c @@ -135,7 +135,7 @@ $(DLIBCRYPTO): $(PROGRAM): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL) $(RM) $(PROGRAM) $(CC) -o $(PROGRAM) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBCRYPTO) $(EX_LIBS) - @(cd ..; OPENSSL="`pwd`/apps/openssl"; export OPENSSL; sh tools/c_rehash certs) + -(cd ..; OPENSSL="`pwd`/apps/openssl"; export OPENSSL; $(PERL) tools/c_rehash certs) progs.h: progs.pl $(PERL) progs.pl $(E_EXE) >progs.h @@ -146,90 +146,106 @@ progs.h: progs.pl app_rand.o: ../include/openssl/asn1.h ../include/openssl/bio.h app_rand.o: ../include/openssl/blowfish.h ../include/openssl/bn.h app_rand.o: ../include/openssl/buffer.h ../include/openssl/cast.h -app_rand.o: ../include/openssl/crypto.h ../include/openssl/des.h -app_rand.o: ../include/openssl/dh.h ../include/openssl/dsa.h +app_rand.o: ../include/openssl/conf.h ../include/openssl/crypto.h +app_rand.o: ../include/openssl/des.h ../include/openssl/dh.h +app_rand.o: ../include/openssl/dsa.h ../include/openssl/e_os.h app_rand.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h app_rand.o: ../include/openssl/evp.h ../include/openssl/idea.h -app_rand.o: ../include/openssl/md2.h ../include/openssl/md5.h -app_rand.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -app_rand.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -app_rand.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -app_rand.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -app_rand.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -app_rand.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -app_rand.o: ../include/openssl/sha.h ../include/openssl/stack.h +app_rand.o: ../include/openssl/lhash.h ../include/openssl/md2.h +app_rand.o: ../include/openssl/md4.h ../include/openssl/md5.h +app_rand.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +app_rand.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +app_rand.o: ../include/openssl/opensslv.h ../include/openssl/pkcs7.h +app_rand.o: ../include/openssl/rand.h ../include/openssl/rc2.h +app_rand.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +app_rand.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +app_rand.o: ../include/openssl/safestack.h ../include/openssl/sha.h +app_rand.o: ../include/openssl/stack.h ../include/openssl/symhacks.h app_rand.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h apps.o: ../include/openssl/asn1.h ../include/openssl/bio.h apps.o: ../include/openssl/blowfish.h ../include/openssl/bn.h apps.o: ../include/openssl/buffer.h ../include/openssl/cast.h -apps.o: ../include/openssl/crypto.h ../include/openssl/des.h -apps.o: ../include/openssl/dh.h ../include/openssl/dsa.h +apps.o: ../include/openssl/conf.h ../include/openssl/crypto.h +apps.o: ../include/openssl/des.h ../include/openssl/dh.h +apps.o: ../include/openssl/dsa.h ../include/openssl/e_os.h apps.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -apps.o: ../include/openssl/evp.h ../include/openssl/idea.h -apps.o: ../include/openssl/md2.h ../include/openssl/md5.h -apps.o: ../include/openssl/mdc2.h ../include/openssl/objects.h +apps.o: ../include/openssl/err.h ../include/openssl/evp.h +apps.o: ../include/openssl/idea.h ../include/openssl/lhash.h +apps.o: ../include/openssl/md2.h ../include/openssl/md4.h +apps.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +apps.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h apps.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -apps.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -apps.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -apps.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -apps.o: ../include/openssl/safestack.h ../include/openssl/sha.h -apps.o: ../include/openssl/stack.h ../include/openssl/x509.h +apps.o: ../include/openssl/pem.h ../include/openssl/pem2.h +apps.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h +apps.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +apps.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h +apps.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +apps.o: ../include/openssl/sha.h ../include/openssl/stack.h +apps.o: ../include/openssl/symhacks.h ../include/openssl/x509.h apps.o: ../include/openssl/x509_vfy.h apps.h asn1pars.o: ../include/openssl/asn1.h ../include/openssl/bio.h asn1pars.o: ../include/openssl/blowfish.h ../include/openssl/bn.h asn1pars.o: ../include/openssl/buffer.h ../include/openssl/cast.h -asn1pars.o: ../include/openssl/crypto.h ../include/openssl/des.h -asn1pars.o: ../include/openssl/dh.h ../include/openssl/dsa.h +asn1pars.o: ../include/openssl/conf.h ../include/openssl/crypto.h +asn1pars.o: ../include/openssl/des.h ../include/openssl/dh.h +asn1pars.o: ../include/openssl/dsa.h ../include/openssl/e_os.h asn1pars.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h asn1pars.o: ../include/openssl/err.h ../include/openssl/evp.h -asn1pars.o: ../include/openssl/idea.h ../include/openssl/md2.h +asn1pars.o: ../include/openssl/idea.h ../include/openssl/lhash.h +asn1pars.o: ../include/openssl/md2.h ../include/openssl/md4.h asn1pars.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -asn1pars.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -asn1pars.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -asn1pars.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -asn1pars.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -asn1pars.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -asn1pars.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -asn1pars.o: ../include/openssl/sha.h ../include/openssl/stack.h +asn1pars.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +asn1pars.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +asn1pars.o: ../include/openssl/pem.h ../include/openssl/pem2.h +asn1pars.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +asn1pars.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +asn1pars.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +asn1pars.o: ../include/openssl/safestack.h ../include/openssl/sha.h +asn1pars.o: ../include/openssl/stack.h ../include/openssl/symhacks.h asn1pars.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h ca.o: ../include/openssl/asn1.h ../include/openssl/bio.h ca.o: ../include/openssl/blowfish.h ../include/openssl/bn.h ca.o: ../include/openssl/buffer.h ../include/openssl/cast.h ca.o: ../include/openssl/conf.h ../include/openssl/crypto.h ca.o: ../include/openssl/des.h ../include/openssl/dh.h ../include/openssl/dsa.h -ca.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -ca.o: ../include/openssl/err.h ../include/openssl/evp.h -ca.o: ../include/openssl/idea.h ../include/openssl/lhash.h -ca.o: ../include/openssl/md2.h ../include/openssl/md5.h -ca.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -ca.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -ca.o: ../include/openssl/pem.h ../include/openssl/pem2.h -ca.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -ca.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -ca.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -ca.o: ../include/openssl/safestack.h ../include/openssl/sha.h -ca.o: ../include/openssl/stack.h ../include/openssl/txt_db.h +ca.o: ../include/openssl/e_os.h ../include/openssl/e_os.h +ca.o: ../include/openssl/e_os2.h ../include/openssl/err.h +ca.o: ../include/openssl/evp.h ../include/openssl/idea.h +ca.o: ../include/openssl/lhash.h ../include/openssl/md2.h +ca.o: ../include/openssl/md4.h ../include/openssl/md5.h +ca.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +ca.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +ca.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +ca.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +ca.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +ca.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h +ca.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +ca.o: ../include/openssl/sha.h ../include/openssl/stack.h +ca.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h ca.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ca.o: ../include/openssl/x509v3.h apps.h ciphers.o: ../include/openssl/asn1.h ../include/openssl/bio.h ciphers.o: ../include/openssl/blowfish.h ../include/openssl/bn.h ciphers.o: ../include/openssl/buffer.h ../include/openssl/cast.h +ciphers.o: ../include/openssl/comp.h ../include/openssl/conf.h ciphers.o: ../include/openssl/crypto.h ../include/openssl/des.h ciphers.o: ../include/openssl/dh.h ../include/openssl/dsa.h -ciphers.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -ciphers.o: ../include/openssl/err.h ../include/openssl/evp.h -ciphers.o: ../include/openssl/idea.h ../include/openssl/lhash.h -ciphers.o: ../include/openssl/md2.h ../include/openssl/md5.h -ciphers.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -ciphers.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -ciphers.o: ../include/openssl/pem.h ../include/openssl/pem2.h -ciphers.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -ciphers.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -ciphers.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -ciphers.o: ../include/openssl/safestack.h ../include/openssl/sha.h -ciphers.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -ciphers.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -ciphers.o: ../include/openssl/stack.h ../include/openssl/tls1.h +ciphers.o: ../include/openssl/e_os.h ../include/openssl/e_os.h +ciphers.o: ../include/openssl/e_os2.h ../include/openssl/err.h +ciphers.o: ../include/openssl/evp.h ../include/openssl/idea.h +ciphers.o: ../include/openssl/lhash.h ../include/openssl/md2.h +ciphers.o: ../include/openssl/md4.h ../include/openssl/md5.h +ciphers.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +ciphers.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +ciphers.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +ciphers.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +ciphers.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +ciphers.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h +ciphers.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +ciphers.o: ../include/openssl/sha.h ../include/openssl/ssl.h +ciphers.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +ciphers.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +ciphers.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h ciphers.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h crl.o: ../include/openssl/asn1.h ../include/openssl/bio.h crl.o: ../include/openssl/blowfish.h ../include/openssl/bn.h @@ -237,62 +253,72 @@ crl.o: ../include/openssl/buffer.h ../include/openssl/cast.h crl.o: ../include/openssl/conf.h ../include/openssl/crypto.h crl.o: ../include/openssl/des.h ../include/openssl/dh.h crl.o: ../include/openssl/dsa.h ../include/openssl/e_os.h -crl.o: ../include/openssl/e_os2.h ../include/openssl/err.h -crl.o: ../include/openssl/evp.h ../include/openssl/idea.h -crl.o: ../include/openssl/lhash.h ../include/openssl/md2.h +crl.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h +crl.o: ../include/openssl/err.h ../include/openssl/evp.h +crl.o: ../include/openssl/idea.h ../include/openssl/lhash.h +crl.o: ../include/openssl/md2.h ../include/openssl/md4.h crl.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -crl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -crl.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -crl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -crl.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -crl.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -crl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -crl.o: ../include/openssl/sha.h ../include/openssl/stack.h +crl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +crl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +crl.o: ../include/openssl/pem.h ../include/openssl/pem2.h +crl.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +crl.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +crl.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +crl.o: ../include/openssl/safestack.h ../include/openssl/sha.h +crl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h crl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h crl.o: ../include/openssl/x509v3.h apps.h crl2p7.o: ../include/openssl/asn1.h ../include/openssl/bio.h crl2p7.o: ../include/openssl/blowfish.h ../include/openssl/bn.h crl2p7.o: ../include/openssl/buffer.h ../include/openssl/cast.h -crl2p7.o: ../include/openssl/crypto.h ../include/openssl/des.h -crl2p7.o: ../include/openssl/dh.h ../include/openssl/dsa.h +crl2p7.o: ../include/openssl/conf.h ../include/openssl/crypto.h +crl2p7.o: ../include/openssl/des.h ../include/openssl/dh.h +crl2p7.o: ../include/openssl/dsa.h ../include/openssl/e_os.h crl2p7.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h crl2p7.o: ../include/openssl/err.h ../include/openssl/evp.h -crl2p7.o: ../include/openssl/idea.h ../include/openssl/md2.h +crl2p7.o: ../include/openssl/idea.h ../include/openssl/lhash.h +crl2p7.o: ../include/openssl/md2.h ../include/openssl/md4.h crl2p7.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -crl2p7.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -crl2p7.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -crl2p7.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -crl2p7.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -crl2p7.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -crl2p7.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -crl2p7.o: ../include/openssl/sha.h ../include/openssl/stack.h +crl2p7.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +crl2p7.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +crl2p7.o: ../include/openssl/pem.h ../include/openssl/pem2.h +crl2p7.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +crl2p7.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +crl2p7.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +crl2p7.o: ../include/openssl/safestack.h ../include/openssl/sha.h +crl2p7.o: ../include/openssl/stack.h ../include/openssl/symhacks.h crl2p7.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h dgst.o: ../include/openssl/asn1.h ../include/openssl/bio.h dgst.o: ../include/openssl/blowfish.h ../include/openssl/bn.h dgst.o: ../include/openssl/buffer.h ../include/openssl/cast.h -dgst.o: ../include/openssl/crypto.h ../include/openssl/des.h -dgst.o: ../include/openssl/dh.h ../include/openssl/dsa.h +dgst.o: ../include/openssl/conf.h ../include/openssl/crypto.h +dgst.o: ../include/openssl/des.h ../include/openssl/dh.h +dgst.o: ../include/openssl/dsa.h ../include/openssl/e_os.h dgst.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h dgst.o: ../include/openssl/err.h ../include/openssl/evp.h -dgst.o: ../include/openssl/idea.h ../include/openssl/md2.h +dgst.o: ../include/openssl/idea.h ../include/openssl/lhash.h +dgst.o: ../include/openssl/md2.h ../include/openssl/md4.h dgst.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -dgst.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -dgst.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -dgst.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -dgst.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -dgst.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -dgst.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -dgst.o: ../include/openssl/sha.h ../include/openssl/stack.h +dgst.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +dgst.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +dgst.o: ../include/openssl/pem.h ../include/openssl/pem2.h +dgst.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +dgst.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +dgst.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +dgst.o: ../include/openssl/safestack.h ../include/openssl/sha.h +dgst.o: ../include/openssl/stack.h ../include/openssl/symhacks.h dgst.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h dh.o: ../include/openssl/asn1.h ../include/openssl/bio.h dh.o: ../include/openssl/blowfish.h ../include/openssl/bn.h dh.o: ../include/openssl/buffer.h ../include/openssl/cast.h -dh.o: ../include/openssl/crypto.h ../include/openssl/des.h -dh.o: ../include/openssl/dh.h ../include/openssl/dsa.h -dh.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -dh.o: ../include/openssl/err.h ../include/openssl/evp.h -dh.o: ../include/openssl/idea.h ../include/openssl/md2.h -dh.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +dh.o: ../include/openssl/conf.h ../include/openssl/crypto.h +dh.o: ../include/openssl/des.h ../include/openssl/dh.h ../include/openssl/dsa.h +dh.o: ../include/openssl/e_os.h ../include/openssl/e_os.h +dh.o: ../include/openssl/e_os2.h ../include/openssl/err.h +dh.o: ../include/openssl/evp.h ../include/openssl/idea.h +dh.o: ../include/openssl/lhash.h ../include/openssl/md2.h +dh.o: ../include/openssl/md4.h ../include/openssl/md5.h +dh.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h dh.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h dh.o: ../include/openssl/opensslv.h ../include/openssl/pem.h dh.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h @@ -300,158 +326,185 @@ dh.o: ../include/openssl/rc2.h ../include/openssl/rc4.h dh.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h dh.o: ../include/openssl/rsa.h ../include/openssl/safestack.h dh.o: ../include/openssl/sha.h ../include/openssl/stack.h -dh.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h +dh.o: ../include/openssl/symhacks.h ../include/openssl/x509.h +dh.o: ../include/openssl/x509_vfy.h apps.h dsa.o: ../include/openssl/asn1.h ../include/openssl/bio.h dsa.o: ../include/openssl/blowfish.h ../include/openssl/bn.h dsa.o: ../include/openssl/buffer.h ../include/openssl/cast.h -dsa.o: ../include/openssl/crypto.h ../include/openssl/des.h -dsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h +dsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h +dsa.o: ../include/openssl/des.h ../include/openssl/dh.h +dsa.o: ../include/openssl/dsa.h ../include/openssl/e_os.h dsa.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h dsa.o: ../include/openssl/err.h ../include/openssl/evp.h -dsa.o: ../include/openssl/idea.h ../include/openssl/md2.h +dsa.o: ../include/openssl/idea.h ../include/openssl/lhash.h +dsa.o: ../include/openssl/md2.h ../include/openssl/md4.h dsa.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -dsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -dsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -dsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -dsa.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -dsa.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -dsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -dsa.o: ../include/openssl/sha.h ../include/openssl/stack.h +dsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +dsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +dsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h +dsa.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +dsa.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +dsa.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +dsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h +dsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h dsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h dsaparam.o: ../include/openssl/asn1.h ../include/openssl/bio.h dsaparam.o: ../include/openssl/blowfish.h ../include/openssl/bn.h dsaparam.o: ../include/openssl/buffer.h ../include/openssl/cast.h -dsaparam.o: ../include/openssl/crypto.h ../include/openssl/des.h -dsaparam.o: ../include/openssl/dh.h ../include/openssl/dsa.h +dsaparam.o: ../include/openssl/conf.h ../include/openssl/crypto.h +dsaparam.o: ../include/openssl/des.h ../include/openssl/dh.h +dsaparam.o: ../include/openssl/dsa.h ../include/openssl/e_os.h dsaparam.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h dsaparam.o: ../include/openssl/err.h ../include/openssl/evp.h -dsaparam.o: ../include/openssl/idea.h ../include/openssl/md2.h +dsaparam.o: ../include/openssl/idea.h ../include/openssl/lhash.h +dsaparam.o: ../include/openssl/md2.h ../include/openssl/md4.h dsaparam.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -dsaparam.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -dsaparam.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -dsaparam.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -dsaparam.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -dsaparam.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -dsaparam.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -dsaparam.o: ../include/openssl/sha.h ../include/openssl/stack.h +dsaparam.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +dsaparam.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +dsaparam.o: ../include/openssl/pem.h ../include/openssl/pem2.h +dsaparam.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +dsaparam.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +dsaparam.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +dsaparam.o: ../include/openssl/safestack.h ../include/openssl/sha.h +dsaparam.o: ../include/openssl/stack.h ../include/openssl/symhacks.h dsaparam.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h enc.o: ../include/openssl/asn1.h ../include/openssl/bio.h enc.o: ../include/openssl/blowfish.h ../include/openssl/bn.h enc.o: ../include/openssl/buffer.h ../include/openssl/cast.h -enc.o: ../include/openssl/crypto.h ../include/openssl/des.h -enc.o: ../include/openssl/dh.h ../include/openssl/dsa.h +enc.o: ../include/openssl/conf.h ../include/openssl/crypto.h +enc.o: ../include/openssl/des.h ../include/openssl/dh.h +enc.o: ../include/openssl/dsa.h ../include/openssl/e_os.h enc.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h enc.o: ../include/openssl/err.h ../include/openssl/evp.h -enc.o: ../include/openssl/idea.h ../include/openssl/md2.h +enc.o: ../include/openssl/idea.h ../include/openssl/lhash.h +enc.o: ../include/openssl/md2.h ../include/openssl/md4.h enc.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -enc.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -enc.o: ../include/openssl/rand.h ../include/openssl/rc2.h -enc.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -enc.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h -enc.o: ../include/openssl/stack.h ../include/openssl/x509.h +enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h +enc.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +enc.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +enc.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h +enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +enc.o: ../include/openssl/sha.h ../include/openssl/stack.h +enc.o: ../include/openssl/symhacks.h ../include/openssl/x509.h enc.o: ../include/openssl/x509_vfy.h apps.h errstr.o: ../include/openssl/asn1.h ../include/openssl/bio.h errstr.o: ../include/openssl/blowfish.h ../include/openssl/bn.h errstr.o: ../include/openssl/buffer.h ../include/openssl/cast.h +errstr.o: ../include/openssl/comp.h ../include/openssl/conf.h errstr.o: ../include/openssl/crypto.h ../include/openssl/des.h errstr.o: ../include/openssl/dh.h ../include/openssl/dsa.h -errstr.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -errstr.o: ../include/openssl/err.h ../include/openssl/evp.h -errstr.o: ../include/openssl/idea.h ../include/openssl/lhash.h -errstr.o: ../include/openssl/md2.h ../include/openssl/md5.h -errstr.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -errstr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -errstr.o: ../include/openssl/pem.h ../include/openssl/pem2.h -errstr.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -errstr.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -errstr.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -errstr.o: ../include/openssl/safestack.h ../include/openssl/sha.h -errstr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -errstr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -errstr.o: ../include/openssl/stack.h ../include/openssl/tls1.h +errstr.o: ../include/openssl/e_os.h ../include/openssl/e_os.h +errstr.o: ../include/openssl/e_os2.h ../include/openssl/err.h +errstr.o: ../include/openssl/evp.h ../include/openssl/idea.h +errstr.o: ../include/openssl/lhash.h ../include/openssl/md2.h +errstr.o: ../include/openssl/md4.h ../include/openssl/md5.h +errstr.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +errstr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +errstr.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +errstr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +errstr.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +errstr.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h +errstr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +errstr.o: ../include/openssl/sha.h ../include/openssl/ssl.h +errstr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +errstr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +errstr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h errstr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h gendh.o: ../include/openssl/asn1.h ../include/openssl/bio.h gendh.o: ../include/openssl/blowfish.h ../include/openssl/bn.h gendh.o: ../include/openssl/buffer.h ../include/openssl/cast.h -gendh.o: ../include/openssl/crypto.h ../include/openssl/des.h -gendh.o: ../include/openssl/dh.h ../include/openssl/dsa.h +gendh.o: ../include/openssl/conf.h ../include/openssl/crypto.h +gendh.o: ../include/openssl/des.h ../include/openssl/dh.h +gendh.o: ../include/openssl/dsa.h ../include/openssl/e_os.h gendh.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h gendh.o: ../include/openssl/err.h ../include/openssl/evp.h -gendh.o: ../include/openssl/idea.h ../include/openssl/md2.h +gendh.o: ../include/openssl/idea.h ../include/openssl/lhash.h +gendh.o: ../include/openssl/md2.h ../include/openssl/md4.h gendh.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -gendh.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -gendh.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -gendh.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -gendh.o: ../include/openssl/rand.h ../include/openssl/rc2.h -gendh.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -gendh.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -gendh.o: ../include/openssl/safestack.h ../include/openssl/sha.h -gendh.o: ../include/openssl/stack.h ../include/openssl/x509.h +gendh.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +gendh.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +gendh.o: ../include/openssl/pem.h ../include/openssl/pem2.h +gendh.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +gendh.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +gendh.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h +gendh.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +gendh.o: ../include/openssl/sha.h ../include/openssl/stack.h +gendh.o: ../include/openssl/symhacks.h ../include/openssl/x509.h gendh.o: ../include/openssl/x509_vfy.h apps.h gendsa.o: ../include/openssl/asn1.h ../include/openssl/bio.h gendsa.o: ../include/openssl/blowfish.h ../include/openssl/bn.h gendsa.o: ../include/openssl/buffer.h ../include/openssl/cast.h -gendsa.o: ../include/openssl/crypto.h ../include/openssl/des.h -gendsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h +gendsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h +gendsa.o: ../include/openssl/des.h ../include/openssl/dh.h +gendsa.o: ../include/openssl/dsa.h ../include/openssl/e_os.h gendsa.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h gendsa.o: ../include/openssl/err.h ../include/openssl/evp.h -gendsa.o: ../include/openssl/idea.h ../include/openssl/md2.h +gendsa.o: ../include/openssl/idea.h ../include/openssl/lhash.h +gendsa.o: ../include/openssl/md2.h ../include/openssl/md4.h gendsa.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -gendsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -gendsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -gendsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -gendsa.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -gendsa.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -gendsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -gendsa.o: ../include/openssl/sha.h ../include/openssl/stack.h +gendsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +gendsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +gendsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h +gendsa.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +gendsa.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +gendsa.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +gendsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h +gendsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h gendsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h genrsa.o: ../include/openssl/asn1.h ../include/openssl/bio.h genrsa.o: ../include/openssl/blowfish.h ../include/openssl/bn.h genrsa.o: ../include/openssl/buffer.h ../include/openssl/cast.h -genrsa.o: ../include/openssl/crypto.h ../include/openssl/des.h -genrsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h +genrsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h +genrsa.o: ../include/openssl/des.h ../include/openssl/dh.h +genrsa.o: ../include/openssl/dsa.h ../include/openssl/e_os.h genrsa.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h genrsa.o: ../include/openssl/err.h ../include/openssl/evp.h -genrsa.o: ../include/openssl/idea.h ../include/openssl/md2.h +genrsa.o: ../include/openssl/idea.h ../include/openssl/lhash.h +genrsa.o: ../include/openssl/md2.h ../include/openssl/md4.h genrsa.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -genrsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -genrsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -genrsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -genrsa.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -genrsa.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -genrsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -genrsa.o: ../include/openssl/sha.h ../include/openssl/stack.h +genrsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +genrsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +genrsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h +genrsa.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +genrsa.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +genrsa.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +genrsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h +genrsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h genrsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h nseq.o: ../include/openssl/asn1.h ../include/openssl/bio.h nseq.o: ../include/openssl/blowfish.h ../include/openssl/bn.h nseq.o: ../include/openssl/buffer.h ../include/openssl/cast.h -nseq.o: ../include/openssl/crypto.h ../include/openssl/des.h -nseq.o: ../include/openssl/dh.h ../include/openssl/dsa.h +nseq.o: ../include/openssl/conf.h ../include/openssl/crypto.h +nseq.o: ../include/openssl/des.h ../include/openssl/dh.h +nseq.o: ../include/openssl/dsa.h ../include/openssl/e_os.h nseq.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h nseq.o: ../include/openssl/err.h ../include/openssl/evp.h -nseq.o: ../include/openssl/idea.h ../include/openssl/md2.h +nseq.o: ../include/openssl/idea.h ../include/openssl/lhash.h +nseq.o: ../include/openssl/md2.h ../include/openssl/md4.h nseq.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -nseq.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -nseq.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -nseq.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -nseq.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -nseq.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -nseq.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -nseq.o: ../include/openssl/sha.h ../include/openssl/stack.h +nseq.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +nseq.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +nseq.o: ../include/openssl/pem.h ../include/openssl/pem2.h +nseq.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +nseq.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +nseq.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +nseq.o: ../include/openssl/safestack.h ../include/openssl/sha.h +nseq.o: ../include/openssl/stack.h ../include/openssl/symhacks.h nseq.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h openssl.o: ../include/openssl/asn1.h ../include/openssl/bio.h openssl.o: ../include/openssl/blowfish.h ../include/openssl/bn.h openssl.o: ../include/openssl/buffer.h ../include/openssl/cast.h -openssl.o: ../include/openssl/conf.h ../include/openssl/crypto.h -openssl.o: ../include/openssl/des.h ../include/openssl/dh.h -openssl.o: ../include/openssl/dsa.h ../include/openssl/e_os.h +openssl.o: ../include/openssl/comp.h ../include/openssl/conf.h +openssl.o: ../include/openssl/crypto.h ../include/openssl/des.h +openssl.o: ../include/openssl/dh.h ../include/openssl/dsa.h +openssl.o: ../include/openssl/e_os.h ../include/openssl/e_os.h openssl.o: ../include/openssl/e_os2.h ../include/openssl/err.h openssl.o: ../include/openssl/evp.h ../include/openssl/idea.h openssl.o: ../include/openssl/lhash.h ../include/openssl/md2.h -openssl.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +openssl.o: ../include/openssl/md4.h ../include/openssl/md5.h +openssl.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h openssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h openssl.o: ../include/openssl/opensslv.h ../include/openssl/pem.h openssl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h @@ -461,94 +514,110 @@ openssl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h openssl.o: ../include/openssl/sha.h ../include/openssl/ssl.h openssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h openssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -openssl.o: ../include/openssl/tls1.h ../include/openssl/x509.h -openssl.o: ../include/openssl/x509_vfy.h apps.h progs.h s_apps.h +openssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +openssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h +openssl.o: progs.h s_apps.h passwd.o: ../include/openssl/asn1.h ../include/openssl/bio.h passwd.o: ../include/openssl/blowfish.h ../include/openssl/bn.h passwd.o: ../include/openssl/buffer.h ../include/openssl/cast.h -passwd.o: ../include/openssl/crypto.h ../include/openssl/des.h -passwd.o: ../include/openssl/dh.h ../include/openssl/dsa.h +passwd.o: ../include/openssl/conf.h ../include/openssl/crypto.h +passwd.o: ../include/openssl/des.h ../include/openssl/dh.h +passwd.o: ../include/openssl/dsa.h ../include/openssl/e_os.h passwd.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h passwd.o: ../include/openssl/err.h ../include/openssl/evp.h -passwd.o: ../include/openssl/idea.h ../include/openssl/md2.h +passwd.o: ../include/openssl/idea.h ../include/openssl/lhash.h +passwd.o: ../include/openssl/md2.h ../include/openssl/md4.h passwd.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -passwd.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -passwd.o: ../include/openssl/opensslv.h ../include/openssl/pkcs7.h -passwd.o: ../include/openssl/rand.h ../include/openssl/rc2.h -passwd.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -passwd.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -passwd.o: ../include/openssl/safestack.h ../include/openssl/sha.h -passwd.o: ../include/openssl/stack.h ../include/openssl/x509.h +passwd.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +passwd.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +passwd.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +passwd.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +passwd.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h +passwd.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +passwd.o: ../include/openssl/sha.h ../include/openssl/stack.h +passwd.o: ../include/openssl/symhacks.h ../include/openssl/x509.h passwd.o: ../include/openssl/x509_vfy.h apps.h pkcs12.o: ../include/openssl/asn1.h ../include/openssl/bio.h pkcs12.o: ../include/openssl/blowfish.h ../include/openssl/bn.h pkcs12.o: ../include/openssl/buffer.h ../include/openssl/cast.h -pkcs12.o: ../include/openssl/crypto.h ../include/openssl/des.h -pkcs12.o: ../include/openssl/dh.h ../include/openssl/dsa.h +pkcs12.o: ../include/openssl/conf.h ../include/openssl/crypto.h +pkcs12.o: ../include/openssl/des.h ../include/openssl/dh.h +pkcs12.o: ../include/openssl/dsa.h ../include/openssl/e_os.h pkcs12.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h pkcs12.o: ../include/openssl/err.h ../include/openssl/evp.h -pkcs12.o: ../include/openssl/idea.h ../include/openssl/md2.h +pkcs12.o: ../include/openssl/idea.h ../include/openssl/lhash.h +pkcs12.o: ../include/openssl/md2.h ../include/openssl/md4.h pkcs12.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -pkcs12.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -pkcs12.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -pkcs12.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h -pkcs12.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -pkcs12.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -pkcs12.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -pkcs12.o: ../include/openssl/safestack.h ../include/openssl/sha.h -pkcs12.o: ../include/openssl/stack.h ../include/openssl/x509.h +pkcs12.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +pkcs12.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +pkcs12.o: ../include/openssl/pem.h ../include/openssl/pem2.h +pkcs12.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h +pkcs12.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +pkcs12.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h +pkcs12.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +pkcs12.o: ../include/openssl/sha.h ../include/openssl/stack.h +pkcs12.o: ../include/openssl/symhacks.h ../include/openssl/x509.h pkcs12.o: ../include/openssl/x509_vfy.h apps.h pkcs7.o: ../include/openssl/asn1.h ../include/openssl/bio.h pkcs7.o: ../include/openssl/blowfish.h ../include/openssl/bn.h pkcs7.o: ../include/openssl/buffer.h ../include/openssl/cast.h -pkcs7.o: ../include/openssl/crypto.h ../include/openssl/des.h -pkcs7.o: ../include/openssl/dh.h ../include/openssl/dsa.h +pkcs7.o: ../include/openssl/conf.h ../include/openssl/crypto.h +pkcs7.o: ../include/openssl/des.h ../include/openssl/dh.h +pkcs7.o: ../include/openssl/dsa.h ../include/openssl/e_os.h pkcs7.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h pkcs7.o: ../include/openssl/err.h ../include/openssl/evp.h -pkcs7.o: ../include/openssl/idea.h ../include/openssl/md2.h +pkcs7.o: ../include/openssl/idea.h ../include/openssl/lhash.h +pkcs7.o: ../include/openssl/md2.h ../include/openssl/md4.h pkcs7.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -pkcs7.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -pkcs7.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -pkcs7.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -pkcs7.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -pkcs7.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -pkcs7.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -pkcs7.o: ../include/openssl/sha.h ../include/openssl/stack.h +pkcs7.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +pkcs7.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +pkcs7.o: ../include/openssl/pem.h ../include/openssl/pem2.h +pkcs7.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +pkcs7.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +pkcs7.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +pkcs7.o: ../include/openssl/safestack.h ../include/openssl/sha.h +pkcs7.o: ../include/openssl/stack.h ../include/openssl/symhacks.h pkcs7.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h pkcs8.o: ../include/openssl/asn1.h ../include/openssl/bio.h pkcs8.o: ../include/openssl/blowfish.h ../include/openssl/bn.h pkcs8.o: ../include/openssl/buffer.h ../include/openssl/cast.h -pkcs8.o: ../include/openssl/crypto.h ../include/openssl/des.h -pkcs8.o: ../include/openssl/dh.h ../include/openssl/dsa.h +pkcs8.o: ../include/openssl/conf.h ../include/openssl/crypto.h +pkcs8.o: ../include/openssl/des.h ../include/openssl/dh.h +pkcs8.o: ../include/openssl/dsa.h ../include/openssl/e_os.h pkcs8.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h pkcs8.o: ../include/openssl/err.h ../include/openssl/evp.h -pkcs8.o: ../include/openssl/idea.h ../include/openssl/md2.h +pkcs8.o: ../include/openssl/idea.h ../include/openssl/lhash.h +pkcs8.o: ../include/openssl/md2.h ../include/openssl/md4.h pkcs8.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -pkcs8.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -pkcs8.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -pkcs8.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h -pkcs8.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -pkcs8.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -pkcs8.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -pkcs8.o: ../include/openssl/safestack.h ../include/openssl/sha.h -pkcs8.o: ../include/openssl/stack.h ../include/openssl/x509.h +pkcs8.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +pkcs8.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +pkcs8.o: ../include/openssl/pem.h ../include/openssl/pem2.h +pkcs8.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h +pkcs8.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +pkcs8.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h +pkcs8.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +pkcs8.o: ../include/openssl/sha.h ../include/openssl/stack.h +pkcs8.o: ../include/openssl/symhacks.h ../include/openssl/x509.h pkcs8.o: ../include/openssl/x509_vfy.h apps.h rand.o: ../include/openssl/asn1.h ../include/openssl/bio.h rand.o: ../include/openssl/blowfish.h ../include/openssl/bn.h rand.o: ../include/openssl/buffer.h ../include/openssl/cast.h -rand.o: ../include/openssl/crypto.h ../include/openssl/des.h -rand.o: ../include/openssl/dh.h ../include/openssl/dsa.h +rand.o: ../include/openssl/conf.h ../include/openssl/crypto.h +rand.o: ../include/openssl/des.h ../include/openssl/dh.h +rand.o: ../include/openssl/dsa.h ../include/openssl/e_os.h rand.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h rand.o: ../include/openssl/err.h ../include/openssl/evp.h -rand.o: ../include/openssl/idea.h ../include/openssl/md2.h +rand.o: ../include/openssl/idea.h ../include/openssl/lhash.h +rand.o: ../include/openssl/md2.h ../include/openssl/md4.h rand.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -rand.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -rand.o: ../include/openssl/opensslv.h ../include/openssl/pkcs7.h -rand.o: ../include/openssl/rand.h ../include/openssl/rc2.h -rand.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -rand.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -rand.o: ../include/openssl/safestack.h ../include/openssl/sha.h -rand.o: ../include/openssl/stack.h ../include/openssl/x509.h +rand.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +rand.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +rand.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +rand.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +rand.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h +rand.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +rand.o: ../include/openssl/sha.h ../include/openssl/stack.h +rand.o: ../include/openssl/symhacks.h ../include/openssl/x509.h rand.o: ../include/openssl/x509_vfy.h apps.h req.o: ../include/openssl/asn1.h ../include/openssl/bio.h req.o: ../include/openssl/blowfish.h ../include/openssl/bn.h @@ -556,192 +625,241 @@ req.o: ../include/openssl/buffer.h ../include/openssl/cast.h req.o: ../include/openssl/conf.h ../include/openssl/crypto.h req.o: ../include/openssl/des.h ../include/openssl/dh.h req.o: ../include/openssl/dsa.h ../include/openssl/e_os.h -req.o: ../include/openssl/e_os2.h ../include/openssl/err.h -req.o: ../include/openssl/evp.h ../include/openssl/idea.h -req.o: ../include/openssl/lhash.h ../include/openssl/md2.h +req.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h +req.o: ../include/openssl/err.h ../include/openssl/evp.h +req.o: ../include/openssl/idea.h ../include/openssl/lhash.h +req.o: ../include/openssl/md2.h ../include/openssl/md4.h req.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -req.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -req.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -req.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -req.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -req.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -req.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -req.o: ../include/openssl/sha.h ../include/openssl/stack.h +req.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +req.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +req.o: ../include/openssl/pem.h ../include/openssl/pem2.h +req.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +req.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +req.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +req.o: ../include/openssl/safestack.h ../include/openssl/sha.h +req.o: ../include/openssl/stack.h ../include/openssl/symhacks.h req.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h req.o: ../include/openssl/x509v3.h apps.h rsa.o: ../include/openssl/asn1.h ../include/openssl/bio.h rsa.o: ../include/openssl/blowfish.h ../include/openssl/bn.h rsa.o: ../include/openssl/buffer.h ../include/openssl/cast.h -rsa.o: ../include/openssl/crypto.h ../include/openssl/des.h -rsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h +rsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h +rsa.o: ../include/openssl/des.h ../include/openssl/dh.h +rsa.o: ../include/openssl/dsa.h ../include/openssl/e_os.h rsa.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h rsa.o: ../include/openssl/err.h ../include/openssl/evp.h -rsa.o: ../include/openssl/idea.h ../include/openssl/md2.h +rsa.o: ../include/openssl/idea.h ../include/openssl/lhash.h +rsa.o: ../include/openssl/md2.h ../include/openssl/md4.h rsa.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -rsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -rsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -rsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -rsa.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -rsa.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -rsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -rsa.o: ../include/openssl/sha.h ../include/openssl/stack.h +rsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +rsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +rsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h +rsa.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +rsa.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +rsa.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +rsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h +rsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h rsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h +rsautl.o: ../include/openssl/asn1.h ../include/openssl/bio.h +rsautl.o: ../include/openssl/blowfish.h ../include/openssl/bn.h +rsautl.o: ../include/openssl/buffer.h ../include/openssl/cast.h +rsautl.o: ../include/openssl/conf.h ../include/openssl/crypto.h +rsautl.o: ../include/openssl/des.h ../include/openssl/dh.h +rsautl.o: ../include/openssl/dsa.h ../include/openssl/e_os.h +rsautl.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h +rsautl.o: ../include/openssl/err.h ../include/openssl/evp.h +rsautl.o: ../include/openssl/idea.h ../include/openssl/lhash.h +rsautl.o: ../include/openssl/md2.h ../include/openssl/md4.h +rsautl.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +rsautl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +rsautl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +rsautl.o: ../include/openssl/pem.h ../include/openssl/pem2.h +rsautl.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +rsautl.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +rsautl.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +rsautl.o: ../include/openssl/safestack.h ../include/openssl/sha.h +rsautl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +rsautl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h s_cb.o: ../include/openssl/asn1.h ../include/openssl/bio.h s_cb.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s_cb.o: ../include/openssl/buffer.h ../include/openssl/cast.h +s_cb.o: ../include/openssl/comp.h ../include/openssl/conf.h s_cb.o: ../include/openssl/crypto.h ../include/openssl/des.h s_cb.o: ../include/openssl/dh.h ../include/openssl/dsa.h -s_cb.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -s_cb.o: ../include/openssl/err.h ../include/openssl/evp.h -s_cb.o: ../include/openssl/idea.h ../include/openssl/lhash.h -s_cb.o: ../include/openssl/md2.h ../include/openssl/md5.h -s_cb.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -s_cb.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -s_cb.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s_cb.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -s_cb.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -s_cb.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -s_cb.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s_cb.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s_cb.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s_cb.o: ../include/openssl/stack.h ../include/openssl/tls1.h +s_cb.o: ../include/openssl/e_os.h ../include/openssl/e_os.h +s_cb.o: ../include/openssl/e_os2.h ../include/openssl/err.h +s_cb.o: ../include/openssl/evp.h ../include/openssl/idea.h +s_cb.o: ../include/openssl/lhash.h ../include/openssl/md2.h +s_cb.o: ../include/openssl/md4.h ../include/openssl/md5.h +s_cb.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +s_cb.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +s_cb.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +s_cb.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s_cb.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +s_cb.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h +s_cb.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +s_cb.o: ../include/openssl/sha.h ../include/openssl/ssl.h +s_cb.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +s_cb.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s_cb.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h s_cb.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h s_apps.h s_client.o: ../include/openssl/asn1.h ../include/openssl/bio.h s_client.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s_client.o: ../include/openssl/buffer.h ../include/openssl/cast.h +s_client.o: ../include/openssl/comp.h ../include/openssl/conf.h s_client.o: ../include/openssl/crypto.h ../include/openssl/des.h s_client.o: ../include/openssl/dh.h ../include/openssl/dsa.h -s_client.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -s_client.o: ../include/openssl/err.h ../include/openssl/evp.h -s_client.o: ../include/openssl/idea.h ../include/openssl/lhash.h -s_client.o: ../include/openssl/md2.h ../include/openssl/md5.h -s_client.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -s_client.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -s_client.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s_client.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -s_client.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -s_client.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -s_client.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s_client.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s_client.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s_client.o: ../include/openssl/stack.h ../include/openssl/tls1.h +s_client.o: ../include/openssl/e_os.h ../include/openssl/e_os.h +s_client.o: ../include/openssl/e_os2.h ../include/openssl/err.h +s_client.o: ../include/openssl/evp.h ../include/openssl/idea.h +s_client.o: ../include/openssl/lhash.h ../include/openssl/md2.h +s_client.o: ../include/openssl/md4.h ../include/openssl/md5.h +s_client.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +s_client.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +s_client.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +s_client.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s_client.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +s_client.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h +s_client.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +s_client.o: ../include/openssl/sha.h ../include/openssl/ssl.h +s_client.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +s_client.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s_client.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h s_client.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h s_client.o: s_apps.h s_server.o: ../include/openssl/asn1.h ../include/openssl/bio.h s_server.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s_server.o: ../include/openssl/buffer.h ../include/openssl/cast.h +s_server.o: ../include/openssl/comp.h ../include/openssl/conf.h s_server.o: ../include/openssl/crypto.h ../include/openssl/des.h s_server.o: ../include/openssl/dh.h ../include/openssl/dsa.h -s_server.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -s_server.o: ../include/openssl/err.h ../include/openssl/evp.h -s_server.o: ../include/openssl/idea.h ../include/openssl/lhash.h -s_server.o: ../include/openssl/md2.h ../include/openssl/md5.h -s_server.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -s_server.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -s_server.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s_server.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -s_server.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -s_server.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -s_server.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s_server.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s_server.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s_server.o: ../include/openssl/stack.h ../include/openssl/tls1.h +s_server.o: ../include/openssl/e_os.h ../include/openssl/e_os.h +s_server.o: ../include/openssl/e_os2.h ../include/openssl/err.h +s_server.o: ../include/openssl/evp.h ../include/openssl/idea.h +s_server.o: ../include/openssl/lhash.h ../include/openssl/md2.h +s_server.o: ../include/openssl/md4.h ../include/openssl/md5.h +s_server.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +s_server.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +s_server.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +s_server.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s_server.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +s_server.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h +s_server.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +s_server.o: ../include/openssl/sha.h ../include/openssl/ssl.h +s_server.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +s_server.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s_server.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h s_server.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h s_server.o: s_apps.h s_socket.o: ../include/openssl/asn1.h ../include/openssl/bio.h s_socket.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s_socket.o: ../include/openssl/buffer.h ../include/openssl/cast.h +s_socket.o: ../include/openssl/comp.h ../include/openssl/conf.h s_socket.o: ../include/openssl/crypto.h ../include/openssl/des.h s_socket.o: ../include/openssl/dh.h ../include/openssl/dsa.h -s_socket.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -s_socket.o: ../include/openssl/evp.h ../include/openssl/idea.h -s_socket.o: ../include/openssl/lhash.h ../include/openssl/md2.h +s_socket.o: ../include/openssl/e_os.h ../include/openssl/e_os.h +s_socket.o: ../include/openssl/e_os2.h ../include/openssl/evp.h +s_socket.o: ../include/openssl/idea.h ../include/openssl/lhash.h +s_socket.o: ../include/openssl/md2.h ../include/openssl/md4.h s_socket.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -s_socket.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s_socket.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s_socket.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s_socket.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s_socket.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -s_socket.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s_socket.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s_socket.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s_socket.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s_socket.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s_socket.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s_socket.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s_socket.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +s_socket.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +s_socket.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +s_socket.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s_socket.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s_socket.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s_socket.o: ../include/openssl/stack.h ../include/openssl/symhacks.h s_socket.o: ../include/openssl/tls1.h ../include/openssl/x509.h s_socket.o: ../include/openssl/x509_vfy.h apps.h s_apps.h s_time.o: ../include/openssl/asn1.h ../include/openssl/bio.h s_time.o: ../include/openssl/blowfish.h ../include/openssl/bn.h s_time.o: ../include/openssl/buffer.h ../include/openssl/cast.h +s_time.o: ../include/openssl/comp.h ../include/openssl/conf.h s_time.o: ../include/openssl/crypto.h ../include/openssl/des.h s_time.o: ../include/openssl/dh.h ../include/openssl/dsa.h -s_time.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -s_time.o: ../include/openssl/err.h ../include/openssl/evp.h -s_time.o: ../include/openssl/idea.h ../include/openssl/lhash.h -s_time.o: ../include/openssl/md2.h ../include/openssl/md5.h -s_time.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -s_time.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -s_time.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s_time.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -s_time.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -s_time.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -s_time.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s_time.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s_time.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s_time.o: ../include/openssl/stack.h ../include/openssl/tls1.h +s_time.o: ../include/openssl/e_os.h ../include/openssl/e_os.h +s_time.o: ../include/openssl/e_os2.h ../include/openssl/err.h +s_time.o: ../include/openssl/evp.h ../include/openssl/idea.h +s_time.o: ../include/openssl/lhash.h ../include/openssl/md2.h +s_time.o: ../include/openssl/md4.h ../include/openssl/md5.h +s_time.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +s_time.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +s_time.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +s_time.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s_time.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +s_time.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h +s_time.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +s_time.o: ../include/openssl/sha.h ../include/openssl/ssl.h +s_time.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +s_time.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s_time.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h s_time.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h s_time.o: s_apps.h sess_id.o: ../include/openssl/asn1.h ../include/openssl/bio.h sess_id.o: ../include/openssl/blowfish.h ../include/openssl/bn.h sess_id.o: ../include/openssl/buffer.h ../include/openssl/cast.h +sess_id.o: ../include/openssl/comp.h ../include/openssl/conf.h sess_id.o: ../include/openssl/crypto.h ../include/openssl/des.h sess_id.o: ../include/openssl/dh.h ../include/openssl/dsa.h -sess_id.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -sess_id.o: ../include/openssl/err.h ../include/openssl/evp.h -sess_id.o: ../include/openssl/idea.h ../include/openssl/lhash.h -sess_id.o: ../include/openssl/md2.h ../include/openssl/md5.h -sess_id.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -sess_id.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -sess_id.o: ../include/openssl/pem.h ../include/openssl/pem2.h -sess_id.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -sess_id.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -sess_id.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -sess_id.o: ../include/openssl/safestack.h ../include/openssl/sha.h -sess_id.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -sess_id.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -sess_id.o: ../include/openssl/stack.h ../include/openssl/tls1.h +sess_id.o: ../include/openssl/e_os.h ../include/openssl/e_os.h +sess_id.o: ../include/openssl/e_os2.h ../include/openssl/err.h +sess_id.o: ../include/openssl/evp.h ../include/openssl/idea.h +sess_id.o: ../include/openssl/lhash.h ../include/openssl/md2.h +sess_id.o: ../include/openssl/md4.h ../include/openssl/md5.h +sess_id.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +sess_id.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +sess_id.o: ../include/openssl/opensslv.h ../include/openssl/pem.h +sess_id.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +sess_id.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +sess_id.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h +sess_id.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +sess_id.o: ../include/openssl/sha.h ../include/openssl/ssl.h +sess_id.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +sess_id.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +sess_id.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h sess_id.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h smime.o: ../include/openssl/asn1.h ../include/openssl/bio.h smime.o: ../include/openssl/blowfish.h ../include/openssl/bn.h smime.o: ../include/openssl/buffer.h ../include/openssl/cast.h -smime.o: ../include/openssl/crypto.h ../include/openssl/des.h -smime.o: ../include/openssl/dh.h ../include/openssl/dsa.h +smime.o: ../include/openssl/conf.h ../include/openssl/crypto.h +smime.o: ../include/openssl/des.h ../include/openssl/dh.h +smime.o: ../include/openssl/dsa.h ../include/openssl/e_os.h smime.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h smime.o: ../include/openssl/err.h ../include/openssl/evp.h -smime.o: ../include/openssl/idea.h ../include/openssl/md2.h +smime.o: ../include/openssl/idea.h ../include/openssl/lhash.h +smime.o: ../include/openssl/md2.h ../include/openssl/md4.h smime.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -smime.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -smime.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -smime.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -smime.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -smime.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -smime.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -smime.o: ../include/openssl/sha.h ../include/openssl/stack.h +smime.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +smime.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +smime.o: ../include/openssl/pem.h ../include/openssl/pem2.h +smime.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +smime.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +smime.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +smime.o: ../include/openssl/safestack.h ../include/openssl/sha.h +smime.o: ../include/openssl/stack.h ../include/openssl/symhacks.h smime.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h speed.o: ../include/openssl/asn1.h ../include/openssl/bio.h speed.o: ../include/openssl/blowfish.h ../include/openssl/bn.h speed.o: ../include/openssl/buffer.h ../include/openssl/cast.h -speed.o: ../include/openssl/crypto.h ../include/openssl/des.h -speed.o: ../include/openssl/dh.h ../include/openssl/dsa.h +speed.o: ../include/openssl/conf.h ../include/openssl/crypto.h +speed.o: ../include/openssl/des.h ../include/openssl/dh.h +speed.o: ../include/openssl/dsa.h ../include/openssl/e_os.h speed.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h speed.o: ../include/openssl/err.h ../include/openssl/evp.h speed.o: ../include/openssl/hmac.h ../include/openssl/idea.h -speed.o: ../include/openssl/md2.h ../include/openssl/md5.h -speed.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -speed.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -speed.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -speed.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -speed.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -speed.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -speed.o: ../include/openssl/sha.h ../include/openssl/stack.h +speed.o: ../include/openssl/lhash.h ../include/openssl/md2.h +speed.o: ../include/openssl/md4.h ../include/openssl/md5.h +speed.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +speed.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +speed.o: ../include/openssl/opensslv.h ../include/openssl/pkcs7.h +speed.o: ../include/openssl/rand.h ../include/openssl/rc2.h +speed.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +speed.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +speed.o: ../include/openssl/safestack.h ../include/openssl/sha.h +speed.o: ../include/openssl/stack.h ../include/openssl/symhacks.h speed.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ./testdsa.h speed.o: ./testrsa.h apps.h spkac.o: ../include/openssl/asn1.h ../include/openssl/bio.h @@ -750,17 +868,19 @@ spkac.o: ../include/openssl/buffer.h ../include/openssl/cast.h spkac.o: ../include/openssl/conf.h ../include/openssl/crypto.h spkac.o: ../include/openssl/des.h ../include/openssl/dh.h spkac.o: ../include/openssl/dsa.h ../include/openssl/e_os.h -spkac.o: ../include/openssl/e_os2.h ../include/openssl/err.h -spkac.o: ../include/openssl/evp.h ../include/openssl/idea.h -spkac.o: ../include/openssl/lhash.h ../include/openssl/md2.h +spkac.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h +spkac.o: ../include/openssl/err.h ../include/openssl/evp.h +spkac.o: ../include/openssl/idea.h ../include/openssl/lhash.h +spkac.o: ../include/openssl/md2.h ../include/openssl/md4.h spkac.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -spkac.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -spkac.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -spkac.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -spkac.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -spkac.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -spkac.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -spkac.o: ../include/openssl/sha.h ../include/openssl/stack.h +spkac.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +spkac.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +spkac.o: ../include/openssl/pem.h ../include/openssl/pem2.h +spkac.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +spkac.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +spkac.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +spkac.o: ../include/openssl/safestack.h ../include/openssl/sha.h +spkac.o: ../include/openssl/stack.h ../include/openssl/symhacks.h spkac.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h verify.o: ../include/openssl/asn1.h ../include/openssl/bio.h verify.o: ../include/openssl/blowfish.h ../include/openssl/bn.h @@ -768,34 +888,39 @@ verify.o: ../include/openssl/buffer.h ../include/openssl/cast.h verify.o: ../include/openssl/conf.h ../include/openssl/crypto.h verify.o: ../include/openssl/des.h ../include/openssl/dh.h verify.o: ../include/openssl/dsa.h ../include/openssl/e_os.h -verify.o: ../include/openssl/e_os2.h ../include/openssl/err.h -verify.o: ../include/openssl/evp.h ../include/openssl/idea.h -verify.o: ../include/openssl/lhash.h ../include/openssl/md2.h +verify.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h +verify.o: ../include/openssl/err.h ../include/openssl/evp.h +verify.o: ../include/openssl/idea.h ../include/openssl/lhash.h +verify.o: ../include/openssl/md2.h ../include/openssl/md4.h verify.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -verify.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -verify.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -verify.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -verify.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -verify.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -verify.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -verify.o: ../include/openssl/sha.h ../include/openssl/stack.h +verify.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +verify.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +verify.o: ../include/openssl/pem.h ../include/openssl/pem2.h +verify.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +verify.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +verify.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +verify.o: ../include/openssl/safestack.h ../include/openssl/sha.h +verify.o: ../include/openssl/stack.h ../include/openssl/symhacks.h verify.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h verify.o: ../include/openssl/x509v3.h apps.h version.o: ../include/openssl/asn1.h ../include/openssl/bio.h version.o: ../include/openssl/blowfish.h ../include/openssl/bn.h version.o: ../include/openssl/buffer.h ../include/openssl/cast.h -version.o: ../include/openssl/crypto.h ../include/openssl/des.h -version.o: ../include/openssl/dh.h ../include/openssl/dsa.h +version.o: ../include/openssl/conf.h ../include/openssl/crypto.h +version.o: ../include/openssl/des.h ../include/openssl/dh.h +version.o: ../include/openssl/dsa.h ../include/openssl/e_os.h version.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h version.o: ../include/openssl/evp.h ../include/openssl/idea.h -version.o: ../include/openssl/md2.h ../include/openssl/md5.h -version.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -version.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -version.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -version.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -version.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -version.o: ../include/openssl/safestack.h ../include/openssl/sha.h -version.o: ../include/openssl/stack.h ../include/openssl/x509.h +version.o: ../include/openssl/lhash.h ../include/openssl/md2.h +version.o: ../include/openssl/md4.h ../include/openssl/md5.h +version.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +version.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +version.o: ../include/openssl/opensslv.h ../include/openssl/pkcs7.h +version.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +version.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h +version.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +version.o: ../include/openssl/sha.h ../include/openssl/stack.h +version.o: ../include/openssl/symhacks.h ../include/openssl/x509.h version.o: ../include/openssl/x509_vfy.h apps.h x509.o: ../include/openssl/asn1.h ../include/openssl/bio.h x509.o: ../include/openssl/blowfish.h ../include/openssl/bn.h @@ -803,16 +928,18 @@ x509.o: ../include/openssl/buffer.h ../include/openssl/cast.h x509.o: ../include/openssl/conf.h ../include/openssl/crypto.h x509.o: ../include/openssl/des.h ../include/openssl/dh.h x509.o: ../include/openssl/dsa.h ../include/openssl/e_os.h -x509.o: ../include/openssl/e_os2.h ../include/openssl/err.h -x509.o: ../include/openssl/evp.h ../include/openssl/idea.h -x509.o: ../include/openssl/lhash.h ../include/openssl/md2.h +x509.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h +x509.o: ../include/openssl/err.h ../include/openssl/evp.h +x509.o: ../include/openssl/idea.h ../include/openssl/lhash.h +x509.o: ../include/openssl/md2.h ../include/openssl/md4.h x509.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -x509.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -x509.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -x509.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -x509.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -x509.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -x509.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -x509.o: ../include/openssl/sha.h ../include/openssl/stack.h +x509.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +x509.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +x509.o: ../include/openssl/pem.h ../include/openssl/pem2.h +x509.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h +x509.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +x509.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +x509.o: ../include/openssl/safestack.h ../include/openssl/sha.h +x509.o: ../include/openssl/stack.h ../include/openssl/symhacks.h x509.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h x509.o: ../include/openssl/x509v3.h apps.h diff --git a/crypto/openssl/apps/apps.c b/crypto/openssl/apps/apps.c index a87d23b..c22550b 100644 --- a/crypto/openssl/apps/apps.c +++ b/crypto/openssl/apps/apps.c @@ -64,6 +64,11 @@ #define NON_MAIN #include "apps.h" #undef NON_MAIN +#include <openssl/err.h> +#include <openssl/x509.h> +#include <openssl/pem.h> +#include <openssl/pkcs12.h> +#include <openssl/safestack.h> #ifdef WINDOWS # include "bss_file.c" @@ -91,8 +96,8 @@ int args_from_file(char *file, int *argc, char **argv[]) *argv=NULL; len=(unsigned int)stbuf.st_size; - if (buf != NULL) Free(buf); - buf=(char *)Malloc(len+1); + if (buf != NULL) OPENSSL_free(buf); + buf=(char *)OPENSSL_malloc(len+1); if (buf == NULL) return(0); len=fread(buf,1,len,fp); @@ -102,8 +107,8 @@ int args_from_file(char *file, int *argc, char **argv[]) i=0; for (p=buf; *p; p++) if (*p == '\n') i++; - if (arg != NULL) Free(arg); - arg=(char **)Malloc(sizeof(char *)*(i*2)); + if (arg != NULL) OPENSSL_free(arg); + arg=(char **)OPENSSL_malloc(sizeof(char *)*(i*2)); *argv=arg; num=0; @@ -159,6 +164,12 @@ int str2fmt(char *s) return(FORMAT_PEM); else if ((*s == 'N') || (*s == 'n')) return(FORMAT_NETSCAPE); + else if ((*s == 'S') || (*s == 's')) + return(FORMAT_SMIME); + else if ((*s == '1') + || (strcmp(s,"PKCS12") == 0) || (strcmp(s,"pkcs12") == 0) + || (strcmp(s,"P12") == 0) || (strcmp(s,"p12") == 0)) + return(FORMAT_PKCS12); else return(FORMAT_UNDEF); } @@ -266,7 +277,7 @@ int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[]) if (arg->count == 0) { arg->count=20; - arg->data=(char **)Malloc(sizeof(char *)*arg->count); + arg->data=(char **)OPENSSL_malloc(sizeof(char *)*arg->count); } for (i=0; i<arg->count; i++) arg->data[i]=NULL; @@ -285,7 +296,7 @@ int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[]) if (num >= arg->count) { arg->count+=20; - arg->data=(char **)Realloc(arg->data, + arg->data=(char **)OPENSSL_realloc(arg->data, sizeof(char *)*arg->count); if (argc == 0) return(0); } @@ -414,3 +425,352 @@ static char *app_get_pass(BIO *err, char *arg, int keepbio) if(tmp) *tmp = 0; return BUF_strdup(tpass); } + +int add_oid_section(BIO *err, LHASH *conf) +{ + char *p; + STACK_OF(CONF_VALUE) *sktmp; + CONF_VALUE *cnf; + int i; + if(!(p=CONF_get_string(conf,NULL,"oid_section"))) return 1; + if(!(sktmp = CONF_get_section(conf, p))) { + BIO_printf(err, "problem loading oid section %s\n", p); + return 0; + } + for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) { + cnf = sk_CONF_VALUE_value(sktmp, i); + if(OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) { + BIO_printf(err, "problem creating object %s=%s\n", + cnf->name, cnf->value); + return 0; + } + } + return 1; +} + +X509 *load_cert(BIO *err, char *file, int format) + { + ASN1_HEADER *ah=NULL; + BUF_MEM *buf=NULL; + X509 *x=NULL; + BIO *cert; + + if ((cert=BIO_new(BIO_s_file())) == NULL) + { + ERR_print_errors(err); + goto end; + } + + if (file == NULL) + BIO_set_fp(cert,stdin,BIO_NOCLOSE); + else + { + if (BIO_read_filename(cert,file) <= 0) + { + perror(file); + goto end; + } + } + + if (format == FORMAT_ASN1) + x=d2i_X509_bio(cert,NULL); + else if (format == FORMAT_NETSCAPE) + { + unsigned char *p,*op; + int size=0,i; + + /* We sort of have to do it this way because it is sort of nice + * to read the header first and check it, then + * try to read the certificate */ + buf=BUF_MEM_new(); + for (;;) + { + if ((buf == NULL) || (!BUF_MEM_grow(buf,size+1024*10))) + goto end; + i=BIO_read(cert,&(buf->data[size]),1024*10); + size+=i; + if (i == 0) break; + if (i < 0) + { + perror("reading certificate"); + goto end; + } + } + p=(unsigned char *)buf->data; + op=p; + + /* First load the header */ + if ((ah=d2i_ASN1_HEADER(NULL,&p,(long)size)) == NULL) + goto end; + if ((ah->header == NULL) || (ah->header->data == NULL) || + (strncmp(NETSCAPE_CERT_HDR,(char *)ah->header->data, + ah->header->length) != 0)) + { + BIO_printf(err,"Error reading header on certificate\n"); + goto end; + } + /* header is ok, so now read the object */ + p=op; + ah->meth=X509_asn1_meth(); + if ((ah=d2i_ASN1_HEADER(&ah,&p,(long)size)) == NULL) + goto end; + x=(X509 *)ah->data; + ah->data=NULL; + } + else if (format == FORMAT_PEM) + x=PEM_read_bio_X509_AUX(cert,NULL,NULL,NULL); + else if (format == FORMAT_PKCS12) + { + PKCS12 *p12 = d2i_PKCS12_bio(cert, NULL); + + PKCS12_parse(p12, NULL, NULL, &x, NULL); + PKCS12_free(p12); + p12 = NULL; + } + else { + BIO_printf(err,"bad input format specified for input cert\n"); + goto end; + } +end: + if (x == NULL) + { + BIO_printf(err,"unable to load certificate\n"); + ERR_print_errors(err); + } + if (ah != NULL) ASN1_HEADER_free(ah); + if (cert != NULL) BIO_free(cert); + if (buf != NULL) BUF_MEM_free(buf); + return(x); + } + +EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass) + { + BIO *key=NULL; + EVP_PKEY *pkey=NULL; + + if (file == NULL) + { + BIO_printf(err,"no keyfile specified\n"); + goto end; + } + key=BIO_new(BIO_s_file()); + if (key == NULL) + { + ERR_print_errors(err); + goto end; + } + if (BIO_read_filename(key,file) <= 0) + { + perror(file); + goto end; + } + if (format == FORMAT_ASN1) + { + pkey=d2i_PrivateKey_bio(key, NULL); + } + else if (format == FORMAT_PEM) + { + pkey=PEM_read_bio_PrivateKey(key,NULL,NULL,pass); + } + else if (format == FORMAT_PKCS12) + { + PKCS12 *p12 = d2i_PKCS12_bio(key, NULL); + + PKCS12_parse(p12, pass, &pkey, NULL, NULL); + PKCS12_free(p12); + p12 = NULL; + } + else + { + BIO_printf(err,"bad input format specified for key\n"); + goto end; + } + end: + if (key != NULL) BIO_free(key); + if (pkey == NULL) + BIO_printf(err,"unable to load Private Key\n"); + return(pkey); + } + +EVP_PKEY *load_pubkey(BIO *err, char *file, int format) + { + BIO *key=NULL; + EVP_PKEY *pkey=NULL; + + if (file == NULL) + { + BIO_printf(err,"no keyfile specified\n"); + goto end; + } + key=BIO_new(BIO_s_file()); + if (key == NULL) + { + ERR_print_errors(err); + goto end; + } + if (BIO_read_filename(key,file) <= 0) + { + perror(file); + goto end; + } + if (format == FORMAT_ASN1) + { + pkey=d2i_PUBKEY_bio(key, NULL); + } + else if (format == FORMAT_PEM) + { + pkey=PEM_read_bio_PUBKEY(key,NULL,NULL,NULL); + } + else + { + BIO_printf(err,"bad input format specified for key\n"); + goto end; + } + end: + if (key != NULL) BIO_free(key); + if (pkey == NULL) + BIO_printf(err,"unable to load Public Key\n"); + return(pkey); + } + +STACK_OF(X509) *load_certs(BIO *err, char *file, int format) + { + BIO *certs; + int i; + STACK_OF(X509) *othercerts = NULL; + STACK_OF(X509_INFO) *allcerts = NULL; + X509_INFO *xi; + + if((certs = BIO_new(BIO_s_file())) == NULL) + { + ERR_print_errors(err); + goto end; + } + + if (file == NULL) + BIO_set_fp(certs,stdin,BIO_NOCLOSE); + else + { + if (BIO_read_filename(certs,file) <= 0) + { + perror(file); + goto end; + } + } + + if (format == FORMAT_PEM) + { + othercerts = sk_X509_new_null(); + if(!othercerts) + { + sk_X509_free(othercerts); + othercerts = NULL; + goto end; + } + allcerts = PEM_X509_INFO_read_bio(certs, NULL, NULL, NULL); + for(i = 0; i < sk_X509_INFO_num(allcerts); i++) + { + xi = sk_X509_INFO_value (allcerts, i); + if (xi->x509) + { + sk_X509_push(othercerts, xi->x509); + xi->x509 = NULL; + } + } + goto end; + } + else { + BIO_printf(err,"bad input format specified for input cert\n"); + goto end; + } +end: + if (othercerts == NULL) + { + BIO_printf(err,"unable to load certificates\n"); + ERR_print_errors(err); + } + if (allcerts) sk_X509_INFO_pop_free(allcerts, X509_INFO_free); + if (certs != NULL) BIO_free(certs); + return(othercerts); + } + +typedef struct { + char *name; + unsigned long flag; + unsigned long mask; +} NAME_EX_TBL; + +int set_name_ex(unsigned long *flags, const char *arg) +{ + char c; + const NAME_EX_TBL *ptbl, ex_tbl[] = { + { "esc_2253", ASN1_STRFLGS_ESC_2253, 0}, + { "esc_ctrl", ASN1_STRFLGS_ESC_CTRL, 0}, + { "esc_msb", ASN1_STRFLGS_ESC_MSB, 0}, + { "use_quote", ASN1_STRFLGS_ESC_QUOTE, 0}, + { "utf8", ASN1_STRFLGS_UTF8_CONVERT, 0}, + { "ignore_type", ASN1_STRFLGS_IGNORE_TYPE, 0}, + { "show_type", ASN1_STRFLGS_SHOW_TYPE, 0}, + { "dump_all", ASN1_STRFLGS_DUMP_ALL, 0}, + { "dump_nostr", ASN1_STRFLGS_DUMP_UNKNOWN, 0}, + { "dump_der", ASN1_STRFLGS_DUMP_DER, 0}, + { "compat", XN_FLAG_COMPAT, 0xffffffffL}, + { "sep_comma_plus", XN_FLAG_SEP_COMMA_PLUS, XN_FLAG_SEP_MASK}, + { "sep_comma_plus_space", XN_FLAG_SEP_CPLUS_SPC, XN_FLAG_SEP_MASK}, + { "sep_semi_plus_space", XN_FLAG_SEP_SPLUS_SPC, XN_FLAG_SEP_MASK}, + { "sep_multiline", XN_FLAG_SEP_MULTILINE, XN_FLAG_SEP_MASK}, + { "dn_rev", XN_FLAG_DN_REV, 0}, + { "nofname", XN_FLAG_FN_NONE, XN_FLAG_FN_MASK}, + { "sname", XN_FLAG_FN_SN, XN_FLAG_FN_MASK}, + { "lname", XN_FLAG_FN_LN, XN_FLAG_FN_MASK}, + { "oid", XN_FLAG_FN_OID, XN_FLAG_FN_MASK}, + { "space_eq", XN_FLAG_SPC_EQ, 0}, + { "dump_unknown", XN_FLAG_DUMP_UNKNOWN_FIELDS, 0}, + { "RFC2253", XN_FLAG_RFC2253, 0xffffffffL}, + { "oneline", XN_FLAG_ONELINE, 0xffffffffL}, + { "multiline", XN_FLAG_MULTILINE, 0xffffffffL}, + { NULL, 0, 0} + }; + + c = arg[0]; + + if(c == '-') { + c = 0; + arg++; + } else if (c == '+') { + c = 1; + arg++; + } else c = 1; + + for(ptbl = ex_tbl; ptbl->name; ptbl++) { + if(!strcmp(arg, ptbl->name)) { + *flags &= ~ptbl->mask; + if(c) *flags |= ptbl->flag; + else *flags &= ~ptbl->flag; + return 1; + } + } + return 0; +} + +void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags) +{ + char buf[256]; + char mline = 0; + int indent = 0; + if(title) BIO_puts(out, title); + if((lflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) { + mline = 1; + indent = 4; + } + if(lflags == XN_FLAG_COMPAT) { + X509_NAME_oneline(nm,buf,256); + BIO_puts(out,buf); + BIO_puts(out, "\n"); + } else { + if(mline) BIO_puts(out, "\n"); + X509_NAME_print_ex(out, nm, indent, lflags); + BIO_puts(out, "\n"); + } +} + diff --git a/crypto/openssl/apps/apps.h b/crypto/openssl/apps/apps.h index 2dcdb88..82587b9 100644 --- a/crypto/openssl/apps/apps.h +++ b/crypto/openssl/apps/apps.h @@ -65,6 +65,8 @@ #include <openssl/bio.h> #include <openssl/crypto.h> #include <openssl/x509.h> +#include <openssl/lhash.h> +#include <openssl/conf.h> int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn); int app_RAND_write_file(const char *file, BIO *bio_e); @@ -98,7 +100,6 @@ extern BIO *bio_err; #else #define MAIN(a,v) PROG(a,v) -#include <openssl/conf.h> extern LHASH *config; extern char *default_config_file; extern BIO *bio_err; @@ -144,13 +145,25 @@ void program_name(char *in,char *out,int size); int chopup_args(ARGS *arg,char *buf, int *argc, char **argv[]); #ifdef HEADER_X509_H int dump_cert_text(BIO *out, X509 *x); +void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags); #endif +int set_name_ex(unsigned long *flags, const char *arg); int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2); +int add_oid_section(BIO *err, LHASH *conf); +X509 *load_cert(BIO *err, char *file, int format); +EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass); +EVP_PKEY *load_pubkey(BIO *err, char *file, int format); +STACK_OF(X509) *load_certs(BIO *err, char *file, int format); + #define FORMAT_UNDEF 0 #define FORMAT_ASN1 1 #define FORMAT_TEXT 2 #define FORMAT_PEM 3 #define FORMAT_NETSCAPE 4 +#define FORMAT_PKCS12 5 +#define FORMAT_SMIME 6 + +#define NETSCAPE_CERT_HDR "certificate" #define APP_PASS_LEN 1024 diff --git a/crypto/openssl/apps/asn1pars.c b/crypto/openssl/apps/asn1pars.c index f104ebc..f25c9f8 100644 --- a/crypto/openssl/apps/asn1pars.c +++ b/crypto/openssl/apps/asn1pars.c @@ -88,7 +88,7 @@ int MAIN(int argc, char **argv) unsigned int length=0; long num,tmplen; BIO *in=NULL,*out=NULL,*b64=NULL, *derout = NULL; - int informat,indent=0, noout = 0; + int informat,indent=0, noout = 0, dump = 0; char *infile=NULL,*str=NULL,*prog,*oidfile=NULL, *derfile=NULL; unsigned char *tmpbuf; BUF_MEM *buf=NULL; @@ -108,7 +108,7 @@ int MAIN(int argc, char **argv) argv++; if ((osk=sk_new_null()) == NULL) { - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"Memory allocation failure\n"); goto end; } while (argc >= 1) @@ -149,6 +149,16 @@ int MAIN(int argc, char **argv) length= atoi(*(++argv)); if (length == 0) goto bad; } + else if (strcmp(*argv,"-dump") == 0) + { + dump= -1; + } + else if (strcmp(*argv,"-dlimit") == 0) + { + if (--argc < 1) goto bad; + dump= atoi(*(++argv)); + if (dump <= 0) goto bad; + } else if (strcmp(*argv,"-strparse") == 0) { if (--argc < 1) goto bad; @@ -176,6 +186,8 @@ bad: BIO_printf(bio_err," -offset arg offset into file\n"); BIO_printf(bio_err," -length arg length of section in file\n"); BIO_printf(bio_err," -i indent entries\n"); + BIO_printf(bio_err," -dump dump unknown data in hex form\n"); + BIO_printf(bio_err," -dlimit arg dump the first arg bytes of unknown data in hex form\n"); BIO_printf(bio_err," -oid file file of extra oid definitions\n"); BIO_printf(bio_err," -strparse offset\n"); BIO_printf(bio_err," a series of these can be used to 'dig' into multiple\n"); @@ -194,6 +206,12 @@ bad: goto end; } BIO_set_fp(out,stdout,BIO_NOCLOSE|BIO_FP_TEXT); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif if (oidfile != NULL) { @@ -293,7 +311,8 @@ bad: } } if (!noout && - !ASN1_parse(out,(unsigned char *)&(str[offset]),length,indent)) + !ASN1_parse_dump(out,(unsigned char *)&(str[offset]),length, + indent,dump)) { ERR_print_errors(bio_err); goto end; @@ -302,7 +321,7 @@ bad: end: BIO_free(derout); if (in != NULL) BIO_free(in); - if (out != NULL) BIO_free(out); + if (out != NULL) BIO_free_all(out); if (b64 != NULL) BIO_free(b64); if (ret != 0) ERR_print_errors(bio_err); diff --git a/crypto/openssl/apps/ca.c b/crypto/openssl/apps/ca.c index 73df13f..2d71104 100644 --- a/crypto/openssl/apps/ca.c +++ b/crypto/openssl/apps/ca.c @@ -176,7 +176,6 @@ extern int EF_PROTECT_BELOW; extern int EF_ALIGNMENT; #endif -static int add_oid_section(LHASH *conf); static void lookup_fail(char *name,char *tag); static unsigned long index_serial_hash(char **a); static int index_serial_cmp(char **a, char **b); @@ -217,7 +216,7 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { - char *key=NULL; + char *key=NULL,*passargin=NULL; int total=0; int total_done=0; int badops=0; @@ -263,7 +262,7 @@ int MAIN(int argc, char **argv) long l; const EVP_MD *dgst=NULL; STACK_OF(CONF_VALUE) *attribs=NULL; - STACK *cert_sk=NULL; + STACK_OF(X509) *cert_sk=NULL; BIO *hex=NULL; #undef BSIZE #define BSIZE 256 @@ -334,6 +333,11 @@ EF_ALIGNMENT=0; if (--argc < 1) goto bad; keyfile= *(++argv); } + else if (strcmp(*argv,"-passin") == 0) + { + if (--argc < 1) goto bad; + passargin= *(++argv); + } else if (strcmp(*argv,"-key") == 0) { if (--argc < 1) goto bad; @@ -498,7 +502,7 @@ bad: BIO_free(oid_bio); } } - if(!add_oid_section(conf)) + if(!add_oid_section(bio_err,conf)) { ERR_print_errors(bio_err); goto err; @@ -527,6 +531,11 @@ bad: lookup_fail(section,ENV_PRIVATE_KEY); goto err; } + if(!key && !app_passwd(bio_err, passargin, NULL, &key, NULL)) + { + BIO_printf(bio_err,"Error getting password\n"); + goto err; + } if (BIO_read_filename(in,keyfile) <= 0) { perror(keyfile); @@ -681,6 +690,12 @@ bad: if (verbose) { BIO_set_fp(out,stdout,BIO_NOCLOSE|BIO_FP_TEXT); /* cannot fail */ +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif TXT_DB_write(out,db); BIO_printf(bio_err,"%d entries loaded from the database\n", db->data->num); @@ -715,7 +730,15 @@ bad: } } else + { BIO_set_fp(Sout,stdout,BIO_NOCLOSE|BIO_FP_TEXT); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + Sout = BIO_push(tmpbio, Sout); + } +#endif + } } if (req) @@ -808,7 +831,7 @@ bad: { if ((f=BN_bn2hex(serial)) == NULL) goto err; BIO_printf(bio_err,"next serial number is %s\n",f); - Free(f); + OPENSSL_free(f); } if ((attribs=CONF_get_section(conf,policy)) == NULL) @@ -817,9 +840,9 @@ bad: goto err; } - if ((cert_sk=sk_new_null()) == NULL) + if ((cert_sk=sk_X509_new_null()) == NULL) { - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"Memory allocation failure\n"); goto err; } if (spkac_file != NULL) @@ -834,9 +857,9 @@ bad: total_done++; BIO_printf(bio_err,"\n"); if (!BN_add_word(serial,1)) goto err; - if (!sk_push(cert_sk,(char *)x)) + if (!sk_X509_push(cert_sk,x)) { - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"Memory allocation failure\n"); goto err; } if (outfile) @@ -858,9 +881,9 @@ bad: total_done++; BIO_printf(bio_err,"\n"); if (!BN_add_word(serial,1)) goto err; - if (!sk_push(cert_sk,(char *)x)) + if (!sk_X509_push(cert_sk,x)) { - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"Memory allocation failure\n"); goto err; } } @@ -877,9 +900,9 @@ bad: total_done++; BIO_printf(bio_err,"\n"); if (!BN_add_word(serial,1)) goto err; - if (!sk_push(cert_sk,(char *)x)) + if (!sk_X509_push(cert_sk,x)) { - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"Memory allocation failure\n"); goto err; } } @@ -896,9 +919,9 @@ bad: total_done++; BIO_printf(bio_err,"\n"); if (!BN_add_word(serial,1)) goto err; - if (!sk_push(cert_sk,(char *)x)) + if (!sk_X509_push(cert_sk,x)) { - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"Memory allocation failure\n"); goto err; } } @@ -907,7 +930,7 @@ bad: * and a data base and serial number that need * updating */ - if (sk_num(cert_sk) > 0) + if (sk_X509_num(cert_sk) > 0) { if (!batch) { @@ -923,7 +946,7 @@ bad: } } - BIO_printf(bio_err,"Write out database with %d new entries\n",sk_num(cert_sk)); + BIO_printf(bio_err,"Write out database with %d new entries\n",sk_X509_num(cert_sk)); strncpy(buf[0],serialfile,BSIZE-4); @@ -955,12 +978,12 @@ bad: if (verbose) BIO_printf(bio_err,"writing new certificates\n"); - for (i=0; i<sk_num(cert_sk); i++) + for (i=0; i<sk_X509_num(cert_sk); i++) { int k; unsigned char *n; - x=(X509 *)sk_value(cert_sk,i); + x=sk_X509_value(cert_sk,i); j=x->cert_info->serialNumber->length; p=(char *)x->cert_info->serialNumber->data; @@ -999,7 +1022,7 @@ bad: write_new_certificate(Sout,x, output_der, notext); } - if (sk_num(cert_sk)) + if (sk_X509_num(cert_sk)) { /* Rename the database and the serial file */ strncpy(buf[2],serialfile,BSIZE-4); @@ -1011,7 +1034,7 @@ bad: #endif BIO_free(in); - BIO_free(out); + BIO_free_all(out); in=NULL; out=NULL; if (rename(serialfile,buf[2]) < 0) @@ -1228,12 +1251,12 @@ bad: ret=0; err: BIO_free(hex); - BIO_free(Cout); - BIO_free(Sout); - BIO_free(out); + BIO_free_all(Cout); + BIO_free_all(Sout); + BIO_free_all(out); BIO_free(in); - sk_pop_free(cert_sk,X509_free); + sk_X509_pop_free(cert_sk,X509_free); if (ret) ERR_print_errors(bio_err); app_RAND_write_file(randfile, bio_err); @@ -1345,7 +1368,7 @@ static int save_serial(char *serialfile, BIGNUM *serial) BIO_puts(out,"\n"); ret=1; err: - if (out != NULL) BIO_free(out); + if (out != NULL) BIO_free_all(out); if (ai != NULL) ASN1_INTEGER_free(ai); return(ret); } @@ -1580,7 +1603,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst, /* Ok, now we check the 'policy' stuff. */ if ((subject=X509_NAME_new()) == NULL) { - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"Memory allocation failure\n"); goto err; } @@ -1678,7 +1701,7 @@ again2: { if (push != NULL) X509_NAME_ENTRY_free(push); - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"Memory allocation failure\n"); goto err; } } @@ -1700,7 +1723,7 @@ again2: row[DB_serial]=BN_bn2hex(serial); if ((row[DB_name] == NULL) || (row[DB_serial] == NULL)) { - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"Memory allocation failure\n"); goto err; } @@ -1841,32 +1864,32 @@ again2: goto err; /* We now just add it to the database */ - row[DB_type]=(char *)Malloc(2); + row[DB_type]=(char *)OPENSSL_malloc(2); tm=X509_get_notAfter(ret); - row[DB_exp_date]=(char *)Malloc(tm->length+1); + row[DB_exp_date]=(char *)OPENSSL_malloc(tm->length+1); memcpy(row[DB_exp_date],tm->data,tm->length); row[DB_exp_date][tm->length]='\0'; row[DB_rev_date]=NULL; /* row[DB_serial] done already */ - row[DB_file]=(char *)Malloc(8); + row[DB_file]=(char *)OPENSSL_malloc(8); /* row[DB_name] done already */ if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) || (row[DB_file] == NULL)) { - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"Memory allocation failure\n"); goto err; } strcpy(row[DB_file],"unknown"); row[DB_type][0]='V'; row[DB_type][1]='\0'; - if ((irow=(char **)Malloc(sizeof(char *)*(DB_NUMBER+1))) == NULL) + if ((irow=(char **)OPENSSL_malloc(sizeof(char *)*(DB_NUMBER+1))) == NULL) { - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"Memory allocation failure\n"); goto err; } @@ -1886,7 +1909,7 @@ again2: ok=1; err: for (i=0; i<DB_NUMBER; i++) - if (row[i] != NULL) Free(row[i]); + if (row[i] != NULL) OPENSSL_free(row[i]); if (CAname != NULL) X509_NAME_free(CAname); @@ -2100,28 +2123,6 @@ static int check_time_format(char *str) return(ASN1_UTCTIME_check(&tm)); } -static int add_oid_section(LHASH *hconf) -{ - char *p; - STACK_OF(CONF_VALUE) *sktmp; - CONF_VALUE *cnf; - int i; - if(!(p=CONF_get_string(hconf,NULL,"oid_section"))) return 1; - if(!(sktmp = CONF_get_section(hconf, p))) { - BIO_printf(bio_err, "problem loading oid section %s\n", p); - return 0; - } - for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) { - cnf = sk_CONF_VALUE_value(sktmp, i); - if(OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) { - BIO_printf(bio_err, "problem creating object %s=%s\n", - cnf->name, cnf->value); - return 0; - } - } - return 1; -} - static int do_revoke(X509 *x509, TXT_DB *db) { ASN1_UTCTIME *tm=NULL, *revtm=NULL; @@ -2137,7 +2138,7 @@ static int do_revoke(X509 *x509, TXT_DB *db) BN_free(bn); if ((row[DB_name] == NULL) || (row[DB_serial] == NULL)) { - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"Memory allocation failure\n"); goto err; } /* We have to lookup by serial number because name lookup @@ -2149,33 +2150,33 @@ static int do_revoke(X509 *x509, TXT_DB *db) BIO_printf(bio_err,"Adding Entry to DB for %s\n", row[DB_name]); /* We now just add it to the database */ - row[DB_type]=(char *)Malloc(2); + row[DB_type]=(char *)OPENSSL_malloc(2); tm=X509_get_notAfter(x509); - row[DB_exp_date]=(char *)Malloc(tm->length+1); + row[DB_exp_date]=(char *)OPENSSL_malloc(tm->length+1); memcpy(row[DB_exp_date],tm->data,tm->length); row[DB_exp_date][tm->length]='\0'; row[DB_rev_date]=NULL; /* row[DB_serial] done already */ - row[DB_file]=(char *)Malloc(8); + row[DB_file]=(char *)OPENSSL_malloc(8); /* row[DB_name] done already */ if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) || (row[DB_file] == NULL)) { - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"Memory allocation failure\n"); goto err; } strcpy(row[DB_file],"unknown"); row[DB_type][0]='V'; row[DB_type][1]='\0'; - if ((irow=(char **)Malloc(sizeof(char *)*(DB_NUMBER+1))) == NULL) + if ((irow=(char **)OPENSSL_malloc(sizeof(char *)*(DB_NUMBER+1))) == NULL) { - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"Memory allocation failure\n"); goto err; } @@ -2218,7 +2219,7 @@ static int do_revoke(X509 *x509, TXT_DB *db) revtm=X509_gmtime_adj(revtm,0); rrow[DB_type][0]='R'; rrow[DB_type][1]='\0'; - rrow[DB_rev_date]=(char *)Malloc(revtm->length+1); + rrow[DB_rev_date]=(char *)OPENSSL_malloc(revtm->length+1); memcpy(rrow[DB_rev_date],revtm->data,revtm->length); rrow[DB_rev_date][revtm->length]='\0'; ASN1_UTCTIME_free(revtm); @@ -2228,7 +2229,7 @@ err: for (i=0; i<DB_NUMBER; i++) { if (row[i] != NULL) - Free(row[i]); + OPENSSL_free(row[i]); } return(ok); } diff --git a/crypto/openssl/apps/ciphers.c b/crypto/openssl/apps/ciphers.c index f8e9e7b..b6e2f96 100644 --- a/crypto/openssl/apps/ciphers.c +++ b/crypto/openssl/apps/ciphers.c @@ -74,6 +74,7 @@ static char *ciphers_usage[]={ " -v - verbose mode, a textual listing of the ciphers in SSLeay\n", " -ssl2 - SSL2 mode\n", " -ssl3 - SSL3 mode\n", +" -tls1 - TLS1 mode\n", NULL }; @@ -107,6 +108,12 @@ int MAIN(int argc, char **argv) if (bio_err == NULL) bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); STDout=BIO_new_fp(stdout,BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + STDout = BIO_push(tmpbio, STDout); + } +#endif argc--; argv++; @@ -122,6 +129,10 @@ int MAIN(int argc, char **argv) else if (strcmp(*argv,"-ssl3") == 0) meth=SSLv3_client_method(); #endif +#ifndef NO_TLS1 + else if (strcmp(*argv,"-tls1") == 0) + meth=TLSv1_client_method(); +#endif else if ((strncmp(*argv,"-h",2) == 0) || (strcmp(*argv,"-?") == 0)) { @@ -190,7 +201,7 @@ err: end: if (ctx != NULL) SSL_CTX_free(ctx); if (ssl != NULL) SSL_free(ssl); - if (STDout != NULL) BIO_free(STDout); + if (STDout != NULL) BIO_free_all(STDout); EXIT(ret); } diff --git a/crypto/openssl/apps/crl.c b/crypto/openssl/apps/crl.c index 338f46d..3b5725f 100644 --- a/crypto/openssl/apps/crl.c +++ b/crypto/openssl/apps/crl.c @@ -104,6 +104,7 @@ int MAIN(int argc, char **argv) int informat,outformat; char *infile=NULL,*outfile=NULL; int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0,text=0; + int fingerprint = 0; char **pp,buf[256]; X509_STORE *store = NULL; X509_STORE_CTX ctx; @@ -111,6 +112,7 @@ int MAIN(int argc, char **argv) X509_OBJECT xobj; EVP_PKEY *pkey; int do_ver = 0; + const EVP_MD *md_alg,*digest=EVP_md5(); apps_startup(); @@ -120,7 +122,15 @@ int MAIN(int argc, char **argv) if (bio_out == NULL) if ((bio_out=BIO_new(BIO_s_file())) != NULL) + { BIO_set_fp(bio_out,stdout,BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + bio_out = BIO_push(tmpbio, bio_out); + } +#endif + } informat=FORMAT_PEM; outformat=FORMAT_PEM; @@ -183,6 +193,13 @@ int MAIN(int argc, char **argv) nextupdate= ++num; else if (strcmp(*argv,"-noout") == 0) noout= ++num; + else if (strcmp(*argv,"-fingerprint") == 0) + fingerprint= ++num; + else if ((md_alg=EVP_get_digestbyname(*argv + 1))) + { + /* ok */ + digest=md_alg; + } else { BIO_printf(bio_err,"unknown option %s\n",*argv); @@ -274,6 +291,26 @@ bad: BIO_printf(bio_out,"NONE"); BIO_printf(bio_out,"\n"); } + if (fingerprint == i) + { + int j; + unsigned int n; + unsigned char md[EVP_MAX_MD_SIZE]; + + if (!X509_CRL_digest(x,digest,md,&n)) + { + BIO_printf(bio_err,"out of memory\n"); + goto end; + } + BIO_printf(bio_out,"%s Fingerprint=", + OBJ_nid2sn(EVP_MD_type(digest))); + for (j=0; j<(int)n; j++) + { + BIO_printf(bio_out,"%02X%c",md[j], + (j+1 == (int)n) + ?'\n':':'); + } + } } } @@ -285,7 +322,15 @@ bad: } if (outfile == NULL) + { BIO_set_fp(out,stdout,BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + } else { if (BIO_write_filename(out,outfile) <= 0) @@ -311,8 +356,8 @@ bad: if (!i) { BIO_printf(bio_err,"unable to write CRL\n"); goto end; } ret=0; end: - BIO_free(out); - BIO_free(bio_out); + BIO_free_all(out); + BIO_free_all(bio_out); bio_out=NULL; X509_CRL_free(x); if(store) { diff --git a/crypto/openssl/apps/crl2p7.c b/crypto/openssl/apps/crl2p7.c index 4056591..7f853b6 100644 --- a/crypto/openssl/apps/crl2p7.c +++ b/crypto/openssl/apps/crl2p7.c @@ -141,7 +141,7 @@ int MAIN(int argc, char **argv) else if (strcmp(*argv,"-certfile") == 0) { if (--argc < 1) goto bad; - if(!certflst) certflst = sk_new(NULL); + if(!certflst) certflst = sk_new_null(); sk_push(certflst,*(++argv)); } else @@ -215,15 +215,15 @@ bad: p7s->contents->type=OBJ_nid2obj(NID_pkcs7_data); if (!ASN1_INTEGER_set(p7s->version,1)) goto end; - if ((crl_stack=sk_X509_CRL_new(NULL)) == NULL) goto end; + if ((crl_stack=sk_X509_CRL_new_null()) == NULL) goto end; p7s->crl=crl_stack; if (crl != NULL) { sk_X509_CRL_push(crl_stack,crl); - crl=NULL; /* now part of p7 for Freeing */ + crl=NULL; /* now part of p7 for OPENSSL_freeing */ } - if ((cert_stack=sk_X509_new(NULL)) == NULL) goto end; + if ((cert_stack=sk_X509_new_null()) == NULL) goto end; p7s->cert=cert_stack; if(certflst) for(i = 0; i < sk_num(certflst); i++) { @@ -239,7 +239,15 @@ bad: sk_free(certflst); if (outfile == NULL) + { BIO_set_fp(out,stdout,BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + } else { if (BIO_write_filename(out,outfile) <= 0) @@ -266,7 +274,7 @@ bad: ret=0; end: if (in != NULL) BIO_free(in); - if (out != NULL) BIO_free(out); + if (out != NULL) BIO_free_all(out); if (p7 != NULL) PKCS7_free(p7); if (crl != NULL) X509_CRL_free(crl); @@ -327,7 +335,7 @@ static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile) ret=count; end: - /* never need to Free x */ + /* never need to OPENSSL_free x */ if (in != NULL) BIO_free(in); if (sk != NULL) sk_X509_INFO_free(sk); return(ret); diff --git a/crypto/openssl/apps/dgst.c b/crypto/openssl/apps/dgst.c index 1b56d6e..0e93c97 100644 --- a/crypto/openssl/apps/dgst.c +++ b/crypto/openssl/apps/dgst.c @@ -73,7 +73,8 @@ #undef PROG #define PROG dgst_main -void do_fp(unsigned char *buf,BIO *f,int sep); +void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, char binout, + EVP_PKEY *key, unsigned char *sigin, int siglen); int MAIN(int, char **); @@ -84,15 +85,22 @@ int MAIN(int argc, char **argv) const EVP_MD *md=NULL,*m; BIO *in=NULL,*inp; BIO *bmd=NULL; + BIO *out = NULL; const char *name; #define PROG_NAME_SIZE 16 char pname[PROG_NAME_SIZE]; int separator=0; int debug=0; + const char *outfile = NULL, *keyfile = NULL; + const char *sigfile = NULL, *randfile = NULL; + char out_bin = -1, want_pub = 0, do_verify = 0; + EVP_PKEY *sigkey = NULL; + unsigned char *sigbuf = NULL; + int siglen = 0; apps_startup(); - if ((buf=(unsigned char *)Malloc(BUFSIZE)) == NULL) + if ((buf=(unsigned char *)OPENSSL_malloc(BUFSIZE)) == NULL) { BIO_printf(bio_err,"out of memory\n"); goto end; @@ -113,6 +121,43 @@ int MAIN(int argc, char **argv) if ((*argv)[0] != '-') break; if (strcmp(*argv,"-c") == 0) separator=1; + else if (strcmp(*argv,"-rand") == 0) + { + if (--argc < 1) break; + randfile=*(++argv); + } + else if (strcmp(*argv,"-out") == 0) + { + if (--argc < 1) break; + outfile=*(++argv); + } + else if (strcmp(*argv,"-sign") == 0) + { + if (--argc < 1) break; + keyfile=*(++argv); + } + else if (strcmp(*argv,"-verify") == 0) + { + if (--argc < 1) break; + keyfile=*(++argv); + want_pub = 1; + do_verify = 1; + } + else if (strcmp(*argv,"-prverify") == 0) + { + if (--argc < 1) break; + keyfile=*(++argv); + do_verify = 1; + } + else if (strcmp(*argv,"-signature") == 0) + { + if (--argc < 1) break; + sigfile=*(++argv); + } + else if (strcmp(*argv,"-hex") == 0) + out_bin = 0; + else if (strcmp(*argv,"-binary") == 0) + out_bin = 1; else if (strcmp(*argv,"-d") == 0) debug=1; else if ((m=EVP_get_digestbyname(&((*argv)[1]))) != NULL) @@ -126,15 +171,31 @@ int MAIN(int argc, char **argv) if (md == NULL) md=EVP_md5(); + if(do_verify && !sigfile) { + BIO_printf(bio_err, "No signature to verify: use the -signature option\n"); + err = 1; + goto end; + } + if ((argc > 0) && (argv[0][0] == '-')) /* bad option */ { BIO_printf(bio_err,"unknown option '%s'\n",*argv); BIO_printf(bio_err,"options are\n"); - BIO_printf(bio_err,"-c to output the digest with separating colons\n"); - BIO_printf(bio_err,"-d to output debug info\n"); + BIO_printf(bio_err,"-c to output the digest with separating colons\n"); + BIO_printf(bio_err,"-d to output debug info\n"); + BIO_printf(bio_err,"-hex output as hex dump\n"); + BIO_printf(bio_err,"-binary output in binary form\n"); + BIO_printf(bio_err,"-sign file sign digest using private key in file\n"); + BIO_printf(bio_err,"-verify file verify a signature using public key in file\n"); + BIO_printf(bio_err,"-prverify file verify a signature using private key in file\n"); + BIO_printf(bio_err,"-signature file signature to verify\n"); + BIO_printf(bio_err,"-binary output in binary form\n"); + BIO_printf(bio_err,"-%3s to use the %s message digest algorithm (default)\n", LN_md5,LN_md5); BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n", + LN_md4,LN_md4); + BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n", LN_md2,LN_md2); BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n", LN_sha1,LN_sha1); @@ -147,7 +208,7 @@ int MAIN(int argc, char **argv) err=1; goto end; } - + in=BIO_new(BIO_s_file()); bmd=BIO_new(BIO_f_md()); if (debug) @@ -163,6 +224,80 @@ int MAIN(int argc, char **argv) goto end; } + if(out_bin == -1) { + if(keyfile) out_bin = 1; + else out_bin = 0; + } + + if(randfile) + app_RAND_load_file(randfile, bio_err, 0); + + if(outfile) { + if(out_bin) + out = BIO_new_file(outfile, "wb"); + else out = BIO_new_file(outfile, "w"); + } else { + out = BIO_new_fp(stdout, BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + } + + if(!out) { + BIO_printf(bio_err, "Error opening output file %s\n", + outfile ? outfile : "(stdout)"); + ERR_print_errors(bio_err); + goto end; + } + + if(keyfile) { + BIO *keybio; + keybio = BIO_new_file(keyfile, "r"); + if(!keybio) { + BIO_printf(bio_err, "Error opening key file %s\n", + keyfile); + ERR_print_errors(bio_err); + goto end; + } + + if(want_pub) + sigkey = PEM_read_bio_PUBKEY(keybio, NULL, NULL, NULL); + else sigkey = PEM_read_bio_PrivateKey(keybio, NULL, NULL, NULL); + BIO_free(keybio); + if(!sigkey) { + BIO_printf(bio_err, "Error reading key file %s\n", + keyfile); + ERR_print_errors(bio_err); + goto end; + } + } + + if(sigfile && sigkey) { + BIO *sigbio; + sigbio = BIO_new_file(sigfile, "rb"); + siglen = EVP_PKEY_size(sigkey); + sigbuf = OPENSSL_malloc(siglen); + if(!sigbio) { + BIO_printf(bio_err, "Error opening signature file %s\n", + sigfile); + ERR_print_errors(bio_err); + goto end; + } + siglen = BIO_read(sigbio, sigbuf, siglen); + BIO_free(sigbio); + if(siglen <= 0) { + BIO_printf(bio_err, "Error reading signature file %s\n", + sigfile); + ERR_print_errors(bio_err); + goto end; + } + } + + + /* we use md as a filter, reading from 'in' */ BIO_set_md(bmd,md); inp=BIO_push(bmd,in); @@ -170,7 +305,7 @@ int MAIN(int argc, char **argv) if (argc == 0) { BIO_set_fp(in,stdin,BIO_NOCLOSE); - do_fp(buf,inp,separator); + do_fp(out, buf,inp,separator, out_bin, sigkey, sigbuf, siglen); } else { @@ -183,8 +318,9 @@ int MAIN(int argc, char **argv) err++; continue; } - printf("%s(%s)= ",name,argv[i]); - do_fp(buf,inp,separator); + if(!out_bin) BIO_printf(out, "%s(%s)= ",name,argv[i]); + do_fp(out, buf,inp,separator, out_bin, sigkey, + sigbuf, siglen); (void)BIO_reset(bmd); } } @@ -192,14 +328,18 @@ end: if (buf != NULL) { memset(buf,0,BUFSIZE); - Free(buf); + OPENSSL_free(buf); } if (in != NULL) BIO_free(in); + BIO_free_all(out); + EVP_PKEY_free(sigkey); + if(sigbuf) OPENSSL_free(sigbuf); if (bmd != NULL) BIO_free(bmd); EXIT(err); } -void do_fp(unsigned char *buf, BIO *bp, int sep) +void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, char binout, + EVP_PKEY *key, unsigned char *sigin, int siglen) { int len; int i; @@ -209,14 +349,44 @@ void do_fp(unsigned char *buf, BIO *bp, int sep) i=BIO_read(bp,(char *)buf,BUFSIZE); if (i <= 0) break; } - len=BIO_gets(bp,(char *)buf,BUFSIZE); + if(sigin) + { + EVP_MD_CTX *ctx; + BIO_get_md_ctx(bp, &ctx); + i = EVP_VerifyFinal(ctx, sigin, (unsigned int)siglen, key); + if(i > 0) BIO_printf(out, "Verified OK\n"); + else if(i == 0) BIO_printf(out, "Verification Failure\n"); + else + { + BIO_printf(bio_err, "Error Verifying Data\n"); + ERR_print_errors(bio_err); + } + return; + } + if(key) + { + EVP_MD_CTX *ctx; + BIO_get_md_ctx(bp, &ctx); + if(!EVP_SignFinal(ctx, buf, (unsigned int *)&len, key)) + { + BIO_printf(bio_err, "Error Signing Data\n"); + ERR_print_errors(bio_err); + return; + } + } + else + len=BIO_gets(bp,(char *)buf,BUFSIZE); - for (i=0; i<len; i++) + if(binout) BIO_write(out, buf, len); + else { - if (sep && (i != 0)) - putc(':',stdout); - printf("%02x",buf[i]); + for (i=0; i<len; i++) + { + if (sep && (i != 0)) + BIO_printf(out, ":"); + BIO_printf(out, "%02x",buf[i]); + } + BIO_printf(out, "\n"); } - printf("\n"); } diff --git a/crypto/openssl/apps/dh.c b/crypto/openssl/apps/dh.c index 674963f..7465442 100644 --- a/crypto/openssl/apps/dh.c +++ b/crypto/openssl/apps/dh.c @@ -184,7 +184,15 @@ bad: } } if (outfile == NULL) + { BIO_set_fp(out,stdout,BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + } else { if (BIO_write_filename(out,outfile) <= 0) @@ -251,10 +259,10 @@ bad: len=BN_num_bytes(dh->p); bits=BN_num_bits(dh->p); - data=(unsigned char *)Malloc(len); + data=(unsigned char *)OPENSSL_malloc(len); if (data == NULL) { - perror("Malloc"); + perror("OPENSSL_malloc"); goto end; } l=BN_bn2bin(dh->p,data); @@ -285,7 +293,7 @@ bad: printf("\tif ((dh->p == NULL) || (dh->g == NULL))\n"); printf("\t\treturn(NULL);\n"); printf("\treturn(dh);\n\t}\n"); - Free(data); + OPENSSL_free(data); } @@ -309,7 +317,7 @@ bad: ret=0; end: if (in != NULL) BIO_free(in); - if (out != NULL) BIO_free(out); + if (out != NULL) BIO_free_all(out); if (dh != NULL) DH_free(dh); EXIT(ret); } diff --git a/crypto/openssl/apps/dh1024.pem b/crypto/openssl/apps/dh1024.pem index 81d43f6..6eaeca9 100644 --- a/crypto/openssl/apps/dh1024.pem +++ b/crypto/openssl/apps/dh1024.pem @@ -1,5 +1,10 @@ -----BEGIN DH PARAMETERS----- -MIGHAoGBAJf2QmHKtQXdKCjhPx1ottPb0PMTBH9A6FbaWMsTuKG/K3g6TG1Z1fkq -/Gz/PWk/eLI9TzFgqVAuPvr3q14a1aZeVUMTgo2oO5/y2UHe6VaJ+trqCTat3xlx -/mNbIK9HA2RgPC3gWfVLZQrY+gz3ASHHR5nXWHEyvpuZm7m3h+irAgEC +MIGHAoGBAPSI/VhOSdvNILSd5JEHNmszbDgNRR0PfIizHHxbLY7288kjwEPwpVsY +jY67VYy4XTjTNP18F1dDox0YbN4zISy1Kv884bEpQBgRjXyEpwpy1obEAxnIByl6 +ypUM2Zafq9AKUJsCRtMIPWakXUGfnHy9iUsiGSa6q6Jew1XpL3jHAgEC -----END DH PARAMETERS----- + +These are the 1024 bit DH parameters from "Assigned Number for SKIP Protocols" +(http://www.skip-vpn.org/spec/numbers.html). +See there for how they were generated. +Note that g is not a generator, but this is not a problem since p is a safe prime. diff --git a/crypto/openssl/apps/dh2048.pem b/crypto/openssl/apps/dh2048.pem new file mode 100644 index 0000000..dcd0b8d0 --- /dev/null +++ b/crypto/openssl/apps/dh2048.pem @@ -0,0 +1,12 @@ +-----BEGIN DH PARAMETERS----- +MIIBCAKCAQEA9kJXtwh/CBdyorrWqULzBej5UxE5T7bxbrlLOCDaAadWoxTpj0BV +89AHxstDqZSt90xkhkn4DIO9ZekX1KHTUPj1WV/cdlJPPT2N286Z4VeSWc39uK50 +T8X8dryDxUcwYc58yWb/Ffm7/ZFexwGq01uejaClcjrUGvC/RgBYK+X0iP1YTknb +zSC0neSRBzZrM2w4DUUdD3yIsxx8Wy2O9vPJI8BD8KVbGI2Ou1WMuF040zT9fBdX +Q6MdGGzeMyEstSr/POGxKUAYEY18hKcKctaGxAMZyAcpesqVDNmWn6vQClCbAkbT +CD1mpF1Bn5x8vYlLIhkmuquiXsNV6TILOwIBAg== +-----END DH PARAMETERS----- + +These are the 2048 bit DH parameters from "Assigned Number for SKIP Protocols" +(http://www.skip-vpn.org/spec/numbers.html). +See there for how they were generated. diff --git a/crypto/openssl/apps/dh4096.pem b/crypto/openssl/apps/dh4096.pem new file mode 100644 index 0000000..1b35ad8 --- /dev/null +++ b/crypto/openssl/apps/dh4096.pem @@ -0,0 +1,18 @@ +-----BEGIN DH PARAMETERS----- +MIICCAKCAgEA+hRyUsFN4VpJ1O8JLcCo/VWr19k3BCgJ4uk+d+KhehjdRqNDNyOQ +l/MOyQNQfWXPeGKmOmIig6Ev/nm6Nf9Z2B1h3R4hExf+zTiHnvVPeRBhjdQi81rt +Xeoh6TNrSBIKIHfUJWBh3va0TxxjQIs6IZOLeVNRLMqzeylWqMf49HsIXqbcokUS +Vt1BkvLdW48j8PPv5DsKRN3tloTxqDJGo9tKvj1Fuk74A+Xda1kNhB7KFlqMyN98 +VETEJ6c7KpfOo30mnK30wqw3S8OtaIR/maYX72tGOno2ehFDkq3pnPtEbD2CScxc +alJC+EL7RPk5c/tgeTvCngvc1KZn92Y//EI7G9tPZtylj2b56sHtMftIoYJ9+ODM +sccD5Piz/rejE3Ome8EOOceUSCYAhXn8b3qvxVI1ddd1pED6FHRhFvLrZxFvBEM9 +ERRMp5QqOaHJkM+Dxv8Cj6MqrCbfC4u+ZErxodzuusgDgvZiLF22uxMZbobFWyte +OvOzKGtwcTqO/1wV5gKkzu1ZVswVUQd5Gg8lJicwqRWyyNRczDDoG9jVDxmogKTH +AaqLulO7R8Ifa1SwF2DteSGVtgWEN8gDpN3RBmmPTDngyF2DHb5qmpnznwtFKdTL +KWbuHn491xNO25CQWMtem80uKw+pTnisBRF/454n1Jnhub144YRBoN8CAQI= +-----END DH PARAMETERS----- + +These are the 4096 bit DH parameters from "Assigned Number for SKIP Protocols" +(http://www.skip-vpn.org/spec/numbers.html). +See there for how they were generated. +Note that g is not a generator, but this is not a problem since p is a safe prime. diff --git a/crypto/openssl/apps/dh512.pem b/crypto/openssl/apps/dh512.pem new file mode 100644 index 0000000..200d16c --- /dev/null +++ b/crypto/openssl/apps/dh512.pem @@ -0,0 +1,9 @@ +-----BEGIN DH PARAMETERS----- +MEYCQQD1Kv884bEpQBgRjXyEpwpy1obEAxnIByl6ypUM2Zafq9AKUJsCRtMIPWak +XUGfnHy9iUsiGSa6q6Jew1XpKgVfAgEC +-----END DH PARAMETERS----- + +These are the 512 bit DH parameters from "Assigned Number for SKIP Protocols" +(http://www.skip-vpn.org/spec/numbers.html). +See there for how they were generated. +Note that g is not a generator, but this is not a problem since p is a safe prime. diff --git a/crypto/openssl/apps/dhparam.c b/crypto/openssl/apps/dhparam.c index 709547f..5f9b601 100644 --- a/crypto/openssl/apps/dhparam.c +++ b/crypto/openssl/apps/dhparam.c @@ -285,7 +285,7 @@ bad: DSA *dsa; BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num); - dsa = DSA_generate_parameters(num, NULL, 0, NULL, NULL, dh_cb, bio_err); + dsa = DSA_generate_parameters(num, NULL, 0, NULL, NULL, dh_cb, bio_err); if (dsa == NULL) { ERR_print_errors(bio_err); @@ -391,7 +391,15 @@ bad: goto end; } if (outfile == NULL) + { BIO_set_fp(out,stdout,BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + } else { if (BIO_write_filename(out,outfile) <= 0) @@ -432,10 +440,10 @@ bad: len=BN_num_bytes(dh->p); bits=BN_num_bits(dh->p); - data=(unsigned char *)Malloc(len); + data=(unsigned char *)OPENSSL_malloc(len); if (data == NULL) { - perror("Malloc"); + perror("OPENSSL_malloc"); goto end; } printf("#ifndef HEADER_DH_H\n" @@ -472,7 +480,7 @@ bad: if (dh->length) printf("\tdh->length = %d;\n", dh->length); printf("\treturn(dh);\n\t}\n"); - Free(data); + OPENSSL_free(data); } @@ -496,7 +504,7 @@ bad: ret=0; end: if (in != NULL) BIO_free(in); - if (out != NULL) BIO_free(out); + if (out != NULL) BIO_free_all(out); if (dh != NULL) DH_free(dh); EXIT(ret); } diff --git a/crypto/openssl/apps/dsa.c b/crypto/openssl/apps/dsa.c index 4977671..7c4a46f 100644 --- a/crypto/openssl/apps/dsa.c +++ b/crypto/openssl/apps/dsa.c @@ -233,7 +233,15 @@ bad: } if (outfile == NULL) + { BIO_set_fp(out,stdout,BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + } else { if (BIO_write_filename(out,outfile) <= 0) @@ -281,10 +289,10 @@ bad: ret=0; end: if(in != NULL) BIO_free(in); - if(out != NULL) BIO_free(out); + if(out != NULL) BIO_free_all(out); if(dsa != NULL) DSA_free(dsa); - if(passin) Free(passin); - if(passout) Free(passout); + if(passin) OPENSSL_free(passin); + if(passout) OPENSSL_free(passout); EXIT(ret); } #endif diff --git a/crypto/openssl/apps/dsaparam.c b/crypto/openssl/apps/dsaparam.c index 4d4e1ad..f861ec7 100644 --- a/crypto/openssl/apps/dsaparam.c +++ b/crypto/openssl/apps/dsaparam.c @@ -205,7 +205,15 @@ bad: } } if (outfile == NULL) + { BIO_set_fp(out,stdout,BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + } else { if (BIO_write_filename(out,outfile) <= 0) @@ -260,10 +268,10 @@ bad: bits_p=BN_num_bits(dsa->p); bits_q=BN_num_bits(dsa->q); bits_g=BN_num_bits(dsa->g); - data=(unsigned char *)Malloc(len+20); + data=(unsigned char *)OPENSSL_malloc(len+20); if (data == NULL) { - perror("Malloc"); + perror("OPENSSL_malloc"); goto end; } l=BN_bn2bin(dsa->p,data); @@ -347,7 +355,7 @@ bad: ret=0; end: if (in != NULL) BIO_free(in); - if (out != NULL) BIO_free(out); + if (out != NULL) BIO_free_all(out); if (dsa != NULL) DSA_free(dsa); EXIT(ret); } diff --git a/crypto/openssl/apps/enc.c b/crypto/openssl/apps/enc.c index 6531c58..2101b4c 100644 --- a/crypto/openssl/apps/enc.c +++ b/crypto/openssl/apps/enc.c @@ -343,11 +343,11 @@ bad: if (verbose) BIO_printf(bio_err,"bufsize=%d\n",bsize); } - strbuf=Malloc(SIZE); - buff=(unsigned char *)Malloc(EVP_ENCODE_LENGTH(bsize)); + strbuf=OPENSSL_malloc(SIZE); + buff=(unsigned char *)OPENSSL_malloc(EVP_ENCODE_LENGTH(bsize)); if ((buff == NULL) || (strbuf == NULL)) { - BIO_printf(bio_err,"Malloc failure %ld\n",(long)EVP_ENCODE_LENGTH(bsize)); + BIO_printf(bio_err,"OPENSSL_malloc failure %ld\n",(long)EVP_ENCODE_LENGTH(bsize)); goto end; } @@ -416,7 +416,15 @@ bad: if (outf == NULL) + { BIO_set_fp(out,stdout,BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + } else { if (BIO_write_filename(out,outf) <= 0) @@ -581,13 +589,13 @@ bad: } end: ERR_print_errors(bio_err); - if (strbuf != NULL) Free(strbuf); - if (buff != NULL) Free(buff); + if (strbuf != NULL) OPENSSL_free(strbuf); + if (buff != NULL) OPENSSL_free(buff); if (in != NULL) BIO_free(in); - if (out != NULL) BIO_free(out); + if (out != NULL) BIO_free_all(out); if (benc != NULL) BIO_free(benc); if (b64 != NULL) BIO_free(b64); - if(pass) Free(pass); + if(pass) OPENSSL_free(pass); EXIT(ret); } diff --git a/crypto/openssl/apps/errstr.c b/crypto/openssl/apps/errstr.c index 4650379..e392328 100644 --- a/crypto/openssl/apps/errstr.c +++ b/crypto/openssl/apps/errstr.c @@ -91,12 +91,18 @@ int MAIN(int argc, char **argv) out=BIO_new(BIO_s_file()); if ((out != NULL) && BIO_set_fp(out,stdout,BIO_NOCLOSE)) { +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif lh_node_stats_bio((LHASH *)ERR_get_string_table(),out); lh_stats_bio((LHASH *)ERR_get_string_table(),out); lh_node_usage_stats_bio((LHASH *) ERR_get_string_table(),out); } - if (out != NULL) BIO_free(out); + if (out != NULL) BIO_free_all(out); argc--; argv++; } @@ -104,7 +110,10 @@ int MAIN(int argc, char **argv) for (i=1; i<argc; i++) { if (sscanf(argv[i],"%lx",&l)) - printf("%s\n",ERR_error_string(l,buf)); + { + ERR_error_string_n(l, buf, sizeof buf); + printf("%s\n",buf); + } else { printf("%s: bad error code\n",argv[i]); diff --git a/crypto/openssl/apps/gendh.c b/crypto/openssl/apps/gendh.c index caf5e8d..e0c7889 100644 --- a/crypto/openssl/apps/gendh.c +++ b/crypto/openssl/apps/gendh.c @@ -142,7 +142,15 @@ bad: } if (outfile == NULL) + { BIO_set_fp(out,stdout,BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + } else { if (BIO_write_filename(out,outfile) <= 0) @@ -174,7 +182,7 @@ bad: end: if (ret != 0) ERR_print_errors(bio_err); - if (out != NULL) BIO_free(out); + if (out != NULL) BIO_free_all(out); if (dh != NULL) DH_free(dh); EXIT(ret); } diff --git a/crypto/openssl/apps/gendsa.c b/crypto/openssl/apps/gendsa.c index b1a1c4f..6022d8f 100644 --- a/crypto/openssl/apps/gendsa.c +++ b/crypto/openssl/apps/gendsa.c @@ -178,7 +178,15 @@ bad: if (out == NULL) goto end; if (outfile == NULL) + { BIO_set_fp(out,stdout,BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + } else { if (BIO_write_filename(out,outfile) <= 0) @@ -209,9 +217,9 @@ end: if (ret != 0) ERR_print_errors(bio_err); if (in != NULL) BIO_free(in); - if (out != NULL) BIO_free(out); + if (out != NULL) BIO_free_all(out); if (dsa != NULL) DSA_free(dsa); - if(passout) Free(passout); + if(passout) OPENSSL_free(passout); EXIT(ret); } #endif diff --git a/crypto/openssl/apps/genrsa.c b/crypto/openssl/apps/genrsa.c index 6fe578d..ac0b709 100644 --- a/crypto/openssl/apps/genrsa.c +++ b/crypto/openssl/apps/genrsa.c @@ -114,7 +114,7 @@ int MAIN(int argc, char **argv) } else if (strcmp(*argv,"-3") == 0) f4=3; - else if (strcmp(*argv,"-F4") == 0) + else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0) f4=RSA_F4; else if (strcmp(*argv,"-rand") == 0) { @@ -168,7 +168,15 @@ bad: } if (outfile == NULL) + { BIO_set_fp(out,stdout,BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + } else { if (BIO_write_filename(out,outfile) <= 0) @@ -212,8 +220,8 @@ bad: ret=0; err: if (rsa != NULL) RSA_free(rsa); - if (out != NULL) BIO_free(out); - if(passout) Free(passout); + if (out != NULL) BIO_free_all(out); + if(passout) OPENSSL_free(passout); if (ret != 0) ERR_print_errors(bio_err); EXIT(ret); diff --git a/crypto/openssl/apps/nseq.c b/crypto/openssl/apps/nseq.c index cc88d50..1d73d1a 100644 --- a/crypto/openssl/apps/nseq.c +++ b/crypto/openssl/apps/nseq.c @@ -119,11 +119,18 @@ int MAIN(int argc, char **argv) "Can't open output file %s\n", outfile); goto end; } - } else out = BIO_new_fp(stdout, BIO_NOCLOSE); - + } else { + out = BIO_new_fp(stdout, BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + } if (toseq) { seq = NETSCAPE_CERT_SEQUENCE_new(); - seq->certs = sk_X509_new(NULL); + seq->certs = sk_X509_new_null(); while((x509 = PEM_read_bio_X509(in, NULL, NULL, NULL))) sk_X509_push(seq->certs,x509); @@ -152,7 +159,7 @@ int MAIN(int argc, char **argv) ret = 0; end: BIO_free(in); - BIO_free(out); + BIO_free_all(out); NETSCAPE_CERT_SEQUENCE_free(seq); EXIT(ret); diff --git a/crypto/openssl/apps/openssl.c b/crypto/openssl/apps/openssl.c index a2a2630..4f61006 100644 --- a/crypto/openssl/apps/openssl.c +++ b/crypto/openssl/apps/openssl.c @@ -101,6 +101,8 @@ int main(int Argc, char *Argv[]) arg.data=NULL; arg.count=0; + if (getenv("OPENSSL_DEBUG_MEMORY") != NULL) + CRYPTO_malloc_debug_init(); CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); apps_startup(); @@ -201,7 +203,7 @@ end: config=NULL; } if (prog != NULL) lh_free(prog); - if (arg.data != NULL) Free(arg.data); + if (arg.data != NULL) OPENSSL_free(arg.data); ERR_remove_state(0); EVP_cleanup(); @@ -236,13 +238,19 @@ static int do_cmd(LHASH *prog, int argc, char *argv[]) else if ((strncmp(argv[0],"no-",3)) == 0) { BIO *bio_stdout = BIO_new_fp(stdout,BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + bio_stdout = BIO_push(tmpbio, bio_stdout); + } +#endif f.name=argv[0]+3; ret = (lh_retrieve(prog,&f) != NULL); if (!ret) BIO_printf(bio_stdout, "%s\n", argv[0]); else BIO_printf(bio_stdout, "%s\n", argv[0]+3); - BIO_free(bio_stdout); + BIO_free_all(bio_stdout); goto end; } else if ((strcmp(argv[0],"quit") == 0) || @@ -267,11 +275,17 @@ static int do_cmd(LHASH *prog, int argc, char *argv[]) else /* strcmp(argv[0],LIST_CIPHER_COMMANDS) == 0 */ list_type = FUNC_TYPE_CIPHER; bio_stdout = BIO_new_fp(stdout,BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + bio_stdout = BIO_push(tmpbio, bio_stdout); + } +#endif for (fp=functions; fp->name != NULL; fp++) if (fp->type == list_type) BIO_printf(bio_stdout, "%s\n", fp->name); - BIO_free(bio_stdout); + BIO_free_all(bio_stdout); ret=0; goto end; } diff --git a/crypto/openssl/apps/passwd.c b/crypto/openssl/apps/passwd.c index c7e21d2..6851a99 100644 --- a/crypto/openssl/apps/passwd.c +++ b/crypto/openssl/apps/passwd.c @@ -1,10 +1,10 @@ /* apps/passwd.c */ #if defined NO_MD5 || defined CHARSET_EBCDIC -# define NO_APR1 +# define NO_MD5CRYPT_1 #endif -#if !defined(NO_DES) || !defined(NO_APR1) +#if !defined(NO_DES) || !defined(NO_MD5CRYPT_1) #include <assert.h> #include <string.h> @@ -19,7 +19,7 @@ #ifndef NO_DES # include <openssl/des.h> #endif -#ifndef NO_APR1 +#ifndef NO_MD5CRYPT_1 # include <openssl/md5.h> #endif @@ -42,10 +42,11 @@ static unsigned const char cov_2char[64]={ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p, char *passwd, BIO *out, int quiet, int table, int reverse, - size_t pw_maxlen, int usecrypt, int useapr1); + size_t pw_maxlen, int usecrypt, int use1, int useapr1); -/* -crypt - standard Unix password algorithm (default, only choice) - * -apr1 - MD5-based password algorithm +/* -crypt - standard Unix password algorithm (default) + * -1 - MD5-based password algorithm + * -apr1 - MD5-based password algorithm, Apache variant * -salt string - salt * -in file - read passwords from file * -stdin - read passwords from stdin @@ -63,11 +64,12 @@ int MAIN(int argc, char **argv) int in_stdin = 0; char *salt = NULL, *passwd = NULL, **passwds = NULL; char *salt_malloc = NULL, *passwd_malloc = NULL; + size_t passwd_malloc_size = 0; int pw_source_defined = 0; BIO *in = NULL, *out = NULL; int i, badopt, opt_done; int passed_salt = 0, quiet = 0, table = 0, reverse = 0; - int usecrypt = 0, useapr1 = 0; + int usecrypt = 0, use1 = 0, useapr1 = 0; size_t pw_maxlen = 0; apps_startup(); @@ -79,6 +81,12 @@ int MAIN(int argc, char **argv) if (out == NULL) goto err; BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif badopt = 0, opt_done = 0; i = 0; @@ -86,6 +94,8 @@ int MAIN(int argc, char **argv) { if (strcmp(argv[i], "-crypt") == 0) usecrypt = 1; + else if (strcmp(argv[i], "-1") == 0) + use1 = 1; else if (strcmp(argv[i], "-apr1") == 0) useapr1 = 1; else if (strcmp(argv[i], "-salt") == 0) @@ -137,17 +147,17 @@ int MAIN(int argc, char **argv) badopt = 1; } - if (!usecrypt && !useapr1) /* use default */ + if (!usecrypt && !use1 && !useapr1) /* use default */ usecrypt = 1; - if (usecrypt + useapr1 > 1) /* conflict */ + if (usecrypt + use1 + useapr1 > 1) /* conflict */ badopt = 1; /* reject unsupported algorithms */ #ifdef NO_DES if (usecrypt) badopt = 1; #endif -#ifdef NO_APR1 - if (useapr1) badopt = 1; +#ifdef NO_MD5CRYPT_1 + if (use1 || useapr1) badopt = 1; #endif if (badopt) @@ -157,8 +167,9 @@ int MAIN(int argc, char **argv) #ifndef NO_DES BIO_printf(bio_err, "-crypt standard Unix password algorithm (default)\n"); #endif -#ifndef NO_APR1 - BIO_printf(bio_err, "-apr1 MD5-based password algorithm\n"); +#ifndef NO_MD5CRYPT_1 + BIO_printf(bio_err, "-1 MD5-based password algorithm\n"); + BIO_printf(bio_err, "-apr1 MD5-based password algorithm, Apache variant\n"); #endif BIO_printf(bio_err, "-salt string use provided salt\n"); BIO_printf(bio_err, "-in file read passwords from file\n"); @@ -190,13 +201,16 @@ int MAIN(int argc, char **argv) if (usecrypt) pw_maxlen = 8; - else if (useapr1) + else if (use1 || useapr1) pw_maxlen = 256; /* arbitrary limit, should be enough for most passwords */ if (passwds == NULL) { /* no passwords on the command line */ - passwd = passwd_malloc = Malloc(pw_maxlen + 1); + + passwd_malloc_size = pw_maxlen + 2; + /* longer than necessary so that we can warn about truncation */ + passwd = passwd_malloc = OPENSSL_malloc(passwd_malloc_size); if (passwd_malloc == NULL) goto err; } @@ -208,7 +222,7 @@ int MAIN(int argc, char **argv) passwds = passwds_static; if (in == NULL) - if (EVP_read_pw_string(passwd_malloc, pw_maxlen + 1, "Password: ", 0) != 0) + if (EVP_read_pw_string(passwd_malloc, passwd_malloc_size, "Password: ", 0) != 0) goto err; passwds[0] = passwd_malloc; } @@ -222,7 +236,7 @@ int MAIN(int argc, char **argv) { passwd = *passwds++; if (!do_passwd(passed_salt, &salt, &salt_malloc, passwd, out, - quiet, table, reverse, pw_maxlen, usecrypt, useapr1)) + quiet, table, reverse, pw_maxlen, usecrypt, use1, useapr1)) goto err; } while (*passwds != NULL); @@ -251,7 +265,7 @@ int MAIN(int argc, char **argv) } if (!do_passwd(passed_salt, &salt, &salt_malloc, passwd, out, - quiet, table, reverse, pw_maxlen, usecrypt, useapr1)) + quiet, table, reverse, pw_maxlen, usecrypt, use1, useapr1)) goto err; } done = (r <= 0); @@ -262,22 +276,29 @@ int MAIN(int argc, char **argv) err: ERR_print_errors(bio_err); if (salt_malloc) - Free(salt_malloc); + OPENSSL_free(salt_malloc); if (passwd_malloc) - Free(passwd_malloc); + OPENSSL_free(passwd_malloc); if (in) BIO_free(in); if (out) - BIO_free(out); + BIO_free_all(out); EXIT(ret); } -#ifndef NO_APR1 -/* MD5-based password algorithm compatible to the one found in Apache - * (should probably be available as a library function; - * then the static buffer would not be acceptable) */ -static char *apr1_crypt(const char *passwd, const char *salt) +#ifndef NO_MD5CRYPT_1 +/* MD5-based password algorithm (should probably be available as a library + * function; then the static buffer would not be acceptable). + * For magic string "1", this should be compatible to the MD5-based BSD + * password algorithm. + * For 'magic' string "apr1", this is compatible to the MD5-based Apache + * password algorithm. + * (Apparently, the Apache password algorithm is identical except that the + * 'magic' string was changed -- the laziest application of the NIH principle + * I've ever encountered.) + */ +static char *md5crypt(const char *passwd, const char *magic, const char *salt) { static char out_buf[6 + 9 + 24 + 2]; /* "$apr1$..salt..$.......md5hash..........\0" */ unsigned char buf[MD5_DIGEST_LENGTH]; @@ -287,7 +308,11 @@ static char *apr1_crypt(const char *passwd, const char *salt) size_t passwd_len, salt_len; passwd_len = strlen(passwd); - strcpy(out_buf, "$apr1$"); + out_buf[0] = '$'; + out_buf[1] = 0; + assert(strlen(magic) <= 4); /* "1" or "apr1" */ + strncat(out_buf, magic, 4); + strncat(out_buf, "$", 1); strncat(out_buf, salt, 8); assert(strlen(out_buf) <= 6 + 8); /* "$apr1$..salt.." */ salt_out = out_buf + 6; @@ -296,7 +321,9 @@ static char *apr1_crypt(const char *passwd, const char *salt) MD5_Init(&md); MD5_Update(&md, passwd, passwd_len); - MD5_Update(&md, "$apr1$", 6); + MD5_Update(&md, "$", 1); + MD5_Update(&md, magic, strlen(magic)); + MD5_Update(&md, "$", 1); MD5_Update(&md, salt_out, salt_len); { @@ -380,7 +407,7 @@ static char *apr1_crypt(const char *passwd, const char *salt) static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p, char *passwd, BIO *out, int quiet, int table, int reverse, - size_t pw_maxlen, int usecrypt, int useapr1) + size_t pw_maxlen, int usecrypt, int use1, int useapr1) { char *hash = NULL; @@ -395,7 +422,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p, { if (*salt_malloc_p == NULL) { - *salt_p = *salt_malloc_p = Malloc(3); + *salt_p = *salt_malloc_p = OPENSSL_malloc(3); if (*salt_malloc_p == NULL) goto err; } @@ -411,14 +438,14 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p, } #endif /* !NO_DES */ -#ifndef NO_APR1 - if (useapr1) +#ifndef NO_MD5CRYPT_1 + if (use1 || useapr1) { int i; if (*salt_malloc_p == NULL) { - *salt_p = *salt_malloc_p = Malloc(9); + *salt_p = *salt_malloc_p = OPENSSL_malloc(9); if (*salt_malloc_p == NULL) goto err; } @@ -429,7 +456,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p, (*salt_p)[i] = cov_2char[(*salt_p)[i] & 0x3f]; /* 6 bits */ (*salt_p)[8] = 0; } -#endif /* !NO_APR1 */ +#endif /* !NO_MD5CRYPT_1 */ } assert(*salt_p != NULL); @@ -448,9 +475,9 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p, if (usecrypt) hash = des_crypt(passwd, *salt_p); #endif -#ifndef NO_APR1 - if (useapr1) - hash = apr1_crypt(passwd, *salt_p); +#ifndef NO_MD5CRYPT_1 + if (use1 || useapr1) + hash = md5crypt(passwd, (use1 ? "1" : "apr1"), *salt_p); #endif assert(hash != NULL); diff --git a/crypto/openssl/apps/pkcs12.c b/crypto/openssl/apps/pkcs12.c index bf76864..6789169 100644 --- a/crypto/openssl/apps/pkcs12.c +++ b/crypto/openssl/apps/pkcs12.c @@ -78,9 +78,10 @@ EVP_CIPHER *enc; #define CLCERTS 0x8 #define CACERTS 0x10 -int get_cert_chain(X509 *cert, STACK_OF(X509) **chain); +int get_cert_chain (X509 *cert, X509_STORE *store, STACK_OF(X509) **chain); int dump_certs_keys_p12(BIO *out, PKCS12 *p12, char *pass, int passlen, int options, char *pempass); -int dump_certs_pkeys_bags(BIO *out, STACK *bags, char *pass, int passlen, int options, char *pempass); +int dump_certs_pkeys_bags(BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags, char *pass, + int passlen, int options, char *pempass); int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bags, char *pass, int passlen, int options, char *pempass); int print_attribs(BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst, char *name); void hex_prin(BIO *out, unsigned char *buf, int len); @@ -116,6 +117,7 @@ int MAIN(int argc, char **argv) char *passargin = NULL, *passargout = NULL, *passarg = NULL; char *passin = NULL, *passout = NULL; char *inrand = NULL; + char *CApath = NULL, *CAfile = NULL; apps_startup(); @@ -195,7 +197,7 @@ int MAIN(int argc, char **argv) } else if (!strcmp (*args, "-caname")) { if (args[1]) { args++; - if (!canames) canames = sk_new(NULL); + if (!canames) canames = sk_new_null(); sk_push(canames, *args); } else badarg = 1; } else if (!strcmp (*args, "-in")) { @@ -224,6 +226,16 @@ int MAIN(int argc, char **argv) passarg = *args; noprompt = 1; } else badarg = 1; + } else if (!strcmp(*args,"-CApath")) { + if (args[1]) { + args++; + CApath = *args; + } else badarg = 1; + } else if (!strcmp(*args,"-CAfile")) { + if (args[1]) { + args++; + CAfile = *args; + } else badarg = 1; } else badarg = 1; } else badarg = 1; @@ -237,6 +249,8 @@ int MAIN(int argc, char **argv) BIO_printf (bio_err, "-chain add certificate chain\n"); BIO_printf (bio_err, "-inkey file private key if not infile\n"); BIO_printf (bio_err, "-certfile f add all certs in f\n"); + BIO_printf (bio_err, "-CApath arg - PEM format directory of CA's\n"); + BIO_printf (bio_err, "-CAfile arg - PEM format file of CA's\n"); BIO_printf (bio_err, "-name \"name\" use name as friendly name\n"); BIO_printf (bio_err, "-caname \"nm\" use nm as CA friendly name (can be used more than once).\n"); BIO_printf (bio_err, "-in infile input filename\n"); @@ -336,8 +350,15 @@ int MAIN(int argc, char **argv) CRYPTO_push_info("write files"); #endif - if (!outfile) out = BIO_new_fp(stdout, BIO_NOCLOSE); - else out = BIO_new_file(outfile, "wb"); + if (!outfile) { + out = BIO_new_fp(stdout, BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + } else out = BIO_new_file(outfile, "wb"); if (!out) { BIO_printf(bio_err, "Error opening output file %s\n", outfile ? outfile : "<stdout>"); @@ -359,20 +380,22 @@ int MAIN(int argc, char **argv) } if (export_cert) { - EVP_PKEY *key; - STACK *bags, *safes; - PKCS12_SAFEBAG *bag; - PKCS8_PRIV_KEY_INFO *p8; - PKCS7 *authsafe; + EVP_PKEY *key = NULL; + STACK_OF(PKCS12_SAFEBAG) *bags = NULL; + STACK_OF(PKCS7) *safes = NULL; + PKCS12_SAFEBAG *bag = NULL; + PKCS8_PRIV_KEY_INFO *p8 = NULL; + PKCS7 *authsafe = NULL; X509 *ucert = NULL; STACK_OF(X509) *certs=NULL; - char *catmp; + char *catmp = NULL; int i; unsigned char keyid[EVP_MAX_MD_SIZE]; unsigned int keyidlen = 0; #ifdef CRYPTO_MDEBUG CRYPTO_push_info("process -export_cert"); + CRYPTO_push_info("reading private key"); #endif key = PEM_read_bio_PrivateKey(inkey ? inkey : in, NULL, NULL, passin); if (!inkey) (void) BIO_reset(in); @@ -380,18 +403,28 @@ int MAIN(int argc, char **argv) if (!key) { BIO_printf (bio_err, "Error loading private key\n"); ERR_print_errors(bio_err); - goto end; + goto export_end; } - certs = sk_X509_new(NULL); +#ifdef CRYPTO_MDEBUG + CRYPTO_pop_info(); + CRYPTO_push_info("reading certs from input"); +#endif + + certs = sk_X509_new_null(); /* Load in all certs in input file */ if(!cert_load(in, certs)) { BIO_printf(bio_err, "Error loading certificates from input\n"); ERR_print_errors(bio_err); - goto end; + goto export_end; } +#ifdef CRYPTO_MDEBUG + CRYPTO_pop_info(); + CRYPTO_push_info("reading certs from input 2"); +#endif + for(i = 0; i < sk_X509_num(certs); i++) { ucert = sk_X509_value(certs, i); if(X509_check_private_key(ucert, key)) { @@ -399,41 +432,68 @@ int MAIN(int argc, char **argv) break; } } - if(!keyidlen) { + ucert = NULL; BIO_printf(bio_err, "No certificate matches private key\n"); - goto end; + goto export_end; } - bags = sk_new (NULL); +#ifdef CRYPTO_MDEBUG + CRYPTO_pop_info(); + CRYPTO_push_info("reading certs from certfile"); +#endif + + bags = sk_PKCS12_SAFEBAG_new_null (); /* Add any more certificates asked for */ if (certsin) { if(!cert_load(certsin, certs)) { BIO_printf(bio_err, "Error loading certificates from certfile\n"); ERR_print_errors(bio_err); - goto end; + goto export_end; } BIO_free(certsin); } +#ifdef CRYPTO_MDEBUG + CRYPTO_pop_info(); + CRYPTO_push_info("building chain"); +#endif + /* If chaining get chain from user cert */ if (chain) { int vret; STACK_OF(X509) *chain2; - vret = get_cert_chain (ucert, &chain2); + X509_STORE *store = X509_STORE_new(); + if (!store) + { + BIO_printf (bio_err, "Memory allocation error\n"); + goto export_end; + } + if (!X509_STORE_load_locations(store, CAfile, CApath)) + X509_STORE_set_default_paths (store); + + vret = get_cert_chain (ucert, store, &chain2); + X509_STORE_free(store); + + if (!vret) { + /* Exclude verified certificate */ + for (i = 1; i < sk_X509_num (chain2) ; i++) + sk_X509_push(certs, sk_X509_value (chain2, i)); + } + sk_X509_free(chain2); if (vret) { BIO_printf (bio_err, "Error %s getting chain.\n", X509_verify_cert_error_string(vret)); - goto end; - } - /* Exclude verified certificate */ - for (i = 1; i < sk_X509_num (chain2) ; i++) - sk_X509_push(certs, sk_X509_value (chain2, i)); - sk_X509_free(chain2); - + goto export_end; + } } +#ifdef CRYPTO_MDEBUG + CRYPTO_pop_info(); + CRYPTO_push_info("building bags"); +#endif + /* We now have loads of certificates: include them all */ for(i = 0; i < sk_X509_num(certs); i++) { X509 *cert = NULL; @@ -445,59 +505,101 @@ int MAIN(int argc, char **argv) PKCS12_add_localkeyid(bag, keyid, keyidlen); } else if((catmp = sk_shift(canames))) PKCS12_add_friendlyname(bag, catmp, -1); - sk_push(bags, (char *)bag); + sk_PKCS12_SAFEBAG_push(bags, bag); } sk_X509_pop_free(certs, X509_free); - if (canames) sk_free(canames); + certs = NULL; + /* ucert is part of certs so it is already freed */ + ucert = NULL; + +#ifdef CRYPTO_MDEBUG + CRYPTO_pop_info(); + CRYPTO_push_info("encrypting bags"); +#endif if(!noprompt && EVP_read_pw_string(pass, 50, "Enter Export Password:", 1)) { BIO_printf (bio_err, "Can't read Password\n"); - goto end; + goto export_end; } if (!twopass) strcpy(macpass, pass); /* Turn certbags into encrypted authsafe */ authsafe = PKCS12_pack_p7encdata(cert_pbe, cpass, -1, NULL, 0, iter, bags); - sk_pop_free(bags, PKCS12_SAFEBAG_free); + sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); + bags = NULL; if (!authsafe) { ERR_print_errors (bio_err); - goto end; + goto export_end; } - safes = sk_new (NULL); - sk_push (safes, (char *)authsafe); + safes = sk_PKCS7_new_null (); + sk_PKCS7_push (safes, authsafe); + +#ifdef CRYPTO_MDEBUG + CRYPTO_pop_info(); + CRYPTO_push_info("building shrouded key bag"); +#endif /* Make a shrouded key bag */ p8 = EVP_PKEY2PKCS8 (key); - EVP_PKEY_free(key); if(keytype) PKCS8_add_keyusage(p8, keytype); bag = PKCS12_MAKE_SHKEYBAG(key_pbe, cpass, -1, NULL, 0, iter, p8); PKCS8_PRIV_KEY_INFO_free(p8); + p8 = NULL; if (name) PKCS12_add_friendlyname (bag, name, -1); PKCS12_add_localkeyid (bag, keyid, keyidlen); - bags = sk_new(NULL); - sk_push (bags, (char *)bag); + bags = sk_PKCS12_SAFEBAG_new_null(); + sk_PKCS12_SAFEBAG_push (bags, bag); + +#ifdef CRYPTO_MDEBUG + CRYPTO_pop_info(); + CRYPTO_push_info("encrypting shrouded key bag"); +#endif + /* Turn it into unencrypted safe bag */ authsafe = PKCS12_pack_p7data (bags); - sk_pop_free(bags, PKCS12_SAFEBAG_free); - sk_push (safes, (char *)authsafe); + sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); + bags = NULL; + sk_PKCS7_push (safes, authsafe); + +#ifdef CRYPTO_MDEBUG + CRYPTO_pop_info(); + CRYPTO_push_info("building pkcs12"); +#endif p12 = PKCS12_init (NID_pkcs7_data); M_PKCS12_pack_authsafes (p12, safes); - sk_pop_free(safes, PKCS7_free); + sk_PKCS7_pop_free(safes, PKCS7_free); + safes = NULL; PKCS12_set_mac (p12, mpass, -1, NULL, 0, maciter, NULL); - i2d_PKCS12_bio (out, p12); +#ifdef CRYPTO_MDEBUG + CRYPTO_pop_info(); + CRYPTO_push_info("writing pkcs12"); +#endif - PKCS12_free(p12); + i2d_PKCS12_bio (out, p12); ret = 0; + export_end: +#ifdef CRYPTO_MDEBUG + CRYPTO_pop_info(); + CRYPTO_pop_info(); + CRYPTO_push_info("process -export_cert: freeing"); +#endif + + if (key) EVP_PKEY_free(key); + if (certs) sk_X509_pop_free(certs, X509_free); + if (safes) sk_PKCS7_pop_free(safes, PKCS7_free); + if (bags) sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); + if (ucert) X509_free(ucert); + #ifdef CRYPTO_MDEBUG CRYPTO_pop_info(); #endif @@ -528,11 +630,16 @@ int MAIN(int argc, char **argv) #ifdef CRYPTO_MDEBUG CRYPTO_push_info("verify MAC"); #endif - if (!PKCS12_verify_mac (p12, mpass, -1)) { + /* If we enter empty password try no password first */ + if(!macpass[0] && PKCS12_verify_mac(p12, NULL, 0)) { + /* If mac and crypto pass the same set it to NULL too */ + if(!twopass) cpass = NULL; + } else if (!PKCS12_verify_mac(p12, mpass, -1)) { BIO_printf (bio_err, "Mac verify error: invalid password?\n"); ERR_print_errors (bio_err); goto end; - } else BIO_printf (bio_err, "MAC verified OK\n"); + } + BIO_printf (bio_err, "MAC verified OK\n"); #ifdef CRYPTO_MDEBUG CRYPTO_pop_info(); #endif @@ -549,29 +656,32 @@ int MAIN(int argc, char **argv) #ifdef CRYPTO_MDEBUG CRYPTO_pop_info(); #endif - PKCS12_free(p12); ret = 0; - end: + end: + if (p12) PKCS12_free(p12); if(export_cert || inrand) app_RAND_write_file(NULL, bio_err); #ifdef CRYPTO_MDEBUG CRYPTO_remove_all_info(); #endif BIO_free(in); - BIO_free(out); - if(passin) Free(passin); - if(passout) Free(passout); + BIO_free_all(out); + if (canames) sk_free(canames); + if(passin) OPENSSL_free(passin); + if(passout) OPENSSL_free(passout); EXIT(ret); } int dump_certs_keys_p12 (BIO *out, PKCS12 *p12, char *pass, int passlen, int options, char *pempass) { - STACK *asafes, *bags; + STACK_OF(PKCS7) *asafes; + STACK_OF(PKCS12_SAFEBAG) *bags; int i, bagnid; PKCS7 *p7; + if (!( asafes = M_PKCS12_unpack_authsafes (p12))) return 0; - for (i = 0; i < sk_num (asafes); i++) { - p7 = (PKCS7 *) sk_value (asafes, i); + for (i = 0; i < sk_PKCS7_num (asafes); i++) { + p7 = sk_PKCS7_value (asafes, i); bagnid = OBJ_obj2nid (p7->type); if (bagnid == NID_pkcs7_data) { bags = M_PKCS12_unpack_p7data (p7); @@ -587,23 +697,25 @@ int dump_certs_keys_p12 (BIO *out, PKCS12 *p12, char *pass, if (!bags) return 0; if (!dump_certs_pkeys_bags (out, bags, pass, passlen, options, pempass)) { - sk_pop_free (bags, PKCS12_SAFEBAG_free); + sk_PKCS12_SAFEBAG_pop_free (bags, PKCS12_SAFEBAG_free); return 0; } - sk_pop_free (bags, PKCS12_SAFEBAG_free); + sk_PKCS12_SAFEBAG_pop_free (bags, PKCS12_SAFEBAG_free); } - sk_pop_free (asafes, PKCS7_free); + sk_PKCS7_pop_free (asafes, PKCS7_free); return 1; } -int dump_certs_pkeys_bags (BIO *out, STACK *bags, char *pass, - int passlen, int options, char *pempass) +int dump_certs_pkeys_bags (BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags, + char *pass, int passlen, int options, char *pempass) { int i; - for (i = 0; i < sk_num (bags); i++) { + for (i = 0; i < sk_PKCS12_SAFEBAG_num (bags); i++) { if (!dump_certs_pkeys_bag (out, - (PKCS12_SAFEBAG *)sk_value (bags, i), pass, passlen, - options, pempass)) return 0; + sk_PKCS12_SAFEBAG_value (bags, i), + pass, passlen, + options, pempass)) + return 0; } return 1; } @@ -679,15 +791,12 @@ int dump_certs_pkeys_bag (BIO *out, PKCS12_SAFEBAG *bag, char *pass, /* Hope this is OK .... */ -int get_cert_chain (X509 *cert, STACK_OF(X509) **chain) +int get_cert_chain (X509 *cert, X509_STORE *store, STACK_OF(X509) **chain) { - X509_STORE *store; X509_STORE_CTX store_ctx; STACK_OF(X509) *chn; int i; - store = X509_STORE_new (); - X509_STORE_set_default_paths (store); X509_STORE_CTX_init(&store_ctx, store, cert, NULL); if (X509_verify_cert(&store_ctx) <= 0) { i = X509_STORE_CTX_get_error (&store_ctx); @@ -698,7 +807,6 @@ int get_cert_chain (X509 *cert, STACK_OF(X509) **chain) *chain = chn; err: X509_STORE_CTX_cleanup(&store_ctx); - X509_STORE_free(store); return i; } @@ -722,10 +830,22 @@ int cert_load(BIO *in, STACK_OF(X509) *sk) int ret; X509 *cert; ret = 0; +#ifdef CRYPTO_MDEBUG + CRYPTO_push_info("cert_load(): reading one cert"); +#endif while((cert = PEM_read_bio_X509(in, NULL, NULL, NULL))) { +#ifdef CRYPTO_MDEBUG + CRYPTO_pop_info(); +#endif ret = 1; sk_X509_push(sk, cert); +#ifdef CRYPTO_MDEBUG + CRYPTO_push_info("cert_load(): reading one cert"); +#endif } +#ifdef CRYPTO_MDEBUG + CRYPTO_pop_info(); +#endif if(ret) ERR_clear_error(); return ret; } @@ -763,18 +883,18 @@ int print_attribs (BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst, char *name) value = uni2asc(av->value.bmpstring->data, av->value.bmpstring->length); BIO_printf(out, "%s\n", value); - Free(value); + OPENSSL_free(value); break; case V_ASN1_OCTET_STRING: - hex_prin(out, av->value.bit_string->data, - av->value.bit_string->length); + hex_prin(out, av->value.octet_string->data, + av->value.octet_string->length); BIO_printf(out, "\n"); break; case V_ASN1_BIT_STRING: - hex_prin(out, av->value.octet_string->data, - av->value.octet_string->length); + hex_prin(out, av->value.bit_string->data, + av->value.bit_string->length); BIO_printf(out, "\n"); break; diff --git a/crypto/openssl/apps/pkcs7.c b/crypto/openssl/apps/pkcs7.c index f471cc7..0af2690 100644 --- a/crypto/openssl/apps/pkcs7.c +++ b/crypto/openssl/apps/pkcs7.c @@ -196,7 +196,15 @@ bad: } if (outfile == NULL) + { BIO_set_fp(out,stdout,BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + } else { if (BIO_write_filename(out,outfile) <= 0) @@ -280,6 +288,6 @@ bad: end: if (p7 != NULL) PKCS7_free(p7); if (in != NULL) BIO_free(in); - if (out != NULL) BIO_free(out); + if (out != NULL) BIO_free_all(out); EXIT(ret); } diff --git a/crypto/openssl/apps/pkcs8.c b/crypto/openssl/apps/pkcs8.c index 3e59b74..7b588e4 100644 --- a/crypto/openssl/apps/pkcs8.c +++ b/crypto/openssl/apps/pkcs8.c @@ -194,8 +194,15 @@ int MAIN(int argc, char **argv) "Can't open output file %s\n", outfile); return (1); } - } else out = BIO_new_fp (stdout, BIO_NOCLOSE); - + } else { + out = BIO_new_fp (stdout, BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + } if (topk8) { if(informat == FORMAT_PEM) pkey = PEM_read_bio_PrivateKey(in, NULL, NULL, passin); @@ -253,9 +260,9 @@ int MAIN(int argc, char **argv) } PKCS8_PRIV_KEY_INFO_free (p8inf); EVP_PKEY_free(pkey); - BIO_free(out); - if(passin) Free(passin); - if(passout) Free(passout); + BIO_free_all(out); + if(passin) OPENSSL_free(passin); + if(passout) OPENSSL_free(passout); return (0); } @@ -336,10 +343,10 @@ int MAIN(int argc, char **argv) } EVP_PKEY_free(pkey); - BIO_free(out); + BIO_free_all(out); BIO_free(in); - if(passin) Free(passin); - if(passout) Free(passout); + if(passin) OPENSSL_free(passin); + if(passout) OPENSSL_free(passout); return (0); } diff --git a/crypto/openssl/apps/progs.h b/crypto/openssl/apps/progs.h index 7d22384..fbc65de 100644 --- a/crypto/openssl/apps/progs.h +++ b/crypto/openssl/apps/progs.h @@ -14,6 +14,7 @@ extern int errstr_main(int argc,char *argv[]); extern int ca_main(int argc,char *argv[]); extern int crl_main(int argc,char *argv[]); extern int rsa_main(int argc,char *argv[]); +extern int rsautl_main(int argc,char *argv[]); extern int dsa_main(int argc,char *argv[]); extern int dsaparam_main(int argc,char *argv[]); extern int x509_main(int argc,char *argv[]); @@ -67,6 +68,9 @@ FUNCTION functions[] = { #ifndef NO_RSA {FUNC_TYPE_GENERAL,"rsa",rsa_main}, #endif +#ifndef NO_RSA + {FUNC_TYPE_GENERAL,"rsautl",rsautl_main}, +#endif #ifndef NO_DSA {FUNC_TYPE_GENERAL,"dsa",dsa_main}, #endif @@ -106,6 +110,7 @@ FUNCTION functions[] = { {FUNC_TYPE_GENERAL,"smime",smime_main}, {FUNC_TYPE_GENERAL,"rand",rand_main}, {FUNC_TYPE_MD,"md2",dgst_main}, + {FUNC_TYPE_MD,"md4",dgst_main}, {FUNC_TYPE_MD,"md5",dgst_main}, {FUNC_TYPE_MD,"sha",dgst_main}, {FUNC_TYPE_MD,"sha1",dgst_main}, diff --git a/crypto/openssl/apps/progs.pl b/crypto/openssl/apps/progs.pl index 9842d2a..214025c 100644 --- a/crypto/openssl/apps/progs.pl +++ b/crypto/openssl/apps/progs.pl @@ -29,7 +29,7 @@ foreach (@ARGV) $str="\t{FUNC_TYPE_GENERAL,\"$_\",${_}_main},\n"; if (($_ =~ /^s_/) || ($_ =~ /^ciphers$/)) { print "#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(NO_SSL3))\n${str}#endif\n"; } - elsif ( ($_ =~ /^rsa$/) || ($_ =~ /^genrsa$/) ) + elsif ( ($_ =~ /^rsa$/) || ($_ =~ /^genrsa$/) || ($_ =~ /^rsautl$/)) { print "#ifndef NO_RSA\n${str}#endif\n"; } elsif ( ($_ =~ /^dsa$/) || ($_ =~ /^gendsa$/) || ($_ =~ /^dsaparam$/)) { print "#ifndef NO_DSA\n${str}#endif\n"; } @@ -41,7 +41,7 @@ foreach (@ARGV) { print $str; } } -foreach ("md2","md5","sha","sha1","mdc2","rmd160") +foreach ("md2","md4","md5","sha","sha1","mdc2","rmd160") { push(@files,$_); printf "\t{FUNC_TYPE_MD,\"%s\",dgst_main},\n",$_; diff --git a/crypto/openssl/apps/rand.c b/crypto/openssl/apps/rand.c index cfbba30..04764d7 100644 --- a/crypto/openssl/apps/rand.c +++ b/crypto/openssl/apps/rand.c @@ -62,7 +62,7 @@ int MAIN(int argc, char **argv) else badopt = 1; } - else if (isdigit(argv[i][0])) + else if (isdigit((unsigned char)argv[i][0])) { if (num < 0) { @@ -101,7 +101,15 @@ int MAIN(int argc, char **argv) if (outfile != NULL) r = BIO_write_filename(out, outfile); else + { r = BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + } if (r <= 0) goto err; diff --git a/crypto/openssl/apps/req.c b/crypto/openssl/apps/req.c index eb338ee..1aab38d 100644 --- a/crypto/openssl/apps/req.c +++ b/crypto/openssl/apps/req.c @@ -102,6 +102,7 @@ * -config file - Load configuration file. * -key file - make a request using key in file (or use it for verification). * -keyform - key file format. + * -rand file(s) - load the file(s) into the PRNG. * -newkey - make a key and a request. * -modulus - print RSA modulus. * -x509 - output a self signed X509 structure instead. @@ -125,7 +126,6 @@ static void MS_CALLBACK req_cb(int p,int n,void *arg); #endif static int req_check_len(int len,int min,int max); static int check_end(char *str, char *end); -static int add_oid_section(LHASH *conf); #ifndef MONOLITH static char *default_config_file=NULL; static LHASH *config=NULL; @@ -156,6 +156,7 @@ int MAIN(int argc, char **argv) char *req_exts = NULL; EVP_CIPHER *cipher=NULL; int modulus=0; + char *inrand=NULL; char *passargin = NULL, *passargout = NULL; char *passin = NULL, *passout = NULL; char *p; @@ -239,6 +240,11 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; passargout= *(++argv); } + else if (strcmp(*argv,"-rand") == 0) + { + if (--argc < 1) goto bad; + inrand= *(++argv); + } else if (strcmp(*argv,"-newkey") == 0) { int is_numeric; @@ -372,6 +378,9 @@ bad: BIO_printf(bio_err," -key file use the private key contained in file\n"); BIO_printf(bio_err," -keyform arg key file format\n"); BIO_printf(bio_err," -keyout arg file to send the key to\n"); + BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); + BIO_printf(bio_err," load the file (or the files in the directory) into\n"); + BIO_printf(bio_err," the random number generator\n"); BIO_printf(bio_err," -newkey rsa:bits generate a new RSA key of 'bits' in size\n"); BIO_printf(bio_err," -newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'\n"); @@ -457,7 +466,7 @@ bad: } } } - if(!add_oid_section(req_conf)) goto end; + if(!add_oid_section(bio_err, req_conf)) goto end; if ((md_alg == NULL) && ((p=CONF_get_string(req_conf,SECTION,"default_md")) != NULL)) @@ -538,12 +547,19 @@ bad: BIO_printf(bio_err,"unable to load Private key\n"); goto end; } + if (EVP_PKEY_type(pkey->type) == EVP_PKEY_DSA) + { + char *randfile = CONF_get_string(req_conf,SECTION,"RANDFILE"); + app_RAND_load_file(randfile, bio_err, 0); + } } if (newreq && (pkey == NULL)) { char *randfile = CONF_get_string(req_conf,SECTION,"RANDFILE"); app_RAND_load_file(randfile, bio_err, 0); + if (inrand) + app_RAND_load_files(inrand); if (newkey <= 0) { @@ -593,6 +609,12 @@ bad: { BIO_printf(bio_err,"writing new private key to stdout\n"); BIO_set_fp(out,stdout,BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif } else { @@ -788,7 +810,15 @@ loop: } if (outfile == NULL) + { BIO_set_fp(out,stdout,BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + } else { if ((keyout != NULL) && (strcmp(outfile,keyout) == 0)) @@ -874,12 +904,12 @@ end: } if ((req_conf != NULL) && (req_conf != config)) CONF_free(req_conf); BIO_free(in); - BIO_free(out); + BIO_free_all(out); EVP_PKEY_free(pkey); X509_REQ_free(req); X509_free(x509ss); - if(passargin && passin) Free(passin); - if(passargout && passout) Free(passout); + if(passargin && passin) OPENSSL_free(passin); + if(passargout && passout) OPENSSL_free(passout); OBJ_cleanup(); #ifndef NO_DSA if (dsa_params != NULL) DSA_free(dsa_params); @@ -1083,7 +1113,11 @@ static int auto_info(X509_REQ *req, STACK_OF(CONF_VALUE) *dn_sk, * multiple instances */ for(p = v->name; *p ; p++) +#ifndef CHARSET_EBCDIC if ((*p == ':') || (*p == ',') || (*p == '.')) { +#else + if ((*p == os_toascii[':']) || (*p == os_toascii[',']) || (*p == os_toascii['.'])) { +#endif p++; if(*p) type = p; break; @@ -1199,6 +1233,9 @@ start: return(0); } buf[--i]='\0'; +#ifdef CHARSET_EBCDIC + ebcdic2ascii(buf, buf, i); +#endif if(!req_check_len(i, min, max)) goto start; if(!X509_REQ_add1_attr_by_NID(req, nid, MBSTRING_ASC, @@ -1256,25 +1293,3 @@ static int check_end(char *str, char *end) tmp = str + slen - elen; return strcmp(tmp, end); } - -static int add_oid_section(LHASH *conf) -{ - char *p; - STACK_OF(CONF_VALUE) *sktmp; - CONF_VALUE *cnf; - int i; - if(!(p=CONF_get_string(conf,NULL,"oid_section"))) return 1; - if(!(sktmp = CONF_get_section(conf, p))) { - BIO_printf(bio_err, "problem loading oid section %s\n", p); - return 0; - } - for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) { - cnf = sk_CONF_VALUE_value(sktmp, i); - if(OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) { - BIO_printf(bio_err, "problem creating object %s=%s\n", - cnf->name, cnf->value); - return 0; - } - } - return 1; -} diff --git a/crypto/openssl/apps/rsa.c b/crypto/openssl/apps/rsa.c index 9d4c2e6..b4b0651 100644 --- a/crypto/openssl/apps/rsa.c +++ b/crypto/openssl/apps/rsa.c @@ -92,7 +92,7 @@ int MAIN(int argc, char **argv) { int ret=1; RSA *rsa=NULL; - int i,badops=0; + int i,badops=0, sgckey=0; const EVP_CIPHER *enc=NULL; BIO *in=NULL,*out=NULL; int informat,outformat,text=0,check=0,noout=0; @@ -148,6 +148,8 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; passargout= *(++argv); } + else if (strcmp(*argv,"-sgckey") == 0) + sgckey=1; else if (strcmp(*argv,"-pubin") == 0) pubin=1; else if (strcmp(*argv,"-pubout") == 0) @@ -178,6 +180,7 @@ bad: BIO_printf(bio_err," -inform arg input format - one of DER NET PEM\n"); BIO_printf(bio_err," -outform arg output format - one of DER NET PEM\n"); BIO_printf(bio_err," -in arg input file\n"); + BIO_printf(bio_err," -sgckey Use IIS SGC key format\n"); BIO_printf(bio_err," -passin arg input file pass phrase source\n"); BIO_printf(bio_err," -out arg output file\n"); BIO_printf(bio_err," -passout arg output file pass phrase source\n"); @@ -254,7 +257,7 @@ bad: } } p=(unsigned char *)buf->data; - rsa=d2i_Netscape_RSA(NULL,&p,(long)size,NULL); + rsa=d2i_RSA_NET(NULL,&p,(long)size,NULL, sgckey); BUF_MEM_free(buf); } #endif @@ -275,7 +278,15 @@ bad: } if (outfile == NULL) + { BIO_set_fp(out,stdout,BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + } else { if (BIO_write_filename(out,outfile) <= 0) @@ -344,16 +355,16 @@ bad: int size; i=1; - size=i2d_Netscape_RSA(rsa,NULL,NULL); - if ((p=(unsigned char *)Malloc(size)) == NULL) + size=i2d_RSA_NET(rsa,NULL,NULL, sgckey); + if ((p=(unsigned char *)OPENSSL_malloc(size)) == NULL) { - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"Memory allocation failure\n"); goto end; } pp=p; - i2d_Netscape_RSA(rsa,&p,NULL); + i2d_RSA_NET(rsa,&p,NULL, sgckey); BIO_write(out,(char *)pp,size); - Free(pp); + OPENSSL_free(pp); } #endif else if (outformat == FORMAT_PEM) { @@ -374,10 +385,10 @@ bad: ret=0; end: if(in != NULL) BIO_free(in); - if(out != NULL) BIO_free(out); + if(out != NULL) BIO_free_all(out); if(rsa != NULL) RSA_free(rsa); - if(passin) Free(passin); - if(passout) Free(passout); + if(passin) OPENSSL_free(passin); + if(passout) OPENSSL_free(passout); EXIT(ret); } #else /* !NO_RSA */ diff --git a/crypto/openssl/apps/rsautl.c b/crypto/openssl/apps/rsautl.c new file mode 100644 index 0000000..bcb94c3 --- /dev/null +++ b/crypto/openssl/apps/rsautl.c @@ -0,0 +1,290 @@ +/* rsautl.c */ +/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL + * project 2000. + */ +/* ==================================================================== + * Copyright (c) 2000 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ +#include "apps.h" +#include <string.h> +#include <openssl/err.h> +#include <openssl/pem.h> + +#define RSA_SIGN 1 +#define RSA_VERIFY 2 +#define RSA_ENCRYPT 3 +#define RSA_DECRYPT 4 + +#define KEY_PRIVKEY 1 +#define KEY_PUBKEY 2 +#define KEY_CERT 3 + +static void usage(void); + +#undef PROG + +#define PROG rsautl_main + +int MAIN(int argc, char **); + +int MAIN(int argc, char **argv) +{ + BIO *in = NULL, *out = NULL; + char *infile = NULL, *outfile = NULL; + char *keyfile = NULL; + char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY; + int keyform = FORMAT_PEM; + char need_priv = 0, badarg = 0, rev = 0; + char hexdump = 0, asn1parse = 0; + X509 *x; + EVP_PKEY *pkey = NULL; + RSA *rsa = NULL; + unsigned char *rsa_in = NULL, *rsa_out = NULL, pad; + int rsa_inlen, rsa_outlen = 0; + int keysize; + + int ret = 1; + + argc--; + argv++; + + if(!bio_err) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE); + ERR_load_crypto_strings(); + OpenSSL_add_all_algorithms(); + pad = RSA_PKCS1_PADDING; + + while(argc >= 1) + { + if (!strcmp(*argv,"-in")) { + if (--argc < 1) badarg = 1; + infile= *(++argv); + } else if (!strcmp(*argv,"-out")) { + if (--argc < 1) badarg = 1; + outfile= *(++argv); + } else if(!strcmp(*argv, "-inkey")) { + if (--argc < 1) badarg = 1; + keyfile = *(++argv); + } else if(!strcmp(*argv, "-pubin")) { + key_type = KEY_PUBKEY; + } else if(!strcmp(*argv, "-certin")) { + key_type = KEY_CERT; + } + else if(!strcmp(*argv, "-asn1parse")) asn1parse = 1; + else if(!strcmp(*argv, "-hexdump")) hexdump = 1; + else if(!strcmp(*argv, "-raw")) pad = RSA_NO_PADDING; + else if(!strcmp(*argv, "-oaep")) pad = RSA_PKCS1_OAEP_PADDING; + else if(!strcmp(*argv, "-ssl")) pad = RSA_SSLV23_PADDING; + else if(!strcmp(*argv, "-pkcs")) pad = RSA_PKCS1_PADDING; + else if(!strcmp(*argv, "-sign")) { + rsa_mode = RSA_SIGN; + need_priv = 1; + } else if(!strcmp(*argv, "-verify")) rsa_mode = RSA_VERIFY; + else if(!strcmp(*argv, "-rev")) rev = 1; + else if(!strcmp(*argv, "-encrypt")) rsa_mode = RSA_ENCRYPT; + else if(!strcmp(*argv, "-decrypt")) { + rsa_mode = RSA_DECRYPT; + need_priv = 1; + } else badarg = 1; + if(badarg) { + usage(); + goto end; + } + argc--; + argv++; + } + + if(need_priv && (key_type != KEY_PRIVKEY)) { + BIO_printf(bio_err, "A private key is needed for this operation\n"); + goto end; + } + +/* FIXME: seed PRNG only if needed */ + app_RAND_load_file(NULL, bio_err, 0); + + switch(key_type) { + case KEY_PRIVKEY: + pkey = load_key(bio_err, keyfile, keyform, NULL); + break; + + case KEY_PUBKEY: + pkey = load_pubkey(bio_err, keyfile, keyform); + break; + + case KEY_CERT: + x = load_cert(bio_err, keyfile, keyform); + if(x) { + pkey = X509_get_pubkey(x); + X509_free(x); + } + break; + } + + if(!pkey) { + BIO_printf(bio_err, "Error loading key\n"); + return 1; + } + + rsa = EVP_PKEY_get1_RSA(pkey); + EVP_PKEY_free(pkey); + + if(!rsa) { + BIO_printf(bio_err, "Error getting RSA key\n"); + ERR_print_errors(bio_err); + goto end; + } + + + if(infile) { + if(!(in = BIO_new_file(infile, "rb"))) { + BIO_printf(bio_err, "Error Reading Input File\n"); + ERR_print_errors(bio_err); + goto end; + } + } else in = BIO_new_fp(stdin, BIO_NOCLOSE); + + if(outfile) { + if(!(out = BIO_new_file(outfile, "wb"))) { + BIO_printf(bio_err, "Error Reading Output File\n"); + ERR_print_errors(bio_err); + goto end; + } + } else { + out = BIO_new_fp(stdout, BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + } + + keysize = RSA_size(rsa); + + rsa_in = OPENSSL_malloc(keysize * 2); + rsa_out = OPENSSL_malloc(keysize); + + /* Read the input data */ + rsa_inlen = BIO_read(in, rsa_in, keysize * 2); + if(rsa_inlen <= 0) { + BIO_printf(bio_err, "Error reading input Data\n"); + exit(1); + } + if(rev) { + int i; + unsigned char ctmp; + for(i = 0; i < rsa_inlen/2; i++) { + ctmp = rsa_in[i]; + rsa_in[i] = rsa_in[rsa_inlen - 1 - i]; + rsa_in[rsa_inlen - 1 - i] = ctmp; + } + } + switch(rsa_mode) { + + case RSA_VERIFY: + rsa_outlen = RSA_public_decrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad); + break; + + case RSA_SIGN: + rsa_outlen = RSA_private_encrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad); + break; + + case RSA_ENCRYPT: + rsa_outlen = RSA_public_encrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad); + break; + + case RSA_DECRYPT: + rsa_outlen = RSA_private_decrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad); + break; + + } + + if(rsa_outlen <= 0) { + BIO_printf(bio_err, "RSA operation error\n"); + ERR_print_errors(bio_err); + goto end; + } + ret = 0; + if(asn1parse) { + if(!ASN1_parse_dump(out, rsa_out, rsa_outlen, 1, -1)) { + ERR_print_errors(bio_err); + } + } else if(hexdump) BIO_dump(out, (char *)rsa_out, rsa_outlen); + else BIO_write(out, rsa_out, rsa_outlen); + end: + RSA_free(rsa); + BIO_free(in); + BIO_free_all(out); + if(rsa_in) OPENSSL_free(rsa_in); + if(rsa_out) OPENSSL_free(rsa_out); + return ret; +} + +static void usage() +{ + BIO_printf(bio_err, "Usage: rsautl [options]\n"); + BIO_printf(bio_err, "-in file input file\n"); + BIO_printf(bio_err, "-out file output file\n"); + BIO_printf(bio_err, "-inkey file input key\n"); + BIO_printf(bio_err, "-pubin input is an RSA public\n"); + BIO_printf(bio_err, "-certin input is a certificate carrying an RSA public key\n"); + BIO_printf(bio_err, "-ssl use SSL v2 padding\n"); + BIO_printf(bio_err, "-raw use no padding\n"); + BIO_printf(bio_err, "-pkcs use PKCS#1 v1.5 padding (default)\n"); + BIO_printf(bio_err, "-oaep use PKCS#1 OAEP\n"); + BIO_printf(bio_err, "-sign sign with private key\n"); + BIO_printf(bio_err, "-verify verify with public key\n"); + BIO_printf(bio_err, "-encrypt encrypt with public key\n"); + BIO_printf(bio_err, "-decrypt decrypt with private key\n"); + BIO_printf(bio_err, "-hexdump hex dump output\n"); +} + diff --git a/crypto/openssl/apps/s_client.c b/crypto/openssl/apps/s_client.c index e629f8e..c935317 100644 --- a/crypto/openssl/apps/s_client.c +++ b/crypto/openssl/apps/s_client.c @@ -201,8 +201,8 @@ int MAIN(int argc, char **argv) if (bio_err == NULL) bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); - if ( ((cbuf=Malloc(BUFSIZZ)) == NULL) || - ((sbuf=Malloc(BUFSIZZ)) == NULL)) + if ( ((cbuf=OPENSSL_malloc(BUFSIZZ)) == NULL) || + ((sbuf=OPENSSL_malloc(BUFSIZZ)) == NULL)) { BIO_printf(bio_err,"out of memory\n"); goto end; @@ -523,7 +523,7 @@ re_start: tv.tv_usec = 0; i=select(width,(void *)&readfds,(void *)&writefds, NULL,&tv); - if(!i && (!_kbhit() || !read_tty) ) continue; + if(!i && (!((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0))) || !read_tty) ) continue; } else i=select(width,(void *)&readfds,(void *)&writefds, NULL,NULL); } @@ -689,7 +689,7 @@ printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240 } #ifdef WINDOWS - else if (_kbhit()) + else if ((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0))) #else else if (FD_ISSET(fileno(stdin),&readfds)) #endif @@ -753,8 +753,8 @@ end: if (con != NULL) SSL_free(con); if (con2 != NULL) SSL_free(con2); if (ctx != NULL) SSL_CTX_free(ctx); - if (cbuf != NULL) { memset(cbuf,0,BUFSIZZ); Free(cbuf); } - if (sbuf != NULL) { memset(sbuf,0,BUFSIZZ); Free(sbuf); } + if (cbuf != NULL) { memset(cbuf,0,BUFSIZZ); OPENSSL_free(cbuf); } + if (sbuf != NULL) { memset(sbuf,0,BUFSIZZ); OPENSSL_free(sbuf); } if (bio_c_out != NULL) { BIO_free(bio_c_out); diff --git a/crypto/openssl/apps/s_server.c b/crypto/openssl/apps/s_server.c index af19b89..b593283 100644 --- a/crypto/openssl/apps/s_server.c +++ b/crypto/openssl/apps/s_server.c @@ -285,7 +285,7 @@ static int ebcdic_new(BIO *bi) { EBCDIC_OUTBUFF *wbuf; - wbuf = (EBCDIC_OUTBUFF *)Malloc(sizeof(EBCDIC_OUTBUFF) + 1024); + wbuf = (EBCDIC_OUTBUFF *)OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + 1024); wbuf->alloced = 1024; wbuf->buff[0] = '\0'; @@ -299,7 +299,7 @@ static int ebcdic_free(BIO *a) { if (a == NULL) return(0); if (a->ptr != NULL) - Free(a->ptr); + OPENSSL_free(a->ptr); a->ptr=NULL; a->init=0; a->flags=0; @@ -336,8 +336,8 @@ static int ebcdic_write(BIO *b, char *in, int inl) num = num + num; /* double the size */ if (num < inl) num = inl; - Free(wbuf); - wbuf=(EBCDIC_OUTBUFF *)Malloc(sizeof(EBCDIC_OUTBUFF) + num); + OPENSSL_free(wbuf); + wbuf=(EBCDIC_OUTBUFF *)OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + num); wbuf->alloced = num; wbuf->buff[0] = '\0'; @@ -766,7 +766,7 @@ static int sv_body(char *hostname, int s, unsigned char *context) struct timeval tv; #endif - if ((buf=Malloc(bufsize)) == NULL) + if ((buf=OPENSSL_malloc(bufsize)) == NULL) { BIO_printf(bio_err,"out of memory\n"); goto err; @@ -1028,7 +1028,7 @@ err: if (buf != NULL) { memset(buf,0,bufsize); - Free(buf); + OPENSSL_free(buf); } if (ret >= 0) BIO_printf(bio_s_out,"ACCEPT\n"); @@ -1145,7 +1145,7 @@ static int www_body(char *hostname, int s, unsigned char *context) BIO *io,*ssl_bio,*sbio; long total_bytes; - buf=Malloc(bufsize); + buf=OPENSSL_malloc(bufsize); if (buf == NULL) return(0); io=BIO_new(BIO_f_buffer()); ssl_bio=BIO_new(BIO_f_ssl()); @@ -1474,7 +1474,7 @@ err: if (ret >= 0) BIO_printf(bio_s_out,"ACCEPT\n"); - if (buf != NULL) Free(buf); + if (buf != NULL) OPENSSL_free(buf); if (io != NULL) BIO_free_all(io); /* if (ssl_bio != NULL) BIO_free(ssl_bio);*/ return(ret); diff --git a/crypto/openssl/apps/s_socket.c b/crypto/openssl/apps/s_socket.c index 081b1a5..9812e6d 100644 --- a/crypto/openssl/apps/s_socket.c +++ b/crypto/openssl/apps/s_socket.c @@ -209,9 +209,11 @@ static int init_client_ip(int *sock, unsigned char ip[4], int port) s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); if (s == INVALID_SOCKET) { perror("socket"); return(0); } +#ifndef MPE i=0; i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i)); if (i < 0) { perror("keepalive"); return(0); } +#endif if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1) { close(s); perror("connect"); return(0); } @@ -241,7 +243,7 @@ int do_server(int port, int *ret, int (*cb)(), char *context) return(0); } i=(*cb)(name,sock, context); - if (name != NULL) Free(name); + if (name != NULL) OPENSSL_free(name); SHUTDOWN2(sock); if (i < 0) { @@ -372,9 +374,9 @@ redoit: } else { - if ((*host=(char *)Malloc(strlen(h1->h_name)+1)) == NULL) + if ((*host=(char *)OPENSSL_malloc(strlen(h1->h_name)+1)) == NULL) { - perror("Malloc"); + perror("OPENSSL_malloc"); return(0); } strcpy(*host,h1->h_name); diff --git a/crypto/openssl/apps/sess_id.c b/crypto/openssl/apps/sess_id.c index 71d5aa0..60cc3f1 100644 --- a/crypto/openssl/apps/sess_id.c +++ b/crypto/openssl/apps/sess_id.c @@ -206,7 +206,15 @@ bad: } if (outfile == NULL) + { BIO_set_fp(out,stdout,BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + } else { if (BIO_write_filename(out,outfile) <= 0) @@ -262,7 +270,7 @@ bad: } ret=0; end: - if (out != NULL) BIO_free(out); + if (out != NULL) BIO_free_all(out); if (x != NULL) SSL_SESSION_free(x); EXIT(ret); } diff --git a/crypto/openssl/apps/smime.c b/crypto/openssl/apps/smime.c index 7dc66d6..9467b59 100644 --- a/crypto/openssl/apps/smime.c +++ b/crypto/openssl/apps/smime.c @@ -67,9 +67,6 @@ #undef PROG #define PROG smime_main -static X509 *load_cert(char *file); -static EVP_PKEY *load_key(char *file, char *pass); -static STACK_OF(X509) *load_certs(char *file); static X509_STORE *setup_verify(char *CAfile, char *CApath); static int save_certs(char *signerfile, STACK_OF(X509) *signers); @@ -90,7 +87,7 @@ int MAIN(int argc, char **argv) char *inmode = "r", *outmode = "w"; char *infile = NULL, *outfile = NULL; char *signerfile = NULL, *recipfile = NULL; - char *certfile = NULL, *keyfile = NULL; + char *certfile = NULL, *keyfile = NULL, *contfile=NULL; EVP_CIPHER *cipher = NULL; PKCS7 *p7 = NULL; X509_STORE *store = NULL; @@ -105,6 +102,7 @@ int MAIN(int argc, char **argv) char *passargin = NULL, *passin = NULL; char *inrand = NULL; int need_rand = 0; + int informat = FORMAT_SMIME, outformat = FORMAT_SMIME; args = argv + 1; ret = 1; @@ -143,6 +141,8 @@ int MAIN(int argc, char **argv) flags |= PKCS7_NOATTR; else if (!strcmp (*args, "-nodetach")) flags &= ~PKCS7_DETACHED; + else if (!strcmp (*args, "-nosmimecap")) + flags |= PKCS7_NOSMIMECAP; else if (!strcmp (*args, "-binary")) flags |= PKCS7_BINARY; else if (!strcmp (*args, "-nosigs")) @@ -208,11 +208,26 @@ int MAIN(int argc, char **argv) args++; infile = *args; } else badarg = 1; + } else if (!strcmp (*args, "-inform")) { + if (args[1]) { + args++; + informat = str2fmt(*args); + } else badarg = 1; + } else if (!strcmp (*args, "-outform")) { + if (args[1]) { + args++; + outformat = str2fmt(*args); + } else badarg = 1; } else if (!strcmp (*args, "-out")) { if (args[1]) { args++; outfile = *args; } else badarg = 1; + } else if (!strcmp (*args, "-content")) { + if (args[1]) { + args++; + contfile = *args; + } else badarg = 1; } else badarg = 1; args++; } @@ -264,8 +279,11 @@ int MAIN(int argc, char **argv) BIO_printf (bio_err, "-signer file signer certificate file\n"); BIO_printf (bio_err, "-recip file recipient certificate file for decryption\n"); BIO_printf (bio_err, "-in file input file\n"); + BIO_printf (bio_err, "-inform arg input format SMIME (default), PEM or DER\n"); BIO_printf (bio_err, "-inkey file input private key (if not signer or recipient)\n"); BIO_printf (bio_err, "-out file output file\n"); + BIO_printf (bio_err, "-outform arg output format SMIME (default), PEM or DER\n"); + BIO_printf (bio_err, "-content file supply or override content for detached signature\n"); BIO_printf (bio_err, "-to addr to address\n"); BIO_printf (bio_err, "-from ad from address\n"); BIO_printf (bio_err, "-subject s subject\n"); @@ -295,9 +313,12 @@ int MAIN(int argc, char **argv) if(operation != SMIME_SIGN) flags &= ~PKCS7_DETACHED; - if(flags & PKCS7_BINARY) { - if(operation & SMIME_OP) inmode = "rb"; - else outmode = "rb"; + if(operation & SMIME_OP) { + if(flags & PKCS7_BINARY) inmode = "rb"; + if(outformat == FORMAT_ASN1) outmode = "wb"; + } else { + if(flags & PKCS7_BINARY) outmode = "wb"; + if(informat == FORMAT_ASN1) inmode = "rb"; } if(operation == SMIME_ENCRYPT) { @@ -311,7 +332,7 @@ int MAIN(int argc, char **argv) } encerts = sk_X509_new_null(); while (*args) { - if(!(cert = load_cert(*args))) { + if(!(cert = load_cert(bio_err,*args,FORMAT_PEM))) { BIO_printf(bio_err, "Can't read recipient certificate file %s\n", *args); goto end; } @@ -322,14 +343,14 @@ int MAIN(int argc, char **argv) } if(signerfile && (operation == SMIME_SIGN)) { - if(!(signer = load_cert(signerfile))) { + if(!(signer = load_cert(bio_err,signerfile,FORMAT_PEM))) { BIO_printf(bio_err, "Can't read signer certificate file %s\n", signerfile); goto end; } } if(certfile) { - if(!(other = load_certs(certfile))) { + if(!(other = load_certs(bio_err,certfile,FORMAT_PEM))) { BIO_printf(bio_err, "Can't read certificate file %s\n", certfile); ERR_print_errors(bio_err); goto end; @@ -337,7 +358,7 @@ int MAIN(int argc, char **argv) } if(recipfile && (operation == SMIME_DECRYPT)) { - if(!(recip = load_cert(recipfile))) { + if(!(recip = load_cert(bio_err,recipfile,FORMAT_PEM))) { BIO_printf(bio_err, "Can't read recipient certificate file %s\n", recipfile); ERR_print_errors(bio_err); goto end; @@ -351,7 +372,7 @@ int MAIN(int argc, char **argv) } else keyfile = NULL; if(keyfile) { - if(!(key = load_key(keyfile, passin))) { + if(!(key = load_key(bio_err,keyfile, FORMAT_PEM, passin))) { BIO_printf(bio_err, "Can't read recipient certificate file %s\n", keyfile); ERR_print_errors(bio_err); goto end; @@ -372,7 +393,15 @@ int MAIN(int argc, char **argv) "Can't open output file %s\n", outfile); goto end; } - } else out = BIO_new_fp(stdout, BIO_NOCLOSE); + } else { + out = BIO_new_fp(stdout, BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + } if(operation == SMIME_VERIFY) { if(!(store = setup_verify(CAfile, CApath))) goto end; @@ -386,10 +415,28 @@ int MAIN(int argc, char **argv) p7 = PKCS7_sign(signer, key, other, in, flags); BIO_reset(in); } else { - if(!(p7 = SMIME_read_PKCS7(in, &indata))) { + if(informat == FORMAT_SMIME) + p7 = SMIME_read_PKCS7(in, &indata); + else if(informat == FORMAT_PEM) + p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL); + else if(informat == FORMAT_ASN1) + p7 = d2i_PKCS7_bio(in, NULL); + else { + BIO_printf(bio_err, "Bad input format for PKCS#7 file\n"); + goto end; + } + + if(!p7) { BIO_printf(bio_err, "Error reading S/MIME message\n"); goto end; } + if(contfile) { + BIO_free(indata); + if(!(indata = BIO_new_file(contfile, "rb"))) { + BIO_printf(bio_err, "Can't read content file %s\n", contfile); + goto end; + } + } } if(!p7) { @@ -425,7 +472,16 @@ int MAIN(int argc, char **argv) if(to) BIO_printf(out, "To: %s\n", to); if(from) BIO_printf(out, "From: %s\n", from); if(subject) BIO_printf(out, "Subject: %s\n", subject); - SMIME_write_PKCS7(out, p7, in, flags); + if(outformat == FORMAT_SMIME) + SMIME_write_PKCS7(out, p7, in, flags); + else if(outformat == FORMAT_PEM) + PEM_write_bio_PKCS7(out,p7); + else if(outformat == FORMAT_ASN1) + i2d_PKCS7_bio(out,p7); + else { + BIO_printf(bio_err, "Bad output format for PKCS#7 file\n"); + goto end; + } } ret = 0; end: @@ -442,54 +498,11 @@ end: PKCS7_free(p7); BIO_free(in); BIO_free(indata); - BIO_free(out); - if(passin) Free(passin); + BIO_free_all(out); + if(passin) OPENSSL_free(passin); return (ret); } -static X509 *load_cert(char *file) -{ - BIO *in; - X509 *cert; - if(!(in = BIO_new_file(file, "r"))) return NULL; - cert = PEM_read_bio_X509(in, NULL, NULL,NULL); - BIO_free(in); - return cert; -} - -static EVP_PKEY *load_key(char *file, char *pass) -{ - BIO *in; - EVP_PKEY *key; - if(!(in = BIO_new_file(file, "r"))) return NULL; - key = PEM_read_bio_PrivateKey(in, NULL,NULL,pass); - BIO_free(in); - return key; -} - -static STACK_OF(X509) *load_certs(char *file) -{ - BIO *in; - int i; - STACK_OF(X509) *othercerts; - STACK_OF(X509_INFO) *allcerts; - X509_INFO *xi; - if(!(in = BIO_new_file(file, "r"))) return NULL; - othercerts = sk_X509_new(NULL); - if(!othercerts) return NULL; - allcerts = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL); - for(i = 0; i < sk_X509_INFO_num(allcerts); i++) { - xi = sk_X509_INFO_value (allcerts, i); - if (xi->x509) { - sk_X509_push(othercerts, xi->x509); - xi->x509 = NULL; - } - } - sk_X509_INFO_pop_free(allcerts, X509_INFO_free); - BIO_free(in); - return othercerts; -} - static X509_STORE *setup_verify(char *CAfile, char *CApath) { X509_STORE *store; diff --git a/crypto/openssl/apps/speed.c b/crypto/openssl/apps/speed.c index f7a8e00..627cab1 100644 --- a/crypto/openssl/apps/speed.c +++ b/crypto/openssl/apps/speed.c @@ -82,16 +82,25 @@ #include <openssl/rand.h> #include <openssl/err.h> -#if !defined(MSDOS) && (!defined(VMS) || defined(__DECC)) -#define TIMES +#if defined(__FreeBSD__) +# define USE_TOD +#elif !defined(MSDOS) && (!defined(VMS) || defined(__DECC)) +# define TIMES +#endif +#if !defined(_UNICOS) && !defined(__OpenBSD__) && !defined(sgi) && !defined(__FreeBSD__) && !(defined(__bsdi) || defined(__bsdi__)) && !defined(_AIX) && !defined(MPE) +# define TIMEB #endif #ifndef _IRIX -#include <time.h> +# include <time.h> #endif #ifdef TIMES -#include <sys/types.h> -#include <sys/times.h> +# include <sys/types.h> +# include <sys/times.h> +#endif +#ifdef USE_TOD +# include <sys/time.h> +# include <sys/resource.h> #endif /* Depending on the VMS version, the tms structure is perhaps defined. @@ -102,10 +111,14 @@ #undef TIMES #endif -#ifndef TIMES +#ifdef TIMEB #include <sys/timeb.h> #endif +#if !defined(TIMES) && !defined(TIMEB) && !defined(USE_TOD) +#error "It seems neither struct tms nor struct timeb is supported in this platform!" +#endif + #if defined(sun) || defined(__ultrix) #define _POSIX_SOURCE #include <limits.h> @@ -121,6 +134,9 @@ #ifndef NO_MDC2 #include <openssl/mdc2.h> #endif +#ifndef NO_MD4 +#include <openssl/md4.h> +#endif #ifndef NO_MD5 #include <openssl/md5.h> #endif @@ -178,7 +194,7 @@ #define BUFSIZE ((long)1024*8+1) int run=0; -static double Time_F(int s); +static double Time_F(int s, int usertime); static void print_message(char *s,long num,int length); static void pkey_print_message(char *str,char *str2,long num,int bits,int sec); #ifdef SIGALRM @@ -202,39 +218,91 @@ static SIGRETTYPE sig_done(int sig) #define START 0 #define STOP 1 -static double Time_F(int s) +static double Time_F(int s, int usertime) { double ret; -#ifdef TIMES - static struct tms tstart,tend; - if (s == START) - { - times(&tstart); - return(0); +#ifdef USE_TOD + if(usertime) + { + static struct rusage tstart,tend; + + if (s == START) + { + getrusage(RUSAGE_SELF,&tstart); + return(0); + } + else + { + long i; + + getrusage(RUSAGE_SELF,&tend); + i=(long)tend.ru_utime.tv_usec-(long)tstart.ru_utime.tv_usec; + ret=((double)(tend.ru_utime.tv_sec-tstart.ru_utime.tv_sec)) + +((double)i)/1000000.0; + return((ret < 0.001)?0.001:ret); + } } else { - times(&tend); - ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ; - return((ret < 1e-3)?1e-3:ret); - } -#else /* !times() */ - static struct timeb tstart,tend; - long i; + static struct timeval tstart,tend; + long i; - if (s == START) + if (s == START) + { + gettimeofday(&tstart,NULL); + return(0); + } + else + { + gettimeofday(&tend,NULL); + i=(long)tend.tv_usec-(long)tstart.tv_usec; + ret=((double)(tend.tv_sec-tstart.tv_sec))+((double)i)/1000000.0; + return((ret < 0.001)?0.001:ret); + } + } +#else /* ndef USE_TOD */ + +# ifdef TIMES + if (usertime) { - ftime(&tstart); - return(0); + static struct tms tstart,tend; + + if (s == START) + { + times(&tstart); + return(0); + } + else + { + times(&tend); + ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ; + return((ret < 1e-3)?1e-3:ret); + } } +# endif /* times() */ +# if defined(TIMES) && defined(TIMEB) else +# endif +# ifdef TIMEB { - ftime(&tend); - i=(long)tend.millitm-(long)tstart.millitm; - ret=((double)(tend.time-tstart.time))+((double)i)/1000.0; - return((ret < 0.001)?0.001:ret); + static struct timeb tstart,tend; + long i; + + if (s == START) + { + ftime(&tstart); + return(0); + } + else + { + ftime(&tend); + i=(long)tend.millitm-(long)tstart.millitm; + ret=((double)(tend.time-tstart.time))+((double)i)/1000.0; + return((ret < 0.001)?0.001:ret); + } } +# endif #endif } @@ -244,19 +312,22 @@ int MAIN(int argc, char **argv) { unsigned char *buf=NULL,*buf2=NULL; int mret=1; -#define ALGOR_NUM 14 +#define ALGOR_NUM 15 #define SIZE_NUM 5 #define RSA_NUM 4 #define DSA_NUM 3 long count,rsa_count; int i,j,k; - unsigned rsa_num,rsa_num2; + unsigned rsa_num; #ifndef NO_MD2 unsigned char md2[MD2_DIGEST_LENGTH]; #endif #ifndef NO_MDC2 unsigned char mdc2[MDC2_DIGEST_LENGTH]; #endif +#ifndef NO_MD4 + unsigned char md4[MD4_DIGEST_LENGTH]; +#endif #ifndef NO_MD5 unsigned char md5[MD5_DIGEST_LENGTH]; unsigned char hmac[MD5_DIGEST_LENGTH]; @@ -298,23 +369,24 @@ int MAIN(int argc, char **argv) #endif #define D_MD2 0 #define D_MDC2 1 -#define D_MD5 2 -#define D_HMAC 3 -#define D_SHA1 4 -#define D_RMD160 5 -#define D_RC4 6 -#define D_CBC_DES 7 -#define D_EDE3_DES 8 -#define D_CBC_IDEA 9 -#define D_CBC_RC2 10 -#define D_CBC_RC5 11 -#define D_CBC_BF 12 -#define D_CBC_CAST 13 +#define D_MD4 2 +#define D_MD5 3 +#define D_HMAC 4 +#define D_SHA1 5 +#define D_RMD160 6 +#define D_RC4 7 +#define D_CBC_DES 8 +#define D_EDE3_DES 9 +#define D_CBC_IDEA 10 +#define D_CBC_RC2 11 +#define D_CBC_RC5 12 +#define D_CBC_BF 13 +#define D_CBC_CAST 14 double d,results[ALGOR_NUM][SIZE_NUM]; static int lengths[SIZE_NUM]={8,64,256,1024,8*1024}; long c[ALGOR_NUM][SIZE_NUM]; static char *names[ALGOR_NUM]={ - "md2","mdc2","md5","hmac(md5)","sha1","rmd160","rc4", + "md2","mdc2","md4","md5","hmac(md5)","sha1","rmd160","rc4", "des cbc","des ede3","idea cbc", "rc2 cbc","rc5-32/12 cbc","blowfish cbc","cast cbc"}; #define R_DSA_512 0 @@ -345,6 +417,11 @@ int MAIN(int argc, char **argv) int dsa_doit[DSA_NUM]; int doit[ALGOR_NUM]; int pr_header=0; + int usertime=1; + +#ifndef TIMES + usertime=-1; +#endif apps_startup(); memset(results, 0, sizeof(results)); @@ -362,7 +439,7 @@ int MAIN(int argc, char **argv) rsa_key[i]=NULL; #endif - if ((buf=(unsigned char *)Malloc((int)BUFSIZE)) == NULL) + if ((buf=(unsigned char *)OPENSSL_malloc((int)BUFSIZE)) == NULL) { BIO_printf(bio_err,"out of memory\n"); goto end; @@ -370,7 +447,7 @@ int MAIN(int argc, char **argv) #ifndef NO_DES buf_as_des_cblock = (des_cblock *)buf; #endif - if ((buf2=(unsigned char *)Malloc((int)BUFSIZE)) == NULL) + if ((buf2=(unsigned char *)OPENSSL_malloc((int)BUFSIZE)) == NULL) { BIO_printf(bio_err,"out of memory\n"); goto end; @@ -391,6 +468,8 @@ int MAIN(int argc, char **argv) argv++; while (argc) { + if ((argc > 0) && (strcmp(*argv,"-elapsed") == 0)) + usertime = 0; #ifndef NO_MD2 if (strcmp(*argv,"md2") == 0) doit[D_MD2]=1; else @@ -399,6 +478,10 @@ int MAIN(int argc, char **argv) if (strcmp(*argv,"mdc2") == 0) doit[D_MDC2]=1; else #endif +#ifndef NO_MD4 + if (strcmp(*argv,"md4") == 0) doit[D_MD4]=1; + else +#endif #ifndef NO_MD5 if (strcmp(*argv,"md5") == 0) doit[D_MD5]=1; else @@ -510,8 +593,34 @@ int MAIN(int argc, char **argv) else #endif { - BIO_printf(bio_err,"bad value, pick one of\n"); - BIO_printf(bio_err,"md2 mdc2 md5 hmac sha1 rmd160\n"); + BIO_printf(bio_err,"Error: bad option or value\n"); + BIO_printf(bio_err,"\n"); + BIO_printf(bio_err,"Available values:\n"); +#ifndef NO_MD2 + BIO_printf(bio_err,"md2 "); +#endif +#ifndef NO_MDC2 + BIO_printf(bio_err,"mdc2 "); +#endif +#ifndef NO_MD4 + BIO_printf(bio_err,"md4 "); +#endif +#ifndef NO_MD5 + BIO_printf(bio_err,"md5 "); +#ifndef NO_HMAC + BIO_printf(bio_err,"hmac "); +#endif +#endif +#ifndef NO_SHA1 + BIO_printf(bio_err,"sha1 "); +#endif +#ifndef NO_RIPEMD160 + BIO_printf(bio_err,"rmd160"); +#endif +#if !defined(NO_MD2) || !defined(NO_MDC2) || !defined(NO_MD4) || !defined(NO_MD5) || !defined(NO_SHA1) || !defined(NO_RIPEMD160) + BIO_printf(bio_err,"\n"); +#endif + #ifndef NO_IDEA BIO_printf(bio_err,"idea-cbc "); #endif @@ -524,20 +633,48 @@ int MAIN(int argc, char **argv) #ifndef NO_BF BIO_printf(bio_err,"bf-cbc"); #endif -#if !defined(NO_IDEA) && !defined(NO_RC2) && !defined(NO_BF) && !defined(NO_RC5) +#if !defined(NO_IDEA) || !defined(NO_RC2) || !defined(NO_BF) || !defined(NO_RC5) BIO_printf(bio_err,"\n"); #endif + BIO_printf(bio_err,"des-cbc des-ede3 "); #ifndef NO_RC4 BIO_printf(bio_err,"rc4"); #endif + BIO_printf(bio_err,"\n"); + #ifndef NO_RSA - BIO_printf(bio_err,"\nrsa512 rsa1024 rsa2048 rsa4096\n"); + BIO_printf(bio_err,"rsa512 rsa1024 rsa2048 rsa4096\n"); #endif + #ifndef NO_DSA - BIO_printf(bio_err,"\ndsa512 dsa1024 dsa2048\n"); + BIO_printf(bio_err,"dsa512 dsa1024 dsa2048\n"); +#endif + +#ifndef NO_IDEA + BIO_printf(bio_err,"idea "); +#endif +#ifndef NO_RC2 + BIO_printf(bio_err,"rc2 "); +#endif +#ifndef NO_DES + BIO_printf(bio_err,"des "); +#endif +#ifndef NO_RSA + BIO_printf(bio_err,"rsa "); +#endif +#ifndef NO_BF + BIO_printf(bio_err,"blowfish"); +#endif +#if !defined(NO_IDEA) || !defined(NO_RC2) || !defined(NO_DES) || !defined(NO_RSA) || !defined(NO_BF) + BIO_printf(bio_err,"\n"); +#endif + +#ifdef TIMES + BIO_printf(bio_err,"\n"); + BIO_printf(bio_err,"Available options:\n"); + BIO_printf(bio_err,"-elapsed measure time in real time instead of CPU user time.\n"); #endif - BIO_printf(bio_err,"idea rc2 des rsa blowfish\n"); goto end; } argc--; @@ -557,10 +694,13 @@ int MAIN(int argc, char **argv) for (i=0; i<ALGOR_NUM; i++) if (doit[i]) pr_header++; -#ifndef TIMES - BIO_printf(bio_err,"To get the most accurate results, try to run this\n"); - BIO_printf(bio_err,"program when this computer is idle.\n"); -#endif + if (usertime == 0) + BIO_printf(bio_err,"You have chosen to measure elapsed time instead of user CPU time.\n"); + if (usertime <= 0) + { + BIO_printf(bio_err,"To get the most accurate results, try to run this\n"); + BIO_printf(bio_err,"program when this computer is idle.\n"); + } #ifndef NO_RSA for (i=0; i<RSA_NUM; i++) @@ -624,14 +764,15 @@ int MAIN(int argc, char **argv) do { long i; count*=2; - Time_F(START); + Time_F(START,usertime); for (i=count; i; i--) des_ecb_encrypt(buf_as_des_cblock,buf_as_des_cblock, &(sch[0]),DES_ENCRYPT); - d=Time_F(STOP); + d=Time_F(STOP,usertime); } while (d <3); c[D_MD2][0]=count/10; c[D_MDC2][0]=count/10; + c[D_MD4][0]=count; c[D_MD5][0]=count; c[D_HMAC][0]=count; c[D_SHA1][0]=count; @@ -649,6 +790,7 @@ int MAIN(int argc, char **argv) { c[D_MD2][i]=c[D_MD2][0]*4*lengths[0]/lengths[i]; c[D_MDC2][i]=c[D_MDC2][0]*4*lengths[0]/lengths[i]; + c[D_MD4][i]=c[D_MD4][0]*4*lengths[0]/lengths[i]; c[D_MD5][i]=c[D_MD5][0]*4*lengths[0]/lengths[i]; c[D_HMAC][i]=c[D_HMAC][0]*4*lengths[0]/lengths[i]; c[D_SHA1][i]=c[D_SHA1][0]*4*lengths[0]/lengths[i]; @@ -725,10 +867,10 @@ int MAIN(int argc, char **argv) for (j=0; j<SIZE_NUM; j++) { print_message(names[D_MD2],c[D_MD2][j],lengths[j]); - Time_F(START); + Time_F(START,usertime); for (count=0,run=1; COND(c[D_MD2][j]); count++) MD2(buf,(unsigned long)lengths[j],&(md2[0])); - d=Time_F(STOP); + d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_MD2],d); results[D_MD2][j]=((double)count)/d*lengths[j]; @@ -741,10 +883,10 @@ int MAIN(int argc, char **argv) for (j=0; j<SIZE_NUM; j++) { print_message(names[D_MDC2],c[D_MDC2][j],lengths[j]); - Time_F(START); + Time_F(START,usertime); for (count=0,run=1; COND(c[D_MDC2][j]); count++) MDC2(buf,(unsigned long)lengths[j],&(mdc2[0])); - d=Time_F(STOP); + d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_MDC2],d); results[D_MDC2][j]=((double)count)/d*lengths[j]; @@ -752,16 +894,33 @@ int MAIN(int argc, char **argv) } #endif +#ifndef NO_MD4 + if (doit[D_MD4]) + { + for (j=0; j<SIZE_NUM; j++) + { + print_message(names[D_MD4],c[D_MD4][j],lengths[j]); + Time_F(START,usertime); + for (count=0,run=1; COND(c[D_MD4][j]); count++) + MD4(&(buf[0]),(unsigned long)lengths[j],&(md4[0])); + d=Time_F(STOP,usertime); + BIO_printf(bio_err,"%ld %s's in %.2fs\n", + count,names[D_MD4],d); + results[D_MD4][j]=((double)count)/d*lengths[j]; + } + } +#endif + #ifndef NO_MD5 if (doit[D_MD5]) { for (j=0; j<SIZE_NUM; j++) { print_message(names[D_MD5],c[D_MD5][j],lengths[j]); - Time_F(START); + Time_F(START,usertime); for (count=0,run=1; COND(c[D_MD5][j]); count++) MD5(&(buf[0]),(unsigned long)lengths[j],&(md5[0])); - d=Time_F(STOP); + d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_MD5],d); results[D_MD5][j]=((double)count)/d*lengths[j]; @@ -779,14 +938,14 @@ int MAIN(int argc, char **argv) for (j=0; j<SIZE_NUM; j++) { print_message(names[D_HMAC],c[D_HMAC][j],lengths[j]); - Time_F(START); + Time_F(START,usertime); for (count=0,run=1; COND(c[D_HMAC][j]); count++) { HMAC_Init(&hctx,NULL,0,NULL); HMAC_Update(&hctx,buf,lengths[j]); HMAC_Final(&hctx,&(hmac[0]),NULL); } - d=Time_F(STOP); + d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_HMAC],d); results[D_HMAC][j]=((double)count)/d*lengths[j]; @@ -799,10 +958,10 @@ int MAIN(int argc, char **argv) for (j=0; j<SIZE_NUM; j++) { print_message(names[D_SHA1],c[D_SHA1][j],lengths[j]); - Time_F(START); + Time_F(START,usertime); for (count=0,run=1; COND(c[D_SHA1][j]); count++) SHA1(buf,(unsigned long)lengths[j],&(sha[0])); - d=Time_F(STOP); + d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_SHA1],d); results[D_SHA1][j]=((double)count)/d*lengths[j]; @@ -815,10 +974,10 @@ int MAIN(int argc, char **argv) for (j=0; j<SIZE_NUM; j++) { print_message(names[D_RMD160],c[D_RMD160][j],lengths[j]); - Time_F(START); + Time_F(START,usertime); for (count=0,run=1; COND(c[D_RMD160][j]); count++) RIPEMD160(buf,(unsigned long)lengths[j],&(rmd160[0])); - d=Time_F(STOP); + d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_RMD160],d); results[D_RMD160][j]=((double)count)/d*lengths[j]; @@ -831,11 +990,11 @@ int MAIN(int argc, char **argv) for (j=0; j<SIZE_NUM; j++) { print_message(names[D_RC4],c[D_RC4][j],lengths[j]); - Time_F(START); + Time_F(START,usertime); for (count=0,run=1; COND(c[D_RC4][j]); count++) RC4(&rc4_ks,(unsigned int)lengths[j], buf,buf); - d=Time_F(STOP); + d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_RC4],d); results[D_RC4][j]=((double)count)/d*lengths[j]; @@ -848,11 +1007,11 @@ int MAIN(int argc, char **argv) for (j=0; j<SIZE_NUM; j++) { print_message(names[D_CBC_DES],c[D_CBC_DES][j],lengths[j]); - Time_F(START); + Time_F(START,usertime); for (count=0,run=1; COND(c[D_CBC_DES][j]); count++) des_ncbc_encrypt(buf,buf,lengths[j],sch, &iv,DES_ENCRYPT); - d=Time_F(STOP); + d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_CBC_DES],d); results[D_CBC_DES][j]=((double)count)/d*lengths[j]; @@ -864,12 +1023,12 @@ int MAIN(int argc, char **argv) for (j=0; j<SIZE_NUM; j++) { print_message(names[D_EDE3_DES],c[D_EDE3_DES][j],lengths[j]); - Time_F(START); + Time_F(START,usertime); for (count=0,run=1; COND(c[D_EDE3_DES][j]); count++) des_ede3_cbc_encrypt(buf,buf,lengths[j], sch,sch2,sch3, &iv,DES_ENCRYPT); - d=Time_F(STOP); + d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_EDE3_DES],d); results[D_EDE3_DES][j]=((double)count)/d*lengths[j]; @@ -882,12 +1041,12 @@ int MAIN(int argc, char **argv) for (j=0; j<SIZE_NUM; j++) { print_message(names[D_CBC_IDEA],c[D_CBC_IDEA][j],lengths[j]); - Time_F(START); + Time_F(START,usertime); for (count=0,run=1; COND(c[D_CBC_IDEA][j]); count++) idea_cbc_encrypt(buf,buf, (unsigned long)lengths[j],&idea_ks, iv,IDEA_ENCRYPT); - d=Time_F(STOP); + d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_CBC_IDEA],d); results[D_CBC_IDEA][j]=((double)count)/d*lengths[j]; @@ -900,12 +1059,12 @@ int MAIN(int argc, char **argv) for (j=0; j<SIZE_NUM; j++) { print_message(names[D_CBC_RC2],c[D_CBC_RC2][j],lengths[j]); - Time_F(START); + Time_F(START,usertime); for (count=0,run=1; COND(c[D_CBC_RC2][j]); count++) RC2_cbc_encrypt(buf,buf, (unsigned long)lengths[j],&rc2_ks, iv,RC2_ENCRYPT); - d=Time_F(STOP); + d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_CBC_RC2],d); results[D_CBC_RC2][j]=((double)count)/d*lengths[j]; @@ -918,12 +1077,12 @@ int MAIN(int argc, char **argv) for (j=0; j<SIZE_NUM; j++) { print_message(names[D_CBC_RC5],c[D_CBC_RC5][j],lengths[j]); - Time_F(START); + Time_F(START,usertime); for (count=0,run=1; COND(c[D_CBC_RC5][j]); count++) RC5_32_cbc_encrypt(buf,buf, (unsigned long)lengths[j],&rc5_ks, iv,RC5_ENCRYPT); - d=Time_F(STOP); + d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_CBC_RC5],d); results[D_CBC_RC5][j]=((double)count)/d*lengths[j]; @@ -936,12 +1095,12 @@ int MAIN(int argc, char **argv) for (j=0; j<SIZE_NUM; j++) { print_message(names[D_CBC_BF],c[D_CBC_BF][j],lengths[j]); - Time_F(START); + Time_F(START,usertime); for (count=0,run=1; COND(c[D_CBC_BF][j]); count++) BF_cbc_encrypt(buf,buf, (unsigned long)lengths[j],&bf_ks, iv,BF_ENCRYPT); - d=Time_F(STOP); + d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_CBC_BF],d); results[D_CBC_BF][j]=((double)count)/d*lengths[j]; @@ -954,12 +1113,12 @@ int MAIN(int argc, char **argv) for (j=0; j<SIZE_NUM; j++) { print_message(names[D_CBC_CAST],c[D_CBC_CAST][j],lengths[j]); - Time_F(START); + Time_F(START,usertime); for (count=0,run=1; COND(c[D_CBC_CAST][j]); count++) CAST_cbc_encrypt(buf,buf, (unsigned long)lengths[j],&cast_ks, iv,CAST_ENCRYPT); - d=Time_F(STOP); + d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_CBC_CAST],d); results[D_CBC_CAST][j]=((double)count)/d*lengths[j]; @@ -974,49 +1133,73 @@ int MAIN(int argc, char **argv) int ret; if (!rsa_doit[j]) continue; ret=RSA_sign(NID_md5_sha1, buf,36, buf2, &rsa_num, rsa_key[j]); - pkey_print_message("private","rsa",rsa_c[j][0],rsa_bits[j], - RSA_SECONDS); -/* RSA_blinding_on(rsa_key[j],NULL); */ - Time_F(START); - for (count=0,run=1; COND(rsa_c[j][0]); count++) + if (ret == 0) { - ret=RSA_sign(NID_md5_sha1, buf,36, buf2, &rsa_num, - rsa_key[j]); - if (ret <= 0) + BIO_printf(bio_err,"RSA sign failure. No RSA sign will be done.\n"); + ERR_print_errors(bio_err); + rsa_count=1; + } + else + { + pkey_print_message("private","rsa", + rsa_c[j][0],rsa_bits[j], + RSA_SECONDS); +/* RSA_blinding_on(rsa_key[j],NULL); */ + Time_F(START,usertime); + for (count=0,run=1; COND(rsa_c[j][0]); count++) { - BIO_printf(bio_err,"RSA private encrypt failure\n"); - ERR_print_errors(bio_err); - count=1; - break; + ret=RSA_sign(NID_md5_sha1, buf,36, buf2, + &rsa_num, rsa_key[j]); + if (ret == 0) + { + BIO_printf(bio_err, + "RSA sign failure\n"); + ERR_print_errors(bio_err); + count=1; + break; + } } + d=Time_F(STOP,usertime); + BIO_printf(bio_err, + "%ld %d bit private RSA's in %.2fs\n", + count,rsa_bits[j],d); + rsa_results[j][0]=d/(double)count; + rsa_count=count; } - d=Time_F(STOP); - BIO_printf(bio_err,"%ld %d bit private RSA's in %.2fs\n", - count,rsa_bits[j],d); - rsa_results[j][0]=d/(double)count; - rsa_count=count; #if 1 ret=RSA_verify(NID_md5_sha1, buf,36, buf2, rsa_num, rsa_key[j]); - pkey_print_message("public","rsa",rsa_c[j][1],rsa_bits[j], - RSA_SECONDS); - Time_F(START); - for (count=0,run=1; COND(rsa_c[j][1]); count++) + if (ret <= 0) { - ret=RSA_verify(NID_md5_sha1, buf,36, buf2, rsa_num, - rsa_key[j]); - if (ret <= 0) + BIO_printf(bio_err,"RSA verify failure. No RSA verify will be done.\n"); + ERR_print_errors(bio_err); + dsa_doit[j] = 0; + } + else + { + pkey_print_message("public","rsa", + rsa_c[j][1],rsa_bits[j], + RSA_SECONDS); + Time_F(START,usertime); + for (count=0,run=1; COND(rsa_c[j][1]); count++) { - BIO_printf(bio_err,"RSA verify failure\n"); - ERR_print_errors(bio_err); - count=1; - break; + ret=RSA_verify(NID_md5_sha1, buf,36, buf2, + rsa_num, rsa_key[j]); + if (ret == 0) + { + BIO_printf(bio_err, + "RSA verify failure\n"); + ERR_print_errors(bio_err); + count=1; + break; + } } + d=Time_F(STOP,usertime); + BIO_printf(bio_err, + "%ld %d bit public RSA's in %.2fs\n", + count,rsa_bits[j],d); + rsa_results[j][1]=d/(double)count; } - d=Time_F(STOP); - BIO_printf(bio_err,"%ld %d bit public RSA's in %.2fs\n", - count,rsa_bits[j],d); - rsa_results[j][1]=d/(double)count; #endif if (rsa_count <= 1) @@ -1038,54 +1221,77 @@ int MAIN(int argc, char **argv) for (j=0; j<DSA_NUM; j++) { unsigned int kk; + int ret; if (!dsa_doit[j]) continue; DSA_generate_key(dsa_key[j]); /* DSA_sign_setup(dsa_key[j],NULL); */ - rsa_num=DSA_sign(EVP_PKEY_DSA,buf,20,buf2, + ret=DSA_sign(EVP_PKEY_DSA,buf,20,buf2, &kk,dsa_key[j]); - pkey_print_message("sign","dsa",dsa_c[j][0],dsa_bits[j], - DSA_SECONDS); - Time_F(START); - for (count=0,run=1; COND(dsa_c[j][0]); count++) + if (ret == 0) { - rsa_num=DSA_sign(EVP_PKEY_DSA,buf,20,buf2, - &kk,dsa_key[j]); - if (rsa_num == 0) + BIO_printf(bio_err,"DSA sign failure. No DSA sign will be done.\n"); + ERR_print_errors(bio_err); + rsa_count=1; + } + else + { + pkey_print_message("sign","dsa", + dsa_c[j][0],dsa_bits[j], + DSA_SECONDS); + Time_F(START,usertime); + for (count=0,run=1; COND(dsa_c[j][0]); count++) { - BIO_printf(bio_err,"DSA sign failure\n"); - ERR_print_errors(bio_err); - count=1; - break; + ret=DSA_sign(EVP_PKEY_DSA,buf,20,buf2, + &kk,dsa_key[j]); + if (ret == 0) + { + BIO_printf(bio_err, + "DSA sign failure\n"); + ERR_print_errors(bio_err); + count=1; + break; + } } + d=Time_F(STOP,usertime); + BIO_printf(bio_err,"%ld %d bit DSA signs in %.2fs\n", + count,dsa_bits[j],d); + dsa_results[j][0]=d/(double)count; + rsa_count=count; } - d=Time_F(STOP); - BIO_printf(bio_err,"%ld %d bit DSA signs in %.2fs\n", - count,dsa_bits[j],d); - dsa_results[j][0]=d/(double)count; - rsa_count=count; - rsa_num2=DSA_verify(EVP_PKEY_DSA,buf,20,buf2, + ret=DSA_verify(EVP_PKEY_DSA,buf,20,buf2, kk,dsa_key[j]); - pkey_print_message("verify","dsa",dsa_c[j][1],dsa_bits[j], - DSA_SECONDS); - Time_F(START); - for (count=0,run=1; COND(dsa_c[j][1]); count++) + if (ret <= 0) + { + BIO_printf(bio_err,"DSA verify failure. No DSA verify will be done.\n"); + ERR_print_errors(bio_err); + dsa_doit[j] = 0; + } + else { - rsa_num2=DSA_verify(EVP_PKEY_DSA,buf,20,buf2, - kk,dsa_key[j]); - if (rsa_num2 == 0) + pkey_print_message("verify","dsa", + dsa_c[j][1],dsa_bits[j], + DSA_SECONDS); + Time_F(START,usertime); + for (count=0,run=1; COND(dsa_c[j][1]); count++) { - BIO_printf(bio_err,"DSA verify failure\n"); - ERR_print_errors(bio_err); - count=1; - break; + ret=DSA_verify(EVP_PKEY_DSA,buf,20,buf2, + kk,dsa_key[j]); + if (ret <= 0) + { + BIO_printf(bio_err, + "DSA verify failure\n"); + ERR_print_errors(bio_err); + count=1; + break; + } } + d=Time_F(STOP,usertime); + BIO_printf(bio_err,"%ld %d bit DSA verify in %.2fs\n", + count,dsa_bits[j],d); + dsa_results[j][1]=d/(double)count; } - d=Time_F(STOP); - BIO_printf(bio_err,"%ld %d bit DSA verify in %.2fs\n", - count,dsa_bits[j],d); - dsa_results[j][1]=d/(double)count; if (rsa_count <= 1) { @@ -1173,8 +1379,8 @@ int MAIN(int argc, char **argv) #endif mret=0; end: - if (buf != NULL) Free(buf); - if (buf2 != NULL) Free(buf2); + if (buf != NULL) OPENSSL_free(buf); + if (buf2 != NULL) OPENSSL_free(buf2); #ifndef NO_RSA for (i=0; i<RSA_NUM; i++) if (rsa_key[i] != NULL) diff --git a/crypto/openssl/apps/spkac.c b/crypto/openssl/apps/spkac.c index f3ee7e3..459d730 100644 --- a/crypto/openssl/apps/spkac.c +++ b/crypto/openssl/apps/spkac.c @@ -192,7 +192,15 @@ bad: spkstr = NETSCAPE_SPKI_b64_encode(spki); if (outfile) out = BIO_new_file(outfile, "w"); - else out = BIO_new_fp(stdout, BIO_NOCLOSE); + else { + out = BIO_new_fp(stdout, BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + } if(!out) { BIO_printf(bio_err, "Error opening output file\n"); @@ -200,7 +208,7 @@ bad: goto end; } BIO_printf(out, "SPKAC=%s\n", spkstr); - Free(spkstr); + OPENSSL_free(spkstr); ret = 0; goto end; } @@ -241,7 +249,15 @@ bad: } if (outfile) out = BIO_new_file(outfile, "w"); - else out = BIO_new_fp(stdout, BIO_NOCLOSE); + else { + out = BIO_new_fp(stdout, BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + } if(!out) { BIO_printf(bio_err, "Error opening output file\n"); @@ -268,9 +284,9 @@ end: CONF_free(conf); NETSCAPE_SPKI_free(spki); BIO_free(in); - BIO_free(out); + BIO_free_all(out); BIO_free(key); EVP_PKEY_free(pkey); - if(passin) Free(passin); + if(passin) OPENSSL_free(passin); EXIT(ret); } diff --git a/crypto/openssl/apps/verify.c b/crypto/openssl/apps/verify.c index 267ee4e..47e602d 100644 --- a/crypto/openssl/apps/verify.c +++ b/crypto/openssl/apps/verify.c @@ -70,9 +70,9 @@ #define PROG verify_main static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx); -static int check(X509_STORE *ctx,char *file, STACK_OF(X509)*other, int purpose); +static int check(X509_STORE *ctx, char *file, STACK_OF(X509) *uchain, STACK_OF(X509) *tchain, int purpose); static STACK_OF(X509) *load_untrusted(char *file); -static int v_verbose=0; +static int v_verbose=0, issuer_checks = 0; int MAIN(int, char **); @@ -81,8 +81,8 @@ int MAIN(int argc, char **argv) int i,ret=1; int purpose = -1; char *CApath=NULL,*CAfile=NULL; - char *untfile = NULL; - STACK_OF(X509) *untrusted = NULL; + char *untfile = NULL, *trustfile = NULL; + STACK_OF(X509) *untrusted = NULL, *trusted = NULL; X509_STORE *cert_ctx=NULL; X509_LOOKUP *lookup=NULL; @@ -132,8 +132,15 @@ int MAIN(int argc, char **argv) if (argc-- < 1) goto end; untfile= *(++argv); } + else if (strcmp(*argv,"-trusted") == 0) + { + if (argc-- < 1) goto end; + trustfile= *(++argv); + } else if (strcmp(*argv,"-help") == 0) goto end; + else if (strcmp(*argv,"-issuer_checks") == 0) + issuer_checks=1; else if (strcmp(*argv,"-verbose") == 0) v_verbose=1; else if (argv[0][0] == '-') @@ -179,14 +186,22 @@ int MAIN(int argc, char **argv) } } - if (argc < 1) check(cert_ctx, NULL, untrusted, purpose); + if(trustfile) { + if(!(trusted = load_untrusted(trustfile))) { + BIO_printf(bio_err, "Error loading untrusted file %s\n", trustfile); + ERR_print_errors(bio_err); + goto end; + } + } + + if (argc < 1) check(cert_ctx, NULL, untrusted, trusted, purpose); else for (i=0; i<argc; i++) - check(cert_ctx,argv[i], untrusted, purpose); + check(cert_ctx,argv[i], untrusted, trusted, purpose); ret=0; end: if (ret == 1) { - BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] cert1 cert2 ...\n"); + BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] cert1 cert2 ...\n"); BIO_printf(bio_err,"recognized usages:\n"); for(i = 0; i < X509_PURPOSE_get_count(); i++) { X509_PURPOSE *ptmp; @@ -197,10 +212,11 @@ end: } if (cert_ctx != NULL) X509_STORE_free(cert_ctx); sk_X509_pop_free(untrusted, X509_free); + sk_X509_pop_free(trusted, X509_free); EXIT(ret); } -static int check(X509_STORE *ctx, char *file, STACK_OF(X509) *uchain, int purpose) +static int check(X509_STORE *ctx, char *file, STACK_OF(X509) *uchain, STACK_OF(X509) *tchain, int purpose) { X509 *x=NULL; BIO *in=NULL; @@ -242,7 +258,10 @@ static int check(X509_STORE *ctx, char *file, STACK_OF(X509) *uchain, int purpos goto end; } X509_STORE_CTX_init(csc,ctx,x,uchain); + if(tchain) X509_STORE_CTX_trusted_stack(csc, tchain); if(purpose >= 0) X509_STORE_CTX_set_purpose(csc, purpose); + if(issuer_checks) + X509_STORE_CTX_set_flags(csc, X509_V_FLAG_CB_ISSUER_CHECK); i=X509_verify_cert(csc); X509_STORE_CTX_free(csc); diff --git a/crypto/openssl/apps/x509.c b/crypto/openssl/apps/x509.c index 2d63841..76dd66d 100644 --- a/crypto/openssl/apps/x509.c +++ b/crypto/openssl/apps/x509.c @@ -81,8 +81,6 @@ #define POSTFIX ".srl" #define DEF_DAYS 30 -#define CERT_HDR "certificate" - static char *x509_usage[]={ "usage: x509 args\n", " -inform arg - input format - default PEM (one of DER, NET or PEM)\n", @@ -97,6 +95,7 @@ static char *x509_usage[]={ " -hash - print hash value\n", " -subject - print subject DN\n", " -issuer - print issuer DN\n", +" -email - print email address(es)\n", " -startdate - notBefore field\n", " -enddate - notAfter field\n", " -purpose - print out certificate purposes\n", @@ -113,6 +112,8 @@ static char *x509_usage[]={ " -addreject arg - reject certificate for a given purpose\n", " -setalias arg - set certificate alias\n", " -days arg - How long till expiry of a signed certificate - def 30 days\n", +" -checkend arg - check whether the cert expires in the next arg seconds\n", +" exit 1 if so, 0 if not\n", " -signkey arg - self sign cert with arg\n", " -x509toreq - output a certification request object\n", " -req - input is a certificate request, sign and output.\n", @@ -127,12 +128,11 @@ static char *x509_usage[]={ " -extfile - configuration file with X509V3 extensions to add\n", " -extensions - section from config file with X509V3 extensions to add\n", " -clrext - delete extensions before signing and input certificate\n", +" -nameopt arg - various certificate name options\n", NULL }; static int MS_CALLBACK callb(int ok, X509_STORE_CTX *ctx); -static EVP_PKEY *load_key(char *file, int format, char *passin); -static X509 *load_cert(char *file, int format); static int sign (X509 *x, EVP_PKEY *pkey,int days,int clrext, const EVP_MD *digest, LHASH *conf, char *section); static int x509_certify (X509_STORE *ctx,char *CAfile,const EVP_MD *digest, @@ -159,7 +159,7 @@ int MAIN(int argc, char **argv) char *CAkeyfile=NULL,*CAserial=NULL; char *alias=NULL; int text=0,serial=0,hash=0,subject=0,issuer=0,startdate=0,enddate=0; - int noout=0,sign_flag=0,CA_flag=0,CA_createserial=0; + int noout=0,sign_flag=0,CA_flag=0,CA_createserial=0,email=0; int trustout=0,clrtrust=0,clrreject=0,aliasout=0,clrext=0; int C=0; int x509req=0,days=DEF_DAYS,modulus=0,pubkey=0; @@ -173,6 +173,8 @@ int MAIN(int argc, char **argv) LHASH *extconf = NULL; char *extsect = NULL, *extfile = NULL, *passin = NULL, *passargin = NULL; int need_rand = 0; + int checkend=0,checkoffset=0; + unsigned long nmflag = 0; reqfile=0; @@ -181,6 +183,12 @@ int MAIN(int argc, char **argv) if (bio_err == NULL) bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); STDout=BIO_new_fp(stdout,BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + STDout = BIO_push(tmpbio, STDout); + } +#endif informat=FORMAT_PEM; outformat=FORMAT_PEM; @@ -289,24 +297,26 @@ int MAIN(int argc, char **argv) else if (strcmp(*argv,"-addtrust") == 0) { if (--argc < 1) goto bad; - if(!(objtmp = OBJ_txt2obj(*(++argv), 0))) { + if (!(objtmp = OBJ_txt2obj(*(++argv), 0))) + { BIO_printf(bio_err, "Invalid trust object value %s\n", *argv); goto bad; - } - if(!trust) trust = sk_ASN1_OBJECT_new_null(); + } + if (!trust) trust = sk_ASN1_OBJECT_new_null(); sk_ASN1_OBJECT_push(trust, objtmp); trustout = 1; } else if (strcmp(*argv,"-addreject") == 0) { if (--argc < 1) goto bad; - if(!(objtmp = OBJ_txt2obj(*(++argv), 0))) { + if (!(objtmp = OBJ_txt2obj(*(++argv), 0))) + { BIO_printf(bio_err, "Invalid reject object value %s\n", *argv); goto bad; - } - if(!reject) reject = sk_ASN1_OBJECT_new_null(); + } + if (!reject) reject = sk_ASN1_OBJECT_new_null(); sk_ASN1_OBJECT_push(reject, objtmp); trustout = 1; } @@ -316,6 +326,11 @@ int MAIN(int argc, char **argv) alias= *(++argv); trustout = 1; } + else if (strcmp(*argv,"-nameopt") == 0) + { + if (--argc < 1) goto bad; + if (!set_name_ex(&nmflag, *(++argv))) goto bad; + } else if (strcmp(*argv,"-setalias") == 0) { if (--argc < 1) goto bad; @@ -324,6 +339,8 @@ int MAIN(int argc, char **argv) } else if (strcmp(*argv,"-C") == 0) C= ++num; + else if (strcmp(*argv,"-email") == 0) + email= ++num; else if (strcmp(*argv,"-serial") == 0) serial= ++num; else if (strcmp(*argv,"-modulus") == 0) @@ -353,6 +370,12 @@ int MAIN(int argc, char **argv) startdate= ++num; else if (strcmp(*argv,"-enddate") == 0) enddate= ++num; + else if (strcmp(*argv,"-checkend") == 0) + { + if (--argc < 1) goto bad; + checkoffset=atoi(*(++argv)); + checkend=1; + } else if (strcmp(*argv,"-noout") == 0) noout= ++num; else if (strcmp(*argv,"-trustout") == 0) @@ -402,10 +425,11 @@ bad: ERR_load_crypto_strings(); - if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) { + if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) + { BIO_printf(bio_err, "Error getting password\n"); goto end; - } + } if (!X509_STORE_set_default_paths(ctx)) { @@ -421,10 +445,12 @@ bad: goto end; } - if (extfile) { + if (extfile) + { long errorline; X509V3_CTX ctx2; - if (!(extconf=CONF_load(NULL,extfile,&errorline))) { + if (!(extconf=CONF_load(NULL,extfile,&errorline))) + { if (errorline <= 0) BIO_printf(bio_err, "error loading the config file '%s'\n", @@ -434,19 +460,20 @@ bad: "error on line %ld of config file '%s'\n" ,errorline,extfile); goto end; - } - if(!extsect && !(extsect = CONF_get_string(extconf, "default", + } + if (!extsect && !(extsect = CONF_get_string(extconf, "default", "extensions"))) extsect = "default"; X509V3_set_ctx_test(&ctx2); X509V3_set_conf_lhash(&ctx2, extconf); - if(!X509V3_EXT_add_conf(extconf, &ctx2, extsect, NULL)) { + if (!X509V3_EXT_add_conf(extconf, &ctx2, extsect, NULL)) + { BIO_printf(bio_err, "Error Loading extension section %s\n", extsect); ERR_print_errors(bio_err); goto end; - } - } + } + } if (reqfile) @@ -474,13 +501,18 @@ bad: if (BIO_read_filename(in,infile) <= 0) { perror(infile); + BIO_free(in); goto end; } } req=PEM_read_bio_X509_REQ(in,NULL,NULL,NULL); BIO_free(in); - if (req == NULL) { perror(infile); goto end; } + if (req == NULL) + { + ERR_print_errors(bio_err); + goto end; + } if ( (req->req_info == NULL) || (req->req_info->pubkey == NULL) || @@ -511,9 +543,8 @@ bad: } else BIO_printf(bio_err,"Signature ok\n"); - - X509_NAME_oneline(req->req_info->subject,buf,256); - BIO_printf(bio_err,"subject=%s\n",buf); + + print_name(bio_err, "subject=", X509_REQ_get_subject_name(req), nmflag); if ((x=X509_new()) == NULL) goto end; ci=x->cert_info; @@ -530,12 +561,12 @@ bad: EVP_PKEY_free(pkey); } else - x=load_cert(infile,informat); + x=load_cert(bio_err,infile,informat); if (x == NULL) goto end; if (CA_flag) { - xca=load_cert(CAfile,CAformat); + xca=load_cert(bio_err,CAfile,CAformat); if (xca == NULL) goto end; } @@ -551,7 +582,15 @@ bad: goto end; } if (outfile == NULL) + { BIO_set_fp(out,stdout,BIO_NOCLOSE); +#ifdef VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + } else { if (BIO_write_filename(out,outfile) <= 0) @@ -562,24 +601,28 @@ bad: } } - if(alias) X509_alias_set1(x, (unsigned char *)alias, -1); + if (alias) X509_alias_set1(x, (unsigned char *)alias, -1); - if(clrtrust) X509_trust_clear(x); - if(clrreject) X509_reject_clear(x); + if (clrtrust) X509_trust_clear(x); + if (clrreject) X509_reject_clear(x); - if(trust) { - for(i = 0; i < sk_ASN1_OBJECT_num(trust); i++) { + if (trust) + { + for (i = 0; i < sk_ASN1_OBJECT_num(trust); i++) + { objtmp = sk_ASN1_OBJECT_value(trust, i); X509_add1_trust_object(x, objtmp); + } } - } - if(reject) { - for(i = 0; i < sk_ASN1_OBJECT_num(reject); i++) { + if (reject) + { + for (i = 0; i < sk_ASN1_OBJECT_num(reject); i++) + { objtmp = sk_ASN1_OBJECT_value(reject, i); X509_add1_reject_object(x, objtmp); + } } - } if (num) { @@ -587,15 +630,13 @@ bad: { if (issuer == i) { - X509_NAME_oneline(X509_get_issuer_name(x), - buf,256); - BIO_printf(STDout,"issuer= %s\n",buf); + print_name(STDout, "issuer= ", + X509_get_issuer_name(x), nmflag); } else if (subject == i) { - X509_NAME_oneline(X509_get_subject_name(x), - buf,256); - BIO_printf(STDout,"subject=%s\n",buf); + print_name(STDout, "subject= ", + X509_get_subject_name(x), nmflag); } else if (serial == i) { @@ -603,11 +644,20 @@ bad: i2a_ASN1_INTEGER(STDout,x->cert_info->serialNumber); BIO_printf(STDout,"\n"); } + else if (email == i) + { + int j; + STACK *emlst; + emlst = X509_get1_email(x); + for (j = 0; j < sk_num(emlst); j++) + BIO_printf(STDout, "%s\n", sk_value(emlst, j)); + X509_email_free(emlst); + } else if (aliasout == i) { unsigned char *alstr; alstr = X509_alias_get0(x, NULL); - if(alstr) BIO_printf(STDout,"%s\n", alstr); + if (alstr) BIO_printf(STDout,"%s\n", alstr); else BIO_puts(STDout,"<No Alias>\n"); } else if (hash == i) @@ -619,7 +669,7 @@ bad: X509_PURPOSE *ptmp; int j; BIO_printf(STDout, "Certificate purposes:\n"); - for(j = 0; j < X509_PURPOSE_get_count(); j++) + for (j = 0; j < X509_PURPOSE_get_count(); j++) { ptmp = X509_PURPOSE_get0(j); purpose_print(STDout, x, ptmp); @@ -682,7 +732,7 @@ bad: BIO_printf(STDout,"/* issuer :%s */\n",buf); z=i2d_X509(x,NULL); - m=Malloc(z); + m=OPENSSL_malloc(z); d=(unsigned char *)m; z=i2d_X509_NAME(X509_get_subject_name(x),&d); @@ -720,7 +770,7 @@ bad: if (y%16 != 0) BIO_printf(STDout,"\n"); BIO_printf(STDout,"};\n"); - Free(m); + OPENSSL_free(m); } else if (text == i) { @@ -765,7 +815,8 @@ bad: BIO_printf(bio_err,"Getting Private key\n"); if (Upkey == NULL) { - Upkey=load_key(keyfile,keyformat, passin); + Upkey=load_key(bio_err, + keyfile,keyformat, passin); if (Upkey == NULL) goto end; } #ifndef NO_DSA @@ -782,7 +833,8 @@ bad: BIO_printf(bio_err,"Getting CA Private Key\n"); if (CAkeyfile != NULL) { - CApkey=load_key(CAkeyfile,CAkeyformat, passin); + CApkey=load_key(bio_err, + CAkeyfile,CAkeyformat, passin); if (CApkey == NULL) goto end; } #ifndef NO_DSA @@ -808,7 +860,8 @@ bad: } else { - pk=load_key(keyfile,FORMAT_PEM, passin); + pk=load_key(bio_err, + keyfile,FORMAT_PEM, passin); if (pk == NULL) goto end; } @@ -834,6 +887,23 @@ bad: } } + if (checkend) + { + time_t tnow=time(NULL); + + if (ASN1_UTCTIME_cmp_time_t(X509_get_notAfter(x), tnow+checkoffset) == -1) + { + BIO_printf(out,"Certificate will expire\n"); + ret=1; + } + else + { + BIO_printf(out,"Certificate will not expire\n"); + ret=0; + } + goto end; + } + if (noout) { ret=0; @@ -842,16 +912,18 @@ bad: if (outformat == FORMAT_ASN1) i=i2d_X509_bio(out,x); - else if (outformat == FORMAT_PEM) { - if(trustout) i=PEM_write_bio_X509_AUX(out,x); + else if (outformat == FORMAT_PEM) + { + if (trustout) i=PEM_write_bio_X509_AUX(out,x); else i=PEM_write_bio_X509(out,x); - } else if (outformat == FORMAT_NETSCAPE) + } + else if (outformat == FORMAT_NETSCAPE) { ASN1_HEADER ah; ASN1_OCTET_STRING os; - os.data=(unsigned char *)CERT_HDR; - os.length=strlen(CERT_HDR); + os.data=(unsigned char *)NETSCAPE_CERT_HDR; + os.length=strlen(NETSCAPE_CERT_HDR); ah.header= &os; ah.data=(char *)x; ah.meth=X509_asn1_meth(); @@ -863,7 +935,8 @@ bad: BIO_printf(bio_err,"bad output format specified for outfile\n"); goto end; } - if (!i) { + if (!i) + { BIO_printf(bio_err,"unable to write certificate\n"); ERR_print_errors(bio_err); goto end; @@ -874,8 +947,8 @@ end: app_RAND_write_file(NULL, bio_err); OBJ_cleanup(); CONF_free(extconf); - BIO_free(out); - BIO_free(STDout); + BIO_free_all(out); + BIO_free_all(STDout); X509_STORE_free(ctx); X509_REQ_free(req); X509_free(x); @@ -885,7 +958,7 @@ end: X509_REQ_free(rq); sk_ASN1_OBJECT_pop_free(trust, ASN1_OBJECT_free); sk_ASN1_OBJECT_pop_free(reject, ASN1_OBJECT_free); - if(passin) Free(passin); + if (passin) OPENSSL_free(passin); EXIT(ret); } @@ -907,7 +980,7 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest, EVP_PKEY_free(upkey); X509_STORE_CTX_init(&xsc,ctx,x,NULL); - buf=Malloc(EVP_PKEY_size(pkey)*2+ + buf=OPENSSL_malloc(EVP_PKEY_size(pkey)*2+ ((serialfile == NULL) ?(strlen(CAfile)+strlen(POSTFIX)+1) :(strlen(serialfile)))+1); @@ -1012,17 +1085,19 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest, if (X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days) == NULL) goto end; - if(clrext) { - while(X509_get_ext_count(x) > 0) X509_delete_ext(x, 0); - } + if (clrext) + { + while (X509_get_ext_count(x) > 0) X509_delete_ext(x, 0); + } - if(conf) { + if (conf) + { X509V3_CTX ctx2; X509_set_version(x,2); /* version 3 certificate */ X509V3_set_ctx(&ctx2, xca, x, NULL, NULL, 0); X509V3_set_conf_lhash(&ctx2, conf); - if(!X509V3_EXT_add_conf(conf, &ctx2, section, x)) goto end; - } + if (!X509V3_EXT_add_conf(conf, &ctx2, section, x)) goto end; + } if (!X509_sign(x,pkey,digest)) goto end; ret=1; @@ -1030,16 +1105,15 @@ end: X509_STORE_CTX_cleanup(&xsc); if (!ret) ERR_print_errors(bio_err); - if (buf != NULL) Free(buf); + if (buf != NULL) OPENSSL_free(buf); if (bs != NULL) ASN1_INTEGER_free(bs); if (io != NULL) BIO_free(io); if (serial != NULL) BN_free(serial); - return(ret); + return ret; } static int MS_CALLBACK callb(int ok, X509_STORE_CTX *ctx) { - char buf[256]; int err; X509 *err_cert; @@ -1048,7 +1122,7 @@ static int MS_CALLBACK callb(int ok, X509_STORE_CTX *ctx) * final ok == 1 calls to this function */ err=X509_STORE_CTX_get_error(ctx); if (err == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) - return(1); + return 1; /* BAD we should have gotten an error. Normally if everything * worked X509_STORE_CTX_get_error(ctx) will still be set to @@ -1056,147 +1130,19 @@ static int MS_CALLBACK callb(int ok, X509_STORE_CTX *ctx) if (ok) { BIO_printf(bio_err,"error with certificate to be certified - should be self signed\n"); - return(0); + return 0; } else { err_cert=X509_STORE_CTX_get_current_cert(ctx); - X509_NAME_oneline(X509_get_subject_name(err_cert),buf,256); - BIO_printf(bio_err,"%s\n",buf); + print_name(bio_err, NULL, X509_get_subject_name(err_cert),0); BIO_printf(bio_err,"error with certificate - error %d at depth %d\n%s\n", err,X509_STORE_CTX_get_error_depth(ctx), X509_verify_cert_error_string(err)); - return(1); + return 1; } } -static EVP_PKEY *load_key(char *file, int format, char *passin) - { - BIO *key=NULL; - EVP_PKEY *pkey=NULL; - - if (file == NULL) - { - BIO_printf(bio_err,"no keyfile specified\n"); - goto end; - } - key=BIO_new(BIO_s_file()); - if (key == NULL) - { - ERR_print_errors(bio_err); - goto end; - } - if (BIO_read_filename(key,file) <= 0) - { - perror(file); - goto end; - } - if (format == FORMAT_ASN1) - { - pkey=d2i_PrivateKey_bio(key, NULL); - } - else if (format == FORMAT_PEM) - { - pkey=PEM_read_bio_PrivateKey(key,NULL,NULL,passin); - } - else - { - BIO_printf(bio_err,"bad input format specified for key\n"); - goto end; - } -end: - if (key != NULL) BIO_free(key); - if (pkey == NULL) - BIO_printf(bio_err,"unable to load Private Key\n"); - return(pkey); - } - -static X509 *load_cert(char *file, int format) - { - ASN1_HEADER *ah=NULL; - BUF_MEM *buf=NULL; - X509 *x=NULL; - BIO *cert; - - if ((cert=BIO_new(BIO_s_file())) == NULL) - { - ERR_print_errors(bio_err); - goto end; - } - - if (file == NULL) - BIO_set_fp(cert,stdin,BIO_NOCLOSE); - else - { - if (BIO_read_filename(cert,file) <= 0) - { - perror(file); - goto end; - } - } - if (format == FORMAT_ASN1) - x=d2i_X509_bio(cert,NULL); - else if (format == FORMAT_NETSCAPE) - { - unsigned char *p,*op; - int size=0,i; - - /* We sort of have to do it this way because it is sort of nice - * to read the header first and check it, then - * try to read the certificate */ - buf=BUF_MEM_new(); - for (;;) - { - if ((buf == NULL) || (!BUF_MEM_grow(buf,size+1024*10))) - goto end; - i=BIO_read(cert,&(buf->data[size]),1024*10); - size+=i; - if (i == 0) break; - if (i < 0) - { - perror("reading certificate"); - goto end; - } - } - p=(unsigned char *)buf->data; - op=p; - - /* First load the header */ - if ((ah=d2i_ASN1_HEADER(NULL,&p,(long)size)) == NULL) - goto end; - if ((ah->header == NULL) || (ah->header->data == NULL) || - (strncmp(CERT_HDR,(char *)ah->header->data, - ah->header->length) != 0)) - { - BIO_printf(bio_err,"Error reading header on certificate\n"); - goto end; - } - /* header is ok, so now read the object */ - p=op; - ah->meth=X509_asn1_meth(); - if ((ah=d2i_ASN1_HEADER(&ah,&p,(long)size)) == NULL) - goto end; - x=(X509 *)ah->data; - ah->data=NULL; - } - else if (format == FORMAT_PEM) - x=PEM_read_bio_X509_AUX(cert,NULL,NULL,NULL); - else { - BIO_printf(bio_err,"bad input format specified for input cert\n"); - goto end; - } -end: - if (x == NULL) - { - BIO_printf(bio_err,"unable to load certificate\n"); - ERR_print_errors(bio_err); - } - if (ah != NULL) ASN1_HEADER_free(ah); - if (cert != NULL) BIO_free(cert); - if (buf != NULL) BUF_MEM_free(buf); - return(x); - } - /* self sign */ static int sign(X509 *x, EVP_PKEY *pkey, int days, int clrext, const EVP_MD *digest, LHASH *conf, char *section) @@ -1220,21 +1166,23 @@ static int sign(X509 *x, EVP_PKEY *pkey, int days, int clrext, const EVP_MD *dig goto err; if (!X509_set_pubkey(x,pkey)) goto err; - if(clrext) { - while(X509_get_ext_count(x) > 0) X509_delete_ext(x, 0); - } - if(conf) { + if (clrext) + { + while (X509_get_ext_count(x) > 0) X509_delete_ext(x, 0); + } + if (conf) + { X509V3_CTX ctx; X509_set_version(x,2); /* version 3 certificate */ X509V3_set_ctx(&ctx, x, x, NULL, NULL, 0); X509V3_set_conf_lhash(&ctx, conf); - if(!X509V3_EXT_add_conf(conf, &ctx, section, x)) goto err; - } + if (!X509V3_EXT_add_conf(conf, &ctx, section, x)) goto err; + } if (!X509_sign(x,pkey,digest)) goto err; - return(1); + return 1; err: ERR_print_errors(bio_err); - return(0); + return 0; } static int purpose_print(BIO *bio, X509 *cert, X509_PURPOSE *pt) @@ -1243,13 +1191,14 @@ static int purpose_print(BIO *bio, X509 *cert, X509_PURPOSE *pt) char *pname; id = X509_PURPOSE_get_id(pt); pname = X509_PURPOSE_get0_name(pt); - for(i = 0; i < 2; i++) { + for (i = 0; i < 2; i++) + { idret = X509_check_purpose(cert, id, i); BIO_printf(bio, "%s%s : ", pname, i ? " CA" : ""); - if(idret == 1) BIO_printf(bio, "Yes\n"); + if (idret == 1) BIO_printf(bio, "Yes\n"); else if (idret == 0) BIO_printf(bio, "No\n"); else BIO_printf(bio, "Yes (WARNING code=%d)\n", idret); - } + } return 1; } |
