summaryrefslogtreecommitdiffstats
path: root/crypto
diff options
context:
space:
mode:
authorkris <kris@FreeBSD.org>2000-11-13 02:20:29 +0000
committerkris <kris@FreeBSD.org>2000-11-13 02:20:29 +0000
commit76c54c9ba38450a69a291e1a8616ef6e229043ef (patch)
treec19c2ee5abe6e2e8f31ea9f0df8dc01f357bb10a /crypto
parentf6480205844e67624afaf36e515671962f3ff825 (diff)
downloadFreeBSD-src-76c54c9ba38450a69a291e1a8616ef6e229043ef.zip
FreeBSD-src-76c54c9ba38450a69a291e1a8616ef6e229043ef.tar.gz
Resolve conflicts, and garbage collect some local changes that are no
longer required
Diffstat (limited to 'crypto')
-rw-r--r--crypto/openssl/apps/speed.c520
-rw-r--r--crypto/openssl/crypto/des/des.h9
-rw-r--r--crypto/openssl/crypto/err/err_all.c9
-rw-r--r--crypto/openssl/crypto/evp/evp.h133
-rw-r--r--crypto/openssl/crypto/idea/i_cbc.c4
-rw-r--r--crypto/openssl/crypto/idea/i_cfb64.c6
-rw-r--r--crypto/openssl/crypto/idea/i_ecb.c2
-rw-r--r--crypto/openssl/crypto/idea/i_ofb64.c5
-rw-r--r--crypto/openssl/crypto/idea/i_skey.c2
-rw-r--r--crypto/openssl/crypto/idea/idea.h18
-rw-r--r--crypto/openssl/crypto/rsa/rsa.h24
-rw-r--r--crypto/openssl/crypto/rsa/rsa_eay.c26
-rw-r--r--crypto/openssl/crypto/rsa/rsa_lib.c33
-rw-r--r--crypto/openssl/ssl/s23_clnt.c4
-rw-r--r--crypto/openssl/ssl/s23_srvr.c32
-rw-r--r--crypto/openssl/ssl/s2_clnt.c1
-rw-r--r--crypto/openssl/ssl/s2_enc.c4
-rw-r--r--crypto/openssl/ssl/s2_lib.c20
-rw-r--r--crypto/openssl/ssl/s2_srvr.c4
-rw-r--r--crypto/openssl/util/pl/Mingw32.pl29
20 files changed, 616 insertions, 269 deletions
diff --git a/crypto/openssl/apps/speed.c b/crypto/openssl/apps/speed.c
index 094326c..156d19f 100644
--- a/crypto/openssl/apps/speed.c
+++ b/crypto/openssl/apps/speed.c
@@ -84,16 +84,25 @@
#include <openssl/rand.h>
#include <openssl/err.h>
-#if !defined(MSDOS) && (!defined(VMS) || defined(__DECC))
-#define TIMES
+#if defined(__FreeBSD__)
+# define USE_TOD
+#elif !defined(MSDOS) && (!defined(VMS) || defined(__DECC))
+# define TIMES
+#endif
+#if !defined(_UNICOS) && !defined(__OpenBSD__) && !defined(sgi) && !defined(__FreeBSD__) && !(defined(__bsdi) || defined(__bsdi__)) && !defined(_AIX) && !defined(MPE)
+# define TIMEB
#endif
#ifndef _IRIX
-#include <time.h>
+# include <time.h>
#endif
#ifdef TIMES
-#include <sys/types.h>
-#include <sys/times.h>
+# include <sys/types.h>
+# include <sys/times.h>
+#endif
+#ifdef USE_TOD
+# include <sys/time.h>
+# include <sys/resource.h>
#endif
/* Depending on the VMS version, the tms structure is perhaps defined.
@@ -104,10 +113,14 @@
#undef TIMES
#endif
-#ifndef TIMES
+#ifdef TIMEB
#include <sys/timeb.h>
#endif
+#if !defined(TIMES) && !defined(TIMEB) && !defined(USE_TOD)
+#error "It seems neither struct tms nor struct timeb is supported in this platform!"
+#endif
+
#if defined(sun) || defined(__ultrix)
#define _POSIX_SOURCE
#include <limits.h>
@@ -123,6 +136,9 @@
#ifndef NO_MDC2
#include <openssl/mdc2.h>
#endif
+#ifndef NO_MD4
+#include <openssl/md4.h>
+#endif
#ifndef NO_MD5
#include <openssl/md5.h>
#endif
@@ -180,7 +196,7 @@
#define BUFSIZE ((long)1024*8+1)
int run=0;
-static double Time_F(int s);
+static double Time_F(int s, int usertime);
static void print_message(char *s,long num,int length);
static void pkey_print_message(char *str,char *str2,long num,int bits,int sec);
#ifdef SIGALRM
@@ -204,39 +220,91 @@ static SIGRETTYPE sig_done(int sig)
#define START 0
#define STOP 1
-static double Time_F(int s)
+static double Time_F(int s, int usertime)
{
double ret;
-#ifdef TIMES
- static struct tms tstart,tend;
- if (s == START)
- {
- times(&tstart);
- return(0);
+#ifdef USE_TOD
+ if(usertime)
+ {
+ static struct rusage tstart,tend;
+
+ if (s == START)
+ {
+ getrusage(RUSAGE_SELF,&tstart);
+ return(0);
+ }
+ else
+ {
+ long i;
+
+ getrusage(RUSAGE_SELF,&tend);
+ i=(long)tend.ru_utime.tv_usec-(long)tstart.ru_utime.tv_usec;
+ ret=((double)(tend.ru_utime.tv_sec-tstart.ru_utime.tv_sec))
+ +((double)i)/1000000.0;
+ return((ret < 0.001)?0.001:ret);
+ }
}
else
{
- times(&tend);
- ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
- return((ret < 1e-3)?1e-3:ret);
- }
-#else /* !times() */
- static struct timeb tstart,tend;
- long i;
+ static struct timeval tstart,tend;
+ long i;
- if (s == START)
+ if (s == START)
+ {
+ gettimeofday(&tstart,NULL);
+ return(0);
+ }
+ else
+ {
+ gettimeofday(&tend,NULL);
+ i=(long)tend.tv_usec-(long)tstart.tv_usec;
+ ret=((double)(tend.tv_sec-tstart.tv_sec))+((double)i)/1000000.0;
+ return((ret < 0.001)?0.001:ret);
+ }
+ }
+#else /* ndef USE_TOD */
+
+# ifdef TIMES
+ if (usertime)
{
- ftime(&tstart);
- return(0);
+ static struct tms tstart,tend;
+
+ if (s == START)
+ {
+ times(&tstart);
+ return(0);
+ }
+ else
+ {
+ times(&tend);
+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+ return((ret < 1e-3)?1e-3:ret);
+ }
}
+# endif /* times() */
+# if defined(TIMES) && defined(TIMEB)
else
+# endif
+# ifdef TIMEB
{
- ftime(&tend);
- i=(long)tend.millitm-(long)tstart.millitm;
- ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
- return((ret < 0.001)?0.001:ret);
+ static struct timeb tstart,tend;
+ long i;
+
+ if (s == START)
+ {
+ ftime(&tstart);
+ return(0);
+ }
+ else
+ {
+ ftime(&tend);
+ i=(long)tend.millitm-(long)tstart.millitm;
+ ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
+ return((ret < 0.001)?0.001:ret);
+ }
}
+# endif
#endif
}
@@ -246,19 +314,22 @@ int MAIN(int argc, char **argv)
{
unsigned char *buf=NULL,*buf2=NULL;
int mret=1;
-#define ALGOR_NUM 14
+#define ALGOR_NUM 15
#define SIZE_NUM 5
#define RSA_NUM 4
#define DSA_NUM 3
long count,rsa_count;
int i,j,k;
- unsigned rsa_num,rsa_num2;
+ unsigned rsa_num;
#ifndef NO_MD2
unsigned char md2[MD2_DIGEST_LENGTH];
#endif
#ifndef NO_MDC2
unsigned char mdc2[MDC2_DIGEST_LENGTH];
#endif
+#ifndef NO_MD4
+ unsigned char md4[MD4_DIGEST_LENGTH];
+#endif
#ifndef NO_MD5
unsigned char md5[MD5_DIGEST_LENGTH];
unsigned char hmac[MD5_DIGEST_LENGTH];
@@ -300,23 +371,24 @@ int MAIN(int argc, char **argv)
#endif
#define D_MD2 0
#define D_MDC2 1
-#define D_MD5 2
-#define D_HMAC 3
-#define D_SHA1 4
-#define D_RMD160 5
-#define D_RC4 6
-#define D_CBC_DES 7
-#define D_EDE3_DES 8
-#define D_CBC_IDEA 9
-#define D_CBC_RC2 10
-#define D_CBC_RC5 11
-#define D_CBC_BF 12
-#define D_CBC_CAST 13
+#define D_MD4 2
+#define D_MD5 3
+#define D_HMAC 4
+#define D_SHA1 5
+#define D_RMD160 6
+#define D_RC4 7
+#define D_CBC_DES 8
+#define D_EDE3_DES 9
+#define D_CBC_IDEA 10
+#define D_CBC_RC2 11
+#define D_CBC_RC5 12
+#define D_CBC_BF 13
+#define D_CBC_CAST 14
double d,results[ALGOR_NUM][SIZE_NUM];
static int lengths[SIZE_NUM]={8,64,256,1024,8*1024};
long c[ALGOR_NUM][SIZE_NUM];
static char *names[ALGOR_NUM]={
- "md2","mdc2","md5","hmac(md5)","sha1","rmd160","rc4",
+ "md2","mdc2","md4","md5","hmac(md5)","sha1","rmd160","rc4",
"des cbc","des ede3","idea cbc",
"rc2 cbc","rc5-32/12 cbc","blowfish cbc","cast cbc"};
#define R_DSA_512 0
@@ -347,6 +419,11 @@ int MAIN(int argc, char **argv)
int dsa_doit[DSA_NUM];
int doit[ALGOR_NUM];
int pr_header=0;
+ int usertime=1;
+
+#ifndef TIMES
+ usertime=-1;
+#endif
apps_startup();
memset(results, 0, sizeof(results));
@@ -364,7 +441,7 @@ int MAIN(int argc, char **argv)
rsa_key[i]=NULL;
#endif
- if ((buf=(unsigned char *)Malloc((int)BUFSIZE)) == NULL)
+ if ((buf=(unsigned char *)OPENSSL_malloc((int)BUFSIZE)) == NULL)
{
BIO_printf(bio_err,"out of memory\n");
goto end;
@@ -372,7 +449,7 @@ int MAIN(int argc, char **argv)
#ifndef NO_DES
buf_as_des_cblock = (des_cblock *)buf;
#endif
- if ((buf2=(unsigned char *)Malloc((int)BUFSIZE)) == NULL)
+ if ((buf2=(unsigned char *)OPENSSL_malloc((int)BUFSIZE)) == NULL)
{
BIO_printf(bio_err,"out of memory\n");
goto end;
@@ -393,6 +470,8 @@ int MAIN(int argc, char **argv)
argv++;
while (argc)
{
+ if ((argc > 0) && (strcmp(*argv,"-elapsed") == 0))
+ usertime = 0;
#ifndef NO_MD2
if (strcmp(*argv,"md2") == 0) doit[D_MD2]=1;
else
@@ -401,6 +480,10 @@ int MAIN(int argc, char **argv)
if (strcmp(*argv,"mdc2") == 0) doit[D_MDC2]=1;
else
#endif
+#ifndef NO_MD4
+ if (strcmp(*argv,"md4") == 0) doit[D_MD4]=1;
+ else
+#endif
#ifndef NO_MD5
if (strcmp(*argv,"md5") == 0) doit[D_MD5]=1;
else
@@ -433,10 +516,18 @@ int MAIN(int argc, char **argv)
else
#endif
#ifndef NO_RSA
+#ifdef RSAref
+ if (strcmp(*argv,"rsaref") == 0)
+ {
+ RSA_set_default_method(RSA_PKCS1_RSAref());
+ j--;
+ }
+ else
+#endif
#ifndef RSA_NULL
if (strcmp(*argv,"openssl") == 0)
{
- RSA_set_default_method(RSA_PKCS1());
+ RSA_set_default_method(RSA_PKCS1_SSLeay());
j--;
}
else
@@ -504,8 +595,34 @@ int MAIN(int argc, char **argv)
else
#endif
{
- BIO_printf(bio_err,"bad value, pick one of\n");
- BIO_printf(bio_err,"md2 mdc2 md5 hmac sha1 rmd160\n");
+ BIO_printf(bio_err,"Error: bad option or value\n");
+ BIO_printf(bio_err,"\n");
+ BIO_printf(bio_err,"Available values:\n");
+#ifndef NO_MD2
+ BIO_printf(bio_err,"md2 ");
+#endif
+#ifndef NO_MDC2
+ BIO_printf(bio_err,"mdc2 ");
+#endif
+#ifndef NO_MD4
+ BIO_printf(bio_err,"md4 ");
+#endif
+#ifndef NO_MD5
+ BIO_printf(bio_err,"md5 ");
+#ifndef NO_HMAC
+ BIO_printf(bio_err,"hmac ");
+#endif
+#endif
+#ifndef NO_SHA1
+ BIO_printf(bio_err,"sha1 ");
+#endif
+#ifndef NO_RIPEMD160
+ BIO_printf(bio_err,"rmd160");
+#endif
+#if !defined(NO_MD2) || !defined(NO_MDC2) || !defined(NO_MD4) || !defined(NO_MD5) || !defined(NO_SHA1) || !defined(NO_RIPEMD160)
+ BIO_printf(bio_err,"\n");
+#endif
+
#ifndef NO_IDEA
BIO_printf(bio_err,"idea-cbc ");
#endif
@@ -518,20 +635,48 @@ int MAIN(int argc, char **argv)
#ifndef NO_BF
BIO_printf(bio_err,"bf-cbc");
#endif
-#if !defined(NO_IDEA) && !defined(NO_RC2) && !defined(NO_BF) && !defined(NO_RC5)
+#if !defined(NO_IDEA) || !defined(NO_RC2) || !defined(NO_BF) || !defined(NO_RC5)
BIO_printf(bio_err,"\n");
#endif
+
BIO_printf(bio_err,"des-cbc des-ede3 ");
#ifndef NO_RC4
BIO_printf(bio_err,"rc4");
#endif
+ BIO_printf(bio_err,"\n");
+
#ifndef NO_RSA
- BIO_printf(bio_err,"\nrsa512 rsa1024 rsa2048 rsa4096\n");
+ BIO_printf(bio_err,"rsa512 rsa1024 rsa2048 rsa4096\n");
#endif
+
#ifndef NO_DSA
- BIO_printf(bio_err,"\ndsa512 dsa1024 dsa2048\n");
+ BIO_printf(bio_err,"dsa512 dsa1024 dsa2048\n");
+#endif
+
+#ifndef NO_IDEA
+ BIO_printf(bio_err,"idea ");
+#endif
+#ifndef NO_RC2
+ BIO_printf(bio_err,"rc2 ");
+#endif
+#ifndef NO_DES
+ BIO_printf(bio_err,"des ");
+#endif
+#ifndef NO_RSA
+ BIO_printf(bio_err,"rsa ");
+#endif
+#ifndef NO_BF
+ BIO_printf(bio_err,"blowfish");
+#endif
+#if !defined(NO_IDEA) || !defined(NO_RC2) || !defined(NO_DES) || !defined(NO_RSA) || !defined(NO_BF)
+ BIO_printf(bio_err,"\n");
+#endif
+
+#ifdef TIMES
+ BIO_printf(bio_err,"\n");
+ BIO_printf(bio_err,"Available options:\n");
+ BIO_printf(bio_err,"-elapsed measure time in real time instead of CPU user time.\n");
#endif
- BIO_printf(bio_err,"idea rc2 des rsa blowfish\n");
goto end;
}
argc--;
@@ -551,10 +696,13 @@ int MAIN(int argc, char **argv)
for (i=0; i<ALGOR_NUM; i++)
if (doit[i]) pr_header++;
-#ifndef TIMES
- BIO_printf(bio_err,"To get the most accurate results, try to run this\n");
- BIO_printf(bio_err,"program when this computer is idle.\n");
-#endif
+ if (usertime == 0)
+ BIO_printf(bio_err,"You have chosen to measure elapsed time instead of user CPU time.\n");
+ if (usertime <= 0)
+ {
+ BIO_printf(bio_err,"To get the most accurate results, try to run this\n");
+ BIO_printf(bio_err,"program when this computer is idle.\n");
+ }
#ifndef NO_RSA
for (i=0; i<RSA_NUM; i++)
@@ -618,14 +766,15 @@ int MAIN(int argc, char **argv)
do {
long i;
count*=2;
- Time_F(START);
+ Time_F(START,usertime);
for (i=count; i; i--)
des_ecb_encrypt(buf_as_des_cblock,buf_as_des_cblock,
&(sch[0]),DES_ENCRYPT);
- d=Time_F(STOP);
+ d=Time_F(STOP,usertime);
} while (d <3);
c[D_MD2][0]=count/10;
c[D_MDC2][0]=count/10;
+ c[D_MD4][0]=count;
c[D_MD5][0]=count;
c[D_HMAC][0]=count;
c[D_SHA1][0]=count;
@@ -643,6 +792,7 @@ int MAIN(int argc, char **argv)
{
c[D_MD2][i]=c[D_MD2][0]*4*lengths[0]/lengths[i];
c[D_MDC2][i]=c[D_MDC2][0]*4*lengths[0]/lengths[i];
+ c[D_MD4][i]=c[D_MD4][0]*4*lengths[0]/lengths[i];
c[D_MD5][i]=c[D_MD5][0]*4*lengths[0]/lengths[i];
c[D_HMAC][i]=c[D_HMAC][0]*4*lengths[0]/lengths[i];
c[D_SHA1][i]=c[D_SHA1][0]*4*lengths[0]/lengths[i];
@@ -719,10 +869,10 @@ int MAIN(int argc, char **argv)
for (j=0; j<SIZE_NUM; j++)
{
print_message(names[D_MD2],c[D_MD2][j],lengths[j]);
- Time_F(START);
+ Time_F(START,usertime);
for (count=0,run=1; COND(c[D_MD2][j]); count++)
MD2(buf,(unsigned long)lengths[j],&(md2[0]));
- d=Time_F(STOP);
+ d=Time_F(STOP,usertime);
BIO_printf(bio_err,"%ld %s's in %.2fs\n",
count,names[D_MD2],d);
results[D_MD2][j]=((double)count)/d*lengths[j];
@@ -735,10 +885,10 @@ int MAIN(int argc, char **argv)
for (j=0; j<SIZE_NUM; j++)
{
print_message(names[D_MDC2],c[D_MDC2][j],lengths[j]);
- Time_F(START);
+ Time_F(START,usertime);
for (count=0,run=1; COND(c[D_MDC2][j]); count++)
MDC2(buf,(unsigned long)lengths[j],&(mdc2[0]));
- d=Time_F(STOP);
+ d=Time_F(STOP,usertime);
BIO_printf(bio_err,"%ld %s's in %.2fs\n",
count,names[D_MDC2],d);
results[D_MDC2][j]=((double)count)/d*lengths[j];
@@ -746,16 +896,33 @@ int MAIN(int argc, char **argv)
}
#endif
+#ifndef NO_MD4
+ if (doit[D_MD4])
+ {
+ for (j=0; j<SIZE_NUM; j++)
+ {
+ print_message(names[D_MD4],c[D_MD4][j],lengths[j]);
+ Time_F(START,usertime);
+ for (count=0,run=1; COND(c[D_MD4][j]); count++)
+ MD4(&(buf[0]),(unsigned long)lengths[j],&(md4[0]));
+ d=Time_F(STOP,usertime);
+ BIO_printf(bio_err,"%ld %s's in %.2fs\n",
+ count,names[D_MD4],d);
+ results[D_MD4][j]=((double)count)/d*lengths[j];
+ }
+ }
+#endif
+
#ifndef NO_MD5
if (doit[D_MD5])
{
for (j=0; j<SIZE_NUM; j++)
{
print_message(names[D_MD5],c[D_MD5][j],lengths[j]);
- Time_F(START);
+ Time_F(START,usertime);
for (count=0,run=1; COND(c[D_MD5][j]); count++)
MD5(&(buf[0]),(unsigned long)lengths[j],&(md5[0]));
- d=Time_F(STOP);
+ d=Time_F(STOP,usertime);
BIO_printf(bio_err,"%ld %s's in %.2fs\n",
count,names[D_MD5],d);
results[D_MD5][j]=((double)count)/d*lengths[j];
@@ -773,14 +940,14 @@ int MAIN(int argc, char **argv)
for (j=0; j<SIZE_NUM; j++)
{
print_message(names[D_HMAC],c[D_HMAC][j],lengths[j]);
- Time_F(START);
+ Time_F(START,usertime);
for (count=0,run=1; COND(c[D_HMAC][j]); count++)
{
HMAC_Init(&hctx,NULL,0,NULL);
HMAC_Update(&hctx,buf,lengths[j]);
HMAC_Final(&hctx,&(hmac[0]),NULL);
}
- d=Time_F(STOP);
+ d=Time_F(STOP,usertime);
BIO_printf(bio_err,"%ld %s's in %.2fs\n",
count,names[D_HMAC],d);
results[D_HMAC][j]=((double)count)/d*lengths[j];
@@ -793,10 +960,10 @@ int MAIN(int argc, char **argv)
for (j=0; j<SIZE_NUM; j++)
{
print_message(names[D_SHA1],c[D_SHA1][j],lengths[j]);
- Time_F(START);
+ Time_F(START,usertime);
for (count=0,run=1; COND(c[D_SHA1][j]); count++)
SHA1(buf,(unsigned long)lengths[j],&(sha[0]));
- d=Time_F(STOP);
+ d=Time_F(STOP,usertime);
BIO_printf(bio_err,"%ld %s's in %.2fs\n",
count,names[D_SHA1],d);
results[D_SHA1][j]=((double)count)/d*lengths[j];
@@ -809,10 +976,10 @@ int MAIN(int argc, char **argv)
for (j=0; j<SIZE_NUM; j++)
{
print_message(names[D_RMD160],c[D_RMD160][j],lengths[j]);
- Time_F(START);
+ Time_F(START,usertime);
for (count=0,run=1; COND(c[D_RMD160][j]); count++)
RIPEMD160(buf,(unsigned long)lengths[j],&(rmd160[0]));
- d=Time_F(STOP);
+ d=Time_F(STOP,usertime);
BIO_printf(bio_err,"%ld %s's in %.2fs\n",
count,names[D_RMD160],d);
results[D_RMD160][j]=((double)count)/d*lengths[j];
@@ -825,11 +992,11 @@ int MAIN(int argc, char **argv)
for (j=0; j<SIZE_NUM; j++)
{
print_message(names[D_RC4],c[D_RC4][j],lengths[j]);
- Time_F(START);
+ Time_F(START,usertime);
for (count=0,run=1; COND(c[D_RC4][j]); count++)
RC4(&rc4_ks,(unsigned int)lengths[j],
buf,buf);
- d=Time_F(STOP);
+ d=Time_F(STOP,usertime);
BIO_printf(bio_err,"%ld %s's in %.2fs\n",
count,names[D_RC4],d);
results[D_RC4][j]=((double)count)/d*lengths[j];
@@ -842,11 +1009,11 @@ int MAIN(int argc, char **argv)
for (j=0; j<SIZE_NUM; j++)
{
print_message(names[D_CBC_DES],c[D_CBC_DES][j],lengths[j]);
- Time_F(START);
+ Time_F(START,usertime);
for (count=0,run=1; COND(c[D_CBC_DES][j]); count++)
des_ncbc_encrypt(buf,buf,lengths[j],sch,
&iv,DES_ENCRYPT);
- d=Time_F(STOP);
+ d=Time_F(STOP,usertime);
BIO_printf(bio_err,"%ld %s's in %.2fs\n",
count,names[D_CBC_DES],d);
results[D_CBC_DES][j]=((double)count)/d*lengths[j];
@@ -858,12 +1025,12 @@ int MAIN(int argc, char **argv)
for (j=0; j<SIZE_NUM; j++)
{
print_message(names[D_EDE3_DES],c[D_EDE3_DES][j],lengths[j]);
- Time_F(START);
+ Time_F(START,usertime);
for (count=0,run=1; COND(c[D_EDE3_DES][j]); count++)
des_ede3_cbc_encrypt(buf,buf,lengths[j],
sch,sch2,sch3,
&iv,DES_ENCRYPT);
- d=Time_F(STOP);
+ d=Time_F(STOP,usertime);
BIO_printf(bio_err,"%ld %s's in %.2fs\n",
count,names[D_EDE3_DES],d);
results[D_EDE3_DES][j]=((double)count)/d*lengths[j];
@@ -876,12 +1043,12 @@ int MAIN(int argc, char **argv)
for (j=0; j<SIZE_NUM; j++)
{
print_message(names[D_CBC_IDEA],c[D_CBC_IDEA][j],lengths[j]);
- Time_F(START);
+ Time_F(START,usertime);
for (count=0,run=1; COND(c[D_CBC_IDEA][j]); count++)
idea_cbc_encrypt(buf,buf,
(unsigned long)lengths[j],&idea_ks,
iv,IDEA_ENCRYPT);
- d=Time_F(STOP);
+ d=Time_F(STOP,usertime);
BIO_printf(bio_err,"%ld %s's in %.2fs\n",
count,names[D_CBC_IDEA],d);
results[D_CBC_IDEA][j]=((double)count)/d*lengths[j];
@@ -894,12 +1061,12 @@ int MAIN(int argc, char **argv)
for (j=0; j<SIZE_NUM; j++)
{
print_message(names[D_CBC_RC2],c[D_CBC_RC2][j],lengths[j]);
- Time_F(START);
+ Time_F(START,usertime);
for (count=0,run=1; COND(c[D_CBC_RC2][j]); count++)
RC2_cbc_encrypt(buf,buf,
(unsigned long)lengths[j],&rc2_ks,
iv,RC2_ENCRYPT);
- d=Time_F(STOP);
+ d=Time_F(STOP,usertime);
BIO_printf(bio_err,"%ld %s's in %.2fs\n",
count,names[D_CBC_RC2],d);
results[D_CBC_RC2][j]=((double)count)/d*lengths[j];
@@ -912,12 +1079,12 @@ int MAIN(int argc, char **argv)
for (j=0; j<SIZE_NUM; j++)
{
print_message(names[D_CBC_RC5],c[D_CBC_RC5][j],lengths[j]);
- Time_F(START);
+ Time_F(START,usertime);
for (count=0,run=1; COND(c[D_CBC_RC5][j]); count++)
RC5_32_cbc_encrypt(buf,buf,
(unsigned long)lengths[j],&rc5_ks,
iv,RC5_ENCRYPT);
- d=Time_F(STOP);
+ d=Time_F(STOP,usertime);
BIO_printf(bio_err,"%ld %s's in %.2fs\n",
count,names[D_CBC_RC5],d);
results[D_CBC_RC5][j]=((double)count)/d*lengths[j];
@@ -930,12 +1097,12 @@ int MAIN(int argc, char **argv)
for (j=0; j<SIZE_NUM; j++)
{
print_message(names[D_CBC_BF],c[D_CBC_BF][j],lengths[j]);
- Time_F(START);
+ Time_F(START,usertime);
for (count=0,run=1; COND(c[D_CBC_BF][j]); count++)
BF_cbc_encrypt(buf,buf,
(unsigned long)lengths[j],&bf_ks,
iv,BF_ENCRYPT);
- d=Time_F(STOP);
+ d=Time_F(STOP,usertime);
BIO_printf(bio_err,"%ld %s's in %.2fs\n",
count,names[D_CBC_BF],d);
results[D_CBC_BF][j]=((double)count)/d*lengths[j];
@@ -948,12 +1115,12 @@ int MAIN(int argc, char **argv)
for (j=0; j<SIZE_NUM; j++)
{
print_message(names[D_CBC_CAST],c[D_CBC_CAST][j],lengths[j]);
- Time_F(START);
+ Time_F(START,usertime);
for (count=0,run=1; COND(c[D_CBC_CAST][j]); count++)
CAST_cbc_encrypt(buf,buf,
(unsigned long)lengths[j],&cast_ks,
iv,CAST_ENCRYPT);
- d=Time_F(STOP);
+ d=Time_F(STOP,usertime);
BIO_printf(bio_err,"%ld %s's in %.2fs\n",
count,names[D_CBC_CAST],d);
results[D_CBC_CAST][j]=((double)count)/d*lengths[j];
@@ -968,49 +1135,73 @@ int MAIN(int argc, char **argv)
int ret;
if (!rsa_doit[j]) continue;
ret=RSA_sign(NID_md5_sha1, buf,36, buf2, &rsa_num, rsa_key[j]);
- pkey_print_message("private","rsa",rsa_c[j][0],rsa_bits[j],
- RSA_SECONDS);
-/* RSA_blinding_on(rsa_key[j],NULL); */
- Time_F(START);
- for (count=0,run=1; COND(rsa_c[j][0]); count++)
+ if (ret == 0)
{
- ret=RSA_sign(NID_md5_sha1, buf,36, buf2, &rsa_num,
- rsa_key[j]);
- if (ret <= 0)
+ BIO_printf(bio_err,"RSA sign failure. No RSA sign will be done.\n");
+ ERR_print_errors(bio_err);
+ rsa_count=1;
+ }
+ else
+ {
+ pkey_print_message("private","rsa",
+ rsa_c[j][0],rsa_bits[j],
+ RSA_SECONDS);
+/* RSA_blinding_on(rsa_key[j],NULL); */
+ Time_F(START,usertime);
+ for (count=0,run=1; COND(rsa_c[j][0]); count++)
{
- BIO_printf(bio_err,"RSA private encrypt failure\n");
- ERR_print_errors(bio_err);
- count=1;
- break;
+ ret=RSA_sign(NID_md5_sha1, buf,36, buf2,
+ &rsa_num, rsa_key[j]);
+ if (ret == 0)
+ {
+ BIO_printf(bio_err,
+ "RSA sign failure\n");
+ ERR_print_errors(bio_err);
+ count=1;
+ break;
+ }
}
+ d=Time_F(STOP,usertime);
+ BIO_printf(bio_err,
+ "%ld %d bit private RSA's in %.2fs\n",
+ count,rsa_bits[j],d);
+ rsa_results[j][0]=d/(double)count;
+ rsa_count=count;
}
- d=Time_F(STOP);
- BIO_printf(bio_err,"%ld %d bit private RSA's in %.2fs\n",
- count,rsa_bits[j],d);
- rsa_results[j][0]=d/(double)count;
- rsa_count=count;
#if 1
ret=RSA_verify(NID_md5_sha1, buf,36, buf2, rsa_num, rsa_key[j]);
- pkey_print_message("public","rsa",rsa_c[j][1],rsa_bits[j],
- RSA_SECONDS);
- Time_F(START);
- for (count=0,run=1; COND(rsa_c[j][1]); count++)
+ if (ret <= 0)
{
- ret=RSA_verify(NID_md5_sha1, buf,36, buf2, rsa_num,
- rsa_key[j]);
- if (ret <= 0)
+ BIO_printf(bio_err,"RSA verify failure. No RSA verify will be done.\n");
+ ERR_print_errors(bio_err);
+ dsa_doit[j] = 0;
+ }
+ else
+ {
+ pkey_print_message("public","rsa",
+ rsa_c[j][1],rsa_bits[j],
+ RSA_SECONDS);
+ Time_F(START,usertime);
+ for (count=0,run=1; COND(rsa_c[j][1]); count++)
{
- BIO_printf(bio_err,"RSA verify failure\n");
- ERR_print_errors(bio_err);
- count=1;
- break;
+ ret=RSA_verify(NID_md5_sha1, buf,36, buf2,
+ rsa_num, rsa_key[j]);
+ if (ret == 0)
+ {
+ BIO_printf(bio_err,
+ "RSA verify failure\n");
+ ERR_print_errors(bio_err);
+ count=1;
+ break;
+ }
}
+ d=Time_F(STOP,usertime);
+ BIO_printf(bio_err,
+ "%ld %d bit public RSA's in %.2fs\n",
+ count,rsa_bits[j],d);
+ rsa_results[j][1]=d/(double)count;
}
- d=Time_F(STOP);
- BIO_printf(bio_err,"%ld %d bit public RSA's in %.2fs\n",
- count,rsa_bits[j],d);
- rsa_results[j][1]=d/(double)count;
#endif
if (rsa_count <= 1)
@@ -1032,54 +1223,77 @@ int MAIN(int argc, char **argv)
for (j=0; j<DSA_NUM; j++)
{
unsigned int kk;
+ int ret;
if (!dsa_doit[j]) continue;
DSA_generate_key(dsa_key[j]);
/* DSA_sign_setup(dsa_key[j],NULL); */
- rsa_num=DSA_sign(EVP_PKEY_DSA,buf,20,buf2,
+ ret=DSA_sign(EVP_PKEY_DSA,buf,20,buf2,
&kk,dsa_key[j]);
- pkey_print_message("sign","dsa",dsa_c[j][0],dsa_bits[j],
- DSA_SECONDS);
- Time_F(START);
- for (count=0,run=1; COND(dsa_c[j][0]); count++)
+ if (ret == 0)
{
- rsa_num=DSA_sign(EVP_PKEY_DSA,buf,20,buf2,
- &kk,dsa_key[j]);
- if (rsa_num == 0)
+ BIO_printf(bio_err,"DSA sign failure. No DSA sign will be done.\n");
+ ERR_print_errors(bio_err);
+ rsa_count=1;
+ }
+ else
+ {
+ pkey_print_message("sign","dsa",
+ dsa_c[j][0],dsa_bits[j],
+ DSA_SECONDS);
+ Time_F(START,usertime);
+ for (count=0,run=1; COND(dsa_c[j][0]); count++)
{
- BIO_printf(bio_err,"DSA sign failure\n");
- ERR_print_errors(bio_err);
- count=1;
- break;
+ ret=DSA_sign(EVP_PKEY_DSA,buf,20,buf2,
+ &kk,dsa_key[j]);
+ if (ret == 0)
+ {
+ BIO_printf(bio_err,
+ "DSA sign failure\n");
+ ERR_print_errors(bio_err);
+ count=1;
+ break;
+ }
}
+ d=Time_F(STOP,usertime);
+ BIO_printf(bio_err,"%ld %d bit DSA signs in %.2fs\n",
+ count,dsa_bits[j],d);
+ dsa_results[j][0]=d/(double)count;
+ rsa_count=count;
}
- d=Time_F(STOP);
- BIO_printf(bio_err,"%ld %d bit DSA signs in %.2fs\n",
- count,dsa_bits[j],d);
- dsa_results[j][0]=d/(double)count;
- rsa_count=count;
- rsa_num2=DSA_verify(EVP_PKEY_DSA,buf,20,buf2,
+ ret=DSA_verify(EVP_PKEY_DSA,buf,20,buf2,
kk,dsa_key[j]);
- pkey_print_message("verify","dsa",dsa_c[j][1],dsa_bits[j],
- DSA_SECONDS);
- Time_F(START);
- for (count=0,run=1; COND(dsa_c[j][1]); count++)
+ if (ret <= 0)
+ {
+ BIO_printf(bio_err,"DSA verify failure. No DSA verify will be done.\n");
+ ERR_print_errors(bio_err);
+ dsa_doit[j] = 0;
+ }
+ else
{
- rsa_num2=DSA_verify(EVP_PKEY_DSA,buf,20,buf2,
- kk,dsa_key[j]);
- if (rsa_num2 == 0)
+ pkey_print_message("verify","dsa",
+ dsa_c[j][1],dsa_bits[j],
+ DSA_SECONDS);
+ Time_F(START,usertime);
+ for (count=0,run=1; COND(dsa_c[j][1]); count++)
{
- BIO_printf(bio_err,"DSA verify failure\n");
- ERR_print_errors(bio_err);
- count=1;
- break;
+ ret=DSA_verify(EVP_PKEY_DSA,buf,20,buf2,
+ kk,dsa_key[j]);
+ if (ret <= 0)
+ {
+ BIO_printf(bio_err,
+ "DSA verify failure\n");
+ ERR_print_errors(bio_err);
+ count=1;
+ break;
+ }
}
+ d=Time_F(STOP,usertime);
+ BIO_printf(bio_err,"%ld %d bit DSA verify in %.2fs\n",
+ count,dsa_bits[j],d);
+ dsa_results[j][1]=d/(double)count;
}
- d=Time_F(STOP);
- BIO_printf(bio_err,"%ld %d bit DSA verify in %.2fs\n",
- count,dsa_bits[j],d);
- dsa_results[j][1]=d/(double)count;
if (rsa_count <= 1)
{
@@ -1167,8 +1381,8 @@ int MAIN(int argc, char **argv)
#endif
mret=0;
end:
- if (buf != NULL) Free(buf);
- if (buf2 != NULL) Free(buf2);
+ if (buf != NULL) OPENSSL_free(buf);
+ if (buf2 != NULL) OPENSSL_free(buf2);
#ifndef NO_RSA
for (i=0; i<RSA_NUM; i++)
if (rsa_key[i] != NULL)
diff --git a/crypto/openssl/crypto/des/des.h b/crypto/openssl/crypto/des/des.h
index 9b93340..502d5c1 100644
--- a/crypto/openssl/crypto/des/des.h
+++ b/crypto/openssl/crypto/des/des.h
@@ -60,10 +60,6 @@
#ifndef HEADER_DES_H
#define HEADER_DES_H
-#ifdef __cplusplus
-extern "C" {
-#endif
-
#ifdef NO_DES
#error DES is disabled.
#endif
@@ -72,10 +68,13 @@ extern "C" {
#error <openssl/des.h> replaces <kerberos/des.h>.
#endif
-#include <stdio.h>
#include <openssl/opensslconf.h> /* DES_LONG */
#include <openssl/e_os2.h> /* OPENSSL_EXTERN */
+#ifdef __cplusplus
+extern "C" {
+#endif
+
typedef unsigned char des_cblock[8];
typedef /* const */ unsigned char const_des_cblock[8];
/* With "const", gcc 2.8.1 on Solaris thinks that des_cblock *
diff --git a/crypto/openssl/crypto/err/err_all.c b/crypto/openssl/crypto/err/err_all.c
index 18a2cb3..5449a31 100644
--- a/crypto/openssl/crypto/err/err_all.c
+++ b/crypto/openssl/crypto/err/err_all.c
@@ -65,6 +65,9 @@
#ifndef NO_RSA
#include <openssl/rsa.h>
#endif
+#ifdef RSAref
+#include <openssl/rsaref.h>
+#endif
#ifndef NO_DH
#include <openssl/dh.h>
#endif
@@ -80,6 +83,7 @@
#include <openssl/pkcs12.h>
#include <openssl/rand.h>
#include <openssl/err.h>
+#include <openssl/dso.h>
void ERR_load_crypto_strings(void)
{
@@ -94,8 +98,12 @@ void ERR_load_crypto_strings(void)
ERR_load_BIO_strings();
ERR_load_CONF_strings();
#ifndef NO_RSA
+#ifdef RSAref
+ ERR_load_RSAREF_strings();
+#else
ERR_load_RSA_strings();
#endif
+#endif
#ifndef NO_DH
ERR_load_DH_strings();
#endif
@@ -112,5 +120,6 @@ void ERR_load_crypto_strings(void)
ERR_load_PKCS7_strings();
ERR_load_PKCS12_strings();
ERR_load_RAND_strings();
+ ERR_load_DSO_strings();
#endif
}
diff --git a/crypto/openssl/crypto/evp/evp.h b/crypto/openssl/crypto/evp/evp.h
index 39969c2..d224551 100644
--- a/crypto/openssl/crypto/evp/evp.h
+++ b/crypto/openssl/crypto/evp/evp.h
@@ -61,13 +61,23 @@
#ifndef HEADER_ENVELOPE_H
#define HEADER_ENVELOPE_H
-#ifdef __cplusplus
-extern "C" {
+#ifdef OPENSSL_ALGORITHM_DEFINES
+# include <openssl/opensslconf.h>
+#else
+# define OPENSSL_ALGORITHM_DEFINES
+# include <openssl/opensslconf.h>
+# undef OPENSSL_ALGORITHM_DEFINES
#endif
+#ifndef NO_BIO
+#include <openssl/bio.h>
+#endif
#ifndef NO_MD2
#include <openssl/md2.h>
#endif
+#ifndef NO_MD4
+#include <openssl/md4.h>
+#endif
#ifndef NO_MD5
#include <openssl/md5.h>
#endif
@@ -149,6 +159,10 @@ extern "C" {
#define EVP_PKEY_DSA4 NID_dsaWithSHA1_2
#define EVP_PKEY_DH NID_dhKeyAgreement
+#ifdef __cplusplus
+extern "C" {
+#endif
+
/* Type needs to be a bit field
* Sub-type needs to be for variations on the method, as in, can it do
* arbitrary encryption.... */
@@ -170,7 +184,7 @@ typedef struct evp_pkey_st
#endif
} pkey;
int save_parameters;
- STACK /*X509_ATTRIBUTE*/ *attributes; /* [ 0 ] */
+ STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
} EVP_PKEY;
#define EVP_PKEY_MO_SIGN 0x0001
@@ -300,6 +314,9 @@ typedef struct env_md_ctx_st
#ifndef NO_MD5
MD5_CTX md5;
#endif
+#ifndef NO_MD4
+ MD4_CTX md4;
+#endif
#ifndef NO_RIPEMD
RIPEMD160_CTX ripemd160;
#endif
@@ -312,21 +329,57 @@ typedef struct env_md_ctx_st
} md;
} EVP_MD_CTX;
-typedef struct evp_cipher_st
+typedef struct evp_cipher_st EVP_CIPHER;
+typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX;
+
+struct evp_cipher_st
{
int nid;
int block_size;
- int key_len;
+ int key_len; /* Default value for variable length ciphers */
int iv_len;
- void (*init)(); /* init for encryption */
- void (*do_cipher)(); /* encrypt data */
- void (*cleanup)(); /* used by cipher method */
+ unsigned long flags; /* Various flags */
+ int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc); /* init key */
+ int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, unsigned int inl);/* encrypt/decrypt data */
+ int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */
int ctx_size; /* how big the ctx needs to be */
- /* int set_asn1_parameters(EVP_CIPHER_CTX,ASN1_TYPE *); */
- int (*set_asn1_parameters)(); /* Populate a ASN1_TYPE with parameters */
- /* int get_asn1_parameters(EVP_CIPHER_CTX,ASN1_TYPE *); */
- int (*get_asn1_parameters)(); /* Get parameters from a ASN1_TYPE */
- } EVP_CIPHER;
+ int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */
+ int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Get parameters from a ASN1_TYPE */
+ int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr); /* Miscellaneous operations */
+ void *app_data; /* Application data */
+ };
+
+/* Values for cipher flags */
+
+/* Modes for ciphers */
+
+#define EVP_CIPH_STREAM_CIPHER 0x0
+#define EVP_CIPH_ECB_MODE 0x1
+#define EVP_CIPH_CBC_MODE 0x2
+#define EVP_CIPH_CFB_MODE 0x3
+#define EVP_CIPH_OFB_MODE 0x4
+#define EVP_CIPH_MODE 0x7
+/* Set if variable length cipher */
+#define EVP_CIPH_VARIABLE_LENGTH 0x8
+/* Set if the iv handling should be done by the cipher itself */
+#define EVP_CIPH_CUSTOM_IV 0x10
+/* Set if the cipher's init() function should be called if key is NULL */
+#define EVP_CIPH_ALWAYS_CALL_INIT 0x20
+/* Call ctrl() to init cipher parameters */
+#define EVP_CIPH_CTRL_INIT 0x40
+/* Don't use standard key length function */
+#define EVP_CIPH_CUSTOM_KEY_LENGTH 0x80
+
+/* ctrl() values */
+
+#define EVP_CTRL_INIT 0x0
+#define EVP_CTRL_SET_KEY_LENGTH 0x1
+#define EVP_CTRL_GET_RC2_KEY_BITS 0x2
+#define EVP_CTRL_SET_RC2_KEY_BITS 0x3
+#define EVP_CTRL_GET_RC5_ROUNDS 0x4
+#define EVP_CTRL_SET_RC5_ROUNDS 0x5
typedef struct evp_cipher_info_st
{
@@ -334,7 +387,7 @@ typedef struct evp_cipher_info_st
unsigned char iv[EVP_MAX_IV_LENGTH];
} EVP_CIPHER_INFO;
-typedef struct evp_cipher_ctx_st
+struct evp_cipher_ctx_st
{
const EVP_CIPHER *cipher;
int encrypt; /* encrypt or decrypt */
@@ -345,7 +398,8 @@ typedef struct evp_cipher_ctx_st
unsigned char buf[EVP_MAX_IV_LENGTH]; /* saved partial block */
int num; /* used by cfb/ofb mode */
- char *app_data; /* application stuff */
+ void *app_data; /* application stuff */
+ int key_len; /* May change for variable length cipher */
union {
#ifndef NO_RC4
struct
@@ -373,10 +427,16 @@ typedef struct evp_cipher_ctx_st
IDEA_KEY_SCHEDULE idea_ks;/* key schedule */
#endif
#ifndef NO_RC2
- RC2_KEY rc2_ks;/* key schedule */
+ struct {
+ int key_bits; /* effective key bits */
+ RC2_KEY ks;/* key schedule */
+ } rc2;
#endif
#ifndef NO_RC5
- RC5_32_KEY rc5_ks;/* key schedule */
+ struct {
+ int rounds; /* number of rounds */
+ RC5_32_KEY ks;/* key schedule */
+ } rc5;
#endif
#ifndef NO_BF
BF_KEY bf_ks;/* key schedule */
@@ -385,7 +445,7 @@ typedef struct evp_cipher_ctx_st
CAST_KEY cast_ks;/* key schedule */
#endif
} c;
- } EVP_CIPHER_CTX;
+ };
typedef struct evp_Encode_Ctx_st
{
@@ -432,15 +492,19 @@ typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
#define EVP_CIPHER_block_size(e) ((e)->block_size)
#define EVP_CIPHER_key_length(e) ((e)->key_len)
#define EVP_CIPHER_iv_length(e) ((e)->iv_len)
+#define EVP_CIPHER_flags(e) ((e)->flags)
+#define EVP_CIPHER_mode(e) ((e)->flags) & EVP_CIPH_MODE)
#define EVP_CIPHER_CTX_cipher(e) ((e)->cipher)
#define EVP_CIPHER_CTX_nid(e) ((e)->cipher->nid)
#define EVP_CIPHER_CTX_block_size(e) ((e)->cipher->block_size)
-#define EVP_CIPHER_CTX_key_length(e) ((e)->cipher->key_len)
+#define EVP_CIPHER_CTX_key_length(e) ((e)->key_len)
#define EVP_CIPHER_CTX_iv_length(e) ((e)->cipher->iv_len)
#define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data)
#define EVP_CIPHER_CTX_set_app_data(e,d) ((e)->app_data=(char *)(d))
#define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
+#define EVP_CIPHER_CTX_flags(e) ((e)->cipher->flags)
+#define EVP_CIPHER_CTX_mode(e) ((e)->cipher->flags & EVP_CIPH_MODE)
#define EVP_ENCODE_LENGTH(l) (((l+2)/3*4)+(l/48+1)*2+80)
#define EVP_DECODE_LENGTH(l) ((l+3)/4*3+80)
@@ -488,21 +552,21 @@ int EVP_BytesToKey(const EVP_CIPHER *type,EVP_MD *md,unsigned char *salt,
unsigned char *data, int datal, int count,
unsigned char *key,unsigned char *iv);
-void EVP_EncryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,
+int EVP_EncryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,
unsigned char *key, unsigned char *iv);
-void EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
int *outl, unsigned char *in, int inl);
-void EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
-void EVP_DecryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,
+int EVP_DecryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,
unsigned char *key, unsigned char *iv);
-void EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
int *outl, unsigned char *in, int inl);
int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
-void EVP_CipherInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,
+int EVP_CipherInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,
unsigned char *key,unsigned char *iv,int enc);
-void EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
int *outl, unsigned char *in, int inl);
int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
@@ -536,9 +600,11 @@ int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);
void ERR_load_EVP_strings(void );
void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
-void EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
+int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
+int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
-#ifdef HEADER_BIO_H
+#ifndef NO_BIO
BIO_METHOD *BIO_f_md(void);
BIO_METHOD *BIO_f_base64(void);
BIO_METHOD *BIO_f_cipher(void);
@@ -549,6 +615,7 @@ void BIO_set_cipher(BIO *b,const EVP_CIPHER *c,unsigned char *k,
EVP_MD *EVP_md_null(void);
EVP_MD *EVP_md2(void);
+EVP_MD *EVP_md4(void);
EVP_MD *EVP_md5(void);
EVP_MD *EVP_sha(void);
EVP_MD *EVP_sha1(void);
@@ -685,6 +752,9 @@ void EVP_PBE_cleanup(void);
/* Function codes. */
#define EVP_F_D2I_PKEY 100
+#define EVP_F_EVP_CIPHERINIT 123
+#define EVP_F_EVP_CIPHER_CTX_CTRL 124
+#define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122
#define EVP_F_EVP_DECRYPTFINAL 101
#define EVP_F_EVP_MD_CTX_COPY 110
#define EVP_F_EVP_OPENINIT 102
@@ -705,12 +775,15 @@ void EVP_PBE_cleanup(void);
#define EVP_F_PKCS5_PBE_KEYIVGEN 117
#define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118
#define EVP_F_RC2_MAGIC_TO_METH 109
+#define EVP_F_RC5_CTRL 125
/* Reason codes. */
#define EVP_R_BAD_DECRYPT 100
#define EVP_R_BN_DECODE_ERROR 112
#define EVP_R_BN_PUBKEY_ERROR 113
#define EVP_R_CIPHER_PARAMETER_ERROR 122
+#define EVP_R_CTRL_NOT_IMPLEMENTED 132
+#define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133
#define EVP_R_DECODE_ERROR 114
#define EVP_R_DIFFERENT_KEY_TYPES 101
#define EVP_R_ENCODE_ERROR 115
@@ -718,16 +791,20 @@ void EVP_PBE_cleanup(void);
#define EVP_R_EXPECTING_AN_RSA_KEY 127
#define EVP_R_EXPECTING_A_DH_KEY 128
#define EVP_R_EXPECTING_A_DSA_KEY 129
+#define EVP_R_INITIALIZATION_ERROR 134
#define EVP_R_INPUT_NOT_INITIALIZED 111
+#define EVP_R_INVALID_KEY_LENGTH 130
#define EVP_R_IV_TOO_LARGE 102
#define EVP_R_KEYGEN_FAILURE 120
#define EVP_R_MISSING_PARAMETERS 103
+#define EVP_R_NO_CIPHER_SET 131
#define EVP_R_NO_DSA_PARAMETERS 116
#define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104
#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105
#define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE 117
#define EVP_R_PUBLIC_KEY_NOT_RSA 106
#define EVP_R_UNKNOWN_PBE_ALGORITHM 121
+#define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135
#define EVP_R_UNSUPPORTED_CIPHER 107
#define EVP_R_UNSUPPORTED_KEYLENGTH 123
#define EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION 124
diff --git a/crypto/openssl/crypto/idea/i_cbc.c b/crypto/openssl/crypto/idea/i_cbc.c
index 76b6100..d141cc2 100644
--- a/crypto/openssl/crypto/idea/i_cbc.c
+++ b/crypto/openssl/crypto/idea/i_cbc.c
@@ -47,7 +47,7 @@
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
@@ -60,7 +60,7 @@
#include <openssl/idea.h>
#include "idea_lcl.h"
-void idea_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
+void idea_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int encrypt)
{
register unsigned long tin0,tin1;
diff --git a/crypto/openssl/crypto/idea/i_cfb64.c b/crypto/openssl/crypto/idea/i_cfb64.c
index 2093aaa..6f7e364 100644
--- a/crypto/openssl/crypto/idea/i_cfb64.c
+++ b/crypto/openssl/crypto/idea/i_cfb64.c
@@ -65,9 +65,9 @@
* 64bit block we have used is contained in *num;
*/
-void idea_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
- IDEA_KEY_SCHEDULE *schedule, unsigned char *ivec, int *num,
- int encrypt)
+void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, IDEA_KEY_SCHEDULE *schedule,
+ unsigned char *ivec, int *num, int encrypt)
{
register unsigned long v0,v1,t;
register int n= *num;
diff --git a/crypto/openssl/crypto/idea/i_ecb.c b/crypto/openssl/crypto/idea/i_ecb.c
index 73f684e..3789cb5 100644
--- a/crypto/openssl/crypto/idea/i_ecb.c
+++ b/crypto/openssl/crypto/idea/i_ecb.c
@@ -71,7 +71,7 @@ const char *idea_options(void)
return("idea(short)");
}
-void idea_ecb_encrypt(unsigned char *in, unsigned char *out,
+void idea_ecb_encrypt(const unsigned char *in, unsigned char *out,
IDEA_KEY_SCHEDULE *ks)
{
unsigned long l0,l1,d[2];
diff --git a/crypto/openssl/crypto/idea/i_ofb64.c b/crypto/openssl/crypto/idea/i_ofb64.c
index 41d1be8..b3397f9 100644
--- a/crypto/openssl/crypto/idea/i_ofb64.c
+++ b/crypto/openssl/crypto/idea/i_ofb64.c
@@ -64,8 +64,9 @@
* used. The extra state information to record how much of the
* 64bit block we have used is contained in *num;
*/
-void idea_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
- IDEA_KEY_SCHEDULE *schedule, unsigned char *ivec, int *num)
+void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, IDEA_KEY_SCHEDULE *schedule,
+ unsigned char *ivec, int *num)
{
register unsigned long v0,v1,t;
register int n= *num;
diff --git a/crypto/openssl/crypto/idea/i_skey.c b/crypto/openssl/crypto/idea/i_skey.c
index da2fd85..5fea5cc 100644
--- a/crypto/openssl/crypto/idea/i_skey.c
+++ b/crypto/openssl/crypto/idea/i_skey.c
@@ -61,7 +61,7 @@
#include "idea_lcl.h"
static IDEA_INT inverse(unsigned int xin);
-void idea_set_encrypt_key(unsigned char *key, IDEA_KEY_SCHEDULE *ks)
+void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks)
{
int i;
register IDEA_INT *kt,*kf,r0,r1,r2;
diff --git a/crypto/openssl/crypto/idea/idea.h b/crypto/openssl/crypto/idea/idea.h
index 38e553f..31d3c89 100644
--- a/crypto/openssl/crypto/idea/idea.h
+++ b/crypto/openssl/crypto/idea/idea.h
@@ -60,10 +60,6 @@
#ifndef HEADER_IDEA_H
#define HEADER_IDEA_H
-#ifdef __cplusplus
-extern "C" {
-#endif
-
#ifdef NO_IDEA
#error IDEA is disabled.
#endif
@@ -75,22 +71,26 @@ extern "C" {
#define IDEA_BLOCK 8
#define IDEA_KEY_LENGTH 16
+#ifdef __cplusplus
+extern "C" {
+#endif
+
typedef struct idea_key_st
{
IDEA_INT data[9][6];
} IDEA_KEY_SCHEDULE;
const char *idea_options(void);
-void idea_ecb_encrypt(unsigned char *in, unsigned char *out,
+void idea_ecb_encrypt(const unsigned char *in, unsigned char *out,
IDEA_KEY_SCHEDULE *ks);
-void idea_set_encrypt_key(unsigned char *key, IDEA_KEY_SCHEDULE *ks);
+void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks);
void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk);
-void idea_cbc_encrypt(unsigned char *in, unsigned char *out,
+void idea_cbc_encrypt(const unsigned char *in, unsigned char *out,
long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,int enc);
-void idea_cfb64_encrypt(unsigned char *in, unsigned char *out,
+void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out,
long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
int *num,int enc);
-void idea_ofb64_encrypt(unsigned char *in, unsigned char *out,
+void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out,
long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int *num);
void idea_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks);
#ifdef __cplusplus
diff --git a/crypto/openssl/crypto/rsa/rsa.h b/crypto/openssl/crypto/rsa/rsa.h
index b449228..880ebfe 100644
--- a/crypto/openssl/crypto/rsa/rsa.h
+++ b/crypto/openssl/crypto/rsa/rsa.h
@@ -60,10 +60,9 @@
#ifndef HEADER_RSA_H
#define HEADER_RSA_H
-#ifdef __cplusplus
-extern "C" {
+#ifndef NO_BIO
+#include <openssl/bio.h>
#endif
-
#include <openssl/bn.h>
#include <openssl/crypto.h>
@@ -71,6 +70,10 @@ extern "C" {
#error RSA is disabled.
#endif
+#ifdef __cplusplus
+extern "C" {
+#endif
+
typedef struct rsa_st RSA;
typedef struct rsa_meth_st
@@ -192,8 +195,11 @@ RSA_METHOD *RSA_set_method(RSA *rsa, RSA_METHOD *meth);
/* This function needs the memory locking malloc callbacks to be installed */
int RSA_memory_lock(RSA *r);
+/* If you have RSAref compiled in. */
+RSA_METHOD *RSA_PKCS1_RSAref(void);
+
/* these are the actual SSLeay RSA functions */
-RSA_METHOD *RSA_PKCS1(void);
+RSA_METHOD *RSA_PKCS1_SSLeay(void);
RSA_METHOD *RSA_null_method(void);
@@ -207,10 +213,14 @@ int i2d_RSAPrivateKey(RSA *a, unsigned char **pp);
int RSA_print_fp(FILE *fp, RSA *r,int offset);
#endif
-#ifdef HEADER_BIO_H
+#ifndef NO_BIO
int RSA_print(BIO *bp, RSA *r,int offset);
#endif
+int i2d_RSA_NET(RSA *a, unsigned char **pp, int (*cb)(), int sgckey);
+RSA *d2i_RSA_NET(RSA **a, unsigned char **pp, long length, int (*cb)(), int sgckey);
+RSA *d2i_RSA_NET_2(RSA **a, unsigned char **pp, long length, int (*cb)(), int sgckey);
+
int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)());
RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)());
/* Naughty internal function required elsewhere, to handle a MS structure
@@ -257,7 +267,6 @@ int RSA_padding_add_none(unsigned char *to,int tlen,
int RSA_padding_check_none(unsigned char *to,int tlen,
unsigned char *f,int fl,int rsa_len);
-int RSA_libversion();
int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
int RSA_set_ex_data(RSA *r,int idx,void *arg);
@@ -330,9 +339,6 @@ void *RSA_get_ex_data(RSA *r, int idx);
#define RSA_R_UNKNOWN_PADDING_TYPE 118
#define RSA_R_WRONG_SIGNATURE_LENGTH 119
-#define RSALIB_OPENSSL 1
-#define RSALIB_RSAREF 2
-
#ifdef __cplusplus
}
#endif
diff --git a/crypto/openssl/crypto/rsa/rsa_eay.c b/crypto/openssl/crypto/rsa/rsa_eay.c
index f73d7b2..8162117 100644
--- a/crypto/openssl/crypto/rsa/rsa_eay.c
+++ b/crypto/openssl/crypto/rsa/rsa_eay.c
@@ -63,6 +63,8 @@
#include <openssl/rsa.h>
#include <openssl/rand.h>
+#ifndef RSA_NULL
+
static int RSA_eay_public_encrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa,int padding);
static int RSA_eay_private_encrypt(int flen, unsigned char *from,
@@ -88,7 +90,7 @@ static RSA_METHOD rsa_pkcs1_eay_meth={
NULL,
};
-RSA_METHOD *RSA_PKCS1(void)
+RSA_METHOD *RSA_PKCS1_SSLeay(void)
{
return(&rsa_pkcs1_eay_meth);
}
@@ -105,7 +107,7 @@ static int RSA_eay_public_encrypt(int flen, unsigned char *from,
BN_init(&ret);
if ((ctx=BN_CTX_new()) == NULL) goto err;
num=BN_num_bytes(rsa->n);
- if ((buf=(unsigned char *)Malloc(num)) == NULL)
+ if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE);
goto err;
@@ -160,7 +162,7 @@ err:
if (buf != NULL)
{
memset(buf,0,num);
- Free(buf);
+ OPENSSL_free(buf);
}
return(r);
}
@@ -178,7 +180,7 @@ static int RSA_eay_private_encrypt(int flen, unsigned char *from,
if ((ctx=BN_CTX_new()) == NULL) goto err;
num=BN_num_bytes(rsa->n);
- if ((buf=(unsigned char *)Malloc(num)) == NULL)
+ if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL)
{
RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE);
goto err;
@@ -236,7 +238,7 @@ err:
if (buf != NULL)
{
memset(buf,0,num);
- Free(buf);
+ OPENSSL_free(buf);
}
return(r);
}
@@ -257,13 +259,13 @@ static int RSA_eay_private_decrypt(int flen, unsigned char *from,
num=BN_num_bytes(rsa->n);
- if ((buf=(unsigned char *)Malloc(num)) == NULL)
+ if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL)
{
RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,ERR_R_MALLOC_FAILURE);
goto err;
}
- /* This check was for equallity but PGP does evil things
+ /* This check was for equality but PGP does evil things
* and chops off the top '0' bytes */
if (flen > num)
{
@@ -329,7 +331,7 @@ err:
if (buf != NULL)
{
memset(buf,0,num);
- Free(buf);
+ OPENSSL_free(buf);
}
return(r);
}
@@ -349,14 +351,14 @@ static int RSA_eay_public_decrypt(int flen, unsigned char *from,
if (ctx == NULL) goto err;
num=BN_num_bytes(rsa->n);
- buf=(unsigned char *)Malloc(num);
+ buf=(unsigned char *)OPENSSL_malloc(num);
if (buf == NULL)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,ERR_R_MALLOC_FAILURE);
goto err;
}
- /* This check was for equallity but PGP does evil things
+ /* This check was for equality but PGP does evil things
* and chops off the top '0' bytes */
if (flen > num)
{
@@ -401,7 +403,7 @@ err:
if (buf != NULL)
{
memset(buf,0,num);
- Free(buf);
+ OPENSSL_free(buf);
}
return(r);
}
@@ -487,4 +489,4 @@ static int RSA_eay_finish(RSA *rsa)
return(1);
}
-
+#endif
diff --git a/crypto/openssl/crypto/rsa/rsa_lib.c b/crypto/openssl/crypto/rsa/rsa_lib.c
index c2a0b03..f5d1770 100644
--- a/crypto/openssl/crypto/rsa/rsa_lib.c
+++ b/crypto/openssl/crypto/rsa/rsa_lib.c
@@ -82,6 +82,19 @@ void RSA_set_default_method(RSA_METHOD *meth)
RSA_METHOD *RSA_get_default_method(void)
{
+ if (default_RSA_meth == NULL)
+ {
+#ifdef RSA_NULL
+ default_RSA_meth=RSA_null_method();
+#else
+#ifdef RSAref
+ default_RSA_meth=RSA_PKCS1_RSAref();
+#else
+ default_RSA_meth=RSA_PKCS1_SSLeay();
+#endif
+#endif
+ }
+
return default_RSA_meth;
}
@@ -104,15 +117,7 @@ RSA *RSA_new_method(RSA_METHOD *meth)
{
RSA *ret;
- if (default_RSA_meth == NULL)
- {
-#ifdef RSA_NULL
- default_RSA_meth=RSA_null_method();
-#else
- default_RSA_meth=RSA_PKCS1();
-#endif
- }
- ret=(RSA *)Malloc(sizeof(RSA));
+ ret=(RSA *)OPENSSL_malloc(sizeof(RSA));
if (ret == NULL)
{
RSAerr(RSA_F_RSA_NEW_METHOD,ERR_R_MALLOC_FAILURE);
@@ -120,7 +125,7 @@ RSA *RSA_new_method(RSA_METHOD *meth)
}
if (meth == NULL)
- ret->meth=default_RSA_meth;
+ ret->meth=RSA_get_default_method();
else
ret->meth=meth;
@@ -143,7 +148,7 @@ RSA *RSA_new_method(RSA_METHOD *meth)
ret->flags=ret->meth->flags;
if ((ret->meth->init != NULL) && !ret->meth->init(ret))
{
- Free(ret);
+ OPENSSL_free(ret);
ret=NULL;
}
else
@@ -184,8 +189,8 @@ void RSA_free(RSA *r)
if (r->dmq1 != NULL) BN_clear_free(r->dmq1);
if (r->iqmp != NULL) BN_clear_free(r->iqmp);
if (r->blinding != NULL) BN_BLINDING_free(r->blinding);
- if (r->bignum_data != NULL) Free_locked(r->bignum_data);
- Free(r);
+ if (r->bignum_data != NULL) OPENSSL_free_locked(r->bignum_data);
+ OPENSSL_free(r);
}
int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
@@ -302,7 +307,7 @@ int RSA_memory_lock(RSA *r)
j=1;
for (i=0; i<6; i++)
j+= (*t[i])->top;
- if ((p=Malloc_locked((off+j)*sizeof(BN_ULONG))) == NULL)
+ if ((p=OPENSSL_malloc_locked((off+j)*sizeof(BN_ULONG))) == NULL)
{
RSAerr(RSA_F_MEMORY_LOCK,ERR_R_MALLOC_FAILURE);
return(0);
diff --git a/crypto/openssl/ssl/s23_clnt.c b/crypto/openssl/ssl/s23_clnt.c
index c6b2323..8a3daaf 100644
--- a/crypto/openssl/ssl/s23_clnt.c
+++ b/crypto/openssl/ssl/s23_clnt.c
@@ -368,7 +368,9 @@ static int ssl23_get_server_hello(SSL *s)
}
s->state=SSL2_ST_GET_SERVER_HELLO_A;
- s->s2->ssl2_rollback=1;
+ if (!(s->client_version == SSL2_VERSION))
+ /* use special padding (SSL 3.0 draft/RFC 2246, App. E.2) */
+ s->s2->ssl2_rollback=1;
/* setup the 5 bytes we have read so we get them from
* the sslv2 buffer */
diff --git a/crypto/openssl/ssl/s23_srvr.c b/crypto/openssl/ssl/s23_srvr.c
index c1c2e9d..2dbf614 100644
--- a/crypto/openssl/ssl/s23_srvr.c
+++ b/crypto/openssl/ssl/s23_srvr.c
@@ -299,7 +299,7 @@ int ssl23_get_client_hello(SSL *s)
if (n <= 0) return(n);
p=s->packet;
- if ((buf=Malloc(n)) == NULL)
+ if ((buf=OPENSSL_malloc(n)) == NULL)
{
SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE);
goto err;
@@ -350,16 +350,21 @@ int ssl23_get_client_hello(SSL *s)
* SSLv3 or tls1 header
*/
- v[0]=p[1]; /* major version */
+ v[0]=p[1]; /* major version (= SSL3_VERSION_MAJOR) */
/* We must look at client_version inside the Client Hello message
- * to get the correct minor version: */
- v[1]=p[10];
- /* However if we have only a pathologically small fragment of the
- * Client Hello message, we simply use the version from the
- * record header -- this is incorrect but unlikely to fail in
- * practice */
+ * to get the correct minor version.
+ * However if we have only a pathologically small fragment of the
+ * Client Hello message, this would be difficult, we'd have
+ * to read at least one additional record to find out.
+ * This doesn't usually happen in real life, so we just complain
+ * for now.
+ */
if (p[3] == 0 && p[4] < 6)
- v[1]=p[2];
+ {
+ SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_SMALL);
+ goto err;
+ }
+ v[1]=p[10]; /* minor version according to client_version */
if (v[1] >= TLS1_VERSION_MINOR)
{
if (!(s->options & SSL_OP_NO_TLSv1))
@@ -497,9 +502,12 @@ int ssl23_get_client_hello(SSL *s)
s->state=SSL2_ST_GET_CLIENT_HELLO_A;
if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) ||
- use_sslv2_strong)
+ use_sslv2_strong ||
+ (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3))
s->s2->ssl2_rollback=0;
else
+ /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0
+ * (SSL 3.0 draft/RFC 2246, App. E.2) */
s->s2->ssl2_rollback=1;
/* setup the n bytes we have read so we get them from
@@ -561,10 +569,10 @@ int ssl23_get_client_hello(SSL *s)
}
s->init_num=0;
- if (buf != buf_space) Free(buf);
+ if (buf != buf_space) OPENSSL_free(buf);
s->first_packet=1;
return(SSL_accept(s));
err:
- if (buf != buf_space) Free(buf);
+ if (buf != buf_space) OPENSSL_free(buf);
return(-1);
}
diff --git a/crypto/openssl/ssl/s2_clnt.c b/crypto/openssl/ssl/s2_clnt.c
index 5781f98..e448a60 100644
--- a/crypto/openssl/ssl/s2_clnt.c
+++ b/crypto/openssl/ssl/s2_clnt.c
@@ -922,6 +922,7 @@ int ssl2_set_certificate(SSL *s, int type, int len, unsigned char *data)
SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED);
goto err;
}
+ ERR_clear_error(); /* but we keep s->verify_result */
/* server's cert for this session */
sc=ssl_sess_cert_new();
diff --git a/crypto/openssl/ssl/s2_enc.c b/crypto/openssl/ssl/s2_enc.c
index 204acd7..7643f96 100644
--- a/crypto/openssl/ssl/s2_enc.c
+++ b/crypto/openssl/ssl/s2_enc.c
@@ -82,11 +82,11 @@ int ssl2_enc_init(SSL *s, int client)
if ((s->enc_read_ctx == NULL) &&
((s->enc_read_ctx=(EVP_CIPHER_CTX *)
- Malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
+ OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
goto err;
if ((s->enc_write_ctx == NULL) &&
((s->enc_write_ctx=(EVP_CIPHER_CTX *)
- Malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
+ OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
goto err;
rs= s->enc_read_ctx;
diff --git a/crypto/openssl/ssl/s2_lib.c b/crypto/openssl/ssl/s2_lib.c
index 8230f3b..c64c8d8 100644
--- a/crypto/openssl/ssl/s2_lib.c
+++ b/crypto/openssl/ssl/s2_lib.c
@@ -269,12 +269,12 @@ int ssl2_new(SSL *s)
{
SSL2_STATE *s2;
- if ((s2=Malloc(sizeof *s2)) == NULL) goto err;
+ if ((s2=OPENSSL_malloc(sizeof *s2)) == NULL) goto err;
memset(s2,0,sizeof *s2);
- if ((s2->rbuf=Malloc(
+ if ((s2->rbuf=OPENSSL_malloc(
SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err;
- if ((s2->wbuf=Malloc(
+ if ((s2->wbuf=OPENSSL_malloc(
SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err;
s->s2=s2;
@@ -283,9 +283,9 @@ int ssl2_new(SSL *s)
err:
if (s2 != NULL)
{
- if (s2->wbuf != NULL) Free(s2->wbuf);
- if (s2->rbuf != NULL) Free(s2->rbuf);
- Free(s2);
+ if (s2->wbuf != NULL) OPENSSL_free(s2->wbuf);
+ if (s2->rbuf != NULL) OPENSSL_free(s2->rbuf);
+ OPENSSL_free(s2);
}
return(0);
}
@@ -298,10 +298,10 @@ void ssl2_free(SSL *s)
return;
s2=s->s2;
- if (s2->rbuf != NULL) Free(s2->rbuf);
- if (s2->wbuf != NULL) Free(s2->wbuf);
+ if (s2->rbuf != NULL) OPENSSL_free(s2->rbuf);
+ if (s2->wbuf != NULL) OPENSSL_free(s2->wbuf);
memset(s2,0,sizeof *s2);
- Free(s2);
+ OPENSSL_free(s2);
s->s2=NULL;
}
@@ -386,7 +386,7 @@ SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p)
cpp=(SSL_CIPHER **)OBJ_bsearch((char *)&cp,
(char *)sorted,
SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER *),
- (int (*)())ssl_cipher_ptr_id_cmp);
+ FP_ICC ssl_cipher_ptr_id_cmp);
if ((cpp == NULL) || !(*cpp)->valid)
return(NULL);
else
diff --git a/crypto/openssl/ssl/s2_srvr.c b/crypto/openssl/ssl/s2_srvr.c
index 51c70df..2f3ec61 100644
--- a/crypto/openssl/ssl/s2_srvr.c
+++ b/crypto/openssl/ssl/s2_srvr.c
@@ -900,7 +900,7 @@ static int request_certificate(SSL *s)
EVP_VerifyUpdate(&ctx,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH);
i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL);
- buf2=Malloc((unsigned int)i);
+ buf2=OPENSSL_malloc((unsigned int)i);
if (buf2 == NULL)
{
SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_MALLOC_FAILURE);
@@ -909,7 +909,7 @@ static int request_certificate(SSL *s)
p2=buf2;
i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,&p2);
EVP_VerifyUpdate(&ctx,buf2,(unsigned int)i);
- Free(buf2);
+ OPENSSL_free(buf2);
pkey=X509_get_pubkey(x509);
if (pkey == NULL) goto end;
diff --git a/crypto/openssl/util/pl/Mingw32.pl b/crypto/openssl/util/pl/Mingw32.pl
index 2d33c91..02a5086 100644
--- a/crypto/openssl/util/pl/Mingw32.pl
+++ b/crypto/openssl/util/pl/Mingw32.pl
@@ -18,9 +18,33 @@ $mkdir='gmkdir';
$cc='gcc';
if ($debug)
- { $cflags="-g2 -ggdb"; }
+ { $cflags="-DL_ENDIAN -DDSO_WIN32 -g2 -ggdb"; }
else
- { $cflags="-DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall"; }
+ { $cflags="-DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -m486 -Wall"; }
+
+if ($gaswin and !$no_asm)
+ {
+ $bn_asm_obj='$(OBJ_D)/bn-win32.o';
+ $bn_asm_src='crypto/bn/asm/bn-win32.s';
+ $des_enc_obj='$(OBJ_D)/d-win32.o $(OBJ_D)/y-win32.o';
+ $des_enc_src='crypto/des/asm/d-win32.s crypto/des/asm/y-win32.s';
+ $bf_enc_obj='$(OBJ_D)/b-win32.o';
+ $bf_enc_src='crypto/bf/asm/b-win32.s';
+# $cast_enc_obj='$(OBJ_D)/c-win32.o';
+# $cast_enc_src='crypto/cast/asm/c-win32.s';
+ $rc4_enc_obj='$(OBJ_D)/r4-win32.o';
+ $rc4_enc_src='crypto/rc4/asm/r4-win32.s';
+ $rc5_enc_obj='$(OBJ_D)/r5-win32.o';
+ $rc5_enc_src='crypto/rc5/asm/r5-win32.s';
+ $md5_asm_obj='$(OBJ_D)/m5-win32.o';
+ $md5_asm_src='crypto/md5/asm/m5-win32.s';
+ $rmd160_asm_obj='$(OBJ_D)/rm-win32.o';
+ $rmd160_asm_src='crypto/ripemd/asm/rm-win32.s';
+ $sha1_asm_obj='$(OBJ_D)/s1-win32.o';
+ $sha1_asm_src='crypto/sha/asm/s1-win32.s';
+ $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM";
+ }
+
$obj='.o';
$ofile='-o ';
@@ -77,4 +101,3 @@ sub do_link_rule
return($ret);
}
1;
-
OpenPOWER on IntegriCloud